Cyber Security Summit Blog

Thank you to all critical infrastructure sectors for your continued focus and dedication during this challenging time. The Electric Sector continues working hard to “keep the lights on” and coordinate together on mitigation efforts related to COVID-19. One example is the joint work facilitated by the Electricity Subsector Coordinating Council and their key message during the COVID-19 response as follows: “Protecting the energy grid and ensuring a safe and reliable supply of electricity are the top priorities of the electric power industry." One item of note that the ESCC provides is a COVID-19 Resource Guide that has been updated four ...
Read More
By Kathy Washenberger, Director Information Security/GRC April 15, 2020 This current environment has many attackers targeting small businesses. Attackers want to exploit areas they perceive to be the weakest. As a way to combat these attackers and provide you with some practical ways to recognize issues early, here are some things you can be thinking about as you continue to run your small business as best as you can with limited resources. Know Your RiskOne of the biggest issues is simply understanding what potential attackers may want to gain from your business. Attackers are looking for financial gain, so any ...
Read More
By Chris Veltos, Cyber Risk Strategist; Digital Trust Advisor; Dr. InfoSecApril 15, 2020 This past month has been one for the record books. IT and cybersecurity staff across the globe have managed to move tens or possibly hundreds of databases, applications, and services online so their organization could continue operating. That initial shift happened with a laser-like focus on continuity of operations, with everyone doing the best they could with the time and the information they had. It worked and got us this far, but the adrenaline is slowly wearing off, and with it so is our patience for poor ...
Read More
By Eileen Manning, Executive Producer, Cyber Security Summit April 15, 2020 As the Summit enters its 10th year connecting cyber security leaders to drive change and protect our global infrastructure, we do so in precarious times. The COVID-19 pandemic has upended the world as we know it, and as we collectively work to “flatten the curve,” this newsletter will embody the Summit’s driving mission of keeping the community connected during this time of unprecedented upheaval. Each month we will address a different critical issue, and what better way to kick it all off than with a collection of resources aimed ...
Read More
For ten years we’ve been building the Cyber Security Summit into a successful platform to network thought leaders and those involved in the everyday defense of our cyber infrastructure. In light of coronavirus (COVID-19) and its impact on public gatherings, we understand you may be evaluating your decision to attend this year’s Summit later this fall. Based on input from our country’s top cyber leaders, we are moving forward with planning October’s event. We remain cautiously optimistic that in the months leading up to the Summit, the virus will be better understood and contained. We want to ensure you that ...
Read More
Building and retaining your security team If you are a cybersecurity leader/hiring manager, you are probably getting tired of being reminded that there aren’t enough skilled cybersecurity staff to fill your open positions. We know already, can we stop complaining about it? Yes, there are currently 500K open cyber positions in the US and nearly 3 million open positions globally,(1)and the need is definitely not expected to shrink in the coming years. So maybe it’s time to think outside of the box when it comes to staffing our teams. The Cybersecurity Unicorn may exist but we can’t find them, and ...
Read More
Target’s Tim Crothers and Catharine Trebnick of Dougherty & Company to lead the Ninth Annual Cyber Security Summit Oct. 28-30 in Minneapolis MEDIA CONTACTS Lynn Nelson | LIN Public Relations, Inc. 612.990.0126 lnelson.linpr@gmail.com FOR IMMEDIATE RELEASE Target’s Tim Crothers and Catharine Trebnick of Dougherty & Company to lead the Ninth Annual Cyber Security Summit Oct. 28-30 in Minneapolis Minneapolis, Minn.– June 4, 2019–Tim Crothers and Catharine Trebnick will co-chair the Ninth annual Cyber Security Summit, “Pushing the Cyber Security Envelope,” which takes place Oct. 28-30, 2019, at the Minneapolis Convention Center in Minneapolis, Minn. Tim Crothers, vice president of security ...
Read More
“If you’re in cyber security, you’ve got a problem,” said Scott Borg, CEO of Cyber Consequences Unit. C-level cyber security people may be topped out career-wise in their organizations because management may not understand what they do and security terminology is alien to businesspeople. Speaking on the “Economics of Cybersecurity,” Borg advocated that his security audience explain the value they produce in economic terms that are familiar to other C-level executives. Otherwise, cybersecurity executives may be left out of the C-level loop because their terminology in describing their work defending company assets is unfamiliar to people who work in other ...
Read More
Average dwell time, where a hacker inhabits a breached system, is 200 days, said Bob Stasio of DreamIt Ventures, a cybersecurity company that hunts for intruders on organization systems. He has worked in security positions for IBM, NSA, FAA and NASA. Addressing Cyber Security Summit 2018, Stasio said that 80 percent of hacks are stopped by Tier 1 security systems – firewalls, NIST standards, and the like. To prevent larger threats from gaining significant dwell time on your system, it’s time to go from perimeter protection to threat hunting. Stasio introduced a high-level system view of the approach he employs, ...
Read More
“Everything today is a computer,” declared Cyber Security Summit 2018 keynoter Bruce Schneier, CTO, IBM Resilient. IoT is the “computerization” of the whole world, making exponentially complex the safeguarding of most of our devices. Schneier, author of many security-related books and the popular Schneier on Security blog, presented “Click Here to Kill Everybody,” the name of both his presentation and his latest book. He listed six lessons to take from the dynamics influencing cybersecurity today. Most software is poorly written and insecure because it’s designed to be fast and cheap, instead of good. The Internet was never designed with security ...
Read More