By George Stathakopoulos
It seems like just yesterday when I was at Black Hat. Now as I get ready to fly to Las Vegas again, I look forward to seeing a lot of security researchers, hearing their latest exploits and how they fared over the last 352 days. At the same time, it is a great opportunity to look back at the past year in security and ask myself, “was it a good year or a bad year?”
What comes immediately to mind when I think of the past year? The rise of rogue security software, Conficker, two out-of-band security updates (thanks to the MSRC for the great work!) and of course the fact that cyber security has garnered national attention fueling the search for a cyber czar. Security researchers and analysts have said that security investments like the security development lifecycle (SDL) are making products harder to crack. More people are interested in secure development, as seen by the uptick in downloads of Microsoft !exploitable and Threat Modeling tools. More companies – Adobe comes to mind – are clearly demonstrating their commitment to protecting customers through security fundamentals. And really, the collaborative spirit was obvious across the industry over the past year.