National Webcast: Emerging Trends and Threats for 2015

Steven Hurst of AT&T’s Global Customer Security Services will be presenting this month’s national webcast hosted by MS-ISAC.

Tune in on February 11th (free registration) to hear him speak about:

  • The evolution of how we communicate and what we communicate with.
  • How these changes in technology change the way we need to view the protection of data for consumers and organizations.
  • Expectations for highly probable cyber threats for 2015 and how emerging technologies will impact our risk profiles.

Learn more about this webcast or register to attend.

Security Predictions of 2015

What will be this year’s biggest security threats? Each time January rolls around, security professionals look at past threats and try to determine what will happen in the upcoming year. It’s a good idea to be one step ahead of criminal hackers, but it isn’t always possible.

This article in Wired reviews several on-going threats it considers at the top of the list:

  • Nation-State Attacks: government intelligence agencies that use malware to eavesdrop on telecommunication systems, for example
  • Extortion: on a larger scale we saw the attack on Sony Pictures, on a smaller scale there is ransomware that targets individuals
  • Data Destruction: similar to the ransomware threats, but this malware wipes data and master boot records
  • Bank Card Breaches: hacking point-of-sale systems, skimmers, and other methods of stealing card data
  • Third-Party Breaches: a company or service is hacked solely for the purpose of obtaining data from a more important target
  • Critical Infrastructure: attacks that aim to sabotage various programs or services

Read the article in full online.

Webinar: The Internet of Things

MS-ISAC is a multi-state information sharing group that supports the government with its cyber security mission. It offers a free national webinar each month. This month’s webinar, called “The Internet of Things” is a discussion on recent cyber-based incidents that threaten organizations through their computer systems. These threats are becoming increasingly sophisticated, better organized and more frequent. The discussion suggests a framework to protect organizations using the latest technologies and trends in the industry. Presented by Peter Romness, Business Development Manager of Cisco Systems, Inc.

The free webinar takes place on Thursday, December 11, 2014, 2:00 – 3:00 pm.

Learn more and register for this webinar.

Security SIG’s First Lunch Meeting, July 16th

Security SIG is holding its first luncheon on Wednesday, July 16th, 12:00 – 1:00 pm. If you haven’t yet signed up for Security SIG, please do so.

Main topic: “The Biggest Threats to Security Today.” If you have any suggestions on what to cover for this topic, please let us know.
Lunch will be provided.
Location to be determined.

We got a great response rate (30% of the list) for the poll, so thanks to those who replied. Some of you also offered additional topics you¹re interested in, which is great to know for future events.

We need to still book a room, so stay tuned. Because we are serving lunch we will need you to RSVP. Please send your attendance confirmation to me, at


Update: The event is taking place in Room 68-181. You must RSVP to attend.

The Six Most Dangerous IT Attacks

The most popular track session of RSA San Francisco for the past five years was again packed to the rafters this year.

Hundreds of delegates poured in to see the vivacious Ed Skoudis and Joannes Ullrich discuss the six most dangerous IT security threats of 2011 and to hear what to expect in the year ahead.

Skoudis, founder of Counter Hack Challenges and an incident responder for large organizations, kicked off the session at the 2012 RSA conference earlier this month with three of the top security threats and how to defend against them.

Read the story in the news.

2012 Will See Rise in Cyber-Espionage and Malware

Security experts expect to see a continuing trend in the rise of malware-based attacks that result in sensitive data being stolen from government agencies, defense contractors, Fortune 500 companies, human rights organizations and other institutions.

Threats like Stuxnet and Duqu are likely to escalate in 2012 and defending against them requires aggressive protection technologies and people training. “People still represent the weakest link in security for a large amount of enterprises and that is the reason they are targeted,” says Rik Ferguson, director of security research and communication at security firm Trend Micro.

There should be a shift in protection paradigms and more control should be put around the data source, Amichai Shulman, CTO at security firm Imperva believes.

Read the full story in the news.

Boston Cyber Week, Nov 14 – 18

The STOP. THINK. CONNECT. campaign is launching its Cyber Week program to engage communities to promote awareness and dialogue about the dangers Americans face online. The Cyber Week Program, will be rolled out in several cities in 2011-2012. It advances the DHS cyber mission by arming citizens with resources and tools needed to protect themselves, their families and the nation against growing cyber threats.

The Cyber Week Program brings together federal, state and local entities, industry, nonprofits, communities, and individuals for sustained engagement and dialogue on cybersecurity – emphasizing that cybersecurity is a shared responsibility.

Boston, Massachusetts has been selected as the first Cyber Week location: it is THIS WEEK, November 14 – 18. See the details of the program.