Blockchains at a brewery. Ecuador says it cut Assange's Internet connection. US retaliation against Russian cyber ops may aim at embarrassment. Ransomware in London's City.
news from Jailbreak
We spent Monday evening at the blockchain tech talks hosted by Novetta at the Jailbreak Brewing Company in Laurel, Maryland. Experts from Novetta and Chainalysis spoke about blockchain technology, what it is, where it came from, how it works, and what effect its having on commerce, banking, and, eventually, daily life.
Novetta's Peder Müller, a self-admitted "Bitcoin enthusiast," discussed the technical principle behind blockchain, strengths and weakness, and its most famous and successful application thus far, Bitcoin. He described what people are doing right now with blockchain, when it's useful, when it's not, and when it's "just snakeoil." He then explored the likely future of blockchain technology.
Chainalysis CEO Michael Gronager contributed his own explanation of how blockchain worked, why it was important, how it was likely to be disruptive, and the ways in which users and regulators were coming to cope with the technology's implications.
In the special section below you'll find links to accounts of the talks as well as some background on blockchain's growing mainstream acceptance.
Ecuador's government has issued a communiqué on Julia Assange's Internet outage. They say they did it, and on their own, not in response to any external pressure, because Assange was using their London embassy and its Internet connectivity to interfere with another country's election. That other country, of course, is the United States. That explanation seems about right—no responsible foreign ministry wants its embassies used for virtual filibustering. But Russia Today isn't buying it, and trots out an interview with a disaffected US Foreign Service type to argue on the basis of a priori possibility that the US hacked the connection. Ecuador notes that it continues to extend Assange asylum, and that they've not interfered at all with WikiLeaks.
WikiLeaks is expected to continue doxing the US elections through next month.
ThreatConnect offers a rundown on Fancy Bear and all its works, including the circumstantial grounds people have attributed them to Russia.
The US response to what it unequivocally calls Russian cyber operations against the US remains unclear—Assange's Internet disruption probably wasn't it, certainly not all of it, especially since the US promised to send a message that couldn't be missed. Speculation centers on the possibility of a Panama-Papers-like release of documents embarrassing to Russian President Putin.
Security firm Sucuri finds that cybercriminals are hiding stolen card data in website product images.
Financial institutions in London are sustaining a significant ransomware campaign. Worldwide, the prevailing strain of ransomware circulating by email remains Locky.
Several adult websites are compromised.
Notes.
Today's issue includes events affecting Australia, Ecuador, Estonia, Germany, Iran, Russia, Thailand, United Kingdom, United States, and and Yemen.
A note to our readers: tomorrow and Friday we'll be attending CyberMaryland, meeting this year at the Hilton Baltimore, across the street from Camden Yards in Baltimore's Inner Harbor. Watch for live coverage, podcasting, and a full report in upcoming issues.
Also, it's the third week of National Cyber Security Awareness Month. This week's theme is "Recognizing and Combating Cyber Crime."
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today our partners at Terbium Labs are represented by Emily Wilson, who discusses the weaponization of intelligence. Our guest is Kevin Bocek from Venafi on some of the encryption issues surrounding the Yahoo! breach. As always, if you enjoy the podcast, please consider giving it an iTunes review.
Laurel, Maryland: the latest from Jailbreak
Blockchain & Bitcoin (Jailbreak Brewing Company) In the dark on Bitcoin and Blockchain? Let’s fix that
Novetta Tech Talk at Jailbreak: Blockchain and Bitcoin (The CyberWire) Experts from Novetta and Chainalysis spoke at the Jailbreak Brewing Company on blockchain technology, what it is, where it came from, how it works, and what effect its having on commerce, banking, and, eventually, daily life. We offer some recent background on blockchain's increasing mainstream acceptance
Blockheads and Bitcoin: a View from Novetta (The CyberWire) Bitcoin enthusiasts aside (and there are a lot of them out there, including not just the stereotypical individual techno-libertarians and black marketeers, but some significant financial services companies as well) should people see the underlying blockchain technology as one with significance for their lives? Or is the blockchain nothing more than a flashy hashtag soon to be overtaken by other fads?
Blockchain and Bitcoin Brewing: Chainalysis on Disruption and Regulation (The CyberWire) Chainalysis CEO Michael Gronager contributed his own explanation of how blockchain worked, why it was important, how it was likely to be disruptive, and the ways in which users and regulators were beginning to cope with the technology's implications
The Byzantine Generals Problem (ACM Transactions on Programming Languages and Systems) Reliable computer systems must handle malfunctioning components that give conflicting information to different parts of the system. This situation can be expressed abstractly in terms of a group of generals of the Byzantine army camped with their troops around an enemy city
Cyber Attacks, Threats, and Vulnerabilities
Ecuador Restricts WikiLeaks Founder Julian Assange’s Communications (Wall Street Journal) Ecuador said Tuesday that it restricted Julian Assange’s internet access at its embassy in London in light of concerns that the WikiLeaks founder, who has lived there since he was granted political asylum in 2012, was meddling in the U.S. presidential election
'Julian Assange losing internet access possible US cyber attack' (Russia Today) It is unlikely that Ecuador, supporting whistleblower Julian Assange, deprived him from the opportunity to use internet, says Peter Van Buren, former officer, US State Department's Foreign Service. The countries like the US have much more reasons for that, he added
Let's Get Fancy (ThreatConnect) How the ThreatConnect Research team used the Platform to investigate incidents, identify intelligence and conduct pertinent analysis regarding FANCY BEAR
Hackers not yet pulling out big guns for data breaches, NSA official warns (Federal News Radio) A leading National Security Agency official said Tuesday that none of the high-profile cybersecurity breaches in government over the past two years required hackers employ the strongest tools at their disposal
Palo Alto Networks Discovers Two Adobe Reader Privileged JavaScript Zero-Days (Palo Alto Networks) We recently discovered two zero-day vulnerabilities in Adobe Reader
Hackers hide stolen payment card data inside website product images (CSO) The technique makes the compromises harder to detect and prolongs the theft
Trump-Themed Malware Dominating Threat Campaigns This Election Season (Dark Reading) Users need to be vigilant about the sites they visit and actions they take online, Zscaler warns
What happened to Yahoo's traffic after it revealed it was hit by hackers? (ZDNet) The data breach left more than 500 million people vulnerable to hackers
Yahoo Says Traffic Rose Despite Hacking That Could Alter Verizon Deal (New York Times) If Verizon Communications really wants to renegotiate its $4.8 billion deal to buy Yahoo’s internet operations, it’s probably going to have a fight on its hands
UK’s Financial Hub London Under Massive Ransomware Attacks (HackRead) London is the financial hub of the United Kingdom and nobody can deny this fact. So when it is suggested that employees working in London are at a greater risk of receiving ransomware then it is definitely something to be alarmed about
Neue Version von Ransomware Locky ist im Umlauf (Presse Box) G DATA Sicherheitsexperten analysieren Erpressertrojaner
Proofpoint Threat Report Finds 97 Percent of Malicious Emails Contain Locky Ransomware (Security Intelligence) Proofpoint’s “Q3 2016 Threat Summary” outlined some disturbing trends. It highlighted how email, social media and mobile serve as attack vectors that lie outside the enterprise’s perimeter. The Proofpoint threat report also described some usual cybersecurity tools that can be used to protect a network
CryPy Ransomware Slithers Onto PCs With Unique, Python-Based Encryption (Aspida) Ransomware is already annoying: Files are suddenly locked down and potentially irretrievable if users aren’t wiling to meet demands and pay up. Thankfully, most strains come with inherent weaknesses that can be exploited by security firms to claw back hostage data
Hackers create more IoT botnets with Mirai source code (CSO) The total number of IoT devices infected with the Mirai malware has reached 493,000
Researcher unveils second Samsung Pay vulnerability (CSO) A security researcher has found a second vulnerability in Samsung Pay
Researcher says Adult Friend Finder vulnerable to file inclusion vulnerabilities (CSO) LFI vulnerabilities used to expose sensitive files and a database schema
Hacked Brazzers, Epic Games, ClixSense Data Goes on Dark Web for Sale (HackRead) The Dark Web marketplaces have turned out to be the best platform for hackers to sell stolen data.
PassCV Targets Pokémon Go, Online Gaming Platforms (Infosecurity Magazine) The PassCV group has mounted an ongoing offensive against online gaming platforms
Bank informs RBI of security breach: Axis suffers cyber attack, hires EY to probe damage (Economic Times) A month ago, an official of Axis BankBSE 0.57 % -- India's third largest private sector lender -- received an unexpected telephone call
Texas school district's student data potentially compromised (SC Magazine) How many victims? Unknown
False Alarm May Have Triggered U.S. Navy Warship's Missile Defense System (Military Times) After several days of investigation, the U.S. Navy believes an urgent warning about an incoming missile aboard a destroyer Saturday night may have been a false alarm, defense officials said Tuesday
Security Patches, Mitigations, and Software Updates
Oracle fixes 100s of vulnerabilities that put enterprise data at risk (CSO) Oracle's October security update is one of the largest ever, fixing 253 flaws
VeraCrypt Patches Critical Vulnerabilities Uncovered in Audit (Threatpost) An audit of open source file and disk encryption package VeraCrypt turned up a number of critical vulnerabilities that have been patched in the month since the assessment was wrapped up
Cyber Trends
Four reasons why Asia is a prime target for cybercriminals (CNBC) From attacks on Ukrainian power grids to central bank heists in Bangladesh and the leak of stolen information from the Democratic National Committee in the U.S., cybersecurity threats have escalated massively in recent years
Fight fraud: Scams, identity theft, ransomware attacks (Help Net Security) In an increasingly technology-oriented world, cybercrime has become all too common for both consumers and businesses
Proliferation of vulnerable open source components creates growing risk (Help Net Security) The continued and persistent use of components in software development is creating systemic risk in our digital infrastructure
Public Wi-Fi: Users’ habits and perceptions of risk (Help Net Security) A new Xirrus survey highlights users’ habits and perceptions of risk when connecting to public Wi-Fi. The survey polled more than 2,000 business users, including executives and IT professionals, and found that while 91 percent of respondents do not believe public Wi-Fi is secure, 89 percent use it anyway
Civilization infrastructure: Connected sensors and digital intelligence (Help Net Security) A new type of infrastructure needs to be built that is not just going to reshape business, but also the way people live, according to Gartner. CIOs are the builders of this infrastructure, which Gartner calls the “civilization infrastructure”
Marketplace
Businesses cooperate with government mass surveillance at their peril, says Edward Snowden (Financial Post) Resisting government mass surveillance isn’t just the right thing to do — it’s good for business, whistleblower Edward Snowden told a Toronto cybersecurity conference Tuesday
New VC Fund Specializes in Cryptographic Assets and Blockchain Network Services (PRNewswire) Iterative Instinct I, GP is a $1.4M micro-fund based in New York City and operated by two 31-year-old fund managers
Avast Software Nears Final Tender Of AVG Acquisition Offer (Seeking Alpha) Avast's acquisition of AVG is both transformational and complementary...Look for a potential IPO in 2018 or later
ThreatMetrix attracts $30 mln (PEHub) ThreatMetrix, a provider of advanced fraud prevention and context-based security solutions, has secured $30 million in growth funding. The investor was Silicon Valley Bank
The 3 Biggest Challenges Facing Cisco Systems (Motley Fool) Will these three headwinds blow the networking giant off course?
Q3 Reflections: A remarkable team and innovative strategy (Flashpoint) It’s been a busy and exciting few months at Flashpoint. In July, we set some ambitious Q3 2016 goals, which included everything from industry-specific sales targets and key hiring strategies to product roadmap milestones
Scott Chasin Builds Enterprise Security Company ProtectWise With Hollywood-Like Visualization Tools (Forbes) “ProtectWise is my fourth business, so I look at it as an evolution of everything that I’ve done in my career,” says serial entrepreneur Scott Chasin of his latest endeavor into network security
root9B Awarded Department of Defense and Critical Infrastructure Contracts (PRNewswire) Ongoing business development activities yield more than $12M in contracts and increased industry visibility
Local cyber startup gears up for commercialization, hiring (Baltimore Business Journal) Cybersecurity company Efflux Analytics plans to bring its product to market in November, after winning $10,000 in a state pitch competition earlier this month
US defence contractor Raytheon joins the Estonian Defence Industry Association (Estonian World) The American defence contractor, Raytheon, a cooperation partner of the Estonian government, has become a member of the Estonian Defence Industry Association
Cylance appoints three top cybersecurity professionals to spearhead APAC business (Voice & Data) AI application-based cybersecurity company, Cylance has expanded its international operations with the appointment of an experienced team of technology professionals that will serve the Asia region
Products, Services, and Solutions
Wealth Migrate Launches Real Estate Investment Marketplace with Integrated Blockchain (Blockchain News) Wealth Migrate has became one of the first real estate online investment marketplaces to integrate Blockchain technology in a move that significantly enhances security and privacy protections for investors around the globe
WatchGuard Takes the Guesswork Out of Wi-Fi Security With New Cloud-based Secure Wi-Fi Solution (WRCB TV) WatchGuard Wi-Fi Cloud connects and protects SMBs and distributed enterprises with fully automated wireless threat prevention and enterprise-grade interactive engagement and analytics features
Picoo Design Announces Launch of Powerful Image Hiding App Lynx (Yahoo! Finance) Picoo Design executives announced today the launch of Lynx, a new security tool aimed at keeping pictures safe from snoopy intruders
CISOs Choose ROMAD Cyber Systems as Winner of Security Current's Security Shark Tank® Cupertino (PRNewswire) Chief Information Security Officers (CISOs) select malware genome mapping innovator ROMAD Cyber Systems for vision and importance to the industry
This is the Definitive Crypto Hardware Bitcoin Wallet (Hacked) TREZOR is one of the best-respected Bitcoin hardware wallets in the industry
Fortinet Opens FortiCloud European Data Center in Germany (Executive Biz) Fortinet has launched a new cloud data center in Germany that will work to provide local cloud-based data hosting and cybersecurity services to European customers
WhiteHat Security Joins FS-ISAC Affiliate Program (PRNewswire) Application security testing authority will contribute vulnerability assessment and risk management expertise to financial services community
Kaspersky Lab Announces New Industrial Control Systems Emergency Response Team (BusinessWire) Fulfilling its mission to share cybersecurity knowledge, Kaspersky Lab launched today the Industrial Control Systems Computer Emergency Response Team (also known as Kaspersky Lab ICS-CERT) – a global CERT entity that welcomes collaboration with critical infrastructure operators, vendors and government institutions
GPG Sync: Internal GPG keys syncing tool for orgs (Help Net Security) First Look Code has released GPG Sync, an open source tool for keeping a list of GPG keys used by members of an organization always updated, and always available to all of them
Skyhigh Launches First Persona-Driven Model for CASB (BusinessWire) Next-generation platform ushers in advanced efficiencies across critical business needs in security, compliance, governance, and the boardroom
HyTrust Announces Encryption Key Management Support for VMware vSphere VM Encryption (BusinessWire) HyTrust DataControl provides advanced zero downtime encryption and key management for VMware workloads
Technologies, Techniques, and Standards
Nothing Brings Banks Together Like A Good Hack (Bloomberg) Financial institutions are not inclined to share secrets. That's changing as savvy tech adversaries threaten to breach digital walls
5G Security – Making the Right Choice to Match your Needs (Simalliance) One of the clearest messages from ‘An analysis of the security needs of the 5G market’, the marketing paper that SIMalliance published in early 2016, is that security in 5G is use case dependent
Centrify suggests seven steps to slash cybercrime (Scoop) Centrify suggests seven steps to slash cybercrime
Research and Development
Typing While Skyping Could Compromise Privacy (Newswise) Traditional keyboard sounds can be decoded, UCI and Italian researchers find
A better way to talk to machines (C4ISRNET) Northrop Grumman has been awarded an Air Force Research Laboratory contract to develop human language technologies (HLT) for talking to machines
Microsoft says speech recognition technology reaches "human parity” (CBS News) Artificial intelligence just keeps getting smarter and smarter. Now Microsoft researchers say they’ve developed speech recognition technology that can grasp a human conversation as well as people do
Academia
U of M receives grant for Cyber Security Preparedness (Daily Helmsman) The Center for Information Assurance at the University of Memphis received a $3 million grant that will be split with the University of Texas, the University of Arkansas, Norwich University and Texas A&M, which makes up the National Cybersecurity Preparedness Consortium
Legislation, Policy, and Regulation
National sovereignty concerns in cyberspace (Bangkok Post) Recently, I was called upon to write a short memo for a policy-letter collection to the would-be 45th president of the United States; the piece would be framed as a policy suggestion in response to shifts
Could Obama’s Threat of Retaliation against Russia Lead to Cyberwar? (Scientific American) Online attacks are unpredictable and hard to control, leading to worries that White House cyber rattling could quickly escalate
U.S. Cyber Responses to Russian Hacking of the November Election (Lawfare) Recent news reports regarding Russian hacks affecting the November election suggest that the United States is preparing on possible U.S. cyber actions in response, such as revealing information to the Russian public about Putin’s financial holdings that would be embarrassing for him
The New Face of Law and Cyber Warfare (Lawfare) On October 3-4, 2016, I was privileged to be invited to attend and speak at the annual conference organized by the Staff Judge Advocate for USCYBERCOM, Colonel Gary Corn
Adm. Rogers: US 'Working Our Way Through' NSA-Cyber Command Split (Defense News) Adm. Mike Rogers, the dual-hatted chief of US Cyber Command and the National Security Agency, said splitting the two agencies is a matter of “the right time” and “the right process”
94 days and counting: DHS chief outlines his final to-do list (Federal News Radio) With less than 100 days until he plans to leave the Homeland Security Department, Secretary Jeh Johnson said he has a few major items left on his to-do list
Feds need clarity on cyber structures (FedScoop) Experts went back and forth at FedTalks 2016 on what roles agencies like DHS and NSA should play in federal cybersecurity
Cops Have a Database of 117M Faces. You’re Probably in It (Wired) It's no secret that American law has been building facial recognition databases to aide in its investigations
Civil liberties groups ask for ‘moratoriums’ on face recognition tech (TechCrunch) Armed with new research, civil rights organizations are urging the Justice Department to investigate law enforcement’s excessive use of face recognition technologies
Unregulated use of facial recognition tech threatens people’s privacy, civil rights (Help Net Security) Facial recognition tech is a boon to law enforcement, but without strict regulation and safeguards, it poses considerable risks to the privacy, civil liberties, and civil rights of law abiding citizens. Unfortunately, that’s the current situation in the US
Despite Obama’s pledge to make the government more open, a report shows secret laws still abound (Washington Post) The Justice Department has kept classified at least 74 opinions, memos and letters on national security issues, including interrogation, detention and surveillance, according to a report released Tuesday by the Brennan Center for Justice
Senate Intel Chair Caught Between Russian Hacking and Donald Trump (Foreign Policy) Sen. Richard Burr is getting constant reports of Moscow’s election meddling, and he’s still clinging to Trump’s coattails
National Guard uniquely positioned to contribute in cyber realm (DVIDS) The civilian-acquired skills of its members enable the National Guard to make unique contributions in the cyber realm, Air Force Gen. Joseph Lengyel said here today
Keeping Britain safe: how GCHQ's new cyber security agency will protect us from hackers (Wired) Wired speaks to Ian Levy, chief technical officer of the National Centre for Cyber Security, the new government agency tasked with protecting the UK against hackers
NATO Launches RAND Study To Reform Cyber Acquisition (Defense Daily) The NATO Allied Command Transformation and NATO Communications and Information Agency (NCIA) launched a new independent research project on Monday with the RAND Corp. to examine how to streamline the alliance’s cyber capability development and acquisition process
Litigation, Investigation, and Law Enforcement
Secret Service must address inadequate IT security, says OIG (Federal Times) IT management at the U.S. Secret Service (USSS) has been consistently ineffective and neglected, according to a recent report by the Department of Homeland Security Office of Inspector General
Tech who deleted Clinton’s e-mails was “joking” when he said “Hillary cover-up” (Ars Technica) FBI interview: Tech sought to remove Clinton's post-State address from archive
Dealing Loosely With the Facts: The Clinton Emails (Cipher Brief) The newly released FBI interview reports show that it was a Bureau official who initially suggested he would look into changing the classification of a State Department email that was part of the Hillary Clinton email probe, if Undersecretary Patrick Kennedy would allow an increase of FBI agents in Iraq
When Journalists Align With Thieves (Backchannel) The press is mining the dirty work of Russian hackers for gossipy inside-beltway accounts
The ‘freedom of the press’ doesn’t give the media any special privileges — but it’s also not a redundancy (Washington Post) I’ve often argued that the freedom of the press was seen near the time of the Framing (and near the time of the ratification of the 14th Amendment, as well as in between and largely since) as protecting the right to use the press as technology — everyone’s right to use the printing press and its modern technological heirs
Finjan Files Lawsuit in Germany Against Blue Coat for Patent Infringement (Sys-Con Media) Finjan Holdings, Inc. (NASDAQ: FNJN), a cybersecurity company, today announced that its subsidiary Finjan, Inc. ("Finjan") filed a patent infringement lawsuit on October 14, 2016, in the German District Court in Dusseldorf, Germany against Blue Coat Systems, Inc
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
Versus 16 (San Francisco, California, USA, Nov 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing business in the digital age
Upcoming Events
EDGE2016 Security Conference (Knoxville, Tennessee, USA, Oct 18 - 19, 2016) The EDGE2016 conference is where true collaboration between business and technology professionals happens. Combining engaging keynotes from world-renowned visionaries, recognized technology industry leaders, topical roundtables, training sessions, and industry-specific tracks, EDGE2016 is where complex business security problems meet real-world solutions.
SecureWorld St. Louis (St. Louis, Missouri, USA, Oct 18 - 19, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
CyberTini at CyberMaryland (Baltimore, Maryland, USA, Oct 19, 2016) The bwtech@UMBC Cyber Incubator will be hosting a CyberTini as the official opening event of the CyberMaryland Conference on the evening of October 19, 2016 at the Columbus Center in Baltimore’s Inner Harbor. The Columbus Center is just a few blocks from the Baltimore Hilton Hotel where the CyberMaryland Conference is taking place, and attendance at the CyberTini is estimated to be 250 or more. The event will begin at 5pm the night before the CyberMaryland Conference and will run until approximately 7:30pm.
Los Angeles Cyber Security Summit (Los Angeles, California, USA, Oct 28, 2016) The Cyber Security Summit is an exclusive conference series connects C-Suite & Senior Executives who are responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. This educational and informational forum will focus on educating attendees on how to best protect highly vulnerable business applications and critical infrastructure. Attendees will have the opportunity to meet the nation’s leading solution providers and discover the latest products and services for enterprise cyber defense.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
CyberMaryland 2016 (Baltimore, Maryland, USA, Oct 20 - 21, 2016) The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” captures the event’s intent to provide unparalleled information sharing and networking opportunities for development of cyber assets on both the human and technological side. Additionally, the conference provides an opportunity for Maryland to demonstrate its natural leadership in Cyber Security.
CyCon US: International Conference on Cyber Conflict (Washington, DC, USA, Oct 21 - 23, 2016) The inaugural U.S. based International Conference on Cyber Conflict will take place 21-23 October 2016 in Washington D.C. Focusing on a theme of Protecting the Future. CyCon U.S. seeks to create greater information exchange among industry, academia, and government entities at both the national and international levels. The issues to be covered include the future of international cooperation, imminent technical challenges and requirements, forthcoming conflicts in cyberspace, and the potential for new legal frameworks, standards, and regulations.
SANS San Diego 2016 (San Diego, California, USA , Oct 23 - 28, 2016) Cyber security training in San Diego, CA from SANS Institute, the global leader in information security training. Choose from nine hands-on, immersion-style training courses for security professionals at all levels. Many of these security courses have certifications that are aligned with DoD Directive 8570/8140 and all courses at this event are associated with GIAC Certifications. This event was planned to give you the weapons you need to defend against attackers and advance your career. You will learn from leading experts in courses that have been carefully selected to arm you with the latest tactics and strategies that will sharpen your skills
18th Annual AT&T Cybersecurity Conference (New York, New York, USA, Oct 24 - 25, 2016) Countless cyberthreats circle your organization every second of every day. While your organization utilizes more mobile, IoT and emerging technologies, attackers simply focus on more ways to exploit them. That’s why we’re hosting the 18th Annual AT&T Cybersecurity Conference.
Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, Aug 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.
2016 ICS Cyber Security Conference (Atlanta, Georgia, USA, Oct 24 - 27, 2016) As the largest and longest-running cyber security-focused conference for the industrial control systems sector, the event caters to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations, including the military. The conference will address topics covering ICSs, including protection for SCADA systems, plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs), and other field control system devices.
14th Annual EWF National Conference (Scottsdale, Arizona, USA, Oct 25 - 27, 2016) Balancing risk and opportunity: transforming cybersecuity; risk and privacy beyond the enterprise. The Executive Women's Forum (EWF) Annual Conference provides an exclusive opportunity to personally interact with more than 350 global thought leaders in the fields of Information Security, Risk Management and Privacy. During this three-day event, members collaborate on round-table exercises, incident simulations, panel discussions and working groups. Exposure to new ideas and approaches, best practice management of everyday issues and learning from observing the best and the brightest is an excellent and abundant return on investment.
SecureWorld Bay Area (San Jose, California, USA, Oct 27, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Security By Design (McLean, Virginia, USA, Oct 28, 2016) The essential security conference for all who desire to build trustworthy software. Developers, DevOps Engineers, Software Architects, Security Software Engineers, Designers and more.
Regional Cyber Security Summit (Sharm El-Sheikh, Egypt, Oct 30 - Nov 1, 2016) The Regional Cyber Security Summit comes this year with the theme of “Boundless Collaboration, Boundless Protection”. It focuses on the cooperation in cybersecurity as one of key pillars to tackle the complexity and the scalability of the main challenges of today’s cyber threats. The regional cybersecurity summit has been conducted for the last 4 years under the umbrella of ITU-ARCC in Oman to share experience and knowledge, learn from each other, get in tight to recent updates and collaborate to enhance organizations’ cybersecurity became a must.
Inside Dark Web (Washington, DC, USA, Nov 1 - 2, 2016) Individuals, organizations, corporations, and governments use the Dark Web to protect themselves and their users, employees, customers, and citizens seeking a more accessible and secure Internet experience. Experts from government, the financial community, law enforcement and cyber security will give you the background history, current utilization and future thoughts about the fast growing misunderstood world of the Dark Web.
National Institute for Cybersecurity Education 2016 Conference and Expo (Kansas City, Missouri, USA, Nov 1 - 2, 2016) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing, but the talent pool of cybersecurity workers is not yet able to keep up. The NICE 2016 Conference and Expo features thought leaders from education, government, industry and non-profits who are addressing the cybersecurity education, training, and workforce needs of the nation.
GTEC (Ottawa, Ontario, Canada, Nov 1 - 3, 2016) For the public sector and business, count on GTEC to help you keep up with the changing landscape of technology and service delivery in Canada. With our nationally recognized awards program and annual conference, plus our new learning products, GTEC is your destination of choice for innovation and excellence in public sector IT. The conference program will feature a close focus on the cyber threat, particularly the threat of cybercrime, and the Canadian response to that threat.
Black Hat Europe 2016 (London, England, UK, Nov 1 - 4, 2016) Black Hat is returning to Europe again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days--two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings.
TECHEXPO Cyber Security Hiring Event (Tysons Corner, Virgina, USA, Jun 30, 2016) Cyber security professionals are invited to interview face-to-face with employers including The CIA, Deloitte, Intel Security, Northrop Grumman, Lockheed Martin, Deloitte, Vencore and many more. Hundreds of career opportunities are available in cyber security that need to be filled immediately. Bring copies of your resume with you and interview in person, representing yourself better than any online application ever could.
SINET Showcase 2016: Highlighting and Advancing Innovation (Washington, DC, USA, Nov 2 - 3, 2016) SINET Showcase provides a platform to identify and highlight “best-of-class" security companies that are addressing industry and government’s most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase’s objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation’s critical infrastructure and command-and-control systems.
3rd Annual Journal of Law and Cyber Warfare Conference (New York, New York, USA, Nov 3, 2016) The 2016 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cyber security and cyber warfare from the military, government, private industry, and the public sector. Our panels are designed to provide attendees with thought leadership from a diverse group of experts who will share their experience and knowledge-base regarding topical cyber security issues. The symposium is a day long event comprised of panels, Q&A sessions, tool demonstrations and networking opportunities. Focused and thorough, there are take-aways for all attendees.
Security of Things World USA (San Diego, California, USA, Nov 3 - 4, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World USA in November in San Diego to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.
2nd Annual Summit: Global Cyber Security Leaders (Berlin, Germany, Nov 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping tomorrow’s global cyber threat landscape. The interactive, fresh and content driven format is specifically designed for leaders, visionaries and decision makers across all geographies. Strengthen your global network and form lasting relationships with other forward-thinking and inspiring leaders.
IAPP Europe Data Protection Congress 2016 (Brussels, Belgium, Nov 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional community and unrivaled education. It’s time to get to work: Start here.
SANS Miami 2016 (Coconut Grove, Florida, USA, Nov 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing viciousness and stealth, and it's essential you understand the tools and techniques and learn the skills needed to protect your organizations. Get the training you need from SANS - the most trusted and by far the largest source for information security training in the world
Federal IT Security Conference (Columbia, Maryland, USA, Nov 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape. All proceeds from the event go to help retrain Wounded Warriors to become cyber defenders at the Wounded Warrior Cyber Combat Academy.
11th Annual API Cybersecurity Conference & Expo (Houston, Texas, USA, Nov 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter cyber espionage, address cyber warfare, and make your cyber efforts secure.
SecureWorld Seattle (Bellevue, Washington, USA, Nov 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Institute for Critical Infrastructure Technology Annual Gala and Benefit (Washington, DC, USA, Nov 10, 2016) The Annual ICIT Gala and Benefit is the year’s most prestigious gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This intimate black-tie event will celebrate the minds of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used exclusively to help sustain and grow the Institute’s research, publications and educational activities for the communities it serves.
Israel HLS and Cyber 2016 (Tel Aviv, Israel, Nov 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach, and emergency readiness.
SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, Nov 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market
Infosec 2016 (Dublin, Ireland, Nov 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face are increasing
Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, Nov 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists will travel to the global final event to Prague (all expenses covered by Kaspersky Lab) to present their projects & compete.
CISO Charlotte (Charlotte, North Carolina, USA, Nov 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
Pharma Blockchain Bootcamp (Edison, New Jersey, USA, Nov 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it more than 30 years ago. At this critical one-day learning seminar, bio/pharmaceutical professionals (tech + business) will uncover the key areas where blockchain applications could have a significant impact in securing, managing and leveraging the deluge of data throughout the enterprise from R&D to clinical to commercialization. Key issues to be addressed: what exactly is blockchain and why is it considered a disruptive innovation; where and why in the enterprise is pharma ripe for blockchain applications; the hidden business rewards that would be exposed; the legal and regulatory considerations with implementation, and much more.
Cybercon 2016 (Washington, DC, USA, Nov 16, 2016) The forum for dialogue on strategy and innovation to secure defense and government networks, as well as private-sector networks that hold their sensitive data.
SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, Nov 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.
4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, Nov 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.
CIFI Security Summit (Toronto, Ontario, Canada, Nov 30 - Dec 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.