CONTACT US
Sectors
Capabilities
Specialisms
See all

Cybersecurity Awareness Month 2025

Jack Lilley, Senior Communications & Content Marketing Manager, Red Sift

Jack Lilley is a results-driven marketing and communications professional with extensive experience developing and executing integrated strategies across global markets. As Senior Communications Manager at Red Sift, Jack leads initiatives that elevate the company’s profile within the cybersecurity landscape, combining earned, paid and thought leadership programmes to drive brand awareness and business growth.

Having begun his career in communications before moving into the technology sector, Jack was drawn to cybersecurity for its pace, complexity and constant evolution. At Red Sift, he has played a key role in shaping the company’s voice in a competitive and fast-changing market—championing innovative storytelling and positioning senior leadership at the forefront of industry conversations on AI and emerging threats.

What initially attracted you to cybersecurity communications and what keeps you here?

I came into cybersecurity communications through a slightly unconventional route. I’d always been interested in the sector, even joking with family about joining GCHQ one day. My career began in communications, transitioning into the tech sector through various Marcoms opportunities, before joining Red Sift. The appeal was the freedom to design a position that played to both my strengths and the company’s needs. What keeps me here is the pace: it’s a competitive market that’s constantly evolving, and there’s real satisfaction in carving out our own voice.

How has the role of communications in cybersecurity evolved since you began and what’s the most critical shift you’ve observed in the last 12–18 months?

Comms has become much more hybrid. Earned media and pitching remain my bread and butter, but there’s now a growing role for paid strategies to move the needle in SEO and generative engine optimisation (GEO). Another significant shift has been the elevation of thought leadership. Our CEO, Rahul Powar, has deep expertise in AI, so a significant focus has been on securing platforms for him to speak – from podcasts to broadcast interviews – to bring complex issues, such as AI-driven threats, into the public conversation.

With AI-generated content on the rise, how are you maintaining authenticity in your communications?

AI is great for sparking ideas, breaking writer’s block or providing a first draft, but it’s just a support tool. Authenticity stems from human oversight – editing, applying our corporate tone of voice, and ensuring we avoid referencing competitors or losing nuance. I treat it like having a junior exec draft something that I’ll refine, or giving me a framework idea where I can grab a coffee and get to writing. Ultimately, comms and marketing requires strategic and critical thinking, and that can’t be outsourced to a model. Despite the concerns of “AI replacing us”.

Looking back over the past year, what’s been your toughest comms challenge and how did you navigate it?

The biggest challenge has been finding the direction for our media outreach. Our niche – email security and protocols like DMARC – is highly technical, and it takes time to understand. Finding a partner to work with that can understand the details, but make it palatable to a broad audience has been a journey, I’m glad we’re on the right path.

Which cybersecurity comms metrics really matter to your leadership team and how are you proving strategic value beyond coverage volume?

Share of voice is still core, but the focus is on quality over quantity – are we in the publications CISOs and security leaders actually read? Beyond that, geo-testing is becoming a critical measure. We track thousands of prompts across key topic areas and benchmark citations against competitors. It’s complex, but our leadership values it because it directly ties marketing and comms to business visibility in the buyer’s journey.

How are you building resilience into your comms playbook?

Speed and preparation are key. Our team has “ears to the ground” in the right forums, so we often hear about regulatory or policy changes before they break. That allows us to be first with campaigns – as we were with Microsoft’s updated sender requirements. On the incident side, we’ve built a strong crisis comms process. We focus on swift, clear messaging to customers and, if needed, react accordingly.

With AI reshaping everything from threat detection to content creation, what are your predictions for how cybersecurity communications will evolve through the rest of 2025 and into 2026?

AI will dominate the conversation – both as a risk vector and as a defensive tool. We’ll see more events, headlines and strategies built around it. But I worry that in the rush to address “sophisticated AI threats,” organisations may overlook the basics: phishing, spoofing, business email compromise. Strong fundamentals – like correct DMARC, DKIM and SPF setups – are still essential. The future of cybersecurity comms will be about balancing the hype around AI with reminding audiences of the bedrock of good security practice.