Looking Back, Looking Forward: Digesting a Dynamic Bouillabaisse of Cyber Evolution

Looking Back & Forward: A Bouillabaisse of Cyber Evolution

Newsletter Sign-UpNewsletter Sign-UpCybersecurity TopicsRelated TopicsApplication SecurityCybersecurity CareersCloud SecurityCyber RiskCyberattacks & Data BreachesCybersecurity AnalyticsCybersecurity OperationsData PrivacyEndpoint SecurityICS/OT SecurityIdentity & Access Mgmt SecurityInsider ThreatsIoTMobile SecurityPerimeterPhysical SecurityRemote WorkforceThreat IntelligenceVulnerabilities & ThreatsRecent in Cybersecurity TopicsEndpoint SecurityChina's Webworm Uses Discord, Microsoft Graphs to Hack EU GovernmentsChina's Webworm Uses Discord, Microsoft Graphs to Hack EU GovernmentsbyAlexander CulafiMay 22, 20264 Min ReadApplication SecurityGitHub Confirms Breach, 4K Internal Repos StolenGitHub Confirms Breach, 4K Internal Repos StolenbyAlexander CulafiMay 20, 20263 Min ReadWorld Related TopicsDR GlobalMiddle East & AfricaAsia PacificLatin AmericaSee AllThe EdgeDR TechnologyEventsRelated TopicsUpcoming EventsPodcastsWebinarsSEE ALLResourcesRelated TopicsResource LibraryNewslettersPodcastsReportsVideosWebinarsWhite Papers Partner PerspectivesDark Reading Resource LibraryCybersecurity OperationsCyber RiskIdentity & Access Management SecurityICS/OT SecurityNewsSince 2006, Dark Reading has been at the forefront of covering cybersecurity, providing deep insights and analysis beyond the headlines. All those major news events? We were there. Shifts in technology trends? We wrote about them. Enjoy this special anniversary coverage celebrating where we've been and what's next.Looking Back, Looking Forward: Digesting a Dynamic Bouillabaisse of Cyber EvolutionDark Reading editors reflect on two decades of dramatic change — from perimeter defense to assume-breach strategies — and warn that while AI, cloud, and COVID-19 have transformed the threat landscape, organizations are still failing at fundamental security hygiene that could stop sophisticated attacks in their tracks.Dark Reading Editorial TeamMay 19, 2026Source: Dark ReadingCybersecurity has always been a dynamic space, with industry innovation keeping pace with frontier tech developments — the brightest minds in the sector are known for noodling on everything from securing the move to the cloud to locking down agentic AI. At the same time, widespread adoption of cyber fundamentals by ordinary enterprises, like ensuring strong authentication, network segmentation, and patching known vulnerabilities in a timely fashion, remains elusive — even as they rush headlong into adopting autonomous agents. It's a hearty stew to pick through, and this special 20th anniversary edition of Reporters' Notebook breaks down two decades of cybersecurity evolution: where we've been, big inflection points (COVID-19 and ChatGPT, anyone?), and where we're going. Dark Reading's editor-in-chief Kelly Jackson Higgins and co-founder Terry Sweeney, who Have been here from the beginning, join the discussion with Dark Reading managing editors Tara Seals and Fahmida Rashid, who are helping to architect DR's next chapter.Related:20 Leaders Who Built the CISO Era: 2 Decades of ChangeThere's plenty to talk about: our editors cover the dramatic expansion of the attack surface driven by cloud computing, Internet of Things (IoT) devices, remote work, APIs, software-as-a-service (SaaS) applications, AI systems with non-human identities (NHIs). How the pandemic drove a sudden shift to remote work that effectively eliminated controlled corporate network environments and stress-tested cloud infrastructure at unprecedented scale. The fundamental philosophical shift from prevention to resilience, abandoning "unhackable" marketing claims so en vogue 10 years ago. And how concepts like least privilege and asset inventory — discussed for 20 years — remain underutilized; they're just now exponentially more complex with AI agents, machine identities, and ephemeral APIs in the mix that are frequently over-privileged. And they also look toward the next two decades, and how organizations need to ensure the basics aren't lost amid the "irrational exuberance" surrounding AI and other emerging technologies.Learn more in the video, and also check out our Reporters' Notebook full series, available here, which is designed to bring together insights and coverage from across Informa TechTarget's network of cybersecurity sister sites. And, click here for all of our DR20 content, which will be rolling out across the month of May. Keep checking back for new items! Kelly Jackson Higgins, Tara Seals, Fahmida Rashid & Terry Sweeney: Full Video TranscriptThis transcript has been edited for clarity and length using Informa TechTarget's internal AI assistant. For the full experience, please watch the video.Related:Name That Toon: Mark of (Security) ProgressDark Reading’s Tara Seals: Hi, everybody. Welcome to this special edition of Reporters Notebook. I'm Tara Seals, managing editor for news at Dark Reading, and we are celebrating 20 years, two whole decades of coverage of the cybersecurity industry. So, we're bringing together two people who have been here from the beginning, and then Fahmida and I, who are sort of the new-ish guard, not new, but new-ish. And we're going to talk about where we've been and where we are going. I would like everybody to introduce themselves. Kelly, would you like to start?Dark Reading’s Kelly Jackson Higgins: Kelly Jackson Higgins, editor-in-chief at Dark Reading. I came along in June of 2006. I was hired by this guy over here, Terry Sweeney. I'll hand it to you, Terry.Dark Reading’s Terry Sweeney: Thanks, Kelly. Terry Sweeney, I'm a contributing editor and was involved in the early days of Dark Reading. It's kind of astonishing to be here 20 years later. Here we are. Fahmida, I'll hand it off to you.Dark Reading’s Fahmida Rashid: Hi, I'm Fahmida Rashid. I'm the managing editor of technology and features here at Dark Reading. I came on board in 2022, but I believe my freelance relationship with Dark Reading started in 2010, 2011. So, it's kind of cool now that I've crossed into full time, seeing what Dark Reading is all about.Related:20 Years in Cyber: Dark Reading Marks Milestone With Month of Special CoverageDR’s Tara Seals: Yeah, well, thank you all of you for joining today. And I think a good place to start is just talking about what's the biggest headline from the last 20 years? It's gotta be the giant expansion of the attack surface, right? We have cloud computing, we've got IoT, we have the remote work infrastructure, APIs, SaaS applications, supply chain stuff, all coming to the forefront. We've got developers going willy-nilly with low-code stuff that is populating new identities throughout the enterprise. And then of course we have AI systems and other non-human identities related to that. So, you know, what's your broad take on this explosion that we've seen? When you take a look at it from start to finish and the vast evolution from the basic perimeter-based, on-prem corporate network, or even the multilocation enterprise that was connected by a LAN, let's say, or a WAN. You know, this is vastly different and everything, everything has changed. So just a hot take from the top, Kelly. What do you think?DR’s Kelly Jackson Higgins: Yeah, so it makes me think about the early days when it was all about firewalls, endpoint security, the wired systems, right? Everything was local, all networks, virtual networks, everything was on-prem. And so those were the kinds of stories you're writing about. Those were the products that were out there, right?  Everything was very much focused on the user's workstation, the client workstation, the servers, that infrastructure. I think when it all exploded was during the pandemic when we'd been talking about this move to the cloud for so long and we were seeing bits and pieces of it and portions of it, but everyone was nervous about taking everything to the cloud. But when you started sending people home to work from their home, their home Wi-Fi networks, sometimes with their own machines, you can't control the users anymore. They're not on a hardwired corporate network — I would say that was when the cloud explosion started in my mind. And then we saw all the problems with people, organizations going too quickly to the cloud. We saw all kinds of cloud vulnerabilities being exposed suddenly that no one had known about. To me, that was really the game change, the pandemic. I think that's when we shifted from this mindset of, we have a network here at our company, to the network is just a blur.DR’s Tara Seals: Yeah. We kind of had a little Jurassic Park moment, right? Like all of a sudden the electricity went out, the fences came down. Nobody's really sure where the T-Rex is. So yeah, I mean, it was definitely a sea change for sure. Terry, what are your thoughts on that? From your perspective, was it the pandemic? Did it start before that? Were there, you know, other aspects to it?DR’s Terry Sweeney: Well, just to tag on to what Kelly was saying, the focus was originally around firewalls and servers, in order to guard against denial-of-service attacks that were crippling networks back in the early days. I'm also thinking rather nostalgically about alphanumeric passwords, just numbers and letters that do not use special characters. I can actually hear my virtual rocking chair creaking on the porch as I think back on that now. Anyway, it's obviously shifted a lot. From where I sit, I feel like the movement to cloud and the rush to get there preceded the pandemic with Azure, AWS, Google Cloud Services, all of it. And shockingly, it felt like security was almost an afterthought. I don't know if it was a problem about who was going to own security ultimately between enterprises or the cloud service providers (CSPs). But we then moved into the virtualized environments, containers and Kubernetes and all of it, and now we've landed in AI's world, right? And we're just contributors to large language models (LLMs), I think. I can see the natural pro