2023 in review

A look at how my 2023 went.

The number 31 on an upturned page as part of a tear away calendar.

Twenty twenty three was an odd year, with changes at work, a garden shelter, and "sunshite".  This is my yearly round up post for the year, where I look back at some of the highlights (not all positive) and set some goals for 2024.


Half way through the year I had only written thirteen posts - not great given I want to aim for one a week.  By halfway through I should have published around 36 posts 😢.  On the plus side, I completed the year with 29 posts published which is an improvement on the 19 of 2022.

I also wrote Welsh diary (as in a diary in Welsh), but didn't manage to keep up with that and ended up writing weeks if not months of entries in one go.  I need to complete the last few weeks still.

I beat my 2022 step count and mileage with 3,921,187 steps and 1,707.11 miles compared to 2022's 3,487,644 steps and 1,515.59 miles.  On days I was driving to the office I tended to not reach 10,000 steps, but now there is no office I'll hopefully start getting more consistent at getting 10,000 steps (or more) a day.

As a side note, the mileage count in Fitbit is only for walked, jogged, or run miles - activity by other means (e.g. cycling) doesn't get added to that figure.  It's an outstanding feature request since 2018, and means that I've done a lot more miles by the time cycling is taken into consideration 🚵.

Sleep wise I can see that across the year I rarely got an average of 7.5 hours sleep, often managing seven hours or fewer.  I should probably look to improve that in 2024, as I've been feeling tired a lot.

I've not calculated my solar generation / energy usage for 2023 yet, but expect a post on that in due course.

Reviewing my 2023 targets

I did pretty well with my targets it seems 😊.

  • ✅ Continue learning Welsh - I've completed the Duolingo course and am reading course books, short novels and magazines
  • ✅ Maintain my continual professional development - through attending conferences, webinars, listening to podcasts, and some self-directed study
  • ✅ More public speaking engagements - I talked at codeHarbour twice, facilitated a panel session, and spoke at BCS Kent Branch
  • ✅ More blog posts than 2022 - 29 vs only 19 in 2022
  • ✅ Attend more BCS events - one Kent branch event, one in London, and a few online
  • ✅ (Finally!) finish app based registration in eVitabu - yep, sorted in dev week 🥳

Conferences and events

In March, BCS Kent Branch started events again following the pandemic and I was honoured to be the first speaker.  I talked about vulnerability management programmes and how they are useful, a talk that I also gave at codeHarbour in October (recording here).  Sadly, Kent branch didn't run any further events due to issues with venues, but I was able to attend some BCS events in London and online.

On codeHarbour, I wasn't able to get to as many gatherings as I'd like due to calendar clashes and illness.  Nonetheless, I spoke at two and led a panel event at another.  My two talks were titled "How a vulnerability management programme can help your organisation" and "Authentication flaws and responsible disclosure" and you can view their recordings by clicking on their links.  The panel event theme was "journeys in to tech", as I thought it would be interesting to share different people's experiences (it was).

In June I attended Infosecurity Europe in London, for which you can read my blog posts.  On the whole the conference was interesting, but it was staggering how many products are available offering security solutions yet we still have lots of unsolved problems.  When I brought my blog back in 2018 my daily writeups of Infosec Europe 2018 were some of my first posts.

This year I opted not to attend ISC2 (formerly (ISC)²) Security Congress as the remote attendee cost, even at early bird pricing, was £452.  I decided I couldn't justify that cost this time around, but hope to attend online in 2024 if the pricing is reasonable or I can justify it.

ISC2 ran a two day online conference, Secure Software Development (blog posts here), in early November, and I happily attended that as it directly linked to my industry.  I also attended the SoSafe Human Firewall conference online, with my blog post on it here.


My side-line consultancy work was down on hours this year, in part due to losing a client as their company folded.  That left my only client as APF, who I write eVitabu for.

Fortunately I'm employed full time by a company and 2023 was my first full year there.  I wrote about being ten months in to being the SISO in April.  We vacated all our UK offices in October 2023, which was an odd feeling.  I now work from a combination of home and a local co-working space, so I still get out of the house and see different people (two things I knew I'd miss once the offices closed).

A minor restructure also saw me become a manager, with my friend and colleague who works in internal IT now reporting to me.  We're working on a number of projects together, largely with him doing the day-to-day work (internal IT isn't my function, that remains security) and me providing him support and guidance on areas I have more experience in.  Importantly, neither of us wants this line management change to negatively impact our friendship.

Professional development

I was recognised by the UK Cyber Security Council (CSC) as an Associate Cyber Security Professional (ACSP) as I'd been working (under NDA) on the pilot for the UK CSC's chartered programme in association with ISC2.  I was a bit disappointed to only make associate grade (I would have hoped for principal at least, or chartered) but at least that gives me something to aim for in future.

Most of my professional development this year has been through conference attendance and webinars, as I've not had much time to put to study.  Hopefully I can change that in 2024.


This was a big part of the year, from May to mid August, and refers to a problem where sunlight would cause my youngest to have incredibly painful migraines sometimes lasting days.  It took literally months to find the right medication to allow my youngest back to school (you can't get a child to school when sunlight means they have to be sent home again...), and we spent a lot of that time with the curtains drawn and installed additional blinds.  We still don't know what's wrong, but the medication seems to be keeping "sunshite" at bay for the most part.

Home automation

Sadly I didn't get much time for Home Automation, despite having plenty of ideas.  I was pleasantly surprised come Autumn though when an automation I'd forgotten about kicked in - "when I turn off my office desk lamp, and it's after sundown, turn on the landing light so I can see to get downstairs".  

My family decided they wanted some Amazon Echoes so there's now one in the kitchen.  I linked these to Home Assistant so we can control the lights and power on the media PC via Wake On LAN.

"Nanderson" shelter

I'll write a post about the "Nanderson" shelter over the next few months, but we built, entirely for fun, a shelter in the back garden complete with bunks for sleeping on.  There's no defence purpose behind the shelter, it's just another room (albeit one that's very open to the elements!).


I'm still playing Terraria with my youngest, with us continuing in journey mode and building ever more complicated structures - largely of her design.  I've also continued with Satisfactory, albeit not as often as I'd like.  I've still not finished that game!

I added another game to the collection this year, Viewfinder, which I reviewed here.  It's a really interesting puzzle game, so if you like puzzles I'd recommend you check it out.


Finally I finished app-integrated registration! 🎉  I've not done much work on the project, due to other events, draws, and time pressures, but have a dev week booked in for early 2024.  The fact that eVitabu just keeps running, with little time investment is a good thing, although clearly it wouldn't scale to tens of thousands of users in its current state.


Some of the books I read in 2023, or started reading:

  • (Welsh, unfinished) Parsnips and owls by Stephen Owen Rule - short stories based on Duolingo's "stories"
  • (Welsh, unfinished) Coed y brenin (nofel Aberarthur i ddysgwyr) by Colin Jones - a beginner's novel
  • (Unfinished) The Lazarus Heist by Geoff White
  • (Unfinished) Confident Cyber Security by Dr Jessica Barker - a book I bought one of my best friends on her transition into cyber security, that I figured I ought to finish reading...
  • Kane and Abel by Jeffrey Archer
  • The Calling by Neil Cross - a novel about the beggings of Luther
  • Permanent Record by Edward Snowden
  • The Abby Kane Thrillers (1-6) by Ty Hutchinson

Goals for 2024

  • Gain legendary status on all Welsh Duolingo units - this might not be possible as Duolingo are "pausing" the Welsh course
  • Be able to read and understand more Welsh literature (books, magazines, news articles)
  • Attend at least one cyber security conference (online or in person)
  • Have a more regular blog posting schedule, at least one post a month
  • Reduce the number of blog posts I have in draft - ~20 right now (either publish them or delete the draft if it's never going to happen - some are three years old!)
  • Undertake more training for professional development (or personal)
  • Journal (in English or Welsh) semi-regularly
  • Implement some of my home automation ideas

Thanks for reading, and I look forward to sharing more with you in 2024!

Banner image: "tango office calendar", from OpenClipart.org, by .