Infosec pros share their most memorable cyber moments of 2018. Read the full answers at tripwire.com/blog.

1. INFOSEC PROS SHARE THEIR MOST MEMORABLE MOMENTS
2 18
A Look Back At

2. “IN JANUARY, IT WAS REVEALED THAT RESEARCHERS
COULD TRACE THE GEOGRAPHIC LOCATIONS OF U.S.
MILITARY PERSONNEL VIA DATA FROM THEIR WEARABLE
FITNESS DEVICES. IN JULY, RESEARCHERS TRACED THE
REAL-TIME LOCATIONS OF INTELLIGENCE PERSONNEL
AROUND THE GLOBE … AND ALSO EXPOSED [THEIR] NAMES.
…PERHAPS, MORE THAN EVER, THESE EVENTS MADE IT
CLEAR THAT IOT PRIVACY BREACHES CAN HAVE A
DIRECT IMPACT ON NATIONAL SECURITY.”
-Justin Sherman
Cybersecurity Fellow

3. “ENORMOUS PROGRESS WAS
MADE TOWARDS GETTING
MULTI-FACTOR AUTHENTICATION
THE RECOGNITION IT DESERVES.
THEN, IT WAS DASHED TO
PIECES BY THE RECENT AZURE
2FA FAILURES… I WILL
PROBABLY SPEND 2019 TRYING
TO RECONCILE THIS. I HOPE
THAT THE 2FA ENGINEERS CAN
MAKE THIS FAILURE A DISTANT
MEMORY.” -Bob Covello
IT SECURITY DIRECTOR

4. “FROM POORLY CONFIGURED APPS, TO
AWARD PORTALS AND BREACHES OF
INFRASTRUCTURE, THE [airline] INDUSTRY
HAS BEEN GIVEN A WAKE-UP CALL.
DATA SECURITY IS A RESPONSIBILITY–
AS IMPORTANT AS MAINTAINING AN
AIRCRAFT IS MAINTAINING THE PRIVACY
OF THE PASSENGER.”
-Christopher Burgess
Cybersecurity ADVISOR

5. “UNLESS YOU ARE OF A PARTICULARLY GEEKY
PERSUASION, MOST FIRMWARE UPDATES LIKELY
PASS YOU BY. SPECTRE SHOWED THE WORLD THAT
HARDWARE-RELATED EXPLOITS WERE REAL, AND IT
HAD THE POTENTIAL TO AFFECT US ALL. IT ALSO
HIGHLIGHTED THE CHALLENGE OF PATCHING
HARDWARE AND ITS IMPACT.”
-Chris Hudson
PROFESSIONAL SERVICES
CONSULANT

6. “THE SINGLE, MOST MEMORABLE EVENT WAS THE
MASSIVE FERVOR OVER MELTDOWN AND SPECTRE…
TO ME, IT HIGHLIGHTS A CONSISTENT LACK OF
ALIGNMENT IN OUR INDUSTRY BETWEEN ACTUAL
THREATS AND WHAT WE PERCEIVE TO BE THREATS…
OUR INDUSTRY’S FOCUS IS OFTEN MORE CAPTURED
BY THE OUTPUT OF VENDORS, EVENTS AND
RESEARCHERS THAN BY THE ACTIONS OF CRIMINALS
AND VICTIM EXPERIENCES.”
-aDRIAN SANABRIA
VP, STRATEGY & PRODUCT MARKETING

7. “WE HAVE SEEN A REAL SHIFT TOWARDS OUTRAGE AND
TAKING ACTION TO TACKLE UNETHICAL USE OF DATA AND
TECHNOLOGY AMONG TECH LEADERS, THE DEVELOPER
COMMUNITY AND A MYRIAD OF ASSOCIATED GROUPS,
INCLUDING CONSUMERS. THAT CUMULATIVE WAVE
[AGAINST] INFRINGEMENT OF HUMAN RIGHTS
HAS DONE MORE TO DRIVE ATTENTION
TO SECURITY AND DATA PROTECTION
THAN ANYTHING BEFORE.”
-Sarah Clarke
Security grc specialist

8. “SAMSAM RANSOMWARE FIRST EMERGED IN 2016 BUT
IN 2018, IT’S BEEN MORE DESTRUCTIVE THAN EVER. THE
CITY OF ATLANTA AND MANY HOSPITALS AROUND THE
WORLD HAVE BEEN AMONGST ITS VICTIMS. NO
DECRYPTION TOOL HAS BEEN DEVELOPED FOR SAMSAM-
ENCRYPTED FILES AS OF YET… TO TOP THINGS OFF,
SAMSAM HAS BEEN FOUND FOR SALE ON THE DARK WEB
FOR ABOUT $750.”
-kim crawley
Cybersecurity writer

9. “FOR SO LONG, THE CONVENIENCE OF
SMARTPHONES, SOCIAL MEDIA, DIGITAL
ACCESS, ETC. HAS ECLIPSED CONCERNS
ABOUT PERSONAL PRIVACY AND
CORPORATE MARKETING.
COMBINE THE RECENT CONTROVERSIES
AROUND FAKE NEWS, POLITICAL
ADVERTISING AND CAMPAIGNING WITH
THE SEPT. FACEBOOK BREACH, AND WE
MAY HAVE REACH AN INFLECTION POINT.”
-MARIBETH PUSIESKI
ACCOUNT EXECUTIVE

10. “BEING CANADIAN IN A WORLD WHERE SECURITY
NEWS TENDS TO BE US-CENTRIC, I WAS EXCITED TO
SEE OUR MANDATORY DATA BREACH NOTIFICATION
LAW TAKE EFFECT. IT ISN’T PERFECT AS IT ONLY
MAKES NOTIFICATION NECESSARY WHEN THERE’S A
REAL RISK OF SIGNIFICANT HARM… THERE’S STILL
A LOT THAT CANADA HAS TO DO REGARDING
CYBERSECURITY BUT, FOR NOW, IT’S A START.”
-TYLER REGULY
MANAGER, SOFTWARE DEVELOPMENT

11. FOR MORE INFOSEC INSIGHTS,
VISIT TRIPWIRE.COM/BLOG
WHAT’S YOUR MOST
MEMORABLE 2018 MOMENT?
TWEET US @TRIPWIREINC