INTERNATIONAL FOUNDATION FORCULTURAL PROPERTY PROTECTION
IFCPP held its 19th Annual Conference, Seminar, & Exhibits October 13-17th in beautiful San Simeon, California. Rob and Steve Layne and their extraordinary staff provided fun activities outside of the conference schedule, including wine tasting at the Heart Ranch Winery and Paso Robles vineyards, networking meals, a paint party at the Cambria Pine Lodge, and tours of the Hearst Castle in San Simeon. The pre-conference program focused on library security and included discussions of how best to protect libraries from theft and vandalism, creating marks of ownership for special collections materials, effects of fire extinguishing agents on library and archive collections, state laws regarding ejecting disruptive patrons, and balancing access and security in library special collections. The conference program was equally rich in content: drones as an emerging threat vector, fine art insurance, Detroit Institute of Art case study in emergency planning, fire suppression systems for cultural properties, security system monitoring and evaluation, customer service, conflict resolution, collaborative collection protection, role of security in slip and fall accidents, and special event security considerations.
The highlight of the conference was the vulnerability assessment exercise performed at the Hearst Castle. District Superintendent for the California State Parks San Luis Obispo District James Grennan, our conference host, assigned attendees to four groups that would explore four of the site’s essential functions: security, fire safety, collections, and IT. Each group spent about 20 minutes with senior Hearst Castle staff who walked each group through the grounds, castle, and houses, as well as some behind-the-scenes such as the Security Command Center, the fire station, and the collections preparation and storage area. Each staff member also discussed their daily routines, concerns, and visions for improving all operational aspects. Attendees met the next day to perform a “hot wash,” led by Mr. Grennan, who discussed the feasibility of several suggestions that were offered. Such exercises are a boon to both conference attendees as well as the host because, a) they are a great way to explore how different cultural properties deploy security, fire, and emergency management best practices, b) they provide a forum to discuss how to improve existing security programs, and c) the host gets to have a fresh set of eyes review its security program.
The IFCPP is currently planning where to celebrate its 20th conference. This excellent program is unique because it focuses solely on cultural property protection and attendees all work for or with cultural properties, which makes for engaging conversation and networking.
Robert Carotenuto, CIPM, CPP, PCI, PSP,
The New York Botanical Garden
Reposted from Workplace Insight
Workers are increasingly introducing technology devices, software and other tools into the workplace without their employer’s approval, claims a new report from NextPlane that examines the extent of this growing rift and its impact on collaboration and productivity. Nearly half of professionals (46 percent) said they or their team have introduced new technology into their workplace, and despite IT attempts to remain in control, workers are not standing down, as 53 percent said they or another team have pushed back on IT or management when they tried to dictate the technology they use.
The report also shows that 73 percent of workers say they’ve been successful in implementing their choice of tech tools. The result is growing tension between IT departments who want to remain in control of security and systems, and employees who want the freedom to choose the technologies they use to do their jobs, and are willing to go around IT to do it.
This growing tech loyalty is leading to business professionals seeking out new tools and technology to not just do their own jobs better, but to help their teams collaborate more effectively. The majority of respondents (63 percent) expressed loyalty to the technology products they use for their job. And it doesn’t stop on an individual level — 42 percent of teams have loyalty to technology products, leading to pushback or straying from policy if the IT-mandated tools don’t mesh with established workflows.
“IT and business professionals are struggling to find common ground when it comes to the technology used at work,” said Farzin Shahidi, CEO of NextPlane. “Legions of teams and workers are introducing their preferred tools, such as team collaboration tools like Slack and Workplace, despite corporate IT policy. This increasing lack of compliance threatens not only the productivity of employees that may be working across different platforms, but the control that IT requires to manage all of a company’s technology securely and efficiently.”
More than one-third (38 percent) of respondents said they would be resistant to IT or management dictating which software or tools they use to do their jobs. This reflects the notion that individuals and teams believe they know how to do their jobs best and should have a say in the tools they use to do their work. In many cases, teams prevail in pushing back on IT to allow their group to use technology of their choice, with 46 percent saying IT made an exception for their team.
Continued Shahidi: “While there are no one-size-fits-all options for all types of technology employees might bring into the workplace, federation is one possible solution that can allow companies to deploy a comprehensive and open collaboration strategy that allows multiple collaboration tools to be used within the same organization,” Shahidi said.
See Original Post
Reposted from Xinhuanet
A formal indictment by state prosecutors has provided the first details of one of the biggest gold heists in German history, the newspaper BILD reported on Thursday.
BILD cited a 68-page-long document listing charges against four individuals who are believed to have stolen the "Big Maple Leaf" gold coin from the Bode-Museum in Berlin in March 2017.
The coin weighs 100 kilograms and is valued at 3.75 million euros, a circumstance which has previously fueled wild media speculation as to how the suspected robbers managed remove it successfully from the exhibition space.
According to the indictment, the heist was a collusion between three members of the notorious Remmo organized crime family in Berlin and Denis W., a security officer working at the museum who acted as their accomplice. Prosecutors believe that the burglars obtained crucial information about the layout of the museum in this fashion, as well as weaknesses in its security infrastructure.
On March 27, 2017, the three Remmo family members placed a ladder against a window of the museum at 3:20 am which had been tampered with beforehand by the accomplice to enable them to break it open easily. From there, the burglars climbed into a changing room located just a few meters away from the cabinet displaying the "Big Maple Leaf". The entry was timed to coincide with a round of the duty security officer in the museum at the time, meaning that the automatic alarm system was on standby.
Having arrived at the display of the massive gold coin with a 53-cm diameter, the three men shattered the glass and lifted the "Big Maple Leaf" back into the changing room where it was hurled out of the museum window onto the tracks of a nearby railway line. They then exited the building and crossed the Spree river flowing outside the Bode-Museum on a railway bridge before escaping with their valuable bounty in a getaway vehicle.
Initially, investigators had few clues as to the identity of the robbers aside from video footage of three hooded individuals from a surveillance camera. However, three undercover policemen independently responded to a call for related information that the heist could be linked to the Remmo clan, a finding which was later confirmed by a DNA analysis of the ladder, ropes, adhesives and parts of an axe left at the scene of the crime.
After the tip-off, police began to surveil the three Remmo men and their accomplice on a running basis. They soon discovered that Denis W. had undergone a remarkable transformation in his standard of living, attempting to purchase a luxury vehicle and spending 11,000 euros for a gold chain in cash amongst others.
The four suspects were arrested by specialized police forces on July 12 last year who discovered gold traces with a purity of 99.999 percent, the same level as that of the "Big Maple Leaf" on their clothing and a Mercedes-Benz vehicle. The coin itself has never been found and is believed to have been broken up into little pieces and sold on.
The four suspects, all of which are registered as unemployed, are currently not in police custody after being released again on bail. There is still no official date for the start of a court trial of the alleged thieves who face up to ten years in prison for their involvement in the heist.
Reposted from FleetOwner
We’ve all seen the headlines about instances of workplace violence perpetrated by a disgruntled current or former employee.
Speaking at a recent NationaLease meeting, Sona Ramirez, a board-certified employment lawyer at Clark Hill Strasburger, provided some detail on the size and scope of the issue:
Faced with those statistics and information on incidents in Florida, Maryland, Texas, Kansas and Virginia to name a few, business owners and managers should start paying attention to some of the behavioral characteristics associated with perpetrators of workplace violence.
Often times there is a precipitating event such as a traumatic event in their personal life, extreme stress, career dilemma or loss of job that triggers the act of violence.
You need to have a crisis management plan in place to try to help prevent instances of workplace violence. This should include background checks, anti-harassment, anti-bullying and anti-retaliation policies in addition to a procedure for filing complaints.
Ramirez told meeting attendees to be proactive in their attempt to curtail workplace violence.
It’s also important to train supervisors and workers to be alert for the warning signs, and to report incidents of threats or unusual behavior. A tip line is one way to do this.
You also should train your employees about the way to respond to an active shooter. Ramirez suggests treating active shooting training the way you would fire or flood training. Training videos by subject matter experts are a good way to impart information and remember to keep training brief, non-alarmist and with the clear message that the goal is to keep employees safe.
The Department of Homeland Security offers active shooter advice that includes run, hide, fight and calling 911 when it is safe to do so. You can engage the services of a security consultant who can provide site-specific training. They typically offer in person training and role-playing drills on how to respond to an active shooter. Online training is also available.
Reposted from Royal Pharmaceutical Society
The president of the Royal Pharmaceutical Society (RPS) has expressed his shock following the “disgraceful” theft of the president’s chain of office from the society’s headquarters in London.
The chain, which is engraved with the names of all past RPS presidents from between 1841 and 1968, was stolen by a lone intruder from a museum cabinet at the RPS’s London headquarters on 11 November 2018. Usually known as the ‘first president’s chain’, there is a second chain that is worn by the current president.
The emergency services were alerted to the theft after the intruder alarm was sounded at 7am.
Amber Butcher, facilities manager at the RPS, said the facilities team attended the site as soon as possible after the alarm to find that two doors leading into the office’s main reception area had been smashed.
“When the police entered they saw that a museum case had been damaged and then when they looked a bit further they saw that the item was missing.”
She added that nothing else from the RPS museum’s collection had been taken.
The chain, which dates from 1901, is comprised of 58 18-carat gold panels.
Ash Soni, president of the RPS, said that although the chain was insured, “things like that are irreplaceable”.
He added: “It’s such a disgrace that it’s the [necklace that was stolen] and [it is] very odd in some ways.
“Of all the things to take from all the various display cabinets, it’s the one thing that’s probably the most recognizable from the RPS perspective because it’s got names of [all past presidents] on it and it’s clearly something which represents the profession. It just seems peculiar.”
Michael Bonne, head of information and facilities at the RPS, added that the police investigation is ongoing with “the primary objective” to recover the chain.
He said: “As with any item in our museum, it is unique and special to the Society and so any loss of this kind is unfortunate and rare.”
Reposted from the Colorado Springs Independent
On July 20, 2012, a former med
student, James Holmes, shot and killed 12 people and injured 70 at the Century 16 movie theater in Aurora.
On June 12, 2016, Omar Mateen sprayed the Pulse nightclub in Orlando with bullets, killing 49 and wounding 53.
On May 22, 2017, Salman Ramadan Abedi set off a bomb in the foyer of London’s Manchester Arena during pop singer Ariana Grande’s concert, killing 23 and wounding 139.
All were carried out in enclosed entertainment venues where people seek enjoyment and a respite from the confusion of an often violent and unpredictable world.
Increasingly, local entertainment venues, mirroring a nationwide trend, are adding new security measures they hope will prevent attacks — such as banning standard purses and bags, and only allowing “clear bags.” But it’s far from certain that having such measures at security checkpoints at venue entrances deters the bad guys. Holmes, for example, entered an exit door, and the bomber in Manchester waited for the concert to end and set off a bomb in the foyer as guests were leaving.
Consider the record of the Transportation Safety Administration. When tested in 2015, the TSA, which guards the nation’s airports, failed to detect contraband, including weapons, 95 percent of the time. The TSA has since beefed up training, including sending all TSA agents through a training academy. But to this day, some argue the agency gears its policies to past terrorist plots (shoe-bomber, anyone?), rather than anticipating a new ruse.
Some security experts say it’s anyone’s guess whether some measures truly protect the public. One of those is Bruce Schneier, an international security expert, author and chief technology officer with IBM Resilient who’s also a fellow at Harvard University. He says the $7 billion spent on the TSA should be reallocated to intelligence, investigations and emergency response.
He also calls the new bag policies at venues “security theater,” adding, “Any search that doesn’t physically embarrass you is not very effective. When you get arrested and get searched by the police, it is invasive. It is embarrassing. That doesn’t happen when you walk into a football stadium.”
But others say the mere presence of a screening program deters would-be attackers. That’s the idea behind so-called “clear bag policies” and similar bans, representatives at local venues that have enacted the rules say. One of those is Colorado College, which has barred large bags from events unless they’re physically checked by security personnel. But director of campus safety Maggie Santos acknowledges the ban isn’t foolproof.
“If we wanted to be absolutely secure, we would put a box on campus and make it secure, but is it a place you want to be?” she asks.
The Broadmoor World Arena allows only see-through bags and hand-sized purses (clutches), a policy that’s evolved as more entertainers and acts ask that bags be forbidden, says Dot Lischick, general manager. She couldn’t point to a specific incident that triggered the ban, but noted several artists who perform at the 8,100-seat center, as well as the Colorado College hockey team, asked the arena to ban large bags.
“NO large bags, backpacks, or purses will be permitted into the venue,” the arena’s website says, noting exceptions include small clutch bags the size of a hand; clear plastic bags and medically necessary items that have been inspected by security.
“The climate of what’s happening in the world, it’s something that’s on everyone’s mind, and it’s becoming more and more of the norm,” Lischick says.
She also says the World Arena uses a metal detector more frequently than it used to, in keeping with advice from experts who consult with venues across the country. Pikes Peak Center, also overseen by Lischick, is moving toward more screenings, although at present, security ramps up only when an artist or event requests it, she says.
The Pepsi Center in Denver bans all oversized bags and backpacks but allows personal-size bags and containers no larger than 14 inches by 14 inches by 6 inches, though they’re subject to search, the center’s website says. It also notes those without bags can use the “No Bag Line,” which moves quicker. The center also boasts it was the first professional venue in Colorado to install “Walk-Through Metal Detectors” as a permanent security practice.
Similarly, Madison Square Gardens “strongly discourages” guests from bringing bags and backpacks, its website says, noting that all bags are subject to screening.
Movie theaters, too, have adopted no-bag policies. As of February 2018, Cinemark, which owns Century 16 theaters, prohibits bags or packages larger than 12 inches by 12 inches by 6 inches, according to its corporate website. But while any bag can be inspected before entry, there’s no methodical checkpoint procedure to screen everyone.
At CC, Santos reports that guests at events at campus venues — such as the Cornerstone, Armstrong and Celeste theaters — can bring in larger bags, but they must be cleared by security before entry.
“As events happen at these large venues, everybody becomes a little more wary,” Santos says.
She admits the strategy wouldn’t intercept every threatening item.
“There is a certain level of security we can provide,” she says. “We can’t stop everything. We’re providing a level of security, not 100 percent security. I’m not going to do strip searches or cavity searches. I’m not going to do that to provide 100 percent security.”
Bucking the trend, except for specific high-profile events, the University of Colorado at Colorado Springs doesn’t have a standard security policy. That means it allows purses and bags at events, says spokesperson Jared Verner. “We have officers from UCCS Police present at most events where we expect crowds, like at the Ent Center and athletic events,” he says via email, “but we’re not screening people as they come in.”
He adds, though, that certain events warrant higher security, including checking bags, such as the 2017 visit by provocateur Milo Yiannopoulos and the visit by then-presidential candidate Donald Trump in 2016.
Some might view the no-bag policy as unfairly targeting women, who tend to carry purses, since there are few female mass shooters.
But as Santos notes, “How do you know she’s not with a shooter? I don’t want to judge who is or who is not going to do something. If you have one rule across the board that protects everybody, that’s the way to go.”
But Schneier, the security expert, says bag policies might “make you feel better but it’s not going to stop the behavior [of a mass shooter].
“Ask any teenager how to smuggle alcohol into a concert,” he says, adding that a hollow “beer belly” can be strapped on and alcohol concealed inside.
In a blog, he notes the U.S. has 5 million commercial buildings. “It’s impossible to defend every place against everything, and it’s impossible to predict which tactic and target terrorists will try next.”
The Performing Arts Readiness (PAR) project is excited to offer two new training opportunities. Crisis Communication and Reputation Management for Performing Arts Organizations is a new free webinar that will be presented on Nov. 27. Emergency Preparedness 101 is a new live class that will be presented in Pittsburgh, Pennsylvania on December 13.
Crisis Communication and Reputation Management reviews elements of strategic communication that are essential before, during, and after crisis events. This webinar examines how your organization can best prepare to respond to a crisis and restore your organizational reputation. More information and the registration form is here.
Emergency Preparedness 101 is a half-day workshop designed for organizations of all sizes with varying years of operation and at all stages of preparedness planning. The session will cover an introduction to disaster and business continuity planning, risk assessment exercises, information on the PAR project, as well as other available resources. This workshop will be held at The Alloy Studios in Pittsburgh, PA and the registration fee is $50. More information and the registration form is here.
Reposted from Campus Safety Magazine
Thermal imaging cameras equipped with onboard video analytics are capable of classifying human or vehicular perimeter intrusions, resulting in fewer false alarms.
The objective of security is to protect people, locations and assets, and for the threats organizations face daily, early detection of potential problems is crucial. Security staff and third-party monitoring providers rely on alerts generated by intrusion detection technologies as the lifeblood of security.
As helpful as these alerts can be, the unfortunate reality is they are often pain points. The number of false alerts from intrusion detection solutions can quickly become overwhelming for central station operators and law enforcement, especially for outdoor monitoring situations. Weather, animals, foliage and other factors can easily generate false positives.
The best approach to mitigate false alarms is to ensure accurate identification, which not only helps identify valid threats but also increases the effectiveness and efficiency of response. The sooner a response can be put into action, the more likely it is that an organization can mitigate or avert a potential risk.
Unfortunately, verification is another major pain point that creates significant challenges for organizations using many of the available intrusion detection technologies, delaying and hindering critical response.
With these issues in mind, it is important security professionals and end users properly evaluate and select technologies that will augment security by reducing the number of false alarms and increasing both detection and identification. This will help ensure responders are only dispatched for true alarms, maximizing resources and streamlining first response efforts.
A burgeoning means to reduce nuisance alarms through accurate intrusion classification and visual alarm assessment is the application of remote monitoring with thermal analytics. Read on to learn why thermal cameras, especially when combined with other security technologies, are fast becoming attractive options for installing security contractors and central stations.
There are a number of technologies typically deployed for intrusion detection, including visible light cameras and motion detection technologies like fence-mounted sensors, microwave and more. While each has its strengths, there are also a number of drawbacks to using any one of these solutions in a standalone capacity.
The main advantage of cameras that create images using visible light, such as conventional surveillance or IR-illuminated cameras, is the images they create are recognizable and easy to interpret. This familiarity makes them a more comfortable choice for end users. However, when it comes to detection, customers face a number of challenges.
The primary drawback to these cameras is their reliance on the amount of available light. In sunshine or a brightly lit scene, visible light cameras perform fairly well. But in shadows, at night or in another situation where lighting is less than ideal, objects can appear faint — if they appear at all.
Another limitation of these cameras is visual contrast. Because they capture only visible light, they can easily be fooled by visual camouflage or situations where similar patterns or colors blend together to obscure people and objects. Similarly, these cameras are also susceptible to being fooled by naturally occurring phenomena such as trees, shadows, animals and other factors.
Traditional motion detection technologies like microwave, radar, fence-mounted sensors and radio-frequency identification (RFID) often fare quite well for detecting potential intrusion. However, as standalone solutions, they are essentially blind compared to surveillance cameras.
For example, when a motion sensor is tripped, security personnel would still require additional information to assess the nature of the alarm, determine whether it is valid, and plan an appropriate response. Without a visual of the scene, there simply is no way to know whether motion on a fence is an intruder, an animal or a tree branch.
Another notable perimeter application technology increasingly deployed across all sectors is thermal imaging. By utilizing thermal cameras, facilities can detect intruders from greater distances regardless of light and environmental factors, giving security forces more time to react and respond.
The reason for this is that thermal imaging cameras don’t suffer the same problems as visible light, IR-illuminated cameras and motion-detection solutions. Thermal cameras clearly “see” the invisible heat that radiates from everything we encounter in our daily lives, creating images from these heat signatures.
This allows thermal imaging to provide clear visuals in complete darkness. And because thermal radiation can penetrate visible barriers like smoke, dust, fog and other phenomena, thermal imaging is largely immune to their presence. For these reasons, thermal imaging is one of the most effective 24/7 surveillance technologies available today.
For example, an intruder located in a densely wooded area would be difficult to detect using a visible light or IR-illuminated camera. With a thermal imaging camera, on the other hand, the person would be clearly visible because of their heat signature.
Thermal security cameras let people see what their eyes can’t: invisible heat radiation either emitted or reflected by all objects, regardless of lighting conditions. Because they see heat, not light, thermal cameras are effective tools in any security setting. They can easily detect intruders and other potential hazards in any weather, as well as day and night.
Reposted from The Guardian
The Vatican Museums are considering putting a cap on visitor numbers amid fears among tour guides that overcrowding could provoke a stampede unless security policy is changed.
The museums, a sprawling structure of 54 galleries containing a vast collection of treasures gathered by pontiffs over the centuries, draw in more than 6 million people a year. But unlike other major Rome landmarks, such as the Colosseum, they currently have no daily limit on visitors.
Speaking to the Guardian on condition of anonymity, tour guides claimed that at least 10 visitors fainted each day as slow-moving crowds filed through the long and narrow corridor that leads to the most popular attraction, the Sistine Chapel, while others have suffered injuries and panic attacks. One visitor was saved by a guard after having a heart attack in February.
The tour guides, who each pay €250 a year for a licence to work there, say conditions are most perilous during peak summer season, when visitor numbers can swell to more than 30,000 a day and temperatures reach as high as 40C. Only the Sistine Chapel has air conditioning.
The building contains a number of emergency exits, but there are only two along the mile-long Sistine Chapel passageway – one at either end.
“The situation is slowly getting back to normal as the high season is over, but from March to October, it is hellish,” said one of the guides.
“Safety is the main problem, because when inside you feel completely trapped, you can barely see your feet. Crowds are one of the most dangerous things; look at what happened in Mecca. It might never happen at the Vatican, but then again it might. That’s what scares me.”
About 3,000 guides work at the museums. Another said she fainted last year and broke her foot. “It’s dangerous for the tourists, for the patrimony and for us,” she added. The same guide looked into suing the Vatican, but lawyers told her it was impossible due to the state having its own set of rules surrounding building security.
In response to the claims, Barbara Jatta, who Pope Francis appointed as director of the museums in late 2016, told the Guardian: “Together with the Vatican governorate, we are strongly working towards fixing the right number from 2019.”
Jatta added that a Spanish firm had been hired to improve the ticketing system and security measures, while work on extending air conditioning to the Raphael Rooms and Borgia Apartments would begin in November. There are also plans to open a second entrance to ease congestion and to extend opening hours on the busiest days of the year. An extra 20 custodians have been hired, enabling previously closed-off galleries to open, while tour guides receive training, with the emphasis on them steering their customers towards lesser-known parts of the complex, such as the Gregorian Etruscan Museum, which will be reachable by elevator from Christmas.
“There are seven miles of corridors – I would advise the guides to take people somewhere instead of the Sistine Chapel,” said Jatta.
But this is the first hint of the Vatican governorate showing serious signs of limiting the number of visitors to its biggest earner. The museums bring in an estimated €100m (£88m) a year, of which half goes to the Vatican state.
The museums also represent the Catholic faith, and the church has in the past been reluctant to close the door to pilgrims who may have traveled to Rome from poorer countries on a once-in-a-lifetime trip, but without booking tickets in advance online. A regular ticket costs €17-€20, while a guided tour that lasts three to four hours is around €70. Private tours can be taken an hour before the museum opens for around €400 per person.
Museum custodians have also complained about safety conditions, writing a letter expressing their concerns to the Vatican’s governorate in 2016.
“They were reprimanded,” said a source at a tourism association in Rome. “At the Vatican Museums the problem is scandalous, but it’s not like situations in Italy where one can protest. We have asked several times for things to change, but they say they have their rules, and so they decide.”
Visitor numbers rose rapidly from 2011 alongside the growth in mass tourism. Antonio Paolucci, the previous director, determined 6 million a year as the upper limit and suggested a cap if the situation became intolerable.
Jatta recognises the huge challenge of ensuring a safe and enjoyable experience for all and protecting the art works from the dust, humidity and perspiration that comes with millions of visitors a year, but also the difficulty of improving conditions in a centuries-old building.
“I understand how difficult it is for tour guides but all our efforts are focused on giving them the best [conditions] in the museums, as it’s also in my interest that they work well and securely,” she said. “We are strongly working towards this.”
Reposted from MIT News
On March 22, the city of Atlanta was hit by cyberattackers who locked city-wide systems and demanded a bitcoin ransom. Many city systems still have not recovered, and the cost to taxpayers may have reached as high as $17 million.
Also in March, the U.S. Department of Justice indicted nine Iranian hackers over an alleged spree of attacks on more than 300 universities in the United States and abroad. The hackers stole 31 terabytes of data, estimated to be worth $3 billion in intellectual property.
And recently engineers at Facebook detected the biggest security breach in Facebook's history. It took the company 11 days to stop it.
The FBI reports that more than 4,000 ransomware attacks occur daily. Large private sector companies routinely grapple with cybersecurity and fending off cybercrime, and corporate security isn't getting better fast enough. Cyber risk has emerged as a significant threat to the financial system: A recent IMF study suggests that average annual losses to financial institutions from cyber-attacks could reach a few hundred billion dollars a year, potentially threatening financial stability. Hacker attacks on critical infrastructure are already alarming, and the security of our cyber-physical infrastructure — the computer-controlled facilities that produce and deliver our energy, water, and communications, for example — are dangerously exposed.
This imminent danger is the subject of study by Stuart Madnick, founding director of the Cybersecurity at MIT Sloan Initiative. In a recent article for The Wall Street Journal, Madnick warned of weakest link in the defense against cyberattacks: people.
“Too many companies are making it easy for the attackers to succeed,” Madnick writes. “An analogy that I often use is this: You can get a stronger lock for your door, but if you are still leaving the key under your mat, are you really any more secure?”
In today’s landscape of escalating cybercrime, resiliency calls for a new kind of leadership and cybersafe culture, requiring the active engagement of both technical and non-technical management. This holistic approach is all the more urgent given the shortage of cybersecurity personnel; in the U.S. alone, 1 to 2 million cyber security analyst roles will go unfilled this year. This holistic approach is the focus of a new MIT Sloan Executive Education program taught by Stuart Madnick and his colleagues Keri Pearlson and Michael Seigel: Cybersecurity Leadership for Non-Technical Executives.
Cybersecurity issues are not purely a technology problem — they are multi-headed hydras that need to be addressed with a multi-disciplinary approach. This timely new program provides general managers with frameworks and best practices for managing cybersecurity-related risk. It also addresses the element common among many of the attacks that strike organizations every day — in particular, attacks that start as phishing or “spearphishing” emails. They rely on people falling for them.
“Such gullibility … is the result of a cyberculture where people are willing to share all kinds of information and try new things all the time,” writes Madnick in his recent WSJ article. “There are lots of good things about that, but also much that is dangerous. So now is the time for companies and institutions to change that culture. It won’t be easy, and it will take some time. But it’s crucial if we want our companies and information to be safe from cybertheft. We have to start now, and we have to do it right.”
The first session of Cybersecurity Leadership for Non-Technical Executives will occur Nov. 6-7.. The program will be offered again in April and July of 2019.
ConferenceMembershipTraining & Certification
TRAINING & EVENTS
1305 Krameria, Unit H-129, Denver, CO 80220 Local: 303.322.9667
Copyright © 2015 - 2018 International Foundation for Cultural Property Protection. All Rights Reserved