📡 Cybersecurity Innovation Pulse #32: 2023 Wrap-Up + Thank You!
A Look Back at This Year's Greatest Hits
Welcome to The Cybersecurity Pulse (TCP)! If you’re serious about staying at the forefront of the latest in the cybersecurity industry, make sure to hit the “Subscribe” button below to get my insights delivered straight to your inbox 📩
Thank You! 🙏
When I started writing this newsletter in February, I had no idea how much it would help me pull through what would become one of my toughest years. While I poured a ton of time and energy into TCP, your support and engagement poured all of it back into me 10x. I’ll be writing more about the TCP journey, including the origin story, in my anniversary post but until then, I just wanted to say thank you for coming along on the journey with me.
That said, I hope that you’ve been able to enjoy some time away from the keyboards with your loved ones and are getting ready for a legendary year ahead. As we sail into 2024, here’s a look at:
Top 3 TCP Bytes
Top 3 Most Surprising Statistics
Top 3 News Stories Covered
Top 3 AI-Generated Art Pieces
Bonus Nugget
Top 3 TCP Bytes 💾
The three posts below received the most engagement (Likes, Views, and Clicks):
Demystifying the Generative AI and LLM Buzz in Security Products: The Future or Just Grains of Salt? 🧂
27 Things I've Learned Throughout My Career in Cybersecurity and Product
Top 3 Most Surprising Statistics
I maintain a repository called the Intel Hub 🧠 of 100+ security community and vendor research reports which provide a look at the state of different security verticals and how organizations are performing in those areas. Below are the most surprising stats for 2023:
Only 1% of cloud permissions granted are used. - Microsoft, State of Cloud Permissions 2023
Only 3% of critical vulnerabilities are worth prioritizing. - Datadog, 2023 State of Application Security
75% of organizations don’t enforce trail logs for Amazon Web Services (AWS) CloudTrail. 74% don’t enforce Microsoft Azure key vault audit logging. 81% don’t enforce Google Cloud Platform (GCP) Storage bucket logging. - Palo Alto Networks, Unit 42 Cloud Threat Report, Volume 7: Navigating the Expanding Attack Surface
Top 3 News Stories covered
Hard to pick just 3 but when I think about where we began the year, these are the three developments I think will have the longest-lasting impact on our industry and security products:
The emergence of Generative AI and how it has become ingrained in the apps we build and secure, the tools we use daily, and the tools we leverage to secure our environments is insane. Attackers have also run rampant in their use of GenAI as evidenced below:
Email attacks jumped spiked over 500% in 1st half of '23 - MSSPAlert
Spike in the use of scary good deep fakes and voice cloning in attacks - Reuters
This Bain report has pretty good insight into how GenAI has become a double-edged sword. - Bain & Company
Microsoft Storm-0558 Mishaps and New CISO Hire, Igor Tsyganskiy
Post-quantum Encryption Guidance
We’re getting close.
Top 3 AI-Generated Art Pieces
One of my biggest joys in crafting each TCP issue is using MidJourney to create tech-focused art. Below are my 3 favorite pieces of the year:
Random Bonus
The TCP issue with most security product announcements covered:
RSA round-up. 35+ product announcements covered. Most of them AI-related!
Until Next Year!
And with that, the TCP year for me has come to a close. Thanks again for the support, sharing, liking, reposting, and engaging with the content I’ve put out. So many special things to come in 2024, but until then I’m wishing you and the entire TCP community a Happy New Year! 🥂
A wonderful and full-bodied wrap up for 2023.
Thank you for sharing this.