New Cryptomix ransomware strain in the wild. Another misconfigures AWS bucket. Commerce, DHS botnet report is out.

Cyber Attacks, Threats, and Vulnerabilities

North Korea hasn't stopped cyberattacks amid peace talks (Cyberscoop) As Kim Jong-un speaks publicly about nuclear disarmament, North Korea's hacker army continues to target different businesses across Europe, Asia and even the U.S.

China Hacking Taiwanese Military Hospital Websites to Obtain Military Intelligence (Epoch Times) Taiwan has been braving relentless cyberattacks by Chinese hackers in the past four years, according to the latest statistics provided by the island nation’s military. Taiwanese websites, especially those run by the military, have been attacked hundreds of millions of times by the Chinese regime’s cyber army and unknown sources, reported Taiwanese newspaper The Liberty …

Yuri Zorya: Hacked military docs reveal how the Russian 18th motorized brigade invaded Crimea (KyivPost) The investigative volunteer community InformNapalm has analyzed Russian military files hacked by hackers from the Ukrainian Cyber Alliance (UCA), the so-called “hacktivists” responsible for hacking the email accounts of Putin’s gray cardinal Vladislav Surkov, known as #SurkovLeaks. Using the data, InformNapalm has tracked down members of Russian military brigades who took part in the occupation …

Expert warns how rogue nations could use new GDPR laws as a 'weapon' in Ireland (The Irish Sun) ROGUE nations could use the EU’s new data laws as a “weapon” against companies here. The warning from Lastline intelligence threat director Andy Norton follows new GDPR laws. General Data Protectio…

New Backup Cryptomix Ransomware Variant Actively Infecting Users (BleepingComputer) A new variant of the Cryptomix Ransomware has been discovered that appends the .BACKUP extension to encrypted files, changes the contact email, and provides a different ransom note message.

Forget VPNfilter – here’s BACKLASH, a networking hack from way, way back (Naked Security) With a name like BACKLASH, you might think this hack comes from the era of mechanical devices, with gears and pulleys. You’d be right!

Emerging 5G Technology Could Compromise SIM Card-Dependent IoT Devices on Massive Scale (TrendLabs Security Intelligence Blog) Already, current cellular network technologies such as 3G and 4G allow fast wireless communication. But the next evolution, 5G, is set to afford even faster connections along with greater reliability.

Singapore Security Alert As IoT Vulnerability Impacts SingTel Routers (Information Security Buzz) It has been reported that NewSky Security has uncovered a security vulnerability across all routers from Singapore’s leading internet service provider, SingTel. The uncovered vulnerability could potentially give access to all devices connected to the affected routers. Natan Bandler, CEO & Co-Founder at Cy-oT commented below. Natan Bandler, CEO & Co-Founder at Cy-oT:  “This is yet …

Honda India Left Details of 50,000 Customers Exposed on an AWS S3 Server (BleepingComputer) Honda Car India has left the personal details of over 50,000 users exposed on two public Amazon S3 buckets, according to a report published today Kromtech Security.

Government issues warning on router-hacking virus (Vietnam News) The Ministry of Information and Telecommunications’ Authority of Information Security on Tuesday warned that routers and storages in Việt Nam have been exposed to the VPNFilter virus. 

Is your fitness tracker tracking you? Kaspersky security warning over smart watch and wearables' 'behavioural profiling' (Computing) Wearables' accelerometer and gyroscope signals can be used to identify individual users, claims Kaspersky

Dozens of Vulnerabilities Discovered in DoD's Enterprise Travel System (Dark Reading) In less than one month, security researchers participating in the Pentagon's Hack the Defense Travel System program found 65 vulnerabilities.

Was a Marine Corps website hacked? (Marine Corps Times) The FBI said it neither confirms nor denies the existence of an investigation.

Roseburg Schools pay ransom to recover information following cyber attack (KPIC) Roseburg Public Schools have chosen to pay a ransom to recover data from a computer attack. The cyber attack happened earlier this month, freezing access to the district's email system, website and business and accounting software. Distric

Security Patches, Mitigations, and Software Updates

Chrome 67 Patches 34 Vulnerabilities (SecurityWeek) Google this week released Chrome 67 to the stable channel to provide various improvements, including patches for 34 vulnerabilities.

Apple’s iOS 11.4 security update arrives in an iCloud of silence (Naked Security) We updated to iOS 11.4, because that’s our habit – but Apple still isn’t saying what was fixed yet. How we wish Apple wouldn’t do that!

This month's Windows and Office security patches: Bugs and solutions (Computerworld) The good news? Those embarrassing SSD bugs in Windows 10 version 1803 seem to be fixed. The bad news? Just about everything else.

Cyber Trends

Bitglass 2018 Report: Cloud Security Adoption Trails Cloud Usage, Leaving Two Thirds of Organizations Vulnerable (GlobeNewswire News Room) Security Gap Foreshadows Breach Risks as Cloud Adoption Tops 80 Percent

Estonian cyber-security ranks best in Europe, fifth in the world (SC Media UK) The second iteration of the Global Cyber-security Index announced at Information Society Forum 2017 praises the country for its response to the 2007 attack on its infrastructure from Russia.

Nearly 15 per cent of security pros would rather take their salaries in cryptocurrency (London loves Business) Lastline has today released results from a study of over 200 infosecurity professionals and found that one in seven (14.5 percent) would rather take their salaries in cryptocurrency than traditional, government-backed currency.

Marketplace

Cyber risk still a struggle for insurers (Insurance ERM) Progress in managing cyber risk exposures is continuing, but are insurers doing enough to convince regulators that they understand what they're doing? <strong>Paul Walsh</strong> reports

Cybersecurity skills shortage: vendors step up to address workforce shortfall (Verdict) A cybersecurity skills shortage is leaving companies struggling to hire qualified workers. Can efforts by cybersecurity vendors plug the gap?

Darktrace becomes Cambridge’s 16th $Bn business and No.17 is looming (Business Weekly) Cyber defence technology specialist Darktrace has become the Cambridge UK cluster’s 16th billion dollar company and its fastest to achieve unicorn status.

Ziften enters Germany and Netherlands to disrupt cybersecurity markets (Security Brief) Ziften has expanded into European cybersecurity markets after announcing 2 major partnerships to carry its Microsoft Azure-powered endpoint solution.

Palo Alto's stock rallies toward record high after analyst boosts price target ahead of earnings (MarketWatch) Shares of Palo Alto Networks Inc. PANW, +0.86% rallied 1.1% in morning trade Wednesday, putting them on track for a record close, after a Stifel Nicolaus analyst raised the price target on the network security company less than a week before the company reports fiscal third-quarter results.

Duo Security expands operations following last year's $70M Series D raise (Silicon Prairie News) In less than eight years, Duo Security has become one of the fastest growing venture-backed cybersecurity companies in the world. Since 2010, the Ann Arbor, Michigan-based company has defended organizations against data breaches by making security easy and effective and has expanded to include offices in Detroit; Austin, Texas; San Mateo, California; and London, England....

The dark side of Israeli technology: Six takes on the sale of cyberattack firm NSO (haaretz.com) Unlike companies whose technology protects customers against cyber attack, by any measure, NSO is a weapons firm

Siemens to open cybersecurity centre in Fredericton, create up to 60 jobs (CBC) Siemens will open a cybersecurity centre in Fredericton, creating up to 60 jobs with up to $3.6 million in assistance from the provincial government, Premier Brian Gallant announced on Wednesday.

MinerEye Appoints Cylance Chief Security and Trust Officer Malcom Harkins to Its Advisory Board (PR Newswire) MinerEye, a provider of AI-powered data governance solutions...

Products, Services, and Solutions

Bromium Brings Virtualization-Based Security to the Masses With Targeted Use Cases to Address Key Organizational Pains (GlobeNewswire News Room) Bromium®, Inc., the pioneer and leader in virtualization-based endpoint security that stops advanced malware attacks via application isolation, has announced the release of Bromium Secure Platform 4.1.

NSS Labs Initiates 2019 Advanced Endpoint Protection Group Test and Invites Industry Engagement to Help Evolve its Forthcoming Test and Methodology (GlobeNewswire News Room) NSS Labs, Inc., a global leader and trusted source for independent, fact-based cybersecurity guidance, today announced that it is developing the next iteration of its Advanced Endpoint Detection (AEP) Group Test with results expected to be released in early 2019. As part of today’s announcement, the company is also issuing a call for industry engagement from both enterprises and AEP vendors to help shape and evolve its upcoming AEP Group Test and accompanying methodology.

Imperva Unveils Attack Analytics to Speed Identification of the Most Critical Attacks (BusinessWire) Imperva Attack Analytics automatically group, consolidate and analyze thousands of WAF security alerts to identify the most critical security events

Exabeam Announces Strategic Integration with Carbon Black (GlobeNewswire News Room) Data Sharing Between Platforms Will Help Security Analysts Improve Advanced Threat Detection and Reduce Incident Response Time

U.S. Department of Defense Secures the DTS With Help From Hackers on HackerOne (BusinessWire) HackerOne, the leading hacker-powered security platform, today announced the results of Hack the DTS (Defense Travel System), the fifth U.S. Departmen

Bugcrowd Elevates Standards of Security in Crowdsourced Security Market (GlobeNewswire News Room) SOC 2 Type 1 and ISO 27001 Certifications demonstrate that Bugcrowd’s Crowdcontrol(TM) Platform upholds the highest standards of security

1Password 7: A new design and added security features (Help Net Security) AgileBits has released 1Password 7 for Mac and Windows. The password manager is among the most long-lived and popular offerings of its kind out there.

6 of the best security software solutions for 2018 (Mashable) Tighten up your computer's security with these software suites.

Technologies, Techniques, and Standards

Companies Struggle to Stay On Top of Security Patches (Wall Street Journal) As companies incorporate countless internet-connected devices in their networks, the patching problem is only going to get worse.

Here are the results of the latest Hack the Pentagon (Fifth Domain) HackerOne released the latest results of the Hack the Pentagon initiative.

Special Operations Command Takes Aim At Enemies Hiding Files Inside Seized Electronics (Defense One) Terror groups are using new techniques to reduce the intel value of seized laptops and cellphones.

Considerations For Evaluating Vendor Risk Management Solutions (SecurityWeek) The Vendor Risk Management (VRM) space has quickly become a hot topic this year. It seems like everywhere you turn, new companies offering VRM solutions are popping up.

6 Security Investments You May Be Wasting (Dark Reading) Not all tools and services provide the same value. Some relatively low-cost practices have a major payoff while some of the most expensive tools make little difference

Tips for Hardening Networks Against IoT-based DDoS Attacks (SecurityWeek) Stopping DDoS attacks is not a matter of improving security of IoT devices. Enterprises need to take responsibility and be better at identifying and preventing DDoS attacks as they happen in real time.

The Human Factor In Cybersecurity: Turning A Threat Into A Resource (Forbes) In the last decade, there has been a change in the quantity and type of cyberattacks that we face as a society, especially with regard to zero-day attacks.

How digital spring cleaning can protect your personal information (WMBF News) Cleaning the house may be on your to-do list this spring, but when it comes to de-cluttering you may be overlooking a significant space: your online platforms.

Design and Innovation

'Smart' Vendors Make Splash (Forbes) At last fall’s NetEvents press/analyst/vendor confab, I called out three vendors as ‘sexy.’ This year, the three vendors that stand out are ‘smart.’

Research and Development

DHS S&T Announces Four SBIR Awards to Secure Mobile Device Firmware (Newswise) Four small technology firms were awarded Small Business Innovation Research contracts by the DHS Science and Technology Directorate (S&T) to create solutions that will automate analysis of mobile technology firmware at scale and identify vulnerabilities and prepositioned cyber-threats.

SafeBreach Awarded First Patents in Breach and Attack Simulation Market (GlobeNewswire News Room) Company Extends Leadership and Advances the State-of-the-Art with Three Initial Awards

Academia

Women to be trained on safe net use (ETTelecom.com) The pilot programme will enable trainees to differentiate between credible and questionable information, Facebook said.

Elite Designation for Cyber Ops Program From NSA (UANews) A program at the University of Arizona that began only 18 months ago has been recognized as one of the best in the country for 2018-2019.

Legislation, Policy, and Regulation

Not to Aecon, nor to Huawei: The security of Canada can never be for sale (The Globe and Mail) Ottawa must get serious about protecting the security of Canadians in the face of explicit Chinese plans to use their country’s companies to advance Beijing’s interests

Australian MP is next to call for a ban on Chinese 5G equipment (Telecom Tech News) Australian Labor MP Michael Danby has become the latest politician to call for a ban on buying 5G network equipment from Chinese firms claiming they are ‘controlled’ by the government.

Sen. Mark Warner criticizes Trump's ZTE deal as a mistake (CNET) The leading Democrat on the Senate intelligence committee says ZTE and other Chinese tech companies are closely aligned with the Chinese Communist Party.

Former President Ilves stresses need for united body to fight cyber warfare (ERR) Former Estonian president Toomas Hendrik Ilves has highlighted the need to organize a union aimed at combatting the threat of cyber warfare and in particular in defending liberal democracies worldwide.

Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats (US Department of Commerce) This report responds to the May 11, 2017, Executive Order, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” That order called for “resilience against botnets and other automated, distributed threats,” directing the Secretary of Commerce, together with the Secretary of Homeland Security, to “lead an open and transparent process to identify and promote action by appropriate stakeholders” with the goal of “dramatically reducing threats perpetrated by automated and distributed attacks (e.g., botnets).”

In war against botnets, manufacturers need to step up, report says (Cyberscoop) The problem of botnets — the legions of computers used to carry out distributed denial-of-service attacks — is exacerbated by the fact that developers do not have the cost incentives to build more security into their products, according to a new report from the departments of Commerce and Homeland Security.

5 ways government will fight against botnets (Fifth Domain) A new report from The Departments of Commerce and Homeland security listed many areas where the U.S. can improve its botnet defense, and five where government can get the ball rolling.

DOE Announces New Efforts in Energy Sector Cybersecurity (POWER Magazine) The Department of Energy released its Multiyear Plan for Energy Sector Cybersecurity, asserting DOE's place as the sector specific agency on cybersecurity.

National Assembly debates internet security law (VietNamNet) National Assembly (NA) deputies have raised concerns that the draft law on internet security will prevent Vietnamese citizens and companies from accessing information on the web.

GDPR has established Europe as leaders in data protection (Raconteur) With the introduction of GDPR, Europe has set a precedent for data protection best practice which has been witnessed all over the world. Businesses in non-EU countries wanting to trade with Europe must now comply with these regulations.

Privacy Laws: compliant? Who? Me? (Mondaq) Business collecting any information relating to a natural person are required to comply with Australian privacy laws.

U.S. Commerce Chief Warns of Disruption From EU Privacy Rules (SecurityWeek) The costs of the new GDPR law could be significant, to the point where it may "threaten public welfare on both sides of the Atlantic," according to U.S. Commerce Secretary Wilbur Ross.

The tech giants are fighting privacy regulation: what price will we pay for a free digital society? (Computing) The Developers Alliance's criticisms are self-serving and omit any mention of opportunities, argues privacy campaigner Geoff Revill

Senators Urge Bolton to Reconsider Cyber-Tsar Role (Infosecurity Magazine) Democrats want Trump administration rethink

Obama's US Digital Service Survives Trump–Quietly (WIRED) Team created in 2014 to make the government more tech-friendly soldiers on, helping agencies work more efficiently and save money.

DHS cyber shop continues to push rebrand (FCW) The National Protection and Programs Directorate wants to change its name to match its focus on cross-cutting infrastructure threats.

Cyber Mission Force at Full Power–What Now? (Meritalk) The U.S. Cyber Command is ready for its close-up. The command announced May 17 that all 133 of its Cyber Mission Teams are fully operational, capping a roughly one-month stretch that saw the arrival of a new commander, the opening of a new operations center, and the official designation of Cybercom as a full unified combatant command.

California Senate votes to restore net neutrality rules (Help Net Security) The California State Senate voted yesterday in favor of a bill aimed at restoring the net neutrality protections put in place by the Federal Communications Commission in 2015, and preventing ISPs from engaging in practices that are inconsistent with a free and fair Internet. These protections were repealed by the FCC

Litigation, Investigation, and Law Enforcement

Kaspersky attempt to overturn government ban dismissed by US courts (Computing) Doesn't have leg to stand on, suggests Judge, as she tosses out two Kaspersky lawsuits

Icann Files Suit in Germany in Bid to Clarify GDPR (Infosecurity Magazine) Oversight body’s Whois policy threatens to run foul of new law

Telegram CEO: Apple has “prevented” app updates globally since April (Ars Technica) As a result, Telegram reportedly missed the GDPR deadline in the EU.

Cybersecurity: Why It Matters In M&A Transactions - Security - Austria (Mondaq) The scope of cybersecurity due diligence needs to be assessed on a case-by-case basis.

CIA contractor secretly hoards his classified work (CSO Online) Former CIA contractor Reynaldo Regis pled guilty to keeping secret notebooks of his work within the CIA from 2006-2016 and storing the notebooks in his home.

Expert defense witness for accused leaker Reality Winner is government's former 'Classification Czar' (The Augusta Chronicle) The defense team for a former Fort Gordon contractor suspected of leaking a classified document filed its first notice of an expert witness –

Inmates pirated movies from computers they build with spare parts (HackRead) According to reports, inmates managed to assemble dozens of computers using different parts and pirated software and ran a full-fledged movie network from the prison.

Nuisance call bosses, get your wallets ready! (Naked Security) Currently, only businesses themselves are liable for the fines, so the directors declare bankruptcy and then play whack-a-mole. They may now be held personally liable to the tune of up to £500,000.…

For a complete running list of events, please visit the Event Tracker.

Upcoming Events

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations you face. Like no other time before, data security is crucial to you and your corporate executives. With an avalanche of massive data breaches that compromised millions of users’ data and cost senior-level executives their jobs and the endless other types of attacks that leveraged both new and traditional techniques, 2017 seemed yet another banner year for the infosec industry. We expect this year will be just as active as our attendees will face the challenge of both the criminal element and nation states stepping up their aggressive activities. On top of these, insider threats, supply chain vulnerabilities, regulatory demands and increasing dependence on IoT, AI, cloud apps, mobile devices and still other technologies will continue to convolute your tactical and strategic cybersecurity aims.

Cyber:Secured Forum (Denver, Colorado, USA, Jun 4 - 6, 2018) Cyber:Secured Forum will feature in-depth content on cybersecurity trends and best practices as related to the delivery of physical security systems and other integrated systems. Content is being collaboratively developed by SIA and PSA Security Network’s education teams and will feature top cybersecurity leaders. Additionally, sponsor exhibits will help showcase solutions related to cybersecurity, integrated systems and physical security solutions.

Campaign Cyber Defense Workshop (Boston, Massachussetts, USA, Jun 4, 2018) The Campaign Cyber Defense Workshop brings together experts from the region’s industry, university, and government organizations to address campaign security and effective practices for maintaining campaign integrity -- covering everything from data security to countering reputation attacks.

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, Jun 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience across the enterprise through leading-edge research and thinking on key topics such as agile architectures, BCM, cloud security, privacy and securing Internet of Things (IoT).

Securing Federal Identity (Washington, DC, USA, Jun 5 - 6, 2018) Securing Federal Identity 2018, a highly focused and high-energy event, will feature an in-depth view of the future of federal government policies and technology developments for securing federal identity and access control of facilities and network systems. Experts from the federal government and the security industry will fill the conference agenda and exhibits area to present and future direction of the government’s efforts to manage identities and control access across all federal agencies.

New York State Cybersecurity Conference (Albany, New York, USA, Jun 5 - 7, 2018) June 2018 marks the 21st annual New York State Cyber Security Conference and 13th Annual Symposium on Information Assurance (ASIA). Hosted by the New York State Office of Information Technology Services, in partnership with the University at Albany's School of Business, and The New York State Forum, Inc., the conference is part of a statewide effort to boost cyber security awareness and empower state and local governments, academia, organizations and citizens to take better control of their digital security.

The Cyber Security Summit: Boston (Boston, Massachusetts, USA, Jun 5, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

SecureWorld Chicago (Chicago, Illinois, USA, Jun 5, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

NSA 2018 Enterprise Discovery Conference (Ft. Meade, Maryland, USA, Jun 5 - 6, 2018) Hosted by the National Security Agency and the Federal Business Council (FBC). The EDC is the largest event held at NSA with over 1500 attendees from around the world. EDC provides a collaborative learning experience for professionals in the SIGINT Development field across the U.S. Intelligence Community and the other 5-Eyes partner nations: Australian Signals Directorate (ASD), Communications Security Establishment, Canada (CSE), Government Communications Headquarters, Great Britain (GCHQ), and Government Communications Security Bureau, New Zealand (GCSB).

National Cyber Summit (Huntsville, Alabama, USA, Jun 5 - 7, 2018) The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation’s infrastructure from the ever-evolving cyber threat. Held in Huntsville, Alabama, one of the nation's largest technological hubs, the Summit attracts both government and commercial participants. Long known as the home to Department of Defense organizations and civilian departments and agencies including DHS, NIST, NASA, TVA, NSA and DOE, Huntsville also has many other industries represented. Companies are diverse and include healthcare, automotive and energy industries, academia, genetic research and high technology.

Cyber//2018 (Columbia, Maryland, USA, Jun 6, 2018) Cyber touches all aspects of our life from the myriad of devices we have brought into our homes to those we employ on the job to increase and improve our productivity. Please join us for our 9th annual cyber conference, where we tackle some of the most relevant topics surrounding operating within the cyber landscape.

TU-Automotive Cybersecurity (Novi, MIchigan, USA, Jun 6 - 7, 2018) Co-located with the world's largest automotive technology conference & exhibition. The conference unites players from research labs, automakers, tier 1’s, security researchers, and the complete supply chain to plan for the imminent future.

SINET Innovation Summit 2018 (New York, New York, USA, Jun 7, 2018) Connecting Wall Street, Silicon Valley and the Beltway. SINET New York connects the United States’ three most powerful institutions and evangelizes the importance of industry, government and academic collaboration on security initiatives.

Transport Security and Safety Expo (Washington, DC, USA, Jun 11 - 12, 2018) Security incidents are expected to cost the world $6 trillion annually by 2021, making now the time to find out more at the 2018 Transport Security and Safety Expo. The transportation industry is rapidly digitizing, leading to greater risks and potential impacts from cyber and physical events. Understanding how to better safeguard operations and protect critical networks and infrastructure from damage is paramount, and opportunities like TSSX18 that bring the industry together for training and solutions are welcomed by SANS.

Transport Security & Safety Expo (Washington, DC, USA, Jun 11 - 12, 2018) The conference is devoted to the challenges and opportunities surrounding ensuring the safety and security of passengers and cargo in the digital age.

Dynamic Connections 2018 (Palm Springs, California, USA, Jun 12 - 14, 2018) Together with you, our customers and partners, we’ll come together for 2 ½ days to learn, explore and create the possible at Dynamic Connections 2018 (DC18). To get ahead of the most critical, most pervasive threat we face in the digital domain today, we must reach into the future and pull tomorrow’s innovation forward.

Social Engineering—Rhode Island (Newport, Rhode Island, USA, Jun 16, 2018) Welcome to the first ever social engineering conference in Rhode Island!

Norwich University Cyber Security Summit (Northfield, Vermont, USA, Jun 18 - 20, 2018) Norwich University’s College of Graduate and Continuing Studies (CGCS) is pleased to announce the second annual Cyber Security Summit in June 2018. The summit, presented in a continuing education format, welcomes Norwich alumni and others interested in exploring and discussing the latest in cyber security policy from both the federal level and the practical application of that policy on a local or business level.

NITSIG Meeting: Protecting Controlled Unclassified Information On U.S. Government Contractor Information Systems (Herndon, Virginia, USA, Jun 18, 2018) This meeting will discuss the security control requirements for the protection of Controlled Unclassified Information (CUI), for contractor information systems upon which CUI is processed, stored on, or transmitted through. These requirements must be implemented at both the contractor and subcontractor levels based on the information security guidance in NIST Special Publication (SP) 800-171: Protecting Controlled Unclassified Information In Non-Federal Information Systems And Organizations. The CUI protection requirements are intended for use by federal agencies in contractual vehicles or other agreements established between those agencies and non-federal organizations. Failure to implement the security controls to protect CUI, would be a breach of contract.

Insider Threat Program Management With Legal Guidance Training Course (Tyson's Corner, Virginia, USA, Jun 19 - 20, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance an ITP. A licensed attorney with extensive experience in Insider Threats and Employment Law, will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Management Training.

GovSummit (Washington, DC, USA, Jun 27 - 28, 2018) GovSummit -- the government security conference hosted annually by the Security Industry Association -- brings together government security leaders with private industry technologists for top-quality information sharing and education on security topics affecting federal, state and even local agencies.

The Cyber Security Summit: DC Metro (Tysons Corner, Virginia, USA, Jun 28, 2018) Learn from cyber security experts from The U.S. Department of Justice, The NSA, Pulse Secure, CenturyLink and more as they brief you on the latest security threats facing your business. This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers. Receive $95VIP admission with promo code cyberwire95 at CyberSummitUSA.com ($350 without code). Your registration includes a catered breakfast, lunch, and cocktail reception. Passes are limited. Secure your ticket while space permits.

Impact Optimize2018 (Rosemont, Illinois, USA, Jun 28, 2018) Impact Optimize2018, the first-ever IT and Business Security Summit hosted by Impact, will provide attendees with actionable steps that enable the betterment of information, network and cybersecurity. All of the information presented will be designed to facilitate growth and eliminate risk for organizations of all sizes and across all vertical markets, with security as the firm foundation of every solution. The event will include presentations by subject matter experts, breakout sessions among business leaders and live demonstrations of enterprise security and business software.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, Jul 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s strategic ability to leverage the appropriate people, processes and technology to achieve organisational goals through an enterprise wide integrated asset information strategy.