The CyberWire Daily Briefing 01.13.16

Summary

By The CyberWire Staff

Anonymous continues to find easier targets in the civilized world than it has in ISIS: the hacktivist collective protests whaling with an attack on Icelandic government sites.

The US Government, in the form of ICS-CERT is supporting Ukraine's investigation of its recent power grid hack. Many reiterate warnings that the US power grid is comparably vulnerable. ICS expert and Applied Control Solutions Managing Partner Joe Weiss told the CyberWire about one regulatory gap he thinks should be addressed: substation cyber security. "This affected what's called low-voltage transmission and electric distribution," Weiss said. "Low-voltage transmission and electric distribution are excluded from the NERC critical infrastructure protection standards."

Digital Bond Labs describes a new way of remotely burning out variable-speed industrial motors, with obvious implications for attacks on infrastructure.

ISIS is reported to have added some new secure messaging apps: the "Amaq Agency" and "Alrwai" apps join Telegram in the ISIS toolkit. Some warn of growing ISIS cyber attack capability, but US President Obama cautions against aiding ISIS by giving them too much credit.

The President considers an Executive Order covering response to large-scale cyber incidents.

Symantec describes an upgrade to information-stealing malware Android.Bankosy, which can now evade protections of 2FA systems by establishing a bogus identity within infected devices.

Some disclosures provoke controversy: an alleged Fortinet FortiOS backdoor and allegedly vulnerable features of next-gen firewalls.

Patch Tuesday featured critical fixes from both Microsoft and Adobe.

The Crackas with Attitude appear to be back, now supporting Palestine by pestering US DNI Clapper.

Notes.

Today's issue includes events affecting Austria, Brazil, Bosnia and Herzegovina, Canada, China, European Union, Germany, Iceland, Iraq, Ireland, Israel, Netherlands, Russia, Syria, Taiwan, Turkey, Ukraine, United Kingdom, United States

Selected Reading

Cyber Trends

The Internet of Things that Talks About You Behind Your Back (Schneier on Security) SilverPush is an Indian startup that's trying to figure out all the different computing devices you own

What lurks beneath the Internet of Things hype? Nagging security fears (C&#124NET) CES was all about making everything smarter and getting devices to talk to each other. But few people were talking about the potential for hacking

Vancouver's 'white hat' hackers ride lawless ethics frontier (Business Vancouver) Computer security troubleshooters still not governed by international code of conduct

UK security products market could reach US $1.7 billion in 2019 (SC Magazine) Almost half of UK businesses plan to increase their ICT spending this year

Legislation, Policy and Regulation

Obama: 'Over-the-top' claims about ISIS plays into their hands (The Hill) President Obama in his final State of the Union address called protecting the American people from terrorists "priority No. 1" but sought to downplay what he said was "over-the-top" hype over the Islamic State in Iraq and Syria's (ISIS) strength

Report: Cyber response executive order in the works (FierceGovernmentIT) President Obama will issue an executive order or presidential directive within several months that provides federal agencies guidance on the appropriate response to a catastrophic cyberattack

Former Director Of NSA And CIA Says US Cybersecurity Policy MIA (Dark Reading) Gen. Michael Hayden says US government doesn't have the 'framework' to handle attacks by nation-states, others against the power grid, data

NSA is world's best hacker thief, says former director (CNN Money) Few people truly understand what the U.S. National Security Agency actually does. Its former leader cleared that up on Tuesday

GSA begins planning for new cloud support portfolio (FierceGovernmentIT) The General Services Administration posted a public notice last week seeking feedback on support services that could help ease agencies' transition to the cloud

NARA's info security chief moves to the White House (Federal Times) The National Archives and Records Administration's head of information security has moved to Pennsylvania Ave. to bring his records management expertise to the White House

Maj. Gen. Westergren tapped to run NSA codebreaker unit (Air Force Times) Maj. Gen. Mark Westergren will be the next deputy chief of the National Security Agency's Central Security Service, the Pentagon announced Tuesday

Products, Services, and Solutions

LightCyber Updates Platform to Enhance User Behavioral Analytics (eWeek) Security specialist LightCyber released its Magma platform 3.1, which offers enhanced user and entity behavioral analytics capabilities

Mozilla to shut down Persona unified password service (FierceCIO) Mozilla said it plans to shut down Persona, a system designed to let people use a single login across many websites, according to an email sent by Mozilla's Ryan Kelly

Fortinet Delivers High Performance Firewalls for Yahoo! JAPAN Video Delivery Service (CNN Money) Fortinet-3700D Selected for Performance, Stability and Reliability to Manage Growing Video Traffic Volume

RiskIQ Adds "Who" and "Why" Threat Intelligence from Intel 471 to PassiveTotal Security Analysis Platform (BusinessWire) Integration allows analysts to link adversary profiles with their attack infrastructures to preempt threats

Evohop Announces Release Real-Time Cyber Security Platform for Cloud Servers and Mobile Devices (PRNewswire) Evohop, a "Real-Time" Cyber Security Company; releases "Evohop as a Service" (EaaS), a client to cloud subscription available for Cloud Servers and Mobile Devices. Cloud Servers and Mobile Devices can now collaborate and share in the unique Real-Time layer of protection offered by the Evohop Security Platform

LogRhythm 6.3.4 Earns NIAP Common Criteria Certification (BusinessWire) Award-winning SIEM platform now available to all government agencies

Technologies, Techniques, and Standards

Preventing data breaches is a business problem not an IT issue (CSO) What is the root cause for so many data breaches?

Have I been hacked? The indicators that suggest you have (Help Net Security) Security professionals are constantly on the hunt for potential vulnerabilities and looking for ways to defend their networks

Setting and Achieving Realistic Information Security Program Goals for 2016 (IBM Security Intelligence) Everyone has heard of New Year's resolutions, but it seems very few people actually benefit from them

The FFIEC Cybersecurity Assessment Tool (CTOvision) The FFIEC (Federal Financial Institutions Examination Council) is a formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB), and to make recommendations to promote uniformity in the supervision of financial institutions

A DDoS Learning Curve for Universities, Government & Enterprises (Dark Reading) Distributed Denial of Service attacks are easy, cheap and too often, effective. But they're not unstoppable

Healthcare Security: Understanding HIPAA Compliance and its Role in Patient Data Protection (Digital Guardian) After the "year of the healthcare breach," many healthcare organizations are taking steps to improve their data protection strategies to meet regulatory requirements and secure health information against costly data breaches. Here's an overview of the data protection requirements for compliance and beyond

Compliance does not equal security (Computerworld) A security manager needs a philosophy about how to address security issues, and I find that many elements of mine can be reduced to a few words that almost amount to mantras: "Obey the rule of least privilege," "A company is only as strong as its weakest link," "Security is a process, not a point solution" and "Trust but verify"

Marketplace

Cyber Literacy is a Two Way Street: CISOs, CEOs Have Much to Teach Each Other (Wall Street Journal) C-suite cyber literacy needs to improve if businesses want to maintain an advantage over their potential attackers

Cybersecurity: More than a Byte-Sized Problem in M&A — Part One: Due Diligence. (Canadian Mergers and Acquisitions) In a previous blog entry, we canvassed Canadian privacy legislation and offered businesses a cursory review of the issues that arise in the due diligence phase of a business transaction

Cybersecurity: More than a Byte-Sized Problem in M&A — Part Two: The Transaction Agreement (Canadian Mergers and Acquisitions) In a previous blog entry, we offered a brief review of cybersecurity issues that can arise in the course of M&A transactions and discussed the importance of cybersecurity due diligence by the buyer

Cybersecurity and M&A — Part Three: Cyber Insurance (Canadian Mergers and Acquisitions) In the second installment of this series we offered a brief review of cybersecurity provisions and considerations in M&A transaction agreements, and in the first installment of this series we offered a brief review of cybersecurity issues that can arise in the course of M&A transactions and discussed the importance of cybersecurity due diligence by the buyer. This third installment will focus on cyber-insurance and some specific considerations relating to cyber insurance that targets and acquirers should make in the context of M&A transactions

Using Captives For Cyber Risk Management (CFO) If public insurance companies are finding it hard to underwrite cyber policies, how can a corporate-owned captive do it?

Buckle the Seat Belts into Apple's "Nerve-Wracking" March Guidance; Maintain Outperform (FBR Flash) As we head into Apple's much anticipated FY1Q16 (Dec.) earnings report on January 26, we believe fears are mounting around weakening iPhone guidance on tap for the March quarter

Israel cyber-security expertise lures growing share of investment (Financial Times) Israel racked up cyber-security sales worth $3.5bn to $4bn last year and attracted about 20 per cent of global private-sector investment in the burgeoning industry — putting its companies second only to their US counterparts — according to the country's top cyber official

Datadog looks to unify cloud computing monitoring, nets $94.5M in new funding (FierceCIO) With more and more organizations relying on a hodgepodge of software as a service offerings and cloud computing services as well as legacy and on-premises systems, it's difficult to paint a clear picture of the many moving parts

Distil Networks Gets Human Touch With ScrapeSentry Acquisition (TechCrunch) Distil Networks has always been about about automated, intelligent bot detection. Rival ScrapeSentry has gone at it from a different angle, using human analysts to help customers understand bot behavior. Today those two approaches came together when Distil acquired ScrapeSentry in a stock and cash deal

Check Point Software in initial talks to buy CyberArk: newspaper (Reuters) Israel cyber security firm Check Point Software Technologies (CHKP.O) is in initial talks to buy smaller provider CyberArk Software (CYBR.O), TheMarker financial newspaper reported on Wednesday

Horne Acquires Halberd Group and Creates Cyber Unit (Accounting Today) Accounting and consulting firm Horne LLP has acquired the cybersecurity firm Halberd Group and established a new unit, Horne Cyber Solutions

Northern Virginia-Based PSS Acquires Tetra Concepts, LLC (BusinessWire) Preferred Systems Solutions (PSS), today announced its acquisition of Tetra Concepts, an Intelligence Community-focused system architecture and software design firm

AT&T to Provide Cloud Adoption Support to FCC (ExecutiveBiz) AT&T has been awarded a five-year contract to provide the Federal Communications Commission with an Internet Protocol service to help FCC adopt cloud services

Worldwide Information Technology Leader Cisco Joins the National Cyber Security Alliance's Board of Directors (CNN Money) The National Cyber Security Alliance (NCSA) — a nonprofit, public-private partnership focused on helping all digital citizens stay safer and more secure online — announces that Anthony Grieco, Senior Director of the Security and Trust Organization, will represent Cisco (NASDAQ: CSCO) on its Board of Directors

Alert Logic Appoints Former Sophos CEO to Board of Directors (PRNewswire) Steve Munford to contribute cybersecurity leadership and business expansion experience to Alert Logic

Exclusive: Illumio Taps Former NSC Guru as Strategy Chief (Fortune) Nathaniel Gleicher will spearhead cybersecurity strategy

SurfWatch Labs Appoints Tim Layton as Chief Intelligence Officer (Virtual Strategy Magazine) SurfWatch Labs, a provider of cyber threat intelligence solutions, announces the addition of cybersecurity expert, Tim Layton, as the company's Chief Intelligence Officer

Cloud Security Automation Provider HyTrust Appoints Ashwin Krishnan as Senior VP of Product Management (BusinessWire) HyTrust Inc., the Cloud Security Automation Company, today announced that Ashwin Krishnan has been appointed Senior VP of Product Management

Slack Hires Former Palantir Information Security Chief to Boost Its Defenses (Monitor Daily) Following the data leak from almost a year ago, the company has extensively increased its security measures in order to thwart any future attacks on its information servers. In order to further do so, Slack hires former Palantir information security chief to boost its defenses, a person by the name of Geoff Belknap

Research and Development

Ein neuer Überwachungs-Algorithmus soll in Social Media nur auf Terroristen zielen (Wired) Neue Hoffnung im Kampf gegen den Terrorismus? Wissenschaftler der Universität von Pennsylvania haben das Konzept für einen Algorithmus vorgestellt, der gezielt verdächtige Profile und Aktivitäten in sozialen Netzwerk erkennen soll, aber gleichzeitig die Privatsphäre der übrigen Nutzer schützt

Will LiFi Take Big Data And The Internet Of Things To A New Level? (Forbes) The enormous demand for WiFi and transmissions of mass quantities of data is putting a strain on the current technologies

DARPA-GlobalFoundries Team Aims to Address Military EM Spectrum Interference With Semiconductor Chip (ExecutiveBiz) The Defense Advanced Research Projects Agency has partnered with semiconductor chip producer GlobalFoundries to develop a silicon-on-insulator chip that works to quickly process radio-frequency signals and prevent interference in congested electromagnetic spectrum

Security Patches, Mitigations, and Software Updates

Adobe, Microsoft Push Reader, Windows Fixes (KrebsOnSecurity) Adobe and Microsoft each issued updates today to fix critical security problems with their software. Adobe's patch tackles 17 flaws in its Acrobat and PDF Reader products. Microsoft released nine update bundles to plug at least 22 security holes in Windows and associated software

Security holes found in Windows, Office, Internet Explorer, Adobe… Start patching now! (We Live Security) By now you should be settled back at work after the holiday break. Are you ready for 2016? I hope you're sitting comfortably, because from the security point of view it's bound to be a bumpy ride

Microsoft patches six critical security flaws affecting Windows, Office (ZDNet) The software giant also retires older versions of its Internet Explorer browser

Microsoft Security Bulletin Summary for January 2016 (Microsoft Security TechCenter) This bulletin summary lists security bulletins released for January 2016

Security Updates Available for Adobe Acrobat and Reader (Adobe Security Bulletin) Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system

CVE-2015-8605: UDP payload length not properly checked (ISC Knowledge Base) A badly formed packet with an invalid IPv4 UDP length field can cause a DHCP server, client, or relay program to terminate abnormally

Linux Kernel 4.4 Long-Term Support officially released (FierceCIO) Work continues on the Linux front with the scheduled release of the latest Linux 4.4 kernel, the linchpin of Linux distributions worldwide. Linux 4.4 sports relatively minor changes, according to Linus Torvalds, though its designation as a Long Term-Support release is notable

Cyber Attacks, Threats, and Vulnerabilities

Government Offices suffer cyber attack (Iceland Monitor) Iceland's Government Offices suffered a major cyber-attack yesterday afternoon, similar to those conducted by internet activist group Anonymous late last year

US Helping Ukraine Investigate Power Grid Hack (Voice of America) The U.S. government said it was helping Ukraine investigate an apparent cyber attack last month on the country's power grid that caused a blackout for an estimated 80,000 customers

Ex-spy chief: Ukrainian cyberattack a warning sign for US utilities (Christian Science Monitor Passcode) Retired Gen. Michael Hayden, the former director of the National Security Agency and the CIA, says the US faces 'darkening skies' after malware linked power outages in Ukraine

An Easy Way for Hackers to Remotely Burn Industrial Motors (Wired) hacks that cause physical destruction are so rare they can be counted on one hand. The infamous Stuxnet worm was the first, causing physical destruction of nuclear centrifuges in Iran in 2009. In 2014, Germany reported the second known case of physical destruction involving a furnace at a steel mill. Both of these attacks required extensive knowledge to pull off. But now a researcher has found an easy way for low-skilled hackers to cause physical damage remotely with a single action — and some of the devices his hack targets are readily accessible over the Internet

Researchers: ISIS Now Has a New Secure Messaging App (Defense One) Facebook and other big tech companies aren't the only ones who can create apps for encrypted communication

Data security firm predicts ISIS will emerge as a hacking force (Milwaukee Journal-Sentinel) A Milwaukee cyber security software firm has made predictions for potential computer attacks in the U.S. and the forecast is downright scary

Android.Bankosy: All ears on voice call-based 2FA (Symantec Official Blog) Android.Bankosy gets updated to steal passwords sent through voice calls generated by 2FA systems

There Goes The Neighborhood — Bad Actors on GMHOST Alexander Mulgin Serginovic (Zscaler Threat Lab) Whether they encourage it or not, some network operators become known and favored by criminals such as those that operate exploit kit (EK) and malware infrastructure. After following up the Sundown EK recently pointed out by @malwareforme on the Threatglass database, we found Neutrino (looking like Angler) and other bad behavior in the same network "neighborhood"

Et tu, Fortinet? Hard-coded password raises new backdoor eavesdropping fears (Ars Technica) Discovery comes a month after competitor Juniper disclosed unauthorized code

Fortinet Denies Existence of Malicious Backdoor in FortiOS (SecurityWeek) A security hole affecting older versions of Fortinet's FortiOS operating system allows attackers to gain unauthorized access to vulnerable devices, but the vendor says it's not a malicious backdoor

Researchers find security risk 'feature flaw' in new firewalls — or did they? (ZDNet) A debate is rumbling around the security community over the safety of the way next-generation firewalls work

Curious Tale of a Microsoft Silverlight Zero Day (Threatpost) Microsoft Silverlight vulnerabilities certainly don't have the same hacker cred as bugs in Adobe Flash, for example, but nonetheless, that does not diminish their value, nor does that mean they should be ignored

Hacking Team's Leak Helped Researchers Hunt Down a Zero-Day (Wired) Zero-day exploits are a hacker's best friend. They attack vulnerabilities in software that are unknown to the software maker and are therefore unpatched. Criminal hackers and intelligence agencies use zero day exploits to open a stealth door into your system, and because antivirus companies also don't know about them, the exploits can remain undetected for years before they're discovered. Until now, they've usually been uncovered only by chance

New RAT Trochilus Skilled at Espionage, Evading Detection (Threatpost) Researchers have uncovered a new remote access Trojan (RAT) that can evade sandbox analysis, is adept at carrying out espionage, and is being used in targeted threat operations

Webcam Hack Shows IoT Security Threat (eSecurity Planet) Researchers hacked a $30 webcam to establish a persistent point of access into a network, giving security pros another concern about the IoT

Inexpensive Webcam Turned into Backdoor (Threatpost) Connecting a webcam to your home or office network might seem like a harmless thing, but researchers have figured out how to turn that connected device into a backdoor

Akamai Identifies SEO Web Application Attack Campaign (PRNewswire) Attackers use SQL injections to manipulate search engine rankings, impacting an organization's revenue and reputation

A Case of Too Much Information: Ransomware Code Shared Publicly for "Educational Purposes", Used Maliciously Anyway (TrendLabs Security Intelligence Blog) Researchers, whether independent or from security vendors, have a responsibility to properly disseminate the information they gathered to help the industry as well as users. Even with the best intentions, improper disclosure of sensitive information can lead to complicated, and sometimes even troublesome scenarios

Cryptography scammers feed off of the Edward Snowden cult (Red State) For a long time, cryptography was really only used by spooks, mathematicians, and cranks

Cisco ships servers with wrong default password — 'Cisco1234' (FierceITSecurity) Networking powerhouse Cisco shipped its C-series servers with the wrong default administrative password "Cisco1234," the company admitted Monday

Field Notice: FN — 64093 — UCSC Series Default Password for Units Shipped November 17, 2015 through January 6, 2016 is Incorrect — Alternate Password Enclosed (Cisco) This field notice is provided on an "as is" basis and does not imply any kind of guarantee or warranty, including the warranty of merchantability. Your use of the information on the field notice or materials linked from the field notice is at your own risk. Cisco reserves the right to change or update this field notice at any time

Teen Who Hacked CIA Email Is Back to Prank US Spy Chief (Motherboard) One of the "teenage hackers" who broke into the CIA director's AOL email account last year hasn't given up targeting government intelligence officials. His latest victim is the Director of National Intelligence James Clapper, Motherboard has learned

When China Briefly Unblocked Facebook, Trolls Rushed In (Global Voices) What would happen if China unblocked Facebook?

Brazilian whacks: as economy tanks, cyber-crooks samba (Register) Public boasting and n00b-friendly training colour underground forums

Brazil's Cybercriminals Compete for Online Infamy — Report (Infosecurity Magazine) Brazil's cybercrime underground is attracting a whole new generation of brash young aspirants happy to flaunt their wares on the Surface Web while local law enforcers are occupied with more pressing concerns, according to Trend Micro

Think, Learn, Act — Training for Aspiring Cyber Criminals in the Brazilian Underground (TrendLabs Security Intelligence Blog) During our research into the underground black markets of the world, we keep stumbling upon interesting finds or detect aspects that make these regional ecosystems unique and interesting

Academia

Maynooth University to be central hub for 5G and IoT testing (Silicon Republic) As part of the CONNECT national research centre for telecommunications, Maynooth University is to be the site of a new national radio test facility with aims of developing devices for 5G connectivity and the internet of things (IoT)

Litigation, Investigation, and Enforcement

DDoS extortion gang suspect arrested by European police (BBC) A suspected member of an online extortion gang has been arrested, police have said

International Action Against DD4BC Cybercriminal Group (Europol) On 15 and 16 December, law enforcement agencies from Austria, Bosnia and Herzegovina, Germany and the United Kingdom joined forces with Europol in the framework of an operation against the cybercriminal group DD4BC (Distributed Denial of Service — DDoS — for Bitcoin)

Police say they can crack BlackBerry PGP encrypted email (Naked Security) Police in two countries have claimed that they can read encrypted data from BlackBerry devices that are being marketed as having "military-grade security"

The new way police are surveilling you: Calculating your threat 'score' (Washington Post) While officers raced to a recent 911 call about a man threatening his ex-girlfriend, a police operator in headquarters consulted software that scored the suspect's potential for violence the way a bank might run a credit report

Africa: New EU-Funded Project to Help Counter Transnational Organised Crime in Africa (All Africa) Over the next three years, the Institute for Security Studies (ISS) and its partners will be working across Africa to better understand transnational organised crime, and how to deal with it. In November 2015, the European Union (EU) Commission awarded the ISS, UN Office on Drugs and Crime and INTERPOL a grant to enhance African capacity to respond more effectively to transnational organised crime

Brazil's Digital Backlash (New York Times) A São Paulo judge sent shock waves across Brazil last month with a ruling that required Brazilian telecommunications operators to block the use of the instant messaging platform WhatsApp for 48 hours

In Silk Road Appeal, Ross Ulbricht's Defense Focuses on Corrupt Feds (Wired) It's been nearly a year since a jury determined that Ross Ulbricht had created and run the anonymous black market for drugs known as the Silk Road, a conviction that resulted in a life sentence without parole

Hacker Receives 334 Years in Prison for Bank Phishing Scheme (Tripwire: the State of Security) Computer crime is on the rise around the world

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

CISO UK (London, England, UK, May 10, 2016) We're in an historic transition — one marked by challenges, but filled with possibility. Preparing for the upturn and making the right decisions in times of change can better position your enterprise to succeed. Accordingly, the theme of this year's summit is CISOs in Transition — The Shift from Cost-Saver to Value Provider. The CISO Summit Europe is a unique opportunity for the region's greatest IT thinkers to collaborate on current industry challenges and trends. Attending CISOs and IT executives engage in peer-on-peer networking, whilst discussing the issues currently affecting CISOs from a variety of industries

CISO New Jersey (Hoboken, New Jersey, USA, August 23, 2016) With newspaper headlines covering the latest data breaches, cloud computing security questions going unanswered and hackers developing more sophisticated attacks, the IT department has a growing responsibility to protect customer and company data. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more.

CISO Toronto (Toronto, Ontario, Canada, August 30, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends

CISO GAS (Frankfurt, Hessen, Germany, September 13, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. CISOs and IT security executives must always have this in mind, as well as a host of other evolving concerns, from curbing Bring-Your-Own-Device (BYOD) risk to controlling vulnerable social media data. In order for today's leading enterprises to operate smoothly, information security must be ahead of the hackers and kept abreast of the latest IT security topics and trends. The CISO Summit will bring together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include engaging Keynote Presentations, Thought Leadership sessions, CISO Think Tanks, Analyst Q&As and much more

CISO Charlotte (Charlotte, North Carolina, USA, November 15, 2016) The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

CISO DC (Washington, DC, USA, November 17, 2016) Tactics and best practices for taking on enterprise IT security threats. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

CISO Southern Cal (Los Angeles, California, USA, December 8, 2016) A data breach is not only a PR nightmare, but cause for customers to turn to competitors, exposing sensitive company information and racking up fines from industry regulators. In order for organizations to operate smoothly, CISOs and IT security executives need to be ahead of the hackers, and kept abreast of the latest IT security topics and trends. The CISO Summit brings together C-level IT security executives, industry analysts and solution providers to discuss challenges and best practices in a relaxed, yet focused business setting. Agenda sessions include panel discussions, think tanks, analyst Q&A sessions and much more

upcoming Events

FloCon 2016 (Daytona Beach, Florida, USA, January 11 - 14, 2016) The FloCon network security conference provides a forum for large-scale network flow analytics. Showcasing next-generation analytic techniques, FloCon is geared toward operational analysts, tool developers, researchers, and others interested in applying the latest analytics against large volumes of traffic

Breach Planning & Incident Response Summit: Proactive Collaboration Between Private Industry and Law Enforcement to Mitigate Damage (Odenton, Maryland, USA, January 12, 2016) The Cybersecurity Association of Maryland, Inc.(CAMI), Chesapeake Regional Tech Council, Maryland Chamber of Commerce, Chesapeake Innovation Center, Tech Council of Maryland are partnering together to host this event designed to attract and educate CIO's, CISO's, CEO and Compliance officials from small to mid-sized commercial firms on the practical actions taken by the government, firms and organizations post-hack

Cyber Security Breakdown: Chicago (Chicago, Illinois, USA, January 12, 2016) This half day session will provide you with the critical information you need to start formulating an effective response in the eventuality of a cyber security event. Rather than try and handle the breach during the chaos of the event, you'll understand how to build in advance, the best practices to respond effectively. Attend the Cyber Security Breakdown event that is focused on the unique issues and threats facing legal professionals

Insider Threat Program Development Training Course — Georgia (Atlanta, Georgia, USA, January 12 - 14, 2016) The National Insider Threat Special Interest Group website has some very "eye opening" examples of how "damaging and costly" an "insider threat incident" can be. The FBI Insider Threat Alert states companies victimized by current or former employees incur costs from $5,000 to $3 million. bring? Is your company required to establish an Insider Threat Program per the requirements of NISPOM Conforming Change 2? Insider Threat Defense has trained a substantial number of U.S. Government Agencies (DoD, IC), Defense Contractors, Critical Infrastructure Providers, Aviation Security Professionals, large and small businesses on Insider Threat Program Development and Insider Threat Risk Mitigation

FTC PrivacyCon (Washington, DC, USA, January 14, 2016) The Federal Trade Commission will in January hold a wide-ranging conference on security and privacy issues lead by all manner of whitehat security researchers and academics, industry representatives, consumer advocates

National Insider Threat Special Interest Group Meeting (Laurel, Maryland, USA, July 16, 2015) Topics to be discussed at the meeting; Insider Threat Program Development & Implementation, Behavioral Indicators Of Concern, Legal Considerations When Developing & Managing An Insider Threat Program. There is no cost to attend this meeting

POPL 2016 (St. Petersburg, Florida, USA, January 20 - 22, 2016) The annual Symposium on Principles of Programming Languages is a forum for the discussion of all aspects of programming languages and programming systems. Both theoretical and experimental papers are welcome, on topics ranging from formal frameworks to experience reports

Automotive Cyber Security Summit — Shanghai (Shanghai, China, January 21 - 22, 2016) The conference, which brings together automakers, suppliers, various connected-services providers and security specialists, will focus on government regulations, emerging automotive cyber security standards and new products and solutions designed to deal with the growing threats

SANS Institute: Information Security Training (Las Vegas, Nevada, USA, September 12 - 21, 2015) Information security training in Las Vegas from SANS Institute, the global leader in information security training. At SANS Network Security 2015, SANS offers more than 40 hands-on, immersion-style security training courses taught by real-world practitioners. The site of SANS Network Security 2015, September 12 - 21, is Caesars Palace, the majestic Las Vegas hotel

CyberTech 2016 (Tel Aviv, Israel, January 26 - 27, 2016) Cybertech is the most significant conference and exhibition of cyber technologies outside of the United States. Cybertech provided attendees with a unique and special opportunity to get acquainted with the latest innovations and solutions featured by the international cyber community. The conference's main focuses are on networking, strengthening alliances and forming new connections. Cybertech also provided an incredible platform for Business to Business interaction

Global Cybersecurity Innovation Summit (London, England, UK, January 26 - 27, 2016) SINET presents the Global Cybersecurity Innovation Summit, which focuses on providing thought leadership and building international public-private partnerships that will improve the protection of our respective homeland's critical infrastructures, national security and economic interests. Our objective is to advance innovation and the growth of the cybersecurity sector by providing a platform for cybersecurity businesses, particularly small and medium enterprises (SMEs), to connect with key UK, US, and international decision makers, system integrators, investors, government policy makers, academia and other influential business executives

Fort Meade IT & Cyber Day (Fort Meade, Maryland, USA, January 27, 2016) The Ft. Meade IT and Cyber Day is a one-day event held at the Officers' Club (Club Meade) on base. The event is held on-site, where industry vendors will have the opportunity to display their products and services to IT, Communications, Cyber and Intelligence personnel

ESA 2016 Leadership Summit (Chandler, Arizona, USA, January 31 - February 3, 2016) The electronic security industry is rapidly changing and continuously evolving. It's not enough to just survive. Businesses looking to thrive need to adapt to ensure their people, products, services and practices stay ahead of the curve. The Summit is a three-day conference filled with networking and educational opportunities dedicated to delivering business intelligence to electronic security companies and professionals that are ready to embrace innovation and grow

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.