The CyberWire Daily Briefing 02.22.16

Summary

By The CyberWire Staff

Russian support for the Assad regime in Syria's civil war strikes observers as following patterns developed in Russia's incursions into Ukraine. Specifically, Russian forces are conducting a widespread cyber espionage campaign against the various groups (including, of course, ISIS) aligned against Assad. They're also shaping information on humanitarian disasters and the extent of Russian intervention.

Hezbollah's Qadmon hacking unit claims it's compromised a number of networked Israeli security cameras.

Joomla has become a target for ransomware purveyors, thought to be the group behind the "admedia" campaign that's afflicted WordPress sites.

Federal law enforcement agencies grapple toward an answer to ransomware even as the Android Xbot Trojan that Palo Alto described last week shows a dismaying convergence between ransomware and credential harvesting.

The JSF*** bug Check Point disclosed in eBay two weeks ago is now being exploited in the wild.

In industry news, businesses are advised to read their cyber policies carefully. A New York State court found that coverage of several upstate Five Guys restaurants specifically excluded losses from electronic data.

In the dispute between Apple and the Department of Justice over help unlocking an iPhone used by the San Bernardino jihadists, it's emerged that a San Bernardino County IT staffer reset the iPhone's iCloud credentials within hours of its seizure, apparently at the FBI's request. This has precluded the possibility of getting data the phone might have backed up to the cloud.

Both sides have their partisans; reactions are mixed. Industry generally favors Apple, the general public the FBI.

Notes.

Today's issue includes events affecting Brazil, China, India, Iran, Israel, Russia, South Africa, Syria, United Kingdom, United States

On the Podcast

Today's CyberWire Daily Podcast will have an update on Shodan and the Internet-of-things, as we hear from University of Maryland expert Joe Carrigan.

Sponsored Events

2016 National Conference of Minority Cybersecurity Professionals (Washington, DC, March 23 - 24, 2016)

Women in Cybersecurity (WiCYS) 2016 (Dallas, TX, March 31 - April 2, 2016)

Selected Reading

Cyber Trends

The Apple standoff should make us rethink our surrender to the phone (Guardian) It certainly wasn't how you imagine a bank robbery to be

Apple v FBI: engineers would be ashamed to break their own encryption (Guardian) Among the secretive, almost religious community of expert security engineers, breaking your own encryption is seen as shameful and unholy

Vulnerabilities in healthcare devices show up woeful lack of security (SC Magazine) Healthcare sector "10 to 15 years behind" in security according to expert

Email security still an afterthought (Help Net Security) Email continues to be a critical technology in business and the threat of email hacks and data breaches loom large over IT security managers. Consequently, confidence and experience with previous data breaches and email hacks play key parts in determining a company's perceived level of preparedness against these threats and targeted email attacks

Application downtime costing enterprises $16 million each year (Help Net Security) Despite numerous high-profile incidents in the last year, enterprises are still not paying enough attention to the needs of their users, according to Veeam

How IoT can improve risk management for insurers (Memeburn) While the insurance industry has traditionally been driven by vehicle theft to embrace telemetry, the time has come to utilise the Internet of Things (IoT) for relevance in the digital age

No cyber attack response strategy at most Indian companies (Economic Times) Most top executives at Indian companies have no strategy to react to a cyberattack, cyber war games held earlier this year by consultancy EY showed

Director of 'Zero Days' to Post: 'The cyber-war era is here' (Jerusalem Post) Alex Gibney, director of the documentary 'Zero Days' talks to the 'Post' about how the US-Israel operation to target Iran's nuclear program changed cyber warfare forever

Legislation, Policy and Regulation

The Problem With John Kerry's Trip to Hollywood (Foreign Policy) Wrong movie, wrong focus group, wrong century

The Moral Hazard of the Fight Against the Islamic State (War on the Rocks) In a recent War on the Rocks podcast, Ryan Evans interviews Basam Ridha al-Hussaini, a special representative of Iraqi Prime Minister Haider al-Abadi, about the state of affairs in Iraq and, in particular, the Popular Mobilization Units — a collection of government-sanctioned militias that currently augment state security in Iraq

China Issues Broad New Rules for Web (Wall Street Journal) Regulations ban companies with foreign ownership from engaging in online publishing

Apple encryption case risks influencing Russia and China, privacy experts say (Guardian) Analysts and lawmakers warn FBI that ramifications over its demand that Apple unlock San Bernardino killer?s iPhone 'could snowball around the world'

Deadlines approaching for officers, warrants, to apply for transfer to cyber branch (United States Army) Deadlines are approaching for active Army commissioned and warrant officers interested in joining the Army Cyber Branch under two Voluntary Transfer Incentive Program efforts

CNO: Navy 'leaning in' on information warfare (C4ISR & Networks) The Navy has undergone numerous lines of effort to realign its force to operate in the cyber domain and better conduct information warfare, including strategies and service-wide assessments, and it?s better positioned the force to meet emerging threats, according to the Chief of Naval Operations

Products, Services, and Solutions

Troll hunter: Twitter cracks down on abuse with new trust and safety group (ZDNet) After a number of high-profile defections from Twitter because of trolling, the micro-blogging service has now unveiled a new Trust and Safety Council to help guide its policies against abuse

PacketFence: Free and open source network access control (Help Net Security) PacketFence is a fully supported, free and open source network access control (NAC) solution. Its feature set includes a captive-portal for registration and remediation, centralized wired and wireless management, BYOD management options, 802.1X support, and layer-2 isolation of problematic devices

Technologies, Techniques, and Standards

DHS releases guidelines for CISA-sanctioned cybersecurity information sharing (Help Net Security) The US Department of Homeland Security has published guidelines on how the private sector and federal entities can share cyber threat indicators (CTIs) with the US federal government

Surviving Ransomware — A Few Known Cases (Akati Consulting) Most of the people who become victims to ransomware have no chances to recover the data without paying the ransom to the extortionists

The Simple Way to Stop your Business from Being Extorted by Ransomware (Bitdefender) Online extortion is on the rise

Reducing False Positives with Open Data Sources (Internet Storm Center) Today, the number of daily attacks is so important that we can?t rely on a single solution to protect us

The benefits of encryption for IP-based security systems (Security Info Watch) Physical security technology solutions such as IP surveillance and access systems, cloud storage and mobile monitoring and control are accelerating at a rapid pace and are increasingly exposed to cyber-attacks

California hospital cyber hack shows importance of digital risk management (Econsultancy) If you haven't heard about it yet, a hospital in Hollywood, California has been electronically dead in the water for over a week now

Password mistakes that increase the chance of getting hacked (ghacks.net) Selecting a secure, unique password is not science, but it can be a frustrating experience for Internet users especially if they don't use a password manager program to assist them in the task

How to keep your mobile phone safe from cyber criminals (Financial Times) Mobile malware took off in 2011

A Proactive Approach To Incident Response: 7 Benefits (Dark Reading) How implementing a digital forensic readiness program maximizes the value of digital evidence

Bridging the Gap Between Executive Cyber Awareness and Enterprise Security (Infosecurity Magazine) In many organizations today, keeping pace with the rate of emerging cyber-threats is placing a tremendous strain on IT security teams. They must keep one step ahead of motivated and sophisticated attackers, while communicating the risks and necessary response to executive leadership

Why HR should be your first line of defence against corporate hackers (Human Resources) When a cyber security crisis ensues, the management often tends to turn its attention to the information technology department, but research by IBM shows that HR does play a key role in securing an organisation's cyber-space

Are HR Chiefs The Biggest Cyber Threat? (Forbes) Chief human resource officers (CHROs) are not taking cyber threats seriously, and they are failing to train employees on how to deflect even the simplest hacks

Marketplace

Cyber insurance offers companies a safety net from online hackers (Crain's Detroit Business) Most businesses and people are inextricably connected to the digital world, from desktop PCs and the servers they link with to tablets, smartphones, smartwatches and a litany of other gadgets

Software Liability: Where Consumer Fears and Business Risk Converge (Virtual Strategy Magazine) Already another in a series of watershed years for cyber-security, 2015 ended with a noisy bang when Juniper Networks revealed in late December that they had discovered unauthorized code embedded within products that could allow hackers to decrypt VPN connections and access what were thought to be secured communications

ESET jumps from 'niche player' to 'visionary' in endpoint protection (ChannelLife) ESET has been dubbed a 'visionary' in Gartner's latest endpoint protection platform magic quadrant report

US Department of Homeland Security Vows To Tackle DDoS Attacks (Hack Read) Galois and the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) have formalized a contract to develop technology for preventing and combating extensive, sophisticated DDoS (Distributed Denial of Service) attacks

Departing US-CERT boss to launch cyber venture firm (FCW) The departing leader of the Department of Homeland Security's U.S. Computer Emergency Readiness Team will launch a venture capital firm next week to fund cybersecurity technologies she said are sorely needed

Iovation CEO Greg Pierson Thrilled Over Nevada Gaming License (Cards Chat) Greg Pierson is a happy man today

Damballa to Partner with PCI Security Standards Council to Improve Payment Data Security Worldwide (BusinessWire) As Council's newest Participating Organization Damballa to contribute to the development of PCI Security Standards

Mark Maybury Named Mitre VP, Chief Security Officer, National Cybersecurity FFRDC Director (GovConExecutive) Mark Maybury, a vice president and chief technology officer at Mitre, has been named VP and chief security officer at the non-profit organization

Research and Development

How the U.S. Fights Encryption — and Also Helps Develop It (Wall Street Journal) Agencies are developing encryption tools for secure communications, even as the FBI battles for access to an encrypted iPhone

Social media is a rich source for security services — if they can figure out how to use it (Baltimore Sun) Seen a flood of support for Russia's foreign policy on Twitter? Or a surge in sympathy for Islamic State terrorists?

Security Patches, Mitigations, and Software Updates

AirDroid Patches Vulnerability Exposing Android Data (Threatpost) A critical vulnerability impacting 50 million Android users running the popular AirDroid application has been patched

Cyber Attacks, Threats, and Vulnerabilities

Russia steps up Syria cyber assault (Financial Times) Russia is mounting a far-reaching cyber espionage campaign against Syrian opposition groups and NGOs, as Moscow seeks to influence the flow of information on the country's humanitarian crisis and obscure the full extent of its military operations there

Israeli Security Camera Systems targeted by Pro-Hezbollah Hackers (Hack Read) In 2014, Izz al-Din al-Qassam Brigade of Hamas successfully hacked the ongoing transmission of famous Israeli Channel 10 and replaced it with images of wounded Palestinian families. Now, hackers from the Hezbollah group have claimed to hack numerous security cameras in Israel

Joomla Sites Join WordPress As TeslaCrypt Ransomware Target (Threatpost) Exploit kits infecting thousands of WordPress websites are setting their sights on the open-source content management system Joomla in a new campaign spotted by a researcher at the SANS Institute's Internet Storm Center

US hospital pays $24k ransom after cyber attack locks medical records (The Age) Not too long ago, taking the United States' wild, messy, unreliable system of medical records online seemed like a worthy goal

Ransomware threat highlighted by Los Angeles hospital payout (New Scientist) Extortion is bigger business than ever, and now it doesn't have to rely on people depositing bags stuffed with cash

Hospital Cyber-Attack All Too Familiar for Mountain Hospital (WLOS) The same type of cyber-attack that struck a California hospital struck Mission Hospital last year, said Mission Health System's chief information officer

Ransomware takes millions, baffles law enforcement (The Hill) A California hospital this week paid a $17,000 ransom to free its computers from a hacker's virus, thrusting a little-known but wildly lucrative cyber scheme into the limelight

Android device manager app vuln leaves millions at risk of pwnage (Register) AirDroid grounded. Get patching, fanbois

3-in-1 Android malware acts as ransomware, banking Trojan and infostealer (Help Net Security) Why stop at asking ransom for encrypted files when you can also steal personal info, passwords, online banking credentials and credit card details, and then sell it or use it to get even more money?

New Android Trojan "Xbot" Phishes Credit Cards and Bank Accounts, Encrypts Devices for Ransom (Palo Alto Networks) We recently discovered 22 Android apps that belong to a new Trojan family we're calling "Xbot"

Android Malware About to Get Worse: GM Bot Source Code Leaked (IBM Security Intelligence Blog) IBM X-Force threat intelligence has found that the source code for Android malware GM Bot was leaked on an underground board in December 2015

As Dyre Goes Quiet, Focus Turns On Other Banking Trojans (Dark Reading) Dridex, Gozi, and Shifu are just three of the many malware tools that could replace Dyre, security researchers say

Cyber Threats Every Financial Services Firm Should Know About (SecurityWeek) The financial services industry is among the most heavily targeted sectors by cybercriminals

New backdoor for Windows has geographical restrictions (Dr. Web) Virus makers keep contriving numerous malicious programs whose purpose is to download other malware on the infected machine and execute cybercriminals? commands. Thus, yet another backdoor Trojan was detected by Doctor Web security researchers in February. Due to some key features it possesses, this Trojan stands out from its counterparts

OceanLotus OS X Malware Disguises Itself as Adobe Flash Update (Intego) Intego VirusBarrier users are protected against the OS X version of OceanLotus, a sophisticated Trojan horse that has been used to spy against businesses and government agencies

Beware of hacked ISOs if you downloaded Linux Mint on February 20th! (Linux Mint Blog) I'm sorry I have to come with bad news

World's biggest Linux distro infected with malware (Naked Security) Sadly, the headline is accurate. Fortunately, however, the outcome was not as bad as it could have been

JSF*** eBay XSS Bug Exploited in the Wild, Despite the Company's Fix (Softpedia) The JSF*** XSS bug that cyber-security firm Check Point discovered two weeks ago is being used in real world attacks on the eBay platform, in spite of eBay's best efforts at having it neutralized

Dell to Customers: Report 'Service Tag' Scams (KrebsOnSecurity) Computer maker Dell is asking for help in an ongoing probe into the source of customer information that appears to have somehow landed in the laps of fraudsters posing as Dell computer support technicians

IRS reports 400% increase in phishing & malware in the past 12 months (Naked Security) It's tax season in the US. That means it's also fraud season

Public Concerns for Zika Virus Exploited by Scammers to Spread Malware (Hack Read) Using a public health emergency for malicious purposes — there's nothing lower

The Internet's outward facing threats to enterprise security (CSO) From botnets to IP spoofing, outward facing threats on the Internet pose security risks for all

Academia

Experts See Pitfalls Ahead for Obama's Cybersecurity Plan (US News and World Report) A White House proposal to pay student loans to information technology workers needs qualified coders to succeed

Harvard at the Cyber Battlefront (Harvard Political Review) In today's world, a computer can easily become a weapon and cyberspace a battlefield as cyber security becomes a growing national concern

Litigation, Investigation, and Enforcement

FBI director makes personal, passionate plea on Apple San Bernardino controversy (Washington Post) The FBI's director has weighed in on the ongoing controversy over whether Apple should help unlock an iPhone used by one of the San Bernardino shooters, saying the nation owes the victims "a thorough and professional investigation under law"

In Employee Email, Apple CEO Tim Cook Calls For Commission On Interaction Of Technology And Intelligence Gathering (TechCrunch) Early this morning, Apple CEO Tim Cook sent an email out to employees about the FBI?s request to unlock an iPhone with the subject line 'Thank you for your support'

San Bernardino victims to oppose Apple on iPhone encryption (Reuters) Some victims of the San Bernardino attack will file a legal brief in support of the U.S. government's attempt to force Apple Inc to unlock the encrypted iPhone belonging to one of the shooters, a lawyer representing the victims said on Sunday

Apple Says the Government Bungled Its Chance to Get That iPhone's Data (Wired) A San Bernardino county worker may be responsible for a contentious battle now playing out between Apple and the government over data on an iPhone that belonged to suspected San Bernardino shooter Syed Rizwan Farook

FBI told San Bernardino County staff to tamper with gunman's Apple account (Guardian) The San Bernardino County government on Friday night said the FBI told its staff to tamper with the Apple account of Syed Farook, who with his wife, Tashfeen Malik, carried out the December shooting in which 14 people were killed

Apple says the FBI is making access demands even China hasn't asked for (Guardian) The tech company claims San Bernardino government workers botched an attempt to access gunman Syed Farook's iCloud account and reset his password

Exclusive: Common mobile software could have opened San Bernardino shooter's iPhone (Reuters) The legal showdown over U.S. demands that Apple Inc AAPL.O unlock an iPhone used by San Bernardino shooter Rizwan Farook might have been avoided if his employer, which owns the device, had equipped it with special mobile phone software it issues to many workers

FBI escalates war with Apple: 'marketing' bigger concern than terror (Guardian) Court filing from Department of Justice says Apple is more concerned with 'its marketing strategy' than helping FBI unlock San Bernardino shooter's iPhone

Arm-Twisting Not the Answer in Apple v. FBI Case, Says Colorado State University Security Expert (Newswise) On Feb. 16, a federal judge ordered Apple Inc. to help the Federal Bureau of Investigation crack the encrypted iPhone 5c of a deceased terrorist

Sophos says: #nobackdoors! (Naked Security) Forget ransomware, forget the Internet of Things, forget all the other computer security stories of recent days

Public support for Apple in FBI standoff isn't strong (USA Today) It's a split decision on the Apple-FBI standoff

Secret Memo Details U.S.'s Broader Strategy to Crack Phones (Bloomberg Business) Silicon Valley celebrated last fall when the White House revealed it would not seek legislation forcing technology makers to install "backdoors" in their software — secret listening posts where investigators could pierce the veil of secrecy on users' encrypted data, from text messages to video chats

JOHN MCAFEE: I'll decrypt the San Bernardino phone free of charge so Apple doesn't need to place a back door on its product (Business Insider) Using an obscure law, written in 1789 — the All Writs Act — the US government has ordered Apple to place a back door into its iOS software so the FBI can decrypt information on an iPhone used by one of the San Bernardino shooters

Apple is Selling You a Phone, Not Civil Liberties (Lawfare) Note to Apple: As a general matter of strategic communications, following the words "We have no sympathy for terrorists" with a "But" generally means you?ve gone badly off message — even if you wedge a few sentences in between

Is Law Enforcement Crying Wolf About the Dangers of Locked Phones? (Atlantic) If the FBI takes the position that encrypted iPhones and other secure electronic devices pose a significant impediment to law enforcement, Susan Hennessey and Benjamin Wittes write at Lawfare, it is reasonable to demand that it does "more than cry wolf"

1st U.S. trials of suspected Islamic State sympathizers begin (MIlitary Times) A U.S. Air Force veteran and former airplane mechanic charged with trying to join the Islamic State will be among the first Americans to go on trial as a result of the U.S. government's pursuit of dozens of suspected sympathizers of the militant group

Big Victory — Judge Pushes Jewel v. NSA Forward (Electronic Frontier Foundation) We won a groundbreaking legal victory late Friday in our Jewel v. NSA case, which challenges the NSA's Internet and telephone surveillance. Judge Jeffrey White has authorized EFF, on behalf of the plaintiffs, to conduct discovery against the NSA

NSA Wants 'Zero Day' Process Kept Secret (Courthouse News Service) The National Security Agency on Thursday defended hiding key details of its process for deciding whether to exploit or disclose software security flaws that make people vulnerable to hackers

15-year-old Teenage Hacker Arrested Over FBI Computer Hack (Hacker News) Another 15-year-old teenager got arrested from the land of cakes, Scotland, by British Police for breaking into the FBI Systems on 16th February

Insurer won't have to cover Five Guys' data breach (Albany Times Union) The operators of several Five Guys restaurants in the Capital Region won't be able to collect damages from their insurance company after their computer network was breached in late 2011, the state Appellate Division ruled Thursday

Would return to US with guarantee of fair trial: Snowden (The Hindu) The former National Security Agency contractor in 2013 leaked details of a secret government eavesdropping programme and left the country

Hacker Pleads Guilty to Stealing Celeb Nude Pics, Not The Fappening Author (Softpedia) Andrew Helton now faces up to 5 years in prison

Design and Innovation

Apple's fight with the FBI could trigger a password arms race (PC World) It's all to prevent brute force attacks

Apple vs. DOJ Doesn't Really Matter (Network World) With commercial and open source encryption tools readily available, criminals can easily bypass backdoors and vendor workarounds

Christopher Ahlberg on Tracking Hackers Through Patterns Across Forums (Threatpost) Threatpost editor Mike Mimoso talks with Christopher Ahlberg, CEO, Recorded Future about tracking cybercriminals through patterns on hacker forums

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Commonwealth Cybersecurity Forum 2016 (London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together cybersecurity stakeholders from across the Commonwealth; from policy makers, regulators and implementing agencies to private sector and civil society. The Forum is a place to showcase expertise, build capacity, present new technologies and develop relationships. Importantly it will map out the future cooperation among Commonwealth countries in Cybersecurity

Show Me Con (St. Charles, Missouri, USA, June 13 - 14, 2016) SHOWMECON. The name says it all. Known as the Show Me State, Missouri is home to St. Louis-based ethical hacking firm, Parameter Security, and security training company, Hacker University. Together, they are bringing you a one-of-a-kind event that will Show You the State of security from a unique perspective — the hacker?s viewpoint

upcoming Events

CISO Canada Summit (Montréal, Québec, Canada, February 21 - 23, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting

Interconnect2016 (Las Vegas, Nevada, USA, February 21 - 25, 2016) IBM InterConnect 2016 is for those who are building new business models, transforming industries, and creating better outcomes. Whether you're a C-suite executive, IT leader, developer, designer, architect, or cloud expert, we all have one thing in common — we strive to build better businesses. The relationship between IT and business is changing. As a leader, builder or innovator of technology, the decisions you make today will have an increasingly greater impact on your company's bottom line tomorrow. To remain successful, it's critical that you transform along with this ever-changing environment

cybergamut Tech Tuesday: Neuro Cyber Analytics: Understanding the Patterns of Human Cognition in the Cyber Domain (Elkridge, Maryland, Middletown, February 23, 2016) This presentation will discuss Neuro Cyber Analytics. Humans use context-specific neurocognitive patterns for receiving and processing internal and external sensory information. Stated differently, people interact with the world around them primarily by seeing, hearing, and feeling, and make decisions about what to do next depending upon the context of what is happening in their environment. People often do not realize that their decision making process triggers certain unconscious behaviors that can be read as indicators of how their thoughts were formulated and sequenced

Insider Threat Program Development Training Course — Maryland (Annapolis, Maryland, USA, February 23 - 25, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies victimized by current or former employees incur costs from $5,000 to $3 million. bring? Is your company required to establish an Insider Threat Program per the requirements of NISPOM Conforming Change 2? Insider Threat Defense has trained a substantial number of U.S. Government Agencies (DoD, IC), Defense Contractors, Critical Infrastructure Providers, Aviation Security Professionals, large and small businesses on Insider Threat Program Development and Insider Threat Risk Mitigation

CISO New York Summit (New York, New York, USA, February 25, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

BSides San Francisco (San Francisco, California, USA, February 28 - 29, 2016) BSides San Francisco is an Information / Security conference that's different. We're a 100% volunteer organized event, put on by and for the community, and we truly strive to keep information free. There is no charge to the public to attend BSides SF. Our costs are covered by our generous donors and sponsors, who share our vision of free dissemination of information. The conversations are getting more potent and the "TALK AT YOU" conferences are starting to realize they have to change. BSides SF is making this happen by shaking-up the format

CISO Summit Europe (London, England, UK, February 28 - March 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include engaging Keynote Presentations, Thought Leadership sessions, CISO Think Tanks, Analyst Q&As and much more

RSA Conference 2016 (San Francisco, California, USA, February 29 - March 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016

Cybersecurity: Defense Sector Summit (Troy, Michigan, USA, March 1 - 2, 2016) The National Defense Industrial Association (NDIA) Michigan Chapter Cybersecurity: Defense Sector Summit is to provide a forum to foster educational dialog between government, industry and academia in support of shaping the defense sector's strategy for "platform" cybersecurity. Multiple "conversation panels" will be focused on how cybersecurity is impacting not only ground vehicles, but air and maritime platforms. Key to the discussion will be synergies and lessons to be learned from connected car initiatives and the commercial sector. The Summit is in partnership with the State of Michigan and its Michigan Economic Development Corporation (MEDC)

International Academic Business Conference (New Orleans, Louisiana, USA, March 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are welcome to make presentations and/or to only attend sessions. The Clute Institute also seeks manuscripts for possible publication in our recently launched Journal of Cybersecurity Research

CISO Chicago Summit (Chicago, Illinois, USA, March 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

Navigating Summit 2016 (Canberra, Australia, March 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy and cyber-security are the cornerstones of this strategy. The Summit will examine the implications of privacy and security in a ubiquitously connected, data driven world. Key areas of focus will include digital identity, open data and data sharing, the implications of technologies such as cloud computing, data analytics and the Internet of Things and perceived tensions between privacy and security and innovation.

CISO Atlanta Summit (Atlanta, Georgia, USA, March 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.