Cyber Thanksgiving 2024
Five cybersecurity things I'm thankful for this season.
Here it is, Black Friday 2024. Instead of rushing out to get a great deal on, I donno, Cabbage Patch Kids or something, I'm posting a list of things I'm thankful for in cybersecurity this year.
Password Managers For Everyone
Older members of our society are often the least comfortable with technology, and they are popular targets for scammers. Younger people need to be taught good online security early. Having a password manager that works with their wide variety of devices, and with a friendly and usable interface is important to supporting both of these groups, and the rest of us in the middle as well. I think we've got some good choices out there now, a great cybersecurity step.
Multi-factor Authentication Hits the Mainstream
It is out there, it is in use, and there's no excuse for corporations, service providers, banks, or others for not implementing and utilizing it. Even social media logins are offering MFA, and more and more systems are making it required instead of optional. And we don't have to carry around tokens that are overly sensitive to static electricity (like some of us did ~20 years ago)
Signal
I'm extremely happy that there is an app out there that offers end-to-end encrypted communications for text, voice, and video. It also offers the flexibility to identify yourself by either phone number or username, providing anonymity options for those concerned. Even better, Signal is owned and managed by a not-for-profit who has little access to metadata about communications with their solution, let alone access to the content of them. The combination of privacy and security is a welcome contrast to most commercially available communications systems.
Infosec.Exchange
Infosec.exchange is my favorite cybersecurity related Mastodon instance. There's a fantastic community there of cybersecurity professionals, and the moderator ensures instance runs smoothly, and issues are readily resolved. It is a fantastic place for keeping up on current cybersecurity events, and interacting with top resources in our field.
CISA, NIST, the FTC, and the SEC
In 2024 each has done their part to improve our cybersecurity situation. I hope they can continue the good work in the years to come.
This is just a list of five things I'm thankful for in cybersecurity in 2024. Sure there are more. There are also a lot of things I'd like to be able to add to the list in 2025. I hope we're able to do just that. Happy holidays everyone.