The CyberWire Daily Briefing 4.17.18

Summary

By The CyberWire Staff

The US, British, and Australian governments yesterday unambiguously attributed a large-scale campaign against vulnerable routers to Russian security services. US-CERT (in an advisory worth reading in its entirety) identified the affected systems: "Generic Routing Encapsulation (GRE) Enabled Devices, Cisco Smart Install (SMI) Enabled Devices, [and] Simple Network Management Protocol (SNMP) Enabled Network Devices." These are, US-CERT notes, widely used by both enterprises and private individuals. Exploitation would need no zero-days. The campaign has successfully taken advantage of insecure legacy installations, beyond end-of-life systems that no longer receive patches, and other poor practices.

The governments making the attribution do so at a time of markedly increased tension between Russia and Western countries. The Salisbury nerve agent attack and Russian support of Syria's Assad regime contribute to those tensions. Observers in the US and UK suggest that Russia is preparing for a cyber campaign against critical infrastructure. Russian moves against connected devices strongly suggest ongoing battlespace preparation, and the prospective targets warn that Russia can expect retaliation should widespread attacks materialize. (British authorities have been notably direct in their warning.)

New US sanctions against Russia haven't yet appeared. They were expected as early as yesterday, but remain under consideration.

Chinese equipment manufacturer ZTE has been subjected to US sanctions, joining Huawei in the penalty box. The UK has also issued security warnings about Huawei devices.

Lookout finds "highly targeted" Desert Scorpion surveillanceware in Google Play. It's associated with APT-C-23, and seems most interested in Palestinian targets. Google has removed it from Play.

Learn how Cylance silences cyber attacks with Artificial Intelligence.

Notes.

Today's issue includes events affecting Australia, China, Iran, Russia, Syria, United Kingdom, and United States.

Cyber is the new battlefield.

Become a Cyber Spartan and Defend the Gates of America. At Invictus International Consulting we are hiring elite cyber, intelligence, and technology experts to serve our government and commercial clients. Join us.

On the Podcast

In today's podcast we speak with our partners at Accenture, as Justin Harvey (joined for the occasion by the head of Accenture's Cyber Defense team, Ryan LaSalle) discuss their 2018 State of Cyber Resilience report. Our guest, Jason Brvenik from NSS Labs, talks us through their Advanced Endpoint Protection (AEP) Group Test, the results of which are being publicly released today.

Sponsored Events

XM Cyber is coming to RSA (San Francisco, California, United States, Apr 16 - 20, 2018) Visit XM Cyber at the Israeli Pavilion, South Hall booth 635, to experience the first automated APT simulation platform to expose, assess and amend every attack path to organizational critical assets.

HackNYC2018 (New York, New York, United States, May 8 - 10, 2018) Cyber attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber attacks that can cause direct or indirect physical damage, injury or death solely through the exploitation of vulnerable information systems and processes. Use code CWIRE20 for 20% off the $50.00 individual ticket price.

8th Annual (ISC)2 Security Congress (New Orleans, Louisiana, United States, Oct 9 - 11, 2018) The (ISC)2 Security Congress brings together the sharpest minds in cyber and information security for over 100 educational sessions covering 17 tracks. Join us to learn from the experts, share best practices, and make invaluable connections. Your all-access conference pass includes educational sessions, workshops, keynotes, networking events, career coaching, expo hall and pre-conference training. Save your seat at congress.isc2.org.

Selected Reading

Dateline

RSAC Innovation Sandbox Leaderboard (RSA Conference) Each year, emerging infosec organizations from around the world come together to compete at the RSAC Innovation Sandbox Contest.

Here’s Your Federal RSA Rundown (NextGov) Officials from DHS, DARPA and NIST are all on the docket.

Microsoft and Intel to use GPU power to identify cyber threats in memory (Computing) New approach to security sparked by Spectre and Meltdown flaws

Securing the Digital World: Intel Announces Silicon-Level Security Technologies, Industry Adoption at RSA 2018 (Intel Newsroom) Microsoft and Cisco Integrate New Intel Threat Detection Technology to Help Defend Against Advanced Security Threats

Microsoft unveils new cloud and edge security offerings (CRN Australia) Revealed at the 2018 RSA security conference in San Francisco.

Cylance Showcases AI Powered Endpoint Detection and Response Solution at RSA 2018 Conference (BusinessWire) Cylance Inc., the company that revolutionized endpoint security with true AI powered threat prevention, today announced its AI driven endpoint detecti

Akamai 2018 Spring Release, In A Nutshell (Security Boulevard) Akamai's most comprehensive and integrated intelligent cloud delivery platform has been serving as the crucial foundation for our customer's growing digital businesses by helping deliver amazing digital experiences their end users expect.

Anomali Announces Collaboration With Microsoft, Providing Customers With Unique Insights Into Their Threat Data (BusinessWire) Anomali, a leading provider of threat management solutions, announced today a collaboration with Microsoft to integrate threat intelligence from the A

Anomali Partners with Visa to Offer Global Payment Breach Intelligence (BusinessWire) Anomali, the leading provider of threat management and collaboration solutions, announced today a partnership with Visa to provide cyber security team

CRN Exclusive: Recorded Future Turns To The Channel To Help Build Integrations With Other Vendors (CRN) Recorded Future expects to encounter security vendors with the money but not the staff, to build integrations as the threat intelligence vendor grows its new Connect Xchange technology partner community.

Cisco Doubles Down on Security Innovation and Investment to Protect the Endpoint and Email (Cisco: the Network) Cisco Introduces New Email Security Services to More Effectively Prevent Phishing and Spoofing Attacks

McAfee Expands Cloud Security Program (SecurityWeek) New cloud security services from McAfee are centered on securing containers in the cloud, and adding consistent security to third-party cloud services.

FireMon Introduces New Global Policy Controller; Delivers Frictionless Network Security Management for the Hybrid Enterprise (Firemon) FireMon Introduces New Global Policy Controller; Delivers Frictionless Network Security Management for the Hybrid Enterprise

RedLock, Barracuda Join Forces to Help Organizations With a Cloud Threat Defense Strategy (WLNS) From the RSA Conference – RedLock, the Cloud Threat Defense company, and Barracuda Networks Inc., a provider of cloud-enabled security and data protection solutions, today announced their joint efforts to help organizations fulfill their responsibilities in securing public cloud environments.

CSS to Showcase Futureproof Digital Identity Solutions for Today's Enterprise & Internet of Things (IoT) at RSA Conference 2018 (PR Newswire) Next Generation, Crypto-Agile Public Key Infrastructure (PKI) and Digital Certificate Management Solutions Fit for Today's Enterprise and the Post-Quantum Computing Era

Qualys Brings Web Application Security to DevOps (PR Newswire) RSA® Conference 2018, Booth #N3815 – Qualys, Inc. (NASDAQ: QLYS), a...

Qualys Announces Two New Free Groundbreaking Services to Help Organizations Gain Visibility of their Digital Certificates and Cloud Assets (PR Newswire) RSA® Conference 2018, Booth #N3815 -- Qualys, Inc. (NASDAQ: QLYS), a...

Media Alert: CIO/CISO Interchange Launches With The Mission To Facilitate Building Security Into The Fabric Of Digital Transformation (PR Newswire) CIO/CISO Interchange, a new non-profit, non-commercial organization,...

Aqua Security Collaborates with VMware to Deliver Runtime Application Protection Across Virtualized and Container-Based Environments (Aqua) Aqua Security, the market-leading platform provider for securing containers and cloud-native applications, today announced a collaboration with VMware that will enable customers to protect applications deployed across both …

Teramind Prevents Insider Threats Combining New Data Loss Prevention F (PRWeb) Teramind Inc. (RSA booth #5110), a provider of insider threat solutions, today announced a new approach to data loss prevention that will continue to help

Echoing TRITON, CyberX's Innovative ICS Security Research Selected for 'Hackers & Threats' Session at the 2018 RSA Conference (PR Newswire) CyberX, the IIoT and industrial control system (ICS) security company, today...

ERPScan Won the Best AI-driven Cybersecurity Product Nomination (PR Newswire) PALO ALTO, Calif., April 17, 2018 /PRNewswire/ -- ERPScan announced today that Cyber Defense Magazine, the industry's...

Rambus Launches CryptoManager RISC-V Root of Trust Programmable Secure Processing Core (BusinessWire) Rambus Inc. (NASDAQ: RMBS) today announced the availability of the CryptoManager Root of Trust, a fully programmable hardware security core built with

IoT Security Milestone for Intrinsic ID Authentication: More Than 100 (PRWeb) Intrinsic ID, the world’s leading provider of digital authentication technology for Internet of Things security and embedded applications, tod

Passwordless enterprise authentication on Windows 10 and Azure AD (Help Net Security) Yubico announced that the new Security Key by Yubico supporting FIDO2 will be supported in Windows 10 devices and Microsoft Azure Active Directory (Azure AD). The feature is currently in limited preview for Microsoft Technology Adoption Program (TAP) customers.

Barracuda Introduces Innovative Approach to Measure Resistance to Phishing Attacks (News Room | Barracuda Networks) PhishLine Levelized Programs Provide an Effective Alternative to Click Rate Metrics

Radware Joins the Cyber Threat Alliance (GlobeNewswire News Room) Non-Profit Organization Brings Together Cyber Security Practitioners to Share Threat Information and Speed Adoption of Preventative Measures

Maryland cybersecurity companies head to San Francisco for RSA Conference (Technical.ly Baltimore) From events to exhibitions, here's a look at the various ways Maryland has a presence at the big event.

Specialty cyber analytics and underwriting firm, Envelop Risk launches (ReinsuranceNe.ws) A new global specialty cyber insurance analytics and underwriting company has launched, called Envelop Risk. Envelop Risk announced the launch of its business at the RSA conference in San Francisco, explaining that it provides cyber risk underwriting to insurers and reinsurers, and partners with cyber security

Cyber Attacks, Threats, and Vulnerabilities

Russia Steps Up Hacking, Spurring U.S.-U.K. Warning on Risk (Bloomberg) Threat to attack networks through routers cited by officials

Russian cyberattacks have targeted millions of computers, including home wifi routers (Times) A global Russian hacking offensive has targeted millions of computers to spy on governments and lay the foundation for an attack on infrastructure, Britain and the United States warned last night.

Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices (US-CERT) Since 2015, the U.S. Government received information from multiple sources—including private and public sector cybersecurity research organizations and allies—that cyber actors are exploiting large numbers of enterprise-class and SOHO/residential routers and switches worldwide. The U.S. Government assesses that cyber actors supported by the Russian government carried out this worldwide campaign. These operations enable espionage and intellectual property that supports the Russian Federation’s national security and economic goals.

U.S. and U.K. Jointly Warn of Russian Cyberattacks (Wall Street Journal) U.S. and U.K. intelligence agencies said Russian cyberattackers are targeting critical internet infrastructure to spy on Western companies and governments, the latest salvo in a diplomatic crisis.

UK And US Accuse Russia Of Hacking Home Routers In Global Cyberattacks (Forbes) A little warning from the British and American governments today: Kremlin-funded spies might have found a way into your home office.

Australian government condemns Russian hackers for attack on Cisco devices (CRN Australia) Routers and switches were targeted in attacks last year.

The White House Warns on Russian Router Hacking, But Muddles the Message (WIRED) By scolding Russia for what looks like typical espionage, the US and UK are blurring red lines in cybersecurity.

If Russia launches a cyber attack on the UK, this is what we can do (The Independent) As tensions rise with Russia, both over the Salisbury incident and the recent strikes on Syria, the risk of a serious cyber attack on the UK has gone up substantially. So, what do we expect?

U.S., Britain Issue Warnings Over Chinese Telecom Equipment Maker ZTE (Wall Street Journal) U.S. and British officials both issued warnings over giant Chinese telecommunications-equipment ZTE, signaling sharply escalating Western scrutiny of the sector.

Lookout finds new surveillanceware in Google Play with ties to known threat actor targeting the Middle East (Lookout Blog) Lookout researchers have identified a new, highly targeted surveillanceware family known as Desert Scorpion in the Google Play Store.

mAPT ViperRAT Found in Google Play (Lookout Blog) Lookout researchers discovered samples belonging to the ViperRAT malware family, a known mobile advanced persistent threat (mAPT), in the Google Play Store.

Security Patches, Mitigations, and Software Updates

Tracking protection in Firefox for iOS now on by default – why this matters (Naked Security) Turning it on by default might sound like a mere tweak, but its the first version of the browser to do this without the user having to consciously turn it on.

Cyber Trends

CenturyLink 2018 Threat Report (CenturyLink) As cyber threats proliferate, businesses, governments and consumers often seek to find the silver bullet for cyber security issues.

Why Mass Transit Could Be the Next Big Target for Cyber Attacks—and What to do About it (SecurityWeek) The constantly evolving tools and methods of cyber attackers has resulted in specific industries becoming the unfortunate subjects of sudden upswings in incident volume and severity.

Marketplace

Cybersecurity and Disruptive Innovations Top List of Concerns for Corporate Boards in 2018 (PR Newswire) Corporate Board Member, a division of Chief Executive Group and a...

70,000 contractors must get notarized letters in next 60 days to continue working for government (FederalNewsRadio.com) The General Services Administration's System for Award Management still is recovering from a second fraud incident in the last three years.

2 days of DoD cloud chatter leaves us all continuing to guess (FederalNewsRadio.com) Contractors and former Defense officials have been ringing the alarm bells over what many see is an internal preference for the military to move to Amazon Web Services.

Could FireEye Be a Millionaire Maker Stock? (The Motley Fool) The company has all the makings for all-star returns, but it hasn’t panned out.

Products, Services, and Solutions

Introducing Ember: An Open Source Classifier and Dataset (Endgame) Over the last decade, machine learning has achieved truly impressive results in fields such as optical character recognition, image labeling, and speech recognition. Advancements in hardware and rapidly growing datasets have been instrumental in this progress, as has the presence of public, open-source, benchmark datasets to track advancements in the field.

Great Bay Software Launches New Network Intelligence Platform to Provide Unmatched Visibility into IoT & Medical Devices on Hospital Networks (PR Newswire) Great Bay Software, a leader in Internet of Things (IoT) security and...

Bring Your Own Encryption to the Public Cloud | BYOE Solutions (Thales eSecurity) Thales eSecurity offers multi-cloud advanced Bring Your Own Encryption (BYOE) to secure your data and reach compliance effectively.

Pragma Crypto, SSH Server & Client Awarded New FIPS-140-2 Certificate (PR Newswire) Pragma Systems, a leading SSH and security software provider, announces...

Remediant Expands Ability to Bring a New Level of Control and Insight Over Privileged Access Through Partner Agreement with Optiv Security (PR Newswire) Remediant today announced participation in Optiv Security's, partner...

Tripwire Debuts Early Access Program for Container Analyzer Service (Tripwire) Security solution expands vulnerability visibility across DevOps life cycle

Symantec Releases Targeted Attack Analytics Tool (SecurityWeek) Symantec is releasing its own targeted attack analytics (TAA) tool to existing Symantec Advanced Threat Protection (ATP) customers free of additional charge.

IBM Adds Intelligence to Incident Response, Threat Management (SecurityWeek) IBM adds intelligent orchestration capabilities to incident response platform and launches new threat and vulnerability management service

EU approves Sectra’s secure smartphone for classified information (Sectra) International medical imaging IT and cybersecurity company Sectra’s (STO: SECT B) encrypted smartphone, Sectra Tiger®/R, has been approved by the European Union (EU) for the communication of information at the RESTRICTED security level (RESTREINT UE/EU RESTRICTED).

DNotes Global, Inc. Announces May 12 Cryptopia Listing Date for DNotes 2.0 (DNotes Global) DNotes Global, Inc. today announced that its DNotes 2.0 digital currency will be listed on the Cryptopia exchange, effective May 12, 2018.

Technologies, Techniques, and Standards

Signing pledge to fight cyberattacks, 34 leading companies promise equal protection for customers worldwide (Cybersecurity Tech Accord) The Cybersecurity Tech Accord is a public commitment among 34 global companies to protect and empower civilians online and to improve the security, stability and resilience of cyberspace.

Research and Development

DOE Announces Investment to Strengthen and Secure the Nation’s Critical Energy Infrastructure (Energy.gov) DOE Announces Investment to Strengthen and Secure the Nation’s Critical Energy Infrastructure

Legislation, Policy and Regulation

White House says Russia sanctions still under consideration (Military Times) The White House scrambled Monday to walk back U.N. Ambassador Nikki Haley’s weekend announcement that new economic sanctions against Russia are imminent, but stressed the penalties are still being considered.

Russia wants Google and Apple to ban Telegram from their app stores (Computing) Russia continues with its assault on encrypted messaging service Telegram

Why New Russia Sanctions Won't Change Moscow's Behavior (Foreign Affairs) The newest round of U.S. sanctions against Russia are unlikely to produce any substantive policy changes from Moscow.

US slaps ZTE with seven-year sales ban a day after NCSC issues security warning over ZTE kit (Computing) ZTE accused of breaking the terms of a settlement over sanctions busting

U.S. Weighs New Trade Action Against China, Over Curbs on Tech Companies (Wall Street Journal) The U.S. is examining ways to retaliate against Beijing’s restrictions on U.S. providers of cloud computing and other high-tech services, effectively opening a new front on its trade offensive against China.

US senators introduce new war authorization with no expiration date (Defense News) Congress wrestles to update presidential 'war on terror' authorization

White House loses cyber coordinator amid adviser exodus (Fifth Domain) Rob Joyce will return to the NSA amid a steady exodus from Trump administration advisory positions.

Litigation, Investigation, and Enforcement

Facebook to face US class-action lawsuit over facial recognition photo tagging (Computing) Facebook tagged used facial recognition technology without users' explicit consent

FBI sought search warrant for CIA, NSA chief Michael Hayden's private email account: Report (Washington Examiner) The FBI filed an application for a search warrant in 2012 for an email account belonging to Michael Hayden, former head of the National Security Agency and CIA, demonstrating the breadth of the Obama administration’s efforts to pursue leaks of classified information to the press.

Industry Events

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

newly Noted Events

3rd Annual Nuclear Industrial Control Cybersecurity and Resilience Overview (Warrington, England, UK, May 22 - 23, 2018) Now in its 3rd year, the Cyber Senate Nuclear Industrial Control Cyber Security and Resilience Conference will take place on May 22/23rd in Warrington United Kingdom. This two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the nuclear supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

Nuclear Asset Information Monitoring and Maintenance (Warrington, England, UK, Jul 3 - 4, 2018) On July 3rd and 4th in Warrington United Kingdom, nuclear industry leaders will meet for the IoE Events Nuclear Asset Information, Monitoring and Maintenance conference to further develop the sector’s strategic ability to leverage the appropriate people, processes and technology to achieve organisational goals through an enterprise wide integrated asset information strategy.

Gartner Security and Risk Management Summit 2018 (National Harbor, Maryland, USA, Jun 4 - 7, 2018) Prepare to meet the pace and scale of today’s digital business at Gartner Security & Risk Management Summit 2018. Transform your cybersecurity, risk management and compliance strategies and build resilience across the enterprise through leading-edge research and thinking on key topics such as agile architectures, BCM, cloud security, privacy and securing Internet of Things (IoT).

Cyber Security Summit 2018 (Newport, Rhode Island, USA, Jul 18 - 20, 2018) Join us for Opal Group’s Cyber Security Summit – set in Newport, RI, this premier event will gather C-Level & Senior Executives responsible for defending their companies’ critical infrastructures together with technology providers & distinguished information security experts. Learn from acclaimed security professionals on how to protect your business from cyber attacks during interactive Panels & Keynote presentations. Convene with fellow influential business leaders, C-Suite executives, investors & entrepreneurs over 3 days of sailing, sessions, and networking opportunities.

5th Annual Industrial Control Cyber Security USA (Sacramento, California, USA, Sep 18 - 19, 2018) Now in its 5th year, this two day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the industrial control supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

2nd Annual Aviation Cyber Security Summit Summit (London, England, UK, Nov 6 - 7, 2018) Now in its 2nd year, the Cyber Senate Aviation Cyber Security and Resilience Summit (AVCIP2018) will take place on 6th and 7th in London United Kingdom 2018. This two-day executive forum will include presentations, roundtable working groups and panel sessions. Together we will address the escalating cyber risk and resilience challenges associated with the adoption and convergence of operational technologies in enterprise facing architecture. Practitioners will gain further insight into how to best respond to evolving cyber threats, the importance of effective risk management throughout the aviation supply chain, innovations in detection and mitigation, configuration management and how can we incorporate resilience into critical control system components and business process.

upcoming Events

Our Security Advocates (San Francisco, California, USA, Apr 17, 2018) OUR Security Advocates highlights a diverse set of experts from across information security, safety, trust, and other related fields. OURSA is a single-track, one-day conference with four topic sessions. In each session, you'll hear short talks from multiple experts followed by a moderated discussion.

5th Annual Cybersecurity Summit (McLean, Virginia, USA, Apr 24, 2018) Join the Potomac Officers Club for the Fifth Annual Cybersecurity Summit to hear from public and private sector leaders on how federal agencies can improve their respective data security measures.

Secutech (Taipei, Taiwan, Apr 25 - 27, 2018) To meet the rising demand for intelligent and customised solutions, Secutech converges security and safety, ICT, IoT, artificial intelligence, big data, edge computing, intelligent video analytics and deep learning to enable you to create new value in the rapidly evolving market, and provide intelligent solutions in factory, retail, healthcare, transportation, home, building and safe city sectors.

Industrial Control Systems (ICS) Cyber Security Conference Asia (Singapore, Apr 25 - 27, 2018) The Central ICS/SCADA Cyber Security Event of the Year for the APAC Region. Three days of multi-track training & workshops for days for operations, control systems and IT security professionals to connect on SCADA, DCS PLC and field controller cyber security.

INFILTRATE (Miami Beach, Florida, USA, Apr 26 - 27, 2018) INFILTRATE is a "pure offense" security conference aimed at the experienced to advanced practitioner. With the late-90s hacker con as its inspiration, the event has limited attendance in order to foster a close-knit, casual and open environment for speakers and attendees. There are no sponsored talks, panels or other gimmicks, just two days of carefully vetted, highly technical talks which present new research in advanced exploitation techniques, vulnerability discovery, malware/implant design, anti-forensics and persistent access. Speakers include hackers from all across the offensive spectrum. The conference also hosts advanced training classes in web hacking, exploit development, cryptanalysis, kernel exploitation, Java attacks and other techniques (April 22-25). Now in its eighth year, the two-day, single track conference is organized by Dave Aitel and Immunity Inc., and is held in warm, sunny Miami Beach.

Automotive Cybersecurity Summit 2018 (Chicago, Illinois, USA, May 1 - 8, 2018) Smart Vehicles. Smart Infrastructures. The 2nd annual Automotive Cybersecurity Summit brings together public and private-sector manufacturers, suppliers, assemblers, technology providers and V2X partners to discuss the increasingly complex and interdependent relationships between smart vehicles and ever-expanding smart infrastructures. The SANS Automotive Cybersecurity Summit was created to develop and foster a culture of cyber-awareness in organizations across the vehicle supply chain as we work together to understand risks, safeguard organizations, their products, and their customer from the evolving threat landscape.

Application of the Law of War to Cyber Operations (Washington, DC, USA, May 3, 2018) Cyber law experts meeting at the George Washington University will cover Title 10 vs. Title 32 vs. Title 50 and the lawful and operational restrictions related to these authorities. The panelists will discuss the legal processes of projecting power in the domain of cyberspace and what capabilities require legal review relating to Defensive Cyberspace Operations (DCO) -- both Internal Defense Measure (IDM) and Response Actions (RA) -- as well as Offensive Cyberspace Operations (OCO).

Global Cyber Security in Healthcare & Pharma Summit (London, England, UK, May 3 - 4, 2018) The number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring together high-level representatives from around the globe to create a cybersecurity roadmap for the future. Attendees will come from all areas of cybersecurity for the healthcare, medical devices and pharmaceutical sectors. Experts will examine the cybersecurity landscape in these three industries, with a particular focus on strategies for protection and incident response, as well as on business/regulatory considerations. Central to the aims of this event is facilitating collaboration and cooperation amongst the diverse stakeholders that will be in attendance.

Secure Summit DC (Washington, DC, USA, May 7 - 8, 2018) (ISC)² Secure Summit DC will assemble the best minds in cybersecurity for two days of insightful discussions, workshops and best-practices sharing. The goal of the event is to equip security leaders to tackle today's threats, as well as arm them with the knowledge, tools and expertise to protect their organizations and advance their careers. Registered attendees will be immersed in two days of insightful, strategic cybersecurity knowledge.

HACKNYC (New York, New York, USA, May 8 - 10, 2018) The recent flood of data breach news may numb us to the threat of attacks with kinetic effects--direct or indirect physical damage, injury, or death. Hack NYC focus’ on our preparation for, and resilience to, the genuine potential for kinetic cyber attack. Be part of defining solutions and illuminate risks aimed at critical national Infrastructure. Hack NYC is about sharing big ideas on how we will fortify our daily life and economic vitality. The threat of attack aimed at Critical National Infrastructure is real as services supporting our communities and businesses face common vulnerabilities and an unspoken kinetic threat.

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, May 8 - 9, 2018) This training will provide the ITP Manager, Facility Security Officer, and others (CIO, CISO, Human Resources, IT, Etc.) supporting an ITP, with the knowledge and resources to develop, manage, or enhance an ITP. A licensed attorney with extensive experience in Insider Threats and Employment Law, will provide legal guidance related to ITP's, the collection, use and sharing of employee information, and employee computer user activity monitoring. Insider Threat Defense has trained over 500+ organizations and has become the "Leader-Go To Company" for ITP Management Training.

SecureWorld Kansas CIty (Kansas City, Missouri, USA, May 9, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Cyber Investing Summit (New York, New York, USA, May 15, 2018) Now in its third year, the Cyber Investing Summit is an all-day conference focusing on investing in the cyber security industry, which is predicted to exceed $1 trillion in cumulative spending on products and services over the next five years from 2017 to 2021. Panels will explore the financial opportunities, trends, challenges, and investment strategies available in the high growth cyber security sector. Speakers include leading cyber professionals, technology analysts, venture capitalists, fund managers, investment advisors, government experts, and more. Attendees will have the opportunity to network with key influencers in the investment and cyber security industries. A cocktail reception will be held following the presentations.

Third Annual Cyber Investing Summit (New York, New York, USA, May 15, 2018) Renowned cyber security executive David DeWalt will deliver the keynote address at the Third Annual Cyber Investing Summit. The Cyber Investing Summit is a unique all-day conference focused on the financial opportunities available in the rapidly growing cyber security industry. Panels will explore sector investment strategies, market growth forecasts, equity valuations, merger and acquisition activity, cryptocurrency protection, funding for startups, and more. Speakers include leading Chief Information Security Officers, VC founders, financial analysts, cyber security innovators from publicly traded and privately held companies, and government experts.

The Cyber Security Summit: Dallas (Dallas, Texas, USA, May 15, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts. Learn from cyber security thought leaders and Engage in panel discussions focusing on trending cyber topics such as Sr. Leadership’s Best Approach to Cyber Defense, What’s Your Strategic Incident Response Plan?, Protecting your Enterprise from the Human Element and more. Your registration includes a catered breakfast, lunch, and cocktail reception. Receive half off your admission with promo code cyberwire50 at CyberSummitUSA.com and view details including the full agenda, participating solution providers & confirmed speakers. Tickets are normally $350, but only $175 with promo code.

Digital Utilitites Europe (Amserdam, the Netherlands, May 16 - 17, 2018) The conference will bring together key industry stakeholders to address the current challenges of the digitisation in the utilities sector. Join us in Amsterdam to hear latest business case studies and gain insight into technological advancements within the industry, as well as unique strategies utilised by to meet demands of rapidly changing energy consumer/prosumer market.

SecureWorld Houston (Houston, Texas, USA, May 17, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 6-12 CPE credits through 30+ educational elements, learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

Ignite18 (Anaheim, California, USA, May 21 - 24, 2018) Palo Alto Networks' sixth annual conference features highly technical insights based on firsthand experiences with next-generation security technologies, groundbreaking new threat research, or innovative technical best practices. Don’t miss this outstanding opportunity to share your expertise with our Ignite community of distinguished security professionals and researchers.

AFCEA/GMU Critical Issues in C4I Symposium (Fairfax, Virginia, USA, May 22 - 23, 2018) The AFCEA/GMU Critical Issues in C4I Symposium brings academia, industry and government together annually to address important issues in technology and systems research and development. The agenda for 2018 focuses on: innovations in software engineering, advances in data security, blockchain impact on C4I, exploiting machine learning, collaborative community resilience, IoT impact on national security, understanding information warfare, innovations in IT acquisition, and disruptive mobility technology.

PCI Security Standards Council’s Asia-Pacific Community Meeting (Tokyo, Japan, May 23 - 24, 2018) Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes and industry expert speakers. The PCI Security Standards Council’s 2018 Asia-Pacific Community Meeting is the place to be. We provide you the information and tools to help secure payment data. We lead a global, cross industry effort to increase payment security by providing industry-driven, flexible and effective data security standards and programs that help businesses detect, mitigate and prevent criminal attacks and breaches.

North American Financial Information Summit (New York, New York, USA, May 23, 2018) Data is the most vital asset of any financial services firm. With volumes increasing exponentially, and the complexity and structure continuously changing, it is more vital than ever to keep on top of EDM strategy and analytical capabilities, while of course remaining compliant. Join us for the only conference around to challenge your current data strategy and evaluate your technology investments. Have your voice heard at interactive workshop tables, learn from peers facing the same challenges at their respective firms, listen to the experts, hear their success stories, and meet 350+ senior decision makers over 5 networking breaks - all this for only one day out of the office!

SecureWorld Atlanta (Atlanta, Georgia, USA, May 30 - 31, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security industry. Join your fellow InfoSec professionals for high-quality, affordable cybersecurity training and education. Earn 12-16 CPE credits through 60+ educational elements learning from nationally recognized industry leaders. Attend featured keynotes, panel discussions, breakout sessions, and solution vendor displays-all while networking with local peers.

RISKSEC (New York, New York, USA, May 31, 2018) Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations you face. Like no other time before, data security is crucial to you and your corporate executives. With an avalanche of massive data breaches that compromised millions of users’ data and cost senior-level executives their jobs and the endless other types of attacks that leveraged both new and traditional techniques, 2017 seemed yet another banner year for the infosec industry. We expect this year will be just as active as our attendees will face the challenge of both the criminal element and nation states stepping up their aggressive activities. On top of these, insider threats, supply chain vulnerabilities, regulatory demands and increasing dependence on IoT, AI, cloud apps, mobile devices and still other technologies will continue to convolute your tactical and strategic cybersecurity aims.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listens all over the world, companies trust the CyberWire to get the message out. Learn more.

Russian cyber battlespace prep? New spyware ejected from Play Store. ZTE in trouble. RSA notes: BigID wins Innovation Sandbox.