Alleviate the stress with an open-source security suite that protects your online services, with no false positives and no extra effort from you. With CrowdSec, you gain the most comprehensive community-sourced threat intelligence to accelerate your security response. And, you can filter out all background noise to focus only on what really matters. Don’t fight alone, let the crowd support you. Get started with CrowdSec for free!
Happy New Year, CyberWire readers! As a special thank you, we would like to offer you a free practice test from CyberVista, as well as three free months of CyberWire Pro. Visit thecyberwire.com/promo and use the code PROLEARN to redeem the offer.
Axis Security has published its 2023 Security Service Edge (SSE) Adoption Report, finding that 65% of organizations plan to implement an SSE platform within the next two years, and 43% seek to implement one before the end of 2023. Additionally, 67% of respondents “plan to start their SASE strategy with a Security Service Edge (SSE) platform rather than WAN Edge Services.” The researchers also found that “[t]he top two legacy solutions that enterprise security teams will look to replace with SSE will be VPN Concentrators (63%) for VPN, SSL inspection services (50%) and DDoS (44%) with data loss prevention services (42%) being a very close fourth place.”
Leaders, decision-makers and influencers across cyber read the CyberWire Daily Briefing as well as our other popular newsletters and podcasts every day. Why not put your company's message where the decision-makers are? Contact us to find out how (hint, it's really easy!).
Delinea has published its 2022 State of Ransomware Report, finding that there’s been a sharp decrease in the volume of ransomware attacks, though the average ransom demand has gone up. Delinea found that only 25% of respondents said their organizations were hit by ransomware in 2022, down from 64% in 2021. The number of victims who paid the ransom also fell from 82% to 68%. The researchers aren’t sure what led to this decline, but they note that it may be due to the reorganization among major ransomware crews (particularly Conti) that took place during 2022. Despite the slowdown in attacks, the researchers found that the average ransom demand has gone up over the past year. The survey also highlights a discouraging trend: organizations seem to be taking the ransomware threat less seriously than they did in 2022. The researchers found that most (76%) of organizations increase their security budgets only after they’ve suffered a ransomware attack. For more on the ransomware trends of the year that just ended, see CyberWire Pro.
Victor Zhora, chief digital transformation officer at the State Service of Special Communication and Information Protection (SSSCIP) of Ukraine, told Politico that Ukraine was gathering information on the ways in which Russian cyberattacks have constituted war crimes. Some of the Russian cyber intelligence work has allegedly been used to support "filtration," that is, the identification of civilians regarded as posing a threat to Russian occupation. “Russian troops often use filtration procedures on occupied territories to identify people who support Ukraine, who were engaged in public service, or military service, so they capture them, then torture, kill," Zhora said.
Some cyber activities, including even the spread of disinformation, may themselves qualify as war crimes. Disinformation seems a stretch (except, perhaps, insofar as it might be held to constitute incitement, or serve as an element of conspiracy), but disabling cyberattacks against civilian critical infrastructure might be an easier case. For any of these actions to amount to war crimes--and there's a strong prima facie case that they may--they would have to amount to violations of the laws of armed conflict. Ukrainian authorities are referring the digital evidence they've collected to the International Criminal Court with a view to eventual prosecution of the Russian personnel and officials responsible.
EU Reporter notes that the annual report from the European Union's cybersecurity agency, ENISA, describes ways in which Russia's war has driven an increase in cyberattacks. As we've had many occasions to observe, the consequences of those attacks have fallen short of prewar expectations.
SC Magazine reviews arguments for and against treating cyberspace as an operation domain. For millennia there were two such domains: land and maritime. The 20th Century saw the emergence of the third domain, air, and eventually the fourth, space. Over the last two decades cyberspace has come to be regarded as the fifth domain. The issue, as the discussion presents it, is that cyber operations in Russia's war have proven indecisive, and that, were cyberspace to be a proper domain, it would offer the prospect of decisive action. That's not unique to cyberspace, however. It's unusual that action in any one domain would prove decisive. US doctrine, at least, has stressed the importance of multidomain operations. There may well be good reasons not to consider cyberspace a fifth operational domain (a 2021 essay in The Strategy Bridge describes them), but lack of decisiveness alone doesn't seem to be one of them.
The CyberWire's continuing coverage of the unfolding crisis in Ukraine may be found here.
The RSA Conference (meeting this year in San Francisco between April 24th and 27th) returns with two well-known showcases for young, innovative companies. Both the Launch Pad and the Innovation Sandbox opened for applications today, and they'll continue to accept them through February 10th.
LookingGlass Cyber released a blog today explaining the most prevalent known exploited vulnerabilities (KEV) present in the US financial sector in November of last year. Over half of the vulnerabilities detected by LookingGlass in November 2022 were found affecting insurance, with approximately a quarter composed of credit intermediaries, and a third resulting from third-party service providers. The most commonly observed KEV in the US financial services sector was CVE-2015-1635. The seven year old Remote Code Execution vulnerability is said to impact Windows, and is still common in critical infrastructure today. For more on these KEVs, see CyberWire Pro.
Today's issue includes events affecting the European Union, Japan, Pakistan, Russia, Ukraine, the United Kingdom, and the United States.
Ukraine at D+320: Cyber war crimes? (CyberWire) There's nothing new on the Eastern front. Ukraine continues to equip itself with NATO systems, and Russia continues hitting civilians.
Russia-Ukraine war: List of key events, day 321 (Al Jazeera) As the Russia-Ukraine war enters its 321st day, we take a look at the main developments.
Ukraine Russia war: Russian artillery fire down nearly 75pc, say US officials (The Telegraph) Russian artillery fire is down by nearly 75 per cent, US officials have said.
Without Hesitation, Ukraine Goes Toe to Toe With Russia in Bakhmut (New York Times) Earlier in the war, Ukraine’s leadership was more equivocal about pitched battles with high casualties. There’s no second-guessing this time. Some analysts say it makes sense strategically.
Russia’s Wagner group fighting ‘heavy, bloody battles’ for control of Soledar (the Guardian) UK says most of Ukrainian saltmine town near Bakhmut is in Russian hands after intensive fighting
Fighting Remains Tough in Ukraine (U.S. Department of Defense) While the battle lines between the Russian invaders and Ukrainian defenders have not shifted much, fighting in the Donbas region has been savage, a senior military official said.
Kyiv withstands bombs and blackouts as Russia fails to cripple capital (Washington Post) Two days after a Russian missile killed her close friend on New Year’s Eve, Daria Khizhchuk was back at her job waiting tables at an upscale Italian restaurant in the Ukrainian capital.
Russia is holding back on using its most advanced fighter jets over Ukraine because it's scared they'll get shot down, UK intel says (Business Insider) Russia's holding back because of worries about "reputational damage" if the combat jets are shot down over Ukraine, the British defense ministry said.
Russia-Ukraine war: Britain considers sending Challenger 2 battle tanks to Ukraine (The Telegraph) Britain is considering supplying Ukraine with tanks for the first time to help the country fight Russian forces, The Telegraph understands.
Pentagon weighs sending Stryker combat vehicles to Ukraine (POLITICO) If approved, the shipment would add to the number of armored infantry vehicles being sent to the front lines by multiple countries.
US-led group of countries aiding Ukraine will convene again at Ramstein (Stars and Stripes) Headed by U.S. Defense Secretary Lloyd Austin, the group of leaders from dozens of nations has convened eight times at various locations and virtually since late February, when Russia launched its full-scale invasion of Ukraine.
How AI Could Predict The Damage to Ukraine from Russian Missiles (Defense One) By training a machine-learning model on battle-damage imagery, one company aims to help understand where attacks are happening and assess damage more quickly and accurately.
Ukraine claims Russia is conscripting more fighters for an offensive, breaking its own ceasefire (Task & Purpose) The alleged conscription would target urban centers for as many as 500,000 fighters.
It’s High Time to Prepare for Russia’s Collapse (Foreign Policy) Not planning for the possibility of disintegration betrays a dangerous lack of imagination.
Ukraine’s Cyber Units Aim to Retain Staff, Keep Services Stable as War Enters Year Two (Wall Street Journal) As Ukrainian President Volodymyr Zelensky visits Washington, the country’s cyber defense staff continue to fend off persistent Russian cyberattacks.
Kyiv argues Russian cyberattacks could be war crimes (POLITICO) Ukrainian cyber officials are gathering digital evidence for The Hague to prosecute, their top chief says.
Ukraine official says Russian cyberattacks on its energy network could equate to war crimes (Yahoo) Victor Zhora, a top Ukrainian cyber official, told Politico that Ukraine is gathering evidence of Russian coordination of cyber and kinetic attacks.
Ukraine will need $1.79bn to restore its telecom sector, UN says (Engineering & Technology) Russia has been accused of "destroying completely or seizing" telecoms networks in parts of Ukraine by a recent UN agency report.
UK minister: Iran made ‘big mistake’ in giving drones to Russia for Ukraine war (Breaking Defense) With their deadly use, Iranian drones also reveal their weaknesses and Tehran may not get much in return, senior UK official says.
Ukraine war and geopolitics fuelling cybersecurity attacks - EU agency (EU Reporter) Geopolitics like Russia's invasion in Ukraine have led to more severe and widespread cybersecurity attacks over the past year, EU cybersecurity agency ENISA stated in its annual report. ENISA's study focuses on concerns about state actors and the increasing range of threats to companies, governments, and vital sectors like energy, transport, and banking. According to […]
The Russia-Ukraine war is causing some to rethink the role of offensive cyber operations in armed conflict (SC Media) Russia's experience of limited success in Ukraine has some U.S. observers advising that we collectively pump the breaks on the idea that cyberspace is now a fully-fledged domain of war.
War in Europe Draws Investors to Drone, Battlefield AI Makers (Bloomberg) Venture capital investment in defense hit a record last year. Ukraine invasion has spurred investment on the continent.
Russia borrows record $56bn in a month as sanctions batter Putin - live updates (The Telegraph) Russia's federal budget deficit widened to a record in December as revenues plunged amid restrictions on oil exports and spending on the invasion of Ukraine grew.
North Korean Crypto Hacks to ‘Surge,’ Say Experts (Cryptonews) A “surge” in North Korean crypto hacks is on its way in 2023 as markets recover, a security provider has claimed. Discover more!
Microsoft Flags Ransomware Problems on Apple's macOS Platform (SecurityWeek) Microsoft’s threat intelligence team continues to call public attention to security problems on Apple’s macOS operating system.
Sketchy ChatGPT App Soars Up App Store Charts, Charges $7.99 Weekly Subscription (MacRumors) A sketchy app claiming to be the bot ChatGPT has soared up App Store charts, charging users a $7.99 weekly subscription to use a service that is...
Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL (BleepingComputer) The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers.
Banking malware Dridex attacking Mac, MacBook computers with sneaky infection method (Fox News) Kurt "CyberGuy" Knutsson discusses recent crimes attributed to the cybercriminal group Evil Corp; it's known to attack Mac computers using malware known as Dridex.
German regulator warns of new banking and crypto malware ‘Godfather’ (Cointelegraph) Germany’s Federal Financial Supervisory Authority released an official warning regarding “Godfather,” a malware collecting user data in banking and crypto apps.
Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529) (Unit 42) We discovered a new high-severity vulnerability (CVE-2022-23529) in the popular JsonWebToken open source project.
Industry-first research from Axis Security finds 65% percent of organizations plan to adopt a Security Service Edge platform within next two years (PR Newswire) Axis, in partnership with Cybersecurity Insiders, released industry-first data with its 2023 Security Service Edge (SSE) Adoption Report. This...
Cyber Intelligence Briefing Special: Lorenz Opens Old Backdoors (SRM) S-RM’s Incident Response team has observed Lorenz using a 5-month-old web shell as a way into a victim’s network and foothold for a ransomware attack.
Remote code execution bug discovered in the popular JsonWebToken library (Security Affairs) The open-source jsonwebtoken (JWT) library is affected by a high-severity security flaw that could lead to remote code execution. The open-source JsonWebToken (JWT) library is affected by a high-severity security flaw, tracked as CVE-2022-23529 (CVSS score: 7.6), that could lead to remote code execution. The package is maintained by Auth0, it had over 9 million weekly downloads […]
BaFin Alerts on Trojan Virus Affecting Crypto Apps (Financial and Business News | Finance Magnates) Germany’s BaFin has urged consumers to beware of ‘Godfather’, a trojan virus that attacks Android-based banking and crypto apps.
Darknet drug markets move to custom Android apps for increased privacy (BleepingComputer) Online markets selling drugs and other illegal substances on the dark web have started to use custom Android apps for increased privacy and to evade law enforcement.
Rackspace ransomware attack was executed by using previously unknown security exploit (Help Net Security) The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached Rackspace.
Threat Actors Spread RAT Via Pokemon NFT Card Site (Infosecurity Magazine) Phishing page lures unsuspecting users into installing remote access malware
Hackers access Windows devices through fake Pokémon game (Cybersecurity Connect) Hackers have launched a fake Pokémon game and are using it as a vessel to distribute a remote access tool (RAT) and gain control of windows devices. Aiming to draw users in on both the popularity of
Gotta catch ‘em all: cybercriminals target victims with fake Pokémon game (CyberNews) Threat actors capitalize on the popularity of a Pokémon franchise and a buoyant NFT card trading market to spread malware.
Oregon Insurer Data Breach May Have Exposed Personal Info (GovTech) The insurer posted additional information about the breach online and offered free ID theft and monitoring service for at least 12 months. SAIF said it has been unable to determine how many people the breach affected.
UK Environment Agency website used to send people to fake porn sites (Computing) Threat actors exploited an open redirect available on the site
Air France, KLM Customers Warned of Loyalty Program Account Hacking (SecurityWeek) Air France-KLM has started informing Flying Blue customers of account compromise leading to data breach.
Hackers demand £15m ransom from Hull and Yorkshire schools after cyber attack (HullLive) Hackers have hit the 15 schools in Hope Sentamu Learning Trust and an independent Hull school
Oxford University dating website 'Oxshag' shut down over 'data breach' (Mail Online) Students and staff quickly complained the 'OxShag' website breached their privacy by publicly listing their entire university directory - including academics, porters, administrators and more.
No good deed goes unpunished: How phishing exploits gov workers (GCN) Phishing attacks target employees’ natural curiosity and their commitment to public service, experts say.
Iowa's largest city cancels classes due to cyber attack (Manistee News Advocate) Iowa's largest school district cancelled classes for Tuesday...
Des Moines Public Schools cancels classes due to cyber attack (KCRG) The District said that classes would be canceled for its 33,000 students after being “alerted to a cyber security incident on its technology network.”
Auth0 fixes RCE flaw in JsonWebToken library used by 22,000 projects (BleepingComputer) Auth0 fixed a remote code execution vulnerability in the immensely popular 'JsonWebToken' open-source library used by over 22,000 projects and downloaded over 36 million times per month on NPM.
Global Cyber-Attack Volume Surges 38% in 2022 (Infosecurity Magazine) Last year was also worst on record for UK businesses
Netskope Threat Research: Malware-Delivering Cloud Apps Nearly Tripled in 2022 (PR Newswire) Netskope, a leader in Secure Access Service Edge (SASE), today unveiled new research showing that over 400 distinct cloud applications...
Cloud and Threat Report: 2022 Year In Review (Netskope) This edition of the Cloud and Threat Report takes a look back at 2022 and highlights the most significant trends relating to cloud adoption and threats on the web and in the cloud.
The dark web's criminal minds see Internet of Things as next big hacking prize (CNBC) Cars and medical devices are critical, and vulnerable, entry points for criminal hackers betting the Internet of Things is their next big payday.
What is the Relationship Between Ransomware and Phishing? (Digital Defense) Find out how cyber attackers combine ransomware and phishing to efficiently deploy malicious payloads and how you can use pen-testing to better protect your environment.
Delinea 2022 State of Ransomware Report Reveals That Attacks are Down 61% from the Previous Year, and Ransom Payments are Also on the Decline (PR Newswire) Delinea, a leading provider of Privileged Access Management (PAM) solutions for seamless security, today published its 2022 State of Ransomware...
2022 Global Ransomware Survey Report | Research Results (Delinea) See what 300 IT security leaders said about ransomware. Benchmark your strategies against your peers, improve your readiness and incident response
Venture To Cybersecurity Drops By A Third (Crunchbase News) The fourth quarter saw only $2.4 billion go to cyber startups, the lowest amount of venture investment in the sector since the third quarter of 2020.
NetSPI Acquires nVisium, Bringing Top Penetration Testing Talent Together (PR Newswire) NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the acquisition of nVisium to further scale...
Inside Diligent Academy's goal to educate future tech industry workers — and keep them in Baltimore (Technical.ly) Diligent and SV Academy leaders celebrate their first local training academy cohort with an event held in the middle of the program for sales and support professionals, following the former's expansion to the Inner Harbor.
Cerberus Sentinel to acquire RAN Security (CISO Global) Cerberus announced that it has signed a definitive agreement for the acquisition of RAN Security, a cybersecurity company ...
Twitter has had to tell staff its email about their severance agreement 'is not a phishing attempt' after many went straight to spam (Business Insider) Laid-off Twitter staff were sent an email from an unfamiliar address, directing them to a website where they could view their separation agreement.
Parsons Subsidiary Secures DARPA Cybersecurity Assessment Contract (The Defense Post) DARPA has awarded Parsons subsidiary BlackHorse Solutions a contract to support the agency’s cybersecurity assessments.
50 CISOs to watch (Lacework) The role of CISO is one of the most important in any organization, and one that holds some of the most significant responsibilities:
authID Deploys Verified™ Human Factor Authentication™ Service with Tax Status (GlobeNewswire News Room) Verified™ stops account takeover with unphishable authentication for Tax Status’ enterprise partners DENVER, Jan. 09, 2023 (GLOBE NEWSWIRE) --...
GlobalSign Now Certified on Four ISO standards (GlobalSign) Only leading CA worldwide to achieve this certification
Silobreaker integration with DomainTools enriches threat intelligence context and visibility (Silobreaker) New integration provides domain risk scores and allows users to pivot seamlessly to the DomainTools Iris Investigate platform directly from Silobreaker Silobreaker, a leading security and threat intelligence firm, today announced a new integration with DomainTools, the leader in Internet intelligence. DomainTools’ trusted domain, website, and DNS data is now available directly with Silobreaker, and...
NordVPN verifies no-logs statement for the third time (NordVPN) NordVPN has completed an independent assurance engagement to confirm its no-logs claim. Once again, this confirmed that we do not monitor user activity under any circumstances.
Bluescape Achieves FedRAMP Authorization on Amazon Web Services (PRWeb) Bluescape® announced today that it has achieved Federal Risk and Authorization Management Program (FedRAMP®) Authorization on Amazon Web Services (AW
DoControl Recognized as a Sample Vendor in Two Gartner® Reports: Emerging Tech Impact Radar: Cloud-Native and; Emerging Tech Impact Radar: Security (PR Newswire) DoControl, the automated Software-as-a-Service (SaaS) security company, announced today it has been recognized by Gartner® (Gartner delivers...
NCSC Cyber Essentials to be offered free to some small organisations (Computing) Funded Cyber Essentials Programme will be free for some small charities and legal groups that handle sensitive data
US ramps up space cyber defenses eyeing private businesses (CyberNews) The National Institute of Standards and Technology (NIST) adopted the Cybersecurity Framework for the space sector. Experts want to see more scrutiny on space-based software and firmware.
How To Satisfy the Cyber Insurance Requirement for Multi-factor Authentication for Critical Self-Hosted Applications (CPO Magazine) No one likes paying for health insurance, but we know it takes only one health issue to wipe out a family’s financial resources. Welcome to the new business requirement for cyber insurance.
Stress is hurting cybersecurity: how can we fix it? (IT-Online) The average tenure of a chief information security officer lasts between one and two years, far less than the six years a chief financial officer or eight years a CEO typically spends at a company. This drastic difference is even more staggering when we add new data from the Ponemon Institute, which claims that around […]
DHS, CISA plan AI-based cybersecurity analytics sandbox (Register) High-spec system is crucial to defending against the latest threats
Roomba testers feel misled after intimate images ended up on Facebook (MIT Technology Review) An MIT Technology Review investigation recently revealed how images of a minor and a tester on the toilet ended up on social media. iRobot said it had consent to collect this kind of data from inside homes—but participants say otherwise.
Northrop Grumman Advances Scaled Electronic Attack Capability (Northrop Grumman Newsroom) Northrop Grumman Corporation (NYSE: NOC) has successfully demonstrated key components of the company's future Ultra-Lite Electronic Attack (EA) Prototype System. The demonstrations were conducted in collaboration with the U.S....
Ground-breaking Tech Finally Turns Cybersecurity's Weakest Link to Its Greatest Strength, Says Deakin University (Access Wire) Tide's new approach to digital identity allows users to authorize a system, instead of the system authorizing the users. MELBOURNE, AUSTRALIA / ACCESSWIRE / January 9, 2023 / The Tide Foundation, in a joint research partnership with Deakin University have validated a new security paradigm. Tide untangles the paradox of "who's guarding the guardian?" undermining today's security dogma. That dogma suggests that to secure something, you should
Five Eyes alliance meets to discuss zero-trust cyber security (Cybersecurity Connect) The Pentagon has hosted a meeting of the Five Eyes security alliance to discuss zero trust cybersecurity. The US invited representatives from Australia, Canada, New Zealand, and the UK to Fort Meade i
Japan, U.S. to agree on security standards for government software (Nikkei Asia) Nishimura and Mayorkas to sign memorandum on cooperation for cybersecurity
FedRAMP just got better – and is here to stay (Coalfire.com) With the inclusion of the FedRAMP Authorization Act in the FY23 National Defense Authorization Act, Congress and President Biden have taken a giant step forward in securing America’s cloud-first mission. From FISMA in 2002 to the OMB’s original Federal Risk and Authorization Management Program in 2011, FRAA 2022 accelerates secure cloud momentum for government agencies.
Exclusive: CISA’s Jen Easterly wants to protect US hospitals following spate of ransomware attacks (Fox News) In the past three years, cyberattacks on hospitals have surged, threatening patients’ information and access to care and even resulting in some deaths.
New Jersey, Ohio join other states in banning TikTok from state devices (Reuters) New Jersey and Ohio said on Monday they were joining other states in banning use of the popular video app TikTok on government-owned and managed devices.
There are TikTok bans in nearly two dozen states (Washington Post) Inside the state bans on TikTok
Meta’s EU Privacy Fine Fight Muddles Outlook for Targeted Ads (Bloomberg Law) Meta Platforms Inc.'s planned challenge to an enforcement action from European privacy regulators amplifies ongoing legal uncertainty over what the bloc’s data protection regime means for personalized advertising online and the tech company’s business model.
Justices Turn Away Israeli Spyware Maker in WhatsApp Suit (SecurityWeek) The Supreme Court rejected Israeli spyware maker NSO Group's bid to derail a high-profile lawsuit filed by the WhatsApp messaging service.
NSA Asks High Court To Reject Mass Surveillance Challenge (Law360) The federal government has urged the U.S. Supreme Court to reject the Wikimedia Foundation's bid to revive a case challenging a National Security Agency mass surveillance program, saying the foundation had misread an underlying decision regarding the state secrets privilege.
US justice department investigating papers stored at Biden’s former institute (the Guardian) Classified documents found by president’s personal lawyers while closing out office at UPenn’s Biden Center for Diplomacy
What to Know About Biden’s Classified Documents Controversy (Time) The discovery raises questions of potential unlawfulness and will have political implications amid a similar Trump probe
For a complete running list of events, please visit the Event Tracker.
SGTech Week 2023 (Park Plaza Amsterdam Airport, Netherlands, Mar 20 - 24, 2023) The 4th annual SGTech Week 2023 brings together 150+ utility Substation, SCADA System, Utility Telecom and Cybersecurity colleagues, for a review of the latest smart grid implementation projects and innovation roadmaps. The week-long programme combines a series of Standardisation workshops, with C’level plenary sessions, techno-commercial case-study presentations, technology innovation panel debates, and intimate end-user roundtable discussions, to drive awareness of recent successes and setbacks as well as stimulate new ideas to drive the deployment of the smart grid further faster.
Certified CMMC Professional (CCP) 2.0 Exam Prep (Virtual, Jan 9 - 13, 2023) This 5-day CCP course covers the foundational required curriculum along with CMMC Level 2 scoping and the full 110 practices. Edwards Cyber AB approved CCP 2.0 courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC industry’s most respected consultants along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now.
Convene: Security Training and Awareness Conference (Clearwater, Florida, USA, Jan 10 - 11, 2023) The National Cybersecurity Alliance is gathering training and awareness professsionals together to connect, share, and convene. Connect with the training and awareness community. Convene was created for this close-knit group, which has few opportunities to connect in person at an event designed just for them. Learn best practices. Thought leaders and industry executives will share their recent successes, failures and insights from recent campaigns and programs. Build camaraderie. Immersive gatherings with like-minded professionals breed innovation, sharing and human connection.
Insider Threat Program Development - Management Training Course (Laurel, Maryland, USA, Jan 30 - 31, 2023) The training course will be taught at the Johns Hopkins University Applied Physics Laboratory, in Laurel, Maryland. This highly sought after and very comprehensive 2 day training course will ensure the Insider Threat Program (ITP) Manager/ Senior Official (Insider Threat Analyst, FSO, CSO, CISO, Etc.), and others who support the ITP (Human Resources, IT, Network Security, Etc.), have the Core Knowledge, Blueprint, Resources needed for developing, managing, enhancing an ITP / ITP Working Group. Our student satisfaction levels are in the exceptional range. Over 900+ individuals have attended this training course and received ITP Manager Certificates.
CybertechGlobal Tel Aviv (Tel Aviv, Israel, Jan 30 - Feb 1, 2023) Cyber is all around us—it is one of the most trending topics in the tech and business arenas. It is a whole-encompassing industry that is not only about threats, but also covers the scope of digitalization and opportunities in the realm of innovation. From Tel Aviv and Rome, to Tokyo, Singapore, Panama, and more, Cybertech is the cyber industry’s foremost B2B networking platform conducting industry-related events all around the globe. Our conferences and exhibitions serve as the go-to place to make business happen and learn all about the latest technological innovations, challenges, and solutions to combating threats within the global cyber arena. Cybertech events feature top executives, government officials, leading decision-makers from a wide range of sectors including critical infrastructure, insurance, retail, health and government, defense, R&D, manufacturing, automotive, and more! Multinational corporations, startups, private and corporate investors, venture capital firms, experts, and clients—come and meet all the key players from the cyber industry and be immersed in everything there is to offer. Cyber. We live it. Breathe it. All at the forefront of global innovation.
Certified CMMC Professional (CCP) 2.0 Exam Prep (Virtual, Feb 6 - 10, 2023) This 5-day CCP course covers the foundational required curriculum along with CMMC Level 2 scoping and the full 110 practices. Edwards Cyber AB approved CCP 2.0 courses enable participants to sit for the CCP exam – making you a valuable resource to a consultancy providing CMMC preparation, C3PAO providing certified assessor support, or organization interested in having in-house CMMC trained resources. Edwards all-star lineup of Provisional Instructors (PIs) includes several of the CMMC industry’s most respected consultants along with Edwards’ internal SMEs to deliver their action packed bootcamps. Learn more and register now.
