Reporting cybercrime feels like ‘Groundhog Day'

For those in the cybersecurity industry trying to get coverage from top-tier journalists in the field and there are many thousands trying to do just that at RSA 2015 in San Francisco this week here is what not to do: Pitch what everybody else is pitching. That is the best way to get them to ignore you.

On a panel titled, "Gumshoes Part Deux Security Investigative Journalists Speak Out," at RSA 2015 Wednesday morning, that was one of the more emphatic pieces of advice.

[ Follow all the coverage from RSA 2015 ]

The panel Kevin Poulsen, a contributor to Wired; Brian Krebs whose blog KrebsonSecurity is must reading in the industry; Nicole Perlroth of The New York Times; and Joseph Menn of Reuters said they are generally looking for things that have not happened before, or haven't been reported to death.

In other words, things like data breaches, and reports on data breaches, are so last week, last month and last year. "I can't cover every security report or breach," Perlroth said, adding that the number of solicitations she gets to cover them can reach several hundred a day.

"The criteria we set is whether it is a new kind of threat," she said, although in the next breath she admitted that a few like the Sony breach stand out from the crowd. "I ended up covering that, of course," she said.

The same applies to things like APT reports. "They've gotten out of control," she said. "APT1 was something new. But now we're up to APT24." She said the Times decided not to cover a recent report on White House and State Department hacks, in part because, "it would be advertising for security firms."

Menn said part of the problem is that doing the same stories on the same topics tends to make both reporters and their readers numb, even if they are important issues.

"We have to keep raising the bar on what is new, fresh and different," he said. "I'm not going to do the same story again. I have to bring something new to the party."

And Krebs admitted that even though, as an independent he can cover whatever he chooses, he sometimes gets sick of recurring topics.

When yet another breach happens, he said he asks himself, "Does this breach really matter? Is it going to hurt us that much more?"

Especially, he said, since, "identity data is so compromised across the board all of your information went up for sale on the underground years ago. We are here at an authentication conference, and we still haven't fixed that."

Perlroth said she sometimes jokes that after four years covering cyber security she sometimes feels like she is on the cop beat. "We've been talking about the same problems for four years, so it does feel like Groundhog Day," she said.

Join the CSO newsletter!

Error: Please check your email address.

Tags new york timesThe New York TimesRSA 2015Reuterssecuritydata breachsony

More about APTRSASony

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Taylor Armerding

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place