At the RSA Conference in 2019 I stood in Zscaler’s booth and signed 400 copies of Secure Cloud Transformation: The CIO’s Journey. Many of those lined up to get a free copy told me they were new to the world of security and their employer had sent them to RSAC to learn all about it. That is when it hit me: at the next RSA Conference I should have a new book that would be perfect for anyone just getting into security.
Fast forward a year to February 2020. I stood in the booth of Synopsys, signing the first copies of Security Yearbook 2020: A History and Directory of the IT Security Industry. It was the best book launch experience I have had. There was buzz about it. People were posting pictures to Twitter! Multiple vendors signed me up for book signing/speaking gigs later in the year, one at an exclusive resort in Sonoma.
Then Covid happened. No more in-person appearances. I decided to continue to plug away at writing and publishing. But some changes were in order. I decided to cut Amazon out of the loop. Only the 2020 edition has ever been available on Amazon. I built an ecommerce engine into www.it-harvest.com/shop and found a fulfillment center here in Michigan that would sweep the orders every hour and pick, pack, and ship the books. It is great having control over price, discount coupons, and shipping. The best part is the data. I can see who buys books and when.
Thanks to the global supply chain disruption caused by Covid, printers started quoting ten weeks to print books. On top of the supply issues, people were reading more books so the printers were backed up. That means that the publish dates are pushed into June each year. Too late for RSAC but plenty of time for BlackHat.
The 2021 edition included a color insert for sponsors. In this edition we started
to use images of products for the cover design. Security Yearbook 2021’s cover was provided by Spyderbat, showing the causality chain for an incident.
I hired Maximillian in January, 2022 as IT-Harvest’s first intern. His initial task was to help me load our massive spreadsheets into Airtable and output the text files for Security Yearbook 2022. We needed an alphabetical list, a list by category, and a list by country and US state. It was during that process that Maximillian built the first version of dashboard.it-harvest.com. By May of 2022 we had our first paying subscriber to our SaaS app.
For Security Yearbook 2022 we decided to go full color. That increases the cost dramatically so we reduced the number of books printed. The average cost every year to publish the Security Yearbook is $25K including the design and printing.
The 2022 cover design was an image of a SOC tool from
LMNTRIX, an MDR vendor with operations in the US and Australia.
By last year we had flipped our business model. Instead of an app created from the data in a book, we now had the app spit out the data for the book!
Here is the 2023 cover. This is the last edition that I will produce myself. Security Yearbook 2024 is being published by Wiley, shipping June 5. You can pre-order it on Amazon here.
Note that for this edition we used a screenshot from the IT-Harvest Dashboard, the only decision support software for selecting cybersecurity products.
One of the conditions I agreed to with Wiley is that I would no longer sell or distribute copies of older editions. That means that on April 26 I am heading to the warehouse in Warren, Michigan, to pick up all remaining copies. My next stop will be the reclycling center to dispose of them.
You can see that this morning there are 182 copies left of Security Yearbook 2023. We are busy donating copies to the libraries of all of the NSA supported Centers of Academic Excellence, which is fitting as students getting into cybersecurity will be able to discover the only history of the industry.
If you know someone who could benefit from my life’s work you should send them a copy!
Update: Only 71 copies of Security Yearbook 2023 in inventory. April 20, 6:40 AM
Looks like 2023 Security Yearbook is sold out. Is it possible to get a digital copy (e.g. PDF)?
Hi Richard,
How do I get a copy of the 2023 Security Yearbook?
Will you be at RSA signing copies of the 2024 version or having copies on hand to purchase?