We'd like to hear from you.
As a valued subscriber, we would like to better understand your needs and challenges. Complete our 15 minute survey for a chance to win a $100 gift card and to allow us to learn how we can better serve you.
Identifying endless threats and new vulnerabilities exposing your organization to cyber attacks is a never-ending task. The Cyber Daily curates the most important trending technical indicators from across the internet and delivers them right to your inbox – every day. Stay informed about suspicious IP addresses, new exploits and vulnerabilities, relevant cybersecurity news, threat actors, and more. Subscribe to Cyber Daily today.
As a valued subscriber, we would like to better understand your needs and challenges. Complete our 15 minute survey for a chance to win a $100 gift card and to allow us to learn how we can better serve you.
Poland’s government attributes misinformation about a bogus radiation threat to Russia, the Washington Post reports. The disinformation was spread through hijacked Polish government websites.
The FBI’s Internet Crime Report for 2020 is out. Losses to all varieties of Internet crime were high, officially a bit north of $4.2 billion
The US House Energy and Commerce Committee yesterday pressed Federal agency leaders on the scope of Holiday Bear’s compromise of SolarWinds, theHill reports. A parallel Senate inquiry suggests, according to CSO, that US organizations are generally unprepared for such supply chain attacks. The Washington Post describes how the Senate Homeland Security Committee’s investigation will continue today with an inquiry into how such attacks might be prevented.
Deputy National Security Advisor for Cyber Neuberger outlined the Federal response to the various campaigns, both criminal and state-directed, against vulnerable Microsoft Exchange Server instances. Domain Tools' Joe Slowik tweeted an interesting graphic that summarizes the known and suspected threat actors involved in Exchange Server exploitation. It divides the actors' operations into "initial exploitation," "pre-disclosure share," "immediate opportunistic exploitation," and "lagging opportunistic exploitation."
Two crypters—modules that help malware evade detection—receive scrutiny from researchers. Avast has released its study of OnionCrypter, and Morphisec has an account of Hcrypt, an active crypter-as-a-service operation.
Economic hardship has driven an influx of newbies into the dark web's underworld, a Check Point study finds. One depressing trend: it used to be the gangs who did most of the advertising on the criminal job boards; now it’s the job-seekers.
Today's issue includes events affecting Australia, China, Israel, Lithuania, Poland, Russia, the United Kingdom, and the United States.
In a remote work world, managing and securing endpoints has never been more important. Tanium, provider of endpoint management and security built for the world's most demanding IT environments, published a report with PSB Insights on the new security challenges facing organizations as a result of the COVID-19 pandemic. IT Leads the Way: How the Pandemic Empowered IT features intelligence from 500-senior level IT decision makers. Visit tanium.com/EmpowerIT to download the full report.
Polish state websites hacked and used to spread false info (Washington Post) Two Polish government websites were hacked Wednesday and used briefly to spread false information about a non-existent radioactive threat, in what a Polish government official said had the hallmarks of a Russian cyberattack.
Why Was The SolarWinds Campaign So Difficult to Detect? (Breaking Defense) Only after months of investigation by nearly 100 highly skilled digital forensics experts did FireEye discover the malicious "implant" in the most unlikely place. We break it all down in plain language.
Mimecast's source code stolen in SolarWinds breach (Computing) But Mimecast insists the code was 'incomplete'
Radware reports global hacking spree in MS Exchange Servers (iTWire) Company News: Radware has reported a series of new zero-day exploits in Microsoft Exchange Servers discovered late last year has evolved into a global hacking spree now impacting hundreds of thousands of organisations worldwide. On 2 March, Microsoft released critical security updates for four cruci...
CISA Issues Advisory on TrickBot Campaigns (Dark Reading) US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warn security teams to guard against the advanced Trojan malware.
TrickBot Malware (CISA) This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques.
DearCry ransomware is not very sophisticated: Mandiant (DATAQUEST) DearCry is a new family of ransomware being used after an initial compromise of unpatched on-premises Microsoft Exchange Servers
Missed opportunity: Bug in LockBit ransomware allowed free decryptions (The Record by Recorded Future) A member of the cybercriminal community has discovered and disclosed a bug in the LockBit ransomware that could have been used for free decryptions.
Tracking HCrypt: An Active Crypter as a Service (Morphisec) During 2021 Morphisec identified an increased usage of the “HCrypt” crypter. In this post, we will lockpick “HCrypt” – a crypter as a service that is marketed as a FUD (fully undetectable) loader for the client`s RAT of choice. We chose to dissect the crypter’s operations along with tracking several actors that utilize it.
Largest ransomware demand now stands at $30 million as crooks get bolder (ZDNet) There's been a big rise in ransom payments over the last year - and some ransomware gangs demanding vast amounts.
Scam Alert: FTC warns of new phishing email scam about stimulus payments (FOX Carolina) The Federal Trade Commission (FTC) is warning people of an e-mail scam about COVID-19 stimulus payments.
Encryption: Why security threats coast under the radar (CRN Australia) One of the most dangerous security vectors facing enterprises is also one of the least understood.
Hackers Are Targeting U.S. Banks, And Hardware May Give Them An Open Door (Forbes) Cyber attacks on banks are increasing in frequency, severity and sophistication despite banks’ investment in cybersecurity and federal policy efforts intended to mitigate them.
Cryptocurrency: A Boom in Value Begets a Boom in Crime | Hacker Noon (HackerNoon) When cryptocurrency value rises, we can expect a parallel rise in crypto-related crime, including phishing, fake brokers, and scams impersonating exchanges and other legitimate services.
How a reliance on the cloud still poses security risks (TechRepublic) Most of the cyberattacks on cloud environments have been due to compromised credentials, says Centrify.
Over-permissioned staff members at the heart of many data incidents (ITProPortal) Inactive accounts attached to past employees are often the first to get compromised.
America’s Drinking Water Is Surprisingly Easy to Poison (Nextgov.com) The experts say the sorts of rudimentary vulnerabilities revealed in the breach are common among America’s 151,000 public water systems.
Progress being made in Covington cyber attack (WWL TV4) Still though it could be weeks before everything is back up and running
Breaking bad: desperate job seekers turn to the Darknet and hacking forums for opportunities (Check Point Software) Check Point Research highlights the potential rise in the number of people engaged in illegal work typically offered in the Darknet and on hacking forums
Highlights from the 2021 Unit 42 Ransomware Threat Report (Unit42) The 2021 Unit 42 Ransomware Threat Report found an increase in average ransoms, a focus on healthcare organizations and the rise of double extortion.
Intel Report Spotlights Importance Of Transparency In Cybersecurity (Forbes) Intel worked with the Ponemon Institute to research and publish The Role of Transparency and Security Assurance in Driving Technology Decision-Making report.
RDP Attacks Persist Near Record Levels in 2021 (Dark Reading) A wave of attacks targeting Remote Desktop Protocol has continued throughout the pandemic as more employees continue to work from home.
Centrify Research Reveals 90% of Cyberattacks on Cloud Environments Involve Compromised Privileged Credentials (Centrify) An overwhelming percentage (90%) of cyberattacks on cloud environments in the last 12 months involved compromised privileged credentials, according to new research from Centrify, a leading provider of modern privileged access management (PAM) solutions.
Credit Union Industry Risks Significant Financial Impact Due to Cybersecurity Vulnerabilities, According to Black Kite (PR Newswire) Cybersecurity vulnerabilities among credit unions and their vendors create the potential for large financial impacts to the credit union...
Survey Findings from Pulse Research and Keyfactor Show Gap Regarding P (PRWeb) 96% of North American enterprise IT security leaders say public key infrastructure (PKI) and digital certificates are essential to achieving zero trust architectu
Embedded security: how to address Australia's growing cyber risk profile (Business IT) No matter what statistic you look at, cybersecurity attacks and data breaches are on the rise.
New IDG and ReliaQuest Research Finds Many Security Teams at a Critical Tipping Point with "Security Tech Sprawl" (ReliaQuest) An increasing attack surface promoted by a dynamic enterprise IT environment has had security teams facing more cyber threats and searching for more ways to combat them. However, having an array of security tools doesn’t necessarily make an enterprise more secure. In fact, new research from IDG and ReliaQuest suggests that “tool sprawl” or “tech […]
Tool Fatigue Turned Exhaustion: New ReliaQuest Report Finds 71% of Enterprises Underutilizing Existing Security Tools (BusinessWire) ReliaQuest, a global leader in cybersecurity, today announced the findings of its 2021 Security Technology Sprawl Report with IDG, which surveyed 400
Socure Closes $100 Million Raise Led by Accel to Eliminate ID Fraud and Ensure 100% Trust on the Internet (Socure) Socure, the leader in 100% digital identity trust, today announced a $100 million Series D round of funding led by Accel, with participation from existing investors Commerce Ventures, Scale Venture Partners, Flint Capital, Citi Ventures, Wells Fargo Strategic Capital, Synchrony, Sorenson, Two Sigma Ventures, and others.
SecurityScorecard Raises $180 Million in Series E Financing Round to Make Security Ratings Mainstream (PR Newswire) SecurityScorecard, the global leader in security ratings, announced today that the company has completed a $180 million Series E preferred...
Cyware nabs $30M to help organizations detect and stop advanced cyberattacks (TechCrunch) Malicious hacking has become a pernicious and dogged fact of life for more organizations, and it’s a threat that has seemingly grown more complicated and sophisticated over time. One effective approach to tackling that has been collaboration: not just applying an array of services to address …
Identity Protection Firm Sontiq Acquires Breach Clarity (Credit Union Times) The formal acquisition comes four months after the credit union security solution providers announced an exclusive partnership.
Corsight AI Announces Global Talent Acquisition Partnership To Support Its Next Phase Of Growth (PR Newswire) Corsight AI, a leading facial recognition technology provider, today announced plans to invest in a significant number of new hires over the...
Huawei Says It's Working to Address Security Concerns (Bloomberg) Andy Purdy, chief technology officer of Huawei Technologies Co.'s U.S. operations, discusses the prospects for the company amid the disputes between the world's two largest economies.
Bugcrowd Recognized in Forbes America’s Best Startup Employers 2021 List (BusinessWire) Bugcrowd, the crowdsourced cybersecurity platform, today announced it has been named to the Forbes 2021 list of America’s Best Startup Employers. This
Proofpoint : Wins Multiple Gold Cybersecurity Excellence Awards, Named Most Innovative Cybersecurity Company | MarketScreener (MarketScreener) We are thrilled to announce that Proofpoint won top honors in more than 35 different categories at the annual 2021 Cybersecurity Excellence Awards, including gold recognitions for most... | March 18, 2021
Kenna Security expands in Canada, driven by triple-digit growth (GlobeNewswire) Introducing a new, cloud-based instance of Kenna.VM for the Canadian market
Duo Security's Matthew Smith joins Tessian as its new Chief Strategy Officer (RealWire) Human Layer Security leader Tessian today announces that it has hired Matthew Smith as its Chief Strategy Officer (CSO) to build and grow business development.
Darktrace beefs up its board ahead of float by hiring David Willetts (This is Money) Darktrace helps companies detect suspicious cyber activity and was founded in 2013 with seed funding from Invoke Capital. Willetts (pictured) will join as a non-executive director.
Syniverse appoints Andrew Davies as CEO (Help Net Security) Syniverse announced that Andrew Davies has been appointed as Chief Executive Officer to support company’s accelerated growth.
Darktrace Appoints Lord David Willetts as a Non-Executive Director (PR Newswire) Darktrace, a leading autonomous cyber security AI company, today announced that the Rt Hon. David Willetts has agreed to join the Board of...
Former Director of the Defense Intelligence Agency Joins Deep Water Point (PR Newswire) Today, Deep Water Point announced that LTG Robert (Bob) Ashley, USA, Ret. joined its team in support of the company's defense and intelligence...
Taliware Biombeat Delivers Passwordless, Location-Based Authentication (PRWeb) Taliware, an innovator of intelligent biometric and geolocation systems powered by deep-learning networks, announced that its identity-management software develop
Mirato unveils third party risk management platform (Finextra Research) Mirato, provider of a third-party risk management (TPRM) platform that orchestrates and automates the entire TPRM lifecycle, today announced the availability of its platform for financial services institutions in the U.S., which includes a fully orchestrated operations dashboard and the Mirato Risk Hunter for real-time visibility into concentration risk.
Fortinet achieves 400 integrations of Open Fabric Ecosystem (Tech Startups) Fortinet EVP of products and CMO John Maddison says that the ecosystem aims to improve security, reduce complexity, and simplify operations.
Digital Guardian Extends Endpoint DLP to Microsoft Teams, Slack, Skype, and Zoom (Digital Guardian) Digital Guardian meets customer demand for greater visibility and control of top communications and collaboration apps
Kasada V2 platform provides defense against advanced bot attacks (Help Net Security) Kasada announced the general availability of its V2 platform to address the increasing sophistication of bot attacks.
CyVision Technologies, Inc. Expands into Healthcare (AccessWire) The company's proven cyber risk assessment services now available to healthcare provider, payer and vendor organizations BETHESDA, MD / ACCESSWIRE / March 18, 2021 / CyVision Technologies, Inc., a leading provider of cyber vulnerability assessments, today announced the expansion of its offerings into the healthcare sector. This move will extend the reach of the company's Enhanced Cyber Vulnerability Assessment Service, allowing
Compromising data posted on dark web after Georgetown County cyber attack (WBTW) Compromising information — including the social security numbers of Georgetown County employees — is circulating on the dark web following a January cybe…
Cyxtera Extends Global Partner Program to Federal Market (Cyxtera) Cyxtera, a global leader in data center colocation and interconnection services, today announced the launch of the Cyxtera Global Federal Partner Program
GlobalPlatform SE for IoT workshop: IoT end-to-end security, privacy, simplicity and convenience (GlobalPlatform) Free technical workshop on using Secure Elements to build, certify, deploy and manage IoT devices
We need to talk openly about cyber security (Charity Digital) By sharing information about cyber security breaches, the charity sector can work together to make charities much more secure
Six ways to battle 2021 tax season identify theft (PropertyCasualty360) The high volume of unemployment claims in recent months may have opened a new door for bad actors online, according to HSB.
7 Tips to Secure the Enterprise Against Tax Scams (Dark Reading) Tax season is yet another opportunity for fraudsters to target your company. Here's how to keep everyone in the organization on their toes.
Quantum computing breaking into real-world biz, but not yet into cryptography (ZDNet) D-Wave Systems believes its application of quantum computing is ready for mainstream deployment, where it already is addressing real-world business challenges, but use of the technology in cracking cryptography is still some years away.
The new weapon in the fight against biased algorithms: Bug bounties (ZDNet) Deborah Raji is researching ways to apply the models that underpin bug bounty programs to algorithmic harm detection.
Army AI helper would suggest actions in multidomain fights (C4ISRNET) The new artificial intelligence tool would recommend options for commanders' battle plans as war-fighting domains become more interconnected.
China's New Digital Currency Is Easy to Use but You'll Be Watched (Wall Street Journal) As China moves closer to rolling out its new digital cash, there are concerns the government will track every transaction––not just of citizens but of foreign companies in the country. WSJ travels to Chengdu to see this money revolution in action. Photo: Lorenz Huber for The Wall Street Journal
Research: Do Website Builders Help Spread Fake News? (Website Planet) As the world continues to fight the COVID-19 pandemic with lockdown measures, travel restrictions, and vaccination campaigns, misinformation and
Intel, DARPA Develop Secure Structured ASIC Chips Made in the US (Intel) Intel and the U.S. Defense Advanced Research Projects Agency (DARPA) today announced a three-year partnership to advance the development of domestically manufactured structured Application Specific Integrated Circuit (ASIC) platforms.
Are Israel's elections safe from cyberattack? (The Jerusalem Post) "Some political parties have very sensitive information about people, including regarding their political affiliations."
Why Washington Is Fed Up With Beijing (Foreign Policy) Decades of failed efforts to woo China explain the Biden administration’s tough talk ahead of Alaska meeting.
Warfighting in Cyberspace (War on the Rocks) Since the Gulf War, the U.S. military has followed an operational script that exploits technological advantages to fight and win quickly. It starts with
Microsoft breach ramps up pressure on Biden to tackle cyber vulnerabilities (TheHill) The Biden administration is coming under increasing pressure to address U.S. cybersecurity vulnerabilities following the Microsoft breach that has quickly been viewed as a massive threat to the U.S.
White House task force met to discuss Microsoft software weaknesses (Reuters) The White House's task force looking into the recent hack of Microsoft Corp's Exchange met this week with representatives of the private sector, White House spokeswoman Jen Psaki said in a statement on Wednesday
Statements by Press Secretary Jen Psaki & Deputy National Security Advisor for Cyber Anne Neuberger on Microsoft Exchange Vulnerabilities UCG (The White House) Statement by White House Press Secretary Jen Psaki: Last week the National Security Council (NSC) established a Unified Coordination Group (UCG), a task force composed of representatives from the FBI, CISA, and ODNI, with support from the NSA, to drive a whole-of-government response to the Microsoft Exchange vulnerabilities. On Monday, the NSC convened a UCG…
Key Official: Defense Information Operations ‘Not Evolving Fast Enough’ (Defense One) China will soon harness AI to supplant Russia as the world leader in information warfare, a DIA leader said.
DoD plan will streamline contractor security clearance appeals (Federal Times) Department of Defense components will all be required to use the Defense Office of Hearings and Appeals for final appeals on contractor security clearance denials.
Senators show support for increasing US Southern Command intelligence assets (Defense News) SOUTHCOM wants more ISR, but does it have to come from physical platforms?
FCC Moves to Rescind Permits of More Chinese Telecom Operators (Nextgov.com) The commission is also seeking public comment on the development of Open Radio Access Networks to improve national security and prosperity.
Hikvision, Dahua deemed national security threats by FCC (Security Info Watch) Huawei, ZTE Corp. and Hytera also placed on list of companies that pose an 'unacceptable risk' to U.S.
White House Still Hashing Through Cyber Director Pick (Meritalk) The Biden administration is still hashing through its consideration of who to appoint as National Cyber Director, but is due to conclude a review of how it should proceed on the position in the next several weeks.
US Commerce Dept subpoenas Chinese companies over possible security risk (Business Standard) The US Department of Commerce on Wednesday served subpoenas on multiple Chinese companies that provide Information and Communications technology and services (ICTS) in the country
U.S. Subpoenas Chinese Companies in Security Probe (Wall Street Journal) The Commerce Department said the subpoenas seek information aimed at determining whether the companies, which it didn’t name, pose a security threat to U.S. interests.
Lawmakers press federal agencies on scope of SolarWinds attack (TheHill) The bipartisan leaders of a House panel on Wednesday drilled multiple agencies for updates on the SolarWinds hack, a mass cyber campaign that compromised at leas
The Cybersecurity 202: Senate panel delves into SolarWinds hack (Washington Post) Another Senate committee on Thursday is jumping into the investigative fray surrounding the hacking of SolarWinds, a software company providing services for government agencies, which the United States believes was targeted by Russia.
The SolarWinds Senate hearing: 5 key takeaways for security admins (CSO Online) Testimony by key security executives in the US Senate reveal how unprepared most organizations are for supply chain attacks. Here are the lessons security admins should learn from it.
IC3 Releases 2020 Internet Crime Report | Federal Bureau of Investigation (Federal Bureau of Investigation) The FBI’s Internet Crime Complaint Center released its latest annual report, which includes information from 791,790 complaints of suspected internet crime and reported losses exceeding $4.2 billion.
Internet Crime Report 2020 (FBI IC3) In 2020, while the American public was focused on protecting our families from a global pandemic and helping others in need, cyber criminals took advantage of an opportunity to profit from our dependence on technology to go on an Internet crime spree.
FBI: Over $4.2 billion officially lost to cybercrime in 2020 (BleepingComputer) The Federal Bureau of Investigation has published its annual report on cybercrime affecting victims in the U.S., noting a record number of complaints and financial losses in 2020 compared to the previous year.
Joint Statement from the Departments of Justice and Homeland Security Assessing the Impact of Foreign Interference During the 2020 U.S. Elections (US Department of Justice) The Department of Justice (DOJ), and the Department of Homeland Security (DHS), including the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), released today key findings and recommendations from a joint report to the President issued last month on the impact of foreign governments and their agents on the security and integrity of the 2020 U.S. federal elections.
Intelligence Agencies Warn Most Lethal Threat to US Is Homegrown (Voice of America) U.S. intelligence agencies are warning the country faces a substantial threat from within, fearing a range of domestic extremists could move forward with plans to carry out attacks against fellow citizens or the government itself.
Domestic terrorism poses ‘elevated threat’ to the U.S. this year, intelligence agencies say in their first joint report on the issue (Washington Post) Domestic violent extremism poses an “elevated threat” to the United States this year, and lone offenders or small, self-organized cells — rather than organizations — are most likely to carry out attacks, the intelligence community said in its first joint assessment on the issue.
Line app allowed Chinese firm to access personal user data (The Record by Recorded Future) In a press conference today, the Japanese government announced it was investigating the parent company behind the Line instant messaging app after a local newspaper reported that engineers at one of the app's Chinese contractors accessed the messages and personal details of Line users.
French Data Watchdog CNIL Opens Probe Into Clubhouse App (Bloomberg) Probe aims to confirm whether GDPR applies to Clubhouse. German regulator also looking at how app protects user privacy.
Vodafone Spain fined record $9.72M for data protection failures (Compliance Week) Vodafone Spain has been fined €8.15 million (U.S. $9.72 million) for aggressive telemarketing tactics and other data protection failures under the GDPR. The penalty is the highest the Spanish Data Protection Agency has handed out.
MyLife.com Can't Duck Challenge To Reputation Ratings (Law360) A Minnesota federal judge has ruled that reputation rating website MyLife.com can't escape a proposed class action alleging the company falsely suggested consumers had criminal or sex offender backgrounds and required users to pay a fee to correct false information.
For a complete running list of events, please visit the Event Tracker.
Insider Threat Program Manager - Working Group Live Web Based Training Course / Certificate (Virtual, Apr 20, 2021) This affordable, comprehensive and practical 1 day training course will ensure the Insider Threat Program (ITP) Manager / Senior Official, Insider Threat Analyst, FSO, and others who support the ITP (CSO, CIO, CISO, IT, Network Security, Human Resources, Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing or enhancing an ITP / Working Group. Our student satisfaction levels are in the exceptional range. Over 800+ individuals have attended this training course and received ITP Manager Certificates.
National Cyber League (NCL) Spring Season (Virtual, Feb 15 - Apr 11, 2021) The National Cyber League (NCL) is a defensive and offensive biannual puzzle-based, capture-the-flag style cybersecurity competition allowing US high school and collegiate students of all skill levels to showcase and build their skills. Its virtual training ground helps students prepare and test themselves against cybersecurity challenges that they will likely face in the workforce. All participants play the games simultaneously during Preseason, Individual Game and Team Game. Between easy, medium and hard challenges, students identify their strengths and weaknesses and expand their portfolio with an NCL Scouting Report. Registration for the Spring Season closes March 9, 2020.
SoCal Cyber Cup Challenge (SCCC) (Virtual, Feb 15 - May 31, 2021) Now in its 12th year, the SoCal Cyber Cup Challenge (SCCC) is a cybersecurity competition for middle school, high school, and community college students in the Southern California region, started by NDIA San Diego. Supported by a Department of Defense grant, this year’s competition will include community college students and extensive training for competitors and their mentors. As part of the grant, faculty from Coastline College, Palomar College, and Riverside City College will be supporting the challenge by developing mentor training content and promoting the competition.
CSO’s Cybersecurity Summit (Virtual, Mar 16 - 18, 2021) As cyber threats grow in scope and sophistication (as evidenced by the devastating and long undetected, SolarWinds breach), so do the stakes for corporations and government to stay alert and on guard. CSO, the tech industry’s premier voice on cybersecurity, presents a summit where top executives and leaders will provide up-to-the-minute insights on how to successfully safeguard your organization. Over three days, IT professionals will learn, contribute to the conversation and source new solutions providers.
4th CYBERSEC Brussels Leaders' Foresight 2021 (Virtual, Mar 18, 2021) CYBERSEC Brussels Leaders’ Foresight 2021 will follow the leitmotif of the CYBERSEC Global 2020: Together Against Adversarial Internet. Since the very beginning of the humankind, every innovation has transformed our lives and the Internet is not an exception. Those inventions are also accompanied by a plethora of threats which need to be addressed for the wellbeing and secure future of the global society.
Celebrating Women in Privacy: Ways to Support and Advance Women in the Field (Virtual, Mar 23, 2021) Women hold only 25% of all the jobs in the tech industry. Women in privacy, in particular, are paid 17% less than their male counterparts; with women of color making even less. Discrimination and bias, both within policies and in the way we structure our workforce, limit the U.S.’s ability to identify and address threats, innovate, address issues related to privacy invasions, and more. To celebrate March as Women’s History Month — an in concert with #ShareTheMicInCyber — join leading women in privacy for a conversation promoting diversity in tech and exploring ways to promote change within the industry. Let’s open a dialogue about the ways allyship, mentorship, and sponsorship can advance women in privacy.