The CyberWire Daily Briefing 01.07.16
The Ukrainian rolling blackout, now by general consensus regarded as the work of Russian security organs, prompts electrical utilities worldwide (and especially in the United States) to take stock of their cyber defenses. Such taking stock results in an evergreen discovery: much of the information attackers would need to stage their attacks is freely available in open sources.
And while squirrels doubtless have a much larger track record in power disruption (as Tenable points out in a Passcode op-ed) observers look for an increase in cyber attacks on infrastructure in 2016.
A report surfaces, attributed to US Coast Guard sources, that a cyber attack on a US port was attempted and thwarted late in 2015.
Cyber-rioting resumes in the Subcontinent, as Indian hacktivists deface Pakistani sites as a memorial tribute to a slain border control officer.
Criminals are using compromised certificates to help spread malware infections. Trend Micro warns that Let's Encrypt certificates are being used to facilitate distribution of Angler. Zscaler reports some interesting findings on the information-stealing Trojan Spymel, whose .net executable is "signed with a legitimate DigiCert-issued certificate."
If you've wondered about how criminals monetize identity theft, here's one trending approach discussed by Brian Krebs: they use stolen identities in warranty fraud.
Time Warner Cable is notifying some 320,000 customers that their accounts may have been compromised.
WordPress issues an update that fixes some security holes. SilentCircle patches an issue in its designed-for-privacy Blackphone.
In industry news, speaker manufacturer Harmon International buys automotive cyber security company TowerSec.
Today's issue includes events affecting India, Iraq, Netherlands, Pakistan, Russia, Syria, Ukraine, United Arab Emirates, United Kingdom, and United States.
Cyber Attacks, Threats, and Vulnerabilities
Ukrainian blackout caused by hackers that attacked media company, researchers say (Guardian) Power company suffered a major attack that led to blackouts across western Ukraine, after an attack on a Ukrainian media company
Russian hackers are suspected in a cyber attack that caused a huge blackout in Ukraine (Quartz) Experts say they have established the world's first known case of a cyber attack on a power grid, which cut power to more than 600,000 homes in Ukraine in late December. US intelligence agencies and cyber security experts are looking to Russia as the likely source of the attack
U.S. power companies told to review defenses after Ukraine cyber attack (Reuters) A quasi-governmental U.S. electric industry group last week advised members to review network defenses following reports that 80,000 customers of a Western Ukraine utility lost power for six hours following a cyber attack
Project 'Gridstrike' Finds Substations To Hit For A US Power Grid Blackout (Dark Reading) Turns out free and publicly available information can be used to determine the most critical electric substations in the US, which if attacked, could result in a nationwide blackout
Opinion: Squirrels are bigger threat than hackers to US power grid (Christian Science Monitor Passcode) While fresh reports of digital assaults on critical infrastructure facilities have stirred the cyberwar saber rattlers, it's worth remembering that squirrels cause far more destruction to the grid than rogue nation hackers
Experts: Recent Critical Infrastructure Attacks A Sign Of Major Security Challenges Coming In 2016 (CRN) Hackers rang in the new year with a slew of critical infrastructure attacks, a trend that partners and security experts said points to a tough year ahead for critical infrastructure security
US port cyber-attack thwarted (Port Strategy) The United States Coast Guard Cyber Command's (CGCYBER) latest maritime cyber bulletin has revealed that there was an attempted cyber-attack against an unknown port facility
Indian hackers deface Pakistani websites to 'pay tribute to Lt Colonel Niranjan' (Times of India) A group of Indian hackers have defaced seven Pakistani websites, including that of Pakistani Bar Council. The hacker group — Indian Black Hats, based of Kerala — said that they have dedicated the hacking to the 18-month old daughter of late Lt Col Niranjan of the National Security Guards
Yet Another Signed Malware — Spymel (Zscaler ThreatLab) ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in this case is the information stealing Trojan Spymel and involved a .NET executable signed with a legitimate DigiCert issued certificate
Trend Micro: Internet scum grab Let's Encrypt certs to shield malware (Register) Angler kit served via compromised HTTPS websites
Etihad Airways investigates possible data leak (The National) Etihad Airways is investigating a possible leak of data belonging to members of its loyalty programme
Second Database Exposing Voter Records Found Online (SecurityWeek) A Christian conservative organization is believed to be responsible for exposing the details of millions of U.S. citizens by failing to ensure that its databases could not be accessed by unauthorized individuals
Android-based Smart TVs Hit By Backdoor Spread Via Malicious App (TrendLabs Security Intelligence Blog) With the year-end shopping season over, many consumers now have new various smart gadgets in their homes. One particularly popular usage of this so-called Internet of Things (IoT) are smart TVs. These TVs are more than just passive display devices; many of them can even run Android apps as well. Some may find these features useful, but these capabilities bring their own risks
SLOTH Attacks Up Ante on SHA-1, MD5 Deprecation (Threatpost) If you're hanging on to the theory that collision attacks against SHA-1 and MD5 aren't yet practical, two researchers from INRIA, the French Institute for Research in Computer Science and Automation, have demonstrated new attacks that raise the urgency to move away from these broken cryptographic algorithms
Transcript Collision Attacks: Breaking Authentication in TLS, IKE, and SSH (MITIS) In response to high-profile attacks that exploit hash function collisions, software vendors have started to phase out the use of MD5 and SHA-1 in third-party digital signature applications such as X.509 certificates. However, weak hash constructions continue to be used in various cryptographic constructions within mainstream protocols such as TLS, IKE, and SSH, because practitioners argue that their use in these protocols relies only on second preimage resistance, and hence is unaffected by collisions. This paper systematically investigates and debunks this argument
Time Warner and Linode report possible password breaches (Ars Technica) Potential compromises appear to be unrelated
Time Warner Cable to contact 320,000 customers about possible account compromise (CSO) Company says that customers will be contacted by email and direct mail
Bug in Silent Circle's Blackphone let attackers remotely control device (Computerworld) A vulnerability in Silent Circle's privacy-focused Blackphone let attackers remotely take over the device's modem to send and receive texts, dial or connect calls, change call IDs, set call forwarding, force conference calls and more
A recent example of wire transfer fraud (Internet Storm Center) Do you know about any attempts of wire transfer fraud in your organization? They often start with phishing emails. These emails are used to trick an employee into wiring money to bank accounts established by the criminal. It's an old scam, but 2015 apparently saw a resurgence in wire transfer
Facebook "Page Disabled" Phish Wants your Card Details (Malwarebytes Unpacked) Fake Facebook Security pages are quite a common sight, and there's a "Your page will be disabled unless…" scam in circulation at the moment on random Facebook comment sections which you should steer clear of
Scammers target citizens filing tax returns online (Help Net Security) As ten million people prepare to complete their tax returns online in January, British citizens are being bombarded with scams. Forty per cent have received phishing emails which appeared to be from HMRC, and identity fraud is rife — with many people still unaware of the potential risks involved, according to Miracl
Don't be Deceived by a Pretty Face and a Sad Story (Team Cymru) As Christmas 2015 fades into memory, and January begins its annual onslaught of gym adverts and crash diets, we hope that Santa Claus (or Saint Nicolas, Befana, et el) brought you everything you were hoping for
Account Takeovers Fueling 'Warranty Fraud' (KrebsOnSecurity) Cybercrime takes many forms, but one of the more insidious and perhaps less obvious manifestations is warranty fraud
Flash drive missing from IU Health Arnett contains data from over 29,000 patients (Health IT & CIO Review) Indiana University Health Arnett Hospital in Lafayette is notifying patients the system became aware Nov. 20 that an unencrypted flash drive was missing from its emergency department
Security Patches, Mitigations, and Software Updates
WordPress 4.4.1 Security and Maintenance Release (WordPress) WordPress 4.4.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately
Blackphone update closes security hole (InfoWorld) SilentCircle used a third-party component that potentially exposed the secure Blackphone to attack
Drupal — Insecure Update Process (IOActive Blog) Security updates are a common occurrence once you have installed Drupal. In October 2014, there was a massive defacement attack that effected Drupal users who did not upgrade in the first seven hours after a security update was released. This means that Drupal updates must be checked as frequently as possible (even though by default, Drupal checks once a day)
Stop using Internet Explorer after next Tuesday! (Sort of) (Naked Security) Only kidding! You can keep using Internet Explorer if you like
IIoT is as real and complicated as Star War's BB-8 Droid (Control) Like BB-8, IIoT looks futuristic and fantastic, while it's largely just a mashup of existing technologies in an innovative wrapper
The rise of algorithms for your algorithms (FierceBigData) According to a new Frost & Sullivan report, this is the year when machine learning algorithms will be used to evaluate the effectiveness of other algorithms. A handful of big-data-savvy companies already started that process last year, leading the way, but the research firm says that fledgling trend will fully emerge this year
Consumerization, cybersecurity among key challenges for hospital IT execs in 2016 (FierceHealthIT) Providers increasingly expected to 'do more with less,' FierceHealthIT Advisory Board members say
6 Mobile Security Predictions for 2016 (eSecurity Planet) Big changes for mobile security are ahead in 2016, predict mobile security experts
Loose talk on social media big security risk for firms, says Kaspersky (SC Magazine) Employees are risking their organisations' IT security and their own personal data by sharing too much information on social media
Visual hacking is not hacking (CIO) There's hacking and then there's copying off of your neighbor's work like we had to worry about in grade school. Remember. That's not really hacking, is it?
Cybersecurity Insurance Explosion Poses Challenges (Bloomberg BNA) Cybersecurity insurers may see premiums gross income rise by 300 percent or more in the next five years, even as the product's pricing and composition continue to evolve, insurance specialists and others told Bloomberg BNA
Exclusive: Verizon launches auction to sell data centers — sources (Reuters) Verizon Communications Inc VZ.N has started a process to sell its data center assets, hoping to fetch more than $2.5 billion, people familiar with the matter said on Tuesday, as the U.S. telecommunications conglomerate focuses on its core business
Army begins industry outreach for cloud transformation project (FierceGovernmentIT) The Army wants cloud computing vendors to pitch their solutions as part of its forthcoming cloud contract vehicle, said the service in a notice posted late last month
DHS Thinks Startups Know How Best to Protect the Internet of Things (Nextgov) The Department of Homeland Security wants to be able to detect all devices connected to its network in a particular location — say, an airport — and it thinks startups will know how to do it
Popular speaker manufacturer buys auto cybersecurity firm (The Hill) Harman International, maker of the popular JBL speakers, has agreed to buy automotive cybersecurity firm TowerSec
Cisco Completes Acquisition of Lancope for Visibility, Analytics Technology (The VAR Guy) Cisco Systems (CSCO) has completed its acquisition of security startup Lancope to add continuous visibility and traffic analysis to its network security portfolio
Are Cisco, Symantec, HP Angling For Fortinet, Qualys? (Investor's Business Daily) Cybersecurity firms Qualys (NASDAQ:QLYS), Fortinet (NASDAQ:FTNT) and Proofpoint (NASDAQ:PFPT) could be on the auction block in 2016, likely pitting Cisco Systems (NASDAQ:CSCO), Microsoft (NASDAQ:MSFT), Hewlett Packard Enterprise (NYSE:HPE) and Oracle (NYSE:ORCL) in a "long overdue" M&A battle, FBR analyst Daniel Ives said Wednesday
PayPal Co-Founder Max Levchin's Bet on Cryptography (BloombergBusiness) Max Levchin, PayPal's co-founder and Affirm's chief executive officer, discusses cryptography and what's next for Yahoo with Bloomberg's Emily Chang on "Bloomberg West." Levchin is also a former Yahoo board member
Products, Services, and Solutions
Don't Believe Headlines That Claim OS X Was The "Most Vulnerable" Software of 2015 (Intego Mac Security Blog) There is an old saying that is always worth remembering: "There are three kinds of lies: lies, damned lies, and statistics"
Kali Linux NetHunter 3.0 Android Mobile Penetration Testing Platform Out Now (Softpedia) After being in development for over a year, the Kali Linux NetHunter 3.0 Android application has been released earlier today, January 6, 2016, by Offensive Security, the company behind Kali Linux, the successor to BackTrack
LastPass 4.0 features fresh UX, emergency access, sharing center (Help Net Security) The latest version of the popular password manager includes a new UX, and a host of new features
Dashlane Launches Password Defense Alert (PRNewswire) Groundbreaking product enables companies to protect their customers' account data
CensorNet Secure Web Gateway review (CloudPro) Control exactly how your employees use the cloud
Samsung Portable SSD T3 offers increased data security and portability (Help Net Security) Samsung announced the Samsung Portable SSD T3, a palm-sized, external SSD that offers multi-terabyte storage capacity
Oscobo holds privacy above all with new browser (FierceCIO) It's tough to take on the likes of Google but Oscobo, a new search engine, hopes to do just that by focusing on user privacy
Proofpoint lance une solution de sécurité pour Instagram (Global Security Mag) Proofpoint, Inc., annonce le lancement d'une solution qui identifie automatiquement les menaces de sécurité, violations de conformité et publications inappropriées sur Instagram. Proofpoint SocialPatrol™permet d'exécuter une analyse avancée des images et du texte, lui-même incorporé ou non dans une image. Les marques et les organisations soucieuses des questions de conformité peuvent ainsi surveiller et supprimer les publications et commentaires inappropriés
ArcSight vs. Splunk? Why you might want both (CSO) User reviews suggest that rather than choose between the two highly-rated SIEM products, security managers would benefit from having both
Intel Security and VMware's AirWatch partner on mobile security initiatives (V3) Intel Security and AirWatch, VMware's enterprise mobility subsidiary, are expanding their partnership in a bid to help organisations cope with the security issues posed by mobile devices and better integrate mobile security with existing enterprise security systems
Technologies, Techniques, and Standards
HaLow, is it me you're hacking for? Wi-Fi standard for IoT emitted (Register) 802.11ah could be too expensive and too late
Wi-Fi standard could make Internet of Things things even easier…for hackers (Register) HaLow somewhat less than saintly
7 Tips For Mitigating Phishing And Business Email Hacks (Dark Reading) You can't stop someone from launching a phishing attack, but there are things you can do to mitigate the threat
The secure GC: Data breach preparedness through auditing (Inside Counsel) When a data breach occurs, the immediate hours after are both chaotic and critical to an effective response. Preparation is therefore essential
Minimizing Risk in the Face of FCPA Compliance (Legaltech News) Mitratech's paper offers a way for organizations to keep afloat as compliance grows more complex, though not everyone agrees
What's your cybersecurity whistleblower strategy? (CSO) Regulators and attorneys are growing more interested in cybersecurity accountability. One likely outcome of this interest is an increase in cybersecurity whistleblower cases. This means every organization needs to rethink how to handle internal and external security problem reporting
Docker and Security: How do they fit together? (Jaxenter) While Docker images are famously simple and practical, Docker security remains a tricky maze. Docker pros Dustin Huptas and Andreas Schmidt show us the essential security features you need to know for building a secure system with Docker
The Matrix Reloaded: Security Goals v. Operational Requirements (Dark Reading) Building a matrix that measures people, process, and technology against security goals is a proven method for reducing risk in an organization. Here's how
Data Insecurity: Flawed Technology Or Outdated Business Process? (Dark Reading) When it comes to protecting critical data, legacy processes are just as vulnerable as legacy software
Design and Innovation
Pioneer In Internet Anonymity Hands FBI A Huge Gift In Building Dangerous Backdoored Encryption System (Techdirt) I first came across cryptography pioneer David Chaum about a decade ago, during the debates about online voting. Many in the technology world were insisting that such things were impossible to do safely, but Chaum insisted he had come up with a way to do online voting safely (he'd also tried to do electronic money, DigiCash… unsuccessfully). Many people disagreed with Chaum and it led to some fairly epic discussions. It appears that Chaum is again making moves that are making many of his colleagues angry: specifically creating a backdoored encryption system
AT&T, Partners Work on Internet of Things-Based 'Smart City' Framework (ExecutiveBiz) AT&T has partnered with seven other technology companies to produce a smart-city development framework intended to help local government organizations to harness Internet of Things platforms for management of their cities
Defending the smart city (Intelligent Utility) With all the hype around Smart Cities today, you'd think they are ubiquitous
Research and Development
Cryptographers honored with Levchin Prize at Real World Cryptography Conference (Stanford Daily) The inaugural Levchin Prize for Real World Cryptography was awarded Wednesday at the Real World Cryptography Conference (RWCC), held annually at Stanford. Phillip Rogaway, professor of computer science at UC Davis, as well as the international miTLS research team, each received $10,000 for their work on cryptography
Legislation, Policy, and Regulation
Dutch government rejects UK government approach to encryption legislation (SC Magazine) A position paper written by the Dutch government assesses the arguments for and against encryption backdoors but comes down firmly against downgrading the technology
Netherlands opposes backdoors, but encryption still under assault (Naked Security) The Dutch government has officially declared its opposition to any restrictions on the development or use of encryption products, even as Dutch lawmakers are weighing legislation that could mandate backdoor government access to encrypted communications
Mass-surveillance 'undermines security' and failed to stop 9/11 attacks, says ex-NSA officer (Graham Cluley) According to a former officer at the United States National Security Agency (NSA), bulk data collection has resulted in the loss of life before, and it will lead to more lives lost in the future. Draft billOn Wednesday, William Binney, former director of the NSA's Analytic Service Office, is scheduled to present evidence before the UK Parliament's Joint Committee on the Draft Investigatory Powers (IP) bill
Groups warn asbestos bill could spur online identity theft (The Hill) Public interest groups are launching an 11th-hour campaign to kill a Republican-backed bill aiming to reduce asbestos lawsuit fraud that could receive a vote Thursday
At CES, Feds prod companies to expand privacy efforts (Computerworld via CSO) FTC chief says consumer opt-in agreements need to be clarified
How 'Do Not Track' Ended Up Going Nowhere (Re/code) Back in 2010, the Federal Trade Commission pledged to give Internet users the power to determine if or when websites were allowed to track their behavior
Litigation, Investigation, and Law Enforcement
NSA Did Not Spy On Congress Members During Iran Nuclear Debate, Top Intel Officials Say: Report (International Business Times) Top U.S. intelligence officials told the House Intelligence Committee Wednesday that the National Security Agency (NSA) did not spy on Congress members during last year's Iran nuclear debate
State Department gave 'inaccurate' answer on Clinton email use, review says (Washington Post) Two years before the public learned of Hillary Clinton's private server, the State Department gave an "inaccurate and incomplete" response about her email use when it told an outside group that it had no documents about Clinton's email accounts beyond her government address, according to a report from the State Department's inspector general to be released Thursday
Clinton aides' cybersecurity emails go from 38,000 to one (Politico) The State Department has dramatically revised downward — from about 38,000 to one — its estimate of the number of pages of messages in Hillary Clinton aides' private email about training on cybersecurity threats and other computer-related issues
Islamic State video turns British attention to banned group (Reuters) If London-born convert Abu Rumaysah is confirmed as the front man in the latest Islamic State video, then he will be just the latest in a long line of militants to emerge from a banned group the authorities say breeds easy prey for jihadist recruiters
Exclusive — California shooter's visa record shows routine interview, no flags raised (Reuters) The record of San Bernardino shooter Tashfeen Malik's U.S. visa interview in Pakistan shows it was conducted without any obvious irregularities and triggered no significant suspicions, according to a source familiar with the official State Department file
Scanning for terrorism — brain fingerprinting offers new hope in anti-terrorism fight (Canberra Times) The challenges faced by counterterrorism authorities are numerous. They include determining whether a person jailed for terrorism-related offences — and now due for release — has been deradicalised by imprisonment, or is just faking it
The FBI's 'Unprecedented' Hacking Campaign Targeted Over a Thousand Computers (Motherboard) In the summer of 2015, two men from New York were charged with online child pornography crimes. The site the men allegedly visited was a Tor hidden service, which supposedly would protect the identity of its users and server location. What made the case stand out was that the Federal Bureau of Investigation (FBI) had used a hacking tool to identify the IP addresses of the individuals
EFF: T-Mobile breaks net neutrality rules with Binge On service (Help Net Security) In February 2015, the FCC has approved net neutrality rules "to preserve the Internet as a platform for innovation, free, expression and economic growth"
Uber to pay $20,000 in settlement on privacy issues with New York attorney general (CSO) Uber will also secure and restrict employee access to customer geo-location data
For a complete running list of events, please visit the Event Tracker.
FloCon 2016 (Daytona Beach, Florida, USA, Jan 11 - 14, 2016) The FloCon network security conference provides a forum for large-scale network flow analytics. Showcasing next-generation analytic techniques, FloCon is geared toward operational analysts, tool developers, researchers, and others interested in applying the latest analytics against large volumes of traffic
Breach Planning & Incident Response Summit: Proactive Collaboration Between Private Industry and Law Enforcement to Mitigate Damage (Odenton, Maryland, USA, Jan 12, 2016) The Cybersecurity Association of Maryland, Inc.(CAMI), Chesapeake Regional Tech Council, Maryland Chamber of Commerce, Chesapeake Innovation Center, Tech Council of Maryland are partnering together to host this event designed to attract and educate CIO's, CISO's, CEO and Compliance officials from small to mid-sized commercial firms on the practical actions taken by the government, firms and organizations post-hack
Cyber Security Breakdown: Chicago (Chicago, Illinois, USA, Jan 12, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach during the chaos of the event, you'll understand how to build in advance, the best practices to respond effectively. Attend the Cyber Security Breakdown event that is focused on the unique issues and threats facing legal professionals
Insider Threat Program Development Training Course — Georgia (Atlanta, Georgia, USA, Jan 12 - 14, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies victimized by current or former employees incur costs from $5,000 to $3 million. bring? Is your company required to establish an Insider Threat Program per the requirements of NISPOM Conforming Change 2? Insider Threat Defense has trained a substantial number of U.S. Government Agencies (DoD, IC), Defense Contractors, Critical Infrastructure Providers, Aviation Security Professionals, large and small businesses on Insider Threat Program Development and Insider Threat Risk Mitigation
FTC PrivacyCon (Washington, DC, USA, Jan 14, 2016) The Federal Trade Commission will in January hold a wide-ranging conference on security and privacy issues lead by all manner of whitehat security researchers and academics, industry representatives, consumer advocates
National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, Jul 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program. There is no cost to attend this meeting
POPL 2016 (St. Petersburg, Florida, USA, Jan 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome, on topics ranging from formal frameworks to experience reports
Automotive Cyber Security Summit — Shanghai (Shanghai, China, Jan 21 - 22, 2016) The conference, which brings together automakers, suppliers, various connected-services providers and security specialists, will focus on government regulations, emerging automotive cyber security standards and new products and solutions designed to deal with the growing threats
SANS Institute: Information Security Training (Las Vegas, Nevada, USA, Sep 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security training courses taught by real-world practitioners. The site of SANS Network Security 2015, September 12 - 21, is Caesars Palace, the majestic Las Vegas hotel
CyberTech 2016 (Tel Aviv, Israel, Jan 26 - 27, 2016) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provided attendees with a unique and special opportunity to get acquainted with the latest innovations and solutions featured by the international cyber community. The conference's main focuses are on networking, strengthening alliances and forming new connections. Cybertech also provided an incredible platform for Business to Business interaction
Global Cybersecurity Innovation Summit (London, England, UK, Jan 26 - 27, 2016) SINET presents the Global Cybersecurity Innovation Summit, which focuses on providing thought leadership and building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures, national security and economic interests. Our objective is to advance innovation and the growth of the cybersecurity sector by providing a platform for cybersecurity businesses, particularly small and medium enterprises (SMEs), to connect with key UK, US, and international decision makers, system integrators, investors, government policy makers, academia and other influential business executives
Fort Meade IT & Cyber Day (Fort Meade, Maryland, USA, Jan 27, 2016) The Ft. Meade IT and Cyber Day is a one-day event held at the Officers' Club (Club Meade) on base. The event is held on-site, where industry vendors will have the opportunity to display their products and services to IT, Communications, Cyber and Intelligence personnel
ESA 2016 Leadership Summit (Chandler, Arizona, USA, Jan 31 - Feb 3, 2016) The electronic security industry is rapidly changing and continuously evolving. It's not enough to just survive. Businesses looking to thrive need to adapt to ensure their people, products, services and practices stay ahead of the curve. The Summit is a three-day conference filled with networking and educational opportunities dedicated to delivering business intelligence to electronic security companies and professionals that are ready to embrace innovation and grow