Log in


  • September 30, 2019 12:57 PM | Office IFCPP (Administrator)

    Reposted from NewsHub

    If a disease like the Spanish flu emerged today it could kill 80 million people, experts say.

    A report from the World Health Organization's (WHO) new Global Preparedness Monitoring Board (GPMB) puts the blame on governments that "quickly forget", climate change and "misinformation" spread by social media - such as hysteria over vaccines - eroding trust in medical professionals and scientists. 

    "The world is not prepared for a fast-moving, virulent respiratory pathogen pandemic," the report, published this week, reads.

    In 1918, Spanish flu infected a third of the world's population and killed about 50 million people - and that was before people were able to fly anywhere on the planet in under 36 hours.

    The report's authors looked at how authorities responded to the 2009 H1N1 influenza pandemic and the 2014-2016 Ebola outbreak, and concluded that despite improvements in treatment since 1918, a similar outbreak now could kill even more, the report says. 

    "While disease has always been part of the human experience, a combination of global trends, including insecurity and extreme weather, has heightened the risk," said GPMB co-chairs Gro Harlem Brundtland (former WHO director-general) and Elhadj As Sy, the secretary-general of the International Federation of Red Cross and Red Crescent Societies.

    "Disease thrives in disorder and has taken advantage - outbreaks have been on the rise for the past several decades and the spectre of a global health emergency looms large."

    A Spanish flu-style outbreak would also have the potential to knock 5 percent off the global economy, but the damage won't be spread out - instead concentrated on poorer countries.

    "Outbreaks hit lower-resourced communities much harder given their lack of access to basic health services, clean water and sanitation; this will aggravate the spread of any infectious pathogen," said Dr Brundtland and Sy.

    "Disease amplifiers, including population growth and resulting strains on the environment, climate change, dense urbanisation, exponential increases in international travel and migration, both forced and voluntary, increase the risk for everyone, everywhere."

    A virus would be even deadlier if it was deliberately released, the report says. Anthrax bio-terrorism is noted as a "deliberately emerging" risk in the US.

    "In addition to the need to decide how to counter the pathogen, security measures would come into play limiting information-sharing and fomenting social divisions."

    Measles outbreaks have increased in recent years, and the WHO recently declared anti-vaxxers - people opposed to vaccines for unscientific or fraudulent reasons - as one of the top 10 threats to global health. 

    "Trust in institutions is eroding," the report says. "Governments, scientists, the media, public health, health systems and health workers in many countries are facing a breakdown in public trust that is threatening their ability to function effectively. The situation is exacerbated by misinformation that can hinder disease control communicated quickly and widely via social media."

    New Zealand is noted in the report as being unlikely to suffer too much economically in the event of an outbreak, along with the US, Canada, Europe, Saudi Arabia, Oman, Japan, Chile and Uruguay. 

    The Spanish flu was so deadly because it turned the body's immune system against its host. This resulted in massive death tolls among young adults - those with the strongest immune systems - unlike most diseases, which typically hit children and the elderly hardest. 

    No one knows where it originated - it got the name 'Spanish flu' because reports of its spread across most of Europe and the US were censored to keep wartime morale up. Papers were free to report on its spread in neutral Spain, however.

    The closest example given in the new report of a newly emerging disease in our part of the world is Australia's Hendra virus, which mainly infects fruit bats and horses, but can make the leap to humans. 

    "For too long, we have allowed a cycle of panic and neglect when it comes to pandemics: we ramp up efforts when there is a serious threat, then quickly forget about them when the threat subsides," said Dr Brundtland and Sy.

    "It is well past time to act."

    See Original Post

  • September 30, 2019 12:49 PM | Office IFCPP (Administrator)

    Reposted from Campus Security & Life Safety

    A series of new measures to make students feel safer at night are being implemented by Syracuse University.

    One of those measures include the hiring of five trained and licensed guards to escort students from 10:30 p.m. to 3:30 a.m. from Thursday to Saturday, according to a SU News release.

    Students who are walking alone can call to get an escort to walk with them at night. When they are not escorting students, they will be stationed along Euclid Avenue, Marshall Street and Walnut Park.

    The Daily Orange reported after an assault on students of color late one night in February, students came together to propose safety measures the university could implement.

    The attack occurred off campus on Ackerman Avenue.

    Additionally, the university will now offer two additional shuttle vans for students on or near campus during the hours of 9 p.m. to 7 a.m.

    The vans are free of charge if students have a university ID.

    The vans do not coincide with the Centro buses’ hours of operations.

    The university announced Wednesday it is also working to add new security cameras in places that are near campus. At this time, the locations have not been announced, according to The Daily Orange.

    See Original Post

  • September 30, 2019 12:45 PM | Office IFCPP (Administrator)

    Reposted from

    U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI) New York, with the assistance of HSI’s attaché office in London and London’s Metropolitan Police Service, kicked off the first meeting of the Virtual Global Cultural Property Task Force (VGCPTF).  This taskforce is composed of arts and antiquities investigators from more than a dozen nations, with a nexus to HSI New York’s area of responsibility, who will meet regularly, both virtually and in person, to conduct joint training exercises to develop and enhance antiquities investigations.  The VGCPTF initiative will also promote and support cross-training programs to expose foreign law enforcement to U.S. investigative and prosecutorial procedures and vice versa, increasing detection, seizures and repatriations of looted and trafficked antiquities to their rightful owners.  HSI New York will work closely in this effort with U.S. Customs and Border Protection (CBP) at the airports and seaports, and through CBP’s National Targeting Center in Washington D.C.

    “U.S. Customs and Border Protection (CBP) is extremely proud to play an important role in the Virtual Global Cultural Property Task Force (VGCPTF),” said Troy Miller, director of New York field operations.  “CBP will work with Homeland Security Investigations and our international partners to demonstrate its law-enforcement resolve in addressing the illegal trafficking of stolen artifacts.” 

    “The Metropolitan Police’s Art and Antiques Unit is committed to tackling cultural heritage crime in London - Europe’s largest market - and values the opportunity to strengthen ties with international law enforcement agencies. Investigating and repatriating stolen and trafficked antiquities to their rightful owners is a complex matter and can only be achieved successfully through close collaboration with partners across the globe,” said Detective Chief Inspector Tim Wright, Metropolitan Police’s Central Specialist Crime Command.

    With the task force, HSI New York’s Cultural Property, Arts and Antiquities Unit, dedicated to cultural property investigations in the New York area, is now able to establish real-time information sharing on global, multi-jurisdictional criminal investigations and build upon existing relationships with domestic and international partners. Through these efforts the VGCPTF will be able to develop evidence in each respective nation to identify and prosecute the network of looters/thieves, brokers, shippers, dealers, and end purchasers of illicit art and antiquities.  The enhanced operational abilities of this initiative will support the efforts of HSI’s Cultural Property, Art and Antiquities (CPAA) program, a member of the congressionally mandated Cultural Antiquities Task Force. HSI CPAA takes an expanded approach to collaborating with cultural property professionals in local governments, museums, and auction houses; to protect, recover, and restore cultural antiquities and worldwide sites as part of a whole-of-government approach to combatting cultural property trafficking.

    HSI is the investigative arm for the U.S. Department of Homeland Security and plays a leading role in criminal investigations that involve the illicit distribution of cultural property, as well as the illegal trafficking of artwork, specializing in recovering works that have been reported lost or stolen. HSI’s International Operations, through its 77 offices in 51 countries, works closely with foreign governments to conduct joint investigations.

    Despite increasingly aggressive enforcement efforts to prevent the theft of cultural heritage and other antiquities, the illicit movement of such items across international borders continues to challenge global law enforcement efforts to reduce the trafficking of such property.  Trafficking in antiquities is estimated to be a multi-billion dollar transnational criminal enterprise. 

    HSI is committed to pursuing a strategy to combat transnational organized crime related to the illicit trafficking of cultural artifacts by targeting high priority organizations and strengthening international law enforcement partnerships.  Future meetings and implementing steps identified at the London meeting will include law enforcement in the broader cultural property community.

    The public, government and private institutions often aid HSI in identifying, investigating and prosecuting illicitly trafficked cultural property. If you have information about the illicit trade of cultural property or art, call the HSI Tip Line, 1-866-DHS-2-ICE or report tips online.  For information specific to the New York area, email

    See Original Post

  • September 30, 2019 12:21 PM | Office IFCPP (Administrator)

    Reposted from Security Management

    ​It was not an ideal scenario. Over the course of 12 days in March, cyber actors launched an attack against the City of Atlanta and succeeded in infecting its systems with ransomware.

    Iranians Faramarz Shahi Savandi and Mohammed Mehdi Shah Mansouri allegedly coordinated to carry out a SamSam ransomware campaign on the city. Their efforts caused roughly 3,789 computers to be infected with ransomware—encrypting the data they stored, disrupting systems they operated, and demanding payment to have the data and services returned to normal.

    The malicious actors also gave Atlanta options to decrypt their data—0.8 Bitcoin per computer or 6 Bitcoin to decrypt all affected computers, roughly $50,000.

    “The ransom note directed the City of Atlanta to a particular Bitcoin address to pay the ransom and supplied a Web domain that was only accessible using a TOR browser; the note suggested that the City of Atlanta could download the decryption key from that website,” according to the U.S. Department of Justice (DOJ). “In the days following the attack, the webpage that purportedly contained the decryption key became inaccessible, and the City of Atlanta did not pay the ransom.”

    Instead, the city worked with local law enforcement, the FBI, and the U.S. Secret Service to respond to the incident and restore its systems—an effort that cost roughly $2.6 million, according to a WIRED analysis.

    “The bulk of the expenditures relate to incident response and digital forensics, extra staffing, and Microsoft Cloud infrastructure expertise, presumably all related to clawing back the systems that the hackers had frozen,” WIRED found through the Atlanta Department of Procurement.

    The DOJ later charged Savandi and Mansouri with intentional damage to protected computers, one count of conspiracy to commit wire fraud, one count of conspiracy to commit fraud and related activity in connection with computers, two substantive counts of intentional damage to a protected computer, and two substantive counts of transmitting a demand in relation to damaging a protected computer. They remain at large and their motive remains unclear.

    Just over a year later, on 7 May 2019, the City of Baltimore was also hit with a ransomware attack that crippled the city’s roughly 7,000 users. The ransomware, known as “Robbinhood,” demanded 13 Bitcoin—approximately $100,000—to decrypt the data it held hostage.

    Baltimore, like Atlanta, did not pay the ransom. In a fact sheet, the city explained that the FBI and Secret Service had advised it against paying the ransom. The city also added that, if it paid the ransom, there was no guarantee that it would get its data back, know for sure who the payment would go to, and uncover if there was other malware on its systems that could be used against Baltimore in the future.

    Instead, under the direction of newly sworn-in Mayor Bernard C. “Jack” Young, Baltimore began the painstaking process of restoring its systems and working with law enforcement to investigate the attack. This effort has cost nearly $18.2 million so far, according to The Baltimore Sun.

    “As part of our containment strategy, we deployed enhanced monitoring tools throughout our network to gain additional visibility,” Young said in a statement. “As you can imagine, with approximately 7,000 users, this takes time. Some of the restoration efforts also require that we rebuild certain systems to make sure that when we restore business functions, we are doing so in a secure manner.”

    This is critical because municipalities seem to increasingly be targets for ransomware. Previously, malicious actors targeted healthcare institutions—which are particularly vulnerable to ransomware due to the value of the data they keep on record and the need to make that data readily available for life-saving measures.

    For the second straight year, the 2019 Data Breach Investigations Report by Verizon found that “70 percent of all malware outbreaks” in the healthcare vertical were ransomware incidents. U.S. regulatory requirements mandate that healthcare organizations must treat ransomware like a confirmed data breach, so they are required to disclose them.

    Now that Atlanta, Baltimore, and, as of Security Management’s press time, three cities in Florida have been hit by ransomware, it appears that attackers are pivoting towards municipalities for payouts based on their success in targeting the healthcare industry.

    In a column for The Washington Post, Tyler Moore, associate professor of cybersecurity at Tandy School of Computer Science at the University of Tulsa, wrote that “system downtime” for hospitals is expensive and can have catastrophic consequences.

    “Municipal governments are also expected to provide reliable services without downtime,” he explained. “IT budgets in government, at all levels, are usually tight. Governments operate on procurement cycles that are often out of step with the pace of IT innovation. In the marketplace battle for talent, governments struggle to offer competitive pay for IT professionals. Consequently, municipal-government computer systems tend to be old, and basic cyber hygiene is often neglected.”

    When municipalities are hit with ransomware, they’re faced with a tough choice—pay the ransom or spend vast sums of resources to restore their systems. And if cities decide to pay the ransom, they could be funding future iterations of ransomware that are more damaging, says Craig Williams, Cisco’s director of Talos Outreach.

    “Ransomware has been around since 1987 but did not see explosive growth until the invention of cryptocurrency and networks like TOR,” Williams explains. “These innovations made the ability to decrypt machines and accept payment relatively safe. Since that time, we have only continued to see things evolve like ransomware worms and wiper malware.”

    In addition to funding future developments of ransomware, payments could also wind up in the hands of nation-states or terrorists—who could use them for malicious purposes.

    “The source of the Baltimore attack isn’t known yet, but others’ perpetrators are known—for instance, U.S. intelligence agencies have identified North Korea as the source of some attacks,” Moore explained.

    For example, the DOJ charged and sanctioned Park Jin Hyok, part of the North Korean Lazarus Group of hackers, for the WannaCry ransomware attack. Hyok was also charged for his alleged involvement in the 2014 cyberattack on Sony Corp.

    Organizations also need to be cautious if they hire a data recovery firm in the wake of a ransomware attack. A recent ProPublica analysis found that two U.S. data recovery firms—Proven Data and MonsterCloud—paid ransoms to recover data and charged victims for it, without disclosing it to their clients. Other data recovery firms openly admitted that they paid ransoms to recover client data.

    “The payments underscore the lack of other options for individuals and businesses devastated by ransomware, the failure of law enforcement to catch or deter the hackers, and the moral quandary of whether paying ransoms encourages extortion,” ProPublica wrote. “Since some victims are public agencies or receive government funding, taxpayer money may end up in the hands of cyber criminals in countries hostile to the U.S., such as Russia and Iran.”

    To protect themselves from a similar situation, Williams says he recommends organizations consider data recovery firms with extensive experience recovering ransomed data for similar organizations.

    But he cautions that “there is no one-size-fits-all solution for recovery from ransomware. Organizations must balance their priorities and make the best decision in their particular case.”

    And because municipalities are likely to be targeted in the future, Williams says those that haven’t been hit yet should design their network defenses with multiple layers to protect their crown jewels.

    “If you can’t patch, for example, make sure things are as segmented as possible,” he explains. “Make sure endpoint protection is deployed and active, and make sure best practices—like two-factor authentication—are being followed.”

    See Original Post

  • September 24, 2019 12:51 PM | Office IFCPP (Administrator)

    Reposted from The Local France

    An attacker wielding a utility knife has badly damaged a work by the celebrated French conceptual artist Daniel Buren at the Pompidou Centre in central Paris, the museum said on Friday.

    The work, "Peinture [Manifestation 3]", suffered "serious deliberate damage" in Thursday afternoon's attack by the man, the museum said in a statement.

    It said that a museum attendant alerted security, and video cameras allowed the rapid finding of the suspect. "He made no claim (over the attack) and was handed over to the police," it said.

    An investigation has been opened by the judicial authorities after the museum filed a complaint to police.

    The artist, 81, has been informed of the incident and the work itself transferred to the stores of the Pompidou Centre to estimate the damage and restoration needed.

    It will be replaced on public display by another work from the artist.

    The Pompidou Centre said it understood the suspect was no longer in detention and had been transferred to a psychiatric unit.

    "Peinture [Manifestation 3]" was created by Buren in 1967 and shows red and white stripes. It was purchased for the museum's collection in 1986.

    Buren is perhaps best known for the succession of black-and-white columns he inlaid into the inner courtyard of the Palais Royal complex in central Paris in a hugely controversial installation that opened in 1986.

    The damage to the work comes just over a week after a stencilled work by the elusive British street artist Banksy was stolen from outside the Pompidou Centre.

    The Pompidou, which houses Europe's biggest collection of contemporary art but does not own the Banksy work, filed a police complaint for destruction of property.

    See Original Post

  • September 24, 2019 12:48 PM | Office IFCPP (Administrator)

    Reposted from Business Insurance

    Active shooter incidents do not occur “out of the blue,” making it critical for employers to train their employees to identify and report suspicious behaviors and for employers to quickly respond to such reports and intervene, according to a safety expert for Pepsi-Cola.

    Employers should ensure that they have – and that employees are familiar with – mechanisms for reporting such behaviors and that the employers have defined what they consider to be reportable behavior well before a potential incident, according to other safety experts. 

    An active shooter incident in the workplace is never “out of the blue,” Lev Pobirsky, Philadelphia-based senior director of safety and security for Pepsi-Cola and National Brand Beverages Ltd., said at a Monday afternoon session of the National Safety Council Congress and Expo in San Diego.

    The first step is ensuring that violence or a “toxic work environment” is not permitted, and that employees and supervisors are able to identify potential threats and know how to report them, said Mr. Pobirsky, who also consults on workplace violence and active shooter mitigation.

    “Pepsi says no threat is too small,” he said. “If you say something, write something, text something, tweet something” violent, the threat assessment team convenes to discuss the issue and determine next steps.

    Maintaining mechanisms for voicing complaints or concerns is key, and employers should also create a work environment that promotes sincerity and open and timely lines of communications, said Jack Johnson, CEO of San Antonio, Texas-based Zion Safety and Security and senior consultant at SafeStart, a division of Electrolab Ltd., told attendees at a Tuesday morning session.

    “Look for the signs of workplace violence,” he said.

    Pre-defining what may be considered suspicious behavior to encourage peer reporting can also help prevent a violent event before it occurs, said Tom Miller, CEO of ClearForce Inc., a risk management and data analytics company based in Vienna, Virginia.

    “People are afraid to report information they don’t think is significant or substantial,” he said during a phone interview.

    Employers may encourage reporting by outlining 10 to 15 types of behaviors that could be relevant to warding off an incident, said Mr. Miller, such as a noticing a co-worker who appears to be suffering from extreme stress or acting out negatively at the workplace.

    Anonymity in reporting is also key, so that employees are confident in reporting any information, he said.

    A matter of life and death

    With the steady rise in active shooter events affecting the workplace, preparing for the worst-case scenario and teaching employees survival techniques is crucial, according to workplace safety experts. 

    More than 2 million Americans reported that they have experienced some form of workplace violence in 2017, according to research from the AFL-CIO. The union also estimates that injuries and deaths relating to workplace violence cost employers $250 billion to $360 billion annually.

    “In today’s society, threats of workplace violence can happen anywhere or at any time,” Mr. Johnson said.

    While vehicle crashes remain the leading cause of work-related fatalities, homicides are the second leading cause of death, and an “active shooter probably poses the greatest and most impactful threat for us today,” said Mr. Johnson.

    Planning before an attack occurs, being vigilant about planning and acknowledging that a threat exists is crucial, said Mr. Johnson.

    “We win by having a practiced, prepared plan in place,” he said. “We don’t need to sit so complacent within our own little surroundings … and think that we’re secure. If you don’t currently have a plan for dealing with (an active shooter) incident … come up with a plan now.”

    Employers need to go beyond the Run, Hide and Fight model from the U.S. Department of Homeland Security, said Mr. Pobirsky. “Our brains don’t work that way. Before you can either run or hide or fight, you freeze.”

    Workplaces need to develop a clear plan or course of action for survival, Mr. Johnson said, noting that freezing in a situation is “the worst possible action” an individual can take in an active shooter situation.

    “You have to have a practiced plan in place, and it will greatly reduce your risk of freezing during one of these kinds of events,” he said. “We fall to the level of our training. If there is not a predetermined plan in place,” it will affect an individual’s ability to think clearly.

    Mr. Pobirsky suggests that employers help train their employees to conduct 10 to 15 second assessments that entail considering what they would do if an incident occurred, such as looking for exits, what they could use for cover, and where their car is parked.

    “It trains your brain over and over and over again to respond a little bit better,” he said.

    Practicing an evacuation and making exit plans available can also help, said Mr. Pobirsky.

    Training should also include information on hiding or defending yourself if necessary, such as making sure that employees know to hide behind file cabinets or things that can stop a bullet, stay out of view, turn off lights, barricade doors and silence cellphones, said Mr. Johnson.

    Any employer’s best course of action is to hope for the best, but plan for the worst,” he said. “Failing to plan is planning to fail.”

    See Original Post

  • September 24, 2019 12:41 PM | Office IFCPP (Administrator)

    Reposted from Securitas Security Services, USA, Inc.

    Office safety is everyone’s business. Burglary, theft, and vandalism can happen in the workplace. Because employees may spend more time at work than at home, they can be lulled into a false sense of security about the area around their desks. Following some simple guidelines can help minimize office theft.

    Lock Up

    Locking up is one of the best, but easily overlooked, theft prevention measures. Lock all offices, conference rooms, or storage rooms that are regularly unoccupied. If you are the last to leave at night, secure all computer systems, critical files, and copiers. Close and lock all doors and windows, and enable the building security alarm, if your workplace has one. Never put identifying tags on key rings. If possible, keep your office keys on a separate key ring. Don’t leave keys unattended on your desk, in an unlocked drawer, on an open hook, or in a hanging coat pocket where they can easily be “borrowed” and duplicated. Only lend your keys to people with a legitimate need and make sure they are returned promptly. Consider investing in a lock box for office keys that can be secured and only give that key to a trusted employee. Report any missing keys right away.

    Prominently mark all office equipment and furniture as office property and keep an up-to-date, written inventory of furniture, computers, and equipment in a separate, secure location. Perform regular, documented inventory checks—especially for equipment not used on a daily basis. Consider attaching larger equipment like computers or printers to the desk or table with a locking device. Never store unused equipment on top of cabinets, under tables, or in other isolated areas. Secure unused equipment in a cabinet or locked storage area and ensure all items are identified.

    Be Alert to Strangers and Visitors

    Office personnel and building security should be alert and aware of people entering building at all times. Thieves often pose as repair, delivery, cleaning, or other service personnel. Be suspicious of unknown persons who open the wrong doors and pretend to be looking for a specific office or person. Escort roaming visitors to the right office/area and verify the individual is there. If the person is not there, escort the visitor back to the reception area to wait. If they act nervous or try to exit, remember their description and call security.

    Always check the identification of strangers who come to your office to do repair or other service work. Make it a habit to visually inspect ID badges—a uniform alone is not enough. If you are unsure, call the repair company or ask for a signed work order specifying the location and who authorized the work. If possible, stay in the area while the work is being done. If you must leave for any reason, make sure personal items, equipment, and information are secured. Ensure no confidential information is left on the desk or on the computer screen. Do not allow office property to be removed without a written order or a receipt that includes the company’s name, address, and phone number, as well as the name of the authorizing person. Before equipment actually leaves the premises, verify the repair request with the authorizing person. Always check work requests carefully and verify with a supervisor and the repair company. Never allow unauthorized repairs to alarm systems or communications equipment. Report all suspicious individuals to the office management or security.

    Secure Yourself

    If working before or after business hours, always keep the facility entry doors locked. Notify security of your presence—in which area(s) and at what times you will be working.

    Employees should secure their personal workspaces at all times. A thief only needs a few minutes alone to find valuables not safely stored. Store purses and other items of value in a secured area, not hidden under a desk or in a drawer. Do not leave laptops unattended in your office or at meetings. If your laptop is in your car, be sure the vehicle is locked and the laptop is hidden from view. Store handheld devices properly, and lock laptops to the desk if possible. Itemize serial numbers for any portable electronic devices. Mark personal property using initials or an identifying number or tag.

    Finally, be discreet. Don’t advertise or post vacation plans or absences by you or your co-workers when a stranger is present in the office.

    Take Action

    If you witness a burglary, theft or act of vandalism being committed:

    • Ensure your own safety before doing anything.
    • Stay calm. Do not confront the person, especially if you are alone and no one else is in the area.
    • Immediately contact your manager/supervisor, then call 911 if instructed to do so.
    • Jot down a description of the person you saw. Include important features such as: height, weight, race, age, hair color and haircut, complexion, facial hair, eyeglasses, eye color, scars, tattoos, or unusual marks.
    • Describe clothing, jewelry, any weapon, and information on the individual’s direction of escape. If a vehicle was used, note its color, make, license number, and the direction it took as it left the site. Also note if anyone else was in the vehicle.

    For more information on this and other security related topics, visit the Securitas Safety Awareness Knowledge Center at:

  • September 24, 2019 12:31 PM | Office IFCPP (Administrator)

    Reposted from Insurance Journal

    When it comes to cybersecurity, Americans say they are concerned, but many are not taking the preventative steps needed to protect themselves from a cyber attack.

    According to Chubb’s Third Annual Cyber Report, complacency seems to have taken hold: eight-in-10 Americans continue to be concerned about a cyber breach, yet only 41% use cybersecurity software and 31% regularly change their passwords. These numbers are virtually unchanged from 2018.

    “When it comes to your cybersecurity, there’s no such thing as being over prepared,” said Fran O’Brien, division president of Chubb North America Personal Risk Services. “While it’s important that the vast majority of respondents remain concerned about a breach, concern itself isn’t enough. ”

    O’Brien said the lack of cybersecurity action is because people think it’s too time consuming. “But implementing cyber safeguards today will save time and financial resources tomorrow, should a breach occur,” she said.

    Workplace Responsibilities

    Businesses aren’t much better about cybersecurity.

    For instance, while a consistent number of individuals (75% and 70%) say that their company has “excellent” or “good” cybersecurity practices in place from 2018 and 2019, many companies continue to fail to implement the most basics of safeguards. From 2018 to 2019, there was virtually no change in the percentage of companies that hold annual employee trainings (31% and 33%), deploy filters for online content (38% and 40%) and leverage social media blocks (32% and 33%).

    About 19% of respondents say they learn about cybersecurity protections through their employer, while more than a third say they most often learn about how to protect against cybersecurity risks from mainstream media (35%), and family and friends (34%). Chubb says this “education gap” means employees and individuals cannot spot incoming attacks — while 54% of respondents correctly defined ransomware—a form of malware that restricts access to files unless a ransom is paid—this was the only common form of attack that a majority of individuals could correctly identify.

    According to Chubb, the continued failure to implement cybersecurity safeguards means a breach is inevitable. Yet, just 10% of respondents report having a cyber insurance policy in place.

    According to Chubb’s online study, individuals don’t recognize the value of individual pieces of personal data. For example, just 18% of respondents are concerned about their email addresses being compromised. Similarly, only 27% of respondents cite concern about their medical records being breached.

    Survey results indicate that a consistently large portion of older respondents employ better cyber practices than younger generations. Per the survey, 77% of those 55 years and older delete suspicious emails, compared to half (55%) of respondents between 35 to 54 and just a third (36%) of respondents from 18 to 34. Similar patterns arise when looking at those enrolled in cybersecurity monitoring services, ac cording to the survey.

    More concerning is that the behavior of younger generations appears to be getting worse. For example, 76% and 74% of adults over 55+ regularly deleted suspicious emails in 2017 and 2018, respectively, as compared to just 47% and 40% of adults between 18 and 34 during the same time period.

    Conducted by Dynata, the online survey was fielded between May 7 – May 17, 2019. The results are based on 1,223 completed surveys.

    See Original Post

  • September 24, 2019 12:25 PM | Office IFCPP (Administrator)

    Reposted from The LA Times

    The gunman paced the hallways of the charter school, passing framed paintings of George Washington and Thomas Jefferson before stopping outside classroom 138. There, he took a deep breath, yanked open the door and began firing.

    “Shooter!” shouted someone inside the classroom. “He has a gun!”

    Two people seated at desks near the door jumped up and rushed the perpetrator, pinning his legs and arms against a wall, while everyone else sprinted out.

    It was over in 15 seconds, and tiny yellow Nerf balls sprayed from the toy rifle littered the room. One of the men who rushed the gunman was struck in the thigh by a ball, a reminder of the personal danger involved in confronting an armed assailant.

    The recent exercise was part of a two-day, $700 active shooter training course being offered at schools and churches across the country by an Ohio-based firm founded soon after the 1999 Columbine High School shooting rampage, which took place just a few miles from here.

    The ALICE Training Institute, whose instructors have law enforcement or military backgrounds, provides courses for educators, church workers and small-business employees concerned about how to react if catastrophe strikes.

    In packets handed out at its training sessions, the company says its aim is to empower “individuals to participate in their own survival using proactive response strategies in the face of violence.”

    ALICE — which stands for Alert, Lockdown, Inform, Counter and Evacuate — was established by a retired police officer and has held sessions in roughly 3,700 K-12 school districts nationwide, as well as more than 1,300 healthcare facilities. Dozens of companies across the U.S. offer training for dealing with active shooters.

    Standard shelter-in-place advice — “locks, lights and out of sight” — came into vogue after Columbine, when two students killed a teacher and 12 schoolmates. But that has been changing since federal education officials issued a report in 2013 suggesting staff (not students) should seek to counter shooters as a last resort.

    While there’s no official database tracking instructional methods, the focus of courses across the nation has been shifting to a more “options-based” approach, analysts say.

    Many trainers now promote a less passive philosophy that includes running, if possible, and fighting back, if warranted. Companies acknowledge the potential for death or injury, but say that declining to act can itself carry grave risks.

    “Having a plan can mean the difference in life or death,” Andrea Nester, an ALICE instructor, told her class of about two dozen school officials, hospital workers and small-business owners.

    On a recent afternoon inside Golden View Classical Academy, Nester — a U.S. Army veteran who served in Iraq — asked the students, “Why are you all here? Just blurt it out.”

    “Workplace violence,” one man replied.

    “Too many mass shootings,” said a woman. “They never seem to end.”

    To safety consultant Rene Flores, who had traveled from Texas, attending the class felt like a necessity. He thought of El Paso and of Dayton, Ohio, he said, where 22 people were shot to death last month at a Walmart and nine more outside a nightclub, respectively. Days later, seven apparently random people were killed on the streets of Midland and Odessa, Texas, when a gunman hijacked a U.S. Postal Service van and went on a rampage.

    At this point, nearly 300 Americans have been slain in mass shootings this year, according to the Gun Violence Archive, a Washington-based nonprofit. The group defines mass shootings as those in which four or more victims are shot or killed.

    “Look around,” said Flores, who works with businesses as well as homeless and transitional shelters. “To me, it’s not a matter of if, but when the next shooting will happen. I just want to always be prepared. Always know my options.”

    Training programs like ALICE’s are gaining momentum. Last fall, Baltimore County Public Schools, which has 114,000 students and 9,800 teachers, implemented the institute’s methodology.

    “If the shooting starts in your room, locking down doesn’t make sense,” said Pete Blair, a criminal justice professor and executive director of the Advanced Law Enforcement Rapid Response Training Center at Texas State University.

    In such a scenario, he said, it might be more productive to try running away or defending yourself.

    “We do not train people to seek out the attacker,” said Blair, whose program says that “if other options don’t work, they should try to defend themselves rather than doing something like playing dead.”

    ALICE’s curriculum teaches that while going into lockdown is an option, it might not be enough to survive. In classes, participants practice barricading doors, evacuating and engaging a gunman.

    Most active shooters are untrained, according to the firm. During a “violent critical incident,” estimated to last on average five minutes, there are often pockets of time to intervene.

    Nester said people near the gunman should try to subdue — “counter” in training lingo — the shooter. Throw books, ram a shopping cart, tackle. But never focus solely on hiding and hoping the killer won’t find you.

    “Do something,” Nester said. “You always have options.”

    Some analysts disagree.

    Ken Trump, a school security expert based in Ohio, calls efforts to flee or counter a gunman “high-risk.”

    If K-12 schools urged all students to evacuate, Trump said, their movements could delay police from entering a campus. And barricading doors, he said, can create a lot of noise, thus alerting the gunman to an occupied classroom.

    “Traditional lockdowns still work,” said Trump.

    Other analysts expressed concern that training can itself have negative psychological effects.

    The drills — particularly highly realistic simulations — can traumatize students, said Suffolk University psychology professor David Langer.

    “Furthermore, intense fear during active shooter drills may interrupt student and staff learning, making the drills less effective,” said the Boston-based professor.

    ALICE contends its techniques work, citing among other examples a 2018 case in which a teacher who had taken its course wrestled to the ground a student who had entered a suburban Indianapolis middle school with two handguns. The teacher was shot but survived, and was able to secure the situation until police arrived.

    In May, an Oregon high school football coach was able to tackle a student who entered a classroom with a shotgun. Everyone at the school survived.

    On the other hand, two students died last spring after charging gunmen.

    Riley Howell, an undergraduate at UNC-Charlotte, and Kendrick Castillo, a high school student in Highlands Ranch, Colo., were credited with saving dozens of their fellow students’ lives.

    While mass shootings are a nationwide epidemic, perhaps no place in the country is more accustomed to such tragedies than this area along Colorado’s Front Range. More than a decade after Columbine, a gunman entered a side exit of a crowded Aurora, Colo., movie theater and began shooting into the crowd gathered for the premiere of “The Dark Knight Rises.” He killed 12 people and injured 70.

    In the Denver metro area, the May shooting at STEM School Highlands Ranch that took the life of Castillo, 18, remains a raw wound.

    When a gunman entered his classroom and began firing, Castillo and a pair of classmates lunged at the shooter.

    Castillo — a week from graduation — was shot twice and died; more than two dozen other students in the classroom survived.

    While Castillo was not trained in counter-techniques, his actions have been lauded by school staff, peers, family and many in law enforcement.

    “He’s not a victim; he’s a hero,” said Castillo’s father, John. “He chose to act in that moment — he had no other choice.… He saved lives.

    “Sometimes it’s the price a person pays for saving lives. If Kendrick didn’t do something, more people would have died.”

    John and his wife, Maria, remember a son who loved robotics and rebuilding computers. With no other relatives in Colorado, the three were particularly close. During summers, they took Kendrick to Florida to see SpaceX launches and visited the campuses of Apple and Google in the Bay Area.

    “His eyes would light up on those trips,” John said on a recent afternoon while seated in the family’s living room. Pictures of Kendrick and loving messages from classmates dot the house. Kendrick’s dark green Jeep is still parked in the driveway.

    Kendrick had planned to enroll at a local community college this fall and study engineering.

    These days, the Castillos spend most evenings at a small cemetery along the Front Range where Kendrick is buried. They watch as the sun sets, slipping over his headstone and behind the foothills.

    When grief consumes them, they try to focus on the gift their son gave to the families of the students who survived.

    Their son’s legacy loomed large during the Golden training course.

    As the two-day session ended, Nester closed, as she often does, with a pep talk of sorts.

    “If your life is ever threatened, the last thing you want to do is be passive,” she said.

    Many in the classroom sat still, staring intently at the instructor. Some nodded in support. A few had tears in their eyes, thinking about what they would do if confronted by a gunman.

    Nester picked up a black dry-erase maker and stood in front of a whiteboard.

    “I’m going to write down four heroes, who … saved lives,” she said.

    Professor Liviu Librescu, Jake Ryker, Jesse Lewis — those credited with saving lives during mass shootings at Virginia Tech, a high school in Oregon and Sandy Hook Elementary School in Connecticut.

    Nester sighed and wrote a final name, one she knew they’d recognize:

    Kendrick Castillo.

    See Original Post

  • September 24, 2019 12:19 PM | Office IFCPP (Administrator)

    Reposted from NBC Bay Area

    A man posing as a technician stole an ATM from the lobby of the Children's Discovery Museum in downtown San Jose last month, and the machine was found Wednesday in Monterey County, according to the San Jose Police Department.

    At about 9:30 a.m. Wednesday, San Jose police received a call from the Discovery Museum reporting the theft that occurred on Aug. 7, when a man entered the museum and told workers he was a technician, and he was there to service the ATM, police said.

    The suspect left with the ATM.

    On Wednesday morning, the museum got a call from the Monterey County Sheriff’s Office notifying the museum the ATM had been found, police said. The museum was unaware the ATM was stolen until it received the call from the Sheriff’s Department.

    The museum then contacted San Jose police regarding the theft, police said.

    The suspect in the case is still on the loose.

    See Original Post



  • No upcoming events

1305 Krameria, Unit H-129, Denver, CO  80220  Local: 303.322.9667
Copyright © 2015 - 2018 International Foundation for Cultural Property Protection.  All Rights Reserved