Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

2/15/2021
08:30 AM
50%
50%

How to Submit a Column to Dark Reading

Have a new idea, a lesson learned, or a call to action for your fellow cybersecurity professionals? Here's how to submit your Commentary pieces to Dark Reading.

While reading cybersecurity news, battling attackers, and wrestling with the daily hassles of the infosec job, you might occasionally wish to cry out to your comrades in the infosec industry. Enraged or delighted, frustrated or inspired, you might be desperate to share a new idea, a lesson learned, or a call to action.

So why not write about it and send it to us? Dark Reading accepts contributed content from readers, and publishes it on Dark Reading as "Commentary." 

Where do I send my submission?

Send your submissions for review to our Commentary desk at [email protected] Note: We do not accept all submitted work.

Can I submit something I've published elsewhere?

No. All copy for Dark Reading must be exclusive. It cannot appear elsewhere beforehand.  However, after it has been posted on Dark Reading, it is fine to summarize the column (one or two paragraphs) on a personal or corporate blog and provide a link back to the full version on DarkReading.com. 

Do I get paid?

No. The journalists who cover News and write feature stories for Dark Reading are paid, but Commentary pieces are unpaid.  

How long should it be? 

For Commentary, we are looking for thoughtful opinion columns roughly between 600 and 800 words in length. If you would like to submit something longer — detailed like a how-to piece or a first-person account of an incident response — contact the Features desk at [email protected] 

What kind of voice should I write in? 

Write in your voice. Bring your own personality and a distinct point of view. (Be sure, however, that your facts are checked and your data is accurate.) 

How can I make my column most useful to readers? 

  • Provide concrete, real-world examples. Show, don't just tell. You don't always have to name names, but the more you can relate your points with examples drawn from your clients or your own professional experiences and data, the better.
  • Be practical. What actions can readers take away? What are the specific lessons to be learned?  
  • Provide specific details, don't just offer generalities. Include links and attribution for data, news, and other factual references.  
  • Write about problems, hurdles, mistakes, things that keep you up at night ... not just the grand successes. Readers not only want to learn from others' mistakes, but they'll relate more to columns that present the world as they know it: an imperfect world with lots of trial and error.
  • Be original. This may be the most important criterion. Dark Reading covers a lot of material each day. So try to bring a unique, contrarian, or even humorous perspective to what you write — and tell the reader why the topic is fresh, new, and important. We are looking for material that is thought provoking, that provides new insights and information based on the writer's subject matter knowledge, unique research or data and/or personal experience.

What if I work for a security vendor?  

Do not treat the article as an opportunity to promote products or trends that are tied to your company's business interests. Columns must be objective. If you are McDonald's, writing a blog about why hamburgers are terrific is not OK, even if you don't mention McDonald's. The same goes for endpoint security and threat intelligence companies. For that sort of opportunity, talk to our sales team. 

However, if your experts have unique perspectives, or insights about new trends in cyberattacks — like how hackers are blending attack methods to bypass MFA or the dangers of Microsoft 365's Automate and eDiscovery Tools — it may be an excellent contribution to Commentary.  

Send press releases about new products to [email protected] — we may post them in the Products & Releases section. Send press releases about breaking news or research to the News team at [email protected] 

Will you edit my submission?

Yes, we will copy edit the submission, but the submission you send us must nevertheless be readable and clean when we receive it. Run it through spell check first. Read it aloud to yourself: Does it flow? We will provide general editing and develop stronger headlines, but if it doesn't meet our basic quality standards, we will decline the submission.

If the editorial team has any significant content-related edits, questions, or suggestions, we will discuss them with the author.   

How long will it take to get a response to my idea or submission?

We receive many pitches and submissions. During heavy news cycles, it might take up to two weeks to receive a reply.

Is there any way I can get a quicker response?

Sometimes a submission is time-sensitive or newsworthy; sometimes you might wish to submit it to another publication if Dark Reading declines it; sometimes you might just want to know because you can't stand the wait. Is there anything you can do?

  • Make sure you submitted the draft to [email protected]
  • If you sent a draft to [email protected], we assume it's a submission for Dark Reading ... so don't waste precious space in your subject heading telling us so. Tell us, instead, something that makes your message stand out. Is it the timeliness of the topic? The name of the author? The uniqueness of the perspective? 
  • Put "time-sensitive" right up front in the Subject Heading of your message.
  • Send the submission as text only, without attachments. Our spam filters can be aggressive. And our editors can be defensive.  
  • Send us clean copy. Read it aloud to yourself. Send it through spell check. The easier it is for us to read, the more quickly we'll have an answer for you.
  • Follow up. Politely. During heavy cycles, we may not respond to all pitches. We don't mind a gentle check-in. 
  • Bonus: Send us the author's photo, title, bio, and email address along with the submission. We will need this information before we can publish the piece, so it will speed up the process after we do accept a piece. 

What if you reject my submission?

Don't despair. We receive many blog ideas and contributions, and we simply can't accept them all. If we reject your blog or pitch, it does not necessarily mean that we didn't find merit in it. It simply means that we deemed the other contributions we received during that time to be more useful to our readers.

If we declined your content this time, don't be discouraged. We hope you will try submitting to us again. 

 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This gives a new meaning to blind leading the blind.
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-28815
PUBLISHED: 2021-06-16
Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism. This issue affects: QNAP Systems Inc. myQNAPcloud Link vers...
CVE-2021-3535
PUBLISHED: 2021-06-16
Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting vulnerability affecting the Security Console's Filtered Asset Search feature. A specific search criterion and operator combination in Filtered Asset Search could have allowed a user to pass code through the provided search field. ...
CVE-2021-32685
PUBLISHED: 2021-06-16
tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org. In versions prior to 7.0.3, the `verifyWithMessage` method of `tEnvoyNaClSigningKey` always returns `true` for any signature that has a SHA-5...
CVE-2021-32623
PUBLISHED: 2021-06-16
Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using...
CVE-2021-32676
PUBLISHED: 2021-06-16
Nextcloud Talk is a fully on-premises audio/video and chat communication service. Password protected shared chats in Talk before version 9.0.10, 10.0.8 and 11.2.2 did not rotate the session cookie after a successful authentication event. It is recommended that the Nextcloud Talk App is upgraded to 9...