Earlier this year, it appeared Russian state sponsored actors had not only hacked the Democratic National Convention and Democratic Congressional Campaign Committee, they were using the purloined information for a propaganda operation insider the United States to attempt to influence the election. Now that the United States has made it clear there will be retaliation for this, we may have crossed over to open cyberwar. This talk will talk about the lead up to where we are today, what the likely outcomes of two developed nations attacking each other will be and what it means for consumers and enterprises who still most operate globally.Read more >
Karen Terrell, Vice President, SAS Federal
Alec Ross, former Senior Adviser for Innovation to Hillary Clinton and author
This week's Cyber Defense webcast sums up key presentations at Black Hat including thoughts on the Cold War. Industry news includes Sourcefire's Q2 earnings statement as well as the introduction of Razorback.Read more >
U.S. consumers rate national security in relation to war or terrorism as their top security concern, though fears over viruses/malware and hacking are rising dramatically, according to the new Unisys Security Index™ that surveyed more than 13,000 consumers in April 2017 in 13 countries. This study, the only recurring snapshot of security concerns conducted globally, gauges the attitudes of consumers on a wide range of security-related issues.Read more >
The future of cybersecurity has already begun and the bad guys are in the lead. Automation is the first step to a future where attacks are not sporadic but constant. We’re exiting the musket era of cyberthreats and entering the semi-automatic age. The future will be constant carpet bombing. The only way good guys will keep up is by automating themselves and getting AI involved. The far future of cyberwar will be AIs fighting AIs, and humans will only be brought in when the AI needs help to make choices. Bad guys will get alerts when their AI manages to crack into that juicy target the AI was set after. Good guys will get alerted when the bad guy seems to have slipped through and been detected and choices about what assets to lose need to be made. The AIs will be more than the foot soldiers. Humans will be in the commander in chief role, but in the future just about every other role will be some form of AI which can do the millions of calculations per second to counter the constant bombardment with maximum automated efficiency.Read more >
Recent cyberattacks on Target and Sony catapulted the issue of Cybersecurity into the national consciousness. Today, national security and privacy issues—like encryption—are at the center of a national debate. In this session, P.W. Singer, New America Foundation cybersecurity expert and best-selling author of Cybersecurity and Cyberwar: What Everyone Needs to Know, will provide an analysis of the latest issues and events and paint a clear picture of the increasingly complex cybersecurity landscape.
Customer Convo: Threat Analysis
A run down on the preparations nations are making to engage in cyberwar. An introduction to the technologies, tools, and services used to counter targeted attacks.Read more >
BAYAS (Swahili word for 'badness' aka. malware of any kind, shape or form) continue to grow in number as script kiddies, hacktivists, organised crime and nation-state actors use them to deface websites, steal money, engage on cyber-warfare or "simply" to disrupt large businesses or nation-critical infrastructure.
However, malicious software don't exist in a vacuum; any piece of malware is designed to call-back home sooner or later: to download additional malware, to report back to a C&C server or to exfiltrate data. How can Incident Responders detect hidden malware on the network using open-source tools and what patterns do they need to look for? In my webinar, I will share lessons learnt from practical traffic analysis in the field (i.e. predominate communication protocols, current trends, etc.) and present some effective techniques used to filter suspicious connections and investigate network data for traces of malware using tools like Wireshark, Snort and Bro.
About the speaker:
Ismael Valenzuela 13 years years experience in IT security and currently works as Principal Architect at McAfee Foundstone Services in EMEA. Author of security articles for Hakin9, INSECURE Magazine and the SANS Forensics Blog, Ismael also has experience teaching at BlackHat, serves on the GIAC Advisory Board and is a Community SANS Instructor for the Computer Forensics and Intrusion Detection tracks.
He holds a bachelor's degree in computer science from the University of Malaga (Spain), is certified in Business Administration, and holds several professional certifications including. He is Lead Auditor from Bureau Veritas UK.
Some of his articles are freely available at http://blog.ismaelvalenzuela.com.
Mr. Valenzuela can be followed on twitter at @aboutsecurity
It’s no surprise that cyber security is the #1 concern for federal information executives in 2012. Cyber-attacks on the federal government have increased 680% in the last 6 years. The threat posed by increasing cyber-attacks is only heightened by vulnerabilities in federal systems supporting critical infrastructure.
To counter cyber incidents such as nation-state sponsored espionage, data breaches and advanced persistent threats (APTs), government agencies must fill the hole left by next-generation firewalls, IPS, antivirus, and Web gateways. These rules and signature-based tools are no match for well-funded adversaries employing a new generation of dynamic, stealthy threats. To strengthen the security and resilience of federal government systems, agencies must adopt tools and techniques to protect them from the next generation of attacks.
Hear from two cyber security experts, Robert Bigman, former Chief Information Security Officer, Central Intelligence Agency, and Alex Lanstein, Senior Security Researcher, FireEye, as they share their views on the new evolving threat landscape and how budget-constrained agencies can detect, protect and respond to advanced targeted attacks.
In this session, participants will learn about:
• Techniques and tactics that make next-generation cyber criminals successful
• A new hacker alliance model and some concerning technical trends
• Why conventional security defenses are no longer effective
• Key criteria when investigating next-generation threat protection
The week's summary of news and events in the cyber realm. Sign up for the newsletter here: http://www.threatchaos.com/Read more >
A cyber incident in a large, complex industrial control system can have serious consequences, and all security technologies have limitations. This means we can always be more secure, or less. How then, should we evaluate security funding requests for industrial sites? How do we know how much is enough?
The abstract, qualitative models that most of us use for cyber threats are poorly understood by business decision-makers, and are not easily compared to risk models for threats such as earthquakes and flu pandemics. We could force-fit cyber risks into more conventional models by "making up" numbers for the probability of serious incidents, but "made up" numbers yield poor business decisions.
Most business leaders though, do understand cyber attack scenarios and their consequences, and find them much more useful than qualitative models or "made-up" probabilities. To communicate industrial cyber risks effectively, an assessment process should distill complex risk information into a small, representative set of high-consequence attack scenarios. Business decision-makers can then "draw a line" through the set, selecting which combinations of attacks, consequences and risks to accept, and which to mitigate or transfer.
Join us to explore using attack scenarios to communicate risks, consequences, and costs to business decision-makers.
Attackers are moving away from direct assault, and instead are hijacking and exploiting user credentials to thwart security tools, and gain easy access to business data. How can you strike back and stop breaches that attack your users far, far away?
• Stop fighting previous battles – Attackers have moved on to a new, more vulnerable target
• Move Security techniques to a new future – Identity must be the core of security
• Re-angle the deflector shields – Legacy perimeter security isn’t enough
Join Chris Webber, Security Strategist at Centrify, and Eric Hanselman, Chief Analyst at 451 Research, as they discuss todays’ identity-based security risks, and how to arm yourself against them.
Distil Networks has produced their third annual Bad Bot Report. It's the IT Security Industry's most in-depth analysis on the sources, types, and sophistication levels of last year's bot attacks -- and there are serious implications for anyone responsible for securing websites and APIs.
Join Derek Brink, Vice President of Research at Aberdeen Group and Rami Essaid, CEO of Distil Networks as they dive into the data to reveal:
• 6 high-risk lessons every IT security pro must know
• How to quantify the risk and economic impact of bad bots for your organization
• How bot activity varies across websites based on industry and popularity
• The worst offending countries, ISPs, mobile operators, and hosting providers
Bad bots are the key culprits behind web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, unauthorized vulnerability scans, spam, man-in-the-middle attacks, digital ad fraud, and downtime.
Register today to gain actionable insights on how to defend your websites and APIs for the coming year of threats.
Bonus: All registrants will receive a copy of Distil Networks’ 2016 Bad Bot Reports and a copy of the presentation slides.
You already know the power of application segmentation to deliver data center and cloud security—now you can take segmentation to the next level. Nano-segmentation is finally a reality.
In 15 minutes, we’ll show you how nano-segmentation delivers the most granular, adaptive security across your data centers and public clouds.
Register to find out how to:
- Reduce your data center and cloud attack surface by 99%
- Quarantine compromised servers in seconds
- Achieve compliance in hours
Big data analytics and smarter sensors are just two of many technologies leveraged by many companies enhancing their Industrial Control Systems (ICS) to reap the benefits of the Industrial Internet. However, as you design these smarter and increasingly connected systems, security must be built in from early stages, or else you risk others, with malicious intent, using your systems against you. This session will describe a process for helping you frame your security needs and meet them smartly to be sure that you are efficiently and effectively tackling security “end-to-end” and not leaving any weakest links unprotected as you evolve your ICS to capture the opportunities driving the excitement behind the Industrial Internet.
About the Speaker: Brian Witten is a Senior Director for “Internet of Things” (IoT) at Symantec.
It’s often a challenge to address the ICS cyber security conversation in an organization that has yet to suffer a cyber incident. While the issue of defending against traditional IT cyber breaches goes uncontested ICS owner/operators still struggle to align traditional cyber threat vocabulary and remediation methods to their operational environments. Both malicious and unintentional cyber threats are not confined to data breaches and IT systems but they can be harder to identify in ICS environments. You have to know what you’re looking for.
Joe Weiss has amassed a database of more than 700 confirmed control system cyber incidents. The database covers ICS cyber from around the globe. A vast majority incidents were not identified in official reports as being cyber-related but a review of the circumstances surrounding the event proves otherwise.
During this webinar Weiss will discuss:
• Differences between ICS cyber security and traditional IT security
• Summaries of actual ICS cyber incidents from his database
• Recommendations on how to tackle monitoring and protection at your facility