INTERNATIONAL FOUNDATION FORCULTURAL PROPERTY PROTECTION
Reposted from ArtGuard
A Willem DeKooning painting was recently discovered among items in a small and insignificant estate sale in Arizona. (NY Times: de Kooning Found) The piece went missing from a museum at the University of Arizona in 1985 and very quickly left a cold trail. It now seems likely it was stolen by a couple named Jerome and Rita Alter, both deceased, but the evidence is still circumstantial.
The interesting thing about the case is that from what is known it appears that at no time was there ever an attempt to sell the painting. No ransom was ever sought. No one claims to have had information stemming from any indiscreet conversations by the couple. The only conclusion that can be drawn from this is that the Alters, both of whom had strong interests in the arts, likely took it for their own personal and very private enjoyment. It was purported to have been seen behind a door in the corner of their bedroom by someone who had no idea who the painter was.
This certainly places a dubious status on the whereabouts of potentially thousands of pieces of stolen art and artifacts. We know perpetrators wait for an opportunity to sell stolen works or the right occasion to leverage them for some legal gain or reveal themselves in some careless way. But how many of the stolen works are just objects of affection, either in the possession of the thief or someone who commissioned the theft, and carefully concealed.
I return to a refrain and a reminder that contrary to the remarks – and maybe even deep rooted belief – by some that stealing high value art is a fool’s game because it can’t be sold without someone in the art world being alert to the transaction. It completely discounts the idea of emotional and aesthetic appreciation of art, the very thing we go to museums and galleries to satisfy. This may surprise anyone caught up in the wildly inflationary art market where high-end pieces are bought one day and sold a short time later simply for financial gain.
Yes, there are people who would go to great lengths to own a piece of art that they would be quite satisfied to enjoy themselves, alone, resisting any urge to satisfy their ego by letting the world know they won this prize. This may be one of the best arguments for securing art against disappearance.
September 5, 2017 - Trent, Staffordshire
SecurTest, Inc. has been named the number one international background screening company due to its triple patented iReviewNow System.
As the Number 1 Rated Background Screening Provider, Steven C. Millwee, CPP, CEO and President said, “Our exclusive iReviewNow patents, dedicated staff, commitment to accuracy, outstanding customer service, compliance, and loyal customers have made us the de facto standard.”
"As the only patented solution, no other background screening provider can create an automated, online, or email consumer reporting and dispute resolution system. Consumers or subjects of their background report receive an automated text and email alert when the report lands at iReviewNow.com. Subjects securely login, authenticate their identity, and then review the entire report to ensure it is accurate", according to Millwee.
Millwee is the inventor of the patented iReviewNow system. iReviewNow allows consumers unprecedented real-time access to their reports and the ability to dispute inaccuracies before adverse action can be taken. This revolutionary compliance system is setting the new standard in the background screening industry. To learn more about SecurTest or to sign your organization up for iReviewNow, please visit www.securtest.com Transparent The patented iReviewNow system is fully FCRA compliant: and the only system that sends the consumer a copy of his or her background report — pass or fail — simultaneous to when the employer is notified of its completion. Accurate When consumers fail their background check, they are able to see exactly what has been found on their record. They can then dispute any inaccuracies or misidentification of criminal records securely online. Reliable When employers have the 360-degree view of the candidate, they can make a fully informed hiring decision. To learn more about iReviewNow go to www.securtest.com or www.ireviewnow.com.
Reposted from asisonline.org
On July 12, 2006, fighting between the Israeli army and the Lebanese militant group Hezbollah suddenly erupted and started to spread. Hezbollah fired rockets and anti-tank missiles; Israel responded with airstrikes and artillery fire, and later launched a ground invasion of southern Lebanon. The 2006 Lebanon War raged on for 34 days before the United Nations brokered a ceasefire.
I received word of the fighting shortly before the news reports hit. I was GE’s divisional global security director at the time, based at the corporate headquarters building of General Electric (GE) Healthcare in Waukesha, Wisconsin. I was responsible for the security and wellbeing of employees at more than 600 properties around the world, including three sites in Israel and one in Lebanon. Calls were coming in from both sides of the battle; many employees were at risk of losing their lives.
However, as the war entered its tenth day, we had relocated more than 1,000 employees and family members out of harm’s way, with the help of our corporate executive team and several strategic partners. This wasn’t an easy task. We were able to continue basic operations with minimal losses in Israel, but all activity in Lebanon came to an abrupt stop. What further complicated matters was the U.S. government’s refusal, or inability, to assist with any form of safe passage from Lebanon. Still, we were able to complete relocations by using several dangerously remote and unpopulated routes to reach Jordan through Syria.
An event of this magnitude—an actual war—is difficult to navigate, and can be wholly draining. While the war crisis proceeded, the company continued to operate, so long hours were a requirement. For three days after that first call, I didn’t get many chances to sleep.
Managing a serious crisis as a group leader can be stressful, both physically and emotionally. It is crucial to recognize that your effectiveness in successfully leading others will diminish if you openly demonstrate indecisiveness, emotional frailty, and operational ignorance during the event.
But it is also important to realize that crisis leadership begins long before the actual crisis occurs. The right preparation is essential for being an effective crisis leader, and for a security executive this groundwork can start from day one on the job. By focusing on preparation, and by consistently practicing certain management best practices, managers can greatly improve their chances of being an effective crisis leader. This article explores these practices and preparation, including building technical expertise, assessing situations, developing relationships with key stakeholders, and training for emergencies.
Knowing the business you support is the most critical factor to your success as a crisis management leader. Thus, if you’re new to an organization, you should dedicate as much time as possible in your first three months to learning all you can about every facet of the business—from sales to production to market share—and meeting the people who are the driving forces in those areas.
In my career, I have had the opportunity to manage security programs for several companies in completely different vertical markets. Each market change required extended study time. There’s a huge variance in the operational methodologies of security programs at a hospital and a nuclear power plant, for example. Although the core principles of security can be applied to any industry, each line of business retains its own unique characteristics and regulatory framework.
Besides operational knowledge, you must also develop relationships with most of the key process and resource owners who support the business’s primary missions. Once those relationships are established, you should then strive to understand the secondary and tertiary levels of operations, resources, and personnel necessary to keep the business going.
In addition, you should also learn some basic business continuity planning skills and conduct a few business impact assessments. These will allow you a fuller understanding of the potential vulnerabilities and the gaps that may exist in business operations, the contingency plans themselves, and the resource base that will be available when a crisis occurs.
However, conducting a business impact assessment of your company can be a daunting task if you attempt to assess the whole business in a single review. And it can be almost impossible to complete without the full cooperation of nearly everyone in your company. Instead, consider focusing on key revenue streams, products or services that define the company, and significant vulnerabilities that could interrupt these streams and services—such as the sudden loss of a single-sourced major component, a labor disruption, or a stoppage in distribution channels. Even if the assessment seems to have little to do with traditional security activities, it is a great way to learn about the inner workings of your company.
For example, after the Great Tohoku Earthquake struck Japan on March 11, 2011, I was working as a security manager at Paramount Pictures. Due to the earthquake, almost all of the film industry’s specialized magnetic recording and video storage tape became unavailable. Sony, with its entire tape manufacturing business located in Japan, was the exclusive maker of such tape, and its production stopped cold.
This was a supply chain crisis for sure, and we at Paramount were scrambling for tapes. Fortunately, our security team had enough operational and business continuity knowledge to know where to look and who to call. By volunteering to help secure tapes for the many television productions on the lot, our team knew where to find hundreds of new and reusable tapes in dozens of secure storage locations. It was like an Easter egg hunt gone wild. Armed with this knowledge and with very little effort, the security department was able to secure dozens of the remaining tapes, which kept our production teams going until other recording methods were found.
Sometimes, it takes great effort to avoid being constrained into a departmental silo and stuck in the dark when it comes to internal business workings. But the effort is worth it. Get out there and mingle, don’t be afraid to ask questions and build relationships and alliances. Learn the business so you can contribute to its survival.
Another important component of crisis leadership preparation is staying current on domestic and international events, especially if your company is a global one. Third-party providers of intelligence and communications services can be useful here. Many of these providers even offer crisis forecasting by region and country to keep your team abreast of problem areas.
This global understanding, combined with business knowledge, will allow you to see the big picture and anticipate which operations might be interrupted if a crisis starts to unfold.
Moreover, demonstrating this knowledge improves your chances of being part of the inner circle at your business. For example, as a matter of practice, GE security leaders routinely gathered for periodic operational continuity development sessions. In these meetings, we shared intelligence derived from in-country leaders, paid global intelligence services, and geopolitical analysts. At the first signs of trouble—what we called “a smoldering issue”—the affected business units were identified, and key revenue processes were analyzed for potential impacts and vulnerabilities.
Often, a smoldering issue has the potential to challenge several exposed operational and distribution channels, and the material or human resources they contain. Thus, effective coordination and communication is critical during these initial stages.
With sufficient business knowledge and a global understanding, you will be in a position to advise the C-suite on events once a crisis starts to unfold and help your firm be active rather than reactive.
However, this cannot happen if organizational leaders reject an inclusionary approach when it comes to crisis leadership. For example, early in my career, the company I worked for decided to move forward on a major acquisition—the purchase of a competitor’s remanufacturing division. In general, not all security departments are included in every C-suite function; some do not get much visibility into major corporate decisions. This held true in our particular case because the security team was not part of the company’s diligence support team. Furthermore, the security team was not included in the company’s crisis response team, which consisted mostly of legal and financial leadership, supported by communications and customer relations staff.
As a result, the security team was unable to flag any discrepancies that might have shown up in the due diligence process. The division that was purchased turned out to be a fraudulent shell company. When news of the bad purchase reached the press a few days later, our firm suffered a severe financial loss and some reputational damage to its brand.
The incident illustrates the importance of maintaining a wide representation of all business functions on a crisis management team. By emphasizing teamwork and relationship building, a manager can help develop and maintain collaborative channels that will be invaluable during a crisis. Moreover, a well-structured and collaborative crisis management team can incorporate the use of predictive tools, such as event forecasting and analysis, that maximize the chances of avoiding a crisis in the first place.
Even so, if a crisis does occur, successful collaboration between many stakeholders is usually a prerequisite for formulating an acceptable and viable solution. An effective crisis management leader knows where to go to seek out advice from others when considering options to present to company leaders. While it is often necessary to quickly provide solution options during a crisis, it is also advisable for managers to carefully consider all security-based spending decisions, which can sometimes be driven more by fear than by reason after a major event
Once options have been considered and a response plan is approved, a manager needs strong interactive leadership skills to ensure that others buy in and follow the course laid out. As the example of the shell company purchase shows, a collaborative effort can be quickly derailed by preventing a single department, which might hold a critical part of the solution, from participating.
Good leaders make intelligent decisions; great leaders do so consistently. The combination of business operations knowledge and current event understanding will help a security leader make better decisions.
But in the final analysis, leadership is not about making the best decision possible in every instance, or about always being the smartest person in the room. It’s ultimately about your ability to earn the trust of others to the point where they will willingly follow you. Here, effective communication is vital.
In July 2005, four suicide bombers armed with rucksacks full of explosives detonated bombs on the London Underground that killed 52 people and injured hundreds more. Within four hours of the bombings, our security team at GE Healthcare was able to quickly identify—from a pool of roughly 45,000 employees —that 483 were confirmed or expected to be traveling in or about London that day for work. Using our mass communication system, we located all but nine employees on business travel that were in London or had passed through London within an eight-hour window of the bombings.
By other means, we quickly confirmed that the remaining nine travelers were safe. Additionally, some of our employees on personal leave and vacation were traveling in London that day. Because those employees had included their private cell phone numbers in the company’s emergency notification system, we were able to receive confirmations that they, too, were safe.
On the other hand, sometimes crisis pressure can lead to costly communication errors. Take for example, one of the most high-profile crisis situations in recent memory, the 9/11 terrorist attacks. After the planes hit the towers, one senior security manager of a major corporation in New York was overheard saying, “We’re being attacked! I don’t think anyone’s gonna make it out of Manhattan!” The comment started a panic in the entire office building, which took hours to calm.
The example shows that even accomplished managers can succumb to pressure. However, specialized crisis management leadership training can be invaluable in reducing the chances of this happening. Communication is often an important component of this type of training; many programs provide guidance on how bad news can be communicated without embellishment, panic, or fear, and how correct communication can provide stability and hope by demonstrating a confident resolve—indicating that something is being done immediately, or will be in the near future.
In addition, crisis training helps managers better understand the anatomy of a crisis, which is an essential element in remaining rational and functioning calmly. Drills can help build response memory, which in turn helps a leader avoid freezing or panicking.
In cases where in-house crisis training is unavailable, security managers should consider building their own training. With a little research online about crisis management planning, managers can first assemble the basics: contact sheets, resource directories, contingency plans, meeting schedules, and organizational charts. Then, with help from both the legal and human resource departments, the manager can coordinate partnerships with local emergency service and communication providers, and design some crisis training exercises.
Becoming skilled at anything takes practice, and crisis management leadership is no exception. If you ever find yourself in a room filled with managers trying to solve a major problem, don’t be shy; step up to the plate and share your knowledge and experience, and contribute something. This will build on your experience base, and allow you to practice being in crisis situations.
In the end, the best coaches are those who prepare, know the rules inside and out, and can lead their players strategically. Stopping in the middle of a crisis to learn more about the business, means you haven’t learned the business well enough and you aren’t prepared to lead.
See Original Post
Daisy Torres wants to pursue a career in law enforcement after she graduates from the University of Iowa in Iowa City, Iowa. So, when she was looking for student employment opportunities, she discovered that the university hired students to work in its public safety dispatch center.
She applied for a position, but wasn’t hired. That didn’t deter her, however, and during her sophomore year of college in 2016 she found out about another opportunity for undergraduates to work with the University’s Department of Public Safety: becoming a student security officer.
Torres filled out an application, interviewed, passed a background check, and was offered a position as an officer that fall, patrolling the campus and interacting with students.
“At first, the whole thing was intimidating, but the officers have been very helpful and supportive. They guide you,” Torres says. “They encourage you to ask questions to make sure you don’t mess up.”
The experience has also offered her a chance to see what a career in law enforcement might look like and gain a better understanding of how first responders interact with students and respond to incidents.
“As a regular person, you just see the ambulance come or you see the officer coming to take care of something—but going through the training you realize this is hard work,” she explains. “It definitely humanizes the process, so it’s really fun for me. It’s fun getting to know the people, the officers you are working with. You get to see the person behind the badge.”
That’s the goal of the Student Security Officer Program at the University of Iowa, which was created in the fall of 2016 when Assistant Vice President and Director of Public Safety Scott Beckner was hired to lead the Public Safety Department.
Beckner has spent more than 30 years in law enforcement, including 25 in higher education law enforcement with roles at Georgia College and State University in Milledgeville, Georgia; Shepherd University in Shepherdstown, West Virginia; and Michigan State University in East Lansing, Michigan.
“I believe in a community policing philosophy, meaning that our police and security officers need to go where the students are comfortable to build positive relationships with them, even if it’s not the environment in which the officers themselves are most comfortable,” Beckner says. “This enables both parties to establish meaningful communication and receive better feedback from both the law enforcement officers and the students.”
The University of Iowa covers 1,880 acres that straddle the Iowa River. Approximately 33,000 students are enrolled each semester, and most freshman undergraduates live on campus.
Protecting the campus community is the University of Iowa Public Safety Department, which has two major divisions: the police division and the security division. The police division is made up of roughly 45 armed state-certified police officers who patrol campus around the clock. The security division is made up of nine full-time security officers.
The university also has a dispatch center, which is the main dispatch center for campus 911 calls and the back-up dispatch center for the county.
When Beckner came on board in 2016, the university hired students as dispatchers in the dispatch center and also as security staff at the University of Iowa Art Museum. Based on his experience at prior institutions, Beckner wanted to expand the university’s use of student employees for campus security positions.
“Hiring student security officers is another layer of our community policing approach,” Beckner says. “It gives our officers another opportunity to connect with students to get a pulse of what’s happening on campus from the student perspective.”
With this mind-set, Beckner instructed the department to create the Student Security Officer Program to hire students to be the eyes and ears of campus public safety.
“I’m not afraid to try new things, and I’m not afraid to fail,” Beckner explains. “I think it’s just as valuable to know what doesn’t work as what does work, and you don’t always know until you try. So many people in law enforcement are afraid to fail because of the spotlight we’re in, and we have to learn to get beyond that mind-set.”
To push the program forward, Security Supervisor Beau Hartsock was pulled off his regular assignment at the time—head of security at the University of Iowa Art Museum—and brought in to recruit students and interview them for officer positions.
To recruit students, Hartsock and others in the department used the university’s Hire a Hawk program that lists student employment opportunities and attended the campus job fair. They also went to Introduction to Criminology classes—the first core class in the Criminology, Law, and Justice major—to contact students who might be interested in the program.
“The Intro to Criminology is a prerequisite to the program that every student coming in has to go through,” Hartsock explains. “We go to those classes and do a 10-minute pitch of what we have to offer and tell them about the department. If they wish to apply, they can.”
Within one month, the program had 30 students on staff as security officers, with a peak in the middle of the academic year of 75 student officers. The students completed training conducted by full-time security staff on mandated issues, including radio operation, the Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act, bloodborne pathogens, and CPR.
The student officers were then trained for each of their particular assignments. These assignments included dorm patrol, building checks, the art museum, athletic events security, the campus transportation service called Nite Ride, and the Hawkeye Storage Lot.
“We don’t train everybody on everything; we train on an as-needed basis in accordance with whatever assignment they are working,” Hartsock says.
This is because each assignment has different requirements. For instance, students assigned to Nite Ride—a transportation service that provides rides for students between 7:00 p.m. and 6:00 a.m.—act as dispatchers, taking calls and managing the app that sends the vehicle out to pick students up.
Dorm patrol requires that students walk the dormitories, using a pipe check-in system from Guard1Plus to track their progress throughout the campus. “A student could potentially walk five or six miles a night, especially on the weekends, looking for any safety concerns, damage to property, and things like that,” Hartsock says.
Student officers have similar responsibilities when they are assigned to the libraries or the Voxman Music Building, which is a new building on campus that houses valuable musical equipment.
The art museum job is a“sought-after” assignment, Hartsock says, because students sit at a desk, greet people who come into the building, and keep an eye on the building’s video camera feeds, making it a relatively low-key assignment.
The other assignment for students is Hawkeye Storage Lot, which is vulnerable to thefts from parked cars because it is separated from the main campus, Hartsock says.
“We have students that also sit out there and do patrols every half hour in an electric car around the lot for about 10 minutes,” he explains.
Students on patrol wear yellow polos and black pants and have utility belts with pipes for the check-in system, masks for CPR, and radios to reach the dispatch office. If they notice suspicious activity or an incident unfolding, student officers are instructed to radio into the dispatch office and a police officer or security officer will be sent to their location to respond.
“First and foremost, students are trained to be the eyes and ears of the university only,” according to Hartsock. “In no way are they to physically or verbally intervene…we train them on what could potentially get them in danger, and to use their best judgment.”
So far, the university has had no incidents of harm to a student security officer while on duty, according to Hartsock.
“We have the benefit of our student security officers carrying radios—the same exact radios that our police officers and our full-time security officers carry—so they are literally a key click away from our dispatch,” he adds. “And a lot of times our police officers are scanning our student security officer channels, and they can start heading that way even before it is actually dispatched by a dispatcher.”
When Torres was initially hired, her friends and fellow students’ first question was: Do you get to carry a gun? Student security officers are not armed, but they are taken seriously by their peers and this support has helped them build relationships on campus.
“I’ve been the night dispatcher for Nite Ride and [my friends] don’t bother calling the phones because they know I’m working, so they’ll text me and say, ‘Is there a chance you could send a Nite Ride my way?’” Torres says. “They think it’s interesting because they get to see me in the dorm sometimes and say, ‘I know the security officer.’”
Building this sense of community helps give credibility to the campus police because the student security officers get to know police officers as real people, says Police Captain Mark Bullock.
“Kids, when they talk about these officers as people rather than as a profession, it takes away some of those barriers that may have previously been there,” he explains.
Another benefit to having the student security officers on patrol is that it can make reporting a sensitive crime, such as a sexual assault, easier for students because they are talking to a peer instead of a police officer.
“If it is a sensitive crime, and if you have a familiar face or a peer who is part of an organization like ours, we would hope that would make reporting that crime just a little bit easier,” Bullock says. “It’s a well-known thing that sexual assaults are underreported. We would like to do anything we can to make the occurrences go down—ideally eliminate them completely. But at least knowing about them is a step in the right direction.”
For less serious offenses, such as smoking in a dorm room, Bullock says students are much more likely to bring that up to a student security officer on dorm patrol than to a security officer.
Students are “not going to be as open to saying that to a police officer as they would to one of their peers,” he adds. “General quality of life issues within our campus have been easier to report by having a peer to talk to.”
And in instances like smoking in a prohibited space, student security officers have several options on how to handle the situation, including reporting it to the residence assistant on duty, the front desk of the building they are in, or dispatch for a police response, if necessary.
Student security officers are all equipped with a radio, "so it’s a direct line of access to the police so information is coming in in real time,” according to Bullock. “There’s nothing lost in translation.”
The Student Security Officer Program has been viewed as a success so far, and the university plans to expand it during the fall of 2017 to hire approximately 125 student officers for the academic year.
“We’re actually getting ready to do a very large hiring surge of possibly 40 to 50 more students just to cover one assignment that’s in the works right now,” says Hartsock, who declined to provide more detail about what the assignment was.
The department itself is also making a push to have student security officers, police officers, and security staff be increasingly more involved with campus life in their off hours. One initiative is paying for staff to participate in intramural sports on campus.
“So you’re interacting with the university community, humanizing us in the sense that students get to know us personally, see a familiar face out of uniform as well as in uniform,” Hartsock explains. “Being more approachable and being looked at in a way that we’re really genuinely here to help.”
All of this goes back to Beckner’s focus of creating a community policing approach to campus security at the university.
“If University of Iowa officers can begin to know students on a personal level—when it’s not in the context of punitive action—I believe we’ll be able to solve more problems proactively,” he says. “One of my early goals was to begin to break down the barriers between students and campus police, and I think this program is helping us do that.”
Reposted from CSOonline.com
Responding to a cyber security incident has its own unique objectives and requires its own recovery plan.
Many enterprises blend their disaster recovery and security recovery plans into a single, neat, easy-to-sip package. But does this approach make sense?
Not really, say a variety of disaster and security recovery experts, including Marko Bourne, who leads Booz Allen’s emergency management, disaster assistance and mission assurance practice. "Security and disaster plans are related, but not always the same thing," he observes.
The objectives in disaster recovery and security recovery plans are inherently different and, at times, conflicting, explains Inigo Merino, former senior vice president of Deutsche Bank’s corporate security and business continuity unit and currently CEO of cyber threat detection firm Cienaga Systems. "The most obvious difference is that disaster recovery is about business continuity, whereas information security is about information asset protection," he notes. "The less evident aspect is that security incident response often requires detailed root cause analysis, evidence collection, preservation and a coordinated and--often--stealthy response."
Such operations usually have to be handled very delicately. "On the other hand, [business continuity plans] are by nature very public events, requiring all hands on deck, large scale communications with the objective of rapid, tactical business resumption," says Merino.
For disaster recovery plans, you almost focus on data quality first and then business processing second," says Scott Carlson, a technical fellow at BeyondTrust, an identity management and vulnerability management products developer. "For security, you rely on capability of protective control with less regard for whether or not you lost past data-- it's much more important to 'protect forward' in a security plan."
Similar, yet different
Many enterprises combine their disaster and security strategies as a matter of convenience, lured by the plans' apparent superficial similarities. "At a high-level, disaster recovery and security plans both do similar activities," says Stieven Weidner, a senior manager with management consulting firm Navigate. "Initially, both plans will have procedures to minimize the impact of an event, followed closely by procedures to recover from the event and, finally, procedures to test and return to production," he notes. Both types of plans also generally include a "lessons learned" process to minimize the possibility of a similar event occurring again.
Yet scratching the surface reveals that disaster and security recovery plans are actually fundamentally different. "[Disaster] recovery plans are focused on recovering IT operations, whereas security plans are focused on preventing or limiting IT interruptions and maintaining IT operations," Weidner notes.
A security recovery plan is designed to stop, learn, and then correct the incident. "A disaster recovery plan may follow similar steps, but nomenclature would not likely use 'detection' to describe a fire or flood event, nor would there be much in the way of analytics," says Peter Fortunato, a manager in the risk and business advisory practice at New England-based accounting firm Baker Newman Noyes."Further, not many disasters require the collection of evidence."
Another risk in merging plans is the possibility of gaining unwanted public attention. "For instance, invoking a disaster recovery plan often requires large-scale notifications going out to key stakeholders," Merino says. "However, this is the last thing you want during an issue requiring investigation, such as a suspected [network] breach, because of the need to collect and preserve the integrity of highly volatile electronic evidence."
Stitching together complex security and disaster recovery rules and procedures can also result in the creation of a needlessly bulky, ambiguous and sometimes contradictory document. "If you try to combine processes and resources into a single plan, it can muddy the waters, oversimplifying or overcomplicating the process," states Dan Didier, vice president of services for GreyCastle Security, a cybersecurity services provider. While some disaster and security recovery processes may be similar, such as ranking an incident's overall impact, other processes are not as easy to combine. "In addition, you are likely to have different resources involved, so training and testing is complicated, as are updates to the plan after the fact," Didier explains.
Fires, storms, blackouts and other physical events are all unpredictable, yet their nature is generally well understood. Security threats, on the other hand, are both unpredictable and, given the rapidly advancing nature of cyber criminality, not generally well understood, either. This means that security recovery strategies must be revisited and updated more frequently than their disaster recovery counterparts,
A security recovery plan is undoubtedly more difficult to keep up-to-date than a disaster recovery plan, says Anthony McFarland, a privacy and data security attorney in the Nashville office of the law firm Bass, Berry and Sims. "New external cyber threats arise weekly," he notes. The list of man-made or natural disasters that could threaten a business, however, is relatively static. "Even when a business expands geographically, the number of new anticipatable disasters is limited, McFarland says.
Response to a disaster must be immediate, yet response to a cyber-event must be even quicker. "This response reality is amplified because a company may have forewarning of a pending disaster, like a tornado, flood or earthquake, but no advance notice of a targeted cyberattack," McFarland says.
"The nature of the threats within security recovery plans are more dynamic than within disaster recovery, and therefore require continual review and update," says Mark Testoni, president and CEO of SAP National Security Services. "For example, recent ransomware attacks, such as WannaCry, are incredibly destructive and require security recovery plans to examine how to effectively respond to new threats and risks."
The discovery process is the most important aspect of both security and disaster planning, Bourne says. "Plans must be adaptable and key leaders must understand what the plans are trying to achieve in order to ensure maximum success," he adds.
Making it a team effort
While most experts advocate creating and maintaining separate disaster and security recovery plans, they also note that both strategies must be periodically examined for potential gaps and conflicts. "The best course of action to have the plans complement one another is to make sure that you have the same team working through both of them," says Steve Rubin, a partner at the Long Island, N.Y., law firm Moritt Hock & Hamroff, and co-chair of its cybersecurity practice group. "Not only will they will be stronger and complement one another, but will also be more effective and resilient in the long run."
Weidner notes that it's okay, however, to have separate teams in charge of security and disaster plans as long as they regularly coordinate their strategies and goals with each other. "Each team, whether supporting security or IT recovery, needs to manage their own specific plan requirements," Weidner says. "However, oversight and governance should be centralized to guarantee events will be supported using the same methodology, such as communications to executive teams, company stakeholders and customers."
Whether planning is handled by one or two teams, the right people need to be brought onboard, Didier says. "Senior management plays a critical role and must oversee the operation," he says.
"The CIO, CISO and network administrators will be integral members of both teams," McFarland observes. However, many disaster recovery team members will have no, or only limited, involvement in the work of the security group, and vice-versa. "For example," McFarland notes, "facilities managers are critical members of a disaster recovery team, but typically not needed in the [security] group unless there was a physical loss or theft of tangible/hardcopy data from an office."
Operations and security teams should review each other’s plans in a controlled and constructive manner to determine how they can be leveraged in support of each other, suggestsMorey Haber, vice president of technology at BeyondTrust. "These policies should not be developed on islands and if possible be tested together," he says. "This helps address extreme edge cases while maintaining separation of duty requirements and building team synergies."
As enterprises learn what works and what doesn’t work in both security and disaster recovery planning, a growing number now realize that security recovery is not disaster recovery and that each has very different needs. "As organizations mature, they learn that the purpose of security incident response is much more nuanced than merely a restoration of business and that many of the functions typically invoked in disaster recovery for business continuity purposes are either not applicable to cyber security events, or in some cases, harmful to security incident response and forensics," Merino says.
"The key to having successful security and disaster recovery plans is to document, manage, test plans and and develop a common governance, communication and escalation methodology," Weidner says. "This unified approach will minimize confusion and decrease the time to recover from events."
Reposted from artnews.com
Friday morning August 25, as Hurricane Harvey approached the Gulf Coast of Texas, museums in the region closed, saying they would keep their doors closed for the weekend. Harvey, which hit the state as a Category 4 hurricane, was downgraded to a tropical storm but has battered the area since, with rain falling in unprecedented volumes and rampant flooding as a result. The crisis is expected to continue for a long time to come in small towns throughout Texas and in Houston, the fourth-largest city in the United States.
Among the institutions that closed early or completely before the arrival of the storm were the Museum of Fine Arts Houston, the Contemporary Arts Museum Houston, the Galveston Arts Center, the Menil Collection in Houston, the Blaffer Art Museum at the University of Houston, the Art Museum of Southeast Texas in Beaumont, and the Museum of South Texas in Corpus Christi, which is near where Harvey made landfall on Friday evening.
A bit farther back from the coast, other institutions closed for the weekend included the Blanton Museum of Art at the University of Texas at Austin, the Contemporary Austin, and the San Antonio Museum of Art. The Houston Press compiled a list of arts events that were canceled or postponed.
– Sunday, August 27, 4 p.m.: A spokesperson for the Menil Collection told ARTnews this afternoon that museum officials have been monitoring the situation closely. “We have done preventative sandbagging at buildings that require it,” the spokesperson said by email. “At this time, and thankfully, our buildings have not been impacted by the storm. Our director, conservation, and registration departments, which includes art handling services, are receiving regular updates about building status.” The museum is closed to staff on Monday. It is always closed to the public on Mondays and Tuesdays.
– Monday, August 28, 12:15 a.m.: The Galveston Arts Center, which rescheduled openings for its latest exhibitions from Saturday to September 9, was “doing very well under the current circumstances,” its curator, Dennis Nance, said in an email Sunday afternoon. When Hurricane Ike hit Galveston Island in 2008, the building GAC calls home on Strand Street suffered damage in excess of $1 million, and artwork totaling more than $100,000 was lost. The institution returned to the building in 2015. “Based on the organization’s experience with Ike, we’ve made necessary preparations to secure all artwork and the building,” Nance said. “We’ve deinstalled and secured all work in our second-floor vault and galleries. As of today, the building has not taken on flood water or lost power. There was minimal flooding of the streets on and around the Strand.”
– Monday, August 28, 12:35 p.m.: The Rockport Center for the Arts, which is located near Corpus Christi, south of Houston, has suffered damage, according to its executive director, Luis Purón. “From images I have been provided and third party accounts, it appears the building has sustained serious external damage,” Purón said in a post on Facebook. “One image demonstrates that the front porch is completely gone and a roof structure in the front of the building is exposed and thus compromised. It is entirely possible that additional damage to the roof exists, yet only an onsite inspection will reveal that.” The director added later in the post, “It remains unclear if all the sculptures in the Sculpture Garden collection survived the 130 miles-per-hour winds of Harvey’s Category 4 direct impact to Rockport. We won’t know about internal damage until we are able to re-enter and inspect the building. The timeline for that is uncertain.” Purón said the museum was boarded on Thursday and “the time to prepare for this evacuation was minimal, as information regarding the strength of the storm changed.” All of the institution’s staff members are safe.
– Monday, August 28, 2 p.m.: A spokesperson for the Museum of Fine Arts in Houston said in an email that “thanks to the advance preparations of our Hurricane Planning Group—from sandbagging and floodgates to emergency pumps—the storm’s impact has been greatly mitigated so far. Our on-site staff are all safe, and our collections have not had any damage. We had some isolated leaks on the main campus.” At the Bayou Bend Gardens, which are part of the MFAH and located a few miles away, “outbuildings and basement were flooded but that water has receded,” the spokesperson added. “The house and its collections remain secure.”
– Monday, August 28, 2:10 p.m.: The situation at the Menil Collection remains the same after a tense night in the city surrounding it. “No impact on our buildings,” a spokesperson wrote. “Our 24/7 maintenance and security monitoring continues. At this time, the museum and its administrative offices will remain closed to the public and staff through Wednesday, August 30. We will continue to monitor closely and update regarding closures as needed.”
– Monday, August 28, 3:55 p.m.: Bad fortune has so far spared the campus of Rice University, which plays home to the new Moody Center for the Arts as well as large outdoor artworks by James Turrell and Michael Heizer. “We are deeply concerned for our fellow Houstonians, but are meanwhile fortunate that the Moody is faring well,” a spokesperson for the center wrote. “Our building was constructed to withstand storms, and its location on campus is elevated to prevent flooding. We have no immediate information on the Turrell and Heizer installations but hope to get word about them before long.”
— Monday, August 28, 4:30 p.m.: Project Row Houses, a community-based nonprofit in Houston’s Third Ward, has been largely unaffected by the storm. “In the Third Ward, we have no standing water because we don’t have any bayous near us to overflow into our neighborhood,” Rick Lowe, the founding director of the organization, wrote. “Plus, Highway 288 dips in our area and acts as the reservoir for us, and it is holding steady only half full. I’ve spent most of the day driving between Third Ward, Fifth Ward, and Montrose buying and delivering groceries to those who can’t get out.”
— Tuesday, August 29, 1:10 p.m.: The Menil Collection was not affected by a deluge of rain that continued last night and into the day. “[Director] Rebecca Rabinow reported that the buildings are in great shape following her morning walk through,” a spokesperson said. “We are so grateful for that news and for our security and maintenance staff who will continue monitoring. No decisions yet about reopening. We are checking in with our staff to get updates about the storm’s impact on them. We hope that all are safe and sound.”
– Tuesday, August 29, 1:45 p.m.: Like many institutions throughout the Houston area and the surrounding region today, the Museum of Fine Arts and the Contemporary Arts Museum in Houston are closed because of the storm. A spokesperson for CAMH shared a statement with press that read in part, “Our thoughts are with those who have been impacted by Harvey and our fellow Houstonians during the ongoing storm. We are thankful to our crew who prepared CAMH for the storm and who continue to monitor the museum. We will keep you updated with closures and changes to programming via social media.”
– Tuesday, August 29, 2:30 p.m.: In a statement issued on August 29, the National Endowment for the Arts said it would work with arts institutions to help them rebuild. “We are coordinating with the Texas Commission on the Arts and the Division of the Arts in the Louisiana Office of Cultural Development to assess the situation and those arts organizations hardest hit by Hurricane Harvey,” the NEA’s chairman, Jane Chu, said in a statement. “As the current situation stabilizes, the National Endowment for the Arts is prepared to direct additional funds to these state arts agencies for re-granting to affected organizations, as we have done in the past.”
— Wednesday, August 30, 2:10 p.m.: Numerous Houston-area arts institutions remained closed today as officials worked to ascertain the extent of the damage throughout the region. Glasstire, a blog about the arts in Texas, has created a list of emergency resources for artists.
— Wednesday, August 30, 4:05 p.m.: The National Endowment for the Humanities announced plans to grant $1 million to libraries, arts institutions, and colleges and universities affected by the hurricane. Texas and Louisiana’s state humanities councils will receive $250,000, and the Texas Cultural Emergency Response Alliance and the Heritage Emergency National Task Force will also get money from the NEH as they continue to assess damage resulting from the storm. Cultural institutions in FEMA-designated disaster areas can also apply for emergency grants for up to $30,000.
— Wednesday, August 30, 4:15 p.m.: The Menil Collection will reopen to employees who are able to travel on Thursday and then to the public for the resumption of its regular hours on Friday at 11 a.m.
Reposted from Norway Today
Wednesday afternoon it was clear that at least 245 items from the Iron Age and Viking Era was stolen during a break at the weekend, according to NRK. Thieves has climbed scaffolding on the outside of the building and shattered a pane on the seventh floor to get into the museum premises.
The alarm went of twice, but the security guards who were at work did not notice anything suspicious.
The museum is working full blast to get an overview of the scale, but believes the number of stolen objects may increase to 300 when the museum expects to have a reasonably safe estimate next week.
– It is a significant number. This is not a burglary where someone has come in and been in a rush. We are becoming increasingly despaired as the list of stolen objects grows longer, says Head of Department, Henrik von Achen, to NTB.
On the newly created Facebook page Theft at the Historical Museum – the Viking Treasure, the museum has published a series of pictures of the 2,000 year old artifacts, asking people to share the photo series and keep their eyes open when they go online.
Reconstructs the burglary
– Look for our cultural heritage on Finn, eBay and other markets, the museum writes, despite the assumed low monetary value, believes the items will be attemted sold online.
– We are now trying to reconstruct exactly what happened, but it takes time to clarify this. The most important thing for us now is first and foremost to get an overview of what’s stolen and if possible to get the items back, says von Achen.
Reposted from securityinfowatch.com
One of the most critical elements in any disaster planning and preparedness program is the use of an effective mass notification system to alert all staff, students, visitors, patients and vendors that there is an immediate emergency unfolding and instructing them how
to safely respond.
Whether it is a weather-related disaster, for example, a college may cancel classes during an ice storm; a water main break or whether it is an active shooter incident located in a specific area of the campus, mass notification is a critical element of keeping people safe during any type of emergency.
Danger on Campus
For example, on October 1, 2015, an active-shooter breached a lecture hall at Umpqua Community College in Oregon and began shooting students. It was a shocking event because 10 students were killed (including the shooter) and many more were wounded. The shooter asked students whether they were Christians, and if they were, he shot them in the head, and if they said no, he shot them in the leg.
The most distressing element of the Umpqua Community College incident was that the mass notification system didn’t work. The system had been purchased and implemented but when the disaster happened, the system did not work. It had been set up to send out emails and text messages to all students, staff and contractors, and the system even had a scrolling banner across the screen of all campus computers. But still, the system failed.
As news of the shootings and the sounds of the gunshots were heard on the campus, students were posting questions and warnings on twitter. They were also calling their parents, who were unable to find out information on the safety of their children. The shooting was a pivotal event in the adoption of mass notification systems.
Every organization should have a mass notification system in place. Whether the organization is a hospital, a college or university, a business, a retail store, a mall, or a medical clinic, this piece should be a critical element of your organization’s emergency plan.
If your company or organization is planning to implement a mass notification system, here are some of the things to consider when selecting the system that will work best for your application
Elements to Consider When Implementing a Mass Notification System
No matter the specific mass notification system selected, you’ll need to decide whether staff will be required to use the system on their personal cell phones and home computers, or whether they have a choice of how they prefer to be contacted in case of an emergency. And as advanced capabilities are added to the organization’s mass notification system, all the policies and procedures for emergency preparedness, safety and security will need to be updated.
While use and capabilities of mass notification systems have expanded over the past decade when they were primarily used only for weather emergencies, such as tornadoes, hurricane warnings and flood warnings, today’s systems are far more proactive for safety and security purposes such as active shooter, workplace violence and terrorist incidents.
So as the use of mass notification software increases beyond its presumptive boundaries, what other uses are organizations finding for their systems? Some of the most common are:
In these cases, the mass notification system becomes not just a critical element of the emergency planning process but acts as a direct communication tool that can be used in a variety of circumstances.
Technology that is Helping the Community
At the beginning of this article, I referenced the Umpqua Community College shooting, where the mass notification system failed when needed, and how that may have contributed to the high number of deaths at the college.
However, there are numerous positive instances of how mass notification systems have saved lives, property and worked as a critical community resource.
In instances of inclement weather circumstances can change with each passing minute, the mass notification system can serve a vital role in keeping people safe by announcing hurricane or tornado emergencies in advance; sending out notifications of flooding in communities, or even intersections; notifying specific areas of cities and unincorporated areas of urgent evacuations, as in flooding during Hurricane Katrina, and also in the recent spate of wildfires in the western United States. Besides notifying residents of a required evacuation, they can also provide residents information concerning evacuation options, where available shelters are open in local areas, and even places where pets are welcomed.
On November 15, 2016, the Centers for Medicare and Medicaid (CMS) posted a new Final Rule for Emergency Preparedness in the Federal Register. The Rule covers 17 types of healthcare organizations, from hospitals to ambulatory surgery centers to medical clinics and hospices. This new broad-reaching rule has to be complied with by November 15, 2017 and includes a requirement for a mass communication system.
The CMS Final Rule on Emergency Preparedness states that:, “A hospital [must] have a process for ensuring cooperation and collaboration with local, tribal, regional, state, or federal emergency preparedness officials’ efforts to ensure an integrated response during a disaster or emergency situation.”
“In addition, “we would expect the facility to include in its emergency plan a method for contacting off-duty staff during an emergency and procedures to address other contingencies in the event staff are not able to report to duty which may include but are not limited to staff from other facilities and state or federally-designated health professionals.”
Accrediting organizations like the Joint Commission for healthcare organizations also includes similar requirements for communication systems.
Difficult times call for new strategies in protecting staff and facilities. Having a mass notification system is a critical component in ensuring organizational staff is safe during a wide variety of emergencies. Whether it is a flooding event, an approaching tornado, a domestic violence incident, severe heat, an active shooter, a local terrorist, or a variety of other types of events, having a mass notification system is one of the very best controls you can implement that will help your organization function better in an emergency situation.
Reposted from smithsonianmag.com
The Galveston Arts Center sustained heavy losses when Hurricane Ike hit Texas in 2008. This time around, staff members were ready.
On a Wednesday afternoon, staff members at the Galveston Arts Center were in the final stages of installing an expansive exhibition that was scheduled to open on August 26. Works by three contemporary artists—Bradley Kerl, Angel Oloshove and Christopher Cascio—had been carefully displayed in three different galleries. Then the news broke: Hurricane Harvey was going to hit, and it was going to hit hard.
Fearing for the safety of the art, staff began dismantling the exhibition. They carried the works to an upper level of the building, and stored them in two different rooms: a small, cement vault and a windowless back gallery. The opening of the exhibition was pushed back to September 9. The main galleries stood empty.
Now that Texas is in the midst of the storm, it appears that Galveston has been spared the worst of Harvey’s wrath; Houston, by contrast, has been devastated by heavy rains and flooding. But last week, not knowing where the hurricane would hit, the Arts Center team decided not to leave anything up to chance.
“We are taking every precaution,” Dennis Nance, curator at the Galveston Arts Center, tells Smithsonian.com. “There's no messing around with this stuff."
Nance has good reason to be wary. Back in 2008, when Hurricane Ike pummeled Texas, the Galveston Arts Center sustained steep losses. According to Harvey Rice of the Houston Chronicle, art valued at more than $100,000 was ruined, and the storm caused upward of $1 million in damage to the historic, 19th-century bank building that houses the Arts Center.
Nance was not working for the Galveston Arts Center at the time, but he noted that the team was unable to properly prepare for the storm.
“They had a huge retrospective exhibition with large works,” he explains. “I believe the curator wasn't able to get there in time to help with the preparations, and couldn't even have done it on his own. It was just the worst possible scenario.”
It took the board members seven years to raise enough funds to restore the building and return the Galveston Arts Center to its historic home. Nance says that memories of Hurricane Ike, and the damage it caused, are still “traumatic.” So this time around, the team was prepared.
Planning for the possibility of a fierce storm began long before Harvey started fomenting in the Caribbean. Knowing that hurricane season was approaching, Nance deliberately scheduled exhibitions that would be easy to transport and store if the worst were to happen. The works that will now go on display in September include a series of paintings and small, ceramic totems.
“I was like, ‘We're going to do a couple of painting shows, not major installations in hurricane season,’” Nance says.
When news of Harvey’s impending arrival broke, Nance swung into action. He made sure that the upstairs vault was clear, and then began sorting through essential paperwork, like insurance policies and loan agreements. Next, he contacted artists whose work was on display at the Arts Center.
“The three artists with work on view all live in Houston and we all felt we could safely secure their work in our building, where it would also be covered by our fine art insurance policy,” Nance explains. “I made sure all loan agreements were in order and thoroughly documented the work on view. If we would have brought the work back to their studios [in] Houston, we would have not been able to offer the same assurances in the event of flooding in their studios. It's definitely just as much about taking care of the people we work with as much as the object they create.”
Once the art was packed away in a secure location, staff moved all gift shop merchandise that was touching the floor to an elevated space, where it would be safe from potential flooding. During the renovations after Hurricane Ike, the basement of the Arts Center was fitted with storm windows. But on the recommendation of Alex Irvine, former executive director of the Galveston Arts Center, staff members lined the rest of the building’s windows with towels.
Then, they went home to wait out the storm, hoping that the Arts Center would emerge unscathed. Thus far, it seems to be faring well.
“With the renovation of the building, we have a security system with cameras, and I can just turn my phone on and look into the gallery,” Nance says. “So Friday night when that first rain was coming in, I was just looking, and you could see the front door, and there was a little light on the table so I could tell, ‘OK, power's still working. There's no water in the building.’”
“We feel really lucky,” he adds, “and our hearts totally go our to the organizations and people who are experiencing the worst part of [Harvey].”
As heavy rains continue to fall on Houston, Nance and other members of the local arts community have been busy compiling resources for artists whose work has been damaged by flooding. Fresh Arts, a Houston-based non-profit that supports local artists, has put together a community-sourced Google Doc listing organizations that provide emergency support, in the form of financial grants, loans and short-term residencies.
“I think everyone just really wants to help right now,” Nance says. “It's been really amazing just to see what people are doing to support one another.”
Reposted from Chicago Tribune
A shooting inside a public library that killed two people and wounded four has deeply shaken an eastern New Mexico community.
The gunman surrendered after the shooting Monday and was taken into custody without incident after police entered the Clovis-Carver Public Library, authorities and elected officials with the city of Clovis said during a news conference. Warrants for his arrest were being prepared, but it's wasn't immediately clear what charges he would face.
Clovis Mayor David Lansford said things could have been much worse had it not been for the quick response, training and courage of police. He called the shooting tragic and senseless.
"This is a big blow to our community," he said. "Our community is a community that places a high value on life and the sanctity of life. And each life that lives in this community is precious. So we're all hurting right now as a result of what took place this afternoon."
Clovis, a city of about 40,000, is about 200 miles east of Albuquerque, near the Texas state line. The area is home to Cannon Air Force Base. The nearby community of Portales is home to Eastern New Mexico University.
The injured included two men and two women, authorities said. Some were taken to a hospital across the state line in Lubbock, Texas. The extent of their injuries was not immediately known.
One woman was seen being helped into an ambulance while a call for air ambulances could be heard over police radio traffic.
The names of the victims and the gunman were not released.
A woman who was in the Clovis-Carver Public Library when a man killed two people and wounded four others said the man told her to run, the Eastern New Mexico News reported Monday night.
Lisa Baird told the newspaper that she was about 20 feet from the man as he opened fire inside the library.
"Run!," he yelled at her. "Why aren't you running? I'm shooting at you! Run!"
Baird talked to the newspaper through Facebook Messenger. She said she was talking with a library patron when she says she heard a "very loud bang."
"My initial thought was why would someone throw a cherry bomb or M80 firecracker into the library? Then I saw a young man aim his hand, which had a handgun in it, to the ground/carpet about 6 feet in front of him and he fired like four or five shots into the carpet," she said.
She dove under a nearby desk "and tried to squish up as small as possible," Baird said.
From there, Baird said she could hear the man moving around the library and firing multiple shots.
"Then I heard his pants 'shooshing' as he approached the end of the reference desk. I heard a sound like a phone or something being put on the reference counter at the end of the desk, about 4 feet from my head," she said.
Then police entered the library and began shouting for the man with the gun to "lay on the ground" repeatedly, Baird said.
Police Chief Doug Ford says the suspect did not resist after police arrived.
Police said they were still working to process the crime scene and piece together what happened. Ford could not immediately say what kind of gun was used in the attack.
Top elected officials from across New Mexico issued their condolences for the victims and their support for the community. Gov. Susana Martinez called it a "horrific attack."
"In the coming hours and days we will learn more information about this despicable act, but for now I ask all New Mexicans to pray for the victims and their families, and for the entire Clovis community," said Martinez, a former prosecutor.
Attorney General Hector Balderas said his office has reached out to the local district attorney to offer its help.
Sojung Her, a 26-year-old cashier at the Shogun Japanese Steakhouse within view of the library lawn, said the shooting left behind a sense of fear and vulnerability.
"It's kind of a freak thing," she said. "What if he just walked into our restaurant and started shooting?"
Police cars and tactical officers crowded the streets outside as she arrived to work at the restaurant late Monday afternoon.
"This kind of thing never happens here," she said.
Vanessa Aguirre told The Eastern New Mexico News that she was in the library with her son when a man came in and started to shoot into the air.
"It all happened so fast," she said. "We took off fast."
ConferenceMembershipTraining & Certification
TRAINING & EVENTS
1305 Krameria, Unit H-129, Denver, CO 80220 Local: 303.322.9667
Copyright © 2015 - 2018 International Foundation for Cultural Property Protection. All Rights Reserved