Menu
Log in


INTERNATIONAL FOUNDATION FOR
CULTURAL PROPERTY PROTECTION

Log in

News


<< First  < Prev   1   2   3   4   5   ...   Next >  Last >> 
  • March 12, 2024 4:38 PM | Rob Layne (Administrator)

    On behalf of the Yale University Library Security Department, we are excited to announce this year’s Security Week programming from Monday, March 11th – Friday, March 15th.  This year’s Security Week is an eclectic mix of safety and security information, emergency preparation, cultural properties presentation, tours, management tools, and other topics of interest.  We have a couple of details to confirm but we wanted to send the most current information so staff can start to plan their calendar for the week.  Zoom links and/or locations are attached for each session. 

    Please forward these events to anyone you feel would be interested in attending.  We will also send out presentation reminders and presenter bios each morning during Security Week. 

    Looking forward to seeing you during this year’s events!

    Monday, March 11, 2024

    9 am – 9:45 am-- "…in the arena" after Theodore Roosevelt’s "Man in the Arena"— https://yale.zoom.us/j/93274556293

    Jamila Beasley, Collections Security Manager Boston Public Library

    The platform for her professional approach is a simple one...be clear, concise, consistent, and kind...and get the job done.

    10 am – 10:45 am--Trending Now: Security Threats & Mitigations—  https://yale.zoom.us/j/91276175179

    Michael-John Waite, Sr. Associate, Enterprise Security & Risk Management for Thornton Tomasetti

    This presentation will explore emerging security threats and examine the best methods for identification, response, and recovery. The presentation will also highlight best practices for Threat, Vulnerability, and Risk Assessments (TVRAs), Active Assailant Awareness, and Social Media Threat Monitoring.

    11 am – 11:45 am— Exploring Elegance: A Tour of the Yale University Art Gallery's Hume American Furniture Study Center—  https://yale.zoom.us/j/94766251011

    Eric Litke, Curatorial Assistant Yale University Art Gallery

    Join curatorial assistant Eric Litke as he provides a captivating overview and tour of the Yale Art Gallery’s Hume American Furniture Study Center at West Campus. Viewers will be introduced to some of the fine details, craftsmanship, and history behind Colonial and Federal-era furniture from Yale’s renowned Mabel Brady Garvan Collection, as well as more contemporary highlights from the nearly 1000 objects on view in this public study center.

    12 noon – 1 pm—Heidi the Therapy Dog, Sterling Library Nave with Rich Simons Yale Public Safety

    Come meet Heidi, Yale’s therapy dog, and pet your troubles away!  Heidi will be at a different library location each day.

    1 pm – 1:45 pm—Harmonizing Teams: Leveraging the DISC Assessment for Enhanced Communication and Collaboration—  https://yale.zoom.us/j/97348181766

    Stephanie McKenna, Protection Services Manager Crystal Bridges Museum of American Art

    The presentation will focus on utilizing the DISC assessment tool to enhance team dynamics and communication. It will cover how understanding different personality types (Dominance, Influence, Steadiness, and Conscientiousness) can aid in fostering better collaboration, resolving conflicts, and improving overall team effectiveness. The session will include practical strategies for leveraging DISC insights to promote a more cohesive and productive work environment.

    2 pm – 2:45 pm—Ensuring Event Safety: Key Considerations for Risk Mitigation at Your Facility—  https://yale.zoom.us/j/96172437209

    Ascanio Odorico, AVP Security & Risk Management Royal Ontario Museum

    This talk explores essential factors to consider when hosting an event at your facility, focusing on a robust risk mitigation strategy. From identifying potential hazards to implementing safety measures, attendees will gain insights on how to prioritize safety and security to ensure successful and incident-free events.

    Tuesday, March 12, 2024

    9 am – 9:45 am—Fire System Discussion—  https://yale.zoom.us/j/92264749884

    Jack Reese, Sr. Life Safety Specialist Nationwide Security Corp

    Join us for an engaging discussion on fire safety systems, where we delve into the importance of fire prevention measures, the latest technologies in fire detection and suppression, and effective strategies for creating a safer environment. Discover key insights and best practices to protect lives and property from the risk of fire hazards.

    10 am – 10:45 am-- Threat Management: The New Standard in Active Shooter Prevention—  https://yale.zoom.us/j/93990570454

    Tim Keck, Consultant Safe Haven Security

    Mass shootings have been around since the 80’s, yet our approach to this problem has changed little. Until now. Utilizing the same methodologies as the U.S. Secret Service we now understand how to recognize and de-escalate situations so that violence never occurs. Join us and learn about this promising system that has saved countless lives.

    11 am – 11:45 am-- Ethics and 21st Century Collections: The Role of Provenance Research—  https://yale.zoom.us/j/92517559856

    Lucy Mulroney Director of Academic Affairs and Exhibitions Beinecke Rare Book & Manuscript Library and Antonia Bartoli Curator of Provenance Research Yale University Art Gallery

    To whom should cultural heritage belong? How can museums equitably address unethical collecting practices? Whose story does the object tell?  During the past several years, with increased public and professional scrutiny of collecting practices, many institutions that steward cultural heritage have renewed their commitment to provenance research: research that traces the ownership history of an object. This presentation will provide an overview of provenance research that is conducted within libraries and museums, from the historical study of books as material objects that reveal traces of their past owners, and art historic investigations considering condition, function or value, to the urgent ethical questions facing institutions today about the rightful ownership of objects that were removed from their original repository or source community through force or duress. Relevant to anyone who is interested in understanding the principles and practicalities of provenance research, this presentation will include ample time for participants to ask questions and share examples from their own institutions.

    12 noon – 1 pm-- Heidi the Therapy Dog, Haas Arts Library with Rich Simons Yale Public Safety

    Come meet Heidi, Yale’s therapy dog, and pet your troubles away!  Heidi will be at a different library location each day.

    12 noon – 1:45 pm—Lunchtime MovieCan You Ever Forgive Me?, Sterling Memorial Library Lecture Hall

    Brown bag lunch sessions—bring your lunch and enjoy a movie!

    Melissa McCarthy stars in the adaptation of the memoir Can You Ever Forgive Me? the true story of best-selling celebrity biographer (and friend to cats) Lee Israel (McCarthy) who made her living in the 1970’s and 80’s profiling the likes of Katharine Hepburn, Tallulah Bankhead, Estee Lauder, and journalist Dorothy Kilgallen. When Lee is no longer able to get published because she has fallen out of step with current tastes, she turns her art form to deception, abetted by her loyal friend Jack (Richard E. Grant).  Lee Israel falls on hard times and turns to counterfeiting the letters of deceased writers and celebrities in order to pay her rent. When the forgeries start to raise suspicion, she turns to stealing the actual letters from library archives and sells them through an ex-con fence she met in a bar, while the FBI is closing in on the scam.

    2 pm – 2:45 pm—Yale’s Active Assailant Video— https://yale.zoom.us/j/94119758353

    Duane Lovello Senior Director of Public Safety and Community Engagement Yale University

    A viewing of Yale's newest emergency preparedness video that will guide people through the actions they would take if confronted by an active assailant scenario on campus.  Also, the discussion will include other initiatives taking place on campus, including Stop the Bleed.  Join Yale Public Safety for a discussion and question and answer session related to these important topics.

    Wednesday, March 13, 2024

    9 am – 9:45 am—TBA https://yale.zoom.us/j/91360470627

    10 am – 10:45 am -- The Doe Network:  Searching for the Missing & Restoring Names to the Nameless— https://yale.zoom.us/j/95241520687

    Tara Kennedy, Head of Preventive Conservation Yale University Library Preservation

    If one were to ask you, “What are the greatest tragedies in United States history?” you might answer, “The COVID Pandemic” or “The Civil War,” and you wouldn’t be wrong. Those events are in the Top Ten. But there is a catastrophe that would make the Top Ten in this country that you might not realize: the number of unidentified dead people – men, women, and children of all colors and creeds.  Over 14,000 voiceless, nameless people lay in morgues, medical examiners’ offices, and pauper’s graves. Their identity is stripped from them because of circumstances; violent crime; homelessness; suicide; or accidents. How can we give them back their names? Come hear how one staff member dedicates her free time doing this work: advocating for the nameless and locating the missing through her work with the Doe Network.

    11 am – 11:45 am-- Innovative Technology & Training to Protect Communities— https://yale.zoom.us/j/96776538776

    Tara Milardo, VP Sales and Marketing PowerPhone,

    PowerPhone’s story goes back over four decades to a night when the founder, a CT state trooper, realized the gravity of the unspoken question. Fueled by the urgency of seconds that could mean the difference between life and death, PowerPhone was born.  Total Response by PowerPhone is at the forefront of technology that ensures emergency response teams always have access to the latest and most effective resources to best protect their communities. Its platform combines software and training in an innovative way to help public safety agencies dispatch smarter, faster, and safer. Total Response enhances the ability to save lives, property, and evidence. The platform offers a rapid way to reliably collect information from the caller to help the call taker be resilient and ready for any situation.

    12 noon – 12:30 pm— What is the IFCPP?—   https://yale.zoom.us/j/95351782377

                Rob Layne Executive Director of IFCPP

    The International Foundation for Cultural Property Protection trains and supports professionals who protect and manage cultural, educational, and public institutions worldwide.  To elevate the expertise, ethics, and professionalism of our membership, the IFCPP provides professional development, training & certification, industry insights and analysis of technology trends, resources & best practices for security governance, and peer networking opportunities.  Rob Layne will discuss the IFCPP, provide details for upcoming conferences (including one at Yale in 2025!), and tell you how you can join this professional organization.

    12 noon – 1 pm-- Heidi the Therapy Dog, Divinity Library with Rich Simons Yale Public Safety

    Come meet Heidi, Yale’s therapy dog, and pet your troubles away!  Heidi will be at a different library location each day.

    1 pm – 1:45 pm—Stay Safe: Practical Personal Safety Tips for Everyday Life— https://yale.zoom.us/j/92531877943

    Bill Powers, Director of Operations Sterling and Francine Clark Art Institute

    This session provides valuable insights and actionable tips to help individuals enhance their personal safety in various everyday situations. From navigating public spaces to utilizing technology effectively, attendees will learn practical strategies to safeguard themselves and protect their well-being.

    2 pm – 2:45 pm—CyberSecurity Awareness Trivia Game— https://yale.zoom.us/j/98027689553

    Wendy Battles Cybersecurity Awareness Advisor, & James Tucciarone Policy and Awareness Analyst Yale University ITS

    Are you aware of simple actions you can take to be cybersafe? Our trivia game brings the learning to you. Join the Yale Cybersecurity Awareness team for a unique learning event. Part trivia game, part interactive presentation, you will boost your cyber knowledge while engaging in some friendly competition with colleagues. Get the scoop on how to click with caution, use secure passwords, apply regular updates and other ways to protect your data and systems. The interactive and engaging environment makes learning about cybersecurity awareness fun. And we’re adding some fun seasonal trivia questions too! Note: During this event, we play an online game called Kahoot. The game displays questions and participants use their phones to answer questions. Speed and accuracy are emphasized in this fun competition. Zoom auto-captions will be enabled.

    Thursday, March 14, 2024

    9 am – 9:45 am— Is Everything Secure? A Glimpse into the Painting Conservation Department of the Yale Center for British Art—Join us at SML International Room or by Zoom link: https://yale.zoom.us/j/91559961167

    Mark Aronson Deputy Director and Chief Conservator Yale Center for British Art

    The Yale Center for British Art Paintings Conservation Department is a hub of expertise and knowledge in the preservation and conservation of British art. This brief provides an overview of the department's responsibilities, restoration work, and technical research.

    10 am – 10:45 am--Everything the Voynich Manuscript is Not—  https://yale.zoom.us/j/98101647597

    Agniezka Rec Early Materials Cataloger Beinecke Rare Book & Manuscript Library

    Beinecke MS 408, otherwise known as the Voynich manuscript, has vexed readers, historians, cryptographers, and librarians for centuries. Written perhaps in the early 15th century in an unknown script representing perhaps a cipher or a natural language or a hoax or nothing at all, the manuscript has inspired countless theories from countless theorists. This presentation will offer a number of solutions; none of them will be correct (probably).

    11 am – 11:45 am--A virtual tour of the Seattle Museum of Flight—  https://yale.zoom.us/j/93023549664

    James MacSkimming Head of Security and Safety Seattle Museum of Flight

                 Join us for a wonderful tour of the Seattle Museum of Flight where Head of Security and Safety James MacSkimming will highlight security concerns for this unique collection.

    12 noon – 1 pm-- Heidi the Therapy Dog, Marx Library with Rich Simons Yale Public Safety

    Come meet Heidi, Yale’s therapy dog, and pet your troubles away!  Heidi will be at a different library location each day.

    1 pm – 1:45 pm—Emerging Trends in Security—  https://yale.zoom.us/j/93474298337

    Lori Flor, Director of Safety and Security UC San Diego Library

                This presentation will highlight new and emerging trends in security.

    2 pm – 2:45 pm—LiveSafe App Demonstration— https://yale.zoom.us/j/92727133344

    Yale University Public Safety

    LiveSafe is an app that gives students, staff, and faculty on campus an effective way to communicate with Yale Police (YPD) via a mobile device. With LiveSafe, you can use your smart phone as a personal security device to provide the YPD with accurate information about yourself and your GPS location.  Yale Public Safety will give a brief presentation about the LiveSafe app. This will include its functionalities, resource info, and safety features. They will also discuss how Public Safety is using the app to form engaging relationships with the Yale community.

    Friday, March 15, 2024

    9 am – 9:45 am—Book, Manuscripts and Forgeries—  https://yale.zoom.us/j/96772366965

    E.C. Schroeder Retired Director of Beinecke Rare Book & Manuscript Library

    The talk will provide an introduction to the forgery of books, maps, and manuscripts, focusing on the notorious forger Mark Hofmann. Hofmann's forgeries included Mormon-related material, the Oath of the Freeman (the first item printed in the US), and a manuscript of Emily Dickinson, and to cover up his forgeries Hofmann murdered two individuals.

    The talk will also highlight the range of forgeries at the Beinecke Library, some knowingly acquired as a forgery and others discovered after they were acquired.

    10 am – 10:45 am--Risk Management in Museums and Libraries—  https://yale.zoom.us/j/96016822059

    Marjorie Lemmon Director of Risk Management and Insurance Yale University

    Special collections, and the buildings that house them, present a unique set of risks. Every action and activity contains a level of risk and everyone has a role in risk management. This interactive session will explain the process for managing risk, including how to identify, assess, and prioritize risk, and the selection of methods of mitigation.

    11 am – 11:45 am-- Emergency Preparedness: Be Ready, Be Safe— https://yale.zoom.us/j/92267154535

    James Johnston Senior Director of Security Programs Prevent Advisors

    This discussion delves into the importance of proactive planning and readiness for unforeseen emergencies. It highlights key strategies, tools, and mindset shifts necessary to effectively prepare for and respond to a range of potential crises, emphasizing the critical role of preparedness in ensuring safety and resilience in any situation.

    12 noon – 1 pm-- Heidi the Therapy Dog, 344 Winchester Ave with Rich Simons Yale Public Safety

                12 noon– 12:30 pm Beinecke / Preservation front lobby

                12:30 pm – 1 pm Library Tech Services front lobby

    Come meet Heidi, Yale’s therapy dog, and pet your troubles away!  Heidi will be at a different library location each day.

    1 pm – 1:45 pm—Preserving British Art: A live virtual tour of the Yale Center for British Art Paintings Conservation Department— https://yale.zoom.us/j/98003876521

    Mark Aronson Deputy Director and Chief Conservator Yale Center for British Art

    Kendall Francis Assistant Paintings Conservator Yale Center for British Art

    The Yale Center for British Art Paintings Conservation Department is a hub of expertise and knowledge in the preservation and conservation of British art. This brief provides an exciting opportunity to virtually visit the painting conservation department to see firsthand the conservation methods, materials, and facilities dedicated to safeguarding cultural heritage, and the conservators' pivotal role in maintaining the YCBA’s painting collection.

    2 pm – 2:45 pm— Yale Public Safety Drone Team — https://yale.zoom.us/j/95119087164

                Michael Naylor Manager of Business Continuity and Planning Yale University Office of Emergency Management and William Hewitt Security Supervisor Yale University Public Safety

                Power Point Presentation and live demo of Yale’s drone capabilities.


  • March 12, 2024 1:47 PM | Anonymous

     

    We're back starting March 26! Tickets are free for everyone!

    After four years, the new Yale Peabody Museum is finally here; 4.5 billion years of history is waiting for you to explore in your own backyard. 


    The Peabody is a museum for the community, and we can't waiting another minute to share what we've created for you. That's why we've decided to open the first and second floors of the museum starting in March, with the third floor to follow later this Spring. Plan your visit today by reserving a timed ticket, or join our free membership program for the chance to register for a special limited preview.

    We are committed to building a greater understanding of science, culture, and community, giving space to a wider range of collaborators and experts, and listening to our visitors. Each time you come back to the Peabody, expect to see something a little different - and be part of that change yourself. 

    Join us as we open the doors to the Peabody Museum of the next century. We've missed you!  


  • March 12, 2024 1:24 PM | Anonymous

    Reposted from The Art Newspaper

    Two members of the environmental activist group Declare Emergency have been charged with felony destruction of government property over a 14 February action in which they poured red powder on the display case at the US National Archives in Washington, DC, that contains the US Constitution. The Archives’ rotunda was closed for several days after the action for cleaning, which cost upwards of $50,000, according to the US Attorney's Office for the District of Columbia. Both suspects in the action—Donald Zepeda of Maryland and Utah resident Jackson Green—were arrested after the incident. Zepeda was released on bond. Green, meanwhile, has been ordered held in jail in DC because, in carrying out the National Archives protest, he violated the terms of a previous release. Earlier this year, Green was charged with damaging property of the National Gallery of Art for a November 2023 protest, during which he used red paint to write the words “Honor Them” on the wall next to Augustus Saint-Gaudens's Shaw 54th Regiment Memorial (1900), a monument to Black soldiers who fought in the US Civil War. After that incident, a judge had ordered Green to stay away from Washington, DC, and all public monuments and museums. Green and Zepeda’s cases are ongoing and are being investigated by several agencies including the Federal Bureau of Investigations’ Art Crime Team.

    According to a statement by the National Archives, the US Constitution—the 1787 document establishing the laws of the new country—was not damaged in the attack. Analysis revealed the powder that coated the case and activists to be a mix of pigment and cornstarch. Dozens of conservators were involved in the process of cleaning the sophisticated display case that houses the four-page document. “The cleaning of the Rotunda and preparation to reopen it was a large, collaborative effort involving [conservators], facilities personnel and building services contractors,” Stephanie Hornbeck, a National Preservation Program Officer, said in a statement. “Approximately 30 people were directly involved, contributing an estimated total of 335 person-hours.” Referring to the pages of the Constitution, Hornbeck added: “They are well protected by the enclosure in separate anoxic encasements located inside of the well-sealed, robust exhibit cases.”

    A previous action by Declare Emergency targeted Edgar Degas’s 1880 sculpture La petite danseuse de quatorze ans at the National Gallery of Art. The group’s actions in Washington, DC, are the most high-profile US examples to date of “eco-vandalism”, or climate activism targeting works of art. In the past two years, high-profile actions by climate advocacy groups like Just Stop Oil have focused on famous works at some of Europe's most popular museums, including the soup-splattering of Vincent van Gogh’s Sunflowers at London’s National Gallery and Leonardo da Vinci's Mona Lisa at the Louvre. These actions have attracted enormous media attention and prompted larger questions about the efficacy of these strategies in conveying the urgency of the current environmental moment. An adjacent display case at the National Archives that holds the US Declaration of Independence was a major plot point in the Nicolas Cage blockbuster film National Treasure (2004), though presumably the systems that his character, named Benjamin Franklin Gates, was ultimately able to circumvent are not based on the National Archives’ actual security apparatus.

    See Original Post


  • March 12, 2024 1:08 PM | Anonymous

    Reposted from BBC

    Palestine Action said one of its activists had "ruined" a 1914 painting of Lord Balfour at Trinity College, part of the University of Cambridge. A statement on the group's website said the painting had been "slashed" and sprayed with red paint. A Cambridgeshire Police spokeswoman said: "This afternoon we received an online report of criminal damage today to a painting at Trinity College, Cambridge. "Officers are attending the scene to secure evidence and progress the investigation. No arrests have been made at this stage." Lord Balfour was foreign secretary in 1917 when a declaration was made pledging Britain's support for the establishment "in Palestine of a national home for the Jewish people" and has been seen by some historians as a starting point for the Arab-Israeli conflict. A spokeswoman for Trinity College said: "Trinity College regrets the damage caused to a portrait of Arthur James Balfour during public opening hours. The police have been informed.

    Support is available for any member of the college community affected." Palestine Action said, in a statement: "Palestine Action ruined a 1914 painting by Philip Alexius de László inside Trinity College, University of Cambridge of Lord Arthur James Balfour - the colonial administrator and signatory of the Balfour Declaration." They added that "an activist slashed the homage and sprayed the artwork with red paint".

    See Original Post


  • March 12, 2024 12:52 PM | Anonymous

    Reposted from CISA

    As we celebrate Women’s History Month, we honor and celebrate the remarkable women who have tirelessly advocated for equality and inclusion. Their contributions have paved the way for progress in various fields, including cybersecurity. At CISA, we recognize the importance of diversity in our workforce and the pivotal role women play in shaping the future of national security.

    Within cyber, physical, and global security, there is a cadre of pioneering women who have fearlessly championed diversity and inclusion. Bold women like our Vice President, Kamala Harris, U.S. Director of National Intelligence, Avril Haines; and internationally, women like Lisa Fong, Director of New Zealand’s National Cyber Security Centre, Abigail Bradshaw Head of the Australian Cyber Security Centre (ACSC), and Lindy Cameron, former UK Head of Cybersecurity; and now, a new generation of women’s rights advocates like Presidential Medal of Freedom recipient and U.S. soccer champion Megan Rapinoe, national youth poet laurate Amanda Gorman, and Nobel Peace Prize laurate Malala Yousafzai have emerged to carry the torch for women across the globe. Through highlighting their extraordinary contributions, we illuminate the path they have forged towards equal opportunities for all women--including within the world of cybersecurity, technology, and infrastructure protection.

    As the Director of CISA, I am honored to lead an agency dedicated to safeguarding our nation’s critical infrastructure. Every day, we work tirelessly to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on. I am inspired every day when I look at the amazing women leading CISA, including our Chief of Staff, Kathryn Coulter Mitchell; Val Cofield, CISA’s Chief Strategy Officer; Alaina Clark, Head of Stakeholder Engagement; Mona Harrington, Head of the National Risk Management Center; Bridget Bean, Chief Integration Officer; and Dr. Elizabeth Kolmstetter, CISA’s very first Chief People Officer. And these are only a few of the women leaders shaping our mission in immeasurable ways for our Nation’s safety and security.

    In 2022, I set an ambitious goal and nationwide challenge to have 50% of the cybersecurity workforce made up of women by 2030. While there is still much more work to do, I’m proud to say that we are 38% women at CISA, and we continue to aggressively seek out and hire exceptionally talented women who have revolutionized the way we operate. The value of women’s voices in security have had cascading effects across our organization and, more broadly, our nation.

    Within CISA, we are committed to promoting diversity as a fundamental pillar of our organizational ethos. Through the implementation of strategic recruitment initiatives, comprehensive training programs, and ongoing efforts to cultivate a culture of belonging, we endeavor to nurture a workforce that provides the diversity of thinking required to solve our most challenging problems. I encourage you to learn more about CISA’s efforts to promote Women in Cybersecurity, and to share this information widely with the women in your life. Reflecting on the important contributions of women across history and today, I am inspired by the resilience, courage, and compassion, shaped by unique experiences, that define women’s contributions to not only society, but history. I am committed to leveraging my platform to effect positive change and empower the next generation of women leaders. I recently sat down with Caitlin Sarian, also known as Cybersecurity Girl, to talk about Women in Cyber and how we are working to increase the number of women in the cyber field. As we celebrate Women’s History Month, let us honor the achievements of women past, present, and future. Together, we can continue to build a more equitable and inclusive world where every woman and girl has the opportunity to thrive and succeed.

    See Original Post


  • March 12, 2024 12:31 PM | Anonymous

    Reposted from Tim Richardson

    Last week I talked about how high performers should take regular breaks away from work to bring their best into their work. This week we will consider the advantages of workflow pauses for high performers.

    Over the last few weeks, I have had several speaking engagements that were within driving distance. To help make them as stress free as possible, I made sure that my luggage was packed 48 hours before traveling. Over the years, I have forgotten many travel necessities by hurriedly packing too close to my departure. Packing earlier, and using a checklist, has all but eliminated this problem. I’ve also tried to give myself extra travel time to account for anything unexpected. When I am at the event venue, I have been early for my appointed meeting times with my client. I double check hotel reservations and communicate with the team setting up the meeting room the day before. Anything that I can do the night before my speech is taken care of to reduce the last-minute stress of trying to get everything done. This includes laying out my clothes and presentation materials.

    Since I have traveled a lot by car recently, I have been more aware of signs to encourage me to slow down. A rest area sign, that I would have driven by in the past, was a reminder to stop even for a few minutes to break up the monotony of the highway. I have had a lot quieter time in my car instead of always filling it with music or a podcast or audio book. To have more thinking time, I haven’t turned on a TV in my hotel room and I request restaurant seating that is out of view of a television screen. Finally, I changed the screen color on my iPhone to gray to remind me that life is much more colorful and interesting in the real world. Less time staring at a screen is helpful in focusing on things that really matter. Other content ideas for how to slow down at work include: Slowing down to prepare for an important phone call. Take some time to prep for a call just as you would for an important in-person meeting. Write down objectives of the call and anticipate questions you might be asked as well as any objections that may be expressed.

    Reread your emails before you send them. Check for understanding and clarity in what you write. Make them as brief as possible and limit the number of people who are copied on your emails. Advise the reader if you need additional information with a reasonable time frame for them to respond. Really think before you speak. Be as brief as possible when you do and include questions to others and repeating their key points to check for understanding.

    See Original Post


  • March 12, 2024 12:13 PM | Anonymous

    Reposted from CISA

    The Cybersecurity and Infrastructure Security Agency (CISA) joins the National Security Agency (NSA) as a partner in five cloud security Cybersecurity Information Sheets (CSIs) that provide recommended best practices and mitigation strategies for organizations transitioning their information technology resources to cloud environments. NSA released “Top Ten Cloud Mitigation Strategies”, a compilation of CSIs each on a different strategy to secure cloud environments and CISA co-sealed five of the ten. The CISA and NSA co-authored publications are:

    • Use Secure Cloud Identity and Access Management Practices 
    • Use Secure Cloud Key Management Practices 
    • Implement Network Segmentation and Encryption in Cloud Environments  
    • Secure Data in the Cloud
    • Mitigate Risks from Managed Service Providers in Cloud Environments 

    The CSI for each strategy includes an executive summary providing background information, details on threat models, best practices for strong cybersecurity and additional guidance to protect networks. All organizations need to understand that securing their information is a responsibility for both the cloud provider and user. All organizations using cloud environments are encouraged to review these strategies and assess how they can strengthen their security.

    See Original Post

  • March 12, 2024 11:53 AM | Anonymous

     Reposted from

    Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) concluded a two-day Open-Source Software (OSS) Security Summit convening OSS community leaders and announced key actions to help secure the open-source ecosystem. Recognizing that OSS underpins the essential services and functions of modern life, the Summit sought to catalyze progress in advancing security of this critical ecosystem. This urgency was underscored by security flaws such as the Log4Shell vulnerability in 2021.
    CISA Director Jen Easterly opened the summit with keynote remarks and was followed by a panel discussion with Office of National Cyber Director (ONCD) Assistant National Cyber Director for Technology Security Anjana Rajan, CISA Open-Source Security Section Chief Aeva Black, and CISA Senior Technical Advisor Jack Cable. The summit also featured a tabletop exercise on open-source vulnerability response and a roundtable discussion on package manager security with opening remarks by CISA Executive Assistant Director for Cybersecurity Eric Goldstein. During the summit, OSS community leaders, including open-source foundations, package repositories, civil society, industry and federal agencies explored approaches to help strengthen the security of the open-source infrastructure we all rely upon. As part of this collaborative effort, CISA announced several initial key actions that CISA will take to help secure the open-source ecosystem in partnership with the open-source community:

    • CISA, as detailed below, is working closely with package repositories to foster adoption of the Principles for Package Repository Security framework. Developed by CISA and the Open-Source Security Foundation’s (OpenSSF) Securing Software Repositories Working Group, this framework was published earlier this month and outlines voluntary security maturity levels for package repositories.
    • CISA has launched a new effort to enable voluntary collaboration and cyber defense information sharing with open source software infrastructure operators to better protect the open source software supply chain.
    • Materials from the summit’s tabletop exercise will be published by CISA so that the lessons learned can be used by any open-source community to improve their vulnerability and incident response capabilities.
    Additionally, five of the most widely used package repositories are taking steps in line with the Principles for Package Repository Security framework:
    • The Rust Foundation is working on implementing Public Key Infrastructure for the Crates.io package repository for mirroring and binary signing and plans to issue a Request for Comment. The Rust Foundation also published a detailed threat model for Crates.io and has created tooling to identify malicious activity. Further steps are highlighted in the Rust Foundation’s Security Initiative Report.
    • The Python Software Foundation is working to add additional providers to PyPI for credential-less publishing (“Trusted Publishing”), expanding support from GitHub to include GitLab, Google Cloud and ActiveState as well. Work is ongoing to provide an API and related tools for quickly reporting and mitigating malware, with the goal of increasing PyPI’s ability to respond to malware in a timely manner without consuming significant resources. Finally, the Python ecosystem is finalizing PEP 740 (“Index support for digital attestations”) to enable uploading and distributing digitally signed attestations and metadata used to verify these attestations on a Python package repository, like PyPI.
    • Packagist and Composer have recently introduced vulnerability database scanning and measures to prevent attackers from taking over packages without authorization. Further work to increase security in line with the Principles for Package Repository Security framework is in progress, and a thorough security audit of existing codebases will take place this year.
    • The package repository npm requires maintainers of high-impact projects to enroll in multifactor authentication. Additionally, npm has introduced tooling that allows maintainers to automatically generate package provenance and SBOMs, giving consumers of those open-source packages the ability to trace and verify the provenance of dependencies.
    • Maven Central (maintained by Sonatype) is the largest open-source repository for Java and JVM languages and enforces validation and metadata requirements with clear namespaces. Since 2021, all staged repositories have automatically been scanned for vulnerabilities when published, and developers receive a report with any security issues. In 2024, Maven Central is transitioning publishers to a new publishing portal that has enhanced repository security, including planned support for multifactor authentication. Upcoming key initiatives include Sigstore implementationTrusted Publishing evaluation, and access control on namespaces. This includes Maven Central benchmarking the maturity of its security processes against best practices, which will also guide backlog prioritization.
    “Open-Source Software is foundational to the critical infrastructure Americans rely on every day,” said CISA Director Jen Easterly. “The federal government must integrate into open-source communities to help protect this essential public good – not the other way around. We’re proud to announce these efforts to help secure the open-source ecosystem in close partnership with the open-source community and are excited for the work to come.”
    “Open-source software is a mission-critical foundation of cyberspace that the U.S. Government must continue to defend,” says Anjana Rajan, Assistant National Cyber Director for Technology Security. “Ensuring that we have a secure and resilient open-source software ecosystem is a national security imperative, a technology innovation enabler, and an embodiment of our democratic values. As the chair of the Open-Source Software Security Initiative (OS3I), ONCD is committed to ensuring this remains a priority for the Biden-Harris Administration and commends CISA’s leadership in convening this important forum.”
    “OpenSSF’s mission is to improve the security of open-source software. Package repositories are critical infrastructure for the open-source community. We thank CISA for facilitating this Open-Source Software (OSS) Security Summit to help secure package repositories. Through continued cooperation in activities such as this summit and the Principles for Package Repository Security, we will improve the security of open-source package repositories for everyone,” Omkhar Arasaratnam, General Manager, OpenSSF.
    “Securing the open-source software supply chain is crucial for protecting global economic infrastructure,” said Mike Milinkovich, Executive Director of the Eclipse Foundation. “CISA is working to improve open-source security, focusing on both current issues and future application development. We’re proud to contribute to this vital work, helping CISA improve the global development ecosystem and supporting its vision for the future.”
    “OSI and the Open Policy Alliance commend CISA for engaging with the open-source software community and appreciate the opportunity to participate in this week’s Open-Source Security Summit.  Including less represented, small open-source non-profits into the discussion will facilitate workable, practical policies and practices, building upon the strength of the collaborative model of Open Source,” said Deb Bryant, US Policy Director, Open-Source Initiative.
    The federal government has coordinated its efforts around open-source software security through the ONCD Open-Source Software Security Initiative. Last year, ONCD, CISA, the National Science Foundation, the Defense Advanced Research Projects Agency, and the Office of Management and Budget published a Request for Information (RFI) on open-source software security and memory safe languages, which received more than 100 substantive responses. The issuing agencies are currently reviewing responses and will publish a summary of the RFI submissions. In 2023, CISA released its Open-Source Software Security Roadmap which lays out four key goals to help secure the federal government’s use of open-source software and support the global open-source ecosystem: establishing CISA’s role in supporting the security of open-source software, driving visibility into open-source software usage and risks, reducing risks to the federal government, and hardening the open-source software ecosystem. The actions announced today from the summit represent key steps in fulfillment of the roadmap’s goals, including Objective 1.1. Partner With OSS Communities and Objective 1.2. Encourage Collective Action from Centralized OSS Entities.

    See Original Post

  • March 12, 2024 11:37 AM | Anonymous


    We are excited to extend an invitation to you for an insightful webinar series focused on Small and Medium Businesses (SMBs) organized by the Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with the Information Technology Sector Coordinating Council (IT SCC).

    In today's rapidly evolving digital landscape, SMBs face unique challenges and threats. This webinar series aims to equip participants with essential knowledge to navigate these challenges effectively. Our upcoming session will delve into the critical topic of Ransomware, shedding light on the prevailing threats, strategies for understanding Ransomware, and proactive measures for prevention.

    Here are the key details:

    Webinar Topic: Ransomware: Threats, Understanding, and Prevention
    Date: March 25, 2024
    Time: 1:30 p.m. – 2:30 p.m. EST

    This session will feature insights from experts at CISA alongside industry leaders, offering invaluable perspectives and practical advice. Moreover, we encourage active participation by providing dedicated time for questions and answers, ensuring that attendees can engage directly with the presenters.

    Who should attend? This webinar is tailored for federal, state, local, and private sector stakeholders interested in gaining a deeper understanding of the risks associated with critical infrastructure systems and their interdependencies.

    Don't miss out on this opportunity to enhance your cybersecurity posture and safeguard your organization against evolving threats.

    Join Now


  • March 12, 2024 11:28 AM | Anonymous

    Reposted from EMR-ISAC

    Cybersecurity professionals can expect fresh reading materials in the coming months from the Office of the National Cyber Director, which aims to issue an update to the National Cybersecurity Strategy Implementation Plan before the summer is over, a White House cyber official said Tuesday. The implementation plan outlines how the White House will accomplish the goals outlined in the national cybersecurity plan and is supposed to be a “living document” that is updated as initiatives are complete or new initiatives are added. The implementation plan 2.0 is expected “late spring, early summer,” said Brian Scott, deputy assistant national cyber director for cyber policy and programs.

    Cybersecurity pros can also expect an update on software liability reform in the next implementation plan release. In its recently released National Cybersecurity Strategy, the Biden administration called on Congress to develop legislation to develop a software liability regime, one that would allow consumer and businesses to sue software makers if they fail to take proper care in designing the security of their tools. Software companies, if the White House has its way, will no longer be able to disclaim liability for the products they produce.

    The Biden administration is currently looking at developing a framework around software liability. One aspect of the framework will be exploring how best to implement safe harbor incentives for companies that are developing code using secure methods. Companies that align with those best practices — which are still being explored — are less likely to face legal issues down the road.

    See Original Post


<< First  < Prev   1   2   3   4   5   ...   Next >  Last >> 
  
 

1305 Krameria, Unit H-129, Denver, CO  80220  Local: 303.322.9667
Copyright © 2015 - 2018 International Foundation for Cultural Property Protection.  All Rights Reserved