Runa Sandvik served as The New York Times newsroom’s director of information security until about a year ago, when she returned to her own consultancy. Here, she attends the Nordiske Mediedager, a Nordic media festival. (Nordiske Mediedager/CC BY-SA 2.0)

If you are going to specialize in protecting journalism, why not start at the top? 

That’s essentially what Runa Sandvik did in March 2016 when she joined The New York Times as the newsroom’s director of information security after being a self-employed security consultant. 

Click here for complete coverage of SC Media’s 2020 Women in IT Security

“I believe media organizations are more aware of risks today than, say, 10 years ago,” says Sandvik, a 2020 SC Media Woman to Watch, the second time she’s received that distinction. The first time was in 2014.   

Sandvik, who left the Times about a year ago to return to her consultancy, attributes the heightened awareness “to the experts who track threats and the journalists who write about them.”  

Three years before the native Norwegian arrived, the newspaper suffered a major cyberattack by Chinese hackers, who managed to change the passwords of Times reporters. For four months, forensics showed that nation-state operatives snooped around the Times network, planting malware into the computers of 53 employees. The timing wasn’t coincidental since the news outlet had just run an expose detailing China’s prime minister, and operatives were trying to suss out the identity of the reporter’s sources. 

Under Sandvik’s watch, during which she was eventually promoted to senior director of information security, she secured a confidential tips line, which is how the newspaper scooped other news organizations about the FBI raiding the office of former Trump attorney Michael Cohen. 

Among her initiatives at the newspaper was spearheading two-factor authentication and securing subscriber information at a time the Times continues to set digital subscription records.  

These days, media organizations appear to be more open to using encrypted communications for their work. 

“Are they receptive? Yes. Though a media organization has to balance budget, resources, and time… just like any other organization,” she says, citing the popularity that Tor and Signal has domestically and overseas. “You’d have to ask Tor and Signal for specific numbers, though, I’m just going by what I see on various social platforms.” 

Prior to the Times, she was a developer for The Tor Project and also served as a technical advisor to the Freedom of the Press Foundation and a member of the review board for Black Hat Europe.  

“I’ve done a handful of workshops for Norwegian media organizations over the years,” says the New York-based Sandvik, who currently serves on the board of the Norwegian Online News Association. “They’re definitely paying attention to this field and asking the right questions.” 

She also is a board member of The Signals Foundation, which supports whistleblowers globally. Speaking of which, Sandvik once hosted a CryptoParty in Hawaii with Edward Snowden. “I’d love to do it again one day,” she quips. 

When not blogging on her own website runasandvik.com, she also contributes to Forbes about cybersecurity. 

But perhaps Sandvik is best known for presenting in 2015 her research at DefCon, proving that a sniper’s rifle could be disabled or the target switched.