2022 has been quite the year in cybersecurity. For the first time in a long while, I’m seeing positive developments in the space, including improved cybersecurity education for end-users and adoption of IT Security protection by smaller organizations. As a Cybersecurity Evangelist, education is extremely important to me. So I’ve combined my 2023 cybersecurity predictions with practical resources that you can review now to improve your cyber preparedness.
As organizations strive for more nimble operations through digital transformation, many are taking a hybrid cloud approach. But ensuring proper security and adhering to compliance regulations can prove difficult - especially at scale. Compliance frameworks may shift annually, making the process of achieving and maintaining compliant procedures intensely laborious, with frequent retraining cycles involving significant time and investment.
The holiday season is the perfect time to rewatch some favorite festive movies! While some prefer their holiday movies to be as sappy as possible (Hallmark, we’re looking at you), others relish the annual opportunity to watch an 8-year-old boy exact his revenge on two bumbling bad guys in the 1990 classic Home Alone.
Software is responsible for connecting everything by running millions of lines of code- whether it is your workplace, home, or virtually anywhere. If you are a software developer or publisher, you already know how important it is to get a Code Signing certificate for all the software you develop. It helps the users authenticate the software’s publisher or source and get an assurance that the signed software has not been subjected to alteration since its signing.
It stands to reason that if you’ve implemented a Static Application Security Testing (SAST) tool, you’ll want to reap the full value of the investment. But to accurately assess ROI, you need metrics that can evaluate factors such as overall results, KPI compliance, and timeframe. Only then can you estimate whether you’re making a real improvement to the security of your code base, and from that, assess the monetary value of these results.
In predicting what will transpire in cybersecurity in 2023, the best method is to look at past experience. As with any security and criminal activity, threat actors tend to build upon what they have done in the past, adding new twists to keep their tactics fresh and effective. So, taking this into consideration, it is no surprise that Trustwave's security experts see much of the same type of attacks that plagued 2022 continuing.
ChatGPT has been available to the public since November 30, 2022. Since then, it has made headlines – from being temporarily banned from Stack Overflow because, “while the answers ChatGPT produces have a high rate of being incorrect, they typically look like they might be good, and the answers are very easy to produce,” .
On December 8th, Clinton Herget and Simon Maple, Field CTOs at Snyk, had the opportunity to chat with Corey Quinn, Chief Cloud Economist at The Duckbill Group, podcast host, curator of “Last Week in AWS”, and snarky Twitter personality. Their conversation took a lot of fun turns, from ranting about the hour-long line to get coffee at AWS re:Invent, to Corey proclaiming that “SBOMs are a fantasy” (there’s more context to that… keep reading).
