Specifically, around the corner at the International Spy Museum's new facility at L'Enfant Plaza in Washington, DC. Our 6th Annual Women in Cybersecurity Reception takes place October 24. The Women in Cyber Security Reception highlights and celebrates the value and successes of women in the cybersecurity industry. The event focuses on networking, and it brings together leaders from the private sector, academia and government from across the region, and women at varying points in their careers. It's not a marketing event; it's just about creating connections. If you're interested in getting an invitation to this year's event, tell us a little bit about yourself and request one here. A very limited number of sponsorship opportunities remain, so please let us know if you're interested.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
Regulatory risk closes a service. Texas under ransomware attack. Eavesdropping on keyboards. "Cyber sports" in the Olympics?
A Reuters exclusive says that Google terminated a service it had offered mobile carriers as a means of testing their network coverage. The company's Mobile Network Insights service had since 2017 offered carriers data collected from Android users who opted in to sharing location and performance data. Although the program was organized on a transparent, opt-in basis, and the data it collected were both anonymized and aggregated, Google apparently decided that Mobile Networks Insights exposed the company to more regulatory risk than it wished to accept.
Authorities in Texas say that at least twenty state agencies have sustained a "coordinated ransomware attack," the Dallas Morning News reports. The state is responding with a multiagency task force led by the Department of Information Resources, with assistance from the Division of Emergency Management, the Texas Military Department, and Texas A&M's Cyberresponse and Security Operations Center.
Science Daily and other sources say that researchers at Southern Methodist University have developed a proof-of-concept in which smartphone sensors could record the sounds of keystrokes on nearby laptops, enabling eavesdroppers to capture and interpret those keystrokes. The technique doesn't seem to represent an immediate threat, but the researchers suggest it should raise awareness of the risks inherent in always-on sensors (like those in smartphones).
TASS is authorized to disclose that Russia's Sport Minister sees a good chance that "cyber sports" will be added to the Olympics in fifteen-to-twenty years. Minister Kolobkov appears to have video games in mind, not capture-the-flag competitions. Practice your Fortnite dance, Olympians.
Today's issue includes events affecting Algeria, Afghanistan, Australia, Canada, Colombia, Ecuador, Estonia, European Union, France, India, Indonesia, Japan, Malaysia, New Zealand, Pakistan, Peru, Russia, Singapore, Slovakia, Sri Lanka, Sweden, Tanzania, United Kingdom, United States, Uzbekistan, and and Vietnam.
Bring your own context.
So, do credentials matter in the various trades and professions that make up the cybersecurity career field?
"I would say they are important, but they're not as important as other things. In fact, there was a blog post on a site called Indeed that was saying one of the problems with job postings is that they tend to demand credentials that aren't really necessary. You know, I would say that you need some tech training in that sort of stuff, but you can be trained on the job. And then, besides that, once you have done some work, credentials come with experience, I guess you'd say, you know, demonstrating that you can do a job is much, much more important than a degree or, you know, some other kind of certificate certification - things like that."
—Taylor Armerding of Synopsis, on the CyberWire Daily Podcast, 8.15.19.
Perhaps there's a suggestion here for hiring managers.
Cybersecurity is a business risk, not an IT problem, and a critical part of business strategy. Security should not be an afterthought. Taking a proactive approach facilitates board-level cyber initiative buy in, supports traction across business units, establishes management alignment for key priorities, and manages data complexity. Let Edwards Performance Solutions better structure and position your cybersecurity program – making it a business asset for continued success.
In today's podcast, out later today, we hear from our partners at the Johns Hopkins University's Information Security Institute, as Joe Carrigan updates us on passwords and single sign-on. We also talk with Ben Waugh, CSO at Redox, who shares thoughts on bug bounties in healthcare.