Recorded Future researchers have scoured open web, dark web, and technical sources to discover which vulnerabilities are being actively exploited by cybercriminals. Download the report now.
We close out our coverage of the Billington Cybersecurity Summit today, with a look at the keynotes delivered by the heads of the UK's GCHQ and US Cyber Command. We also share a look at US Federal cyber priorities, and offer an account of discussions of the challenges of cyber deterrence, and of securing space systems.
A number of observers were struck by apparent similarities between the British Airways breach and the earlier incident at Ticketmaster. This morning RiskIQ offered an explanation for the similarity: the company says that the two hacks were conducted by the same criminal group, "Magecart." The company has been tracking Magecart since 2015. The researchers also say the gang remains active on an unusually large scale, conducting "digital skimming" attacks against a range of enterprises: they scan for websites that don't secure payment card data entry forms, and then take whatever's available. This time their attack seems to have been more tailored than usual. British Airways hasn't commented on the attribution.
Trend Micro has responded to accusations that surfaced over the weekend and resulted in the ejection of some of its security apps from the Apple Store. They don't, the company says, report anything to Chinese servers. And the data collection on user systems they do perform is a one-time thing at the time of installation, not an ongoing scraping of information. Furthermore, it was fully disclosed in the end-user license agreement. Trend Micro says it's now discontinued that particular feature in its apps.
An important case goes before the European Court of Justice this week. Google will be challenging aspects of the EU's "right to be forgotten." In this case Google seems to be on the side of the free-speech angels: many observers see broad application of the right to be forgotten as the entering wedge of more intrusive censorship.
Today's issue includes events affecting China, Estonia, European Union, France, Georgia, Israel, Italy, Russia, United Kingdom, and United States.
A quick note to our readers: Hurricane Florence is expected make a landfall on the Carolina Banks Thursday afternoon. Here in Baltimore we're north of its track, but we're already seeing heavy rains and some minor local flooding. We don't expect to receive a crippling hit, although of course that could change. If we should miss a day or two (which we don't expect) it's because we're weathered in, not because we've quit on you. Should we go dark for a bit, we'll be working to restore service as soon as possible. If you're in the Carolinas or anywhere else in the storm's path, stay safe and keep out of harm's way. Best of luck to all.
Insider threat incidents come with a hefty price tag, according to the “2018 Cost of Insider Threats: Global Organizations” report released by independent research group, The Ponemon Institute. Make sure that you understand the full context (and cost) of these threats by downloading the full report. Get your copy today.
In today's podcast, we hear from our partners at Accenture, as Justin Harvey shares tips on building an effective incident response plan. Our guest is Colin McKinty from BAE systems, discussing the launch of The Intelligence Network, a collaborative task force developed in partnership with Vodafone and Surrey University, to engage, unite and activate the global security community in the fight against cybercrime.
Also, in case you missed it, Recorded Future's podcast, produced in cooperation with the CyberWire, has its latest edition up. This one features an interview with Chris Wolski, head of information security and data protection at Perdue Farms. He shares insights into protecting Purdue's brand, product, and people at the intersection of the cyber and physical worlds.
Two of the Five Eyes share their cyber priorities. (The CyberWire) Among the Summit's highest profile presentations were keynotes by Jeremy Fleming, Director of Britain's Government Communication Headquarters (GCHQ) and General Paul Nakasone, Director of US Cyber Command and Director, National Security Agency (NSA). They were clear that the special relationship between the agencies they lead is strong, and they were equally in agreement that cyberspace is now a principal arena of great power competition.
Why DHS needs better mobile security than other agencies (Fifth Domain) The top IT officer at the Department of Homeland Security explained the different types of threats DHS faces.
US Federal priorities: military and civilian. (The CyberWire) A number of senior US civilian officials and military officers represented their organizations at the Summit. There was a general consensus that cybersecurity increasingly pervades everything their enterprises do (but that everyone needs to do more security-by-design), that legacy systems remain a field of vulnerabilities (and that their modernization and replacement represents an opportunity to improve security), and that the Government competes for cyber talent at a disadvantage (and must look for creative ways of attracting people into Federal service).
Two special cases: space systems and cyber deterrence. (The CyberWire) Two panels addressed special challenges: securing space systems against cyberattack, and building an effective regime of cyber deterrence.
Hackers that compromised Ticketmaster blamed for British Airways security breach (Computing) Magecart's malicious JavaScript so pervasive that commerce websites are being compromised every hour
The British Airways Breach: How Magecart Claimed 380,000 Victims (RiskIQ) RiskIQ data shows Magecart was behind the British Airways breach by compromising javascript on the airline's website with an extremely targeted attack.
How Hackers Slipped by British Airways' Defenses (WIRED) Security researchers have detailed how a criminal hacking gang used just 22 lines of code to steal credit card data from hundreds of thousands of British Airways customers.
British Airways hacking: how not to respond to a cyber attack (The Conversation) BA's handling of the latest corporate cyber attack shows a catalogue of missed opportunities.
Answers to Your Questions on Our Apps in the Mac App Store (Trend Micro) Reports that Trend Micro is “stealing user data” and sending them to an unidentified server in China are absolutely false. Trend Micro has completed an initial investigation of a privacy concern related to some of its MacOS consumer products. The results confirm that Dr Cleaner, Dr Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and...
Three Trend Micro Apps Caught Collecting MacOS User Data (Dark Reading) After researchers found the security apps collecting and uploading users' browser histories, Apple removed the apps from its macOS app store and Trend Micro removed the apps' browser history collection capability.
Mac App Store: Tools von Trend Micro schicken ebenfalls Daten nach China – ist es wirklich Trend Micro? (MacTechNews.de) Der "Adware Doctor" war kein Einzelfall, auch andere populäre Systemtools aus dem Mac App Store greifen unbemerkt Nutzerdaten ab und schicken diese nach China. Apple verbannte fragliche Programme von Trend Micro – muss sich jetzt jedoch die Frage stellen, wie man derlei Vorfälle in Zukunft verhindern kann.
North Korean hackers' evolution on display in US case (Nikkei Asian Review) Extensive legwork employed to gain trust before attacks unleashed
China-linked Hackers Use Signed Network Filtering Driver in Recent Attacks (SecurityWeek) China-linked hackers have been using a digitally signed network filtering driver as part of recent attacks to inject a Trojan into the lsass.exe system process memory.
Exploit vendor drops Tor Browser zero-day on Twitter (ZDNet) A company that sells exploits to government agencies drops Tor Browser zero-day on Twitter after recent Tor Browser update renders exploit less valuable.
A Closer Look at the Locky Poser, PyLocky Ransomware (TrendLabs Security Intelligence Blog) We observed waves of spam email delivering the PyLocky ransomware, which posed a challenge to static machine learning-based solutions.
IoT Botnets Target Apache Struts, SonicWall GMS (SecurityWeek) Mirai and Gafgyt Internet of Things (IoT) botnets are targeting vulnerabilities in Apache Struts and the SonicWall Global Management System (GMS)
Fake Beto O'Rourke Texts Expose New Playground for Trolls (WIRED) Someone hijacked a volunteer tool to make it look like Beto O'Rourke encouraged voter fraud—and that could just be the beginning.
Keybase browser extension weakness discovered (Naked Security) Respected researcher Wladimir Palant has recommended users “uninstall the Keybase browser extension ASAP” after discovering a gap in its end-to-end encryption.
APIs: The Trojan horses of security (Help Net Security) Cybercriminals have realised that API calls that originate from inside an app are a blueprint for the infrastructure inside a data centre.
Driverless cars could become a prime target for hackers, top researcher warns (NS Tech) A top security researcher has warned that as objects become more connected through the internet of things, security considerations should be paramount in order to avoid real-world consequences. Speaki
Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob (WIRED) Weak encryption in Tesla Model S key fobs allowed all-too-easy theft, but you can set a PIN code on your Tesla to protect it.
The rise of targeted ransomware (Naked Security) Ransomware hasn’t gone away, but it is getting quieter and more targeted.
Verizon details breaches they were called in to investigate (Help Net Security) Each Verizon Data Breach Digest is a separate cybercrime case study. This year, each of the 18 case studies has been released separately.
Yikes: 1 in 5 employees share their email passwords with coworkers (Naked Security) 19% of employees of small and medium-sized businesses share their passwords with coworkers or assistants, according to a recent survey.
Midland to pay ransom after cyber-attack (Barrie CTV News) The Town of Midland is preparing to pay a ransom after hackers locked down a portion of its computer system more than week ago.
VPN Firms Release New Patches for Privilege Escalation Flaw (SecurityWeek) VPN companies ProtonVPN and NordVPN have another go at patching a serious privilege escalation vulnerability for which fixes were first released in April
Google Launches Alert Center for G Suite (SecurityWeek) Google is making it easier for G Suite administrators to access notifications, alerts, and actions by bringing them all together in a single place with the launch of a new alert center.
Supermicro servers fixed after insecure firmware updating discovered (Naked Security) Researchers have sounded a warning about the security of Baseboard Management Controllers (BMCs) – a critical component that datacentres depend on to manage servers.
Silent 5G Radio Bug Discovered by 7SIGNAL Hospital Customer (PRNewswire) One of nation's largest not-for-profit health plans discovers critical Wi-Fi bug, solves issue with 7SIGNAL
US Signal’s 2018 IT Resiliency Survey Reveals that 70 Percent of US Bu (PRWeb) US Signal, a leading end-to-end IT solutions provider, today announced the results of its 2018 IT Resiliency Survey. The survey reveals that 70 perc
Sound, Fury, And Nothing One Year After Equifax (Simply Security) One year ago today, Equifax suffered what remains one of the largest and most impactful data breaches in U.S. history. Last September, it was revealed that the personal information of 145 million Americans, almost 700,000 UK citizens, and 19,000 Canadians was stolen by cybercriminals. This information included names, addresses, birthdays, Social Security numbers, and—in some...
Burning down the house: CEO attitudes to cyber security all wrong (CIO) "How many houses burn down every year, compared to how many people buy house insurance?”
As Google turns 20, questions over whether it's too powerful (AP News) Twenty years after Larry Page and Sergey Brin set out to organize all of the internet’s information, the search engine they named Google has morphed into a dominating force in smartphones, online video, email, maps and much more.
Google Is Handing the Future of the Internet to China (Foreign Policy) The company has been quietly collaborating with the Chinese government on a new, censored search engine—and abandoning its own ideals in the process.
Huawei & Honor's Recent Benchmarking Behaviour: A Cheating Headache (AnandTech) Does anyone remember our articles regarding unscrupulous benchmark behavior back in 2013? At the time we called the industry out on the fact that most vendors were increasing thermal and power limits to boost their scores in common benchmark software. Fast forward to 2018, and it is happening again.
As Kaspersky Deadline Approaches, Fears Loom That Contractors Aren’t Prepared (Nextgov.com) Some contractors may not be aware the ban applies to them or that they’re running Kasperksy in the first place. Others don’t understand how complex removing it will be.
OverWatchID Closes $2.5M Financing Round Led By WestWave Capital and Silicon Valley Data Capital (GlobeNewswire News Room) Cybersecurity Firm Extends Seed Round Following Strong VC Interest
Bitdefender on Growth Trajectory with Strategic Investments in Second Half 2018 (Bitdefender) Bitdefender builds on products, partnerships and people with APAC M&A, major licensing deal and new hires
Former Gartner Security and Risk Management Analyst Ian McShane Joins Endgame as Vice President of Product Marketing (Endgame) McShane brings critical knowledge and know-how to the company as it accelerates enterprise momentum and evolves its feature-rich endpoint security platform.
Bitdefender Appoints Monika Goldberg as Vice President of Corporate Marketing (Bitdefender) Following a series of strategic leadership recruits, Bitdefender continues to invest in its go-to-market capabilities with an executive marketing hire
Tor launches official anonymous Android browser (Cyberscoop) Although there has long been a slate of third-party mobile Tor apps, the official app is now slated to be released in early 2019.
RedSeal Launches Remote Administrator Managed Service to Augment Customers’ Security Teams and Make Network Situational Awareness More Widely Available (GlobeNewswire News Room) RedSeal, the leader in network modeling and cyber risk scoring, today introduced RedSeal Remote Administrator, a new managed service to augment customers’ security teams, make network situational awareness more widely available, and help customers increase their digital resilience.
Splunk equips Global Emancipation Network in the fight against human trafficking (iTWire) Non-profit anti-trafficking organisation, the Global Emancipation Network, or GEN, has launched a new Splunk-powered technology platform aimed at figh...
FireMon and KUBRA Partner to Deliver Secure Customer Experience Management Solutions Across North America (FireMon) FireMon and KUBRA Partner to Deliver Secure Customer Experience Management Solutions Across North America
ESET targets ransomware with new security solutions (Punch Newspapers) ESET, a European Union-based endpoint security company, has announced the launch of its new line of enterprise security solutions
‘Only paper ballots by 2020!’ call experts after election tampering (Naked Security) The National Academy of Sciences says the US election system uses insecure technology and is fighting off attempts to destabilize it.
Analysis | The Cybersecurity 202: The U.S. is warning Congo that using electronic voting machines could backfire (Washington Post) The advice underscores the fact that many U.S. states still rely on aging systems.
FDA to bolster cybersecurity of medical devices (Star Tribune) Industry, officials work to boost security of medical devices.
How Automation Helps Security Managers (SecurityWeek) Stan Engelbrecht explains at how automation and orchestration can replace chaos with order, and how security folks in management positions can benefit from this needed change.
Professionalizing Cybersecurity Practitioners (SecurityWeek) Done correctly, a cybersecurity professional body will benefit the nation, its businesses, and the practitioners. Done badly, it could prove an unmitigated disaster.
Certifications A Part Of ‘Vicious Circle’ In Cyber Security Space? (Cyber Security Hub) Amid a talent crisis, the cyber security space is relying on grassroots efforts to build awareness, but also on security certifications. How valuable are they for enterprise teams? We investigate.
Everything You Should Do Before—And After—You Lose Your Phone (WIRED) Misplacing your smartphone—or worse, having it stolen—is awful. But you can at least minimize the damage with a few easy steps.
How internal dysfunction puts your network at risk (Help Net Security) There are consequences for organizations where network and cybersecurity teams have conflicting objectives, and have incomplete network visibility.
Too Many Tools? How Many Tools does the SOC Have? (Bricata) Studies show the security operations center (SOC) may have anywhere from 10 to 100 cybersecurity tools. The real problem, however, isn’t the number of tools, but the lack of integration. #securityanalytics #securityintegration #soc
Government has the foundation to make blockchain its secret defense (Fifth Domain) Thwarting data manipulation means a manual audit log process, advanced user behavior analytics and countless man-hours. Blockchain removes these time consuming requirements.
DARPA funds next-generation AI (FCW) The $2 billion 'AI Next' campaign aims to transform computers from specialized tools to partners with contextual reasoning capabilities.
New Report Details Most Universities Too Slow to Respond to Cyber Threats (PRNewswire) EfficientIP DNS Threat Report reveals 73% of institutions took 3 days+ to apply a patch, leaving them vulnerable to attacks
Secure Channels Blending Academic Theory and Practical Experience by Partnering with Georgetown University's Technology Management Graduate Program (PRNewswire) Program Headed by Dr. Maria F. Trujillo Brings Together Graduate Students and Secure Channels Executives to Work on Dynamic Cybersecurity Problems
Putin Wants God (or at Least the Church) on His Side (Foreign Policy) A contest over the future of Christianity in Ukraine goes to the heart of Moscow's ambitions.
Russia's cyber activities are a concern, but they're still a trade partner: Italian defense minister (CNBC) The leading parties of Italy's new government have long advocated an end to Western sanctions on Russia and supported closer relations with the Kremlin.
Estonia’s First Cyber Ambassador Seeks to Improve Global Cyber Defense (Wall Street Journal) Estonia’s first dedicated cyber ambassador took office on Monday, following several nations that are considering how diplomats can shape cybersecurity policy.
Secretary Kirstjen M. Nielsen Remarks to the National Election Security Summit (Department of Homeland Security) On September 10, Secretary Nielsen gave remarks to the National Election Security Summit.
Former Cyber Diplomat Says U.S. Cutback Sends Wrong Message (Wall Street Journal) While Estonia and other countries expand their diplomatic efforts on cybersecurity, the U.S. Department of State downsized its relevant office last year when Deputy Assistant Secretary Rob Strayer replaced Chris Painter, the outgoing coordinator for such issues who took office in 2011.
The House is Shuttling Through Tech and Cyber Bills but the Senate’s Behind (Nextgov.com) The House passed bills on cyber sanctions, supply chain security and CDM last week.
Rep. Luetkemeyer introduces breach-notice bill focused on finance sector (Inside Cybersecurity) Attempting to move past a long-running inter-sector stalemate over breach-notification legislation, House Financial Services subcommittee Chairman Blaine Luetkemeyer (R-MO) today introduced legislation that would codify notice requirements for financial services entities including insurers.
One Year After Equifax Breach: Criminal Charges, New State Laws and Lost Chances (Wall Street Journal) In the world of cybersecurity, a crisis can be a great motivator. But one year after credit reporting firm Equifax Inc. announced a major data breach, security and policy experts said it has largely been a missed opportunity.
Cybersecurity Background Key for New Information Officer at GPO (Roll Call) Longtime federal cybersecurity and IT expert Sam Musa will be the new CIO for the GPO.
Census CISO to retire; DHS, State name new cyber leaders (FederalNewsRadio.com) Mark Kneidinger becomes the deputy director of DHS’ new National Risk Management Center to further add to the organization’s leadership ranks.
Google in legal battle with EU over 'right to be forgotten' (The Telegraph) Europe's top judges will today hear a landmark case to determine people's "right to be forgotten" online, in a battle to determine whether personal privacy online is more important than public interest.
Google in France's firing line as right to be forgotten hearing arrives at ECJ (Euractiv.com) It may be your right to be forgotten, but that doesn't mean you can't be found. That is the big issue on the cards on Tuesday (11 September) as France's data regulator locks horns with Google in a hearing on the global application of the EU's right to be forgotten ruling.
Google Case Asks: Can Europe Export Privacy Rules World-Wide? (Wall Street Journal) Google this week will argue in EU’s top court against expanding “right to be forgotten,” the highest-profile case yet to test where jurisdiction begins and ends with data.
Expanding Right To Be Forgotten slippery slope to global censorship, warn free speech fans (Register) Top EU court to rule whether order made in France should be applied everywhere
Russia is main suspect in mystery attacks on U.S. diplomats in Cuba (NBC News) The strong suspicion that Russia was behind the alleged attacks is backed by signals intelligence, meaning intercepted communications, say U.S. officials.
Attackers Made 9,000 Unauthorized Database Queries in Equifax Hack: Report (SecurityWeek) It took Equifax 76 days to detect the massive data breach in 2017, despite the attackers running 9,000 unauthorized queries on its databases, according to a GAO report
A year after Equifax breach, no enforcement actions (AP News) A new report by congressional investigators details how hackers broke into Equifax last year in a breach that exposed the financial information of more than 145 million Americans.
Senate Intel Won’t Have Russia Report By Midterms, Top Democrat Says (Roll Call) Sen. Mark Warner, D-Va., said Sunday the Senate Intelligence Committee would likely not release its report on Russian election interference by the midterms.
Aide shocked by Stirling professor’s claims Russia had Clinton emails (Times) A former aide to Donald Trump has recalled his shock when a Stirling University academic allegedly offered him “categorical” assurances that Russia possessed dirt on Hillary Clinton. George...
Russian extradited to U.S. to face charges over JPMorgan hack (Reuters) A Russian man has been extradited to the United States from Georgia on charges that he took part in a massive computer hack, which targeted JPMorgan Chase & Co and other U.S. companies, U.S. prosecutors announced on Friday.
For a complete running list of events, please visit the Event Tracker.
Infosecurity North America (New York, New York, USA, Nov 14 - 15, 2018) With 23+ years of global experience creating leading information security events, Infosecurity Group is coming to New York in November 2018. Infosecurity North America will provide a focussed business event environment that facilitates valuable networking, immersive learning and leads the critical debate through cutting-edge content. The Infosecurity North America conference program provides access to the latest information security insight presented by leading experts, practitioners and thought leaders. The panel discussions, presentations, demos and workshop will provide you with the information and skills you need to strengthen your organization’s cyber defenses against the threats of tomorrow.
2018 International Information Sharing Conference (Tysons Corner, Virginia, USA, Sep 11 - 12, 2018) Join representatives from fellow information sharing groups with all levels of expertise, security practitioners, major technology innovators, and well-established cybersecurity organizations, as they come together to discuss the impact ISAOs have had on the nation’s security, share lessons learned, and discover the latest in cybersecurity policy. Attendees will gain the knowledge needed to learn how to improve information sharing with keynote addresses by industry experts, senior government, and international thought leaders, presentations on key topics and panel discussions of interest to the Information Sharing community, technology demonstrations from service providers and vendors addressing information sharing challenges. There will be many networking opportunities and exhibits.
SecureWorld Detroit (Detroit, MIchigan, USA, Sep 12 - 13, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.
Cybersecurity for Small & Medium Sized Businesses (Gaithersburg, Maryland, USA, Sep 13, 2018) Learn about technical, legal, cultural and policy cybersecurity issues facing small and medium sized businesses. Panelists include: Markus Rauschecker, J.D. University of MD. Center for Health and Homeland Security (CHHS); Ira Kolmaister, Network Alarm Corporation; Yossi Applebaum, SEPIO Systems; Ken Stalder, Sherpas Cyber Security Group; Moderator: Ellen Cornelius, University of MD CHHS. Panel discussion with questions and answers from 3:30- 5:00pm, with a networking reception to follow. More information and RSVP at the link.
International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference (Atlanta, Georgia, USA, Sep 17 - 19, 2018) The International Consortium of Minority Cybersecurity Professionals (ICMCP) 3rd Annual National Conference continues to elevate the national dialogue on the very necessary strategic, tactical and operational imperatives needed to attract and develop minority cybersecurity practitioners. By providing a combination of thought leadership, awareness and engagement, the 3rd Annual National Conference will seek to break from the norm of day-long sessions of talking-heads through interactive “decode sessions” intended to include conference attendees in helping to devise innovative strategies to tackling cybersecurity’s diversity challenges.
Air Space & Cyber Conference (National Harbor, Maryland, USA, Sep 17 - 19, 2018) Gain new insights and skills to advance your career. Be among the first to see the latest innovations in airpower, space, and cyber capabilities all the while bonding with your fellow Airmen. Inspiring addresses from recognized leaders in your Air Force will give you drive for taking your career to the next level. You can do all of this and more at AFA’s annual Air, Space & Cyber Conference (ASC).
SecureWorld St. Louis (St. Louis, Missouri, USA, Sep 18 - 19, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.
SINET Global Cybersecurity Innovation Summit (London, England, UK, Sep 18 - 19, 2018) SINET, an organization focused on advancing cybersecurity innovation through public-private collaboration, today announced that its annual Global Cybersecurity Innovation Summit (GCIS), will take place September 18-19, 2018. SINET’s collaborative forum brings together a notable group of senior level industry and government cybersecurity professionals. The event, supported by Her Majesty’s Government and the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T), will be held at The British Museum in London.SINET GCIS will provide exclusive opportunities for attendees to engage directly with a select network of influential thought leaders, solution providers, researchers and investors from the global security community. The events are recognized among technology companies as a unique and exclusive opportunity for sponsors to schedule 1:1 meetings with top-level decision makers. These 15-minute meetings grant technology companies the opportunity to introduce their solution to high-level executives within targeted industries and source feedback from knowledgeable buyers.
5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, Sep 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the industrial control supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.
Security in our Connected World (Beijing, China, Sep 19, 2018) This year’s seminar will not only examine critical security technologies, such as the Trusted Execution Environment (TEE) and Secure Element (SE), but will also delve into their associated business and technical use cases, to explore more deeply the need for security in our connected world. Timely and relevant seminar topics to include a focus on the Internet-of-Things (consumer, industrial and enterprise), identification and authentication, payment and value-added services, premium content protection, device trust, and certification. And, as always, delegates will be able to witness ‘real world’ solutions from our sponsoring/exhibiting member organizations.
Detect 18 (National Harbor, Maryland, USA, Sep 19 - 21, 2018) Detect '18 is the single largest conference dedicated to threat intelligence. This year we're calling on fellow "Threatbusters" to wage a high-tech battle against apparitions (aka bad actors) and learn how to better save the world from cyber destruction! At Detect '18 you will be able to: immerse yourself in 30+ hours of education and training; chooose from 30+ breakout sessions designed for every experience level; listen to peer presentations highlighting real-world issues and solutions; network, network, network with your peers in a social setting; and earn CPE Credits to keep your credential current.
Cyber Beacon (Washington, DC, USA, Sep 20, 2018) Cyber Beacon is the flagship event of the National Defense University's College of Information and Cyberspace (NDU CIC). The conference brings together cyber experts from across the national security community, private sector, and academia to discuss the most pressing problem sets concerning cyberspace and national security. This year's theme is "decision making in cyberspace". Cyber Beacon V will be held on Wednesday 19 and Thursday 20 September 2018 at the NDU campus on Fort McNair in Washington, DC.
IT Security Leadership Exchange (Phoenix, Arizona, USA, Sep 23 - 25, 2018) IT Security Leadership Exchange is an invitation-only, strategic business summit that gathers Chief Information Security Officers (CISOs), senior decision-makers, and industry experts to address the unique needs and current challenges faced by enterprise cyber security leaders. A CISO’s role requires hands-on technical knowledge and understanding of security tools, techniques, and procedures combined with the need to manage up, down, and across the organization. This summit is the perfect platform for leaders to share information, gain insight and develop next-level strategy. Information security executives from across the country will come together for 2 days of peer breakouts and networking to answer the toughest questions facing them today.
