Getting to know Danny
Where are you from and where are you based?
I was born and raised in Cardiff, but my family moved to England when I was a child. These days, I’m based in South East London with my wife and our cat.
What are some of your favourite and less favourite things about living in London?
I’m not very far from Crystal Palace Park. I hadn’t been there until I was looking to first move to the area over five years ago, but it’s great – and very eclectic. I’m a big fan of the Crystal Palace Dinosaurs. They were first built in the Victorian era when scientific understanding of dinosaurs was not quite what it is today.
What are your favourite coffee and food spots?
There are a number of independent breweries and beer cafes nearby – I’m spoiled for choice with them. Before moving to where I am now, I was literally around the corner from Southey Brewery, which is a really nice little community hub.
What’s the path that brought you to the world of journalism?
When I was at the University of Exeter doing my BA in Politics, I got involved with the student radio station, Xpression FM. I ended up reading news bulletins on presenter shows, hosted a news show and even hosted a regular radio show with a friend.
I was coming to the end of my third year and decided that journalism would be a good fit for me, so went onto do an MA in Multimedia Journalism at University College Falmouth (Now Falmouth University) – I graduated in 2008, which it turned out was not a great time to be coming out of university to find a job!
How did you actually end up in the world of cybersecurity? What other roles did you have before?
I don’t have any formal training in cybersecurity at all! When I left university, I had my eyes set on being a sports journalist. For one reason or another, that didn’t happen and I started doing a lot of writing and blogging about the video games industry, which eventually led me to IT journalism then specialising in cybersecurity.
Tell us about your previous roles and what you do today.
After my first job as a blogger/content editor for a company in the video games industry, I joined Computing Magazine as a Staff Writer in 2012. There I was something of a jack-of-all-trades around subject matters, writing about B2B IT in general. But it was here where I first started writing about cybersecurity and cyberattacks, including covering now infamous hacking incidents like the Lulzsec campaigns.
In 2016, I moved to ZDNet in the role of Senior Reporter. One of my first stories for ZDNet was about a ransomware attack against a victim in the UK (the ransom demand was under £500). I kept writing stories on cybersecurity because I found it interesting and readers wanted to read them. This resulted in me almost exclusively covering the area – including with a podcast series – until I left ZDNet in 2023 when, unfortunately, the then owners cut the entire UK team.
Fortunately for me, I quickly lined up a role as Head of Editorial at a well-known cybersecurity company, which I was in for almost two years. Since early 2025, I’ve been working as a freelance journalist and writer.
How does the cybersecurity media ecosystem look like? What types of publications are out there? Are newsletters and podcasts as significant as in other verticals, like fintech?
The cybersecurity media ecosystem has certainly changed in recent years. As mentioned above, the publication I used to work for doesn’t really cover cybersecurity like it used to, while various other outlets have also cut their cybersecurity and technology staff.
There are, however, several good B2B IT and cybersecurity publications which are doing very good work, while several companies have moved into the owned content space, with in-depth features and analysis.
For me, newsletters and podcasts are certainly very important. I think the way things are always moving in cybersecurity and now there’s always new stories – and incidents – means these are very useful for keeping up with the latest developments. While fintech has a lot going on, I don’t think it moves as quickly as cybersecurity!
In 2025, and looking at 2026, what are the hot topics in cybersecurity?
I touched upon how one of the first stories I wrote for ZDNet was about a ransomware attack. Almost a decade on from then, I think it’s very much the most important issue in cybersecurity. We’ve all seen how recent major incidents at the likes of Jaguar Land Rover, Marks & Spencers and the Co-op have had a direct impact on the lives of everyday people.
Think about how cars weren’t being produced at Jaguar meant that smaller businesses further down the supply chain were suffering, or how M&S and Co-op had to deal with empty shelves after their ransomware incidents.
Attacks continue to become more complex and the ransoms are getting higher. I also find it interesting how in many of these high-profile incidents, arrests have been made in the UK, suggesting ‘home-grown’ perpetrators, rather than the traditional image of ransomware groups working out of Russia or Eastern Europe.
I’ve also been doing a lot of work around AI in cybersecurity, both from a defensive perspective – security teams using AI to help detect attacks – and an offensive one, with how cyber criminals are leveraging AI to write emails or create deepfakes to help carry out attacks. Obviously, cyber criminals don’t care about rules and regulations, so they’ve raced to exploit AI to aid campaigns – and unfortunately, it’s working.
Danny’s day to day and advice
What things about cybersecurity startups make them newsworthy for coverage, in your opinion?
There has to be something new and interesting. A new solution or maybe a solution to a new problem. Unfortunately, telling me how your super AI is going to solve cybersecurity isn’t going to work in 2025 – almost every cybersecurity vendor is shouting about their AI products these days!
When you get pitched by a new startup that may not be ‘known’ yet, which elements of trust (like a polished founder LinkedIn, how their website looks, previous coverage) do you look out for?
It’s a big of a chicken and egg situation, but previous coverage by trusted news outlets helps. However, what really works for me is interesting, but credible research and reports. I’m probably going to ignore something which claims that 90% of companies have been hit with ransomware in the past year – I think we’d have noticed, as society would have ground to a halt!
But reports and stories about real-world incidents will really hook me in. Of course, it’s difficult to get victims of cyberattacks to talk about what happened – but if communicated correctly, I believe it can benefit the company. It’s certainly better than losing trust by just trying to ignore an incident ever happened.
What does your day-to-day look like?
As a freelancer, I don’t really have one standard day-to-day, but I still try to form patterns around how I work. First thing I’ll check out cybersecurity news that’s happened overnight – especially if I’m working a news shift that day – as well as checking my inbox. From then, it’s usually onto writing – be it writing a feature for publication, or writing content for a company -for much of the day. I try to break it up with a walk around at lunchtime, if I can.
I also try to dedicate a section of the day to the exciting world of administration and planning – it’s important to keep track of what I’m doing as a freelancer, as well as know what ideas I’ve pitched out, who to and whether they’ve been accepted.
How busy is your inbox and how do you manage it?
It’s not as busy as it was when I was on staff as a reporter! But generally I’ll keep an eye on newsletters to keep a grip on what’s going on, as well as keeping an eye from email requests, be they PR pitches, or responses to requests, be they made by me or someone asking me to write for them.
Is the press release dead? Would you prefer to receive information in a different way?
I don’t think it’s dead. Receiving a press release can still be useful – but it needs to be correctly targeted to my subject areas. I still receive a lot of press releases which are absolutely nothing to do with technology or cybersecurity to the extent I don’t really know why I’m on the mailing lists!
For relevant press releases – like those accompanying research papers and reports – one piece of advice I always stress is to ensure that it’s sent enough time in advance of the embargo being lifted. That provides plenty of time to take in the information, ask further questions and, if needed, write up the article.
In your experience, the best PR pros work in which ways?
It sounds simple, but having a little awareness of how I work and what my beat is can go a long way. Establishing that relationship over a long-time is also a big help – I know what you can offer, while you also know what I want.
How do you see AI changing media in the next few years and what do you think media will look like in the medium/longer term future?
For better or for worse, it’s already changing the industry. You see whole publications are farming out listicles to AI – often with poor results – while also making large amounts of lay-offs at the same time. I find this troubling in two ways: first, it tells me that some managers don’t value writing as a skill – although there already seems to have been some backlash to companies pushing out ‘AI slop’ as a thing – while secondly, it’s taking jobs away from junior reporters and writers. Experienced writers can find work right now, but if there aren’t any juniors to come in at the ground level, where are the next experienced writers going to come from?
Getting personal(ish)
What stories do you enjoy writing about the most?
In what can be a very technical world, I like writing about the human side of cybersecurity. This could be an interview with a CISO or an analysis of how cyber events impact the ‘real-world’ – I think it’s important to showcase that, especially to audiences who aren’t necessarily cybersecurity or technology experts.
What excites you the most in the world of cybersecurity?
There’s always something interesting to talk about. It’s one of the reasons I started writing in the space. Things were always happening – and usually there was an interesting story behind them.
Favourite holiday type?
I’m happy with a nice city break – preferably with access to historical sites!
Favourite cuisine?
I’m extremely partial to Chinese food. When I’m not feeling great, it’s my go to comfort food, which I suppose means it makes me feel good!
Where might one find you on a weekend?
It varies, but it’s usually a mix of being at home playing video games, meeting with friends at the pub or brewery tap or going to a sports fixture: I’m a regular visitor to London Welsh RFC and Dulwich Hamlet FC on match days.
What does the future hold for Danny?
One of the most interesting things about freelancing is that even I don’t really know. Things can change very quickly! New projects can suddenly arrive. We’ll see, I suppose.
Finally, how can we best follow your work?
My website is www.dannypalmer.co.uk but the place I’m most active these days is likely LinkedIn or Bluesky.
Enjoyed the interview with Danny? Check out the rest of our blog and our Journalist’s Insights series:
Startups, news and beyond with Stefano De Marzo of EU Startups
Mad about startups with David Johnson of Maddyness UK
Ioanna Lykiardopoulou from The Next Web
Startups, the Media and CEE with Zosia Wanat from Sifted
Busting Journalism Myths with Lindsay Dodgson from Business Insider
Diving into fintech journalism with Doug Mackenzie from Fintech Finance
Securing media placements during COVID-19 with Yessi Bello-Perez from The Next Web
From PR to Media With Remco Janssen of Silicon Canals
The importance of regional media for startups, with Anda Asere from Labs of Latvia
