INTERNATIONAL FOUNDATION FORCULTURAL PROPERTY PROTECTION
News
Reposted from StaySafeOnline
In 2017, ransomware became so powerful that it managed to finally make a name for itself as a business model. Ransomware as a service (RaaS) allows hackers to simply buy or sell their own ransomware for the purpose of damaging individuals or businesses.
Considering that, and the fact that all the other businesses affected by hackers, cybersecurity has become extremely important for every business today. It doesn’t matter what industry you pertain to – the reality is that hackers can access your data and sell it for a profit or perform other maleficent actions.
This is why investing in business IT solutions can help protect your company from this type of attack. Creating the right protection plan is essential to your business. Even if you believe that your business is not important enough to attack, the reality is that every organization could become a victim. Our dedicated team created a quick list of three things you need to do to keep your files safe.
One of the main benefits of business IT support and data protection solution is that they can keep your data safe from prying eyes. Hackers won’t have easy access to your sensitive data. Also, having a professional data backup and protection plan will make you less prone to malware and viruses. You get to save money this way, and in the end, hackers will find it more difficult to take advantage of any human errors. Plus, protecting your data will help you stay in compliance with the current laws. Use this type of service, and there will be less need to worry about the safety of your data.
Most companies that use cloud services may be targeted by hackers. With help from a great IT support team and other dedicated services, you can help negate that issue. A dependable business technology solutions team password protects all your content, filters it and heavily monitors company information to ensure that only the authorized parties will be able to access designated files. This way everyone will get to see only what they need to.
A dependable IT support team knows that cybersecurity issues can appear at any time, regardless of the hour. Services like these can bring you the best business computer services and reliable solutions in no time.
If you opt for round–the-clock IT support, you won’t have to worry about any data security issue, and the team can also help you deal with any other type of IT issues, not only security related stuff. This also ensures you that the company files are safe. A well managed IT services firm would also have heavily monitored data centers. Only authorized personnel goes into this building, which means that all your sensitive data will be stored by a professional and reliable business.
As long as there’s data online, there will always be hackers that try to steal it. Don’t let hackers take advantage of your company’s information. Invest in the best business IT solutions right now.
See Original Post
Reposted from Motherboard
At around midnight just over 28 years ago a pair of thieves broke into the Isabella Stewart Gardner Museum in Boston, Massachusetts masked by darkness. The intruders, who were disguised as police officers, tied up museum security guards and used box cutters to rip the paintings. They made off with $500 million worth of art from the museum’s walls.
Among the stolen pieces were three paintings by Dutch Baroque artist Rembrandt and five by French impressionist Degas. Today, the case remain the largest unsolved art heists in history and no arrests have been made. The spaces where the 13 artworks once hung lay bare.
While we may never know the location of the physical paintings, a group of technologists are using augmented reality to virtually return these stolen works.
Using Apple’s ARKit, a team of nine technologist at Cuseum—a group that helps bring AR experiences to museums—have recreated Rembrandt's, “A Lady and Gentleman in Black” and “Christ in the Storm on the Sea of Galilee,”—two of the 13 stolen artworks. The group is calling the project, which is not sanctioned by the museum, Hacking the Heist.
"Something like this would not have been technologically possible a year ago but now with some of the recent advances in AR the phone has the ability to recognize vertical surfaces and images and react accordingly,” Brendan Ciecko, a technologist at Cuseum told Motherboard over the phone. “It dawned on me that a lot of people don't actually realize what the paintings that were looted look like.”
Ciecko’s Apple ARKit build runs on the latest iOS currently available only to developers. As soon as Apple releases the new version of iOS to the public, museum goers can download an app and view the virtually restored paintings on their own devices. Until then, the technologists hope to lend some iPads to the museum so that visitors can experience the work even if they don’t have the app.
Currently the team’s work is still a proof of concept, but according to Ciecko they intend to work with the museum to create a project open to the public in the near future.
Augmented Reality technologies have made strides in commercial use in the past year. The technology has also been utilized by many for artistic endeavors, like this group that recently used the technology to host their own AR exhibit in the Metropolitan Museum of Modern Art.
“Back in the day AR used to be pretty twitchy,” Ciecko said. “You would scan some sort of marker and it would pull up the video but it would be pretty twitchy because it couldn't track in high fidelity.”
Apple’s ARKit uses an iPhone or iPad camera to detect surfaces and does not require a marker or a QR code to place 3D objects in the environment. In the case of the Gardner museum paintings these technological advancements are essential because the actual space where the painting should be is empty.
Rather than rely on a marker, Ciecko and his team had to detect the canvases adjacent to the missing paintings. The team used the surrounding paintings as anchors rather than the more traditional approach of laying an image over another.
Since the work was not sanctioned by the museum, Ciecko and his fellow technologists experienced a close call with one of the museum's guards during their early stages. According to Ciecko after spending over 45 minutes in front of the paintings to test the technology, the guard became suspicious and a supervisor was called.
Tourists passing by saw the images of the paintings on the technologists’ ipads as they tested their AR and would often ask questions and take pictures according to Ciecko.
Looking to the future Ciecko said he hopes this work will inspire more people to use AR to create cultural and educational experiences.
“Looking at this specific institution there were 13 pieces that were looted," he said."It is a dark and evil act to loot an institution that is open for the public enjoyment so we really wanted to highlight our feelings about this especially as technologists, especially as artists and especially as Bostonians.”
Reposted from the Post-Gazette
Valuable atlases, maps, and large plate books that show the colorful breadth of Western civilization have been stolen from the rare books room of the Carnegie Library of Pittsburgh in Oakland, right under the gaze of Andrew Carnegie’s portrait.
The theft of 314 items was discovered last April when an appraisal for insurance purposes began of the rare materials in the Oliver Room, library spokeswoman Suzanne Thinnes said. Deemed a crime scene, the room has been closed since April 3, 2017. Since that time, detectives from the Allegheny County District Attorney’s Office have been investigating the complex case.
“We’re very saddened by the breach of trust. This theft occurred over an extended period of time” by a knowledgeable individual or individuals, Ms. Thinnes said. She said the library could not provide an exact value of the missing materials.
Michael Vinson, a rare book dealer for 26 years, who reviewed a detailed list of the missing items, was more direct.
“I think the value would easily be $5 million. This is an immense cultural crime,” he said.
Among the missing books is a first edition of Isaac Newton’s “Philosophiae Naturalis Principia Mathematica” from London, dated 1687. Mr. Vinson noted that another copy of this book sold for $3.7 million in 2016 at a Christie’s auction in New York City.
Also gone is a first edition of Adam Smith’s book “The Wealth of Nations,” which, Mr. Vinson said, would be worth $150,000. Nine books printed before 1500 were stolen, too. These texts are called incunables because they were printed in the first 50 years after Johannes Gutenberg began printing. Mr. Vinson said the nine incunables would be worth a total of $50,000.
Mr. Vinson received an email earlier this month from a trade association detailing the theft.
At the urging of Detective Lyle Graber from the Allegheny County DA’s office, the Antiquarian Booksellers Association of America alerted its 450 members. Detectives Fran LaQuatra and Perann Tansmore also are investigating the case.
The New York City-based organization’s email, dated March 6, included a spreadsheet listing the stolen items with titles, authors, publishers, publication date and a brief description of each work, but not in every case.
“We are hopeful the release of this list will lead to their recovery and could produce information that strengthens their investigation,” Ms. Thinnes said.
“This is a great loss to the Pittsburgh community,” she added. “Trust is a very important component of what we do on a daily basis. The library takes very seriously the security of all its collections.”
The staff member responsible for the collection is no longer employed by the library, she said, declining to elaborate.
“This was part of a magnificent collection that would cover the entire breadth of Western civilization. [Edmund] Spenser’s ‘The Faerie Queene’ is a landmark in literature,” said Mr. Vinson, who lives in Santa Fe, N.M. and holds a master’s degree in library science from the University of Chicago, where he specialized in the history of the book.
The list, obtained by the Pittsburgh Post-Gazette, includes a first folio edition of Spenser’s classic poem that was published in London in 1609.
A three-volume set by Thomas L. McKenney and James Hall, titled “History of The Indian Tribes of North America,” is worth $100,000, Mr. Vinson said.
Also missing is John James Audubon’s oversized book “The Quadrupeds of North America,” an octavo edition of his illustrations of four-footed mammals published in the 1850s in New York City.
Gone is “The North American Indian,” a photographic record of native American cultures created by Edward Curtis from 1907 to 1930. The list does not say whether the library owned the complete, 20-volume set or just a few volumes of this landmark work.
A complete set of the Edward Curtis volumes would be worth between $1 million and $2 million, Mr. Vinson said.
Herman Moll’s “Atlas Manuale” is an early, important work that is gone along with more than 20 maps of the Americas and Bermuda. An accordion-style folder holding 35 Japanese prints was taken, too.
Located on the Oakland library’s third floor, the Oliver Room was named in 1992 for William Reed Oliver, a benefactor and trustee who served on the library board for more than 40 years. Mr. Oliver, an assistant treasurer for Jones & Laughlin Steel, was 94 when he died in 1994.
Susan Benne is executive director of the Antiquarian Booksellers Association of America, which maintains a database of missing books.
“It’s in no one’s interest to have stolen materials in the marketplace. It can create victims along the way. Sometimes the alleged thieves are sophisticated and they have a very good story that seems believable,” Ms. Benne said.
Last month, Ms. Benne said, she was contacted by Detective Graber and asked to distribute the list.
“There’s demand for good material all over the world,” Ms. Benne said, adding some items could be recovered. Garrett Scott, a book dealer in Ann Arbor, Mich., “was an excellent liaison between people who were trying to recover books in Italy after thefts there and a Swedish library that had some thefts there.”
Plate books consist of text with hand-colored aquatints, lithographs or engravings. Books showing the costumes of China, Austria and Turkey are missing. Complete atlases are attractive to thieves, but even incomplete atlases are, too, because they can be sold plate by plate.
“A thief very well may break up an atlas plate by plate because that makes it difficult to detect ownership,” Mr. Vinson..
Joyce Kosofsky, co-owner of Brattle Book Shop in downtown Boston, has worked in the book trade since 1978 and agreed with Mr. Vinson. She called the list “jaw-dropping. It’s an impressive list of books — the range of what’s there,” she said.
“These are high-end rare books. I’ve never seen a list this big. This is a major theft,” Ms. Kosofsky said.
At Yale University’s Beinecke Rare Book Library, security is strict and no one is above suspicion, Mr. Vinson said.
Beinecke library curators cannot take their keys home, checking them in with a guard when they leave. Bags are searched every time someone leaves the building, Mr. Vinson said.
At the Carnegie, the Oliver Room is not accessible to the public, Ms. Thinnes said. Before the lockdown last April, visitors needed to make an appointment so materials could be pulled in advance. A few staff members had card key access to the room. Lockers were provided for visitors. Security cameras are located in the stacks and some materials were kept under lock and key.
Mr. Vinson believes that the thief may have been a library employee or employees because only a handful of people knew the security procedures.
“The books were immensely valuable. But they were also across a wide variety of fields,” he said.” Only a few people have that knowledge — a general antiquarian bookseller, a librarian or a curator would know the value. It has inside written all over it.”
“They are probably all in a storage unit or an attic somewhere if it is insider theft,” Mr. Vinson said.
The IFCPP certification team would like to congratulate 12 new Certified Institutional Protection Instructor graduates and 10 new Certified Institutional Security Supervisor graduates for their successful completion of CIPI and CISS courses in Philadelphia, February 27-March 2. We’re lucky to work with such a great group of professionals.
Our sincere gratitude to The Barnes Foundation and the Philadelphia Museum of Art for hosting these important classes, and for their generous hospitality. We couldn’t do it without the support of our member institutions.
And thanks very much to Stevan P. Layne, CPP, CIPM, CIPI and Geoffrey V. Goodrich, CIPM II, CIPI for their outstanding instruction! Great job guys!
The ASIS Foundation, the charitable research and education arm of ASIS International, has published applied research that assesses and provides recommendations for the security of historically important archaeological sites. Compiled by the ASIS International Cultural Properties Council, the report, Archaeological Site of COLONIA CLUNIA SUPLICIA (Clunia) Peñalba de Castro, Burgos, Spain, was made possible through a grant from the ASIS Foundation. ASIS International is the leading association for security management professionals worldwide.
The research, which evaluates the security of Clunia, an ancient Roman city on the Iberian Peninsula, includes a detailed site survey undertaken by James H. Clark, CPP, and Ricardo Sanz Marcos under the advisement of 2017 Cultural Properties Council chair Robert Carotenuto, CPP, PCI, PSP. Clark and Marcos identified conditions—such as weather, looting, and careless behavior—that could create security vulnerabilities for the site and its resources. The research team believes that the recommendations they draw from this survey are applicable at other archaeological sites.
“Most of the completed research on cultural site security focuses on how to protect them during times of war,” says Carotenuto. “These historical treasures are threatened during peace time as well. Our report demonstrates to the security community that you can apply common physical security techniques to protect any site.”
The Clunia report is the latest in the ASIS Foundation’s series of Connecting Research in Security to Practice (CRISP) reports—providing practical, researched-based solutions to help security professionals effectively tackle a wide range of security issues. Previous CRISP reports address issues of insider threat, supply chain security, sports team travel security, and more.
Reposted from The Art Newspaper
Nearly six months after Hurricane Maria struck Puerto Rico, museums on the US island are resuming their everyday pace and pushing forward with new initiatives.
The Museo de Arte de Ponce on the island’s south coast is “basically back to normal”, the museum’s assistant curator and exhibitions co-ordinator, Helena Gómez de Córdoba, says. Though some staff—among around 400,000 utility customers on the island—remain without power at home, the museum’s collection was unharmed and the building received only minor damage. It reopened on 28 September, one week after the hurricane.
Visitor numbers to the museum actually rose in October, partly because many locals were not working and schools were closed. The museum offered free admission that month, and nearly 300 guided tours and workshops. “It was good to see people just enjoying themselves and learning,” De Córdoba says.
Although attendance since then has been slightly down, the museum hopes to draw back visitors—both locals and tourists—with its spring exhibitions. A rescheduled show of works on paper from New York’s Frick Collection opens this month (Small Treasures from the Frick Collection, 17 March-8 August) after a four-month delay.
Another exhibition, due to open on 15 April, will present Puerto Rican art from the collection made between 1959, when the museum was founded, and 1965, when it moved into its current building. “It’s suddenly become very poignant,” says the show’s curator, Pablo Pérez d’Ors, since the museum is an “important landmark in the construction of an artistic identity for Puerto Rico”.
The Ponce museum has also helped other institutions on the island, such as the museum at the Universidad de Puerto Rico in Cayey, to examine and preserve their collections. Likewise, the Museo de Arte de Puerto Rico (MAPR) in San Juan safeguarded works belonging to other Puerto Rican museums until January. MAPR’s own collection received only minimal damage and staff returned to work immediately after the storm, helping to run the museum as a communications and conservation hub for local cultural institutions.
The San Juan museum reopened to the public on 10 November, three days after another disaster: a flash flood, which caused more damage than either Hurricane Maria or Hurricane Irma, including the destruction of the education department’s facilities and materials.
Since the reopening, MAPR has been “very active” and “people have been very responsive”, says the museum’s director, Marta Mabel Pérez. A show of works by six Puerto Rican artists opened last month (until 13 May), while four young local collectors are lending works to an exhibition opening in May. The museum has also teamed up with the online auctioneer Paddle8 to present a benefit sale of 91 works, some donated by Puerto Rican artists, to be held on 14 March.
The island’s museums are also thinking ahead for future emergencies. In October, MAPR co-founded the Coalition for the Heritage of Puerto Rico. The three-year pilot project aims to release a guide in May, to advise cultural institutions on preparing for and responding to disasters. The coalition is working with Brinnen Carter, a chief of resources at the US National Park Service, to draw up a budget that will include new safety deposit spaces for museum objects.
The San Juan museum also received a $110,000 grant from the Smithsonian Institution in Washington, DC, of which it is an affiliate organisation, to meet conservation costs after the hurricane. The museum is, however, around $3m in debt due to the loss of revenue, structural damage and the cost of restoring works.
This month, the Smithsonian Cultural Rescue Initiative (SCRI), set up after the Haiti earthquake in 2010, is co-organising two disaster conservation workshops at the museum. The first event, aimed at museum professionals, will cover issues such documenting collections and evacuating, assessing and preserving objects. Another workshop, on 24 March, will teach members of the public and artists how to conserve works in their homes or studios.
The workshops will be led by Corine Wegener, a cultural heritage preservation officer at the SCRI. In disaster planning, she says: “People come first, but culture needs to be somewhere on the list—that’s our goal.”
Reposted from ASIS
It was a monumental task. The Ontario Provincial Police (OPP) needed to conduct security assessments of all the courthouses in the province it polices—approximately 100 locations—with only three people to carry out the work.
In an unprecedented move, Security Assessment Unit Sergeant Laura Meyers, PSP, proposed bringing in outside help from the private sector. Senior executives approved of the idea, and Meyers reached out to the ASIS Toronto Chapter to bring on Michael Thompson, CPP, PCI, PSP, and Gregory Taylor, CPP, PSP.
Both had public sector experience—Taylor was former military and Thompson a former Toronto police officer. Meyers thought those qualifications, along with their extensive security backgrounds, would not only help them conduct the assessments OPP needed, but also gain the respect of OPP officers they would be working with in the field.
Her predictions were correct. Taylor and Thompson were well received, and the project was completed on time without exhausting OPP's resources—funding or personnel—to complete. It also marked a new era with OPP in bringing security professionals in-house to assist law enforcement in addressing security threats.
In 2007, the province of Ontario issued the Ontario Public Service Physical Operating Policy, which required all public service facilities within the province to complete a physical security threat risk assessment.
The OPP, which polices more than 1 million square kilometers of land and waterways in Ontario, was subject to this mandate. It's one of North America's largest deployed services with more than 5,800 uniformed officers, 2,400 civilian employees, and 830 auxiliary officers.
To comply with the mandate, the OPP's four-member Security Assessment Unit was assigned to carry out threat assessments of more than 200 facilities across the province. The four members went to each region and trained OPP staff at the facilities on crime prevention through environmental design (CPTED) strategy and the Royal Canadian Mounted Police's (RCMP) Harmonized Threat Assessment Methodologies.
"It was like a mass attack for the four-person unit to do that within a couple of years," Meyers says. "By 2011, all [facilities] were visited and threat assessments completed."
During that time frame, Staff Sergeant Rob Fournier was placed in charge of the newly created OPP Justice Officials Protection and Investigations Section (JOPIS). The section was created in 2009 to ensure the safety and protection of justice officials and to address threats, harassment, and intimidation directed at justice officials.
The Security Assessment Unit and JOPIS regularly began working together to address threats, and in 2015, JOPIS was instructed to complete physical security threat risk assessments on all justice facilities in the province.
Meyers and Fournier both knew it would be a major task to carry out the assessments, especially if they had to train additional OPP staff to conduct them.
"In the police world, when you're building your team you're looking for an individual with a ton of experience," Fournier says. "In the security aspect, we have to use that same premise. Why would you want to be retraining someone in security work, when you can get someone who's been involved for years?"
Meyers and Fournier were both active in the ASIS Toronto Chapter, so they pitched the idea of contracting out the justice facility assessments to a few security professionals they knew through the chapter.
The idea was approved, and Meyers and Fournier recruited two security professionals with certifications and backgrounds in the public sector—Thompson and Taylor.
After Thompson and Taylor were brought on board, they traveled to 92 different sites across the province—ranging from remote areas to urban settings, with everything from historic courthouses to courtrooms in mini plazas.
Their job was to review each site, evaluate the training protocols, and identify any gaps that might pose vulnerabilities, Fournier says.
Thompson's and Taylor's recommendations were critical at one site in particular following a series of events over a six-month period that impacted the security of the facility in eastern Ontario.
During that six-month period, a local individual murdered three former lovers. Law enforcement launched an extensive manhunt to locate the person. During that same time frame, an OPP officer was threatened and forced to temporarily relocate for personal safety. And there was another unrelated high-risk threat to an officer at the facility.
"There were obviously a bunch of people at that older facility, and it needed attention," Fournier says. Thompson and Taylor were able to take the previous threat assessment of the facility and suggest specific actions to take to address the new vulnerabilities due to the heightened threat environment.
The facility then improved its exterior parking lot lighting, and made other changes that Fournier could not disclose due to security concerns.
This process of going back to reassess facilities has helped the province distribute its funds to better address security concerns, Fournier says.
"It's helped paint the picture when we're earmarking where limited funds are going, to say, 'This might not be on your list but it's on ours,' and that helps get things done sooner," he adds.
While Thompson and Taylor were wrapping up the justice site assessments, the OPP decided to update its original threat assessments that were completed in the wake of the 2007 mandate.
"Some of the recommendations from that set were dated, not the best security practices," Meyers says. "So, we came up with a criticality schedule—how often we should revisit them…looking at it as a continual working project."
To carry out this work, OPP once again reached out to the Toronto Chapter; this time to Chapter President Patrick Ogilvie, CPP, PSP. Meyers knew that Ogilvie was looking to both build his personal brand as a professional and give back to the community.
Ogilvie is currently conducting this second round of threat assessments, using the RCMP methodology that was established during the initial round. Having that first set of assessments has been a useful benchmark, Ogilvie says, to score threats and vulnerabilities and then make actionable recommendations for the facilities.
"Even before I step foot onto a facility, I communicate with commanders that I'm looking for documented evidence or stories of different threats and occurrences," he adds. "I get them thinking not as police officers, but essentially as security people who can identify different threats and vulnerabilities that they have experienced."
This is because sometimes a security threat hasn't been identified by law enforcement because it is not a deliberate act—such as vandalism—that is intended to harm the facility.
For instance, Ogilvie says he found that most facilities did not identify building structure or leaks as vulnerabilities.
"What I found in getting out and talking to [people] was that accidents were happening, natural hazards that could have an impact on our business, and our business is policing," he explains. But because these threats weren't identified, nothing was being done to address or mitigate them.
Ogilvie has made it a point to educate OPP personnel at the facilities that he's looking at all threats—deliberate acts, accidents, and natural hazards—that could harm the organization. For instance, a leak in the facility could cause structural decay and ultimately become a hazard for personnel inside.
Thus far, Ogilvie says the OPP officers he's interacted with have been receptive to his suggestions, and Meyers adds that the feedback she's received has been highly positive—including that security deficiencies have been pointed out in a respectful manner.
Due to the success of the program, Fournier says that several First Nation police services across the province have reached out to OPP for assistance on conducting similar threat assessments.
Many of these facilities, especially in the northern part of Ontario, are in remote locations and have deteriorated or don't adhere to the same standards as other facilities in Ontario. To address this, OPP is working with the police programs to conduct threat assessments of approximately 15 different sites.
The Security Assessment Unit has also been called on to provide assistance to Ontario government facilities—overviews, recommendations, and security advice—because they have proved themselves in the field.
It has also showcased how civilian personnel can be brought in to a law enforcement agency to help in addressing security concerns.
Ogilvie, Thompson, and Taylor are all under contract right now using existing funding that OPP secured. Down the road, Fournier says he hopes to change a few positions in the Security Assessment Unit to hybrid roles that either a police or civilian security professional could fill.
Reposted from Campus Safety Magazine
The California State University system released an active shooter safety video to help prepare students for the potential threat of a gunman on its 23 campuses.
The video, which emphasizes the “Run, Hide, Fight” survival method, was produced at the end of 2017 with input from campus police chiefs, according to NBC 4. It was originally distributed to CSU campuses in January and was shared on social media earlier this month.
“Run, Hide, Fight… those are your three real options if it’s happening,” says University Police Chief John Reid. “You have to, based upon what’s going on around you, make a decision: Whether I’m going to run from this, whether I’m going to hide, or whether I’m going to fight.”
The video says that students should try to run, partly because campus shooters won’t typically give chase. It also says to run as soon as there are signs of trouble, even if one is unsure that what they are hearing is gunfire. When running, the video says to make yourself a difficult target by running in a zigzag motion.
It also emphasizes that police are minutes away, not seconds, and that “you must fend for yourself” in the meantime and not wait to react.
Although CSU released the educational video back in January, there are concerns that their safety videos aren’t fully reaching students.
Chief Reid says UPD occasionally hosts active shooter training but they are not highly utilized.
“We’ve got this training that’s available, but people who are coming to the training and are engaged in the training are already 50 to 60 percent of the way there,” Reid said. “Even if (students) can say, ‘I know I’ve got Chico State Alerts, and I know what Run, Hide, Fight means,’ that’d be huge.”
Chico State Alerts is an emergency notification system that students can sign up for online, according to The Orion.
“The most important thing I want to tell students is if they see something, say something,” Reid said. “That doesn’t mean they have to call the police. Typically, individuals don’t snap, there’s some sort of build up. If something doesn’t seem right, it probably isn’t. Say something.”
Reposted from HelpNet Security
Not having access to technical talent is a common complaint in the cybersecurity world. Folks with security experience on their resumes are in such high demand, CISOs need to hunt beyond the fields we know. To borrow a phrase from the ever-logical Mr. Spock, CISOs need to embrace Infinite Diversity in Infinite Combinations. By this I mean embracing diversity not only of bodies but of talents and experiences.
First, focus on acquiring the key cybersecurity skills beyond hacking and managing security tools. Effective cyber defenders leverage their business and managerial skills, including:
You will find that you can build upon these foundational skills with technical training to level-up new cybersecurity professionals. In some cases, it can be more challenging to train traditional IT security “geeks” in these skills, so this might be an easier path for some positions.
You can fish for this talent in a much larger ocean beyond traditional IT resumes. Look at customer service, business development, sales, law, finance, insurance, competitive intelligence, and library science. The biggest boost you can get is by finding these people in house and nurturing their careers. The bonus is that by being part of the organization already, they come to the table with a good grasp of the culture and value streams. Of course, not everyone in these areas is going to be a solid security pro but within the organization, you can find seeds to grow.
Now that you have a pool to draw from, how do you make the first cut of likely strong security candidates? Above all else, there must be interest and determination to enter the field. More than few people are drawn into the world of cybersecurity for the money or prestige only to be dismayed by the amount of work and frustration it entails.
If the person you’re looking to bring in is not already a cybersecurity professional, they’re in for a steep ramp-up of technical training. That’s a firehose of reading, classes, certifications, conferences, peer observation, online training, and hands-on work. Some people embrace the chance to learn new, exciting things while others balk at it. I’ve always leaned towards recruiting individuals with a “constant learning” attitude. Find out if they are willing to push themselves, not merely to maintain skills but to sweat and struggle to learn new things.
A second key skill for cybersecurity is risk analysis. Every adult human does risk analysis at some level or another. We do it whenever we decide to spend or save money, go to the doctor or wait out an illness, or simply cross a busy intersection. Obviously in cybersecurity, it’s more complicated and less clear. However, the people you’d want to hire should be deliberate, rational, and consistent in their method of risk analysis.
Given that you’re also recruiting talent with organization and business backgrounds, look at how they can link risk to the needs of the organization. Ask them what business processes take on unnecessary risks and how that might be reduced. Look at how they would prioritize risks, since we can never eliminate all our exposures but should always tackle the biggest ones.
These are just a few of many ideas to help develop your security team. With the variety of security specializations required by various cybersecurity roles in an organization, remember that not everything lines up perfectly with a security certification or a hacking background. Even non-IT professionals can be make valuable, diverse contributions to a cyber-defense program. Now go out and get them!
Reposted from ABCNews
Britain is facing an increased threat from far-right terrorism, the outgoing head of U.K.’s counter-terrorism command said.
In a Monday valedictory speech a few weeks before he leaves his post, Mark Rowley, London’s assistant commissioner for specialist operations of the Metropolitan Police Service, said police have foiled four such plots by right-wing extremists in the past year.
One-third of referrals to the government’s anti-radicalization program are now related to far-right terrorism, he added.
“The right-wing terrorist threat is more significant and more challenging than perhaps public debate gives it credit for,” Rowley said.
He said, “For the best part of 18 months in the U.K., we have a homegrown, white supremacist, neo-Nazi terrorist organization that is pursuing all of the ambitions of any other terrorist organization committed to violence … that should be a matter of great concern for all of us.”
There were five deadly attacks in the U.K. last year, including a terror attack against a crowd of Muslims leaving a mosque in Finsbury Park. The man who carried out the attack by driving a van into pedestrians, injuring at least eight people, was jailed for life this month and will spend at least 43 years behind bars.
Also, a far-right fanatic was jailed for life in 2016 for the murder of British politician Jo Cox during the European Union referendum campaign. He was heard saying as he stabbed her, “This is for Britain” and “Britain first.”
The murder was “committed to advance a political, racial and ideological cause … associated with Nazism,” the judge ruled.
Britain’s domestic security service MI5 is now involved in investigating the threat from the extreme-right in the country, and Rowley warned that groups based in the U.K. were seeking links with extremists abroad.
“There are many Western countries that have extreme right-wing challenges and, in quite a number of those the groups," he said, "we are worried that they are making connections with them and networking."
QUICK LINKS
ConferenceMembershipTraining & CertificationDonate to IFCPP
TRAINING & EVENTS
1305 Krameria, Unit H-129, Denver, CO 80220 Local: 303.322.9667 Copyright © 2015 - 2018 International Foundation for Cultural Property Protection. All Rights Reserved
Contact Us
