The CyberWire Daily Briefing for 4.26.2013

Cyber Attacks, Threats, and Vulnerabilities

Cisco sees possible exploit vector for DarkLeech compromises (CSO) Craig Williams, technical leader, threat research at Cisco, writes of another old, well-known flaw being exploited

Microsoft Office Ad Turns 'Forbes' Magazines Into Wi-Fi Hotspots (Mashable) Like other tech companies, Microsoft has advertised some of its products in the past by offering free Wi-Fi in public places like subways and park benches. Now, the company is doing something a little more original and promoting a product by offering free Wi-Fi inside a magazine. Yes, you read that right. In a new promotion, Microsoft is advertising Office 365 by installing a T-Mobile router into the latest issue of Forbes magazine, turning the print publication into a Wi-Fi hotspot for two weeks. The promotion was first reported by Engadget and has since been confirmed to Mashable by a Microsoft rep, who noted that it was only to included in a "limited number" of the magazines. "The custom 4-page insert with WiFi Hotspot capabilities ran in the May 6, 2013 issue of Forbes and was sent to a limited number of technology and business professionals"

Pentagon Downplays Comment On F-35 Fighter Jet Cyber Threat (Reuters) The Pentagon on Thursday downplayed a comment by one of its officials that he is not totally confident in the ability of the $396 billion F-35 Joint Strike Fighter, built by Lockheed Martin Corp, to survive a cyber attack

Southern Baptist Website Blocked By Military Software (Fayetteville (N.C.) Observer/AP) Some military chaplains trying to access the Southern Baptist Convention website this week were surprised to find it blocked with a message that it contained "hostile content"

Phishers Hack Hosting Providers To Launch Mass Attacks (Dark Reading) Spearphishing is hot, especially when it comes to targeted attacks. But for phishing campaigns looking for maximum impact and victims, the most popular method is to compromise legitimate hosting providers, and new data shows that vector on the rise worldwide

Public offer of Zeus FaaS service on social network (Security Affairs) My readers know very well the dynamic of cybercrime enterprise and in particular of the growing interest in monetization malicious codes such as malware, ransomware and more in general botnets

SSA controls for SSN verification services insufficient (FierceGovernmentIT) The controls the Social Security Administration uses to detect whether employers use the Social Security Number Verification Service for non-employment purposes are unreliable, according to an April 18 SSA office of inspector general report

Audit finds state servers vulnerable to cyber attack (Baltimore Sun) Servers that host internet service for more than 30 state agencies are vulnerable to a cyber attack, according to a legislative audit released this week. The Maryland State Archives, which oversees the five servers, did not update the operating systems

Vulnerable terminal servers reflect bigger security problem (CSO) Unsecured ports on industrial control equipment, which could let hackers gain admin access, highlights risk of older equipment on modern technology

The Latest Cyber Warfare Weapon: A Hacked Twitter Account (Bloomberg) For all the concern over cyber warfare and the need to fend off sophisticated state-sponsored hacking attacks, here's a discomforting thought: Apparently all you need to disrupt the world's biggest economy is a stolen Twitter password

Two-factor authentication may have done little to stop the AP Twitter hijack (SC Magazine) Could two-factor authentication have prevented hackers on Tuesday from compromising the Twitter account of the Associated Press to send a bogus tweet that President Obama was injured in White House explosions? Maybe, maybe not

AP Twitter Hack: Lessons Learned (Dark Reading) Would you trust an email that says: "Please read the following article, it's very important: www.washinqtonpost.com/blogs/[…]"? So went a phishing email reportedly sent to multiple employees at the Associated Press, less than an hour before the company's Twitter feed was taken over and used to issue multiple tweets, including a hoax report that President Obama had been injured by explosions at the White House. Cue a temporary stock market tumble

Charles Schwab restores services after cyberattack (Computer Business Review) The cyber attack shut down the company's website and mobile applications for about two hours. American brokerage and banking firm Charles Schwab was hit with a denial of service attack and the company said the problem has been resolved. The cyber

Cyber Trends

How Cybercriminals Attack The Cloud (Dark Reading) What attacks are most likely against cloud computing environments? Here's a look -- and some advice. The adoption of cloud-based computing shows no signs of slowing. Indeed, cloud services are expanding at an incredible rate across all sectors of the economy, with the market for public cloud services expected to grow to $210 billion by 2016, according to Gartner. And it's no wonder: The cloud is a compelling proposition for businesses and government agencies alike, offering easy access to shared, elastically allocated computing resources. The model creates savings on capital expenditures and reduces the running costs of operating a network, allowing enterprises to focus more on their core operations instead of IT

Cloud Chivalry – Provider Pride (CloudTweaks) As cloud deployments gain popularity, increasing attention is paid to provider security strength. The cloud security alliance, for example, releases a yearly list of top threats, covering everything from malicious use, data loss, and service hijacking. Heightened public awareness of the cloud has led to oddly intuitive feelings of insecurity – if data resides off-site, it must surely be less secure. Though it's hard to imagine cloud providers with shield raised against whatever virtual attack might breach a client's peace, there's an increasing need for solid cloud security – cloud chivalry, even – which defends otherwise helpless company data from attack. Public and private providers have responded; in many cases, cloud deployments are now more secure than local servers

Big Data: A Revolution That Will Transform How We Live, Work And Think (The National) Viktor Mayer-Schonberger: 'More data is being collected and stored about each one of us than ever before.' Consider the Stasi, the hated secret police force in the former German Democratic Republic. Officially known as the ministry for state security, the agency was a particularly pernicious force in an already oppressive communist state. Its modus operandi was simple: to intimidate, infiltrate and gather intelligence on East German citizens using the most invasive methods. For four post-war decades, the Stasi ruled everyday life with a clenched fist. Only the collapse of the Berlin Wall and the simultaneous fall of the Iron Curtain derailed its operations

Marketplace

UK govt gives money to SMEs for improving their cyber security (Help Net Security) More small businesses than ever are facing the threat of losing confidential information through cyber attacks, according to research published by the UK Department for Business, Innovation and Skills

DoD Still 3700 Cyber Experts Short of Full Staff (DefenseNews.com) The Department of Defense has added thousands of additional cyber experts since US Cyber Command chief Gen. Keith Alexander created a plan to massively grow the ranks of the work force, but the agency is still thousands of people

Mining for infosec talent: How CISOs can fill security positions (TechTarget) A similar approach is to seek out candidates from federal and state government agencies, such as the National Security Agency (NSA) or Central Intelligence Agency (CIA) where employees have experience and certifications in highly disciplined

Infosec 2013: cyber security sector failing to attract new talent (CSO) Only 7 percent of information security professionals are aged 20-29

Lockheed Martin opens cyber security hub in Anne Arundel (Baltimore Business Journal) The 56,000-square-foot Cyber Center of Excellence will be used for customer support services for Bethesda-based Lockheed's cyber security clients, including Fort Meade, which neighbors the building. The facility has capacity for about 250 workers

Just four companies will produce the microchips on which the global economy depends (Quartz) Making advanced microchips has always been hard. But it's now so difficult that the number of companies with the knowledge and cash to do it is about to shrink to precisely four. The factories in which microchips are made, called fabs, can cost billions of dollars. They're like rocket launch sites or nuclear power plants: Everyone knows where they are and how many are in the works. And they make the microchips on which all nearly all advanced smartphones, PCs, servers, and other critical pieces of IT infrastructure depend

Brad Arkin Named Adobe CSO (Threatpost) Adobe has named Brad Arkin to the newly created position of CSO, a major expansion of responsibilities for Arkin, who has been leading the company's product security and privacy initiatives. Adobe has been in the security spotlight for several years now, as attackers have focused their attention on the company's portfolio of products that enjoy

Products, Services, and Solutions

ViaSat ruggedized encryptor gets NSA certification (FinancialNews.co.uk) The National Security Agency/Central Security Service (NSA/CSS) has certified the KG-200R Hardware Encryptor, a ruggedized inline media encryptor from ViaSat Inc. (NASDAQ: VSAT) that protects classified (TS/SCI and below) Data at Rest (DAR)

File protection in the cloud with DigitalQuick (Help Net Security) Fasoo announced that its new data security solution, DigitalQuick, which allows consumers to keep sensitive information private when shared via email or through cloud storage services

Free tool to identify risks in secure shell environments (Help Net Security) SSH Communications Security, the inventor of the Secure Shell and SFTP protocols, today announced the launch of SSH Risk Assessor (SRA), a free tool that provides users with a clear report on risk and

Ubuntu Server 13.04 released (Help Net Security) Canonical today announced that Ubuntu Server 13.04 is available for download, featuring high-availability (HA) for OpenStack. "Ubuntu is built for hyperscale and is the platform of choice

Technologies, Techniques, and Standards

How Lockheed Martin Phishes Its Own (Dark Reading) On several occasions over the past couple of years employees at Lockheed Martin have flagged suspicious emails that turned out to be previously unknown targeted attack campaigns aimed at the defense contractor

Guest Diary: Dylan Johnson - A week in the life of some Perimeter Firewalls (Internet Storm Center) I hope the title of this blog doesn't appear a dry and dull topic because a week in the life of an Internet facing firewall is anything but dull. This is just a short blog detailing an interesting piece of research aimed at promoting situational awareness in relation to the threat from the internet. Perimeter firewalls are the main barriers protecting you from the Internet, should these be misconfigured either maliciously or accidentally, what would you be exposed to

Cybersecurity strikeback will strike out in the private sector (CSO) Between agenda-pushing hactivists, money-grubbing cybercriminals and -- more recently -- spying nation-states, there is no shortage of attackers breaking into our networks, stealing our trade secrets and generally wreaking havoc throughout IT infrastructure

Is your company ready for a big data breach? (Help Net Security) Despite the majority of companies experiencing or anticipating significant cost and business disruption due to a material data breach, they still struggle to take the proper measures to mitigate damage

Secured privileged accounts reduce APT exposure (Help Net Security) Organizations can reduce the threat of targeted attacks by proactively securing privileged accounts, according to CyberSheath. The theft, misuse and exploitation of privileged accounts is a key tactic

Design and Innovation

Cornell Tech to Receive $133 Million from Qualcomm Founder Irwin Jacobs (IEEE Spectrum) Innovation Institute at new university campus to be named after IEEE Medal of Honor Recipient

Research and Development

NSF official stresses importance of government investment in big data (FierceGovernmentIT) Despite a constrained budget environment across government, continued investment in big data is extremely important to the future of the country, said Farnam Jahanian, assistant director for National Science Foundation's computer and information science and engineering directorate. Jahanian spoke during an April 24 hearing of the House Science, Space and Technology subcommittee on technology

Academia

Military Grooms New Officers For War In Cyberspace (Yahoo.com) The U.S. service academies are ramping up efforts to groom a new breed of cyberspace warriors to confront increasing threats to the nation's military and civilian computer networks that control everything from electrical power grids to the banking system

Legislation, Policy, and Regulation

CISPA 'dead' in Senate, privacy concerns cited (ZDNet) CISPA's passing will lead to a second round of debate and amendments in the U.S. Senate

South Africa passes secrets bill; critics say it may hide graft (defenceWeb) The bill spells out a system for classifying information from the military, police and national security agency. It sets up an oversight body and calls for penalties of up to 25 years in jail for illegal possession and distribution of secrets, while

Changing US Code Section Numbers for Key Provisions in Title 50 (Lawfare) In title 50, United States Code, chapter 15 is being reorganized into four new chapters in order to set forth more clearly the provisions of the National Security Act of 1947, the Central Intelligence Agency Act of 1949, the National Security Agency

Put your money on Congress producing a cyber info sharing bill in 2013 (Foreign Policy) Expect to see Congress produce a cybersecurity bill focused on information sharing make its way to the president in 2013, said senior House and Senate staffers involved in drafting the legislation today

US government doesn't need CISPA to monitor communications (Help Net Security) Posted on 26 April 2013. Bookmark and Share. Civil rights and privacy advocates are mobilizing their forces to combat the passing of Cyber Intelligence Sharing and Protection Act (CISPA), but documents obtained by Electronic Privacy Information Center

House Homeland Security Committee Talks Cybersecurity (Multichannel News) He said that the intent of sharing intelligence is to protect cybersecurity "and nothing else." The committee is "not concerned with the Internet habits of ordinary Americans," Meehan said PII (personally identifiable information) "must be protected

SPAWAR Leadership on Information Warfare and the Growing Cyber Threat (DVIDS) "Information Dominance will become a recognized warfare area on par with other traditional warfare areas and is becoming one of our most powerful assets," said Space and Naval Warfare Systems Command (SPAWAR) Chief Engineer Rear Adm. James Rodman during a panel discussion on information and non-kinetic warfare and the growing cyber security threat

Civil rights coalition says EU data protection bill threatens citizens' rights (CSO) Many proposed changes would weaken the legislation, the coalition says

Litigation, Investigation, and Law Enforcement

US child abuse image suspect shielded from decrypting hard drives (Naked Security) The federal magistrate found that forced decryption would violate the computer scientist's Fifth Amendment rights against self-incrimination. It's no triumph for the agents who fight child abuse, but it is a win for privacy and for curtailment of government power over our data

How Obama Makes Phone Companies Spy on Citizens (TechNewsDaily) Rotenberg provided CNET with more than 1,000 pages of government documents that showed that the National Security Agency and the Department of Defense led the way to authorize the clandestine surveillance program. The discussions involved NSA

Report: Obama Officials Authorized New 'Cybersecurity' Warrantless Surveillance Program, Fresh Immunity Given To ISPs (Right Side News) National Security Agency Warrantless Watchdogprogram involving the interception of communications on Internet service providers, including AT&T—one of the key players in the NSA warrantless wiretapping program. Under long-standing federal law

Travelers to Israel can get their emails searched on entry (Help Net Security) Travelers who enter Israel via the international Ben-Gurion Airport, especially those who aren't Israeli citizens, can be asked by Shin Bet (the country's security agency) officers to provide access

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

cybergamut CompTIA Security+Certification Boot Camp Training Program (Baltimore, Maryland, USA, Apr 29 - May 2, 2013) Security+ certification training delivers a foundational proficiency in the network security arena. Security+ Certified Professionals are better able and positioned to support small and medium-sized organizations that are at increased risk of cyber crime and other forms of security-related threats. Security+ certified professionals may now apply the CompTIA Security+ certification towards the Microsoft MCSA and MCSE Security certifications.

TechExpo Cyber Security Hiring Event (Columbia, Maryland, USA, Apr 30, 2013) A hiring event for experienced cyber security professionals, with many leading companies in attendance and interviewing on-the-spot. Learn from the distinguished speakers' panel, details of which will be forthcoming on the event site. All job-seekers should be US citizens with cyber security or IT experience. A security clearance is not required, but preferred.

INSA Leadership Dinner Featuring Betty Sapp, Director, NRO (Reston, Virginia, USA, Apr 25, 2013) - This leadership dinner will feature a keynote address from Betty Sapp, Director of the National Reconnaissance Office highlighting her focus on innovation at the NRO and for the Intelligence Community. Registration will open on Thursday, March 14 and will close Thursday, April 18.

Symposium on Cybersecurity & Information Assurance (Teaneck, New Jersey, USA, May 1, 2013) Fairleigh Dickinson University's Center for Cybersecurity and Information Assurance is pleased to announce its inaugural Symposium on Cybersecurity and Information Assurance to be held on May 1, 2013 in the Wilson Auditorium of the Metropolitan campus. This forum will gather top security professionals from government, industry, and academia to present the current state of cybersecurity affecting our daily lives. The symposium will raise the awareness of attendees about the cyber threats and some of the remedial measures. Among the various facets of this evolving area, focus will be on topics such as Survivability in Cyberspace, Security Pattern Usage in Software Development Lifecycle (SDLC), Network Security Service Implementation issues, and Thinking with a Security Mindset.

Critical Security Controls International Summit (London, England, UK, May 1 - 2, 2013) The SANS Institute will be hosting the Critical Security Controls International Summit in London from May 1st to May 2nd at the London Hilton on Park Lane hotel. The Summit focuses on the Critical Security Controls that the British government's Center for the Protection of National Infrastructure describes as the "baseline of high-priority information security measures and controls that can be applied across an organization in order to improve its cyber defense.

INSA Leadership Dinner with NGA Director Letitia Long (McLean, Virginia, USA, May 2, 2013) NGA At the Crossroads - Visualizing the Future. Join INSA and NGA Director Letitia Long as she shares her vision for transforming NGA and GeoInt in innovative ways that more effectively put the power of data and visual knowledge in the hands of users.

Interop Las Vegas (Las Vegas, Nevada, USA, May 6 - 10, 2013) Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple deployment at the NEW Mac & iOS IT Conference. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies and the latest technology.

The Computer Forensics Show (New York City, New York, USA, May 8 - 9, 2013) For IT and business executives responsible for creating, implementing, and managing a proactive and comprehensive IT strategy for information security, risk management, compliance, and business continuity management. An understanding of risk and the application of risk assessment methodology is essential to being able to create a secure computing environment. (Co-located with ASIS New York City Security Conference and Expo.)

ASIS 23rd New York City Security Conference and Expo (New York City, New York, USA, May 8 - 9, 2013) Join more than 2,500 professionals in the Big Apple for the largest annual conference in the Northeast for security management and law enforcement professionals. This exciting event will focus on key challenges facing practitioners and organizations in the public and private sectors.(Co-located with the Computer Forensics Show.)

Software Engineering Institute Invitational Hiring Event (Arlington, Virginia, USA, May 8 - 9, 2013) Attention software engineers and cyber security professionals: Carnegie Mellon's Software Engineering Institute needs your top notch skills to meet today's challenges. SEI staff will be interviewing on May 8 & 9 at their offices in Arlington to fill immediate local positions. All candidates must be eligible to obtain a Security Clearance. Interviews are by appointment only. At the SEI, you will have opportunities to make an impact on internet security and work with some of the most talented people in the field.

Baltimore Tech-Security Conference (Baltimore, Maryland, USA, May 9, 2013) The Baltimore Tech-Security Conference features 25-30 vendor exhibits and several industry experts discussing current tech-security issues such as email security, VoIP, LAN security, wireless security, USB drives security & more. There will be lots of give a ways and prizes such as iPods, $25, $50 and $100 gift cards, as well as cash prizes and lots more! This unique conference format will provide educational speaker sessions as well as tremendous networking opportunities. You'll come away with advice and knowledge you can start applying to your environment immediately.

CyberSecurity UAE Summit 2013 (Dubai, UAE, May 13 - 14, 2013) Review developments, strategies and best practice in global cyber security. Assess the nature of the latest threats being faced and the impact of these upon your organisation. Discuss the most promising cyber security technologies in the marketplace. Assess the trends to watch in global cyber security. International Case Studies: Discover the best practice in protecting your organisation from cyber-attack.

GovSec (Washington, DC, USA, May 13 - 15, 2013) GovSec is the nation's premier event for Government, Homeland Security, and Law Enforcement professionals looking for proven strategies and cost effective technology so they can achieve their mission of protecting our communities, critical infrastructures, and key assets. The conference includes sessions devoted to cyber security.

cybergamut Technical Tuesday: Identifying TLS/SSL Encrypted Network Exploitation Activity Using Traffic Externals (Columbia, Maryland, USA, May 14, 2013) Jeff Kuhn of CACI describes recently completed CACI research using adaptive data analytics to distinguish encrypted exploitation activity from legitimate network traffic based on traffic externals in a real world environment.

Thriving in the Post-Sequestration GovCon Era (McLean, Virginia, USA, May 14, 2013) The Potomac Officers Club is hosting a summit for GovCon executives and government leaders to collaborate and share ideas on how to navigate a new era involving sequestration. At least five speakers, each experts in the intersection between the public and private sector, will discuss what is to come after the automatic budget cuts known as sequestration dissipate. Confirmed speakers include: Frank Kendall (Defense Undersecretary for Acquisition, Technology and logistics), Robert Hale (Defense Department Comptroller), Jim McAleese (founder of McAleese & Associates), Pierre Chao (managing partner and co-founder of Renaissance Strategic Advisors), and Stephen Fuller (George Mason University professor and director at the Center for Regional Analysis).

FOSE (Washington, DC, May 14 - 16, 2013) FOSE is the premier event for government technology professionals interested in innovative, effective tools and solutions allowing you and your agency or organization to advance your mission. From IT managers and buyers to CIOs and other technology management professionals, FOSE has the right products, people and solutions for you in one very accessible location.

7th Annual INSA IC Industry Day (Springfield, Virginia, USA, May 15, 2013) This annual event is held at the TS/SCI level in cooperation with ODNI as a comprehensive forum for IC leaders to relate their budget priorities to industry. The theme of this year's IC industry day is Intelligence Program Priorities in a Budget Constrained Environment and will feature keynote addresses from DNI James Clapper, Dr. Roger Mason, ODNI, and Letitia Long, Director, NGA. Registration opens Wednesday, March 27.

Hack Miami (Miami, Florida, USA, May 17 - 19, 2013) The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threatscape.

CEIC 2013 (Orlando, Florida, USA, May 19 - 22, 2013) The largest digital-investigations conference of its kind and the only one to offer hands-on lab sessions for practical skills development. CEIC offers relevant and practical information from expert speakers. It will be of interest to anyone interested in cyber forensics and e-discovery. Former Director of Central Intelligence Michael Hayden will deliver the keynote.

IEEE Symposium on Security and Privacy (San Francisco, California, USA, May 19 - 22, 2013) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. (Co-located with the IWCC and Web 2.0 Security and Privacy.)

International Workshop on Cyber Crime (IWCC) (San Francisco, California, USA, May 24, 2013) The aim of this workshop is to bring together the research accomplishments provided by the researchers from academia and the industry. The other goal is to show the latest research results in the field of digital forensics and to present the development of tools and techniques which assist the investigation process of potentially illegal cyber activity. We encourage prospective authors to submit related distinguished research papers on the subject of both: theoretical approaches and practical case reviews. (Co-located with the IEEE Symposium on Security and Privacy.)

Web 2.0 Security and Privacy (San Francisco, California, USA, May 24, 2013) The goal of this one-day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and to establish new collaborations in these areas. (Co-located with the IEEE Symposium on Security and Privacy.)

Maryland/DC Celebration of International Trade (Linthicum, Maryland, USA, May 21, 2013) Join Maryland exporters and international business experts as they celebrate International Trade Week. Hosted by the Maryland/DC District Export Council this event is a content rich celebration of international trade. Participate in expert discussions lead by manufacturers, legal, financial, transportation and industry experts as well as government leaders in eight vertical tracks for a total of 24 highly interactive 90 minute sessions.

IEEE-Cyber 2013 (Nanjing, China, May 26 - 29, 2013) This conference will cover cyber physical systems, cyber control and automation, cyber robotics, and the Internet of things.

Cyber Security @ CeBIT (Sydney, New South Wales, Australia, May 28 - 30, 2013) The Cyber Security Conference will serve as a platform where all those involved in securing and governing ICT within an organisation can discuss the newest challenges and strategies. The event is a must-attend for CIOs, CSOs, CISOs, Chief Risk Officers, Heads of Governance and Compliance and IT Directors. It is predicted that security service spending in Asia-Pacific will reach $7 billion in 2015, so ensure that you are investing in the best technologies for your business by joining us at the Cyber Security Conference on 28 May 2013 and hearing from leading financial institutions, retailers, airlines, telecoms companies and government.

Private Sector Crossovers: Protecting People, Property and Information (, Jan 1, 1970) With its annual cyber conference on May 29, the Howard County Chamber of Commerce and its GovConnects initiative will offer expert speakers on cyber security and efforts to protect government agencies and private industry. There will be opportunities for informal networking and formal, targeted match-ups for businesses interested in making connections with government contractors and agencies.

Cyber Security for the Chemical Industry (Franfurt, Hessen, Germany, May 29 - 30, 2013) It is becoming increasingly more important than ever to be aware of the latest cyber threats, and equipped to protect your company from them. In addition to physical security, these industries are faced with the ever-increasing risk of cyber attacks to their DCS and SCADA infrastructure networks as well as their R&D networks. These attacks can have a costly affect not only on profits, but also corporate reputation.

DGI Cyber Security Conference & Expo (Washington, DC, 2013, May 30, 2013) Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies - from mobile devices and social media to virtualization and cloud computing - will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place significant focus on securing the nation's cyber infrastructure.