The CyberWire Daily Briefing 10.3.17

Summary

By The CyberWire Staff

ISIS claimed responsibility for the awful massacre in Las Vegas, with its Amaq news service going so far as to give the apparent shooter, Stephen Paddock, the honorific name "Abu Abdul Barr al-Amriki" ("al-Amriki"—the American). Few believe this (the FBI is particularly skeptical). It seems to most very unlikely that Paddock had converted to Islam and responded to calls to strike the unbelievers.

Responsible or not, ISIS has incorporated the attack into their inspirational narrative. It's unusual for them to assert responsibility for crimes they had nothing to do with; some attribute this departure (if such it is) to desperation, and to a desire to reinforce its recent warnings that Muslims should avoid public places in infidel lands.

The attack also inflamed criticism of both Google and Facebook for being conduits of bogus news and rumor-mongering. Both platforms are clearly on their way to being considered news providers, not simply content-neutral platforms designed to exhibit whatever people happen to be saying online. Google's highlighting of search results from dubious sources prompts skepticism of Mountain View's algorithmic approach to news.

The UK is using a heavy hand with extremist content. A new law is expected to expose repeat viewers of terrorist sites to up to fifteen years in prison.

The Equifax breach appears to have affected millions more than initially believed.

The US is said to have conducted a shot-across-the-bow DDoS attack against North Korea at the end of September. (A Russian telco has since given the DPRK more bandwidth.)

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Canada, China, Iran, Democratic Peoples Republic of Korea, Mexico, Russia, Syria, United Arab Emirates, United Kingdom, and United States.

Survey says: frameworks are good, compliance could be better.

How does the public sector view the state of cyber risk management, IT modernization, and the role of cybersecurity standards in improving our nation’s cyber posture? A survey of government and industry attendees at the 2017 AWS Public Sector Summit provides a unique window into the perceptions, challenges and opportunities for cyber risk management. Download your copy of the 2017 Public Sector Cyber Risk Management Report.

On the Podcast

In today's podcast we speak with our partners at the University of Maryland's Center for Health and Homeland Security, as Ben Yelin outlines the Yahoo! data breach victims’ right to sue. Our guest is Tony Gauda, CEO of ThinAir, and he talks about ways of dealing with insider threats.

You may also be interested in Recorded Future's latest threat intelligence podcast, produced in partnership with the CyberWire. In it Recorded Future talks with the head of New York City's cyber command about the challenges of securing the Big Apple's cyberspace.

Sponsored Events

3rd European Cybersecurity Forum – CYBERSEC (Krakow, Poland, Oct 9 - 10, 2017) CYBERSEC is a unique Europe-wide, annual public policy conference dedicated to strategic aspects of cybersecurity. Conference’s mission is to foster the building of a Europe-wide cybsersecurity system and create a dedicated collaborative platform for governments, international organisations, and key private-sector organisations.

UMBC Cybersecurity Graduate Info Session (Rockvale, Maryland, USA, Oct 11, 2017) Learn how UMBC’s graduate programs in Cybersecurity can elevate your career at our upcoming Info Session. Led by industry experts, our programs combine hands-on technical training with unparalleled opportunity.

CyberMaryland Conference: Baltimore Convention Center October 11-12 (Baltimore, Maryland, USA, Oct 11 - 12, 2017) The CyberMaryland Conference is an annual two-day event that brings together academia, government and private industry organizations. The theme, “Leading the Cyber Generation,” emphasizes information sharing and networking opportunities for development of cyber assets on both the human and technological side.

The International Information Sharing Conference on October 31 and November 1 in Washington, D.C. (Washington, DC, USA, Oct 31 - Nov 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the ISAO SO. This two-day event, a first of its kind, will convene practitioners from small businesses to multi-national corporations and from information sharing newcomers to well-established cybersecurity organizations.

Selected Reading

Cyber Attacks, Threats, and Vulnerabilities

Fake News on Vegas Shooter Embarrasses Google and Facebook (Infosecurity Magazine) Fake News on Vegas Shooter Embarrasses Google and Facebook. Tech platforms once again found wanting as alt-right looks to distort events

Bad Info Follows Every Tragedy. Don't Fall For It (WIRED) In the wake of the Las Vegas mass shooting, misinformation and hoaxes flooded the internet. Be careful not to fall for it—or spread it yourself.

FBI asks people for digital evidence of Las Vegas shooting (CSO Online) The Las Vegas FBI is asking for photos and videos taken during the deadliest mass shooting in U.S. history.

Terror experts want to see more evidence before believing ISIS claim in Las Vegas massacre (Washington Examiner) The FBI has said that so far there is no evidence of any connection to international terrorism.

Why Did the Islamic State Claim the Las Vegas Shooting? (The Atlantic) Assessing the group’s puzzling statement

Google and Facebook Have Failed Us (The Atlantic) The world’s most powerful information gatekeepers neglected their duties in Las Vegas. Again.

Facebook Blocks Chinese Billionaire Who Tells Tales of Corruption (New York Times) The company, which acted at a sensitive time for China, said Guo Wengui had posted personal information that violated its terms of service.

Facebook rolls out new ad policies amid Russia investigation (POLITICO) And anyone wishing to place a Facebook ad directly related to a U.S. federal election will be required to confirm their identity first.

Russian Facebook ads showed a black woman firing a rifle, amid efforts to stoke racial strife (Washington Post) More than 3,000 ads were sent to Congress on Monday, including many originally aimed at sowing discord.

U.S. Cyber Command Launched DDoS Attack Against North Korea: Report (Security Week) Non-destructive cyber attack could be considered a warning to North Korean regime

As US launches DDoS attacks, N. Korea gets more bandwidth—from Russia (Ars Technica) Fast pipe from Vladivostok gives N. Korea more Internet in face of US cyber operations.

Trump ordered strategy of pressure against North Korea (The Straits Times) Early in his administration, President Donald Trump signed a directive outlining a strategy of pressure against North Korea that involved actions across a broad spectrum of government agencies, and led to the use of military cyber capabilities, according to US officials.. Read more at straitstimes.com.

SEC now says personal info was leaked in breach (Fifth Domain) The Securities and Exchange Commission is now saying that at least two people had their personal information stolen in the breach that happened last year.

Huge Equifax Hack Is Even Bigger Than First Thought (Fortune) Total potential victims: 145.5 million.

Equifax Warned About Vulnerability, Didn't Patch It: Ex-CEO (Security Week) The security team at Equifax failed to patch a vulnerability in March after getting a warning about the flaw, opening up the credit agency to a breach affecting 143 million people, the former chief executive said Monday.

Former Equifax chairman apologizes for data breach (Fifth Domain) Richard Smith, who resigned after overseeing the company for a dozen years, says Equifax was hacked by a yet-unknown entity.

Hackers Hijack Another Ethereum ICO. Damages Unknown. (BleepingComputer) Hackers disrupted the Etherparty ICO (Initial Coin Offering) after they hijacked the platform's website on Sunday and displayed their own Ethereum address, tricking some ICO participants into sending funds to the wrong wallets.

Clapper: U.S. shelved 'hack backs' due to counterattack fears (Cyberscoop) "Unless you are very confident in your cyberdefenses, it's pointless to talk about cyberattacks," said former intelligence chief Clapper.

Abandoning Iranian Nuclear Deal Could Lead to New Wave of Cyberattacks (Foreign Policy) If Trump walks away from the pact, Tehran could see “retribution against Western targets.”

Malvertising Attack Spreads Malicious Sponsored Content Via Taboola (Silicon UK) Attackers are now making use of 'sponsored content' networks such as Taboola to insert malicious content into trusted sites, researchers have found

Gaming Service Goes Down After Hacker Wipes Database and Holds It for Ransom (BleepingComputer) R6DB, an online service that provides statistics for Rainbow Six Siege players, went down over the weekend after an attacker wiped the company's database and asked a ransom.

Three in Four DDoS Targets Hit Multiple Times: Imperva (Security Week) Amid an increase in frequency of repeat application layer distributed denial of service (DDoS) attacks during the second quarter of the year, over 75% of targets were hit multiple times, according to statistics from Imperva.

Malspam pushing Formbook info stealer (SANS Internet Storm Center) On Monday 2017-10-02, I ran across malicious spam (malspam) pushing Formbook, an information stealer.

USPS ‘Informed Delivery’ Is Stalker’s Dream (KrebsOnSecurity) A free new service from the U.S. Postal Service that provides scanned images of incoming mail before it is slated to arrive at its destination address is raising eyebrows among security experts who worry about the service’s potential for misuse by private investigators, identity thieves, stalkers or abusive ex-partners.

The global impact of huge cyber security events (Help Net Security) The past 12 months have seen a number of unprecedented cyber-attacks in terms of their global scale, impact and rate of spread.

WannaCry and NotPetya: Who, what, when and WHY? (SC Media US) There isn't a cybersecurity professional in the world that is not sick and tired of hearing about WannaCry and NotPetya, and with good reason as the NSA's EternalBlue exploit and DoublePulsar backdoor tool were known to the cybersecurity community well before either attack was launched.

Understanding The Physical Damage Of Cyber Attacks (Infosecurity Magazine) Everyone must be prepared to prevent cyber-attacks that's meant to cause physical damage too.

Expert Skeptical 'Dark Overlord' Responsible For Flathead Cyber Attack (Montana Public Radio) “Cyber terrorism is an emerging threat that has become all too real in Montana.” That’s Senator Steve Daines talking to FBI Director Chris Wray about last

Security Patches, Mitigations, and Software Updates

Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices (Threatpost) Netgear patches over a dozen vulnerabilities impacting its routers, switches and NAS devices.

DJI launches privacy mode for drone operators (Help Net Security) DJI Local Data Mode stops internet traffic to and from the Pilot app, in order to provide data privacy assurances for government and enterprise customers.

Cyber Trends

A year at the Citizen Lab (The Varsity) The lab’s major research in 2017 looks at spyware and cybersecurity around the world

Finance directors promoted to cybersecurity custodians (BDO Global Office newsroom) October Cybersecurity Awareness Month - cyber risk’s historically technological perspective is enriched with with finance directors' holistic business management - integrating risk management, ERP, compliance, reporting, valuation and business continuity.

Most companies are unprepared for DNS attacks (Help Net Security) DNS security is often overlooked when it comes to cybersecurity strategy, with most companies inadequately prepared to defend against DNS attacks.

Outdated vendor systems leaving finance industry at risk (Help Net Security) Outdated vendor systems are a big problem. Companies in the finance industry supply chain are not meeting adequate security standards.

Do UK organisations have the right skills to deal with cyber threats? (Information Age) New research has reported that almost half of UK organisations are concerned about the abilities of their staff to address cyber threats

Marketplace

ForeScout Technologies unveils security IPO filing (TechCrunch) ForeScout Technologies has unveiled its IPO filing. This puts the network security company on track for a public debut that could happen as soon as late..

Telos Corporation Wins $34M Air Force Contract to Modernize Wireless Infrastructure (Telos) NETCENTS-2 task order covers wireless networks at 196 U.S. Air Force Active, Reserve and National Guard sites.

Report: Company allowed Russia to review major Pentagon defense software (Fifth Domain) A report says Hewlett Packard Enterprise (HPE) allowed a source code review of ArcSight, a Pentagon cyber defense software, by a Russian defense agency.

Relentless Cyber Attacks Make These A Screaming Buy (Forbes) President Donald Trump’s bed-ridden, 400-pound hacker and his friends have been relentless in making 2017 a banner year for digital disruption of the worst kind. In light of the cyber attack pandemic -- Equifax breach, WannaCry, Petya -- cybersecurity companies are a screaming buy for long-term investors.

The Internet Bug Bounty offers rewards for bugs in data processing libraries (Help Net Security) The Internet Bug Bounty has announced that it will be giving out rewards for critical vulnerabilities in core infrastructure data processing libraries.

Successful big customers steer Splunk APAC growth (iTWire) Enterprise big data aggregator Splunk continues to enjoy rapid growth in the APAC region. Within Australia, the company has continued to increase its...

Delta Risk Celebrates 10 Years of Professional Cyber Security and Managed Security Services (PRNewswire) Delta Risk, a global provider of cyber security and risk management...

ENVEIL Appoints Timothy Eades to Board of Directors (BusinessWire) ENVEIL today announced the addition of Timothy Eades to their Board of Directors.

Products, Services, and Solutions

Also-Rans Catch Up in Latest Antivirus Tests (Tom's Guide) All brands, even the usual laggards, did well in latest antivirus test results. Is it a real breakthrough, or a just a statistical fluke?

M-Files conclut un partenariat avec IT Governance (Global Security Mag Online) M-Files annonce qu'elle a conclu un partenariat avec IT Governance, fournisseur de solutions informatiques de gouvernance, de gestion des risques et de mise en conformité. Ce partenariat va permettre à M-Files de proposer un cadre destiné à aider les entreprises à parfaitement respecter le Règlement Général sur la Protection des Données (RGPD).

How We Developed the IBM Security GDPR Framework (Security Intelligence) IBM Security developed a five-phase GDPR framework to help organizations achieve and maintain compliance with the upcoming privacy law.

John McAfee unveils new details about long-awaited anti-hacking system 'Sentinel' (International Business Times UK) Sentinel is set to ship on 1 November 2017 and the MSRP per unit is $2,499.

Google To Offer Online Account Security Tools (PYMNTS.com) Aiming to protect users from hackers and political operatives, Google is gearing up to enhance its online security tools. Citing two people familiar with the company’s plan, news from Bloomberg reported that starting in October, it will roll out its Advanced Protection Program, which will provide increased security tools for online accounts, such as email or …

Why Privacy Is the New Blockchain Frontier - Meet Rockchain.org (Digital Journal) The new trust economy is booming thanks to cryptographic innovation.

Deloitte tracks ship certificates using blockchain technology (My Broadband) Deloitte has implemented blockchain technology to help it track ship safety certificates.

Technologies, Techniques, and Standards

New Network Security Standards Will Protect Internet’s Routing (NIST) Download | Image info The new Border Gateway Protocol security standards will help protect Internet traffic from hijacking by data thieves. View Border Gateway Protocol Security Slideshow Credit: Hanacek/NIST Electronic messages traveling across the internet are under constant threat from data thieves, but new security standards created with the technical guidance of the

Soon, DHS Will Have Eyes on Computer Vulnerabilities Across the Government (Defense One) A governmentwide software dashboard is launching this month.

What ever happened to the Army’s EW capabilities? (C4ISRNET) The U.S. Army is playing catch-up with near-peer adversaries in the electronic warfare space. But why did the service even fall behind?

Outmatched, Army begins long road to electronic warfare rollout (C4ISRNET) The U.S. Army Rapid Capabilities Office is delivering quick-reaction electronic warfare solutions to the European theater, and these systems will help inform the development of more permanent programs of record.

Army seeks more cross-service cyber drills, experiments (Fifth Domain) Cyber is a team sport. And though the Army works through experiments and exercises to help develop internal concepts and requirements, there is recognition that the service never goes to war alone.

Cyber Blitz: Army’s military hide-and-seek tests cyber, EW tools (C4ISRNET) The Army's Cyber Blitz experimentation sought to better understand tactical cyber and electronic warfare effects.

Why Encryption Is Not A Silver Bullet (IT Jungle) While there is a temptation to view database encryption as the ultimate form of security, there are a variety reasons why the technology should not be relied upon as the main means to protect your valuable DB24i data. We talk with former IBMer Bruce Bading, who wrote the book on IBM i security assessments, to

'I don't need to understand how encryption works,' admits UK Home Secretary (Graham Cluley) Amber Rudd is fed up with "sneering" and "patronising" technology experts.

You have it wrong: Collaboration tools and security are the perfect marriage [Commentary] (Fifth Domain) Time to set the record straight. When it comes to collaboration tools and security, it is a necessary and equal partnership.

Protecting data is crucial when disposing of electronics (The Frederick News-Post) An old desktop computer sitting in a closet. The old cellphone turned on and forgotten in a desk drawer. Even an old copier or printer at a business that is

Want stronger passwords? Understand these 4 common password security myths (CSO Online) Yes, password length and complexity matter, but only if you apply those qualities to the proper security context.

Design and Innovation

The Coming Software Apocalypse (The Atlantic) A small group of programmers wants to change how we code—before catastrophe strikes.

Research and Development

Office of Naval Research awards GrammaTech $9M for Cyber-Hardening Security Research (Business Insider) GrammaTech, Inc., a leading developer of commercial embedded software assurance tools and advanced cybersecurity solutions, announced today that it has been awarded a $9M, three-year contract from the Office of Naval Research, a division of the United States Department of the Navy, to perform research and development into cutting-edge techniques for protecting software from cyber-attacks.

Academia

Las Vegas program teaches cybersecurity skills to homeless (Fifth Domain) The business incubator RedFlint partnered with a workforce development program last week to offer training in a field that’s experiencing a workforce shortage.

Legislation, Policy and Regulation

UK to hike penalties on viewing terrorist content online (TechCrunch) In its ongoing war against online extremism the UK government has said it intends to change the law to bring in tougher sentences for people who repeat view..

Congress Considers Changes To Foreign Intelligence Surveillance Act (WVTF) Copyright 2017 NPR. To see more, visit http://www.npr.org/. DAVID GREENE, HOST: Section 702 of the Foreign Intelligence Surveillance Act is set to expire

NYC CISO Geoff Brown Protects the Greatest City in the World (Recorded Future) Geoff Brown, the CISO of New York City, shares how the New York City Cyber Command prevents, detects, responds to, and recovers from cyber threats.

Small Towns Confont Big Cyber-Risks (Government Technology) Small and mid-sized local governments face the same cybersecurity challenges as larger jurisdictions, but with fewer resources, their defense strategies must be creative.

Litigation, Investigation, and Enforcement

Did Manafort Use Trump to Curry Favor With a Putin Ally? (The Atlantic) Emails turned over to investigators detail the former campaign chair's efforts to please an oligarch tied to the Kremlin.

Robert Mueller has no comment (POLITICO) The special counsel avoids the public eye and swears others to secrecy — even as Trump allies accuse him of leaking.

Terror in the Terroir (Foreign Affairs) The roots of France’s problem with terrorism lie in a complex mixture of religion, social pressures, and alienation. But the solutions need not be so convoluted. Better policing, coordination, and community outreach can all make the jihadist threat less lethal.

NCSC Tackles Nearly Two Cyber-Incidents Per Day (Infosecurity Magazine) NCSC Tackles Nearly Two Cyber-Incidents Per Day. Government body promotes efforts in first anniversary report

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

Industrial Control Systems (ICS) Cyber Security Conference USA (Atlanta, Georgia, USA, Oct 23 - 26, 2017) Since 2002, the ICS Cyber Security Conference has gathered ICS cyber security stakeholders across various industries and attracts operations and control engineers, IT, government, vendors and academics. Over the years, the focus of the conference has shifted from raising awareness towards sharing security event histories and discussing solutions and protection strategies. The event will cater to the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure organizations.

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, Apr 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect on SCADA, DCS PLC and field controller cyber security.

upcoming Events

Federal IT Security Conference (Columbia, Maryland, USA, Nov 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape.

Sector (Toronto, Ontario, Canada, Nov 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences. The conference provides an unmatched opportunity for IT Professionals and Managers to connect with their peers and learn from their mentors.

Countermeasure (Ottawa, Ontario, Canada, Nov 9 - 10, 2017) Now into its sixth year in Ottawa, and consistently advancing in both size and content quality, COUNTERMEASURE continues to be the national capital's premier IT security event. As in years past, attendees can expect up to three days of professional skills training prior to the two-day main conference. All content will be delivered by some of the world's most knowledgeable and influential IT security experts in private, public, and research sectors.

2017 ICIT Gala & Benefit (Washington, DC, USA, Nov 9, 2017) The Annual ICIT Gala and Benefit is the year’s most prestigious and intimate gathering of legislative, agency and private sector leaders committed to protecting our Nation’s critical infrastructures. This black-tie event will celebrate the accomplishments of the most influential members of our community as well as the efforts of today’s most impactful cybersecurity leaders. The funds raised from this Benefit will be used to help sustain and grow the Institute’s research, publications, and educational activities for the communities it serves.

4th Annual Journal of Law & Cyber Warfare Conference (New York, New York, USA, Nov 9, 2017) Join thought leaders across the industry for a day of collaboration and education with an outstanding group of cyber security experts. In this one-day program, we continue JLCW's 5+ year reputation for presenting cutting-edge, practical, and balanced training for cyber security lawyers, in-house legal personnel, cyber security service providers, law enforcement, military, members of the bar, bench, and ambassadors and consul generals from all over the world.

CyCon US (Washington, DC, USA, Nov 7 - 8, 2017) The 2017 International Conference on Cyber Conflict U.S. (CyCon U.S.) will take place 7-8 Nov 2017 at the Ronald Reagan Building in Washington D.C. CyCon U.S. facilitates knowledge generation and information exchange across the cyber community, and includes participation from military, government, academia, and industry from around the world. The conference promotes security initiatives and furthers research on cyber threats and opportunities. CyCon U.S. is a collaborative effort between the Army Cyber Institute at the United States Military Academy and the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia.

RSA Conference 2017 Abu Dhabi (Abu Dhabi, UAE, Nov 7 - 8, 2017) RSA Conference 2017 Abu Dhabi is the leading information security event in the region. This year's Conference will take place 7 to 8 November at the Emirates Palace in Abu Dhabi. Join us for two days of engaging sessions and intense networking. Get exposure to innovative technologies and leadership that will help secure your organization and your future.

National Initiative for Cybersecurity Education Conference and Expo (Dayton, Ohio, USA, Nov 7 - 8, 2017) Cybersecurity has emerged as one of the leading creators of jobs and opportunity for all economic sectors. The demand for cybersecurity positions in both the public and private sector is large and growing, but the talent pool of cybersecurity workers is not yet able to keep up. The NICE 2017 Conference and Expo features thought leaders from education, government, industry and non-profits who are addressing the cybersecurity education, training, and workforce needs of the nation.

POC 2017 (Seoul, Korea, Nov 2 - 3, 2017) POC started in 2006 and has been organized by Korean hackers & security experts. It is an international security & hacking conference in Korea. POC doesn't pursue money. POC concentrates on technical and creative discussion and shows real hacking and security. POC wears both black hat and white hat. POC will share knowledge for the sake of the power of community. POC believes that the power of community will make the world safer. POC has been making a history with sincere staffs, hackers from the world, and sponsors since2006. POC will be a unique conference.

Cyber Security Summit: Boston (Boston, Massachusetts, USA, Nov 1, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Boston. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Boston is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

2017 International Information Sharing Conference (Washington, DC, USA, Oct 31 - Nov 1, 2017) Join us for the inaugural International Information Sharing Conference hosted by the Information Sharing and Analysis Organization Standards Organization (ISAO SO), with participation from the Department of Homeland Security and U.S. Chamber of Commerce. This two-day event, a first of its kind, will convene practitioners from small businesses to multi-national corporations, and from information sharing newcomers to well-established cybersecurity organizations. This unique conference will go beyond discussing current cyber information sharing topics, and will provide opportunities to see competing approaches and innovations in platforms and services. Conference sessions and panels will focus on automated sharing, analysis, how to build trust in a community of interest, cross-sector sharing, the role of government in information sharing, the value proposition of an ISAO, and much more.

2017 Annual Conference: Networking the Future (Tampa, Florida, USA, Oct 27, 2017) Networking the Future is the Florida Center for Cybersecurity's fourth annual conference and will host hundreds of cybersecurity technical and non-technical stakeholders from industry, government, the military, and academia for a comprehensive exploration of emerging threats, best practices, research, workforce development, and today's hottest cyber trends.

RETR3AT Cybersecurity Conference (Montreat, North Carolina, USA, Oct 27, 2017) Each year, Montreat College’s Center for Cybersecurity Education and Leadership hosts RETR3AT, a conference designed to engage, educate, and raise awareness about cybersecurity in Western North Carolina and beyond. RETR3AT goes beyond the “1s and 0s” approach to cybersecurity training, challenging attendees to think about how to lead in protecting their organization’s information within an ethical framework.

Digital Risk Summit (Washington, DC, USA, Oct 25 - 27, 2017) Hosted by Neustar, the Digital Risk Summit is a forward-looking educational conference packed with actionable intelligence and best practices for all types of organizations. If you interact with consumers, customers, and partners by phone or online, you face digital risk. In today’s world, it’s imperative that you stay on top of rapidly evolving threats. Hear and learn from regulators, FBI, U.S. Secret Service and other experts about the latest risks and how best to manage them now and in 2018. Attendees will also have the opportunity to earn CPE, CRCM and CAMS credits.

European Smart Homes 2017 (London, England, UK, Oct 25 - 26, 2017) ACI’s European Smart Homes 2017 will will bring together key industry stakeholders from the energy industry, IT, telecoms operators, retailers, solution distributors utilities, insurance and property management companies, governments, consultants, solution and technology providers. The key discussions will involve monetisation, customer approach, partnership and interoperability.

PCI Security Standards Council: 2017 Europe Community Meeting (Barcelona, Spain, Oct 24 - 26, 2017) Three days of networking and one-of-a-kind partnership opportunities await you. Whether you want to learn more about updates in the payment industry or showcase a new product, you’ll find it all at the 2017 Europe Community Meeting.

Cyber Security Summit 2017 (Minneapolis, Minnesota, USA, Oct 23 - 25, 2017) Cyber Security Summit is a public-private collaboration with support from industry, government, and university leaders who gather to discuss security trends and solutions. The 7th Annual Summit will bring together senior executives, risk managers, military representatives, policymakers, lawyers, academics, and technology leaders. Topics, content and speakers are driven by an Advisory Board composed of experts from diverse critical infrastructure operators and commercial market sectors.

Workplace Violence Prevention - Active Shooter / Assailant Response Workshop (Laurel, Maryland, USA, Oct 23, 2017) The National Insider Threat Special Interest Group (NITSIG) has partnered with Law Enforcement (Maryland State Police), OSHA, Maryland Emergency Management Agency and and other Workplace Violence Prevention experts to provide a one-day training workshop for security professionals and others interested in implementing a Workplace Violence Prevention and Active Shooter / Assailant Response Program. Workshop participants will gain valuable in-depth knowledge about workplace violence, including legal issues, prevention, intervention, and response. (The intelligence and privacy issues have cyber dimensions.)

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Bogus news, questionable ISIS claims, surround Las Vegas massacre. DPRK DDoS? Equifax breach gets worse.