Republicans doxed. Fancy Bear no longer seems to care if it's caught behind the sockpuppets. New ransomware strain. Smart electrical relays vulnerable to hacking. St. Jude's claim against Muddy Waters et al.
news from the Seventh Annual Billington CyberSecurity Summt
We continue our coverage of the Seventh Annual Billington Cybersecurity Summit with a look at two of the presentations: FireEye's discussion of the current threat landscape, and a look from Israel at what a proper national cyber strategy ought to address.
We'll have more notes and reflections on the Billington CyberSecurity Summit tomorrow.
More emails from US political figures are leaked, this time from the Republican side of the aisle. Many of the emails are relatively recent. Those that have drawn the most attention are from former Secretary of State Colin Powell, who has unpleasant things to say about both Presidential nominees. The Republican National Committee says that, contrary to early reports, it was not itself hacked, but that various Republican operatives were.
(On doxing generally, it's striking that email, considered as a genre, almost never brings credit to its authors. There are doubtless many reasons that's so, but the topic awaits its Aristotle.)
DCLeaks posted the leaked emails. This site for several years has represented itself as the work of “American hacktivists who respect and appreciate freedom of speech, human rights and government of the people.” Most observers, however, call DCLeaks "Russia-connected." ThreatConnect says they're Fancy Bear. If so, this would be instance of what experts consider an increasing Russian cyber operations tempo, and an increasing indifference to detection.
The attack on the World Anti-Doping Agency is also seen as part of this trend. The attackers have even festooned their sites with images of bears.
US authorities have declined to attribute these incidents, and they've asked for public patience, but they've also said they intend to "impose costs" on those responsible.
Kaspersky reports that RAA ransomware has morphed into a newly threatening form. Businesses are advised to be wary.
Control's Unfettered Blog warns that intelligent ICS relays are demonstrably susceptible to hacking.
Notes.
Today's issue includes events affecting Australia, China, Russia, he United Kingdom, and United States.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today Joe Carrigan from our partners at the Johns Hopkins University will talk about device sharing. And our guest will be Tim Strazzere from SentinelOne, discussing an Android vulnerability he discovered. As always, if you enjoy the podcast, please consider giving it an iTunes review.
Washington, DC: the latest from the Billington Cybersecurity Summit
The Threat Landscape as Seen Through FireEye's Eyes (The CyberWire) FireEye gave its annual overview of the threat landscape for the summit. His big conclusion, shared by many, but with some interesting consequences, is that there are few risk or repercussions for cyber attacks, and the threat actors are increasingly aware of this. This is true of both criminal and state-sponsored attacks. Many countries afford criminals a safe harbor, and the criminals are emboldened by this
Elements of a National Cyber Security Strategy: the View from Israel (The CyberWire) A national cyber security strategy ought to have three key layers, Dr. Eviatar Matania, Head of Israel's National Cyber Directorate, said, "robustness, resilience, and national defense." The government plays a different role in each
Experts urge next president to go back to cyber basics (EnergyWire) The next U.S. president will be saddled with a long list of cybersecurity challenges, from tracking and deterring hackers to parrying threats posed by the fast-growing "internet of things"
DHS won't define election systems as critical before November (FedScoop) “This is not something we're looking to in the near future. This is a conversation we’re having in the long term with state and local government, who are responsible for voting infrastructure"
Cyber threat sharing is now a two way street between industry and government (Federal News Radio) One of the more controversial laws passed last year just hit a major milestone. Companies are now officially sharing their cyber threat data with the government
Can an automated defence network protect Britain from low-level threats? (Help Net Security) A recent Freedom of Information request found that the number of breaches reported to the ICO in the last 12 months has nearly doubled from the previous year, so something clearly had to be done
Cyber defence or more wishful thinking (Enterprise Times) The head of the National Cyber Security Centre has given his first major speech ahead of the NCSC launch in October. Ciaran Martin set out the goals for his department at the 7th Annual Billington CyberSecurity Summit in Washington. Many will question why he chose that forum for such an important speech rather than the UK
GCHQ wants to cook up ‘Great British Firewall' (Government Computing) Flagship project being mooted would provide automated defence with ISPs ‘blocking’ their customers from coming into contact with malware; current cyber defence "not, yet, good enough"
Britain's Spies Plan Firewall To Block Cyber Attacks (NDTV) Spy chiefs at Britain's intelligence and security organisation are planning building an ambitious nation-wide firewall to fight cyber attacks which have doubled in a year
Cyber Attacks, Threats, and Vulnerabilities
Powell emails were leaked on a site linked to the Russian government () Donald Trump is “a national disgrace and an international pariah” who gave voice to a “racist” movement to question President Obama’s citizenship, former secretary of state Colin L. Powell tapped on his keyboard
Emails show Colin Powell unloading on Clinton, Rumsfeld and Trump (Politico) And former Vice President Dick Cheney should 'go away already,' Condoleezza Rice writes back in one leaked document
RNC denies it was hacked (Politico) House Homeland Security Chairman Mike McCaul said that he “misspoke” Wednesday when he told CNN that Russian hackers had penetrated the computer systems of the Republican National Committee
Russian Hackers Get Bolder in Anti-Doping Agency Attack (Wired) Not so long ago, the world learned about Russian cyberespionage attacks only when embarrassed government officials admitted they’d discovered the hackers silently lurking in their systems. Today, the same intruders seem to announce themselves on Facebook, via Twitter, and even on their own website covered in bear-themed clip art and gifs
Whoever did this, U.S. says of latest hacks, we’re coming after you (McClatchy DC) Top White House and Justice Department officials asked for patience from the public Wednesday as they refused to say whether Russia or another nation may be behind a new series of headline-grabbing hacks affecting the realms of politics and sports
Nation States May Be Plotting Internet Takedown, Warns Cybersec Pro (Tech News World) Unknown attackers have been testing the defenses of companies that run critical parts of the Internet, possibly to figure out how to take them down, cybersecurity expert Bruce Schneier warned Tuesday
US official: Difficult to alter US elections through hacking (AP) President Barack Obama's homeland security adviser said Wednesday that it would be very hard for someone to hack into America's voting systems in a way that could alter an election outcome
Emerging Cyber Threats in Government (Federal News Radio) Commercial and government organizations are facing an ever complex set of emerging cyber threats. It’s not just phishing or denial of service types, but data exfiltration and intellectual property theft. And as Keith Alexander, the former head of the National Security Agency and U.S. Cyber Command has said many times over the years data disruption or the changing of information at its source is one of the scariest potential attacks that’s on the horizon
Cyber Command Leader: ISIS is 'Most Adaptive Target' Seen in 35 Years of Intel (OODA Loop) “The head of Cyber Command told senators on Tuesday that the Islamic State group is ‘the most adaptive target’ he’s seen during his time in the intelligence community. ‘ISIL remains the most adaptive target I’ve ever worked in 35 years as an intelligence professional,’ Adm. Michael Rogers told the Senate Armed Services Committee, using an alternative acronym for the group"
New RAA Ransomware Version Specially Modified To Target Businesses (Virus Guides) The Kaspersky Lab researchers reported that the RAA ransomware has been recently modified to particularly target businesses. The security vendor first spotted the notorious JScript ransomware in June this year and now they have stumbled across a new version of it
Even Google Search Suffers from XSS Flaws (Softpedia) Google to security researcher: Nice catch!
Demonstration of hacking a protective relay and taking control of a motor – the grid is at risk (Control: Unfettered Blog) Protective relays are critical to the operation of the electric grid and the protection of large electric equipment in many industries including electric, nuclear, manufacturing, etc. Protective relays were originally electro-mechanical switches but have progressed to complex networked digital devices with enormous computing capabilities making them intelligent electronic devices
Microsoft Patches Zero Day Flaw Used In Two Massive Malvertising Campaigns (Dark Reading) Bug gave attackers a way to identify and avoid systems belonging to security researchers and vendors, Proofpoint says
Amex users hit with phishing email offering anti-phishing protection (Help Net Security) American Express users are being actively targeted with phishing emails impersonating the company and advising users to create an “American Express Personal Safe Key” to improve the security of their accounts
Oklahoma election officials warn of email phishing scam (AP via News Channel 10) Oklahoma election officials say emails designed to look like communications from state or county election boards are being fraudulently sent to some Oklahoma voters
Cybercrime-as-a-Service Economy: Stronger Than Ever (BankInfo Security) Available now: DDoS on demand, Bitcoin tumblers, attack affiliates and more
Security Patches, Mitigations, and Software Updates
SAP Cyber Threat Intelligence report – September 2016 (ERPScan) The SAP threat landscape is always growing thus putting organizations of all sizes and industries at risk of cyberattacks. The idea behind SAP Cyber Threat Intelligence report is to provide an insight on the latest security threats and vulnerabilities
Apple joins the rush to kill off outdated crypto (FedScoop) Point-to-point tunneling protocol VPN connections, Secure Sockets Layer version 3 and the RC4 encryption suite have all been long regarded a broken by serious crypto types
Cyber Trends
Cyberattacks cost SMBs an average of $86,500 (Help Net Security) On average, a single cybersecurity incident now costs large businesses a total of $861,000. Meanwhile, SMBs pay an average of $86,500. To assess the state of the security landscape in the U.S. and across the world, Kaspersky Lab looked at the attitudes toward security, the cost of data breaches and the losses incurred from incidents
Study finds gamer cyber hygiene stinks (SC Magazine) As online gaming grows in popularity ESET researchers found that cybersecurity measures haven't kept pace as 36 percent gamers reported actively turning off security software if they found it was slowing down their computer
Don't get distracted by the shiny cyber machines (ZDNet) Threat intelligence, machine learning, and other buzzword techniques will be needed to improve our cyber defences, but don't throw out the older stuff
New Report Shows that One in Five Businesses Don’t Test for Security Vulnerabilities (Trustwave) Trustwave and Osterman Research survey reveals top trends in security testing and vulnerability management
Marketplace
Cyber attack fears push up hack insurance (City A.M.) Increasing fears over potential cyber attacks has pushed up the number of firms taking out hack insurance
EyeVerify snapped up by Ant Financial (IBS Intelligence) Alibaba’s FS offshoot, Ant Financial Services Group, has acquired US startup EyeVerify, the creator of mobile eye verification technology solution, Eyeprint ID, for $100 million
Cyber-ratings firm BitSight raises $40 million, GGV Capital leads round (Reuters) BitSight Technologies, a firm that sells cyber security ratings on businesses to insurers, said on Thursday that it has closed $40 million in series C funding, in a round led by GGV Capital
Symantec Corp. (SYMC) Sees Significant Growth in Short Interest (Cerbat Gem) Symantec Corp. (NASDAQ:SYMC) was the target of a significant growth in short interest during the month of August
Hack an iPhone to win $250,000 in Pwn2Own Hacking Contest from Trend Micro (Techworm) This new iteration of Pwn2Own mobile hacking contest targets iOS and Android
Cybersecurity Association of Maryland, Inc. Elects New Board Members (Cybersecurity Association of Maryland) The Cybersecurity Association of Maryland, Inc. (CAMI) board of directors announced today the election of five new members who will help CAMI position Maryland to capitalize on the tremendous growth expected in the cybersecurity sector, mobilize the state’s unmatched cybersecurity talent for exponential growth, and stake its claim as the birthplace of the industry
Symantec and HP Fortify Executives Join Contrast Security Leadership Team (PRNewswire) Mike Keating to helm Sales; Jack Marshall to lead Customer Success
Products, Services, and Solutions
Cylance Wins Top Honors from Frost & Sullivan for its Cybersecurity Solutions That Employ Complex Machine Learning Algorithms for Pre-execution Malware Blocking (PRNewswire) Cylance's solution does not require human intervention, Internet connectivity, or regular updates, making the company the preferred solution provider for customers across industries
Ayehu Adds Closed-Loop Cyber Security Incident Response With HPE Security ArcSight ESM Integration (MarketWired) Delivers immediate, reliable, real time incident response and resolution for security breaches
VIPRE® Offers Online Security Advice and Savings to Anyone Victimized by OPM Data Breach (PRNewswire) New report from Committee on Oversight and Government Reform chronicles vast security failures and underscores need for employees to proactively defend themselves
ImageWare Systems, Fortscale Security deliver behavior analytics-based biometric solution (Biometric Update) ImageWare Systems has partnered with Fortscale Security to deliver a combined solution that will leverage Fortscale’s user and entity behavior analytics (UEBA) with ImageWare Systems’ biometric platform to detect breached credentials
Processor Cores Feature Improved Security (EE Times) In the escalating war between developers and cybercriminals, processor design needs to continually evolve. In one such evolution, Synopsys has developed next-generation security processor cores with protections that go well beyond encryption.
Cryptzone to Unveil Integration with HPE Helion OpenStack at HPE Protect 2016 (Cryptzone) AppGate integration with HPE solutions improves security, streamlines operations and provides deep insight into user access activity
EclecticIQ Announces Bi-directional Threat Intelligence Integration with Real-time Feedback Loop for HPE Security ArcSight ESM (PRNewswire) Cyber Threat Intelligence needs to be fused with internal data, procedures and processes to help detect malicious behavior more quickly and proactively mitigate potential threats
Symantec forges new security product for SMBs (Telecompaper) Symantec introduced Symantec Endpoint Protection Cloud, a new platform for small and mid-sized businesses (SMBs) to protect them from targeted attacks and ransomware
Technologies, Techniques, and Standards
Monitoring employee activity should work 'like a heartbeat monitor' argues Forcepoint (Computing) But don't forget employee happiness, too
Agency Scorecards Important in Cybersecurity Budgeting, Feds Say (MeriTalk) Strategic plans and scorecards are essential to effectively budgeting their cybersecurity needs, agency officials said
LookingGlass Threat Intelligence-Driven Perspectives Featuring Gartner’s “Addressing the Cyber Kill Chain” Report (Yahoo! Finance) LookingGlass™ Cyber Solutions (“LookingGlass”), the leader in threat intelligence and dynamic threat defense, has released a new report featuring Gartner research which helps to identify methods that aid in moving security organizations to a more informed state of proactive security and risk operations
Improve SecOps by making collaboration easier (Help Net Security) There’s one word that we’ve consistently been hearing from information security pundits year after year: Collaboration
Research and Development
CyberArk Receives U.S. Technology Patent for Detecting Cyber Security Risks (CyberArk) CyberArk technology recognized as innovative for ability to detect privileged credential vulnerabilities
Academia
The NSA Is Using Bomb-Defusing Software to Grow the Next Generation of Analysts (Defense One) This year’s codebreaking contest has a twist: the college teams must remotely locate and neutralize a roadside bomb
CIC receives $4 Million U.S. Department of Homeland Security grant (ArkLaTex) The Cyber Innovation Center, headquartered in Bossier City, Louisiana, received a $4 million continuation grant from the U.S. Department of Homeland Security
Legislation, Policy, and Regulation
Obama to be urged to split cyberwar command from NSA (Washington Post via the Boston Globe) The Pentagon and intelligence community are expected to recommend soon to President Obama that he break up the joint leadership of the National Security Agency and US Cyber Command to create two distinct forces for electronic espionage and cyberwarfare
Why John McCain wants to block a status upgrade for Cyber Command (FedScoop) "I do not believe rushing to separate the 'dual hat' in the final months of an administration is appropriate," McCain said
FAS Website Blocked by US Cyber Command, Then Unblocked (FAS) For at least the past six months, and perhaps longer, the Federation of American Scientists website has been blocked by U.S. Cyber Command. This week it was unblocked
CYBERCOM’s Force Takes Shape (Air Force Magazine) US Cyber Command’s full cyber mission force is expected to reach initial operational capability by the end of the month, CYBERCOM chief Adm. Michael Rogers, told lawmakers Tuesday
Litigation, Investigation, and Law Enforcement
Activists Launch Campaign Urging Obama To Pardon Edward Snowden (NPR) Supporters of National Security Agency data leaker Edward Snowden launched a campaign Wednesday urging President Obama to pardon Snowden from a possible 30-year prison sentence. Snowden has been exiled in Russia since making off with a trove of NSA files in 2013, and he spoke from there via video link to his supporters Wednesday. The campaign coincides with the release of an Oliver Stone biopic titled, Snowden
What the U.S. Should Do With Edward Snowden (Daniel Miessler) Many people would like to see Edward Snowden come home, and there is significant controversy regarding how he should be treated by our government if that ever happens
St. Jude Medical, Inc., Plaintiff, vs. Muddy Waters Cosulting LLC [etc] Defendants (United States Court for the District of Minnesota) St. Jude Medical, Inc. brings this action for false statements, false advertising, conspiracy and the resultant manipulation of the public markets against defendants (i) Muddy Waters Consulting LLC and Muddy Waters Capital LLC, (ii) MedSec Holdings, Ltd. and MedSec LLC, (iii) Carson C. Block, (iv) Justine Bone and (v) Dr. Hemal M. Nayak (collectively the “Defendants” and each a “Defendant”). Defendants’ wrongful conduct conclusively demonstrates a total disregard for the patients whose lives depend on cardiac rhythm management devices and their conduct is indefensible
Free Speech vs. Costly Speech (Minnesota Litigator) Imagine intentionally alarming the public with fabricated dangers of a company’s life-saving medical devices in the hope that the company’s share price will fall and you will make massive profits by placing bets on the company’s falling share price
Palantir Claims Army Misled To Keep It Out of DCGS-A Program (Defense News) Palantir Technologies has mapped out in a motion filed with the US Court of Federal Claims what it believes are the Army’s repeated biased attempts to block the company from working with the service to test and integrate its technology into the force’s intelligence analysis framework
GOP congressman wants to know why FBI keeps releasing Clinton news on holidays (Washington Post) The FBI's decision not to pursue a criminal case against Hillary Clinton over her private email server did nothing to stop House Republicans from continuing to investigate it
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
SANS Security East 2017 (New Orleans, Louisiana, USA, Jan 9 - 14, 2017) Start the year off right by choosing from outstanding, cutting-edge courses presented by our top-rated instructors. SANS is looking forward to an exciting kickoff of 2017 with SANS Security East 2017 in the "Big Easy" in January. Now is the time to improve your information security skills and laissez les bons temps rouler!
SANS Las Vegas 2017 (Las Vegas, Nevada, USA, Jan 23 - 28, 2017) Attend SANS Las Vegas 2017, where SANS will provide outstanding courses in IT security, forensics, and security management presented by the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately.
SANS Dallas 2017 (Dallas, Texas, USA, Feb 27 - Mar 4, 2017) We are pleased to invite you to attend SANS Dallas 2017, on February 27- March 4 at The Westin Dallas Downtown, located in the heart of the city. We have selected several of our top information security courses to provide you with the training and certification that you need to boost your career by learning from the best! SANS instructors are industry professionals who will ensure that you not only learn the material, but that you will also be able to apply what you learn your first day back in the office.
SANS Automotive Cybersecurity Summit 2017 (Detroit, Michigan, USA, May 1 - 8, 2017) SANS will hold its inaugural Automotive Cybersecurity Summit to address the specific issues and challenges around securing automotive organizations and their products. Join us for a comprehensive look at automotive assembly, industry suppliers, embedded systems, and safeguarding extended customer and product data. The Summit will include two-days of in-depth presentations from top security experts and seasoned practitioners, hands-on learning exercises, and exclusive networking opportunities.
Upcoming Events
SANS Network Security 2016 (Las Vegas, Nevada, USA , Sep 10 - 16, 2016) We are pleased to invite you and your colleagues to attend SANS Network Security 2016 at the magnificent Caesars Palace, Las Vegas, on September 10-19. SANS Network Security is your annual networking opportunity! SANS will bring you the best in network security training, certification, and up-to-the-minute research on the most important topics in the industry today.
Hacker Halted 2016 (Atlanta, Georgia, USA, Sep 11 - 16, 2016) This year, Hacker Halted’s theme is the Cyber Butterfly Effect: When Small Mistakes Lead to Big Disasters. The goal of the conference is to bring the IT security community together to discuss how organizations are often compromised through the smallest of mistakes and how implementing effective changes can have ripple effects throughout all departments of an organization.
(ISC)² Security Congress (Orlando, Florida, USA, Sep 12 - 15, 2016) (ISC)² Security Congress offers attendees over 90 education sessions, designed to transcend all industry sectors, focus on current and emerging issues, best practices, and challenges facing cybersecurity leaders. As cyber threats and attacks continue to rise, the goal of (ISC)² Security Congress is to advance security leaders by arming them with the knowledge, tools, and expertise to protect their organizations.
Privacy. Security. Risk. 2016 (San Jose, California, USA, Sep 13 - 16, 2016) Innovative since Day 1, P.S.R. brings together two related fields—privacy and security—helping you see beyond your role in order to excel in your role. Because perspective is everything. Delivering the most thought-provoking speakers, sessions led by foremost experts and invaluable opportunities to connect and share ideas, P.S.R. gives you a world of new perspective.
ISS World Americas (Washington, DC, USA, Sep 13 - 15, 2016) ISS World America is the world's largest gathering of North American Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering and Sharing. ISS World Programs present the methodologies and tools for Law Enforcement, Public Safety and Government Intelligence Communities in the fight against drug trafficking, cyber money laundering, human trafficking, terrorism and other criminal activities conducted over today's Telecommunications networks, the Internet and Social Networks.
Insider Threat Program Development Training For NISPOM CC 2 with Legal Guidance (Germantown, Maryland, USA, Sep 14 - 15, 2016) Insider Threat Program Development Training for NISPOM CC 2 (Germantown, Maryland, September 14 - 15, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. The training will include "Legal Considerations & Guidance For Insider Threat Programs" (Privacy Concerns, User Activity Monitoring, Investigations, Etc.) - Provided By Co-Instructor Insider Threat Law - Licensed Attorney. Insider Threat Defense has trained over 400 organizations and has become the "leader-go to company" for insider threat program development training.
SecureWorld Detroit (Dearborn, Michigan, USA , Sep 14 - 15, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Insider Threat Program Development Training for NISPOM CC 2 (Milwaukee, Wisconsin, USA, Sep 19 - 20, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust insider threat program. Insider Threat Defense has trained over 350+ organizations and has become the "leader-go to company " for insider threat program development training.
4th ETSI/IQC Workshop on Quantum-Safe Cryptography (Toronto, Ontario, Canada, Sep 19 - 21, 2016) This three-day workshop brings together diverse players in the quantum-safe cybersecurity community to facilitate the knowledge exchange and collaboration required to transition cyber infrastructures and business practices to make them safe in an era with quantum computers. Attendees and presenters will include leaders from the fields of post-quantum (quantum resistant) cryptography, quantum key distribution (QKD), theoretical and commercial integration of cryptography and security tools, first-adopters of quantum-safe tools from industry and government, and members of standards bodies. Anyone interested in joining the growing community that is working to mitigate the quantum risk and creating quantum safe cryptosystems for the future should attend this workshop.
Cyber Physical Systems Summit (Newport News, Virginia, USA, Sep 20 - 22, 2016) On September 20-22, 2016 the Commonwealth will be hosting a Cyber and Physical Systems Summit. The three day event will consist of roundtable discussions, plenary and panel presentations across the intersection of cyber and three vectors – Autonomy, Physical Systems (Mfg), and Critical Infrastructure. Participants in the Summit will engage in conversations surrounding challenges, opportunities, threats, and the associated policy and budgetary implications.
hardwear.io Security Conference (The Hague, the Netherlands, Sep 20 - 23, 2016) hardwear.io Security Conference is a platform for hardware and security community where researchers showcase and discuss their innovative research on attacking and defending hardware. The objective of the conference revolves around four key concerns in hardware, firmware and related protocols i.e. backdoors, exploits, trust and attacks (BETA). hardwear.io is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper.
3rd Annual Senior Executive Cyber Security Conference: Navigating Today's Cyber Security Terrain (Baltimore, Maryland, USA, Sep 21, 2016) The Johns Hopkins University Information Security Institute and COMPASS Cyber Security are hosting the 3rd Annual Senior Executive Cyber Security Conference on Wednesday, September 21, from 8:30 a.m. – 4:00 p.m., on the Homewood campus of Johns Hopkins University. Hear from industry leaders on cyber security best practices and trends that will help you better secure your organization's data. This year's agenda examines the current cyber security landscape, threats, and challenges ahead for organizations and how senior leaders can work towards "shifting their data to being safe and secure."
New York Cyber Security Summit (New York, New York, USA, Sep 21, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Gigaom Change 2016 Leader's Summit (Austin, Texas, USA, Sep 21 - 23, 2016) Over an immersive 2.5 days, we will explore the current state-of-the-art technologies, how these are transforming industry, and why this all matters. You’ll emerge with a greater understanding of the exponential technological changes occurring around us, and the confidence to accelerate tangible next steps. Gigaom Change is designed to empower businesses of today to thrive in a world of tomorrow. Gigaom Change will focus on the seven most disruptive enterprise technologies that are widely known but little understood: Artificial Intelligence, Virtual Reality, Robotics, Nanotechnology, Cybersecurity, 3-D Printing, and Human-Machine Interface.
NYIT Annual Cybersecurity Conference (New York, New York, USA, Sep 22, 2016) Presented by NYIT School of Engineering and Computing Sciences, this conference brings together cyber experts from academia, business, and government to address: Cyber Defense Against Attacks–How Industry Is Addressing Evolving Threats; Information Currency and Blockchain Vulnerability; Cyber Physical Systems, Cyber Infrastructure, and the Internet of Things; Government Agencies' Strategies for Securing Cyberspace; Cyber Risks of Smart Transportation; and Accelerating Cyber Education and Career Paths.
GDPR Comprehensive 2016 (London, England, UK, Sep 22 - 23, 2016) The GDPR is now a reality. Are you prepared? We had an incredible response to the IAPP GDPR Comprehensive in Brussels and New York, where we prepared hundreds of privacy and data protection professionals for the implementation of the GPDR. Now we’re bringing the programme to London. Don’t miss this intensive, two-day guided tour of the GDPR with the industry’s most knowledgeable experts.
Cyber Security: How to Identify Risk and Act (Frankenmuth, Michigan, USA, Sep 26, 2016) Join us on 9/26/2016 for the PMI-MTC's annual project management PDD focusing on "Cyber Security: How to Identify Risk and Act." Earn 7 PDUs during the interactive sessions with well-known information security and project management experts. Featuring a keynote speaker from the FBI Detroit Cyber Task Force. Also featuring speakers from the Dow Chemical Company, UHY LLP, Ally Financial, CBI, and more.
CYBERSEC (Kraków, Poland, Sep 26 - 27, 2016) The CYBERSEC forum is the first of its kind in Poland and one of just a few regular public policy conferences in Europe devoted to the strategic issues of cyberspace and cybersecurity.The goal of the CYBERSEC conference is the formulation of practical recommendations that aim to increase resilience to cyber threats within specific economic sectors, states, and the EU as a whole.
Third Annual Women in Cyber Security Reception (Baltimore, Maryland, USA, Sep 27, 2016) The CyberWire is pleased to present the 3rd Annual Women in Cyber Security Reception in cooperation with our partner the Cybersecurity Association of Maryland (CAMI) on Tuesday, September 27, 2016, in Baltimore, MD - See more at: https://thecyberwire.com/events/s/3rd-annual-women-in-cyber-security-reception.html#sthash.Kgzd4dXp.dpuf
IP EXPO Nordic 2016 (Stockholm, Sweden, Sep 27 - 28, 2016) IP EXPO Nordic is part of Europe’s number ONE enterprise IT event series, designed for those looking to find out how the latest IT innovations can drive business growth and competitiveness. The event showcases brand new exclusive content and senior-level insights from across the industry, as well as unveiling the latest developments in IT. It covers everything you need to run a successful enterprise or organisation. Arrive with challenges, leave with solutions. IP EXPO Nordic 2016 incorporates six IT events under one roof – Cloud, Cyber Security, Networks and Infrastructure, Data Analytics, DevOps and Open Source. This year’s event will be the most comprehensive business-enhancing experience for those across the IT industry, including IT managers, CTOs, CDOs, network and storage engineers, CISOs, data analysts, developers and communications specialists.
SecureWorld Dallas (Plano, Texas, USA , Sep 27 - 28, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
escar Asia 2016 (Tokyon, Japan, Sep 28 - 30, 2016) Founded in 2003, escar has established itself as the premier forum for the discussion and exchange of ideas to identify and minimize threats to data and vehicles. Held in Europe, the US and now for the third time in Asia, escar provides a forum for collaboration among industry, academia and governments for in-vehicle cyber security.