In this first instalment of our new PR tips for cybersecurity providers series, we share exclusive research highlighting the information sources that organisations typically turn to for cyber guidance, and why brands resultantly need to broaden their PR and marketing strategies.
2025 was a defining year for cybersecurity, exposing how vulnerable even the most established organisations can be.
On 16 March, I attended the Royal United Services Institute (RUSI)’s Cyber Monitoring Centre event that reflected on major developments in the past year, and what the cyber industry can learn from them moving forward.
Perhaps inevitably, the strongest spotlights were shone on Marks & Spencer (M&S) and Jaguar Land Rover (JLR), with both firms having been the subject of high-profile breaches in 2025.
The former was hit by a significant ransomware attack in April, causing months of disruption, more than £300 million in lost sales, and a 99% drop in H1 profits. JLR, meanwhile, suffered an even more severe incident starting 31 August that halted production for five weeks and cost the UK economy roughly £1.9 billion.
Both were hit hard, yet there was a distinct difference in their recoveries. Crucially, M&S received £100 million in insurance payouts, helping to offset at least some of the damages from the hack. JLR, meanwhile, did not have cyber insurance. This wasn’t a complete oversight – the company had failed to finalise negotiations for the policy before the breach occurred. However, it should still be heeded as a warning of the potentially devastating impacts that can result from a lack of insurance being in place, with JLR’s direct losses estimated to have amounted to around £50 million a week.
Publicised breaches accelerate demand for cybersecurity expertise
Incidents of this scale, which grab media attention, serve as a wakeup call for companies of all shapes and sizes. In response, many firms will naturally feel compelled to review their exposure and address potential gaps in their security posture.
Interestingly, Marsh revealed that 16% of its clients extended their cyber insurance limits in Q1 last year, stating that many firms were questioning whether they had sufficient coverage in place. It affirmed that last year’s retail cyberattacks had reignited conversations with insureds who were seeking to reevaluate their limits and consider additional options.
In practice, these headlines create a surge in interest across the entire cyber ecosystem, heightening demand for cybersecurity expertise, tools and risk‑transfer mechanisms. Companies move quickly to strengthen their posture, and they look outward for partners who can help them do it.
For cyber‑solutions providers, consultants and insurers, it means that key windows of opportunity can open up anytime. However, capitalising on demand surges requires brands to be visible when organisations go looking for help.
If your brand’s capabilities and value proposition aren’t front and centre at the exact moment organisations are revaluating their security stack and assessing their exposures, the opportunity to help them will likely pass to a competitor.
Are you meeting customers in places that they are looking for solutions?
To understand exactly where organisations look for cyber guidance and support, we recently commissioned research exploring the primary places that business owners and C-level execs go to for information on cyber insurance.
Interestingly, the findings show that most companies begin their fact‑finding with desktop research (46%), with many also looking towards industry bodies (44%) and government guidance (40%) as a primary port of call, while fewer rely on national media (30%) and trade press (24%).
For cybersecurity solutions providers and insurers alike, it is therefore imperative to ensure that your marketing, PR and visibility strategy are covering each of these channels. While social media and placements in national media and trade press still matter, they’re just part of a wider information ecosystem that buyers use when considering how to bolster their cyber defences that also includes:
- Industry associations
- Government advisories
- Specialist cyber communities (Substacks, Discord groups, newsletters, Slack channels)
- Analyst reports
If your brand isn’t visible in these areas, its much less likely to be in contention when prospects are comparing solutions and suppliers.
What this means for your PR strategy
To truly capture the attention of decision‑makers in high-demand moments, you must engage them in the ecosystems where credibility is built. From a PR and marketing perspective, that means partnering with professional bodies, government‑linked organisations, cyber collectives, specialist commentators and the community platforms where C-suite execs actively seek insight.
It’s about broadening your voice across a wider variety of channels to ensure that organisations seeking support are more likely to find you and reach out.
This is the crux of an effective, modern cyber-PR strategy. At Origin Communications, we can help you find and bridge those current gaps. Contact us today to widen your PR and marketing presence, and ensure your brand attracts the right kind of attention at the right time.