COVID-19’s Impact on the Cyber Media with SDxCentral’s Jessica Hardcastle

I recently connected with tech reporter extraordinaire (and one of my personal favorite people to work with), Jessica Hardcastle, the managing editor of SDxCentral covering next-generation data centers, security, and software-defined storage. We chatted about what she’s been working on during COVID-19 and how the pandemic has shaped her coverage.

See below for a Q&A breakdown of our conversation (edited for clarity and conciseness):

Jill: What cybersecurity stories have you been working on outside of COVID-19-centered articles?

Jessica: I’ve been working on the usual trend pieces, and what’s next on the threat landscape. I also think between now and November election security is obviously going to be a big one.

Jill: How are you seeing COVID-10 shape the cyber media landscape?

Jessica: I think it’s shaping the media landscape in many of the same ways that it’s shaping the cybersecurity landscape overall: It’s basically expanding everything. The threat landscape is bigger (more threats and a larger attack surface) now that people are working from home, so that definitely expands the focus area of our coverage. Plus, in addition to COVID-19, there’s still all the usual stuff — product releases, non-COVID-related threats, reports, and trends — so as media we’re trying to balance it all. It’s a lot more work for us, but we realize it’s also a lot more work for the defenders.

Jill: How are you staying sane through the increased stress and pressures during COVID?

Jessica: Honestly, not very well. It’s a struggle every day and now that fully-remote first grade for my twins has started, it’s even harder. I think long walks and getting outside has really helped me over the last few months, but now the Santa Cruz fires [where Jessica is based] have ruined that one, too. Damn you, 2020!

Jill: On a hopefully more positive note, which of your recent articles are you most proud of?

Jessica: I’m proud of this election security story [around disinformation] and also this one [about how defenders have responded to increased cyber threats caused by the pandemic], which I think – or at least I hope – shows some of the human side of everything going on right now.

Jill: Finally — a silly one — what’s one fun fact about yourself?

Jessica: I can sing every word to every Billy Joel song ever written.

It’s clear from our conversation that for  PR and media, COVID-19 has increased the stress and pressure on top of traditional announcements and news of the day. It’s a lot. 

Shortly after our quick Q&A, Jessica shared this article from the New Yorker with me about all of the things we’ll do when the pandemic is ‘over.’ It popped into my inbox at the end of a particularly long day, breaking a smile into my tired eyes and driving home the point: We’re all in this together, and we could all damn well use a laugh. I’m grateful to work with people like Jessica who embrace this outlook. 

One day soon, we’ll all be back singing karaoke (maybe to a Billy Joel song?), but until then, those of us in PR need to think about how we can support our journalist buddies with thoughtful pitches and connecting them with resources who can comment on the most influential and critical topics of the time.

Like this Q&A? Read some of our other reporter interviews with Dark Reading’s Kelly Jackson Higgins and freelancer Alyssa Newcomb on the Highwire blog.

The Future of Work: The Biggest Threats to a New 21st Century Work Life

The coronavirus pandemic has caused a number of disruptions in the world of tech industry events – and next week’s now virtual Black Hat is no exception. In response, businesses are getting creative and rethinking their approaches to the usual networking, presentations and panels we see at in-person conferences. This week, Highwire’s Security Practice is hosting a series of virtual panels titled “On The Record: Cyber Edition” featuring a lineup of executives from top clients to highlight some of the key topics we’ll see at this year’s virtual Black Hat.

Wednesday’s panel, “The Future of Work: The Biggest Threats to a New 21st Century Work Life,” was moderated by Sam Whitmore, founder of Sam Whitmore’s Media Survey, and featured expert panelists from Cybereason, Code42, One Identity, and Akamai.  

In attendance were Samantha Schwartz (@SamanthaSchann) from CIO Dive, Jennifer Schlesinger (@jennyanne211) from CNBC, Tony Bradley (@RealTonyBradley) from Forbes/TechSpective, Arielle Waldman (@ariellewaldman) from TechTarget, Alyssa Newcomb (@AlyssaNewcomb) from NBC/Today Show, Shaun Nichols (@shaundnichols) from The Register, Teri Robinson (@TeriRnNY) from SC Magazine, Sue Poremba (@sueporemba) from Security Boulevard, and Mark Cox (@Mark_ChannelGuy) from ChannelBuzz. 

Whitmore kicked off the panel with a discussion around how COVID-19 has changed the panelists’ view on the future of work. There was a shared sentiment around how their companies acted swiftly to get employees working from home, and there was complete unanimity that a hybrid workforce is “the new normal.” 

Although digital transformation was already well on its way to changing the way we work, panelists agreed that COVID-19 really accelerated the timeline. 

“Y2K was supposed to be the year everything changed, but it seems like the change happened 20 years later,” said Maha Pula, VP of Solutions Engineering at Akamai. “We were just redesigning workspaces to be more open and shared, and then COVID-19 came and changed the paradigm.”

Not only has our work environment changed, but the attack surface as well. The way Mor Levi, VP of Global Security Services at Cybereason puts it, there are many threats and risks for the privacy of employees – everything from conference calls to speakers and webcams. Without the benefits of a secure office infrastructure, employees open themselves up to a whole new host of privacy and security risks. 

“What worked for companies [before] are no longer relevant,” said Levi. “VPN and all those things must shift to zero trust, SaaS and cloud — all those areas that are more secure, robust and available.”

Jadee Hanson, CISO and CIO at Code42, went on to add that there are other security challenges in the current landscape, such as not having an office network, which means companies need to shift their strategy to focus more on the endpoint. She stressed the need for CISOs to weigh that cost and that they need adequate funding to be able to protect the company. 

In addition to network security, another large threat to the quickly changing workforce is overall security awareness, according to Dan Conrad, field strategist at One Identity. More people working from home means employees are using devices that may have access to the corporate network, and activities like streaming videos and accessing potentially malicious sites (or worse — downloading malware) puts them at serious risk. A point remains — employees don’t know what they don’t know. 

“We can’t expect users to understand [security] training unless they understand the dangers of working from home,” said Conrad. “Realizing when you authenticate a VPN you have extended the company network to your home that may be riddled with viruses — if [they] are not aware, you can’t expect a lot out of them.”

Hanson agreed, adding that compliance is not a checked box, it’s a cultural shift. 

“[With COVID-19], we have focused a bit more on those guiding principles — what to do when you’re home, how to set up your home router or network,” said Hanson. “I think of security awareness as the daily corrections that happen throughout the day.” 

While there’s no denying that the world is moving beyond the idea of a “new normal” and well into a forever-changed future of work, there is a silver lining. Some of our experts noted that as a result of the pandemic, security roadmaps have been accelerated and this is good news for CISOs and CIOs who now have a front row seat at the table to innovate around tools, smart processes, and models like zero trust. 

Overall, the panelists provided thoughtful insights into the threat landscape and the opportunities the new future of work presents for security teams. You can watch the full panel here and above. 

Tech Titans Zoom in to Washington’s Antitrust Hearing

antitrust hearing

Yesterday, for the first time, top executives from Google, Facebook, Apple and Amazon teleconferenced into the Capitol for an antitrust hearing in front of the House Subcommittee on Antitrust.  Facebook’s Mark Zuckerberg, Amazon’s Jeff Bezos, Google’s Sundar Pichai and Apple’s Tim Cook sat (virtually because of COVID-19 fears) for questioning from Democrats and Republicans. 

The Democratic line of questioning, headed by Chairman David Cicilline (D-RI), zeroed in on the anti-competitive and monopolistic nature of the power amassed by the four tech titans. Rep. Nadler (D-NY) and Rep. Jayapal (D-WA), who is shaping up to be a fierce questioner in hearings, led questions around Facebook’s gobbling up of would-be competitors, Apple’s gatekeeping at the App Store, Amazon’s reported stealing competitor 3-party information and Google’s devaluing of competitors on its platforms.  

Republicans went with a line of questioning that started with “big is not necessarily bad” and then veered off into concerns over censorship of conservative views. Rep. Jim Jordan (R-OH), as well as others, questioned particularly Google’s Pichai on the company’s relationship with China, contrasting that with event’s like Google dropping out of Project Maven, a contract with the American military, and the company’s BLM stance. In fact Pichai, the only non-American testifying, was questioned the most over the length of the hearings. 

What now? It’s safe to say that what happens next depends on how the election in November goes. If Democrats win either the Senate or Presidency or both (and keep a hold of the House), Chairman Cicilline and Rep. Nadler made it clear that they believe new antitrust laws need to be written to curtail the power of the tech industry, likening the men before them to Rockefeller and Carnegie

If Republicans hold on to the power they now enjoy, antitrust regulation is less likely, but companies may be singled out and punished for perceived First Amendment violations. However, Republicans would have to win the House on top of everything in November for congressional action to be a real threat. 

Election Security and Protecting the Vote

The coronavirus pandemic has caused a number of disruptions in the world of tech industry events – and next week’s now virtual Black Hat is no exception. In response, businesses are getting creative and rethinking their approaches to the usual networking, presentations and panels we see at in-person conferences. This week, Highwire’s Security Practice is hosting a series of virtual panels titled “On The Record: Cyber Edition” featuring a lineup of executives from top clients to highlight some of the key topics we’ll see at this year’s virtual Black Hat.

Might I just say, if you missed Tuesday’s expert panel on “Election Security and Protecting the Vote!” – you missed out. If you caught the last post on the Highwire blog, you’ll know that this week, Highwire’s Security Practice hosted a series of virtual panels titled “On The Record: Cyber Event Series” – featuring a stellar lineup of industry thought leaders and executives from our cyber practice clients. We wanted to gather the best in the business together to share their thoughts on top industry news and trends as we gear up for one of the top cyber (virtual) events of the year, Black Hat. In other words, with Black Hat coming up, presidential elections this fall, and COVID-19 continuing, cyber season is in full swing – and Tuesday’s blockbuster panel did not disappoint. 

Joined by cybersecurity experts Betsy Cooper, Policy Director at the Aspen Institute; Maggie MacAlpine, election security specialist and Co-founder of the DEF CON Voting Machine Hacking Village; Mick Baccio, Splunk Security Advisor and former CISO at Pete for America; Michael Daniel, Cyber Threat Alliance President; and Bill Harrod, MobileIron Federal CTO, the conversation explored everything from doomsday election day scenarios, to the spread of disinformation via social media channels, to the readiness of mobile voting as a secure voting channel (spoiler: it’s not). 

The panelists were also joined by journalists like Joe Marks (@Joseph_Marks_) from The Washington Post, Frank Bajak (@fbajak) from Associated Press, Maggie Miller (@magmill95) from The Hill, Kevin Collier (@kevincollier) from NBC, Jeff Elder (@JeffElder) from Business Insider, Betsy Neus (@e_neus) from FedTech, and Mark Albert (@malbertnews) from Hearst TV. 

The conversation kicked off with a deep dive into the largest security threats we’ll face leading up to and on Election Day. “The greatest threat that we face is that Americans will not end up trusting the results,” CTA’s Michael Daniel shared. “That is, undermining the confidence and integrity of the election, and however that occurs, that’s the threat we’re trying to mitigate.”

Election security expert Maggie MacAlpine shared that her biggest fear is that, “The electorate may not be prepared for how long it’ll actually take to count the results. We’re shifting to a massive increase in mail-in voting — and I think quite rightfully so — but it is a chronically underfunded problem. We’ve already had a primary in California and a primary in New York that took weeks to get all of the ballots in and to put out an official result. I’m not sure how many Americans are plugged in enough to understand yet that there might not be results on election night – and there may be states that don’t have results for weeks.”

The Aspen Institute’s Betsy Cooper, shared a similar concern of a different stripe, “We’ve talked a lot about the electorate’s perception of uncertainty. I’m worried about actual ballot count uncertainty. I’m worried about the case, where states leveraging electronic voting records and the actual ballot counts don’t add up.”

So what can the federal government do to prevent or prepare for an election day doomsday scenario? “You have to have a contingency plan for all the things. And you have a contingency plan for that contingency plan. And come November, there’s going to be a gap of time where we don’t really know who won the election,” shared Splunk’s Mick Baccio. “Politics are partisan – and they should be – but security is apolitical. It’s hard to secure elections without introducing politics to it. And I think all of us have found that roadblock more often than not.”

“The education piece is where the government needs to be in front right now,” explained MobileIron’s Bill Harrod. “To say this is what we’re doing, this is how we’re going to make sure that we have strong audit trails and that your vote can count.”

From there, the panelists explored the recent Twitter hack and the role social media will play in disseminating disinformation and misinformation come Election Day — or election week. They discussed the ongoing challenges of determining whether a tweet or a post is misleading but opinionated in nature, therefore making it a violation of an individual’s first amendment right to take it down — an ongoing conversation surrounding the president’s Twitter habits in particular. 

The panelists also articulated the need for widespread understanding and patience from the electorate and the media as ballots take longer than normal to tally this year — as they should, if state and local governments work together to ensure that mail-in voting counts are as accurate as possible. 

The main takeaways? Election security as a mainstream conversation is a positive shift. Universally mobile voting is a terrible idea (at least at this point in time). Mail-in voting will be the most secure channel for voting come November, and that Americans will need to be patient as vote tallying takes longer than normal this year. 

The bottom line: “The likelihood is the highest it’s ever been that we will not know the results election night or the morning after,” said Betsy Cooper. “As a result of that, if we want to prepare people, the biggest thing we can do is say this election night will not… feel the same as election nights have before.” 

In case you’re looking for a full recap of the conversation, you can check out the full panel on YouTube here, or watch the video above. 

Crisis and the Cloud: New Security Challenges of Accelerated Adoption

The coronavirus pandemic has caused a number of disruptions in the world of tech industry events – and next week’s now virtual Black Hat is no exception. In response, businesses are getting creative and rethinking their approaches to the usual networking, presentations and panels we see at in-person conferences. This week, Highwire’s Security Practice is hosting a series of virtual panels titled “On The Record: Cyber Edition” featuring a lineup of executives from top clients to highlight some of the key topics we’ll see at this year’s virtual Black Hat.

Monday’s panel, “Crisis and the Cloud: New Security Challenges of Accelerated Adoption,” was moderated by David Spark, producer of the CISO Series, and featured an all-female lineup of executives from Intel, Rubrik, Forcepoint, and vArmour, focusing on the acceleration of cloud adoption driven by the coronavirus pandemic, cloud security issues resulting from rapid deployment, and how to best address cloud risk.  

In attendance were Don Clark (@donal888) from the New York Times, Jessica Hardcastle (@JessicaHrdcstle) from SDxCentral, Tony Bradley (@RealTonyBradley) from Forbes and Techspective, Fahmida Rashid (@FYRashid) from Decipher and Bree Fowler (@BreeJFowler) from Consumer Reports.  

Spark kicked off the panel by pointing out that a significant cloud transformation has taken place over the past few months, largely driven by the pandemic, and asked the panelists what they are doing differently now compared to what they were at the beginning of this year.

“It was actually a really smooth transition to have folks completely work from home – we’re already about 99% SaaS and cloud,” said Rinki Sethi, CISO at Rubrik. “I think the biggest change for us was our customer base. Many of our customers we help with cloud data management, backup and recovery and many of them weren’t using cloud. They were fully in their data centers and we were helping them manage backup and recovery there, and now they wanted to shift to become hybrid to have some other means of making sure they have their data hosted somewhere else because they can’t send folks easily to the data center. There was a drastic change.”

Cloud migration acceleration was seen by all the panelists, as was the concern for how security would be able to quickly translate to this remote, cloud-based world. Many of the traditional CISO best practices simply did not match the times and crisis.

“We’re seeing 3-5 years of business transformation happen in months,” said Rebecca Weekly, Sr. Director of Cloud Business Strategy at Intel. “Normally, when a company looks to a cloud strategy for disaster recovery or business continuity, they want to do a detailed risk assessment of their entire security process – their assets, vulnerabilities that they might be facing, the likelihood of exploitations, anything they might want to do around expected loss analysis. Usually this is a very detailed, well-thought-through, CIO-led process, and we have not necessarily seen such a detailed process coming across because this is being viewed as a disaster.”

This sentiment was reflected by some of the other panelists as well, who agreed that business transformation has accelerated significantly, and that while CISOs may not have the time and flexibility for their usual risk assessments, the overall transition to cloud presents a greater opportunity than risk. CISOs are now looking at new ways to combat risk, like Forcepoint’s human-centric cybersecurity approach that looks past the traditional network security philosophy and concentrates on the behavior of human and digital identities to protect against theft of critical data.

“For the first time in modern business history, CISOs do not have the comfort level of their traditional security program and controls because the network has dramatically changed,” said Myrna Soto, Chief Strategy and Trust Officer at Forcepoint. “Not only have companies that were just considering or slowly moving towards digital transformation been forced to jump in, but clients that were already adopting are beginning to look at different capabilities, like cloud-secured gateways, insider threats and understanding behavioral analytics. 

“Our network is our kitchen counter, our home office – we’re dealing with consumer-grade networks, so the need to really look at data protection and user protection at a very, very granular level is one of the things that we’re seeing our customers talk to us about,” Myrna concluded.

When asked about their plans for their future, the panelists seemed hopeful, but remained conservative in their strategies for looking ahead. 

“We hoped that it would be short term, but we actually planned for long term.” Kate Kuehn, SVP Alliances at vArmour sees customers taking security concerns outside their offices more seriously. “We’re seeing customers say ‘ok, we need to continue to accelerate our hybrid model, to accelerate our cloud, move to SaaS, because we may not be full force back in the office until next year sometime.’ What does that mean? We’re seeing a shift into more focus on the interdependencies of infrastructure and supply chain, the dependencies between energy companies and healthcare companies, financial services. We’re seeing companies start to plan for the long term, that we could be trenched in for another year or two before they go back.”

Overall, the panelists provided thoughtful insights into the current state of accelerated cloud adoption and offered their advice for CISOs looking to strengthen their security infrastructure. You can watch the full panel here and below.

Reaching Your Audience at the First-Ever Virtual Black Hat

Black Hat is going fully virtual this year, which means attendees will miss out on the late night networking at parties and hallway conversations on the latest major research and industry rumors (but maybe not the swarm of grasshoppers that took over Vegas last year). With companies no longer able to tap into the in-person networking opportunities with potential customers and media, the need to get creative to engage with your core audience has never been more important.

Our Highwire #CyberSquad dug into opportunities that will still allow security companies to make a splash through sponsored media interviews, allowing organizations to reach their key audiences and buyers without braving the desert heat in August.

Here are a handful of sponsored opportunities at  Black Hat 2020 to build connections and elevate your thought leadership with your target audience:

  • Dark Reading is back with its video “News Desk.” Without filming in person, Dark Reading is still providing vendors the opportunity to schedule a 10-minute video interview segment, (recorded in the comfort of your own home)to detail their company news, research and key industry trends. The interview is then edited into a 2-5 minute video clip for further promotion on Dark Reading. The cost to support this engagement ranges from $8-14,500 depending on your desired sponsorship package.
  • Security Weekly is hosting virtual podcasts as part of an event they’re calling “Hacker Summer Camp 2020” that will take place the week of Black Hat (Aug. 3 – Aug. 6). Taking advantage of this new remote format, Security Weekly is live-streaming these podcast interviews over the course of four full days. Morning interviews are $2,500 (10-15 minutes) and the longer evening interviews (30-45 minutes) are $4-6,000 depending on the day of the week.
  • The Security Ledger podcast is offering sponsors a dedicated 10-15 minute interview segment as well as sponsor recognition at introduction, midway and conclusion of the Black Hat episode of the podcast. This branding opportunity is $3,000 and includes: Exclusive sponsorship of show-opener podcast the week of BlackHat and brand promotion on Security Ledger’s site. Their traditional sponsored opportunities are also still available and can be timed around the conference (i.e. one week before or after).
  • ITSP Magazine is currently offering sponsored podcasts during Black Hat, which will connect listeners with organizers and keynote speakers. This sponsored option costs around $500.
  • Security Guy TV is creating 10-minute video and podcast interviews with security professionals about any desired topic, product, service or security solution. The interview will play live during the Black Hat conference and will be promoted on LinkedIn to their 29,000 followers, as well as other social media platforms for $150 per interview. Interviews can be booked here.

Despite not being able to network in person with key publications and reporters at the show, these virtual sponsored opportunities can help your business reach a core audience of security professionals and decision makers, and provide another layer of connecting during this year’s conference. 

Are you a security company interested in boosting your thought leadership at the conference? If you’re interested in discussing one of the sponsored media opportunities listed above, or discussing your overarching Black Hat strategy, please reach out to security@highwirepr.com

Are you a publication offering an opportunity that we left out? We’re sorry we missed you! Reach out to jillian@highwirepr.com and we’ll get you added to our list. 

Man Recording Image credit: Kati at xilophotography.com

Privacy During COVID-19

In the past four months, we’ve had to adjust the way we interact and how we think about our health and well-being. This shift has drastically changed our vision of the future (what will life look like post-COVID? How much will it change?) and it has many wondering how technology will make a difference in this fight.

With the government and big tech companies rapidly coming up with new solutions to help flatten the curve, the unflattering spotlight is again focused on the privacy and security concerns surrounding new technologies. It seems that with every new solution comes another privacy infringement.

But in these scary times, when lives are at risk every day, do people really care about the increase in surveillance technology? What are we willing to give up to be safer? What will we sacrifice for a return to normalcy?

Where the Privacy Battle Began 

This isn’t the first time a major event has shifted our view on privacy and surveillance. It’s not even the first time this century. September 11th was the first major challenge and has defined the struggle between privacy and “safety” since. As the nation worked to implement a quick response to the attack, many ignored their fear of mass surveillance to help the nation rebound.

Post 9/11, privacy has dominated the conversation as the amount of surveillance made possible by new technology, like social media, smartphones and more, increases. As we moved into a new era of “surveillance capitalism,” the more people — from the infosec community to privacy and human rights advocates — began to shine a brighter light on what was really happening behind closed doors. They  pushed for the implementation of GDPR in Europe and the California Consumer Privacy Act. While these laws are far from perfect, they are a start to regulating an industry that has seen very few boundaries set by legislation.  

Yet, despite the growing concerns around surveillance from Facebook and other Big Tech companies, 2.6 billion people still used Facebook in the first quarter of 2020. Facebook’s reputation may have taken a hit in the small — but growing —  circles that are worried about privacy, but for the wider population the services social media and internet-based technology offers seems worth the tradeoff.  And this was before a global pandemic really hit.

The New Era of COVID-19 Privacy

As people began to quickly adapt to life during COVID, so did Big Tech. With everyone hunkered down at home, our computers and internet connections became the only ways we could  interact with people outside our homes. Never before has being connected been so important. 

Enter Zoom, a video conferencing platform that blew up at the beginning of the pandemic. From virtual happy hours to birthdays to almost any event plus daily meetings, “Zoom” became a synonym for all video conferencing. Just as we were getting comfortable with Zoom, issues started popping up. From Zoom Bombing to the lack of end-to-end encryption that led to credential stuffing attacks. Then it came out that Zoom was allegedly sharing personal data with Facebook. Suddenly Zoom’s was in a privacy crisis.

Zoom almost immediately hired Alex Stamos, former CSO of Facebook, as a security advisor to help with its security image. It also acquired Keybase, an end-to-end encryption company.  Thanks to quick action during a crisis, the seas quieted down for a while. But another storm seems to already be brewing — around who gets end-to-end-encryption and how much it costs. 

Just as the Zoom headlines started to dwindle, another privacy issue took its place. Apple and Google released a contact tracing app. As soon as the partnership was announced, there were vocal concerns about another Silicon Valley scheme to monitor and possibly monetize the data of our daily lives. When faced with the option of using technology for contract tracing, many European governments are tied into knots about how the information and data collected is stored (centralized v decentralized). They aren’t too keen on private California companies being in control of citizen data and dictating policy decisions

But this conversation goes much further than Google and Apple. With governments running contact tracing apps, many fear that things could get dangerous quickly. What would happen if governments were to start releasing people’s COVID status, as has happened in Cook County, IL? Will governments use this data for other purposes? Are government networks secure enough to prevent a hacker getting a hold of  all our sensitive health and personal data?

COVID-19 has brought the privacy debate to the forefront again. The loudest voices right now may be privacy advocates, but what does the general public think? Let’s look at the numbers.  Zoom still has 300M daily meeting participants. In terms of contact tracing, a recent study by Axios/Ipsos found that the majority of Americans are likely to cooperate with contact tracing as long as it doesn’t involve handing over their cell phone location. People seem  at the very least too distracted with just the basics of living their lives to really pay close attention.The silent majority just wants its life back.

As contact tracing and other tech solutions are developed,  privacy concerns will only grow. However, it’s likely that the public won’t know the full extent of what we’ve compromised until COVID-19 is in the rear view. It’s worth noting that it was only in the years after 9/11 that the realities of government surveillance finally began to turn public opinion. It’s wise for companies now to take privacy seriously and build protections into the foundations of their tools, if they don’t want to see heavy backlash in the future. Crises — and the forgiveness we give during them —  don’t last forever.

Tech Policy, Politics and Power in the Era of COVID-19

We are at least four months into an unparalleled global crisis. And yet, instead of industry collaboration and federal cooperation, the world seems to be lurching from one month to the next with very little sense of a unified plan. Some countries have responded well – namely South Korea, Taiwan and New Zealand. Some countries have not. For the first time in a long time, there isn’t a global leader spearheading a global response to a crisis. It’s every country for itself (in some places, every state or region). So, who is filling this leadership void? 

Forbes argues it’s female leaders, like Germany’s Angela Merkel, Taiwan’s Tsai Ing-wen and New Zealand’s Jacinda Ardern, who are paving the way for some of the world’s best responses to the ongoing coronavirus pandemic. STAT News notes that Singapore could teach the U.S. a thing or two. And Silicon Valley – in typical Silicon Valley fashion – believes its big tech leaders (think Bill Gates, Marc Andreessen, Mark Zuckerberg, Jack Dorsey, Marc Benioff and many others), and the technology behind big tech, will be at the forefront of the global economic reopening and the large scale eradication of the COVID-19 pandemic. 

More than ever before, the lines between tech leadership and national leadership have been blurred. Over the last few decades, the Tech Industry has become one of the most powerful entities in the world. But COVID-19 is testing whether that power can be applied to global leadership in a crisis. Companies like Facebook and Twitter are setting a new global standard when it comes to remote work, with both companies recently announcing plans to keep their workforces largely remote for several years to come (and in Twitter’s case, ‘forever’). Tech giants like Apple and Google and Twilio are developing and releasing new coronavirus contact tracing software, enabling state and local authorities to trace and mitigate the spread of coronavirus in major metropolitan areas. Data moguls like Splunk are developing solutions that allow organizations to innovate with and optimize the information they have on hand. And more individuals, providers and physicians are turning to telehealth platforms, like Zocdoc, to monitor symptoms and optimize healthcare services remotely than ever before.

But is tech leadership really making a difference? Can we say it has made the response better, particularly in the United States? Amazon warehouse workers are dying because of the ongoing COVID-19 outbreak. Ransomware attacks on global healthcare organizations are through the roof. And, lest we not forget about the one and only, Elon Musk is threatening to take Tesla out of California. Some tech leaders have been arguing for years that they could successfully fill the void of federal leadership. But, COVID may prove that there is simply no replacement for old-fashioned government during a public health emergency.

Every assertion is precarious these days, but it does appear like the tech industry is doing some good in the eyes of the public. Facebook recently pledged $100 million in grants to small businesses, Amazon contributed $100 million to Feeding America’s Covid-19 Response Fund, and Twitter and Square CEO Jack Dorsey pledged to donate $1 billion to relief programs related to the coronavirus. Could it be that the techlash tide of the last decade is now turning

COVID-19 has made the shortcomings of our society painfully obvious.  None of our leaders – whether it be in government or tech – have been able to lead effectively on their own. The solution to remediating this crippling public health crisis is for everyone to work together. . he tech industry needs to connect, collaborate and empathize — instead of simply falling back on its machines and coding capabilities. . Big Tech has far too much power to bury its head in the sand and focus simply on business outcomes. 

Check back here for regular updates on the trends driving the tech industry. 

The Showdown: Big Tech’s Inevitable Clash with Washington

big tech

Picture this: It’s the winter of 1996. Gene Kelly has just died, Happy Gilmore is newly in theaters, Tupac just released the groundbreaking All Eyez on Me album, and yours truly is about to be six months old. But February of 1996 was also an impactful month for policy that would go on to affect the course of the internet forever. 

Section 230 was essential to the internet’s adoption in the ‘90s, leading to social media, video streaming, and cloud computing as we know them. The law states that, “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” Basically, this means that platforms and providers are deemed intermediaries of content and aren’t liable as long as they take reasonable steps to delete or prevent access to inappropriate content. 

Legal experts note that amending or removing the Section would change social media as we know it. Why are legislators going after the Section now? Well, both political parties have increased scrutiny on social media companies in recent years: Republicans with accusations of censorship and Democrats with complaints that social media companies aren’t doing enough to block misinformation and violent content.

In recent weeks, this law has been on blast from President Donald Trump and Republican senators, who have asked the FCC to examine the Section following the President’s publishing of an executive order to limit the legal protections that tech companies currently have.

In fact, it’s been a pretty zany last few weeks when it comes to social media policy and developments. If you haven’t been paying attention, you’re not the only one; there have been a lot of other important news topics to focus on of late. That being said, I’m happy to break it down for you.

Snapchat Restricts Promotion

In early June, Snapchat announced that President Donald Trump’s verified account will no longer be promoted in the app after the company concluded his activity on Twitter promoted violence. In response, Trump’s campaign accused the company of “actively engaging in voter suppression.”

This development from Snapchat came shortly after President Trump’s comments in reaction to protests nationwide following the horrific murders by police of George Floyd, Breonna Taylor and needless other Black Americans. Twitter promptly restricted the president’s tweets, noting that they ‘glorified violence.’ 

Twitter Introduces New Labels

This warning label feature from Twitter was the newest development after the organization also added a ‘fact-check’ label to one of the president’s tweets about the 2020 election, as well as labels to two tweets from the Chinese government. 

Both Twitter and Snapchat enacted these developments in an effort to limit the spread of misinformation and inflammatory content on their platforms. As noted in Axios, “When the coronavirus pandemic hit, nearly every platform made clear that they intended to take strong action to police misinformation surrounding that crisis.” 

But ongoing misinformation about national protests and social posts glorifying violence didn’t receive the same attention from YouTube and Facebook that the companies promised. Facebook left similar posts to those deleted by Twitter up on its site and YouTube also has taken a more converative approach in its labeling of misinformation and inflammatory content.

Facebook Does… Something?

big tech washingtonIt seems like Facebook’s infamous “Oversight Board” isn’t actually as independent from the company as once implied. The board recently noted, “posts like Trump’s fit the scope of the type of content that it will review, but the board is not yet operational and cannot review any cases at this time.” 

The questions we have to ask now are: Will an oversight organization like the one Facebook is promising truly be independent from the company’s creator? How can we ensure these policies will be truly objective? 

One thing’s for sure: Facebook employees have had enough with the lack of labeling. Nearly three dozen former Facebook employees called out Zuckerberg’s decision to leave Trump’s posts unaltered and nearly 5,500 employees in a recent Facebook town hall called for reform in the organization’s policies. Even scientists think the company’s current policy is not enough.

Clearly one of these people (or the backlash in the press) got through to him because no less than a week later Zuckerberg announced that the company will review a number of its policies and decision-making processes, including for violent content and the company also shared that it removed over 900 white supremacy groups from the platform. But new research reveals that in order to truly be able to moderate content on the site, Facebook will need at least 30,000 people specifically dedicated to the job, something unlikely to happen anytime soon.

What’s next for 230?

big tech washingtonAs Trump continues to criticize social media giants for ‘censorship,’ policymakers question the steps he will legally be able to take to stop the companies. Free speech experts have said that the companies have the right under the Constitution to refuse to promote Trump’s account and censor content under their liability protections. As mentioned above, in response to this, the president signed an executive order tasking regulators with evaluating whether online companies’ liability protections should be narrowed, singling out social media. 

What are the responsibilities of tech companies? Should organizations be monitoring free speech or should the government be in charge or regulating? What should they be liable for and what shouldn’t they be? If we just let Big Tech do whatever it wants, will it all be OK in the end? Ars Technica recently posed many of the same questions (and even posited what a new world with amendments — or the flatout repeal — of the legislation would look like).

It’s twenty-three years after 230 passed and while I’m close to being able to legally rent a car on my own, Section 230 has remained largely unchanged. There are a lot of opinions about how this will all play out, but no one can be certain.  What does seem obvious is that Big Tech, in particular social media companies, are in the midst — maybe just the beginning — of a showdown with the federal government that could change the industry forever. 

To learn more about our policy expertise and the work we are doing for clients, feel free to reach out to me at jillian@highwirepr.com.

Image Credit: Black phone photo – Rami Al-zayat; Facebook – Kon Karampelas; Capital – Louis Velazquez

The “Cyber Scoop” from Kelly Jackson Higgins 

With the current media climate, it’s more important than ever to understand reporters’ news beats to make sure the precarious reporter to PR professional relationship remains mutually beneficial. I had the privilege of speaking to a long-time media friendly of Highwire, Kelly Jackson Higgins, Executive Editor at Dark Reading. Kelly has been a member of the Dark Reading team for almost 15 years covering security, and was recently selected as one of the Top 10 Cybersecurity journalists in the U.S. 

In the Q&A below, Kelly shares helpful insight into how she’s seeing the coronavirus pandemic shape the cyber media landscape and tips from her remote team on how to balance work and life. Oh, and one fun fact that you didn’t see coming! 

Courtney: How are you seeing COVID-19 shape the cyber media landscape? What kind of cyber stories are you interested in covering outside of COVID-19?

Kelly: It’s actually really hard not to see the influence of the pandemic on the industry as a whole now and all of the new challenges it poses to security teams – work from home security, possible budget cuts as the economy suffers, and an exacerbation of already-tight staffing issues. Even so, we want to keep it in perspective and also stay on top of how the attackers are crafting, targeting and evolving their campaigns and where the weak links are for defenders, and any new technologies that emerge.

Courtney: How are you staying sane while working 100% remotely? Any advice to share on how to properly manage work-life balance? 

Kelly: I have had a home office for more than 20 years, and all of our staff and contributors are remote, so there hasn’t been any adjustments there for us. I will say, the biggest challenge in working from home is knowing when to turn it off – it’s always there, and you work longer hours because of it. The key is creating boundaries, both physical (a separate room for your office) and mental. Sure, it’s harder now to go out and do something to decompress, but go outdoors or to another space in your home where you can relax, get some fresh air, or exercise both before and after work.

Courtney: Do you have any tips/tricks for PR folks as they try to engage with security reporters during such a chaotic time? Any PR horror stories? 

Kelly: Please don’t pitch us on stories we have already covered. Our inboxes are already overflowing, so please take the time to see what we have written about before you pitch us about something “new” that we have already posted.

Courtney: Do you look up to anyone in the security industry?

Kelly: My mentor and boss Tim Wilson, a gifted writer whose sharp reporting skills inspired my path, and who always keeps us one step ahead with his vision for Dark Reading. I’d say my security professional role model is Window Snyder. She is one of the smartest and most accomplished experts in the security industry.

Courtney: Do you have a favorite story you’ve worked on? 

Kelly: That’s a tough one — there are articles I was proud of when they were the most timely or telling. If I had to pick one, it’s “The Morris Worm Turns 30” because it was really fun to work on, and it truly was a historic moment for security. 

Title: The Morris Worm Turns 30 “How the historic Internet worm attack of 1988 has shaped security – or not.”

Courtney: One random fun fact? 

Kelly: I was a Division I soccer player in college, and my dream was to be a sports writer. =)

Overall, my interview with Kelly shines light on why investigating reporters’ previous coverage and familiarizing yourself with their news beat is so important before clicking send on that pitch. Reporters’ inboxes are jammed now more than ever due to COVID-19, so be mindful. To Kelly’s point, take the time to find that new story rather than pitching something already covered – it will go a long way in building a trusted relationship and securing that coveted piece of client coverage. 

Ditch your bland COVID-19 security product pitch, reach out to reporters to see how they are doing in this difficult time and build a genuine narrative that will be useful for you and your client.