The CyberWire Daily Briefing 03.01.16
news from RSA 2016
Yesterday's proceedings at RSA culminated in the announcement of 2016's Innovation Sandbox winner. This year Phantom bore the prize away, with what it describes as the "first purpose-built, community-powered security automation and orchestration. We'll have more on their product later this week when we sit down for an exclusive interview.
Our talks with companies exhibiting at RSA suggest that some of the common themes on people's minds include the importance of context and actionability in the development of threat intelligence, the extension of automation to tasks that lend themselves to automation (the better to free human analysts and operators to concentrate on what only they can handle), the growing importance (perhaps into centrality) of anomaly detection in defensive planning, and the importance of solid integration of security into the enterprise.
We'll have more detailed reports this week and next. In the meantime, see the coverage inked below.
The US appears to have opened a major cyber offensive against ISIS, targeting in particular its communications infrastructure in Syria. According to some reports this is being done in conjunction with special operations forces in the theater. (And, of course, it's being characterized as the "unleashing" of Fort Meade.)
In addition to announcing the cyber push, US Secretary of Defense Carter is returning to California in a continuing effort to enlist the technical support of the IT industry in the war against ISIS.
The Caliphate itself has not been idle, continuing information operations (at which it excels) and cyber attacks against ill-chosen or poorly defended targets (at which it has been less than fully successful). Choice of target continues to baffle observers—recent victims have included a solar panel manufacturer in Sussex, and (as Newsweek notes) "a Japanese dance instructor, and a laminate flooring firm based in Wales." They've also defaced Add Google Online, apparently mistaking it for big Google. But there's no mystery, really: it's opportunistic hacktivism modulated by limited understanding of the target's culture.
Apple prepares its brief in response to the FBI's request for assistance under the All Writs Act. The FBI's case may have been weakened by a decision in a New York drug trial in which investigators had made a similar request. The Federal magistrate denied it.
In industry news, observers continue to look for more consolidation in the cyber security sector, and insurance seems ready to assume its expected place in cyber risk management.
Notes.
Today's issue includes events affecting Afghanistan, China, European Union, India, Iraq, Israel, Russia, Singapore, Syria, Ukraine, United Kingdom, and United States..
San Francisco: the latest from RSA
RSA Conference 2016: Day 1 (Network World) Early discussions on IoT, cloud security, encryption, and industry consolidation
Hot security products at RSA 2016 (Network World) See the latest security wares on display at RSA in San Francisco
Threat intelligence programs lack context experts say (CSO) Despite all the vendor spin and marketing, threat intelligence is weak, expensive, and severely lacking in context
Phantom Takes Top Honors at RSAC 2016 Innovation Sandbox Competition (RSA Conference) If there was any doubt remaining that these are good times for the information security industry, it was erased during the opening day of the RSA Conference, as hundreds of attendees queued up to hear about the hottest startups during the annual Innovation Sandbox competition
SentinelOne Wins Cyber Defense Magazine Editor’s Choice Award for Best Endpoint Security Suite (BusinessWire) Company honored at RSA Conference 2016 as first next generation solution certified to replace antiVirus
Varonis Honored by Cyber Defense Magazine as Most Innovative Insider Threat Detection Solution, Hot Company in User Behavior Analytics (Nasdaq) Varonis Systems, Inc. (NASDAQ:VRNS), a leading provider of software solutions that protect data from insider threats and cyberattacks, has today announced that Cyber Defense Magazine, the industry's leading electronic information security magazine and media partner of the RSA® Conference 2016, has recognized Varonis in two award categories
Best Data Center Security Solution Honor Goes to DB Networks (News Factor) DB Networks®, a leader in database cybersecurity, today announced that Cyber Defense Magazine, the industry’s leading electronic information security magazine and media partner of the RSA® Conference 2016, has awarded DB Networks Layer 7 Database Sensor the winner of the Best Data Center Security Solution for 2016
RiskIQ Named Best of Breed Digital Footprint Security Solution by Cyber Defense Magazine (BusinessWire) New category recognizes innovator in external threats management at RSA Conference 2016
RedSeal Honored as the Most Innovative Network Security Solution in the 4th Annual 2016 Cyber Defense Magazine Infosec Awards (Marketwired) RedSeal (redseal.co), the cybersecurity analytics company, announced today that Cyber Defense Magazine, the industry's leading electronic information security magazine and media partner of the RSA® Conference 2016, has named RedSeal's cybersecurity analytics platform winner of the Most Innovative in the Network Security category
Illumio Named Most Innovative Data Center Security Solution (MarketWired) Illumio Adaptive Security Platform honored in 2016 Cyber Defense Magazine InfoSec Awards
Contrast Security honored as Best of Breed winner in the 4th Annual 2016 Cyber Defense Magazine InfoSec Awards in Application Security (PRNewswire) Contrast Security, the next generation leader in finding vulnerabilities and blocking attacks on software applications, announced today that Cyber Defense Magazine, the industry's leading electronic information security magazine and media partner of the RSA® Conference 2016, has named Contrast Enterprise, winner of the Best of Breed in Application Security Solution of 2016
TrapX Security Wins Cyber Defense Magazine Award 2016 (MarketWired) TrapX DeceptionGrid recognized as the cutting edge deception-based security solution
Tenable Network Security Automates and Simplifies NIST Cybersecurity Framework Adoption for Commercial and Government Organizations (BusinessWire) New Cybersecurity Framework solution introduces the industry’s only dashboards that measure NIST Cybersecurity Framework conformance across complex IT environments at RSA Conference 2016
Skybox Security to Open Eyes at RSA Conference With Release of Industry-First Attack Surface Visualization (Yahoo! Finance) Skybox Horizon reduces exposure to cyberattacks by giving CISOs unprecedented visibility of the attack surface and indicators of exposure (IOEs)
Cyber Attacks, Threats, and Vulnerabilities
ISIS Hackers Target the Wrong Google (Newsweek) Hackers affiliated with the Islamic State militant group (ISIS) who promised to take down Google appear to have mistakenly attacked the wrong target
Ex-Guantanamo detainee allegedly led recruiting cell for the Islamic State (Long War Journal) Hamed Abderrahaman Ahmed, a former Guantanamo detainee, was arrested by Spanish police on Feb. 23 for allegedly leading a jihadist recruiting cell that was sending fighters to the Islamic State in Iraq and Syria. Ahmed and three others were detained in the city of Ceuta, which borders Morocco on the North African coast
Pentagon unleashes Fort Meade cyberwarriors on Islamic State (Baltimore Sun) The Defense Department has called on military hackers at Fort Meade to disrupt the operations of the self-declared Islamic State, a move that adds cyberweapons to the bombs and missiles the United States has been using to batter the terror group
Pentagon wages cyberwar against Islamic State (Los Angeles Times) U.S. commanders mounted a cyberoffensive against Islamic State in Syria for the first time in recent weeks by deploying military hackers against the extremist group’s computer and cellphone networks, according to the Pentagon.
New Malware ‘Rover’ Targets Indian Ambassador to Afghanistan (Palo Alto Networks) On December 24, 2015, Unit 42 identified a targeted attack, delivered via email, on a high profile Indian diplomat, an Ambassador to Afghanistan
ATMZombie: banking trojan in Israeli waters (Cyber Parse) On November 2015, Kaspersky Lab researchers identified ATMZombie, a banking Trojan that is considered to be the first malware to ever steal money from Israeli banks. It uses insidious injection and other sophisticated and stealthy methods
Utilities Cautioned About Potential for a Cyberattack After Ukraine’s (New York Times) The Obama administration has warned the nation’s power companies, water suppliers and transportation networks that sophisticated cyberattack techniques used to bring down part of Ukraine’s power grid two months ago could easily be turned on them
Commentary: Putin’s Options for Cyber Escalation Over Ukraine (Defense News) Part of the Ukrainian power grid was recently taken down by a cyber attack, almost certainly by Russian hackers with ties to the Kremlin, the first time there has been such a determined wartime attack
The “HawkEye” attack: how cybercrooks target small businesses for big money (Naked Security) SophosLabs researcher and regular Naked Security contributor Gabor Szappanos (Szapi) has recently being reviewing the past year’s worth of attack data relating to Microsoft Word document exploits
Customer’s details leaked on Singtel app after software glitch (Channel NewsAsia) The personal information of one customer was published on the My Singtel app after a software glitch, according to the telco
Project Zero bod says antivirus black market is growing (Register) Also: keep an eye out for upcoming Kaspersky patches
Cyberattack on Hollywood Hospital Part of a Growing Trend (AJMC) A large Hollywood hospital was hit with a catastrophe straight out of its own Hollywood movie last month, when a malware attack on its internal network led to a system-wide shutdow
Melrose Police pay hackers in Bitcoin to recover encryption key (Wicked Local) Hackers stole the encryption key to a software system at the Melrose Police Station on Thursday evening, compelling the department to pay the hackers one Bitcoin to regain control, Chief Michael Lyle told the Free Press on Monday
Security Patches, Mitigations, and Software Updates
Borked ESET antivirus update says entire web is too risky to browse (Register) JavaScript false positive prompts virtual recall
Cyber Trends
Cybercom Chief Says More Industry Heads Will Roll After Hacks (Nextgov) The commander of the military's cyberspace troops warned Monday that more corporate heads will roll as companies continue to overlook security holes
Threat intelligence vital to cyber defence, claims CrowdStrike (ComputerWeekly) Companies that ignore the global events that are the drivers behind cyber threats will pay for it in the loss of revenue, jobs, intellectual property, and shareholder value, says CrowdStrike
A mobile data breach could cost you $26.4 million (Help Net Security) While data breaches make great headlines, what is often missing from those reports are the details on how the attackers got into the organization in the first place
Computer security is necessary for journalist safety (CPJ) This week, journalists, technologists, and other human rights advocates will gather in Valencia, Spain for the Internet Freedom Festival, a multidisciplinary "un-conference" dedicated to fighting surveillance and censorship online
Marketplace
Under Pressure, Cybersecurity Market Is Ripe for M&A in 2016 (Wall Street Journal) Cybersecurity, in recent years among the strongest segments of the tech sector, now is feeling the effects of the downturn
E-discovery, Cybercrime, Spur Digital Forensic Market Growth to $4.8 Billion in 2020 (Legaltech News) Increasingly used by the legal industry and the federal government, digital forensic is set to face challenges adapting to newer cloud-based platforms
IBM to purchase cyber security firm Resilient Systems (Reuters) IBM Security plans to acquire private cyber security firm Resilient Systems, the computing giant said Monday, as part of a move to expand its role in the incident response market
IBM Gets Resilient, Forms 3,000 Person Cyber Attack Response Team (Forbes) IBM Corp. announced plans today to acquire Cambridge, Mass. based Resilient Systems, Inc., a privately held cybersecurity firm with 100 employees
Baltimore cyber firm Terbium Labs raises $6.4M in Series A round (Baltimore Business Journal) Baltimore cybersecurity startup Terbium Labs has raised $6.4 million to scale up its dark web data analysis and recovery technology
Why Microsoft is Putting Cybersecurity at Center of Operations (Learn Bonds) Microsoft Corporation (NASDAQ:MSFT) is changing
The Morning Download: Microsoft Says Machine Learning Is Key to New Security Efforts (Wall Street Journal) ood morning. Microsoft Corp. has struggled to protect its platforms from hackers, which given their ubiquity, have provided a large and lucrative target
ThreatStream Renames and Refocuses Itself as Anomali (eWeek) Anomoli's CEO explains his company's new products, new focus and new name and why streaming threats isn't enough anymore
Cyber Espionage Fears Stoked by China’s Zoomlion Bid for Terex (National Defense) Mistrust of China and wariness about its cyber spying are fueling a public policy campaign to halt a corporate acquisition involving a U.S. defense contractor
New Traces of Hacking Team Malware Show the Spy Vendor Is Still in Business (Motherboard) Last summer, a vigilante hacker broke into the systems of the infamous surveillance company Hacking Team, exposing a treasure trove of the company’s secrets, including the source code of the spyware Hacking Team sold to dozens of countries around the world. The breach sent the company into “full on emergency mode,” forcing it to ask its customers to shut off their systems
Starting out in cybersecurity? Read lessons learned and enter competitions (CSO) Part two of my conversation with Jim Jaeger, chief cyber services strategist with Fidelis Cybersecurity and a look at RSA opportunities for newbies
Products, Services, and Solutions
Qualys Inc.: Qualys Joins Forces With HEAT Software to Deliver Cloud-Based Patching (Wall Street Transcript) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based security and compliance solutions, today announced an OEM partnership with HEAT Software to deliver a cloud-based patch management offering to its global customers
Authentic8 Expands Global Language Capabilities (MarketWired) Silo Browser ready for multilingual deployment in diverse enterprise environments
HackerOne boss on why the future's bright for bug bounties (Register) Soft launch of subscriber service on Tuesday
ThetaRay's Detection Center Opens Window on Hidden Cyber Threats, Fraud and Opportunities (PRNewswire) Supports converging roles in financial services and industrial organizations by rapidly identifying actionable anomalies across multiple risk areas
FireEye Launches New Mandiant Service to Help Address Strategic Cyber Security Needs of Industrial Control Systems (EIN News) Industrial Control Systems (ICS) HealthCheck -- A Security Assessment Combining Operational Technology and IT Security Expertise to Improve Detection and Response Capabilities in Critical Systems
Herjavec Group and Splunk Announce New Security Offerings (BusinessWIre) Herjavec Group now offers Splunk security products to help customers address rapidly emerging security threats
Security product solves the network Heisenberg Uncertainty Principle (Network World) If you’re a physics fan like me, you’ll know the famous Heisenberg Uncertainty Principle that states you cannot know a particle's exact location and velocity at the same time
Rook Security Introduces ‘War Room’ App For Real-Time Unified Incident and Crisis Management Collaboration In The Cloud (BusinessWire) Enterprise app drives cohesive plan with delegated tasks; provides real-time status for managing incidents to successful resolution
Darktrace Cyber 'Immune System' Fights Back (Jakarta Post) Darktrace, the world leader in Enterprise Immune System technology, has announced Darktrace Antigena, a ground-breaking new product that uses machine learning to allow networks to automatically self-defend
Management consulting giant Accenture launches dedicated Cyber Intelligence Platform (Silicon Angle) Management consulting services giant Accenture PLC has entered the cyber intelligence space with the launch of its new Accenture Cyber Intelligence Platform Monday
Lockheed Martin Commercial Cyber and Cybereason Unveil New Advanced Endpoint Solution (PRNewswire) Wisdom EDR™, powered by Cybereason™, is the first Endpoint Detection and Response solution driven by Lockheed Martin Threat Intelligence
Ntrepid Announces Open Sign Up for Secure Web Browser to Victims of OPM Breach (BusinessWIre) 60-day sign up starts today allowing OPM breach victims to preregister for Passages
Technologies, Techniques, and Standards
Three Ways to Reduce the Impact of a Breach (IBM Security Intelligence) Having been in the IT security industry and incident response for over 15 years, I have seen my fair share of security breaches, and I’ve experienced firsthand the effect these events can have on individuals and businesses
The World of Unknowns and the First Responder (Tripwire: the State of Security) When it comes to known unknowns, there is one fact you can be sure of, which is based on the conundrum of “Am I being, or have I been hacked?” – with the knowing component here representing the high probability that the answer is in the affirmative
Insurance a Critical Component of Cyber Defence Strategy (Information Securiy Buzz) Cyber Essentials eases path to cyber insurance for UK’s SMEs
Legislation, Policy, and Regulation
Details of EU-U.S. Privacy Shield Released (Legaltech News) The European Commission has announced the legal texts providing the framework for the EU-U.S. Privacy Shield
EU asks U.S. firms to play ball on privacy for data pact to work (Reuters) Europe sought to plug a gap in a new transatlantic data pact on Monday by urging U.S. firms to allow European Union privacy regulators to police compliance with the new rules
Cyber War Against ISIL Hones Weapons Vs. Russia, China (Breaking Defense) The US is waging an outright cyber war against Daesh, the self-proclaimed Islamic State, the Secretary of Defense and the Chairman of the Joint Chiefs made clear this morning. While Carter did not say so, we believe this is the first official confirmation by a senior military official that the United States has waged war on an enemy using cyber weapons, as opposed to the already widespread use of cyber for espionage
Carter Heads to Silicon Valley as ISIS Cyberwar Expands (Defense News) As the Pentagon steps up cyber operations against the Islamic State group, Secretary of Defense Ash Carter is heading to Silicon Valley this week to meet with leaders from the technology industry
A former CIA analyst explains how tech companies can help fight terrorism (Quartz) US government officials and political candidates are increasingly criticizing Silicon Valley for not doing enough to prevent terrorists from capitalizing on technology
Details emerge about planned digital security commission (FCW) Details are emerging about a plan to create a congressionally mandated commission that would carve a path between the competing interests of law enforcement and technology companies in the digital security space
Op-Ed: Obama's Big Mistake on Cyber (House Committee on Oversight and Government Reform) Cyber criminals, hacktivists, and foreign adversaries conduct millions of cyberattacks against U.S. interests daily, looking to steal state secrets and valuable information and undermine critical infrastructure. Attacks on the Office of Personnel Management and big-name private sector companies have shown that no one is immune
Verizon CEO McAdam Calls for Encryption, Clear Laws on Security (Bloomberg Business) Tech leaders and U.S. lawmakers must come to a long-term solution on how to simultaneously protect individual privacy and national security, Verizon Communications Inc. Chief Executive Officer Lowell McAdam said
Why cyber needs to be a priority on the 2016 campaign trail (The Hill) For the foreseeable future, cyberspace will be one of the most important battlefields for the United States and its allies
Litigation, Investigation, and Law Enforcement
The exact moment when the FBI realized how big its battle with Apple would be (BGR) As many observers have pointed out, Apple’s battle with the FBI over encryption and whether or not it can be forced to help the FBI hack into a terrorist’s iPhone has largely been a PR battle
Government can’t force Apple to provide locked iPhone data, judge rules (Dallas Morning News) The U.S. Justice Department cannot force Apple to provide the FBI with access to locked iPhone data in a routine Brooklyn drug case, a magistrate judge ruled Monday
Apple takes tough stance in US, but rolls over for Beijing, Huawei voices its support (Shanghai List) As a showdown takes place between Apple and the US government over privacy concerns, some observers are beginning to question why the tech giant does not take a similar firm stance in the Chinese market
At least 2,079 Clinton emails contain classified material (McClatchyDC) At least 2,079 emails that Hillary Clinton sent or received contained classified material, according to the State Department’s final update from its review of more than 30,000 emails
Lynch: No 'artificial deadline' on Clinton email probe (The Hill) Attorney General Loretta Lynch said Monday evening the Department of Justice won't adhere to an "artificial deadline" in deciding to review any possible criminal charges relating to Hillary Clinton's email arrangement
For a complete running list of events, please visit the Event Tracker.
Newly Noted Events
International Conference on Cyber Security (ICCS) 2016 (Kota, Rajasthan, India, Aug 13 - 14, 2016) The International Conference on Cyber Security (ICCS) 2016 is an unparalleled opportunity to discuss cyberthreat analysis, operations, research, and law enforcement to coordinate various efforts to create a more secure world. The ICCS 2016 serves as a platform for researchers and practitioners from academia, industry, and government to present, discuss, and exchange ideas that address real-world problems with CYBER SECURITY. The conference program will include special sessions, presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures and keynote speeches
Upcoming Events
RSA Conference 2016 (San Francisco, California, USA, Feb 29 - Mar 4, 2016) Celebrating its 25th anniversary, RSA Conference continues to drive the information security agenda forward. Connect with industry leaders at RSA Conference 2016
CISO Summit Europe (London, England, UK, Feb 28 - Mar 1, 2016) With the media covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include engaging Keynote Presentations, Thought Leadership sessions, CISO Think Tanks, Analyst Q&As and much more
Cybersecurity: Defense Sector Summit (Troy, Michigan, USA, Mar 1 - 2, 2016) The National Defense Industrial Association (NDIA) Michigan Chapter Cybersecurity: Defense Sector Summit is to provide a forum to foster educational dialog between government, industry and academia in support of shaping the defense sector's strategy for "platform" cybersecurity. Multiple "conversation panels" will be focused on how cybersecurity is impacting not only ground vehicles, but air and maritime platforms. Key to the discussion will be synergies and lessons to be learned from connected car initiatives and the commercial sector. The Summit is in partnership with the State of Michigan and its Michigan Economic Development Corporation (MEDC)
International Academic Business Conference (New Orleans, Louisiana, USA, Mar 6 - 10, 2016) The Clute Institute of Littleton Colorado sponsors six academic conferences annually that include sessions on all aspects of cybersecurity. Cybersecurity professionals from industry and academics are welcome to make presentations and/or to only attend sessions. The Clute Institute also seeks manuscripts for possible publication in our recently launched Journal of Cybersecurity Research
CISO Chicago Summit (Chicago, Illinois, USA, Mar 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more
Navigating Summit 2016 (Canberra, Australia, Mar 8, 2016) The Australian government has pledged to create a future-proofed nation, one that is fit to drive higher economic growth and improved standards of living using information technology innovatively. Privacy and cyber-security are the cornerstones of this strategy. The Summit will examine the implications of privacy and security in a ubiquitously connected, data driven world. Key areas of focus will include digital identity, open data and data sharing, the implications of technologies such as cloud computing, data analytics and the Internet of Things and perceived tensions between privacy and security and innovation.
CISO Atlanta Summit (Atlanta, Georgia, USA, Mar 10, 2016) Tactics and Best Practices for Taking on Enterprise IT Security Threats. With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data
The Atlantic Council's Cyber 9/12 Student Challenge (Washington, D.C. USA, Mar 11 - 12, 2016) Now entering its fourth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges associated with cyber crisis and conflict. Part interactive learning experience and part competitive scenario exercise, it challenges teams to respond to a realistic, evolving cyberattack and analyze the threat it poses to national, international, and private sector interests
SANS 2016 (Orlando, Florida, USA, Mar 12 - 19, 2016) It is time we unite, join forces, and show that if we work together, we can make a measurable difference in security. It is our pleasure to announce that SANS 2016 is back in Orlando, Florida March 12-21 with cutting-edge courses taught by top industry professionals who will provide you with the best available information and software security training. We invite you to take this amazing opportunity to meet with other cyber security professionals at one of the largest SANS events and learn actionable steps that will make an impact on security. Our event campus and lodging will once again be the magnificent Walt Disney World Dolphin Resort.
CONAUTH/EKMS/COMSEC Information Sharing and Key Management Infrastructure (ISKMI) 2016 (Waikiki, Hawaii, USA, Mar 14 - 18, 2016) The ISKMI will draw global-wide participation and Allied (Five Eyes and NATO) attendees. Information sharing will be centralized to Key Management Infrastructure (KMI), Cryptographic Modernization (CM), and Operation/Exercise lessons learned during Joint/Allied operations. The event will support all levels of organizations that manage deployed forces, or the local community. ISKMI will address rapidly changing security strategies, technologies and methodologies that make accounting of safeguarding and securing equipment more complex than ever before.
Pwn2Own 2016 (Vancouver, British Columbia, Canada, Mar 16 - 17, 2016) Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. While the latest browsers from Google, Microsoft, and Apple are still targets, the Windows-based targets will be running on a VMware Workstation virtual machine. A $75K bonus will be given to those who can escape the VMware virtual machine. This is our first year including VMware as a target, and we look forward to seeing what researchers will do with it
Insider Threat Symposium & Expo™ (San Antonio, Texas, USA, Mar 17, 2016) The Insider Threat Symposium & Expo was created in the wake of the recent data breaches affecting the U.S. Government (WikiLeaks, NSA Breach), and the continued damaging and costly insider threat incidents to businesses. The Insider Threat Symposium & Expo is a MUST ATTEND event for individuals working for the U.S. Government, State Governments, Department of Defense, Intelligence Community Agencies, Critical Infrastructure Providers, Defense Industrial Base Contractors, Airport / Aviation Security, large and small businesses
ICCWS 2016 (Boston, Massachusetts, USA, Mar 17 - 18, 2016) ICCWS 2016 will cover the complex but exciting aspects of international cyber warfare and security
CISO Summit France (Paris, France, Mar 22, 2016) A forum for innovative IT thought leaders across France. Despite economic instability in the euro zone amid an on-going global financial crisis, IT spending worldwide is expected to increase in the coming years. But even with enterprises tacking notice of new technologies capable of driving revenue and lowering costs, IT departments aren't yet in the clear. The role of the CISO is more important than ever as financial turmoil continues to alter the world's economy, making it difficult to put your organisation in a position to achieve success. The business goals have changed and CISOs are now tasked with trying to find emerging opportunities to drive value throughout the enterprise
Risk Management Summit (New York, New York, USA, Mar 22 - 23, 2016) The Business Insurance Risk Management Summit is a unique two-day conference serving the information and networking needs of senior risk managers, benefits managers and related decision makers from the largest US and global companies. Now in it its seventh year, provides attendees with focused insights into key risk management concerns via expert panels and strategic, thought-provoking discussions with peers and industry leaders
Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, Mar 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that have only limited functionality — have become viable. While this potentially will provide great opportunities, the development of AI is likely to impact upon the very functioning of society. In this context, the specialized training on AI and autonomous robotics aims to provide media and public relations professionals with an in-depth understanding of the implications that the rapid advancement of AI technology may affect the global community in both the physical and structural spheres and the potential impact of the future evolution of such technology, especially in terms of security. Emphasis will be given to the way in which AI and autonomous robotics can be represented and communicated in the media
International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, Mar 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce. Despite the increasing demand for cybersecurity professionals globally it remains an area where there is a significant shortage of skilled security professionals. The conference will facilitate a national dialogue toward enhancing opportunities in cybersecurity education and increase employment opportunities for minorities
Commonwealth Cybersecurity Forum 2016 (London, England, UK, Mar 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together cybersecurity stakeholders from across the Commonwealth; from policy makers, regulators and implementing agencies to private sector and civil society. The Forum is a place to showcase expertise, build capacity, present new technologies and develop relationships. Importantly it will map out the future cooperation among Commonwealth countries in Cybersecurity
Black Hat Asia 2016 (Singapore, Mar 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings
SecureWorld Boston (Boston, Massachussetts, USA, Mar 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers
Insider Threat Summit (Monterey, California, USA, Mar 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: to better understand security challenges in order to better defend against insider threats
TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, Mar 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem. The conference unites players from research labs, automakers, tier 1's, security researchers, and the complete supply chain to plan for the imminent future
Women in Cyber Security 2016 (Dallas, Texas, USA, Mar 31 - Apr 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional Development), WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring. Any individual or organization interested in supporting recruiting and retention efforts for women in cybersecurity is encouraged to participate