Key Insights from the CyberCrime Symposium

2017 CyberCrime Symposium: Think Global, Act Local!


Lessons from the 2017
CyberCrime Symposium

Cybercrime’s a global pandemic, and no organization, large or small, is immune. When everyone’s at risk, everyone’s responsible. And how they handle this responsibility has global implications. Read More


Cybercrime-as-a-Service... Can
You Spot the Cybercriminal?

Though it’s a natural evolution, the very existence of cybercrime-as-a-service (CaaS) shocks people. Never mind the annual global costs attributable to CaaS, or how much it hampers innovation. Read More


Dispatches from the Dark
Side of the ‘Net

For a brisk morning tour of Tor, darknets, and dark marketplaces, attendees of the 2017 CyberCrime Symposium couldn’t have asked for a more entertaining, informative guide... Read More


Red Team
Reality Check

At the very least, a high-profile, bull’s-eye breach teaches the victimized organization some hard lessons. Though it’s not an easy exercise for most SOC teams, C-suites, and boards... Read More


Assume Compromise: Protect,
Detect and Respond

In 2012, when Sean Sweeney became CISO for a large university, info-security strategies focused on preventing breaches. At that time, “CISO stood for ‘chief information scapegoat officer... Read More


Disrupt and Transform but
Don’t Neglect Cybersecurity

Information security professionals can hardly be blamed if they’re ambivalent about digital disruption and digital transformation. On one hand, they’re getting traction with disruptive... Read More


Putting Federal Cybersecurity Policy
in Perspective

The cyber-threat ecosystem is complex, relentless, and rapidly evolving. It’s appropriate that those characteristics describe the work of creating national cybersecurity policy. Read More


Become Bilingual and
Bridge the Gap

Ask CISOs to prioritize the skills they require to excel in their work, and a sizeable number will put talk before tech. Bi-directional communication — and its role in creating world-class cyber... Read More

2016 CyberCrime Symposium: Cyber Convergence


Lessons from the 2016 CyberCrime Symposium

Cybersecurity professionals get no relief. For every threat they encounter, there are hundreds more waiting to strike, or some new point of vulnerability to consider. With the IP-enabling of every... Read More


Managing IoT Risk: The Internet of Things is a Lot of Things

The Internet of Things (IoT) is, both literally and figuratively, a lot of things. At this point in its evolution, it’s something of a paradox. While IoT as an infosec topic pursues cybersecurity... Read More


Mobile Malware’s Getting Smarter

Despite their immense popularity, ubiquity, and ability to find their way into just about any IT conversation and industry content, mobile devices haven’t attracted much interest from the attack side. Though device infections did reach a new high... Read More


Cybersecurity Awareness Can Be Fun and Games

Like most cybersecurity experts, Ira Winkler has a wealth of stories that illustrate how dangerous user behavior can be to cybersecurity. He’s also got something more. A modern-day... Read More


Don’t Blame Bitcoin for Ransomware

Though it’s been around in various incarnations for a couple of decades, ransomware is one of the hottest topics in the world of cybersecurity, and for good reason. It’s malware on the rise, thanks to its role in a growing number of successful... Read More


Cybercrime Attribution Analysis: The Cyber Who Done It

As much as cybersecurity professionals need to be concerned about insider threats, the bulk of data breaches are still the work of outside forces. "In 2015, 77.7% of all the data breaches we... Read More


Behind the Scenes: Demystifying Malware

The frequency and size of malware attacks and the havoc they wreak are generating a continuous stream of media coverage, attracting eyeballs with often shocking details of breach size. What’s often missing in news stories on data breaches... Read More


Cyber Insurance: Are You Covered?

Back in the late ‘90s, the insurance industry came out with an early cyber insurance product. As it was a product for Y2K losses, “it was a dud, and when it died, everybody thought that cyber insurance would never take off,” said Peter Foster, in... Read More


What You Don’t Know: Cyber Defense Against Unknown Threats

Even with all the traditional cybersecurity defenses, breaches still occur. “So, why haven’t these traditional security products adequately protected you?” asked Jack Walsh, New Initiatives and... Read More


Conducting a Cyber-Crime Exercise in a Smaller Enterprise

When we talk about designing a great cyber-crime exercise, we always say that you need eight things to make it work. That sounds like good advice for a larger company, but what if you... Read More

2015 CyberCrime Symposium: Collaboration & Information Sharing


Lessons from the 2015 CyberCrime Symposium

If the relentless stream of headlines trumpeting cybercrime’s latest hits reveals anything, it’s that cyber-actors are escalating their efforts. It’s not just smarter people developing better.... Read More


The Two Faces of Privacy

With cyber-threats growing by the minute, it’s easy to see why data security professionals get hyper-focused on securing their organizations against attacks and all the technologies, practices, and processes that entails. Ultimately.... Read More


Cybersecurity Gets Its Due

As a national correspondent covering intelligence and national security for The Daily Beast, Shane Harris spends a lot of time immersed in the world of cybersecurity. In his presentation at the 2015 CyberCrime Symposium, “The Internet.... Read More


Stuxnet: Lessons in Digital Warfare for Cybersecurity Pros

Most security professionals have at least a basic understanding of Stuxnet. However, because the story behind the malicious worm used to attack Iran’s nuclear program is so complex, many.... Read More


.BANK-ing on Better Cybersecurity

Every organization stands to lose a lot when it comes to cyber-attacks, but because they’re managing customer money and operating in a heavily regulated industry, financial services institutions have their own set of challenges. They’ve got a lot at... Read More


The Job Ahead: Securing IoT

Cybersecurity professionals are already overtaxed trying to secure all the devices that make their networks hum, not to mention the multiplying user devices seeking access. Now they’re facing the exploding Internet of Things (IoT)... Read More


Framing Cybersecurity Risk Management: V.1.0

When President Obama signed Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” in February 2013, the National Institute of Standards and.... Read More


A Community Watch for Cybersecurity

Cybersecurity technology and legislation are integral to building a large-scale defense against cyber-threats. But if industry and government don’t collaborate and share information on threats and breaches, even the best laws.... Read More


A Secure Web — Get There From Here

Even their names inspire fear. Heartbleed. Shellshock. Granted, the third member of 2014’s critical vulnerability triumvirate — POODLE — sounds toothless by comparison, but the cybersecurity professionals impacted by any or all.... Read More