The CyberWire Daily Briefing 10.13.15
news from the Association of the United States Army 2015 Annual Meetings
The CyberWIre is covering the AUSA's 2015 annual meetings. Here at the invitation of, and with the support of, the Military Cyber Professionals Association, we're attending special breakout sessions dealing with cyber security. You'll find a full account of the session we attended yesterday, "Threats in a Complex World," linked below. The panelists offered theire perspective on what the spectrum of conflict looks like today, and the implications that spectrum has for those who operated in cyberspace. New forms of electronic attack with a disturbingly retro feel, the dependence of all domains on cyberspace, the low barriers of entry to cyber warfare, and, above all, how the online world has transformed information operations were all discussed.
We've collected some articles relevant to yesterday's discussion in the special section below. We'll continue to provide live coverage today and tomorrow.
Russian projection of power into the Levant prompts US worries about the likelihood of accompanying cyber attacks. A senior US Air Force leader says the US is on increased alert (but declines to further specify the alert measures). Other observers voice concern over the Russian government's increasing coordination with cyber criminal elements.
Analysts see Chinese territorial ambitions in the South China Sea as the fons et origo of ongoing PLA regional cyber espionage.
Dow Jones discloses a breach thought to be related to the one recently suffered by Scottrade.
Researcher report Zhone SOHO routers vulnerable to hijacking. Other SOHO routers, from Netgear, suffer from an authentication bypass flaw that's being exploited in the wild.
New reports of medical device vulnerabilities surface; physicians are warned to be on their guard. Environmental risk managers and commercial aviation receive similar cautions.
In industry news, the big story over the long weekend is Dell's acquisition of EMC. It's a stunningly large buy (some $67 billion, said to be a record for the tech sector) and it will have large implications for the market. Dell quietly filed for a SecureWorks IPO as it finalized the deal; EMC's RSA division is also expected to go on the block.
Cyber security remains a top concern of the insurance sector, where premiums for cyber insurance are reported to have "massively increased" in the wake of recent incidents.
Safe Harbor's expiration receives continued scrutiny.
China arrests some of its hackers for industrial espionage. Extradition to the US is unlikely.
Today's issue includes events affecting Australia, Cambodia, Canada, China, Colombia, Indonesia, Iran, Iraq, Japan, Democratic Peoples Republic of Korea, Laos, Malaysia, Myanmar, Nepal, Nigeria, Philippines, Russia, Singapore, Thailand, United Arab Emirates, United Kingdom, United States, and and Vietnam.
Washington, DC: the latest from AUSA
2015 AUSA Annual Meeting & Exposition, Day 1: Threats in a Complex World (The CyberWire) On Monday the CyberWire attended a panel on "Threats in a Complex World." The presentations provided a larger context for understanding international and transnational cyber conflict
AUSA Emphasizes Increased Army Role in Homeland Security (Defense News) The Association of the United States Army's annual convention (AUSA) in recent years has had a large focus on how to fight and win in a complex world and on what the Army is doing outside of the United States, a logical direction considering the myriad growing threats around the globe
Official: US Takes A 'Whole-Of-Government Approach' To Cyberattacks (DefenseNews) As the US faces an increasingly volatile cyber landscape, with threats and attacks coming from state and non-state actors, responsibilities and responses will increasingly be governmentwide, a top US cyber official said Friday
Cyber warriors on the new frontline (The Australian) Countries toiled for years and spent billions of dollars to build elaborate facilities that would allow them to join the exclusive club of nations that possessed nuclear weapons. Getting into the cyber weapon club is easier, cheaper and available to almost anyone with cash and a computer
DoD sends cyber mission forces into the fray (Federal News Radio) Some cyber forces created as part of the Defense Department?s cyber strategy released this spring are trained, ready and participating in operations
'Trail Boss' Prioritizes Cyber Situational Awareness (Defense News) Col. Joseph Dupont is the US Army?s first cyber "trail boss" and he equates his job to "wrapping my arms around water and holding on tight"
Cyber Attacks, Threats, and Vulnerabilities
U.S. more closely monitoring cyberspace after Russian bombings in Syria, general says (Air Force Times) The U.S. is monitoring the cyber landscape for potential threats that could emerge due to the conflict in Syria, Air Force Lt. Gen. James McLaughlin said Oct. 9, but he declined to comment on what sorts of cyber threats Russian involvement in the war could create
Kremlin's ties to Russian cyber gangs sow US concerns (The Hill) The relationship between Moscow and Russian cyber gangs may be tightening, spurred by international sanctions and disputes with the United States over military action in Ukraine and Syria, experts and federal lawmakers warn
PLA's cyber attack unit linked to S. China Sea takeover campaign (World Tribune) China has launched a new cyber warfare unit tasked with targeting Southeast Asian nations and solidifying Beijing's political and military dominance in the South China Sea
Battle against ISIL is about narratives (The National) The Iraqi air force claims to have hit the convoy of ISIL leader Abu Bakr Al Baghdadi in an air raid near the Syrian border at the weekend
Dow Jones & Co. discloses breach, incident likely related to Scottrade (CSO) Dow Jones says 3,500 subscribers impacted
Thousands of Zhone SOHO routers can be easily hijacked (Help Net Security) Two days before he is scheduled to give a talk about discovering and exploiting 0-day vulnerabilities in SOHO routers' firmware, security researcher Lyon Yang has released details about a number of vulnerabilities in routers made by California-based Zhone Technologies, the exploitation of some of which can result in the routers being hijacked
Authentication bypass flaw in Netgear SOHO routers exploited in the wild (Help Net Security) A critical security vulnerability affecting nine Netgear router models is being exploited in the wild
Thousands of 'Directly Hackable' Hospital Devices Exposed Online (Information Security Buzz) Thousands of critical medical systems — including Magnetic Resonance Imaging machines and nuclear medicine devices — that are vulnerable to attack have been found exposed online
Docs Must Evaluate New Technology's Security Risks (Diagnostic Imaging) When physicians are forced to weigh the necessity of technology against the financial cost associated with it, there is an understandable temptation to cut corners in order to save money
Can Cybercriminals Bypass Improved Security Protections On Adobe Flash Player? (Neurogadget) Adobe recently announced improvements to the security protections available on its Flash Player
Faked NatWest, Halifax bank sites score REAL security certs (Register) Netcraft wonders if CAs are taking verification rules seriously
Vulnerability in Kaspersky prevented users from getting crucial software updates (TWCN) A component of the Kaspersky Internet Security was found to be preventing its users getting timely security updates or browsing even the safe websites
Variants now spawning off new Android SMS malware (SC Magazine) AndroidOS.SmsThief does what it says on the tin — acts as a thief through SMS, on Android
One Phish, Two Phish, Bad Phish: Don't Click! (Cyveillance B,og) Although phishing has been around for many years, a surprising 23 percent of phishing email recipients will still open messages, and 11 percent will click on attachments, according to the 2015 Verizon Data Breach Incident Report
What Went Wrong at Experian (and How It Could at Lots of Other Places, Too) (PYMNTS) As almost everyone knows, the credit rating firm Experian closed off last week with every business' least favorite headline: They'd been breached to the tune of 15 million T-Mobile customers' account data going right out the virtual door
Caught in the crossfire (Banking Technology) In the early hours of 10 February 2014, hackers struck the Las Vegas Sands Corporation. Within hours, malware had obliterated much of the company?s IT systems, wiping hundreds of computers clean, deleting key company files, destroying the backups and shutting down servers. Within less than 24 hours, the attack inflicted an estimated $40 million worth of damage
Why Environmental Risk Managers Need to Worry About Cybersecurity (In Homeland Security) According to the Department of Homeland Security, cybersecurity is a big deal
European aviation body warns of cyber-attack risk against aircraft (SC Magazine) Hackers could infiltrate critical systems that keep planes up in the air, warns the chief of the European Aviation Safety Agency
Bulletin (SB15-285) Vulnerability Summary for the Week of October 5, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week
Security Patches, Mitigations, and Software Updates
Security researcher gets $24k in reward money from Microsoft for Hotmail hack (Techworm) A security researcher was able to pull out a $24,000 in reward money from Microsoft for successfully hacking its Hotmail email service and finding a cross-site request forgery (CSRF) exploit that could allow a hacker take control of an official account
Huawei has Addressed the Security Loophole in its 4G Modems (TechFrog) Huawei has addressed a security flaw in the E-3272s 4G USB modem which could allow attackers to gain entire control over hosts' PCs
GnuPG 2.1.9 released (Help Net Security) The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard which is commonly abbreviated as PGP
PBS NOVA program on cybersecurity (Control Global) October 14th, PBS NOVA will show "Cyber War Threat." Program information and trailer can be found here. The program will feature people involved with discovering Stuxnet, a discussion of Aurora including with a utility implementing the Aurora hardware mitigation, and other subjects
What will the CISOs of 2020 look like? (CSO) Ever since its inception in the late 1990s, the CISO job has tended to be a very technical job
Ex-LulzSec member: 'Hacking is turning something upside down to see how it operates' (TechWorld) If businesses want to avoid the monumental Anonymous and '50 Days of Lulz' cybercrime epidemics, young coders need better education on ethics, says ex-LulzSec hacker Tflow
Theoretical computer science provides answers to data privacy problem (Help Net Security) The promise of big data lies in researchers' ability to mine massive datasets for insights that can save lives, improve services and inform our understanding of the world
Japan's Cybercrime Underground On The Rise (Dark Reading) New report sheds light on stealthy cybercrime operations in Japan
No Longer Your Grandma's PC Company — Dell Acquires EMC in Historic $67 Billion Deal (FBR Flash) This morning (October 12), in a historic merger, Dell announced an acquisition of EMC, after a week of deal speculation, for a tech record $67B
EMC/Dell Deal a Major Wake-Up Call to Other Mature Tech Stalwarts (FBR Flash) With the landmark $67 billion EMC/Dell deal becoming a reality yesterday, we believe there will be wide-reaching ramifications across the tech space for years to come from this transaction
Dell Files Confidentially for IPO of Cybersecurity Unit SecureWorks (Wall Street Journal) SecureWorks could begin trading by year-end and may be worth as much as $2 billion
Dell Acquisition of EMC Has Big Cybersecurity Implications (Dark Reading) The devil will be in the details, but if company cooks up a winning integration strategy to combine the likes of SecureWorks and RSA, it is poised to become a major cybersecurity player
RiskIQ Acquires PassiveTotal to Expand Portfolio of Threat Infrastructure Analysis Capabilities (Realwire) RiskIQ, the Enterprise Digital Footprint Security company, today announced that it has acquired PassiveTotal to expand its portfolio into threat analysis
Cyber security, regulation top insurer concerns (Business Insurance) Insurers will confront competing priorities of cyber risk and regulatory challenges for time and resources, according to a survey released Monday by Minneapolis-based Wolters Kluwer Financial Services Inc
Cyber insurance premiums rocket after high-profile attacks (Reuters) A rash of hacking attacks on U.S. companies over the past two years has prompted insurers to massively increase cyber premiums for some companies, leaving firms that are perceived to be a high risk scrambling for cover
New KEYW CEO Bill Weber: 'We are not a $6- or $7-a-share stock' (Baltimore Business Journal) KEYW Holding Corp.'s new CEO knows exactly who he is not
Israeli cybersecurity firm raises $50M (The Hill) A subsidiary of the Japanese telecommunications firm SoftBank Group Corp. has invested $50 million in the Israeli cybersecurity startup Cybereason, The Wall Street Journal reports
Colorado cybersecurity firm plans expansion, will hire hundreds (Denver Business Journal) Colorado cybersecurity firm Coalfire Systems Inc. plans to hire hundreds of new employees over the next year and expand its local offices after landing well-connectors majority owners
Six Firms Win $5B US Air Force Cybersecurity, Info Systems Contract (GovConWire) The U.S. Air Force has awarded six companies a $5 billion multiple-award contract to perform cybersecurity and information systems services
Pentagon, Military Block Use of Chinese Telecom Gear (Washington Free Beacon) Security fears raised on Huawei at DoD, NSA, Cyber Command
New Jersey cybersecurity firm Comodo picks Atlanta for sales hub (Atlanta Business Chronicle) Clifton, N.J.-based cybersecurity software firm Comodo Group Inc. has opened a marketing and sales hub location in Midtown Atlanta
$75 Billion Global Cybersecurity Market (Connection) Northern Virginia is "hotbed for cyber security entrepreneurship"
Products, Services, and Solutions
Darktrace wins at the 2015 Computing Security Awards (Cambridge Network) Darktrace, the Cambridge-based leader in Enterprise Immune System technology, has won the ?Best Enterprise Security Solution of the Year? award at the 2015 Computing Security Awards
AlienVault Launches USM 5.2 For Data Security Compliance (Dark Reading) Platform delivers over 30 audit-ready reports for PCI-DSS 3.1 and HIPAA, along with rapid report delivery
CrowdStrike's security software targets bad guys, not their malware (TechRepublic) Malware-based defenses are no longer effective, according to CrowdStrike. Find out how the company is working to defeat attackers
Fortinet Delivers Advanced Cybersecurity to Software-Defined Data Centers (MarketWatch) Fortinet's FortiGate VMX with VMware NSX enables automated policy-driven network segmentation for the data center
CyberUnited LIFARS Alliance With red24 to Provide Global Cybersecurity Services (PRNewswire) The cybersecurity partnership of CyberUnited LIFARS has announced a new agreement with the London-based global risk management firm of red24 to provide a full complement of cybersecurity business intelligence, digital forensics, and incident response capabilities
Technologies, Techniques, and Standards
NSA Recommendations Include High Entropy and Longer Keys to Protect Against Quantum Computer Developments (CTO Vision) Currently, the NSA's Information Assurance Directorate (IAD) only uses approved Suite B cryptographic algorithms, specified by the National Institute of Standards and Technology (NIST), to protect classified and unclassified National Security Systems (NSS)
Survey: Executive Buy-In Most Critical Component of Successful Cybersecurity and Privacy Programs (Legaltech News) The survey uncovers the need for executive buy in, as well as employee education
Security: An Innovation Enabler for Retailers (SecurityWeek) To better protect POS systems and innovate to improve customer satisfaction and operational efficiency, retailers need to think differently about security
Avoiding the Dangers of Bring Your Own Cloud in E-Discovery (Legaltech News) After wrestling with BYOD issues for the better part of a decade, BYOC has arrived to cause new issues for discovery
'Ransomware' a game-over scenario unless you have backups (USA TODAY) Q. I thought I went to Microsoft?s site to download a malware finder, but instead this program told me all my files are encrypted and I must pay 3 Bitcoin or $700 to get them unlocked. What can I do?
The Pros And Cons Of Automating Network Security (Lifehacker) The automation of IT is on the rise, as noted by Gartner earlier this week as organisations increasingly opt to use intelligent systems that obviate the need for human intervention
Design and Innovation
A Call for Open Cybersecurity Middleware (Network World) Swisscom proposing a standard abstraction layer for integration and more rapid incident detection and response
Research and Development
DARPA director on the future of war and securing the Internet of Things (Christian Science Monitor Passcode) At a Passcode event on Thursday, Defense Advanced Research Projects Agency Director Arati Prabhakar, along with leading government figures in cybersecurity, offered a rare glimpse into research happening in government labs
WSU to help improve cyber security in energy delivery (WSU News) Washington State University will participate in a new, five-year $28.1 million U.S. Department of Energy (DoE) initiative to improve computer/communication networks for energy delivery systems like power grids and pipelines
Hack-proof drones offer antidote for IoT security ?naiveté?: NICTA researcher (CSO Australia) Granular, mathematically-proven security controls built into NICTA's military-grade seL4 operating system will provide a model for countering the "naiveté" of Internet of Things (IoT) developers favouring functionality over security, the head of the organisation's Data61 research program believes
Help wanted: someone to hack cars for Canada defense research arm (Naked Security) If you're a hacker highly skilled at finding exploits in connected cars, here's a job for you — hacking cars for the Canadian military
How to Teach Teens About Cybersecurity (US News and World Report) Teachers and parents can help high school students learn about the growing field of cybersecurity
Legislation, Policy, and Regulation
Commercial spying or state espionage? (Straits Times) The recent US-China pact on cyber security tries to ban commercial intelligence but it may just cause a lull before a deeper tussle ensues for control of digital information
Cyberwar Ignites a New Arms Race (Wall Street Journal) Dozens of countries amass cyberweapons, reconfigure militaries to meet threat
Lawful Hacking May Be the Answer (Cipher Brief) According to press reports, the White House has considered and rejected four options to address the so-called "going dark" problem where the growing ubiquity of encryption is making it harder for law enforcement agencies to collect evidence and investigate crimes
EU diplomat: Safe Harbor 2.0 must guard Europeans' 'fundamental rights' (Christian Science Monitor Passcode) In an interview at the Monitor on Thursday, David O'Sullivan, the European Union?s ambassador to the US, said he was confident that Europeans and their American counterparts could forge a new transatlantic data transfer deal that included more robust privacy protections
Opinion: Why the global tech industry needs Safe Harbor 2.0 (Christian Science Monitor Passcode) The demise of Safe Harbor may be a victory for privacy advocates but it leaves global tech companies in the lurch. A new version of the deal is needed so that companies can get back to work while improving privacy protections for users around the world
Opinion: With pervasive government surveillance, there are no safe harbors (Christian Science Monitor Passcode) This week's European ruling striking down the transatlantic Safe Harbor deal is a stark reminder that no one's data is safe until governments around the world reform digital surveillance practices
Sen. Charles Grassley: Update Neeede on Tech Provider Dialogue About Encryption (ExecutiveGov) Charles Grassley (R-Iowa), chairman of the Senate Committee on the Judiciary, has asked for updates from Deputy Attorney General Sally Yates on her planned dialogue with technology providers regarding encryption-related public safety concerns
Obama administration opts not to force firms to decrypt data — for now (Washington Post) After months of deliberation, the Obama administration has made a long-awaited decision on the thorny issue of how to deal with encrypted communications: It will not — for now — call for legislation requiring companies to decode messages for law enforcement
The thin line between military and civilian cyber defense (FCW) How will military and civilian cyber response teams collaborate in the event of a cyberattack on U.S. critical infrastructure?
Carter, U.K. Counterpart Discuss the Way Ahead in 21st Century (US Department of Defense) Today's discussions of defense matters and ways to deepen the U.S. and U.K. partnership come at a critical time for British defense planning, Defense Secretary Ash Carter said in London during a joint press conference with his U.K. counterpart
CIA Steps Up Its Game in Cyberfight Against Hackers (Fiscal Times) The CIA is making a great leap into the 21st century
Lack of trust for banks causes NHS rethink over Verify online identity scheme (ComputerWeekly) NHS trials of the Verify ID assurance system found patients concerned over using banks to allow access to medical data
CYBERCOM Writes Own Software: Accelerating Acquisition (Breaking Defense) A Pentagon procurement process that takes a decade to deliver can?t keep up with fast-advancing frontline of cyberwar
The Digital War: Air Force leaders say they want more airmen with cyber experience (Air Force Times) The Air Force plans to expand its cyber capabilities and boost the field as part of a planned increase in end strength
DHS lacking clear guidance for maritime port cyber reporting (Federal News Radio) United States maritime port authorities are unclear who to report to and what to report during a cyber attack, highlighting the need for the government to issue cybersecurity guidance for the nation?s port infrastructure
Are our ports protected from cyber pirates? (FCW) When Edward Teach blockaded Charleston, South Carolina, in 1718, he had an easy go of it as the port lacked guard ships — but word spread among colonial governors, and the pirate known as Blackbeard would be hunted down and killed within the year
Rhode Island Cybersecurity Commission Report Delivers Plan to Enhance Cybersecurity Efforts Statewide and Nationally (BusinessWire) Report provides specific recommendations to strengthen state's security and resiliency assets and grow a strong multidiscipline cybersecurity community
Litigation, Investigation, and Law Enforcement
Chinese hackers arrested at US request (Help Net Security) Late last month, China's president Xi Jinping made a state visit to the US and it resulted, among other things, in an agreement that the US and China will provide each other timely responses to requests for information and assistance concerning malicious cyber activities, will cooperate with requests to investigate cybercrimes, and will not conduct or support cyber-enabled theft of intellectual property
Safe Harbor Ruling: A Digital Pearl Harbor? (Legaltech News) The EU finding against data Safe Harbor begs the question: are you prepared?
Lyft: It wasn't our CTO who cracked Uber's database (Naked Security) Imagine you're the CTO of a company in the red-hot market of ride-sharing
Security expert cancels talk on back of legal threat (SC Magazine) Security consultant Gianni Gnesa has been threatened with legal action ahead of a speech at the upcoming Hack in the Box conference in Singapore
Australian prime minister runs private e-mail server, uses Confide and Wickr (Ars Technica) Perhaps we should be celebrating not censuring this tech-savvy politician
Accused identity thief pleads guilty to fraud, tax charges (Chicago Sun-Times) A man accused of stealing the identity of the former head of the National Security Agency pleaded guilty Friday to fraud and tax charges — but not identity theft
Talking crime: Nigerian cyber-gang bust (Emirates 24/7) Security forum reviews policing methods
'One of world's largest child porn distributors' captured in Colombia (Colombia Reports) Colombia police said Thursday it has arrested one of the largest distributors of child pornography in the world
For a complete running list of events, please visit the Event Tracker.
ISSA International Conference (Orlando, Florida, USA, Oct 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.
HITB GSEC Singapore (Singapore, Oct 12 - 16, 2015) HITB GSEC Singapore is a three-day security conference where attendees get to vote on the final agenda and are introduced to speakers and each other based on the votes they cast
ACM-CCS (Conferences on Computer and Communications Security) (Denver, Colorado, USA, Oct 12 - 16, 2015) ACM-CCS is one of the longest running cyber security conferences in the world. It's been going on since 1993, and this year it will celebrate its 22nd edition. This flagship conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results in information security
New York Metro Joint Cyber Security Conference (New York, New York, USA, Oct 14, 2015) The New York Metro Joint Cyber Security Conference is a collaborative event cooperatively developed, organized and sponsored by the leading information security industry organizations and chapters
NASA Goddard Cyber Expo (Greenbelt, Maryland, USA (also available by webex), Oct 2, 2014) The 2014 Goddard Cyber Expo will be a dedicated Information Technology & Cyber Expo at this secure facility hosted by the Office of the Chief Information Officer. The OCIO will be recruiting speakers to provide informational sessions on relevant Cyber issues. Industry exhibitors may sit in on the sessions. This event will be promoted to all NASA Cyber and IT-focused personnel, as well as the entire workforce at this location
BSides Portland (Portland, Oregon, USA, Oct 16 - 17, 2015) BSides PDX is a gathering of the most interesting infosec minds in Portland and the Pacific Northwest! Our passion about all things security has driven attendance from other parts of the country. Our goal is to provide an open environment for the InfoSec community to engage in conversations, learn from each other and promote knowledge sharing and collaboration
SecTor (Toronto, Ontario, Canada, Oct 19 - 21, 2015) Illuminating the Black Art of Security. Now entering its 9th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences. The conference provides an unmatched opportunity for IT Professionals and Managers to connect with their peers and learn from their mentors
Cyber Defense San Diego 2015 (San Diego, California, USA, Oct 19 - 24, 2015) Cyber security training in San Diego CA from SANS Institute, the global leader in Information Security training. SANS Cyber Defense San Diego 2015 features hands-on, immersion-style training courses for security professionals at all levels. Many of these security courses have Certifications that are aligned with DoD Directive 8570/8140 and most courses at this event are associated with GIAC Certifications. SANS delivers unparalleled security training with world-class Instructors
2015 Cyber Risk Insights Conference (New York, New York, USA, Oct 20, 2015) The world's largest cyber risk event for P&C professionals. Save-the-date for Advisen's 5th annual Cyber Risk Insights Conference in New York City with a full-day program that takes place on October 20, 2015
2015 Government Cybersecurity Forum (Washington, DC, USA, Oct 20, 2015) The Government Cybersecurity Forum was created three years ago a result of the complexity of today’s global threat environment. As more devices connect to the Internet and data breaches continue to escalate, the hottest debate in cybersecurity revolves around the balance between privacy, anonymity, technology and security. For the first time ever, join leading government, military, technology and policy experts as they gather in one room to help solve this urgent issue facing the government and industry in securing infrastructure
Cyber Security Summit: Boston (Boston, Massachusetts, USA, Oct 9, 2015) The Cyber Security Summit provides an exclusive business environment to meet with Senior Executives who are seeking innovative solutions to protect their business & critical infrastructure. Delegates at the Cyber Security Summit are prequalified based on their willingness to meet with Solution Providers and proven ability to purchase products and services
Swiss Cyber Storm (KKL Lucerne, Switzerland, Oct 21, 2015) Swiss Cyber Storm 2015 is an international IT security conference that provides essential information about national cyber security issues, critical for both government and private infrastructures. The event also includes a cyber challenge competition held beforehand, which offers the best security talents a chance to be invited to the conference
DevSecCon (London, England, UK, Oct 22, 2015) DevSecCon is a newly formed, non-profit conference for DevOps and SecOps practitioners, run by practitioners. By creating a neutral platform, we will exchange and create new ideas on how to leverage the best of both worlds
2015 North American International Cyber Summit (Detroit, Michigan, USA, Oct 25 - 26, 2015) The North American International Cyber Summit 2015 hosted by Michigan Governor Rick Snyder, is set to take place in the heart of Downtown Detroit at the newly remodeled Cobo Center for the second straight year. As in the previous three sold-out summits, this year's event will bring together experts from across the globe to address a variety of cybersecurity issues impacting the world of business, education, information technology, economic development, law enforcement and personal use
ICS Cyber Security Week (Atlanta, Georgia, USA, Oct 26 - 29, 2015) ICS Cyber Security Week is the longest-running cyber security-focused conference dedicated to the industrial control systems sector. The event caters to critical infrastructure organizations in the following sectors: energy, utility, chemical, transportation, manufacturing, and many more
Cyber Awareness & Technology Days (Colorado Springs, Colorado, USA, Oct 27 - 28, 2015) The Information Systems Security Association (ISSA) Colorado Springs Chapter http://www.issa-cos.org will once again host the 6th Annual Cyber Security & Information Technology Days set to take place at Peterson AFB on Tuesday, October 27, 2015 and at Ft Carson on Wednesday, October 28, 2015. Both events are being conducted in October to coincide with National Cyber Security Awareness Month as a way to encourage collaboration between local military personnel and industry partners. Government and Industry experts will be on hand to brief attendees on the latest trends, best practices and remediation strategies, in the cyber security field. These one day forums will offer Cyber Security & Information Technology personnel a unique, local opportunity to get up-to-date informaton on rapidly evolving security security challenges
Designing Secure Healthcare Systems (Long Branch, New Jersey, USA, Oct 27 - 29, 2015) Designing Secure Healthcare Systems is a three day intensive and immersive workshop…by healthcare hackers for healthcare technologists. Over the three days you will go from the basics of SQL injection to the over the top advanced concepts used to break code — you will learn not just by watching — but by doing. Regardless of your programming background or technical focus, you will walk away much better prepared to design and develop secure healthcare information technology systems
Cloud Security Alliance Summit NYC 2015 (New York, New York, USA, Oct 28, 2015) The full-day Cloud Security Alliance NYC Summit is a standalone event in Manhattan. Co-hosted by the CSA NY Metro and CSA Delaware Valley chapters, some 200 well-qualified attendees are expected. The theme is "Enterprise Lessons Learned in Cloud Security," with experts from financial services and other key industries. Viney Patel, Director, Global Head of Information Security at Citi Technology Infrastructure and Dan Reynolds, VP, Chief of Security and Information Architecture at Omnicom Media Group will be keynote speakers
Data Breach Summit Asia 2015 (Mumbai, India, Oct 28, 2015) As Cyber Security continues to become a challenge for all industries, ISMG's Data Breach Summit a unique, one-day event will focus on the issues to help the participants learn more about how to prevent cyber security breaches as well as how to mitigate the situation should a breach occur. The summit will provide an unparalleled platform to the attendees to engage in dialogue on real-world solutions protecting their organisations
Technology & Cyber Awareness Day (Aurora, Colorado, USA, Oct 28, 2015) The Buckley Air Force Base Technology & Cyber Security Day is a one-day event held on-site, where industry vendors will have the opportunity to display their products and services to IT, Comm, Cyber and Intelligence personnel. FBC will invite personnel from all major units and tenants at Buckley AFB, including ADF personnel
CyberMaryland 2015 (Baltimore, Maryland, USA, Oct 28 - 29, 2015) Now entering its 5th year, the Federal Business Council is proud to bring you the CyberMaryland 2015 Conference. The conference theme this year is "Collaborate.Educate.Innovate"
Cyber Security World 2015 (Washington, DC, USA, Oct 28 - 29, 2015) Cyber Security World 2015 brings together security experts, practitioners, and researchers who will share their firsthand knowledge and open the discussion to information sharing between public and private sector attendees. Join us in Washington, D.C. for two days of deep dive discussion on cybersecurity management and strategy, operations, cybercrime, and privacy. You're sure to walk away with new ideas you can implement in your organization to combat the cyber threat
Hackito Ergo Sum (Paris, France, Oct 29 - 30, 2015) No commercial content, no vendor talk. First time presenters welcome. Highly technical talks only. Bonus point for offensive and weird ideas. Areas and domains: systems hacking & security, network hacking, non-x86 exploitation, mobile hacking, offensive forensics, hardware & firmware hacking, brain hacking, automated hardware reverse engineering
8th Annual Space, Cyber, and Telecommunications Washington DC Conference (Washington, DC, USA, Oct 29 - 30, 2015) The Space, Cyber, and Telecommunications Law team hosts an impressive lineup of the world's greatest minds annually at conferences in Washington DC and in Lincoln, Nebraska and at occasional events around the world. Explore our past conferences and learn about our upcoming events below