LAS VEGAS—At its core, Runa Sandvik, senior director of information security at the New York Times, says her job isn’t much different than a traditional corporate security manager’s job may be. But in a political and social climate that’s less aggrandizing to mainstream media, and operating in an industry in the midst of a transition in the way it delivers news to readers, Sandvik has many unique challenges on her plate.
In this episode of the Collective Intelligence podcast recorded during Black Hat, Sandvik explains the importance of championing relationships with the Times’s newsroom and how important it is for her team to enable reporters and editors to do their job securely, protecting not only their sources, but in some cases, their physical safety as well.
Sandvik’s current role is not her first foray into working with journalists; she in the past has worked as a technical advisor with the Freedom of the Press Foundation where she taught mainstream and often less-resourced freelance journalists about the security staples that reporters should be familiar with. At the Times, Sandvik has strived to build a culture of security, one where newsroom staff and lines of business are aware of the risks associated with their respective roles and how to mitigate them successfully.
In this interview, Sandvik explains how she continues to build relationships with the Times newsroom, and how her team enables secure behaviors critical to journalists, whether it be receiving tips from the public, or how to travel securely around the world while reporting. She also details some security defaults and restrictions for the newsroom, and how she gauged and improved the newsroom’s awareness of risks it faces.
Get a direct download of this podcast here.
The Collective Intelligence Podcast, presented by Flashpoint and hosted by Editorial Director Mike Mimoso, features regular interviews with a diverse set of industry experts and Flashpoint analysts on the latest information security news and industry trends.