skip navigation

More signal. Less noise.

Daily briefing.

Cyber-rioting between India and Pakistan hardly seems "war," but that's what some are calling it.

The Gaza Cyber-Attackers (political hacktivists most active against targets in Egypt, Yemen, and the UAE) turn their sights to IT and incident response teams.

Skepticism from both US (Clapper: "I personally am somewhat of a skeptic") and Chinese (Hao complains of US "double standards") officials dim the recently concluded modus vivendi's luster. So do renewed criminal activity by the Chinese Winnti gang, reported US decision to pull intelligence officers from diplomatic missions to China, and extensive PLA cyber reconnaissance of Norwegian targets. This last seems linked to Chinese economic ambitions in the Arctic (compare similar ambitions in the South China Sea).

Russia investigates recent hacks of Kremlin sites, with dark muttering about malign international tensions over Ukraine and other spheres of surely innocent Russian engagement.

Security researchers warn of potentially life-threatening vulnerabilities in medical devices. Coincidentally, an Alien Vault survey reveals support for faster, alternative disclosure of life-threatening bugs to be either high or tepid, depending on how one reads "64%."

Those of you who picked up a copy of Sun Tzu while completing your MBA will find Dark Matters' contrarian take on knowing the enemy interesting.

Banks, retailers, and insurers bring incompatible perspectives to cyber risk transfer.

In the marketplace, cyber security companies prep for IPOs and raise venture capital. New product buffs will find many announcements to mull.

Financial regulators in Hong Kong and Singapore warn the sector to take cyber security seriously.

Notes.

Today's issue includes events affecting Afghanistan, Algeria, Bangladesh, China, Denmark, Egypt, Finland, Hong Kong, Iceland, India, Indonesia, Japan, Libya, Norway, Pakistan, Russia, Singapore, South Africa, Sweden, Tunisia, Ukraine, United Arab Emirates, United Kingdom, United States, Yemen, and Zimbabwe.

Cyber Attacks, Threats, and Vulnerabilities

India and Pakistan seem to be at war; this time in cyberspace! (Tech 2) India and Pakistan have long been known to be at war with each other. Either at the borders, or a game of cricket. And today, the war has gone digital

Gaza Cyber-Attackers Single Out IT and Incident Response Teams (Infosecurity Magazine) A politically motivated cybercrime group from the Middle East has recently begun turning its attention to IT and incident response (IR) staff in a bid to gain privileged access to target networks

Tinker, Tailor, Hacker, Spy: Why Is China Hacking Norway? (The Diplomat) Chinese cyber spies have taken an interest in Norway. What gives?

Chinese cyber-criminals launch new attacks (ITWire) Kaspersky Lab is tracking the activity of Chinese Winnti Group — cyber-criminals targeting organisations in Japan, China, Bangladesh, Indonesia, the UK, US, and Russia and soon your back yard

Russian government investigates cyber-attacks on Kremlin websites (SC Magazine) Russian government investigates series of attacks while considering measures to secure itself from future cyber incidents

Security Alert: New Ransomware Campaign Has 0% Detection (Heimdal Securirty) There is a new spam campaign targeting Scandinavians and it's spreading as you're reading this

XOR: Linux-based botnet pushing 20 attacks a day (CSO) Akamai says compromised Linux systems are the choice toy for the XOR botnet

Attackers use 'helper' tools to register millions of fake social media accounts, warns DataVisor (FierceITSecurity) Attackers are using "helper" tools to register millions of fake social media accounts, with the result that around 10 percent of all social media accounts are fake, according to security startup DataVisor

Thousands of medical devices are vulnerable to hacking, security researchers say (IDG via CSO) The security flaws put patients' health at risk

Hilton, Trump hotel chains hit by PoS malware (Help Net Security) Payment card data of visitors of a number of Hilton and Trump hotels in the US have been compromised, and some of it is being already used by crooks to rack up fraudulent charges

Possible Health Data Breaches From Fraud, Online Exposure (Health IT Security) Two separate incidents in New Jersey and California led to potential health data breaches, further showing why covered entities need comprehensive security measures

For Years, the Pentagon Hooked Everything To The Internet. Now It's a 'Big, Big Problem' (Defense One) The Internet of Things is supposed to make life easier. For the Pentagon, the quintessential early adopter, it has made life much harder

Cyber Trends

Cyber Terrorism and Its Impact on Global Financial Markets (Finance Magnates) Global finance's exclusive reliance on electronic communication, together with the billions of dollars traded daily, present lucrative opportunities for cyber-terrorists and criminals

As Online Data Theft Escalates, Banks Look to Retailers to Bear the Losses (New York Times) On Sept. 1 last year, the website Rescator, known as the "Amazon.com of the black market," alerted its customers that huge quantities of stolen debit and credit card data would go on sale the next day

What They Don't Teach You in "Thinking Like the Enemy" Class (Dark Matters) People much smarter than me once said, "great defense requires understanding the enemy." And man, that sounds wise as hell! That's like long bearded dude on a mountaintop type of wise

120-day patching gap puts many firms at risk of cyber attack, study shows (ComputerWeekly) The probability of a vulnerability being exploited hits 90% between 40-60 days after discovery, but many firms are taking up to 60 days beyond that to patch, while others are failing to patch at all, a study shows

U.S. Critical Infrastructure under Cyber-Attack (Network World) Majority of critical infrastructure organizations have experienced damaging and costly incidents over the past two years

Do security flaws with life-threatening implications need alternative disclosure? (Help Net Security) If security researchers get no response from manufacturers when disclosing vulnerabilities with life-threatening implications, the majority of IT security professionals (64%) believe that the information should then be made public, according to AlienVault

84 Percent of Managers Don't Trust Current Security Tools to Keep Sensitive Files Safe (Softpedia) 90% of respondents named the lack of protection of files in cloud platforms as the main reason for not using them

38 Percent of IT Security Pros Don't Participate in Their Own BYOD Programs (eSecurity Planet) And 28 percent of enterprises do nothing at all about mobile security, a recent Bitglass survey found

Consumers 'feeling vulnerable' about smart home security, report says (Network World) Only 37% of respondents in a survey think they're adequately protected from connected-home device threats, a survey has found

Marketplace

Strong Federal Cybersecurity Spending Another Tailwind in 3Q; Much More Runway Ahead (FBR Blue Matrix) With 3Q coming to a close, our overall cybersecurity checks across the board have been robust as we believe an uptick in deal closure rates, large deal activity, and a strategic focus around cybersecurity should result in another healthy earnings season for cybersecurity vendors with no signs of slowing down heading into year-end

Do the homework when selecting cyber insurance (Business Insurance) Do your due diligence first before seeking cyber insurance coverage, advises the corporate insurance manager for Southwest Airlines

This Cybersecurity ETF Is Chock Full Of Takeover Targets (Benzinga) The PureFunds ISE Cyber Security ETF HACK has garnered rock star status and become one of the best-performing technology exchange traded funds due in large part to the positive impact negative cybersecurity news has on HACK and its 32 holdings

Norse Closes Series A1 Funding Round with Strategic Investment from KPMG Capital (WN) Will support Norse's efforts to bolster product development and accelerate the expansion of its global sales organization to capitalize on high-growth market opportunities abroad

Phantom Cyber Raises $6.5M Series A Round to Automate Security Operations (MarketWatch) TechOperators and Blackstone lead round to develop the "connective tissue" for the security industry

Exabeam Secures $25 Million Series B to Accelerate Rapid Growth (MarketWatch) Company continues to demonstrate leadership in red-hot UBA market

Tanium, the world's hottest cybersecurity startup, has raised $300 million (Fortune) The alpha unicorn adds another $30 million from Franklin Templeton and Geodesic Partners

Quick Heal Plans to Go Public and Raise Around $182M at Valuation of $605M (iamWire) IT security solutions provider Quick Heal which was founded in 1993 as CAT Computer Services Ltd. by Kailash Katkar and Sanjay Katkar, is planning to raise $151 million to $182 million through IPO

ESET Acquires UK-Based Data Encryption Firm DESlock+ (IT News Online) ESET, an IT security provider, announced that it has acquired the data encryption company DESlock+. ESET said it plans to fully integrate the DESlock+ core technology into its existing business and consumer product lines. Financial details of the transactions were not disclosed

CyberArk Software Bucks the Broader Market (The Street) A stock that bucks a broader market decline is often sending a bullish signal. And CyberArk Software (CYBR) was up 1.5% in Monday's decidedly negative session

FireEye: CFO Change Provides Opportunity (Seeking Alpha) FireEye announced a new CFO who is expected to join the company on September 21. The stock has failed to keep up with industry peers in a large part due to a lack of financial discipline. Investors should keep an eye on the company with an opportunity to scoop up cheap shares if the new CFO can keep growth and instill discipline

Raytheon says new U.S. civilian cyber contract worth about $1 billion (Reuters) Raytheon Co on Monday said a new five-year contract it won from the U.S. Department of Homeland Security to help more than 100 civilian agencies manage their computer security could be worth $1 billion, a key win for the company

Pentagon Hires Investigators to Find Hacked Feds (Nextgov) Individuals who suspect their background investigations records were compromised in the sweeping Office of Personnel Management hack but do not receive notifications next month should be able to troubleshoot online, rather than deal with call centers, contracting documents reveal

Chief Information Security Officer interview questions — Tough questions for CISOs and CSOs (CIO) The tough questions to ask a Chief Security Officer or Chief Information Security in an interview

Is There a Shortage of STEM Workers? (CEPR) Michael Hiltzik at the Los Angeles Times recently reported on the much-talked-about shortage of STEM workers, or workers in fields that predominantly deal with science, technology, engineering, and mathematics (STEM). He notes that many studies indicate that the shortage of STEM workers is imagined. He also discovered that many of the companies that complain about their inability to find STEM workers are, paradoxically, laying off large numbers of them

Why Cybersecurity Companies Are 'Renting' Cyber Talent To Keep Up With Demand (Forbes) The cybersecurity labor epidemic has corporations and governments scrambling to fill over a million new positions in the next few years

Survey: Privacy Professionals Well Paid, Differ in Regulated and Unregulated Industries (Legaltech News) IAPP and EY's Annual Privacy Governance Report for 2015 highlights how departments across a number of organizations handle privacy work

Vidder Clinches Stevie Award for Tech Startup of the Year (CIO Today) Vidder Inc., the inventor of precision application access, today announced that it has won the Silver Stevie® Award in the Tech Startup of the Year awards category in The 13th Annual American Business Awards (ABA) program earlier this month

DeviceLock® Executive Awarded Top Midmarket IT Vendor Executive by the Channel Company at the Midsize Enterprise Summit (Virtual Strategy Magazine) DeviceLock, Inc., a worldwide leader in endpoint data leak prevention (DLP) software, is proud to announce that David Matthiesen, Director of Strategic Accounts – Americas, has been named a Top Midmarket IT Vendor Executive

Unisys Appoints Retired Army Brig. Gen. Frederick A. Henry to Lead Defense Information Systems Agency Business (MarketWatch) Former DISA chief of staff and deputy commander for operations of U.S. Army Network Enterprise Technology Command to lead Unisys' mission-critical work for DISA

Palo Alto Networks Appoints New Federal CSO and Adds Global Defense and Intelligence Leader to its Public Sector Council (PRNewswire) Palo Alto Networks® (NYSE: PANW), the next-generation security company, today announced the addition of two decorated military and intelligence leaders to further enhance the company's cybersecurity strategy and global policy expertise

Products, Services, and Solutions

EventTracker Announces Support of OpenDNS (Financial Content) EventTracker monitors and reports on the world's largest cloud-delivered security platform

AMD and OptioLabs to Offer More Secure Computing Experience (MarketWatch) PrivateEye Selected to Complement AMD PRO A-Series processors in Providing Enhanced Security API

Social Discoverability Calls for Compliance Management in Regulated Companies (Legaltech News) IBM to offer the Actiance platform as part of IBM's Information Lifecycle Governance product portfolio

Elavon Launches Safe-T Security Solutions for Small Businesses (MarketWatch) Suite of security products bring peace of mind with EMV, encryption and tokenization

Retail Phishing Simulator Hacks First, Educates Later (PYMNTS) It's becoming harder and harder to find retailers that haven't been the target of a large-scale cyber attack

HP: Putting Print Security on the CISO Agenda (ComputerWeekly) Amidst a rapidly evolving threat landscape, where malware and exploits continue to proliferate, endpoint security often fails to adequately protect networked printer and multifunction printer (MFP) devices

Bromium Makes Open Source Security Research Tool Available (IT Business Edge) The open source community generally hasn't produced many security analysis tools

Harvard's Internet Monitor tracks web traffic and outages across the globe (BetaBoston) A new tool from the Berkman Center for Internet and Society at Harvard University provides users with a snapshot of threats, news chatter, and activity taking place on the Internet at any given time

AvePoint Unveils New Compliance Guardian To Ensure Information Security Across The Enterprise (Host Review) AvePoint Compliance Guardian mitigates privacy, information security, and compliance risk across information gateways, including SharePoint, file shares, databases, and Office 365

Thales delivers trusted security to smart meters for ADD Grup (RealWire) Thales keyAuthority provides trustworthy key management across smart meter network

Symantec Jump-Starts Solution Providers' Service Practices (CRN) With security growing as a more and more lucrative business, solution providers want to get in the game. Symantec, who calls itself the "battery" behind solution provider security businesses, is there to help

Cloudera unveils in-memory store, security layer for Hadoop (CIO) The Hadoop distribution specialist today announced a new open source project designed to enable real-time analytic applications in Hadoop as well as a new open source security layer for fine-grained unified access control enforcement

SurfWatch Labs Launches Cyber Advisor to Provide Organizations with a Complete Cyber Threat Intelligence Operation (PRWeb) New solution delivers a continuous view of your relevant cyber threats along with recommendations for action

Kraft Kennedy Partners With Observable Networks On Next-Generation Cybersecurity Detection (PRNewswire) Observable Networks, an emerging leader of network security technology and advanced threat detection services, today announced a partnership with Kraft Kennedy to provide Observable's Dynamic Endpoint Modeling, a critical threat defense service, to clients in the legal, healthcare and financial communities

Acronis, ID Quantique jointly offer quantum-safe encryption to cloud data protection (Computer Technology Review) Acronis and ID Quantique entered Monday into a joint collaboration to help protect companies from future security threats related to advances in decryption techniques and the arrival of quantum computing

Barry University Stops Cyber Attack in Progress with Vectra Networks (EIN) University uses automated threat management to stop targeted attacks in real time

Wynyard Group Technology Helps Bin Belaila Exchange Meet New Anti-Money-Laundering Regulations (PRNewswire) Wynyard Group has won a contract for its Anti-Money Laundering (AML) software with Bin Belaila Exchange, a leading financial services company operating in money exchange, remittance and commodity trading

Technologies, Techniques, and Standards

4 Ways Law Firms Can Get in Front of Insider Data Breaches (Legaltech News) While law firms are taking steps to improve their perception, not focusing on the data breach war at home is a huge misstep

Is BYOK the key to secure cloud computing? (CIO) Amazon, Adobe and Microsoft offer it but how realistic is it to "bring your own keys?" Do you want your business to have the burden of managing and securing your own cloud encryption keys?

What is Your Company's Social Media State of Readiness? (Legaltech News) Setting business rules and providing clear guidance regarding social media activity can help best position the organization to operate successfully

Rise of Security Intelligence Centers (BankInfoSecurity) Lockheed Martin's Boison on why SIC is new gold standard

Design and Innovation

UK government uses Minecraft to track down cyber security experts (V3) The UK government has launched a gaming portal which it hopes will find and train the next generation of IT security talent

Research and Development

Mobile security applications leverage university research in contract with DHS (Military Embedded Systems) The Department of Homeland Security (DHS) Science and Technology Directorate has tasked Northrop Grumman to develop biometric solutions to enhance mobile security for users

Dynamic firewall to help defend from DDoS attacks (GCN) The software-defined perimeter (SDP) "Black Cloud" project being developed by the Cloud Security Alliance and Waverley Labs has won a government contract to start delivering open source tools that both public and private organizations can use to defend against distributed denial of service (DDoS) attacks

Academia

Symantec Makes Substantial Investment in Cybersecurity Job Training for Veterans with National Non-profit Per Scholas (Per Scholas) Cybersecurity giant Symantec invests $375,000 in its newest Cyber Career Connection (SC3) partner, national IT workforce development organization Per Scholas in the National Capital Region, to train military veterans for careers in cybersecurity

Legislation, Policy, and Regulation

HKMA and MAS warn on cyber security (Lexology) On 15 September, the Hong Kong Monetary Authority (the "HKMA") issued a letter drawing its authorized institutions' attention to the increasing importance of cyber security risk management

China-US Cyber Agreements: Has Beijing Outmaneuvered Washington? (The Diplomat) The joint agreement by China and the U.S. may have created more diplomatic minefields than it sought to eliminate

Chinese Official Faults U.S. Internet Security Policy (New York Times) Just days after China and the United States hailed a high-level agreement limiting cyberattacks, a former commander of one of the Chinese military's top hacking units lashed out at American Internet policy, in a sign of how far apart Beijing and Washington remain on technology issues

Clapper Skeptical of US-China Cyber Deal (Defense News) The top US intelligence official is skeptical that a new cyber agreement between the US and China will diminish Chinese cyber attacks

U.S. pulls spies from China after hack (CNN Money) The United States is pulling spies from China as a result of a cyberattack that compromised the personal data of 21.5 million government workers, a U.S. official said Tuesday

Week ahead: After Chinese visit, Congress turns to cyber (The Hill) The House and Senate will lean into cybersecurity policy in a slate of hearings, after Chinese President Xi Jinping's state visit raised the profile of digital theft and weeks before expected consideration of a major cybersecurity bill

If shutdown is averted, cyberbill faces smooth sailing (Washington Times) If Congress can get past the threat of a government shutdown this week, the prospects for Senate floor action on cybersecurity legislation would brighten appreciably

Coviello tackles cloud privacy, government's key escrow plan (TechTarget) Former RSA chairman Art Coviello said the U.S. government and cybersecurity industry need to work together to solve growing issues around cloud security and privacy

Mr. Obama, Tear Down This Liability Shield (TechCrunch) Online trolls have launched another barrage of attacks in the strange, petty little war over "ethics in journalism" we call GamerGate

Cyber Changes Everything, Cyber Changes Nothing: On Admiral Rogers' Vision and Guidance for Cyber Command (Lawfare) In June, US Cyber Command issued Beyond the Build. It presents Admiral Michael Rogers' vision and guidance for the command and its subordinate units

Navy nominates new intel boss after 2-year stalemate (Military Times) The Navy has nominated a new intelligence officer in an attempt to break a two-year impasse that has left the service's intel boss with less access to secret information than an ensign

NASA Announces Appointment of New Agency Chief Information Officer (NASA) Renee Wynn took the helm Monday in leading the agency's information technology efforts and capabilities as NASA's new chief information officer (CIO)

Bamboozled: Is virus protection firm's auto-renew billing a virus of its own? (NJ.com) New Jerseyans often complain that we have laws about everything. And then some

Litigation, Investigation, and Law Enforcement

USA hits Russian with 4.5 year prison sentence in Citadel malware case (Hot for Security) A US court has sentenced a Russian man to four years and six months in prison after he admitted using the notorious and sophisticated Citadel malware to commit fraud

ATM Skimmer Gang Firebombed Antivirus Firm (KrebsOnSecurity) It's notable whenever cybercime spills over into real-world, physical attacks. This is the story of a Russian security firm whose operations were pelted with Molotov cocktail attacks after exposing an organized crime gang that developed and sold malicious software to steal cash from ATMs

The Challenges of E-Discovery and International Privacy Laws (Legaltech News) While we work and live in a "borderless" economy, when it comes to e-discovery and litigation matters, borders are ever apparent amid the myriad of international data privacy laws in play where ever data flows between regions

New US sanctions illustrate sprawling Islamic State network (Fox News) The U.S. government announced sanctions Tuesday against 25 people and five groups connected to the Islamic State, disclosing intelligence that depicts a sprawling international organization with tentacles across Europe, Asia and the Middle East

NSA leaker Edward Snowden joins Twitter (CNN Money) Edward Snowden, the former government contractor who leaked thousands of classified NSA documents, has officially joined Twitter

Walter Jones calls for investigation, exoneration of Marine (Jacksonville Daily News) A U.S. congressman is working to clear the name of a Marine reservist accused of sending classified information from a personal account

South Africa: Zim Cyber Criminal On the Loose in SA (All Africa) Companies have been alerted to the activities of an alleged Zimbabwean cybercriminal who is allegedly stealing from his unsuspecting customers through placement of illegal Google ADSense ID on CAJ News websites without the publisher's knowledge

Rutgers working with police to find hacker after latest cyber attack (NJ.com) Rutgers University officials are working with local police and the FBI to find a cyber attacker who crippled the school's computer network earlier this week, campus administrators said

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

ASIS International (Anaheim, California, USA, September 28 - October 1, 2015) The ASIS Annual Seminar and Exhibits boasts of being one of the world's most influential events for security professionals. Its mission is to provide industry-leading education, countless business connections,...

(ISC)² Security Congress (Anaheim, California, USA, September 28 - October 1, 2015) Proudly colocated for the fifth year in a row, (ISC)² Security Congress 2015 and ASIS International 61st Annual Seminar and Exhibits (ASIS 2015) expect more than 19,000 professionals worldwide from...

Cloud Security Alliance Congress at P.S.R. (Las Vegas, Nevada, USA, September 28 - October 1, 2015) The industry's premier gathering for IT security professionals and executives who must further educate themselves on the rapidly evolving subject of cloud security. Offering best practices and practical...

Threat Intelligence Summit 2015 (ChampionsGate, Florida, USA, September 29 - 30, 2015) The threat landscape is getting bigger and more complex, the tools more plentiful, the amount of digital information increasingly massive, and the skills needed to navigate this terrain seem to multiply...

hardwear.io: Hardware Security Conference and Training (The Hague, Netherlands, September 29 - October 2, 2015) Do you trust your hardware? Learn from experts about backdoors, exploits, trust, assurance and attacks on hardware equipment, firmware and related protocols

VB2015 (Prague, Czech Republic, September 30 - October 2, 2015) The VB2015 programme includes 38 papers on a wide range of security topics. As in previous years, the presentations will run in two parallel streams and the programme includes both technical and less technical...

IT Security one2one Summit (Austin, Texas, USA, October 4 - 6, 2015) The IT Security one2one Summit is designed to deliver focused one2one business meetings between IT Security Solution Providers and IT Security decision-makers (Delegates) with purchasing budgets. Delegates...

ACFCS 2015 Cyber Financial Crime Summit (Washington, DC, USA, October 5 - 6, 2015) From massive data breaches to cyber fraud, hacktivism to cyber warfare, the threat landscape of cyber financial crime now reaches every part of public and private sector organizations. Yet too often the...

Smart Industry (Chicago, Illinois, USA, October 5 - 7, 2015) The Industrial Internet of Things (IIoT) is no longer a futuristic notion. Those that are embracing IIoT now are realizing positive, near-term benefits and creating a competitive advantage in the market.

Fleming Gulf's Information & Cyber Security Summit (Moscow, Russia, October 6 - 7, 2015) The "Information & Cyber Security Summit 2015" aims to provide a platform, to discuss with top dignitaries and decision makers from different industries & government officials, the important aspects of...

Buy-Side Technology North American Summit (New York, New York, USA, October 7, 2015) WatersTechnology is proud to present the fifth annual Buy-Side Technology North American Summit. Building on the success of last year, this event will address the latest trading and technology challenges...

IP Expo Europe (London, England, UK, October 7 - 8, 2015) With six top enterprise IT events under ONE roof, IP EXPO Europe assists the IT Industry in future proofing their IT and embracing a digital future. The event showcases brand new exclusive content and...

Cyber Security Europe (London, England, UK, October 7 - 8, 2015) Cyber Security Europe will host the latest cyber security experts to speak on the topics risking the future of our businesses, and provide access to the latest technology innovators who provide the leading...

Annual Privacy Forum 2015 (Luxemburg, October 7 - 8, 2015) The distributed implementation of networks and services offers the opportunity for new Privacy Enhancing Technologies (PETs) that could support users' needs while safeguarding their personal data. Although...

Homeland Security Week (Arlington, Virginia, USA, October 7 - 9, 2015) The 10th Annual Homeland Security Week (HSW) will provide homeland security stakeholders with an industry event focusing on further developing the requirements necessary for numerous government agencies,...

(ISC)² SecureTurkey (Istanbul, Turkey, October 8, 2015) Sessions include exploring the threat landscape and its drivers, the common pitfalls endemic to current business trends that ensure a perpetual pipeline of vulnerabilities available for exploitation and...

AFCEA Wasatch Tech & Cyber Security Day (Ogden, UT, USA, October 8, 2015) The Armed Forces Communications & Electronics Association (AFCEA) Wasatch Chapter will once again host the 6th Annual Information Technology & Cyber Security Day at Hill AFB. This annual event is an excellent...

BSides Raleigh (Raleigh, North Carolina, USA, October 9, 2015) Security B-sides (BSides) is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional...

ISSA International Conference (Orlando, Florida, USA, October 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.

HITB GSEC Singapore (Singapore, October 12 - 16, 2015) HITB GSEC Singapore is a three-day security conference where attendees get to vote on the final agenda and are introduced to speakers and each other based on the votes they cast

ACM-CCS (Conferences on Computer and Communications Security) (Denver, Colorado, USA, October 12 - 16, 2015) ACM-CCS is one of the longest running cyber security conferences in the world. It's been going on since 1993, and this year it will celebrate its 22nd edition. This flagship conference brings together...

New York Metro Joint Cyber Security Conference (New York, New York, USA, October 14, 2015) The New York Metro Joint Cyber Security Conference is a collaborative event cooperatively developed, organized and sponsored by the leading information security industry organizations and chapters

Fall 2015 Cybersecurity Summit (McLean, Virginia, USA, October 15, 2015) Join us for our third annual Cybersecurity Summit for in-depth perspective and insight from leaders in the public and private sector on the government's information security landscape and opportunities...

NASA Goddard Cyber Expo (Greenbelt, Maryland, USA (also available by webex), October 2, 2014) The 2014 Goddard Cyber Expo will be a dedicated Information Technology & Cyber Expo at this secure facility hosted by the Office of the Chief Information Officer. The OCIO will be recruiting speakers to...

SecTor (Toronto, Ontario, Canada, October 19 - 21, 2015) Illuminating the Black Art of Security. Now entering its 9th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving...

CSX 2015 (Washington, DC, USA, October 19 - 21, 2015) CSX brings together some of the leading experts in the industry for an exciting event designed to give the knowledge, skills and tools you need to help protect and defend your organization. Learn hands-on...

Cyber Defense San Diego 2015 (San Diego, California, USA, October 19 - 24, 2015) Cyber security training in San Diego CA from SANS Institute, the global leader in Information Security training. SANS Cyber Defense San Diego 2015 features hands-on, immersion-style training courses for...

2015 Cyber Risk Insights Conference (New York, New York, USA, October 20, 2015) The world's largest cyber risk event for P&C professionals. Save-the-date for Advisen's 5th annual Cyber Risk Insights Conference in New York City with a full-day program that takes place on October 20,...

2015 Government Cybersecurity Forum (Washington, DC, USA, October 20, 2015) The Government Cybersecurity Forum was created three years ago a result of the complexity of today’s global threat environment. As more devices connect to the Internet and data breaches continue to escalate,...

Cyber Security Summit: Boston (Boston, Massachusetts, USA, October 9, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at...

Swiss Cyber Storm (KKL Lucerne, Switzerland, October 21, 2015) Swiss Cyber Storm 2015 is an international IT security conference that provides essential information about national cyber security issues, critical for both government and private infrastructures. The...

Cyber Security Summit 2015 (Minneapolis, Minnesota, USA, October 21 - 22, 2015) The Summit's mission is to establish a multi-stakeholder consortium that brings together industry, government and academic interests in an effort to improve the state of cyber security on both a domestic...

DevSecCon (London, England, UK, October 22, 2015) DevSecCon is a newly formed, non-profit conference for DevOps and SecOps practitioners, run by practitioners. By creating a neutral platform, we will exchange and create new ideas on how to leverage the...

Ruxcon 2015 (Melbourne, Australia, October 24 - 25, 2015) Ruxcon is a computer security conference that aims to bring together the best and the brightest security talent within the Aus-Pacific region. The conference is a mixture of live presentations, activities...

2015 North American International Cyber Summit (Detroit, Michigan, USA, October 25 - 26, 2015) The North American International Cyber Summit 2015 hosted by Michigan Governor Rick Snyder, is set to take place in the heart of Downtown Detroit at the newly remodeled Cobo Center for the second straight...

ICS Cyber Security Week (Atlanta, Georgia, USA, October 26 - 29, 2015) ICS Cyber Security Week is the longest-running cyber security-focused conference dedicated to the industrial control systems sector. The event caters to critical infrastructure organizations in the following...

Cyber Awareness & Technology Days (Colorado Springs, Colorado, USA, October 27 - 28, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter http://www.issa-cos.org will once again host the 6th Annual Cyber Security & Information Technology Days set to take place at...

Designing Secure Healthcare Systems (Long Branch, New Jersey, USA, October 27 - 29, 2015) Designing Secure Healthcare Systems is a three day intensive and immersive workshop…by healthcare hackers for healthcare technologists. Over the three days you will go from the basics of SQL injection...

Cloud Security Alliance Summit NYC 2015 (New York, New York, USA, October 28, 2015) The full-day Cloud Security Alliance NYC Summit is a standalone event in Manhattan. Co-hosted by the CSA NY Metro and CSA Delaware Valley chapters, some 200 well-qualified attendees are expected. The theme...

Data Breach Summit Asia 2015 (Mumbai, India, October 28, 2015) As Cyber Security continues to become a challenge for all industries, ISMG's Data Breach Summit a unique, one-day event will focus on the issues to help the participants learn more about how to prevent...

Technology & Cyber Awareness Day (Aurora, Colorado, USA, October 28, 2015) The Buckley Air Force Base Technology & Cyber Security Day is a one-day event held on-site, where industry vendors will have the opportunity to display their products and services to IT, Comm, Cyber and...

CyberMaryland 2015 (Baltimore, Maryland, USA, October 28 - 29, 2015) Now entering its 5th year, the Federal Business Council is proud to bring you the CyberMaryland 2015 Conference. The conference theme this year is "Collaborate.Educate.Innovate"

Cyber Security World 2015 (Washington, DC, USA, October 28 - 29, 2015) Cyber Security World 2015 brings together security experts, practitioners, and researchers who will share their firsthand knowledge and open the discussion to information sharing between public and private...

Hackito Ergo Sum (Paris, France, October 29 - 30, 2015) No commercial content, no vendor talk. First time presenters welcome. Highly technical talks only. Bonus point for offensive and weird ideas. Areas and domains: systems hacking & security, network hacking,...

8th Annual Space, Cyber, and Telecommunications Washington DC Conference (Washington, DC, USA, October 29 - 30, 2015) The Space, Cyber, and Telecommunications Law team hosts an impressive lineup of the world's greatest minds annually at conferences in Washington DC and in Lincoln, Nebraska and at occasional events around...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.