Media Proxy: Forrester’s Allie Mellen on building analyst relationships

Welcome to the Media Proxy, your source for data, advice, and insight on how cybersecurity companies can get better results from their PR and marketing.

Keep scrolling for:

  • Forrester analyst Allie Mellen on how to build relationships with analysts and reporters
  • The most engaging Black Hat and DEF CON articles

by the numbers

$4.24 Million

Average cost of a data breach, according to new IBM data


Organizations impacted by cybersecurity skills shortages in a recent survey


Average ransom paid by victims, up 82% since 2020


Allie Mellen Forrester

1. Allie Mellen’s 3 rules for cybersecurity companies working with analysts​​

Allie Mellen covers security infrastructure and operations for Forrester and was kind enough to answer our questions about working with analysts, where cybersecurity companies go wrong in their messaging, and how to help out journalists.

What are some dos and don’ts for cybersecurity companies working with analysts?

  • First, come prepared by knowing what the format of the conversation is and knowing who you are talking to and what their coverage area is. Industry analysts have very little time to begin with, and it goes a long way when a cybersecurity company comes into a session prepared.

  • Second, communicate what value you provide for practitioners, how you do it, and what your vision is without using grandiose language. I have heard a lot of adjectives in my time as an analyst, I don’t need to hear more. 🙂

  • And third (and what I see as most important), communicate what challenges you are having to us. Industry analysts have a wide view of the market overall, a very granular view of the solutions in the market, and a daily link to practitioner challenges and successes. Many of us were practitioners ourselves (including me). We are here to help security companies too, especially when we know that feedback is listened to and will ultimately help practitioners succeed.

  • The last thing I have to mention is specifically for executives of security companies. Never come into a meeting and belittle your analyst relations person in front of an industry analyst. I have seen this happen before, and it’s truly infuriating. We interact with analyst relations teams regularly and see how much work they put in to maintain a great connection with us. An executive belittling their AR rep is completely unacceptable to me and I will call it out.

What are the biggest mistakes you see cybersecurity companies make in their messaging and how they are communicating about their products and services?

  • …the biggest mistakes cybersecurity companies make in their messaging is their lack of authenticity. There is a yearning by practitioners for a vendor to explain exactly what their product can and cannot do, what the value actually is, and what it would mean for their team to deploy and maintain that product. Companies that can do this with integrity and respect for the practitioners they serve are rare, which is one of the reasons cybersecurity is often considered a ‘buzzword bingo’ industry.

You are frequently interviewed by reporters for high-profile security stories. What advice do you have for working with the media?

  • Be timely, relevant, and authentic. Respect that journalists often write on very stressful deadlines and that you need to work with their schedule, not the other way around. If you don’t have a relevant answer for something, don’t make something up, as it will only make you seem less credible.

  • It’s really important to remember that being interviewed by reporters is not an ‘opportunity’ or a chance to ‘get well-known quickly’ — it’s about sharing a point of view to help move the conversation forward and give helpful, educational information to a wider audience.

2. The Black Hat and DEF CON stories that got the most engagement​


Fresh off the conferences last week, we used NewsWhip’s Spike tool to see which media stories around Black Hat and DEF CON received the most engagement across social networks. These were the top 5 during the week of the conferences:

  • Black Hat: Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers Say — Threatpost 15k interactions
  • Black Hat: Charming Kitten Leaves More Paw Prints — Threatpost 2k interactions
  • Watch a Hacker Hijack a Capsule Hotel’s Lights, Fans, and Beds — Wired 395 interactions
  • Hospitals Still Use Pneumatic Tubes—and They Can Be Hacked — Wired188 interactions
  • Amazon Kindle Hack Needs Just One Evil Ebook To Take Over Your Ereader—And Maybe Your Amazon Account Too — Forbes138 interactions



If you have a PR, content, or social media challenge, email and let’s schedule a one-on-one to talk through.

The Media Proxy is brought to you by Gregory FCA, a cybersecurity PR, content marketing, and social media firm.