The Top 23 Pieces of Security Content in 2023
It’s time once again for my superlatives in security content/events for the preceding year. To preserve balance, I present the 23 best, newest, surprising, or intriguing articles, conferences, books, podcasts, etc. from 2023. All completely subjective. Here goes:
1. Best conference: Lots of contenders, including IPSB, GSX, OSAC, Security 500, ESX, Securing New Ground, ASIS Europe, etc. Coming out on top, though, is ASIS LatAm in Lima, Peru. A consummately professional experience with top-notch presenters, content, networking opportunities, production values, and gastronomic options. The presentations can be found on YouTube.
2. Best conference party: It was a last hurrah for Chuck Andrews and Texas Night at GSX. But what a way to go. A supremely well-organized event with thousands of attendees receiving free admission for music, dancing, food, drink, armadillo races, games, vendor stations, mechanical bull riding, and prizes galore. Lucky winners got boots, belt buckles or lassos.
3. Best new platform: With the so-called “reset” at Clubhouse, industry experts like Josh Phillips turned to LinkedIn Live for ad hoc discussions and briefings. The platform held up well.
4. Biggest LinkedIn disruptor: Tyler Schmoker burst onto the scene in a big way. His emoji- and ellipsis-heavy posts keep you scrolling like you’re getting to the end of mystery novel. His photos (wilderness runs, curing meat, etc.) tie the personal and the professional to create a unique brand.
5. Best new industry initiative: Speaking of disruption, Lee Odess’s Access Control Executive Brief took off in 2023, with Lee hosting access-control-specific lounges at events such as ISC West and his own event, ACS23. If you are interested in access control at all, check his Topo Map of Access Control Companies. You’ll want to tear down your old Bruce Lee poster and replace it with this.
5a. Most heartwarming industry initiative: The Relentless Revival Safe Haven, the brainchild of Olivia and Ralph Arnauts, is “a restorative care program for survivors of human trafficking,” including personal and professional development, group and specialized therapy, and economic empowerment. How can you not donate to this?
6. Most intriguing new educational program/concept: Move over ESRM. Originating with Gav Schneider from Australia, Presilience is a philosophy and program that involves proactive resilience linked with high performance outputs and leadership capability—all supported by agile and adaptable systems and technology solutions.
7. Best of the world of books:
a. Best book-release panel discussion: The author interview for the book, The Queen of Cuba, the story of DIA employee Ana Montes who recently got out of prison after serving 20 years for delivering devastating insider information to the Castro regime. Lots of good tradecraft lessons. You can watch it on YouTube here.
b. Best book launch: You can’t escape The Kindness Games. Authors/Editors/Founders Lee Oughton and Tim Wenzel are on a continuing in-person and virtual roadshow to celebrate and promote their book and movement, designed to “help people unite their spheres of influence, heal their communities, and change the world by leading with kindness.”
c. Most original book: I can’t believe I’m writing this—”Amelia and her cat Boinky wonder what jobs Amelia can do when she grows up.” Amelia considers a career as a guardian and protector, a brilliant concept to socialize the importance of these roles to children in Burke Sigurdur Brownfeld’s When I Grow Up I Want to Be A Guardian.
d. Mejor libro en espanol: Recetas para un Operacion Productiva Segura, por Herbert Calderon Aleman (disculpas, no puedo encontrar el acento en esta plataforma). Escrito como libro de cocina, contiene catorce recetas como “Entiendo los factores conducentes al fraude” y “Todo bien, pero no todo bien.” De repente, tengo hambre. (Primo: aunque es de 2022, obtuve Seguridad Corporativa: Pieza Clave en el Ajedrez Corporativo por Antonio Gaona Rosete vale la pena mucho tambien.)
8. Best blog post: The blink-and-you’ll-miss-it “EFF to Copyright Office: Copyright Is Indeed a Hammer, But Don’t Be Too Hasty to Nail Generative AI.” The Electronic Frontier Foundation piece, whose headline is almost as long as the article, argues that existing copyright law is flexible enough to address generative AI. It contains this gem: “like giving someone a blood transfusion and sending them home to an insatiable vampire.”
9. Best newsletter: The monthly Incidents Report from Jim Henderson’s Insider Threat Interest Group. It’s not fancy, but every issue is a valuable compendium of insider incidents broken down by type (e.g. violence, theft, carelessness), sector, impact, and motivation.
10. Best guidance document: Physical Security Performance Goals for Faith-Based Communities, developed by the U.S. Cybersecurity and Infrastructure Security Agency, applies an “Identify, Protect, Detect, Respond, and Recover” model to houses of worship and other relligioius facilities.
11. Best new awards scheme: IFSEC didn’t run its annual influencer awards in 2023, but James Thorpe’s International Security Journal has teamed up with Grant Lecky’s Security Partners’ Forum to create ISJ’s Leaders in Security Awards for operational excellence, crisis and incident management, cross-functional security integration, cybersecurity leadership, and security mentorship. Get your entries in!
12. Best annual magazine feature: In a repeat from last year, The Security Benchmark Report, which keeps improving with time.
13. Best annual magazine feature, runner-up: The International Security Journal’s annual influencer-prediction feature always mines the thoughts of many of the profession’s brightest stars. Special shoutouts to Pooja Shimpi for emphasizing the psychology of cybercriminals; Ebunoluwa George Ojo-Ami for his analysis of drone attacks in the maritime sector; Jane Frankland for coverage of cyber issues; and Scott Ashworth for his focus on AI.
14. Best articles by security publications:
a. Best CSO magazine article: Michael Hill’s “If you don’t already have a generative AI policy, there’s no time to lose,” is a fine piece that urges businesses to know their generative AI use cases and create policies in areas such as information sharing, data classification, data loss prevention, accuracy checks, and protection from AI-enhanced attacks.
b. Best Security magazine article: As selected by Editor Madeline Lauver, and I concur (see #12 above), “The 2023 Security Benchmark Report.”
c. Best Security Technology Executive article: Security Professionals Assess the Parkland Trial and Verdict, by Steve Lasky. Masterful look at the trial of Scot Peterson, the “Coward of Broward.” Steve’s favorite too. I can’t blame him.
d. Best Security Management article: Redesigning Pandora’s Box: Another Reason to Leave Siloed Security Behind, by Sara Mosqueda. Two SM editors picked this as a favorite, and I can’t disagree. An incisive look at a favorite topic of mine, disinformation.
e. Best International Security Journal (and its regional progeny) article: Security Journal America’s interview with Clayton Evoy, who enumerates negative security stereotypes and explains how to overcome them. Prepare to be broken down and built back up.
f. Best SDM article: “Top System Integrators Report 2023: Pivotal Performance,” by Karyn Hodgson. Securitas Technology jumps ADT to become #2 in the SDM rankings, with Convergint holding on to its top position. Pavion and Allied Universal Technology Services round out the top 5.
15. Best boots on the ground article: Completely dispassionately (LOL), I’m choosing the article I wrote with Paul Goldenberg about the Cochise County, Arizona, sheriff and how the situation at the Mexico border—with fentanyl and meth distribution, human trafficking, the refugee crisis, etc.—reverberates in towns and cities across the United States and Canada.
16. Best article that ties together the most issues: Covering physical, cyber, espionage, technology, national security, law enforcement, government, foreign policy, critical infrastructure protection, and emergency response, among other topics, Brian Harrell and Travis Moran’s deftly discuss the Chinese drone threat in “The Pressing Threat of Chinese-Made Drones Flying Above U.S. Critical Infrastructure,” in Cyberscoop. Compelling issue.
17. Best LinkedIn article: If you’ve ever been an expert witness in a security case, or are considering it, you’ll appreciate this piece from Steve Albrecht. It’s spot on.
18. Best cybersecurity article: “11 Women in Cyber Share Barriers Faced and How They Rose Above,” by Dorene Rettas from Cyber Security Tribe, is a fascinating peek at the stories of almost a dozen cybersecurity professionals and how they overcame their unique challenges.
19. Piece of content that most counters accepted wisdom: This WNYC “On the Media” podcast argues that “the data about shoplifting don’ t back up the alarmist coverage….[and] a senior reporter at Retail Dive traces how one baseless data pint abut retail crime spread unquestioned in the media.” Whoa. Thanks to Mike Moran for pointing me to this.
20. Best new podcast: Yolanda Hamblen’s Turning Pages: The Security Book Review Podcast assembles a team of experts to discuss a notable security book, such as Mike Croll’s The Rise of Security—reviewed by Patricia Coureas, Farah Benis, Chris Anquist, Adriaan Bosch, and Deb Andersen. The depth and range of the discussion is rewarding.
21. Best webinar host: Phelim Rowe. Can we just make this an annual thing?
22. Best standalone webinar: ISRM Women in Security’s Exploring the Future of Risk and Security Convergence, excellently moderated by Louisa Schneller, and featuring Alison Wakefield, Cody Porter, David Rubens and some Gips guy.
23. Best new credential: Zero Trust is the new credo in cybersecurity and The Cloud Security Alliance’s Zero Trust credential makes sure you understand its core concepts.
And a New Year’s bonus!
24. Best report: Rachel Briggs of the Clarity Factory’s The Business Value of Corporate Security. An excellent overview of “what trends in the global business operating environment mean for the corporate security function: its value proposition, narrative and positioning, leadership, talent strategy, areas of responsibility, relationship to the rest of the business, innovation, external stakeholders, and changing C-Suite needs.”
What did I miss?