Research chat: Peter Singer on cybersecurity and what the media needs to know. Last updated: April 14, 2014.
Peter W. Singer is a senior fellow and director of the Center for 21st Century Security and Intelligence at the Brookings Institution. His work has focused on the intersection of technology and conflict. His new book, co-authored with Allan Friedman, is Cybersecurity and Cyberwar: What Everyone Needs to Know, a comprehensive primer and narrative about evolving dynamics in the digital space.
Editor John Wihbey of Journalist’s Resource recently caught up with Singer. The following is an edited transcript
Journalist’s Resource: Why should media members learn more about cyber threats?
Peter Singer: I would argue that there is no issue that has become more important and less understood than cybersecurity. You can think about this a lot of different ways — from the importance of the field to the number of articles that have reported on it. It’s equally fascinating when you talk about the journalism side, because cybersecurity touches on so many different areas. Despite the fact that we can run down the answer to almost any question we might have, this is a space where basic terms and essential concepts that define both what’s possible and what’s proper — what’s right and wrong — are being missed, or, even worse, distorted. It’s a place where past myths and future hype weave together.
There are certain things that people believe, and have been reported, as actually having happened that have not. Then there are very real things that are ignored. We can see this in terms of how we characterize cyber threats and report on them. We see things that are overblown, where people overreact, and other very serious ones that by relative measures are not covered.
JR: For media members and their organizations, what do they need to learn more about specifically?
Peter Singer: It’s on multiple levels, and I think that’s what is not well understood. The first is: What is the training that journalists get in this area? The answer is generally “none.” And we might ask, “Why should they?” And I’m not just knocking on journalism. Seventy-percent of business executives in general — not just technology executives — have made some kind of cybersecurity decision for their company, despite the fact that no major MBA program teaches it as part of your normal management responsibilities. That same gap exists for the way we train our lawyers, our diplomats and, yes, our journalists. This is a new area that journalists need to have an awareness of. There are relevant stories in almost any field, whether you are on the crime beat, the U.S.-China relations beat, the Wall Street beat. In all of these, we see cyber issues popping up, and you can’t do a good job of reporting unless you have a basic awareness.
Second, journalists are targets. Essentially every single major American media group has been hacked in some way, shape or form. In our book, we explore the New York Times being hacked by a group based in China. It wasn’t to steal the secret recipe of the ink used at the New York Times. It was going after New York Times intellectual property of a different kind: It was to see who was talking to New York Times reporters about corruption within the Chinese political system. That same kind of targeting has happened with multiple other major news outlets.
Third, the news business is like any other kind of business, and there are basic organizational responsibilities and roles. Media organizations hold all kinds of information, including the credit card information of subscribers, which are important and targets.