The CyberWire Daily Briefing 03.24.16

Summary

By The CyberWire Staff

ISIS claims, online, as usual, responsibility for the Brussels massacres. Also as usual, ISIS welcomes all media coverage even when it execrates jihad. This serves only to inspire their recruits, increasingly drawn from the disaffected and the criminal. They easily organize into small cells whose coordinated actions are sufficiently local to require little more command-and-control than what face-to-face word-of-mouth can provide. European authorities recognize an old lesson in this guerrilla war: intelligence collection outstrips analysis and dissemination.

The US is expected to charge Iranian nationals later today with crimes related to cyber reconnaissance of a Rye, New York, flood control dam. The indictment comes as other concerns about the vulnerability of water and power infrastructures arise. A Verizon report indicates that an unnamed water supply utility was hacked in ways that enabled attackers to manipulate levels of chemicals in potentially dangerous ways. And the continuing investigation into December's Ukraine grid hack reveals more patient preparation on the attackers' part.

The US FBI has added two members of the Assad regime's Syrian Electronic Army to its most-wanted list. Observers think this case shows the convergence of political hacktivism and ordinary organized crime (a convergence also noted with ISIS).

Cisco's Talos group finds privilege escalation vulnerability in the Apple Intel HD3000 Graphics kernel driver. Apple's fixing it.

Consensus among observers is that the alternative method the FBI's come up with to open the San Bernardino jihadist's iPhone involves NAND mirroring. The "third-party" who's helping the Bureau is said to be Cellebrite.

Catch today's CyberWire podcast later this afternoon. We'll hear from the University of Maryland's Ben Yelin, who'll discuss US Constitutional rights to privacy in the cyber domain. (And we'll discuss more of the day's news.)

Notes.

Today's issue includes events affecting Australia, Bangladesh, Belgium, China, Estonia, European Union, France, Germany, Iraq, Iran, Israel, Netherlands, Russia, Syria, Turkey, Ukraine, United States

Sponsored Events

2016 National Conference of Minority Cybersecurity Professionals (Washington, DC, March 23 - 24, 2016)

Women in Cybersecurity (WiCYS) 2016 (Dallas, TX, March 31 - April 2, 2016)

Selected Reading

Cyber Trends

Majority Of Bad Bots Behave Like Humans (Dark Reading) And for the first time since 2013, humans outnumber bad bots on the Web -- but that doesn't mean humans are beating bots, new study shows

What does privacy mean to you? (Christian Science Monitor Passcode) A photo series exploring this key issue of the Digital Age

Legislation, Policy and Regulation

Five Ways to Devastate ISIL (Politico) In the wake of the Brussels terrorist attacks, the United States and its allies would do well to consider these new tactics

As Terrorists Cross Borders, Europe Sees Anew That Its Intelligence Does Not (New York Times) If another example of the failure of European intelligence services to share and act on information about potential terrorists was needed, Wednesday’s identification of the bombers in the deadly Brussels attacks the day before certainly provides it

What Can Estonia Teach Us about Cybersecurity? (GW Today) Estonian prime minister says in speech at GW that trust and privacy are keys to the future of digital societies

Australian industry lashes out at data breach notification scheme (IT News) Businesses complain of unclear obligations, broad scope

3 Big Changes in Transatlantic Data Regulation under the Privacy Shield (Legaltech News) The publically released text reveals what areas of the new agreement will be most impactful, and perhaps most burdensome

NPPD proposes plan to redefine itself as operational cybersecurity body (FierceGovernmentIT) The Homeland Security Department would rename and restructure the National Protection and Programs Directorate, or NPPD, in a new proposal redefining its mission. Its new identity of "Cyber and Infrastructure Protection," or CIP, would serve as a central cybersecurity taskforce and take a more operational role

Lawmakers warn of 'radical' move by NSA to share information (The Hill) A bipartisan pair of lawmakers is expressing alarm at reported changes at the National Security Agency that would allow the intelligence service’s information to be used for policing efforts in the United States

H.R. 3361 Department of Homeland Security Insider Threat and Mitigation Act of 2016 (Congressional Budget Office) H.R. 3361 would direct the Department of Homeland Security (DHS) to establish a program to protect the department’s critical assets from insider threats (that is, harmful activities by department employees and certain other persons with access to classified information)

Clinton calls for more surveillance, police after Brussels attacks (CNN) Hillary Clinton says the United States must increase its surveillance to avert Brussels-style attacks on unprotected "soft" targets

Commerce Dept Names Kiersten Todt Nat’l Cyber Commission Exec Director (ExecutiveGov) Commerce Secretary Penny Pritzker has appointed Kiersten Todt, former managing partner and president of Liberty Group Ventures, as executive director for the Commission on Enhancing National Cybersecurity

Products, Services, and Solutions

SecureRF Announces Veridify®, a Cloud‐based Platform and Application Suite Delivering Public‐Key Infrastructure to Tags and Devices in the IoT (SecureRF) SecureRF, a leading provider of security solutions for the Internet of Things, announced today the availability of Veridify, a cloud‐based platform delivering Public‐Key Infrastructure for devices, sensors and tags in the IoT

Knowns and Unknowns: What It Means to Shift from Prevention to Detection and Response (IKANOW) “We haven’t stopped huge breaches. The focus now is on resilience, with smarter ways to detect attacks and faster ways to respond to them"

Stock Update (NASDAQ:FEYE): FireEye Inc Launches Mandiant® Red Team Operations (Smarter Analyst) FireEye Inc (NASDAQ:FEYE), the leader in stopping today’s advanced cyber attacks, today announced the launch of Mandiant® Red Team Operations, a set of objectives-based assessments that conduct no-holds-barred attacks on organizations to highlight weakness in systems or procedures and to enhance detection and response capabilities

Bringing endpoint and firewall together is an idea so simple it’s revolutionary (Sophos) As the information security industry matures, we’re beginning to come to terms with the reality that there is no such thing as perfect prevention

A cybersecurity startup that aims to change the rules of web security game (TechWorm) High-Tech Bridge, a Geneva-based company with offices in San Francisco, is probably already known to you for its free SSL security service, which can be used to probe encryption of email, web or even SSL VPN servers

Technologies, Techniques, and Standards

Aetna CISO talks about threat intelligence and enterprise risk management (CISO) The growth of ISACs will continue as more companies learn that mature cyber security programs all share information to make their enterprises more resilient

Nemucod's CRYPTED Ransomware Can Be Neutralized with This Decrypter (Softpedia) Ransomware victims can recover files for free

This bag of tricks may help stop a Locky ransomware infection (IDG via CSO) A malware researcher has found a few tricks to stop one of the latest types of ransomware, called Locky, from infecting a computer without using any security programs

Security spring cleaning time (CSO) Time to get rid of that shelfware

Why DHS might hack your agency (FCW) The cybersecurity penetration team that has the Department of Homeland Security's only "hands-on" cybersecurity testing capabilities is planning to expand its stable of test threats

Marketplace

INSIGHT: Are you liable for a cybersecurity attack? (Sioux Falls Business Journal) By far the most misunderstood insurance coverage is cyberliability

Is Cybersecurity a Top Risk Concern for Banks? The Experts Weigh In (Legaltech News) A Bank Director survey found many banks still aren’t doing enough to protect themselves—and their customers

DoD Seeks Cyber Platforms Through Solutions Meeting (ExecutiveBiz) The Defense Department will hold a meeting in Washington between June and July 2016 to allow potential contractors to deliver technical presentations about their cyber platforms

Q&A: FireEye CEO On Apple-FBI, Critical Infrastructure Attacks And Why We're At The Biggest Inflection Point In History (CRN) Since the beginning of the year, FireEye has been investing big in threat intelligence

Interview: John McCormack, Forcepoint (Infosecurity Magazine) Around 11 months on from the acquisition of Websense by defense contractor Raytheon, I had the chance to talk to the CEO of the newly formed entity of that company – Forcepoint

Former U.S. Security Specialist’s MGA Ridge Global Tackling Cyber Risk (Insurance Journal) It may be surprising to some that a former governor and head of National Security started an insurance company focused on cyber risk, but Tom Ridge, president and CEO of Ridge Global says it shouldn’t be

FourV wants to make it painfully simple to understand your company’s IT security risk (Technical.ly Baltimore) The startup's platform generates a numerical score that's designed to make it easier to show execs if their data is in danger

F5 Networks Nabs Fortinet, Lookout Execs To 'Supercharge' Security Sales (CRN) F5 Networks' channel sales team is getting a shot in the arm as it hires two top industry veterans with global experience to bolster the vendor's security charge

Research and Development

US Intelligence Wants Computers That Spot Fake Fingerprints (Defense One) Researchers at the Intelligence Advanced Research Projects Agency aim not only to spot prosthetic thumbs, it will also learn to predict attacks never seen before

Security Patches, Mitigations, and Software Updates

Cisco Releases Security Updates (US-CERT) Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities could allow a remote attacker to create a denial-of-service condition

Cyber Attacks, Threats, and Vulnerabilities

Islamic State Claims Deadly Bombings in Brussels (ABC News) Islamic extremists struck Tuesday in the heart of Europe, killing at least 34 people and wounding scores of others in back-to-back bombings of the Brussels airport and subway that again laid bare the continent's vulnerability to suicide squads

ISIS Is Using the Media Against Itself (Atlantic) It doesn’t matter if the coverage that follows an attack is negative. For ISIS, any coverage is good coverage

Squeezed At Its Base, ISIS Grows More Dangerous Elsewhere (NPR) The Islamic State has been steadily losing territory in its self-declared caliphate in Syria and Iraq, where a U.S. bombing campaign and a host of rival forces chip away at its holdings

IS trains 400 fighters to attack Europe in wave of bloodshed (AP) The Islamic State group has trained at least 400 fighters to target Europe in deadly waves of attacks, deploying interlocking terror cells like the ones that struck Brussels and Paris with orders to choose the time, place and method for maximum chaos, officials have told The Associated Press

New ISIS recruits have deep criminal roots (Washington Post) One perpetrator was an automobile thief before he got religion, and served time in a Belgian prison on a carjacking charge

In Brussels Attacks, Chronicle of a Disaster Foretold (Foreign Policy) Belgian spies said attacks were coming, but overwhelmed security forces were powerless to prevent terrorists from killing 34 and wounding hundreds more

Between the Expected and the Inevitable (The Cipher Brief) First Paris, then San Bernardino, now Brussels. How widespread are ISIS networks in Europe and North America, and can we expect these kinds of attacks on a regular basis?

123 People Have Signed Up To Be I.S. Suicide Bombers (Sky News) Would-be suicide bombers come from countries including France, Germany, Spain, Tunisia and Egypt, Sky News can reveal. The information comes from exclusive Islamic State personnel files obtained by Sky. Stuart Ramsay explains more

Exclusive: U.S. to charge Iran in cyber attacks against banks, New York dam - sources (Reuters) The Obama administration is expected to blame Iranian hackers as soon as Thursday for a coordinated campaign of cyber attacks in 2012 and 2013 on several U.S. banks and a New York dam, sources familiar with the matter have told Reuters

Indictment against hackers linked to Iranian goverment to be unsealed (Washington Post) The Justice Department on Thursday expect to announce the unsealing of an indictment charging several hackers associated with the Iranian government with cybercrimes

Hackers hijacking water treatment plant controls shows how easily civilians could be poisoned (International Business Times) A group of hackers managed to infiltrate a water treatment plant and change the levels of chemicals being used to treat tap water four times during the cyberattack, security researchers report

The future of our city services? Cyberattackers target core water systems (ZDNet) In a recent case, cyberattackers have demonstrated that breaches are not limited to corporate targets

Hackers Infiltrated Ukrainian Power Grid Months Before Cyber-Attack (eWeek) Attackers controlled some systems within three Ukrainian power companies' networks for more than six months, a fact only revealed after they cut power to more than 225,000 people in December 2015

Are These Syrian Hackers Cyber Warriors, or Just Thieves? (Defense One) The FBI added two Syrian hackers to its most-wanted list for cybercriminals, a project that's only been running since 2013 and includes individuals from China, Russia and Eastern Europe

Vulnerability Spotlight: Apple OS X Graphics Kernel Driver Local Privilege Escalation Vulnerability (Cisco Talos Security) Cisco Talos, in conjunction with Apple’s security advisory issued on Mar 22, is disclosing the discovery of a local vulnerability in the communication functionality of the Apple Intel HD3000 Graphics kernel driver. This vulnerability was initially discovered by the Talos Vulnerability Research & Development Team and reported in accordance with responsible disclosure policies to Apple

Google publishes list of Certificate Authorities it doesn't trust (Register) Thawte experiment aims to expose issuers of dodgy creds

New self-protecting USB trojan able to avoid detection (We Live Security) A unique data-stealing trojan has been spotted on USB devices in the wild – and it is different from typical data-stealing malware

Three US hospitals hit by ransomware (BBC) The IT systems of three US hospitals have been infected with ransomware, which encrypts vital files and demands money to unlock them

VA cyber intrusion attempts down, non-cyber data loss incidents up in February (FierceGovernmentIT) The Veterans Affairs Department saw cyber intrusion attempts drop by more than 10 million attempts in February, but reported non-cyber data loss incidents increased significantly

Has health care hacking become an epidemic? (PBS Newshour) In February 2015, Anthem made history when 78.8 million of its customers were hacked. It was the largest health care breach ever, and it opened the floodgates on a landmark year

TeamViewer Denies It Is Ransomware Infection Vector (KnowBe4) A modified version of EDA2, an open source ransomware strain developed by Turkish computer engineering student Utku Sen, --by the way, thanks Utku, that was a very smart idea-- has been encrypting files and appending the .surprise extension to them. The cybercriminals using the Surprise ransomware have chosen an unusual infection vector: the popular remote control tool TeamViewer

4 cyber security companies that got hacked themselves (Computer Business Review) There have been several major cyber-attacks on large firms in recent years, with those on TalkTalk and Ashley Madison making the headlines last year

Lockheed F-35's Cybersecurity Flaws Cited by Pentagon Tester (Bloomberg) Cybersecurity weaknesses in Lockheed Martin Corp.’s F-35 are among “many unresolved deficiencies” hobbling the costliest U.S. weapons program as production of the fighter jet ramps up, the Pentagon’s top tester said

Academia

Norwich University Applied Research Institutes to Develop Cybersecurity Course for First Responders (Vermont Digger) Norwich University Applied Research Institutes (NUARI) has been contracted to develop a cybersecurity course for first-responders. On February 11, 2016, NUARI signed a Subaward Agreement in the amount of $251,301 with the University of Arkansas System Criminal Justice Institute as prime contractor

Litigation, Investigation, and Enforcement

Turkish Media: Police Arrest 17 IS Suspects (Voice of America) Police arrested as many as seven alleged Islamic State members Tuesday during raids on various addresses in Istanbul, Turkish news agencies said

Intel chairman: Brussels attacks appeared to target Americans (The Hill) The terror attacks in Brussels on Tuesday appear to have been designed to hit Americans, according to the head of the House Intelligence Committee

After Brussels Attacks, U.S. Must Shut Down Foreign Fighter Pipelines (National Interest) The first question security professionals around the world ask after a horrific terrorist attack is: What’s next? The second question is: How to stop it?

Can Predictive Analytics Help Governments Police ‘Violent Extremism’? (Legaltech News) International terrorism faces government with challenges of safety and policing. Is there balance to be found in analytics?

An Israeli Firm Is Reportedly Helping the FBI Unlock the San Bernardino Killer’s Phone (Time) Apple has refused to help investigators, citing privacy concerns

Here's how the FBI plans to crack terrorist's iPhone (CSO) In turn-about, government now says Apple's help not needed; 'outside party' has likely demonstrated 'NAND mirroring' technique, says iOS forensics expert

My Take on FBI’s “Alternative” Method (Zdziarski's Blog of Things) FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods

Apple v. FBI case on hold, but 'going dark' debate rages on (Christian Science Monitor Passcode) Though Apple and the FBI will not meet in court this week, questions about the role of encrypted communications in plotting terrorist attacks resurfaced after Tuesday's bombings in Brussels

Tor Project says developers would rather quit than give FBI a backdoor (Naked Security) The Tor Project is standing with Apple in its ongoing battle with the US government over encryption backdoors, and several developers for the anonymity service have said they would rather quit than add a backdoor to Tor’s software

Apple Policy on Bugs May Explain Why Hackers Would Help F.B.I. (New York Times) After a third party went to the F.B.I. with claims of being able to unlock an iPhone, many in the security industry said they were not surprised that the third party did not go to Apple

USA offers $100,000 bounty for alleged Syrian Electronic Army members (Hot for Security) The US Department of Justice believes it has identified three members of the notorious Syrian Electronic Army, who have in recent years made a name for themselves with their high profile hacks against media organisations, targeted spear-phishing attacks, and redirecting well-known websites to display propaganda in support of the Syrian Government and President Bashar al-Assad

Chinese National Pleads Guilty to Conspiring to Hack into U.S. Defense Contractors’ Systems to Steal Sensitive Military Information (US Department of Justice) A Chinese national pleaded guilty today to participating in a years-long conspiracy to hack into the computer networks of major U.S. defense contractors, steal sensitive military and export-controlled data and send the stolen data to China

BSEC asks CDBL to remain alert against cyber attack (Financial Express) The securities regulator has instructed the Central Depository Bangladesh Limited (CDBL) to ensure proper protection of the listed companies' shares by thwarting any possibility of cyber attack, officials said

Bangladesh Bank weighs lawsuit against New York Fed over hack (Reuters via Business Insurance) Bangladesh's central bank has hired a U.S. lawyer for a potential lawsuit against the Federal Reserve Bank of New York after hackers stole $81 million from its account with the New York Fed, according to an internal report by the Bangladesh bank

Bangladesh tech expert who went missing after cyber theft returns (Reuters via Yahoo!) A Bangladeshi cyber crime expert who went missing while he was assisting a police investigation into an attempted $951 million electronic theft from the central bank's computers, returned home early on Wednesday, his wife said

Experts see little chance of charges in Clinton email case (Press Herald) Several lawyers who specialize in this area say it's a stretch to apply existing statutes to a former cabinet secretary whose communication was with aides – not with a national enemy

AP data analysis finds federal employees do 'really crappy' record searches (FierceContentManagement) An Associated Press annual review of all FOIA requests handled by 100 federal agencies in 2015 revealed the federal government's ability to complete record searches is abysmal

Design and Innovation

Into the Abyss: The Botnet Landscape as Seen Through a Social Graph (Imperva Incapsula) Our blog posts and reports typically provide insights into the technicalities of DDoS attacks, emerging threats and common attack trends faced by organizations

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Staying Ahead of the Curve - Securing a Nation Amid Change (Washington, DC, USA, April 26, 2016) A discussion of the changing cybersecurity landscape, featuring a keynote by General Keith Alexander, former Director, National Security Agency, and a panel discussion of the challenges facing Federal security leadership.

upcoming Events

Artificial Intelligence and Autonomous Robotics (Clingendael, the Netherlands, March 23 - 24, 2016) Artificial Intelligence (AI) has been a feature of science fiction writing for almost a century, but it is only in more recent years that the prospect of truly autonomous robotics — even those that have only limited functionality — have become viable. While this potentially will provide great opportunities, the development of AI is likely to impact upon the very functioning of society. In this context, the specialized training on AI and autonomous robotics aims to provide media and public relations professionals with an in-depth understanding of the implications that the rapid advancement of AI technology may affect the global community in both the physical and structural spheres and the potential impact of the future evolution of such technology, especially in terms of security. Emphasis will be given to the way in which AI and autonomous robotics can be represented and communicated in the media

International Consortium of Minority Cybersecurity Professionals (ICMCP) Inaugural National Conference (Washington, DC, USA, March 23 - 24, 2016) The conference will focus on the public, private and academic imperatives necessary to closing the growing underrepresentation of women and minorities in cybersecurity through diversification of the workforce. Despite the increasing demand for cybersecurity professionals globally it remains an area where there is a significant shortage of skilled security professionals. The conference will facilitate a national dialogue toward enhancing opportunities in cybersecurity education and increase employment opportunities for minorities

Commonwealth Cybersecurity Forum 2016 (London, England, UK, March 23 - 24, 2016) The Commonwealth, built on consensus and mutual support, is an ideal platform to build international cooperation on various aspects of cybersecurity. CTO's Commonwealth Cybersecurity Forum brings together cybersecurity stakeholders from across the Commonwealth; from policy makers, regulators and implementing agencies to private sector and civil society. The Forum is a place to showcase expertise, build capacity, present new technologies and develop relationships. Importantly it will map out the future cooperation among Commonwealth countries in Cybersecurity

Black Hat Asia 2016 (Singapore, March 29, 2016) Black Hat is returning to Asia again in 2016, and we have quite an event in store. Here the brightest professionals and researchers in the industry will come together for a total of four days — two days of deeply technical hands-on Trainings, followed by two days of the latest research and vulnerability disclosures at our Briefings

SecureWorld Boston (Boston, Massachussetts, USA, March 29 - 30, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

Insider Threat Summit (Monterey, California, USA, March 29 - 30, 2016) The focus of the Insider Threat Summit is to discuss personnel security issues including cyber security challenges and capabilities, continuous evaluation of privileged identities and ethical physical security considerations. A heightened awareness of insider threats due to numerous newsworthy attacks and unauthorized leaks has brought us together for one main purpose: to better understand security challenges in order to better defend against insider threats

TU-Automotive Cybersecurity USA 2016 (Novi, Michigan, USA, March 29 - 30, 2016) TU-Automotive Cybersecurity dissects the real issues behind the headlines, helping you to apply technology and best practices to deliver robust security defenses and processes within a more secure ecosystem. The conference unites players from research labs, automakers, tier 1's, security researchers, and the complete supply chain to plan for the imminent future

Insider Threat Program Development Training (Washington, DC, USA, March 29 - 30, 2016) Insider Threat Defense announced it will hold a training class on Insider Threat Program Development (National Insider Threat Policy-NISPOM Conforming Change 2) on March 29-30, 2016, in Washington, DC. For a limited time the training is being offered at a discounted rate of $795. The training is comprehensive and provides students with the knowledge and resources to develop and implement a robust Insider Threat Program. Insider Threat Defense has trained a substantial number of organizations and has become the "Go To Company" for Insider Threat Program Development Training

Women in Cyber Security 2016 (Dallas, Texas, USA, March 31 - April 2, 2016) With support from National Science Foundation, Award #1303441 (Capacity Building in Cybersecurity: Broadening Participation of Women In Cybersecurity through the Women in Cybersecurity Conference and Professional Development), WiCyS is an effort to bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry for sharing of knowledge/experience, networking and mentoring. Any individual or organization interested in supporting recruiting and retention efforts for women in cybersecurity is encouraged to participate

SANS Atlanta 2016 (Atlanta, Georgia, USA, April 4 - 9, 2016) Learn the most effective steps to prevent attacks and detect adversaries with actionable techniques that you can directly apply when you get back to work. Take advantage of tips and tricks from the experts so that you can win the battle against a wide range of cyber adversaries who want to harm your digital environment

Billington CyberSecurity INTERNATIONAL Summit (Washington, DC, USA, April 5, 2016) On April 5, in Washington, D.C., join leading cybersecurity officials from across the globe at the Billington CyberSecurity INTERNATIONAL Summit to engage in an intensive information exchange between leading US and global corporate and government executives

ISC West 2016 (Las Vegas, Nevada, USA, April 6 - 8, 2016) ISC West is the leading physical security event to unite the entire security channel, from dealers, installers, integrators, specifiers, consultants and end-users of physical, network and IT products. With over 1,000 exhibitors and brands, spanning hundreds of product categories, it's the Must-Attend event for the global security industry. ISC West is where the security community gathers to see new products and technologies first, to network with other security professionals, and to stay on top of emerging security risks with cutting edge education

ASIS 15th European Security Conference & Exhibition (London, England, UK, April 6 - 8, 2016) ASIS Europe 2016 invites you to join security professionals and experts from over Europe and beyond in one of the most dynamic centres of business and culture in the world

Cybersecurity and Privacy Protection Conference (Cleveland, Ohio, USA, April 7 - 8, 2016) The Center for Cybersecurity and Privacy Protection 2016 Conference will bring together experienced government officials, in-house counsels, business executives, cyber insurance leaders, litigators, information security officers and privacy managers to discuss current developments and best practices in cybersecurity and privacy protection. The conference is aimed at identifying innovative strategies that integrate legal, managerial and technical approaches to managing cyber and privacy risks. Join us to connect and engage with leading experts who will address cyber and privacy risk-management strategies, regulatory compliance, civil litigation following high-profile data breaches, law enforcement cooperation and information-sharing models, incident-response and cyber-risk insurance.

Rock Stars of Risk-based Security (Washington, DC, USA, April 12, 2016) Virtually every company will be hacked, and today, experts accept that a 100% security solution is not feasible. Advanced risk assessment and mitigation is the order of the day. Rock Stars of Risk-Based Security is the must attend symposium of its kind in 2016 on this critical new reality.

Threat Hunting & Incident Response Summit 2016 (New Orleans, Louisiana, USA, April 12 - 13, 2016) The Threat Hunting & Incident Response Summit 2016 focuses on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting your networks. Attend this summit to learn these skills directly from incident response and detection experts who are uncovering and stopping the most recent, sophisticated, and dangerous attacks against organizations

QuBit Conference (Prague, the Czech Republic, April 12 - 14, 2016) QuBit offers you a unique chance to attend 2 selected Mandiant training courses, taught by some of the most experienced cyber security professionals in the business

CISO Dallas (Dallas, Texas, USA, April 14, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data

CSO 50 Conference and Awards (Litchfield Park, Arizona, USA, April 18 - 20, 2016) We at CSO, the award-winning media brand, will bring you speakers from up to 50 organizations with outstanding security prowess. Over 2 ½ days, these distinguished executives and technologists will share their experiences and insights not only in preventing and detecting breaches but in selling and funding their programs to senior management and demonstrating business value.

Creech AFB–AFCEA Las Vegas Cyber Security, IT & Tactical Tech Day (Indian Springs, Nevada, USA, April 19, 2016) The Armed Forces Communications & Electronics Association (AFCEA) Las Vegas Chapter, with support from the 432d Wing, will host the 4th Annual Cyber Security, IT & Tactical Technology Day at Creech AFB on Tuesday, April 19, 2016. This is an excellent opportunity for technology, cyber and tactical technology companies to meet with remote personnel at Creech AFB.

Amsterdam 2016 FIRST Technical Colloquium (Amsterdam, the Netherlands, April 19 - 20, 2016) FIRST Technical Colloquia & Symposia provide a discussion forum for FIRST member teams and invited guests to share information about vulnerabilities, incidents, tools and all other issues that affect the operation of incident response and security teams

Security & Counter Terror Expo 2016 (London, England, UK, April 19 - 20, 2016) Security & Counter Terror Expo (formerly Counter Terror Expo) is the event for any professional tasked with protecting assets, business, people and nations from terrorism. It brings over 9000 attendees from across the globe together to see the latest technology, hear about the latest developments, share best practice and ensure that their threat mitigation strategies are effective

SecureWorld Philadelphia (King of Prussia, Pennsylvania, USA, April 20 - 21, 2016) Join your fellow security professionals for affordable, high-quality cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions & breakout sessions all while networking with local peers

AFCEA Defensive Cyber Operations Symposium (Baltimore, Maryland, USA, May 5 - 7, 2015) The U.S. Defense Information Systems Agency's new operational role in the cyber domain as network defender creates a formal relationship between DISA, U.S. Cyber Command and the command's military service components. The goal is to improve security, but a successful strategy depends on a matrix of participating organizations adapting technical solutions and adopting enterprise management to improve efficiency, security and reliability

2016 Akamai Government Forum: Safeguarding a Dynamic Government — End–to–End Security for your Agency (Washington, DC, USA, April 21, 2016) Today's public demands a high performance — and safe — web experience from government and public organizations. And public IT leaders require flawless web protection to securely meet that demand. Join leading government cyber, IT, and web professionals at the 2016 Akamai Government Forum, an engaging one–day discussion, where we will dialogue on the critical aspects — and tools — for safeguarding a dynamic government in our hyperconnected world. Hear real time intelligence on the latest internet vulnerabilities and emerging attack vectors while sharing best practices on how to stop the largest Distributed Denial of Services and web application attacks. Find out how to enable safer, faster, resilient delivery of mission critical and public facing services. Learn the latest layered security tactics and other tools for securely optimizing your agencies digital presence — along with much more.

Army SIGINT (Fort Meade, Maryland, USA, April 25, 2016) Approximately 500 attendees will come together to discuss future technologies in Signals Intelligence (SIGINT), focusing on applications for the actual users in the field (the soldiers). Most attendees will be Army personnel from outside of the Ft. Meade area. FBC will be working with the Army to invite all local Ft. Meade personnel and contractors to the expo as well. The industry expo will be held for one day only during the "Emerging Technologies" portion of the conference

CISO San Francisco (San Francisco, California, USA, April 26, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

CISO Houston (Houston, Texas, USA, April 28, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.