It’s hard to believe another year has flown by! As the season of reflection and thanks is upon us, we here at Security Intelligence decided to ask a few of our contributors what they are most thankful for — and not just in the realm of cybersecurity.

We’re Thankful for Tech and Security Progress

Jason Hardy: When I look back at 2015, I am thankful for all the conveniences that have been bestowed on us by the mobile and smart device revolution. I recall back in the late 1990s just wishing that someone could integrate my cellphone with my Palm Pilot so that I wouldn’t have to carry two devices. At that time, I couldn’t even imagine a world in which all aspects of my life would be so tightly integrated into a single hand-held device containing more power than my 1990s desktop computer — let alone that I would literally carry that device with me everywhere I go.

I am also thankful for the opportunity that this incredibly disruptive technology has created for me to work in what I think is one of the best jobs and fields in the market: mobile security. Being on the forefront of mobile security and seeing the threats, risks and fears that exist for consumers and enterprises makes it exciting and rewarding to go to work every day.

Kevin Olivieri: I’m thankful for the continued evolution of the major mobile operating systems to feature stronger security and increased capacity to enable more productivity for all users this year. And with Black Friday on the horizon, I’m thankful that retailers are leveraging in-store mobility to save time and enhance the completely civil and enjoyable experience for all.

Rick M. Robinson: First, I am thankful for what has not happened: truly crippling cyberattacks. The attacks we’ve seen to date have seriously inconvenienced millions of people whose credit cards were compromised and have caused heavy losses to individual companies. In the big picture, however, they have been nuisances, not disasters. Yet even apart from apocalyptic speculations, we are at a point where determined and sophisticated attackers could potentially bring down huge portions of the Web and keep them down — causing almost unimaginable disruption and effectively rolling the world back to 1990. And there are plenty of bad actors out there of various stripe who would dearly love to do exactly that.

But most of all I am thankful for the reason why this has not happened: a cybersecurity community, as determined and sophisticated as its enemies, that labors tirelessly to build a more robust and resilient Web. Catastrophic attacks are all too possible, but the cybersecurity community has made them far, far more difficult to bring about. For that, we should all be thankful!

We’re Thankful for Collaboration

Stephanie Stack: This year, I give thanks that the cybersecurity good guys are joining forces to collaborate by sharing threat intelligence and finding new ways to work together. Regardless of size, clients are finding operational efficiencies when they establish a security operations center (SOC) — an organized team to coordinate the detection, analysis and response to threats. And it’s much easier to collaborate when you have a platform that automates the analytics and reduces the time people need to spend searching through mountains of data. I love the examples provided by Ben Wuest on what kind of big data analytics can happen when you get your big data scientists talking to your security analysts. All things considered, a lot to be thankful for!

Pamela Cobb: This year, I’m thankful for collaborative threat intelligence, accurate portrayal of security in television and movies, and kittens. To be honest, I’m thankful for kittens every year, but the other two are a bit newer. It’s refreshing to build relationships with security practitioners and business partners at trade shows and know that we can affect change and collaborate out in the open.

It’s the shiny side of the penny, compared to the darker side where malicious actors work together to build better malware. I also love that Hollywood and other studios are coming around to recognizing the intricacies of Internet security and the social engineering component of that collaboration and finally playing to our intelligence as an audience. Lastly, I’m thankful to work with such smart fellow nerds and that we can talk about TV shows and it’s legitimately work related.

But yeah, mostly kittens.

Diana Kelley: In 2015, I am thankful that IT and cybersecurity have become top-of-mind concerns for the big Cs: CxOs and Consumers; for the fierce and righteous fight that Edith Ramirez and the FTC have been waging for software security and data privacy; for the important advances in homomorphic encryption and distributed password verification.

I’m thankful for those of us in the practice who take on data protection and risk management as a personal remit and not just as the “new, now, next” way to advance a career. But most of all, I’m thankful that this fight, this long, hard fight for information and cyber risk management that many of us have been waging in the shadows for decades, has at long last come into the light.

Also — kittens and puppies!

We’re Thankful for Cybersecurity Opportunities

Limor Kessem: This year I give thanks for the better-than-ever collaboration and unity between cybersecurity and antifraud stakeholders throughout an ever-growing variety of organizations and countries. In 2015, I have been fortunate to work with the brightest minds in the InfoSec industry, with many opportunities to reach the world with knowledge and advice on fighting evil in a new age of crime and digital larceny. It’s been quite a ride!

I’ve also been very happy to witness a growing number of women leaders in the technology and information security spheres, from my closest circle to the exceptional women I work with, and ultimately being part of a company led by one truly inspiring woman.

Kevin Beaver: I’m thankful to be working in such an amazing field. When I first got into information security 21 years ago, I had no idea just how blessed I’d be at this point to be in a position where my skills and experience are in such high demand. Vendor-borne fads involving security will come and go over time, but I believe one thing’s certain in this field: The threats will advance while much of the apathy and ignorance surrounding network and information risks will stick around. Generally speaking, that’s not great news for many businesses, but it’s a prime opportunity for those of us willing to effect some changes to continue to grow professionally over the long haul.

Michelle Alvarez: I am always thankful for (and not just when it’s seasonably fashionable to be thankful) my family, friends and relatively good health (though I do admit to needing at least one cup of mojo in the morning to feel fully functional). And I’m not thankful for cybercrime, but I am thankful for the privilege to work in an exciting and ever-changing industry alongside so many bright individuals.

Unfortunately, I do not foresee a time in the near future where instead of blogging about cybersecurity risks and loyalty programs, DDoS extortion or ransomware, I’ll be blogging about Pam Cobb’s kittens or Diana Kelley’s puppies (which I agree are awesome). While greater security awareness among enterprises is trending upward in 2015, there will always be security challenges, and I’m thankful for the opportunity to assist organizations in addressing those challenges.

We’re Thankful for Awareness and Education

Fran Howarth: I’m thankful that cybersecurity is now being taken seriously across the spectrum, from consumers and small firms to universities, large enterprises and governments. Security budgets are on the rise, and security executives are finally being given a seat at the board. This will allow a culture of security to permeate throughout organizations. The use of threat intelligence is also becoming mainstream, allowing for greater collaboration in the fight against cybercrime. I am also thankful that the EU is tightening up its stance on data privacy and am hopeful that the new data protection regulation will be passed during 2016.

Christopher Burgess: The year 2015 has brought us a seemingly unending stream of shoutouts and discussions surrounding data breaches, network attacks, compromises and consumer outrage. Yet amid this cacophony of unending cybersecurity challenges, there are multiple rays of light for which I am thankful: Security and privacy discussions are now commonplace within the boardroom, being led by the CISO. The costs to implement best practices with respect to good cyber hygiene by network administrators and employees are viewed as table stakes toward revenue preservation and not a black-hole cost center. And centers of excellence are being created within academia in partnership with industry to ensure a steady stream of future technologists equipped and prepared to address tomorrow’s cybersecurity challenges.

Neil Jones: Ever since I was a young boy, educating others has brought me great joy and fulfillment. I’ve always been highly motivated to wear a white hat, helping others to become more effective in combating the activities of the baddies. This year, I’ve been blessed to work with security professionals who consistently espouse such values. In 2015, IBM Security had the opportunity to educate our clients’ security teams about how they can increase mobile application security knowledge and address mobile application vulnerabilities more effectively. Similarly, we educated clients on how to improve their comprehensive application security skill sets. IBM’s partner, Arxan Technologies, taught our clients how to incorporate best practices to improve runtime protection on mobile devices. As the year draws to a close, what would bring me even more joy? If you’d take a moment to share one or more of the links above, so that our educational resources remain in circulation and can benefit as many security professionals as possible.

Lastly, all of us at Security Intelligence would like to thank our readers. It’s a privilege to share one’s passion on a subject with fellow devotees. We wish everyone who’s celebrating today a safe and happy Thanksgiving!

More from Intelligence & Analytics

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today