the 4th annual Cyber Security Conference for Executives
The 4th annual Cyber Security Conference for Executives is in progress on the Johns Hopkins campus today. We'll have full coverage later this week, but here's how the day's topics are being framed.
Anton Dahbura, Director of the Information Security Institute at the Johns Hopkins University's Whiting School of Engineering, set the day's agenda by reviewing his "Unlucky Top 13" list.
These are, in avowedly Lettermanesque reverse order: 13. The announcement in March of the Apache Struts bug's discovery. 12. Scams and thefts plague new cryptocurrencies. 11. Kaspersky security software is booted from US Government systems. 10. Discovery of Apple's questionable use of "differential privacy." 9. Apple's iPhone X with FaceID (researchers will test its robustness). 8. The US Navy investigated possible cyber causes of the USS McCain collision—nothing found, but it's interesting to see that cyber forensics are now a routine part of major accident investigations. 7. Ultrasonic hijacking of Siri and Alexa devices was demonstrated. 6. BlueBorne, a Bluetooth vulnerability, is discovered. 5. New flaws were found in DLink routers. 4. ExpensiveWall Android malware charges users for fake in-app purchases (without their knowledge).3. Bugs are found in German voting software. 2. Symantec finds that hackers have gained direct access to at least twenty power companies.1. And, of course. Equifax was breached.
The central lesson he draws from these, and which he commends to the conference, is that we need a serious national conversation about a national identity system.