Black Hat: Information security trade press are bound to Google

Below scripts the Q&A session, moderated by Eli O, who has worked in the computer industry for 19 years.

The panel consisted of:
• Robert McMillan, Freelancer (previously editor-in-chief of IDG’s LinuxWorld)
• Tim Wilson, editor, DarkReading.com
• Mike Mimoso, editor, Information Security Magazine
• Dennis Fisher, Threat Post
• Rob Lemos, Freelancer

How do journalists determine what level of threat is newsworthy?

Robert McMillan: If it covers iPhone, we’ll cover it! If the application is widely used, we’re interested – also if it’s a new application.
Tim Wilson: We designed DarkReading.com with the idea that we couldn’t make these decisions [what’s newsworthy]. We try to publish everything we can find. We post from vendors, researchers, link to stories on other sites. Of course, we have to draw conclusions about what we play high – and this is based on how many people it will affect? What’s the potential for damage?
Dennis Fisher: We rely on the researchers themselves to tell us what’s a big deal.
Rob Lemos: I look for the stories that aren’t being talked about; often these are the best.

When should a researcher approach a journalist with their story, and how should they go about it?

RL: If you have a good trusted relationship with a journalist, there will be a mutual trust and respect, which is important
DF: Researchers should approach us in good time, and give us enough time to check out the story, get good quotes, etc.
Mike Mimoso: You need to build up a good relationship between researcher and journalist. Researchers should approach journalists and assist them in getting the technical details right.

How would you describe the relationship between information security trade press and the mainstream media?

RM: The national media steal all of our ideas! Conficker is a great example – I don’t have much of a relationship with the national press, they don’t look to us as a source. They do look at our stuff to see what we’re covering though.
RM: I think that even we [trade press] did too many stories on Conficker. We went slightly overboard.
MM: The big difference is that we’re writing for two very different audiences. We’re writing for the industry, whereas CNN will sensationalise the news for their wider, non-technical audience. It’s our job to rationalise and insert reality into the situation.
DF: The mainstream media uses us to see what they need to cover. Often they’ll sensationalise for a reaction. For us, it works the other way around - when we see [information security] stories in the national press, it’s time for us to stop covering it.
RL: We write our stories with different angles - the national press often get the stories wrong.

What advice would you give to readers that read various industry blogs?

RM: You need to ask where are they getting their validation from? Bloggers shouldn’t instantly be trusted - they don’t go through the same vetting process that journalists do. They need to demonstrate some kind of sanity around what they’re saying, and if they do a good job, they’ll earn a good reputation.
RL: You can’t put all bloggers into the same box - they have different audiences with different requirements
TW: It’s important to remember that everyone blogging has an agenda – something they’re trying to prove – often with vested interest. Just keep in mind that there may be an agenda, sub-text. The trade press aren’t selling anything – we can afford to say the truth.
DF: Journalists are trained to be impartial, but it’s impossible to be completely objective. If you try and be too impartial, you might end up missing some subtleties

How is the current economic climate affecting the quality of editorial content?

RM: There’s less time for investigative work – that’s the bottom line, and that’s what bugs me. There are many incentives to do short, easy-to-write stories, which don’t give you any satisfaction as a journalist. Google News is having an effect on how the editors look at things – such as the capacity to increase page views
DF: The web is the focus now. Financial pressures are crushing media companies. The ‘old world’ journalism model is changing.
MM: There are no more print products at Tech Target. SEO’ing (Search Engine Optimisation) is taking over – headlines need to be more straightforward [In order to be picked up by Google] – everyone is bound to Google.
RL: Journalists are struggling with the pressure of trying to do more with less, which is consequentially driving commodity journalism. Until people start paying for good content, which indications say they won’t, journalism will stay much the same way.
DF: The web enables better feedback from readers. It’s such a technical industry that we’re bound to get things wrong, so the comments from researchers and readers allow you to be more accurate – you learn a lot from the feedback, it’s invaluable.
TW: Readers now have the equivalent of the vote – every time they click on a story, they’re voting on what they want us to write about.

If the media are writing about sensational exploits in order to get the Google hits, are the researchers also trying to find the sensational exploits, in order to get the publicity?

RL: Yes, but it’s an institutional problem. It filters all the way through.

What kind of relationship does the trade press have with government?

DF: We’d love to talk to them more, but they don’t talk to us. We have a few contacts, but these are often ex-military personnel or ex-government. It’s not that they don’t want to talk to us, but they’re not allowed. Especially with the previous administration, there was a lot of secrecy.
TW: This also extends to law enforcement. There’s a lot of secrecy which is hindering us. It’s difficult for us to get the stuff we want and need for our articles.

 


 

What’s hot on Infosecurity Magazine?