See Original Post

Reposted from Tim Richardson

“I’d like to propose a post!”
Yes, I said those embarrassing words in front of dozens of people at my grandparents 50th wedding anniversary.
Then there were the words I said the time that my future wife invited me to attend her final sorority party (which was our first date).
“What’s the matter, you couldn’t find a date?”
It’s a wonder she said yes when I asked her out for a second date!
The chances are high that you are also haunted by the memory of saying something really stupid.
I can think of a lot of embarrassing and utterly ridiculous things that have left my mouth. I have kept a list of my worst verbal slip ups in my mind for many years.
Sometimes the price we pay for saying or doing something stupid could simply result in momentary embarrassment. However, the stakes could be higher than that. Ill-advised words could lose a customer. Poor word choices could prevent us from closing the sale. Our insensitive words could result in damaging a friendship or alienating a family member or co-worker.
Stupid words lose elections, end marriages, stifle careers, and start wars. 
But let’s turn things around—what are the best words you’ve ever said? Words that were exactly right for the situation. Words that brought positivity, encouragement, and life. Words that began friendships and romances, stirred imaginations, and cast visions of future success.
 If you are like me, you probably have a hard time remembering your best words.
Why is it that we remember our spoken mistakes better than our spoken successes?  It’s because we tend to focus on our mistakes, the things we do poorly, like when we fall flat on our face, or say the wrong thing. It’s human nature and we all keep our mistakes and poor decisions in our memory.
I’d like to propose (not protose) that we all start keeping a list of our best words to counter the negative thoughts that lurk in our brains.
Words are important. The worst words are important to avoid saying again, learn from, and then forget.
The best words are important enough to remember, to celebrate, and repeat.

See Original Post

Reposted from Museums Association

If improving cyber security was not already a priority for cultural
institutions, it has surely jumped to the top of everyone’s to-do lists
following last year’s cyber-attack on the British Library. The fallout is still being felt as library staff try to restore online and in-person services that were curtailed by the October incident. The organization is also having to deal with a damaged reputation and the ongoing costs associated with addressing the issue. There was some good news in January when the library managed to get its main catalogue back online. It was also able to offer access to most of its special collections for the first time since the attack. *Far-reaching implications* “What happened to us in October has implications for the whole collections sector,” wrote chief executive Roly Keating in a blog on the British Library’s website. “In the months ahead, we will begin to share the lessons we’ve learned from this experience with partners and peer institutions.”
The British Library is a high-profile institution with a global reputation, but those who think that smaller organizations are less likely to suffer cyber-attacks should think again. A devastating cyber-attack on Hackney Museum in October 2020 received farless publicity. The museum was affected only because it is part of a larger organization, the London Borough of Hackney, but the attack had
far-reaching consequences that still affect all areas of its work. Rebecca Odell, project curator at Hackney Museum, says: “As museums, we create business continuity and emergency salvage plans for use if our venue burns down and collections are destroyed – and we refer to the experience of our cyber-attack as a digital building burning down. "Everything has changed, but there are no ruins that people can see to understand the trauma of what we have experienced and the years it will take to recover. Cyber-attacks change everything, except the expectations of stakeholders and the public.” *‘An everyday hazard’* Odell has a stark warning: “Unfortunately, attacks need to be considered an everyday hazard, and museums need to look beyond prevention to mitigating
the damage. We would like to see more leadership in the sector and the
creation of a template for digital salvage plans to protect collections,
assets and research.” Hackney Museum is not the only UK museum to have been hit. In the winter of2021-22, the Royal Armories was attacked, and its collections management system was down for three months. When it got back online, the museum discovered that the hackers had accessed its back-ups and deleted eight months’ worth of data. Staff are still working on recovering the lost data.
 
Several museums in the US – including MFA Boston, the Rubin Museum of Art
in New York and the Crystal Bridges Museum of American Art in Arkansas –
experienced problems recently after a cyber-attack on third-party tech
company Gallery Systems.
*Growing problem* The problem is clearly growing –and cyber-attacks are costly and time-consuming to sort out. A Financial Times report claimed the British Library will have to spend up to £7m (or 40% of its £16.4m unallocated
reserves) to recover from the cyber-attack. The British Library says media reports about the cost of recovering from the cyber-attack are inaccurate. “The final costs of recovering from the recent cyber-attack are still not confirmed,” a statement reads. “The British Library and its government sponsor, the Department for Culture, Media and Sport, remain in close and regular contact. The library always maintains its own financial reserve to help address unexpected issues and no bids for additional funding have been made at this stage.” Whatever the final costs to the British Library, it won’t be cheap.  So, what can museums and other cultural institutions do to better understand how a hack can happen, what measures they can take to reduce the chances of one occurring, and how they might recover if they do suffer one.
 
The good news is that help and advice are available. The British Library
has received support from the National Cyber Security Centre, which offers
a cybersecurity guide for charities. This aims to help smaller
organizations improve cybersecurity quickly and inexpensively. Mike Ellis, co-director of consultancy Thirty8 Digital, says backing update is crucial, although he does sound a note of caution: “Even if you’ve got a great back-up regime, and you test regularly to make sure you actually can restore, because of the nature of these attacks, you have no idea whether you’re restoring a compromised back-up,” he says. *Compromising usability* Ellis also points out that there is always going to be a compromise between usability and security. “If you’ve got full access to all websites, install whatever software you want on your computer and so on, life is easy,” he says. “But the
compromise is you’re very much more likely to bump into something nasty.
“On the other hand, if you’re locked down and can’t do any of these things, you’ll spend a lot of your life being annoyed that you can’t do what you
need to do – but at least you’re secure. Somewhere in the middle of this is
a context that balances correctly for you and your organization. But it is
always going to be a compromise.” Ellis says it is important for organizations to sort out their approaches to passwords – something that is often ignored.
 
“Few museums have a solid password strategy, in large part because it’s
quite hard to maintain passwords across staff working at several machines,
in several locations and different contexts. “The default becomes ‘just use that same old password we have for everything’ – and before you know it, you’re compromised. Some education needs to happen, as I don’t think many non-nerds understand how hackers move passwords around or publish them on the web. The negative impact of
having a single password, however strong, for all things is not well
understood.” But in a sector with limited funding that uses lots of freelance workers and volunteers, creating a robust password management strategy isn’t straightforward. Indeed, nothing associated with cybersecurity is
straightforward. Nevertheless, all cultural organizations should act now to protect themselves from attacks and plan what to do if their security is
compromised. Backing up your data All charities, regardless of their nature and size, should make regular back-ups of their important data, and should ensure that these back-ups can be restored.
 
By doing this, you are ensuring your charity can still function following
the impact of flood, fire, physical damage or theft. Furthermore, if you
have back-ups of your data that you can recover quickly, your charity will
be more resilient to cybercrime.

See Original Post

Reposted from CISA

On Wednesday, March 27, we are hosting a special CISA Live! – Celebrating Women in National Security LinkedIn Live as we close out Women’s History Month with two women making history! CISA Director Jen Easterly and Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technologies Anne Neuberger come together to highlight the achievements of women in the national security sector and share personal insights on their career paths.  Don’t miss your chance to engage in a live Q&A session with these two extraordinary leaders. This is one event you won’t want to miss!  Join us on March 27 at 12 pm ET with your questions—and feel free to share this invite with others who may be interested.

Register today! CISA Live! – Celebrating Women in National Security.

See Original Post

Reposted from Art Sentry

The 2024 outlook leaves little doubt that for many museums, it’s not a matter of whether protest activity will occur at their site but when. Here are some things to consider in preparing your museum to address these kinds of incidents safely:

• Train security not to allow protesters to publicize activities. Clear galleries to limit what is being filmed/posted so that real or perceived danger to the museum’s collection cannot become a hook to generate publicity.
  
  
• Press charges when necessary, so that future protest/activist groups understand the consequences of behaving unsafely or causing harm. 
  
  
• Coordinate your response plan with local police and other cultural properties in your area. Coordinate internally with staff responsible for security, visitor services, accessibility, collections care, and communications. A unified approach is the safest and strongest. 
  
  
• Do not attempt to arrest or physically remove protesters. Wait for the police. 

When museums are caught up in the currents of civil unrest, awareness and proper preparation can minimize any negative impacts without hindering their mission of engaging with their community. 

See Original Post

Reposted from Tim Richardson

Four years ago this week, our world crumbled. The threat of COVID-19 changed everything. Entire industries, including travel and conferences suffered tremendous setbacks. The weeks and months after the pandemic were difficult for everyone. My business of speaking to businesses and organizations grinded to a temporary halt. Helping organizations perform better is what brings me purpose and joy. I have helped thousands of employees and hundreds of organizations improve their performance. But during the pandemic, I couldn’t do that. So I slipped into a dark place. I didn’t use my time well. I was the host of a few pity parties thrown just for me. I had serious reservations about my speaking future. For a brief moment, I even wondered what I might do if the speaking profession never rebounded. One day I was scanning my professional speaking association’s Facebook page and saw a post by a speaker I did not know. He wanted to host a weekly Zoom call for speakers to help each other navigate the challenging times we faced. The purpose was to hold each other accountable for making calls and to support and encourage each other. Needing some inspiration and accountability, I joined. Every Monday, six of us met online to talk about what we had accomplished the week before. We discussed new business ideas, we shared what books we were reading, and we challenged each other to continue moving forward. More than three years later we continue to meet via Zoom to encourage and sharpen each other. We have all grown by providing honest feedback and helpful advice. We look forward to our regular times together and continue to build upon the foundations which brought us together. While mastermind groups are a powerful way to grow your business, there are many types of groups that meet to hold each other accountable or learn together.

For the last five years, my wife has been meeting with a group of women to encourage each other and to help each other with spiritual growth and development. She gets great value out of their meetings and likes having the support of close friends. Katherine Johnson, a NASA mathematician and the inspiration for the movie “The Hidden Figures” regularly met with other black woman who made major contributions to the United States space program. Henry Ford, Harvey Firestone, Thomas Edison, Dr. Alexis Carrel, Charles Lindbergh, and a young man named Jim Newton met over many years to support each other in their business and career endeavors. Lincoln had his team of rivals consisting of cabinet members with vastly different political views – even foes – who challenged and advised him during our nation’s most troubling times. Jesus had 12 disciplines whom he met with and traveled with to spread Christianity to the world.
Nearly every successful businessperson or professional speaker that I know surrounds themselves with others to help them be better at what they do. I am grateful today, on National Professional Speakers Day, to share my gratitude and appreciation for the many speakers I have shared with and learned from over a long career. The accountability and support I had received through meeting with other business professionals and professional speakers has been life and career changing. Don’t miss out on the power of participating in an accountability or study group to help you grow as well.

Reposted from EMR-ISAC

As machine learning models are “moving AI into its industrial age,” there will be “potentially huge economic impacts for both winners and followers and unintended consequences, from rampant deepfakes and misinformation to the development of AI-generated computer viruses or new chemical weapons,” the U.S. intelligence community warned in its annual threat assessment published Monday.

The annual report notes that China “remains the most persistent cyber threat to U.S. Government, private sector, and critical infrastructure networks” and that Beijing has carried out a years-long effort to infiltrate key critical infrastructure networks around the United States. American spies assess that activity, which is widely tracked as Volt Typhoon, aims to give China the ability to disrupt communications between the United States and China in the event of a military conflict.

Iran may attempt to interfere as well, perhaps building on a 2020 operation that saw an Iran-linked group access voter data and target some voters with phony emails purporting to be from the right-wing group known as the Proud Boys. The group behind that operation has “evolved their activities and developed a new set of techniques, combining cyber and influence capabilities,” that it could use in 2024, according to the report.

See Original Post

Reposted from EME-ISAC

A Jan. 21 ransomware attack on a Bucks County, Pennsylvania, computer-aided dispatch (CAD) system caused the temporary loss of automated services that were powered by the CAD system. Some critical functions typically provided by CAD systems include prioritizing and recording calls and locating and dispatching responders in the field. More recently, a Feb. 22 AT&T outage impacted FirstNet, the nationwide broadband network dedicated to first responders and public safety. The outage prompted the FirstNet Authority to form an After-Action Task Force to strengthen FirstNet’s preparedness for future outages. These two recent incidents are reminders of how important it is for emergency services agencies to have backup systems and processes in place in the event of a communications system outage, whether due to a cyberattack or other non-intentional cause. Earlier this month, the Cybersecurity and Infrastructure Security Agency (CISA) released two resources for emergency services agencies’ communications and cyber resiliency: 

(1) CISA updated its Public Safety Communications and Cyber Resiliency Toolkit with six new guidance documents that will help public safety agencies establish resiliency measures for their communications systems. One foundational guidance document in this Toolkit that is particularly relevant in light of recent incidents is Leveraging the Primary, Alternate, Contingency, Emergency (PACE) Plan in an Emergency Communications Ecosystem, by the National Council of Statewide Interoperability Coordinators (NCSWIC). PACE planning follows a simple and practical framework to help an organization prepare for backup communications capabilities in a wide variety of out-of-the-ordinary situations.

(2) CISA, SAFECOM and NCSWIC just launched a new 911 Cybersecurity Resource Hub. This one-stop shop compiles cybersecurity resources to make it easy for emergency communications centers (ECCs) to report a cyber incident, find real-world case studies, access cybersecurity education and training opportunities, and learn about best practices to identify and protect networks from cyberattacks. CISA, SAFECOM, and NCSWIC worked collaboratively with state and local public safety and emergency communications stakeholders to develop this interactive website.

See Original Post

Reposted from EMR-ISAC

More than 2 in 5 ransomware attacks reported to the FBI in 2023 targeted organizations in a critical infrastructure sector, the agency said Thursday in its annual Internet Crime Report. Of the 2,825 ransomware attacks reported to the FBI last year, 1,193 hit critical infrastructure organizations. The proportion of ransomware attacks hitting critical infrastructure grew from one-third of attacks reported to the FBI in 2022. Losses reported from ransomware attacks jumped 74% to almost $60 million last year. Ransomware attacks were also up 18% from the previous year.

Reposted from EMR-ISAC

The University of Florida Institute of Food and Agricultural Sciences (IFAS) and the Southern Fire Exchange (SFE) will host a webinar on Thursday, March 28, 2024, from 1-2 p.m. EDT, Increasing Large Wildfires in the Eastern United States.

This webinar provides an overview of changing large wildfire regimes in the eastern U.S., highlighting increasing wildfire number, size, and total area burned within regions of the southeast. In addition, the presentation will discuss how changing wildfire dynamics impact public wildfire risk in the wildland-urban interface. This presentation will summarize the findings from a recent publication, Increasing Large Wildfire in the Eastern United States.

See Original Post