My Top 10 Things To Learn in 2023

In 2022, we lost Pele. He was a great footballer, but an even greater person. To me, his best quote was:
Photo by Behnam Norouzi on Unsplash

My Top 10 Things To Learn in 2023

In 2022, we lost Pele. He was a great footballer, but an even greater person. To me, his best quote was:

“Success is no accident. It is hard work, perseverance, learning, studying, sacrifice and most of all, love of what you are doing or learning to do.”

Let me pick out a few words here:

  • hard work.
  • studying.
  • sacrifice.
  • perseverance.
  • love of what you are doing or learning to do.

Learning is not is easy, but if you learn something that you love, it becomes so much easier.

My Top 10

Okay. I’m an academic and a teacher, so I am biased toward the power of education to change people’s lives. I would not be in the position that I am in now without the foundation that my formal education has given me. But, education never ends, and it should be a lifelong strive to understand things in a deeper way. It feeds your brain and keeps your mind active. The knowledge I gained from my formal qualifications is only a tiny fraction of my knowledge now. But, it did teach my how to learn, and how to strive to improve my knowledge.

So, here are my 10 things to learn in 2023:

  • The Public Cloud. I have intentionally put this in the top position, as it is possibly the most important of all. The power of the public cloud increases by the day, and it brings new ways of doing things. Whether it's AWS or Azure, or any other public cloud, you really need to start to understand its power. At your fingertips, you have the power of large companies, And, with increasing focus on serverless computing, we can build systems that have a minimal footprint on our planet, and break away from our flawed world of servers and services. For me, its AWS, and I just love the way that everything integrates together. Learn here.
  • Identity. I have put this in second place, as it will increasenly become a core part of our digital world. And, so, 2023 should be the year of identity, and every year after that. Overall, we need to move into a world where digital identity provides a core part of the systems that we build. This is likely to involve providing citizens with more control of their own data, and in using digital wallets. Over the next few years, the EU aims to roll out a digital wallet for every EU citizen and move away from our paper-focused governance systems. And, so, why don’t you learn about what a digital identity actually is, and how digital wallets work? Blockchain, too, provides a core of this, and in making sure that digital wallets are trustworthy. For us, we are working on GLASS here.
  • Cryptography. Okay, I am biased here, as my main research and teaching focus is cryptography. But, I love it, and it (should) give me a lifetime of learning. While I have learned a good deal of the fundamentals, I still have gaps, and every time I plug a gap it gives me a more solid foundation for my knowledge — and that I can pass on to others. I learn from others, and others learn from me — it’s knowledge exchange. New methods, too, appear by the day, so I am continually learning new techniques. I appreciate it is not the easiest topic to read research papers, but, if you can learn the core methods used, it is possible to at least understand the scope of research work. While cryptography might not work for everyone, try and find yourself your own topic to learn, and immerse yourself in it. We need to move away from our Wikipedia-driven world, and where we have surface knowledge and move to one where we continue to strive towards a depth of knowledge. A true innovator often develops a deep understanding of the field, and can more clearly see the flaws that need to be fixed, and how they can be fixed.
  • MITRE ATT&CK (TM) Framework. We need to improve the way we define our cybersecurity threats and vulnerabilities, and the MITRE framework gives us a common base to use. While the Kill Chain model is fairly simple in its definition of phases of a cyber attack, the MITRE framework extends these phases into: Reconnaissance, Resource Deployment, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration, and Impact. Of course, it is not the only framework around, but with STIX integration, we can look at a formal language for threat sharing, too. Learn here.
  • Golang. Python is an obvious choice to learn for programming languages, and I would hope that most of those involved in technology would have some knowledge of using Python. But, it has poor syntax and can break easily. It also is interpreted, and so is relatively slow. So, for me, Golang, is the best around, especially as it’s similar in its syntax to C, and that is it compiled. It is also highly portable onto most of our systems. Learn here.
  • Post Quantum Cryptography (PQC). This year will see the start of a long migration away from our flawed public key methods (RSA, ECC and discrete logs), towards methods that are more robust against quantum computers. Learn here.
  • Lattice methods, Galois fields and polynomials. The PQC methods will move away from exponentiation (RSA) and elliptic curves and move toward lattice methods. So I highly recommend reading up on how lattices are created [here] and learning of how Galois Fields work in supporting lattices [here].
  • Machine Learning and Cybersecurity. Like it or not, machine learning will play an increasing role in cybersecurity, especially as the amount of data in logs increases by the day. It is not humanly possible to process and interpret masses of data in an efficient way, and so machines will play a core role in understanding things that might be an attack or not. Learn here.
  • Splunk. For the first time we used Splunk to teach a range of machine learning methods in Cybersecurity, and it was a great success, as students could see the relevant of using a Big Data tool to implement complex searches for data. With SPL (Search Programming Language) we have a powerful tool to find that needle in a haystack. Learn here.
  • Reading research papers. I know that it’s often not easy to read research papers. But look at your smartphone. It contains GPS, SMS, JPEG compression, video streaming, SSDs, RISC processors, wireless charging, and so much more. All of these advancements are all based on research work that often took decades to get to a point that they can be integrated into a device that fits into your pocket, and that can cost less than $1K. So, if you want to innovate, continually watch for new papers which are showing a real impact. The place I spend a good deal of time is with Google Scholar, and where you can search for new work. Learn here.

Okay, that’s 10, but my last one is to go and do some academic study. I appreciate that you possibly do professional certifications, but also consider doing an MSc, or a PhD. Overall, it might just change your life.