diff --git a/general/security/process.md b/general/security/process.md
index c0528a09d12146afbd5576f1ace177384bbfbe3e..689a59043cf3d6d2982deefb2f4b5e19474842c2 100644
--- a/general/security/process.md
+++ b/general/security/process.md
@@ -94,7 +94,7 @@ completeness the process is written here:
    patches, in cooperation with a production engineer.
 1. A security engineer is assigned to determine the affected users and any
    further required investigation.
-1. A security engineer works on a blog post to pre-announce the critical
+1. OPTIONAL, and decided on a case-by-case basis. A security engineer works on a blog post to pre-announce the critical
    security release. They also work with the marketing team to inform the
    customers of an upcoming release. The security engineer also prepares the
    second blog post which will be published at release time.