(Editor’s note: This interview is part of a series of Q&A profiles on Penn State College of Information Sciences and Technology alumni who are using their degrees to make an impact in a wide range of industries and companies around the world. A compilation of their stories was published in the summer 2022 issue of iConnect magazine.)
Nick Leghorn is using his Penn State degree in information sciences and technology to help The New York Times provide high-quality journalism while ensuring the digital experience can be tailored to the reader’s needs. As the news outlet’s director of application security, Leghorn is helping the company make a transformation from a company that focuses on print publications to one that offers online experiences.
“That shift in focus not only enables more people worldwide to read the articles the company produces on a daily basis, but it is opening up fascinating new ways to keep readers informed and engaged — from projects like the interactive COVID-19 tracker to real-time election results,” said Leghorn.
What are your primary responsibilities in your role?
My team’s goal is to help the company build secure systems and applications. We work closely with the engineering teams to make sure they have the right training to build secure applications, provide input and feedback on their projects as they progress, and help them identify and resolve any vulnerabilities that might exist.
How does the College of IST prepare its graduates for professional success in a broad range of industries?
What I value most about my education from IST is that it set me up with the tools I would need down the road. That starts with a good solid foundational knowledge of the technology that supports modern businesses, helping me understand how all of the pieces fit into the puzzle and giving me the tools to learn more about each component.
It also taught me how to translate those technical aspects and discuss them with non-technical folks, which is a critical skill that I use pretty much every day in my current role. Saying something is a critical vulnerability might be well understood by engineers, but presenting that information in a way that non-technical managers can understand is hugely beneficial when trying to help them prioritize that work for their teams and actually get things fixed. It’s a challenge that isn’t unique to this specific industry — in fact, it’s a challenge I’ve faced at every company to date — and having those skills and experience has been invaluable.
What are the current information technology trends, needs and concerns in your industry? How are you working to advance or address them?
The big trend in this industry is the same one that I’ve been seeing throughout my career, and that’s the move from monolithic applications with fixed release schedules to a more agile microservices approach that breaks down large and complex systems into smaller more manageable chunks. Surprisingly for a company that is more than 170 years old, The Times embraces that ability to rapidly prototype and deploy new functionality.
This ability to rapidly build new functionality has been a critical component of The Times’ journalism over the last few years. It gave them the ability to quickly publish new features like the interactive COVID-19 tracker, diagrams of how the Miami condo collapse happened in June 2021, and the one thing I probably use most frequently on the site — the Wordle Bot coaching tool.
All of these features require a stable platform to operate, common connections to frequently used functions and the ability to quickly publish and iterate on new ideas. News happens fast, and getting it out to the public in a timely manner is critical. Empowering teams to act quickly and publish that amazing content while ensuring that their applications are robust and secure enough to maintain the integrity of The Times and its systems is the biggest challenge that my team faces, and means that we have to adapt to a new way of thinking within the information security space. We can’t be the “checkpoint guards” of security teams past, investigating every new change and blocking releases; our job is to give individual engineers the tools and the training to deploy their applications securely and quickly, and to help them fix things when issues arise after deployment.
How did you end up at The Times?
When I started my career I never would have believed that I would end up in this space. I’ve worked in several different industries, from government contracting to telecommunications, typically for companies that are heavily involved in emerging technologies and pushing the envelope of what modern systems and engineering can accomplish. Traditional news media always seemed like an antiquated industry with massive legacy systems, not really a space where I could grow and learn.
I had started looking for the next step in my career during the COVID-19 lockdowns, and this role at The New York Times was one that my wife actually encouraged me to consider. My mother had been a journalist earlier in her career and instilled in me a reverence and appreciation for journalistic institutions from an early age, and the more I learned about how The Times was approaching presenting their journalism in the digital age the more this seemed like a perfect fit.
What motivates you in your work?
Early in my career, I worked for Rackspace Hosting, where one phrase was printed on the walls time and again: “What we all want from work is to be valued members of a winning team on an inspiring mission.” It’s a sentiment that I think perfectly enshrines what someone needs to feel motivated and rewarded in their career and describes exactly how I feel about working for The New York Times.
The role of institutions like The New York Times is more important now than ever before, providing high-quality and well-researched journalism to inform the world about current events. Maintaining the integrity of The Times is critical to ensuring that it continues to be a trusted source of information, one which can be relied on for real-time information and updates. The work that my team does on a daily basis helps maintain that credibility, ensuring that the content that appears on the site can be trusted to have come from the journalists at The Times without any alteration or malicious influence, and keeping those journalists safe.
Playing such a critical role in an inspiring company like The Times is what keeps me motivated, and being a part of the “daily miracle” of publishing the paper each and every day of the week is an incredible reward.
What information technology changes, advances or needs do you envision in your industry in the next near future, and how are you and the industry poised to address them?
These trends — decentralized systems, rapid development, constant experimentation — aren’t going anywhere. They are going to be core concepts used to empower companies like The Times to continue to grow and evolve throughout the years to come.
What that means for IT and security professionals is that we need to continue to grow and evolve to better support engineering teams as they learn and innovate. That requires a new breed of professional, one armed with the skills that institutions like IST provide. People that are equally as comfortable in the command line of networking equipment as they are talking to management, able to help companies understand complex issues and continue to push for improvements to their technology.