Pavel Sitnikov, XPanamas: You need to write about cybersecurity in the format "as for yourself", and not for the sake of profit or attention, then the community will appreciate you.
Pavel Sitnikov, head of XPanamas, told Cyber Media portal about how cybersecurity blogging is developing in Russia, what risks may arise for the authors of tg channels dedicated to cybersecurity, and how cybersecurity bloggers can benefit from their activities or bring it to the community.
Cyber Media: To date, Telegram alone has more than two hundred Russian-language channels that are somehow related to cybersecurity: from compliance to hacking techniques. In your opinion, at what point did cybersecurity become actively developed in the public direction and what was the reason for this?
Pavel Sitnikov: Cybersecurity has been developing for a long time within the community, in the format of various meetups, forums, closed channels and "interest groups" to exchange opinions, techniques and knowledge. At some point, this organically "went to the people" because the sphere itself has grown quite a lot, and interest in it has increased.
Now, not a week goes by that the federal media does not write about a high-profile leak, cyber attack or other incident. The topic became a "hype" and this contributed to the development of information security blogging.
Cyber Media: Based on your experience, which content from the field of cybersecurity is interesting to a wide audience, and which is interesting to a profile audience?
Pavel Sitnikov: The general audience needs more resonant content – these are data leaks, news about hacker attacks, news about the fate of "legends of the stage" and so on.
The profile audience chooses channels where the information of interest accumulates faster than it catches the eye from the original sources. And the profile audience has a very negative attitude towards any ad.
Cyber Media: In your experience, which content attracts the audience's interest the most?
Pavel Sitnikov: In my experience, the following topics attract attention:
- reports on investigations and techniques used by ART groups;
- news about carders;
- video instructions (made with your own hands!) for working with offensive security tools (metasploit, cobalt, etc.);
- information about quests and meetups.
But it is important that the author makes and publishes content in the "as for yourself" format, and not for the sake of profit, monetization, or the like. I repeat, the profile audience reacts very sensitively to any advertising.
Cyber Media: If we talk about the risks of "cybersecurity blogging" - what are they?
Pavel Sitnikov: The answer to this question can easily be found in FSB order No. 547, if you read between the lines. Also, it is worth remembering that if an author has more than 10 thousand subscribers, then he automatically becomes a media outlet, with all the ensuing consequences.
In a good way, in order for "cybersecurity blogging" to be truly safe for the author, you need to have experience working in relevant government agencies, and an appropriate intuitive sense of what information may be sensitive.
You can give one universal tip – write about what you are working on yourself. No need to chase high-profile news and comments on them, write about infopods in which the author does not take a direct part.
Cyber Media: Cybersecurity has long been a closed industry. In your opinion, what are the advantages of openness and transparency both for a particular specialist and for the field as a whole?
Pavel Sitnikov: Cybersecurity was just a hobby of a few, it was never a closed industry. For specialists: This is the openness and accessibility of materials, documentation, live stories and examples, and the community (stage). For the industry itself, this means attracting both specialists and investment.
For a particular person, the advantages are the same as for any other expert field – the opportunity to show yourself, become famous in the profile environment, and possibly get an offer from a well-known company.
Cyber Media: Sometimes it's not just security people who have to talk publicly about cyber security. If we talk about non-information security companies, most often the reasons are negative: hacking, data leakage. And not all companies can adequately report an incident. In your opinion, what is the reason for this and which publication option would be optimal in terms of reader loyalty and reputational risks of the company?
Pavel Sitnikov: There is an indisputable fact – companies are extremely reluctant to admit the fact of the leak. They simply deny it, shift the blame, admit the leak is old, insignificant, and, at best, claim that they are conducting an investigation.
Of course, this is wrong. I believe that the company should not only notify customers about the problem in a timely manner (and not when all the media have already written about it), but also draw up threat models – what, based on this leak, can happen to a specific victim in the future.
A huge problem is that many Russian companies do not understand what cybersecurity is, and even the current situation does not teach anyone. The problem is incurable only in a technical way, we need to change the mentality of the masses, in particular-by increasing responsibility for allowing leaks and creating regulations that oblige more companies to provide a certain level of information security.
Cyber Media: What tips and recommendations can you give to novice information security bloggers?
Pavel Sitnikov: If you are doing this for profit or fame, then stop. You need to write about cybersecurity in the format "as for yourself", and not for the sake of profit or attention, then the community will appreciate you.
Also, it is important to understand that blogging is a work and a whole profession, with its own risks and pitfalls. If you are ready to devote yourself entirely to this, then you need to be ready to live off advertising and donations.
Specifically, using my own example, the well-known channel that I created, and later presented, was created for myself personally. There was an idea to show the imperfection of various systems, that absolute cybersecurity does not exist, and ensuring information security is a daily painstaking work that requires constant attention. In addition, I wanted to show that no one has a monopoly on information, and everyone should have access to knowledge.
