INTERNATIONAL FOUNDATION FORCULTURAL PROPERTY PROTECTION
News
Reposted from CISA
The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the release of a new resource titled, Security Planning Workbook, which can assist critical infrastructure owners and operators with developing a foundational security plan. This workbook is designed to be flexible and scalable to suit the needs of most facilities. It is intended for any individual who is involved with an organization’s security planning efforts, including those with varying degrees of security expertise, who are charged with the safety and security of facilities and people. This product also provides descriptions of critical elements of security planning information, offers a multitude of resources, and includes fillable fields to guide stakeholder efforts.
See Original Post
Today, the Cybersecurity and Infrastructure Security Agency (CISA) is pleased to release a new resource, Protecting Houses of Worship: Perimeter Security Considerations Infographic. This product is a companion piece to the CISA and Federal Bureau of Investigation (FBI) co-branded Protecting Places of Worship: Six Steps to Enhance Security Fact Sheet. The infographic provides Houses of Worship stakeholders with low- to no-cost protective measures to enhance physical security. It also highlights grants and resources available to assist houses of worship in conducting vulnerability assessments, developing and updating security strategies and plans, bolstering physical security, and minimizing the impact of a potential attack.
On September 28, the Cybersecurity and Infrastructure Security Agency (CISA) kicked off the 20th Cybersecurity Awareness Month. In tandem, CISA also launched a new, enduring cybersecurity awareness program known as “Secure Our World.” The Secure Our World program promotes behavioral change in all Americans, with a particular focus on how individuals, families and small to medium-sized businesses can Secure Our World by focusing on four critical actions: using strong passwords and a password manager, turning on multifactor authentication (MFA), recognizing and reporting phishing, and updating software. It also asks technology manufacturers to Secure our Products by designing products that are cybersecure right out of the box. Secure Our World is the theme for this year’s Cybersecurity Awareness Month and will remain the enduring theme for future awareness month campaigns.
This October and year-round, CISA challenges everyone to help secure our
· Use strong passwords that are long, random, and unique to each account, and use a password manager to generate them and to save them.
· Turn on multifactor authentication on all accounts that offer it. We need more than a password on our most important accounts, like email, social media, and financial accounts.
· Recognize and report phishing, as we like to say, think before you click. Be cautious of unsolicited emails or texts or calls asking you for personal information, and don't click on links or open attachments from unknown sources.
· Update software. In fact, enable automatic updates on software so the latest security patches keep devices we are connected to continuously up to date.
world by adopting four simple steps that everyone can take to stay safe online:
· For individuals and families, the Secure Our World program emphasizes the importance of securing personal accounts, offering guidance on personal device safety, safe internet browsing practices, social media usage, and protecting personal information online.
· Small and medium-sized businesses (SMBs) face unique challenges, so we are working to help them Secure Our World by offering tools and resources that can help keep their businesses, employees, customers and, ultimately, our communities safer.
· Tech manufacturers can Secure Our World by implementing security features built-in by design. Default settings should have the highest security measures implemented, and individuals can manually bypass security features if they don’t want them. Users should not have to opt-in to necessary security measures to make their products safe to use. Products should be safe for end users right out of the box.
By committing to safe online behaviors, we can easily minimize or prevent cybercriminals and hackers from infiltrating our devices and online accounts.
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA) announced the opening of the application process for the Tribal Cybersecurity Grant Program (TCGP) to help tribal governments address cybersecurity risks and threats. The cyber grant program, established by the State and Local Cybersecurity Improvement Act as part of the Bipartisan Infrastructure Law, helps address the unique challenges tribal governments face when defending against cyber threats.
Digital threats impacting Native American and Alaska Native tribes are increasing and becoming more complex. Tribal sovereignty creates unique cybersecurity challenges for these groups that often lack or can’t easily access resources needed to address them.
Today, CISA and the National Security Agency (NSA) published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework (ESF), a CISA- and NSA-led working panel that includes a public-private cross-sector partnership. ESF aims to address risks that threaten critical infrastructure and national security systems.
This publication, which follows ESF's Identity and Access Management Recommended Best Practices Guide for Administrators, assesses and addresses challenges developers and technology manufacturers face in identity and access management (IAM). The guidance specifically addresses technology gaps that limit the adoption and secure employment of multifactor authentication (MFA) and single sign-on (SSO) technologies within organizations.
Although the publication primarily addresses challenges facing large organizations, it also provides recommendations applicable to smaller organizations. CISA encourages cybersecurity defenders to review this guidance and to speak to their software vendors about implementing its recommendations.
The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybersecurity misconfigurations in large organizations, and detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations.
Through NSA and CISA Red and Blue team assessments, as well as through the activities of NSA and CISA Hunt and Incident Response teams, the agencies identified the following 10 most common network misconfigurations:
These misconfigurations illustrate (1) a trend of systemic weaknesses in many large organizations, including those with mature cyber postures, and (2) the importance of software manufacturers embracing secure-by-design principles to reduce the burden on network defenders:
NSA and CISA encourage network defenders to implement the recommendations found within the Mitigations section of this advisory—including the following—to reduce the risk of malicious actors exploiting the identified misconfigurations.
NSA and CISA urge software manufacturers to take ownership of improving security outcomes of their customers by embracing secure-by-design and-default tactics, including:
Reposted from USSS
The U.S. Secret Service National Threat Assessment Center (NTAC) is pleased to offer live recurring virtual training events on violence prevention to community safety stakeholders throughout the year. In these trainings, our experts and researchers will present findings from NTAC’s research on targeted violence and discuss strategies for preventing acts of violence in our communities. More information about these trainings events is included below.
Enhancing School Safety Using Behavioral Threat Assessment
Description: In this virtual training event, NTAC researchers highlight the key findings and implications from our research on school violence prevention. In this training, you will learn about the background, thinking, and behavior of school attackers and how some schools discovered and stopped plots before violence occurred. This training will provide guidance on how schools may develop or improve existing violence prevention programs utilizing a behavioral threat assessment model.
Intended Audience: School teachers, administrators, counsellors, mental health professionals, school resource officers (SROs), law enforcement officers, and other school safety stakeholders.
Preventing Mass Attacks in Our Communities
Description: In this virtual training event, NTAC researchers discuss important findings from our research on mass attacks perpetrated in public and semi-public spaces, including businesses, restaurants, bars, retail outlets, houses of worship, schools, open spaces, and more. This training will provide guidance on how communities may develop or improve existing violence prevention programs utilizing a behavioral threat assessment model.
Intended Audience: Law enforcement, corporate security, mental health professionals, faith-based community leaders, university faculty, threat assessment team members, and other community safety stakeholders.
Reposted from Artnet News
After the shocking revelation this summer that more than 2,000 objects had been stolen from the British Museum, institutions across the U.K. are facing increased scrutiny in the news, with revelations that thousands of artifacts have been categorized as missing in the last five years.
In the wake of the British Museum scandal, the Daily Mail published a report claiming two of Britain’s most important museums—the Imperial War Museum and the Natural History Museum—“admitted” that more than 1,000 items of historical and scientific significance were missing.
The tabloid claimed that, in response to Freedom of Information requests filed by the reporter, 559 objects had been recorded as being lost from the Imperial War Museum since 2018. The Natural History Museum said more than 540 items had been misplaced, destroyed, or stolen.
The BBC then reported that Museum Wales data revealed that 1,921 items are missing from its collection.
However, museums are now contesting the characterization in the news that there is a broad pattern of art theft or that the institutions deserve increased scrutiny for the missing items.
The Imperial War Museum directly challenged the characterization of its losses reported by the Daily Mail in an email. A spokesperson for the museum—which is comprised of five locations, three of which are in London—said that the data provided per the request cannot accurately be described as objects lost over the past five years.
“It is misleading to state that 559 objects have been lost over the past five years. The ‘dates recorded as lost’ in this data simply represent the date that loss records were last updated on our system and bear little or no relation to the date of actual losses,” the spokesperson said.
The information was pulled from a collections management database started in 2007; it was only considered completed in 2017.
“In reality, the vast majority of these losses date from many years or even decades ago, long before our current collections management systems were put in place,” the spokesperson said. They also characterized the missing objects as “typically low-value, mass-produced items.” This includes 156 maps, 39 photographic negatives, 23 video tapes, and 38 posters.
“In most cases we still have duplicates or digitized versions,” they added.
Thefts and losses “are rare,” according to the spokesperson, because the museum has policies and systems to safeguard the 33.5 million items in its care including “regular audits and spot checks and restricted access” to its collection storage facilities.
“Police carry out a thorough investigation for every lost item and these investigations have never established any evidence of internal malicious activity,” they added.
Additionally, the museum’s Department of Collections Management, established in 2000, has identified ways to make improvements to its labeling and cataloging of items, the spokesperson said.
Museum Wales, also known as Amgueddfa Cymru, consists of seven institutions, including the National Museum Cardiff and St. Fagans National Museum of History in Cardiff. It has more than 5.3 million objects in its care but has recorded just 16 items taken from its sites since 2017. It also suggested that reporting the 1,921 figure of missing items as new thefts is misleading, and that the items were identified after a “comprehensive review” conducted last year.
“We have robust collections management procedures in place and continually review and improve these procedures on a regular basis,” Museum Wales said.
“However, whilst we have vigorous collection management and security procedures in place, due to the scale of the collection and with at least 1.3 million people visiting our seven museums per annum, some losses are unfortunately inevitable,” a spokesperson said.
Museum Wales said the 16 items that were lost since 2017 are mostly small, domestic items and that the 1,921 missing items from prior to 2017 are considered of low financial value such as agricultural or domestic items. They also include fragments related to excavations and replicas made for display.
“There are a number of coins missing from our collection including many which were transferred to the Schools Handling Collection from the 1950s onwards, when documentation was not as methodical as it is today,” the spokesperson said. “A significant proportion of these are duplicate items and we have better quality examples within our collection.”
Museum Wales noted that it reports all lost, stolen, or deaccessioned items to its board of trustees on a quarterly basis.
The Natural History Museum in London did not respond to request for comment or an information request by press time.
Despite the emphasis on the British Museum incident as a product of unique circumstances, the institution’s announcement garnered international attention and continues to prompt inquiries into other museums’ collections both in the U.K. and elsewhere.
The British Museum announced in a news release in August that it had fired an employee and begun legal action against that person for the missing, stolen, and damaged items.
As previously reported by Artnet News, the situation highlighted major flaws in the ways museums run their collections such as vulnerabilities with cataloguing, as well as a lack of transparency surrounding collections and accountability for items in their holdings.
“This is a highly unusual incident. I know I speak for all colleagues when I say that we take the safeguarding of all the items in our care extremely seriously. The Museum apologizes for what has happened, but we have now brought an end to this,” museum director Hartwig Fischer said in a statement at the time.
Fischer announced he would resign early, nine days after the scandal broke, and the fired employee was later identified as senior curator Peter John Higgs.
Though some objects were recovered shortly afterward, chairman George Osborne claimed the institution’s reputation had been damaged because of the thefts that occurred “over a long period of time,” according to a BBC report, which also cited another unnamed expert who called the losses “mind-blowing.”
Reposted from Yahoo News
A Sacramento man was arrested on suspicion of smashing the glass windows of an antique store and stealing more than $100,000 worth of rare artifacts.
Sacramento police arrested the 50-year-old man, who faces charges in connection with the Oct. 1 burglary of Zanzibar Fair Trade on on the 1300 block of Broadway in Land Park after learning he had been arrested in connection to another incident by the Sacramento County Sheriff’s Office.
It was unclear which incident the man was first arrested for by the Sheriff’s Office, but police learned the suspect was reportedly involved in the burglary after deputies found antiques with him, police said.
“We at Zanzibar are extremely grateful for the quick, effective, and professional handling by our case detective and responding officers,” the store wrote in a social media post.
Zanzibar staff also said only 10% of their antiquities and jewelry had been returned. Anyone seeking to help the store should come by and make a purchase, the owners said.
The man was booked into jail on suspicion of burglary possession of stolen property and vandalism, police said. According to jail records, he was also booked on an unrelated felony warrant from county probation officials.
He was being held without bail and was expected to be arraigned Friday afternoon.
Reposted from France 24
The attack took place in the northeastern town of Arras, home to large Jewish and Muslim populations. Police arrested the suspected attacker, Mohammed Moguchkov, who had cried the Arabic phrase "Allahu Akbar!" (God is greatest), according to the preliminary elements of the investigation.
Authorities have suggested a probable link to the ongoing violence in the Middle East, with President Emmanuel Macron denouncing the incident as an act of "Islamist terror". The deployment of the soldiers from Operation Sentinelle will be completed by Monday evening, according to the Élysée presidential palace.
Sentinelle is a French military operation with 10,000 soldiers and 4,700 police and gendarmes deployed since the aftermath of the January 2015 attacks to protect parts of the country deemed sensitive from terrorism.
"This school was struck by the barbarity of Islamist terrorism," Macron said after visiting the school, adding that the victim had "probably saved many lives" with his courage in blocking the attacker. Macron said another attempted attack in another region had been foiled by security forces.
According to the interior ministry, the president was referring to the arrest of a "radicalised" man who was arrested leaving a prayer hall in the Yvelines département (administrative unit) near Paris for carrying a prohibited weapon. Interior Minister Gérald Darmanin later said there was "probably a link between what's happening in the Middle East and this incident" in Arras. France upped its alert level to the highest position following a crunch security meeting chaired by Macron on Friday, the prime minister's office told AFP. A total of 10 people have been put into custody, a police source told AFP on Saturday.
In addition to the suspected attacker, several members of his family are being held following the stabbing on Friday, the source said. Two Belarusians were among those in custody, another police source said. The national anti-terrorism prosecutor announced that it has opened an investigation.
Moguchkov, who is in his 20s, is from Russia's mainly Muslim southern Caucasus region of Chechnya. He was already on a French national register known as "Fiche S" as a potential security threat, a police source told AFP, and under electronic and physical surveillance by France's domestic intelligence agency, the DGSI. The victim, a French teacher, was stabbed in the throat and chest. Among those wounded were a school security guard who was stabbed multiple times and is fighting for his life, and a teacher in a less serious condition, the source added. A cleaner was also hurt, according to anti-terror prosecutor Jean-François Ricard. No pupils at the school were hurt, another police source said. The attack comes almost three years to the day after the October 16, 2020 beheading of teacher Samuel Paty, also by a man of Chechen origin, near his school in a Paris suburb.
"Three years after the assassination of Samuel Paty, terrorism has struck a school again and in a context that we all know," Macron said. Police say Moguchkov's 17-year-old brother was detained close to another school. Pupils and teachers were confined to the school's premises before being allowed out in the afternoon. A large security cordon was set up around the school where parents had gathered, and police, firefighters and emergency services were deployed, AFP journalists reported. Martin Dousseau, a philosophy teacher who witnessed the attack, described a moment of panic during break-time, when schoolchildren found themselves face-to-face with the armed man.
"He attacked canteen staff. I wanted to go down to intervene, he turned to me, chased me and asked me if I was a history and geography teacher," Dousseau said. "We barricaded ourselves in, then the police arrived and immobilised him." France has suffered a series of attacks by Islamist extremists since 2015 including the suicide and gun attacks in November 2015, claimed by the Islamic State (IS) group, on targets in Paris where 130 people were killed. There has been a relative lull in recent years, though officials have warned that the threat remains. Macron said in an address to the nation on Thursday that 582 religious and cultural facilities in France were receiving stepped-up police protection after the attack by Hamas on Israel. Speaking in Arras, he reaffirmed his message from that address for the French to "stand shoulder to shoulder" and "stay united". French Education Minister Gabriel Attal said in a message to regional education officials security should be reinforced at schools "without delay". Darmanin on Thursday had banned pro-Palestinian demonstrations in France until further notice, on the grounds they "are likely to generate disturbances to public order". In defiance of his order, several hundred people gathered in Paris and other French cities on Thursday shouting pro-Palestinian and anti-Israeli slogans, AFP correspondents said Police in Paris used tear gas to disperse the protesters and said they had arrested 10 out of around 3,000 people present.
QUICK LINKS
ConferenceMembershipTraining & CertificationDonate to IFCPP
TRAINING & EVENTS
1305 Krameria, Unit H-129, Denver, CO 80220 Local: 303.322.9667 Copyright © 1999 International Foundation for Cultural Property Protection. All Rights Reserved
Contact Us
