Prior to CyberScoop, AJ spent eight years at Mother Jones covering everything from data analysis and voting rights, to election security and UFOs. Eventually, AJ found himself focusing more on the cybersecurity and technology space, and made his way to CyberScoop where he now covers topics related to cybercrime and state-aligned threats– his latest personal interests being in hacktivist initiatives and the latest novel threats or attacks.
AJ is looking forward to his first year at RSAC and the opportunity to hear stories from people from all over the world, while also putting faces to names for those he collaborates with on an ongoing basis, but has never met in person.
Tune in to the full episode or read the transcript to discover more about AJ’s career path, topics of interest and plans for RSA including:
- The stories that propelled him into the cybersecurity space
- AJ’s day-to-day coverage areas
- Why AJ particularly is interested in the Guacamaya hacktivist group
- How he contextualizes research for CyberScoop’s audience
- Recommendations for sending valuable pitches
- How far in advance AJ plans his RSAC schedule
- What AJ wants to know about improving his own coverage
- How a childhood passion for skateboarding came full circle
0:35 – AJ’s Background Covering Security
2:00 – Topics of Interest for AJ
3:15 – Most Memorable Story Over the Past Year
6:45 – Most Valuable Intel From a Reporter’s Perspective
10:05 – What Topics He Wishes to Dig Into More
13:00 – What AJ Anticipates for RSAC & Key Interests
14:55 – Cutting Through the Noise When Pitching
17:47- Timeline for Coordinating RSAC Schedule
18:50 – What Makes Meaningful Meetings
23:50 – What’s Coming Up for CyberScoop
24:44 – Covering Snowboarding/Skateboarding for X Games
Want to hear more from Inside the Media Minds? Find all the past episodes here!
Christine Blake (CB): Welcome to Inside the Media Minds. This is your host, Christine Blake. This show features in-depth interviews with tech reporters who share everything from their biggest pet peeves to their favorite stories. From our studio at W2 Communications. Let’s go Inside the Media Minds.
Hi, everyone, this is Christine Blake, the host of Inside the Media Minds and I’m super excited for today’s episode because we are speaking with AJ Vicens, who is a reporter at CyberScoop. Tthis episode is a little bit of a two-parter, so a little different. We’re going to dig into AJ’s background, what he covers at CyberScoop, and then also ask a few questions more specific to the upcoming RSA conference. So welcome, AJ, good to have you on.
AJ Vicens (AJV): Yeah, thanks for inviting me.
CB: Yeah, of course. So I know you’ve been at CyberScoop for a year and a half now and we closely follow a lot of your coverage over there at CyberScoop. We’ve had a number of your colleagues on the podcast as well. Can you give us a quick overview of your background and kind of how you got started covering security?
AJV: Yeah, so like you said, I’ve been in CyberScoop about a year and a half, um, October of 2021. I jumped over, I had been at Mother Jones magazine for eight years prior to that. Um, and did a little bit of everything over there, uh, from data analysis and visualization to, um, covering things like voting rights, election security, um, UFOs, police violence, military issues all across the board. But it was right around the, um, 2016 election when I started covering more of the Russian interference operations and what was going on with the election then. And it really got me into, uh, sort of the security space and more of the technical side of how the internet works, how, how hackers work, how the disinformation ecosystem was working all of those things. And yeah, so that sort of lit the fire and here we are.
CB: Yeah, no, that’s, um, definitely an interesting journey. And I think, I always like to hear about how reporters get into cybersecurity, I think it’s always a different kind of route that they take. Um, so, you know, pertaining to CyberScoop, what are some of the main focus areas you cover?
AJV: So I focus on cybercrime, and state-aligned threats. And obviously, those are two very big umbrellas, um, lots going on in both of those spaces. Um, I would say the day-to-day bread and butter, um, I deal a lot with threat intelligence, I deal a lot with you know, ransomware, other types of cybercrime. I really enjoy writing and learning more about the hacktivist space, and the spectrum from the, um, within that space of, you know, the fake hacktivists up to the ones that seem more genuine. And really just, it’s just such a diverse, um, beat, and lots going on every day, too much to cover…
AJV: …um, so you know, those are the things I try to limit my focus on, because there’s so many interesting things happening. So many people doing really cool things in terms of new technologies, new platforms, uh, companies doing this and that, but it’s just so much going on that I try to limit it to the, to the cybercrime and the state-aligned threats.
CB: Yeah, there’s so much involved in that, um, as well, from your perspective, like, what has been one of the most interesting stories I’ve heard so far this year, in the past three to four months?
AJV: Yeah, I mean, so we spent the last year really focusing on obviously, the war in Ukraine, the Russian invasion, and we’ve spent a lot of time getting to know some of the cybersecurity professionals, uh, in Ukraine and, uh, you know, outside of Ukraine that are helping the effort, frankly, so we spent a lot of time on that. Um, and as part of that, you know, there’s this sort of flurry of hactivist front organizations that have emerged, um, on both sides of that conflict. And I’ve really enjoyed is a strong or strange word in this context…
AJV: …but it’s been really interesting to watch that ecosystem and its role in the conflict and the way information gets out, the way hack and leak operations are carried out and that kind of thing. But then, you know, there’s these other, uh, hacktivist efforts going on as well and, you know, one of the more interesting ones at the moment for me is this group called Guacamaya, out of Latin America that, um, you know, they’ve, they’ve released, you know, military and police files from throughout that region, and just really had a huge impact and I did an interview with them and tried to contextualize their activities. Uh, that was a story in January. You know, they’ve released over the last year they’ve released more than 20 terabytes of data.
AJV: And that’s probably sort of my highlight so far over the last year, um, you know, the Ukraine work, and then also the conversations with Guacamaya and that reporting.
CB: Mhm, yeah, that is fascinating. How did you go about, um, like understanding a lot of the Guacamaya stuff and like, really like digging into some of the data?
AJV: Well, so I’m, uh, you know, one of my personal biases is that I, um, I’m predisposed to sort of be interested in anything related to Latin America, I think. I mean, especially when it comes to cybersecurity, information security, it’s sort of under-covered, at least from, you know…
AJV: …uh, an American reporting perspective, I feel like there’s, it’s such a massive and diverse region, with so many different industries and businesses and, uh, people. Um, you know, there’s lots going on, cybersecurity wise there that just doesn’t, it kind of flies on the radar somehow, so, when stories emerge out of that region, I like to take a look. And, um, you know, they, they announced, uh, that they had released these files, um, last spring. And, you know, we started to take a look, and, you know, experts that we consulted with, uh, told us that the file seemed legit, um, and so we kind of went from there…
AJV: …and having a several releases, and each time they did a release, they would release a message with it. And, you know, they weren’t selling data, they weren’t ransoming anybody, um, nothing like that. They were really just exposing, you know, what they considered to be important newsworthy items. Um, so it had a really interesting feel to it that way, and, you know.. …coming from, you know, coming from the Mother Jones side, where I’m very used to dealing with activists and protest movements and things like that, it’s just sort of natural for me to try to reach out to people who are engaged in activism and see what they’re trying to talk about. Yeah.
CB: Mhmm. Yeah, that makes sense. I think, um, you know, one thing that I know you do a great job at, and the team at CyberScoop does as well is really looking into some of the research and the data and the threat intelligence coming out, within, you know, different vendors in the cybersecurity landscape and reports in general. But I guess, from your perspective, in terms of research and data, like, what do you find most valuable from a reporting perspective, and like, how has the research game changed at all?
AJV: So for me, what I really have enjoyed about my time at CyberScoop is, is, is dealing with the threat intel folks on a day-in, day-out basis. Um, there’s so much interesting research going on, you know, reverse engineering, uh, it at the end of the day, really what a lot of these vendors and companies are trying to do is help both their customers, but also the public at large, so these public blogs, learn about these very real threats that could have direct impact on their businesses, on their, you know, personal information, their safety, those kinds of things, and so, I’ve really appreciated that these, these companies that frankly, could charge a lot of money for what they do, um, are willing to share some of these things publicly, especially when they think that there’s a, uh, a safety risk for the general public. And so I’ve appreciated being able to sort of, you know, take that research and try to contextualize it for, I wouldn’t say we have a general audience, you know, we have an engaged, technically sort of minded audience…
AJV: …and so we really try to matter, uh, you know, marry, that really high level technical research to a general sort of, um, digestible format. And, you know, sometimes we do better than others, and sometimes the information is really technical, but a lot of times, I think, with working with the, uh, with the vendors, and you know, frankly, public relations professionals, um, to try to tell the story and help people understand why they should pay attention, why they should care, I’ve really liked that. …I try to explain things or break them down into very digestible sort of bites that people can understand how should I go about thinking about this threat to my business, or my information, or even my own personal sort of information security setup? And why should I care about this weird technical flaw in this software in this obscure library? Why does that matter?
CB: Mhm. Yeah, it’s a matter of right communicating to the public, it’s why, like, what do these numbers mean? Like, what are the implications of what’s happening, you know, around the globe when it comes to cyber threats?
AJV: Absolutely. I mean, people are very busy and as much as we would like to sit around and read, you know, pages and pages and pages, you know, we have to sort of triage the information that’s coming in on a daily basis, especially if we’re running a business or working in a security operations center or something like that. Or if you’re a CISO, you need to try to figure out okay, Why should I care about this right now? Um, and we try to really get to the point pretty quickly.
AJV: Um, and so, you know, sometimes that like I said, that’s easier than others, but sometimes it’s just very obvious, you know that there’s a serious threat that people should pay attention to and we try to convey that information as easily and as smoothly as possible.
CB: Mhm. Yeah, and if there, if, this may be a hard question, but if there was a topic that you could dig into, that you really haven’t had a chance to dive into yet, what would that topic be, do you think?
AJV: I’m always trying to learn about the, you know, the latest novel, uh, threats and attacks, you know, I’m really interested right now and learning much more about, you know, the cloud environment, and how successful attacks are being pulled off there who’s behind them. You know, which industry should be most, um, worried about something like that? You know, if we zoom out a little bit, it seems like, there’s a large portion of cybercrime that is, uh, effectively crimes of opportunity, right? I mean, there’s a vulnerability that someone comes across, and they see, they, uh, try to exploit it, and then see who the target is on the other end. But you know, there’s also cases where specific entities or organizations or industries are targeted, and then you try to look for the vulnerabilities that might map to that space. And so, you know, trying to walk that line of understanding how all of that sort of context marries that to the cloud environment.
AJV: New, the latest and sort of greatest when it comes to email compromise, you know…
AJV: …business email compromise. BEC is, isn’t as sexy maybe as something like ransomware, or something like that, but it’s also, you know, professionals will tell you, it’s the biggest sort of money, space for criminals there is, and, it’s, it’s a lot of damage that gets done to businesses. Hmmm. So I’m interested in finding stories there we can tell, that are interesting and compelling. Um, and, you know, frankly, if if, uh, I’m really interested in like, uh, specific stories, I think people resonate with things like this, when there’s like a character you can, you can sort of…
AJV: …walk through a story with somebody, you know, that’s like that human need to sort of put a face to some of these problems. We can talk all day about stats, and figures, and big picture and technical indicators, and all those sorts of things, but if there’s a human being, or a particular business that suffered a particularly, uh, you know, sort of novel or interesting attack, and they feel like sharing their story will help others, uh, you know, not have to suffer through that. That’s the that’s kind of our sweet spot, I would love to do things like that.
CB: I like that. Yeah, the more storytelling approach that paints, you know, a clearer picture of what’s going on, that’d be a great, great outlook.
CB: Awesome. Well, you know, let’s talk a bit about RSA. I know that it’s such a noisy event every year in the cybersecurity community. We’re coming up just, um, under a month away from it and you know, we always hear, get a lot of questions from the companies that we work with, and just in the industry about how media approaches it. Um, so I guess AJ what are your what are some of your plans for RSA this year and how are you approaching, uh, specific topics that you want to cover? Interviews that you are arranging? And just all of that, and how are you navigating just all that noise around RSA?
AJV: Well, interestingly enough, it’s my first RSA. Um, so I understand that it’s a very large event…
AJV: …very busy. Um, I’m looking forward to getting back to San Francisco, I used to live there. Um, but in terms of the event itself, you know, obviously, there will be people there from all over the world, from private industry, from government from all levels of government, law enforcement, uh, intelligence, those sorts of things and I’m really just, it feels almost overwhelming at this point, the type, the sheer sort of scale of the whole thing.
AJV: But I’m really looking forward to meeting people, um, putting some faces to names that I interact with on over email primarily, um, and sort of seeing what’s there for me, you know, my focus again, would be on cybercrime, state aligned threats, and, uh, if there’s opportunities or folks want to talk about those things. Um, without sort of a if I’m being really honest, without sort of pitching a product, or, you know, our service can prevent X, Y or Z. I understand that people need to sort of pay the bills and that kind of thing, but it’s just really hard to sort of cut through that and get to the stories. So, you know, if if there’s opportunities to meet up and talk with folks, um, about specific threats, they think that they’re seeing that they want the wider community to know about or interesting attack chains or things like that, that’s what I’m really focused on.
CB: Sure. And then I’m sure your inbox is inundated with requests to meet, and all kinds of networking events and everything. Um, I guess, what do you recommend for companies trying to cut through some of that noise?
AJV: Yeah, I mean, I’m sure you know quite well…
AJV: …uh, the volume of pitches that go out, uh, in connection with an event like this, or like, the other ones in the summertime in Vegas…
AJV: …that kind of thing. For me, uh, again, it’s just sort of understanding what I cover, maybe having a, I know, folks are busy, and you’re trying to reach out to a lot of people at once, but you know, just even a basic understanding of the types of stories we do and don’t do.
AJV: We don’t, you know, for instance, we don’t cover mergers and acquisitions, or a company going public or something like that. I mean, you know, I hate to waste people’s time, even having them reach out with a pitch like that, because I just won’t cover it.
AJV: So, but even you know, so a basic familiarity of some of the stories that I might be into, that really cuts through pretty quick because I do end up reading a lot of them. I don’t respond to a lot of them, but I read almost all of them. And I’m looking for, um, things that are specific to me, and what we can do, you know, experts that have relevant sort of experience, you know, sure, there might be tied to a company, but they’ve, they’ve worked on this particular massive breach in the past or they were part of this particular agency that had these responsibilities and can maybe shed some light on how, uh, a certain law enforcement operation might work. You know, I’m never asking anybody to reveal private information, but just assist us in telling these stories correctly in the proper context, with with proper facts and data and that’s really helpful to us. And, um, I know that some reporters have, uh, a sort of a love hate relationship with these kinds of things, but I actually really appreciate the public relations professionals I work with, uh, fairly regularly actually, that, that know what we work on and say, “Hey, I’ve got a client that that knows this topic. I know you’ve covered it, you do you want to meet?” and then almost always, it’s absolutely, yeah, let’s set up a call…
AJV: …or in this case, in RSA, let’s set up a coffee, let’s say hello, maybe we can find some cool stuff to work on.
CB: Yeah, absolutely. I think that’s what it comes down to is just knowing the coverage areas and having that mutually beneficial relationship about how can people help you with some of the stories you’re trying to tell.
AJV: Yeah, definitely. I mean, I know that it’s very, like I said, people are very, very busy. People are trying to do their day jobs on top of setting up meetings, and this and that, and, and I just want to save everybody the time and just say, hey, if it’s if it’s not for us, you know, I’d love to just say hello. But you know, there’s no need to sort of, uh, you know, waste anybody’s time, I just want to be very direct about what we’re…
AJV: …trying to do. And I think that there’s a lot of opportunity to work together on those things.
CB: Definitely. Um, how many weeks out from the show do you typically schedule and create your online or your on site schedule?
AJV: Well, I mean, I’d love to get your perspective on this.
AJV: But in terms of what makes sense, I know people’s calendars fill up. But…
AJV: I would say, you know, maybe next end of next week, the week after that, I’m going to really start in earnest to try to lock down the calendar. I don’t really know, at this point, what the days are going to look like but, um, I think that’s sort of the sweet spot for me, I want to respect other people’s, um, time too, and their planning windows to try to get on their calendars in the in the sort of appropriate amount of time, but it’s slightly too early for me, but I’m ready to talk… …with folks, um, probably in the next week or so.
CB: Right. Okay, yeah, good to know. And then, um, I know you mentioned like a big, huge value to you, just kind of meeting people in-person, um, hearing about new stories to tell and research and all of that. But during an onsite briefing at either, you know, Blackhat, RSA, or just in general, what makes a meeting with a vendor or researcher, like truly valuable so that it makes you feel like it wasn’t a waste of time?
AJV: Well, I mean, if I can walk away with, you know, having met a new person, uh, or or a person I’ve dealt with before, but, you know, let’s stay in touch on a given topic, let’s talk about a specific story. Maybe there’s something specific that happened or a a worrying development in security that we need to you know, let’s see if we can do a story sort of imminently. Um, you know, relevant, uh, timely, sort of things like that, so, say for instance, you know, we just had the breach forum, uh, arrest a couple weeks ago. If if this all happened, right when we, we’re all in in San Francisco, maybe there would be clients or or companies that say, you know, what we, we track these data breach forums and here’s what we’re seeing, this is why this is important, um, here’s some specific research we have, or, or that kind of thing. I mean, I’m absolutely going to take that meeting and perhaps…
CB: Mhmm. Mhmm.
AJV: …walk away and write a story, you know, I mean, so in terms of making their time valuable, and my time valuable, or for both sides, let’s let’s do something specific, let’s let’s get out of the sort of realm of the abstract and really talk about, um, specific things they might have that are sort of either imminent, or very short term. Um, I would love to, you know, if people are unveiling research there, the more time ahead of time, obviously, the better that…
AJV: …we can sort of read about that, or think through it and report it out a little bit and add some, like I said, some of that human element to some of these things really helps the stories cut through. Um, so you know, if people are, uh, uh, unveiling research, I’d love to talk about that as soon as possible.
CB: Yeah, that’s, that’s really helpful to hear, and good to know. Um, well, I always love hearing like media’s perspective on conferences in general, and how you approach things that’s been really helpful.
AJV: Yeah. Thank you for, uh, you know, I gotta say that I, I understand that it’s just such a difficult thing to try to set these meetings up…
AJV: And I want them to be fair, um, even if you don’t sort of like them. Um, you know, oftentimes, you will like them… …and make them valuable for everybody. So if there’s, if there’s things that obvious also, I, I usually go to these meetings and try to ask the, um, subject matter experts, or the executives or whoever I’m meeting with, what what can reporters be doing better? Where do you see us sort of falling down, um, on the coverage of your sector, or your company or your area of expertise? I mean, I’m always trying to learn too about how we can better, you know, tell these stories, you know. I understand that people aren’t always happy with stories, um, but at the same time, I want them to be accurate.
CB: [laughs] Right.
AJV: …but I think that just getting it right is really important and if there’s opportunities for me to learn how to, uh, be more nuanced about a given sector or something like that. I’m, I’m all ears for things like that, too.
CB: Yeah, I think that’s something important to keep in mind, too, for a lot of the the researchers, even at some of the vendors that completely in the weeds on things like how, how can this topic be covered, and to really detail the implications and the potential problems that could, you know, come to fruition if people aren’t aware of certain things? So I think that’s really good to keep in mind.
AJV: It’s such a good point, I think one of my worries is that the security community, uh, you know, I don’t want to be unfair, but it almost feels like sometimes it’s a conversation amongst themselves very often.
AJV: And I want to find ways to, you know, cut, you know, break out of that bubble, because the work is so important and so interesting. And so, you know, really just frankly, it’s cool, I find it very cool, a lot of things that are going on, and very just inherently interesting. But it’s it’s not getting out enough, in my opinion, maybe I’m biased, because I like it so much. But I think that we need to find ways to broaden that conversation, or at least broaden the people who participate in these conversations.
CB: Yeah, I think you’re right, right about that. I mean, it’s sometimes it feels like an echo chamber, and everyone’s just kind of talking around in circles to each other, but to break through that, and to really deliver that story that lets people know that a lot of this stuff is cool, yes, there’s also like, serious and there are serious implications around it.
AJV: Definitely. And it applies to pretty much everybody.
AJV: People might think, oh, I don’t really care about hackers or I don’t care about… …2FA or this or that or zero trust, these things will you will care when when your business when your emails are posted on some blog somewhere or, um, you know, you can’t access your financial records, your payment systems go down, you might, you might care about why that’s going on, and how you could have maybe prevented it. So…
CB: [laughs] Exactly.
AJV: …you know, these things apply to a lot of people that may not realize it, Yeah, they sure do. Well, anything interesting that you or CyberScoop has coming up on the horizon at all? You know, we, [chuckles], um, I think we’re just gonna stay focused on, um, we have some interesting stuff coming out, again, about the hacktivism space…
CB: Mhmm. Mhmm.
AJV: …stay tuned, there is little more coming. I’m very interested in, uhh, sort of hint at some stuff coming with respect to Iran… …and some of the things happening there. Um, and really just on the lookout for cool things, it feels like once we like set plans for like a deeper project… [laughs] …that the daily news cycle sort of takes over. So…
AJV: …it’s hard to, um, get out of that sometimes, but but the broader picture, things are along those lines.
CB: Got it. No, that makes sense. And I always like to ask a little personal question, but I saw on your, um, bio that you are used to be a snowboard researcher for ESPN and covering that space, which is a huge departure from cybersecurity.
CB: How did you get into that? And then, you know, is that something that you’re interested in outside of work?
AJV: Yeah, absolutely. So I grew up skateboarding, and I thought, uh, [chuckles], up until, uh, um, a shockingly high age that I thought I was just going to go into skateboarding and… …maybe a professional skateboarder or find some job in that industry. I had a friend through that, who was affiliated with the US Olympic women’s snowboard team, and she had connections to X Games. And one year, uh, she was pregnant with her first child and asked me if I could fill in for this research role. I had no idea what it was and so I said, absolutely, I’d love to go talk about snowboarding, I grew up doing that too. And it turned into a decade plus of doing essentially stats work, so if you think about the people who are on the broadcast, you know, on camera, talking about a given snowboard or skateboard event, there’s always somebody just off camera, just off the shot with these little blue cards or whatever. They have the information, the research, the stats, uh, about the given athletes, and the the context of the event, all those sorts of things. And I did that for a very long time, uh, with X Games, and so…
AJV: That’s cool! …I did [inaudible], uh, and skateboarding. Yeah, and so, uh, yeah, no, it was great. I did it up until, uh, right when the pandemic started, um, and it was just, it was an amazing thing. It was a nice way to get away from the day to day of, of the journalism I do sort of in my day job, which can be very heavy, sometimes very, uhh, emotionally taxing.
AJV: To go and just focus on really cool things, uh, like snowboarding, and skateboarding. And so yeah, I mean, it’s, it’s a big part of my life outside of work, is is that whole scene, so having grown up in Colorado, that was a big, big part of my life.
CB: I love that that’s so interesting and I think something that people wouldn’t really know too much about, so thanks for sharing that.
AJV: Yeah, of course.
CB: Awesome. Well, AJ really appreciate your time, um, everything you shared about CyberScoop, what you’re covering, then, of course, your approach to RSA. So thank you so much for coming on the podcast today.
AJV: No, thank you. And thanks to everybody, uh, who thinks of us when there’s cool stories coming out or or cool research or, um, you know, things that need to get out, uh, you know, we really appreciate the relationships that we have with the community. So thank you for that.
CB: Perfect, absolutely. And thank you for everyone who tuned into this episode, this has been Christine Blake, the host of Inside the Media Minds.
Thank you for joining us on today’s episode of Inside the Media Minds. To learn more about our podcast and hear all of our episodes, please visit us at W2Comm.com/podcast and follow us on Twitter @Media Minds Show, and you can subscribe anywhere podcasts are found.