DNC hack may be wider than thought (Russia remains the prime suspect). ISIS claims responsibility online for attack in Ansbach. Ransomware used in business competition?

Cyber Attacks, Threats, and Vulnerabilities

WikiLeaks leaks DNC emails, setting off political firestorm (Naked Security) On Friday, just days before the Democratic Convention in Philadelphia, WikiLeaks released nearly 20,000 emails that, it says, come from the accounts of Democratic National Committee (DNC) officials

New evidence suggests DNC hackers penetrated deeper than previously thought (Ars Technica) Consultant's Yahoo Mail suspected of being targeted by state-sponsored hackers

Sources: US officials warned DNC of hack months before the party acted (CNN) Federal investigators tried to warn the Democratic National Committee about a potential intrusion in their computer network months before the party moved to try to fix the problem, US officials briefed on the probe tell CNN

Moscow Brings Its Propaganda War to the United States (Foreign Policy) From Ukraine to Germany, Russia has been meddling with elections for years. Now it’s trying to destroy Hillary

FBI Suspects Russia Hacked DNC; U.S. Officials Say It Was to Elect Donald Trump (Daily Beast) Did the Russian government hack the DNC to bring down Hillary Clinton? That’s the view that’s quickly emerging inside American intelligence and law enforcement agencies

Cybersecurity Experts Say Russia Hacked the Democrats (Bloomberg) Is the Kremlin trying to throw the U.S. presidential election to Donald Trump? It sounds like something out of a spy novel. But many cybersecurity experts, as well as the Hillary Clinton campaign, are now saying the Russians are responsible for last month’s hack of the Democratic National Committee

WikiLeaks founder: ‘No proof’ Russians hacked DNC (Politico) There is no evidence that Russian actors are behind the hack of thousands of Democratic National Committee emails leaked to WikiLeaks last week, according to founder Julian Assange

Experts: Hard to prove Russians behind DNC hack (USA TODAY) Computer security researchers say it’s difficult to definitively say the cyber theft of files from the Democratic National Committee subsequently posted online by Wikileaks was the work of Russian hackers, as some media outlets have reported

The rush to blame Russia for the DNC email hack is premature (Guardian) There is some circumstantial evidence that the hack may have originated in Russia, but there are many questions that haven’t been resolved

Connecting the dots: How Russia benefits from the DNC email leak (Washington Post) The emails of Sony employees. Top-secret diplomatic cables. The addresses of married people who used a confidential dating service. Every time “secret” information is made public, the focus of attention is always, immediately, on the sensational details. The motives of the hacker, the leaker or the person in possession of the secret tapes are rarely examined. But what to do when that person has an ulterior motive quite far from “the public’s right to know”? And what if that person’s motive is to help throw an American election?

The One Thing Hillary Clinton and the DNC Don't Understand About Secure Email (Inc.) Why encrypted email is what Hillary, the DNC and business owners with sensitive information should be using

Trump, DNC, RNC Flunk Email Security Test (KrebsOnSecurity) Donald J. Trump has repeatedly bashed Sen. Hillary Clinton for handling classified documents on her private email server, suggesting that anyone who is so lax with email security isn’t fit to become president. But a closer look at the Web sites for each candidate shows that in contrast to hillaryclinton.com, donaldjtrump.com has failed to take full advantage of a free and open email security technology designed to stymie email spoofing and phishing attacks

Germany: ISIS Claims Responsibility for Attack in Bavaria (Military.com) A Syrian man whose asylum bid had been rejected in Germany recorded a cellphone video of himself pledging allegiance to the Islamic State group before he tried to get into an outdoor concert with a bomb-laden backpack. He was turned away and blew himself up outside a wine bar instead, injuring 15 people, authorities said Monday

Islamic State publishes video of suicide bomber in Germany (Washington Post) The Islamic State released on Tuesday a video of the purported suicide bomber who struck the southern city of Ansbach giving a pre-attack diatribe, prompting German authorities on Tuesday to intensify their investigation into his links with the extremist group

How one man could have owned all your Vine videos (and more) (Naked Security) A security researcher who goes by @avicoder just revealed a security bungle made earlier this year by Vine

Zepto Ransomware Packed into WSF Spam (ThreatTrack Security Labs) ThreatTrack Labs has recently observed a surge of spam containing a zip attachment with a WSF (Windows Scripting File) to deliver Zepto ransomware. This tactic is a change from the common JavaScript and macro documents being spammed previously

Ransomware Gang Claims Fortune 500 Company Hired Them to Hack the Competition (Motherboard) Ransomware—computer viruses that lock a victim’s files and demand a payment to get them back—has become so common that experts believe it’s now an “epidemic.” Security experts have always assumed that ransomware hackers are in it for the ransom. But a shocking claim made by one ransomware agent suggests there may be another motive: corporate sabotage

Health care organizations 114 times more likely to be ransomware victims than financial firms (CSO) Health care organizations were 114 times more likely to hit by ransomware

UAC bypass attack on Windows 10 allows malicious DLL loading (Help Net Security) Security researchers Matt Graeber and Matt Nelson have discovered a way to run a malicious DLL on Windows 10 without the User Account Control (UAC) springing into action and alerting users of the potential danger

Devices with Qualcomm modems safe from critical ASN.1 telecom flaw (CSO) The ASN.1 data parsing vulnerability exists in the baseband of Qualcomm modems, but cannot be exploited

Breaking PHP’s Garbage Collection and Unserialize (Evonide) Hey PHP, those variables look like garbage don’t you agree? No? Well look again

Security threats to watch out for at the 2016 Olympics (Avast! Blog) Athletes aren’t the only ones training for the Olympics, cybercriminals are also stepping up their game! Avast explains which threats you should watch out for!

Medical records data breach reported at Athens Orthopedic Clinic (Online Athens) Athens Orthopedic Clinic reported Monday it suffered a breach of its electronic medical records. The data accessed may include names, addresses, Social Security numbers, telephone numbers, and some medical data, according to a release from the clinic

Pornhub Hacked to Access Billions of Users' Information (Infosecurity Magazine) One of the largest adult websites, Pornhub, has been hacked, with the perps raking in $22,000 for the accomplishment

Security Patches, Mitigations, and Software Updates

Dell’s latest security patch addresses recently found vulnerability in company’s hardware (Windows Report) According to various reports from all over the web, Dell’s GMS has one vulnerability that could allow hackers to gain the full control over an affected PC. In case you’re not familiar with the GMS, its purpose is to give business and enterprise users the ability to control connected devices within an established, internal network

Excel refusing to open files? Blame the KB 3115322, 3115262 security updates (Infoworld) This month's monster security patch for Office breaks Excel when it tries to open HTML files, and it seems unlikely Microsoft will fix the problem

Who's to blame when Microsoft security updates go bad? (TechTarget) A bad Microsoft patch is not an uncommon event, but without the resources to test it adequately, what's an overworked IT staff supposed to do?

Amazon Silk browser removes Google’s default encryption (Help Net Security) Google’s good intentions of keeping searches made via its search engine protected through default encryption have been stymied by Amazon

Cyber Trends

Cyber Fight Requires Industry, Government Unity (WardsAuto) NHTSA Administrator Mark Rosekind says he understands the safety threat posed by hackers as automakers veer toward self-driving cars in the future, and he supports expanded collaboration between the industry and government to fight it

Cybersecurity Threat Arrives at Auto Industry’s Doorstep (WardsAuto) When Delphi Vice President and Chief Technology Officer Andrew Brown Jr. talks about the cybersecurity threat to connected and automated vehicles, he recalls a recent event hosted by the global parts supplier where hackers were invited to try their hands at breaking into a car remotely

Only a third of sensitive data stored in cloud-based applications is encrypted (Help Net Security) Despite the continued importance of cloud computing resources to organisations, companies are not adopting appropriate governance and security measures to protect sensitive data in the cloud, according to a new Ponemon Institute study that surveyed more than 3,400 IT and IT security practitioners worldwide

The future is a smarter world of dumber devices (TechCrunch) With smartphones in all of our pockets, it’s easy to laugh at Thomas Watson’s reputed remark that “there is a world market for about five computers.” But what if he was off by only four computers instead of four billion?

Machines v. hackers: Cybersecurity's artificial intelligence future (Christian Science Monitor Passcode) The US is short hundreds of thousands of information security professionals. But that gap is driving investments in artificial intelligence that may make armies of cybersecurity workers unnecessary

Marketplace

The hidden costs of a data breach (Journal of Accountancy) Much of the business discussion around cybersecurity relates to protection of key assets such as customer information and intellectual property, often after the news that another company has suffered a large data breach. While strengthening defenses against cyberattackers is important, companies also must be prepared to handle the reputational and financial hits that a cyber incident can produce for years down the road

Lloyd’s Has Potentially Large Exposure to Catastrophic Cyber Attack: Adsensa Review July 25, 2016 (Insurance Journal) A review of almost 400 reinsurance contracts underwritten at Lloyd’s of London has revealed potentially significant vulnerabilities and exposures if a catastrophic cyber attack should occur

GM’s Top Cyber Cop Ratchets Up Product Security (WardsAuto) After nearly nine months studying the most nefarious corners of cyberspace, General Motors executive Jeff Massimilla says, remarkably enough, he’s not having nightmares

Acalvio emerges from stealth with $17M to bring its deception-based cybersecurity system to market (TechCrunch) Acalvio Technologies, a new start-up stocked with cybersecurity veterans, is emerging from some two years of stealth with $17 million in combined series A and B funding and a security product which the team claims leapfrogs existing solutions

IBM SoftLayer Chief Reveals New Security Startup StackPath With $150 Million Already Raised (Forbes) Entrepreneur Lance Crosby is taking the coming out party for a stealth startup to a new extreme. His new startup, StackPath, publicly launched on Monday with attributes more typical of a veteran firm: 30,000 customers, three acquisitions already made and $150 million in investor funding

Now Is A Good Time To Buy IBM (Seeking Alpha) IBM has over 10% upside potential in the current market. Growth in IBM’s strategic imperatives will drive the stock price higher. IBM is a leading cloud technology investment. IBM’s interconnectivity in cloud and cognitive are giving it superior upside potential in technology. IBM’s dividend also makes it an even more attractive investment as yields fall

Swiss cyber security firms Wisekey, OpenLimit to merge (Telecompaper) Swiss cyber security companies Wisekey and OpenLimit have signed an MoU to merge their operations. Under the terms of the deal, OpenLimit would be merged with and into Wisekey, with Wisekey being the surviving entity. The signing of definitive agreements is subject to satisfactory reciprocal confirmatory due diligence, to be conducted over the next month, and other conditions as are customary

Armenia to deepen cooperation with Kaspersky Lab to improve its cyber security (ARKA Telecom) Members of the Armenian defense ministry’s Hi-Tech Cyber Security Center met Thursday with Eugene Kaspersky, a Russian cybersecurity expert and the CEO of Kaspersky Lab, the defense ministry’s press office reports

CACI Awarded Prime Position on $460 Million Multiple-Award Contract to Support U.S. Cyber Command (BusinessWire) Company offers innovative cyber mission support solutions

Belden Industrial Cyber Security Initiative Builds Momentum (BusinessWire) Belden Inc. (NYSE: BDC), a global leader in high quality, end-to-end signal transmission solutions for mission-critical applications, today announced the achievement of four strategic milestones of its industrial cyber security initiative over the first half of 2016. Together, these milestones demonstrate Belden’s commitment to the emerging industrial cyber security market and realization of its strategic vision for this market segment

Cylance Named One of the 2016 Best Places to Work in Orange County (PRNewswire) Cylance®, the company that is revolutionizing cybersecurity through the use of artificial intelligence to proactively prevent advanced persistent threats and malware, today announced that it has been named as one of the 2016 Best Places to Work in Orange County. The awards program was created in 2009 and is a project of the Orange County Business Journal and Best Companies Group

Digital Guardian Mourns the Passing of Chief Technology Officer, Salo Fajer (Sys-Con Media) Digital Guardian sadly announced today that Chief Technology Officer, Salo Fajer, died suddenly and unexpectedly on July 24, 2016. In response to this tragic event, the Company's Executive Team will meet to discuss the plan for succession to ensure the continuity of the Company's technology vision and direction

Products, Services, and Solutions

Databarracks launches Cyber-DRaaS to protect against ransomware (Realwire) Disaster recovery specialist Databarracks has launched a new DR service designed specifically to target cyber threats. Cyber-Disaster Recovery as a Service (Cyber-DRaaS) identifies cyber-attacks early and enables users to roll back to the last clean replication point in Databarracks’ secure DR environment

Try a password manager: how to get started with LastPass (Naked Security) A few days ago I wrote my plea to those of you who may still be on the fence about using a password manager. I hope I’ve convinced you to at least give it some serious thought. If you’re ready to give one a try, today I’ll introduce you one of the many available password managers out there

Dashlane brings an enterprise password management tool to mobile devices (TechCrunch) The popular password management utility Dashlane is going after the larger enterprise market today with the announcement of a new tool that will allow mobile employees to switch access between both their personal passwords, as well as those assigned to them by their workplace, in the company’s mobile app

Machine Learning Breaks Away From the Pack at the Gartner Security and Risk Summit (Cylance) A few weeks back, Cylance was granted the opportunity to participate in the annual Gartner Security and Risk Summit in Washington DC. For those who haven’t attended this event before, it’s the biggest analytical agency-led security show in the nation. There are two main things that make this show important to the industry. First, because Gartner places a heavy focus on end-user advisory, their four-hundred-plus educational sessions help buyers better understand the technological challenges they face on a daily basis. Second, the event showcases new and upcoming technology trends, discusses industry inflection points and suggests better solutions for real-world problems

Unisys Adds LogRhythm Security Intelligence Technology into Expanded Managed Security Services Offering (PRNewswire) Companies team to offer improved visibility and more efficient management of modern security threats for all Unisys Managed Security Services clients globally

Ransomware protection guarantee is offered by SentinelOne (Network World) $1,000 per machine hit by ransomware that SentinelOne misses or can’t undo the damage done by it

Yorkshire Building Society Group selects Unisys to secure customer data (Finextra) Unisys Corporation (NYSE: UIS) today announced that its UK subsidiary has been selected by Yorkshire Building Society Group (YBSG), the UK’s second largest building society, to provide its Unisys Stealth® data protection product to secure customer information and facilitate compliance with the new Payment Card Industry Data Security Standards (PCI DSS)

Technologies, Techniques, and Standards

NIST Prepares to Ban SMS-Based Two-Factor Authentication (Softpedia) Biometrics are gaining ground as an acceptable authentication method, but some conditions must be met

This group's new guide wants to prevent your car from being hacked (FedScoop) The guide represents a timely and concerted push by the auto industry to emphasize cybersecurity as more companies kick the tires on autonomous cars

CyberSecurity: The next Regulatory Frontier for Insurance (InsuranceNewsNet) Cybersecurity has emerged as one of the most critical issues facing government and industry alike. Recently we have seen an ongoing and almost daily presence of major cybersecurity events covering a wide swath of American businesses

Overview Of Encrypted Data (PDF Devices) Data commonly appears in plain text or clear text form. For a number of reasons, it sometimes becomes necessary to hide or disguise the data. During such circumstances, people choose to encrypt the information to protect it from hackers and other unauthorized users

Let's not forget that RegTech is also about cybersecurity (IT Brief) Regulatory Technology (RegTech) is becoming more of a tool to help organisations comply with automation and regulatory requirements, but Palo Alto Networks believes that they should be aware of how it will affect cybersecurity and the implications on business operations

Forget the tech, security is cultural (SC Magazine) Christian Matthies explores how agile security demands radical methods of trust and responsibility for all staff, emphasising the need for a holistic approach that makes security a consideration for everyone in the company

How do you forecast a coup? Don’t forget on-the-ground sources. (Washington Post) The coup attempt in Turkey came as a surprise to most observers. Turkey did not fit the statistical profile of a country at risk of a military takeover developed by groups such as the Early Warning Project. The economy and national institutions seemed in reasonable shape, at least in comparison with those of more fragile states where coups typically take place. Indeed, the Early Warning Project’s model indicated that Turkey had only a 2.5 percent chance of a coup

Research and Development

U.S. Lawmaker Pursues National Auto Cybersecurity Lab (WardsAuto) U.S. Sen. Gary Peters wants to establish a national laboratory for automotive cybersecurity, preferably in Detroit, to lift expertise in the field to fight off threats from potential hackers

Academia

Air Force Association's CyberPatriot Program Hosts First-Ever AFA CyberCamps in Collaboration with AT&T (PRNewswire) The Air Force Association's CyberPatriot program is hosting 83 AFA CyberCamps around the nation this summer, two of which will be hosted by AT&T

Legislation, Policy, and Regulation

In quest to punish coup plotters, Turkey squeezes out room for dissent (Washington Post) The room for dissent in Turkey had already been under threat. But in the wake of the failed military coup, the space in which political opponents could criticize the government has all but disappeared

State Dept.: No comment on possible Russian hack into DNC (Washington Examiner) The State Department on Monday declined to comment on whether it's in touch with Russian officials about the possibility that a Russia-based hacker broke into the Democratic National Committee's files

Retaliating for DNC hack poses political minefield (Politico) Obama administration officials are weighing whether they can use new legal authorities to punish those responsible for hacking into the emails of the Democratic National Committee. But any retaliation would carry a heavy political risk, including offering the appearance of trying to aid Hillary Clinton's campaign for president

DNC hack rattles U.S. effort to rein in Russia on Syria (Politico) The allegations that Russia was behind the DNC email intrusion feed mistrust among skeptics of Obama's attempts to strike a Syria deal

Edward Snowden weighs in on DNC leak (Politico) Edward Snowden knows a thing or two about leaks

White House to Issue New Policy for Cyberattack Responses (Wall Street Journal) Directive expected to clarify how government will coordinate response to breaches

Is your business still HIPAA complaint after the 2016 federal changes? (Help Net Security) The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) warned healthcare professionals and their business associates of its intention to launch a series of random HIPAA compliance audits throughout 2016. This announcement caused some panic among businesses unsure of their ability to pass a compliance review. Many organizations are unclear as to who’s bound by HIPAA compliance standards and what aspects of their business will be evaluated during an audit

Litigation, Investigation, and Law Enforcement

FBI investigating hack of Democratic party email (C|NET) The agency is looking into the WikiLeaks email dump that led to the resignation of the DNC Chairwoman Debbie Wasserman Schultz

German officials vow more checking of migrants after attacks (Yahoo! News) Top security officials in Germany called Tuesday for tougher security screening of asylum-seekers and also announced that more police officers will be hired following four attacks in the country in the span of a week — two of them claimed by the extremist Islamic State group

Munich Police Face Questions Over False Tweets During Shooting (Time) Officials tweeted there were multiple gunmen in different parts of the city. There weren't

Munich Shooter Spotlights Dark Net Gun Sales (Vocativ) A gunman who killed nine people in Germany on Friday likely bought his gun on the dark net, investigators have said

California Man Sentenced for Trying to Aid Islamic State (ABC News) A federal judge on Monday sentenced a California man to 15 years in prison for trying to join the Islamic State group in Syria, calling his conduct a serious threat to the U.S. and saying it was influenced by his abusive childhood and history of mental problems

Police ask for 3D prints of dead man’s fingers to unlock his phone (Naked Security) Police have requested a lab-rendered 3D set of replicated fingerprints from a dead man in order to attempt to unlock his phone and try to figure out who killed him

The Man Behind Bitcoin's $4.5 Million Ponzi Scheme Earns Lenient Sentence (Motherboard) Trendon Shavers, a 33 year old Texas man, was sentenced by Manhattan federal court by Judge Lewis A. Kaplan for his “High Yield Investment Program” called Bitcoin Savings & Trust. In addition to the prison sentence, the judge also ordered him to repay $1.23 million to 48 investors

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

SANS San Jose 2016 (San Jose, California, USA , Jul 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!

SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, Jul 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.

AfricaHackOn (Nairobi, Kenya, Jul 28 - 29, 2016) What began as a casual meet up for information security professionals has become one of the formidable forces in the profession. That group is the AfricaHackOn. Housed under its parent umbrella, Euclid Consultancy Ltd, AH as fondly known, has traversed all odds to becoming a leading venture in raising awareness on matters affecting cyber security and also grooming upcoming talent into the job market. We have been poised to becoming a one stop shop for talent and resources in a field greatly short staffed.

Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)

SANS Boston 2016 (Boston, Massachusetts, USA , Aug 1 - 6, 2016) SANS will be returning to Boston with an exceptional cyber security training lineup this August, including a special evening event hosted by Stephen Northcutt, where you'll get choose your favorite chowder! We are bringing our top courses and best instructors to make SANS Boston the perfect training event for you. You can't miss SANS comprehensive hands-on technical training from some of the best instructors in the industry.

Secure Bermuda 2016 (Bermuda, Aug 10, 2016) Industry-leading intelligence from expert cybersecurity thought leaders and innovators. In addition to human capital shortages, the Bermudian cybersecurity industry faces an uphill battle to keep up with the acceleration of Internet-connected technology. Join us on August 10th at the Hamilton Princess Hotel for Secure Bermuda 2016. In just one day, the event will provide essential intelligence that enables Bermudian technology leaders to drive their cybersecurity strategy forward. The conference covers today's cybersecurity trends and threats as well as those of the future, equipping delegates with the tools needed to cope in an increasingly complex landscape.

TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, Aug 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, Aug 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.

International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, Aug 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2016 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures and keynote speeches

2016 Information Assurance Symposium (Washington, DC, USA, Aug 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2016 IAS is expecting upwards of 2,000 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, five distinct tracts and panel discussions spanning over three days. It will also have a vendor expo where hundreds of exhibitors will display a wide variety of IA products, services and demonstrations. Exciting networking opportunities will be offered in the exhibit hall, all designed to enhance the IAS attendee experience.

Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

SANS Alaska 2016 (Anchorage, Alaska, USA, Aug 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.

CISO New Jersey (Hoboken, New Jersey, USA, Aug 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.

CyberTexas (San Antonio, Texas, USA, Aug 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.

Chicago Cyber Security Summit (Chicago, Illinois, USA, Aug 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.

Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, Aug 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.

CISO Toronto (Toronto, Ontario, Canada, Aug 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.