Following the Colonial Pipeline ransomware attack, motorists line up to use gas pumps at refueling stations. Cyber media coverage has deepened as we see more real-world consequences of cybersecurity issues. (Photo by Sean Rayford/Getty Images)
There’s no denying the increasing salience of cybersecurity issues. This year alone has seen revelations about the SolarWinds hack, as well as the Colonial Pipeline ransomware attack and the recent changes announced by Apple intended to protect children. Each has serious implications across a host of domains, from national security to business and the broader economy, to individual privacy. For the news media, the challenge is reporting on these often highly technical and complex topics in a way that can inform both the public and the policymakers who need to understand how these issues affect all of us, and what we should do about them. The good news is that, increasingly, journalists at mainstream U.S. outlets are covering these stories with the depth and nuance they deserve.
Historically, media coverage of cyber issues has focused on “hacks and attacks:” the latest breach, with the number of users compromised, in stories filled with references to shadowy hacker groups with strange names. But in recent years, we’ve seen coverage shift from this one-off “portrait” style of reporting to more in-depth “landscape” analysis of cyber issues that looks more closely at root causes, real-world consequences, and potential policy solutions. One needs only look at the groundbreaking work Kashmir Hill has done examining just how deeply the Big Five tech companies are embedded in our lives, the deeply reported coverage of the Russian government’s Sandworm hacker group by WIRED’s Andy Greenberg, or the first-person reporting CNN’s Donie O’Sullivan has done on social engineering-based hacks and the rise of the QAnon conspiracy in right-wing politics, to understand how journalism about cyber issues is changing. These reporters’ stories go deeper, increasing the range of people quoted to include more experts and advocates, as well as the voices of ordinary people increasingly affected by both individual cyber incidents and larger trends.
A series of reports the Hewlett Foundation Cyber Initiative has commissioned from a team of researchers at George Washington University’s School of Media and Public Affairs helps quantify these changes. The team, led by Professor Sean Aday, has examined mainstream news coverage of cyber issues in a series of three research reports, beginning in 2014. The most recent report, which covers the period 2019-2020, showed that while coverage of cyber stories actually dropped precipitously in 2020—by 87% amid a huge volume of pandemic and election-related coverage—the depth and sophistication of that coverage continued to increase, with more than 80% of the cyber stories in the study classified as “substantive.” (Each of the stories linked in the preceding paragraph appeared during the period studied in the last report.) That’s the high-water mark for the proportion of in-depth stories among all those examined in this research—part of a trend that has continued since 2016.
Understanding how the news media is covering cybersecurity is part of the Cyber Initiative’s grantmaking strategy. In addition to building a set of core institutions to help develop solutions to cyber policy challenges and developing the talent pipeline to help staff those institutions and other cyber policy roles in government and industry, the initiative supports “the development of infrastructure to translate and disseminate the work of these institutions that can be understood and used by decision-makers and the public.” We do that by supporting both our grantees’ capacity to effectively share their work, through things like media training and external communications support, as well as by engaging the news media through events and tailored outreach. The research by Aday and his team is one way we measure how well we are achieving our goals in this area.
Two other aspects of the findings in the most recent report are noteworthy. First, while earlier editions found a very high proportion of quoted sources were either experts—often from the cybersecurity companies whose incident reports formed the basis of the story—and government officials, from 2019-2020, almost 10% of quoted sources were ordinary citizens. Aday points to prior research that shows such broadening of sources is often correlated with more in-depth reporting and suggests that the increasing focus on the implications of our technology for individual privacy likely led to this increase.
Second, the researchers have tracked how stories in their dataset frame the “villain” of the piece since 2014. While Russia and China, the United States’ geopolitical rivals, continued to appear in this tally, accounting for nearly 20% of stories where an antagonist was identified, the most recent report found tech companies themselves cast as the villain in more than 35% of stories where one was present. Again, this points to a deepening understanding among the media of the outsized role these companies play in setting policy that affects everything from individual privacy to support for our democratic processes.
The trend toward deeper coverage of cybersecurity stories is laudable, though of course there is more that could be done. Many stories still focus on the hack of the moment, and coverage can still be surface-level or sensationalistic, particularly when a story brushes up against news beats like business or politics, where journalists have less experience writing about the underlying technologies of cybersecurity and their policy implications. The importance of these stories is only increasing, and we look forward to learning how mainstream news outlets continue to evolve their coverage in ways that serve to deepen understanding of the policy questions and core democratic values implicated in them. Policymakers need their help making sense of these stories, and the wider public deserves no less.
