As 2018 draws to a close, it’s been a fascinating year in the IT security community. From record-breaking data breaches, new regulations and the Meltdown and Spectre debacle, we can certainly say it’s been eventful. To round the year off, we thought it would be interesting to ask some of our regular contributors (and followers on Twitter) what their standout moments were.

Justin Sherman, Cybersecurity Fellow | @ethicaltechorg

“In January, it was revealed that researchers could trace the geographic locations of U.S. military personnel via data from their wearable fitness devices. In July, researchers similarly traced the real-time locations of intelligence personnel around the globe—including in sensitive locations like the NSA, MI6 and the Guantanamo Bay detention facility in Cuba—and also exposed the names of those personnel in agencies like the French DGSE in Paris and the Russian GRU in Moscow. In this second incident, affected personnel had been wearing IoT devices—fitness trackers—that revealed their locations online. Perhaps more than ever, these events make it clear that IoT privacy breaches can have a direct impact on national security.”

Christopher Burgess, Cybersecurity Advisor | @burgessct

“The airlines get us from place to place as their primary task, yet they are entrusted with our most valuable personal identifying pieces of information. This information is sufficient to conduct identity theft with little effort. From poorly configured apps to award portals and breaches of infrastructure, the industry must heed the following wakeup call: data security is a responsibility, and maintaining the privacy of the passenger is just as important as maintaining an aircraft itself. The 2018 experiences of Air Canada, Cathay Pacific and British Airways are prime exemplars.”

Chris Hudson, Professional Services Consultant | @askjarv

“GDPR was responsible for clogging up our mailboxes at the beginning of the year, but (Read more...)