The year you get hacked

“The longer we wait, the more stories we miss, the more information we endanger, and the harder it is for us to adopt secure practices.”

This prediction is reaching you too late — your news organization is already in danger.

katie-parkThis is the year you’ll get hacked, or phished, or you’ll give away more information about a source than you intended. This is the year you have to start caring about digital security.

We’ve been too slow to understand security and the implications it has on our journalism. When newsrooms hesitate to embrace technology, we face greater risks than a drop in pageviews: We jeopardize sources and compromise the integrity of our information.

Just recently, we’ve been reminded how damaging internal document leaks can be. We’ve learned how easy it is for others to track us online — and offline. And we’ve seen attackers breach publishing systems and social media accounts.

It’s long past time for newsrooms to start caring about the security of their communications. The hackers, phishers, and whistleblowers of the world aren’t going to wait for us to figure out encryption. The longer we wait, the more stories we miss, the more information we endanger, and the harder it is for us to adopt secure practices.

The days of burner phones and clandestine meetings in a parking garage may not be entirely behind us, but we can’t rely on those methods alone. Increasingly, our information and communications take digital form: We chat and email our colleagues, we store confidential documents on our computer or in the cloud, and we depend on a huge array of software to help us do our jobs. The less we understand about the way our data is stored and transmitted digitally, the greater the risk we run of it being used against us.

Do you know which companies and individuals have access to your internal chats and emails? Have you checked what metadata is stored within those confidential documents you’re posting online? Are you up to date on the security releases for the software you use at work? And what about your readers — how much privacy are they granted?

Security isn’t convenient. When you’re racing against a deadline, end-to-end encryption can seem unnecessarily complicated. Right now, digital security has a steep learning curve and is not always user-friendly. But the stakes are high — really high.

Fortunately, there are journalists and technologists already working on this problem, and they’re working on how to make it easier for you. The Freedom of the Press Foundation released SecureDrop, a submission system for anonymous sources already in use by several news organizations. At Source, Jonathan Stray provides resources on security basics, including how to protect your accounts, encrypt your disks, and plan for security vulnerabilities. ProPublica reporter Julia Angwin has created guides to encrypted messaging and safe web browsing.

Security isn’t easy, but it’s going to matter more and more for news organizations. And if Taylor Swift can do it, so can you.

Katie Park is a graphics editor at The Washington Post.