The CyberWire Daily Briefing for 8.6.2013
news from SINET's Innovation Summit
Frank Montoya, National Counterintelligence Executive, opened the conference this morning with a keynote address. Before placing counterintelligence into the context of cyber innovation, he lamented what he characterized as the current misrepresentation of Intelligence Community programs and activities—these are defensive, and not directed against US citizens. He was especially concerned to dispute claims of pervasive Government surveillance of content, which he described as simply beyond any agency's human capacity.
He urged symposiasts to leave their preconceptions about counterintelligence behind—it's no longer trench coats and fedoras. The threat is not what it once was. Now counterintelligence concerns itself with protecting supply chains, with thwarting insider threats, with all aspects of cyber security. Our lives are now online, and so the adversary is there as well. Cyber conflict is waged globally, and government depends upon industry for innovation. The US Government is also committed, by law, to protecting American business from industrial espionage.
Finally, Montoya called for engagement—industry should bring its challenges and solutions to the Government. Our law and our infrastructure must catch up with our technology. He concluded by drawing attention to the risk of neglecting STEM education in the United States.
The morning's first panel, "Federal Cybersecurity Opportunities for Small and Large Business," on which Deltek, NSA, Mocana Corporation, and DHS National Protection and Programs Directorate were represented, stressed the third phase of mobile technology as the coming need for the enterprise: security is the bottleneck to more widespread adoption.
John Mullen, Senior Operations Officer, CIA, spoke on the intersection of cyber security and human frailty. He began with three points: (1) Risk management strategies protect intellectual property. (2) Security programs aren't easy and don't generate revenue, but they will protect long-term viability and profits. (3) People represent the greatest cyber vulnerability any organization has. Insiders facilitate 70-98% of information losses.
He noted that tools used by foreign opposition to steal secrets include open source intelligence, an integrated (and state-sponsored or state-owned) approach, tradecraft, and organization. Their technology includes remote hacking, black-bag operations on mobile devices, and the supply chain itself.
Mullen observed that traditional recruitment and compromise of people continues. Opposition intelligence services work hard to compromise insiders. And it's worth noting that people tend to be more open (with secrets, opinion, secrets disguised as opinion) online than in person.
He advised companies to look at themselves, identifying what's invaluable. What makes your organization unique? Who determines what's secret, what's proprietary in your company? Mullen concluded with a reminder that the opposition only needs to get it right once. Security and threat mitigation must be an integral part of every enterprise's regular operations.
The morning's final panel, on legislative action and executive orders affecting critical infrastructure protection, addressed emerging voluntary, industry-driven standards, and the forcing role regulation plays in material disclosure. European regulation differs from US regulation in that it's risk-based. In the US, regulation and legislation tend to issue in long lists of things that must be done. US fixation on compliance breeds compliance fatigue, over-lawyering, and concentration on doing the exact minimum. The US might look with profit at the European model.
We'll continue our coverage of SINET's Innovation Summit tomorrow. In the meantime, Follow us on Twitter @thecyberwire for updates as the conference continues.
Quartz takes it as a given that Chinese intelligence services are engaged in general and continuing cyber attacks on international targets. It notes that PLA hackers have turned up in a Trend Micro honeypot that simulated a rural Missouri water utility—nobody's idea of a high-payoff target. The conclusion Quartz draws is that China is making a long-term effort to gain control over foreign physical infrastructure.
Several probes of the financial sector are reported, including a new Android Trojan and a spoofed Bank of America email laden with malware. Banks seem to be coping with denial-of-service attacks, and analysts take a look at the Izz ad-Din al-Qassam Cyber Fighters, among the most prominent and determined DDOS attackers. Their operations bear the marks of state or quasi-state sponsorship, most probably by Iran, with Hamas running a distant second as a suspect.
Wi-Fi routers continue to present attractive attack surfaces. A cross-platform remote-access Trojan is now available on the black market. US Airways warns of a breach in frequent flier accounts.
More reports appear on the means used to breach TOR anonymity in recent law enforcement operations.
In market news, the US Department of Defense urges companies to invest heavily in industrial research and development. California and Maryland continue to lead the cyber job market.
In cyber law enforcement, Florida emerges as a hotbed of identity theft. Interpol identifies an attractive new field for criminal activity: carbon credit trading. In the US, the Drug Enforcement Agency is using cyber intelligence in its investigations.
Notes.
Today's issue includes events affecting China, European Union, Iran, Ireland, Republic of Korea, Palestinian Territories, United Nations, and United States..
New York: the latest from SINET's Innovation Summit
NSA Mobility Program (NSA) The NSA Mobility Program was established in response to the substantial and justified urgency for delivering Mobility solutions that securely provide the rich user experience of commercial technology. As clients and partners accelerate towards agile and mobile communications, NSA's Information Assurance Directorate (IAD) has the responsibility for providing mobile capabilities that can evolve at the pace of today's commercial market, and balance security requirements with user experience
The National Counterintelligence Executive (Office of the National Counterintelligence Executive) As the premier counterintelligence and security agency in the US Government, the Office of the National Counterintelligence Executive will provide effective leadership and support to the counterintelligence and security activities of the US Intelligence Community, the US Government, and US private sector entities who are at risk of intelligence collection or attack by foreign adversaries
Transition to Practice (DHS) The Department of Homeland Security Science and Technology Directorate has White House support to assist in transitioning cyber security technologies developed through federally funded research and development (R&D) into broader utilization. The Transition to Practice (TTP) program was identified by the Federal Networking and Information Technology R&D (NITRD) program of the White House as one of a set of interrelated priorities for the United States Government (USG) – and established DHS as the lead for this interagency initiative
About the National Protection and Programs Directorate (DHS) NPPD's vision is a safe, secure, and resilient infrastructure where the American way of life can thrive. NPPD leads the national effort to protect and enhance the resilience of the nation's physical and cyber infrastructure
Cyber Attacks, Threats, and Vulnerabilities
If the Chinese army is trying to hack a Missouri water plant, what else is it infiltrating? (Quartz) The question of whether the Chinese military is on a hacking offensive has largely been answered--and, despite Chinese government protestations, it sure looks like a pretty big "yes." However, beyond the widely reported infiltration of foreign companies, the question of what else it's hacking remains hazy
Analysis: Who's Really Behind DDoS? (Bank Info Security) Now that Izz ad-Din al-Qassam Cyber Fighters has launched its fourth phase of distributed-denial-of-service attacks against U.S. banks, many observers are continuing to ask: Who's behind this group, and what are the real motives
Malicious Bank of America (BofA) ''Statement of Expenses' themed emails lead to client–side exploits and malware (Webroot Threat Blog) Bank of America (BofA) customers, watch what you click on! A currently ongoing malicious spam campaigns is attempting to entice BofA customers into clicking on the client-side exploit serving URLs found in legitimate looking 'Statement of Expenses' themed emails. Once users with outdated third-party applications and browser plugins click on the link, an infection is installed that automatically converts their PC's into zombies under the control of the botnet operated by the cybercriminal/gang of cybercriminals behind the campaign
Researchers find trojanized banking app that exploits critical Android bug (Ars Technica) Google's smartphone app verification tool to the rescue. Researchers have unearthed another malicious app exploiting a critical vulnerability in Google's Android OS that allows attackers to inject malicious code into legitimate programs without invalidating their digital signature. The threat poses as an update for the official Android app available to customers of NH Nonghyup Bank, one of South Korea's biggest financial institutions, according to a blog post published Friday by researchers from antivirus provider Trend Micro
BGP spoofing — why nothing on the internet is actually secure (ZD Net) A skilled attacker with access to the right router can co-opt routes to destination IP address. When this happens, nothing on the internet is trustworthy. And there's no way to stop it
Anatomy of a cryptographic oracle — understanding (and mitigating) the BREACH attack (Naked Security) A whole lot has been talked, over the past week, about BREACH, a newly-documented attack against HTTPS. Paul Ducklin digs into the theory, shows how it works in practice, and suggests how to soften the blow
OpenX Ad Server Backdoor (Internet Storm Center) According to a post by Heise Security, a backdoor has been spotted in the popular open source ad software OpenX. Appearantly the backdoor has been present since at least November 2012. I tried to download the source to verify the information, but it appears the files have been removed
Cross–platform backdoor created with RAT available online (Help Net Security) For malware authors and attackers, the ideal malware is that which works on as many platforms as possible. As Java is used in a wide variety of computing platforms, it stands to reason that applications
Network Security: How Attackers Gain Access from Inside (CircleID) Most people -- mistakenly -- believe that they are perfectly safe behind a firewall, network address translation (NAT) device or proxy. The fact is quite the opposite: if you can get out of your network, someone else can get in. Attackers often seek to compromise the weakest link in a network and then use that access to attack the network from the inside, commonly known as a "pivot-and-attack."
Wi-Fi routers: More security risks than ever (C/NET) The research team that discovered significant security holes in more than a dozen home Wi-Fi routers adds more devices to that list at Defcon 21
US Airways Dividend Miles Accounts Compromised (eSecurity Planet) Frequent flier program members' names, addresses, e-mail addresses and answers to security questions were accessed. US Airways recently began notifying some members of its Dividend Miles frequent flyer program that a "small number" of Dividend Miles accounts were accessed by unauthorized users, who had obtained the accounts' user names and passwords through "means as yet unknown to us."
Tor Anonymity Cracked; FBI Porn Investigation Role Questioned (InformationWeek) Some security experts ask whether an FBI sting operation exploited a vulnerability in Firefox to disable the anonymity offered by the Tor network. Did an FBI sting operation exploit a vulnerability in Firefox to disable the anonymity offered by the Tor network, for the purposes of cataloging the Internet protocol (IP) addresses of visitors to sites that distribute child pornography? While details are still emerging, that's one thesis being advanced by information security experts, after Freedom Hosting — which offers anonymous Tor software services, but isn't affiliated with The Tor Project itself — went dark, sometime before midnight Sunday. The outage appeared to take numerous hidden Tor services offline, including the HackBB forums and the anonymous Tor Mail service
Researchers say Tor–targeted malware phoned home to NSA (Ars Technica) JavaScript attack had a hard-coded IP address that traced back to NSA address block. Malware planted on the servers of Freedom Hosting--the "hidden service" hosting provider on the Tor anonymized network brought down late last week--may have de-anonymized visitors to the sites running on that service. This issue could send identifying information about site visitors to an Internet Protocol address that was hard-coded into the script the malware injected into browsers. And it appears the IP address in question belongs to the National Security Agency
Cyber Trends
Black Hat: Lessons For SMBs From The Dark Side Of Security (Dark Reading) Issues affecting large enterprises are the bread and butter of Black Hat, but even smaller firms have something to learn. With presentations on a variety of vulnerability research, malware analysis and new attack techniques, the Black Hat Briefings tends to be a security conference for analysts and managers from large firms and security vendors
Lancope Survey: Enterprises in Denial Regarding Network Security (Dark Reading) Nearly two-thirds of surveyed organizations not aware of any recent security incidents
Employee missteps among top causes of data theft (Kaspersky Lab) Employee error is one of the main causes of internal IT security incidents which lead to the leakage of confidential corporate data, according to the findings of the Global Corporate IT Security Risks 2013 survey conducted by B2B International in collaboration with Kaspersky Lab this past spring
Marketplace
Cyber Security Expert Barrett Lyon Brings Defense.net Out Of Stealth To Battle A New Wave Of DDoS Attacks (TechCrunch) Cyber security expert and serial entrepreneur Barrett Lyon has a new startup coming out of stealth today. The company, named Defense.net, specializes in mitigating DDoS attacks — something Lyon knows a little something about. And it has raised $9.5 million from Bessemer Venture Partners to go after that market
DISA turns on first Joint IT node (Nextgov) The Defense Information Systems Agency turned on the first node in its new, global Joint Information Environment at a regional Enterprise Operations Center in Stuttgart, Germany, last week
Energy lab's wireless system secure enough for classified data (GCN) The Energy Department's Savannah River National Laboratory has developed prototype hardware for secure transmission of classified data that has been approved by the National Security Agency
GE and Jerusalem Venture Partners Invest In ThetaRay (Pulse 2.0) ThetaRay is an Israeli startup company that is working on preventing Advanced Persistent Threats (APT) and Zero Day Attacks. General Electric has joined
California and Metro Washington D.C. — Top Destinations for Cyber Security Talent (Dark Reading) Semper Secure, a public-private partnership focused on increasing the number and quality of cyber security professionals, today announced the results of its Cyber Security Census. Based on a survey of 500 cyber security professionals from 40 different industries across 43 states, the District of Columbia, and Puerto Rico, and underwritten by Northrop Grumman, NetApp, and MeriTalk's Cyber Security Exchange, the census reveals what motivates today's cyber security professionals as well as how to train and recruit the next generation. According to the report, cyber security professionals earn on average $116,000 annually, but are driven by more than a paycheck - they want to work for an employer with a reputation for honor and integrity
CACI Gets $425M Intelligence Contracts (Zacks) CACI International Inc (CACI - Analyst Report) recently won $425-million worth of previously unannounced contracts to deliver information solutions and services to national-level intelligence organizations protecting the U.S. security
Department of Homeland Security Awards Denim Group with Research Grant to Better Protect The Critical Infrastructure by Improving Software Vulnerability Management (PRWeb) Denim Group, the leading secure software development company, today announced that it was awarded a Phase 1 Small Business Innovation Research (SBIR) grant of $100,000 by the Department of Homeland Security to improve the accuracy and comprehensiveness of software vulnerability analysis activities. This will enable security analysts and software developers to fix software applications, a key exposure point into systems of all kinds, faster and more easily than ever before
DoD To Industry: Invest In R&D (DefenseNews.com) The Pentagons acquisition chief is calling for defense companies to maintain self-funded research-and-development initiatives, particularly as US Defense Department investment in these technology programs declines
NSA revelations could cost US lead in cloud computing (Business Journal) A survey conducted in June and July by the Cloud Security Alliance found that 10 percent of foreign cloud industry participants had cancelled a project with a
Products, Services, and Solutions
Guardtime and MTSI Announce Strategic Alliance to Deliver KSI (MarketWatch) The partnership couples the unprecedented information assurance capabilities of Guardtime's KSI technology along with MTSI's role as a neutral systems
Collaborative threat intelligence platform from ThreatConnect (Help Net Security) ThreatConnect launched the ThreatConnect Platform, a combination of analytical tools that assist in finding and analyzing threat indicators and community-based sharing features that enable
Technologies, Techniques, and Standards
Detect the undetectable: Start with event logs (Detect the undetectable: Start with event logsInfoWorld) Security event monitoring systems are often plagued by signal-to-noise problems. Here's how to ensure they produce meaningful alerts
How to Check if Your Website is Part of the StealRat Botnet (TrendLabs Security Intelligence Blog) For a few months now, we have been actively monitoring a spambot named StealRat, which primarily uses compromised websites and systems in its operations. We have continuously monitored its operations and identified about 195,000 thousand domains and IPs that have been compromised. The common denominator among these compromised sites is that they are running vulnerable CMS software such as WordPress, Joomla and Drupal
Trust the PKI or it's anarchy on the Internet (ZD Net) When Microsoft automatically updates your Windows trusted root certificates, are they inserting secret backdoors for the NSA to spy on you? No, but even if they were, you'd still have to trust them
Cloud security certification in the works following NSA revelations (FierceEnterpriseCommunications) According to a report in CloudPro, "The Cloud Security Alliance (CSA) is addressing cloud customer concerns about data security by tying up with the British
Research and Development
Spy agencies want low–energy system to solve 'interesting problems' (ComoputerWorld) Government intelligence chief seeks help in building superconductor computer that could ease the path to exascale
Smartphones could evolve into password killers (CSO) But much depends on the development of highly reliable biometric technolog
Academia
University Program Trains Data Analysts, Gathers Intelligence for U.S. Agencies (Information Management) A partnership between Auburn University and Intelligent Software Solutions is adding a novel wrinkle to the old adage of learning by doing. In this case, Auburn students will hone real-world data analytics skills by gathering military intelligence for the U.S. government
Student Security Competitions Help Lock Down Careers (Campus Technology) To woo young people to the field of cyber security, local, regional, and global competitions give students a chance to test their knowledge and skills in front of the experts
Legislation, Policy, and Regulation
Intelligence does little to boost image of NSA's database (Washington Times) Even if the weekend's intelligence warnings about the threat of terrorist attacks in the Middle East came from electronic eavesdropping abroad by the National Security Agency, that would not ease congressional opposition to the NSA's mass collection of domestic phone records, lawmakers from both parties said Monday
N.J. Lawmakers Introduce SMART Grid Study Act (Renew Grid) A bipartisan group of U.S. representatives in New Jersey has introduced to Congress the Saving More American Resources Today (SMART) Grid Study Act of 2013, legislation that calls for assessing ways to protect the nation's grid from natural disasters and other threats
China reportedly blocks access to Chinese language Wall Street Journal websiite (ITProPortal) China has blocked access to the Wall Street Journal, adding the renowned newspaper's website to a list that reads like a who's who of the US-based international new outlets
Black Hat 2013: Industry Response to General Alexander's Keynote (Infosecurity Magazine) The Black Hat 2013 keynote, presented by General Alexander, director of the NSA, was potentially the most highly-anticipated talks I've been to in my seven years in this industry. I'm not being overly-dramatic when I say you could literally feel the tension in the room as Black Hat's delegates waited -most cynical and some hopeful - for the General to take to the stage
Litigation, Investigation, and Law Enforcement
Interpol warns of criminal focus on $176 billion carbon market (RTCC) Crime agency says lack of oversight and transparency threaten the environmental integrity of carbon markets
Florida becoming a center for identity theft (Consumer Affairs) The crime of identity theft isn't new. What's new is its increasing frequency and the fact that it tends to be clustered in certain cities and certain states
McAfee CTO to Lead Cybersecurity at Homeland Security (Wall Street Journal) The U.S. Department of Homeland Security is set to tap a top executive at computer security giant McAfee, a unit of Intel, as the next official to head its cybersecurity division, several people familiar with the matter said
Looking For Balance In Handling Leakers (Washington Post) Can something positive come out of the concern over government intelligence operations, the leaks exposing them, and the investigations of the leakers
IRS Told to Do More to Curb 'Epidemic' of Identity Theft Fraud (Government Executive) Tax fraud by identity thieves is on the rise, and the Internal Revenue Service should respond by beefing up enforcement and do more to make victims whole, a House panel was told on Friday
Exclusive: U.S. directs agents to cover up program used to investigate Americans (Reuters) A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
International Conference on Cyber Security (New York, New York, USA, Aug 5 - 8, 2013) The Federal Bureau of Investigation and Fordham University will host the fourth International Conference on Cyber Security (ICCS 2013) on August 5 - 8, 2013 in New York City. ICCS, the White Hat Summit, is an unparalleled opportunity for global leaders in cyber threat analysis, operations and law enforcement to coordinate their efforts to create a more secure world. With the number of cyber threats escalating worldwide, the need for comprehensive security analysis, assessment, and actions has never been greater. Join those working on the front-lines of secure cyber networks at ICCS for the opportunity to learn useful knowledge and share critical intelligence on issues shaping the future of cyber security.
SINET Innovation Summit (New York, New York, USA, Aug 6, 2013) The purpose of the Innovation Summit is to reinvigorate public private partnership efforts and increase relationships between industry, government and academia that fosters sharing of information and collaboration on mutual Cybersecurity research projects.
3rd Annual Cyber Security Training Forum (Colorado Springs, Colorado, USA, Aug 6 - 7, 2013) The Information Systems Security Association (ISSA) - Colorado Springs Chapter and FBC, Inc. will once again host the 3rd Annual Cyber Security Training Forum (CSTF). Formerly known as the Cyber Security Training Conference, CSTF is set to convene from Tuesday August 6, 2013 to Wednesday, August 7, 2013 at the DoubleTree by Hilton, Colorado Springs, Colorado.CSTF 2013 will bring together cyber experts from the DoD, federal government, business, research, and academia to address: the latest DoD and government cyber policies, remediation strategies and best practices, the growing impact, and evolution, of cyber threats and how to continue to protect and defend the Global Information Grid (GIG), mobility strategies, cloud & virtualization advancements, and emerging technologies. This will be accomplished through a number of in-depth cyber sessions, hands on live demonstrations, the yearly cyber challenge and government and industry exhibits. Don't miss this educational, and cost effective, cyber event in Colorado Springs, CO..
AFCEA Tinker AFB Information Technology & Cyber Security Expo (Oklahoma City, Oklahoma, USA, Aug 8, 2013) Commercial vendors are invited to Tinker Air Force Base on Thursday, August 8th to exchange information and provide products demonstrations to the military and civilian personnel on base. IT and Information Assurance professionals from Tinker AFB are looking forward learning about the latest cyber security trends and best practices, networking with peers, and sharing remediation strategies.
AIAA Aviation 2013 (Los Angeles, California, USA, Aug 12 - 14, 2013) Leading cybersecurity experts will speak at AIAA AVIATION 2013, being held August 12-14 at the Hyatt Regency Century Plaza, Los Angeles, Calif. Hosted by the American Institute of Aeronautics and Astronautics, the conference will address the risk of the evolving cyber threats to the world's $2.2 trillion commercial aviation enterprise.
Security in Government (SIG) (Canberra, Australia, Aug 12 - 14, 2013) The 25th annual Security in Government (SIG) conference is to be held from 12-14 August 2013 at the National Convention Centre in Canberra. Assistant Director for the National Security Resilience Policy Division in the Attorney General's Department, Robyn Devin said the SIG conference attracted protective security professionals from both the public and private sector.
A Cloud Computing Introduction for Manager (Columbia, Maryland, Sioux Falls, Aug 13, 2013) Cloud computing is becoming popular. More and more Technical Managers and Project Managers will be interacting with cloud computing, either developing clouds, using clouds, or selecting among cloud and non-cloud alternatives to accomplish their projects. This talk provides a brief and basic introduction to cloud computing, what managers need to know about cloud computing, what are some of the myths, and what they need to ask about cloud computing from service providers. The presentation will include selected questions specific to managers associated with government projects and security risks of cloud computing. This non-technical presentation will help managers understand cloud basics and how to ask better questions when a cloud becomes part of your project. Dr. Patrick Allen of Johns Hopkins University Applied Physics Lab will be the presenter.
Resilience Week 201 (San Francisco, California, USA, Aug 13 - 15, 2013) 2013 Resilience Week brings together colleagues across government, academia and industry to facilitate an exchange of ideas dedicated to promising research in resilient systems that will protect cyber-physical infrastructures from unexpected and malicious threats - securing our way of life. Four different symposia will be offered: Resilient Control Systems, Resilient Cyber Systems, Resilient Cognitive Systems, and Resilient Communication Systems. Keynotes will be provided by numerous leading subject matter experts - from agencies including: NSA, DARPA, Sandia National Laboratory, and Office of the Assistant Secretary of Defense for Research and Engineering.
Kirtland AFB/Sandia/DOE Cyber Security Seminar & IT Expo (Albuquerque, New Mexico, USA, Aug 15, 2013) This expo is designed to stimulate exchanges of information between industry partners and Kirtland AFB Information Management Officers', Information Technology personnel, Contracting Officers' as well as end-users, developers, scientists, researchers and project managers in the areas of cyber security and information technology.
National SCADA Conference (Melbourne, Victoria, Australia, Aug 15 - 16, 2013) The 12th Annual National SCADA Conference, Australia's largest and longest running SCADA conference, will bring together many of the luminaries of the Australian and International SCADA community to evaluate and find solutions for the increasing demands of the SCADA environment. The theme for 2013 will be delivering intelligence and improved performance to SCADA networks. The SCADA conference program will deliver fantastic first-hand knowledge from leading international and local SCADA experts with a great mix of burning SCADA issues, case studies, security and real world implementations together with practical advice. The networking opportunities provided coupled with the largest SCADA exhibition in the Southern Hemisphere ensure the National SCADA Conference is a must attend event for Australia's and New Zealand's SCADA Communit.
First International Conference on Cyber-Physical Systems, Networks, and Application (Taipei, Taiwan, Aug 19 - 20, 2013) CPSNA 2013 will focus on core challenges of cyber-physical systems. Given a tight integration of computation and the physical world, cyber-physical systems must compose robust systems, networks, and applications built upon predictable, analyzable, and certifiable models and abstractions. CPSNA 2013 will serve as a forum to discuss new ideas for such core challenges of cyber-physical systems.
SANS Thailand 201 (Bangkok, Thailand, Aug 19 - 31, 2013) SANS hands-on advanced Information Security training is coming to Thailand this August! SANS is bringing our Web App Penetration Testing course to the Crowne Plaza Bangkok Lumpini Park in Bangkok, Thailand.
2013 Cyber Security Division Transition to Practice (TTP) Technology Demonstration for Investors, Integrators, and IT Companies (I3) — West (San Jose, California, USA, Aug 22, 2013) This event will feature eight innovative cybersecurity technologies that have been developed at the Department of Energy National Laboratories and have the potential to strengthen and organization's cybersecurity posture. During this event cybersecurity professionals and technology investors from private industry will learn about these new technologies through presentations, demonstrations, and discussions with the research teams that produced these technologies. In addition, attendees will have an opportunity to schedule a private one-on-one discussion with the Researcher to discuss opportunities for commercializing the technologies and areas of interest to drive further cybersecurity research. Registration closes August 12.
Defense Logistics Agency Tech Expo (Fort Belvoir, Virginia, USA, Aug 20, 2013) Industry exhibitors are invited to showcase and discuss the latest information services and technology to the personnel at the McNamara HQ Complex.
Human Cyber Forensics Forum (Washington, DC, USA, Aug 21, 2013) This forum brings together subject matter experts to discover and share new means of recognizing the human indicators related to cyber intrusions, and the evolution of these human indicators in the coming decades.