Doxers debate leak ethics. Motivation for DNC hack also debated. US sifts captured ISIS recruiting files. DPRK hacks ROK shoppers. Vendor and market entropy in criminal markets. Industry notes.
Some doxer soul-searching appears at week’s end. The large hacktivist dump of data about Turkey proved to include too much personal information. WikiLeaks’ release of DNC files has come under similar criticism. Some such criticism comes from NSA-leaker Edward Snowden, now resident in Moscow, who reprehends WikiLeaks’ “resistance to modest curation.” WikiLeaks tells Snowden he’s just angling for a pardon from prospective President Clinton; on the other hand, if you’ve lost Ed (who’s living in Russia) you’ve lost a lot of leakers.
The FBI is said to have warned the Clinton campaign of a possible compromise back in March, at about the same time the DNC realized someone was in its servers.
What the Russians (and the speculators are convinced it was the Russians) were after with the hacking remains under dispute. FireEye thinks it may have been a capability demonstration—they wanted to get caught and show the world the US could do nothing about it. CrowdStrike isn’t so sure—what intelligence service wants to be caught? And Taia Global’s Carr continues to point out the evidence’s circumstantial nature.
The US is sifting through captured intelligence—much of it in digital form—detailing ISIS recruiting efforts.
North Korea has stolen some ten million online shopping credentials, South Korean investigators report.
Researchers continue window-shopping in the Dark Web. Arizona State packages what it sees in a study of vendor and market entropy.
Security companies post mixed results in the market (but some see a threat-driven upside). FireEye buy-out rumors reappear.
Notes.
Today's issue includes events affecting China, Estonia, European Union, France, Germany, India, Democratic Peoples Republic of Korea, Republic of Korea, Kosovo, Latvia, Lithuania, Russia, Saudi Arabia, Turkey, United Arab Emirates, United Kingdom, and United States.
A note to our readers: We'll be at Black Hat this year, talking to people and keeping our ears open, as usual. You'll see coverage next week in our daily briefings, and you'll hear updates in our podcasts. In the meantime, we begin our coverage with some links to selected reading about the conference.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Jonathan Katz from our partners at the University of Maryland Cybersecurity Center (MC2) talks about post-quantum encryption. Our guest, Daniel Ennis, former NTOC Director at NSA, currently Executive Director of the University of Maryland Global initiative on Cyber, puts some flesh on the familiar bones of government, industry, and academic collaboration to address cyber threats. (If you enjoy the podcast, please consider giving it an iTunes review.)
Las Vegas: the latest from Black Hat
Anticipating Black Hat (Network World) Back to Vegas next week, big interest in anti-ransomware, endpoint security, security analytics, cloud and IoT security
Multiple Major Security Products Open To Big Vulns Via 'Hooking Engines' (Dark Reading) Black Hat USA talk will show how flawed implementation of hooking techniques are putting security and other software at risk
Cylance Scientists to Deliver Machine Learning and Reverse Engineering Sessions at Black Hat USA (PRNewswire) Reverse engineering tool "Ablation" will be made open source during the conference
Cyber Attacks, Threats, and Vulnerabilities
How 'Kind of Everything Went Wrong' With the Turkey Data Dump (Motherboard) Dumping hacked data can get real messy. Earlier this week, the Internet Archive removed several files uploaded by an activist after it was revealed they included vast amounts of personal information of Turkish citizens, including a database of most of the country's adult women
WikiLeaks' methods questioned by whistleblower Edward Snowden (CSO) The former NSA contractor wants WikiLeaks to curate information it releases
Intelligence trove provides details of Islamic State recruitment drive (Los Angeles Times) A large trove of captured Islamic State records and computer files has provided new details of the extremist group’s efforts to send terrorists into Europe, according to senior U.S. intelligence officials
Syria's Nusra Front says ending al Qaeda ties; U.S. fears for Aleppo (Reuters) Al Qaeda's powerful Syrian branch, the Nusra Front, announced on Thursday it was ending its relationship with the global jihadist network founded by Osama bin Laden, to remove a pretext used by world powers to attack Syrians
Islamic State says militant ‘soldiers’ carried out Normandy church attack (Washington Post) Two attackers backing the Islamic State — including one on a watch list — stormed a village church in northern France during Mass on Tuesday, taking hostages and slitting the throat of an 85-year-old priest before police commandos shot and killed the assailants, authorities said
Islamic State Threat in Europe Shifts (Wall Street Journal) Some U.S. officials see terror group benefitting from smaller attacks while continuing to plot
FBI warned Clinton campaign last spring of cyberattack (Yahoo! Tech) The FBI warned the Clinton campaign that it was a target of a cyberattack last March, just weeks before the Democratic National Committee discovered it had been penetrated by hackers it now believes were working for Russian intelligence, two sources who have been briefed on the matter told Yahoo News
Trump walks back email hack comments, but damage lingers (CNN) Donald Trump said Thursday that he was being sarcastic when he appeared to suggest that Russia should use espionage to find Hillary Clinton's deleted emails
Trump's hacking comment rattles the cybersecurity industry (PC World) Trump suggested that Russia should steal Hillary Clinton’s emails
What’s this whole email thing about, anyway? (TechCrunch) What do you know about the Clinton email scandal? If you’re anything like me, not much — yet! Let’s take a stroll into our political Swamp of Sadness where both parties are currently mired. One candidate became stuck there while trying to beat the dead horse of the Crooked Hillary meme and the other candidate is sinking simply because government email is just so damn crappy
Did Putin Try to Steal an American Election? (New York Times) Some foreign leaders settle for stealing billions of dollars. Russia’s president, Vladimir Putin, may have wanted to steal something even more valuable: an American presidential election
Russia Wanted to be Caught, Says Company Waging War on the DNC Hackers (Defense One) Pointing a finger at Russia is easy. Punishing them is hard. That’s why they hacked the DNC, according to the company that first named one of the key suspects
Can Facts Slow The DNC Breach Runaway Train? (Medium.com) “No, no! The adventures first, explanations take such a dreadful time.” (Lewis Carroll)
DNC Email Hack Reflects Growing Threat of Cyberwarfare Amongst U.S. Allies, Adversaries (Government Technology) The Goverment Accountability Office last year disclosed that there had been more than 67,000 intrusions in 2014 into computer systems belonging to 24 major federal agencies
North Korea makes Off with 10 Million e-Commerce Records (Infosecurity Magazine) South Korea has fingered North Korea as the actor behind a major data heist of online shopping credentials
Petya and Mischa For All Part II: They’re Here… (Cylance) The time has come to follow up on our previous analysis of the Petya and Mischa ransomware family. When we last left off, private ransomware distributor Janus Cybercrime Solutions had started opening up the platform by offering private stubs and support, in line with most ransomware as a service (RaaS) offerings
Locky Ransomware Ranks #1 on the Malware Threat List (Virus Guides) Proofpoint security firm reports that the Locky ransomware has been #1 malware threat in the second quarter of 2016
Moving past the ransomware hype to focus on real solutions (CSO) Andrew Hay shares powerful insights on the reality of ransomware, where it could lead, and what we need to do about it today
Ransomware Poses Potential Threat to Oil, Gas Cybersecurity (RigZone) The number of cyberattacks against global oil and gas industry’s industrial control systems (ICS) is expected to keep rising due to industry’s growing use of automation, Internet of Things (IoT) technologies and the increasingly unstable geopolitical environment
Hackers spreading Chthonic Zeus malware via 'legitimate' PayPal emails (Inquirer) Banking trojan spearheading campaign via PayPal money request feature
Long-running malvertising campaign infected thousands of computers per day (CSO) The AdGholas malvertising operation tricked ad networks and malware scanners using steganography
Massive AdGholas Malvertising Campaigns Use Steganography and File Whitelisting to Hide in Plain Sight (Proofpoint) Proofpoint researchers have discovered and analyzed a massive malvertising network operating since 2015. Run by a threat actor we designated as AdGholas and pulling in as many as 1 million client machines per day
Over 100 malicious campaigns tracked by Kaspersky Lab (Times of India) Russia-based software security company Kaspersky Lab on Thursday announced that its global research and analysis team has tracked 100-plus sophisticated malicious operations targeting commercial and government organisations in 85 countries
Cyber Hack Immunity - A Piped Dream? Cyber Attack on Department of Health in Hong Kong (Lexology) A recent possible hack of the Hong Kong Department of Health's (DH) record system in Hong Kong may affect 17,000 patients
Investigating the supply on 17 underground hacker markets (Help Net Security) Did you ever wonder what kind of malicious offerings can be found on dark web “hacker markets,” who sells them and how widely they are available?
Ist das Darknet ein Treffpunkt für Kriminelle? (Pressebox) G DATA erklärt das "versteckte Internet" und wer es wozu nutzt
Russia-based Deer[.]io identified as cybercrime hub linked to hacker behind LinkedIn breach (International Business Times) Deer[.]io is said to be hosting over 1,000 shops, most of which sell stolen products from compromised accounts
Would You Use This ATM? (KrebsOnSecurity) One basic tenet of computer security is this: If you can’t vouch for a networked thing’s physical security, you cannot also vouch for its cybersecurity. That’s because in most cases, networked things really aren’t designed to foil a skilled and determined attacker who can physically connect his own devices. So you can imagine my shock and horror seeing a Cisco switch and wireless antenna sitting exposed atop of an ATM out in front of a bustling grocery store in my hometown of Northern Virginia
Home of National Security Agency Says Pokémon Go Off Limits (Odenton-Severn Patch) Fort Meade officials warn Pokemon Go players not to come onto the post, home of the NSA, just to play the game. You can be searched
Cyber Trends
Cyber Experts Draw Line Between Active Defense, Illegal Hacking Back (Wall Street Journal) A panel of security experts cautioned companies against taking an offensive approach to cybersecurity
Securing the World-Sized Web (InfoRisk Today) Bruce Schneier on how IoT changes everything in security
IoT: A hacker’s dream come true? (Help Net Security) There’s a lot more to the web than the cat-video-laden sites we normally see. In fact, according to most sources, the web that we can typically get to via our browser of choice represents only a small fraction of what’s out there
A Day in the Life of an IT Pro: Hacked off with IoT (Infosecurity Magazine) Friends, Romans, fellow IT Pros, lend me your ears. It’s time to talk about Internet of Things (IoT) now, I know the topic of connected fridges and the like is often covered, but amid the cacophony of excited consumers is a warning – the impact of IoT on enterprise security could be monumental
Defining a Smart City's Security Architecture (InfoRisk Today) Webroot's Dufour on CISOs' role in securing known and unknown networks
Virtually all business cloud apps lack enterprise grade security (Help Net Security) Blue Coat Systems analyzed apps for their ability to provide compliance, data protection, security controls and more. Of the 15,000 apps analyzed, it was revealed that 99 percent do not provide sufficient security, compliance controls and features to effectively protect enterprise data in the cloud
Businesses need to protect data, not just devices (Help Net Security) As organizations embrace the digital transformation of their business, they are increasingly facing new security concerns. More companies are moving away from device-centric, platform-specific endpoint security technologies toward an approach that secures their applications and data everywhere
IT security experts struggle to measure ROI (IT Pro Portal) The majority of IT security experts actually struggle to measure the return on investment in security measures, Tenable Network Security says
Intel Security : La pénurie de talents en matière de cyber-sécurité accentue la vulnérabilité des entreprises et des Etats (Global Security) Intel Security, en partenariat avec l’institution CSIS (Center for Strategic and International Studies), publie une nouvelle étude internationale intitulée ‘Hacking the Skills Shortage’. Cette dernière porte sur la pénurie des compétences en matière de cyber-sécurité tant au niveau des entreprises que des pouvoirs publics. Elle révèle qu’une large majorité des entreprises IT (82 %) reconnaît souffrir d’une pénurie de profils compétents dans le domaine de la cyber-sécurité. Elles considèrent, à hauteur de 71 %, qu’une telle pénurie est directement responsable d’une part de leurs dégâts informatiques, car elle les expose davantage comme cible auprès des hackers
Marketplace
These businesses are booming thanks to Russian hackers (Washington Post) When the Democratic National Committee discovered in April that its computer networks had been hacked, leaders there did not just alert government intelligence. They called CrowdStrike, a 5-year-old cybersecurity firm that makes millions of dollars from mercenary work sold with a promise: "We Stop Breaches"
Fortinet Focuses On Improving Productivity, Slowing Headcount Growth As Sales Reorg Slow To Show Benefit (CRN) After undergoing a broad salesforce reorganization earlier this year, Fortinet executives said the company is “pleased” with the progress it’s made, but plans more changes as the full benefits of the shift were not yet fully realized
Fortinet (FTNT) Stock Tumbles on Downbeat Guidance (The Street) Fortinet (FTNT) stock is falling on Thursday afternoon after the company posted better-than-expected second quarter results, but provided soft guidance for the third quarter and full year
FireEye Stock Jumps on Takeover Speculation (Motley Fool) There's been no confirmation that a deal is in the works, but investors seem to think that the cybersecurity provider could be a target
FireEye Can Stop Cyber Crime But Not A Takeover (The Street) Cybersecurity products provider looks increasingly like the target of bigger tech enterprises
Cisco: 9-Year High And Still A Buy (Seeking Alpha) Cisco is near its 9-year intraday high, but still carries one of the highest dividend yields among Dow components. With an earnings report due in mid-August, we wanted to evaluate Cisco and determine if now was the time for dividend investors to take some profits. Our conclusion: Cisco’s combination of a high dividend, strong balance sheet, low valuation and understated outlook make it a strong play for dividend investors looking for value
Security FUD and malware outbreaks boost Sophos' coffers (Register) Targeting the 'underserved mid-market' pays off nicely
BAE Systems lifted by increased security spend (City A.M.) BAE Systems jumped in early morning trading, after the defence and aerospace group was boosted by increased security spending
LookingGlass Actively Recruits Partners For Cyber Guardian Network (Channel Partners) Security firm LookingGlass Cyber Solutions is launching its Cyber Guardian Network, an expansion/enhancement of its existing partner program
How to attract a board-level cybersecurity expert (CSO) Suzanne Vautrinot’s impressive cybersecurity experience has been in high demand since she retired from the U.S. Air Force in October 2013. As a major general and commander, she helped create the Department of Defense's U.S. Cyber Command and led the Air Force's IT and online battle group
Paladion Networks appoints ex Infosys's EdgeVerve COO Sunil Gupta as President and COO (India Infoline News Service) In this new role, Sunil is responsible for the business strategies and outcomes in MEA and India, and will direct all business units and delivery
Products, Services, and Solutions
Enterprises partnering with Bugcrowd to hunt down software bugs (Sotfware Development Times) Enterprises are teaming up with Bugcrowd, a crowdsourced security organization that helps fight back against the persistent hackers and vulnerabilities in software
How Does SentinelOne's Ransomware Guarantee Stack Up? (BankInfo Security) Protection: up to $1,000 per endpoint - subject to terms and conditions
Appmobi Launches World's First Real-Time Mobile App Cyber Attack Detection and Resolution Platform for IT Teams (Yahoo! Finance) Mobile security company, Appmobi (https://appmobi.com) today announced the launch of the Appmobi Protection Center, a first-of-its-kind complete mobile security solution that detects and resolves attacks at the app level
IOActive offers offensive security approach to risk assessment (Help Net Security) IOActive launched its Advisory Services practice, offering strategic security consulting that leverages IOActive’s testing and research expertise to help customers better align their security programs with business objectives
Mac security software gets 100% score in AV-Comparatives tests (IT-Wire) AV-Comparatives' latest testing of Mac security software gave all ten products a 100% score for malware protection
RiskIQ Launches Real-Time Security Intelligence Services to Predict Attacker's Next Move (BusinessWire) Empowers customers to fight back by detecting malicious activity as it appears on the Internet
CyberVista Announces Board Cybersecurity Literacy Program for Company Boards and Executives (Yahoo! Finance) Cybersecurity education and workforce development company CyberVista today announced the launch of their board and executive cyber literacy program, which aims to provide business leaders and corporate governance professionals with a comprehensive understanding of cyber issues that affect their organizations, as well as the tools to oversee and manage 21st century cyber risks
Technologies, Techniques, and Standards
Building an Effective Incident Response Plan (Infosecurity Magazine) When it comes to incident response and a company’s ability to manage a data breach, no organization can afford to be caught off guard. The effects of an uncontrolled and poorly managed data breach can be catastrophic to businesses of all sizes, not to mention the public relations nightmare and subsequent liability that can ensue when an organization drops the ball in the wake of a cyber-attack
Metrics Project May Help CISOs Measure Effectiveness Better (InfoRisk Today) ClubCISO's Phil Cracknell describes initiative and framework roadmap
Three Principles of an Effective Cybersecurity Strategy (InfoRisk Today) RSA CTO Zulfikar Ramzan siscusses visibility, identity and risk
Back to School: Dashlane Releases List of Top 10 Most Popular Kids' Websites with Safe Password Practices (PRNewswire) Dashlane has released a list of the top ten websites with safe password practices, just in time to help parents navigate online safety risks during the busy back-to-school season
What Learning to Lockpick Taught Me About Digital Security (Motherboard) Tucked in an alley behind an old church in downtown Toronto, there’s a makerspace called Site 3: Two stories crammed with workbenches, retro video game consoles, art projects, a mannequin, and an incinerating toilet that torches human poop, turning it to ashes. (Site 3 doesn’t have running water, although the toilet wasn’t working anyway when I visited)
Design and Innovation
Dark Patterns are designed to trick you (and they’re all over the Web) (Ars Technica) No, it's not only you—some user interfaces today intentionally want to confuse and enroll
Academia
White House celebrates cyber contests to attract young talent (FedScoop) A White House workshop highlighted the importance of cybersecurity contests to get students interested in the field
Legislation, Policy, and Regulation
European privacy advisor wants encryption without backdoors (Help Net Security) “The confidentiality of online communications by individuals and businesses is essential for the functioning of modern societies and economies. The EU rules designed to protect privacy in electronic communications need to reflect the world that exists today,” European Data Protection Supervisor (EDPS) Giovanni Buttarelli opined after reviewing a new proposal on the ePrivacy Directive
Brits fear Snooper's Charter powers that already exist (IT Pro) General public unaware of existing police powers to spy on the public
With Army in Disarray, a Pillar of Modern Turkey Lies Broken (New York Times) As a rebel faction of Turkey’s military began a violent attempt to topple the elected government, the country’s top officer, Gen. Hulusi Akar, was held at gunpoint in his office in the capital and told for the first time about what was happening
Cybersecurity in Saudi Arabia Calls for Clear Strategies (Frontera) When it comes to cyberattacks, Saudi Arabia is the most targeted country in the Middle East. While the Kingdom’s cybersecurity is improving, clear national strategies, policies, and legal frameworks are absent
Using a VPN to access blocked services in the UAE can cost you $545,000 (The Next Web) Want to make half a million dollars disappear in no time? Try using a VPN in the UAE and the government will fine you that amount right quick
British Spies Used a URL Shortener to Honeypot Arab Spring Dissidents (Motherboard) A shadowy unit of the British intelligence agency GCHQ tried to influence online activists during the 2009 Iranian presidential election protests and the 2011 democratic uprisings largely known as the Arab Spring, as new evidence gathered from documents leaked by Edward Snowden shows
After tonight, Hillary Clinton and Donald Trump can get classified intelligence briefings (Los Angeles Times) Hillary Clinton and Donald Trump can be given classified intelligence briefings now that they are the Democratic and Republican presidential nominees, the top U.S. intelligence official said Thursday, despite calls from party leaders to limit the other candidate's access to national security secrets
Industry Supports White House Cyber Directive (MeriTalk) The Presidential Directive that defined roles and responsibilities of Federal agencies in the event of a cyber incident is being applauded as a step in the right direction by private sector cybersecurity companies
New Federal Cybersecurity Strategy Aims to Reverse Growing Work Force Shortage (SIGNAL) Government must boost salaries, change motivational messaging and seek eccentric talent, expert says
The Situation Report: DHS Cyber Reorganization Gains Support (MeriTalk) The Department of Homeland Security’s long-standing plans to reorganize the National Protection Programs Directorate (NPPD) to better deal with the growing threat of cyberattacks on national critical infrastructure may have received the boost it needed this week to obtain congressional approval
Litigation, Investigation, and Law Enforcement
Exclusive: FBI probes hacking of Democratic congressional group - sources (Reuters) The FBI is investigating a cyber attack against another U.S. Democratic Party group, which may be related to an earlier hack against the Democratic National Committee, four people familiar with the matter told Reuters
It’s Not Over: FBI Reportedly Investigating Cyber Attack At DCCC (Talking Points Memo) Days after damaging hacked information from the Democratic National Committee was published online, leading to the resignation of its chair, Reuters reported Thursday that the FBI was investigating a cyber intrusion at the Democratic Congressional Campaign Committee
Turkey has intelligence cleric Gulen could flee United States: justice minister (Reuters) Turkey is receiving intelligence that the Muslim cleric it blames for orchestrating a coup attempt this month could flee his residence in the United States, Justice Minister Bekir Bozdag said on Thursday
Cleric's Kosovo Arrest Puts Iran's Balkan Activities Under Spotlight (Radio Free Europe/Radio Liberty) Iran's promotion of its brand of Shi'ite Islam across the Middle East has been obvious for decades, but such activities in Europe largely managed to fly under the radar
'It's Been Harrowing': Alleged Hacker Lauri Love Awaits Extradition Decision (Motherboard) Early in the evening of 25 October 2013, a man dressed as a UPS delivery guy arrived at Lauri Love's family home in Suffolk holding a box. When Love's mum answered the door, she was told that only her son could sign for the delivery. She called him downstairs, and when he emerged wearing his dressing gown, he was told that the man was in fact an officer of the National Crime Agency, and that he was being arrested on suspicion of hacking into a long list of systems, including those controlled by the US Federal Reserve, NASA, and the FBI. Love asked if he still got to keep the box
Get Transcript IRS fraud lands married couple in prison (Graham Cluley) Pair laundered over $1.5 million after filing fake tax returns
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
CyberMaryland 2016 (Baltimore, Maryland, USA, Oct 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cyber Security.
Upcoming Events
SANS San Jose 2016 (San Jose, California, USA , Jul 25 - 30, 2016) Information security training is coming to Silicon Valley from SANS Institute, the global leader in information security training. At SANS San Jose 2016, July 25-30, 2016, choose from 7 hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. We will see you at The Westin San Jose, located in the heart of downtown San Jose. Now is the time to improve your information security skills. SANS San Jose 2016 features comprehensive hands-on technical training from some of the best instructors in the industry and includes several courses that will prepare you or your technical staff for DoD 8570 and GIAC approved certification exams. Start making your plans to attend now!
SANS ICS Security Summit & Training — Houston 2016 (Houston, Texas, USA, Jul 25 - 30, 2016) SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is turning ICS cybersecurity around by equipping both security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology. Register now for these ICS skills based courses.
Black Hat USA (Las Vegas, Nevada, USA, Aug 1 - 6, 2015) Black Hat — built by and for the global InfoSec community — returns to Las Vegas for its 18th year. This six day event begins with four days of intense Trainings for security practitioners of all levels (August 1-4) followed by the two-day main event including over 100 independently selected Briefings, Business Hall, Arsenal, Pwnie Awards, and more (August 5-6)
SANS Boston 2016 (Boston, Massachusetts, USA , Aug 1 - 6, 2016) SANS will be returning to Boston with an exceptional cyber security training lineup this August, including a special evening event hosted by Stephen Northcutt, where you'll get choose your favorite chowder! We are bringing our top courses and best instructors to make SANS Boston the perfect training event for you. You can't miss SANS comprehensive hands-on technical training from some of the best instructors in the industry.
Secure Bermuda 2016 (Bermuda, Aug 10, 2016) Industry-leading intelligence from expert cybersecurity thought leaders and innovators. In addition to human capital shortages, the Bermudian cybersecurity industry faces an uphill battle to keep up with the acceleration of Internet-connected technology. Join us on August 10th at the Hamilton Princess Hotel for Secure Bermuda 2016. In just one day, the event will provide essential intelligence that enables Bermudian technology leaders to drive their cybersecurity strategy forward. The conference covers today's cybersecurity trends and threats as well as those of the future, equipping delegates with the tools needed to cope in an increasingly complex landscape.
TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, Aug 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
TECHEXPO Top Secret Polygraph-Only Hiring Event (Baltimore, Maryland, USA, Aug 10, 2016) Polygraph-Tested Professionals are invited to interview for new career opportunities on Wednesday, August 10 at the BWI Marriott in Baltimore, MD. A CI or Full Scope Polygraph is Required to Attend. Hot job opportunities are available in Cyber Security, Intelligence, Defense and IT. Hiring managers will be onsite to fill critical open positions.
International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, Aug 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2016 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures and keynote speeches
2016 Information Assurance Symposium (Washington, DC, USA, Aug 16 - 18, 2016) The Information Assurance Symposium is the premier IA event at which leaders and practitioners share vital information and provide direction and best practices to meet today’s challenges in IA and the cyber environment. The classification of the event is UNCLASSIFIED//FOR OFFICIAL USE ONLY. The 2016 IAS is expecting upwards of 2,000 attendees and will provide an excellent opportunity to learn and network with leading information assurance and cyber security professionals, subject matter experts and solution providers from throughout Government, industry and academia. The Information Assurance Symposium will include a variety of keynote sessions, five distinct tracts and panel discussions spanning over three days. It will also have a vendor expo where hundreds of exhibitors will display a wide variety of IA products, services and demonstrations. Exciting networking opportunities will be offered in the exhibit hall, all designed to enhance the IAS attendee experience.
Insider Threat Program Development Training (Washington, DC, USA, Mar 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training
SANS Alaska 2016 (Anchorage, Alaska, USA, Aug 22 - 27, 2016) SANS is bringing our renowned security training to Alaska! Join us in August for a week of hands-on training and compelling bonus sessions while taking in breathtaking views and experiencing the great Alaskan wilderness. SANS Alaska will feature two hands-on, immersion-style security training courses taught by real-world practitioners August 22-27, 2016 in Anchorage.
CISO New Jersey (Hoboken, New Jersey, USA, Aug 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.
CyberTexas (San Antonio, Texas, USA, Aug 23 - 24, 2016) CyberTexas was established to provide expanded access to security developments and resources located in Texas; provide an ongoing platform for the education and skill development of cyber professionals & job creation; build strong relationships with other U.S. and International geographies focused on cyber ecosystem development; bring national and international resources to the region to showcase Texas-based cyber assets; identify and encourage business opportunities within and outside of Texas; and create long-term value for the cyber security ecosystem of San Antonio and the State of Texas.
Chicago Cyber Security Summit (Chicago, Illinois, USA, Aug 25, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Air Force Information Technology and Cyberpower Conference 2016 (Montgomery, Alabama, USA, Aug 29 - 31, 2016) America is faced with a national emergency in cyberspace. US national security, economic vitality, financial stability and foreign policy are being eroded. Increasingly prevalent and severe malicious cyber activities are being directed against the DOD, USG, Private-Sector, Critical Infrastructure and Key Resource operators, Academia and Civil Society. USG industrial-aged thought, processes, and organizational relationship are not fostering “success” against decentralized, digital-age threat actors. An information-age solution is needed. Private-public dialogue is integral to building a new paradigm in which digital platforms are secure, and the nation is defended in a domain. Building bridges between government and the private sector is essential for victory. This conference will promote a national dialogue between the US Air Force, commercial businesses, academia and civil society to generate “whole of nation” strategies and processes aimed at overcoming challenges and ambiguities of an increasingly digital world.
CISO Toronto (Toronto, Ontario, Canada, Aug 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends.