USC journalism students embrace YubiKeys as part of new security training

With Data Privacy Day just around the corner, nothing is a more fitting topic than securing a free and open internet — an internet where thoughts and ideas can all be openly expressed with the assurance that the identities of those sharing are protected and preserved. A particular population that falls into this category, and that closely aligns with our mission here at Yubico, is journalists.

Journalists are at high risk of targeted cyber attacks, and security and privacy are critical to the safety and livelihood of many of these individuals. Today, we’re excited to announce that Yubico and Freedom of the Press are joining forces once again to deliver digital security training and resources to University of Southern California (USC) Annenberg School for Communication and Journalism students — the first education initiative of its kind.

The training curriculum, jointly developed by USC Annenberg and Freedom of the Press, will teach students how to identify the common cyber threats in a newsroom and what security practices to employ. Meanwhile, tools like the YubiKey will equip students to defend against rising phishing attacks and credential theft by protecting their email, social media, password manager, and file sharing accounts. As part of the ongoing program, roughly 250 students will receive the same training as part of their mandatory curriculum by the end of the Spring semester.

We recently sat down with Marc Ambinder, adjunct professor of journalism at USC who is leading the school’s efforts, to get his perspective on the growing importance of security for journalism students like his own.

Security is a rising concern across all industries. Why do you think this is the first initiative of its kind for journalism students, and what precedent do you hope to set?  The pace of journalism is fast, and the toolkit that journalists must obtain, then apply, and then perfect, in order to be effective is evolving. But the threat landscape has evolved more quickly, thanks in large measure to the platforming of news and our immersion in the digital world. This hits employers too; most journalists don’t receive anything more than a basic standard module even after they graduate journalism school. We aim to give our students not just the tools but an approach that they can use throughout their careers to better secure themselves, their colleagues and their sources.

In your opinion, what are some of the top security concerns that this next generation of journalists needs to be aware of as they enter newsrooms across the country?  Thanks to the ubiquity of metadata —  and the relatively easy (and low-cost) ways that malicious actors can track it — and poor digital hygiene practices, a lot of our students’ future colleagues might work in ways that make them less safe. The goal here is to give our students a way to help themselves and help others.  My other major concern is that the barrier to entry for harassing, doxxing, and sabotaging journalism is much lower than it used to be, and anyone — a state actor or a troll — can truly wreak havoc by stealing passwords, outing sources, or exposing personal information.

You’ll be providing the students with various tools during their training, one of which is the YubiKey. Why did you select the YubiKey as a two-factor authentication method, and what unique benefits do you think it offers journalists? While I can’t endorse specific products, I happen to be a personal YubiKey user myself, so I chose the product because your company was top of mind. Yubico immediately understood the value of what we were trying to do. Using a key for two-factor authentication can be an immediate game-changer in terms of reducing the spear-phishing / phishing threats, which are still a major attack vector. Using the keys makes it much harder for anyone to break into social media and work-product apps that we all use.

In your eyes, what would qualify as a successful training? In other words, what do you hope the students will take away from this? I want our students to use the tools that we are giving them, including YubiKeys. I want them to feel the keys in their hands, and then find ways of incorporating them in their daily digital lives. I want them to understand why having a separate key is safer than using SMS authentication methods or another device.

For more information on how the YubiKey can help protect high-risk individuals, visit our free speech page.

Talk to our teamTalk to our team

Share this article:


  • We’re excited for what’s to come – meet us in-person to find out whyIt’s been a busy year for our team, filled with exciting company and product updates aimed at better serving our customers and helping them achieve cyber resilience as AI-driven phishing threats continue evolving globally. Between industry award recognitions and key new executive leadership hires to lead Yubico to its next stage of growth and a […]Read more
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey
  • Yubico LogoYubico liefert PIN-Verbesserungen mit dem neuen YubiKey 5 – Verbesserte PIN-SchlüsselTo prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the […]Read moreYubiKey