I’ve spent years working with people in public relations. To be honest, I was mostly trying to work around them, because they were never the people I was trying to interview. They were just the conduits. But everything about my conversation with Melanie Ensign was different.
When I contacted her, I wasn’t trying to talk to someone else. And the discussion that ensued was unlike any I’d experienced with people in her field. I’d never heard a PR rep talk about ethics and transparency—or wanting a desk not in sight of the CEO, but within earshot of the engineers. And when Ensign talked about diving, she hadn’t slipped into cliché. She was explaining how deep sea diving taught her how to keep people calm in a crisis.
Ensign had a lot to say about her years in-house at Uber, which ended this year, and her shorter stint at Facebook. And she was happy to discuss the new agency she founded in May, called Discernible Inc. All revealed the differences in her approach.
“There's an incentive within a lot of PR organizations to be the hero who swoops in and puts out a fire,” Ensign explained at one point. “Because people get promoted for that. There's a big crisis or scandal, you're the face of it, you've managed it. Doesn't matter whether you did a good job managing the crisis. You lived through it, so you get rewarded.”
But there’s another kind of public relations. It depends on professionals “who can recognize red flags when they're small,” Ensign said. They help companies avoid crises, she continued. But often at the expense of their own career advancement, because “there is no fire for us to swoop in and put out.” Measuring and communicating to management the value of all the things that didn't happen because of your PR team is much more difficult. That’s the brand of PR Ensign embraces.
Kind of like the general counsel who helps the company avoid a lawsuit rather than win in court? “Exactly,” she said. “That's what helps bond lawyers and communications professionals to security and privacy teams. We all have that same challenge. I know what it's like to report to somebody who has no idea what you do. And I know what it's like to have to figure out how to measure that success, and communicate it, and translate it in 7000 different business-speak languages. I've had to do that because I forged my own path within communications.”
The Challenges at Uber
In 2016, that path led Ensign to Uber. By then, she had been specializing for years in communications that focused on cyber security and privacy. The attraction of this new job, she said, was the opportunity to build a security communications program “from scratch.” But no sooner had she arrived than privacy was added to her portfolio. And a few months later, so was engineering. It was exciting, she said, but also exhausting. By the time she left earlier this year, she was burned out.
The hardest part was that she was a team of one. No one reported to her. “I really had to develop my skills for cross-functional collaboration and influence building.” That was the only way to get things done. And a lot of what she ended up doing was teaching internal communications to the people she worked with.
“You may be a security engineer that used to get something from an infrastructure engineer,” she said. “They don't report to you. How do you get that outcome that you're actually striving for?” It was the same challenge she faced. “I had to do that every single day at Uber, because nobody reported to me.” She had to build programs based on trust and rapport. And that’s what she’s now coaching other teams to do at Discernible Inc.
Though she never functioned as a spokesperson addressing the sexual harassment complaints and the controversy that often swirled around former CEO Travis Kalanick, it wasn’t easy living through the many public relations nightmares Uber suffered during her time there. “It's hard to work in a place where your friends and family are constantly asking you, ‘What's going on? Why do you work there?’” Speaking about all of that bad ink, she said: “Some of it is true. Some of it's not. From my perspective, it didn't really matter. The thing that weighed on me the most was not the public perception issue. It was the morale of the security team.”
It was a big problem on multiple levels. “On the human and empathetic side, I cared very deeply for these people,” Ensign said. And on the professional side, the only thing that could have made it worse was if they’d been hit with security issues while they were depressed. Her challenge, then, was to coach them through this period. “I had the benefit of knowing how press works,” she said. That’s why she wasn’t affected by the coverage the way her colleagues were. “So it was another coaching and teaching opportunity” to explain and, in the process, boost their spirits.
There was one crucial moment when her own spirits received a welcome lift. It was in 2017, widely considered the company’s most notorious year. Kalanick had just done something “abhorrent,” Ensign said. He’d taken a ride in an Uber and had gotten into an angry argument with the driver about lowered fares. Unbeknownst to him, the driver had videotaped the exchange, and he then released it to the press. Uber’s then-head of communications had gathered the global PR team on Zoom. “I remember distinctly the first thing she said on this call was, ‘I want to make it perfectly clear that nobody on my team is expected to defend indefensible behavior.’
“That really resonated with me for a number of reasons,” Ensign continued. “It gave me permission to operate in that same way: to protect the brand, to protect the company, while also being honest and maintaining integrity. The strategy was not to sweep anything under the rug, or to paint lipstick on a pig. This was bad behavior, and it needed to be called out.”
It was the first time any of her bosses had made such a declaration. “I was living that way anyway,” she said. “But when you're given permission to live that way, it feels different.” It was a statement about ethics and transparency that was rare. “I wish more companies would adopt a similar mindset,” she said.
“There are too many short-term metrics in our profession that cloud our judgment,” she went on. “Our fiduciary duty is to the company. And covering up bad behavior is never in the company's best interest. Living with buried bodies is very expensive and very stressful. And every skeleton in your closet is going to get pulled out at some point. So if you can avoid putting skeletons in the closet to begin with, it saves you in the long run. And a lot of people will actually appreciate the transparency.”
Where It Began
Ensign points to Burson-Marsteller in New York as her first important job in the field. In 2008 she was on the firm’s global public relations and marketing team. “We were essentially doing public relations for a public relations company,” she said. “And in that position, I learned a lot about why PR as a profession has such a terrible reputation, which is highly ironic.”
Her next important stop was at FleishmanHillard, where she started and led a new cybersecurity PR team. She hadn’t begun with a special interest in the field, but she happened to be assigned to work at AT&T’s corporate communications. And there she worked with the team led by Edward Amoroso, the company’s chief security officer (who later retired and founded TAG Cyber, where I currently work).
It proved to be a formative experience. “I didn't know anything about security at the time,” she said. “But I recognized right away that it was pushing dopamine buttons in my nerd brain. My dad had taught me to program when I was young. I never used it professionally, but I loved computers. And I love understanding systems and networks.”
Ensign spent most of her six years with FleishmanHillard working with AT&T. In essence, she was seconded. And that feeling was reinforced by the way she was treated. “The leadership in that security organization made it very clear that I was a trusted adviser to them personally,” she recalled. “And that set the tone for the whole team to view me as an adviser, and as a coach.” Communication flowed two ways. “I would ask them all kinds of questions about mobile security, 5g networks, all of these things that I needed to know. And they would equally come back to me with questions about public relations, communications, PR strategy.”
When she sat down with Facebook in 2015, it wasn’t about employment. She thought they might become a FleishmanHillard client. But Facebook had other ideas. When they floated a job, she wasn’t sure. But they said what she wanted to hear. They needed a specialist. What was more, “I would be sitting amongst the security team, as the liaison between security and communications. So that's ultimately what drew me to the role: the opportunity to work with the engineers.”
Why was it important to physically sit near the engineers she would be working with? ”When reporters called,” she said, “I wanted to actually know the answer.” And know it without having to call the engineers. “The second reason,” she added, “was because I don't trust anybody.” She wanted to know the answers because she’d attended the meetings, was steeped in the work, had been in the rooms where decisions were made.
The Pleasure and Pain of Facebook
She stayed at Facebook for 17 months. There was a lot about the job she enjoyed. “The area where Facebook and I had friction was around values and ethics,” she said. “But the position itself was actually quite enjoyable. I was managing an agency team, which I personally took a lot of pride in because I'd been an agency person myself for most of my career. And they became trusted collaborators for our team at Facebook.” But the best part was working with the engineers.
She’d experienced that at AT&T. “But at Facebook, I could work with individual engineers on an even deeper level to help develop them into spokespeople, or to help them improve their communication skills, or to help them improve relationships with other teams in the company.” It wasn’t a matter of working with geeks who lacked polish. She wanted to help them grow into company leaders. And she found they were almost always eager to learn.
The big problem she had with Facebook was the way it responded to criticism. “They were suffering from a lack of public trust due to a number of factors, only half of which were actually true,” she said. “There were these myths that consumers and even regulators held about Facebook that weren't true, and they were eroding trust in the company and the brand.” For example, consumers believed Facebook was selling their information in bulk directly to advertisers, when it was selling ad space in people's newsfeeds, Ensign said.
Misconceptions like this became a barrier that made it difficult for the company to engage in public discourse. “We had to overcome those blockers first,” she said. “And for the things that weren't true, logically I felt like we should proactively address those things, because they're coming up time and time again.”
That didn’t happen. “I didn't feel like we were effectively addressing those issues. I disagreed with what I perceived at the time to be a strategy of dangling shiny objects, to distract people from the things that they were concerned about. So that's ultimately what eroded my excitement in the role.”
This was a prime reason she decided to move to Uber, where she could start fresh. But it also helped cement another goal. Her time at Facebook “was when I learned that I really was different from a lot of my colleagues, and that I wanted to stay different,” she said. “And that's when I started planning and strategizing to one day own my own company.”
An Agency of Her Own
She started Discernible with the aim of continuing her specialized services. And so far the CEO is sticking with her plan. “I'm not doing a lot of traditional PR and media work,” she said. “My real focus is on helping security and privacy teams become better communicators within their organizations, so that they can earn more influence over business decisions.” This is important, she continued, because too often they’re expected to clean up after a product team builds a risky product. “I want security and privacy teams to own their own destiny,” she added.
Asked whether she hopes to grow, Ensign said that she wants to remain small. But she does look to broaden her agency’s scope. “The plan is that in 2021, we will expand to include related disciplines,” she said. She aims to add a public policy capability and a product development expert, “so that I can offer my clients something that's more full-package, because security and privacy teams are themselves multidisciplinary.” Currently based in Miami, Ensign is open to partners who reside nearly anywhere.
She herself spends much of her time in Mexico. The reason: deep sea diving. She started college as a marine biology major. She switched majors but retained her love of diving. And she’s learned a great deal that has helped her professionally. “I make jokes all the time about the similarities between hackers and sharks,” she said. But she doesn’t mean that in the way people expect: “They're misunderstood, but vital for the immune system of their environments.”
More to the point, as a trained rescue diver she’s learned lessons applicable to lots of emergencies—including incident response. The immediate reaction is often panic. “So your first job as the rescue diver is to keep that person calm and to keep them still,” she said. “We will thrash around in the water if we are worried about something; or we'll send out a whole bunch of tweets, or press releases, or blog posts just trying to alleviate that uncomfortableness that we feel.” Her job, in either environment, is to help the individuals relax. And then “be prepared with the right guidance, and the right coaching, at the right time.”