Learning Security

Applied Takeaway: Scale Expectations to Reflect the Resources Available

While one- to four-hour sessions can provide a passable introduction to the subject of information security for journalists—given the right presenter and agenda—these establish impossible expectations for participants when labeled as “trainings.” The misleading expectation that participants can acquire practical skills in so short a time leaves them with a negative impression of security and privacy tools in general, and suspicious of those offering them in subsequent “quick-learn” contexts. The result, over time, is reduced engagement with information-security issues—the exact opposite of what these efforts are meant to produce. Such events are often equally disappointing for the trainers or, who are forced into impossible situations as those requesting or brokering these sessions (sometimes their own organizations) ask them to provide the equivalent of one to two weeks of training in one to four hoursToo often, session leaders are given little or no preparation time, nor sufficient background about their audience’s context. Despite this, many of these presenters (such as Reporters San Frontieres) continue to provide these introductory trainings—often on a pro bono basis—to a number of journalism schools and other organizations because they feel no one else is offering anything comparable on journalism school campuses. In many cases, newsrooms—even those with means and some with reputations as having advanced digital security skills and capabilities—are giving similarly short shrift to training and staff support on an ongoing basis, creating parallel frustrations among even those working journalists eager to improve their information-security practices.