It’s December, which means it’s time to get those 2019 cyber predictions going. While there are many well-informed, and some not-so-well informed opinions out there, I’ve dug through the cyber underground, I’ve climbed data mountains, and delved to the depths of the dark web to seek out what is really happening.
Having spilt coffee, redbull, and tears, I am proud to present the soft underbelly of the cyber security industry, and what the future will hold.
Jayson Street will be exposed as a secret agent charged with obtaining DNA samples of as many hackers as possible. Close inspection will reveal Jayson stealing a strand of hair every time he offers an “awkward hug”. Having been outed, he will go on to start a podcast called, “The word on the Street”
HaveIBeenPwned will be purchased by FireEye. Troy Hunt will take the money and move to New Zealand where he’ll setup another website called “YesYouArePwned” with Kim dot com.
Bug Bounty and vulnerability disclosure pioneer Katie Moussouris will have no less than 10 instances a month of bug bounties being mansplained to her. At least 2 a month will try to prove her wrong by citing papers, without realising she authored them.
Richard Bejtlich will tell the world how it’s actually Papua New Guinea that is responsible for the majority of APT’s. He’ll admit that China was initially blamed as an internal joke that went a bit too far.
Jeff Moss will look in disgust at what he has created. In a fit of rage he’ll punch the ground, pull his hair yelling, “I’ve created a monster!” and cancel DEF CON. This will create a domino effect as all other conferences will come collapsing, leaving no security conferences active by the end of the year.
Stuck in traffic YouTuber Wolf Goerlich will finally take a different route into work and realise traffic ain’t all that bad. As a result YouTube suspends his account, declaring the title misleading. Which is a polite way of saying ‘fake news’.
Investigative journalist Brian Krebs may unofficially be many companies' IDS, but in 2019 he’ll take it to new heights while launching his own subscription-only service called B-KIDS (Brian Krebs IDS) which companies can use to get the heads up if they’re going to be outed.
Reunions will become common, as professionals grow bored of corporate life. L0pht Hacking Industries will furiously lobby the US government, while over in Europe the Eurotrash Security podcast will regroup and take the show on the road once again.
Marcus Hutchins reveals he was never really arrested by the FBI. Claims he just wanted a bit of “me time” and thought this would be the best way.
(ISC)2 will cease offering the CISSP certification, stating that there is now a global surplus of security professionals and the number needs to be reduced.
Independent analyst Kelly Shortridge reveals the magic that goes into magic quadrants, waves and other analyst firms methodologies. Confidence in analyst firms will take a dip as a result. Kelly will then sell the rights to the movie, The Big Short(ridge)
Award-winning blogger and podcaster Graham Cluley will go through the whole of 2019 without winning a single award.
Mega breaches will have reached the tipping point and GDPR will have been found ineffective. In a last ditch effort, companies that offer affected customers a year's credit monitoring will no longer be deemed sufficient. Rather companies will be forced to create whole new identities for affected individuals, complete with backstories, like witness protection programs do.
Finally, world governments will see the error of their ways and stop trying to backdoor crypto.
Have a happy 2019 folks!