Menu
Log in


INTERNATIONAL FOUNDATION FOR
CULTURAL PROPERTY PROTECTION

Log in

News


  • April 26, 2023 7:08 AM | Anonymous

    Reposted from The Independent

    Two climate change protesters have clashed with museum security guards after they jumped the barrier to a dinosaur display.

    Footage shows Just Stop Oil (JSO) members, who the group has named as Daniel Knorr, 21, and Victoria Lindsell, 67, entering the Dippy the Diplodocus exhibit at Herbert Art Gallery and Museum in Coventry before being arrested.

    A video posted by JSO follows the pair climb over a low metal barrier before being tackled to the ground by staff in high-vis jackets, and later being led away in handcuffs by West Midlands Police (WMP) officers.

    One staff member is shown seizing Mr Knorr’s rucksack, while another tackles Ms Lindsell and shouts: “Stop it, stop it now. Do you understand?”

    The demonstrators both remove jumpers to reveal white “Just Stop Oil” t-shirts before they are removed.

    WMP confirmed that two people were arrested in the museum at around 10am on Monday on suspicion of conspiracy to cause criminal damage.

    The force added that “two large bags of dry paint were also seized by officers” and that “protest liaison officers” are still at the scene to “keep people safe and limit disruption to a minimum”.

    Ms Lindsell, an English language teacher from Leamington, Warwickshire, said she felt “forced” to take part in the “civil resistance” action because “nothing else has moved our genocidal Government to act for the welfare of all”.

    In a statement issued by JSO, she said: “Day after day, we are alerted to the impact of rising carbon emissions, but this dinosaur government crashes on with incentivising yet more fossil fuel extraction, whilst pocketing millions from the industries leading us to extinction.”

    Knorr, a student from Oxford, also said he felt he had “no choice” but to take part in the stunt because “we’re barrelling towards suffering, mass death and the annihilation of our species”.

    In a statement, he said: “I cannot and will not commit myself to a future of powerlessly watching these horrors unfold. The dinosaurs had no choice – we do.

    “Humanity is at risk, as is everything we know and love- our historical artefacts, our art, our heritage.

    “Cultural institutions have failed to admit the truth and failed to address the urgency of action.

    “It is immoral for institutions to stand by and watch whilst our society faces inevitable collapse.

    “We call on everyone involved in arts, heritage and culture to join us in civil resistance.”

    See Original Post

  • April 26, 2023 7:05 AM | Anonymous

    Reposted from Security Management Magazine

    Diverse teams are stronger teams. This has been proven by scientific research as well as in-the-field practices—bringing in different viewpoints helps to uncover new angles, potential solutions, and pitfalls that a homogeneous group might have missed. The security industry has been making intentional progress when it comes to diversity, equity, and inclusion (DE&I) in recent years, but efforts can meet with apathy, nervousness, or fervent opposition in some quarters, especially when they are not adequately supported.

    To help security leaders make well-informed decisions about DE&I initiatives and choices, the ASIS Foundation funded an in-depth study, Empowering Diversity, Equity, and Inclusion in Corporate Security, which was released 18 January 2023. The full report is available for free to ASIS members.

    So, why is DE&I so essential for security professionals?

    “The security environment that security practitioners find themselves in day in, day out isn’t getting any easier to manage,” says one of the researchers behind the report, Rachel Briggs, OBE, from the Clarity Factory. “We really do need a team of all the talents around the table if we’re going to stand half a chance of being successful against our adversaries.”

    But in most cases security has work to do to achieve diverse teams, Briggs tells Security Management. “You don’t really need a study to tell you that the industry isn’t as diverse as it could be. You’ve just got to look around most of the rooms that you find yourself in.” Briggs notes that she has been conscious of this gap for the 20 years she has been working in and around the security industry, which is why she wanted to pursue research into the topic—to provide real, actionable data that can fuel conversations in the industry about “the need for diversity, the benefits of equity, and why inclusive workspaces make for better and more productive places of work.”

    Briggs and her research partner Paul Sizemore conducted an extensive literature review, interviewed security leaders across the industry, hosted an anonymous survey of 474 security professionals, analyzed 5 years’ worth of job searches from a security recruitment firm, and conducted structured interviews with 16 chief security officers. They looked specifically at five key dimensions: sex, gender identity, race and ethnicity, disability, and neurodiversity. While age is a significant factor in diversity, the number of varied responses on this topic was limited, so it was excluded in most of the findings, but Briggs says she plans on addressing it in depth in future research.

    “One of the great things that the survey showed is that people of many and diverse identities are feeling that they are integrated into the industry,” she adds. “I think that’s one of the positive messages that we can bring out of this, but individuals experience the industry in different ways depending on who they are. I think all of those different identity groups had certain and different ways of perhaps feeling more or less welcome, feeling more or less like they belonged, feeling more or less like they were getting equal access to opportunities and progression opportunities and so on.”

    Two of those areas that stood out to Briggs were gender and sexual orientation. “There were some consistently divergent views between men and women answering questions,” she says.

    Out of the survey participants, 38 percent were women, and 11 percent identified as LGBTQIA+. When asked the extent to which they agreed with the statement “I work in a diverse team,” 74 percent of all survey respondents agreed or strongly agreed. Among women, however, this dropped off to 56 percent. Among LGBTQIA+ participants, it hit 58 percent. Who strongly disagreed with the statement? 26 percent of women, 30 percent LGBTQIA+, 21 percent with a disability, and only 8 percent of men.

    There are unmistakable benefits to investing time, effort, and resources in DE&I—both for employees and for the organization. Briggs cites four key arguments:

    Avoiding blind spots. “A homogenous team will result in blind spots,” Briggs says. “If they and their team all look the same, all sound the same, have all got the same background, and so on and so forth, they are not going to understand the world and the threats that it poses in sufficient levels of nuance to be able to really do their job properly for the organization they’re there to protect... That’s weakness in a security program.”

    Matching the organization. Security leaders have long advocated having teams that are capable of serving the whole organization and understand the needs of the company. “As DE&I has quite rightly risen up the corporate agenda, the extent to which corporate security departments stand out as being incredibly un-diverse hampers their ability to serve the whole company and be business aligned,” Briggs adds.

    This extends beyond internal stakeholders to external perceptions and needs as well. One security intelligence manager who was interviewed for the research report noted that “In a global company where your clients are diverse, if you don’t have a diverse team that can empathize with and understand their clients, think about what this means in terms of how they design their solutions and policies… if you don’t have those people who can see things in a different light and speak to that, you will fall further behind as a function. They’re not going to be cutting edge, they’re not going to be competitive.”

    Recruitment. Speaking of competition, the battle to recruit the best talent is taking a turn from money to culture. Younger workers—especially those who belong to Gen Z (born between 1997 and 2012)—value diversity as much as they value salaries when considering job offers, Briggs says. “Chief security officers, as well as heads of HR, are well aware that companies need to be diverse to be able to attract the best talent in the future,” she notes.

    Complex and volatile risks. “If you’re going to find a period in time to be a great innovator in the security world, it’s today,” Briggs says. Given the broad global upheaval after the emergence of the COVID-19 pandemic and the disruption caused by multiple cross-border conflicts and wars, the environment where security operates is volatile, and it’s only going to get more complicated.

    “The next five to 10 years are going to be marked by and characterized by disruptive innovation with in the security industry,” she says. “It will be the security departments that can disruptively innovate that will really win the corporate security game…. If you don’t have a diverse team, you don’t stand a chance of being able to think as differently as you need to think to come up with a new set of solutions that can cope with what is arguably one of the most difficult security environments that we’ve seen in my lifetime and arguably for many generations.”

    So, what is holding people back? The research report includes comments from DE&I detractors and critics, as well as supporters, to give a more accurate picture of the issue in the industry today. Briggs finds that people who are less enthusiastic about DE&I generally fall into three broad categories:

    Anti-DE&I. On the furthest end of the spectrum, a small minority of survey respondents expressed anger and disdain about DE&I efforts—inside organizations, from industry associations, and in culture more broadly.

    Nervous. There was a contingent of security professionals who recognize the value of diversity but are worried about saying or doing the wrong thing.

    Concerned about balance. Some security professionals surveyed said that DE&I is valuable but the pendulum has swung too far, and efforts are a bit out of focus.

    “For those who are nervous, and for those who are just not quite sure what the right balance is, I think there's lots of us who can be allies to them,” Briggs says. “That is about helping people in a very straightforward, no-nonsense way, understanding what’s the business case for diversity? Why is it that you’re being asked to do this? What does good look like? What does bad look like?”

    “It’s not just about doing the right thing. It’s about being the right kind of people, and building an industry that’s composed of all of the talent rather than just some of it, and then not being nervous about reaching out,” she adds. “This is where I think security membership organizations in particular have a really important role to play. Because they are the organizations who host our events, and who help us to understand what normal looks like and what good looks like, and what behavior is acceptable and not acceptable.”

    How can organizations measure their DE&I efforts? Because, after all, what gets measured gets managed. 

    First of all, Briggs says that the industry needs much more data about who is part of security—demographics, the diverse communities represented (or not represented), and how those numbers have changed over time. Beyond demographics, the industry needs more data on progression and equity. Some CSOs surveyed by Briggs for the report are looking critically at promotions and pay raises through a diversity lens, checking that if men and women were scoring equally on management skills, then why were only men being promoted?

    Briggs recommends “just being relentless in applying that lens to make sure that any unconscious bias, any inequalities don’t creep in as people are progressing through the department.”

    In addition, many organizations collect belonging and inclusion indicators through staff satisfaction surveys. Those surveys can help security department leaders understand the sentiment among staff about DE&I, including “do I belong,” “does this place feel fair,” or “does my department tolerate jokes about gender and race?”

    Briggs offers a few notes of caution about these metrics, however. The more homogenous your department, the more likely people are to say they feel included and that they belong—because they are surrounded by people just like them. “Just looking at inclusion and belonging indexes in the absence of absolute data on diversity can be confusing, actually, rather than clarifying,” she says.

    In addition, when you start to dig into DE&I work, it raises the profile of the need for DE&I and changes employees’ expectations for their organization. This can lead belonging and inclusion scores to briefly decline as employees expect to see results from their leaders.

    All of these efforts are well and good, but there’s still the elephant in the room when it comes to diversity in security: the talent pool. Many survey participants claimed that they wanted to improve diversity, but recruiters and HR professionals consistently looked to one pipeline for new security employees: the public sector, pulling from pools of former military, former law enforcement, or former intelligence teams.

    “There are those who say, ‘Well, we would love more diversity, but the fact that we recruit from those un-diverse talent pools is holding us back. There’s not much we can do about it until the military diversifies or law enforcement diversifies,’” Briggs explains. “Actually, what was really interesting in the interviews with chief security officers that I did was I asked them very, very detailed questions about how valuable that professional background was. While they all valued what that could bring—and many of them came from it—they said it’s not critical. That background doesn’t add much to your ability to do this job.”

    She notes that the findings don’t recommend turning away military and law enforcement recruits, “but rather that we can, with confidence, look from a wider talent pool to diversify our industry. That in doing so, we make it stronger and not weaker. This isn’t about compromising for the sake of diversity. It’s about getting a brilliant, brilliant group of talented people with different talents around the corporate security table to make our security efforts bigger, better, sharper, and more nuanced for the security challenges of today and tomorrow.”

    See Original Post

  • April 26, 2023 7:01 AM | Anonymous

    Reposted from The Art Newspaper

    After two years of lockdowns and uncertainty, personal loss and public turmoil, 2022 was the year when most people could once again go and visit their favourite art or travel somewhere new, with, in most cases, relatively few restrictions. The result was that 141 million visits were paid to the top 100 art museums in our survey.

    Are things back to normal? Not quite yet. That 141 million is double the number we recorded last year, and nearly three times that of 2020. But there is still some way to go before we regain the high watermark of 230 million visits in 2019, the last full year before the pandemic.

    And, as our analysis reveals, the recovery is uneven. China’s zero-Covid strategy has meant that its museum-goers had to negotiate regular lockdowns and draconian rules. Russian museums have had to contend with their country becoming an international pariah following its invasion of Ukraine, and tourism to and from many places becoming restricted. Visitor numbers in both countries have been similar to 2021, at best.

    Elsewhere, some major museums have bounced back strongly—the Musée du Louvre in Paris is planning to restrict visitor numbers due to overcrowding but still managed to top our poll with an extraordinary 7.7 million visitors in 2022, beating the second-placed Vatican Museums by more than two and half million. London’s British Museum and Tate Modern regain their places in our top five, but their recoveries have been more sluggish than some of their international rivals, reflecting a slow bounceback by UK museums as a whole.


    Taken together, the top ten accounted for almost 40 million visits. Now that the pandemic is largely over, people seem to going back to much the same cities as they did before: Paris and London, Rome and New York. For all the efforts to get domestic audiences to visit more, either virtually or physically, it seems that people couldn’t wait to travel to see the Mona Lisa, the Parthenon marbles and the Laocoön. These icons still draw the crowds.

    UK not so OK

    Elsewhere in this supplement we report on the relatively slow recovery of London’s major museums. Sadly, this is reflected across the rest of the UK. The National Gallery in London has the dubious distinction of having lost more visitors than any other museum we surveyed, with nearly 3.3 million fewer visitors in 2022 than in 2019, the last year before Covid-19 hit. In percentage terms, however, three other UK institutions did worse: Kettle’s Yard in Cambridge was down 57% on its 2019 visitors, while V&A Dundee and the Wellcome Collection in London were both down 55%.

    None of these museums was impacted by Covid-related closures in 2022, though Kettle’s Yard, located in a former residential building, still had restricted capacity. The UK had one of the earliest and fastest roll-outs of Covid vaccines in the world and prided itself on getting back to normal as soon as possible—face masks are now a rare sight. So the reason for the slow recovery of its museum visitor numbers is hard to pinpoint, especially for those smaller museums that were less reliant on international tourists. It is true, however, that most UK museums saw strong year-on-year growth in 2022, many tripling their attendance over the lockdown-affected 2021, so perhaps next year will see a return to form.

    Where were the brightest spots in the UK? Mostly north of the border. The Burrell Collection in Glasgow reopened in March 2022 to much higher visitor figures than previously, welcoming an impressive 483,000 visitors. (Perhaps people skipped a visit to the city’s Kelvingrove museum, which got half of its 2019 figure.) Edinburgh museums did well, too, with the National Museum of Scotland receiving nearly two million visitors and the Scottish National Gallery 1.3 million, both similar to pre-pandemic times.

    The UK’s most successful paid-for exhibition of 2022 was not a blockbuster solo artist show, but Fashioning Masculinities: The Art of Menswear at the Victoria and Albert Museum (V&A), followed by shows at Tate Modern (Surrealism Beyond Borders on 158,843) and the Royal Academy of Arts (Francis Bacon: Man and Beast, 146,694). Meanwhile, David Hockney brought 221,950 free visitors to the Fitzwilliam in Cambridge for Hockney’s Eye: The Art and Technology of Depiction—a notable success for the medium-sized university gallery.

    America still dreaming

    Of New York’s major museums, the Solomon R. Guggenheim Museum had the biggest percentage drop in visitors, at 42% (with 750,000 in 2022 compared to 1.3 million in 2019), while the Metropolitan Museum of Art on Fifth Avenue saw the biggest fall in actual numbers, with 1.7 million fewer visitors than in 2019 (a 34% drop). It should be noted that the Met has changed its counting methodology, introducing “a new, digital programme that we believe is more accurate”, says a spokesperson, meaning a 20% decrease to its previously reported figure in 2019. 

    New York was not alone in its slow recovery, with institutions across the country still considerably down compared to 2019, from the National Museum of African American History and Culture in Washington, DC (down by 45%) to Denver Art Museum (34%) and the Getty Center in Los Angeles (31%).

    The most visited museum in the US was the National Gallery of Art in Washington, DC, with almost 3.3 million visitors in 2022.

    Despite there being no widespread lockdowns in the US in 2022, the pandemic’s aftershocks still affected many museums. A spokesperson for the National Portrait Gallery (NPG) in Washington, DC (which shares a building with the Smithsonian American Art Museum (SAAM) and therefore has the same figures), says that it only returned to its full opening schedule of seven days a week at the end of May, having been open for four days a week for the first quarter of the year. Despite nearly tripling its 2021 figure, with 954,000 visitors last year, the NPG and SAAM were still down 44% on pre-pandemic levels.

    Similarly, the Frist Art Museum in Nashville used to be open seven days a week before the pandemic, which helped it achieve its all-time record attendance of 359,000 in 2019. But since reopening in July 2020, its change to five days a week has contributed to a 60% fall.

    However, a handful of institutions reported figures that surpassed their pre-pandemic levels. Two of these, the Huntington Library, Art Museum and Botanical Gardens in Los Angeles (up by 26%) and the Frederik Meijer Gardens & Sculpture Park in Grand Rapids (up 3%), offered outdoor experiences as part of the museum visit. (The Museum of Modern Art in New York was also up 10%, but in 2019 it was closed for four months during renovations.)

    Euro millions?

    Around Europe the picture was mixed. While some big museums had sluggish recoveries, such as the Musées Royaux des Beaux-Arts de Belgique in Brussels (down 40% compared to 2019), the Neues Museum in Berlin (down 36%), the Rijksmuseum in Amsterdam (down 35%) and the Museo Archeologico Nazionale in Naples (down 34%), on the whole, visitors appear to be returning to museums.

    The fall in foreign tourism has been a factor in many cities—Vienna’s Albertina identified the drop by a quarter in the number of tourists to the Austrian capital as a major factor in its visitor numbers being down 26% compared to 2019. However, other tourist honeypots were almost back to normal—for example, Musée d’Orsay in Paris, was within 10% of its 2019 figure, while the Petit Palais was up 14%.

    Indeed, there were some significant jumps in attendance. In Paris, the Fondation Louis Vuitton saw its figures rise by a third, from just over a million in 2019 to almost 1.4 million last year, helped by its blockbuster exhibition of the Morozov Collection, which had a staggering 1.2 million visitors. An exhibition about Matisse’s The Red Studio painting helped the National Gallery of Denmark in Copenhagen achieve its highest ever attendance, as it welcomed more than 492,000 visitors, while the Museum of Fine Arts in Budapest saw an increase of 47% on 2019, helped by a Hieronymus Bosch blockbuster, the second most popular exhibition in the museum’s history.

    Another way of boosting attendance is to create more space. The Kunsthaus Zürich opened a new extension in October 2021, helping it double its 2019 tally of visitors to more than 555,000. The Munchmuseet in Oslo, which moved to a new building in autumn 2021, welcomed almost 852,000 people last year, getting “significantly higher visitor numbers than the old museum”, according to a spokesperson.

    Several museums, such as the Centro Botín in Santander and Galleria dell’Accademia in Florence—home to Michelangelo’s David— have reported numbers in the final months of 2022 picking up and surpassing pre-pandemic levels, pointing further towards a healthy recovery.

    Zero to here we go

    China’s zero-Covid strategy heavily impacted on its museum visitor numbers in 2022. And while Taiwan dropped its zero-Covid policy in March 2022, a continuted lack of Chinese tourists meant that visitor numbers to the National Palace Museum in Taipei remained low. The total of 553,000 was just 33% up on the previous year, and 86% down on the 2019 total of almost four million.

    One Chinese museum that defied the trend was M+. The Hong Kong museum opened in November 2021, before having to shut again from 5 January until 21 April 2022 due to Covid restrictions. Despite this, it managed to attract more than two million visitors in the remainder of the year, launching itself into our top 20.

    Australia and New Zealand had some of the strictest Covid-19 rules, which delayed their reopening compared to other parts of the world. In Australia, rules were complex and varied by state; the country did not reopen to international travellers until 21 February 2022. Despite this, visitor numbers continued to recover steadily, with many venues regaining around two-thirds of their previous numbers. The Art Gallery of South Australia in Adelaide actually did better than pre-pandemic, with 539,000 visitors. In Sydney, the Art Gallery of New South Wales saw a boost to numbers as people flocked to see its new expanded building.

    A stand-out in Asia was South Korea. A Frieze art fair was held in its capital Seoul for the first time, boosting visitor numbers at the city’s museums. The National Museum of Korea cemented its high position in our list: its 3.4 million visitors earned it fifth place. This is around the same number of people who visited before Covid. The four outposts of the National Museum of Modern and Contemporary Art also did well, with its Seoul branch receiving 1.8 million visits—400,000 more than in 2019.

    With most lockdowns hopefully behind us, we expect 2023 visitor figures to be buoyant. But while some museums are settling back into their old groove, for others it seems like the damage caused by the pandemic and the political responses to the crisis might be long lasting.

    The Art Newspaper’s Visitor Figures survey is conducted annually, and is the foremost authority on the attendance of art museums worldwide. Read the full 2022 report here

    See Original Post 

  • April 26, 2023 6:59 AM | Anonymous

    Reposted from Security Management Magazine

    It’s often said that fortune favors the brave. But what does it mean to be brave? Most would say to be brave is to face risks, usually on a level few care to accept.

    Security professionals often view risk only in negative terms, and they are taught there are four commonly accepted options for treating risk: accept it, avoid it, manage it, or share it. However, there is a fifth option that is often overlooked but can be very positive to those who understand it: exploit it. This became clear to me very early in my career as a special agent with the Diplomatic Security Service while assigned to northern Iraq with the U.S. Department of State.

    In September 2004, immediately after completing eight months of basic agent training, I was assigned to a small compound in Kirkuk, Iraq, where I shared security responsibilities with a classmate and fellow agent. It was trial by fire—quite literally—working in an area where insurgent guerillas sabotaged oil wells, blew up pipelines, and conducted brazen midday attacks against police stations and government buildings.

    In Kirkuk, it was all about the oil—raw crude bubbled to the surface, and approximately 1 million barrels were produced every day from the surrounding fields. When the Iraq War began in March 2003, oil fields were among the most precious assets to protect. For decades, oil companies had flourished in the area, but as the environment became more kinetic and their tolerance for risk waned, many ceased operations and, in some cases, abandoned millions of dollars-worth of equipment and product.

    When I arrived in Kirkuk, the environment was stable enough to allow State Department protective security details to travel throughout northern Iraq. The abandoned oil sites were still there, and other companies had purchased much of what was left of the assets for a fraction of their value, realizing immediate gains. Unlike the previous companies, these organizations had extensive security teams and robust countermeasures in place to operate and thrive in a non-permissive environment. They placed robust barriers, security cameras, armed guards, and intrusion detection countermeasures around key sites and maintained quick reaction forces to engage would-be saboteurs. They developed intelligence networks and maintained close liaisons with local law enforcement and nearby residents, and they regularly won the hearts and minds of their neighbors. It was as if they had built their program from a special operations counterinsurgency manual. Through resilience and determination, they conducted business despite harrowing odds.

    In 2011, I was posted to Mazar-i-Sharif, Afghanistan, to an even smaller off-site compound located along the famous Ring Road and miles from the nearest military base. Conditions were stable enough in Regional Command North to allow us to produce many long-range protective security missions.

    During one such trip to Badakhshan Province, we took our senior civilian representative to dinner with members of the Aga Khan Foundation, an international development agency that ran a wide spectrum of programs in some of the world’s most challenging environments.

    Many of the nongovernmental organizations (NGOs) in Afghanistan seemed wasteful and careless, launching short-sighted, half-baked programs that nearly always ran over budget and failed. But the Aga Khan team was different. They took on long-term challenges, lived among their communities, developed relationships with government officials, and created capacity with the support of highly experienced but low-profile security teams.

    The Aga Khan Fund for Economic Development owned Serena Hotels, a hospitality company that operated the Kabul Serena Hotel—a comfortable sanctuary that had repeatedly been targeted for terrorist attacks yet continued to operate profitably thanks in large part to its robust security program.

    Their resilience in this space paid off. If one needed an armored vehicle and driver for a trip across town, it wasn’t a problem. The Serena Hotel would arrange it for $500 per hour. If a group of journalists needed a meeting room to host an event for visiting corporate leadership, the Serena could produce it with class akin to a four-star Western resort. As a result, the hotel cornered the market, charging high rates and serving a unique niche which the world’s leading hospitality giants simply avoided, driven in part by their inability and disinterest in managing the risk of operating in such a volatile environment.

    The risk management community, as reflected in the ISO 31000and Committee of Sponsoring Organizations (COSO) standards for risk management, views risk as the uncertainty in achieving an organization’s objectives. Risk is a neutral concept that can have negative outcomes as well as positive outcomes. Too often, particularly in security management, the focus is on negative outcomes, but in today’s complex risk landscape, organizations need a holistic risk management approach to pursue opportunities as well as manage undesirable events.

    Organizations exist to create value in terms of goods and services. To promote competitiveness, viability, and sustainability, it is essential to understand the purpose, values, culture, and objectives of the organization to provide the information needed to support decision making for the achievement of tactical, operational, strategic, and reputational objectives. Unless the trade-offs between upside and downside risk are clearly articulated and understood, it is not possible for the governance body to determine the risk appetite it is comfortable with to achieve its objectives. The risk management mind-set has transformed from reactive to proactive—where rather than just hunkering down, effective risk management weighs offense as the best defense.

    Consider this: You’re an expert blackjack player who has invested—and probably lost—thousands of dollars in pursuit of understanding the game. You know your odds as a result of hundreds of hours of study and play, and you understand the risks because you’ve lost in the past. In the latest game. you receive your first two cards and are so confident in your abilities, you decide to double down on your bet because you are keenly aware of the potential upside of winning. You are now exploiting risk for financial gain. By understanding and managing your risk through experience and study, you stand a better chance of profiting.

    Resilience is the ability to become strong, healthy, or successful again after something bad happens. We often say security risk management programs exist to enable business to operate, and we use terms like resilience and capacity building when describing our programs. But are we thinking too small?

    What if we set the bar higher to say that our programming not only allows a business to operate, but thrive by facing, managing, and exploiting risk? This is what author, statistician, and risk analyst Nassim Taleb would call antifragility—a property of systems in which they increase in capability to thrive as a result of stressors, shocks, volatility, noise, mistakes, faults, attacks, or failures.

    In security’s case, we’re not only managing stressors (risk), but improving as a direct result of exploiting it. Taleb’s concepts seem to be enjoying a resurgence of late, particularly as the COVID-19 pandemic has exposed just how fragile many of our systems have become. (For a full dose of these concepts, start with Taleb’s 2012 book Antifragile: Things That Gain from Disorder.)

    Michelangelo once said, “The greater danger for most of us lies not in setting our aim too high and falling short; but in setting our aim too low and achieving our mark.” Effective security risk management systems should be designed with antifragility as the higher goal, built upon the capacity to not only accept, avoid, share, and manage risk—a worthy goal of a resilient program—but also exploit risk, thereby reaching a higher standard.

    However, one must always remember this is an advanced concept. Just as one would not be prudent to double down at the blackjack table unless an expert at the game, one should fully understand risk at the tactical, operational, and strategic levels before attempting to exploit it. This isn’t recommended for an immature security program. Don’t try it out on the battlefield without first proving it during peacetime.

    Is there a market your organization has wanted to explore but shied away from because of security concerns? Is there a product your company always wanted to make, but didn’t feel it had enough security controls in place to protect the proprietary information associated with the manufacturing process? This is where a next-level security program can create value by developing an antifragile program and enabling organizations to thrive within challenging environments.

    See Original Post

  • April 26, 2023 6:54 AM | Anonymous

    Reposted from Artnet News

    A drunken night at the Philadelphia’s Franklin Institute won’t end with decades behind bars for museum visitor Michael Rohana, who has accepted a plea deal for stealing a finger from one of China’s famed Terracotta Warrior sculptures during an ugly Christmas sweater party.

    Rohana is scheduled to plead guilty to charges of interstate trafficking in Philadelphia federal court on April 17, reports Philadelphia’s Kyw Newsradio. The maximum sentence will be two years in jail and a fine of $20,000. That’s down from the 30-year prison sentence he previously faced on charges of theft and concealment of an object of cultural heritage from a museum. The first trial in the case ended in a mistrial when the jury couldn’t agree on the verdict, and the second was delayed due to COVID.

    The Franklin Institute exhibition, “Terracotta Warriors of the First Emperor,” organized with Seattle’s Pacific Science Center, featured 10 life-size warrior statues from the Terracotta Army buried in the tomb of China’s first emperor, Qin Shi Huang. Rural farmers discovered tomb, filled with some 8,000 soldiers from 210 to 209 B.C.E., in northwest China in the 1970s.

    Rohana was just 24 years old when he attended an after-hours party at the Franklin Institute on December 21, 2017. During the event, he wandered into the museum galleries, which were unlocked, and slipped past stanchion rope blocking the entrance to enter the darkened exhibition.

    Video surveillance captured Rohana—wearing a Phillies baseball cap and a bright green sweater—posing for a selfie with an arm wrapped around a 2,000-year-old sculpture known as The Cavalryman, which was insured at $4.5 million. As he walked away, Rohana seemed to break something off the figure’s left hand and place it in his pocket.

    It wasn’t until January 8 that the Franklin Institute noticed that the statue’s thumb was missing. A review of security footage, combined with credit card records from guests who purchased tickets to the event, allowed an FBI investigation to finger Rohana—pun intended—as the culprit.

    Friends with whom he attended the party later testified that he had spoken during the car ride home about taking the statue’s finger, and even shared an image of the terracotta thumb on Snapchat.

    When FBI special agent Jacob B. Archer turned up at Rohana’s Delaware residence in February 2018, the suspect immediately confessed to his crime. He then returned the stolen digit, which he he kept stored in his bedroom desk drawer.

    China was furious, with Wu Haiyun, director of the Shaanxi Cultural Heritage Promotion Center, which loaned the sculptures to the traveling exhibition, demanding that “the U.S. severely punish the perpetrator,” according to the BBC. (Philadelphia passed an official resolution apologizing for the incident.)

    Three months later, a federal grand jury indicted Rohana under the federal art theft statute. When the matter went before a jury, the case resulted in a mistrial in April 2019, with the jury unable to render a verdict. What made the case unique for an art theft proceeding was the lack of financial motive.

    And the statute only applied to artworks with a value of over $5,000. Separated from the figure, how much was the thumb worth on its own, really? Two expert witnesses offered wildly different appraisals. Testifying on behalf of the prosecution, Michael Cohn claimed it was worth five percent of the sculpture’s total value, or $150,000; called by the defense, Lark E. Mason named a figure of just $1,000.

    When Rohana took the stand, he admitted he didn’t know why he had stolen the thumb.

    “Every time I see this video now, I’m trying to figure out: ‘What was going through your mind? What were you thinking?’ I don’t know how I could have been so stupid,” he said.

    The jury had to ask itself: Did an incident of impulsive, alcohol-fueled vandalism really merit the same punishment as a premeditated art heist? Rohana’s lawyer argued that it did not.

    “These charges were made for art thieves—think like Ocean’s Eleven or Mission: Impossible,” Catherine C. Henry told jurors. “[Rohana] wasn’t in ninja clothing sneaking around the museum. He was a drunk kid in a bright green ugly Christmas sweater.”

    See Original Post

  • April 11, 2023 4:53 AM | Anonymous

    Reposted from AAM

    Download a PDF copy of this tip sheet.

    This tip sheet was developed with the help of Katherine McNamee, the Director of Human Resources for the American Alliance of Museums (AAM), and is based on practices from several organizations committed to equitable recruitment including AAM.

    With the right approaches, museums and other organizations can develop recruiting practices that mitigate biases and focus on relevant skills and qualifications. Creating consistency and fairness in the process will ensure that all candidates have the same opportunity to showcase their skills and talents. The following tips cover how to identify needed resources, write job descriptions, find and assess candidates, conduct interviews, choose finalists, and track results with equity in mind.

    Identifying Resources

    • Assess who will need to make changes and decisions in the hiring process, such as:
      • Support from the organization’s board and leadership.
      • Budgeted funds to support temporary help during staff turnover.
      • Budgeted funds to support sourcing from a variety of methods—permanent placement fees, internships, etc.
      • Legal counsel to advise on how to stay compliant with Diversity, Equity, Accessibility, and Inclusion (DEAI) goals that intersect with employment law.
      • Human resources professionals to develop/direct the recruitment process, track and seek continuous improvement on results, orient staff to practices, and facilitate candidate evaluation discussions with hiring teams.

    Writing Job Descriptions

    • Craft the qualifications around specific skills needed for the position instead of assumptions about minimum credentials, which can discourage candidates with relevant experiences from applying.
    • Include the hiring salary, evaluation criteria, and expected timeline for the process so candidates understand the process upfront.
    • Consider asking candidates to omit identifying information—such as names, email addresses, and dates of education and employment—from application documents reviewers will see, to follow blind screening techniques.
    • In lieu of a cover letter, consider asking candidates to respond to two or three job-specific questions, so hiring teams have specific criteria on which to evaluate candidates in the early stages of the process. An example question could be, “Please share how your lived experience connects to or enhances your ability to contribute to [the museum]’s work.”

    Sourcing Candidates

    • In addition to major job boards like AAM’s JobHQ, advertise your position on sources that primarily serve underrepresented groups (such as comMuseum Hue, or the websites of Historically Black Colleges & Universities (HBCUs) or minority-serving colleges and universities).
    • Use a digital tool like LinkedIn Recruiter to conduct profile matches of passive job candidates who may have relevant experience but not be looking in your specific field.
    • Consider partnering with support organizations that can match you with marginalized job seekers, such as people with disabilities.
    • Consider partnering with staffing firms for a more robust and diverse candidate pool.

    Evaluating Candidates

    • When possible, have at least two people review the initial application materials independently of each other, to avoid biasing one person’s opinion early on.
    • Use a standard rubric for scoring and ranking candidates.
    • Refrain from independently researching candidates outside of the established hiring process, such as searching them on the internet or asking for feedback from mutual colleagues.
    • Have a person outside of the hiring team moderate debriefs after initial review to help lessen groupthinkand potential bias.

    Assembling a Hiring Team

    • Recruit members of multiple departments, not just the one the position is in, to take part in panel interviews and create screening questions.
    • Ensure that all team members:
      • Can represent the museum’s mission and work in a professional and engaging manner.
      • Can create a welcoming and inviting atmosphere for candidates.
      • Understand the job requirements and criteria for evaluation.
      • Understand their role in the process and what key information they are listening for in interviews.
      • Have reflected on and articulated their own personal biases when reviewing cover letters and resumes and conducting interviews and have considered how personal experience may have shaped these beliefs and views.
      • Are familiar with the legal concept of protected classes and understand that conversations with job candidates should only include questions and topics directly related to the job position.
      • Can handle sensitive information about candidates confidentially.
    • As they begin the process, encourage the team to recognize that:
      • Soft skills or people skills, such as managing people, negotiating, coaching, facilitating, mentoring, and communicating are as important as the technical skills and know-how of a position.
      • No candidate will be “perfect,” and all will have both strengths and areas for improvement.
      • Candidates may be qualified in different ways for a position, such as having transferable skills or coming from other fields and industries.
      • All new hires will need support and training, even if they have performed similar job duties in other organizations or know people in our own networks, so a need for those things is not a valid reason to reject someone.

     Interviewing Candidates

    • Use the same list of interview questions for all candidates.
    • Consider sharing the interview questions with candidates in advance to allow them time to think about their answers. (This can help candidates who are less comfortable in the interview setting feel confident in showing their abilities.)
    • Build in opportunities for candidates to showcase their skills directly. For example, you could ask a candidate to:
      • Sell us a membership to [your organization], highlighting features and benefits.
      • Walk us through how to read and interpret a financial statement.
      • Present a brief pitch on why a funder might want to donate to [your organization].
    • Conduct virtual instead of in-person interviews in the early rounds, to be more flexible and reduce demands on candidates’ time. Consider in-person interviews for finalists if needed.
    • When requiring an in-person interview with a candidate who does not live in your region, pay for any travel costs they incur, including air or rail fare, gas mileage, and hotel costs.
    • Consider paying candidates a stipend for their interview time.

    Choosing Finalists

    • When choosing candidates to move forward with an offer, ask the hiring team the following questions:
      • What assumptions are we making about this applicant?
      • What will we “miss out” on by not hiring this applicant?
      • Are we placing too much emphasis on the technical skills of the job?
      • Are we open to hiring a candidate who can offer complementary skills?
      • Are we open to hiring a candidate who can help shape our workplace culture, or do we just want a candidate who can fit into our existing culture?
      • And, if this hire is expected to help shape our workplace culture, how are we prepared to change to accommodate that culture shift?
      • What are our perceived risks of hiring this applicant, and do they have merit?
      • Will we be truly living into our values around DEAI and racial equity by hiring this applicant? If so, how? If not, why not?

    Tracking Results

    • Invite all candidates who submit applications to complete a voluntary, anonymous demographic self-disclosure survey.
    • Collect anonymous demographic self-disclosure for current staff members.
    • Track the number of and demographic data for internal promotions.

    See Original Post

  • April 11, 2023 4:52 AM | Anonymous

    Reposted from Axios

    Antisemitic incidents in the U.S. jumped to a record level in 2022, up 36% from the year before, an annual audit by the Anti-Defamation League shows.

    Why it matters: It's the third time in five years that reported episodes of antisemitism — from the distribution of hate propaganda to threats, slurs, vandalism and assault — were the most on record since the ADL began tracking such incidents in 1979.

    The big picture: The surge in antisemitic cases comes as the FBI and human rights groupswarn about rising numbers of hate crimes in the U.S. — and amid concerns that some public officials and social media influencers are fueling the problem by normalizing incendiary rhetoric.

    • The alarming numbers are likely understating the problem: A rising number of law enforcement agencies are opting not to share hate crime statistics with the FBI.

    By the numbers: The ADL found reports of 3,697 antisemitic incidents in 2022. Incidents skyrocketed in each of the major audit categories:

    • Antisemitic harassment rose by 29%, while antisemitic vandalism increased by 51%, the audit said.
    • The ADL also found activity doubled among organized white supremacist groups, which were linked to 852 incidents of distributing antisemitic propaganda.
    • The audit didn't assess the total volume of antisemitism online, but it did include cases in which individuals or groups were harassed online via antisemitic content in direct messages, on listservs or social media.

    Zoom in: States with the most incidents were New York (580), California (518), New Jersey (408), Florida (269) and Texas (211). 

    • Those five states accounted for 54% of the total incidents.

    Zoom out: The ADL audit includes criminal and non-criminal acts of antisemitism. 

    State of play: An FBI report in December said hate crimes in the U.S. fell slightly in 2021, but the agency warned the figures likely were off because of a shift to a new reporting system that led some of the country's biggest police departments not to report numbers.

    What they're saying: "This report lays bare some data around why the Jewish community has been feeling so vulnerable," Oren Segal, vice president of the ADL's Center on Extremism, told Axios.

    • Some public officials and social media influencers have helped normalize antisemitism by posting and repeating bigoted things, Segal said.
    • He cited Ye, formerly known as Kanye West, who last year posted antisemitic messages and a swastika to his 32 million Twitter followers — more followers than "than there are Jews on Earth," Segal noted. Ye was suspended from Twitter. 

    Flashback: A British national held four people hostage in a Texas synagogue in January 2022 after the synagogue's 10 a.m. Shabbat services.

    Between the lines: A growing number of elected Republicans are openly promoting "white replacement theory," a decades-old conspiracy theory that's animated terrorist attacks.

    • "White replacement theory" is rooted in the idea that there is a plot to change America's racial composition by methodically enacting policies that reduce white Americans' political power.
    • The conspiracies encompass strains of anti-Semitism as well as racism and anti-immigrant sentiment.

    What's next: The ADL is recommending that elected officials more aggressively denounce antisemitism and that federal and state governments do more to prevent antisemitism online.

    See Original Post

  • April 11, 2023 4:50 AM | Anonymous

    Reposted from AAM

    The 2023 edition of CFM’s annual forecasting report is now available as a free PDF downloadTrendsWatch: Building the Post-pandemic World explores how museums can emerge from the past three years better and stronger, using opportunities presented by pandemic disruptions to create a more just, equitable, and resilient world.

    Historically, TrendsWatch has published right around now (late March, early April). This year, for the first time, AAM members and subscribers received the report three months early, in the Jan/Feb issue of Museummagazine. The new PDF complements the magazine by:

    • Including hundreds of embedded link sources for the facts, figures, and stories I reference in the report.
    • Providing an easy way to share the content with others, including colleagues, board members, funders, and planning partners.
    • Making it possible to save the report to your digital files for future reference.

    Recent News

    Because TrendsWatch covers rapidly moving trends, the months between writing and release often are filled with new developments. For example, in the section on The Future Workforce I noted the potential for two intersecting trends—four-day workweeks and four-day school schedules. In the past couple of months:

    • Four-day work weeks have gained traction, as a large pilot project in the UK (testing 32 hour weeks with pay kept the same) wrapped up and reported that a shorter workweek resulted in lower turnover, fewer sick days, and improved performance. Here in the US, legislation has been introduced at the federal and state level making 32 hours the threshold for overtime pay. (Note, “four-day workweek” refers to a variety of practices, whether distributing the 32 hours over shorter work days Monday through Friday or actually reducing the workweek to four days.)
    • 60 school districts in Texas have switched to a four-day instructional week, and other districts around the country are preparing to make that change (including districts in MissouriOhio, and Nebraska).

    Implications for museums: As more parents choose four-day schedules, when available, to accommodate the four-day school week of their kids, might museums see “weekend attendance” spread out beyond Saturday and Sunday? As schools struggle to fit mandated instructional hours into a shorter week, will school field trips (already in decline) be further curtailed?

    (BTW—since this year’s TrendsWatch published, many people have asked me whether telework is “going away.” While conclusions on this point vary widely, according the latest research from Pew, about a third of workers with jobs that can be done remotely, a chunk that equals about 39 percent of the total workforce, are working from home all the time—a sixfold increase from the pre-pandemic baseline. An additional 41 percent of that group is working on a hybrid schedule, with some days remote and some in the office.)

    In The Partisan Divide I shared troubling signals that, while visiting museums is currently a nonpartisan activity and trust in museums remains high across the political spectrum, museums are becoming caught up in a new wave of politically fueled culture wars. Unfortunately, the past few months have only bolstered this concern.

    • In February, The American Conservative published an article attacking museums directly, accusing historic sites in particular of making a concerted effort to “teach America’s children radical ideas.” (In the report I warned that museums might be tarred with the same brush as higher education, as conservatives target sectors they believe to skew liberal, and indeed, the author of this article characterized museums’ bias as part of the “downstream impact of our biased higher education system.”)
    • One might well dismiss this article as a rant, but there are signals that the author’s belief that museums are distorting history is not only shared by others but may translate into action. This week in Tennessee, the agenda of the House Public Service Committee included HB1023, a bill that would require the state museum to transfer all collections related to the Civil War not currently on exhibit to the Sons of Confederate Veterans. (The vote was deferred to 2024.) I can’t help but think that the drafters of that bill feel the Sons would use those artifacts to tell their own particular version of history.

    Implications for museums: This trend presents museums with difficult challenges. How can museums stay true to their missions and their values, without becoming targets in a new round of culture wars? How can our sector navigate the fine line between using the trust accorded museums to present challenging ideas, and losing that trust by seeming to be partisan?

    I’ve also been thinking about the potential intersection of three of this year’s themes: A Digital (R)evolution(the maturation of museum digital practice); the rise of a values-based approach to Repatriation, Restitution, and Reparations; and Changing Climate Risk. Climate projections warn that the South-Pacific island nation of Tuvalu will be submerged by the end of this century. Late last year, in the face of this threat, Tuvalu’s foreign minister announced that the nation is going to shift its territorial and cultural identity onto the Metaverse.

    Implications for museums: There are already several excellent examples of digital platforms that draw on the data of museums across the globe to serve the needs of communities displaced or decimated by violence. (See, for example, Digital Benin and the Jewish Digital Recovery Project.) How might museums work together in service of communities damaged or displaced by climate change, serving as stewards of their heritage and providing digital connections to history and culture even to people scattered across the globe?

    TrendsWatch at AAM2023

    There will be two opportunities to dig into these topics more deeply at #AAM2023 in Denver next month. At my TrendsWatch session on Friday (May 19) at 11:30 I’ll do more of the above—sharing current news and recent thoughts about these issues. I hope you will consider joining the discussion tables (12:30 – 1:30) that will follow that presentation. I’ll provide some prompts for the conversations and look forward to the lively conversations that ensue. See you there?

    See Original Post

  • April 11, 2023 4:48 AM | Anonymous

    Reposted from Security Management Magazine

    The single biggest challenge many leaders face is getting people to do things they have never done before. And it's not a question of merely maneuvering and finagling until people take your side—it’s a legitimate trial of explaining a concept and outlining why it’s valuable.

    Former U.S. Navy SEAL John Gretton “Jocko” Willink noted in an interview, “If I’m manipulating you, I’m trying to get you to do something.  If I’m leading you, I’m trying to get you to do something.” 

    What’s the difference you ask?  Intent.

    Willink explained further: “If I’m manipulating you, I’m trying to get you to do something that’s going to benefit me.  If I’m leading you, I’m trying to get you to do something that’s going to benefit you, that’s going to benefit the team, and that’s going to benefit the mission.”

    So, how do we change people’s mindsets in business to get them to do something new that’s going to benefit them, that’s going to benefit their team, and that’s going to benefit their mission and help them achieve their strategic goals?

    In the military or hostile environments, people tend to compromise or change their mindsets to execute something new because they do not want to let the person standing beside them down. It’s that purpose or being part of something bigger than themselves that motivates them.  The same principle often applies in private industry. A 2019 Glassdoor survey of 5,000 leaders across the globe found that people prioritized a company’s mission and culture above money in choosing their next employer.

    How can security leaders leverage this motivation to improve buy-in?

    Know Your Audience

    Generally, there will be three types of reactions a leader receives upon change initiatives. 

    The team player. These individuals are highly motivated and malleable/coachable, and they will buy in from the beginning of the change process.

    The opposition. There will also always be those who resist change.  If presented with effective metrics and results from the program, eventually they will either buy-in, leave, or be weeded out.

    Prospects. There are those standing on the sidelines who want to play, but they might be unaware of how to get in the game.  How does one convert prospects to team players?  It takes consistency, discipline, and time.

    Start with the ABCs 

    Think ABC: Always Be Clear, right from the start.

    When presenting new initiatives to strategic business partners, clearly define the strategic mission, vision, and values of what it is you are trying to achieve.  Know your audience, speak their language, present the information so it could be easily understood by a 10-year-old, and be brief and to the point. 

    What is your purpose?  What is the business you are in?  Why are you, the risk manager, there at that specific moment in time?  What is it you are trying to achieve?  If your goal is the start of a new project, the strategic mission will be more finite and fit under the overall strategy of the business.  The strategic risk management goal will still be to support business partners while reducing cascading effects, impacts to assets, reputational loss, injury, or death in the workplace. Anything new must call back to that core mission.

    One example is onboarding new hires, as well as third party suppliers, vendors, or partners. The purpose is to ensure delivery of clear and comprehensive training about the organization’s security policies and procedures, including how to handle sensitive information, how to identify phishing and social engineering attacks, and how to report any suspicious activity. The strategic goal goes further—it is to build a culture of trust and credibility with our people, while reducing the risk and impact of insider threats, and ensuring that “everyone is playing the game” regarding alignment with security mission and goals.

    E=MCR2: A Formula for Changing Minds

    The evaluation of security programs is key to retaining long-term buy in and concerting any prospects or naysayers into team players. Remember: evaluation equals measurement and monitoring multiplied by continuous improvement multiplied by repetition (E=MCR2).

    Evaluate. What is the baseline?  Where are you today, and where do you want to go?  The ABCs clearly define the strategic goals we are trying to achieve, so now we must come up with specific metrics that can be evaluated. 

    For example, one may want to reduce downstream supply chain risk management risks regarding their third- or fourth-party partners, vendors, or suppliers.  Reliance upon outside service providers can create cascading effects that affect operations within any of the 16 critical infrastructure sectors listed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).  These cascading supply chain risks may potentially bring your operations to a grinding halt—or at the very least increase your risk to fraud and abuse—and evaluating the organization’s specific risk profile on this front helps to explain the reasons behind a new initiative.

    One example would be the December 2021 ransomware attack on the payroll system Kronos.  One private sector energy company within the New York City tri-state area was a victim of this attack, and it triggered cascading effects for thousands of workers and close to 100 locations, putting energy to more 1 million homes in jeopardy.  The company was forced to use Excel spreadsheets and paper records for two months because it lost safe access to the payroll system.  Thousands of workers were now responsible for self-reporting their hours worked.  This reallocation of human resources opened up the company to fraud and abuse, but it also had a negative impact to the overall operations within the organization. 

    Starting with a baseline provides risk managers empirical evidence and quantifiable metrics.  Leveraging data helps us as security and risk leaders, build trust and credibility with our business partners we are supporting.  By speaking the same language—that of business—and providing visualization of data to leadership, this demonstrates business acumen, expertise, professionalism, and a commitment to excellence.  These actions help gain advocacy, while elevating security and risk from an obstacle to a partner, who is there to support our business partners and courageous leaders achieve their mission and strategic goals.

    How do we set this in motion? It begins with using a risk management approach:

    1. Identify and prioritize assets. We identify and define our critical assets, so we know what we are protecting.
    2. Identify and prioritize risk. We identify risk through discovery of value deficiencies, gaps, and vulnerabilities to prioritize risks and their acceptable levels. Typically, this is done through a security and risk assessment to provide actionable intelligence and visibility holistically across the enterprise.
    3. Mitigate prioritized risk. The findings from the above steps are used to collaboratively create a strategic roadmap of defense-in-depth advanced cybersecurity and/or physical solutions to be deployed—either as a force multiplier, replacement, or to ensure existing controls efficacy. This will help mitigate prioritized risks while reducing impacts to critical assets.
    4. Continuously improve. This is achieved through continuous evaluation, measurement, monitoring, and optimization. This unbiased, data-driven process ensures efficacy of critical controls, while continuously improving the availability of systems to achieve more positive outcomes. This process is a continuous feedback loop, which is rinsed and repeated.

    Measure and monitor. Put a system in place to keep track of the metrics created.  The type of system depends on the organization’s size, resources, and regulatory requirements; it might be as simple as a Google doc or Excel spreadsheet, or it may be a single pane of glass dashboard that ingests your entire defense-in-depth stack of disparate solutions holistically across the enterprise, providing real time monitoring.  This is actionable intelligence that risk managers can then use to advise business partners so they may make more accurate informed decisions.  

    When presenting metrics, remember to speak the same language of the business leaders we support, and limit the use of acronyms.  The goal here is not to show how smart you are when presenting to business partners.  Rather, aim to present actionable intelligence in a way leaders understand so that they may make more informed decisions that benefits them, the team, and the mission.

    Continuous improvement. This may be one of the hardest phases a motivated leader faces, because it is now time to listen, both to your people and your data. Consider gathering feedback through one-on-one discussions, surveys, and town halls. Open office hours are also an option. For example, every Friday the CEO of a large healthcare organization made himself available for one hour in the on-campus cafeteria, where it was common knowledge that he was approachable and available to anyone within the organization for a discussion.

    Technology is another piece of the puzzle here, and data can be used to inform conversations with leadership and drive decisions. There are also physical infrastructure, people, and processes that must be accounted for, observed, and questioned through some form of measurable process.  Some examples include visual inspection, education, training, exercises and drills, business impact analysis, HR policies and procedures, and open discussions. 

    This all starts with a conversation where questions are asked, and leaders must be willing to not only listen, but also act and course correct.

    Continuous improvement is achieved through consistent behavior that is coupled with consistent evaluation, measurement, monitoring, and optimization—which in turn produces more motivated team players.  On the technology side automation can assist here, acting as a force multiplier to help security personnel ingest the exponential amount of actionable intelligence at scale.  This unbiased, data-driven process ensures efficacy of critical controls, while continuously improving the availability of systems to achieve more positive outcomes.  

    The goal is to have your team come to you with ideas on how to optimize the process moving forward.  This means they have bought in.

    Rinse and repeat. This process is a continuous feedback loop, which is then rinsed and repeated.  The process is dynamic, uncertain, and rapidly evolving.  Therefore, once you have reached this step, go back to the beginning, reevaluate, and start over.

    Consistent and ongoing effort to improve operations to better match the strategic goal of the organization can prove to team players, prospects, and the opposition that your initiative is a worthwhile one and here to stay.

    See Original Post

  • March 29, 2023 6:08 AM | Anonymous

    Reposted from Art News

    The Isabella Steward Gardner Museum in Boston shuttered early on Saturday, the 33rd anniversary of the theft of several famous works. The museum said it was informed climate activists from the group Extinction Rebellion were planning to a stage a “guerilla art installation” inside the museum, according to local media

    “Climate activists have been protesting around the world, unfortunately using
    art museums as a stage to promote their cause,” the museum said in a statement.

    “Isabella Stewart Gardner envisioned her Museum as a place of sharing art, community and conversation. She was an advocate of all forms of art, as well as the environment, especially horticulture,“ director Peggy Fogelman said. “While it is our mission to uphold Isabella’s values, we do not support this type of tactic that targets art institutions and could possibly put the Museum’s collection, staff and visitors at risk.”

    The Boston chapter of Extinction Rebellion tweeted the local CBS News affiliate broke its embargoed press release and that it did not plan to damage any property through its nonviolent, nondestructive demonstration. According to photographer Lita Kelley, the group planned to hang original artwork that highlighted biodiversity loss in three empty frames in the museum’s Dutch room where paintings had been stolen.

    As a result of the museum’s closure, the Extinction Rebellion protesters carried flags and red banners, and staged a “die in” in front of the museum on Saturday afternoon. Two people wore animal costumes.

    On March 18, 1990, thieves dressed as Boston police officers broke into the museum and took 13 pieces of art estimated to be worth more than $500 million. The works included Johannes Vermeer’s The Concert, several by Edgar Degasthree pieces by Rembrandtand Édouard Manet’s Chez Tortoni. The Isabella Gardner Museum is offering a $10 million reward to anyone with information that could lead to their safe return.

    People who bought advance tickets to the Isabella Stewart Gardner were issued refunds and the museum reopened on Sunday.

    See Original Post

  
 

1305 Krameria, Unit H-129, Denver, CO  80220  Local: 303.322.9667
Copyright © 1999 International Foundation for Cultural Property Protection.  All Rights Reserved