Sign up for my newsletter to see my interviews with the top names in cybersecurity.

No guest this week but a bunch of exciting guests coming soon! Thanks for reading.

The News:

Defense Department’s tech investing signals Silicon Valley’s importance in cyberwarfare

• Last month, the DoD announced that it would be funding cybersecurity startups that can “help the Pentagon develop more advanced cybersecurity and intelligence systems to fend off nation states and hackers targeting everything from top-secret military correspondence to public power grids.”

The RSA Conference: Advanced Persistent Threats Meet Advanced Persistent Marketing

• Great article describing how next-generational firewalls work and how Bromium uses virtual machines to provide a user-friendly security experience.

Rombertik and the rise of self-aware malware

• Menlo Security’s CTO describes how malware usually works and how it has evolved to evade company defenses.

How Data and Machine Learning are Turning the Tables on Mobile Attackers

• Lookout’s Aaron Cockerill describes how Lookout uses machine learning to detect threats.

Cyber Attacks Costing Health System $6 Billion Annually

• “Nearly 90 percent of health-care providers were hit by breaches in the past two years, half of them criminal in nature.” The average damage per breach was $2mm.
• Why are hackers targeting hospitals? Medical records (including social security numbers) are apparently worth up to 20x as much as stolen credit card numbers.

Penn State Hit by China-Based Hacker, University Says

• Mandiant said that Penn State may have been breached as far back as 2012.

Cyber Insurance Offers More Than Just Protection Against External Cyber Attacks

• More evidence that protective measures aren’t just for large corporations–60% of small firms go out of business within 6 months of a cyber attack.
• I can’t imagine that providing cyber insurance will stay a good business for long – I’m sure that cyber damages during a breach follow a power law distribution and can’t be easily averaged like life expectancy for life insurance. Will try to get a cyber insurance executive on this

Whistleblower Reveals Cyber Security Firm Hacks Its Own Clients To Extort Them

• Apparently Tiversa would hack its clients and then tell its clients that they would disclose the hack unless the client bought more of their services.

An Obama Plan to Stop Foreign Hackers Has Mixed Results

• Despite numerous indictments, the Obama administration has not been able to stop hackers from hacking U.S. companies in order to steal trade secrets. “They don’t live here, so we can’t arrest them, and we’re not going to go to war over this.”

Starbucks attack shows hackers are finding easy money on mobile

• Kevin Mahaffey, my guest from last week, on how hackers broke into Starbucks accounts on victims’ mobile phones and how they could have been stopped.