The National Security Agency's 6th Annual Scientific Cybersecurity Paper Competition has been announced, along with the following Distinguished Experts and other Pertinent Particulars of the Competition (eg., the submittal criteria et cetera). Interested? Read On... A superlative conclave of security luminaries will examine the nominations and provide their specific submittal preferences to the National Security Agency's Research Directorate.
- PROF. L. JEAN CAMP, Indiana University
- DR. ROBERT CUNNINGHAM, Lincoln Laboratory
- DR. WHITFIELD DIFFIE, Cybersecurity Advisor
- DR. DAN GEER, In-Q-Tel
- DR. JOHN MCLEAN, Naval Research Laboratory
- PROF. STEFAN SAVAGE, University of California, San Diego
- MR. PHIL VENABLES, Goldman Sachs
- PROF. DAVID WAGNER, University California at Berkeley
- DR. JEANNETTE WING, Columbia University
Here are the all-important dates:
- Submission Period Begins: December 15, 2017
- Submission Period for Entries Ends: March 30, 2018 11:59 PM, EST.
- Evaluation Process for Entries Begins: April 2, 2018
- Winners Notified: By September 14, 2018
- Winners Announced: Fall 2018
via Anton Chuvakin, Ph.D., Research VP and Distinguished Analyst at Gartner, speaks security truth to power. Pay attention folks - your organization's security and continued existence could very well depend on the action you take in your environments, based what he has to say.
Erudite write-up by Adam Meyers (opining at 38North) in which, Adam details the cyberweapons of mass disruption (in this case the primary weapons discussed are WannaCry, the Wiper Attack and who-can't-forget the electronic Bonnie-and-Clyde aka the 2016 SWIFT attack on the Bank of Bangladesh). Enjoy!
"North Korean offensive cyber operations have been conducted to collect sensitive political and military intelligence information, to lash out at enemies who threaten their beliefs and interests, and most interestingly, to generate revenue." - Adam Meyers writing at 38North)
Well scrivened, crafted, reasoned, and timely blog post by Andrew Cook (writing at the Delta Risk - A Chertoff Company - blog). In which, impeccable advice is offered, on learning and avoiding pitfalls, targeting Incident Response - i.e., Successful Incident Response. This weeks' Must Read.
You be the judge... Essentially, all are targeted at data-and-objects-at-rest, rather than in-motion (except, perhaps the new cross-region replication feature with KMS).
Regardless, all of the annouced new features are welcome (in my currently rather jaded opinion). Now, if we can just overcome human error (not to mention blatant developer and data-owner lack-of-attention-to-detail, read about that here)...
- Default Encryption – You can now mandate that all objects in a bucket must be stored in encrypted form without having to construct a bucket policy that rejects objects that are not encrypted.
- Permission Checks – The S3 Console now displays a prominent indicator next to each S3 bucket that is publicly accessible.
- Cross-Region Replication ACL Overwrite – When you replicate objects across AWS accounts, you can now specify that the object gets a new ACL that gives full access to the destination account.
- Cross-Region Replication with KMS – You can now replicate objects that are encrypted with keys that are managed by AWS Key Management Service (KMS).
- Detailed Inventory Report – The S3 Inventory report now includes the encryption status of each object. The report itself can also be encrypted. - via Jeff Barr, writing at the AWS Blog
"Facebook CEO Mark Zuckerberg and Tesla CEO Elon Musk recently fought over whether artificial intelligence (AI) posed an existential threat to humanity. Musk made the case AI machines could eventually become self-aware and dispose of their human masters, like in the movie Ex Machina, whereas Zuckerberg argued humanity had nothing to fear." via a blog posting written by Adam Segal for the Council on Foreign Relations
Attribution: "Adam Segal is the Maurice R. Greenberg Senior Fellow for China Studies and Director of the Digital and Cyberspace Policy Program at the the Council on Foreign Relations. He is author of The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age (New York, NY: Public Affairs, 2016)." via the Council on Foreign Relations