Anonymous doesn't care for either jihad or the Man. Mirai takes down Liberian networks. Election hacking updates. A new security company forms with acquisition of Cryptzone, Catbird, Easy Solutions, and Brainspace.
news from the SINET Showcase
The SINET Showcase 2016 wrapped up yesterday. We have observations up on our event coverage page. As usual, SINET brought in a mix of security entrepreneurs, customers (current and prospective) and investors—essentially those who produce innovation and those who prompt and sustain it.
We'll be adding to our coverage next week. For now, we'll point out that the "Thinking Forward" talk by Airbus DS Cybersecurity CEO Lavaste made an interesting point about the relative speed of offense and defense in cyberspace. It's become almost the conventional wisdom to discount prevention when constructing defenses—especially traditional perimeter defenses—and concentrate on detection and response. There's a general sense of futility about prevention, he said: since you're going to be hacked anyway, why not concentrate on competing with the attacker by faster detection and mitigation? While he wouldn't of course discount the importance of either detection or mitigation, Lavaste pointed out that there are ways in which even traditional perimeter defenses can buy you time. He didn't make the connection to Clausewitz, but we will: in warfare you can gain an advantage by either decreasing your friction or increasing the enemy's. In this context, prevention increases the enemy's friction.
We'll have more on the SINET Showcase Monday.
Anonymous remains predictably double-minded about ISIS. On the one hand the anarchist collective doesn't like violent jihad; on the other it also doesn't want to get coopted by the Man.
US elections approach with much overheated trepidation about hacking. At this point such fears will probably serve as inspiration—Fancy Bear can probably take the week off. More WikiLeaks dumps are expected, but don't expect the FBI to wrap up renewed investigations into State Department emails and pay-for-play foundation allegations before Tuesday. It will take time to sift through those half-million plus homebrew-server emails on Mr. Wiener's laptop.
Liberia is sustaining a massive, nationwide distributed denial-of-service attack. The Mirai Internet-of-things botnet is again implicated, and e-commerce in the country is described as having ground to a halt.
IoT botnets can be used for more than DDoS. ESET and GoSecure describe Linux/Moose, malware that herds IoT bots for social media—specifically Instagram—fraud.
Booz Allen has fresh research on 2015's hack of Ukraine's power grid. Of particular interest is the attackers' patience: the blackouts were two years in preparation. The researchers also find more evidence of Russian state involvement.
Skycure reports on Exaspy, Android malware used in highly targeted attacks against business executives.
In industry news, CenturyLink, itself in the process of buying Level 3, is selling its data centers and collocation business to a joint venture led by BC Partners and Medina Capital. That new security company has also acquired four complementary cybersecurity shops—Cryptzone, Catbird, Easy Solutions, and Brainspace.
Today's issue includes events affecting Belgium, Canada, China, European Union, India, Iraq, Israel, Liberia, Pakistan, Russia, Slovakia, Switzerland, Syria, Turkey, United Kingdom, and United States.
The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today Malek Ben Salem from our partners at Accenture Labs will describe work toward developing a redactable blockchain. Our guest, Bill O’Hern, AT&T CSO, will describe his company's place in the security ecosystem, and what he expects in the coming year. (And if you enjoy the podcast, please consider giving it an iTunes review.)
Washington, DC: the latest from the SINET Showcase
SINET Showcase 2016: Innovation and Those Who Sustain It (The CyberWire) The SINET Showcase is an annual discussion of cyber security innovation by the companies who deliver it, and also by the investors and customers who prompt and sustain it
Cybersecurity and Time (and Why Brakes Matter) (The CyberWire) SINET thinks forward with François Lavaste, CEO of Airbus DS Cybersecurity. He takes the OODA loop seriously, and finds value—even positive ROI—in prevention and perimeter defenses
DOD, DHS chart paths to acquisition innovation (FCW) The Departments of Defense and Homeland Security both face challenges in updating legacy IT and acquisition systems, and both agencies have pilot programs that they say are helping to bypass bureaucracy and tap into the best of the tech sector
SINET Showcase (SINET) We believe that effective Cybersecurity is required to facilitate economic growth, protect critical infrastructure and maintain political stability. To accomplish this objective, SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration. SINET is a catalyst that connects senior level private and government security professionals with solution providers, buyers, researchers and investors
SINET 16 Innovator Award Overview (SINET) Each year, SINET evaluates the technologies and products of hundreds of emerging Cybersecurity companies from all over the world, and selects the 16 most innovative and compelling companies. These 16 companies, known as the SINET 16 Innovators, are invited to present their products and solutions on stage in Washington D.C. at our annual SINET Showcase
Cyber Attacks, Threats, and Vulnerabilities
Inside Anonymous’ ‘Civil War’ Over Its Fight With ISIS (Motherboard) For about two years now, Anonymous has waged its own online war against ISIS. Anonymous-affiliated hackers, as well as several splinter groups, have claimed to have taken down countless pro-ISIS Twitter accounts, websites, and even to have gathered crucial intelligence about the terrorist group’s operations
Five Possible Hacks to Worry About Before Election Day (CNBC) President Vladimir V. Putin of Russia dismisses the idea that he has the power to interfere with Tuesday's election. "Does anyone seriously think that Russia can affect the choice of the American people?" he asked during a foreign policy conference last week in the resort city of Sochi. "What, is America a banana republic? America's a great power. Correct me if I'm wrong"
Exclusive: White House Readies to Fight Election Day Cyber Mayhem (NBC News) The U.S. government believes hackers from Russia or elsewhere may try to undermine next week's presidential election and is mounting an unprecedented effort to counter their cyber meddling, American officials told NBC News
Twitter Election Bots Hide Tons of Reply Spam Behind Boring Themed Accounts (Motherboard) A much-discussed research paper out of Oxford this month concluded that millions of tweets about the presidential election are generated by highly automated Twitter accounts. According to the authors’ analysis, about a third of pro-Trump traffic, and one fifth of pro-Clinton tweets, is “driven by bots and highly automated accounts"
Bots and Automation over Twitter during the First U.S. Presidential Debate (Political Bots) Bots are social media accounts that automate interaction with other users, and political bots have been particularly active on public policy issues, political crises, and elections
DDoS attack from Mirai malware 'killing business' in Liberia (CSO) The DDoS attacks come from the same malware responsible for last month's disruptions in the US
Massive cyber-attack grinds Liberia’s internet to a halt (Top FM) The attack was a distributed denial of service, in which a network of infected computers is directed to bombard its target with traffic and overload its servers
Linux/Moose is loose: Analysis finds IoT botnet malware favors Instagram fraud (SC Magazine) Not all Internet-of-Things botnets take down the Internet like Mirai did, but that doesn't necessarily mean they should be allowed to perpetuate. Yet that seems to be the case for Linux/Moose, a malware program that recruits IoT devices to engage in social media fraud, according to a pair of reports from ESET and GoSecure
When The Lights Went Out: Ukraine Cybersecurity Threat Briefing (Booz Allen Hamilton Ideas & Insights) A comprehensive walkthrough of the first ever attack on a public energy-grid, and solutions that can be put in place to detect and prevent similar future attacks
This Evil Office Printer Hijacks Your Cellphone Connection (Wired) Julian Oliver has for years harbored a strange obsession with spotting poorly disguised cellphone towers, those massive roadside antennae draped in fake palm fronds to impersonate a tree, or even hidden as spoofed lamp posts and flag poles
The Internet of Things Is a Cyberwar Nightmare (Foreign Policy) But we can still prevent our household appliances from becoming an army of malicious computer zombies out to destroy the web
'Heisenberg Cloud' Spots Exposed Database Services, Misconfigurations (Dark Reading) A Rapid7 honeypot project yielded some surprising -- and some not-so suprising -- cloud security nuggets
Android spyware targets business executives (Help Net Security) Overreliance on smartphones, both in out personal and professional lives, is a reality for many of us. These devices hold a lot of sensitive information – information that could be worth a lot to some people, especially if you are a high-positioned executive in a thriving business
Exaspy – Commodity Android Spyware Targeting High-level Executives (Skycure) We are entering a new era of mobile threats as Android spyware evolves to become a commodity product. What that means is that you no longer need deep technical expertise to hack into someone’s mobile device. The spyware attackers need is now available online for easy purchase and use, similar to the tools available for running DDoS attacks against websites. This is a significant step in the evolution of mobile malware, and one which will make proactive mobile threat defense for IT that much more crucial
Outlook Web Access Two-Factor Authentication Bypass Exists (Threatpost) Enterprises running Exchange Server have been operating under a false sense of security with regard to two-factor authentication implementations on Outlook Web Access (OWA) adding an extra layer of protection
NHS Trust Back Online After ‘Virus’ Caused Outage (Infosecurity Magazine) North Lincolnshire and Goole NHS Foundation Trust’s IT systems appear to be back up and running several days after a warning note on its main website revealed a “virus” infection had forced a shut down
Red Alert: Russia accused as all UK hospitals are put on high-alert after cyber attack forced Trust to cancel operations for three days (Sun) Around 3,300 patients hit as Trust was forced to shut down computers at hospitals in Grimsby, Scunthorpe and Goole
Packets Dropped – Major Network Outage (Wapack Labs) There has been another major network disruption on 2 November 2016, after Level 3 Communications dropped packets for an unknown reason
Security Patches, Mitigations, and Software Updates
Firefox to prevent sites from tracking users by checking their battery status (Help Net Security) Version 52 of the popular Firefox browser will no longer allow websites to access the Battery Status API and the information it can provide about the visitor’s device
Cisco plugs critical hole in Prime Home management platform (Help Net Security) Cisco has released nine security alerts on Wednesday, and among these are two for critical vulnerabilities in its ASR 900 Series routers and the Cisco Prime Home management platform (for provisioning and managing in-home devices)
GitLab plugs critical flaw in its code repository manager software (Help Net Security) GitLab (the company) has pushed out security updates for both the Community Edition (CE) and Enterprise Edition (EE) of the GitLab software, fixing a critical security flaw in the “import/export project” feature
Microsoft extends support for EMET, but its days are numbered (Help Net Security) The days of EMET, Microsoft’s Enhanced Mitigation Experience Toolkit for Windows, are numbered. Although, the company has listened to the customers’ pleas, and is extending its end of life date to July 31, 2018 (it was previously scheduled for January 27, 2017)
Hacker finds flaw in Gmail allowing anyone to hack any email account (HackRead) Pakistani student and a white hat hacker get $20,000 bug bounty from Google for discovering a vulnerability in Gmail’s verification process that allowed hijacking of email accounts
New cybersecurity report focuses on the private sector (Malwarebytes Labs) George Washington University’s Center for Cyber and Homeland Security (CCHS), a “think and do” tank responsible for carrying out research and analysis on homeland security, counter-terrorism, and cybersecurity issues, has recently released a new, 86-page report [PDF] entitled, “Into the Gray Zone: The Private Sector and Active Defense against Cyber Threats"
The average company experiences two to three cyber-attacks per month (SC Magazine) Most security executives have confidence in protecting their businesses from cyber-attacks despite experiencing about two to three effective attacks per month at the average company
Collaborative defense, the shift from ‘what’ to ‘how’ (CSO) Stronger together: promoting cybersecurity collaboratively
CenturyLink reaches agreement to sell data centers and colocation business to a consortium led by BC Partners and Medina Capital (CenturyLink) CenturyLink to retain hosting and cloud assets supporting network-first and hybrid-IT strategy
BC Partners And Medina Capital Announce Joint Venture To Create Global Secure Infrastructure Platform (Medina Capital) $2.8 billion transaction combines CenturyLink data centers and colocation business with Medina Capital’s cybersecurity and analytics portfolio
Six US Firms Awarded $200 Million USAF Cyber Prototyping Capabilities (Defense World) Assured Information Security, CACI Technologies, Global InfoTek, Harris Corp, L-3 National Security Solutions and Radiance Technologies have been awarded a combined $200 million contract for additional in-scope activities
Cyberespionage Is a Boon for These 3 Mid-Cap Tech Stocks (The Street) It you're looking for market-thumping gains, consider Symantec (SYMC), Qualys (QLYS) and Juniper Networks (JNPR)
Amid Security Skills Shortage, Intel's McAfee Moves Toward Data Sharing And Automation (Fast Company) The company is adding machine learning, automation, and interoperability features to ease the load on overburdened security engineers
Don't pigeonhole us, future McAfee CEO tells conference (Channelnomics) Intel Security unveils new McAfee logo and makes play for hearts and minds of partners, customers
Intel Proposes 'Unified' Security, Opens DXL (Light Reading) Last year, Intel Security began saying that the prevailing "every man for himself" approach to security is not going to cut it anymore: Wednesday's announcement of what it's calling an enhanced unified defense architecture represents Intel's first steps in getting beyond that approach
BeyondTrust to Join the McAfee Security Innovation Alliance (Yahoo!) BeyondTrust today announced that it has joined the Intel Security Innovation Alliance to begin work on certifying PowerBroker for Windows with McAfee® ePolicy Orchestrator (ePO)
Online Security Service Privatoria.net is Announcing the Renewed Entry Into a Market After Significant Reorganization (Broadway World) Web surfing protection and web traffic encryption have never been more important. In the era of data leakage & identity theft thriving, it’s vital to protect every single step online. Notorious leakage scandals, like Edward Snowden’s one, or anonymous hackers’ attacks all over the world break out every day. Privatoria.net lets web surfers protect their online activities against scammers in the most efficient & user-friendly way
Lastline Reports Extraordinary Increase in Market Momentum in 2016 (Marktewired) 200+% sales growth and 5 million new users reflects urgent demand for solutions proven effective against latest generations of evasive malware
Increasing global buy-in to Darktrace’s ecosystem (BusinessWeekly) Cambridge UK cyber defence specialist Darktrace is accelerating buy-in to its enterprise immune system technology through a rapidly expanding global partnership programme
How Rapid7 Got Into Cybersecurity's Search-and-Disclose Game (BostInno) Finding the Internet's weak spots started out as a hobby
Akamai (AKAM) Has 'Developed Really Good Security Defense,' CEO Leighton Says (The Street) Akamai Technologies (AKAM) CEO Tom Leighton says the traditional ways of defending an enterprise do not work anymore
Did Hillary Clinton's Campaign Work With Peter Thiel's Palantir? (Gizmodo) The CIA-backed data and intelligence firm Palantir doesn't work with political campaigns, but its CEO would "make an exception" for Hillary Clinton, according to an email from billionaire media magnate Haim Saban released by Wikileaks today
Sunflower Labs raises $2.1 million to build a flying home security system (TechCrunch) Broadband at home, motion sensors and high definition video cameras led to a renaissance in home security systems over the past decade
Security startup confessions: Looking for investors (Help Net Security) My name is Kai Roer and I am a co-founder of European security startup CTLRe, and these are my confessions
INSA Names 6 Execs to Board of Directors, 5 Advisory Board Members; Letitia Long Comments (GovCon Executive) The Intelligence and National Security Alliance has appointed executives from industry and academia to its boards of directors and advisers
Symantec CFO To Depart, Replaced By Blue Coat Systems CFO (CRN) Symantec announced on Thursday that CFO Thomas Seifert would step down, a move that takes away one of the last few remaining Symantec executives from the leadership lineup of the security vendor after its acquisition of Blue Coat Systems earlier this year
Products, Services, and Solutions
ThreatConnect Adds HPE ArcSight ESM Integration to its Platform (BusinessWire) Users can now detect and act on ThreatConnect Intelligence in ArcSight
Cisco Launches New Endpoint Security Platform (TopTechNews) ch giant Cisco is bulking up its enterprise Relevant Products/Services security offerings with a new endpoint security tool. The company launched Cisco AMP for Endpoints as part of its annual Cisco Partner Summit taking place in San Francisco this week
Rapid7 Announces Strategic Consulting And Assessment Services To Secure The Internet Of Things (Information Security Buzz) New practice to focus on secure design and deployment of consumer, enterprise, industrial, medical, and transportation devices
Distil Networks releases Hi-Def fingerprinting solution (Help Net Security) Distil Networks announced the bot mitigation industry’s first Hi-Def fingerprinting solution. Hi-Def device fingerprinting goes beyond IP- and header-centric identification by actively pulling additional data from the browser to identify devices with precision. This approach minimizes false positives and creates an even clearer picture of web traffic, allowing web defenders to make access decisions with certainty
Sophos launches next generation anti-exploit, anti-ransomware technology 'Intercept X' (Business Standard) Global leader in network and endpoint security Sophos has announced the availability of Sophos Intercept X in India. Intercept X is an ext-generation endpoint security product that stops zero-day malware, unknown exploit variants and stealth attacks, and includes an advanced anti-ransomware feature that can detect previously unknown ransomware within seconds
DomainTools Launches New Cyber Threat Solution, PhishEye, to Stop Phishing Attacks Before They Occur (Dark Reading) New cybersecurity technology leverages world's largest DNS database to help organizations take preventative action against threats and monitor "phishy" domain names
Global Digital Payments Company Extends Contract with IPSA International (PRNewswire) IPSA International (IPSA), a root9B Technologies (OTCQB: RTNB) company and leading regulatory risk mitigation firm, today announced the third contract extension with a global digital and mobile payments company. The new agreement is worth an additional $1.5 million and extends this relationship through the end of 2016
New infosec products of the week: November 4, 2016 (Help Net Security) Cisco transforms endpoint security with AMP for Endpoints...Aerohive security solution protects networks from IoT attacks...DomainTools launches PhishEye to stop phishing attacks before they occur...Ixia launches Flex Tap Secure+
Technologies, Techniques, and Standards
NICE framework: Resource for a strong cybersecurity workforce (Help Net Security) The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) released a resource that will help U.S. employers more effectively identify, recruit, develop and maintain cybersecurity talent
How Businesses, Employees Can Navigate The Security Hiring Process (Dark Reading) At Black Hat Europe 2016, security experts weigh in on how companies can build strong security teams, and how employees can educate themselves to meet business needs
5 fixes for U.S. election systems (GCN) What: A report from the Harvard Kennedy School's Belfer Center for Science and International Affairs, titled "Hacking Chads: The Motivations, Threats, and Effects of Electoral Insecurity"
Embedded cyber teams prepare Army brigades to face invisible threat (Army Times) A pilot program that sends teams of cyber warriors to brigade-level units to train with them is a key step forward in enabling commanders to use the Army’s cyber warfighting capabilities, leaders said
How to Block the Ultrasonic Signals You Didn’t Know Were Tracking You (Wired) Dystopian corporate surveillance threats today come at us from all directions
Rapid7 Finds Certain Cloud Risks With Heisenberg Honeypot (eWeek) The security firm puts honeypots on AWS, Azure, Digital Ocean, Rackspace, Google and SoftLayer clouds with some interesting results
Chris Nickerson: Bring a bit more Zen to cybersecurity (CSO) The Lares CEO and red-team testing expert says not allowing data sets to “bully” you into decisions will lead to freedom to choose how best to confront and defeat attacks
Design and Innovation
#BHEU: Why AI Doesn’t Exist and Why Machine Learning is Only as Good as the Human (Infosecurity Magazine) “Artificial intelligence doesn’t exist yet, nor will it for at least the next twenty years,” Ilia Kolochenko, CEO of High-Tech Bridge, told Infosecurity without hesitation at Black Hat Europe on November 4 2016. “Artificial intelligence refers to systems that will be able to solve any problems, knowing everything about everything. That technology does not exist, and it’s certainly not appropriate to cybersecurity"
#BHEU Quantum Crypto Edges Closer to Reality (Infosecurity Magazine) Cryptography for quantum computers is taking a serious step forward, thanks to the launch of the OpenQuantumSafe Software Project
Google’s Chrome Hackers Are About to Upend Your Idea of Web Security (Wired) In a show of hacker team spirit in August of last year, Parisa Tabriz ordered hoodies for the staff she leads at Google, a group devoted to the security of the company’s Chrome browser. The sweatshirts were emblazoned with the words “Department of Chromeland Security,” along with Chrome’s warning to users when they visit insecure websites that leave them open to surveillance or sabotage: a red padlock crossed out with an X
Naval Academy's New Hopper Hall to House Data Security Studies (Campus Technology) The United States Naval Academy, which serves as a liberal arts college to train future officers for the U.S. Navy and U.S. Marine Corps, is constructing the first new building in four decades on its campus in Maryland. The new facility will serve as the home for Cyber Security Studies
ISU looks to fill cybersecurity gap (Pantagraph) With businesses and government increasingly concerned with hackers and internet protection, Illinois State University is developing a new major: cybersecurity
Legislation, Policy, and Regulation
Former spy chiefs call for EU-US intelligence hub (EU Observer) Europe and the US need an "intelligence hub” to fight terrorism, with French and German ideas on EU military integration unlikely to bear fruit, Germany’s former spy chief has said
Turkey: Getting Worse before It Gets Better (Lawfare) The noose around Turkish democracy’s neck tightened further on Monday, when the police raided the offices of yet another newspaper—this time Cumhuriyet—and detained a number of its journalists on accusations of facilitating terrorist activities
Britain flexes its cyber-muscles (Economist) Online attacks by foreign powers will be met in kind, vows the government
Vladimir Putin Won’t Be Sweating the Election Result on Tuesday (Foreign Policy) Moscow insiders say it doesn’t matter who wins on November 8. Putin has America right where he wants it
Ex-NATO Commander Calls for Non-Cyber Response to Russia’s Election Hacks (Washington Free Beacon) Breedlove: 'Null' response from Obama admin will reward Russia for bad behavior
AF creates new cyber squadron to fend off attacks (Defense Systems) The Air Force is standing up new cyber squadrons and working vigorously to widen the aperture of its cybersecurity focus
Litigation, Investigation, and Law Enforcement
Canadian Court Rules Spy Agency Illegally Kept Data Unrelated to Threats (Wall Street Journal) Federal Court says the Canadian Security Intelligence Service overstepped its mandate by retaining and analyzing metadata not directly related to threats
Police Need More Cyber Savvy, says Independent Inspectorate (Infosecurity Magazine) Low levels of digital skill, legacy IT systems and a lack of focus on growing cybercrime have all been highlighted as requiring attention in the latest independent audit of the UK’s police forces
Report: New emails relate to Clinton's tenure at State (The Hill) Newly discovered emails that the FBI initially said may be "pertinent" to its investigation into Hillary Clinton's private email server do relate to her tenure as secretary of State, a source told CBS News Thursday
‘He’s got to get control of the ship again’: How tensions at the FBI will persist after the election (Washington Post) Deep divisions inside the FBI and the Justice Department over how to handle investigations dealing with Hillary Clinton will probably fester even after Tuesday’s presidential election and pose a significant test for James B. Comey’s leadership of the nation’s chief law enforcement agency
14 people arrested for laundering £11m from malware scams (Computing) Suspects believed to be helping organised cyber crime gangs
Ne’er-Do-Well News and Cyber Justice (KrebsOnSecurity) Way back in the last millennium when I was a lowly copy aide at The Washington Post, I pitched the Metro Section editor on an idea for new column: “And the Good News Is…” The editor laughed me out of her office. But I still think it’s a decent idea — particularly in the context of cybersecurity — to periodically highlight the good news when people allegedly responsible for spewing so much badness online are made to face justice
Man Arrested For Hacking University Emails (Dark Reading) Phoenix resident allegedly attacked more than 1,000 email accounts, reset 1,050 passwords, and stole confidential data
Indian Government can now Unlock any Smartphone for Investigation: Cellebrite (InTabloid) Soon the law enforcement agencies in India including the Indian Government would be able to unlock any Smartphone prior to investigation. This would be made possible by a technology that the Forensic Science Laboratory (FSL) present in Gandhinagar has finally dealt to buy from an Israeli security company named, Cellebrite
Protection of white-hat hackers slow in coming (CSO) Cybersecurity researchers can help manufacturers fix flaws in their products before criminals exploit those flaws. But current law still casts a legal cloud over even friendly research
These True 12+ Internet Crime Stories Will Make You Care about Cybersecurity [Updated] (Heimdal Security) These examples will make you reconsider your opinion of online protection
For a complete running list of events, please visit the Event Tracker.
2nd Annual Summit: Global Cyber Security Leaders (Berlin, Germany, Nov 7 - 8, 2016) The Global Cyber Security Leaders 2016 is designed to provide unrivaled access to peers from across the globe, and encourage participants to discuss the current challenges and explore the ideas shaping tomorrow’s global cyber threat landscape. The interactive, fresh and content driven format is specifically designed for leaders, visionaries and decision makers across all geographies. Strengthen your global network and form lasting relationships with other forward-thinking and inspiring leaders.
IAPP Europe Data Protection Congress 2016 (Brussels, Belgium, Nov 7 - 10, 2016) The GDPR is finalised, the Data Protection Congress is returning to Brussels and you have a great deal of work ahead. Begin at the Congress, where you’ll find thought leadership, a thriving professional community and unrivaled education. It’s time to get to work: Start here.
SANS Miami 2016 (Coconut Grove, Florida, USA, Nov 7 - 12, 2016) Attend our new SANS Miami 2016 event, November 7-12 and choose from five hands-on, immersion-style cybersecurity training courses taught by real-world practitioners. Attackers are targeting you with increasing viciousness and stealth, and it's essential you understand the tools and techniques and learn the skills needed to protect your organizations. Get the training you need from SANS - the most trusted and by far the largest source for information security training in the world
Federal IT Security Conference (Columbia, Maryland, USA, Nov 8, 2016) The Federal IT Security Institute in partnership with PhoenixTS in Columbia, MD is hosting the first annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape. All proceeds from the event go to help retrain Wounded Warriors to become cyber defenders at the Wounded Warrior Cyber Combat Academy.
11th Annual API Cybersecurity Conference & Expo (Houston, Texas, USA, Nov 9 - 10, 2016) Join us at the 11th Annual API Cybersecurity Conference & Expo and discover methods for thwarting the bad guys, what the scene looks like over the horizon and how the latest technologies can help you counter cyber espionage, address cyber warfare, and make your cyber efforts secure.
SecureWorld Seattle (Bellevue, Washington, USA, Nov 9 - 10, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Institute for Critical Infrastructure Technology Annual Gala and Benefit (Washington, DC, USA, Nov 10, 2016) The Annual ICIT Gala and Benefit is the year’s most prestigious gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This intimate black-tie event will celebrate the minds of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used exclusively to help sustain and grow the Institute’s research, publications and educational activities for the communities it serves.
Israel HLS and Cyber 2016 (Tel Aviv, Israel, Nov 14 - 17, 2016) Where physical and cyber security meet. Topics include intelligence, cyber crime, and counter-terrorism, defending critical infrastructures, a smart global world, mass events--the integrative approach, and emergency readiness.
SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, Nov 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market
Infosec 2016 (Dublin, Ireland, Nov 15, 2016) Infosec 2016 conference addresses the critically important issues that threaten businesses in the information age By any measure, the digital threats that businesses and organisations of all sizes face are increasing
Commercial Cyber Forum: Insider Threat (Odenton, Maryland, USA, Nov 15, 2016) Please join us for a panelist discussion with insider threat experts on upcoming Federal rules, key elements of an insider threat program and privacy, due process, and human resource requirements.
Kaspersky Academy Talent Lab (Online, then Prague, Czech Republic, Nov 15, 2016) Kaspersky Academy Talent Lab is an international cyber-world competition for young researchers and professionals aged 18-30 who are interested in the cybersecurity challenges facing the world. 50 finalists will travel to the global final event to Prague (all expenses covered by Kaspersky Lab) to present their projects & compete.
CISO Charlotte (Charlotte, North Carolina, USA, Nov 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
Pharma Blockchain Bootcamp (Edison, New Jersey, USA, Nov 16, 2016) Blockchain technology has gained recognition as one of the most disruptive technologies in the industrial world with the potential of redefining how businesses operate similarly the internet changed it more than 30 years ago. At this critical one-day learning seminar, bio/pharmaceutical professionals (tech + business) will uncover the key areas where blockchain applications could have a significant impact in securing, managing and leveraging the deluge of data throughout the enterprise from R&D to clinical to commercialization. Key issues to be addressed: what exactly is blockchain and why is it considered a disruptive innovation; where and why in the enterprise is pharma ripe for blockchain applications; the hidden business rewards that would be exposed; the legal and regulatory considerations with implementation, and much more.
CyberCon 2016 (Washington, DC, USA, Nov 16, 2016) CyberCon 2016 is the forum for dialogue on strategy and innovation to secure civilian and defense networks, as well as private-sector networks that hold their sensitive data. Cybersecurity will be the defining challenge for the foreseeable future and CyberCon 2016 will provide a roadmap for innovation and collaboration that lead to more transparent and secure networks.
Versus 16 (San Francisco, California, USA, Nov 17, 2016) Versus is not an ordinary event. Versus is not about pitching products or preaching to the choir. Versus is about challenging what you think you know about cybersecurity, about technology, about doing business in the digital age
Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, Nov 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security is seen as a business enabler. Join The Chertoff Group for a premier post-election cyber conference that will convene thought leaders across government and industry to share their unique points of view and insights with regard to critical policy, technology, and risk management issues that will be shaping the security agenda.
Data Breach & Fraud Prevention Summit Asia (Mumbai, India, Jun 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with firstname.lastname@example.org to receive 20% off the conference price.
SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, Nov 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.
4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, Nov 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.
Internet of Things (IoT) (Elkridge, Maryland, USA, Nov 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting support to small companies. The Internet of Things (IoT) is becoming more embedded in everyday life, often without people being aware. This talk centers on defining what IoT really is, discussing why it has exploded exponentially, and identifying challenges to future implementation of IoT, including security challenges.
CIFI Security Summit (Toronto, Ontario, Canada, Nov 30 - Dec 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.