Why cybersecurity leaders are learning to talk like journalists

Welcome to the new 18 cyber warriors who joined us last week. Explore our weekly delivery of inspiration, insights, and exclusive interviews from the global BHMEA community of cybersecurity leaders.

Keep up with our weekly newsletters on LinkedIn — subscribe here. 

Open your mind and be inspired to approach cybersecurity from new perspectives, with our weekly delivery of insights from the global Black Hat MEA community. 

This week we’re focused on…

Storytelling under pressure. 

Why? 

Because in the middle of a breach or policy shakeup, tech knowledge alone isn’t enough. The cybersecurity industry needs people with the ability to communicate information in a way that makes people care. 

The view of cybersecurity as a technical discipline alone is evolving. As analysts become advocates and cyber practitioners borrow strategies from disaster science, a new, unexpected skillset is emerging as essential: journalistic storytelling.

The best defenders don’t just write code and patch holes. They shape narratives. And when it comes to managing risk, that can be more powerful than any tool in your tech stack.

Disaster sciences teaches us that clarity saves lives 

Communication is everything in emergency management. When a natural disaster occurs, or a public health crisis, or a critical infrastructure failure – getting the right message to the right people, and at the right time, can mean the difference between control and chaos. 

So crisis communication is a core aspect of disaster science. Emergency response teams aren’t only trained in protocols and logistics; they also learn how to communicate clearly, credibly, and quickly, even when the full picture is still developing. 

We need to do the same in cybersecurity. Megan Samford (VP and Chief Product Security Officer for Energy Management at Schneider Electric) said:

“Over time I’ve found that really both [cyber and emergency management] are just disaster sciences, although cyber doesn’t yet know it is!”

How much could trust in cybersecurity improve if we took a page from disaster playbooks, and started treating cyber communication like a core response function? 

Enter the Cybersecurity Analyst: Part researcher, part storyteller 

On the blog, we talked about how analysts aren’t just observers – they’re also advocates for the field of cybersecurity. 

Richard Stiennon (Founder and Chief Research Analyst at IT-Harvest) said:

“An analyst’s full-time job is to monitor their space…In effect, they are spokespeople for the industry.”

That spokesperson role is crucial. Because technical clarity doesn’t happen by accident. Analysts translate technical threats into stories that:

• Influence business leaders
• Guide regulators
• Shape public understanding
• And help the security community reflect and adapt

And they don’t just do it when everything’s calm. An analyst can step up as a steady voice in the middle of uncertainty – when clarity matters most.

Cybersecurity’s missing comms layer

Think about the last major cyber incident you followed in mainstream media. How much of the early conversation was speculation? How many headlines were sensationalised? How long did it take for a clear, credible voice to break through?

This is the problem. 

We don’t have enough people trained to communicate under pressure. We need to take a note from disaster science and cultivate the skills within our industry to make sure that when the worst things happen, we’re not operating in a way that feels hidden from the world. 

Actually, the CDC’s Crisis and Emergency Risk Communication (CERC) framework is a great starting point here. It recommends:

• Be first. Even partial facts can help establish trust early.
• Be right. Accuracy is key—even if that means saying “we don’t know yet.”
• Be credible. Honesty builds long-term confidence.
• Express empathy. Acknowledge the human side of incidents.
• Promote action. Let people know what they can do now.

Analysts and security leaders who adopt this mindset can shape the narrative early; before it’s hijacked by speculation or misinformation.

Train communicators, and value their work 

Across the field of cybersecurity we need to train more skilled communicators to translate technical language into digestible storytelling. And we need to value that communication work – not see it as an afterthought. 

Cybersecurity leaders should train spokespeople as well as technical specialists. They should run crisis comms drills (media briefings, stakeholder updates, social media management), as well as tech simulations. 

They should build positive relationships with journalists who specialise in tech and cybersecurity so that when the worst happens, they can leverage those relationships to have some influence on the messaging that goes out in mainstream media. 

And every cybersecurity leader needs to notice and nurture the voices in their team who can explain complex issues clearly. 

Even the best detection tools can’t fix a broken narrative. So let’s play an active role in shaping that narrative, and make our best communicators heard. 

Join us at Black Hat MEA 2025 to grow your network, expand your knowledge, and build your business.