Recently named one of the Top 10 Cybersecurity Journalists in the United States, Kelly discusses her work at Dark Reading, including what security vendors can do to improve their work with her team and her favorite stories to write, as well as shares how many times she has seen Bruce Springsteen (hint: it's a lot!).
One of my favorite types of stories to write is one of our features we call Personality Pro File. That's how I first started meeting key people in the industry 12 years ago, by learning about how they got into the field before it was much of one, how they've seen it evolve, and more importantly, who they are and what they do outside of work, etc. I think readers like to know more about the experts besides their opinions or latest research. I've had so many great interviews, I don't know where to start, but a couple of my favorite takeaways about security people I learned from these pieces: Justine Bone was a classical ballerina before she became a hacker, Charlie Miller used to watch "Dance Moms," and Joe Stewart played in a Southern rock cover band called Option 2: "When you needed to call into the SOC for support ... you would press "2" to talk to us," according to Stewart]
I'm a huge fan, and have been since high school. I am actually trying to figure out how to get tickets (somewhat affordably) for Bruce's Broadway show. I've seen him in concert more times than I can count - my estimate is close to 20 times, but I'm not sure - starting when I was a senior in high school. The last show I saw was nearly two years ago, and I wore my vintage concert t-shirt from his Born To Run Tour. I've had it since high school.
I have Bruce's memoir, but haven't had a chance to read it yet. It's on my list to finish before the summer ends. I've heard him reading excerpts on XM, and was enthralled. I am not surprised he's an excellent writer of prose -- just look at his lyrics.
Understand what we do, what we write about, how we approach news. We're all inundated with pitches and press releases, so we appreciate when security vendors know us well and can help us raise the bar in our insight on the industry.
Do your homework and learn about the technology, too. Don't be afraid to dive into it -- security professionals enjoy talking about what they do, and they are happy to share and answer questions. It will give you a broader and more informed perspective on the news and will ensure more accurate and measured reporting.
That's a tough one. I think I always favor writing in-depth analysis pieces that illuminate an industry trend or shift that may not be apparent yet, but is happening. Most recently, it was probably my story on the changing role of the Tier 1 SOC analyst:
And this older series of articles - which seem so old now! -- was especially exciting for me, because we were seeing for the first time a shift to the "assume you are hacked" reality. I was one of the first to write about this new shift in mindset/approach: