skip navigation

More signal. Less noise.

Do you trust your threat detection plan?

62% of cyber security professionals identified the inability to detect advanced threats as their most significant challenge. Learn about their top threat monitoring and detection challenges from the Delta Risk sponsored report. Download your free copy now.

Daily briefing.

Yesterday Equifax, one of the big three US credit bureaus, disclosed a breach affecting 143 million people, for the most part Americans, but a smaller number of Canadians and British subjects as well. Among the information lost (and lost it was—this is a case of known unauthorized access, not merely exposure) are names, Social Security Account Numbers, dates of birth, and addresses. Large subsets of the affected individuals also lost credit card numbers, dispute documents, and driver's license numbers.

Equifax said an unspecified flaw in its website was exploited by the hackers. (Many speculate that a known but unpatched vulnerability was exploited.) The company said it noticed the breach on July 29th, forty-nine days before yesterday's disclosure. (This strikes observers as about thirty-days delinquent.) 

Equifax is offering free credit monitoring and identity theft protection; it also says its core credit-record databases were uncompromised. Essentially no one regards this as mitigation: indeed, the company's public response strikes most as tone deaf. The Twitterstorm over the incident is massive and utterly unsympathetic. The company's share price is dropping dramatically, and the future of the entire credit-monitoring industry is being called into question.

Three senior Equifax executives sold their company's shares between discovery and disclosure. The company's statement says the three were unaware of the incident at the time of their trades. 

WikiLeaks offered another dump from Vault7 yesterday. It involved no cyber tools, but rather a missile control system.

And the ShadowBrokers are back to announce they now plan semi-monthly releases.

Notes.

Today's issue includes events affecting Argentina, Australia, Canada, Colombia, European Union, Germany, India, Ireland, Italy, Mexico, NATO/OTAN, New Zealand, Russia, United Kingdom, United States, and Vietnam.

Are you good at identifying and eliminating hidden threats?

E8 Security has an exciting opportunity for a Senior Solutions Architect. We are a fast-growing technology startup led by experienced management team and visionary entrepreneurs. Our big data security analytics helps enterprises defend themselves against continual growth of sophisticated cyber criminals. We are building a breakthrough platform that can ingest, model and analyze massive flow of machine generated security data using cutting edge machine learning algorithms and massively scalable big data platforms. Learn more.

In today's podcast we hear from our partners at Terbium Labs, as Emily Wilson shares her thoughts on the encryption debate. Our guest is Alexander Klimburg, author of The Darkening Web: the War for Cyberspace.

Cyber Security Summit: New York and Boston (New York, New York, USA, September 15, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, Arbor Networks, CenturyLink and more. Register with promo code cyberwire50 for half off your admission (Regular price $350).

EAGB Breakfast Series: Leading the Cyber Transformation (Baltimore, Maryland, USA, September 19, 2017) Join us to discuss how the Baltimore-Washington region’s ‘tech hub’ reputation has helped build a solid foundation in cyber activities. Our panelists will discuss the transformation that is underway on the commercial side of cyber.

Maryland Cyber Day Marketplace: Information. Connections. Solutions. (Baltimore, Maryland, USA, October 10, 2017) Register today to participate. Hundreds of cybersecurity providers and buyers in one location on one day. Maryland Cyber Day Marketplace provides the opportunity for CYBERSECURITY BUYERS (commercial businesses, government agencies, academic institutions and non-profit organizations of any size in any industry) to connect with, get to know and purchase cybersecurity solutions from Maryland's CYBERSECURITY PROVIDERS. The day will be a combination of face-to-face meetings, technology demos, brief educational sessions, "Ask an Expert" information stations, networking and a wrap-up luncheon with a keynote speaker. Presented with our program partner the Better Business Bureau of Greater Maryland.

Florida’s Annual Cybersecurity Conference (Tampa, Florida, USA, October 27, 2017) Networking the Future, the Florida Center for Cybersecurity's fourth annual conference, will host hundreds of technical and non-technical stakeholders from industry, government, the military, and academia to explore emerging threats, best practices, and the latest research and trends.

Dateline Intelligence and National Security Summit

It's all cyber, everywhere and all the time. (The CyberWire) The Intelligence and National Security Summit was held in Washington, DC, this week. Sponsored jointly by AFCEA and INSA, the annual two-day conference affords the US Intelligence Community an opportunity to exchange ideas in a public, unclassified forum. One clear theme emerging from the Summit on the state of intelligence is this: it's all cyber, all the time and everywhere. No traditional intelligence discipline exists without significant activity in cyberspace.

Spy chiefs set sights on AI and cyber (FCW) Harnessing data and disruptive technology, such as artificial intelligence, to detect and thwart cyber threats is the IC’s top challenge.

The Robots Will Run the CIA, Too (Foreign Policy) The U.S. agency is very interested in artificial intelligence.

NBIB testing e-QIP replacement this fall as National Counterintelligence Executive plans 'Stand Down Day' (FederalNewsRadio.com) The National Background Investigations Bureau plans 'human testing' this fall to improve the federal security clearance process.

The intel community still doesn't know how it should fix the security clearance problem (FederalNewsRadio.com) Leaders in the intelligence community are still performing a balancing act between employee freedom and security issues when it comes to security clearance.

Leadership Vacancies Have Slowed Security Clearance Reform, Officials Say (Government Executive) To cope with delays, the Pentagon issues risky interim clearances, resulting in “rapists and pedophiles” having access to classified information.

Undersea mission is a top intelligence priority for the Navy (C4ISRNET) The top intelligence concern for the Navy's top intelligence officer lies beneath the surface of the ocean.

Cyber Attacks, Threats, and Vulnerabilities

Protego -- CIA's "Missile Control System" Exposed By Wikileaks, Not A Malware (Fossbytes) Protego is a missile control system Wikileaks claims was developed by Raytheon. The project was maintained under CIA's roof between 2014 and 2015.

ShadowBrokers accelerating NSA leaks to twice a month (TheHill) The ShadowBrokers, a group that for more than a year has been leaking documents they claim were taken from the National Security Agency, have resurfaced once again.

Equifax Announces Cybersecurity Incident Involving Consumer Information (Equifax) No evidence of unauthorized access to core consumer or commercial credit reporting databases. Company to offer free identity theft protection and credit file monitoring to all U.S. consumers

Why the Equifax breach is very possibly the worst leak of personal info ever (Ars Technica) Consumers' most sensitive data is now in the open and will remain so for years to come.

Breach at Equifax May Impact 143M Americans (KrebsOnSecurity) Equifax, one of the “big-three” U.S. credit bureaus, said today a data breach at the company may have affected 143 million Americans, jeopardizing consumer Social Security numbers, birth dates, addresses and some driver’s license numbers.

Credit Reporting Firm Equifax Hacked; SSNs of 143M Americans Stolen (HackRead) Another day, another data breach but this one will haunt the targeted customers for a long time. Equifax, a consumer credit reporting agency in the United

Firm Hired to Monitor Data Breaches Is Hacked, 143 Million Social Security Numbers Stolen (Motherboard) Equifax reveals hackers recently stole all kinds of sensitive data from its servers.

Want to Know If Your SSN Was Included in the Equifax Breach? Good Luck! (Motherboard) There's no good way to know if your data was compromised in the Equifax hack.

How to Protect Yourself From That Massive Equifax Breach (WIRED) Don't panic, but start watching your credit report and financial accounts very closely.

Equifax shares tumble after data hack news (USA TODAY) Data on 143 million consumers in the U.S. was compromised in a series of cyberbreach.

Equifax executives sold stock after data breach, before informing public (MarketWatch) After Equifax Inc. discovered a massive data breach that may have endangered the personal information of up to two-thirds of Americans, but before the company divulged the information, three executives sold their Equifax stock, according to Securities and Exchange Commission filings.

The Social Security Number Is Basically Dead Now (Motherboard) BURN THE SSN.

Mexican VAT Refund Giant Exposes Half-Million Passports, Credit Cards Online (Infosecurity Magazine) MoneyBack left a misconfigured database open, with passport info, credit card numbers, travel tickets and other credentials.

Unsecured databases are (still) the low-hanging fruit of the internet (Naked Security) We’ve written about way too many of these incidents – make sure your database isn’t spilling data too

5,400 customers hit in cyber attack on AXA's Health Portal (The Straits Times) The personal data of about 5,400 past and present customers of AXA Insurance in Singapore has been stolen in a cyber attack..

Microsoft Programming Error is Behind Dangerous Kernel Bug, Researchers Claim (Threatpost) Researchers say a 18-year-old programming error by Microsoft is creating a kernel bug that can be abused by an attacker.

Researchers Reveal New Toast Overlay Attack on Android Devices (BleepingComputer) Mobile security experts from Palo Alto Networks have detailed a new attack on Android devices that uses "Toast" notifications to help malware in obtaining admin rights or access to Android's Accessibility service — often used to take over users' smartphones.

Alexa, Cortana, Google, Siri user? Watch out for these inaudible command attacks (ZDNet) For as little as $3, an attacker can silently tell any voice assistant to open up a malicious webpage.

Russian Hackers Used 9000 computers to Mine Monero, Zcash, Other Cryptocurrencies (Cointelegraph) A group of hackers installed cryptocurrency mining malware on 9000 computers over two years.

Merkel loses backing of Germany’s 2m Russian voters (Times) The Kremlin’s claim to Crimea has become part of the German election campaign in the battle for the votes of two million Russian-Germans who are turning away from Angela Merkel towards populists...

Facebook May Have More Russian Troll Farms to Worry About (WIRED) The Internet Research Agency, which appears to have purchased thousands of bogus political ads on Facebook, may be defunct, but its work may not be done.

Election officials criticize Harvard study of voter registration vulnerabilities (Cyberscoop) Election officials are pushing back against a new Harvard study saying hackers could disenfranchise Americans in 35 states and the District of Columbia by exploiting vulnerabilities in online voter registration systems.

'Nation-state' hackers increase sabotage attempts aimed at Western energy companies (Cyberscoop) Researchers for Symantec say "the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so."

Smart tea kettle leaves your home Wi-Fi security in hot water (CNET) When a connected tea kettle has an unchangeable password of only six characters, maybe it’s not so smart.

Thought you’d blocked a Twitter user? Here’s how they can still dogpile you (Naked Security) A bug means someone you’d rather avoid on Twitter can still view and retweet your posts, even if you’ve blocked them

Phishing Alert: Police Warn UK Students of Loans Company Scam (Infosecurity Magazine) Phishing Alert: Police Warn UK Students of Loans Company Scam. Identity theft campaign designed to coincide with start of academic year

Householders warned about fake Irish Water emails (Irish Examiner) Householders have been warned to remain vigilant as cybercriminals aim to steal from bank accounts via another wave of fraudulent emails claiming to come from Irish Water.

Security Patches, Mitigations, and Software Updates

Apple and Google Fix Browser Bug. Microsoft Does Not. (BleepingComputer) Microsoft has declined to patch a security bug Cisco Talos researchers discovered in the Edge browser, claiming the reported issue is by design. Apple and Google patched a similar flaw in Safari (CVE-2017-2419) and Chrome (CVE-2017-5033), respectively.

Microsoft won't patch Edge browser content security bypass (Register) Tells Cisco's Talos it's a feature, not a bug. Apple and Google disagree and fixed it

Verizon Moto Z Play, Z2 Play Updated With August Security Patch (Droid Life) Verizon is rolling out the August security patch to owners of the Moto Z Play and Moto Z2 Play. Aside from the bump in security, there doesn’t seem to be anything else inside of these updates. The updates are labeled as NDNS26.118-23-1 for the Z Play and NDSS26.118-23-4 for the Z2 Play. Go grab it, Z Play and …

Cyber Trends

A Sputnik Moment for Artificial Intelligence Geopolitics (Council on Foreign Relations) The following is a guest post by Kyle Evanoff, research associate, international economics and U.S. foreign policy, and Megan Roberts, associate dire…

Artificial Intelligence Fuels New Global Arms Race (WIRED) Russia, China, US rush to weaponize artificial intelligence.

The Cyber Security Mega Cycle Aftermath (Optiv) During the past decade, we have witnessed a virtual explosion in the cyber security world. While serving as CEO of McAfee and FireEye, and a U.S. Army commander and CIA director, respectively, we have lived through and witnessed first-hand exponential growth in: threats, threat actors, reported breaches, security vendors, investments in security companies and probably most significantly, private and public sector security spending.

Is Public Sector Cybersecurity Adequate? (Dark Reading) Many governmental organizations are unstaffed, underfunded, and unprepared to fight common attacks, and they could learn a thing or two from the private sector.

Emerging threats fuel public threat intelligence sharing (Help Net Security) This changing threat landscape has fueled a significant increase in the public sharing of threat intelligence over the past two years.

Marketplace

Cyberattacks outpacing security industry's growth, says Centrify CEO (SiliconANGLE) Cyberattacks outpacing security industry's growth, says Centrify CEO - SiliconANGLE

Darrell Stein out at Reckitt Benckiser (Computing) Reckitt Benckiser CIO Stein carries the can for July's NotPetya outbreak

Security Startup ForgeRock Brings In $88 Million (NewsCenter.io) ForgeRock announced it has secured $88 million in Series D financing. Accel Partners led the round, with participation from KKR, Meritech Capital Partners, and Foundation Capital. ForgeRock is a digital identity management company with a mission to transform the way organizations interact securely with customers, …

Sydney IBM, Okta partner Decipher Works acquired for $5 million (CRN Australia) Decipher Works partners with Okta, IBM, SailPoint and Quest.

Plurilock Ramps Up Market Footprint as Demand for its 'Proof of Presence' Cybersecurity Solution Grows (PRNewswire) Spurred by fast-growing demand for its real-time behavioral...

Is Symantec getting ready to buy Splunk? (TechCrunch) Yesterday, Symantec CEO Greg Clark flexed his M&A biceps, saying that Splunk could be an attractive target. Clark definitely plans to go whale hunting to..

Sorry Investors, MIT Can't Save IBM From Secular Decline (Forbes) IBM has suffered 21 consecutive quarters of declining revenues. Since Ginni Rometty took over on October 25, 2011, its shares have lost 22% of their value while the S&P 500 is up 99%, according to Morningstar.

Darktrace in UK’s top three fastest-growing tech companies (Business Weekly) Cambridge cyber security specialist Darktrace has roared into the UK’s fastest-growing technology company elite for the first time – charging straight into the top three.

Can Qualcomm Become a Big Name in Artificial Intelligence? (The Motley Fool) Qualcomm has designs on the AI space, but rivals already have an advantage.

Secure Octane's Mahendra Ramsinghani Talks Cybersecurity, Venture Investment (International Business Times) International Business Times talked with Secure Octane's Mahendra Ramsinghani about cybersecurity and seed investments.

Salient CRGT Awarded $11.5M Prime Contract to Support Defense Commissary Agency's Enterprise Data Warehouse (Business Insider) Salient CRGT, Inc., a leading provider of health, data analytics, cloud, agile software development, mobility, cyber security, and infrastructure solutions has been awarded a prime contract from the Defense Commissary Agency (DeCA).

Three Contract Protests Lodged Against NSA! (Breaking Defense) The National Security Agency, which can go for ten years without a contract protest, currently faces three, slowing the agency’s ability to issue new contracts.

Siemens: Neues „Silicon Valley“ im Fernen Osten Russlands möglich (Sputnik Deutschland) Europäische Unternehmen zeigen Interesse an der russischen fernöstlichen Region Primorje. Das hat sich auf dem 3. Östlichen Wirtschaftsforum in Wladiwostok am 6. und 7. September gezeigt. Siemens-Vertreter Dietrich Möller sieht gute Entwicklungschancen. Im Sputnik-Interview erklärt er, warum.

Marine Corps Seeks Applicants for Prestigious Cyber Internship (DVIDS) The Marine Corps is seeking qualified applicants for the Joint Cyber Development Program (JCDP) class of 2021 via MARADMIN 439/17.

Cloud Security Expert John Hawley Joins Delta Risk LLC as Vice President of Product Strategy (PRNewswire) Delta Risk LLC, a global provider of cyber security and risk management...

Mike Potts Named as Webroot CEO; Dick Williams to Retire (Webroot) Leadership transition follows 14 consecutive quarters of double-digit growth for cybersecurity and threat intelligence provider.

Optiv Security Appoints Dave DeWalt and General (Ret.) David Petraeus to Board of Directors (Optiv) Optiv Security today announced two new appointments to its Board of Directors: Dave DeWalt, former FireEye and McAfee chief executive officer, who will serve as vice chairman of the board, and retired United States Army General David Petraeus.

Kenna Security Adds Security Industry Marketing Veteran (Benzinga) Tamir Hardof joins Kenna Security's leadership team

Balabit Focuses on Accelerating Growth in North America with New Executive Hires (BusinessWire) Balabit, a leading provider of Privileged Access Management solutions, today announced two executive hires.

LI firm announces death of board chairman (Newsday) Verint Systems Inc., a Melville-based maker of software used in managing call centers and tracking criminal and terrorist networks, Wednesday announced the death of Victor

Products, Services, and Solutions

ContentKeeper announces Cylance partnership (ContentKeeper) ContentKeeper Technologies and Cylance® Inc. have signed an original equipment manufacturer (OEM) agreement to embed the Cylance OEM Engine into ContentKeeper’s Multi-layered Gateway Security Platform.

KB Kookmin applies Trustonic tech to protect new messaging app (Finextra Research) Korea’s largest bank, KB Kookmin Bank, has worked with Trustonic and ATsolutions to secure its new peer-to-peer (P2P) payment and messaging app, Liiv TalkTalk.

Core Security Brings Consumer Grade User Experience to Access Assurance Suite (PRNewswire) ATLANTA, Sept. 7, 2017 /PRNewswire/ -- Core Security, a leader in Identity and Access Management, Vulnerability...

KnowBe4 Releases Email Exposure Check Pro to Help Organizations Identify At-Risk Users (PRWeb) Revamped tool identifies at-risk users through deep web searches and hundreds of breach databases for no-charge.

EY and Guardtime team up to launch marine shipping insurance blockchain (SiliconANGLE) EY and Guardtime team up to launch marine shipping insurance blockchain - SiliconANGLE

What’s under the hood of the new Brave browser? (Naked Security) There’s a new kid on the browser block based on Ethereum – but what’s its business model and what’s in it for users?

Comodo Giving Away a Year of Free 24/7 Help Desk to MSPs (MSP Mentor) Talk about disruptive! Security software vendor Comodo today announced it is literally giving away a year of help desk service to managed service providers (MSPs) – free of charge.

Cybersecurity Executive Order 13800: More than a Risk Assessment? (Akamai) Most folks around the Washington DC beltway have heard the cybersecurity Executive Order (EO 13800 - Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure) referred to as a simple risk assessment.

Microsoft slings bulked-up Windows Defender preview at world+dog (Register) Security tool slated for Creators Update promises to rat on misbehaving apps, bad staff

Atomicorp Releases Atomic Secured IoT Kernel - the Fastest and Most Robust Method to Implement IoT Security (Benzinga) Atomicorp introduces first secure Linux kernel designed for IoT cybersecurity use cases and requirements.

Avast launches new security solution for SMBs and MSPs (BetaNews) Following Avast's acquisition of rival firm AVG last year the two companies' products have largely continued side by side.

Proofpoint Launches Domain Discover to Stop Fraudulent Lookalike Domain Attacks Before They Strike (GlobeNewswire News Room) Cybersecurity Leader Integrates Proactive Fraudulent Domain Scanning with the Email Security Gateway

Indian State, WISeKey Partner to Secure Citizen Data with Blockchain (Block Tribune) The Government of Andhra Pradesh is collaborating with Swiss cybersecurity company WISeKey to secure citizen data with blockchain technology.

CyberArk and Ansible Automate Security Best Practices in DevOps Pipelines (BusinessWire) CyberArk integrates the CyberArk Conjur secrets management solution with Ansible to automate privileged account security best practices across DevOps

Lieberman Software Helps US Federal Agencies Achieve Continuous Diagnostics and Mitigation (CDM) Standards (Marketwired) Lieberman RED Suite provides automated countermeasures against cyber attacks that help secure sensitive government systems and reduce IT costs

Technologies, Techniques, and Standards

EU tests cyber defences with fake attack (Computing) Simulation involved drone hijacking, network viruses and a total loss of communications with naval forces

A threat intelligence program: the challenges and advantages (Information Age) Security is the name of the game, and a well thought-out threat intelligence program can help organisations win

Design and Innovation

Agile Software Development Will Be Key for the Military (SIGNAL Magazine) Military commanders have to contend with a new cyber domain that calls for responsive, “agile” software development.

Hacking trucks: Cybersecurity and the ELD mandate (Overdrive) With hundreds of thousands of big rigs about to tack on internet-connected ELDs, some people see a major security threat.

Academia

April Boyd-Noronha: 9 takeaways from KU’s GenCyber Summer Camp (Startland News) KU is leading the education narrative as part of the solution to the nation’s shortfall of skilled cybersecurity professionals, April Boyd-Noronha says.

Legislation, Policy, and Regulation

NATO will rely on members to independently field cyber weapons but is building cyber command (IHS Jane's 360) NATO is in the process of building its own integrated cyber command structure for defensive purposes, although offensive capabilities will still reside with member nations, NATO’s Assistant Secretary General for Defense Investment said on 6 September.

President of Vietnam Calls for Harder Internet Protocols (Columnist News) President of Vietnam called last week for harder managements on the Internet in the face of protesters who are utilizing it to condemn the ruling Communist Party. The decision was also made in order to battle threats to cyber security.

EU anti-piracy plan would introduce internet surveillance and 'ancillary copyright', claim campaigners (http://www.cC) Proposals would contradict eCommerce Directive and ECJ court judgements

Survey: 78% of Security Pros Believe Election Hacks Are Acts of Cyber War (BusinessWire) 88% of security professionals say governments have not done enough to deter hackers from interfering with future elections.

Tom Kellermann on Upping the Cyber Response Ante (BankInfo Security) We all see the heightened global tensions with Russia, North Korea and China. But what’s happening below the surface, where cyber attacks originate? Tom

Congress wrestles with gaps in cyber workforce (TheHill) Members of Congress are putting the spotlight on the persistent challenges facing the government as it seeks to beef up its cybersecurity workforce.

US Senator pushes for US government wide ban on Kaspersky software (SC Media UK) US Senator Jeanne Shaheen is pushing for a federal government-wide ban of security software developed by Russian cybersecurity firm Kaspersky Lab.

FBI needs to show its Kaspersky cards or fold (Cyberscoop) The U.S. can’t argue that it’s protecting sources and methods. If they are correct about Kaspersky, Russian intelligence already knows what they know.

CISOs debate the need for shared services (Fedscoop) For agencies looking to improve their cybersecurity posture through IT modernization, CISOs say it's best to start with a strong foundation.

Modernization boosts cybersecurity anxieties, survey says (FCW) A survey of 200 federal IT leaders found that while most saw the eventual benefits of IT modernization, the process has resulted in a more challenging cybersecurity environment.

Louisiana expands secure authentication for government services (SecureIDNews) Working with CA Technologies, the state of Louisiana is pushing to bring more digital security and efficiency to 16 government agencies. Already, the secure authentication system has improved service access for some 1.5 million Medicaid recipients, while staying with the bounds of the state’s budget restraints.

Litigation, Investigation, and Law Enforcement

The Senate’s Russia Investigators Need to Slow Down (Foreign Policy) The chairman is trying to hurry to wrap things up, but there's a ton more work to do.

Eset faces a lawsuit of €15 million for patents (Slovak Spectator) The antivirus-software developer Eset is facing a lawsuit concerning patents filed by the California-based Finjan company, known for this type of disputes also from abroad.

Ex cop and child porn suspect to remain in jail until he decrypts drives (HackRead) Former Cop and Child Porn Suspect Might Remain in Jail Forever for Contempt of Court. Francis Rawls has remained in prison since 30th September 2015 for re

Another former TZ Limited director faces fraud charges (CRN Australia) Former colleague was sentenced to 10 years imprisonment.

Wynyard NZ Liquidator Still Mulling $171M Claim from Parent, Chases $5.9M from Subsidiaries (Sharechat) The liquidators of Wynyard (NZ), the local unit of the failed crime investigation software developer, are still considering a $171 million creditor claim from the parent company while pursuing $5.9 million from two other subsidiaries of the group.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

SANS Network Security 2017 (Las Vegas, Nevada, USA, September 10 - 17, 2017) SANS is recognized around the world as the best place to develop the deep, hands-on cybersecurity skills most in need right now. SANS Network Security 2017 offers more than 45 information security courses...

Finovate Fall 2017 (New York, New York, USA, September 11 - 14, 2017) FinovateFall 2017 will begin with the traditional short-form, demo-only presentations that more than 20,000 attendees from 3,000+ companies have enjoyed for the past decade. After two days of Finovate’s...

Insider Threat Program Management With Legal Guidance Training Course (Laurel, Maryland, USA, September 12 - 13, 2017) Insider Threat Defense will hold a two-day training class, Insider Threat Program (ITP) Management With Legal Guidance (National Insider Threat Policy (NITP), NISPOM Conforming Change 2). For a limited...

PCI Security Standards Council: 2017 North America Community Meeting (Orlando, Florida, USA, September 12 - 14, 2017) Join your industry colleagues for three days of networking and one-of-a-kind partnership opportunities. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll...

DSEI 2017 (London, England, UK, September 12 - 15, 2017) Defence and Security Equipment International (DSEI) is the world leading event that brings together the global defence and security sector to innovate and share knowledge. DSEI represents the entire supply...

8th Annual Billington CyberSecurity Summit (Washington, DC, USA, September 13, 2017) The 8th Annual Billington CyberSecurity Summit September 13 in Washington D.C. brings together world-class cybersecurity thought leaders for high-level information sharing, unparalleled networking and...

Cyber Security Summit: New York (New York, New York, USA, September 15, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: New York. Receive...

Cyber Security Conference for Executives (Baltimore, Maryland, USA, September 19, 2017) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 4th Annual Cyber Security Conference for Executives on Tuesday, September, 19. It will be held on...

4th Annual Industrial Control Cybersecurity Europe (London, England, UK, September 19 - 20, 2017) Against a backdrop of targeted Industrial Control System cyber attacks against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber attacks on...

Cyber Everywhere: Collaboration, Integration, Automatio (Washington, DC, USA, September 20, 2017) We’ve seen all of the cyber headlines this year – new policies emerging, old policies evolving, the cyber workforce is multiplying, and rapidly growing connected devices are complicating governance. While...

10th Cyber Defence Summit (Dubai, UAE, September 20, 2017) Naseba’s 10th Cyber Defence Summit will address the importance of protecting critical infrastructure and sensitive information, help companies procure cyber security solutions and services, and create...

Maine Cyber Safety Institute (Waterville, Maine, USA, September 20 - 21, 2017) The Summit intends to help business protect themselves from possible losses. The Information Security Community, representing cyber professionals, found that 54% of anticipated cyberattacks against their...

2017 Washington, D.C. CISO Executive Leadership Summit (Washington, DC, USA, September 21, 2017) Highly interactive sessions will provide many opportunities for attendees, speakers and panelists to be engaged in both learning and discussion. The objective for the day is to deliver high quality useful...

Connect Security World (Marseille, France, September 25, 2017 - 27, 2014) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

(ISC)2 Security Congress (Austin, Texas, USA, September 25 - 27, 2017) (ISC)² Security Congress cybersecurity conference brings together nearly 1,500 cybersecurity professionals, offers 100+ educational and thought-leadership sessions, and fosters collaboration with forward-thinking...

Connect Security World (Marseille, France, September 25 - 27, 2017) As IoT solutions are transitioning from hype to real deployments, the “Internet of insecure things” threat is gaining ground. To address unlimited risks, threats and vulnerabilities surrounding IoT, a...

SINET61 2017 (Sydney, Australia, September 26 - 27, 2017) Promoting cybersecurity on a global scale. SINET – Sydney provides a venue where international solution providers can engage with leaders of government, business and the investment community to advance...

O'Reilly Velocity Conference (New York, New York, USA, October 1 - 4, 2017) Learn how to manage, grow, and evolve your systems. If you're building and managing complex distributed systems and want to learn how to bake in resiliency, you need to be at Velocity.

24th International Computer Security Symposium and 9th SABSA World Congress (COSAC 2017) (Naas, County Kildare, Ireland, October 1 - 5, 2017) If you thought symposiums on information security and risk were all the same, look again! COSAC is an entirely different experience. Conceived by practising professionals for experienced professionals,...

Cybersecurity Nexus North America 2017 (CSX) (Washington, DC, USA, October 2 - 4, 2017) Be a part of a global conversation with professionals facing the same challenges as you at the nexus—where all things cyber security meet. Cyber security doesn’t take a vacation and it doesn’t sleep. You...

Atlanta Cyber Week (Atlanta, Georgia, USA, October 2 - 6, 2017) Atlanta Cyber Week is a public-private collaboration hosting multiple events during the first week of October that highlight the pillars of the region’s cybersecurity ecosystem and create an opportunity...

4th Annual Industrial Control Cyber Security USA Summit (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of targeted Industrial Control System cyber attacks, such as those against energy firms in the Ukraine power industry, the massive attacks against the Norway oil and gas industry, cyber...

4th Annual Industrial Control Cyber Security Summit USA (Sacramento, California, USA, October 3 - 4, 2017) Against a backdrop of continued ICS targeted cyber attacks against energy firms in the Ukraine power industry (CRASHOVERRIDE), the massive attacks against the Norway oil and gas industry, cyber attacks...

CyberSecurity4Rail (Brussels, Belgium, October 4, 2017) Facilitated by Hit Rail, this conference will bring together experts in cybercrime and digital security, plus leaders in ICT and representatives from transport and railway companies, European organisations...

Infosecurity North America (Boston, Massachusetts, USA, October 4 - 5, 2017) Organized by Infosecurity Group, which has provided the global information security community with some of the largest, longest established conferences and expos over the past 22 years including Infosecurity...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.