FBI email investigation proceeds as fears of Russian influence over US elections persist. DDoS threats and defenses. Sophos buys Barricade; Broadcom acquired Brocade.
news from the SINET Showcase
The SINET Showcase opened yesterday afternoon with workshops on technology, policy, and market trends. Today's proceedings feature more panels and presentations, and, of course, the introduction of the companies selected for the SINET 16. We've been live-tweeting through the morning's sessions; we'll continue to do so as the day goes on.
More emerges on the FBI's renewed investigation of emails that allegedly transited from former Secretary of State Clinton's private server to a laptop used by former New York Representative Anthony Wiener. WikiLeaks continues to make good on its promise to release discreditable documents related to the Clinton campaign; Julian Assange denies that he's getting those documents from Russia. Sources tell various news outlets that FBI investigators have high confidence that five unnamed foreign intelligence services succeeded in compromising the former Secretary's now decommissioned private server.
Concerns about Russian influence on US elections continue. Among those concerns are the prospect of distributed denial-of-service campaigns against election-related targets. DDoS fears have risen since the Mirai Internet-of-things botnet attacks last month. Bitdefender reports finding an exploitable vulnerability in widely used web cameras. MalwareMustDie warns against the IoT-focused Linux/IRCTelnet malware. The Online Trust Association says the DDoS against Dyn could have been "easily" prevented with better secured IoT devices, which is no doubt true, but mopping up the very large number of insecure devices is a far from trivial challenge.
Sophos has acquired Irish security analytics shop Barricade. A much larger acquisition has also been announced: Broadcom is buying Brocade for $5.5 billion,
NICE (the National Initiative for Cybersecurity Education) is meeting this week in Kansas City. NIST has used the occasion to launch not only its CyberSeek jobs map, but a draft Cybersecurity Workforce Framework. NSA and its LifeJourney partner is offering a Day of Cyber for students: registrations have passed five million.
Today's issue includes events affecting China, India, Ireland, New Zealand, Russia, Singapore, United Kingdom, and United States.
A note to our readers: We're in Washington today covering the SINET Showcase 2016. Watch for full coverage in upcoming issues.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today our partner Jonathan Katz from the University of Maryland will describe an experiment Google ran, pitting several AIs against each other in an encryption challenge. Our guest is MetTel's Edward Fox, discussing the role telecommunications companies play in cyber security. As always, if you enjoy the podcast, please consider giving it an iTunes review.
Washington, DC: the latest from the SINET Showcase
SINET Showcase (SINET) We believe that effective Cybersecurity is required to facilitate economic growth, protect critical infrastructure and maintain political stability. To accomplish this objective, SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration. SINET is a catalyst that connects senior level private and government security professionals with solution providers, buyers, researchers and investors
SINET 16 Innovator Award Overview (SINET) Each year, SINET evaluates the technologies and products of hundreds of emerging Cybersecurity companies from all over the world, and selects the 16 most innovative and compelling companies. These 16 companies, known as the SINET 16 Innovators, are invited to present their products and solutions on stage in Washington D.C. at our annual SINET Showcase
Cyber Attacks, Threats, and Vulnerabilities
How Did WikiLeaks Get Clinton's Emails? Assange Says Russia Not Responsible For Democrat's Leaked Emails (International Business Times) The thousands of emails related to Democratic presidential nominee Hilary Clinton, her party and close allies that were published by WikiLeaks were not obtained from the Russian government, the founder of the nonprofit organization, Julian Assange, said Thursday
Sources: 99 percent chance foreign intel agencies breached Clinton server (Fox News) Authorities now believe there is about a 99 percent chance that up to five foreign intelligence agencies may have accessed and taken emails from Hillary Clinton’s private server, two separate sources with intimate knowledge of the FBI investigations told Fox News
DDoS Warning as US Presidential Election Approaches (Infosecurity Magazine) Security experts are warning that DDoS attacks could be used next Tuesday to suppress voter turnout for the US presidential elections
Kremlin Hackers Are Exploiting Microsoft's Unpatched Zero-Day (Infosecurity Magazine) Microsoft has identified the Russian APT group known as Fancy Bear as using a Windows zero-day to attack unnamed organizations. Some say it’s an attempt to manipulate the outcome of next week’s US election by targeting political organizations
Bitdefender Found Critical Vulnerabilities In IoT Cameras (Toms Hardware) Bitdefender announced that it discovered critical vulnerabilities in an unidentified manufacturer's Internet of Things (IoT) cameras that could threaten the privacy of their owners and enable distributed denial of service (DDoS) attacks
Linux/IRCTelnet creates new, powerful IoT DDoS botnet (Help Net Security) Linux/IRCTelnet (new Aidra), a new piece of Linux malware targeting IoT devices and turning them into DDoS-capable bots, has been spotted and analyzed by one of the researchers who share their discoveries on the MalwareMustDie! blog
DDoS attack on Dyn could have been prevented (CSO) The Online Trust Association says the recent DDoS attack that took down portions of the internet for several hours could have been “easily” avoided by improving the security of IoT devices
StarHub Attack Raises IoT Security Questions (InfoRisk Today) Volume of infected devices, lack of IoT standards are cause for concern
Net Neutrality Could Stall Defense Against Dyn-Like Cyberattacks (Inside Sources) FCC’s net neutrality rules may make Internet service providers reluctant to block malicious traffic
Android Trojan targets customers of 94 banks in US, Europe (Help Net Security) If you/ve recently installed a Flash Player Android app and now almost every app you open asks you for your payment card details, you’ve been infected with a banking Trojan
Belkin’s WeMo Gear Can Hack Android Phones (Threatpost) A SQL injection vulnerability is present in Belkin’s WeMo home automation firmware that could allow a third party with local access to a network to gain root access to devices such as light switches, lightbulbs, security cameras and coffee makers
Sundown Exploit Kit ‘Larger Threat Than People Realize’ (Threatpost) It’s been a tumultuous summer for exploit kits with the demise of Angler, Neutrino and Nuclear, for years each responsible for massive amounts of dollar losses and malware infections. Now, Cisco Talos security researchers are bracing for new entrants to fill the void, starting with the Sundown exploit kit
Are You At Risk Of Material Impact Because Of Bad SSL Certificates from WoSign and StartCom? (RiskIQ) Mozilla, the world’s second most popular browser, announced an important security decision last week to distrust a range of bad SSL certificates issued by Certificate Authorities (CAs) WoSign and Startcom, citing “technical and management failures”
Critical MySQL Vulnerabilities Can Lead to Server Compromise (Threatpost) Critical vulnerabilities in MySQL and vendor deployments by database servers MariaDB and PerconaDB have been identified that can lead to arbitrary code execution, root privilege escalation and server compromise
Unpatched Vulnerability on Wix.com Puts Millions of Sites at Risk (Threatpost) Update Cloud-based web host Wix.com is vulnerable to a DOM-based cross-site scripting vulnerability that can give attackers control over any of the millions of websites hosted on the platform
Computer Virus Cripples UK Hospital System (KrebsOnSecurity) Citing a computer virus outbreak, a hospital system in the United Kingdom has canceled all planned operations and diverted major trauma cases to neighboring facilities. The incident came as U.K. leaders detailed a national cyber security strategy that promises billions in cybersecurity spending, new special police units to pursue organized online gangs, and the possibility of retaliation for major attacks
New Zealand Nurses Caught Out in Major Email Breach (Infosecurity Magazine) Tens of thousands of New Zealand nurses have had personal details accidentally disclosed to a phisher in yet another example of the data breach dangers posed by human error
Problems for William Hill as website attacked (Racing Post) William Hill apologised to customers after their website crashed on Tuesday having come under cyber attack
Level 3 drops its packets for hours, causing Internet traffic jam (Ars Technica) Outage restored by noon ET; company says it's “looking into this issue”
What We Can Learn From a $1.5M Cyber Theft at a Cambridge Company (BostInno) If you work in tech, it's practically a rite of passage to be briefed on the dos and don'ts of cyber security. It's common practice for businesses to train their employees on how to flag and thwart cyber attack attempts. And yet these instances still occur. Case in point: A company located in Kendall Square recently experienced a cyber attack that almost resulted in a loss of more than $1.5 million
#UNITEDsummit: Heisenberg Project Outlines Cloud Attack Realities (Infosecurity Magazine) The Heisenberg Cloud, a honeypot intelligence-gathering effort, shows that attackers target different clouds for different reasons—and are selective in their efforts rather than merely opportunistic
Merchants and financial institutions deal with escalating cyber attacks (Help Net Security) Unsurprisingly, the Q3 2016 ThreatMetrix report shows a sharp increase in the number and complexity of cyber attacks. During what is traditionally a slow quarter, researchers analyzed nearly 5 billion transactions, and stopped approximately 130 million attacks in real time – a 40 percent increase over 2015
When smartphone upgrades go wrong (Help Net Security) As the holiday shopping season kicks into full gear around the world, industry analysts predict low prices, discounts and promotions will entice shoppers to buy the latest tech gadgets and electronics, including smartphones and tablets
Security Patches, Mitigations, and Software Updates
Microsoft to patch Windows bug that Google revealed (CSO) Fix goes out Nov. 8 for vulnerability used by Russian hackers who penetrated the Democratic National Committee
Belkin Fixes Security Flaws in Its WEMO IoT Devices (eWeek) At Black Hat Europe, Invincea researchers will talk about vulnerabilities they found in Belkin's home automation devices. Belkin has since patched the flaws
Mitigations Available for PanelShock Vulnerabilities in Schneider Electric Magelis HMIs (Threatpost) One week after addressing a critical vulnerability in its industrial controller management software, Schneider Electric is in the midst of handling two more serious flaws in a number of its Magelis HMI products
Android 7.0 Nougat Update: How Safe Is Your Android Phone? (Bitbag) Earlier this year, Check Point Software Technologies highlighted a serious security flaw present on all Android-based devices. Check Point stated that the flaw can provide root-level access on mobile devices to anyone who hacks it. This is why Google has been busy of late releasing updates that were finally culminated by the release of Android 7.0 Nougat
Threat Intelligence Overload: Ponemon Report Says 70 Percent Of Organisations Swamped By Cyber Threat Data (Information Security Buzz) Anomali, provider of market-leading threat intelligence platforms, today announced the results of a Ponemon Institute study revealing that 70 percent of security industry professionals believe threat intelligence is often too voluminous and/or complex to provide actionable insights
Ransomware 'biggest threat' to cyber security of Irish businesses (RTE) The biggest threat to the cyber security of Irish businesses comes from ransomware, according to Dell EMC
Business Security Confidence Contradicts High Success Rate Of Attacks (Dark Reading) Research indicates one in three cyberattacks results in a security breach, but most organizations are confident in their defense tactics
Most Windows Users Don’t Care About Security, Research Shows (Softpedia) Windows 7 is the most popular Windows version even though no less than 600 vulnerabilities affect it, the study reveals
Do recent events foreshadow a large-scale cyber aggregated loss? (Property Casualty 360) Opinion: What would happen if numerous major insureds, all with multimillion-dollar policies, all suffered major breaches simultaneously?
Online Ad Industry Threatened by Security Issues (DataBreach Today) Voluntary set of anti-malware guidelines may not go far enough
Broadcom Limited to Acquire Brocade Communications Systems Inc. for $5.9 Billion (GlobeNewswire) Broadcom Limited (Nasdaq:AVGO) and Brocade Communications Systems, Inc. (Nasdaq:BRCD) today announced that they have entered into a definitive agreement under which Broadcom will acquire Brocade, a leader in Fibre Channel storage area network (“FC SAN”) switching and IP networking, for $12.75 per share in an all-cash transaction valued at approximately $5.5 billion, plus $0.4 billion of net debt
Sophos Acquires Security Analytics Start-Up in Ireland (Marketwired) Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced that it has acquired Barricade, a pioneering start-up with a powerful behavior-based analytics engine built on machine learning techniques. The team and technology from Barricade will strengthen Sophos' synchronized security capabilities and its next-generation network and endpoint protection portfolio
As Broadcom Buys Brocade, Here Are Other Enterprise Technology Firms That Could Get Acquired Next (The Street) Both private equity firms and tech companies have shown a willingness to make billion-dollar acquisitions for enterprise hardware and software companies. And the fervor appears to be far from over
Can SonicWall survive desertion by Dell? (ARN) SonicWall A/NZ country manager, Sandeep Joshi, outlines what lies ahead for the security vendor
2 Companies That Protect the Internet of Things (Motley Fool) Cisco and Symantec are offering the tools to counter devastating IoT-based attacks
Atos and Siemens join forces to rebuke IIoT cyber criminals (Consultancy.uk) Cyber attacks result in considerable damage to companies across the globe. The roll out of the Industrial Internet of Things is expected to see additional avenues for attack opening up, resulting in the potential for more losses and making defence more difficult. In a bid to assess the potential threat, and to provide security solutions for manufacturers, Atos and Siemens have joined forces
Palantir can compete for Army tactical intel upgrade (Defense Systems) Data analytics vendor Palantir Technologies Inc. won a key court ruling this week in its bid to compete on a future contract to upgrade the Army's Distributed Common Ground System (DCGS)
Cybereason Announces International Expansion and Opens Its New London Office to Serve Europe, the Middle East and Africa (PRWeb) Simon Sharp Named Cybereason’s Vice President EMEA Region. Simon has been hired to build out the entire region's sale team because of increased demand for the company's award-winning detection and response threat hunting platform
SkyBox Cloud LLC Is Moving Headquarters To Grand Rapids To Expand Midwest Presence (Host Review) SkyBox Cloud LLC, a provider of offsite server and application hosting and cloud backup for small to enterprise-sized companies, is moving its headquarters to Grand Rapids to expand into the Midwest beyond its customer base in the western United States
IBM Security Executive Shelley Westman Joins Protegrity as SVP of Alliances & Field Operations (Yahoo!) Protegrity, the leading provider of data-centric enterprise data security solutions, announced today that Shelley Westman has joined the company as Senior Vice President of Alliances & Field Operations, reporting to Protegrity CEO Suni Munshani
A Q&A with our Newest Advisor Lieutenant General Rhett Hernandez, U.S. Army, Retired (Bay Dynamics) We are excited to announce a new addition to our Bay Dynamics team. Lieutenant General Rhett Hernandez (Ret), a 39-year veteran of the United States Army, has joined our advisory board
Products, Services, and Solutions
Forcepoint™ Integrates Stonesoft® Next-Generation Firewall with Cloud Security Technologies (PRNewswire) Forcepoint's NGFW also receives NSS Labs' rating of "Recommended" in Intrusion Prevention
How feds can sign up for new OPM breach coverage (Federal Times) Federal employees impacted by last year’s cyber hack of the Office of Personnel Management have a month to re-enroll for credit and identity monitoring protections offered by the agency
If you want your company to have a future, you need a cyber security strategy (Buiness Insider) Navigating the Digital Age is a cybersecurity guide for company directors and decision makers. This introduction highlights the importance of cybersecurity and why companies need to urgently think about putting preventative measures in place
Mellanox Launches Open Source Software Initiative for Routers, Load Balancers, and Firewalls (BusinessWire) OpenNPU first open software supporting open networking platforms
Skybox Security Announces Integration with CyberX, Improving Security in Industrial Control Systems (India PR Wire) Modeling, access simulation and vulnerability analysis capabilities bring enhanced visibility to SCADA and ICS networks to maintain uptime and avoid disruption
Password manager LastPass now works on all your devices for free (CSO) Now you can get LastPass on your computer and your phone without paying $12 per year
Technologies, Techniques, and Standards
Uninstall PERL File Extension Ransomware (Virus Guides) I wrote this article to help you remove PERL File Extension Ransomware. This PERL File Extension Ransomware removal guide works for all Windows versions
Don't pay ransom, Kaspersky Lab warns (ITProPortal) Report being attacked by ransomware to the authorities, instead
Echo from the Past: Security Lessons for IT Modernization (GovInfoSecurity) ISMG Editors analyze the latest developments
NICE Framework Provides Resource for a Strong Cybersecurity Workforce (NIST) The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) released a resource that will help U.S. employers more effectively identify, recruit, develop and maintain cybersecurity talent
SP 800-181 DRAFT NICE Cybersecurity Workforce Framework (NCWF): National Initiative for Cybersecurity Education (NIST) NIST is pleased to release the draft NICE Cybersecurity Workforce Framework (NCWF) - a reference resource that will allow our nation to more effectively identify, recruit, develop and maintain its cybersecurity talent. The framework provides a common language to categorize and describe cybersecurity work that will help organizations build a strong labor staff to protect systems and data
Governor McAuliffe Announces “NSA Day Of Cyber” School Challenge In Virginia (Alexandria News) Governor Terry McAuliffe today announced the launch of Virginia’s “NSA Day of Cyber” School Challenge. The challenge begins today, as Cybersecurity Awareness Month in October concludes, and will run through the end of March 2017
BAE’s DeEtte Gray: Investments in Cyber, STEM Programs Needed to Address Demand for Cyber Professionals (ExecutiveBiz) DeEtte Gray, an executive at BAE Systems’ U.S. arm, has said industry, government, academia and organizations should collaborate to make investments in science, technology, engineering, mathematics and cyber education initiatives in an effort to develop a pipeline of cyber professionals
Legislation, Policy, and Regulation
SEBI to Hire a CISO to Help Protect Securities Markets (InfoRisk Today) Information security leaders weigh in on priorities for new officer
Joint efforts to enhance cyber security (Shanghai Daily) The issue of cyber security takes on a high profile as firms and government bureaus have joined together to strengthen it, Shanghai Daily learned during the China International Industry Fair yesterday
UK in $2.3 billion plan to ‘strike back’ at hackers (AFP via Interaksyon) Finance minister Philip Hammond on Tuesday warned Britain will “strike back” against states hacking into strategic networks in order to avoid a military showdown, as part of a new cyber-defence plan
Deloitte comments on the National Cyber Security Strategy 2016-2021 (Deloitte) Bryan Hurcombe, public sector lead for Deloitte UK’s cyber risk practice said
Some Cyber Regulations Are Excessive. Not This One (American Banker) Regulation should always be a last resort. Too many rules — or lack of coordination between federal, state and industry rules — can do more harm than good. But there are also times when minimum requirements make sense. When done right and in the right circumstances, rules can protect consumers and businesses
SPECIAL REPORT-John Brennan's attempt to lead the CIA into the age of cyberwar (Thompson Reuters Foundation) When America goes to the polls on Nov. 8, according to current and former U.S. intelligence officials, it will likely experience the culmination of a new form of information war
Defeating Enemies at the Speed of Cyber, Not Speed of Budgets (SIGNAL) The military that can control and deny access to and use of the electromagnetic spectrum will be the victors of the next war, predicts Maj. Gen. Earl Matthews, USAF, (Ret.), former director of cyberspace operations and chief information security officer for the Air Force
DISA director: Military still figuring out how to fight in cyberspace (C4ISRNET) Despite the cyber mission force recently reaching initial operational capability, the military is still determining how it will fight in cyberspace. According to Lt. Gen. Alan Lynn, director of the Defense Information Systems Agency and commander of Joint Force Headquarters – Department of Defense Information Networks, the force still has work to do
Army sees cyberspace as nation’s next warfront (Redstone Rocket) Threats from cyberspace are real, consistent and evolving. President Barack Obama said cyber threats pose one of the gravest national security dangers faced by the United States
Army's IT must be more maneuverable across domains (C4ISRNET) The Army's taking notice of the changing operational landscapes emerging. Part of this recognition involves the new push toward a multi-domain battle concept, one that recognizes the force must move beyond its traditional air-land battle to fight in air, land, littoral space and cyberspace
DHS faces a sea change (FCW) The Department of Homeland Security, which is approaching its 15th birthday, needs to make some critical management decisions if it's going to keep up with galloping technology, according to one of its veteran managers
New FCC ISP privacy rules create more questions than answers (Naked Security) Just over a week ago the US Federal Communications Commission (FCC) imposed new privacy rules for ISP customers. The rules aimed to give customers better control, more privacy and stronger security over their data
Litigation, Investigation, and Law Enforcement
Senior FBI officials were told of new emails in early October but wanted more information before renewing Clinton probe (Washington Post) Senior FBI officials were informed about the discovery of new emails potentially relevant to the investigation of Hillary Clinton’s private email server at least two weeks before Director James B. Comey notified Congress, according to federal officials familiar with the investigation
Commentary: Does the FBI think Russia hacked Weiner’s computer? (Reuters) There are many reasons why Federal Bureau of Investigation Director James Comey could be interested in the Hillary Clinton-Huma Abedin emails on Anthony Weiner's home computer. The majority of those reasons for Comey's involvement have been laid out across the media spectrum
Bret Baier: Barring ‘Obstruction,’ Indictment Almost Certain In FBI Investigation (Daily Caller) Citing sources at the FBI, Fox News anchor Bret Baier said the FBI’s renewed investigation of Hillary Clinton’s email server will almost certainly end in an indictment, unless some sort of “obstruction” arises
State defends coordinating with Clinton camp on emails (Washington Examiner) The State Department on Wednesday denied any wrongdoing after emails hacked from John Podesta's private account revealed that the department coordinated with Hillary Clinton's presidential campaign before news broke of her use of a private email server
A second Privacy Shield legal challenge increases threat to EU-US data flows (CSO) French digital rights group La Quadrature du Net is seeking to annul the European Commission decision implementing Privacy Shield
Police across the globe crackdown on darknet marketplaces (CSO) The FBI contacted 150 people suspected of buying drugs from the sites
Catching Online Scammers, Dealers & Drug Dealers With DNS (Dark Reading) Researchers at Black Hat Europe this week will demonstrate a streamlined technique for spotting and identifying illicit narcotics, counterfeiters, and other scammer websites and operations
Hacker sentenced to 29 months in devious Photobucket image plot (Ars Technica) “Yes, seduced by money. I will not lie,” defendant tells judge
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
CyberCon 2016 (Washington, DC, USA, Nov 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the defining challenge for the foreseeable future and CyberCon 2016 will provide a roadmap for innovation and collaboration that lead to more transparent and secure networks.
GTEC (Ottawa, Ontario, Canada, Nov 1 - 3, 2016) For the public sector and business, count on GTEC to help you keep up with the changing landscape of technology and service delivery in Canada. With our nationally recognized awards program and annual conference, plus our new learning products, GTEC is your destination of choice for innovation and excellence in public sector IT. The conference program will feature a close focus on the cyber threat, particularly the threat of cybercrime, and the Canadian response to that threat.
Black Hat Europe 2016 (London, England, UK, Nov 1 - 4, 2016) Black Hat is returning to Europe again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days--two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings.
ISSA International Conference (Orlando, Florida, USA, Oct 22 - 23, 2014) Join us for solution oriented, proactive and innovative sessions focused on security as a vital part of the business.
SINET Showcase 2016: Highlighting and Advancing Innovation (Washington, DC, USA, Nov 2 - 3, 2016) SINET Showcase provides a platform to identify and highlight “best-of-class" security companies that are addressing industry and government’s most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase’s objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation’s critical infrastructure and command-and-control systems.
3rd Annual Journal of Law and Cyber Warfare Conference (New York, New York, USA, Nov 3, 2016) The 2016 Journal of Law and Cyber Warfare symposium speakers represent an unparalleled group of cyber security experts with a wide variety of industry expertise and knowledge. Attendees will hear from experts on cyber security and cyber warfare from the military, government, private industry, and the public sector. Our panels are designed to provide attendees with thought leadership from a diverse group of experts who will share their experience and knowledge-base regarding topical cyber security issues. The symposium is a day long event comprised of panels, Q&A sessions, tool demonstrations and networking opportunities. Focused and thorough, there are take-aways for all attendees.
Security of Things World USA (San Diego, California, USA, Nov 3 - 4, 2016) Security. Privacy. Connected Devices. Exploring Security and the Internet of Things. A world class event focused on the next information security revolution. Be part of Security of Things World USA in November in San Diego to tailor your proposition to respond to the security concerns that preoccupy enterprise customers today and find pragmatic solutions to the most common security threats.
2nd Annual Summit: Global Cyber Security Leaders (Berlin, Germany, Nov 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping tomorrow’s global cyber threat landscape. The interactive, fresh and content driven format is specifically designed for leaders, visionaries and decision makers across all geographies. Strengthen your global network and form lasting relationships with other forward-thinking and inspiring leaders.
IAPP Europe Data Protection Congress 2016 (Brussels, Belgium, Nov 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional community and unrivaled education. It’s time to get to work: Start here.
SANS Miami 2016 (Coconut Grove, Florida, USA, Nov 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing viciousness and stealth, and it's essential you understand the tools and techniques and learn the skills needed to protect your organizations. Get the training you need from SANS - the most trusted and by far the largest source for information security training in the world
Federal IT Security Conference (Columbia, Maryland, USA, Nov 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape. All proceeds from the event go to help retrain Wounded Warriors to become cyber defenders at the Wounded Warrior Cyber Combat Academy.
11th Annual API Cybersecurity Conference & Expo (Houston, Texas, USA, Nov 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter cyber espionage, address cyber warfare, and make your cyber efforts secure.
SecureWorld Seattle (Bellevue, Washington, USA, Nov 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Institute for Critical Infrastructure Technology Annual Gala and Benefit (Washington, DC, USA, Nov 10, 2016) The Annual ICIT Gala and Benefit is the year’s most prestigious gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This intimate black-tie event will celebrate the minds of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used exclusively to help sustain and grow the Institute’s research, publications and educational activities for the communities it serves.
Israel HLS and Cyber 2016 (Tel Aviv, Israel, Nov 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach, and emergency readiness.
SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, Nov 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market
Infosec 2016 (Dublin, Ireland, Nov 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face are increasing
Commercial Cyber Forum: Insider Threat (Odenton, Maryland, USA, Nov 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.
Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, Nov 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists will travel to the global final event to Prague (all expenses covered by Kaspersky Lab) to present their projects & compete.
CISO Charlotte (Charlotte, North Carolina, USA, Nov 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
Pharma Blockchain Bootcamp (Edison, New Jersey, USA, Nov 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it more than 30 years ago. At this critical one-day learning seminar, bio/pharmaceutical professionals (tech + business) will uncover the key areas where blockchain applications could have a significant impact in securing, managing and leveraging the deluge of data throughout the enterprise from R&D to clinical to commercialization. Key issues to be addressed: what exactly is blockchain and why is it considered a disruptive innovation; where and why in the enterprise is pharma ripe for blockchain applications; the hidden business rewards that would be exposed; the legal and regulatory considerations with implementation, and much more.
Cybercon 2016 (Washington, DC, USA, Nov 16, 2016) The forum for dialogue on strategy and innovation to secure defense and government networks, as well as private-sector networks that hold their sensitive data.
Versus 16 (San Francisco, California, USA, Nov 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing business in the digital age
Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, Nov 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security is seen as a business enabler. Join The Chertoff Group for a premier post-election cyber conference that will convene thought leaders across government and industry to share their unique points of view and insights with regard to critical policy, technology, and risk management issues that will be shaping the security agenda.
Data Breach & Fraud Prevention Summit Asia (Mumbai, India, Jun 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with firstname.lastname@example.org to receive 20% off the conference price.
SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, Nov 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.
4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, Nov 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.
Internet of Things (IoT) (Elkridge, Maryland, USA, Nov 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting support to small companies. The Internet of Things (IoT) is becoming more embedded in everyday life, often without people being aware. This talk centers on defining what IoT really is, discussing why it has exploded exponentially, and identifying challenges to future implementation of IoT, including security challenges.
CIFI Security Summit (Toronto, Ontario, Canada, Nov 30 - Dec 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.