Each year, bloggers, industry leaders, and journalists pen their predictions for the coming year’s potential trends in information security. While it’s certainly fun to play Nostradamus once in a while, it’s perhaps more useful to recap the important events, people, and technologies that happened in 2013 that may have flown under the radar for many people.

It was an easy year to lose important stories when situations like the Adobe breach and Edward Snowden’s NSA whistleblowing was happening, but now’s the time to make sure these stories have a chance to be heard before we start the tally on 2014’s biggest news.

The FTC, TRENDnet, and the Internet of Things

With explosive growth in the “Internet of Things” (IoT), it’s almost more difficult to buy a device that can’t be put online these days. While the types of Internet-enabled devices being put online vary greatly, one popular category is home security cameras. TRENDnet learned the hard way this year that failing to build adequate security into this sort of product won’t be tolerated by the FTC.

After a hacker posted links to nearly 700 TRENDnet devices that suffered from weak credential security (allowing easy access to the video feeds of people’s homes), the FTC stepped-in and filed a complaint against the company. The resulting settlement with the FTC means that TRENDnet will have to establish a proper information security program, be required to have a third-party security audit every two years, and are forbidden from claiming their products are “secure” to consumers.

The speed with which FTC Chairwoman, Edith Ramirez, took control of this situation was astounding and rigorous. This action by the FTC is likely a sign of things to come and holds hope for consumers that someone is watching out for their interests as the IoT continues to grow rapidly.

ZMAP: Network Scanning on Steroids

While many technology professionals have likely come across the security scanner called Nmap, which has been around since 1997, very few people have heard about the University of Michigan creation called ZMap.

Presented at the 22nd USENIX Security Symposium in August, this new technology is capable of scanning the entire IPv4 Internet address space in under 45 minutes. As a point of comparison, NMap would take 1,300-times longer to do a similar scan.

If you take into account the speed at which ZMap is capable of scanning and remember that we’re seeing an explosion in Internet-enabled devices and the continued roll-out of IPv6 (which has an enormous address space), the implications are clear. Imagine being able to check availability for a given network port multiple times an hour across the entire Internet when a new vulnerability comes out.

The tool is a notable achievement and will certainly lead to better insight into how the Internet is being shaped and also allow researchers (of all intentions) more visibility than ever into what’s listening out there.

Mounting Up with ‘I Am the Cavalry’

The information security community is rarely at a loss for words and often those words result in some impactful changes to the ways things are done in the industry. From mentorship to finding vulnerabilities, the leaders among us often help shape the next milestone in creating a profession we can all be proud of. This year, the vision of Nick Percoco and Josh Corman has started to come to light dubbed, “I Am The Cavalry”.

It’s no secret that the methods and process by which vulnerabilities and security research is reported is quite diverse. What Nick and Josh have been conveying is that the information security researchers of the world have a lot to contribute to the growing concerns behind poor security of everything from cars to medical devices.

To that point, the two have been going around to conferences this year (and I hope for many years to come) and presenting their thoughts as to what problems exist and how best to contribute to resolving them. While many people who have a casual knowledge of “hacking” may think everyone is out there to do ill and cause mischief, the reality is, and their vision conveys, the public good is at core of what many of us actually do.

The Passing of Barnaby Jack

While many outside of the tech community caught news of the suicide of Reddit co-founder, Aaron Swartz, the news of Barnaby Jack’s death in July just before the major security conferences Black Hat and DEF CON seemed to get lost in the shuffle quickly.

Barnaby passed away just days before he was supposed to speak at Black Hat on research he had been conducting on pacemaker security. His previous security research involved “jackpotting” an ATM and hacking insulin pumps.

The people who knew Barnaby best shared stories and insights in the days following his death, leading everyone who was paying attention to come to learn him to be a fun, charismatic, and kind person. His brilliant mind and passion, coupled with a panache for presentation, led to Barnaby being well known throughout the community, even if you never met him in person.

While a lot happened in 2013 for information security in general, losing a wonderful personality and talented researcher should always trump any single breach. Breaches happen, someone gets sued, and everyone moves on. When someone passes away, that’s it. So as you wrap-up your year and read predictions, don’t forget people like Aaron and Barnaby who were shaping the world and not just living in it.

Mark Stanislav is the security evangelist at Duo Security.