RoK defense network attacked. Hackers said to "probe" US voting systems. IoT botnet source code released. "DressCode" malware afflicts Android devices. Industry notes. SEC urged to make an example of Yahoo!
The Republic of Korea is investigating an intrusion into one of its military command networks. No attribution, yet, although a priori speculation naturally turns toward Pyongyang.
US state election officials continue to worry about vote hacking. The Department of Homeland Security warns that potential attackers have been scanning state election systems, and it invites the states to seek Federal assistance in securing the vote.
Newsweek sustained a DDoS outage Thursday. Many at the publication regard it as retaliation for an unfavorable article on US presidential candidate Trump; they point to circumstantial evidence of Russian involvement.
The Internet-of-things grows in attractiveness to cybercriminals, who notice the effect IoT botnets have had over the last two weeks in attacks against OVH and KrebsOnSecurity. The source code, "Mirai," used to herd the bots used for distributed denial-of-service against KrebsOnSecurity was released in an underground forum over the weekend.
"DressCode" malware is circulating in the wild, with malicious apps offered in Google's Play Store thought particularly worrisome. DressCode can be used by attackers to pivot from an infected Android device into an enterprise network.
In industry news, Tanium is reported to be preparing an IPO, possibly in six months. The UK financial press says DarkTrace is also mulling a public offering. Expressing strong commitment to its Forcepoint unit, Raytheon continues to buck the trend of big defense integrators exiting the commercial cyber security market.
Some US Senators urge the Securities and Exchange Commission to make Yahoo! the test case of SEC breach disclosure rules.
Notes.
Today's issue includes events affecting Brazil, European Union, India, Iraq, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Lithuania, Sweden, Syria, Turkey, United Kingdom, and United States.
A note to our readers: This week we're attending the 2016 annual meeting of the Association of the United States Army. We'll be providing tweets and full coverage from the cyber-relevant portions of the three-day event. We're also spending some time with our colleagues from the Military Cyber Professionals Association.
It's also National Cyber Security Awareness Month in the United States. The theme for the first week is "STOP. THINK. CONNECT.™: The Basic Steps to Online Safety and Security."
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at the University of Maryland--Jonathan Katz will describe asymmetrical and dual encryption. If you enjoy the podcast, we invite you to consider giving it an iTunes review.
Cyber Attacks, Threats, and Vulnerabilities
South Korea's Military Cyber Command Suffers Embarrassing Hack (Softpedia) For now, nobody's pointing fingers at North Korea
South Korea says their military cyber command was hacked (HackRead) South Korea says their military cyber command was hacked with a malicious code – usual culprit: North Korea
Department of Homeland Security: Hackers are probing voting systems (C|Net) The DHS says hackers have been scanning state election systems, and it urges officials to seek federal assistance on security
DHS urges states to beef up election security (The HIll) The Department of Homeland Security on Saturday urged state election officials to seek assistance in boosting cyber security ahead of November's elections, after hackers tapped into voter registration systems in a small number of states
Cyberattack threatens U.S. voting (Boston Herald) Tech expert: Machines vulnerable
Did attackers take down Newsweek because of an anti-Trump story? (Ars Technica) Reporter tweeted Friday: “Lots of IP addresses involved. Main ones from Russia"
‘Shadow Brokers’ Whine That Nobody Is Buying Their Hacked NSA Files (Motherboard) The hacking group responsible for stealing a large cache of National Security Agency hacking tools is very upset that no one seems to be bidding on their pilfered files
Turkish Organizations Exploited in Terror Finance Scheme (Flashpoint) New evidence supports allegations that jihadists are exploiting Turkish organizations to launder donations to armed groups involved in the Syrian civil war
Pentagon Paid for Fake ‘Al Qaeda’ Videos (Daily Beast) A controversial foreign PR firm known for representing unsavory characters was paid millions by the Pentagon to create fake terrorist videos
Should we deny ISIL the oxygen of publicity? (Medium) At the start of the week, an important discussion took place — and I don’t mean the first of the US presidential debates. In London, senior journalists and news managers from major media outlets in three European countries conducted a sober debate on the reporting of terror
Hacker Linked to Myspace, LinkedIn Dumps Hacks Competitor (Motherboard) The digital underground is full of fragile alliances, backstabbing, and full-blown rivalries. On Sunday, Peace, a hacker linked to the Myspace and other large scale data breaches, compromised the site of another hacker, allegedly in response to scamming
Source Code for IoT Botnet ‘Mirai’ Released (KrebsOnSecurity) The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices
Hacker Releases Code That Powered Record-Breaking Botnet Attack (Motherboard) It’s only been a few weeks since hackers hijacked more than 1 million Internet of Things devices to launch a record-breaking Distributed Denial of Service (DDoS) attack against the website of cybersecurity reporter Brian Krebs
Why the internet of things is the new magic ingredient for cyber criminals (Guardian) The massive attack on Brian Krebs’s website presents huge problems for investigative reporters
Malicious 'DressCode' Malware Now Spreading Across App Stores (TechTimes) Google Play offers a myriad of great apps, but some infected ones bypass the vetting process and end up infecting the mobile devices of Android users
Android malware that can infiltrate corporate networks is spreading (CSO) DressCode has been found circulating in at least 3,000 Trojanized apps
DefecTor: DNS-enhanced correlation attacks against Tor users (Help Net Security) A group of researchers from Princeton University, Karlstad University and KTH Royal Institute of Technology have devised two new correlation attacks that can be leveraged to deanonymize Tor users
Ransomware spreads through weak remote desktop credentials (CSO) A new ransomware program in Brazil uses RDP brute-force attacks to infect hospitals
New Lockscreen Ransomware Targeting Android Devices (HackRead) Symantec Security claims Android Lockscreen ransomware using pseydorandom passcode to ensure victim pays the ransom
Ransomware Attack On State Govt Dept Raises Concerns (InfoRisk Today) Ransomware infection at Kerala State Forest Department systems a sign of things to come?
Major Smartphones Are Vulnerable To Hacking Threat Called “Video Jacking” (Plugin Europe) iPhones and Android smartphones vulnerable to new “video jacking” through free charging stations
How to Throw a Tantrum in One Blog Post (Medium) The systemd team has recently patched a local denial of service vulnerability affecting the notification socket, which is designed to be used for daemons to report their lifecycle and health information. Some people have used this as an opportunity to throw a fresh tantrum about systemd
Space Wars Will Be Fought With Hacks, Not Missiles (Motherboard) On Monday morning, a number of professionals in the aerospace industry received a rather mundane email containing a PDF ostensibly about the future of Russian aerospace programs, but which actually contained a ‘Komplex’ trojan
Security Patches, Mitigations, and Software Updates
Firefox blocks websites with vulnerable encryption keys (CSO) Users will receive an error when trying to access web servers that use weak Diffie-Hellman key exchange with weak keys
Cyber Trends
Vint Cerf: Modern Media Is Made for Forgetting (Motherboard) Vint Cerf, the living legend largely responsible for the development of the Internet protocol suite, has some concerns about history. In his current column for the Communications of the ACM, Cerf worries about the decreasing longevity of our media, and, thus, about our ability as a civilization to self-document—to have a historical record that one day far in the future might be remarked upon and learned from. Magnetic films do not quite have the staying power as clay tablets
'We're going backward!' (Communications of the ACM) In caves in Lascaux, France, magnificent artworks were discovered from 17,300 years ago. Cuneiform clay tablets written over 5,000 years ago are still readable today (if you happen to know Akkadian, Eblaite, Elamite, Hattic, Hittite, Hurrian, Luwian, Sumerian, Urartian, or Old Persian). Egyptian hieroglyphic writing was more or less contemporary with cuneiform and papyrus manuscripts dating from about 4,600 years ago have survived. The Greeks and the Romans carved letters in stone and these are still eminently readable over 2,000 years later
Digital disruptors demand a new approach to IT (Help Net Security) Digital disruptors such as algorithms, artificial intelligence (AI), bots and chatbots are already transforming businesses. Gartner expects that algorithmic business will create even greater levels of disruption and new industries. To support the new capabilities and business models of digital and algorithmic business, CIOs must design and deploy their digital business technology platform
You might be surprised to learn who’s collecting your data (TechCrunch) Every company is a digital company, from the biggest tech companies to the neighborhood corner store. A large ecosystem of partners and suppliers enables those companies to provide the services they do. And then there’s the customer, who is seeing more and more of their life become digital
Marketplace
Forecasting Yahoo's Foggy Fate (Fortune) Clouds loom over the Verizon deal
Billion-dollar cyber security start-up Tanium to float (Financial Times) Tanium, a US security start-up last valued at $3.5bn, is set to start working on a flotation on the US stock market in the next six months, despite the volatility of the market in public cyber security companies
Darktrace is now worth $500m and has IPO ambitions (City A.M.) One of the UK's hottest tech startups is now worth half a billion dollars and has ambitions to go public, City A.M can exclusively reveal
Intertek Acquires Cyber Security Assurance Firm EWA-Canada (RTT News) Intertek Group Plc (ITRK.L), a provider of quality and safety services, Monday said it acquired EWA-Canada from Electronic Warfare Associates Inc. EWA-Canada, headquartered in Ottawa, Canada, generated revenues of c. C$15 million in 2015
Defense Contractor Raytheon Pivots to Commercial Cybersecurity (Wall Street Journal) CEO Tom Kennedy on why he thinks his company has an edge in a market that has foiled others
5 Quantum Cryptography and Quantum Encryption Companies (Nanalyze) In a recent article we talked about 10 startups that are working on various aspects of quantum computing and promised our lovely readers a follow-up article on 5 quantum cryptography and quantum encryption companies
Better Buy: Palo Alto Networks, Inc. vs. FireEye (Motely Fool) The data security upstarts have a great deal in common -- both good and bad -- but one is a slightly better buy
Facebook, Google, Amazon, Microsoft and IBM team up on AI (Security Intelligence) With Artificial Intelligence (AI) starting to reveal its real world potential, Facebook, Google, Amazon, Microsoft and IBM have teamed up to work together in the burgeoning technological space
Gil Penchina on angel investing, market timing, and his ambivalence to venture capital (GTechCrunch) Let’s start with a bit of background. How did you get into angel investing?
Security startup confessions: Hiring and firing (Help Net Security) My name is Kai Roer and I am a co-founder of a European security startup, and these are my confessions
Demand for cybersecurity workers in Frederick County on the rise (Frederick News Post) The demand for cybersecurity jobs in Frederick County is expected to increase by almost 50 percent in the next few years, following the statewide trend in an industry that has more demand for workers than are currently available in the workforce
Products, Services, and Solutions
Three European gaming companies choose Corero Share (Proactive Investors) Orders for cyber-security specialist’s Corero Network Security PLC’s (LON:CNS) SmartWall Threat Defense System (TDS) continue to roll in
Technologies, Techniques, and Standards
By 'taking the perspective of the attacker' organisations may fare better (Security Brief) Digital Shadows has recently looked into the many ways that threat actors are using the growing sophistication of criminal business models, characterised by the automation and replication of previously manual processes (industrialisation)
Cyber-Threat Data Sharing Off to Slow Start Despite U.S. Legislation (eWeek) In January, President Obama signed the Cybersecurity Act of 2015, but companies remain in a holding pattern, waiting for legal clarity and demonstrable benefits before sharing sensitive information
Ask the expert: avoiding a Yahoo-style cyber attack (Stuff) Q: If a large corporate like Yahoo can get hacked, what hope is there for small businesses? How do they protect themselves and what can they do if they do get hacked?
How to pick a password manager (Christian Science Monitor Passcode) After the Yahoo breach exposed personal data about 500 million users, many people are looking for ways to protect themselves online. That's where password managers come in
Use stronger authentication, urge White House and tech companies (Naked Security) If half a billion passwords dragged out of Yahoo isn’t enough to convince us that we need more than passwords to secure our online stuff, perhaps a dancing banana will do the trick
IEEE 802.3bz standard brings 2.5 and 5 Gb/s to existing cabling (Help Net Security) Enabling access layer bandwidth to evolve incrementally beyond 1 Gigabit per second (Gb/s), it will help address emerging needs in a variety of settings and applications, including enterprise, wireless networks, and more
Design and Innovation
Arduino’s new open source kit makes creating IoT devices easy (Help Net Security) The Arduino team is using Kickstarter to crowdfund their latest project: the ESLOV IoT Invention Kit
Research and Development
How to Steal an AI (Wired) In the burgeoning field of computer science known as machine learning, engineers often refer to the artificial intelligences they create as “black box” systems: Once a machine learning engine has been trained from a collection of example data to perform anything from facial recognition to malware detection, it can take in queries—Whose face is that? Is this app safe?—and spit out answers without anyone, not even its creators, fully understanding the mechanics of the decision-making inside that box
Legislation, Policy, and Regulation
The spy who liked me: Britain’s secret service in the age of Facebook (Business Day Live) Behind the closed doors of British intelligence, the era of Smiley’s People is giving way to a future of Smiley’s Facebook friends
India needs to update cyber doctrine from time to time: Deputy NSA Arvind Gupta (Economic Times) Asserting that the country has a comprehensive cyber doctrine in place, India’s Deputy National Security Advisor Arvind Gupta, however, underlined the need to keep updating it to keep up with the developments in the cyber space
Getting Regulators and Regulated to Collaborate on Cybersecurity (GovInfo Security) Commerce Secretary Penny Pritzker sees a new relationship for traditional adversaries
CYBERCOM approves network defense plan (C4ISRNET) Defense Department cyber forces are tasked first and foremost with defending DoD networks. The first of three core mission sets for U.S. Cyber Command and its cyber mission force, which is poised to reach initial operational capability on Friday September 30 according to Cyber Command Commander Michael Rogers, is to defend the Department of Defense Information Networks. As part of this effort, there has not been a strategic vision for such a mission, until now
Services integrating cyber and traditional military forces (C4ISRNET) Within Cyber Command’s Cyber Mission Force — established in 2012 to include 133 teams in varying roles that reached initial operational capability at the end of September 2016 and will reach full operational capability in 2018 — there are the service cyber components. They work to defend service-specific networks and missions as opposed to the joint cyber effort. Within this construct, the services have begun to integrate their cyber warriors with traditional military units as cyber now touches most everything
Senate confirms new head of Strategic Command (FCW) The Senate has confirmed the Obama administration's nominee to take over Strategic Command, which oversees the Defense Department's nuclear, space and cyber elements
Clinton on cyberwar: An attack just like any other? (Minneapolis Star-Tribune) Between the chatter of corporate bankruptcies, emails, and “stamina” in last Monday’s presidential debate between Hillary Clinton and Donald Trump, an immensely important national security topic arose
Litigation, Investigation, and Law Enforcement
Europe's Top Court Will Consider Legality of Surveillance Exposed by Edward Snowden (Interept) Human rights groups have launched a major new legal challenge over mass surveillance programs revealed by the National Security Agency whistleblower Edward Snowden
Yahoo hack may become test case for SEC data breach disclosure rules (Reuters via Yahoo! Tech) Yahoo's disclosure that hackers stole user data from at least 500 million accounts in 2014 has highlighted shortcomings in U.S. rules on when cyber attacks must be revealed and their enforcement
Crypto guru Matt Green asks courts for DMCA force field so he can safely write a textbook (Register) Next move in EFF's plans to regain the right to tinker
Whistleblower in ‘Zero Dark Thirty’ case gets money and an award (McClatchy DC) A senior intelligence official has settled with the federal government after he alleged that he was punished for disclosing that the Pentagon’s watchdog had shielded former Defense Secretary Leon Panetta from allegations that he’d leaked sensitive information
FTC Denies LabMD's Request for 'Stay' (HealthcareInfo Security) Regulator won't put its final order on hold while LabMD appeals in court
Security Firm Execs Get No Prison Time After Hacking Rival Company (Softpedia) Quadsys five get off easy without prison time
Lithuanian police - Major breakthrough in cyber attack investigation (Baltic Times) Lithuanian police have announced a significant breakthrough in the probe of wide-range cyber attacks conducted against the nation's institutional websites last spring
IOC Athletes' Commission "strongly condemns" cyber-attacks on WADA, says chair Ruggiero (Inside the Games) International Olympic Committee (IOC) Athletes’ Commission chair Angela Ruggiero has said the body "strongly condemns" the cyber-attack that led to the publication of athletes’ confidential medical information from the ADAMS (Anti-Doping Administration & Management System) run by the World Anti-Doping Agency (WADA) and welcomes any input or suggestions by elite athletes in advance of next week’s Olympic Summit in Lausanne
INTELLECTUAL VENTURES I LLC, Plaintiff-Appellant v. SYMANTEC CORP., Defendant-Cross-Appellant TREND MICRO INCORPORATED, TREND MICRO, INC. (USA), Defendants-Appellees (United States Court of Appeals for the Federal Circuit) Intellectual Ventures I LLC (“IV”) sued Symantec Corp. and Trend Micro1 (together, “appellees” or “defendants”) for infringement of various claims of U.S. Patent Nos. 6,460,050 (“the ’050 patent”), 6,073,142 (“the ’142 patent”), and 5,987,610 (“the ’610 patent”). The district court held the asserted claims of the ’050 patent and the ’142 patent to be ineligible under § 101, and the asserted claim of the ’610 patent to be eligible. We affirm as to the INTELLECTUAL VENTURES I LLC v. SYMANTEC CORP. 3 asserted claims of the ’050 patent and ’142 patent, and reverse as to the asserted claim of the ’610 patent
How Tweens Get Recrutied to Become Hackers (New Paper) Online syndicates out to recruit kids
DMV worker accused of using state computer to ask customer on a date (Naked Security) Police on Tuesday said they have arrested a worker at the New York State Department of Motor Vehicles (DMV) on Staten Island, for allegedly trying to use the work computer to get a customer’s personal information and ask her out on a date
Japanese man arrested for selling jailbroken iPhones (Naked Security) Would you jailbreak your iPhone if you could, and if it were easy to do?
More than 15,000 Wells Fargo accounts in Md. may have been unauthorized (Daily Record) An independent review of more than 93 million Wells Fargo credit card and deposit accounts has determined that more than 15,000 accounts in Maryland may have been unauthorized, a practice that has been found across the country and has put the largest bank in the United States under intense scrutiny.
Leaker fined $1.2 million for uploading screener of The Revenant (Ars Technica) FBI says defendant's behavior is a killer of creativity, and of jobs
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
CyberTini at CyberMaryland (Baltimore, Maryland, USA, Oct 19, 2016) The bwtech@UMBC Cyber Incubator will be hosting a CyberTini as the official opening event of the CyberMaryland Conference on the evening of October 19, 2016 at the Columbus Center in Baltimore’s Inner Harbor. The Columbus Center is just a few blocks from the Baltimore Hilton Hotel where the CyberMaryland Conference is taking place, and attendance at the CyberTini is estimated to be 250 or more. The event will begin at 5pm the night before the CyberMaryland Conference and will run until approximately 7:30pm.
Upcoming Events
Cyber National Security – The Law of Cyberspace Confrontation (Hanover, Maryland, and Fort Meade, Oct 3 - 6, 2016) US Cyber Command will host the fourth annual COCOM-Interagency Cyber Law Conference from 3 through 6 October 2016, Cyber National Security – The Law of Cyberspace Confrontation. This year the conference will build on last year's success with a particular focus on the domestic and international legal frameworks and challenges to confronting the growing cyber threats in the gray zone short of armed conflict and employing cyber capabilities as part of broader deterrence strategies. The first two days of the conference will be held at the Acquisition Research Center, Hannover, MD, and will be conducted at the Unclassified level. The third and fourth days of the conference will be held at the classified level on Fort Meade, Maryland. The conference will be closed to the media and conducted under Chatham House rules.
Crossroads Regional Cybersecurity Summit (Victoria, Texas, USA, Oct 4, 2016) Bringing together top experts from both the public and private sectors, the Crossroads Regional Cybersecurity Summit (CRCS) will be an exciting and educational day for local businesses. Through a variety of speakers and interactive panels, CRCS will educate and raise awareness on a wide range of cybersecurity issues - from local to global - facing businesses of all sizes. Summit attendees will be exposed to the latest findings and best practices regarding: small organizations/SMB cybersecurity preventative measures, network security (whether large or small), financial and payment card industry (PCI) compliance, and law enforcement and national security concerns. Plan to attend and ensure that your business is prepared to face the 21st Century cybersecurity challenges ahead.
Cambridge Cyber Summit (Cambridge, Massachusetts, USA, Oct 5, 2016) This unique one-day summit will bring together c-suite executives and business owners with public and private-sector leaders in security, technology and defense to discuss ways to combat urgent cyber threats and secure America's future. The event, comprised of interviews and live demonstrations, will focus on critical issues such as the next wave of cyberattacks and their perpetrators, countermeasures, privacy and security, public-private cooperation and information sharing, and the latest trends in technology, among others.
IP EXPO Europe (London, England, UK, Oct 5 - 6, 2016) IP EXPO Europe is Europe's number ONE IT event for those looking to find out how the latest IT innovations can drive their business forwardIP EXPO Europe now includes six co-located events with their own speakers, exhibitors and seminar programmes. These events bring together 300+ exhibitors and 300+ free to attend seminars across 23 theatres, all under ONE roof. The six IP EXPO Europe events for 2016 are: Cloud Europe, Cyber Security Europe, Networks & Infrastructure Europe, Data Analytics Europe, DevOps Europe, Open Source Europe
RFUN 2016: 5th Annual Threat Intelligence Conference (Washington, DC, USA, Oct 5 - 6, 2016) The fifth annual RFUN Conference is a two-day event that brings together the diverse and talented community of analysts and operational defenders who apply real-time threat intelligence to out-innovate their adversaries. We invite Recorded Future customers, partners, and threat intelligence enthusiasts to join us at RFUN 2016.
SecureWorld Denver (Denver, Colorado, USA, Oct 5 - 6, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
VB 2016 (Denver, Colorado, USA, Oct 5 - 7, 2016) The 26th annual international Virus Bulletin conference meets this October in Denver
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
TU-Automotive Cyber Security Europe (Munich, Bayern, Germany, Oct 6 - 7, 2016) The most focussed forum on the ‘here and now’ of automotive cybersecurity. As we are inundated by headlines on cyber-attacks, we go beyond the hype to focus on the current challenges and solutions that unite players from research labs, automakers, tier 1’s and the complete supply chain to plan for a secure future.
AFCEA CyberSecurity Summit (Washington, DC, USA, Oct 11 - 12, 2016) AFCEA Washington, DC invites you to attend the 7th Annual Cybersecurity Summit on October 11–12, 2016. This two-day summit will feature keynotes from government leaders, thought-provoking discussion panels, and a number of deep-dive breakout sessions. The opening day of the conference, October 11, will tackle strategies for addressing cyber intelligence, next-generation cyber operations, and insider threats. Hosted at the Grand Hyatt Washington, attendees will be able to explore the avenues of cyber workforce development and training issues impacting tomorrow’s evolving threat environment. The half-day conference on October 12 is strictly for Sensitive Compartmented Information (SCI) clearance holders and will be hosted at the General Dynamics Information Technology facility in Alexandria, Virginia
AppSecUSA 2016 (Washington, DC, USA, Oct 11 - 14, 2016) OWASP’s 13th Annual AppSecUSA Security Conference is the premier application security conference for developers and security experts. Come hear an amazing group of inspirational speakers—including YouTube’s Favorite Hacker, Former DHS NCSD Director of Software Assurance, and Assistant Professor & Cryptographer—who are challenging traditions. You’ll be inspired by fresh ideas, start rethinking the status quo, and leave ready to tackle your challenges in innovative ways.
Cyber Security Summit 2016 (Aukland, New Zealand, May 5, 2016) New Zealand’s first Cyber Security Summit will be held in Auckland on 5 May 2016. The theme is “Keeping New Zealand’s Economy Cyber Secure”. Hosted by the Minister for Communications Hon Amy Adams, the Summit is an opportunity for board chairs and chief executives to discuss how New Zealand should tackle the threat of cybercrime, and improve our resilience and security. Chief executives, board chairs and leaders from across the public and private sectors have been invited to join the Minister for Communications at this high level event.
Insider Threat Program Development Training for NISPOM CC 2 (Warrington, Pennsylvania, USA, Oct 17 - 18, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). PA. For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust insider threat program. Insider Threat Defense has trained over 350+ organizations and has become the "leader-go to company" for insider threat program development training.
Cyber Ready 2016 (McDill Air Force Base, Florida, USA, Oct 18, 2016) We invite you to join us for our first annual Cyber ReadyTM 2016 conference observing National Cyber Security Awareness Month: The Impact of Cyber Crime. The National Cyber Partnership, joined by the MITRE Corporation, Tampa Bay Innovation Center, Florida Chamber Foundation and the Florida Suncoast AFIO Chapter is proud to present this important event. In addition to attending the Cybersecurity Conference, you're also invited to register for the Golf Outing and Barbecue Dinner at the MacDill AFB Bay Palms Golf Complex on Monday afternoon. The event will include the sixth annual MITRE National Capture the Flag (CTF) Competition Cyber Challenge Awards Ceremony.
EDGE2016 Security Conference (Knoxville, Tennessee, USA, Oct 18 - 19, 2016) The EDGE2016 conference is where true collaboration between business and technology professionals happens. Combining engaging keynotes from world-renowned visionaries, recognized technology industry leaders, topical roundtables, training sessions, and industry-specific tracks, EDGE2016 is where complex business security problems meet real-world solutions.
SecureWorld St. Louis (St. Louis, Missouri, USA, Oct 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Los Angeles Cyber Security Summit (Los Angeles, California, USA, Oct 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
CyberMaryland 2016 (Baltimore, Maryland, USA, Oct 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cyber Security.
CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, Oct 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater information exchange among industry, academia, and government entities at both the national and international levels. The issues to be covered include the future of international cooperation, imminent technical challenges and requirements, forthcoming conflicts in cyberspace, and the potential for new legal frameworks, standards, and regulations.
SANS San Diego 2016 (San Diego, California, USA , Oct 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals at all levels. Many of these security courses have certifications that are aligned with DoD Directive 8570/8140 and all courses at this event are associated with GIAC Certifications. This event was planned to give you the weapons you need to defend against attackers and advance your career. You will learn from leading experts in courses that have been carefully selected to arm you with the latest tactics and strategies that will sharpen your skills
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, Oct 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations, including the military. The conference will address topics covering ICSs, including protection for SCADA systems, plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs), and other field control system devices.
SecureWorld Bay Area (San Jose, California, USA, Oct 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, Oct 30 - Nov 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the complexity and the scalability of the main challenges of today’s cyber threats. The regional cybersecurity summit has been conducted for the last 4 years under the umbrella of ITU-ARCC in Oman to share experience and knowledge, learn from each other, get in tight to recent updates and collaborate to enhance organizations’ cybersecurity became a must.