Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


08:30 AM

How to Submit a Column to Dark Reading

Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.

While reading cybersecurity news, battling attackers, and wrestling with the daily hassles of the infosec job, you might occasionally wish to cry out to your comrades in the infosec industry. Enraged or delighted, frustrated or inspired, you might be desperate to share a new idea, a lesson learned, or a call to action.

So why not write about it and send it to us? Dark Reading accepts contributed content from readers, and publishes it on Dark Reading as "Commentary." 

Where do I send my submission?

Send your submissions for review to our Commentary desk at [email protected] Note: We do not accept all submitted work.

Can I submit something I've published elsewhere?

No. All copy for Dark Reading must be exclusive. It cannot appear elsewhere beforehand.  However, after it has been posted on Dark Reading, it is fine to summarize the column (one or two paragraphs) on a personal or corporate blog and provide a link back to the full version on DarkReading.com. 

Do I get paid?

No. The journalists who cover News and write feature stories for Dark Reading are paid, but Commentary pieces are unpaid.  

How long should it be? 

For Commentary, we are looking for thoughtful opinion columns roughly between 600 and 800 words in length. If you would like to submit something longer — detailed like a how-to piece or a first-person account of an incident response — contact the Features desk at [email protected] 

What kind of voice should I write in? 

Write in your voice. Bring your own personality and a distinct point of view. (Be sure, however, that your facts are checked and your data is accurate.) 

How can I make my column most useful to readers? 

  • Provide concrete, real-world examples. Show, don't just tell. You don't always have to name names, but the more you can relate your points with examples drawn from your clients or your own professional experiences and data, the better.
  • Be practical. What actions can readers take away? What are the specific lessons to be learned?  
  • Provide specific details, don't just offer generalities. Include links and attribution for data, news, and other factual references.  
  • Write about problems, hurdles, mistakes, things that keep you up at night ... not just the grand successes. Readers not only want to learn from others' mistakes, but they'll relate more to columns that present the world as they know it: an imperfect world with lots of trial and error.
  • Be original. This may be the most important criterion. Dark Reading covers a lot of material each day. So try to bring a unique, contrarian, or even humorous perspective to what you write — and tell the reader why the topic is fresh, new, and important. We are looking for material that is thought provoking, that provides new insights and information based on the writer's subject matter knowledge, unique research or data and/or personal experience.

What if I work for a security vendor?  

Do not treat the article as an opportunity to promote products or trends that are tied to your company's business interests. Columns must be objective. If you are McDonald's, writing a blog about why hamburgers are terrific is not OK, even if you don't mention McDonald's. The same goes for endpoint security and threat intelligence companies. For that sort of opportunity, talk to our sales team. 

However, if your experts have unique perspectives, or insights about new trends in cyberattacks — like how hackers are blending attack methods to bypass MFA or the dangers of Microsoft 365's Automate and eDiscovery Tools — it may be an excellent contribution to Commentary.  

Send press releases about new products to [email protected] — we may post them in the Products & Releases section. Send press releases about breaking news or research to the News team at [email protected] 

Will you edit my submission?

Yes, we will copy edit the submission, but the submission you send us must nevertheless be readable and clean when we receive it. Run it through spell check first. Read it aloud to yourself: Does it flow? We will provide general editing and develop stronger headlines, but if it doesn't meet our basic quality standards, we will decline the submission.

If the editorial team has any significant content-related edits, questions, or suggestions, we will discuss them with the author.   

How long will it take to get a response to my idea or submission?

We receive many pitches and submissions. During heavy news cycles, it might take up to two weeks to receive a reply.

Is there any way I can get a quicker response?

Sometimes a submission is time-sensitive or newsworthy; sometimes you might wish to submit it to another publication if Dark Reading declines it; sometimes you might just want to know because you can't stand the wait. Is there anything you can do?

  • Make sure you submitted the draft to [email protected]
  • If you sent a draft to [email protected], we assume it's a submission for Dark Reading ... so don't waste precious space in your subject heading telling us so. Tell us, instead, something that makes your message stand out. Is it the timeliness of the topic? The name of the author? The uniqueness of the perspective? 
  • Put "time-sensitive" right up front in the Subject Heading of your message.
  • Send the submission as text only, without attachments. Our spam filters can be aggressive. And our editors can be defensive.  
  • Send us clean copy. Read it aloud to yourself. Send it through spell check. The easier it is for us to read, the more quickly we'll have an answer for you.
  • Follow up. Politely. During heavy cycles, we may not respond to all pitches. We don't mind a gentle check-in. 
  • Bonus: Send us the author's photo, title, bio, and email address along with the submission. We will need this information before we can publish the piece, so it will speed up the process after we do accept a piece. 

What if you reject my submission?

Don't despair. We receive many blog ideas and contributions, and we simply can't accept them all. If we reject your blog or pitch, it does not necessarily mean that we didn't find merit in it. It simply means that we deemed the other contributions we received during that time to be more useful to our readers.

If we declined your content this time, don't be discouraged. We hope you will try submitting to us again. 


Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-13
Piwigo 11.4.0 allows admin/user_list_backend.php order[0][dir] SQL Injection.
PUBLISHED: 2021-05-13
The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the ca...
PUBLISHED: 2021-05-13
Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. An unconfirmed child transaction with ...
PUBLISHED: 2021-05-13
The HTMLSanitizer class in html-sanitizer.ts in all released versions of the Aurelia framework 1.x repository is vulnerable to XSS. The sanitizer only attempts to filter SCRIPT elements, which makes it feasible for remote attackers to conduct XSS attacks via (for example) JavaScript code in an attri...
PUBLISHED: 2021-05-13
An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 and 6.0 allows remote authenticated attackers to get the upload data path via a workspace upload.