The CyberWire Daily Briefing 12.26.14

Cyber Trends

Sony cyberattack is seminal moment in hacking: CEO (CNBC) The cyberattack on Sony that exposed sensitive internal communications and coerced theater chains to drop one of the company's films represents a seminal moment in the advancement of hacking, a cybersecurity executive told CNBC on Wednesday. While the attack was not technologically sophisticated, its success may embolden other cyber criminals to follow suit, George Kurtz, CEO of Crowdstrike said in a "Squawk on the Street" interview

Crisis consultant warns of more cyber attacks on business (Fox News) The devastating cyber attack on Sony Pictures may just be a preview of things to come, according to the crisis management firm Preparis

2015 Could Be the Year of the Hospital Hack (MIT Technology Review) Health-care organizations often store medical records and other information insecurely

Last Minute Cybersecurity Predictions for 2015 (Network World) My quick list of things to look for next year

Legislation, Policy and Regulation

US, Japan and South Korea to share intelligence on North Korea (Financial Times) South Korea, the US and Japan will sign a trilateral intelligence-sharing agreement on Monday to better cope with North Korea's increasing military threats, Seoul's defence ministry said on Friday

Japan Is Preparing For A Possible Cyberattack From North Korea (Reuters via Business Insider) Japan, fearing it could be a soft target for possible North Korean cyberattacks in the escalating row over the Sony Pictures hack, has begun working to ensure basic infrastructure is safe and to formulate its diplomatic response, officials said

China a likely factor in North Korea cyber prowess: Experts (Zee News) North Korea may be facing explosive hacking accusations, but analysts are questioning how an isolated, impoverished country with limited Internet access could wage cyber sabotage — and many experts believe China plays a role

Played for a Fool (Slate) The Sony hacking story has unfolded just as North Korea’s propagandists would have wanted

New domains of conflict and war emerging: DRDO chief Avinash Chander (Economic Times) Security challenges are going beyond traditional domains of land, sea and air and new forms of conflict and war are emerging, chief of DRDO Avinash Chander said today

Israeli expert: 'cyberspace has become a battlefield' (Al Monitor) Col. Gabi Siboni (ret.) heads the Cyber Security Program at the Israeli Institute for National Security Studies. Considered one of the top experts in the field, Siboni publishes numerous studies and position papers on the issue on behalf of the institute. The most recent of these, published the week of Dec. 22, is devoted to the cyberwar between the United States and North Korea

Iran and Modern Cyber Warfare (Global Research) Today US intelligence services seem to finally have become aware of the potential damage a cyber-attack can inflict, therefore Washington is placing particular stress on enhancing its "combat capabilities" in virtual space. Therefore, not only the CIA, but the NSA and the Pentagon have started getting substantial resources on an annual basis in order to be able to create the most advanced cyber-weapons conceivable

U.S. Puts New Focus on Fortifying Cyber Defenses (Wall Street Journal) Sony hacking case gives White House, business interests urgency to address Internet security

When Does Cyber Crime Become an Act of Cyberwar? (Townhall) No consensus exists between the U.S. government and cyber security experts as to whether North Korea is responsible for the online dumping of Sony Pictures Entertainment's confidential business data and emails. Even if it could be proven beyond any doubt with uncontestable forensic evidence that this theft is also, in fact, an act of computer hacking, it still wouldn't technically constitute an act of cyberwar — regardless of the identity of the perpetrator. So then, when would it?

How Should U.S. Respond to Sony Breach? (BankInfoSecurity) Weighing in on how U.S. should retaliate against North Korea

Military Response Should Be Limited to Threats to Infrastructure (New York Times) All the fiery, yet contradictory, rhetoric over how to classify the Sony attacks is a strong indicator that the American government is operating in uncharted territory. President Obama, who has identified North Korea as the orchestrator, has called the attack an act of "cybervandalism" — a fairly strong label that would seem to prompt a law enforcement response. Senators John McCain and Lindsey Graham, on the other hand, have called the attacks "a new form of warfare" and an "act of terrorism," respectively. Those even stronger designations would seem to warrant a military response

International Law Permits a Measured Military Response to Cyberattacks (New York Times) The military plays a direct role in preventing cyberattacks only on its own networks. Otherwise, the military can share threat information to allow governmental and non-governmental actors to defend their networks, and it can deter some cyberattacks through the threat of a military response

Our Best Cyber Defense Is Silicon Valley, not the Pentagon (New York Times) It's natural, but generally wrong, to look to the military to protect us from warfare online

International Consensus on Cyberattacks Is Blurry (New York Times) There are few satisfying responses to North Korea's "cyberattack" on Sony. Military action is not one of them. Under international law, a nation against whom force has been used has the right to use force in response, in self-defense. If a cyberattack has an equivalent effect to a kinetic attack — resulting in destruction or casualties — it qualifies for the use of force. What happened to Sony was not the use of force, terrorism or war

Sony Hack: No Good Options for U.S. on Private Sector Cybersecurity (World Politics Review) When they set out to make "The Interview," a comedic movie about assassinating the leader of North Korea, actors Seth Rogen and James Franco likely did not realize they would spark a massive cyber attack, lead the White House to dub those attacks a national security problem or inadvertently trigger a First Amendment crisis in the United States. When Sony and theater owners bowed to hacker demands that they cancel the movie's Christmas Day release, followed shortly by Paramount's refusal to allow movie theaters to run "Team America: World Police" — another comedy made at North Korea's expense — in its place, they highlighted a much bigger national security problem than many have realized: Not only can adversaries use cyberspace to steal and spy on a massive scale, or threaten critical infrastructure, they can also threaten the very freedoms that Americans take for granted

Romanian version of EU cybersecurity directive allows warrantless access to data (IDG via CIO) More than a dozen Romanian non-governmental organizations are protesting new cybersecurity legislation passed by the parliament last week that would force businesses to provide the country's national intelligence agencies with access to their data without a court warrant

Products, Services, and Solutions

Best security options (CNET) Find the best security software for you

Kaspersky Lab Launches Cyber Threat Logbook Project (VAR Guy) Kaspersky Lab recently launched its interactive targeted cyberattacks logbook project to help users understand the correlations and relationships between major targeted attacks. The project is expected to give users additional insight into some of the most infamous cyberattacks on record so they can protect themselves from future attacks

ESET announces updated two-factor authentication application (FirstPost) ESET has launched the latest version of ESET Secure Authentication which provides the potent combination of ultra-secure access to online applications, while introducing ease of installation and support

Are you using the most secure and private web browser? (Computerworld) Aviator web browser, created by a WhiteHat Security, is setup to maximize privacy and security safeguards by default. Simply download OS X or Windows versions and then start surfing in private, protected mode without being tracked. You are not a product being sold in exchange for this free software

BitSight Bits: How to Prove that Security Ratings Work (BitSight) During last month's FS-ISAC webinar, Home Depot, the SEC and Increasing Board Oversight: Why Metrics Matter More and More, BitSight CTO and Co-Founder Stephen Boyer answered questions from attendees about why using IT security metrics is more important than ever before. He also performed a live demo of BitSight Security Ratings to show how to prove that security ratings work

Technologies, Techniques, and Standards

Incident Response at Sony (Internet Storm Center) For those of you who are not aware; Sony currently has a job posting for a Manager of Incident Response. Where I come from they refer to that as "closing the barn door after the horse has got out". They do need to start somewhere and all in all it sounds like a cool job for an experienced Incident Handler. They do mention SANS certifications. Of course they do put SANS certifications on the same level as CISSP and CISM, but it is a step

What's an Asset? (RSA: Speaking of Security) Ask a security professional for his or her job description, and you're likely to get an answer along the lines of, "Protecting the company's assets from being stolen or compromised"

Why Digital Forensics In Incident Response Matter More Now (Dark Reading) By understanding what happened, when, how, and why, security teams can prevent similar breaches from occurring in the future

How to avoid a malware wipe-out (IT-Online) Malware development has reached a new threat level with the emergence of destructive "wiper" worms, such as that used in the attack against Sony Pictures. Doros Hadjizenonos, Check Point South Africa sales manager looks at how firms can defend themselves

Marketplace

Public Relations & Damage Control in the Aftermath of the Sony Hack (Business Insider) The entertainment world was completely shocked by the amount of information leaked in the recent Sony Industries hack. Sony was targeted by hackers in protest of the film "The Interview". In this comedy, journalists are instructed to assassinate North Korea's Leader, Kim Jong-un, after booking an interview with him. Loads of sensitive financial, personal and artistic information were leaked in this surprise attack, which has put a dent in Sony's reputation

How Investors Can Profit From the Growing Cyber Security Industry (TheStreet) The rampant data breaches throughout the past year have spelled nothing but bad news for major corporations and millions of American consumers

Israeli Cybersecurity Stocks Boosted By Attack Fears (Investor's Business Daily) Israeli cybersecurity companies are getting a boost from their government's efforts to protect the country from attacks

Why we believe Akamai is fairly valued (Trefis Team via Forbes) Akamai had a stellar 2014 and its stock price is up over 30% year to date. The company reported strong numbers for the third quarter and displayed growth across all its reported business segments and geographies. This growth is likely to continue and will be driven by the secular trends of more business being conducted online, increased online content and traffic, content providers striving to improve the experience of their users and the increased demand for faster and safer content delivery. We believe that Akamai is fairly valued and our price estimate for Akamai stands at $61.70. This price estimate is based on our expectation that the company can increase its revenue by 1.9x from an expected $2.0 billion in 2014 to $3.8 billion by the end of our forecast period. We expect the company to accomplish this by growing its customer base by 1.25x during the same time frame, with the remaining growth coming from an increase in its average revenue per customer

MACH37 Cyber Accelerator Launches 17 New Cyber Security Startups (PRWeb) New accelerator countering cyber attacks by growing new companies, creating new innovation ecosystem

ForeScout Inducted Into SC Magazine Industry Innovators Hall of Fame (Nasdaq) ForeScout Technologies, Inc., the leading provider of continuous monitoring and mitigation solutions for Global 2000 enterprises and government organizations, today announced that it has been named to the SC Magazine 2014 Industry Innovators Hall of Fame for ForeScout's CounterACT™ appliance. Inductees to the Industry Innovators Hall of Fame must demonstrate technology and business innovation, staying power and market success, and they must also be selected by SC Magazine as a Best Buy for three consecutive years

Security Patches, Mitigations, and Software Updates

HP's Zero Day Initiative Changes Bug-Buying Guidelines (Threatpost) HP's Zero Day Initiative has decided to adjust its guidelines and criteria or buying some vulnerabilities in the future, eliminating some large classes of bugs from its menu

Cyber Attacks, Threats, and Vulnerabilities

Sony and Microsoft video games hit by outages (Financial Times) Sony and Microsoft were struggling to respond to an apparent cyber attack on their video games networks over Christmas, leaving millions of customers unable to play games and access entertainment

Hackers took down Xbox Live and PlayStation Network on Christmas morning (Quartz) It's a Christmas tragedy for video game-lovers

Hackers Take Credit For PlayStation Network And Xbox Live Outages On Christmas (TechCrunch) Gamers who received new consoles for Christmas might find themselves unable to connect and play with friends, thanks to a coordinated attack by hackers who claim to have taken down the two largest gaming networks. On what might be the biggest gaming day of the year, a hacker group called Lizard Squad is claiming responsibility for taking down both Xbox Live and PlayStation Network

This is Lizard Squad, the nebulous hacker group now tied to the Sony hack (Christian Science Monitor: Passcode) Best known among gamers, Lizard Squad is both despised and revered for their seemingly random assaults on the video game world. They've claimed attacks on Call of Duty, Xbox, Sony Playstation, and now are being linked to the Sony Pictures hack

Four-star spymaster behind North Korean hacking; Sony's 'The Interview' available online (Washington Times) U.S. intelligence agencies have identified the military officer orchestrating North Korea's state-sponsored hacking attacks, such as the one on Sony Pictures Entertainment. He is Gen. Kim Yong-chol, director of the espionage and clandestine operations service known as the Reconnaissance General Bureau, or RGB

Russian hackers may be behind cyberattack on Sony, say analysts (The Times via the Australian) Security experts are voicing doubts that North Korea was behind the sensational cyberattack on Sony Pictures as new analysis suggests that messages sent by the hackers were composed by native Russian speakers

Taia Global Linguists Establish Nationality of Sony Hackers as Russian, not Korean (Taia Global) In the wake of the Sony(TYO: 6758; NYSE: SNE) attack, and the U.S. government's pronouncement of responsibility for the attack on the government of North Korea, Taia Global linguists conducted a preliminary scientific analysis on 20 Sony hacker messages using Native Language identification and L1 Interference analysis

The FBI Got it Wrong? Cyber Experts Say Sony "Nuked from the Inside" (Sputnik) Cybersecurity firm Norse has done its own independent investigation of the Sony hacks and determined that the FBI's accusations against North Korea could be incorrect. The company joins a chorus of other security experts who doubt the U.S. government's findings

Who hacked Sony becomes Internet's new mystery (AP via the Daily Record) Everyone has a theory about who really hacked Sony Pictures Entertainment Inc

North Korea blamed for internet attack on Sony Pictures: better cyber armour now a must (Canberra Times via the Sydney Morning Herald) We do not know who in the executive ranks of Sony Pictures Entertainment agreed to produce and distribute The Interview

A cyber conflict with North Korea is 'dangerous uncharted territory' (CNN) The United States and North Korea have long found themselves locked in a bitter cycle of escalating and deescalating tensions but the current cyber conflict may be especially hard to predict

The Sony Hack and the Rise of Cyber Ransoms (Bloomberg) Just three days before cyber-attackers crippled Sony Pictures, the hackers sent an e-mail to executives Michael Lynton and Amy Pascal that said they would do great damage to the company if they weren't paid off

The media's Sony cyberwar rhetoric means the terrorists win (ZDNet) The Sony Pictures Entertainment hack is certainly a custard duck of fabulous proportions, but it ain't no cyberwar — and the media should know this by now

FBI Warned Year Ago of Impending Malware Attacks — but Didn't Share Info with Sony (Intercept) Nearly one year before Sony was hacked, the FBI warned that U.S. companies were facing potentially crippling data destruction malware attacks, and predicted that such a hack could cause irreparable harm to a firm's reputation, or even spell the end of the company entirely. The FBI also detailed specific guidance for U.S. companies to follow to prepare and plan for such an attack. But the FBI never sent Sony the report

Sizing Up Cyber Risks after the Sony Breach (JD Supra) Sony's most recent data breach underscores the difficulties in underwriting and insuring cyber risk. Sony incurred losses that were surprising in both their scope and type. The company already is a defendant in at least four new lawsuits concerning the disclosure of employees' confidential information. In addition to potential liability, Sony suffered substantial first-party losses that may be difficult to quantify, including forensic costs, reputational injury, and business interruption losses

South Korea Says Nuclear Reactors Safe After Cyber-attacks (AFP) South Korea on Thursday ruled out the possibility that a recent string of cyber-attacks on its nuclear power operator could cause a malfunction at any of the country's 23 atomic reactors

Tony Abbott warns terrorism chatter has increased and attack remains 'likely' (Guardian) Prime minister says Australians should be on alert, but celebrate the festive season as normal

Who hacked a cluster of Tor servers in the Netherlands? (Security Affairs) A cluster of Tor servers suffered an unexplained outage just after the warning of the Tor project. Only certainty is someone physically accessed servers

Rackspace restored after DDOS takes out DNS (Register) 11-hour incident blocked traffic from reaching rackspace.com and some subdomains

SoakSoak Malware Campaign Evolves (Threatpost) The attackers behind the SoakSoak malware campaign are continuing to modify their tactics and have infected a new group of Web sites. The Javascript code that the attackers target with the malware has also changed

Torrentlocker Holds User Data for Bitcoin Ransmom — but only a Fraction of Victims Pay (Inside Bitcoins) The ransomware known as TorrentLocker is taking email boxes by storm. The vicious software locks a computer's data down and only after paying a ransom is the information released back to the user

Is Your SSL Traffic Hiding Attacks? (Venafi) Encrypted traffic is growing fast and becoming mainstream. According to Gartner, SSL traffic comprises 15-25% of the total web traffic, making it a significant percentage. The use of SSL varies by industry, but often helps to securely transmit sensitive or confidential information

Hacking the Internet of Things: Beware of the Toasters (Tripwire: the State of Security) In previous posts, we've discussed using refrigerators as literal bombs launched by catapults and fridges used as bots to execute denial-of-service attacks against hapless networks. But now, all that is small potatoes when you think about the rapid push towards the creation of the Internet of Things

Academia

For America's Youth, Career Success STEMs from Competition (Fox Business) When Cooper Yerby was six years old, he wanted to be a pilot. But, like most young children, as he grew up, his opinion changed. A few years later, he wanted to be a meteorologist, then a plastic surgeon, then a chemical engineer

Girl Scouts learn about cyber security and related careers (Press Enterprise) About 200 Girl Scouts from middle schools throughout San Bernardino County learned about cyber security, deciphering codes and how to design and create model airplane gliders during a hands-on engineering and technology event at Cal State San Bernardino on Dec. 17

Litigation, Investigation, and Enforcement

S Korea seeks Chinese help over nuclear cyber-attack (BBC) South Korea is seeking the help of China over a cyber-attack on its nuclear power network after the IP address of a suspected hacker was traced to a north-eastern Chinese city

In Holiday Document Dump, NSA Declassifies Compliance Errors (TechCrunch) The National Security Agency (NSA) on Christmas Eve released a grip of compliance reports that detail its own admitted failures to always operate inside the orbit of the law

NSA Reports Show Agency May Have Violated Laws For A Decade By Spying On Americans (International Business Times) The National Security Agency may have violated U.S. law for over a decade with the unauthorized surveillance of U.S. citizens' overseas communications, according to new reports on the agency's intelligence collection practices released by the NSA on Wednesday

IT Security Suffers from Noncompliance (Office of the Inspector General, Department of Homeland Security) The Department of Homeland Security (DHS) has made progress to improve its information security program, but noncompliance by several DHS component agencies is undermining that effort, according to a new report by the DHS Office of Inspector General (OIG)

Evaluation of DHS' Information Security Program for Fiscal Year 2014 (Office of the Inspector General, Department of Homeland Security) DHS has taken steps to improve its information security program. For example, DHS expanded the ongoing authorization program to improve the security of its information systems through a revised risk management approach. Additionally, DHS developed and implemented the Fiscal Year 2014 Information Security Performance Plan, which defines the performance requirements, priorities, and overall goals for the Department. DHS has also taken actions to address the President's cybersecurity priorities, which include the implementation of trusted internet connections, continuous monitoring of the Department's information systems, and strong authentication

Suit over Facebook’s practice of scanning users’ messages to go forward (Ars Technica) Company's TOS "does not establish that users consented" to the practice, court rules

Oviedo 'swatting' case unsolved, while others end in arrests (Orlando Sentinel) They call 911 in hysteria — describing gory scenes of gunfire, murders and death threats

Design and Innovation

6 aging protocols that could cripple the Internet (IT World) From BGP to SSL, several Internet protocols are no match for today's malicious hackers — and should be replaced

IBM supports biometrics for corporate BYOD use (Biometric Update) IBM stated in a recent blog post that it expects that the addition of biometrics to personal mobile devices will enhance security surrounding corporate 'bring your own device' (BYOD) policies

Making web programming easier and more secure (ZDNet) An MIT researcher has unveiled a new approach to self-completing programming with Ur/Web

Inadvertent Algorithmic Cruelty (Meyerweb) I didn't go looking for grief this afternoon, but it found me anyway, and I have designers and programmers to thank for it. In this case, the designers and programmers are somewhere at Facebook

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

7th Annual Southeastern Cyber Security Summit (Huntsville, Alabama, USA, June 3 - 4, 2015) Cyber training, education, and workforce development for the evolving threat

upcoming Events

Cybersecurity World Conference (New York, New York, USA, January 9, 2015) Welcome to Cyber Security World Conference 2015 where renowned information security experts will bring their latest thinking to hundreds of senior business executives and officials focused on protecting the information of today's enterprises and government agencies, respectively. Cyber security experts will discuss topics such as protecting individuals and companies against cyber-attacks, cyber security in the Internet of Things age, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks

U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market (Washington, DC, USA, January 12, 2015) Join the U.S. Commercial Service Market Briefings on Europe's Cyber Security & IT Market. The value of the global cyber security market is expected to grow by 11.3% each year, reaching $120 billion by 2017. The Western Europe region alone is estimated to contribute $28.1 billion to this industry, driven by changing threats and technologies. These briefings aim to provide the latest information on Cyber Security & IT markets in Europe

FloCon 2015 (Portland, Oregon, USA, January 12 - 15, 2015) FloCon is an open network security conference organized by Carnegie Mellon University

National Cybersecurity Center Of Excellence (NCCOE) Speaker Series: Security In A Cyber World (Rockville, Maryland, USA, January 14, 2015) The National Cybersecurity Center of Excellence (NCCoE) Speaker Series showcases global thought-leaders to highlight critical cybersecurity issues of national importance. The keynote speaker will be Chris Inglis, former Deputy Director of the National Security Agency

ShmooCon (Washington, DC, USA, January 16 - 18, 2015) ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It and Bring It On

California Cybersecurity Task Force Quarterly Meeting (Walnut Creek, California, USA, January 20, 2015) The California Cyber Security Task Force serves as an advisory body to California's senior government administration in matters pertaining to Cyber Security. Quarterly Cybersecurity Task Force meetings address State and Federal cyber legislation; provide updates on Task Force efforts to improve California's cyber workforce and education; promulgate critical information to enhance California's cyber awareness and preparedness; discuss state advances in cybersecurity and digital forensics; and grant residents an opportunity to share cyber information and innovation

FIC 2015 (Lille, France, January 20 - 21, 2015) The International Cybersecurity Forum (FIC) forms part of a thinking and exchange process that aims at promoting a pan-European vision of cybersecurity and strengthening the fight against cybercrime, a priority for the European Union as stated in the Stockholm Programme for 2010–2015. Its objective is to open up the cybersecurity debate by bringing together security and risk management experts with non-specialists to enable them to compare viewpoints and lessons learnt

IARPA Proposers' Day for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program (Washington, DC, metropolitan area, January 21, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program on January 21, 2015, in anticipation of the release of a new solicitation in support of the Program. The Conference will be held from 9:00 AM to 4:00 PM EDT in the Washington, DC metropolitan area. The purpose of the Conference will be to provide introductory information on CAUSE and the research problems that the Program aims to address, to respond to questions from potential proposers, and to provide a forum for potential proposers to present their capabilities and identify potential team partners

4th Annual Human Cyber Forensics Conference: Exploring the Human Element for Cloud Forensics (Washington, DC, USA, January 21 - 22, 2015) The Human Cyber Forensics Conference addresses the human element of cyber. Presentations will look at the tradecraft and efforts required to identify, understand, navigate, and possibly influence human behavior within and across networks. The conference will bring together subject matter experts to discover and share new means of recognizing human related cyber indicators, and the evolution of these human indicators in the coming decades. The Human Cyber Forensics Conference will focus on such topics as insider threat, next generation social engineering, progressive communications, neuroscience, social cognition, social media, and neuro-ethics

AppSec California (Santa Monica, California, USA, January 26 - 28, 2015) OWASP's AppSec California goes beyond "security for security?s sake" bringing application security professionals and business experts together with the objective of sharing new information that helps get the right work done faster, so organizations are better able to meet their goals

Financial Cryptography and Data Security 2015 (San Juan, Puerto Rico, USA, January 26 - 30, 2015) The goal of the conference is to bring security and cryptography researchers and practitioners together with economists, bankers, implementers and policy-makers. Intimate and colourful by tradition, the FC program features invited talks, academic presentations, technical demonstrations and panel discussions. In addition, several workshops will be held in conjunction with the FC conference

Starting a New Year: Financial Incentives for Cybersecurity Businesses (Columbia, Maryland, USA, January 27, 2015) Learn the details from the experts! How to apply for Cyber Tax Credits, Research Tax Credits, Security Clearance Tax Credits, Secured Space Tax Credits. Panelists include: Andrew Bareham, Principal, KatzAbosch; Elaine McCubbin, Tax Specialist DBED Maryland; Beth Woodring, Catalyst Fund Manager, HCEDA. The distinquished panel will by moderated by Lawerence F. Twele, CEO, Howard County Economic Development Authority

Cyber Security for Critical Assets: Chemical, Energy, Oil, and Gas Industries (Houston, Texas, USA, January 27 - 28, 2015) Cyber Security for Critical Assets Summit will connect Corporate Security professionals with Process Control professionals and serve to provide a unique networking platform bringing together top executives from USA and beyond. They are coming together not only to address the continuing cyber threats and set precautions framework, but most importantly to provide necessary tools, insights and methodological steps in constructing a successful secure policy. These policies will after all protect the critical assets needed to safeguard their company assets

Data Privacy Day San Diego — The Future of IoT and Privacy (San Diego, California, USA, January 28, 2015) Join the Lares Institute, Morrison & Foerster, and the National Cyber Security Alliance for Data Privacy Day in San Diego. DPD San Diego will bring together privacy luminaries to discuss fundamental issues facing consumers and business, including in-depth panel discussions on privacy, the Internet of Things (IoT), and many other critical topics