The CyberWire Daily Briefing 03.09.15

Cyber Trends

Stuxnet, Snowden and Sony: Why we've passed the cyber security tipping point (CSO) Heavy-handed pressures from tech-unaware legislators, successful strikes by laterally-thinking hackers, a growing tide of dissent about government intervention and corporate concerns about last year's massive hack of Sony Pictures corporate documents have pushed us past the security tipping point into an environment where cyber-attacks will increasingly become favoured tools of nation states and terrorist groups, a leading security journalist has warned

Financial firms are putting more stock in the cloud (Help Net Security) Many financial firms are slowly putting more stock in the cloud. That's a key finding from a new Cloud Security Alliance (CSA) survey, which targeted executives from banking, insurance and investment firms around the world

Why hacking is not a victimless computer crime (Channel 4 News) Hacking often seems a victimless offence. When the National Crime Agency announces it's arrested 57 alleged computer hackers, it's easy to believe that the crimes they're accused of didn't really "harm" anyone

Legislation, Policy and Regulation

Cybersecurity Law a Priority This Year: Top Official (Wall Street Journal) Chinese leaders have made the passage of a cybersecurity law a priority for this year, despite protests from the U.S. against the country's growing restrictions on technology firms

New Zealand PM refuses to rule out mass surveillance (ZDNet) New Zealand's prime minister has refused to rule out the possibility that the country's electronic spy agency conducts mass surveillance, while suggesting that New Zealanders are not legally entitled to be told when their communications data is collected

Europe reverses course on net neutrality legislation (Ars Technica) EU member states have voted in favor of allowing the prioritization of "specialized" services

On Cyber Arms Control (Apropos of the New York Times Editorial) (Lawfare) A bit late, but one more observation about the New York Times editorial calling for cyber arms control. In their words, "the best way forward [to reduce cyber threats] is to accelerate international efforts to negotiate limits on the cyberarms race," in much the same way that we did with the nuclear arms control treaties of the Cold War

Cybercom Chief: Cyber Threats Blur Roles, Relationships (Ameriforce) Over five years of U.S. Cyber Command operations, global movement of threat activity through cyberspace has blurred roles and relationships among government agencies, as well as between the public and private sectors and the real and virtual worlds, the Cybercom commander told a House panel

The Doomed Quest For The Golden Key (TechCrunch) Some months ago, the Washington Post waded into the debate about the NSA, pervasive surveillance, and end-to-end encryption with a call for Apple and Google to magically "invent a kind of secure golden key they would retain and use only when a court has approved a search warrant." This was met with a chorus of contempt and opprobrium

Cyber-Liberty Depends on Cyber-Security (American Thinker) My colleagues at the Fraser Institute have just published a report examining the issue of cyber-security from an underappreciated but crucial perspective, namely, the importance of cyber-security to liberty

Cybersecurity Challenges for Canada and the United States (Fraser Institute) The Internet was designed not with security in mind, but rather openness and the free flow of information. The resulting globally connected nature of the Internet has brought unprecedented levels of information and commercial exchange, contributed enormous gains to individual prosperity, empowered individuals, and promoted and expanded individual liberty. Only in recent years have governments, militaries, industries, firms, and individuals come to grips with the importance of protecting this critical sphere of activity on which so much liberty, property, and security depends. How to protect legitimate activity in cyberspace without compromising its open character is the challenge

Cyber Warriors Need Not Be Soldiers (Discover) Throughout history, warriors of all cultures have trained their bodies to endure physical hardship and combat, whether they wielded swords and shields or carried guns and ammunition. In the 21st century, countries such as China and Estonia have recruited a new breed of warriors who fight as part of cyber militias rather than as official military personnel in uniform

Spotlight: Obama takes executive action, still seeks law from Congress (USA Today) President Barack Obama has signed an executive order on cybersecurity aimed at boosting the defense of critical US infrastructure, while also avoiding the criticism over compromising civil liberties that its legislative predecessors suffered from

Lawmakers target data brokers in privacy bill (IDG via CIO) Four U.S. senators have resurrected legislation that would allow consumers to see and correct personal information held by data brokers and tell those businesses to stop sharing or selling it for marketing purposes

CIA re-orgs to build cyber-snooping into all investigations (Register) Because the USA has such a shortage of digital surveillance

Products, Services, and Solutions

Silent Circle: We haven't been served a single demand for data (ZDNet) Despite reports to the contrary, Silent Circle's general counsel said the company has not received a single government demand "of any type" for user or business data

CloudLock Joins ServiceMax Marketplace to Help Enforce Data Compliance (IT Business Net) The CloudLock Security Fabric will enable field service organizations to realize the business benefits of the cloud with confidence

The best mobile anti-virus software available (IT Pro Portal) With Mobile World Congress now behind us, we can reflect on an event dominated by innovative wearables, cutting-edge smartphones and flashy VR headsets, but which also showcased the importance of security

BioCatch pitches behavioural biometrics to detect new acount fraud (Finextra) BioCatch, the global leader in Behavioral Biometrics™, Authentication and Malware Detection, announced today the launch of its New Account Fraud Detection solution which detects fraud in new user accounts in the retail banking, eCommerce and payments industries.

Abine and Coinbase Launch 'Bitcoin Anywhere' Service Using Blur (Cointelegraph) Abine and Coinbase are using Blur to give Bitcoin users the ability to shop anywhere MasterCard is accepted. The service also comes with enhanced privacy tools

U.S National Security Approved Samsung Devices for Secret Mission (Insight Ticker) Samsung Electronics informed that U.S National Security Agency permitted the use of a Samsung smartphone for their official tasks. The officials will utilize the Galaxy devices to transfer confidential information and data which will certainly improve the reputation of the company

Technologies, Techniques, and Standards

Cyber Insurance: Managing the Risk (Tripwire: the State of Security) Cyber insurance is a hot topic of many debates today. It is believed to be the long-awaited cure for high-impact security risks, especially in light of constantly evolving privacy legislation and disclosure obligations — but what actually is it?

FREAK flaw: How to protect yourself now (ZDNet) The FREAK security hole is more widespread than previously thought. Here's everything users and system administrators need to know in order to stay safe now

Third-Party Vendors a Weak Link in Security Chain (eSecurity Planet) Security shortcomings of third-party vendors are a cybercriminal's dream. So security pros should revisit how they manage vendor relationships

Managing Vendor Risk Complexity: Insights from Financial Institutions (Bitsight) Earlier this week I had the privilege of attending the invitation-only BNY Mellon 2015 Third Party Risk Management Symposium

Breaches Reveal Patch Management Weaknesses (Credit Union Times) First Moscow-based security firm Kaspersky Lab revealed a cybercriminal gang raided up to 100 financial institutions internationally for an estimated $1 billion. Then, the San Diego based Identify Theft Resource Center said that as of March 4, there had been 14 breaches, including one credit union, affecting almost 400,000 records in the financial sector this year

Seven Data and Information Security Mistakes Even Smart Companies Make (IT Business Edge) Click through for seven common security mistakes even smart companies often make, as identified by Digital Guardian

DNS Names Provide Clue to Malware Communications, Researchers Find (eWeek) OpenDNS, which provides domain filtering and security services, finds the use of some domain names in malware infrastructure can be predicted

CSA introduces security frameworks for government cloud security (TechTarget) The Cloud Security Alliance's new frameworks for the European Union offer baseline security measures for government agencies worldwide deploying secure cloud services

CyberWar Game Simulates Healthcare Attacks (Forbes) Last week was rough for County West General Hospital. Its IT staff noticed almost immediately that the kickoff off round of FDA testing for a new drug from Bromley Weyland Pharmaceuticals appeared to be compromised

Globe And Mail rolls out SecureDrop and why other publications should (CSO) I have been a long time reader of the venerable Canadian publication, The Globe and Mail. This is a paper that continues to turn out great content despite the massive shift to online delivery which has seen an end to so many print publications

A few small steps for man, a giant leap for online security (Help Net Security) The online world is vast. Just follow these straightforward tips, which will make it harder for hackers, and keep you secure

Marketplace

"New era" of cyber crime leaves financial institutions uninsured (Insurance Business) After an international group of hackers managed to bypass customers and steal directly from banks, cyber insurance experts are warning that brokers have a renewed responsibility to work with underwriters to ensure all potential coverage gaps are filled

Akamai Bolsters Its Value Added Services With Acquisition Of Xerocole (Forbes) Content Delivery Network giant Akamai recently acquired Xerocole Inc., a Colorado-based Domain Name System technology company

Bulova Technologies Group, Inc., Announces Joint Venture to Enter the Cyber Security Market Place (Sys-Con Media) Bulova Technologies Group, Inc. (OTC: BTGI) (the "Company") today announced a Joint Venture with Blackford Technologies LLC and have formed Bulova Technologies Compliance and Security, LLC. Bulova Technologies will market the Enterprise Content Management Library ("ECM Library"©) and the companion K-3 Data Encryption© software to government agencies, banks, law firms and mid to large size businesses

Detectify picks up €1.5 million to hack your startup (Arctic Startup) Stockholm-based Detectify has been a fun company to follow. With a team of hackers (in both the startup and Hollywood sense) they've done everything from hacking Google, Facebook, Spotify, Klarna, and Stripe for bug bounty programs. Taking their ethical hacker knowledge mainstream, they've built a "get hacked as a service" tool for anyone to hack their own web service and see how their cyber security stacks up

Can great tech save cybersecurity startup from grim reaper? (Upstart Business Journal) PFP Cybersecurity, a new startup from Steven Chen, is talking with defense contractors whose aim is to secure their supply chain

Symantec split will occur on April 1st (IT Pro) Symantec will split its company into two separate storage and security organisations from April 1st, the company has confirmed

Leidos makes cyber divestiture (Washington Technology) Since January of 2014, Leidos has said it was looking to sell its Clouldshield Technologies business, and now 14 months later, it has found a buyer

Novetta puts up 'for sale' sign. What does it mean? (Washington Technology [subscription]) With Novetta Solutions hiring investment bankers to sell the company, we look at what the sale says about conditions in today's market

Pentagon Gets Authority To Hire 3,000 Cyber Pros (Nextgov via Defense One) The new rules give the military the power to fast-track new hires and staff up its fledgling Cyber Command

U.S. Military Cyber Commands Sweeten Bonuses, Deals to Retain Cyberwarriors (SIGNAL) Recruiting for a qualified military and civilian workforce for the U.S. Defense Department's cybersecurity mission has proven successful so far, but retaining the force remains to be seen, cyber commanders told Congress during a hearing

Closed-door Palantir event takes on women in cybersecurity problem (San Francisco Business Times) Women are widely known to be under-represented in the tech community. But it turns out, one particular segment of the industry, cybersecurity, is dramatically dominated by men, something Palantir hopes to change

Does Hollywood Have The Answer To The Security Skills Question? (Dark Reading) The Oscar-winning biopic about famed WWII cryptanalyst Alan Turing — the father of modern computing — was long overdue. But a lot more needs to be done to inspire the next generation of computer scientists

Roger Mason of Noblis Receives Wash100 Award for Leadership in Intell and National Security (GovConWire) Roger Mason, senior vice president for national security and intelligence at Noblis, has been named to this year's Wash100 list of the most influential leaders in GovCon for his leadership role in intelligence and national security

Research and Development

Google Tackles Quantum Computing's Hardest Problem: Errors (Wired) The promise of quantum computing is computers powerful enough to break the encryption techniques we now use to protect the world's data. But realizing that promise means, among other things, cracking a thorny paradox. A basic operation of any computer is checking for mistakes. But by the logic of quantum computing, the act of checking is itself likely to create an error

An Unhackable QR Code to Fight Bogus Chips (IEEE Spectrum) To combat the rising threat posed by counterfeit microchips, researchers from the University of Connecticut now suggest the QR codes often used in ads and signage could be made nearly impossible to hack for use in security

The EMBERS Project Can Predict the Future With Twitter (Newsweek) For the majority of Americans born after World War II, it is unlikely Arlington, Virginia, holds any special significance. But for those who know that the outcome of the war largely hinged on Imitation Game-style code-breaking, Arlington has a mystique as the epicenter of American military cryptanalysis

Cyber Attacks, Threats, and Vulnerabilities

France fingered as source of Syria-spying Babar malware (Register) Crack team of malware boffins think DGSE coded reconware

Security firm finds preinstalled malware on Xiaomi Mi 4 smartphone (Venture Beat) Data security firm Bluebox has discovered preinstalled malware and a host of other issues with a Xiaomi Mi 4 device the company tested. Scarier still, the phone seems to have been tampered with by an unidentified third party

From the Labs: New developments in Microsoft Office malware (Naked Security) In September 2014, we wrote about a resurgence in VBA malware

Dridex Banking Trojan Spreading Via Macros in XML Files (Threatpost) Not long ago, criminals pushing the Dridex banking Trojan were using Microsoft Excel documents spiked with a malicious macro as a phishing lure to entice victims to load the malware onto their machines

Cryptowall makes a comeback via malicious help files (Help Net Security) A new spam wave has hit hundreds of mailboxes with malicious .chm attachments to spread the infamous Cryptowall ransomware

What Happened to You, Asprox Botnet? (Internet Storm Center) Earlier this year, @Techhelplistcom reported the spam and landing site infrastructure used to spread Asprox malware switched to porn-related URLs. This started back in mid-January 2015, and I still haven't seen much about it in the open press. Since then, this infrastructure has continued spreading links to pornography or diet-related scams

How Malware Generates Mutex Names to Evade Detection (Internet Storm Center) Malicious software sometimes uses mutex objects to avoid infecting the system more than once, as well as to coordinate communications among its multiple components on the host. Incident responders can look for known mutex names to spot the presence of malware on the system. To evade detection, some malware avoids using a hardcoded name for its mutex, as is the case with the specimen discussed in this note

How Hackers Could Use A Nest Thermostat As An Entry Point Into Your Home (Forbes) Security researcher TrapX Security is showing off how hacking an internet-connected thermostat made by Google-owned Nest can be the jumping off point to gaining control of other devices in your home

Smart home or dumb security risk? (InfoWorld) Internet-connected devices are flooding into homes, but with convenience comes vulnerability

Islamic State takes to social media, has about 46K Twitter accounts (Ars Technica) ISIS supporters preferred tweeting with Android over iPhone and Blackberry

NSA warns not to 'feed' terrorist agenda (The Australian) The chief of America's powerful National Security Agency has warned social and traditional media outlets against "feeding" and "perpetuating" the agenda of radical terrorist groups such as Islamic State by publishing horrific images displaying their barbarity

Islamic State appears to be fraying from within (Washington Post) The Islamic State appears to be starting to fray from within, as dissent, defections and setbacks on the battlefield sap the group's strength and erode its aura of invincibility among those living under its despotic rule

Why Are Foreign Fighters Joining ISIS? (The Atlantic via Defense One) Foreign fighters participate in some of ISIS' 'worst acts,' but there isn't one clear explanation on why they join the battle in the first place

Boko Haram's pledge of allegiance to ISIL is a symptom of weakness, not strength (Quartz) The Islamic terrorist group Boko Haram has pledged allegiance to the Islamic State group this weekend, just hours after it set off five bombs in busy areas of Maiduguri, northeast Nigeria's largest city, killing 54 people and injuring 146, according to local authorities. Boko Haram leader Abubakar Shekau pledged allegiance to ISIL through a video shared on a Twitter account that has since been suspended.

Hackers in Butte credit union cyber attack claim ISIS affiliation (NBC Montana) The Southwest Montana Community Federal Credit Union was the target of a cyber attack Saturday by hackers claiming to be affiliated with ISIS

Update: The Shed restaurant's website running again after cyber-attack claimed by ISIS (Biloxi-Gulfport Sun-Herald) The Shed Barbeque & Blues Joint confirmed on Saturday its website was hacked by a group claiming to be ISIS. It took a web developer minutes to fix The Shed Barbeque & Blues Joint's website after a person or group claiming to be ISIS hacked it Saturday

Point-of-Sale Vendor NEXTEP Probes Breach (KrebsOnSecurity) NEXTEP Systems, a Troy, Mich.-based vendor of point-of-sale solutions for restaurants, corporate cafeterias, casinos, airports and other food service venues, was recently notified by law enforcement that some of its customer locations have been compromised in a potentially wide-ranging credit card breach, KrebsOnSecurity has learned

Mandarin Oriental eradicates malware from credit card systems (ZDNet) After admitting to a security breach, the luxury hotel chain has managed to remove malware discovered on systems related to customer financial data

N. Korea orchestrated cyber attack on Sony Pictures: Sankei Shimbun (Airirang News) A new report by a Japanese daily backs the U.S. claim that North Korea carried out last year's cyber attack on Sony Pictures. The Sankei Shimbun on Sunday reported a claim by a former officer of Pyongyang's Reconnaissance General Bureau, who said the bureau director, General Kim Yong-chol, orchestrated the attack

St. Mary's Reports Cyber Attack Affecting 4,400 People (Tristate) A cyber attack at a Tri-State hospital leaves thousands of local people potentially at risk. St. Mary's Health officials report a hacking attack has compromised the personal information of approximately 4,400 individuals

Feminist blog hit by DDoS attack on International Women's Day (We Live Security) Sunday March 8 was International Women's Day, celebrating women's achievements and contributions to society

Anatomy of a Hack (The Verge) A step-by-step account of an overnight digital heist

Academia

World's largest college cybersecurity competition held in SA (KSAT 12) Students duke it out against hackers

IT Digest: Siemens gives GWU a $30 million grant (Washington Post) George Washington University picked up a $30 million grant from Siemens, the German conglomerate that bases its U.S. headquarters in the District, to give engineering students access to the company's manufacturing software, the firm said last week

Post-graduate course in cyber security (Star Online) BAE Systems is further strengthening its long-term commitment to Malaysia by agreeing to fund a new post-graduate programme in Cyber Security at the National Defence University of Malaysia

Anti-bullying campaign kicks off in White Mountains middle, high schools (White Mountain Independent) Cellular One is teaming up with White Mountain Fire & Life Safety to launch an awareness campaign aimed at combating the potentially dangerous physical and emotional ramifications associated with teen bullying and cyber-bullying

Litigation, Investigation, and Enforcement

Group claiming links to Isis hacks small business websites (ComputerWeekly) The FBI is investigating the hacking of a number of small business websites in the US and Europe by people claiming to be affiliated with Islamic State (Isis)

Feds Indict Three in 2011 Epsilon Hack (KrebsOnSecurity) U.S. federal prosecutors in Atlanta today unsealed indictments against two Vietnamese men and a Canadian citizen in connection with what's being called "one of the largest reported data breaches in U.S. history." The government isn't naming the victims in this case, but all signs point to the 2011 hack of Texas-based email marketing giant Epsilon

U.K. National Crime Agency arrests 56 alleged cybercriminals in week-long operation (SC Magazine) British law enforcement arrested 56 people, including a man accused of hacking the U.S. Department of Defense (DoD), this past week in operations targeting alleged cybercrime perpetrators

Convicted Silk Road mastermind Ross Ulbricht demands trial do-over (Ars Technica) On trial's eve, prosecutors disclosed information of an "alternative perpetrator"

Snowden Intends to Ask for Political Asylum in Switzerland (Telesur) The NSA whistleblower, who has been living in Russia, recently revealed that he was willing to return to the U.S. if he could be given a fair trial

Design and Innovation

Robocall spotting contest launched by FTC (Naked Security) The US Federal Trade Commission (FTC) has launched a pair of competitions to stimulate research into technological approaches to the problem of robocalls

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Fraud Summit Chicago (Chicago, Illinois, USA, May 19, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Chicago event include the 2015 faces of fraud, science and insider fraud detection, EVM and pay card security, mobile banking risks and their mitigation, and threat information exchange

Fraud Summit Boston (Boston, Massachusetts, USA, June 10, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Highlights of the Boston event include the 2015 faces of fraud, science and insider fraud detection, EVM and pay card security, mobile banking risks and their mitigation, the deep web and fraud-as-a-service, and threat information exchange

Fraud Summit San Francisco (San Francisco, California, USA, September 15, 2015) ISMG's Fraud Summit is a one-day event focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges. Among the areas to be discussed are the fraud ecosystem, trends in consumer fraud awareness (what's working and what's not), and threat intelligence

upcoming Events

Financial Services Cyber Security Summit: Middle East and North Africa (Dubai, UAE, March 9 - 10, 2015) Building on the success and feedback of our Cyber Security Summit in Europe — 180 attendees, 3 streams, CPE certified — we are pleased to invite you to the Financial Services Cyber Security Summit MENA — a highly interactive experience sharing platform for top experts from banks, insurance companies, monetary organizations and government institutions, accountancy companies, consumer finance, investment funds, stock brokerages and more

The Vulnerability Economy: Zero-Days, Commerce and National Security (Rockville, Maryland, USA, March 10, 2015) Dr. Ryan Ellis (Belfer Center, Harvard University) will explore a series of topics around cybersecurity including the challenges and opportunities associated with the growing trade in previously unknown and undisclosed software vulnerabilities ("zero days"). Drawing from a real-world case study, Dr. Ellis investigates the tension between the development of offensive cyber capabilities and cybersecurity. The discussion considers different approaches to disclosing newly discovered vulnerabilities and highlights the key roles that government and industry can play in promoting enhanced cybersecurity

Cyber Security Opportunities in Japan, S. Korea and Taiwan Webinar (Online, March 10, 2015) Export.gov, of the US Department of Commerce, invites you to listen to experts from the Japan, South Korea and Taiwan and learn how to position your company for success in these countries. Learn about cyber security opportunities, gain insights into these significant Pacific Rim markets, and learn how to position your company for success

OISC: Ohio Information Security Conference (Dayton, Ohio, USA, March 11, 2015) Technology First invites you to participate in the 12th Annual Ohio Information Security Conference Wednesday, March 11, at the Sinclair Community College Ponitz Center in Dayton, Ohio. The conference will focus on three areas/tracks: management, technical and implementation. CEUs (7) are available for this event

RiSK Conference 2015 (Lasko, Slovenia, March 11 - 12, 2015) In recent years RISK conference has become one of the leading events on computer security in the Adriatic region and is attended by engineering as well as executive staff of companies from the region. Much has changed in the field of security and data protection in recent times. There are popular new technologies in the form of SaaS (Security as a Service) and services in a cloud (cloud computing), green computing, etc

B-Sides Vancouver (Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between

Insider Threat 2015 Summit (Monterey, California, USA, March 16 - 17, 2015) The Insider Threat 2015 Summit is about bringing Government and Industry organizations and their cybersecurity leaders together in order to better understand the type of threats that may impact their infrastructure and overall operations. Our two-day summit will provide insights on the most unique and thought provoking active defenses currently available for physical and personnel security, as well as, cyber threats. By supplying intelligent focus through tailored solutions our presenters and sponsors will be contributing to a forum to discuss ways to mitigate the risk of insider threats. This event allows for a truly unique opportunity to hear from experts in the field talk about their current and future solutions, giving way to an optimal setting for networking

2015 North Dakota Cyber Security Conference (Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges in cyber security. The vast scope of modern cyber threats calls for active participation from individuals and organizations across the state

IT Security Entrepreneurs Forum: Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 17 - 18, 2015) IT Security Entrepreneurs Forum (ITSEF) — SINET's flagship event — is designed to bridge the gap between the Federal Government and private industry. ITSEF provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment community in an open, collaborative environment focused on addressing the Cybersecurity challenge

Philadelphia SecureWorld (Philadelphia, Pennsylvania, USA, March 18 - 19, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry experts on many diverse topics such as: Risk Mitigation, Malware Detection, Digital Forensics, Cloud Security, Privacy, Big Data, PCI Compliance, Security Metrics, Encryption, Mobile Device Management, Incident Response, and much more. Keynote speakers will be Larry Ponemon (of the Ponemon Institute) and Christopher Pierson (General Counsel & Chief Security Officer, Viewpost)

2015 Cyber Security Summit (McLean, Virginia, USA, March 19, 2015) During Congressman Mike Rogers' "The Code War in America" talk at the June 2013 POC breakfast, he challenged all of us to "recognize that every day U.S. businesses are targeted by governments like China for exploitation and theft. This results in huge losses of valuable trade secrets and sensitive customer information. This rampant industrial espionage costs American jobs." Join us for our annual Cyber Summit where thought-leaders from across the public and private sectors who have real-world experience effectively managing large scale policies and programs will provide information and updates to the POC attendees