Reposted from DHS, S&T

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has released an Operational Field Assessment (OFA) of a gunshot detection system developed for first responders.

First used by the military to detect incoming fire, gunshot detection systems use multiple sensor units to detect and triangulate the precise location of firearm discharges.

Over the last decade, law enforcement agencies in many large- and medium-sized cities have implemented gunshot detection systems. Most agencies employ fixed systems, where the sensors are installed indoors or at fixed outdoor locations to provide gunshot detection over a large, pre-defined area (often many square miles) to an accuracy of within a few feet.

An October 2022 Department of Justice-funded report analyzed how agencies across the country are currently using gunshot detection systems. The report concluded that more research is still needed to show whether gunshot detection systems are effective at deterring gun violence or reducing crime, but that there are proven benefits of these systems for first responders. Benefits to responders include significant reductions in response times and better situational awareness.

Gunshot detection systems are typically integrated into computer-aided dispatch (CAD) systems, enabling real-time alerting. Since many gunshots are never reported to 911, this capability enables responders to immediately dispatch to the scene regardless of whether 911 was called. Some systems will bypass the 911 system entirely and provide alerts directly to officers. This reduces response times by several vital minutes, which gives responders a better chance at neutralizing the threat and reducing casualties.

Gunshot detection systems can also provide critical situational awareness information to first responders before arrival on scene, such as precise locations where gunshots were fired and whether multiple types of gunshots were detected, suggesting multiple shooters.

The gunshot detection system evaluated by S&T in the new OFA improves on the technology currently available on the market in several ways.

First, the system is designed to be portable. While there are portable systems currently on the market, S&T’s system prioritized the ease with which the technology could be installed, moved, and set up by responders without requiring more than two officers or technical expertise.

Second, most current systems use acoustic technology to detect the sound of gunshots, but this system uses both light and sound. The system can detect the unique flash of light produced when a bullet is fired. This added light detection makes the system more accurate than systems which rely on sound alone. It is less likely to generate false positives when it detects gun-like sounds such as a vehicle misfiring or fireworks.

Six law enforcement officers from Iowa, New Hampshire, and New York served as evaluators to test and provide feedback on the gunshot detection system. These officers set up the outdoor sensors, overlayed maps and sensors using the situational awareness software, observed gunshot detection notifications on a PC and mobile device, and participated in a debrief with S&T’s National Urban Security Technology Laboratory (NUSTL) to gather feedback.

S&T released a Tech Speak Minisode featuring interviews with the evaluators about their feedback on the system earlier this year. The full results of the operational field assessment are available in the report.

Reposted from CISA/DHS

Today, the Department of Homeland Security announced the availability of $374.9 million in grant funding for the Fiscal Year (FY) 2023 State and Local Cybersecurity Grant Program (SLCGP). State and local governments face increasingly sophisticated cyber threats to their critical infrastructure and public safety. Now in its second year, the SLCGP is a first-of-its-kind cybersecurity grant program specifically for state, local, and territorial (SLT) governments across the country to help them strengthen their cyber resilience. Established by the State and Local Cybersecurity Improvement Act, and part of the Bipartisan Infrastructure Law, the SLCGP provides $1 billion in funding over four years to support SLT governments as they develop capabilities to detect, protect against, and respond to cyber threats. This year’s funding allotment represents a significant increase from the $185 million allotted in FY22, demonstrating the Administration and Congress’s commitment to help improve the cybersecurity of communities across the nation. 

SLCGP is jointly administered by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA). CISA provides expertise and guidance on cybersecurity issues while FEMA manages the grant award and allocation process. Award recipients may use funding for a wide range of cybersecurity improvements and capabilities, including cybersecurity planning and exercising, hiring cyber personnel, and improving the services that citizens rely on daily.

State and local governments have until October 6 to apply for this FY23 grant opportunity.

For more information and helpful resources on the State and Local Cybersecurity Grant Program, visit CISA’s webpage: cisa.gov/cybergrants

Reposted from CISA

As valued community members, we want to share an exciting development. We are thrilled to announce the launch of our brand-new Commercial Facilities Sector Management Team (SMT) Update, Arenas to Zoos!

Arenas to Zoos is a publication designed to bring you the latest updates, exclusive insights, and engaging content in one place. Whether you're a long-time sector partner, a new subscriber, or someone interested in Cybersecurity and Infrastructure Security Agency (CISA) bulletins, this update is designed to keep you informed.

What can you expect from Arenas to Zoos?

Our update will be sent monthly, ensuring you receive valuable content without feeling overwhelmed. Please share this news with colleagues who might also find Arenas to Zoos helpful.

Your feedback and suggestions are always appreciated as we strive to make this update an enriching experience for you. Should you have any questions or need assistance, please don't hesitate to contact us at CommercialFacilitiesSector@cisa.dhs.gov

Reposted from CISA

Discussions of artificial intelligence (AI) often swirl with mysticism regarding how an AI system functions. The reality is far more simple: AI is a type of software system.

And like any software system, AI must be Secure by Design. This means that manufacturers of AI systems must consider the security of the customers as a core business requirement, not just a technical feature, and prioritize security throughout the whole lifecycle of the product, from inception of the idea to planning for the system’s end-of-life. It also means that AI systems must be secure to use out of the box, with little to no configuration changes or additional cost.

AI is powerful software

The specific ways to make AI systems Secure by Design can differ from other types of software, and some best practices for safety and security practices are still being fully defined. Additionally, the manner in which adversaries may choose to use (or misuse) AI software systems will undoubtedly continue to evolve – issues that we will explore in a future blog post. However, fundamental security practices still apply to AI software.

AI is software that does fancy data processing. It generates predictions, recommendations, or decisions based on statistical reasoning (precisely, this is true of machine learning types of AI). Evidence-based statistical policy making or statistical reasoning is a powerful tool for improving human lives. Evidence-based medicine understands this well. If AI software automates aspects of the human process of science, that makes it very powerful, but it remains software all the same.

Software should be built with security in mind

CEOs, policymakers, and academics are grappling with how to design safe and fair AI systems, and how to establish guardrails for the most powerful AI systems. Whatever the outcome of these conversations, AI software must be Secure by Design.

AI software design, AI software development, AI data management, AI software deployment, AI system integration, AI software testing, AI vulnerability management, AI incident management, AI product security, and AI end-of-life management – for example – all should apply existing community-expected security practices and policies for broader software design, software development, etc. AI engineering continues to take on too much technical debt where they have avoided applying these practices.  As the pressure to adopt AI software system increases, developers will be pressured to take on technical debt rather than implement Secure by Design principles. Since AI is the “high interest credit card” of technical debt, it is particularly dangerous to choose shortcuts rather than Secure by Design.

Some aspects of AI, such as data management, have important operational differences with expected practices for other software types. Some security practices will need to be augmented to account for AI considerations. The AI engineering community should start by applying existing security best practices. Secure by Design practices are a foundation on which other guardrails and safety principles depend. Therefore, the AI engineering community should be encouraged to integrate or apply these Secure-by-Design practices starting today.

AI community risk management 

Secure by Design “means that technology products are built in a way that reasonably protects against malicious cyber actors successfully gaining access to devices, data, and connected infrastructure.” Secure by Design software is designed securely from inception to end-of-life. System development life cycle risk management and defense in depth certainly applies to AI software. The larger discussions about AI often lose sight of the workaday shortcomings in AI engineering as related to cybersecurity operations and existing cybersecurity policy. For example, systems processing AI model file formats should protect against untrusted code execution attempts and should use memory-safe languages. The AI engineering community must institute vulnerability identifiers like Common Vulnerabilities and Exposures (CVE) IDs. Since AI is software, AI models – and their dependencies, including data – should be capturedinsoftware bills of materials. The AI system should also respect fundamental privacy principles by default.

CISA understands that once these standard engineering, Secure-by-Design and security operations practices are integrated into AI engineering, there are still remaining AI-specific assurance issues. For example, adversarial inputs that force misclassification can cause cars to misbehave on road courses or hide objects from security camera software. These adversarial inputs that force misclassifications are practically different from standard input validation or security detection bypass, even if they’re conceptually similar. The security community maintains a taxonomy of common weaknesses and their mitigations – for example, improper input validation is CWE-20. Security detection bypass through evasion is a common issue for network defenses such as intrusion detection system (IDS) evasion.

See Original Post

Reposted from CISA

Over the last decade, unmanned aircraft systems (UAS or “drones”) have become a regular feature of American life.  We use them for recreation, research, and commerce, and we look forward to realizing the benefits of future drone innovation.  But the proliferation of this new technology has also introduced new risks to public safety, privacy, and homeland security.  Malicious actors increasingly use UAS domestically to commit and enable crimes, conduct illegal surveillance and industrial espionage, and thwart law enforcement efforts at the local, state and Federal level.

To meet this evolving threat, the Biden Administration has released the attached 2023 updates to its counter-UAS legislative proposal from last year.  This comprehensive proposal strengthens existing authorities to address the current and future threat while protecting the airspace, the communications spectrum, and the privacy, civil rights, and civil liberties of the American people.  Teams of security professionals from the Departments of Homeland Security, Justice, Defense, Energy, and State, as well as the Intelligence Community and regulatory professionals from the Federal Aviation Administration, Federal Communications Commission, and National Telecommunications and Information Administration, collaborated on this proposal.  Through this proposal and the Administration’s Domestic Counter-Unmanned Aircraft Systems National Action Plan, we are working to expand where we can protect against nefarious UAS activity, who is authorized to take action, and how it can be accomplished lawfully.  We seek measured expansions of authority while safeguarding the airspace, communications spectrums, individual privacy, civil rights, and civil liberties.  To promote all of these ends, we urge Congress to adopt legislation to close critical gaps in existing law and policy that currently impede government and law enforcement from protecting the American people and our vital security interests.

With respect to the authorities requested for the Department of Homeland Security and Department of Justice, the Administration’s 2023 Legislative Proposal is nearly identical in substance to S. 1631, championed by Senators Peters, Johnson, Sinema, and Hoeven.  Both call for a measured expansion of Department of Homeland Security and Department of Justice counter-UAS authorities.  Built into the architecture of both are critical First and Fourth Amendment protections designed to harness the good applications of drones while guarding against misuse.

We fully support S. 1631 and applaud the leadership of its sponsors.  However, the Administration’s comprehensive legislative proposal highlights additional counter-UAS needs across other federal departments and agencies.  Please let us know if you have any questions or feedback on the proposal, and thank you for your continued support.

CISA will coordinate updates on the national plan and legislative proposal at future partnership engagements to allow for direct discussions. In the interim, if you have any questions, please reach out to the CISA sUAS Security Branch at sUASsecurity@cisa.dhs.gov.

Reposted from CISA

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the FY2024-2026 Cybersecurity Strategic Plan, which guides CISA’s efforts through 2026 and outlines a new vision for cybersecurity, a vision grounded in collaboration, in innovation, and in accountability.  

Aligned with the National Cybersecurity Strategy and nested under CISA’s 2023–2025 Strategic Plan, the Cybersecurity Strategic Plan provides a blueprint for how the agency will pursue a future in which damaging cyber intrusions are a shocking anomaly, organizations are secure and resilient, and technology products are safe and secure by design. To this end, the Strategic Plan outlines three enduring goals: 

• Address Immediate Threats. We will make it increasingly difficult for our adversaries to achieve their goals by targeting American and allied networks. We will work with partners to gain visibility into the breadth of intrusions targeting our country, enable the disruption of threat actor campaigns, ensure that adversaries are rapidly evicted when intrusions occur, and accelerate mitigation of exploitable conditions that adversaries recurringly exploit. 
• Harden the Terrain. We will catalyze, support, and measure adoption of strong practices for security and resilience that measurably reduce the likelihood of damaging intrusions. We will provide actionable and usable guidance and direction that helps organization prioritize the most effective security investments first and leverage scalable assessments to evaluate progress by organizations, sectors, and the nation.  
• Drive Security at Scale. We will drive prioritization of cybersecurity as a fundamental safety issue and ask more of technology providers to build security into products throughout their lifecycle, ship products with secure defaults, and foster radical transparency into their security practices so that customers clearly understand the risks they are accepting by using each product. Even as we confront the challenge of unsafe technology products, we must ensure that the future is more secure than the present – including by looking ahead to reduce the risks posed by artificial intelligence and the advance of quantum-relevant computing. Recognizing that a secure future is dependent first on our people, we will do our part to build a national cybersecurity workforce that can address the threats of tomorrow and reflects the diversity of our country. 

Learn more about CISA’s Cybersecurity Strategic Plan at https://www.cisa.gov/cybersecurity-strategic-plan 

Reposted from CISA

As the nation’s cyber defense agency, the Cybersecurity and Infrastructure Security Agency (CISA) published the Remote Monitoring and Management (RMM) Cyber Defense Plan, the first proactive plan developed by industry and government partners through the Joint Cyber Defense Collaborative (JCDC) as part of its 2023 Planning Agenda. This plan provides a clear roadmap to advance security and resilience of the RMM ecosystem, expands specific lines of effort in the National Cyber Strategy to increase public-private collaboration, and drives adoption of the most impactful security measures in the CISA Cybersecurity Strategic Plan. 

RMM is a software that is installed on an endpoint to continuously monitor a machine or system’s health and status. It also enables remote unattended administration functions including modification to the endpoint’s security configuration, installed applications, and local accounts. 

Organizations across sectors leverage RMM products to gain efficiencies and benefit from scalable services. These same products and services, however, are increasingly targeted by adversaries – from ransomware actors to nation-states – to compromise large numbers of downstream customer organizations. By targeting RMM products, threat actors attempt to evade detection and maintain persistent access through a technique known as “living off the land.”  

JCDC worked with key partners for several months to develop the JCDC RMM Cyber Defense Plan to help cyber defense leaders in government and the private sector collectively mitigate threats to the RMM ecosystem. The plan is built on two foundational pillars, operational collaboration and cyber defense guidance, and contains four subordinate lines of effort:  

(1) Cyber Threat and Vulnerability Information Sharing: Expand the sharing of cyber threat and vulnerability information between U.S. government and RMM ecosystem stakeholders.  

(2) Enduring RMM Operational Community: Implement mechanisms for an enduring RMM operational community that will continue to mature scaled security efforts.  

(3) End-User Education: Develop and enhance end-user education and cybersecurity guidance to advance adoption of strong best practices, a collaborative effort by CISA, interagency partners and other RMM ecosystem stakeholders.  

(4) Amplification: Leverage available lines of communication to amplify relevant advisories and alerts within the RMM ecosystem. 

We are confident that this public-private collaboration in the RMM ecosystem, led by JCDC, will further reduce risk to our nation’s critical infrastructure.  

See Original Post

Reposted from Allied Universal Risk Advisory and Consulting Services

Allied Universal® Risk Advisory and Consulting Services produces risk intelligence bulletins and special reports to recap key situations that may have an impact on businesses and individuals such as civil disorder, global geopolitical issues, natural disasters, and other threats. We publish these reports to provide insights and advice for dealing with potential risks/threats. Please take a moment to download your free report.   EXECUTIVE SUMMARY: The retail sector faces a wide range of interconnected crime risks, with many on the rise. These threats are expected to increase in both frequency and severity in the coming year, jeopardizing business continuity and financial assets. Retailers can expect challenges like reduced employee retention, investigations, lawsuits, asset loss, and facility damage, all leading to decreased customer and investor trust.    In this intelligence report, we examine the impact of crime on the retail industry associated with cybercrime, fraud, insider threats, organized crime, supply chain crime, theft, and violent crime involving firearms. See Original Post

Reposted From CISA

CISA urges users to remain on alert for malicious cyber activity following natural disasters, such as hurricanes, as attackers target disaster victims and concerned citizens by leveraging social engineering tactics, techniques, and procedures (TTPs).

Social engineering TTPs include phishing, in which threat actors pose as trustworthy persons/organizations—such as disaster-relief charities—to solicit personal information via email or malicious websites. CISA recommends exercising caution in handling emails with disaster-related subject lines, attachments, or hyperlinks to avoid compromise. In addition, be wary of social media pleas and texts messages related to severe weather events.

CISA encourages users to review the Federal Trade Commission’s Staying Alert to Disaster-related Scams and Before Giving to a Charity, Consumer Financial Protection Bureau's Frauds and scams, and CISA’s Using Caution with Email Attachments and Tips on Avoiding Social Engineering and Phishing Attacks to avoid falling victim to malicious cyber activity.

Reposted from Museums Association

A majority of people believe that museums, galleries and heritage sites should take a stance on the climate crisis, according to new research.

In an online survey by the Audience Agency, 51% of people agreed with the statement that these venues “should take a stance” on climate change.

Forty-seven per cent of people took this view in relation to live cultural venues, and 53% about visitor attractions.

Large proportions of people also believe that cultural organisations should take a stance on other social issues, according to the research – with just under half saying this about each of the three categories of venue.

In addition, 51% of all respondents said that they prefer to go to cultural venues “which I know share my values”.

The Audience Agency said that while this result may seem close-run, there were far more people for whom organisations sharing their own values was “a positive driving attendance factor”.

Generational divide

Younger generations were much more likely to believe that organisations should take a stance.

Within generation Z (those aged between 16 and 24), 52% said organisations should take a stance on climate change, along with 57% of millennials (aged between 25 and 44). In contrast, only 21% of people aged over 44 believed this.

An even stronger generational divide was apparent for “other social issues”. Here, 62% of generation Z respondents, and 58% of millennials, wanted to see organisations taking a stance – compared to 19% of respondents aged over 44.

There was also a clear generational difference around which behaviours people would like to see permitted at live cultural events. Generation Z respondents were more likely to say that being allowed to do things like eat or drink, take photos or talk to others would encourage them to attend.

Overall, being allowed to take photos, eat or drink and move around made people more likely to want to attend live events, while permission to smoke or vape, talk on the phone or make other noise made people less likely to want to go.

The Audience Agency said that the preferences of younger audiences for more relaxed behavioural regulations “raises interesting questions about the increasingly different experiential tastes and expectations that venues may need to be prepared to cater to in the not so distant future”.

Falling attendance

The survey results also suggest falling rates of cultural attendance. Among all respondents, 38% said they were attending less than they were before the pandemic, with only 12% increasing attendance.

Reported rates of attendance were also down compared to 12 months ago (with 35% attending less and 13% attending more).

Oliver Mantell, director of insight and evidence at the Audience Agency, commented: “Younger people are more likely to want organisations to align with their values and to take a stand on social and climate issues, as well as to prefer a wider range of permitted behaviours when attending cultural venues of all kinds. These groups will form an increasing share of audiences in the future (as they are already, given shifts in audience profiles since the pandemic).

“This suggests we are likely to see a shift in expectations on cultural venues, with pressure for more informal experiences (including more digital and social interaction), and for venues to be more value-led and outspoken about those values.”

Anne Torreggiani, chief executive of The Audience Agency, said: “These insights point to a changed role for organisations – we need to think about amplifying our social values, becoming a community resource, being prepared to join the conversation, creating opportunities for debate.”

The Audience Agency surveyed a nationally representative sample of 2,463 people for the summer 2023 wave of its Cultural Participation Monitor.

See Original Post