Gregory executed a comprehensive PR campaign that repositioned NuHarbor Security as a national cybersecurity leader. Through broadened storytelling, we elevated the brand narrative from a services-focused provider to a key voice on issues like ransomware, critical infrastructure, and cybersecurity leadership. Our team conducted media training for executives and secured coverage in top-tier outlets including CBS News, NBC News, The Associated Press, and NPR, as well as industry staples like Dark Reading, Statescoop, CRN, and InformationWeek — establishing NuHarbor’s experts as trusted voices shaping the national cybersecurity conversation.
What we did
Public Relations
Content Development & Marketing
Analyst Relations
Social Media
Industry
Cybersecurity
Background
NuHarbor Security, founded in 2014 and headquartered in Colchester, Vermont, is a leading national cybersecurity services firm specializing in managed security services, compliance, and risk management. Serving hundreds of clients across public and private sectors, including state and local governments, higher education, finance, healthcare, and insurance, NuHarbor delivers comprehensive solutions like penetration testing, vulnerability assessments, and Microsoft Sentinel Managed Extended Detection and Response (MXDR). In 2022, NuHarbor engaged Gregory to transform its brand from a regional MSSP into a nationally recognized cybersecurity leader, leveraging its innovative services and establishing its leadership as trusted media spokespersons.
Challenge
As a smaller player in the competitive MSSP market, NuHarbor struggled to differentiate itself against larger competitors, despite its robust service offerings and partnerships with best-in-class technologies like Splunk and Microsoft Sentinel. The company faced limited Share of Voice (SOV) in a crowded cybersecurity landscape dominated by high-profile data breaches and larger firms. NuHarbor needed to elevate its brand visibility, position its innovative services as market-leading, and establish its executives — particularly industry veteran Jack Danahy — as authoritative voices in national media to drive credibility, attract clients, and support business growth.
Solution
By the Numbers
1,500%
Increase in media coverage from 2022-2025
800%
Increase in share of voice
FAQ
By converting operational strengths—24/7 coverage, response SLAs, vertical expertise—into third-party proof (tier-1/trade coverage, analyst quotes, awards) that CISOs and boards encounter in diligence.
Rapid expert commentary on active threats, credible case snapshots (anonymized), bylined guidance for board oversight, and clear explanations of MXDR scope, runbooks, and responsibility boundaries.
Aggregated incident volumes, dwell-time reductions, patch/coverage rates, tabletop frequency, audit results, and certification status (e.g., SOC 2/ISO 27001)—shared as indexed trends and cohorts.
Publish periodic threat notes (TTPs, IOCs, sectors impacted) with clear mitigation steps and methodology; coordinate with affected parties and avoid details that hinder investigations.
One-page playbooks, vertical risk briefings (SLG, healthcare, finance, higher ed), tabletop debriefs, and short video explainers on detection-to-response workflows.
Emphasize procurement readiness, regulatory mappings (CJIS, HIPAA, PCI, NIST/CSF), and proven onboarding at scale; keep messaging nonpartisan and policy-focused.
Yes—activate a rapid-response desk with sanctioned spokespeople, plain-English explainers, and sector-specific guidance; become a reliable, quotable source when news breaks.
Risk-to-business translation: downtime avoided, regulatory exposure reduced, insurance alignment, and total cost of ownership vs. in-house staffing—supported by independent coverage.
Select reputable programs; spotlight audit findings (no exceptions/clean opinions) and renewal cadence; place badges and third-party quotes on service pages and in RFP packs.
Time research drops or survey data to the show, pre-book reporter/analyst briefings, secure panels with credible co-speakers, and convert stage time into post-show interviews.
Run statistically valid panels by role/sector, publish crosstabs and methodology, and tie findings to actionable guidance—not product pitches.
Share of voice vs. peers, tier-1/trade citations, backlinks to solution pages, inbound demo/RFP requests, security community invitations, and correlations between coverage bursts and pipeline.
Absolutely—spotlight incident-response craftsmanship, growth paths, certifications support, and mission work (public sector/critical infrastructure) through earned media and employee stories.