Assange still has asylum, but maybe not so much connectivity. Some RT assets frozen in the UK. US-Russian cyber relations continue to worsen. General (retired) Cartwright pleads guilty to lying to Stuxnet leak investigators. Email server controversy gutters on.
After much speculation yesterday that the US had hacked him, WikiLeaks says Julian Assange's Internet connectivity was indeed cut, but by the Ecuadoran government. Assange is currently enjoying asylum in Ecuador's embassy in London; Ecuador was silent on connectivity issues but has said they will continue to extend Assange asylum.
Russia Today, a news outlet closely aligned with President Putin's government, has had some of its assets in the UK frozen.
Both WikiLeaks and Russia Today have been closely involved with, respectively, releasing and reporting on documents related to the campaign of US Presidential candidate Clinton. The US has blamed Russia's government for the hacks that compromised the files now being published, and has promised some unspecified form of retaliation. Retaliation is expected to "send a message" Russia's President cannot fail to misread; Russian spokesmen express both outrage at US intent and scorn for US capabilities.
The Shadow Brokers still haven't got any real bids on their auction of Equation Group tools. They tell anyone who may still believe this is a real auction that they've now had it—as the Register puts it, pay the Brokers ten Bitcoin "or the code gets it."
Retired US General Cartwright pleads guilty to lying to the FBI about discussions of Stuxnet with reporters. The New York Times expresses muted disapproval of the prosecution's First Amendment implications.
Reports claim classified material passed through then-Secretary of State Clinton's private email server. A State official is said to have sought retroactive declassification from the FBI.
Notes.
Today's issue includes events affecting Ecuador, Iraq, Israel, Russia, Syria, United Arab Emirates, and United States.
Some notes to our readers: Last night we were at the Jailbreak Brewing Company for one of the informative cyber security sessions they host. We'll have an account of what we heard later this week.
Thursday and Friday we'll be attending CyberMaryland, meeting this year at the Hilton Baltimore, across the street from Camden Yards in Baltimore's Inner Harbor. Watch for live coverage, podcasting, and a full report in upcoming issues.
Also, it's the third week of National Cyber Security Awareness Month. This week's theme is "Recognizing and Combating Cyber Crime."
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today our partner Markus Rauschecker of the University of Maryland's Center for Health and Homeland Security talks about privacy regulations for tracking children. Out guest is Ravi Balupari from Netskope, discussing the Virlock ransomware. If you enjoy the podcast, please consider giving it an iTunes review.
Cyber Attacks, Threats, and Vulnerabilities
Wikileaks: Julian Assange's internet access 'cut' (BBC) Wikileaks says an unidentified "state actor" has shut down internet access for its founder Julian Assange
Free Julian Assange: Alleged Cyber Attack on WikiLeaks Came Just Before Organization Released Damaging New Hillary Clinton Videos, Supporters Claim (Inquisitr) Julian Assange may be the target of a political attack, with reports that WikiLeaks suffered a cyberattack this weekend that was timed to prevent the release of politically damaging information against Hillary Clinton
WikiLeaks Now Claims Ecuador Cut Off Julian Assange's Internet (Motherboard) On Monday, Motherboard reported that Julian Assange’s internet connection had been severed in the Ecuadorian Embassy in London. WikiLeaks had initially blamed a “state actor,” but didn’t mention any such actor specifically
Asylum of WikiLeaks’ Assange not in question (CSO) The Ecuador embassy in London is said to have cut his internet connection
Julian Assange Dead? Cryptic WikiLeaks Tweets Have The Internet A Buzz (Hollywood Life) Puzzling tweets containing cryptic codes from the WikiLeaks Twitter account on October 16 had followers convinced that Julian Assange was dead. Even weirder, some people believed Pamela Anderson did him in! Click through to see the tweets!
Russia Today bank accounts 'frozen in UK' (Independent) 'Long live freedom of speech!' broadcaster's editor-in-chief says
‘US media ignores Clinton stealing Democratic nomination, engages in Russia-bashing instead’ (Russia Today) The story has nothing to do with the content of Clinton’s hacked emails, which show she stole the nomination from Bernie Sanders. The main story was submerged in this outcry against Russia, former CIA officer Ray McGovern told RT
The US plans to retaliate against Russia’s cyber-hacking campaign with a hack that Putin is sure to understand (Quartz) After three months of accusations that Russia is seeking to influence the US presidential election with a cyber-hacking campaign, the US is planning to strike back and send “a message” to Moscow with “the greatest impact”
Russia isn’t happy about US cyber attack threats (News.com) THE Kremlin has slammed Washington’s plans for a retaliatory cyber attack against Russia, vowing to protect itself from the United States’ “unpredictably and aggressiveness”
Russia vows to respond to US cyber attacks (Consumnes Connection) Russian President Vladimir Putin said Sunday his country is not trying to influence the USA presidential election
Putin on Biden cyberthreat: First time US admits such thing on highest level (Russia Today) Commenting on US Vice President Joe Biden’s statement on the possibility of cyberattacks against Russia, Vladimir Putin said it’s the first time that Washington has admitted involvement in such actions
Shadow Brokers cancels auction of stolen NSA 'cyberweapons' as bidders fail to turn up (International Business Times) The hacker group has threatened to 'publicly post the password' to anyone who paid it around $6m
ShadowBrokers put US$6m price tag on new hoard of NSA hacks (Register) Auction failed, now false-flag filchers want 10k bitcoin or the code gets it
Hackers Hit U.S. Senate GOP Committee (KrebsOnSecurity) The national news media has been consumed of late with reports of Russian hackers breaking into networks of the Democratic National Committee. Lest the Republicans feel left out of all the excitement, a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the Web storefront of the National Republican Senatorial Committee (NRSC)
Four ways to keep data safe during election season (Help Net Security) There is no shortage of passionate feelings among voters when it comes to this November’s presidential election. Those feelings extend tenfold to each candidate’s campaigns. Although campaigns depend on passion and monetary contributions to keep going, they also rely on something else: data
Elections at Risk in Cyberspace, Part I: Voting Lists (SIGNAL) Experts are divided on whether they are safe or to what degree they are vulnerable
Elections at Risk in Cyberspace, Part II: Variety is the Spice of Hacking for Voting Machines (SIGNAL) Devices are more vulnerable than the electorate realizes, but provide less of an opportunity than many hackers might hope
Elections at Risk in Cyberspace, Part III: Vote Database Security Ultimately Could Determine an Election Result (SIGNAL) It would take a nation-state with advanced cyber capabilities to alter U.S. election; those adversaries exist today
Elections at Risk in Cyberspace, Part IV: Securing the Vote (SIGNAL) Tightening up the process and its hardware will eliminate many vulnerability gaps
Donald Trump Is Running Some Really Insecure Email Servers (Motherboard) In what might be one of the more delicious cases of irony to ever grace a presidential election, a researcher has found that a number of email servers linked to Donald Trump’s hotel and others businesses are running horribly out of date software which receive no security patches, and are lacking other precautions for keeping hackers out
Ghost Push Trojan still a major threat to most Android users (Help Net Security) The Ghost Push Trojan (also known as Shedun) is still a considerable threat to Android users around the world
VeraCrypt security audit reveals many flaws, some already patched (Help Net Security) VeraCrypt, the free, open source disk encryption software based on TrueCrypt, has been audited by experts from cybersecurity company Quarkslab
The Yahoo hack – a numbers game (Infosecurity Magazine) Have you got a Yahoo email account? Was it one of the 500 million accounts compromised by the breach disclosed by Yahoo in September 2016? Does it matter if it was?
Millennials A Growing Target Of IT Support Scams (Dark Reading) New Microsoft-NCSA study finds that two out of three customers have been exposed to tech support scams in the last 12 months
Cyber Trends
State of Software Security 2016 (Veracode) There’s a real threat in vulnerable software components that’s more prevalent than most people think
Tripwire Survey: Smart Grids Lack Cyber Security Protection (BusinessWire) Ninety-eight percent of IT professionals consider smart cities at risk for cyber attacks
Free SSL Providers Spark Unprecedented Growth in Encrypted Traffic (Threatpost) If recent telemetry from Mozilla is indeed representative of the Internet, then it would appear that half of all traffic in transit is encrypted, a more than 10 percent jump from last December
Fight fraud: Scams, identity theft, ransomware attacks (Help Net Security) In an increasingly technology-oriented world, cybercrime has become all too common for both consumers and businesses. Internet crime takes many forms and includes everything from large-scale data breaches to consumer issues like identity theft and cyberstalking to widespread scams and ransomware
How much law firms dedicate to data privacy and security (Help Net Security) Vulnerabilities in law firms’ data security present an unprecedented existential threat, while increasing corporate demand for legal expertise in information security, compliance and incident response provides an emerging revenue growth opportunity, according to ALM Intelligence
Marketplace
One billion reasons why the Yahoo cyber breach matters (In Homeland Security) Verizon may have given Yahoo’s stockholders one billion reasons why cybersecurity matters last week when it hinted it could push to reduce its purchase offer for Yahoo
Why Twitter's stock plunge is especially bad for its employees (CNBC) Twitter shares plunged 27 percent in the past two weeks as potential acquirers withdrew their interest. On Friday, Salesforce.com became the latest to drop out
Bot Prevention Solution Provider ShieldSquare Raises Funding From Venture Highway, Others (Inc42) Bengaluru-based ShieldSquare, provider of real-time bot prevention software for online businesses, has secured an undisclosed amount of funding from Venture Highway, Vishy Poosala (Engineering Director at Facebook), and existing investors
BRIEF-Cisco Systems acquires Heroik Labs Inc (Seeking Alpha) Announced that it has acquired Heroik Labs, Inc a privately held company headquartered in San Francisco, CA. Worklife team will report into the cloud collaboration technology business unit under SVP/GM Jens Meggers Source text: bit.ly/2diZNaT Further company coverage
Ownership Change: Why Avast Holding B.V. Reported Big Avg Technologies N.V. Position? (Press Telegraph) Avast Holding B.V. filed with the SEC SC 13D/A form for Avg Technologies N.V.. The form can be accessed here: 000119312516739184. As reported in Avast Holding B.V.’s form, the filler as of late owns 96.5% or 49,241,015 shares of the Information Technology–company
How Israel Became a Hub for Surveillance Technology (Intercept) In 1948, the year Israel was founded, the Mer Group was established as a metal workshop
Products, Services, and Solutions
Versasec Launches vSEC:CMS S-Series Version 4.6 (Verasec) Leading smart card management solution updates include Windows user self-service functions, new smart card lifecycle operations, and improved card inventory management
Net Cease: Microsoft researchers unveil anti-reconnaissance tool (Help Net Security) Microsoft researchers Itay Grady and Tal Be’ery have released Net Cease, a PowerShell script that prevents attackers who have already compromised an endpoint from getting information about other targets within the same corporate network
Nyotron brings cyber defence service to military, government (IHS Jane's International Defence Review) Israeli cyber security specialist Nyotron has revealed details of novel technology now available to government agencies to defeat cyber threats following its initial development for the commercial sector
vArmour and DarkMatter Jointly Announce Strategic Partnership to Expand Data Center and Cloud Security Leadership in the Middle East (Marketwired) Partnership will provide joint customers with unique software-based segmentation and micro-segmentation to securely protect virtual and cloud environments
DarkMatter Introduces Blockchain Solutions for Governments and Enterprises in the UAE (PRNewswire) First-of-a-kind solutions establish DarkMatter as the region's pioneer in blockchain technology. Solutions align with the UAE's vision to foster the innovation and adoption of smart government infrastructure and development of smart technologies
Technologies, Techniques, and Standards
Snowden, Martin, and how to manage third-party risk (CGMA) Companies are increasingly outsourcing tasks to third-party entities or individuals not classified as full-time employees, putting trust in people outside the company’s real or virtual walls
How to avoid being the next Yahoo (CSO) What questions should the CIO/CISO be asking network architects to stay secure
The Apps They Carried: Software, Big Data, and the Fight for Mosul (Defense One) A variety of digital tech tools aim to provide coalition forces some sense of the dangers around the next bend
Uncertainty hovering over GSA’s latest identity management effort (Federal News Radio) The fourth attempt to build a common authentication platform between government and its citizens already is starting on shaky ground
To make it easier, we've published the password on front of our magazine... (Graham Cluley) Diabetes they can manage. Passwords? Not so well
Design and Innovation
Is machine learning the key to solving cybersecurity problems? (Networks Asia) Cyber threats have become more sophisticated and evolve faster than ever before, easily bypassing conventional cyber defences. Hence, the need for security skills and security technologies to evolve. One promising development, according to CrowdStrike, is machine learning
Research and Development
When confronted with extreme opinions, extremists become more centrist (Ars Technica) Give extremists an even more extreme message and they mellow
Academia
NYU Names Finalists for High School Cyber-Games (Infosecurity Magazine) More than 20 teams of high school students in the United States and the United Arab Emirates have won coveted slots to compete in the world’s largest set of student-led cybersecurity contests, the New York University Tandon School of Engineering’s annual Cyber Security Awareness Week (CSAW) games
Unisys stealth defeats hackers at University of Hawaii event (Voxy) Unisys Corporation (NYSE: UIS) announced today that participants in a recent ethical hacking event sponsored by the University of Hawaii failed to access a computerised document protected by Unisys Stealth - or even detect its presence on the network
Johns Hopkins engineering school receives $15M gift from Jim Clark foundation (Washington Business Journal) The Clark Charitable Foundation gifted Johns Hopkins University $15 million to provide financial aid and to create a new academic program for undergraduate engineering students
ISACA, CynjaTech Team on Cyber-Awareness Training Game for Kids (Infosecurity Magazine) CynjaTech and ISACA have teamed to create a mobile game that teaches children and their families about computer science, cybersecurity and safety
Legislation, Policy, and Regulation
DoD Is Losing the Online Fight to Win Hearts and Minds (Defense News) “ISIS gets the Internet and its audience in a way the U.S. government does not,” tech reporter Eric Geller wrote for The Daily Dot in March
Critical cybersecurity priorities for the next US president (Help Net Security) While the US presidential campaign has occasionally focused on cyber security, the topic demands more urgent attention from the individual elected as the 45th President of the United States
Official: you can still trust the NSA (FCW) It might not be as momentous as knocking down the Berlin Wall, but tearing down the barriers between Signals Intelligence and Information Assurance inside the National Security Agency is revolutionary, an NSA official in the thick of those efforts contends
The Government’s Addiction to ‘Secret Law’ (New York Times) The Central Intelligence Agency’s torture of detainees, and the National Security Agency’s warrantless wiretapping of Americans’ international communications, were two of the most controversial programs our government implemented after Sept. 11. Both are now widely considered to have been illegal, even though both were authorized by official legal analyses that were withheld from the public — a phenomenon known as “secret law”
Digital privacy can’t survive on a cracked foundation (Christian Science Monitor Passcode) A new American president and Congress have a historic opportunity to safeguard digital privacy — but they can’t build on a foundation of mass surveillance and encryption backdoors
Opinion: Congress should unveil American surveillance (Christian Science Monitor Passcode) The US intelligence community still appears to be violating Americans' privacy with domestic spying operations. But to reform these actions, Congress first needs to know how spies really operate
How America’s first chief information security officer can make his mark (Christian Science Monitor Passcode) The nation’s first ever chief information security officer (CISO) has a big task — and can make a big impact
Litigation, Investigation, and Law Enforcement
Retired general pleads guilty charged to lying to federal investigators (CBS News) Retired Marine Gen. James Cartwright pleaded guilty to 1 count of making false statements to federal investigators in a case that raises issues about reporter-source confidentiality
James Cartwright, Ex-General, Pleads Guilty in Leak Case (New York Times) James E. Cartwright, a retired Marine Corps general who as vice chairman of the Joint Chiefs of Staff served as a key member of President Obama’s national security team, agreed to plead guilty on Monday to lying to the F.B.I. about his discussions with reporters about Iran’s nuclear program
Has the Hillary Hack Happened? (Commentary) The news for the Trump campaign is grim. There are, however, still three weeks left in the presidential race, and Hillary Clinton’s prohibitive lead in public opinion surveys is by no means unassailable. All it might take to reset the race is another damning revelation regarding Clinton’s illicit server, but it would have to be a big one. That may have just occurred
Defense contractor “white hat” tells FBI that Judicial Watch paid him to hunt for Clinton hack (Ars Technica) Newt Gingrich brokered deal for moonlighting contractor to hunt for potential breach
State aide asked FBI to change classification of Clinton email (Federal Times) A senior State Department official asked for the FBI's help last year to change the classification level of an email from Hillary Clinton's private server in a proposed bargain described as a "quid pro quo" that would have allowed the FBI to deploy more agents in foreign countries, according to bureau records released Oct. 17
Clinton changes story, admits she didn’t have permission for secret email server (Washington Times) Hillary Clinton admitted under oath this week that she doesn’t recall asking anyone for permission to use a secret server and email account during her time in the State Department, contradicting previous public pronouncements that she had received approval
‘Remember, it’s illegal to possess’ WikiLeaks Clinton emails, but ‘it’s different for the media,’ says CNN’s Chris Cuomo (Washington Post) “Also interesting is, remember, it’s illegal to possess these stolen documents. It’s different for the media. So everything you learn about this, you’re learning from us”
EXCLUSIVE: FBI Agents Say Comey ‘Stood In The Way’ Of Clinton Email Investigation (Daily Caller) FBI agents say the bureau is alarmed over Director James Comey’s decision to not suggest that the Justice Department prosecute Hillary Clinton over her mishandling of classified information
Conservatives see political reprisal as Obama administration sues Peter Thiel’s Palantir (Washington Times) A bitter struggle between an innovative Silicon Valley software inventor and the Army has shifted from the raging battlefields of Afghanistan to a sedate federal claims court in Washington
California Victims Of Yahoo Breach Pursue Claims In State, Not Federal Court (Dark Reading) Plaintiffs hope to benefit from California's history of stricter cybersecurity and data privacy law
Lawmakers question DOJ's appeal of Microsoft Irish data case (CSO) The question of search warrants for foreign data is better addressed in Congress, they say
PCI SSC: New Euro Data Rules Could Cost UK Firms £122 Billion (Infosecurity Magazine) A leading payment card industry body is warning that UK organizations could face fines in excess of £120 billion following the enforcement of new EU data protection laws in May 2018
For a complete running list of events, please visit the Event Tracker.
Upcoming Events
Insider Threat Program Development Training for NISPOM CC 2 (Warrington, Pennsylvania, USA, Oct 17 - 18, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (NISPOM Conforming Change 2). PA. For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust insider threat program. Insider Threat Defense has trained over 350+ organizations and has become the "leader-go to company" for insider threat program development training.
Cyber Ready 2016 (McDill Air Force Base, Florida, USA, Oct 18, 2016) We invite you to join us for our first annual Cyber ReadyTM 2016 conference observing National Cyber Security Awareness Month: The Impact of Cyber Crime. The National Cyber Partnership, joined by the MITRE Corporation, Tampa Bay Innovation Center, Florida Chamber Foundation and the Florida Suncoast AFIO Chapter is proud to present this important event. In addition to attending the Cybersecurity Conference, you're also invited to register for the Golf Outing and Barbecue Dinner at the MacDill AFB Bay Palms Golf Complex on Monday afternoon. The event will include the sixth annual MITRE National Capture the Flag (CTF) Competition Cyber Challenge Awards Ceremony.
EDGE2016 Security Conference (Knoxville, Tennessee, USA, Oct 18 - 19, 2016) The EDGE2016 conference is where true collaboration between business and technology professionals happens. Combining engaging keynotes from world-renowned visionaries, recognized technology industry leaders, topical roundtables, training sessions, and industry-specific tracks, EDGE2016 is where complex business security problems meet real-world solutions.
SecureWorld St. Louis (St. Louis, Missouri, USA, Oct 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
CyberTini at CyberMaryland (Baltimore, Maryland, USA, Oct 19, 2016) The bwtech@UMBC Cyber Incubator will be hosting a CyberTini as the official opening event of the CyberMaryland Conference on the evening of October 19, 2016 at the Columbus Center in Baltimore’s Inner Harbor. The Columbus Center is just a few blocks from the Baltimore Hilton Hotel where the CyberMaryland Conference is taking place, and attendance at the CyberTini is estimated to be 250 or more. The event will begin at 5pm the night before the CyberMaryland Conference and will run until approximately 7:30pm.
Los Angeles Cyber Security Summit (Los Angeles, California, USA, Oct 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
CyberMaryland 2016 (Baltimore, Maryland, USA, Oct 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cyber Security.
CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, Oct 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater information exchange among industry, academia, and government entities at both the national and international levels. The issues to be covered include the future of international cooperation, imminent technical challenges and requirements, forthcoming conflicts in cyberspace, and the potential for new legal frameworks, standards, and regulations.
SANS San Diego 2016 (San Diego, California, USA , Oct 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals at all levels. Many of these security courses have certifications that are aligned with DoD Directive 8570/8140 and all courses at this event are associated with GIAC Certifications. This event was planned to give you the weapons you need to defend against attackers and advance your career. You will learn from leading experts in courses that have been carefully selected to arm you with the latest tactics and strategies that will sharpen your skills
18th Annual AT&T Cybersecurity Conference (New York, New York, USA, Oct 24 - 25, 2016) Countless cyberthreats circle your organization every second of every day. While your organization utilizes more mobile, IoT and emerging technologies, attackers simply focus on more ways to exploit them. That’s why we’re hosting the 18th Annual AT&T Cybersecurity Conference.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, Oct 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations, including the military. The conference will address topics covering ICSs, including protection for SCADA systems, plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs), and other field control system devices.
14th Annual EWF National Conference (Scottsdale, Arizona, USA, Oct 25 - 27, 2016) Balancing risk and opportunity: transforming cybersecuity; risk and privacy beyond the enterprise. The Executive Women's Forum (EWF) Annual Conference provides an exclusive opportunity to personally interact with more than 350 global thought leaders in the fields of Information Security, Risk Management and Privacy. During this three-day event, members collaborate on round-table exercises, incident simulations, panel discussions and working groups. Exposure to new ideas and approaches, best practice management of everyday issues and learning from observing the best and the brightest is an excellent and abundant return on investment.
SecureWorld Bay Area (San Jose, California, USA, Oct 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Security By Design (McLean, Virginia, USA, Oct 28, 2016) The essential security conference for all who desire to build trustworthy software. Developers, DevOps Engineers, Software Architects, Security Software Engineers, Designers and more.
Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, Oct 30 - Nov 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the complexity and the scalability of the main challenges of today’s cyber threats. The regional cybersecurity summit has been conducted for the last 4 years under the umbrella of ITU-ARCC in Oman to share experience and knowledge, learn from each other, get in tight to recent updates and collaborate to enhance organizations’ cybersecurity became a must.
Inside Dark Web (Washington, DC, USA, Nov 1 - 2, 2016) Individuals, organizations, corporations, and governments use the Dark Web to protect themselves and their users, employees, customers, and citizens seeking a more accessible and secure Internet experience. Experts from government, the financial community, law enforcement and cyber security will give you the background history, current utilization and future thoughts about the fast growing misunderstood world of the Dark Web.
National Institute for Cybersecurity Education 2016 Conference and Expo (Kansas City, Missouri, USA, Nov 1 - 2, 2016) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing, but the talent pool of cybersecurity workers is not yet able to keep up. The NICE 2016 Conference and Expo features thought leaders from education, government, industry and non-profits who are addressing the cybersecurity education, training, and workforce needs of the nation.
GTEC (Ottawa, Ontario, Canada, Nov 1 - 3, 2016) For the public sector and business, count on GTEC to help you keep up with the changing landscape of technology and service delivery in Canada. With our nationally recognized awards program and annual conference, plus our new learning products, GTEC is your destination of choice for innovation and excellence in public sector IT. The conference program will feature a close focus on the cyber threat, particularly the threat of cybercrime, and the Canadian response to that threat.
Black Hat Europe 2016 (London, England, UK, Nov 1 - 4, 2016) Black Hat is returning to Europe again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days--two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings.
TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, Jun 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.
SINET Showcase 2016: Highlighting and Advancing Innovation (Washington, DC, USA, Nov 2 - 3, 2016) SINET Showcase provides a platform to identify and highlight “best-of-class" security companies that are addressing industry and government’s most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase’s objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation’s critical infrastructure and command-and-control systems.
3rd Annual Journal of Law and Cyber Warfare Conference (New York, New York, USA, Nov 3, 2016) The 2016 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cyber security and cyber warfare from the military, government, private industry, and the public sector. Our panels are designed to provide attendees with thought leadership from a diverse group of experts who will share their experience and knowledge-base regarding topical cyber security issues. The symposium is a day long event comprised of panels, Q&A sessions, tool demonstrations and networking opportunities. Focused and thorough, there are take-aways for all attendees.
Security of Things World USA (San Diego, California, USA, Nov 3 - 4, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World USA in November in San Diego to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.
2nd Annual Summit: Global Cyber Security Leaders (Berlin, Germany, Nov 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping tomorrow’s global cyber threat landscape. The interactive, fresh and content driven format is specifically designed for leaders, visionaries and decision makers across all geographies. Strengthen your global network and form lasting relationships with other forward-thinking and inspiring leaders.
IAPP Europe Data Protection Congress 2016 (Brussels, Belgium, Nov 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional community and unrivaled education. It’s time to get to work: Start here.
SANS Miami 2016 (Coconut Grove, Florida, USA, Nov 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing viciousness and stealth, and it's essential you understand the tools and techniques and learn the skills needed to protect your organizations. Get the training you need from SANS - the most trusted and by far the largest source for information security training in the world
Federal IT Security Conference (Columbia, Maryland, USA, Nov 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape. All proceeds from the event go to help retrain Wounded Warriors to become cyber defenders at the Wounded Warrior Cyber Combat Academy.
11th Annual API Cybersecurity Conference & Expo (Houston, Texas, USA, Nov 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter cyber espionage, address cyber warfare, and make your cyber efforts secure.
SecureWorld Seattle (Bellevue, Washington, USA, Nov 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Institute for Critical Infrastructure Technology Annual Gala and Benefit (Washington, DC, USA, Nov 10, 2016) The Annual ICIT Gala and Benefit is the year’s most prestigious gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This intimate black-tie event will celebrate the minds of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used exclusively to help sustain and grow the Institute’s research, publications and educational activities for the communities it serves.
Israel HLS and Cyber 2016 (Tel Aviv, Israel, Nov 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach, and emergency readiness.
SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, Nov 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market
Infosec 2016 (Dublin, Ireland, Nov 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face are increasing
Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, Nov 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists will travel to the global final event to Prague (all expenses covered by Kaspersky Lab) to present their projects & compete.
CISO Charlotte (Charlotte, North Carolina, USA, Nov 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
Pharma Blockchain Bootcamp (Edison, New Jersey, USA, Nov 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it more than 30 years ago. At this critical one-day learning seminar, bio/pharmaceutical professionals (tech + business) will uncover the key areas where blockchain applications could have a significant impact in securing, managing and leveraging the deluge of data throughout the enterprise from R&D to clinical to commercialization. Key issues to be addressed: what exactly is blockchain and why is it considered a disruptive innovation; where and why in the enterprise is pharma ripe for blockchain applications; the hidden business rewards that would be exposed; the legal and regulatory considerations with implementation, and much more.
Cybercon 2016 (Washington, DC, USA, Nov 16, 2016) The forum for dialogue on strategy and innovation to secure defense and government networks, as well as private-sector networks that hold their sensitive data.
SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, Nov 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.
4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, Nov 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.
CIFI Security Summit (Toronto, Ontario, Canada, Nov 30 - Dec 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.