skip navigation

More signal. Less noise.

Combating threats and protecting the enterprise data in the digital workspace.

Digital workspaces bring enormous benefits to organizations and their employees across the globe, but require new thinking when it comes to security. In our perimeter-less digital world, protecting, detecting, and remediating threats requires intelligence-driven approaches. Check out VMware’s insightful white paper describing a new, comprehensive and predictive approach. It highlights the importance of securing the evolving digital workspace and the need for enterprises to embrace a framework of trust between the components in their ecosystem.

Daily briefing.

Russian information operations continue as Western nations brace for a round of hacking expected to emerge from Russian battlespace preparation and staging in cyberspace. Russia plans to allege, before the UN, that victims of a Sarin nerve agent in Syria were bribed to falsely report the attack.

The battlespace preparation consists (at least in part) of exploitation of vulnerabilities in the Smart Install tool found in widely used Cisco routers. The FBI's preliminary assessment of the risk focuses on the likelihood of espionage as the initial stage of any Russian operation, with the possibility of other offensive operations to follow. Cisco's Talos research unit estimates that some 168,000 systems could be affected.

ISIS and its splinter groups appear to be resuming activities in cyberspace as the terrorist groups enter their diaspora phase. Their activities appear to be renewed marketing: inspiration and recruitment.

Secureworks has described a Nigerian criminal operation, "Gold Galleon," that concentrates on stealing from maritime shipping firms and their customers. Their customary approach is business email compromise.

The US city of Atlanta continues its slow recovery from a crippling attack that hit municipal systems with SamSam ransomware on March 22nd. Direct costs of remediation are said to have amounted to $2.7 million so far.

ZTE is being effectively excluded from the US market as the US Government imposes penalties for the company's circumvention of sanctions against North Korea, Iran, Sudan, and Cuba. Sanctions against Huawei have moved the Chinese company toward a complete exit from the US market.

Notes.

Today's issue includes events affecting Canada, China, Cuba, France, Iran, Israel, Democratic Republic of Korea, Nigeria, Palestinian Territories, Russia, Sudan, Syria, United Kingdom, United States.

Cyber is the new battlefield.

Become a Cyber Spartan and Defend the Gates of America. At Invictus International Consulting we are hiring elite cyber, intelligence, and technology experts to serve our government and commercial clients. Join us.

In today's podcast we hear from our partners at Webroot, as David Dufour offers some reflections on the conference. We'll also talk with our editor and get his retrospective on the conference.

XM Cyber is coming to RSA (San Francisco, California, United States, April 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, October 9 - 11, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Dateline RSA Conference 2018

Photo gallery: RSA Conference 2018 Expo, part 2 (Help Net Security) The RSA Conference 2018 is underway at the Moscone Center in San Francisco. Here are a few photos from the Expo floor. Featured companies: Qualys, Anomali, Cisco Security, ZScaler, Swimlane, FireMon, Avast, Lookout, Micro

Photo gallery: RSA Conference 2018 Expo, part 3 (Help Net Security) The RSA Conference 2018 is winding down at the Moscone Center in San Francisco. Here are a few more photos from the Expo floor.

At RSA, sunlight is the best disinfectant for snake oil (Fifth Domain) How can govenment IT professionals make sense of terms like

NIST releases Cybersecurity Framework 1.1 (Help Net Security) The US Commerce Department’s National Institute of Standards and Technology (NIST) has announces the release of version 1.1 of its popular Framework for Improving Critical Infrastructure Cybersecurity, more widely known as the Cybersecurity Framework.

Cybersecurity Tech Accord: Marketing Move or Serious Security? (SecurityWeek) A problem with the Cybersecurity Tech Accord is that it comprises fine words with no defined deliverables and possibly impossible intentions.

As RSA Conference Convenes, Tech Companies Promise to Take Security Reins (Security Boulevard) As 50,000 members of the cyber security community descended upon San Francisco for the annual RSA Conference to discuss solutions to the security questions facing us, 34 technology companies revealed that they plan to start doing something. In signing the so-called Cybersecurity Tech Accord, Cisco, Facebook, Microsoft and 31 other companies have pledged to "defend all customers everywhere from malicious attacks by cybercriminal enterprises and nation-states." The accord is, at least in part, a reaction to the ongoing reports of cyber-meddling in the 2016 Presidential election, and the…

Facebook among tech firms to sign 'digital Geneva convention' (the Guardian) Signatories including Microsoft, Arm and Trend Micro agree not to take part in cyber-attacks

RSA: Should the US treat Russian hacking networks like ISIS? (SC Media UK) Current tactics to discourage rogue nation-states from engaging in malicious cyber-behavior are failing, and could necessitate more drastic actions.

Centrify's Onsite RSA Survey Reveals Concern About the Security of Private Data Held by Election Boards in 2018 Midterms (BusinessWire) Centrify announced the results from an onsite survey of IT professionals attending the RSA Conference, being held this week in San Francisco.

NSA reveals how it beats 0-days (Naked Security) Exploits and vulnerabilities are weaponized against us 24 hours after release, says technical director.

The Rave of Ransomware at RSA (BeyondTrust) Ransomware is all the rave. If you read the 2018 Verizon DBIR and our analysis of the findings, you will see the monetization of data targeted by hackers. The truth is, ransomware is not going away, nor are the threat actors looking to steal your data, or use your resources for crypto mining. Foreign governments

What data does your iOS app collect, and why? (The Mercury News) Should a free flashlight app have access to your calendar or contacts?

GDPR Preparation and Challenges Survey Report Explores Overall Industry Preparedness in Achieving Compliance (Business Insider) The Cloud Security Alliance (CSA), the world's leading or...

FedRAMP security requirements put a premium on automation (Search Security) Matt Goodrich, director for the Federal Risk and Authorization Management Program, detailed FedRAMP security requirements and automation at RSA's Cloud Security Alliance Summit.

Centrify's Onsite RSA Survey Reveals Concern About the Security of Private Data Held by Election Boards in 2018 Midterms (BusinessWire) Centrify announced the results from an onsite survey of IT professionals attending the RSA Conference, being held this week in San Francisco.

CrowdStrike unveils Meltdown exploit in unusual fashion (Search Security) At RSA Conference 2018, CrowdStrike demonstrated a new Meltdown exploit that can harvest sensitive data such as passwords even on systems that are patched.

Stealth network traffic analysis appliance automates defense actions (Help Net Security) LookingGlass Cyber Solutions announced the general availability of the LookingGlass IRD-100 security appliance, a network traffic analysis point of control that be configured to implement customized, automated defense actions.

Dell changes its approach and goes OS-agnostic in security (ZDNet) ZDNet caught up with Dell's data security chief at the RSA Conference to hear how the PC industry is changing its approach to cybersecurity.

Customized IOCs, intelligence and SOC automation for orgs of every size (Help Net Security) CrowdStrike announced that it has expanded the capabilities of the CrowdStrike Falcon platform by introducing a new threat analysis subscription module, CrowdStrike Falcon X.

Fortinet Security Fabric merges with IBM Threat Management system (ZDNet) IBM and Fortinet's strategic relationship has expanded with the combination of security solutions and threat data.

How IBM Security is helping cybersecurity pros collaborate like the bad guys (TechRepublic) Attackers have long shared their exploits, code, and methods, while defenders remained siloed. IBM Security created the X-Force Exchange platform as a way to share threat intelligence.

Identity-as-a-Service for hybrid customer environments (Help Net Security) OneLogin is showcasing enhancements to its Identity-as-a-Service (IDaaS) cloud platform, including the OneLogin Desktop experience, LDAP, and RADIUS capabilities, at RSA Conference 2018, in continued efforts to serve the sophisticated Access Management needs of modern enterprises.

Anomali partners with Visa to offer global payment breach intelligence (Help Net Security) Anomali announced a partnership with Visa to provide cyber security teams with global payment breach intelligence drawn from Visa Threat Intelligence, to better detect and manage breaches involving payment information in retail, hospitality, restaurant and other sectors.

CounterCraft unveils new Cyber Deception Platform at RSA Conference 2018 (CounterCraft) CounterCraft named winner in the 14th Annual Info Security PG’s 2018 Global Excellence Awards and awarded Top 100 status in the Red Herring Europe 2018 Awards

Aporeto Awarded Cyber Defense Magazine’s 2018 InfoSec Award as an Innovator in Application Security - Aporeto (Aporeto) Aporeto, a Zero Trust security solution for microservices, containers and the cloud, today announced it was named an Innovator in the Application Security category, in Cyber Defense Magazine’s 2018 InfoSec Awards. The InfoSec Awards annually honors best-in-class cybersecurity technologies. Winners were officially announced at RSA Conference 2018, the largest gathering of cybersecurity professionals in the United States taking place now in San Francisco, CA....

Cyber Attacks, Threats, and Vulnerabilities

How ISIS is EXPLOITING the ‘safe haven’ of cyberspace to plan attacks and raise funds (Express) Terrorist groups such as Islamic State (ISIS) are making use of the “safe haven” offered by cyberspace to plan attacks, indoctrinate and recruit new members and raise funds, a new report has revealed.

Syrian boy given food to act as gas victim, says Russia TV (Times) Russia plans to confront the UN security council with a television interview featuring a Syrian boy allegedly paid with food to pose as a victim of a chemical weapons attack in Douma. The attack on...

Russian Cyber Threat (Information Security Buzz) Days after the missile strike on Syria, GCHQ and the FBI have warned of a potential retaliation by Russia– in the form of a cyber attack. The NCSC is on high alert and concern is growing among executives who fear severe disruption of critical infrastructure. IT security experts commented below. Bill Conner, CEO at SonicWall: “Cyber attacks like …

Russia home router hack could knock out national infrastructure (Verdict) The state-sponsored Russia home router hack in the UK and US could knock out national infrastructure including air traffic control centres. Over the last three years, hackers enlisted by Russia, have tried to seize control of the flow of worldwide internet traffic.

Critical infrastructure needs shoring up after U.S., U.K. blame Russia for attacks (SC Media US) Shortly before resigning his position, former White House Cybersecurity Coordinator Rob Joyce vowed the U.S. would take aggressive action against Russia.

'There's Possibility That GrayKey Ends Up in Wrong Hands' - Security Researcher (Sputnik) The US police have been increasingly purchasing a tool that can unblock iPhones.

‘Hacktivism’: Targeting Israeli Cyberspace In Support Of Palestinian Cause (Media Line) Israeli websites, Youtube videos hacked in latest pro-Palestinian campaign

Nigerian Hackers Attempt to Steal Millions From Shipping Firms (SecurityWeek) Gold Galleon: Nigerian hackers target global maritime shipping businesses and their customers in BEC attacks

Atlanta spending $2.7 million on ransomware cyber attack; ransom was $50,000 (AL.com) Atlanta has spent $2.7 million in response to a ransomware cyber attack that crippled some city services.

As cities get high-tech, hackers become more dangerous (Curbed) Atlanta, held hostage by ransomware attack, illustrates cyber security threat.

This ransomware was rewritten to mine cryptocurrency - and destroy your files (ZDNet) Some criminals are shifting from ransomware to cryptocurrency miners - those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.

Avast CTO Explains What Went Wrong in CCleaner Attack (eWEEK) VIDEO: Ondrej Vlcek CTO of Avast explains what caused the CCleaner security incident and shares best practices so other companies can avoid the same fate.

Brainjacking: A Potentially Deadly Type of Hacking (BleepingComputer) Hacking the brain of someone with an implanted medical device is not a far-fetched illusion. While at one time a concept relegated to hair-raising Hollywood movies, scientists in Belgium have found that a wireless brain implant, known as a neurostimulator, can be hacked using off-the-shelf materials. By utilizing remote exploitation,

'Lazy Hackers' Turn To Automated Attack Tools (Information Security Buzz) The BBC today ran a story covering how cyber-attackers are now turning to tools that automate the process of finding and hijacking vulnerable servers.The study used a fake server known as a honeypot to log everything done to it by digital intruders. Put online by security firm Cybereason, the server was quickly found and hijacked in seconds …

Casino loses User Data After Hackers Target Fish Tank IoT Thermometer (Digit) Crafty hackers were able to hack a Las Vegas casino's network via their IoT thermometer. The cyber criminals identified this small chink in the casino's infrastructure and exploited it to pilfer 10 gigabites of data containing information on their high-roller customers, which they fed back to device in Finalnd.

Hackers advertise stolen card details on Facebook (Times) Criminals are using hundreds of groups on Facebook to advertise stolen credit card details, cyberattacks and logins for hacked Amazon and Netflix accounts. Brian Krebs, a security researcher...

JP Morgan reportedly had to oust a security chief backed by Palantir after executives found out he was spying on them (CNBC) J.P. Morgan reportedly had to oust a security chief backed by Palantir after executives found out he was spying on them.

Cyber attack at UnityPoint Health puts 16,000 people at risk (NBC 15) UnityPoint Health is taking action to try and protect the personal information of 16,000 people after a cyber attack last fall. Impacted email accounts may be been accessed between Nov. 2017 to Feb. 2018.

Security Patches, Mitigations, and Software Updates

Google disables “domain fronting” capability used to evade censors (Ars Technica) A "long-planned" change happens to coincide with a new wave of state censorship in Russia.

Abbott Extends Cybersecurity Patch to Implantable Defibrillators (Regulatory Focus) Abbott has extended the release of a firmware upgrade—applied to 465,000 of its pacemakers last year to patch cybersecurity vulnerabilities—to 11 of its implantable defibrillator device families as part of its phased corrective action plan.
 

Cyber Trends

Bank web apps are the "most vulnerable" to getting hacked, research says (ZDNet) If there's one thing the banking sector is good at, it's shoddy cybersecurity.

Marketplace

Social Media Marketing Is a Lot Tougher With Trust in Social Media Plunging (Entrepreneur) Raise your hand if you have ever read a privacy policy.

China's ZTE and Huawei to take big hits from US restrictions (Nikkei Asian Review) Cut-off access to 5G tech and tainted images will hurt device makers

Consumer activists, experts advise against buying ZTE phones (Reuters) Consumer activists and technology experts are advising consumers to hold off on buying Android handsets from China's ZTE until the company clarifies whether U.S. sanctions against the company prevent it from providing operating system updates for its devices.

Huawei will stop focusing on the U.S. following security setbacks (Android Central) Thanks to multiple setbacks from the United States government over security concerns, Huawei will shift its focus away from U.S. markets.

Polyverse raises more cash for Linux cybersecurity product that can prevent zero-day attacks (GeekWire) Polyverse has raised more funding to fuel growth of its Linux cybersecurity technology. The Seattle-area startup just reeled in another $2 million from existing investors like SpringRock Ventures…

IBM Beats on Q1 Earnings & Revenues, Reiterates '18 Outlook (Nasdaq) International Business Machines Corp IBM delivered first-quarter 2018 non-GAAP earnings of $2.45 per share, which beat the Zacks Consensus Estimate by a nickel. Earnings per share (EPS) increased 4.3% from the year-ago quarter but plunged 52.7% sequentially.

How These Two Dutch Entrepreneurs Hacked 100 Companies to Become One of the Biggest Hacking Platforms in the World (Inc.) Two no-name 20-somethings came to San Francisco from the Netherlands and emailed tech giants to see if they needed help with security. Six years later, HackerOne helps some of the biggest companies in Silicon Valley find security vulnerabilities

Pentagon Says Cloud Contest Winner Only Guaranteed Two-Year Job (Bloomberg.com) The eventual winner of the Pentagon’s two-year contract to provide extensive cloud services isn’t a lock to be awarded two extensions that would add eight more years, spokeswoman Dana White said.

Products, Services, and Solutions

A10 Networks introduces ‘One-DDoS Protection’ to defend Denial of Service attacks (ComputerWorld) A10 Networks, a provider of intelligent and automated cybersecurity solutions, announced A10 One-DDoS Protection, featuring software enhancements to its high-performance appliances to enable unmatched defense against distributed denial of service (DDoS) attacks.    

CompTIA Offers Free Cybersecurity Mini Boot Camps at Upcoming AFCEA Defensive Cyber Operations Symposium (Longview News-Journal) CompTIA, the world's leading technology association, said today it will offer two free cybersecurity-themed mini boot camps at next month's Armed Forces Communications and Electronics Association (AFCEA) Defensive Cyber Operations Symposium in Baltimore

China’s Telecom Giant Huawei Launches Blockchain-As-A-Service Platform (Cointelegraph) China’s Huawei has debuted its first Blockchain-as-a-Service (BaaS) platform built on Hyperledger technology.

Gemalto to protect Cloud networks with Intel security solution (Business Standard) Digital security firm Gemalto on Wednesday announced that it is bolstering protection against cyber attacks for the new generation of Cloud-based virtualised networks with Intel technology.

Fusion Use Case: Internal Threat Reporting (Recorded Future) In part three of the Recorded Future Fusion series we look at another new capability called “analyst notes.” Now, our users can include their own internal analysis directly in the Recorded Future platform.

RackTop Systems and Carahsoft Announce New Partnership to Offer Softwa (PRWeb) RackTop Systems, a leading provider of high-performance Software-Defined Storage embedded with advanced security, encryption and compliance,

Kaspersky Launches Hybrid Cloud Security Product (SecurityWeek) Kaspersky launches Hybrid Cloud Security, a solution designed to protect hybrid clouds against internal and external threats

Securonix Unveils Strategic Alliance to Combat Cyberattacks in the Cloud (GlobeNewswire News Room) Protects cloud infrastructure and cloud apps against cyber attacks using the most advanced security analytics

Technologies, Techniques, and Standards

NIST Issues First Call for ‘Lightweight Cryptography’ to Protect Small Electronics (I-Connect007) Cryptography experts at the National Institute of Standards and Technology (NIST) are kicking off an effort to protect the data created by innumerable tiny networked devices such as those in the “internet of things” (IoT), which will need a new class of cryptographic defenses against cyberattacks.

Organizations are becoming more resilient to focused cyber attacks (Help Net Security) While the average number of focused cyberattacks per organization has more than doubled this year compared to the previous 12 months (232 vs 106), organizations are demonstrating far more success in detecting and blocking them.

The CISO’S Guide to GDPR: Q&A with Thomas Fischer (HackerOne) I always start GDPR discussions with the big picture questions: Do you know what personal data is being collected and processed? Do you know where the personal data is stored? Can you demonstrate what has happened to personal data? Does your breach notification assessment correctly detect and identify personal data misuse, destruction, alteration or exfiltration?

Design and Innovation

Intel Announces Two New Silicon-Level Security Technologies (ReadITQuik) The first two Intel Threat Detection Technology capabilities will also include implementation plans by Cisco and Microsoft

Research and Development

DARPA Aims to Accelerate Zero-Day Threat Detection Via Computer-Human Collaboration Tech Program (Executive Gov) The Defense Advanced Research Projects Agency has launched a 42-month program that aims to develop n

France Testing Out Special Encrypted Messenger For Gov't Officials As It Still Seeks To Backdoor Everyone Else's Encryption (Techdirt.) The French government has been pushing for a stupid "backdoors" policy in encryption for quite some time. A couple years ago, following various terrorist attacks, there was talk of requiring backdoors to encrypted communications, and there...

The Pentagon Is Building an AI Product Factory (Defense One) Job One for the new Joint Artificial Intelligence Center will be delivering solutions for services’ specific problems.

Research Team Tests Technology That Could Alert Federal Agents to Potential Terrorist Threats (Newswise) Experts at the Next Century Corporation will lead a joint research effort between the Biocomplexity Institute of Virginia Tech, the Hume Center for National Security and Technology, and Draper Labs to create a system that can flag potential terrorist activities as quickly as a credit card company alerting consumers to suspicious spending behavior on their accounts.

Academia

NOVA students participate in third annual 'hack-a-thon' (Potomac Local) Approximately 356 students from various colleges, universities and high schools across the country gathered on the Woodbridge Campus of Northern Virginia Community College to participate in the third annual Innovation Hackathon event, held at the Regional Center for Workforce Education and Training (RCWET) on April 13-15.

Legislation, Policy, and Regulation

In effort to shut down Telegram, Russia blocks Amazon, Google network addresses (Ars Technica) Russian censors up ante in effort to block secure chat by political opposition.

U.S., UK Act to Block Chinese Technology Threat (Foundation for Defense of Democracies) This week, the U.S. and UK governments took steps to combat key national security threats posed by two Chinese telecommunications companies

ZTE ban underlines the need for China to step up its own R&D (South China Morning Post) Beijing may need to come to terms with the inconvenient truth that Donald Trump is willing to risk a trade war and redouble its hi-tech efforts as a result 

Three Cybersecurity Bills to Hit Trump’s Desk This Year, Staffers Say (Roll Call) Dozens of bills are filed in Congress relating to cybersecurity and data breaches but many if not most may never see a committee markup let alone a floor vote. But key congressional staffers speaking at the RSA Conference here predicted at least three bills are likely to get to the president’s desk this year.

Litigation, Investigation, and Law Enforcement

A Nova Scotia teen found a big security hole on a government server: Should he be jailed or rewarded? (National Post) Some organizations encourage hackers to report vulnerabilities and even offer ‘bug bounties’ of thousands of dollars

Google in hot water over privacy of Android apps for kids (Naked Security) Large numbers of child-centred Android apps may be breaking US law.

Employee from hell busted by VPN logs (Naked Security) Before retiring from PenAir airline, Suzette Kugler set herself up with fake, high-privilege VPN user accounts that didn’t keep her secrets.

Christchurch teenager ordered to delete Facebook accounts after schoolgirl's death (Stuff) The mother of a schoolgirl who died after receiving harmful Facebook messages has forgiven the young offender.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, June 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign...

Upcoming Events

5th Annual Cybersecurity Summit (McLean, Virginia, USA, April 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.

Secutech (Taipei, Taiwan, April 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and...

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, April 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect...

INFILTRATE (Miami Beach, Florida, USA, April 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster...

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners...

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will...

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring...

Decompiling the Government: Getting Technologists and Policymakers to Speak the Same Language (New York, New York, USA, May 3, 2018) This event brings together technologists and leading policymakers, lawyers, and journalists to bridge the gap between non-technical and technical cyber professionals and features Lisa Monaco, former Assistant...

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to...

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience...

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance...

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products...

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial...

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and...

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative...

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 22 - 23, 2018) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in technology and systems research and development. The agenda for...

3rd Annual Nuclear Industrial Control Cybersecurity and Resilience Overview (Warrington, England, UK, May 22 - 23, 2018) Now in its 3rd year, the Cyber Senate Nuclear Industrial Control Cyber Security and Resilience Conference will take place on May 22/23rd in Warrington United Kingdom. This two day executive forum will...

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018...

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of...

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations...

Cyber:Secured Forum (Denver, Colorado, USA, June 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.