The CyberWire Daily Briefing 06.29.15
More notes attributing Wikileaks' Saudi cables to Iranian hackers.
ISIS online recruiting prompts a sad but instructive case study of retail information operations.
Effects of the US OPM (Office of Personnel Management) hack continue to spread. The Daily Beast offers an account of what was lost (a bit too lurid — security investigations aren't, as one might conclude from the story, detailed, book-length compendia of shocking personal confessions — but nevertheless sobering). Observers see the episode as the most serious instance of widespread US Federal negligence with respect to security (the Guardian points out the IRS personnel can use "password" as their password). The Federal CIO's security "sprint" gets generally positive reviews (Passcode, for example, sees signs that one positive effect will be tighter management of privileged accounts), but that CIO's defense of OPM leaders' security record finds fewer takers: Federal workers want a Presidential task force appointed to clean up the breach, and calls for the firing of OPM's Director and CIO get louder in Congress.
Energy sector executives express a high degree of confidence in their companies' ability to detect and swiftly contain cyber attacks. Research by Dell and Inteller, however, on the frequency of SCADA attacks and the black-market trade in SCADA credentials might give one pause.
Researcher Paul Moore offers a cautionary example of homographic phishing: using bogus urls typographically indistinguishable from genuine ones: IIoyd'sbank (bad) versus lloyd'sbank (good). The first uses uppercase "i," the second "l."
The Department of Homeland Security offers interesting advice on cyber insurance.
Today's issue includes events affecting Australia, Canada, China, Iran, Iraq, Democratic Peoples Republic of Korea, Netherlands, New Zealand, Romania, Russia, Saudi Arabia, Syria, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Iranian hackers may have given WikiLeaks Saudi docs (The Hill) Iranian hackers may have stolen the Saudi government documents that were later released by WikiLeaks
ISIS and the Lonely Young American (New York Times) Alex, a 23-year-old Sunday school teacher and babysitter, was trembling with excitement the day she told her Twitter followers that she had converted to Islam
OPM hack Q&A: What we know and what we don't (USA Today) The biggest and most devastating cyber attack against the U.S. government was revealed this month when the Office of Personnel Management announced that hackers had compromised the personal data of millions of current and former federal employees
Hackers Stole Secrets of U.S. Government Workers' Sex Lives (Daily Beast) Infidelity. Sexual fetishes. Drug abuse. Crushing debt. They're the most intimate secrets of U.S. government workers. And now they're in the hands of foreign hackers
FBI Cyber Division Bulletin on Tools Reportedly Used by OPM Hackers (Office of Inadequate Securtiy) The following bulletin was released to private industry partners June 5, 2015. According to an article from Reuters, one of the remote access tools (RAT) described in the bulletin, called Sakula, is directly linked to the hack of the Office of Personnel Management (OPM) that was disclosed earlier this month. Other publications have directly linked the bulletin to the OPM hack, though have not made the bulletin available publicly
Cyber Attack Reveals Weakness in Government Security (Social Times) The concept of a cyberwar is no longer relegated to the pages of science fiction. Many states may have already built weapons to fight this war, and the U.S. government is working to secure online resources to protect against cyber attacks. However, attacks are still slipping through, including a recent attack on U.S. Office of Personnel Management, that may have exposed the data of millions
These 5 Facts Explain the Threat of Cyber Warfare (TIME) The disastrous hack of the federal government's Office of Personnel Management is the tip of the iceberg
We're Losing the Cyber War (Wall Street Journal) The huge theft from the Office of Personnel Management comes after years Obama administration passivity despite repeated digital attacks
IRS employees can use 'password' as a password? No wonder we get hacked (Guardian) The public is finally starting to learn what security experts have been warning for years: the US government has no idea what it's doing when it comes to cybersecurity. Worse, the government's main "solutions" may leave all our data even more vulnerable to privacy violations and security catastrophes
20-Plus Security Vendors On The NSA Target List (And Those Who Weren't) (CRN) Snowden fallout continues
The State of the ESILE/Lotus Blossom Campaign (TrendLabs Security Intelligence Blog) The Esile targeted attack campaign targeting various countries in the Southeast Asian region has been discussed in the media recently. This campaign — which was referred to by other researchers as Lotus Blossom — is believed to be the work of a nation-state actor due to the nature of the stolen information, which is more valuable to countries than either private companies or cybercriminals
Recent Flash Player 0-day Exploit Goes Mainstream (Malwarebytes Unpacked) On June 23rd, security firm FireEye released a report about targeted attacks leveraging a Flash Player zero-day vulnerability (CVE-2015-3113) in Adobe Flash Player up to version 188.8.131.52. The firm stated that some users would receive a phishing email containing a link to a site hosting the zero-day exploit
Security Alert: New spam run spreads banking infostealer in Dridex malware class (Heimdal Security) Make it the rule of thumb to never open an email attachment from an unknown sender!
Lloydsbank, IIoydsbank — researcher highlights the homographic phishing problem (Graham Cluley) If you clicked on a link to IIoydsbank.co.uk you would expect to reach lloydsbank.co.uk, right?
Microsoft Word Intruder RTF Sample Analysis (Check Point) Check Point researchers obtained a sample of a malicious Word document that was used in an attack attempt against one of our customers
Vegan and BeEF clash shows how cyber arms race never stops (Help Net Security) Cyber attackers and defenders are caught in a permanent to-and-fro dance, coming up with new solutions that break the last one created by their adversaries
SCADA systems available for sale in the Underground (Security Affairs) Security experts have discovered the availability in underground forums of the credentials and other information related to SCADA systems
Right to reply: Protests or Profiteering — The Hack Remains in Same (Net Imperative) What is the difference between 'hacktivism' and 'cyber terrorism'? Despite sharing a singular purpose — to cause damage to an entity, organisation or group — what sets there two categories of hackers apart? Is the answer in the motivation or is it simply in the eye of the beholder? Stephen Coty, chief security evangelist, Alert Logic argues why the motivation ultimately doesn't matter and the importance of threat intelligence groups to work together to stay ahead of hacktivists
Are Cracks in the Digital Foundation of the Internet Crumbling the Core? (IBM Security Intelligence) Today we released the first edition of the 2015 IBM X-Force Threat Intelligence Quarterly, where we focus on a year-end review of all the attack and breach activity that occurred in the previous year, along with some interesting new twists to the methodology of how vulnerabilities are disclosed
The Problem with Putting all the Worlds Code in Github (Wired) The ancient library of Alexandria may have been the largest collection of human knowledge in its time, and scholars still mourn its destruction. The risk of so devastating a loss diminished somewhat with the advent of the printing press and further still with the rise of the Internet. Yet centralized repositories of specialized information remain, as does the threat of a catastrophic loss
Is Your Next Flight Safe From Hackers? (Benzinga) Now that one airline has been forced to ground its flights, consumers are starting to wonder: is it still safe to fly? And if it is, what's being done to ensure these hacks aren't repeated?
U.S. Panel Aims to Shield Planes From Cyberattack (Wall Street Journal) FAA advisory committee was scheduled to meet this month amid rising concern over vulnerability to computer hackers
Hackers Target Gospel News Portal, Leave LGBT Flag Behind (HackRead) The U.S supreme court yesterday ruled in favor of same-sex marriages nationwide. Some are celebrating and some are unhappy with the ruling, but hackers have their own way to protect and celebrate
Penn State says it was victim of cyber attack (Pittsuburgh Post-Gazette) Following two cyberattacks on Penn State University's College of Liberal Arts, the university is resetting passwords on its college-issued accounts, but school officials said they believe no personal identifiable information, such as Social Security numbers, or research data has been compromised
Hackers Posting Nude Pictures of Women without Their Knowledge (HackRead) Nude pictures of more than 700 Aussie females leaked online without their permission or knowledge
Bulletin (SB15-180) Vulnerability Summary for the Week of June 22, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week
Security Patches, Mitigations, and Software Updates
Samsung to stop Windows Update shenanigans (ComputerWorld) Company bows to pressure, will halt practice of changing patch service's settings on its hardware 'within a few days'
Tech Time Warp of the Week: Cyberpunk's Not Dead. In Fact, We're Living It (Wired) The word "cyberpunk" evokes a very particular iconography of late 20th-century near-futurism. Computer hackers in leather jackets. Science fiction paperbacks. Club kids with goggles and fake dreadlocks. But it's a past that is now very much part of the present
OPM hack may finally end overuse of 'privileged' user access (Christian Science Monitor Passcode) Office of Personnel Management attackers entered the agency's network with a username and password belonging to an external contractor. As a result, security experts are renewing calls for stricter limits on this kind of privileged access
Energy execs confident in same-day data breach detection (Computer Business Review) 94% of executives said their organisation is a target for cyber criminals
Energy security pros: More competent, or just naive? (Help Net Security) Energy security professionals are extremely confident in their ability to detect a cyberattack on critical systems, with 86 percent stating they could detect a breach in less than one week
Think shoppers forget retail data breaches? Nope (CNBC) The recent data breach involving four million government workers is an unpleasant reminder of how vulnerable our digital information has become. On the consumer side, high-profile breaches at Target and Home Depot are just two examples of dozens of similar cases. Surprisingly, many retail and financial-services executives think that data breaches have become so common that consumers will quickly forget. That's anything but true
How companies can regain consumer trust after a data breach (Help Net Security) Americans have strong feelings about data breach notification, with 84 percent stating that the best way a company can regain their trust after a breach occurs is to notify them right away and provide a high level of contact
Big Security Breaches and How Big Data Can Prevent Them (Enterprise Networking Planet) Security threats are evolving. Combating them demands that enterprise information security professionals and perspectives evolve, too
Even cyber-security professionals can struggle to understand security (ComputerWorld) Scratch the surface and dangerous pockets of ignorance and misunderstanding are not hard to find
Security Specialists See Cyber Threats Growing (eWeek) After privileged users, contractors and consultants (48 percent), and regular employees (46 percent) are the biggest threat to businesses
Local firms feel the cyber menace (Business Review) As cyber-attacks become more vicious, more extensively planned and ingeniously hidden, most security experts agree there is no "one-size-fits-all" solution for dealing with the menace. With global outlay on informatics security solutions increasing, Romanian companies are waking up to the looming threat and spending more money on protection
Out of the shadows, China hackers turn cyber gatekeepers (Reuters) China, long accused by the United States of rampant cyber aggression, may be synonymous with hacking exploits these days, but that doesn't mean every Chinese hacker is out to pilfer and destroy
Are Cybersecurity Shares Too Hot? (Wall Street Journal) Stocks of data-protection firms have surged this year, and some analysts say valuations look too high
Who are you going to call to prevent a hack attack? (Independent) The spectacular North Korean hack of Sony last year, and other high-profile corporate security breaches, have put a rocket under the valuations of firms that offer cyber protection. But are they really worth it?
Security Provider Sophos Goes Public on London Exchange (The VAR Guy) There's a new tech unicorn on the public market and this one's in the U.K. Security specialist Sophos said it hopes to raise $125 million by selling about 35 percent of its shares priced at 225 pence per share in a public offering on the London Stock Exchange that would set its valuation at about $1.6 billion
AIS acquires D.C.-area cyber firm to further its growth (Central New York Business Journal) Assured Information Security, Inc. (AIS), a growing Mohawk Valley technology company, recently closed on the acquisition of the assets of Information Security Solutions, Inc. (ISS), a tech firm based in the Washington, D.C. area
Startup Spotlight: Prelert's Anomaly Detection (eSecurity Planet) Prelert first sold its anomaly detection technology to IT operations teams — but then customers begged them to create similar products for enterprise security
CACI Secures SEC Investigation Support Task Orders (ExecutiveBiz) CACI International has received two task orders worth $29.8 million combined to provide investigation support and legal assistance services for the U.S. Securities and Exchange Commission
Products, Services, and Solutions
Facebook slowly fine-tuning its popular ThreatExchange (Help Net Security) Facebook's ThreatExchange, which was unveiled this February, is apparently a hit with organizations, and they are vocal about the ways they believe it could be improved
Barracuda Upgrades Web Security Tools, Especially for Schools (Top Tech News) Campbell, Calif.-based Barracuda Networks said it has enhanced its suite of firewall products, improving support for transparently redirecting traffic and thus enabling easier integration between discrete firewall and Web security Relevant Products/Services appliances
YC-Backed Cymmetria Uses Virtual Machines To Decoy And Detect Hackers (TechCrunch) YC-backed Cymmetria, which is uncloaking from stealth now after around a year working its cyber security startup business, wants to tilt the traditional security odds so it's hackers who are left feeling vulnerable and on their guard — by giving the businesses whose systems are under attack a 'home advantage'
Technologies, Techniques, and Standards
IETF Officially Deprecates SSLV3 (Threatpost) Attacks such as POODLE and BEAST not only caused some sleepless nights for server admins having to patch against the respective weaknesses, but they also accelerated SSLV3 deprecation
How to find the best cyber security insurance for your firm (Reuters) A robust cyber security insurance policy can be tricky to procure, even for the most meticulous wealth management firms
Cybersecurity Insurance (Department of Homeland Security) Cybersecurity insurance protects businesses and individuals from Internet-based risks and from risks relating to information technology infrastructure and activities. The Department of Homeland Security National Protection and Programs Directorate (NPPD) has engaged key stakeholders to address this emerging cyber risk area
HITRUST CSF Assurance Program Adoption Key to More Effective Third-Party Risk Management in the Healthcare Industry (StreetInsider) Additional 7,500 business associates required to obtain CSF Certification within 24 months
Software developers are failing to implement crypto correctly, data reveals (IDG via CSO) Despite a big push over the past few years to use encryption to combat security breaches, lack of expertise among developers and overly complex libraries have led to widespread implementation failures in business applications
Time to Rethink Your Cybersecurity Strategy (Medical Device and Diagnostic Industry) Healthcare enterprise systems can be especially hard to secure against cyberattacks. An expert offers tips on how to get started
The Powershell Diaries 2 — Software Inventory (Internet Storm Center) After last week's story, hopefully you've got your "problem" users accounts identified. With that worked out, let's see about finding problem applications
The Internet's Dad Emailed 97,931 People to Let Them Know Their Passwords Were Compromised (Slate) Every time there's a major corporate or government hack and email address/password combinations pour onto the black market, you have to wonder whether your credentials are among them. But most of us don't take any action to check. If only we had a digital dad watching our backs and trying to help us stay safe
The cloud, FedRAMP and FISMA compliance (Help Net Security) Many federal agencies and government contractors are migrating to cloud-based computing, a trend that will pick up speed as the cloud becomes more efficient, more affordable, and more secure
How to survive a compliance audit (Help Net Security) Ipswitch polled 313 IT professionals in United States with 59 percent noting that they were not fully prepared to undergo an audit. Additionally, 75 percent of respondents lacked confidence that colleagues authorized to work with sensitive information are adequately protecting it
How to Deal with the Rise of Digital Abuse (Tripwire: the State of Security) On my way to a client site, I was listening with interest to a report on Radio 4 discussing a news article covering the rise of offences against women, including offences associated with the cowardly utilisation of the Internet to target, stalk, and to impose mental anguish and misery on the intended target of abuse. However, to maintain the correct balance, we should not forget that whilst it may be to some lesser extent, such despicable offences are also leveraged against the male populace
Design and Innovation
Ford Using Smartphones to Drive Smarter Compliance (Corporate Counsel) The automaker's compliance team created an app that allows employees to get guidance on their phones. Now they hope the workforce will download it
US Cyber Challenge & Virginia Tech Host Successful Cybersecurity Camp & Competition for Elite Cybersecurity Talent (US Cyber Challenge) Today, participants of the annual US Cyber Challenge (USCC) Eastern Regional Cyber Camp competed in a "Capture-the-Flag" competition to demonstrate their knowledge and skill of cybersecurity and compete to win one of a limited number of (ISC)2 scholarships. The winners of the competition included Joseph Workman, Turner England, Rob Pescatore and Jesse Ruffin
Grooming 'white-hat hackers' (San Diego Union-Tribune) Cyber boot camp teaches teens evil tricks of the trade to stop them
Legislation, Policy, and Regulation
Industry warns proposed arms export rule will thwart basic cyberdefenses (Christian Science Monitor Passcode) A Department of Commerce proposal that aims to keep surveillance software out of the hands of repressive regimes may inadvertently harm the security industry and chill security research efforts
U.S. defense bill dubs N. Korea as strong cyber power (Yonhap) The U.S. defense budget bill for next year has singled out North Korea, along with China and Russia, as foreign powers with strong cyber capabilities
CSE says Snowden leaks eroding spy agency's long-term advantage over foes (Calgary Sun) Canada's electronic spy agency says leaks by former U.S. intelligence contractor Edward Snowden have "diminished the advantage" it enjoyed over terrorists and other targets, both in the short term and — of more concern — well into the future
Expert says NZ should seek 'Five Eyes' role change to protect China relations (Stuff) New Zealand should seek changes to its role in the "Five Eyes" intelligence alliance so it can avoid spying on important trading partners like China, a senior security analyst says
U.S., China agree to cybersecurity code of conduct (SC Magazine) After a tumultuous couple of years of exchanging accusations and expressing distrust over cyberespionage and spying — most recently with Director of National Intelligence (DNI) John Clapper laying responsibility for the Office of Personnel Management (OPM) breaches squarely at the feet of the Chinese — the U.S. and China said they've reached an accord of sorts, a code of conduct for cybersecurity going forward
OPM Attack Raises Delicate Political Questions (Defense News) In public remarks, US officials appear to be split over whether to blame China for a pair of major breaches that compromised deeply personal data for millions of federal employees, suggesting a potential policy gap and uncertainty about how best to respond
OPM Chief's New Cyber Defense Operation Has Potential, Private Investigators Say (Nextgov) A cyber strategy announced last week by the head of the agency that hackers robbed of sensitive dossiers on federal employees has potential to deter future attacks, say private investigators who probe computer espionage campaigns
House Republicans call for OPM Director Katherine Archuleta's removal (Washington Times) House Republicans are asking President Obama to fire Office of Personnel Management Director Katherine Archuleta following a massive data breach that exposed the personal information of millions of federal employees
Federal Employee Advocates Want Special IT Task Force to Handle OPM Hack (Government Executive) More than two dozen advocates for federal employees and retirees want President Obama to create a special information technology task force to help investigate the massive security breaches at the Office of Personnel Management and help prevent future attacks
Federal CIO Tony Scott backs OPM approach to cyber fixes (Federal News Radio) Federal Chief Information Officer Tony Scott wants the bandwagon of lawmakers to slow down and reconsider their calls for Office of Personnel Management Director Katherine Archuleta and CIO Donna Seymour to resign
Federal Cybersecurity: Not Even Good Enough for Government Work (Reason) Epic government fail, yet no one is responsible
Constructing a Cyber Superpower (Defense News) At 5 years old, US Cyber Command faces growth, challenges
Turns Out the US Launched its Zero-Day Policy in Feb 2010 (Wired) A newly released document from the FBI sheds a little more light on the government's controversial policy around the use of zero-day exploits. Though there is still much we don't know, the question of when the secretive policy was put into place is finally answered: February, 2010
DOD Interpretation of The Laws of War Allow Botnet Creation? (Lawfare) I was struck by Charlie Dunlap's take on the DOD Law of War manual regarding cyber operations, especially on how cyberattacks are carried out. Charlie notes the manual's instruction that "remote harms and lesser forms of harm, such as mere inconveniences or temporary losses, need not be considered in applying the proportionality rule." The manual also states that the "military advantage anticipated from an attack" indicated in the proportionality rule "is intended to refer to an attack considered as a whole, rather than only from isolated or particular parts of an attack"
Sloppy Cyber Threat Sharing Is Surveillance by Another Name (Just Security) Imagine you are the target of a phishing attack: Someone sends you an email attachment containing malware. Your email service provider shares the attachment with the government, so that others can configure their computer systems to spot similar attacks. The next day, your provider gets a call. It's the Department of Homeland Security (DHS), and they're curious. The malware appears to be from Turkey. Why, DHS wants to know, might someone in Turkey be interested in attacking you? So, would your email company please share all your emails with the government? Knowing more about you, investigators might better understand the attack
Litigation, Investigation, and Law Enforcement
Courts Restrict Ability of Customers and Employees to Sue Companies Following a Data Breach, But Risks of Other Liabilities Remain (Workplace Privacy Data Management and Security Report) Among the multitude of unpleasant issues facing a company whose network has been breached is potential liability to customers and employees whose personal information has been compromised. However, recent district court decisions from around the country continue to limit the opportunity of those customers and employees to have their day in court
A Busy Week for Ne'er-Do-Well News (KrebsOnSecurity) We often hear about the impact of cybercrime, but too seldom do we read about the successes that law enforcement officials have in apprehending those responsible and bringing them to justice. Last week was an especially busy time for cybercrime justice, with authorities across the globe bringing arrests, prosecutions and some cases stiff sentences in connection with a broad range of cyber crimes, including ATM and bank account cashouts, malware distribution and "swatting" attacks
Twin computer prodigies plead guilty to schemes to hack State Dept., others (Washington Post) Twin brothers from Springfield have pleaded guilty in federal court in Alexandria to a series of computer hacking schemes that involved stealing credit card information, breaking into State Department computers and obtaining data from a private company
Private eye jailed for hacking email of Scientology critics and others (Naked Security) A private investigator from Astoria, New York who broke into the email accounts of two prominent critics of the Church of Scientology was sentenced on Friday in federal court to three months in jail
Councillor's Facebook account targeted as part of cyber porn attack on independence supporters (National) Clackmannanshire Council's deputy provost Irene Hamilton revealed how she was targeted in the cyber-porn attack on pro-independence supporters
Court orders Facebook to identify revenge porn poster (Naked Security) Facebook has been ordered to help a young woman find out who published an intimate video of her on the social network without her permission
Bitcoin poker site founder takes plea deal to avoid jail time (Ars Technica) Bryan Micon gets probation and fine after running afoul of gambling authorities
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, Jul 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program. There is no cost to attend this meeting
Cyber Security Exchange (Florida, USA, Dec 6 - 8, 2015) This dynamic, three-day event will provide Cyber Security executives with valuable insights to reach their full potential by exploring security leadership strategies, heightened data privacy concerns, the ever-changing advanced threat landscape, efficient identity access management and more
NSA Information Assurance Symposium (IAS) 2015 (Washington, DC, USA, Jun 29 - Jul 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred Information Assurance event of the year. Leaders and practitioners will deliver vital and relevant answers, direction, and best practice advice for carrying out the Information Assurance mission. The IAS brings, policy, governance, technology, hands-on training and networking opportunities to attendees from across government, industry, and academia. Upwards of 2,000 IA professionals area expected to attend with ample opportunities for cross-community collaboration to address the community's most challenging IA concerns. Presentations, training, and demonstrations pertinent to today's work and work planned for the future will be shared during this event. U.S. Government, U.S. Government sponsored contractors, 2nd Party Government, 2nd Party Government sponsored contractors, Academia, and Industry participants will be represented
US News STEM Solutions: the National Leadership Conference (San Diego, California, USA, Jun 29 - Jul 1, 2015) San Diego offers the perfect backdrop for the 4th annual U.S. News STEM Solutions National Leadership Conference, June 29 — July 1, 2015 in San Diego, CA. Please make your plans now to join fellow leaders from business, education and government to maintain our hard-won momentum and forge the STEM workforce of tomorrow
Information Assurance Symposium (Washington, DC, USA, Jun 29 - Jul 1, 2015) The NSA Information Assurance Directorate (IAD)'s Information Assurance Symposium (IAS) is a biannual forum hosted by the National Security Agency (NSA). IAS events of the past have proven to be the preferred Information Assurance event of the year. Leaders and practitioners will deliver vital and relevant answers, direction, and best practice advice for carrying out the Information Assurance mission. The IAS brings, policy, governance, technology, hands-on training and networking opportunities to attendees from across government, industry, and academia
Cyber Security for Healthcare Summit (Philadelphia, Pennsylvania, USA, Jun 29 - Jul 1, 2015) Our IQPC Cyber Security for Healthcare Summit will help Hospitals and Medical Device manufacturers to prepare and manage risks by viewing cybersecurity not as a novel issue but rather by making it part of the hospital's existing governance, risk management and business continuity framework
Cybergamut Tech Tuesday: The Truth About the Security of Your System (Elkridge, Maryland, USA, Jun 30, 2015) What does it take to secure a system? What is the logical approach to successfully achieve this endeavor? First, an understanding of who wants access and why is a necessary baseline to form a strategic approach. Next, an understanding of the critical assets in the organization is a must. Finally, an understanding of how to implement a risk-based approach sums up the discussion. Presented by: Dr. Susan Cole
National Cybersecurity Center of Excellence (NCCoE) Speaker Series: Janet Levesque, Chief Information Security Officer at RSA (Rockville, Maryland, USA, Jul 16, 2015) Traditional security models are failing. While the idea of a shift from prevention to detection has gained traction, most current approaches to detection rely heavily on the same techniques that have rendered preventative tools ineffective. The ultimate goal — disrupting and stopping attacks — has continued to elude security experts. The next stage in the industry's evolution is to move to a stance of "dynamic defense," which combines the ability to detect an attack and fully understand its scope and potential impact on the business, and then use the information to disrupt the attack before adversaries can accomplish their goals
TakeDownCon Rocket City (Huntsville, Alabama, USA, Jul 20 - 21, 2015) TakeDownCon is a highly technical forum that focuses on the latest vulnerabilities, the most potent exploits, and the current security threats. The best and the brightest in the field come to share their knowledge, giving delegates the opportunity to learn about the industry's most important issues. With two days and two dynamic tracks, delegates will spend Day 1 on the Attack, learning how even the most protected systems can be breached. Day 2 is dedicated to Defense, and delegates will learn if their defense mechanisms are on par to thwart nefarious and persistent attacks
CyberMontgomery 2015 (Rockville, Maryland, USA, Jul 30, 2015) Montgomery County, Maryland, is home to the National Institute of Standards and Technology (NIST), the National Cybersecurity Center of Excellence (NCCoE), the FDA, NIH, NOAA, NRC and more than a dozen other Federal agencies, plus regional State and local agencies, educational institutions (such as Montgomery College, the Universities at Shady Grove, a satellite campus of Johns Hopkins, and the Bethesda-based SANS Institute), plus scores of cyber companies, ranging from start-ups to multinational corporations such as Lockheed Martin, employing upwards of 37,000 people in cyber-related jobs. With cybersecurity constituting a major growth engine in the region for many years to come, and with leading Federal government, industry and academic assets already in place in the region, the annual CyberMontgomery conference serves to bring them together so that they can coalesce and elevate the cyber ecosystem to a level of national prominence. In that light, CyberMontgomery provides clear direction on finding business opportunities, contracting, forecasted demand areas, workforce development, recruiting & staffing, legal responsibilities for businesses, updates on technologies being developed in the County, and summary updates regarding our NCCoE neighbors, federal civilian agencies and commercial sector leaders