The CyberWire Daily Briefing 11.18.16

Summary

By The CyberWire Staff

US Director of National Intelligence Clapper, submitting his resignation (as as he's long intended to do—it will take effect at the change in Presidential administrations) also says that Russian cyber operations against US-election-related targets slowed after the US Intelligence Community took formal, public notice of them. Whether any such curtailment was a win for naming-and-shaming or for threatened retaliation is unknown.

Those interested in seeing what an insider threat looks like in action may find a good (by which we mean bad) example in UK mobile phone provider Three. Three, which has 8.8 million customers, had noticed an increase in handset fraud in recent months. This week the company disclosed that about six million customers' personal information had been breached by hackers using employee login credentials—that information includes name, phone number, address, and date-of-birth. (For a sense of scale, the 2015 TalkTalk breach affected roughly 157,000 accounts.) How the hackers got the employee credentials is unclear, but once in, effectively they operated as insiders. Three arrests have been made, according to the National Crime Authority: "a 48-year old man from Orpington, Kent and a 39-year old man from Ashton-under-Lyne, Manchester on suspicion of computer misuse offences, and a 35-year old man from Moston, Manchester on suspicion of attempting to pervert the course of justice."

Chinese authorities make the case for their new Internet controls at the Wuzhen World Internet Conference as "fair and equitable," and also as bringing "Chinese wisdom" to cyberspace, which is one way of looking at it.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting China, India, Philippines, Russia, United Kingdom, and United States.

On the Podcast

The CyberWire's regular daily Podcast will be out later this afternoon, with interviews, educational tips, and more on the stories of the day. Today we hear from our partners at Virginia Tech's Hume Center, as Charles Clancy talks about the Virginia Cyber Range, an initiative of the Commonwealth of Virginia. Our guest, Sara Sorcher of the Christian Science Monitor's Passcode, speculates about what we can expect in the way of cyber policy from the Trump administration. As always, if you enjoy the podcast, please consider giving it an iTunes review.

Sponsored Events

AlienVault USM Webcast (Live Webcast, December 1, 2016) Find threats lurking on your systems with host-based intrusion detection and AlienVault USM.

Selected Reading

Cyber Trends

Questions and Answers: the 2017 Security Landscape (FireEye) In 2017, cyber security battles may favor criminals even more as the Internet of Things (IoT) continues to expand possible avenues of attack. The 2017 security predictions from FireEye include insights on

Forcepoint™ Unveils 2017 Cybersecurity Predictions (Information Security Buzz) Global cybersecurity leader Forcepoint™ today released its 2017 Cybersecurity Predictions Report

Top risks identified across private cloud environments (Help Net Security) Based on data gathered from over 100 enterprise environments over the past year, a Continuity Software study found that downtime and security risks were present in each cloud environment tested

Security remains significant hurdle for industry cloud efforts (RCR Wireless News) One of the bigger challenges facing the continued move towards cloud platforms by telecom operators is security. In the old world of hardware, as long as the door remained physically locked, security was a no-brainer. But, in the new world of software, operators are increasingly having to rely on new solutions in order to manage security in a cloud environment

In a world of cyber-security turbulence, education tied to action is vital (CSO) A rash of turbulence shaking the IT industry has its epicentre in security, where we are continuing to hit bumps along the way. This won’t change any time soon and the bumps seem to be occurring faster and faster

Zimperium reveals 60% of mobile devices in Enterprise BYOD environments are vulnerable to known cyberthreats (PRNewswire) A BYOD security strategy must protect the three areas of vulnerability: device, network and applications. Business leaders (CIOs and CSOs) must stay ahead of the rapidly evolving cybersecurity landscape. Mobile devices are the path of least resistance for cyber-criminals. Enterprise apps could unknowingly endanger customer and corporate data

What Does the Role of CISO Look Like in 2016? (Infosecurity Magazine) The IT landscape continues to change, between the growth of the Internet of Things and the increasing frequency and complexity of cyber-threats. Technology is evolving more rapidly than before and we now have vast amounts of data at our disposal

If your password is one of these phrases, change it now (MarketWatch) 40% of Americans say they’d give up sex for cybersecurity, but few are securing their accounts

Indian cyber crime victims don’t shun risky online behaviour: Norton by Symantec (Financial Express) Indians who were victims of cybercrime within the past year often continued their unsafe behaviour, still sharing passwords and other risky steps online, a new report by Norton by Symantec revealed on Thursday

Legislation, Policy and Regulation

China's Jinping Opens Tech Meet With Calls For 'Fair & Equitable' Internet (Dark Reading) The third Wuzhen World Internet Conference had a strong presence of US tech companies despite criticism of China's Internet laws

China Cybersecurity: New Law Increases Security Regulation Over Cyberspace (Data Protection Report) On November 7, 2016, the Standing Committee of China’s National People’s Congress (NPC) voted to pass the Cyber Security Law (unofficial English translation). Its draft has gone through three rounds of readings and it will become effective from June 1, 2017

Xi’s initiatives on cyberspace governance highlight Chinese wisdom: People’s Daily (Global Times) The goal of building an equal, innovative, open and safer cyberspace that Chinese President Xi Jinping put forward for global Internet governance at the start of the World Internet Conference (WIC) injects Chinese wisdom into the construction of a cyberspace community of common destiny, the People's Daily commented on Thursday

US lawmakers introduce bill to delay enhanced government hacking powers (CSO) A modified rule providing the increased authority comes into force on Dec. 1

New York DA vs Apple encryption: 'We need new federal law to unlock 400 seized iPhones' (ZDNet) New York County District Attorney Cyrus Vance has renewed a call for federal legislation requiring Apple to make iOS warrant-friendly

Without tech industry guidance, U.S. may resort to weakening encryption (CSO) Privacy advocates say weakening encryption is counterproductive to fighting terrorism

Trump Asks Retired Gen. Mike Flynn to Be National Security Adviser: Source (NBC News) President-elect Donald Trump asked retired Army Lt. Gen. Michael T. Flynn to be his national security adviser Thursday, a senior transition official told NBC News

Trump picks conservative loyalists for attorney general, CIA (Reuters) U.S. President-elect Donald Trump picked three conservative loyalists with hard-line views on immigration and counter-terrorism to lead his national security and law enforcement teams, including U.S. Senator Jeff Sessions for attorney general and Representative Mike Pompeo as CIA director

Director of National Intelligence James Clapper Resigns (Wired) For month, James Clapper—the nation’s top spy—has been literally counting down the days until he leaves office. Some mornings when he briefs the president, he’ll even do a fist-bump with Barack Obama after telling him the precise number of days left, Clapper told WIRED in an exclusive interview

US Director of National Intelligence legs it (Register) Good riddance, says senator who caught him lying

Opinion: Donald Trump's troubling internet (Christian Science Monitor Passcode) We have never elected a president that has so openly declared his intentions to engage in control and surveillance of the internet

DISA takes on new mission sets with changing world (C4ISRNET) While the Defense Information Systems Agency already handles an immensely important dossier, their portfolio and mission will change, according to Maj. Gen. Sarah Zabel, the agency’s vice director. Zabel briefed members of industry during DISA’s annual Forecast to Industry event in Baltimore on Nov. 17

DISA's behind-the-scenes role in hacking the Pentagon (C4ISRNET) The Defense Department has touted its "hack the Pentagon" bug bounty program, which is also the first in the federal government, as a wide success in appealing to the public to find network vulnerabilities. While led by the Defense Digital Service within the Pentagon, the Defense Information Systems Agency played a role in the success of this first-ever initiative as well and will continue to do so, officials said

Army Secretary Sees 'More Work' Ahead in Tapping Commercial Vendors (Defense News) The Army has struggled to build its comfort level in buying commercial off-the-shelf products, often arguing too much has to be changed to meet military standards, and the service is up against having to work contracts through a sluggish acquisition process for which commercial industry doesn’t have the patience

Air Force looking to boost acquisition, cyber career fields (U.S. Air Force) Job seekers with in-demand technical skills may want to give the Air Force Civilian Service a look. The Air Force hopes to fill about 1,400 cyber and 2,200 acquisition positions Air Force-wide by the end of 2017

National Security Agency Said to Use Manhattan Tower as Listening Post (New York Times) From a sidewalk in Lower Manhattan, the building at 33 Thomas Street, known as the Long Lines Building, looks like nothing less than a monument to the prize of privacy

Products, Services, and Solutions

ThreatConnect Offers Soltra Users an Immediate Alternative Solution (ThreatConnect) ThreatConnect offers Soltra Edge users a free account configured with their chosen ISAC

Announcing MENTIS 8, the Most Advanced Enterprise Platform for Data Security and Compliance (PRNewswire) MENTIS 8 includes format-preserving encryption (FPE), security for unstructured data, and protection for data in cloud applications

QuintessenceLabs Collaborates with VMware to Enhance Security of Virtualized Applications (Yahoo!) QuintessenceLabs today announced a collaboration with VMware to help customers find a bridge between secure virtual environments -- desktop, data center or cloud -- and the keys they use to encrypt and unlock their own data

BAE Systems launches cyber risk tool (Australian Defense Magazine) BAE Systems has launched research into the cyber security preparedness of Australian businesses, and an online Cyber Risk tool to better understand their cyber security readiness

Exclusive: COPT plots 500,000 square feet of new office space at Columbia Gateway (Baltimore Business Journal) Corporate Office Properties Trust plans to develop 500,000 square feet of new office space at Columbia Gateway, looking to capitalize off the region’s strength as a hub for growing cybersecurity firms

Symantec Unveils The Future Of Endpoint Security (Curaçao Chronicle) Symantec Corp. (NASDAQ: SYMC), the world's leading cyber security company, today announced Symantec Endpoint Protection 14, the next evolution in endpoint innovation from the leader in endpoint security

Dropbox Strengthens Security Solutions With Expanded Symantec Partnership (ECM Connection) Dropbox today announced Symantec has joined the Dropbox Partner Network. Expanding on an existing partnership, Symantec and Dropbox will support multiple integration initiatives, helping enterprise customers address access management and data protection challenges

Radware Partners With Tencent Cloud to Offer Chinese Customers Cyber Security Solutions (Globe NewsWire) Radware® (NASDAQ:RDWR), a leading provider of cyber security and application delivery solutions ensuring optimal service levels for applications in virtual, cloud, and software-defined data centers announced that, it has recently entered into a partnership with Tencent Holdings Ltd. (OTC:TCEHY) to offer cloud security solutions for Chinese-based Tencent Cloud application services, private Cloud services market as well as DDoS protection for overseas customers

MobileIron Access Adds First Secure Single Sign-On for Native Mobile Apps English (PRNewswire) Outlines strategy for modern cloud authentication

SuccessFactors turns to CipherCloud for data protection (Enterprise Times) CipherCloud has delivered new data protection capabilities for SAP SuccessFactors

Bitdefender strengthens security for virtual environments and datacenters with Application Control Whitelisting (Bitdefender) New Application Whitelisting technology helps IT managers create an inventory of trusted apps and block execution of unauthorized software

Authentic8 adds support for Common Access Card to address growing federal demand (Marketwired) Secure virtual browser now validates CAC certificates for access to secure web sites

NSA gives Type1 certification to Harris radio (UPI) Harris' AN/PRC-117G radio has been certified by the National Security Agency for secure voice and data communications using MUOS satellites

Lookout Premium Plus offers expanded identity protection and security (Android Community) Nobody ever wants their data to be comprised. People pay for security and privacy but sadly, there may still be slip-ups from even the biggest tech companies but there are sure and quick solutions. Security breaches are real

Thycotic Introduces Free Privileged Account Management eLearning Course (PRNewswire) New training arms individuals with full understanding of PAM while earning CPE credit

RPost's RMail Adds Cyber-Security to Microsoft Outlook Everywhere (Yahoo!) RPost's upgraded RMail cyber-security product is now available a click away for individuals and businesses worldwide that use any version of Microsoft Outlook. RMail has now been added to the largest Microsoft online stores and technology distribution channels

Technologies, Techniques, and Standards

US Government Releases New IoT Security Guidance (Infosecurity Magazine) The US Department of Homeland Security (DHS) and National Institute of Standards and Technology (NIST) both this week released new guidance documents designed to improve IoT security

IoT gear will need better security to win a Z-Wave badge (CSO) Z-Wave's S2 security framework will be mandatory for certification starting next year

3 Ways U.S. Companies Can Beat The Competition With DNS Security (EfficientIP) This year, EfficientIP conducted one of the largest surveys of organizational understanding of DNS security, exploring attitudes to risk and examining the effectiveness of current DNS security models

Battling global DDoS attacks requires coordinated response (CSO) Service providers that run the backbone of the internet need to have a coordinated response for DDoS attacks

Worried About Black Friday Cyber Scams? 6 Ways To Protect Your Money (Forbes) Black Friday is just around the corner—which means the holiday shopping season is about to get into full swing

Safe Black Friday online shopping tips from Secureworks (Techaeris) Extra precautions should be taken when making a purchase online from your computer, smartphone, or tablet

Business strategy and innovation framework for the industrial IoT (Help Net Security) The Industrial Internet Consortium (IIC), the global, member-supported organization that promotes the accelerated growth of the Industrial Internet of Things (IIoT), announced the publication of the Business Strategy and Innovation Framework (BSIF). The BSIF helps enterprises to identify and analyze issues that must be addressed to capitalize on the opportunities emerging within the IIoT

Gang Up on the Problem, Not Each Other (Threatpost) The imaginary world in which an artificial intelligence can kill a person by adjusting the insulin from his pump to a deadly dose may not be here yet, but we now live in a world where people can hack an insulin pump to adjust the insulin to a deadly dose, or use a heart-rate monitor to send life-threatening shocks to a pacemaker

Blue Coat Systems CTO says government cyber professionals need these capabilities in their 'toolbox' (GSN) On a daily basis, federal cybersecurity professionals are inundated with warnings of anomalies on their networks and within their agency systems

Cyber Risks Mount: Preventive Measures for Manufacturers (ORBA) Computer security.Cyber-attacks are on the rise and manufacturing companies are not immune. Manufacturers who rely on automation, robotics and connected networks are especially vulnerable. Here are some examples of cyber-attacks and how you can protect your business to minimize the associated risks

Marketplace

Cyber Insurance Discount Incentives: An Idea Who’s Time Has Come (Information Management) If you own a home, chances are you receive discounts on your homeowners insurance for having smoke detectors or a security system

Startups and corporates must join forces to boost UK cybersecurity (Wired) WIRED and BAE Systems held a session at WIRED Security about how to grow the UK cybersecurity sector

Invincea Raises $10M in Funding (FINSMES) Invincea, a Fairfax, Va.-based machine learning next-generation antivirus company, raised $10M in funding. The round was led by ORIX Growth Capital and Comerica Bank, with participation from New Atlantic Ventures, and Harbert Ventures

Webroot Continues Strong Growth in Fiscal First Quarter (PRNewswire) Webroot, the market leader in next-generation endpoint security and cloud-based collective threat intelligence, today announced double-digit year-over-year bookings growth in its first fiscal quarter ending September 30, 2016

Palo Alto Networks Breaks Out Ahead Of Earnings, Price-Target Hiked (Investor's Business Daily) Palo Alto Networks (PANW) stock touched a six-month high ahead of its earnings due Monday, as Piper Jaffray hiked its price target on views that federal government customers could provide a lift

Growth-Needy Cisco Aiming To Be Top Dog In Security Vs. Palo Alto (Investor's Business Daily) Growth-needy Cisco Systems (CSCO) will likely make it a lot tougher on rival security-software providers — at least before it buys more of them

One Bright Spot For Cisco Systems (Benzinga) Following the release of fiscal year first quarter results by Cisco Systems, Inc. NASDAQCSCO, MKM Partners highlighted security as one bright spot for the company

Symantec gets a shiny Coat of Blue (Channel World) We’re pleased with the strong leadership bench in place inside the C-suite and across the organization, says Sanjay Rohatgi, SVP, APJ at Symantec

RSA looks to move downmarket as Dell integration proceeds (Channel Buzz) RSA believes being part of Dell will accelerate their initiative to move lower in the enterprise and into the mid-market, and will also facilitate desirable acquisitions

Intel Wants to Make a Full Court Press on Artificial Intelligence (Fortune) The chip-maker says it has the smarts to handle all types of cutting-edge data analytics

ManTech Awarded $322 Million Contract to Provide Cyber Security and Enterprise Management Services for the NGA (Globe NewsWire) The National Geospatial-Intelligence Agency (NGA) has awarded ManTech International Corporation (Nasdaq:MANT) a contract to provide information technology enterprise management services (ITEMS) and enterprise management/cyber security services (EM/CSS). The firm-fixed-price contract has 1 base year and 4 option years, with a potential value of $322 million

Akamai Technologies sees ‘huge’ opportunity in PHL (Business World) Akamai Technologies, Inc., is expanding in the Philippines amid expectations of continued rise in Internet penetration and mobile phone usage here

Cyber security company wins award for combating heart attacks (Worcester News) Cyber security company Titania has won an award for its work to combat cardiac arrests in the community

SiteLock Ranked Arizona's Fastest Growing Software Company On Deloitte Technology Fast 500™ (Yahoo!) SiteLock today announced it was named to the Deloitte Technology Fast 500, a ranking of the 500 fastest growing technology, media, telecommunications, life sciences and energy tech companies in North America, for the second year in a row

root9B Remains #1 on the Cybersecurity 500 for 4th Consecutive Quarter (Trader Planet) In response to remaining #1 on the Cybersecurity 500 for Q4 and the entirety of 2016, root9B's Chief Executive Officer Eric Hipkins issued the following statement

FireEye Names Former Symantec and Nuance Communications Executive Bill Robbins Head of Worldwide Sales (Yahoo!) FireEye, Inc. ( NASDAQ : FEYE ), the intelligence-led security company, today announced that former Symantec and Nuance Communications executive Bill Robbins has joined the company as executive vice president of worldwide sales. Robbins reports to FireEye CEO Kevin Mandia

Core Security Appoints New Chief Information Security Officer and Chief Technology Officer (PRNewswire) Core Security®, a leader in Vulnerability, Access Risk Management and Network Detection and Response, today named Chris Sullivan as the company's new Chief Information Security Officer and Chief Technology Officer

Security Patches, Mitigations, and Software Updates

Google Removing SHA-1 Support in Chrome 56 (Threatpost) The home stretch for SHA-1 deprecation is in full effect with Google on Wednesday announcing its final deprecation deadlines for the Chrome browser, and a cryptographic services provider warning that there’s still a long way to go to get sites off SHA-1 certificates

Windows Defender: Past, present, and future (Tech Republic) Windows Defender has been around for some time in its current form, but that's about to change. It will soon become a Windows app

Cyber Attacks, Threats, and Vulnerabilities

Intel chief: Russia eased hacking after U.S. accused Kremlin (Military Times) Director of National Intelligence James Clapper said Thursday that Russia curtailed its election-related cyberactivity after the Obama administration accused Moscow of trying to interfere with the presidential race. The top U.S. intelligence official also said he had formally submitted a resignation letter effective at the end of President Barack Obama's term

New Android Spyware Found Using Former Hacking Team C&C Servers (TripWire: the State of Security) Researchers have found a new Android spyware program that’s using command and control (C&C) servers previously ran by Hacking Team

CYBER ATTACK: Millions of Three customers’ information at risk after database hacked (Express) Leading mobile phone company Three has admitted millions of its customers’ private information is at risk after hackers broke into their security system

Three UK suffers major data breach via compromised employee login (TechCrunch) Three UK is the latest company to suffer what looks to be a major data breach — potentially exposing the personal information of millions of customers

CyberArk Labs: Exploiting Domain-Level Service Credentials (CSO) CyberArk (NASDAQ: CYBR) today unveiled new research from CyberArk Labs detailing what it considers to be a significant risk across all Windows endpoints, including those on Windows 10 with Credential Guard enabled. The exploit could allow cyber attackers to harvest encrypted service credentials from the registry and inject them into a new malicious service to achieve lateral movement and full domain compromise

CyberArk Labs Research: Stealing Service Credentials to Achieve Full Domain Compromise (CyberArk Blog) The CyberArk Labs team has discovered a way to harvest encrypted service credentials from the Local Security Authority (LSA) Secrets registry hive and inject them into a new malicious service to achieve lateral movement and full domain compromise

Dealing with the DDoS botnet threat raises serious policy questions (Disruptive Asia) Five Russian banks have been battered by DDoS attacks, with a Mirai botnet being blamed for the incident. The state of IoT security (or collective lack thereof) seems on track to provoke national responses to the sorry state of affairs, but how will an emerging industry avoid having the margins legislated out of it by governments sick of rolling outages?

iOS 10 Passcode Bypass Can Access Photos, Contacts (Threatpost) A vulnerability in Apple’s iOS versions 8, 9, and 10 could allow an attacker to access photos and contacts on a locked iPhone, according to two sources that posted videos showing how the password bypass works. According to both sources, the vulnerability also impacts the most recent version of iOS 10.2 beta 3

iPhones Secretly Send Call History to Apple, Security Firm Says (Intercept) Apple emerged as a guardian of user privacy this year after fighting FBI demands to help crack into San Bernardino shooter Syed Rizwan Farook’s iPhone. The company has gone to great lengths to secure customer data in recent years, by implementing better encryption for all phones and refusing to undermine that encryption

Worried about Windows 10 snooping? Here's how you can stop it (Tech Republic) Attempts to stem the quantity of data that Windows 10 gathers on users continue to this day. Here are the options available if you're uncomfortable with how much data the OS hoovers up

Android banking malware remains active when infected devices sleep to save power (Graham Cluley) Malware uses social engineering to bypass battery-saving process

Remove the Microsoft Security Essentials Tech Support Scam (Bleeping Computer) The Microsoft Security Essentials Tech Support Scam is a Trojan from the Trojan.Tech-Support-Scam family that displays a fake Windows alert stating that Microsoft Security Essentials detected a problem with a file on your computer. This alert will cover your screen and not allow you to access your desktop and programs while pretending to be an error message when trying to boot Windows

Data integrity, the next big threat (SC Magazine) Imagine in a 2016 remake of the classic film Gaslight, a young security professional is driven to the brink of insanity – and impending disaster – by a cyber schemer who unbeknownst to IT security has over time moved around and corrupted bits of data, manipulating, let's say, the design of a jumbo jetliner or perhaps the composition of a vaccine, to execute an unspeakable attack

Crypton Ransomware is here and it's "not so bad" (Information Security Newspaper) Security researcher MalwareHunterTeam has discovered a new ransomware family that its creators have named Crypton

Ransomware Delivered by 97% of Phishing Emails by End of Q3 2016 Supporting Booming Cybercrime Industry (BusinessWire) PhishMe Q3 Malware Review finds encryption ransomware has hit record levels while ‘quiet malware’ remains a significant threat

Ransomware victims able to thwart attacks, report says (CSO) The vast majority of companies hit by ransomware attacks were able to stop the attacks

Inadequate cyber-security budgets 'putting NHS patients at risk' (SC Magazine) Some NHS trusts were spending as much as £100,000 a year on cyber-security in 2015 while others were spending nothing, according to figures collated by Sky News

Local grocery workers union victim of cyber-attack (KMOV) A local grocery workers union was the victim of a cyber-attack this summer

Litigation, Investigation, and Enforcement

Adobe Fined $1M in Multistate Suit Over 2013 Breach; No Jail for Spamhaus Attacker (KrebsOnSecurity) Adobe will pay just $1 million to settle a lawsuit filed by 15 state attorneys general over its huge 2013 data breach that exposed payment records on approximately 38 million people. In other news, the 39-year-old Dutchman responsible for coordinating an epic, weeks-long distributed denial-of-service attack against anti-spam provider Spamhaus in 2013 will avoid any jail time for his crimes thanks to a court ruling in Amsterdam this week

Lost Seoul: South Korea Blocks Google From Expanding Local Maps (Wall Street Journal) Country denies request to export digital-map data

Three hacked: 'Inside job' puts six million customers' private data in jeopardy (Computing) Three men arrested in connection with breach

IRS Demands Identities of All Coinbase Traders Over Three Year Period (Motherboard) In bitcoin-related investigations, authorities will often follow the digital trail of an illegal transaction or suspicious user back to a specific account at a bitcoin trading company. From here, investigators will likely subpoena the company for records about that particular user, so they can then properly identify the person suspected of a crime

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

SANS Healthcare CyberSecurity Summit & Training 2016 (Houston, Texas, USA, November 14 - 21, 2016) SANS will be hosting its 4th Annual Healthcare Cybersecurity Summit. Join us and hear top security experts from leading healthcare companies discuss proven approaches for securing and succeeding in the new healthcare environment. You'll have the opportunity to meet with leaders from top organizations and see what really works in securing healthcare. As we know, healthcare has been undergoing major changes. Patients are demanding more convenient and personalized care. Digital health is changing the way that doctors and patients interact. New technologies allow patients to track their own health and generate data that was previously not available to care providers. Additionally, health information exchanges are being created to enable access to electronic medical records across disparate organizations. The Healthcare CyberSecurity Summit will take aim at the major challenges organizations face as they balance the security, compliance, and innovation required to thrive in this quickly changing market

Focusing On The Future: Prioritizing Security in the Digital Economy (Washington, DC, USA, November 18, 2016) In today's digital economy, developing and prioritizing a cyber strategy is critical to address diverse and evolving threats, foster trust in the technology we use, and define a path forward where security is seen as a business enabler. Join The Chertoff Group for a premier post-election cyber conference that will convene thought leaders across government and industry to share their unique points of view and insights with regard to critical policy, technology, and risk management issues that will be shaping the security agenda.

Data Breach & Fraud Prevention Summit Asia (Mumbai, India, June 8, 2016) ISMG’s Data Breach & Fraud Prevention Summit Asia – Mumbai is a one-day event that will focus on the latest fraud techniques and technologies, as well as a holistic, strategic approach to looking at the data breach threat that impacts all industries. Whether you are forming opinions on how to view the recent global Apple Vs. FBI debate, want to learn more about the breach incidents, or just look forward to networking with your peers on cybersecurity challenges, we are confident you will gain tremendous insight throughout the event. CyberWire readers can use the discount promo code "CW20" when registering with dbfpmumbai@ismgcorp.com to receive 20% off the conference price.

SCSC Cyber Security Conclave 2.0 Conference and Exhibition (Hyderabad, India, November 22 - 23, 2016) India’s leading two-day cyber security event is returning in November 2016, once again bringing together over hundreds of cyber security experts, senior officials and policy-makers from across the public and private sector to provide an update on cyber security instances, share best practice strategies, and help India to combat cyber threats.

4th Ethiopia Banking & ICT Summit (Addis Ababa, Ethiopia, November 25, 2016) The 4th Ethiopia Banking & ICT Summit is the ONLY event in Horn of Africa that focuses on technology innovations and trends in the Banking and ICT sectors. This annual summit brings together Financial Institutions, Information Technology Vendors, high profile CIOs, CISOs, CTOs Risk and Compliance Officers and COOs to explore how they can utilize the newest technologies to further increase mobility, enhance security, support new products and services, and improve customers’ experience to secure their competitive edge.

Insider Threat Program Development Training For NISPOM CC 2 (Aberdeen, Maryland, USA, August 10 - 11, 2016) Insider Threat Defense will hold a two-day training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2). For a limited time the training is being offered at a discounted rate of $795 (normally $1395). The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained over one hundred fifty organizations and has become the "go-to company" for Insider Threat Program Development Training.

Internet of Things (IoT) (Elkridge, Maryland, USA, November 29, 2016) This cybergamut Technical Tuesday features Dr. Susan Cole, currently the Cybersecurity Lead for a Federal Information Systems Controls Audit Management (FISCAM) preparation team and also provides consulting support to small companies. The Internet of Things (IoT) is becoming more embedded in everyday life, often without people being aware. This talk centers on defining what IoT really is, discussing why it has exploded exponentially, and identifying challenges to future implementation of IoT, including security challenges.

CIFI Security Summit (Toronto, Ontario, Canada, November 30 - December 1, 2016) The Annual CIFI Security Summit takes place all over the world, Asia, Europe, Australia & North America. These summits are essential 2 day conferences and exhibitions bringing together leading security experts from around the globe to discuss Cyber Intelligence, Digital forensics, Cyber Security and Cyber Investigations. This is the only event of its kind that will run 4 simultaneous streams over 2 days in addition to case studies, demonstrations from global business leaders and a 30+ Exhibition.

AlienVault USM Webcast (Online, December 1, 2016) Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of host-based monitoring.

Cyber Threats Master Class (Turin, Italy, December 1 - 2, 2016) The UNICRI Masterclass on Cyber Threats aims to provide media and public relations professionals, as well as those planning a career in public information and communication, with a deeper understanding of new security threats to states and citizens. The focus of the course is on cyber threats, internet governance and the role of media. Application deadline is October 2, 2016.

Disrupt London (London, England, UK, December 3 - 6, 2016) TechCrunch Disrupt is the world’s leading authority in debuting revolutionary startups, introducing game-changing technologies, and discussing what’s top of mind for the tech industry’s key innovators. Disrupt gathers the best and brightest entrepreneurs, investors, hackers, and tech fans for on-stage interviews, the Startup Battlefield competition, a 24-hour Hackathon, Startup Alley, Hardware Alley, and After Parties.

US Department of Commerce Cyber Security Trade Mission to Turkey ( Ankara and Istanbul, Turkey, December 5 - 8, 2016) Now is the time to expand in Turkey! The growth and frequency of cyber-attacks in recent years has increased the demand to protect critical data and infrastructure of governments and businesses. Turkey is increasing resources in the public and private sectors to tackle these complex cyber threats. Apply now for this mission. Recruitment for the mission will begin immediately and conclude no later than September 16, 2016. The U.S. Department of Commerce will review applications and make selection decisions on a rolling basis beginning May 2, 2016 until the maximum of 20 participants is selected. Applications received after September 16, 2016 will be considered only if space and scheduling constraints permit.

NCCoE Speaker Series: Understanding, Detecting & Mitigating Insider Threats (Rockville, Maryland, USA, December 6, 2016) Insider threats are growing at an alarming rate, with medium-to-large company losses averaging over $4 million every year. Smaller businesses are at risk too, and it is estimated that in 2014, over half of all cyber attacks targeted companies with less than 1,000 employees. The majority of these breaches are caused accidentally by internal employees or contractors, which means that, whether their intent is malicious or not, people represent the greatest risk to a company's cyber security. Join us for the December 6th NCCoE Speaker Series and learn from the leading experts, including Mitre's Principal Behavioral Psychologist Dr. Deanna Caputo, how you can keep your business safe from these costly and preventable breaches.

Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter (Elkridge, Maryland, USA, December 6, 2016) This cybergamut Technical Tuesday features ZeroFox data scientist John Seymour, who will present a recurrent neural network that learns to tweet phishing posts targeting specific users. Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.

Practical Privacy Series 2016 (Washingto, DC, USA, December 7 - 8, 2016) This year, the Practical Privacy Series will return to Washington, DC, with its rapid, intensive education that arms you with the knowledge you need to excel on the job. We’re programming some stunningly good sessions right now—we can’t wait to share them with you!

CISO Southern Cal (Los Angeles, California, USA, December 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

SANS Cyber Defense Initiative 2016 (Washington, DC, USA , December 10 - 17, 2016) Make plans to attend SANS Cyber Defense Initiative 2016 (CDI). SANS is the one educational organization known for developing the cybersecurity skills most in need right now. SANS Cyber Defense Initiative 2016 will feature courses in IT security, security management, IT audit, penetration testing, and computer forensics, including short courses that can be taken with a long course to enhance your training. Every course, evening talk, and special event is designed to equip you with cutting-edge knowledge and skills required to combat today's cyber criminals. SANS events offer you a unique opportunity to learn from the best cybersecurity teachers in the country. At SANS events you get the kind of hands-on, immersion training that you can put to work immediately

Privacy, Security and Trust: 14th Annual Conference (Auckland, New Zealand, December 12 - 14, 2016) This year’s international conference focuses on the three themes of Privacy, Security and Trust. It will provide a forum for global researchers to unveil their latest work in these areas and to show how this research can be used to enable innovation. The main aims of the conference are: To highlight the innovative research happening globally with three main themes: Privacy, Security and Trust. Academics from across the globe will come together to discuss solutions related to PST risks and to showcase the research methods that are able to minimise future cybercrime issues. To foster new ideas and conversation in order to reduce the amount of PST issues globally and to create enduring change in the behaviour and attitudes towards PST. To draw together PST practitioners, researchers, and government to showcase the latest PST research outputs and initiatives. We envisage that industry participants will implement the PST initiatives that are discussed and showcased at the conference into their practice.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

US DNI resigns as expected, sees results from naming Russia in election hacking. Insider credentials used to breach UK mobile firm Three. China says its Internet controls are just bringing their wisdom to cyberspace.