Journalists hear countless pitches, but only a few stand out. This year, we spoke with top cybersecurity reporters about what they really want — and what they don’t. If you’re looking to improve your media strategy and get your stories noticed in 2025, here’s some of their best advice.
Tell the full story, even if some details are off the record
When asked what makes for an insightful conversation with a source, Lawrence Abrams of Bleeping Computer said “Transparency, transparency, transparency. Journalists work best if we can get the full story behind an attack, research, or malware.”
Sometimes that means offering details on background or off the record so the reporter fully understands the story but won’t publish anything confidential or revealing.
Details make a story worth covering
Derek B. Johnson of Cyberscoop echoes Lawrence when he says that “The best security stories are the ones that are interesting, impactful and have DETAILS.”
Vague pitches don’t get traction. Johnson’s looking for specifics like who was hacked, how the hacker gained access, what exploited technologies were involved, and so on.
Ditch the canned quotes
Mike Farrell of Compiler argued “there should be a blanket ban on sending canned quotes to reporters after news events. They don’t get used, nor should they. It’s a bad practice on all fronts.”
Instead, engage with reporters to see what specific questions they need an expert’s answers for.