Going to do this one a little differently, part of it is going to be the typical “throw the crystal ball over the shoulder” stuff that we all do…although honestly JUST going to 2017 is not far enough for some of the stuff we are working on…and the other part of this is simply a list of desires or wants for the coming year.

We will baseline with the following:

  1. This is somewhat USA centric, you’ll see why in a moment…and I’ll apologize for it too.
  2. This is couched in the knowledge of the last 12 months of breaches and horror stories.
  3. This is built in the knowledge that we continue to full our houses with electronic crap.
  4. There are MORE conferences to go to than you have hours in the day…how do you juggle?


  1. Secure design, it is NOT too much to ask for, but it seems too much to be able to deliver.
  2. Honest executives who stand up and take responsibility for being breached IMMEDIATELY.
  3. Those very same executives to actually take action BEYOND the first 6 months POST breach.
  4. When sales or marketing want a new Cloud service…they actually INVOLVE IT/InfoSec.
  5. Threat intelligence that makes sense AND is usable in a timely manner. (Didn’t I build one?)
  6. People to stop using 123456, Password1 and other bloody useless codes to defend their assets.
  7. Retail, financial, healthcare and other industries hit…when will someone p0wn the lawyers?
  8. Intelligent AI…actually something that works…although possibly I don’t want this?
  9. Something that actually stops me from moving away from the first computer we break into.
  10. A system my grandmother can use that REMAINS secure past the date of purchase.


  1. All your toasters belong to…NOT YOU (same goes for your fridge, microwave and crockpot.)
  2. Not only is your PC encrypted and ransomed, so is your NEST, Samsung TV, LG Fridge, etc.
  3. We keep hearing that there are shortages in our field; we will continue to feel the negative effects.
  4. 123456 become 124356, integrity of your data is questioned based on the undetected attacks.
  5. All your IT is run by your business units. The cloud disseminates the IT’s ability to manage data.
  6. All our data still doesn’t make sense…data analytics and modeling still has a long way to go.
  7. Managed security services will continue to grow; all MY problems become YOURS (hopefully.)
  8. The ability for LE around the globe to continue to collaborate on key issues WILL grow.
  9. Blockchain and BitCoin get used to those two words…they will continue to evolve and grow.
  10. The continued evolution of the attackers Swiss army knife of leased/purchased exploits avenues.
  11. The evolution of non-traditional security. The Stack we have doesn’t work, time for something new.
  12. IF Amazon or anyone fully realizes drone delivery then watch drone-jacking become “a thing.”

I’ve kept them short, 1 line or so, you get the idea…it’s going to be an interesting year and we’ve not even mentioned the Trump effect!