The combined company will boost ZeroFox's attack surface management capabilities.

ZeroFox has announced plans to acquire LookingGlass, a threat intelligence and attack surface management company, for roughly $26 million.

ZeroFox provides protection against phishing and other threats that could negatively impact an organization’s brand, threat intelligence, and incident response services. ZeroFox also provides “disruption” services, such as domain and social media takedowns and removing personal information from data brokers.

Organizations use LookingGlass’ Internet-facing attack surface intelligence data lake to identify and assess threats, as well as to determine the appropriate remediation and defense tasks. After the acquisition, LookingGlass technology will be integrated into ZeroFox’s platform for enhanced visibility into external attack surface assets and vulnerabilities, ZeroFox said in a statement on Monday that announced the acquisition.

ZeroFox previously acquired Cyveillance, a LookingGlass business unit, in October 2020. The combination of the two companies strengthened ZeroFox’s threat intelligence and automated protection capabilities, the company said at the time. Just seven months later, ZeroFox announced plans to buy Vigilante, a Dark Web threat intelligence company, to add new capabilities to its platform, including breach intelligence and response, botnet exposure monitoring, data on compromised credentials, infected and vulnerable hosts, and indicators of compromise.

The deal, mainly in stock (9.4 million shares) combined with convertible debt and cash, is expected to close within 30 days.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

ZeroFox Acquires LookingGlass

Members of the former ransomware group are using a FIN7 backdoor to deliver malware —including Cobalt Strike — to victim systems.

Former members of the Conti ransomware group are compromising systems for follow-up exploits using malware that the financially motivated FIN7 group developed; FIN7 has used the "Domino" tool in its own attacks since at least last October.

The campaign is the latest example to show how different threat groups with distinct motives and techniques often work together to achieve their separate goals, and to broaden their individual operations in the cybercrime economy.

**A Domino Effect**

IBM Security X-Force recently observed threat actors who used to be part of the Conti group using FIN7's Domino malware to drop either the Cobalt Strike post-exploit toolkit on domain-joined computers, or an information stealer called "Project Nemesis" on individual systems.

X-Force researchers determined that the Conti threat actors (the gang disbanded last May) began using Domino in February, which was about four months after FIN7 first began using the malware last October. 

In the campaign the threat actors used a Conti loader called "Dave" to drop FIN7's Domino backdoor. The backdoor collected basic information about the host system and sent it to an external command-and-control server (C2). The C2, in turn, returned an AES-encrypted payload to the compromised system. The encrypted payload in many cases was another loader with multiple code similarities to the initial Domino backdoor. The attack chain was completed when the Domino loader installed either Cobalt Strike or the Project Nemesis infostealer on the compromised system.

"The Domino backdoor is designed to contact a different C2 address for domain-joined systems, suggesting a more capable backdoor, such as Cobalt Strike, will be downloaded on higher value targets instead of Project Nemesis," IBM Security malware reverse engineer Charlotte Hammond wrote in an analysis on the campaign.

IBM X-Force researchers first identified Domino as FIN7 malware last year after observing several code similarities between it and Lizar (aka DiceLoader or Tirion), a malware family they had previously already attributed to FIN7. Both Domino and DiceLoader have similar coding styles and functionality, a similar configuration structure, and use the same formats for bot identification. X-Force researchers also found evidence linking Domino to the Carbanak banking Trojan, which researchers have also previously associated with FIN7.

**Intricate Nature of Cooperation**

The use of the malware by former Conti group members "highlights the intricate nature of cooperation among cybercriminal groups and their members," Hammond said. Security analysts have noted how such collaborations can pose a significant threat to organizations and individuals because they often enable more sophisticated and successful attacks than would be possible as separate entities.

For FIN7, the new campaign continues the threat group's efforts to broaden its footprint. FIN7 surfaced in 2012 and cut its teeth stealing and selling payment-card data — an activity that garnered it hundreds of millions of dollars. Over the years the group expanded into the ransomware ecosystem, and also made money from enabling ransomware attacks and malware distribution for other threat groups. After focusing mainly on retail and hospitality-sector organizations, the threat actor has broadened its target list to organizations in multiple other sectors, including defense, transportation, IT servers, financial services, and utilities. 

Security researchers estimate the threat actor has stolen well over $1.2 billion from victims since it first surfaced.

Researchers at Mandiant last year were able to tie Fin7 to dozens of previously unattributed threat activity clusters based on similarities in tactics, techniques, and procedures (TTPs) between them. Among them were at least one dozen intrusions at Mandiant customer locations since 2020 alone. US law enforcement authorities have tried disrupting FIN7 activities multiple times and even managed to send a high-level group admin to prison back in 2018. So far though, attempts to stop the group have failed.

FIN7, Former Conti Gang Members Collaborate on 'Domino' Malware

lockr preserves open access to information across the Internet while honoring consumer privacy and choice.

**NEW YORK****,** **April 17, 2023** **/PRNewswire/ --** lockr, the first consumer-focused platform for digital identity, consent and data, has raised $2.5M in pre-seed funding. Mozilla Ventures, Junction Venture Partners, and Grit Capital Partners participated, along with individuals from the digital publishing and data industries.

Founded by Keith Petri, an experienced data management executive with two prior 8-figure exits, lockr offers a variety of tools that enable consumers to take control of their personal identity and data. lockr partners with both publishers and brands to maintain the economics of the advertising-supported internet with a privacy-safe, consumer-driven solution. The company launched in 2021 and is dedicated to helping these partners collect authenticated first-party data with transparent consumer consent through its Identity lockr product. 

"After having spent a decade in digital advertising tracking consumers behavior and building consumer profiles for some of the world's largest brands, I am taking my experience and knowledge and applying that to empower consumers to control their online profiles," said Keith Petri, CEO of lockr. "We are leveraging new regulations and shifts in the underbelly of the internet to give the average user a seat at the table."

Publishers and brands increasingly rely on email to connect with customers, while those same customers struggle with overflowing inboxes. lockr provides solutions for both. For consumers, lockr's first product is lockrMail, a persistent email address that gives users full control over their inbox by forwarding messages to their real email - with both allow and block capabilities, patent-pending automated filters, custom digests, and more. On the business side, Identity lockr is a consumer-consented identity solution that offers free email verification for publishers and brands. By validating email at the point of collection, businesses are able to maintain a complete profile of consumers while respecting their inbox preferences.

"Mozilla Ventures is incredibly excited to invest in lockr, a company that provides users with more granular control over how their identity is managed online. Keith and his team impressed us with their strong vision and thoughtful approach to product development," said Mohamed Nanabhay, Managing Partner of Mozilla Ventures. "We believe that lockr will not only enhance user privacy but also increase user agency. We are thrilled to be a part of the journey."  

To complement both sides of its business, lockr offers a convenient single-sign-on service that empowers users with a fully transparent way to consent to data-sharing within lockr's Publisher Network. As lockr expands its publisher partnerships, lockrMail users will be able to seamlessly access content across the web without compromising the sanity of their inbox and while maintaining control over their data consent on a per-company basis.

lockr will use this funding to scale its team, expand the Identity lockr's Publisher Network, and build new consumer tools essential to the management of a user's digital footprint.

**About lockr**

Founded by Keith Petri in 2021, lockr is working to preserve open access to information across the Internet while honoring consumer privacy and choice. Through lockr, individuals can decide where their information is shared and how it is used. lockr is funded by world-class angel investors and venture capital firms. To learn more, visit www.loc.kr.

lockr Raises $2.5M

Because the security vulnerability is under active exploit, Google isn't releasing full details of the flaw while users could remain vulnerable.

A Google Chrome zero-day vulnerability is under active exploit in the wild, and while details are scarce, users are urged to update their Windows, Mac, and Linux systems to the latest version directly.

The fix for the high-severity bug, being tracked as CVE-2023-2033, is being pushed out through the stable desktop and extended stable channels, and will continue to roll out over the next weeks, Google explained in its April 14 cybersecurity advisory.

The flaw was discovered by Clément Lecigne of Google's Threat Analysis Group on April 11, the company said.

"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google added. "We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed."

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Google Issues Emergency Chrome Update for Zero-Day Bug

**Cyber Florida at the University of South Florida -** Tampa will host the national championship round of the NCAE Cyber Games on April 22 on the University of South Florida-Tampa campus. The event will be live-streamed via Twitch at https://www.twitch.tv/ncaecybergames from 1:00 to 4:00 pm on April 22 and feature 12 regional winning teams competing for the national championship. The competing teams will represent Liberty University, Syracuse University, Brigham Young University, Prescott - Embry-Riddle Aeronautical University, University of Tulsa, Daytona Beach - Embry-Riddle Aeronautical University, University of West Florida, Metro State University, Eastern Washington University, Cal Poly Pomona, University of Florida, and defending National Champions Illinois Institute of Technology.

Funded by a grant from the National Security Agency’s National Center of Academic Excellence in Cybersecurity (NCAE-C) program, NCAE Cyber Games is a collegiate cyber competition for first-time competitors, where they can learn about cyber competitions in an environment focused on teamwork, building confidence, and growing their skills. Cyber competitions provide valuable resume experience but can be intimidating to newcomers. NCAE Cyber Games provides an on-ramp for new competitors to learn and prepare for larger competitions such as the National Cyber Collegiate Defense Competition. The program also helps NCAE-C-designated institutions recruit new students for their cyber competition teams.

Now in its second year, the program has grown from about 500 competitors from 50 colleges and universities in Year 1 to 700+ competitors from more than 80 colleges and universities out of approximately 350 NCAE-C institutions.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

NSA's National Centers for Academic Excellence (NCAE) Cyber Games to Hold National Finals on April 22

Learning how to break the latest AI models is important, but security researchers should also question whether there are enough guardrails to prevent the technology's misuse.

Samsung has banned some uses of ChatGPT, Ford Motor and Volkswagen shuttered their self-driving car firm, and a letter calling for a pause in training more powerful AI systems has garnered more than 25,000 signatures.

Overreactions? No, says Davi Ottenheimer, the vice president of trust and digital ethics at Inrupt, a startup creating digital identity and security solutions. A pause is needed to develop better approaches to testing, not just of the security, but the safety of machine-learning and artificial-intelligence models. These include ChatGPT, self-driving vehicles, and autonomous drones.

A steady stream of security researchers and technologists have already found ways to circumvent protections placed on AI systems, but society needs to have broader discussions about how to test and improve safety, say Ottenheimer, who will give a presentation on the topic at the RSA Conference in San Francisco next week.

"Especially from the context of a pentest, I'm supposed to go in and basically assess \[an AI system\] for safety, but what's missing is that we're not making a decision about whether it is safe, whether the application is acceptable," he says. A server's security, for example, does not speak to whether the system is safe "if you are running the server in a way that's unacceptable ... and we need to get to that level with AI."

With the introduction of ChatGPT in November, interest in artificial intelligence and machine learning — already surging due to applications in the data science field — took off. The eerie capabilities of the large language model (LLM) to seemingly understand human language and to synthesize coherent responses has led to a surge in proposed applications based on the technology and other forms of AI. ChatGPT has already been used to triage security incidents,  and a more advanced LLM forms the core of Microsoft's Security Copilot.

Yet the generative pre-trained transformer (GPT) is just one form of AI model, and all of them can have significant problems with bias, false positives, and other issues.

**Exploiting Robots Is Easy**

These shortcomings, and a general lack of explainability in AI models, means that any model can be attacked in ways that the creators may not have imagined, Inrupt's Ottenheimer will say in his RSA Conference presentation, Pentesting AI: How to Hunt a Robot. If AI models are quickly adopted without adequate study, they may make their way into critical application, where they could be attacked or fail spectacularly, he says.

"It's actually super easy to make them fail," Ottenheimer says. "Most people are looking at it as, 'Can I fool it in this one area?' but that's not the discussion you should be having, because — oh my god — you're using this technology in a totally inappropriate way."

Recent research demonstrates how simple attacking AI can be. Asking ChatGPT to mimic specific people, also known as assigning it a persona, can result in the AI model breaking its guardrails, according to a team of researchers from the Allen Institute for AI, the Georgia Institute of Technology, and Princeton University. The researchers had ChatGPT assume a variety of personas, and even a general persona — such as a "bad person" — can result in the large language model using toxic language, the team stated in a paper published on April 11.

With a plethora of products already shipping using ChatGPT, the researchers warn that it can unexpectedly result in harmful behavior.

"We hope that our findings inspire the broader AI community to rethink the efficacy of current safety guardrails and develop better techniques that lead to robust, safe, and trustworthy AI systems," the researchers stated in their paper.

**Time to Turn Off the Tech & Do a Reset**

Ottenheimer breaks down AI tests into six categories based on the traditional CIA triad: Confidentiality, integrity, and availability. False positives, for example, can lead to significant costs for society, such as emergency responders who are overtaxed because skiers' Apple watches are dialing 9-1-1 due to jarring runs down slopes. The academic research on using personas to jailbreak ChatGPT's content protections is similar to other research, which created a persona DAN (Do Anything Now) that allowed users to bypass safeguards.

Companies and researchers need to find ways to do a hard reset of such systems, to purge any toxic inputs, but at the same time teach the AI to take such actions in the future.

"You actually have to reset it, such that the harms don't happen again, or you have to reset it in a way that the harms can be undone," Ottenheimer says.

Finally, the threat to privacy is a significant threat as well as large language models use a vast data set, typically copied from the Internet, without the permissions of the publishers of that data. Italy has given OpenAI until the end of April to find ways to protect people's data and allow correction or deletion. And the efforts may grow as the European Data Protection Board (EDPB) has launched a task force dedicated to studying the issue and fostering cooperation.

Pen Testers Need to Hack AI, but Also Question Its Existence

Communicating cyber-risk upward to the C-suite and board takes simplification and a better understanding of the audience.

For at least a decade now, career-minded security leaders have well understood the importance of effective communication with the board and CEO. CISOs know they must gain the buy-in of these decision-makers to successfully instill a security-minded culture at their organizations — not to mention to greenlight enough funds for an effective cybersecurity budget.

The problem is that most CISOs today still can't turn that awareness into action. While CISOs are communicating with the board and the C-suite more than ever, they're still struggling to craft the right narratives that help them communicate risk to the board and drive meaningful collaboration between the security team and the rest of the business.

Security experts believe that CISOs need to rethink the content and the context of their messages in order to more reliably hit the mark with their executive counterparts. And most importantly, says Andy Ellis, advisory CISO for Orca Security, they need to tighten up their language and their goals for each interaction.

"CISOs need to think, 'What is the least amount of information we need to give to stimulate action?'" says Ellis, who is due to present at RSA next week on this topic and whose new book, _1% Leadership_, will be released this week. "Literally, I have a chapter in my book titled, 'Make the Smallest Argument Necessary to Spur Action.'"

The good news for CISOs today compared with those of yesteryear is that the channels of communication between them, the board, and the C-suite are increasingly opening up. The lesson is that it is going to take a whole lot more clear, simple communication for CISOs to net better results from their interactions with their boards.

**CISO Board Reports More Frequent but Ineffective**

The good news for today's CISOs is that the channels of communication between CISOs, the board, and the C-suite are increasingly opening up. According to "The State of CISO Influence 2023" survey, conducted by Dark Reading on behalf of Coalfire, 28% of CISOs present monthly updates to the board — up 10 percentage points in just the past year. Additionally, more than half of CISOs said they report to the board on at least a quarterly basis.

Unfortunately, for all of the increases in frequency of communication between CISOs and the executive suite, that upward communication remains largely ineffective.

The realistic CISOs reading the room sense that they're losing their audience. In the recent "Voice of the CISO" report from Proofpoint, security leaders in large organizations reported a huge drop in board support over the last year. Just 51% say they have the support of their board, compared with 71% who said the same last year.

Meanwhile, the directors are confirming that this perception isn't just in the CISOs' heads. A study from PwC this month shows that less than a third of directors are completely satisfied with the information they're getting about cybersecurity today.

"We have an image crisis that is only getting worse, and we need to rebrand ourselves," says Joseph Carson, chief security scientist and advisory CISO at Delinea. He explains that the CISO has to stop focusing on cybersecurity minutiae — things like attack metrics and precise technical details — and start measuring themselves and communicating about business outcomes. "That is the way to win support from the board," he says.

One of the biggest traps that CISOs fall into when communicating with the board is "overloading them with technical jargon," Carson adds. One recent study from the RSAC Executive Security Action Forum (ESAF), a community of Fortune 1000 CISOs, shows that over half of CISOs — 58% — admit that they struggle to communicate technical language to senior leadership in a way they can understand.

The fact that they are even endeavoring to explain that language in the first place indicates how much the content of their updates needs to change to facilitate more fruitful board discussions.

**Taking the Fairy Tale Approach**

Kurt Manske, managing principal at Coalfire, says he frequently sees CISOs struggle with understanding which key points, facts, or figures to share with their boards.

"A key problem for more technical-oriented CISOs is when and how to pivot during the board presentation and discussion from 'educating' to 'communicating,'" he says.

Sometimes simply mentioning one offhand technical detail can lead a CISO down an educational rabbit hole that completely distracts the board from the meat of what a CISO was really trying to communicate. Helping CISOs avoid these kinds of conversation killers is the whole drive behind Ellis' upcoming talk at RSA, titled, "Telling Fairy Tales to the Board: Turn Attack Graphs into Business Stories."

In his position at Orca Security, Ellis has helped the firm develop graph-based visualization maps that show potential attack paths within an organization's infrastructure. As valuable as that tool can be in communicating a potential attack story to security teams, he says he'd never show them to the board. His idea for his RSA session came up when he shared that with his co-speaker and technical counterpart, Oren Sade, chief of staff at Orca, who was aghast that Ellis thought the visualization's narrative doesn't work for the board.

"He was like, 'Why? This is great. It's a simple story. Andy, you helped us write this story,'" Ellis says. "And I'm like, 'Yeah, but the moment that I say Spring4Shell — or whatever the vulnerability that's being exploited — now I've got to spend 45 minutes explaining what Spring4Shell is because half of the board members think they're forgetting context.'"

Ellis' discussion will translate five different technical "stories" told by various theoretical attack paths into a slide deck and narrative line that actually works for board members. But before he does that, he will frame it with a fairy tale to help audience members understand what he's trying to do.

"I will literally be on stage, and I'll read the first four minutes of _Little Red Riding Hood_, and then we'll actually build an attack path and say, 'Here is the attack the wolf conducted against Little Red and all of the vulnerabilities that get exploited,'" he says. "And then we say, 'But notice that if you tried to tell it that way, nobody cares.'"

As Ellis explains, in the fairy tale the story is not actually about the wolf eating Red Riding Hood. The story is a cautionary tale for kids that is conveying messages of avoiding hazards like "don't talk to strangers" and "don't leave the trail."

Similarly, the stories for the board are driving toward a message of avoiding unnecessary losses, using security professional expertise in identifying the hazards that make that more likely to happen.

"A system having a vulnerability is not a hazard. The hazard is, 'We don't patch our systems enough,'" Ellis explains. "What's interesting is what happens at the end, right? Customer data gets stolen, ransomware takes over, whatever it is. You always start by talking about the unacceptable outcomes."

How CISOs Can Craft Better Narratives for the Board

Thousands of restaurants impacted by what Aloha PoS parent company NCR says was a ransomware attack on one of its data centers.

After days of outages, NCR Corp. has confirmed that its Aloha point-of-sale (PoS) software platform, used by thousands of restaurants across the US, was taken down by a ransomware attack on one of its data centers.

The BlackCat ransomware group has claimed responsibility for the Aloha POS cyberattack.

"Please rest assured that we have a clear path to recovery and we are executing against it," NCR's disclosure said. "We are working around the clock to restore full service for our customers."

Service disruptions for Aloha POS users began days ago, with the first update put out by NCR on April 12. At the time, it simply said the company was "investigating" the issue. In the absence of information, an Aloha POS subreddit has been filled with users sharing tips, workarounds, and any new information.

The Aloha PoS website lists a raft of restaurants, including Mad Mex and Chipotle, among its customers.

"BlackCat/ALPHV claimed responsibility for the attack and stated that they didn't steal any data but did take credentials that they are using as leverage to receive a ransom payment," says Timothy Morris, chief security adviser at Tanium. "It isn’t known how the attacker got initial access."

Lior Yaari, CEO and co-founder of Grip Security, noted in an emailed statement that the interest in credentials is a wake-up call for other organizations.

"Because in a distributed environment, identity is the ultimate control point and credentials paired with identities is like getting the golden ticket to everything else," he explained. "The sensitivity and criticality of credentials is not a big surprise for attackers and cybercriminals, as credentials have remained the top target for attackers for more than a decade. The difference here is, now, organizations have increased their level of concern for credential, making them just as attractive for ransomware gangs as intellectual property."

Aloha PoS Restaurant Software Downed by Ransomware Attack

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Easter is over, and now it's time for the bunny to head back to the office. What do you think our fluffy friend is saying? Come up with a clever cybersecurity-related caption, and our favorite will win a $25 Amazon gift card.

Here are four convenient ways to submit your ideas before the May 10, 2023, deadline:

*   Email _\[email protected\]_ with the subject line "Dark Reading April Toon."
*   Via social media: Twitter, Facebook, and LinkedIn. (If you win, we'll respond to you on the same platform, requesting your email address.)

**Last Month's Winner**

Congratulations to Alan Ortiz for his clever caption, below, in response to our March contest, "It's E-Live!" Mary Shelley, Mel Brooks, and Gene Wilder would all be proud! And thank you, readers, for all the great submissions!     

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Name That Toon: Lucky Charm

A little preconference reconnoitering of upcoming seminars, keynotes, and track sessions makes plotting your days easier. Here's one attendee's list.

San Francisco's Moscone Center will soon be overrun by cybersecurity's biggest conference of the year. Next week, RSAC 2023 will bring together the best and brightest cybersecurity leaders and innovators from around the world to partake in a packed schedule of introductions, meetings, and cocktail parties — not to mention a laundry list of panel sessions led by the biggest names in the industry covering just about every topic in the field.

It can be difficult to decide which sessions to pick out of RSAC 2023's list of 500-plus options. This is why it's important to plan in advance and select sessions strategically.

**My Top Five Picks**

As a founder of an early-stage data security company, I've focused my selection on sessions that will be most useful to my company-building journey. This includes those that might help hone my value propositions and product direction as well as any that could keep me ahead of my field's top trends. After careful consideration, here are my top five picks.

****Achieving Privacy and Data Protection Through Careful Design****

Monday, April 24

**Why you should attend:** This session promises an interactive discussion about privacy-by-design and other solutions that both prevent privacy harm and deliver business value. This underscores a larger trend in enterprise need for security and protection solutions to offer at least one business-related value proposition beyond ROI for risk aversion. I'm hoping that this session will provide new insight into how enterprise data security postures and business needs converge.

****The Perfect Storm: Preparing Today for the Future State of Cloud Security****

Monday, April 24

**Why you should attend:** The CSA Summit is one of RSA's largest events, taking place as a series of sessions over the course of one day. Exploring the themes of resilience, compliance, state of the art, and confidential computing, the summit will cover all angles of the cloud's increasing mission-critical role in keeping businesses productive. Keen on staying ahead of the market, the panel I'm particularly interested in will predict the future threat landscape of cloud security and corresponding enterprise needs. Given that cloud data stores house the majority of today's enterprise data, this is a session data security entrepreneurs can't miss.

****Cyber Defense Matrix Learning Lab****

Thursday, April 27

**Why you should attend:** This session will feature an overview of the Cyber Defense Matrix (CDM) by its creators. The CDM was developed to help cybersecurity leaders better contextualize and organize their security programs. Understanding it can provide direct insight into how cybersecurity customers think as well as the decision-making processes they use. I recommend this session to anyone looking to build a product message that will resonate with their target audience.

****The Path Forward for the United States' Data Security and Privacy Gap****

Wednesday, April 26

**Why you should attend:** In another interactive discussion, attendees will have the opportunity to explore how data security and privacy converge, as well as discover emerging federal compliance trends. Security and privacy are often conflated, and this can cause confusion when it comes to delegating clear risk owners. In addition to discussing updates in federal policies for each field, this session will provide insight into the latest best practice interpretations of their relationship and boundaries.

****Cybersecurity as a Strategic Asset****

Wednesday, April 26

**Why you should attend:** I recommend this session for entrepreneurs who want a look into how cybersecurity actually operates within an organization. This is key to understanding how cybersecurity responsibilities and stakeholders are delegated, as well as how cybersecurity culture forms, to design a seamless integration process for your product.

**Final Thoughts**

In truth, between all the shoulder-rubbing, I believe the audience chair of these sessions is the perfect place to seek refuge for recharging my social battery. These sessions can also be easy opportunities to meet peers who share my interests. I hope these sessions will prove useful and interesting for you, too!

Source

DARKReading