Summary7 min read

CyberWire Daily – October 27, 2025

Episode: The UN’s Big Push for Global Cybercrime Rules
Host: Dave Bittner (N2K Networks)
Special Guest: Tim Starks (CyberScoop)

Episode Overview

This episode spotlights the United Nations’ landmark launch of the world’s first global treaty to combat cybercrime, analyzing its aims, controversies, and potential impact. The show also covers several major security incidents, regulatory developments, and business news in the cybersecurity sector. Special guest Tim Starks of CyberScoop joins for a deep dive into U.S. cyber policy setbacks, CISA budget cuts, and weaknesses in federal defensive programs. The show closes with a look at Meta’s privacy dilemma with stealth-modified Ray-Ban smart glasses.

Key Discussion Points & Insights

1. The UN’s Global Cybercrime Treaty [00:39]

The United Nations introduced the first-ever global treaty to fight cybercrime, signed by 72 nations.
- Goals:
  - Enhance cybercrime prevention, international cooperation, and capacity building, especially in developing countries.
  - Facilitate cross-border sharing of digital evidence.
- Controversy:
  - Civil society organizations (EFF, Human Rights Watch, Privacy International) warn the treaty grants excessive surveillance powers with insufficient rights safeguards.
  - Even industry (Cisco) expresses fears it could erode the rule of law.
- Next Steps:
  - The treaty requires ratification before coming into force.
  - Full list of signatories remains unpublished.
- Quote:
“US Secretary General Antonio Guterres called the signing an important milestone towards safer digital spaces, highlighting the treaty’s mechanisms for cross-border sharing of digital evidence.” [01:33]

2. Major Security Incidents

- House Democrats Job Portal Leak [02:20]:
  - An open database linked to the DomeWatch site for House Democrats exposed sensitive info of 450+ people with top-secret clearances and about 7,000 job applicants.
  - Data included names, contact info, clearance levels—potential goldmine for espionage.
  - Vendor error. Investigation ongoing.
  - Quote:
  “The incident highlights ongoing risks from poorly secured online databases and their potential use in espionage or social engineering.” [03:00]
- Massive Data Leak: Synthient Breach [03:35]:
  - 183 million emails and passwords exposed (3.5TB of data), some new to HaveIBeenPwned and verified by users.
  - Prompt for mass password changes and reminders to avoid reuse.
  “Experts urge password changes and avoiding reuse across accounts.” [04:22]
- Discord Malware Abuse: RedTiger Toolkit [04:30]:
  - Open-source red teaming tool used to deploy info-stealers targeting Discord users (mainly in France).
  - Steals credentials, payment info, crypto wallets, even screenshots/webcam images.
  - Urgent advice: avoid unofficial downloads, enable MFA.
  “The malware uses anti-sandbox features and flood systems with fake processes to hinder analysis.” [05:10]
- WordPress Plugin Exploits [05:32]:
  - Millions of attack attempts exploiting older vulnerabilities in Gutenkit and Hunk Companion plugins.
  - Attackers distribute backdoored fake plugin via GitHub, risk for outdated websites.
- Gloversville, NY Ransomware Attack [06:10]:
  - Attackers demanded $300,000; city negotiated ransom down to $150,000.
  - Exposed city workers' personal data; federal investigation ongoing.
- Yale New Haven Health Ransomware Breach [08:05]:
  - $18 million class-action settlement over breach affecting 5.6 million.
  - Patients eligible for compensation; security improvements mandated.

3. Industry Analysis: AI and Future of Cybersecurity

Jen Easterly’s Vision [07:07]:

AI could “make cybersecurity obsolete” by eradicating buggy code that allows for most attacks (“secure by design”).
Attacker and defender arms race: AI makes malware stealthier but also vulnerability discovery faster.
- Quote:
“The real issue isn’t cyberattacks themselves, but poor software quality… The industry must demand accountability from software vendors to fix systemic weaknesses at their source.” [07:39 - paraphrased]
Critique of glamorizing hackers, emphasis that most breaches still exploit “long known flaws like SQL injection and memory unsafe code.”

4. Business Brief: Market Momentum [09:15]

- Major mergers and acquisitions:
  - Veeam acquires Security AI for $1.7B
  - Dataminer acquires Threat Connect for $290M
  - AuditBoard buys FairNow; Imprivata buys Verosynt; Panther acquires Databull
  - Several investment rounds signal continued AI-driven cyber innovation (CoreStack, Kycard, Conceal, Cyberverse, etc.)

5. Deep Dive Interview: Tim Starks of CyberScoop on U.S. Cyber Strategy [14:40]

The Cyberspace Solarium Commission – Warnings of Backsliding

- For the first time, CSC “2.0” report finds U.S. cyber posture declining.
- Chief causes:
  - Trump-era and ongoing cuts to CISA budgets, State Department cyber offices
  - Growing tech complexity
“This is the first time they backtracked. And one of the reasons was Trump administration budget cuts… another was a sort of a vague mention of technology just getting more complicated…” – Tim Starks [15:14]
- Recommendations: restore funding, empower the National Cyber Director, re-centralize cyber leadership.

CISA’s CDM Program Under Scrutiny

- F5 vulnerability emergency spotlighted gaps in Continuous Diagnostics and Mitigation.
“CDM’s not very good at detecting the areas where F5 products live… it’s a knock on the program, I think. And to their credit, they’re aware that this is a problem and they're trying to fix it.” – Tim Starks [17:09]
- CDM excels at tracking core infrastructure, less adept at device/edge coverage.
- Congressional concern (Rep. Chantel Brown) over impact of cuts on programs’ effectiveness:
“She said, I’m a supporter of CDM, but I’m worried that… like other parts of CISA… seeing their budgets cut, that's going to be bad news…” [18:44]
- Shutdown and ongoing cuts slow cyber progress; CISA remains confident but concerns persist.

Lighter Moment

“I don't want our defenders to be under-caffeinated, Tim.” – Dave Bittner [20:44]
“They're running on that and Adderall and all sorts of things. So we need to get all their supplies…” – Tim Starks [21:03]

6. Privacy Moment: Meta’s Smart Glasses ‘Go Dark’ [21:35]

- Ray-Ban smart glasses’ privacy LED easily defeated; modders sell $60 “stealth” editions—no visible light when filming.
- Stickers to block the light also being sold.
- Meta calls this a “violation of terms of service,” but little deterrent effect.
“The craftsmanship is impressive if you overlook the whole ethics thing. Meta, for its part, sternly reminded everyone that disabling the light violates its terms of service. A terrifying deterrent, surely.” [21:44]
- Raises further questions about surveillance, privacy norms in wearable tech.

Notable Quotes & Memorable Moments

| Timestamp | Speaker | Quote | |------------|----------------|-------| | 01:33 | Host | “US Secretary General Antonio Guterres called the signing an important milestone towards safer digital spaces, highlighting the treaty’s mechanisms for cross-border sharing of digital evidence.”| | 07:39 | Jen Easterly | “The real issue isn’t cyberattacks themselves, but poor software quality… The industry must demand accountability from software vendors to fix systemic weaknesses at their source.”| | 15:14 | Tim Starks | “This is the first time they backtracked. And one of the reasons was Trump administration budget cuts… another was a sort of a vague mention of technology just getting more complicated…”| | 17:09 | Tim Starks | “CDM’s not very good at detecting the areas where F5 products live… it’s a knock on the program, I think. And to their credit, they’re aware that this is a problem and they're trying to fix it.”| | 18:44 | Tim Starks | “She said, I’m a supporter of CDM, but I’m worried that… like other parts of CISA… seeing their budgets cut, that's going to be bad news…”| | 20:44 | Dave Bittner | “I don't want our defenders to be under-caffeinated, Tim.”| | 21:03 | Tim Starks | “They're running on that and Adderall and all sorts of things. So we need to get all their supplies…”| | 21:44 | Host | “The craftsmanship is impressive if you overlook the whole ethics thing. Meta, for its part, sternly reminded everyone that disabling the light violates its terms of service. A terrifying deterrent, surely.”|

Timestamps for Major Segments

UN Cybercrime Treaty: [00:39–02:20]
Data Breaches & Leaks: [02:20–06:47]
Jen Easterly on AI Security Future: [07:07–08:05]
Yale New Haven Health Breach Settlement: [08:05–09:15]
Cybersecurity Business Brief: [09:15–14:40]
Tim Starks Interview: U.S. Cyber Setbacks: [14:40–21:17]
Meta Smart Glasses Privacy Flap: [21:35–23:00]

Conclusion

This episode delivers a sweeping update on global cyber policy, urgent security challenges, and the shifting landscape of digital risk. The UN’s cybercrime treaty could reshape global digital law enforcement—if it can address tough questions of rights and oversight. Meanwhile, persistent vulnerabilities and shrinking US government cyber resources signal the ongoing complexity, urgency, and stakes of cybersecurity in 2025. The episode’s tone—wry, data-driven, and candid—mirrors the gravity and absurdities in today’s cyber domain.

Loading summary

Transcript17 lines

[00:02]
A
You're listening to the Cyberwire Network powered by N2K. Risk and compliance shouldn't slow your business down. Hyperproof helps you automate controls, integrate real time risk workflows and build a centralized system of trust so your teams can focus on growth, not spreadsheets. From faster audits to stronger stakeholder confidence, Hyperproof gives you the business advantage of Smarter compliance. Visit www.hyperproof.IO to see how leading teams are transforming their GRC programs. At talas, they know cybersecurity can be tough and you can't protect everything. But with talas, you can secure what matter most. With Thales industry leading platforms, you can protect critical applications, data and identities anywhere and at scale with the highest roi. That's why the most trusted brands and largest banks, retailers and healthcare companies in the world rely on Thales to protect what matters most applications, data and identity. That's Thales T H A L E S learn more@thalesgroup.com cyber the UN launches the world's first global treaty to combat cybercrime A House Democrats job portal left security clearance data exposed online A new Data leak exposes 183 million email addresses and passwords. Threat actors target discord users with an open source Red Team toolkit. A new campaign targets unpatched WordPress plugins. The city of Gloversville, New York suffers a ransomware attack. Jen Easterly hopes AI could eliminate the buggy software that fuels cybercrime. A Connecticut health system agrees to an $18 million settlement following a ransomware attack. We got Monday's business brief. Tim Starks from Cyberscoop discusses concerns over budget cuts and visibility and Meta's privacy safeguard goes foreign October 27, 2025 I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It's great to have you with us. The United nations has launched the world's first global treaty to combat cybercrime, with 72 nations signing the new Convention against Cybercrime at a ceremony on Saturday. The agreement, five years in the making, aims to improve prevention, cooperation and capacity building to fight online crime, particularly in developing countries. However, critics warn the treaty could undermine human rights. Groups including the Electronic Frontier Foundation, Human Rights Watch and Privacy International argue it grants overly broad surveillance powers without sufficient safeguards. Even Cisco has voiced concerns that the convention risks eroding the rule of law. Despite these objections, US Secretary General Antonio Guterres called the signing an important milestone towards safer digital spaces, highlighting the treaty's mechanisms for cross border sharing of digital evidence. Still, the agreement won't take effect until countries ratify it, and the UN has yet to publish a full list of signatories. An unsecured database connected to DomeWatch, a website managed by U.S. house Democrats, exposed the personal details of more than 450 individuals holding top secret security clearances, according to research shared with Wired. The database contained Data on about 7,000 job applicants, including names, contact details, military service clearance levels and political affiliations. It was discovered in late September by an independent security researcher and secured within hours after being reported. While resumes were not included, experts warn the data set could be a goldmine for foreign intelligence or cybercriminals seeking to target government personnel. House officials say an outside vendor was responsible, and a full investigation is underway. The incident highlights ongoing risks from poorly secured online databases and their potential use in espionage or social engineering. A new data Leak has exposed 183 million email addresses and passwords just months after another massive breach. Security researcher Troy Hunt, founder of have I Been Pwned? Says the data, about three and a half terabytes and 23 billion rows, came from threat intelligence firm Synthient and included stolen Gmail logins and website credentials. Hunt found 8% of the entries were new, adding 16 million previously unseen addresses. Have I Been Pwned? Verified some records with affected users. Experts urge password changes and avoiding reuse across accounts. Threat actors are abusing the open source Redtiger Red Team toolkit to deploy an infostealer targeting discord users primarily in France, according to netscope. Originally built for penetration testing, Red Tiger includes network scanning, password cracking and malware building features. Attackers compiled it into standalone executables disguised as gaming or discord apps. Once installed, the malware steals Discord credentials, payment details, browser passwords, crypto wallets and game data while capturing screenshots and webcam images. Stolen data is uploaded to GoFile and sent to attackers via Discord webhooks. The malware uses anti sandbox features and flood systems with fake processes to hinder analysis. Security experts urge users to avoid unofficial downloads, revoke discord tokens, and enable multi factor authentication if compromise is suspected. A new campaign is exploiting three critical vulnerabilities in the Gutenkit and hunk companion WordPress plugins, according to Defiant. Since October 8, over 9 million exploit attempts have been blocked. The flaws allow unauthenticated attackers to upload malicious files, install rogue plugins, and achieve remote code execution. Attackers are distributing a fake plugin via GitHub containing backdoors and persistence scripts, despite patches released over a year ago. The campaign highlights ongoing risks for outdated WordPress sites. The city of Gloversville, N.Y. suffered a ransomware attack in March that exposed personal and payroll information of current and former employees. Officials say the attackers, believed to be from eastern Europe, demanded $300,000 for the stolen data. After hiring consultants, the City negotiated a $150,000 payment for its return. The incident was reported to the FBI, state police and dhs. Federal investigators are now working to identify the attackers and recover the ransom funds. Former CISA Director Jen Easterly says artificial intelligence could eventually make cybersecurity obsolete by eliminating the buggy software that fuels cybercrime. Speaking at Audit Board's user conference in San Diego, Easterly argued that the real issue isn't cyberattacks themselves, but poor software quality driven by vendors prioritizing speed and cost over safety. She said AI is already improving attackers tools, creating stealthier malware and targeted phishing, but can also help defenders rapidly identify and fix vulnerabilities. Easterly believes a secure by design approach supported by the White House's AI Action Plan could tip the balance toward defenders and make breaches rare exceptions rather than expected events. She criticized the glamorization of hackers and stressed that most attacks still exploit long known flaws like SQL injection and memory unsafe code. Her core message? The industry must demand accountability from software vendors to fix systemic weaknesses at their source. Yale New Haven Health System will pay $18 million to settle a class action lawsuit over a March 2025 ransomware attack that compromised data from nearly 5.6 million individuals, the largest reported US healthcare breach so far this year. The attack exposed patient information such as names, birth dates and Social Security numbers, but did not affect medical records or payment data. The settlement, preliminarily approved by a federal court, offers victims up to $5,000 for documented losses or an alternative $100 payment plus two years of medical data monitoring. Class counsel will receive one third of the fund in legal fees. The health system also agreed to strengthen its cybersecurity controls. The breach was discovered March 8 and reported to regulators a month later. A final settlement hearing is scheduled for March 3, 2026. In our Monday business brief, the cybersecurity and data resilience sector saw major merger and investment activity last week. Veeam announced a $1.7 billion acquisition of Security AI, integrating data security posture management into its resilience platform. Dataminer will acquire Threat Connect for $290 million, combining internal and external threat data for real time intelligence. Other notable deals include audit board acquiring FairNow to expand AI governance improvata buying Verosynt for healthcare identity threat detection and Panther acquiring Databull to enhance its AI SOC platform. Meanwhile, Riveron, Early Health Group and Main Capital Partners also completed strategic acquisitions. On the investment front, core stack raised $50 million to fuel cloud governance growth. Kycard emerged from stealth with $38 million and basis theory, de facto and onelayer raised over $25 million each. Startups including Conceal, Gravwell, Luxquanta and Cyberverse also secured new funding, signaling continued momentum in AI driven cybersecurity innovation. Be sure to check out our complete business brief on our website, part of Cyberwire. Coming up after the break, Tim Starks from cyberscoop discusses concerns over budget cuts and visibility and Meta's privacy safeguard goes dark. Stay with us. And now a word from our sponsor, Threat Locker, the powerful zero Trust enterprise solution that stops ransomware in its tracks. Allowlisting is a deny by default software that makes application control simple and fast. Ring Fencing is an application containment strategy, ensuring apps can only access the files, registry keys, network resources and other applications they truly need to function. Shut out cybercriminals with world class endpoint protection from Threat locker. What's your 2am Security worry? Is it do I have the right controls in place? Maybe Are my vendors secure or the one that really keeps you up at night? How do I get out from under these old tools and manual processes? That's where Vanta comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data and simplifies your security at scale. And it fits right into your workflows. Using AI to streamline evidence collection, flag risks, and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently, and finally get back to sleep. Get started@vanta.com cyber that's v a n t a dot com cyber once again, it is my pleasure to welcome to the show Tim Starks. He is a senior reporter at cyberscoop. Tim, you had a couple of stories over on cyberscoop I want to discuss today. The first was some information from the Cyberspace Solarium Commission. They're saying that perhaps the US Needs to up our game a little bit. What's going on here? Tim?
[14:41]
B
Yeah, I'd say they went even a little further than that in what they said. So the Cyberspace Solarium Commission was a big deal. Bipartisan commission created by Congress that recommended a lot of things that have become policy and structures in our government these days. And one of them is the creation of the National Cyber Director. So there were a few things that were noteworthy about this. The CSC 2.0, which has kind of been the organization keeping track of how the Surveillance Commission recommendations are going for the first time ever in the five years they've been doing these reports, said actually we're getting worse on cyber. Every other thing they'd looked at, they said, we're looking at the implementation of the recommendations. All of them had ticked upward for the most part or stayed level at worst. So this is the first time they backtracked. And one of the reasons was Trump administration budget cuts. Another was a sort of a vague mention of technology just getting more complicated, that there was a transition at all. They said that maybe there wasn't that surprising, that there was some change that could be negative. But that was the surprising part of the report and the part where they talked about upping the game, which was what your question was. They had a series of recommendations. One of them was to increase the power of the Office of the National Cyber Director, restore some of the cuts that have been happening in this administration to cisa. The way they've broken up some State Department offices that were focused on cyber. A few recommendations of note that stood out to me.
[16:04]
A
Yeah, it's hard to imagine the cuts to CISA and other agencies, but really to CISA primarily is not playing a part of this. I mean, there's just been so deeply cut there.
[16:17]
B
Yeah, they've cut it. You know, by all credible estimates, at least a third. That was something they proposed in their budget, but it turns out they'd already done most of it. And every, every. It feels like almost every day, every week there are more stories about more things they're cutting. So it doesn't even seem like they're done getting rid of massive parts of the. Of the agency.
[16:36]
A
Yeah. Another story you posted, this is about the recent vulnerability with F5 and highlighting some weaknesses in DHS's CDM program. Can you describe that for us?
[16:50]
B
Yeah, this one was a little bit of a deeper dive. What happened was my editor said, okay, this F5 vulnerability, the cybersecurity vendor F5, that announced that they'd been infiltrated by nation state hackers for a lengthy period of time. There was an emergency directive that CISA put out last week, the week before, and said, hey, if you're a federal agency, you need to shore this up now. And one of the things that stood out to my editor was like, they were saying as part of this emergency directive, they were going to find out where F5 was. Well, he was like, what? Isn't that what Continuous Diagnostics and Mitigation is supposed to be doing? Isn't that the thing we spent billions of dollars on? Isn't that the point of that program? And I poked around and started hearing that, yeah, it is part of the point of the program. But this is a part of the program that it's not very good at. That CDM is not very good at detecting the areas where F5 products live. You know, one person, Matt Hartman, who was a former CISA official who is now in the private sector, said their stuff kind of lives in these DMZs, these demilitarized zones between that CDM is good at identifying. I mean, that, you know, identifying the cybersecurity posture of federal agencies is one of its main four goals. So the fact that CDM is good at keeping track of actual hardware, computers, servers, that's a good news story for cdm, but the fact that it's not capable of doing these kinds of things is a knock on the program, I think. And to their credit, they're aware that this is a problem and they're trying to fix it. But there's the speed at which government moves and there's the speed at which technology moves. And I don't think people were envisioning that CDM would have a big role doing this, keeping track of these edge devices back when CDM was created more than a decade ago.
[18:31]
A
Is there any reaction to this? Are folks saying, again, more attention needs to be paid here? Or are people saying, hey, this is the. The pace at which we operate at, and given the budget we have, this is where we are.
[18:45]
B
I think that there's a certain amount of understanding from the people I spoke to that this could take some time. That doesn't mean they weren't critical of it. It means, you know, this is a problem. They say it's a problem, and they say. They say they're glad SIS is aware it's a problem. The one kind of voice of concern that we got, and this ties back to the earlier, earlier story that we were talking about, was from Congresswoman Chantel Brown, who's the top Democrat on the House Oversight Cybersecurity Subcommittee. She said, I'm a supporter of cdm, but I'm worried that cdm, like other parts of CISA, that are seeing their budget cut, that's going to be Bad news for this program. So she's going to be watching that closely.
[19:24]
A
Is there a general sense among folks in government? I mean, well, we're in the middle of a government shutdown. People are getting cuts. Shocker. That things might not be going as well as perhaps people had hoped for. But like you said, I mean, the Solarium Commission had us heading in the right direction for many years, and now, by their account, we're not. How are people reacting to that on the Hill?
[19:53]
B
There is some concern on the Hill about the shutdown and its impact on cyber operations. I do think one of the areas where the government is on a little safer ground because a lot of the IT teams are considered essential workers. That maybe an emergency directive like this isn't going to be as much of a concern. And certainly cisa's viewpoint was, no, we'll be fine. We'll be able to take care of this. The shutdown is going to impact this. It's hard to imagine it not having any impact at all, though. I mean, there are people who are furloughed who work on these things, even if the majority of them are not. And the Hill. What I was hearing from, not just the people I quoted in the story, but other people, is that the shutdown, it's not great for cisa. During this time, they've been apparently cutting more people. Some significant percentage of the agency is furloughed. So there is concern about the work that they should be doing not being able to get it done for two reasons, the shutdown and the cuts.
[20:44]
A
Yeah, I have to think about some of the other implications here. My son has a friend who works at the Starbucks on base at nsa and she has not gone into work for a couple weeks now. I don't want our defenders to be under caffeinated, Tim.
[21:00]
B
No.
[21:01]
A
God, no. Right.
[21:04]
B
They're running on that and Adderall and all sorts of things. So we need to get all their supplies to keep our.
[21:10]
A
That's right, keep them properly dosed. Tim Starks is senior reporter at cyberscoop. Tim, thanks so much for joining us.
[21:18]
B
Thanks.
[21:36]
A
And finally, Meta's Ray Ban smart glasses were supposed to make recording your surroundings less creepy, a goal achieved, at least in theory, by adding a little LED that lights up whenever you're filming. Unfortunately, some enterprising hobbyists have decided that privacy lights are for amateurs. As 404Media reports one modder has been selling $60 stealth editions of the glasses. No LED, no warning, just effortless covert recording. The craftsmanship is impressive if you overlook the whole ethics thing. Meta, for its part, sternly reminded everyone that disabling the light violates its terms of service. A terrifying deterrent, surely. Still, for those who'd rather not risk an ebay purchase, Amazon now sells sticker packs for covering the light entirely. So if Zuckerberg's ideal social experience involves quietly filming your friends, the future has never looked brighter or dimmer. And that's the Cyberwire for links to all of today's stories, check out our daily briefing@thethecyberwire.com don't forget to check out the Grumpy Old Geeks podcast, where I contribute to a regular segment on Jason and Brian's show. Every week you can find Grumpy Old Geeks, where all the fine podcasts are listed. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Aibin. Peter Kilby is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Cyber Innovation Day is the premier event for cyber startups, researchers and top VC firms building trust into tomorrow's digital world. Kick off the day with unfiltered insights and panels on securing tomorrow's technology. In the afternoon, the 8th annual DataTribe Challenge takes center stage as elite startups pitch for exposure, acceleration and funding. The Innovation Expo runs all day, connecting founders, investors and researchers around breakthroughs in cybersecurity. It all happens November 4th in Washington, D.C. discover the startups building the future of cyber. Learn more@cid.datatribe.com.