During 20 years of professional observation, participation, & preservation of the security industry, I’ve noticed that certain trends remain predictable, even though each new breach is contextually a surprise. Unmitigated classes of attack and classic unsolved basic security hygiene deficiencies in the ecosystem plague the world, raining mayhem upon the diligent & negligent alike.
Yet we still have hope. Why??
After 20 years of repeating similar classes of mistakes and being surprised by similar results, we have something better, yet less predictable than hope. We have data. And we have models. We may not have solved controlling Internet weather, & the storms affect us all, but we may be able to help forecast it better to help minimize losses. Surprises are best reserved for birthdays & keynotes than security. The carcass of failure can become the bone broth of success if you cook it down well.