What happened in cybersecurity last year?
There are many ways to answer that question, but most cyber discussions about 2018 quickly get complex.
From GDPR to critical infrastructure attacks to government policy changes to data breaches (big and small) to cyberthreats seen (new and old) to staff turnover, simple explanations don’t do justice to our global security challenges. Quick stories or fun cyber analogies can help, but most inquiring minds want more.
So without going down an infinite number of cybersecurity rabbit holes, I know of no better way to summarize cybersecurity or critical infrastructure developments each year (in under 1,300 words) than to take a quantitative look at readership numbers — with a spice of qualitative analysis (and personal commentary) thrown in annually about various technology and security topics.
Tip: Use the headlines and blog summaries below to help navigate through the cyberfog, and dive in deeper when intrigued.
Quick Top Blog Post Recap
But before we list the top 2018 cybersecurity blogs, I want to remind you about top posts from previous years. Here is my list of the most popular cybersecurity blogs posts from 2017, as well as the top posts from 2016.
Also, these are the top individual blog posts from each year still getting lots of clicks (page views) in 2018:
2014: Ten Recommendations for Security Awareness Programs
2015: 7 Essential IT Infrastructure Strategies that Customers Need Now
2016: The Trouble with Recounts in the Name Of Hacking
2016 (runner-up): Cyberterrorism: How Dangerous is the ISIS Cyber Caliphate Threat?
2017: What Election Technology Actions Are Needed Now?
2017 (runner-up): Analytics, AI and Orchestration Are Top New Security Topics
Also, the year-end summaries and security predictions reports for the upcoming year always do very well, with the recap numbers always bleeding across multiple years. Those posts include:
Show Me the 2018 Numbers
This year, rather than using the countdown format from one to 10 on top viewed blogs, I’ll start at No. 1.
- GDPR in the USA: What’s Next? — General Data Protection Regulation (GDPR)-mania has arrived. With the new European Union (EU) law taking effect on May 25, 2018, the Internet will never be quite the same. Opinions on GDPR are all over the map, and lawsuits have already been filed. Here’s a media roundup on what organizations in the USA and around the world are saying and doing and planning regarding GDPR.
- The Case for Cybersecurity Certifications — How can you enhance your security career prospects? What are the top cybersecurity certifications and why do they help? Are employers requiring security certifications? To answer these questions and much more on cybersecurity certifications, I turned to Jay Bavisi, who is a top global expert on cybersecurity certifications and the founder and president of the EC-Council Group.
- Where Next for Microchip Implants? — Employees at Three Square Market, a technology company in Wisconsin, will have a small chip injected in their hands this week for security convenience. But where is this biohacking trend heading? Is there a microchip implant in your future? Related later blog in 2018: Chip Implants: The Next Big Privacy Debate.
- Cyber Range: Who, What, When, Where, How and Why? — What works in training students to protect enterprises from data breaches? How can experienced cyberpros practice defending their networks from emerging cyberthreats? Where are the right tools, effective processes and hands-on techniques combined to simulate real-world challenges faced from hackers? The answer may be at a cyber range near you. Here’s why the trend is exploding.
- Why You Need the Cybersecurity Framework — The U.S. National Institute of Standards & Technology (NIST) recently released version 1.1 of the Cybersecurity Framework, and the security industry response is stronger than ever. Here are the facts — along with a front-line expert interview on what public- and private-sector organizations are doing now to plan and implement the new guidance.
- Privacy, Ethics and Regulation in Our New World of Artificial Intelligence — With technology changing so rapidly all around us, how can we think about the ethical implications of what is now becoming possible? With big data analytics, machine learning and artificial intelligence (AI) growing so fast, can we agree on inappropriate uses? Are privacy regulations even workable? Will hackers just go around the rules? Let’s explore.
- Public-Sector Tech: Ongoing Issues and Opportunities — As we attempt to connect our gov tech dots over the past few years, there are many enduring themes and disruptive topics that keep showing up. So what was hot in 2017 that will endure well into 2018 and beyond? Here’s my rundown of technology trends that both elected leaders and government CxOs keep talking about — with highlights from the joint NASCIO/PTI Technology Forecast for 2018.
- New Guide on State Data Breach Laws — A new guide covering a summary of data breach laws in every state and territory was recently released by Digital Guardian. The guide attempts to answer questions like: How do state laws protect you? Here are the details.
- Next Steps After Russian Attacks on U.S. Critical Infrastructure — In an unprecedented move this past week, the US CERT revealed details of Russian hacking of U.S. critical infrastructure operators, including energy, nuclear, water, aviation, and critical manufacturing facilities. What was announced and where is this heading next? Most important, how can your public- or private-sector organization respond? Let’s explore.
- New National Cyberstrategy Message: Deterrence Through U.S. Strength — The new White House cybersecurity strategy makes one message clear: America will not sit back and watch when attacked in cyberspace. On the contrary, in areas ranging from critical infrastructure to space exploration to intellectual property protection, the U.S. will respond offensively as well as defensively in cyberspace. Here’s what you need to know about President Trump’s new cyberstrategy.
Other Top 2018 Articles, Legacy Blogs and Coverage in 2018
So what about the big picture on gov tech and cybersecurity blogging metrics?
Overall, I’m happy to report that 'Lohrmann on Cybersecurity & Infrastructure' continues to be listed as a top 50 Global Cyber Blog, at No. 32 as measured by Feedspot.com. More exciting, CISOPlatform.com has recognized ‘Dan Lohrmann as a Top 100 IT Security Influencer for 2019’ in their impressive global list of names — coming in at No. 78. A sample of other recent recognition includes the StateTech Magazine’s Must Read State & Local IT Blog List and excellent ongoing coverage at Security Boulevard.
But most important, I want to thank you, my readers, for another great year in 2018. Your feedback, emails, interactions (online and at conferences), comments (on LinkedIn and other social media sites) as well as ongoing encouragement is such a great blessing.
Hopefully, these lists of blogs tell a wider story, when put together. The trends, topics and attentions can help point to needed priorities that result in real action toward improvement.
I look forward to an even better year in 2019. Thanks again for stopping by.