Reposted from WAVE3 News

After a three alarm fire on Wednesday, clean up crews continued to repair damage at the Kentucky Center on Thursday.

The main issue inside of the building was water damage in the lobby, according to Kentucky Center spokesman Christian Adelberg.

Kim Baker, President of the Center, says the theaters were not affected like the lobby, just some water seeped under the doors. 

It's the water damage in the lobby that has caused some concern over the $18 million worth of art located there.

Adelberg said the pieces were already covered to protect them during the ceiling work.

Baker says the only piece they are worried about is the “The Coloured Gates of Louisville” by John Chamberlain. The piece took on some extensive water damage on the wall of the Bomhard theater. To protect the rest of the art from fluctuating temperatures as the building dries out, the center enlisted the help of the Speed Art Museum.

Most of the performances scheduled for this weekend have been relocated. 

Right now, the box office is closed to the public but tickets still available online.

The Broadway hit musical, Waitress, was scheduled for June 26. Broadway Louisville tweeted the show should go on as planned.

It is unknown when the center will be open again. 

See Original Post

Reposted from CNBC

A cyberattack of devastating proportions is not a matter of if, but when, numerous security experts believe.

And the scale of it, one information security specialist said this week, will be such that it will have its own name — like Pearl Harbor or 9/11.

"The more I speak to people, the more they think that the next Pearl Harbor is going to be a cyberattack," cybersecurity executive and professional hacker Tarah Wheeler told a panel audience during the Organization for Economic Cooperation and Development's (OECD) annual forum in Paris.

"I think that the most horrifying cybersecurity attack is going to have its own name and I think it's going to involve something more terrifying than we've thought of yet."

Wheeler is CEO and principal security advisor at Red Queen Technologies, a cybersecurity fellow at Washington, D.C.-based think tank New America, and former cybersecurity czar at multinational software firm Symantec.

Explaining her premonition, Wheeler pointed to vital health and transport infrastructure she described as grossly under-protected.

"I think about the fact that most American healthcare technology is secured, if at all, with ancient, crumbling security infrastructure. I think of planes full of people, the kind of infrastructure that protects flu vaccinations. I think about fertility clinics losing years' worth of viable embryos," she said, stressing that people are not paying attention to that crumbling infrastructure.

Critical infrastructure and industry

Wheeler is not alone in her apocalyptic outlook. Not a single report from technology companies and researchers in this field claims that the cyberthreat environment is becoming less hostile or less significant.

The World Economic Forum's (WEF) Global Risks Report 2018 names cyberattacks and cyber warfare as a top cause of disruption in the next five years, coming only after natural disasters and extreme weather events.

"In a worst-case scenario, attackers could trigger a breakdown in the systems that keep societies functioning," the report said. Industry and critical infrastructure like power grids and water purification systems could be potential targets for hackers, whether they are small groups or state actors.

Retired Admiral James Stavridis, who served as NATO Supreme Allied Commander for Europe, echoed these warnings in a prior interview with CNBC: "We're headed toward a cyber Pearl Harbor, and it is going to come at either the grid or the financial sector... we need to think about this cyberattack as a pandemic."

Artificial intelligence-focused security firm BluVector reported in February that almost 40 percent of all industrial control systems and critical infrastructure faced a cyberattack at some point in the second half of 2017.

Unpatchable devices and the internet of things

Companies and governments aren't doing enough to protect these systems, Wheeler said.

"The inevitability is based in the easy access to the kinds of exploits that still work 10, 15, 20 years after they've been revealed," she said, noting that there are still companies running critical infrastructure, including health infrastructure, on Windows XP and other platforms that are unpatchable — meaning they can't be updated for vulnerability and bug fixes. Many internet of things (IOT) devices, she described, are unpatchable by design.

IOT, which has been described as "merging physical and virtual worlds, creating smart environments" through devices connected to the internet and that communicate with one another, represents a whole new level of vulnerabilities.

And cybercriminals have an exponentially increasing number of potential targets, the WEF report said, "because the use of cloud services continues to accelerate and the internet of things is expected to expand from an estimated 8.4 billion devices in 2017 to a projected 20.4 billion in 2020."

The chief executive of defense firm Raytheon International, John Harris, recently called cyberattacks the "single biggest threat to global security," adding that "the more we are connected, the more we are vulnerable."

Listen to the hackers

But Wheeler didn't specify who would likely be behind such acts, stressing that the nature of cyber warfare is asymmetric — and while there are state actors with hostile intentions, cyber weapons are accessible to just about anyone with the skills to deploy them.

What's needed, Wheeler stressed, is "sensible, deep, not broad, cybersecurity regulation that has teeth." She urged the private sector to listen to its "early warning system" — what she called the information security community, or hackers — rather than criminalizing their activity.

Industry experts have encouraged best practices and a greater awareness of the threats across the public and private sectors, and call on both sides to improve collaboration.

See Original Post

Reposted from ArtNet

London’s Hayward Gallery has been forced to close on the opening day of a major solo show dedicated to the South Korean artist Lee Bul. One of her works caught fire yesterday, forcing the private view of the exhibition “Lee Bul: Crashing,” to be called off. 

“During an incident yesterday, an artwork caught fire in a contained space within the Hayward Gallery which required attendance from the fire brigade,” a spokesperson for the gallery confirmed to artnet News.

The artist and the museum decided together to remove the artist’s work Majestic Splendor (1991–97) from the exhibition for safety purposes ahead of the opening, but a small fire broke out during the de-installation. While the press preview yesterday morning went ahead, the evening opening was canceled at the last minute. 

This isn’t the first time the work, which comprises a fish decked out in sequins, has caused trouble. The smell of Majestic Splendor made visitors to Bul’s 1997 show at the Museum of Modern Art so nauseous that it had to be removed. To avoid the same problem, the fish have since been placed in a sealed plastic bag with the chemical potassium permanganate. But the presence of the chemical increased the chances that other already flammable materials would catch fire.

“Superficial damage was sustained in a confined section of Gallery 1,” the spokesperson said, explaining that the gallery will remain closed today and tomorrow to deal with “remedial cosmetic work.” Staff anticipate reopening on Friday, June 1, to inaugurate the show, which will run through Hayward’s 50th anniversary in July and close August 19.

One security contractor was assessed for the effects of smoke inhalation as a precaution in the wake of the blaze, the spokesperson said.

The Hayward reopened its space in London’s Southbank Centre at the end of January after a two-year closure for refurbishment. For its latest show, Lee has taken over the gallery’s expansive space with more than 100 works spanning the late ‘80s to the present. The show includes installation, painting, and performance, transforming the space into a futuristic landscape replete with alien bodies, cyborgs and Kusama-like mirrored environments.

The artist’s work recalls everything from science fiction stories to Korea’s own quickfire urban development and presents an environment teetering on the edge dystopia. Indeed, the fire broke out among a number of depicted disaster experiences that include a monumental foil Zeppelin, Willing To Be Vulnerable – Metalized Balloon (2015–16), that references the 1937 Hindenburg disaster, and a new sculptural work, Scale of Tongue (2017–18), which references the sinking of the Sewol Ferry in 2014, an event that left 304 people dead.

Lee received an honorable mention at the 48th Venice Biennale in 1999 for her contributions to the Korean Pavilion and Harald Szeemann’s international exhibition. She later received the Noon Award for established artists making experimental work at the 10th Gwangju Biennale in 2014.

“Lee Bul: Crashing” is on at London’s Hayward Gallery from May 30 through August 19.

See Original Post

Reposted from CSO.com

Employees generally want to protect data against compromise but few understand the sensitivity of their data or the role of anything but passwords in protecting it, according to a new study that highlighted the difficulties that over-optimistic CSOs have in building an active security culture.

Although 64 percent of employees use company-approved personal devices for work, a recent Clutch survey found, just 40 percent of employees faced regulations on their use of personal devices – highlighting the continuing exposure of companies to common but problematic bring your own device (BYOD) policies.

High BYOD use was often translating into unintentional security exposure from otherwise “normal” activities such as the use or exchange of documents, the survey found. This ease of access meant that employees often didn’t think about the risks inherent in those activities – compromising their ability to recognize when data is sensitive.

“We've seen that at many companies, employees believe that information that needs to be protected is special, sensitive stuff that's explicitly marked, and most of the everyday communications they receive and send aren't a risk for their organizations,” said PreVeil CEO Randy Battat in a statement upon the survey’s launch.

“The reality is that the majority of communications, and the majority of an organization's intellectual capital, can be found in the ‘ordinary’ email or shared file.”

Passwords not the be-all and end-all

Compounding the problems created by ease of access to potentially sensitive information was the risk of employees’ limited security practices.

Most employees understand the importance of passwords as the primary level of protection of company data: 76 percent reported using password protection techniques, although just 67 percent said their company regularly reminded them to update their passwords.

“It’s likely that some employees are subject to password restrictions or guidelines but are simply unaware of it,” the report’s authors noted. “So, even if they use password protection, they may not be doing so according to policy.”

This gap had led to lower levels of compliance than many employees would even be aware of – yet the discrepancy between actual and best practices was glaring.

Use of security tools was one glaring example: a previous Clutch survey for example, found that while 84 percent of corporate cybersecurity policies involve the use of specialized security software, just 48 percent of employees are regularly reminded to install that software – and just 44 percent actually do so.

This level of non-compliance has been a bugbear for CSOs that often assume their employees are as actively concerned about lower-level security measures and policies as they are.

Yet just 59 percent of employees saying they had competed formal security or security-policy training.

“The gap between how decision-makers design policy and how employees enact it underscores the importance of effectively communicating cybersecurity policy to employees,” the report notes.

“Lack of policy recognition and policy are essentially the same in the context of cybersecurity. That is, if a company’s employees don’t realize a policy is present, it is essentially non-existent.

Fixing this issue – which has become even more important in a NDB and GDPR-driven compliance environment hobbled by companies’ chronic inability to identify their data – may require CSOs to more strictly monitor and impose use of mobile device management (MDM) tools capable of forcing updates of security tools, password changes, and other elements of security policy.

“If you’re allowing access to a device that is going to be used at work, whether owned by the employee or the corporation, you also set up an environment where the IT organisation can specify which applications can be installed on that device,” ManageEngine director of product management Rajesh Ganesan recently told CSO Australia.

Low usage of security tools was compromising essential activities such as patch management – which has been “a little bit haphazard”, Ganesan said – but taking a more proactive stance was helping bring devices under control.

See Original Post

Reposted from BBC News

A teenager has been found guilty of plotting a terror attack on the British Museum in London with Britain's first all-woman cell.

Safaa Boular, 18, of Vauxhall, London, has become Britain's youngest convicted female Islamic State terrorist.

A jury at the Old Bailey found her guilty of two offences of preparation of terrorism acts.

She was also found guilty over an earlier attempt to travel to Syria for terrorism.

Boular was accused of planning to travel to Syria to join IS militants and later preparing to carry out a terrorist attack in London after her fiancé, an Islamic State fighter, died.

Her sister Rizlaine 22, of Clerkenwell, London, has already admitted planning a knife attack on London and their mother Mina Dich, 44, has pleaded guilty to assisting her.

Boular will be sentenced in around six weeks time.

During her trial, the court heard how Boular - then 17 - plotted a gun and grenade attack at the British Museum.

The sisters and Dich discussed their plans using Alice in Wonderland coded language, with Rizlaine as the Mad Hatter.

Aged 16, Boular was radicalized online in the wake of the 2015 Paris terror attacks.

She met IS fighter Naweed Hussain on Instagram and after three months of chatting, she declared her love for him with an online marriage ceremony.

The court heard how she had wanted to join Hussain in Syria, but her plan was thwarted when British security services became involved and confiscated her passport.

Boular told the police about Hussain and security services deployed officers to pose as fellow extremists and speak to the pair online.

On 4 April 2017, it was a security services officer, posing as an IS commander, who told Boular that Hussain had been killed in a drone attack.

The prosecution claimed this only strengthened her determination to carry out an attack in the UK.

Boular went on to tell officers posing as extremists about plans for an attack and on 12 April, she was charged with preparing terrorist acts in Syria.

Despite being in custody, Boular continued to talk to her sister and mother about an Alice in Wonderland-themed tea party - code for an attack.

In one call Boular complained: "Mate, you guys are partying without me."

Rizlaine and Dich carried out reconnaissance of major landmarks in Westminster and bought knives and a rucksack, the court heard.

They were arrested on 27 April, the date of the planned attack, along with friend, Khawla Barghouthi.

Counter-terrorism coordinator Dean Haydon said social services were called in to act back in 2016.

"As a family unit, they are pretty dysfunctional. There was a major safeguarding issue we had to manage. It did involve social services, local authorities, schools, education and family courts trying to safeguard the wider family," he said.

"But despite all that activity it was quite clear Safaa was still continuing with her attack plans."

See Original Post

Reposted from OKCFox News

It's not exactly a break-in at the Louvre, but police at the University of Oklahoma are searching for a campus art thief.

Police released photos of the suspect carrying a painting out of the Fred Jones School of Art around 2 p.m. on May 14th. Investigators say the suspect is believed to have stolen two paintings from the second floor of the building, and a third from the fourth floor.

Surveillance video caught the suspect in the act, but they have not been identified.

See Original Post

Reposted from NY Daily News

A rogue in a Russian art gallery was arrested after he "seriously damaged" a priceless painting of Ivan the Terrible.

Igor Podporin was at the State Tretyakov Museum in Moscow just before closing Friday evening when he picked up a security pole and bashed the protective glass around the painting "Ivan the Terrible and His Son Ivan".

The 19th century work by Ilya Repin — a visually arresting large-scale canvas depicting the medieval tsar clutching the son he mortally wounded — had been "seriously damaged," Tretyakov officials said in a statement.

It added that the painting had been punctured in three places around the figure of the son, but that the most valuable part of the work —the faces of the pair — was left intact.

Podporin, a 37-year-old from the city of Voronezh, was arrested and appeared later on a Russian police video where he acknowledged lashing out against a painting that is considered a part of Russian history.

He said that he went to the museum specifically to look at the masterpiece and drank 100 grams — roughly three shots — of vodka before his outburst, adding that he doesn't normally drink vodka and was "taken over" by something.

Igor Podporin admitted to damaging the painting. (Russian Interior Ministry)

He faces a vandalism case and up to three years in prison, according to state media.

Repin's painting has been moved to the Tretaykov's restoration workshop.

It is not the first time that the work has been attacked, and that the artist repaired it himself after a religious icon painter attacked it with a knife in 1913.

See Original Post

Reposted from The New York Times

Lars Andersen's business handles some of the most sensitive data there is — the names and phone numbers of children.

The owner of London-based My Nametags, which makes personalized nametags to iron into children's clothing, says protecting that information is fundamental to his business, which operates in 130 countries.

But starting Friday, My Nametags and most other companies that collect or process the personal information of EU residents must take a number of extra precautions to comply with the new General Data Protection Regulation, which the EU calls the most sweeping change in data protection rules in a generation.

While the legislation has been applauded for tackling the thorny question of personal data privacy, the rollout is also causing confusion. Companies are trying to understand what level of protection different data needs, whether this could force them to change the way they do business and innovate, and how to manage the EU's 28 national data regulators, who enforce the law.

"Once you try to codify the spirit (of the law) — then you get unintended consequences," Andersen said. "There's been a challenge for us: What actually do I have to do? There are a million sort of answers."

That uncertainty, together with stiff penalties for violating the law, has convinced internet-based businesses such as Unroll.me, an inbox management firm, and gaming company Ragnarok Online to block EU users from their sites. Pottery Barn, an arm of San Francisco-based housewares retailer Williams-Sonoma Inc., said it would no longer ship to EU addresses. The Los Angeles Times newspaper said it was temporarily putting its website off limits in most EU countries.

The implementation of GDPR has also made data protection an issue in contract negotiations as firms argue about how to divvy up responsibility for any data breach.

"Deals are being held up by data protection," said Phil Lee, a partner in privacy security and information at Fieldfisher, a law firm with offices in 18 EU cities. "If something goes wrong, what happens?"

EU countries themselves aren't quite ready for the new rules. Less than half of the 28 member states have adopted national laws to implement GDPR, though the laggards are expected to do so in the next few weeks, according to WilmerHale, an international law firm.

As with most EU-wide regulations, enforcement of the new data protection rules falls to national authorities. While the EU stresses that the law applies to everyone, one of the big outstanding questions is whether regulators will go after any entity that breaks the law or simply focus on data giants like Google and Facebook.

Lawyers also say it isn't yet clear how regulators will interpret the sometimes general language written into the law. For example, the law says processing of personal data must be "fair" and data should be held "no longer than necessary."

"It's time to put on your seatbelt and check your airbag," said D. Reed Freeman Jr., a privacy and cybersecurity expert at WilmerHale. "It's kind of like a lift-off with a rocket. It's about to launch."

Andersen of My Nametags said the law has already caused problems for his business.

He has been advised that the company website in the Netherlands has to be different from the one in the U.K. because the two countries are likely to apply the law differently, and has a dispute with a supplier over which of them is responsible for protecting certain data.

U.K. Information Commissioner Elizabeth Denham has tried to ease concerns, saying the most important thing is for companies to try their best to comply with the law and work with authorities to correct any problems.

"We pride ourselves on being a fair and proportionate regulator and this will continue under the GDPR," Denham said in a blog post. "Those who self-report, who engage with us to resolve issues and who can demonstrate effective accountability arrangements can expect this to be taken into account when we consider any regulatory action."

The new law comes at a time when advances in technology make data more valuable, and therefore raise the stakes in protecting it.

The ability to analyze everything from consumer purchases to medical records holds enormous potential, with suggestions that it will make us healthier, improve traffic flows and other good things for society. At the same time, it provides business with huge new opportunities for profit, with some experts putting the value of the global data economy at $3 trillion.

That potential is underscored by changes in the list of the world's most valuable companies, which was once dominated by energy and industrial companies. Now Apple, Alphabet, Microsoft, Amazon and Facebook hold five of the six top spots.

"Data is the new soil," said Adam Schlosser, the project lead for digital and trade flows at the World Economic Forum. "It serves as a foundational element for growth."

But with that potential comes concern that data can be used for private gain, threatening personal privacy rights.

Allegations that political consultant Cambridge Analytica used data harvested from Facebook accounts to help Donald Trump with the 2016 presidential election offered a tangible example of the fears highlighted by privacy campaigners.

Andersen fears that "dodgy operators" will continue to flout the rules, but he hopes publicity around GDPR will help demonstrate that he takes data protection seriously — that he recognizes the information behind those nametags decorated with cupcakes, unicorns and smiley faces is something to be safeguarded.

"In terms of pieces of data that you don't want to go astray, your children's information is kind of the core of that," Andersen said. "In a way, that's why we as a company have been successful — (by) trying to treat our customers as parents in the way I would want to be treated as a parent."

See Original Post

Reposted from The Himalayan

As most of the museums damaged in the 2015 earthquakes are being reconstructed, curators and museum experts have stressed the need to install modern safety equipment.

Reconstruction of four museums, which are operated by the Department of Archaeology, is under way at present. But, authorities concerned have not bothered to instal equipment to improve safety and security of the museums and artifacts or valuables  kept inside them.

The National Museum at Chauni, along with three museums located in Kathmandu, Bhaktapur and Lalitpur house hundreds of highly valued artifacts and other objects of archaeological importance. But, none of these museums are completely open to visitors due to security reasons and poor management.

According to Chairman of International Council of Museums, Nepal, Bijay Kumar Shahi, museums in Nepal must be upgraded and digitalised to attract more visitors. “We have not been able to show the world what we have. What can we expect from our museums that have not even updated basic information on their websites? he asked.

“Although we have realized the importance of updating our museums, we have not even received sufficient budget for reconstruction, let alone up-gradation of the museums,” said Chief of the National Museum at Chauni Jay Ram Shrestha.

See Original Post

Reposted from Security Management 

​How will online trust change over the next decade? That was the focus of a new nonscientific canvassing of 1,233 individuals by the Pew Research Center and Elon University’s Imagining the Internet Center, which found that most experts think “lack of trust” won’t be a barrier to society’s reliance on the Internet.​

The survey partners asked 1,233 individuals, including technologists, scholars, practitioners, strategic thinkers, and other leaders: “Will people’s trust in their online interactions, their work, shopping, social connections, pursuit of knowledge, and other activities be strengthened or diminished over the next 10 years?”

Forty-eight percent of respondents said they think online trust will be strengthened, 28 percent reported that trust will remain the same, and just 24 percent said trust will be diminished. 

“Many of these respondents made references to changes now being implemented or being considered to enhance the online trust environment,” according to Pew. “They mentioned the spread of encryption, better online identity-verification systems, tighter security standards in Internet protocols, new laws and regulations, new techno-social systems like crowdsourcing and up-voting/down-voting, or challenging online content.”

For instance, Adrian Hope-Bailie, standards officer at blockchain solution provider Ripple, participated in the survey and said technology advancements are bringing together disparate but related fields, like finance, health care, education, and politics.

“It’s only a matter of time before some standards emerge that bind the ideas of identity and personal information with these verticals such that it becomes possible to share and exchange key information, as required, and with consent to facilitate much stronger trusted relationships between users and their service providers,” Hope-Bailie explained.

One technology that respondents were asked about in particular was blockchain and the role it might play in fostering trust on the Internet. Blockchain is a digital ledger system that is encryption-protected and used to facilitate validated transactions and interactions that cannot be edited.

Other experts, however, were less optimistic about the future of trust in online interactions. Vinton Cerf, vice president and chief Internet evangelist at Google, and co-inventor of the Internet Protocol, participated in the survey and said that trust is “leaking” out of the Internet.

“Unless we strengthen the ability of content and service suppliers to protect users and their information, trust will continue to erode,” he explained. “Strong authentication to counter hijacking of accounts is vital.”

Overall, the survey found six major themes on the future of trust in online interactions:

1. Trust will strengthen because systems will improve and people will adapt to them and more broadly embrace them.
   

2. The nature of trust will become more fluid​ as technology embeds itself into human and organizational relationships.
   

3. Trust will not grow, but technology usage will continue to rise, as a “new normal” sets in.
   

4. Some say blockchain could help; some expect its value might be limited.
   

5. The less-than-satisfying current situation will not change much in the next decade.
   

6. Trust will diminish because the Internet is not secure, and powerful forces threaten individuals’ rights.
   

See Original Post