The CyberWire Daily Briefing 11.13.17

Summary

By The CyberWire Staff

Last week's WikiLeaks dump from "Vault 8" (successor to Vault 7, and still concerned with the US CIA) purports to show that the US intelligence agency was engaged in false flag operations in which its activities could be plausibly attributed to Kaspersky Lab. This hasn't served to clear Kaspersky of the suspicion it's under: the UK's GCHQ is the latest Western intelligence agency to sound a warning.

NSA and its partners in counterintelligence continue to struggle through its investigation of leaks that wound up in the Shadow Brokers' hands. Three people have been taken up by the investigation, two of whom, Hal Martin and Reality Winner, are awaiting trial. The third individual was the first one fingered, back in 2015 and shortly before the Shadow Brokers began their damaging publication of alleged NSA documents. That person has yet to be publicly identified.

The US Intelligence Community reiterates its conclusion (pace denials by President Putin) that Russian agencies indeed sought to influence US elections.

ISIS shows itself capable of defacing poorly defended school websites with slogans, but little more. Such puerile vandalism has had little effect in the past. A more serious campaign of inspiration appears to be in progress from ISIS rival al Qaeda, where Osama Bin Laden's son seeks to continue his late father's work.

Sputnik sheds crocodile tears over the largish number of senior information security positions remaining unfilled in the US Federal Government.

South Korean investigation of alleged political meddling by intelligence services takes a sharper turn.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, India, Democratic Peoples Republic of Korea, Republic of Korea, NATO/OTAN, Russia, Singapore, United Arab Emirates, United Kingdom, United States

Not all intelligence is created equal.

A well-informed cybersecurity strategy is essential to keeping your organization protected, but gathering global intelligence from various sources and locations is difficult. Your organization needs a partner with deep roots in cyber threat intelligence. The LookingGlass digital library (STRATISS) of strategic intelligence reports expands your understanding of the threat landscape and delivers the intelligence your decision makers want to their fingertips. Check out our intelligence here.

On the Podcast

In today's podcast, we speak with Rick Howard from our partners at Palo Alto Networks. He shares his thoughts on "vendor-in-depth" and "best-of-breed" strategies.

Sponsored Events

Earn a master’s degree in cybersecurity from SANS (Online, November 21, 2017) Earn a master’s degree in cybersecurity from SANS, the world leader in information security training. Learn more at a free online information session on Tuesday, November 21st, at 1:00pm ET. For complete information on master’s degree and graduate certificate programs, visit www.sans.edu.

Cyber Security Summit: Los Angeles (Los Angeles, California, USA, November 29, 2017) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security on November 29 in Los Angeles. Register with promo code cyberwire50 for half off your admission (Regular price $350).

Selected Reading

Dateline

The SINET Showcase 2017: Innovation in an Environment of Risk and Opportunity (The CyberWire) The 2017 edition of the SINET Showcase in Washington, DC, offered workshops and presentations that continued SINET's mission of serving, as CEO Robert Rodriguez put it, as a "superconnector" for the cybersecurity sector.

Regulatory risk: "high-impact, low-probability" (but really high-impact if the improbable happens). (The CyberWire) If regulatory risk is generally underestimated risk, what can be done to, first, raise awareness, and second, mitigate it? Some strategic and tactical reflections.

Threats, resilience, and a place for innovation. (The CyberWire) If we've reached a level of digitalization from which we can't retreat, what does that say about the future of security? Some thoughts about innovation and resiliency.

Challenges for innovators, courtesy of the Intelligence Community (The CyberWire) What the CIA's Deputy Director for Science and Technology would like to see you work on.

The SINET 16's Class of 2017 (The CyberWire) Meet the SINET 16. The Class of 2017 seems every bit as interesting as those that have come before.

Deterring adversaries and mitigating risks in cyberspace. (The CyberWire) So how might enterprises move from resilience to active defense? Here's one way not to do it, according to panelist Richard Baich: don't listen to all the Jason Bourne wannabes running loose in the commercial sector.

Cyber Attacks, Threats, and Vulnerabilities

Hamza bin Laden lionizes his father and incites 'rebellion' in new audio message (FDD's Long War Journal) In a newly released audio message, Hamza bin Laden praises his father for spreading jihadism and attacking the US. Hamza calls on Muslims to rise up against "tyrant" rulers and wage jihad until sharia is imposed. The message was posted online just days after the CIA released a video from Hamza's wedding. The video was recovered in Osama bin Laden's Abbottabad compound.

Cause for concern? Pro-ISIS hacking group targets 800 US school websites (Fox News) The latest target of pro-ISIS hackers is none other than 800 school websites across the United States.

UK spymasters raise suspicions over Kaspersky software’s Russia links (Financial Times) GCHQ concerned by snooping potential of anti-virus product used by 2m Barclays clients

WikiLeaks Releases Source Code of CIA Cyber-Weapon (BleepingComputer) WikiLeaks published the first-ever batch of source code for CIA cyber-weapons. The source code released today is for a toolkit named Hive, a so-called implant framework, a system that allows CIA operatives to control the malware it deploys on infected computers.

WikiLeaks Starts Releasing Source Code For Alleged CIA Spying Tools (Motherboard) The secret-spilling organization launches a new series where it will release the source code of alleged CIA tools from the Vault 7 series.

What Was Russia's Role In 2016 U.S. Election? 2 Former KGB Officials Weigh In (NPR) "What we're talking about is the new concept of so-called hybrid war, which a government wages but won't admit to," Gennady Gudkov, a retired KGB colonel, tells NPR. "It's extremely hard to prove."

Beware North Korea's most powerful weapon (hint: it's not a nuclear arsenal) (CSO) With all the talk associated with North Korea's prospects of launching a nuclear attack, there is often an overlooked, existential threat that continues to fly under the radar - cyber attacks.

What a cyberwar with North Korea could look like, according to a cybersecurity expert (Business Insider) We're technically already in a cyberwar with North Korea.

Defense chief discusses NK's cyber threats with US commander (Korea Herald) South Korean Defense Minister Song Young-moo met the head of US Cyber Command in Seoul on Thursday for discussions on North Korea, his ministry said.Song and Adm. Michael S. Rogers, who doubles as director of the National Security Agency, agreed on the importance of close coordination between the allies in the cybersecurity sector based on mutual trust and a close bond, according to the ministry.Song pointed out that...

Selfies and surveillance: North Korea's new connectivity (Panama City News Herald) There are very few actual sites on the network. An official at the Sci-Tech Center said they number 168.

North Korea 'to launch more cyber attacks on Britain' (The Sun) North Korea will bid to hurt Britain with more cyber attacks in the next year, experts have warned. Kim Jong-un’s regime was blamed by Britain’s Security Minister for the ‘WannaCry’ cyber-att…

India in the web of N Korean cyberwar (The Pioneer) Around one-fifth of North Korea’s cyber attacks originate from India, and this should set alarm bells ringing in the corridors of security establishments as well as the strategic community,

“Well-Resourced” Cyber Spies Are Reportedly Targeting South America, Asia (Fast Company) Hackers are using sophisticated malware to hunt down files relating to international relations, according to security firm Symantec.

Hacker Mines Data from South American, South East Asian Diplomatic Targets (Telesur) Based on Symantec findings, the hackers reportedly used fake, malicious software updates of Windows or Adobe Reader.

Experts discuss implications of massive Paradise Papers leak (Security Brief) The recent news about the huge leak of financial documents has caused waves around the world.

Google just can not get rid of BankBot malware from Play Store (Pro Defence) Google is trying its best to “make Chrome secure again,” but when it comes to Play Store and protecting Android devices, the tech giant is failing miserably.

Vietnamese Firm Bkav Claims to Have Beaten Apple Face ID With an Elaborate Mask (Gizmodo) Apple’s new Face ID security for the iPhone X has sparked a number of concerns, with the biggest being how secure the biometric system really is.

Hack Cost Equifax Only $87.5 Million — for Now (BleepingComputer) During an earnings call detailing the Q3 2017 financial results, Equifax execs said the company incurred $87.5 million in expenses related to the massive data breach it suffered earlier in the year and which it publicly disclosed in September 2017.

Outage downs OVH, world's third-largest hosting firm (CRN Australia) Updated: two separate faults knock out European websites.

University of East Anglia investigates another data leak (ComputerWeekly.com) University is investigating a second leak in six months, illustrating that data breaches are often caused by non-malicious insiders and that organisations are not getting to grips with the problem.

Security Patches, Mitigations, and Software Updates

Amazon moves to stop S3 buckets leaking business data (Security Boulevard) A long line of very public data breaches have made clear that businesses don’t need to be targeted by sophisticated hackers to have private and sensitive data splashed across the newspaper headlines.

November Patch Tuesday forecast: .NET, Adobe, Firefox and more (Help Net Security) Fall is upon us and the holidays are right around the corner! But before we continue shopping, we need to cover a few security topics for this month. KRACK

Cyber Trends

Future of intel will change with cyber, former MI5 head says (The National) Dame Stella Rimington spoke at a security conference in Abu Dhabi this week

Australia vulnerable to cyber attack and economic blackmail, report argues (The Mandarin) Australia faces "almost insurmountable" challenges in protecting itself against cyber attack and is underestimating China's capacity to use money to get what it wants, argues a CEDA report.

Marketplace

2017 Technology Fast 500 award winners | Deloitte US (Deloitte United States) Presenting the 2017 Technology Fast 500 award winners.

Cybersecurity: The Main Players in the $6 Trillion Cybercrime Market (PRNewswire) The Equifax breach exposed the credit of nearly 150 million people, almost...

Exclusive: ThreatQuotient just raised $30M — and one investor is also a potential acquirer (Washington Business Journal) Reston threat intelligence platform ThreatQuotient has raised another $30 million to expand — and one if its new strategic investors is technology giant and voracious acquirer Cisco Systems Inc. (NASDAQ: CSCO).

Enveil Raises $4 Million in Strategic Funding (BusinessWire) Enveil today announced it has secured $4 million in strategic funding with investment from key partners.

Amsterdam-based EclecticIQ secures €14 million to further expand with its Cyber Threat Intelligence solution (EU Startups) EclecticIQ, the global provider of Cyber Threat Intelligence technology solutions and Fusion Center operator today announced a Series B investment of €14 million.

SailPoint Technologies Holdings (SAIL) to Raise $200 Million in IPO (Stock News Times) SailPoint Technologies Holdings (SAIL) expects to raise $200 million in an IPO on Friday, November 17th, IPO Scoop reports. The company will be issuing 20,000,000 shares at a price of $9.00-$11.00 per share.

Departing NSA veterans catch the eye of Silicon Valley investors (Washington Post) Some see opportunity to build cyber businesses near the intelligence agency.

Why cybersecurity workers are some of the hardest to retain (VentureBeat) Cybersecurity workers are in high demand, and the security industry may face a shortage of close to two million qualified personnel by 2022.

Israel's CyberGym opens global HQ in Melbourne (Technology Decisions) Cybersecurity training company CyberGym has launched its new global headquarters and cybersecurity training arena in Melbourne.

Interview: Stu Sjouwerman, Founder and CEO, KnowBe4 (Infosecurity Magazine) Interview: Stu Sjouwerman, Founder and CEO, KnowBe4

Adam Cecil Joins ProtectWise As Chief Financial Officer (PRNewswire) Security leader ProtectWiseTM today announced Adam Cecil has joined the company...

Lacework Names Stefan Dyckerhoff Chief Executive Officer (PRNewswire) Lacework™, the industry's first solution to bring automation,...

Products, Services, and Solutions

New infosec products of the week: November 10, 2017 (Help Net Security) New infosec products for this week include releases from the following vendors: Coolfire Solutions, Distil Networks, Expel, Ixia, Nexus Group, WatchGuard.

This Baltimore company is gamifying cybersecurity training (Technical.ly Baltimore) Point3 Security created Escalate to provide education in cybersecurity with challenges. The ETC-based company is partnering with Maryland's Cybrary as it launches.

Comodo launches free cWatch Web website malware checker (Enterprise Times) Comodo launches cWatch Web and offers website owners a free security check to identify and remediate any security related issues with their sites.

Microsoft offers mitigation advice for DDE attacks scenarios (Help Net Security) Microsoft has published a security advisorty containing DDE attack mitigation instructions for both users and admins.

Technologies, Techniques, and Standards

Scrambling to Track Islamic State Terrorists, Coalition Turns to Biometrics (VOA) US-backed forces in Syria and Iraq are collecting DNA, fingerprints and retinal scans of Islamic State fighters, followers and collaborators

Is your CCTV system GDPR compliant? (Help Net Security) Organisations are putting themselves at risk of breaching the GDPR not realising that the regulation covers their CCTV systems and the data they collect.

Academia

New Academic Partnership Could Help Gemalto to Strengthen Government Ties (FindBiometrics) Gemalto has entered into an official partnership with the University of Texas at Austin's Center for Identity (UTCID). The academic institution was first...

UNK adds new cybersecurity major (Kearney Hub) Cybersecurity experts are in demand.

CyberPatriot competition engages youth in STEM learning (Silicon Prairie News) Cybersecurity has become one of the most critical issues throughout the world. Building interest and skills among young people in cybersecurity as well as science, technology, engineering and math (STEM) is the focus of the Air Force CyberPatriot competition. “It’s interesting to the kids and they feel like they’re accomplishing something,” said Brad White, an... Read More

Legislation, Policy and Regulation

NATO just added cyber weapons to its armoury (ZDNet) Military alliance wants to encompass member countries' cyberwarfare capabilities into its options.

Why Satya Nadella thinks it is time for a digital version of the Geneva Convention (The Indian Express) Microsoft is pushing for global cyber rules to protect individual Internet users and civilian infrastructure from cyber attacks by nation states during peacetime. But govts may not be willing to limit their strategic options.

Microsoft’s Brad Smith: Tech giants must be the first line of defense in cyberspace arms race (GeekWire) Cyberspace has become our generation’s battlefield, replacing gunfights with hacks, and it’s up to tech companies and governments to come together and combat rampant cyberattacks, Microsoft’s…

The UAE’s Tech Scene is Drowning Out Massive Human Rights Abuses (Al Bawaba) The UAE’s Tech Scene is Drowning Out Massive Human Rights Abuses

Singapore to refine upcoming cybersecurity bill following public feedback (ZDNet) Government says it will clarify the definition of critical information infrastructures and duties of such operators as well as licensing requirements of service providers, in the new bill slated to be introduced in early-2018.

()

US House panel passes legislation aimed at overhauling certain aspects of NSA's internet surveillance programme (Tech2) Section 702 of the Foreign Intelligence Surveillance Act allows the NSA to collect digital communications from foreign suspects living outside the US.

How this Congress could rack up the most wins on cyber issues (Washington Examiner) The 115th Congress — widely derided for a lack of accomplishment — could actually ring up cybersecurity successes by early 2018 that go beyo...

Getting 'Cyber' Right for the Department of Defense (War on the Rocks) “Cyber” is getting a lot of press these days. The problems seem endless, from nuisances, to hacks involving major corporations, to interference in democrat

Joyce: Civilian cyber could use more discipline (FCW) The top White House cybersecurity adviser suggests civilian agencies could take a page from the Pentagon's handbook.

Many Top Cybersecurity Posts Remain Empty — And Not On Purpose (Defense One) Filling various CIO and CISO jobs is taking a temporary backseat to more senior appointments, the White House cybersecurity coordinator says.

‘Incredibly Damaging’: US Cyber Security Ranks Vacant After Massive Hacks (Sputnik News) Many top cybersecurity top posts remain empty, according to White House cybersecurity coordinator Rob Joyce, as the NSA reports disastrous leaks of key assets.

Homeland Security Pick Defends Her Experience Amid Democrats’ Questions (New York Times) Kirstjen Nielsen, President Trump’s choice to run the Department of Homeland Security, has not led a large organization but is likely to be easily confirmed.

MHA Sets up New Divisions to Check Radicalisation, Cyber Fraud (The Quint) The CTCR wing will focus on tracking and assessing the online reach of global terrorist outfits.

Litigation, Investigation, and Enforcement

Prosecutor’s investigative net closing around Lee Myung-bak (Hankyoreh) Political meddling, cultural blacklists, and BKK investigations are all catching up to the former president

Lee says probes are ‘retaliation’ (Korea JoongAng Daily) Former President Lee Myung-bak criticized the probes into allegations that the National Intelligence Service and military meddled in political affairs under his administration as “political retaliation” on Sunday, one day after the arrest of his form

Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core (New York Times) A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide.

Equifax And Yahoo Complain They Are Helpless Against State-Sponsored Hacks (Gizmodo Australia) Former and current Equifax and Yahoo executives appeared on Capitol Hill on Wednesday to testify about the major consumer data breaches that occurred...

Former Yahoo CEO still does not know how breach was 'perpetrated,' blames Russia (CIO Dive) The interim CEO of Equifax, also present at the congressional hearing, discussed the company's post-breach efforts, including data security improvements.

Trump backs intel agencies after raising doubts over Russian meddling (NBC News) President Trump said on Sunday that "I believe [Putin] believes that" Russia didn't meddle but "I'm with our agencies" that have concluded there was an effort.

Pompeo backs report on Russian meddling after Trump recounts Putin denials (Kansas) CIA director Mike Pompeo backs an intelligence assessment that found Russia tried to influence 2016 election. President Donald Trump has been critical of the agency in the past.

Trump careens off script on Russia after Putin meeting (POLITICO) After a week of delicate diplomacy in Asia, the president again dismissed Russian election meddling and lashed out at critics on Twitter.

Top Intel Dem blasts Trump for accepting Putin's word over intelligence agencies (TheHill) Rep. Adam Schiff (D-Calif.), the top Democrat on the House Intelligence Committee, ripped President Trump in a statement Saturday for suggesting he accepted Russian President Vladimir Putin’s denial that Russia did not interfere in the 2016 election.

CrowdStrike analyst who responded to DNC hack hasn’t spoken with Russia investigators: Report (The Washington Times) A cybersecurity professional hired by the Democratic National Committee during the 2016 presidential election cycle and credited with discovering a major breach blamed on Russian state-sponsored hackers said he’s never been interviewed by federal investigators probing Moscow’s role in the race.

The first person to investigate the DNC hacks said Russia wouldn't do anything with the stolen emails — now he's kicking himself (Business Insider) A cybersecurity expert who was the first to uncover Russia's hacks into the DNC in 2016 regrets telling Democratic officials the data wouldn't be leaked.

This timeline paints the clearest picture we have yet of Russia's meddling in the US election — and how the Trump campaign reacted (Business Insider) This interactive graphic timeline outlines all the known ties we know so far between members of President Donald Trump's campaign and Russia.

Mueller probing pre-election Flynn meeting with pro-Russia congressman (NBC News) The special counsel is investigating an alleged Sept. 2016 meeting between Mike Flynn and Rep. Dana Rohrabacher.

Boris Johnson pictured with ‘London professor’ from FBI Russia probe (POLITICO) The Foreign Office said Johnson had no recollection of meeting Joseph Mifsud.

Byron York: Did dossier trigger the Trump-Russia probe? (Washington Examiner) What is absolutely clear is that, beyond any investigation, the dossier has proven enormously useful politically to the president's adversar...

Enigma Software Group's Battle with Malwarebytes Headed to the Court of Appeals to Protect Consumers' Rights (PRNewswire) Enigma Software Group pressing its claims against Malwarebytes for predatory business practices on appeal. Enigma...

Hackers hired for year-long DDoS attack against man’s former employer (Naked Security) Using a paid service meant he couldn’t be traced but the FBI tracked him down

No jail time for botnet creator who promises to go straight (Naked Security) Tiernan was involved in the development of the botnet for 14 months until he was raided by the FBI

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

upcoming Events

Sector (Toronto, Ontario, Canada, November 13 - 15, 2017) Illuminating the Black Art of Security. Now entering its 11th year, SecTor has built a reputation of bringing together experts from around the world to share their latest research and techniques involving underground threats and corporate defences. The conference provides an unmatched opportunity for IT Professionals and Managers to connect with their peers and learn from their mentors.

Second Annual Federal IT Security Conference (FITSC)! (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape.

Federal IT Security Conference (Columbia, Maryland, USA, November 14, 2017) The Federal IT Security Institute (FITSI) in partnership with Phoenix TS in Columbia, MD is hosting the second annual Federal IT Security Conference. Speakers from NIST, DHS, the Defense Department as well as private industry will be in attendance discussing the themes and trends that are influencing the Federal/DoD cyber landscape.

2017 Capital Cybersecurity Summit (Tysons Corner, Virginia, USA, November 14 - 15, 2017) Join cyber experts from the FBI, DHS, Palo Alto Networks, Distil, Google, AWS, Tenable and more at the 2017 Capital Cybersecurity Summit. FBI Cyber Division Deputy Assistant Director Howard Marshall and National Security Council Senior Director for Cybersecurity Policy Grant Schneider will provide keynote remarks and top speakers will share unique insights into topics like cloud security, attracting cyber talent, federal cyber acquisition and real-life breach response.

Cyber Security Opportunities in Mexico Webinar (Washington, DC, USA, November 15, 2017) Learn about the cyber security opportunities in Mexico. Mexico is ranked 28th out of 164 countries in the ITU's 2017 Global Cyber Security Index. Companies spend approximately 3.5% of their IT budgets on cyber security products and services. Currently, the cost to Mexico's overall economy imposed by cyber attacks is more than US$3 billion. The country is a manufacturing powerhouse and is increasingly implementing automated processes. It is also highly integrated with the global financial system.

Aviation Cyber Security (London, England, UK, November 21 - 22, 2017) Join us on November 21/22 in London, England for the Cyber Senate Aviation Cyber Security Summit. We will address key issues such as the importance of information sharing and collaboration, supply chain and third party risk, incident response, integrating of cyber security and safety, IT and OT convergence, Security Operations Centres and much more as we further develop our collective insight in how we can mitigate risk and develop resilient end to end networks capable of delivering safety and value to all stakeholders.

Global Conference on Cyberspace (GCCS) (New Dehli, India, November 23 - 24, 2017) The Global Conference on Cyberspace (GCCS) aims to deliberate on the issues related to promotion of cooperation in cyberspace, norms for responsible behaviors in cyberspace and to enhance cyber capacity building. The fifth conference, planned to be the biggest in magnitude, shall take place at New Delhi, India on 23-24 November 2017.

AutoMobility LA (Los Angeles, California, USA, November 27 - 30, 2017) The Los Angeles Auto Show Press & Trade Days and Connected Car Expo have MERGED to form AutoMobility LA, the new auto industry’s first true trade show. Register to join us in Los Angeles this November.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) Organized by Dark Reading, the web’s most trusted online community for the exchange of information about cybersecurity issues. INsecurity focuses on the everyday practices of the IT security department, and real-life methods that you can use to shore up your own enterprise defenses. It will also feature some of the industries most recognized and knowledgeable CISOs and IT security experts, in a setting that is conducive to interaction and conversation. Use Promo Code CYBERWIRE100 for $100 off the current rate.

INsecurity (National Harbor, Maryland, USA, November 29 - 30, 2017) INsecurity is for the defenders of enterprise security—those defending corporate networks—and offers real-world case studies, peer sharing and practical, actionable content for IT professionals grappling with security concerns. INsecurity will feature some of the industry’s most recognized and knowledgeable CISOs and IT security experts, in a setting that is conducive to interaction and conversation.You’ll have a chance to meet colleagues in the cybersecurity profession to discuss the everyday challenges you face in protecting enterprise data. And you’ll get in-depth insights on how other organizations perform security best practices, and how they manage their teams.

Cyber Security, Oil, Gas & Power 2017 (London, England, UK, November 29 - 30, 2017) ACI’s Cyber Security - Oil, Gas, Power Conference will bring together key stakeholders from energy majors and technology industries, to discuss the challenges and opportunities found in the current systems. The conference will also promote essential collaboration between decision makers and technology experts, in order to streamline solutions to resist cyber threats and attacks.

Cyber Security Summit Los Angeles (Los Angeles, California, USA, November 30, 2017) If you are a Senior Level Executive responsible for making your company’s decisions in regards to information security, then you are invited to register for the Cyber Security Summit: Los Angeles. Receive 50% off of a Full Summit Pass when you register with code CYBERWIRE50 (standard price of $350, now only $175 with code). Register at CyberSummitUSA.com. The Cyber Security Summit: Los Angeles is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts. for details visit CyberSummitUSA.com.

cyberSecure (New York, New York, USA, December 4 - 5, 2017) cyberSecure is a unique cross-industry conference that moves beyond the technology of cyber risk management, data security and privacy. Unlike other cybersecurity events, cyberSecure brings together corporate leaders from multiple function areas who help shape policies, risk management strategy, compliance programs, and an organization’s cyber-incident response playbook. This two day event is designed to educate in-house counsel, compliance and privacy officers, risk managers, and CIO/CISOs about the current cybersecurity challenges affecting your business continuity.

National Insider Threat Special Interest Group Meeting (Virginia Chapter) (Herndon, Virginia, USA, December 5, 2017) The National Insider Threat Special Interest Group (NITSIG) is excited to announce it has established a Virginia Chapter. NITSIG Members and others may attend meetings at no charge. Attendees will receive comprehensive guidance and best practices for establishing and managing an Insider Threat Program. Anyone concerned with employee threat identification and mitigation will gain valuable knowledge from attending meetings. This meeting will focus on human resources interaction with an insider threat program and behavioral indicators of insider threat.

Cyber Security Indonesia 2017: Shaping National Capacity for Cyber Security (Jakarta, Indonesia, December 6 - 7, 2017) Cyber Security Indonesia 2017 exhibition and conference, brought to you by the organisers of the Indonesia Infrastructure Week, will bring cyber security solutions providers together with key government and private sector decision makers, buyers, and influencers in order to meet and do business and to advance resilience against cyber attack.

Third International Conference on Information Security and Digital Forensics (ISDF 2017) (Thessaloniki, Greece, December 8 - 10, 2017) A 3 day event, with presentations delivered by researchers from the international community, including presentations from keynote speakers and state-of-the-art lectures.

Sponsor & Support

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter’s financial reach, or it might just not be the right time for you to do those things. That’s why we launched our new Patreon site, where we’ve created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you’ll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.