Log in


  • February 17, 2022 6:21 AM | Office IFCPP (Administrator)

    Reposted from the New York Post

    Face it — he’s no Picasso.

    A bored security guard in Russia damaged a prized $1.4 million painting of blank faces by doodling eyes onto them at a museum, according to reps from the art house.

    The 60-year-old guard allegedly drew the peepers on Anna Leporskaya’s avant-garde artwork, “Three Figures” with a pen during his first day of work at the Yeltsin Centre gallery in Yekaterinburg, a museum spokeswoman told The Guardian Wednesday.

    “His motives are still unknown but the administration believes it was some kind of a lapse in sanity,” said the exhibit’s curator Anna Reshetkina, adding that he used a ballpoint “Yeltsin Center-branded pen.”

    The security guard, who was not identified, was fired and charged with vandalism last week, The Age newspaper reported.

    It’s now expected to cost $4,600 to restore the 1930s painting, which had been on loan from the State Tretyakov Gallery in Moscow.

    “The ink has slightly penetrated into the paint layer, since the titanium white used to paint the faces is not covered with author’s varnish, as is often the case in abstract painting of that time,” Ivan Petrov wrote in Russia’s Art Newspaper, which was first to report the story.

    “Fortunately, the vandal drew with a pen without strong pressure, and therefore the relief of the strokes as a whole was not disturbed. The left figure also had a small crumble of the paint layer up to the underlying layer on the face.”

    Gallery-goers first noticed the faceless defacing in December but the city’s ministry of internal affairs initially deemed the damage “insignificant” and declined to press charges, according to The Guardian.

    But the country’s ministry of culture later complained to the prosecutor general’s office, and cops last week announced they’d launched an investigation.

    If found guilty, the guard could be sentenced to up to three months in jail.

    See Original Post

  • February 17, 2022 6:11 AM | Office IFCPP (Administrator)

    Reposted from Security Management Magazine

    Bob was one of the most successful telecommunications salespeople in his company, generating $1.2 million in broadband sales to small businesses in less than six months. That success led to his promotion to sales manager, supervising 14, and he quickly set out to create a high-producing team. But his age—24—and his lack of management experience derailed that plan. Within the first three months, he alienated himself from his team.

    His major problem? Bob tried to “take over” everyone’s sales and close major deals on his own. His team members thought that made them appear ineffective in front of the customers. Bob’s team also complained that he held only one team meeting a month, and, during the meetings, he relied on football analogies when speaking to his diverse staff. He also frequently criticized people’s ideas and missed many management meetings because he was out of the office on appointments. After several abrupt resignations and resulting low morale, Bob’s boss told him that he needed to improve his performance, or he would be fired. Frustrated at having gone from a company superstar to a moderate performer, Bob left the company within 60 days, believing he was a total failure as a manager.

    But it’s clear that the company failed Bob as well. Bob’s bosses apparently believed in the myth that effective managers lead intuitively and instinctively. But the majority of effective managers are not born; they learn and practice basic management skills to become effective leaders. Unfortunately, many companies thrust new, untrained employees into positions of authority with little or no formal training.

    If you’re a new manager and are feeling overwhelmed, here’s some good news: There are immediate steps you can take to acclimate yourself to a leadership role. While none of these are quick fixes, and they will take time and effort to achieve, by taking small steps into your new role, you will succeed.

    First, you need to make the shift from being an individual contributor to being a supervisor of others. In short, you must learn to promote yourself into your new role and respect the authority that comes with the position. New managers often fail to realize that their new job is to ensure that the work gets done correctly by others, not to continue doing their former jobs. Yet many managers continue to “do” instead of “manage.” They allow themselves to become overworked at the expense of managing their team.

    Second, work toward creating a productive relationship with your boss so you know what’s expected of you and your peers—and ask successful team leaders how they managed the transition from individual contributor to team leader. As you gather data and ask for support, take time to identify skills from your former role that you can still use, and identify the managerial skills you need to develop. The sooner you spot potential vulnerabilities, the quicker you will be able to ask for specific help from your company to support you in developing your leadership capabilities.

    New managers also must keep the company’s objectives in mind as they begin to direct others. Because organizations constantly shift strategies, it’s easy for managers to lose sight of their primary focus. The result is that many new managers are unclear about their priorities. Seek the advice and counsel of people in upper management to fully understand your company’s expectations. Having a mentor within your company can help you navigate through corporate culture and lead a team toward your company's vision. And look to the HR department to provide guidance on assimilating into your new role and provide advice on the responsibilities of being a leader within your company.

    Concentrate on developing strong interpersonal skills and your ability to talk with subordinates. Most new managers make the mistake of mimicking an assertive and aggressive managerial style. Instead, they need to learn how to make effective requests, delegate with clear guidelines for performance and provide effective feedback.

    Effective managers make specific requests—including who will do what, actions needed and conditions for fulfillment—and they spell out timing and deadline expectations. The clearer you are in presenting your team’s goals and letting team members know the resources available to achieve the results, the more likely your team will respond in kind. It’s also important to make realistic requests and avoid stretch goals that may drive your team to its breaking point.

    Effective leadership language is inclusive. Today, as business continues to evolve, we see a more diverse workforce in terms of gender, race and nationality, and global customers are increasingly common. Effective managers must use a language that is respectful and sensitive to an increasingly multicultural workforce. Phrases like “making a touchdown,” “scoring one for the team,” “a hole in one,” “dog eat dog,” or “delivering a one-two punch” used to dominate the business world. But today, those old-fashioned sports analogies or warrior metaphors tend to undermine communication and collaboration. So, pay attention to the words and phrases you use to support others in getting the job done.

    Team building is about improving the quality of communications and creating respectful relationships among team members. When properly approached, team building opens up lines of communication to address critical organizational issues, solve legitimate business problems, and achieve lasting results. Many new managers think that taking their team out for drinks, going bowling, tackling an obstacle course, or hiring a motivational speaker to come in and deliver the latest rah-rah speech are the primary ways to build a high-performing team. However, these isolated incidents rarely do anything to build a cohesive team dynamic.

    Instead of large-scale events, focus on regular team meetings to develop a sense of collaboration and camaraderie among team members. You can conduct these exercises with little or no resources or cost, and the result is often priceless. Make use of smaller exercises on a consistent basis to develop your team. You'll find that 15 to 30 minutes a week engaging in some form of healthy dialogue will result in significant benefits for you, your team, and ultimately your company.

    Perhaps the best thing you can do as a newly promoted manager is to realize you’re not perfect and embrace your inherent vulnerability. Saying “I don't know” isn't a sign of weakness. Instead, it can help you create an instant bond with your team members—and establish greater credibility—than acting as if you’ve got all the answers. People see through someone who’s “faking it.” (Check out Actualized Leadership: Meeting Your Shadow and Maximizing Your Potential (SHRM, 2019) by William Sparks.)

    The bottom line? Even if your company doesn't have resources to invest in your role, it’s important that you acknowledge your transition to leadership, learn to take stock of your strengths, and honor your developmental areas when it comes to managing people.

    See Original Post

  • February 17, 2022 6:07 AM | Office IFCPP (Administrator)

    Reposted from Security Magazine

    With the digital acceleration across industries over the past year and a half, fraud has reached an all-time high in 2021. With the increase in fraud, attacks have gotten more sophisticated, including tactics for phishing, extortion and identity theft, costing businesses $42B over the last year. 

    As we enter the new year, and with our world only becoming more connected, we’ve gathered the top 4 emerging fraud threats that we will see companies facing in 2022 and beyond. 

    The Rise of Metaverse Digital Identity Passports

    Digital fraud has never been so rampant, and this rise has been largely accelerated by the social media era we are living in. Leading social platforms such as Facebook have pivoted their focus to the metaverse, and are championing the use of “digital identities” for work and leisure. However, although this new technology is on the horizon, with every innovative digital advancement, fraudsters will find a way to capitalize on the new landscape and attack consumers and businesses. 

    As a result of the new vulnerabilities, there will be an increasing need for nimble digital fraud prevention to keep up with the pace of change. Digital identities are easy to create, so security teams will need to consider how to use these online footprints to accurately identify fake accounts and fraud attempts, while consumers will need to take steps to protect their own digital identities from being exploited by fraudsters. 

    AI and Machine Adoption for Fraud Prevention Accelerates in E-Commerce

    Innovative technologies such as AI and ML have helped automate processes across industries, but as e-commerce has boomed, fraud has gone up exponentially. On average, the e-commerce industry gets hit with 206,000 web attacks per month. And despite 42% of businesses saying that digital fraud hampers innovation and expansion into new channels, only 34% of companies are investing in fraud prevention and mitigation. 

    With e-commerce booming and no signs of slowing down, AI and ML to defend against fraud will be on the rise in 2022 and beyond. This will help online retailers keep up with fraudsters evolving tactics and will help them spot patterns that might have been missed with manual checks. Using AI and ML will also help merchants analyze historical data and compare it to current transactions, which will be especially beneficial during the busier shopping seasons.

    The Rise of Crypto Exchange Fraud

    Crypto exchange fraud can be defined as every attack designed to extort value from a cryptocurrency exchange through illegal means. Most attacks happen when fraudsters use stolen credit cards for payment and fake IDs to bypass the KYC checks when buying cryptocurrency, which can lead to high chargeback rates. As with online banks and loan providers, exchanges are highly vulnerable to fraud because, although digital, it is the fastest way to access monetary assets. 

    We have seen a rise in third-party solutions like Coinbase Commerce and BitPay for businesses who want to accept cryptocurrencies. But despite their popularity, even the most secure cryptocurrency exchanges can’t protect users from advanced phishing and social engineering fraud attacks. As cryptocurrency is still fairly new, there is a lack of awareness of crypto exchange safety and protection methods which will drive the rise of fraud next year. 

    Economic Instability and Pandemic Fallout Means More Fraud 

    The pandemic shifted the way we work and play to a more digital environment, and with this shift comes more opportunities for new fraud tactics. Phishing, smishing (SMS phishing) and other similar scams more than doubled in 2020 according to the FBI’s Internet Crime Complaint Center and will only continue to grow next year. 

    Additionally, with the unstable economy, people were out of work and receiving unemployment and economic stimulus benefits, which will lead to an increase in financial fraud attempts. As fraudsters are able to easily create unlimited disposable email addresses or buy real emails through darket/clearnet marketplaces, they will continue to target vulnerable people online through these scams. 

    In the new year, we can expect to see organizations capitalizing on new digital innovations across industries; however, these modernized solutions can open businesses and consumers to fraudulent acts. As fraudsters adapt to the digital transformation in nearly every industry, attacks will continue to rise and become more advanced, and the ‘internet crime sprees” will only get better and faster. Advanced detection and prevention strategies and tools in emerging sectors will help reduce cases of fraud and will save time, money and effort in resolving attacks, which will be on the rise in 2022 as we continue to be more connected than ever. 

    See Original Post

  • February 01, 2022 8:13 AM | Office IFCPP (Administrator)

    Reposted from AAM

    At the Oakland Museum of California (OMCA), diversity, equity, inclusion, access, and anti-racism are commitments that have long been a part of our DNA, both internally and in our work with our community, partners, and other cultural institutions. Over the decades of our existence, we’ve made great strides in these commitments, but we also recognize that they exist on a continuum, and much work remains. In that light, we’ve recently taken our work a step further, collaborating across departments to identify more concrete ways to build equity into our own processes, including new ways of working together as individuals and colleagues moving this organization forward.

    OMCA’s commitment to equity began in its founding as the “museum of the people.” It was born in 1969 in the shadow of racial division and protest, amid demonstrations to free Huey Newton, founder of the Black Panther Party, who was on trial across the street from the museum at the Alameda County Courthouse.

    Our focus on equity is compelled not only by this history but also by our location in one of the most diverse cities in the country, defined by a history of social justice and activism. Since our founding, we have collaborated with advisory councils and volunteer groups to connect to the communities of Oakland. We have been committed to presenting the multicultural stories of the state, and even more recently, specifically focusing on the untold and undertold stories of California.

    Over the past decade, we have worked to live up to these foundational values by diversifying our board, staff, and our audience. We adapted our recruitment process for staff to reduce bias and promote equity, as well as to provide greater access to learning and development opportunities for all. We have also begun to measure the impact we are having on the well-being of our community beyond traditional measures of attendance or financial benchmarks.

    Despite these strides, our external research—and, even more importantly, the internal reckoning we’ve confronted—have revealed we have much further to go. For that reason, in 2020 we convened more than fifty staff members from every level of the organization to examine the museum’s culture and structure and put forth recommendations on becoming a more anti-racist institution. Tasked with this mandate, the participating staff formed into self-designated and self-directed Anti-Racist Design Teams (ADTs) and met intensively over a three-month process that assessed various aspects of the museum’s programming, working processes, and community engagement.

    By the end of the summer of 2020, the ADT teams presented six high-level priorities supported by some 160 recommendations for short-term actions and long-term strategies, first to the full staff, then to the Executive Team, then to the Executive Committee of the Board of Trustees, and finally to the Board of Trustees.

    In January 2021, OMCA undertook a major organizational redesign which included a restructuring of its staff after the final impacts of COVID, and used these recommendations to center anti-racism as a core value and principle in the process. A few of the changes that have taken place since the redesign was implemented in the spring of 2021 include:

    • A nine-dollar-an-hour pay increase for OMCA’s lowest-paid employees, taking the base level of pay to $26.26 per hour
    • A staff-led investment task force created to identify themes for OMCA’s investment portfolio, working in collaboration with a board task force and Board Investment Committee
    • A newly created cross-institution Safety Team, which has implemented a set of principles and commitments to reopening through the lens of DEAI, with equity and safety at the forefront
    • Staff-led wellness offerings, including meditation and journaling, and healing circles led by a trained transformative justice facilitator
    • The endorsement of a Statement of Commitment that articulates the Board of Trustees’ role in the museum’s journey to becoming more anti-racist and equitable
    • Revised board roles and responsibilities, including individual and collective commitments to principles of equity and anti-racism
    • Nominating eight new board members, as part of our participation in AAM’s Facing Change Initiative, bringing total board composition to 50 percent BIPOC representation

    The museum is currently in the midst of implementing its new structure, creating new processes and cross-functional teams to move the organization forward. OMCA remains committed to this journey and knows that the work is never done; we will continue to look inward and examine how we can evolve as individuals and colleagues collectively and to share our learnings with the broader museum field.

    To reflect on this process and what the organization has been working on over the last few years, OMCA’s Director & CEO Lori Fogarty recently sat down for a conversation with colleagues Johwell Saint-Cilien and L. Autumn King to discuss what the institution has learned, and how OMCA continues to move this work forward. Watch the video below to hear their reflections.

    See Original Post

  • February 01, 2022 8:10 AM | Office IFCPP (Administrator)

    Reposted from Security Management Magazine

    A complete disregard for the law. A lack of empathy for others and lack of remorse with regards to harming others. According to the Mayo Clinic, these are only a couple of the symptoms that could describe someone afflicted with antisocial personality disorder.

    They also aptly describe Mother Nature—especially when she throws a tornado, flood, wildfire, or any other natural disasters into the path of an organization, its facilities, and its workforce.

    The United States is home to more tornados than anywhere else in the world, according to the Insurance Information Institute. Before 1991, it was rare to see more than 1,000 tornadoes within a year. But between 1991 and 2010, the U.S. National Oceanic and Atmospheric Administration’s Storm Prediction Center recorded a yearly average of 1,228 tornadoes.

    More recently, there were 1,517 tornadoes in 2019, which directly resulted in 42 deaths; 1,075 tornadoes in 2020 linked to 76 deaths; and 1,174 tornadoes between 1 January 2021 and 25 November 2021, during which 14 people died. This does not include the series of tornadoes that tore through Kentucky and other U.S. states on 10 December 2021, which killed at least 90 people—a death toll that may still be increasing.

    Statistics with hurricanes are not much more encouraging. According to data from the National Hurricane Center, in 2017 there were 17 named storms that emerged out of the Atlantic Ocean; in 2018 there were 15; in 2019 that number climbed to 18; and in 2020 it jumped to 30. Before 2020, the last time there were more than 19 named storms within a year was in 2005 during which there were 28, and before that there were 20 storms in 1933.

    But after the storm passes—whether literal or figurative—businesses and communities are left to pick up the pieces. By now, whether because of a natural disaster or instead thanks to the COVID-19 pandemic, most organizations have a business continuity plan, while “anti-fragility” and “disaster recovery plan” have become industry watchwords.

    Having business continuity and recovery plans in place—especially ones specifically tailored to a natural disaster—can help protect a business and curb the amount of downtime that an organization might spend returning to an operational status. Various organizations, such as government agencies and insurance providers, offer resources and guidance for businesses—advising on what an individual company or facility can do to prepare or protect itself.

    “It doesn’t matter what the threat vector is, the end goal is still the same: that you’re able to survive the situation,” says Nicole McDargh, CPP, vice president of safety and loss prevention for pizza giant Domino’s. “This is where that anti-fragility bent comes from.”

    While she aims to focus on “controlling the controllables,” McDargh also acknowledges that when it comes to natural disasters, significant elements and impacts cannot be reigned in by an organization or person, even after a storm has passed. “You have to solve for the things you can solve,” she says.

    Planning to resist a weather event is difficult given its ability to decimate entire communities and regions. There’s not exactly a way to fortify a facility against an earthquake if the ground opens underneath it. So instead, McDargh opts to not only consider every bad thing that could happen to a facility or its employees, but to also consider how to limit any damage.

    “Not solve for it or eradicate it—but mitigate it. What can I do to make it the least amount of damage to my people or to my business?” McDargh says. “How do I get back up to speed?” This train of thought is part of her larger aim: not only getting the business back up and running and ensuring employees and facilities are safe, but also learning from previous incidents and returning to normal operations faster than before.

    For an organization looking to prove itself resilient to a natural disaster, the planning phase must take into account steps well before an event blips on a radar, as well as look beyond its own walls.

    After a weather event, one key consideration to consider while planning for recovery and getting back to speed sooner rather than later is coordination with the local community. While threats from inside or external attackers might target a specific business or person, a climate event doesn’t differentiate between one building and another, much less one person and another. The value in having previously connected and developed a positive relationship with other community stakeholders—including churches, first responders, community centers, and utilities—is that this network can assist in a speedier recovery.

    According to Nora O’Brien, a business continuity planning expert and CEO for Connect Consulting Services, organizations should go beyond networking and a general awareness. She recommends having memorandums of understanding (MOUs) with other businesses or organizations that a company may need to rely on during recovery efforts.

    For example, a hospital may want an MOU with a childcare company, one that outlines the number of employees needed to care for hospital staff’s children in the event of a natural disaster or other emergency—allowing doctors, nurses, administrators, and other staff to focus on caring for those injured by a weather event instead of how to get home to their children.

    O’Brien also suggests that local networking relationships should take these partnerships a step further, potentially conducting drills or other training together. At the very least, there should be meetings between stakeholders to discuss readily available resources and establish expectations, such as whether community shelters be set up in the local high school’s gymnasium or a hotel’s ballroom.

    “The more you do in advance, the higher levels of community resilience,” O’Brien says.

    While reopening for-profit businesses immediately benefits the companies returning to normal hours and operations, a 2016 paper from the think tank RAND Corporation, What Role Does the Private Sector Have in Supporting Disaster Recovery, and What Challenges Does It Face in Doing So?, noted that the benefits are felt throughout the surrounding community. “Businesses’ ability to reopen and ensure few disruptions in payroll is most critical for economic recovery,” the report said, and these organizations can provide goods or services, such as logistics, even during response and recovery.

    Private businesses’ assistance to an area hit by a disaster is sometimes quantified through monetary donations to relief funds or regional or specialized recovery funds and nonprofits. Other times, such as within a community network, it’s not about the money.

    McDargh recalls that local Domino’s restaurants sent over food to line workers trying to fix power lines downed by Hurricane Ida around early September, even though there had been no call for a delivery order. From the perspective of the company, such scenarios are symbiotic. One organization can feed those in need of food, fueling the people who will help refuel power supplies, supplies that in turn help bring the company back to 100 percent operational capacity, along with the rest of the community.

    “Without you doing your job, you’re not going to be able to help me do my job,” McDargh says. “I’ve got backup generators, but I need power eventually, so I need to keep you fed.” And McDargh has found that in general, those receiving a service are willing to reciprocate, whether that reciprocal behavior presents as restored power, shelter for employees and their families, additional fuel for generators, or other goods and services.

    While natural disasters do not discriminate, the unexpected outcome during recovery efforts is that everyone in a community is united in their attempts to not only survive, but thrive in the aftermath, hopefully coming out stronger and faster than before. “Nothing brings us together like an absolutely hideous event,” McDargh says.

    When it comes to determining who in the community can help in this fashion, the nature of the network will depend on the nature of the business.

    While a superstore might have an emergency facility that can withstand a storm or tornado, a power plant or a luxury goods store probably cannot make its entire site available to the public given its need for high security in at least some areas. Instead of shelter, a different kind of exchange of services or goods would likely be more beneficial to the overall community as well as to the individual organization.

    When putting together this kind of recovery plan, McDargh notes that it’s also wise to look up and down the organization’s vertical. For example, a grocery store might need to rely on a nearby warehouse to resupply its shelves, but what if that warehouse is somehow cut off from the store or major highways altogether? And what is the plan if that happens—who can help and how can that person or group be helped in return?

    Failing to have those conversations and build those relationships before the next storm or disaster hits, especially after weathering one before, can not only hurt an organization as it works to recover but also further down the road.

    “If it happens again—and it will happen again—you were already unprepared the first time, but now it’s almost negligent,” McDargh says. “You know that it can happen, and you know that there were some things that you possibly could have done better.” 

    See Original Post

  • February 01, 2022 8:06 AM | Office IFCPP (Administrator)

    Reposted from Inc.

    There have been endless think pieces written in the past few months about what exactly is driving the so-called Great Resignation. Is it people leaving to start their own independent thing? Is it fed-up low-wage workers using a tiny bit of new leverage to demand less awful treatment? Or is it more about professionals who can afford to be choosy searching for jobs that better align with their values and aspirations? 

    There are certainly plenty of individual cases in which each of these scenarios apply, but if you want a less anecdotal and more data-driven explanation of the Great Resignation I suggest a recent MIT Sloan Management Review article by Donald Sull, Charles Sull, and Ben Zweig, who are an MIT professor, a founder, and a CEO, respectively. 

    The Great Resignation isn't mainly about pay 

    Together the authors recently conducted a massive analysis of both workplace data from Revelio Labs (where Ben Zweig is CEO) and more than a million Glassdoor reviews. All this information allowed the team not only to see which companies have been struggling with higher rates of attrition during the Great Resignation than their industry averages, but also what employees were saying about those companies (via the Glassdoor reviews).    

    What were employees complaining about at companies that were losing the most workers during the current tsunami of resignations? It wasn't mainly pay. 

    "Much of the media discussion about the Great Resignation has focused on employee dissatisfaction with wages. How frequently and positively employees mentioned compensation, however, ranks 16th among all topics in terms of predicting employee turnover," the authors report. 

    Why employees actually leave 

    Instead, the biggest predictor of employee resignations was a toxic culture. But other unexpected factors also seemed important. Here are the top five predictors of high rates of attrition the research uncovered. 

    1. Toxic culture. "A toxic corporate culture is by far the strongest predictor of industry-adjusted attrition and is 10 times more important than compensation in predicting turnover," report the authors. What does toxic mean exactly? The authors explain the main elements include "failure to promote diversity, equity, and inclusion; workers feeling disrespected; and unethical behavior."

    2. Job insecurity and reorganization. It's probably no shock that feeling like you could lose your job at any moment makes you start thinking about getting another job. "Previous research has found that employees' negative assessments of their company's future outlook is a strong predictor of attrition," the authors point out. 

    3. High levels of innovation. This one is less intuitive, but the authors found "that the more positively employees talked about innovation at their company, the more likely they were to quit." They suspect that's because innovation is hard -- and hard on workers. Innovation may be interesting and inspiring but it can also burn people out. 

    4. Failure to recognize performance. "Employees are more likely to leave companies that fail to distinguish between high performers and laggards when it comes to recognition and rewards," write the authors. This isn't about compensation. It's about feeling seen and valued when you do excellent work.  

    5. Poor response to Covid-19. Again no shocker here, but companies bungling their way through the pandemic get a stark reminder of the consequences of their incompetence in the article: "Employees who mentioned Covid-19 more frequently in their reviews or talked about their company's response to the pandemic in negative terms were more likely to quit."

    The article goes into detail about the study methodology and also offers advice to bosses looking to head off resignations (offering career development, which other experts have also stressed, and more flexibility top the list), so check it out if you're interested in a fascinating deep dive on the subject.

    But the headline takeaway is that most analyses of the Great Resignation are getting the most important drivers of the whole phenomenon wrong. No one likes to be underpaid. But it turns out people like disrespect and insecurity even less. 

    See Original Post

  • February 01, 2022 8:03 AM | Office IFCPP (Administrator)

    Reposted from Security Management Magazine

    During the first wave of the COVID-19 pandemic, many organizations were confronted with the challenge of securing remote and hybrid environments via integrated security solutions that were deployed in a pre-COVID-19 environment. 

    What seemed like a momentary disruption to business as usual has now become the new normal in the corporate world. All signs point to remote and hybrid work looking set to stay, with Gartner predicting that 51 percent of all knowledge workers and 32 percent of all employees worldwide would be working remotely by the end of 2021. In the United States specifically, Gartner predicted remote workers will account for 53 percent of the workforce in 2022. This dynamic shift has led to an increase of more than 23 percent in public cloud spending just to support these numbers. 

    One thing is clear, corporations are deftly and swiftly embracing this new virtual frontier. In the push to do so, however, some companies may rush forward without fully understanding how too many discrepancies or inconsistencies could impede their progression to deliver an effective security platform in today’s remote environment.

    When there are unmitigated inconsistencies within an organization’s security management system, it could effectively appear that the right hand doesn’t know what the left is doing. When planning for a return-to-work environment, these discrepancies can present significant risk as well as economic impact and need to be overcome before the remote work evolution ends in a corporate dissolution. 

    In strengthening one’s organization to withstand the challenges of tomorrow, it is critical to focus on the three most common disconnects taking place today, primarily around standardization, personnel, and system maintenance.

    Nonexistent or Inconsistent Systems Standardization  

    Whether it is related to supporting two different access control platforms simultaneously or trying to oversee a video solutions system that has numerous site/location naming configurations as every vendor has their own preferred format, a lack of standardization generates a disparate environment, thus preventing true platform oversight, administration, and visualization. This is a real challenge for anything beyond a single building approach, commonly resulting in unnecessary spending to replace non-compliant equipment and an unclear usage footprint with multiple forms of credentials being issued thus allowing ghost credentials—credentials left active from employees who leave the company—to litter the systems. 

    Often falling low on the task list, ghost credentials are one of the most overlooked items providing undue risks and popping up out of the shadows during the most unfortunate of times. Nevertheless—and despite significant security investments by organizations—they continue to float around haunting even the largest of multinationals. 

    But how could a single item like a credential impact an entire company? It’s simple. Without standardization across disparate systems and setting expiry dates, former employees or contractors may continue to access corporate spaces after their departure with no oversight of what they may be doing or what confidential information they may be seeing or accessing, because they may still be listed as employees or contractors in other systems.

    In some cases, there could be up to five or six times more employees in organizational databases than are actually on the staff, a QCIC case study found it is not unusual for major organizations to discover that former employees have simply continued going into their buildings and branches to use their facilities, access data, and potentially expose personnel to undue harm. As organizations begin to shake off the aftereffects of seeing millions of Americans quit their jobs as part of the Great Resignation, what may seem like a perfect time for companies to reassess and realign their priorities has instead been pushed aside to rapidly fill vacancies and redirect resources.

    Moreover, across vast geographies in disparate environments, many organizations overspend on office space because they have no clear oversight on actual use. We commonly see large organizations around the world investing in office space designed to accommodate the total number of employees they have without realizing that only a fraction of their current staff is truly using that space. When organizations lack true oversight and standardization this ultimately leads to uninformed decision-making in terms of managing their portfolios from both an operational and a security perspective.

    When organizations utilize a secured-by-design approach, this initiative improves the security of buildings and their immediate surrounding areas to create a safer environment to live, work, or visit—inclusive of system standardization and security harmonization—they can overcome disconnects between disparate environments and locations. Thus, delivering real-time oversight of all buildings, areas, people, property, and assets. By cleansing and merging multiple databases into a single source, companies remove duplicate, invalid, or expired records, and they can gain a better understanding of who is using what and how.

    Too Few Qualified Personnel 

    Globally, organizations that are being tasked with doing more with less are also being challenged by a reduction in the number of qualified personnel they have available to implement and manage security cohesively. Regional and fiscal constraints, as well as long upskilling times, can leave organizations overwhelmed and vulnerable.

    Because of this, leaders tend to depend heavily on a handful of competent, skilled, senior-level staff who unfortunately take their knowledge with them when they leave, thereby creating an internal knowledge divide. 

    This default gap in skill sets forces smaller teams to take on multiple roles often leading junior staff to operate with little oversight or be thrust into critical scenarios where experience and specialized training are crucial. This could result in a lack of sufficient certified personnel with enough real-life experience and a dependency on one instead of a pool of many.

    In addition, corporations heavily rely on third-party vendors that are contracted through longstanding relationships, rather than being selected for their technical specialties. This can often result in decision making that lacks vital strategic direction from industry experts.

    Virtual system administration and application support enable continuity and resource optimization. In a holistic security environment, hosted either on the premises or in the cloud, organizations can reinforce their security teams with external experts to enable continuity in procedure and policy management, system administration, and software maintenance. 

    As employees struggle to find the elusive work–life balance, many are choosing to step away from their current roles to pursue a career in alternate industries or leave the workforce in general. With this mass exodus, organizations are rushing to fill the void however the time, as well as budget, needed to upskill existing staff shrinks day-by-day.

    Therefore, companies are looking for some T.R.U.S.T (technological resources utilizing system transparency), yet they are unsure where to turn. 

    Systems Support and Maintenance Disconnects

    When system support and maintenance parameters are not established or followed correctly, they create vulnerabilities that open organizations to potential data leaks, repetitive undocumented issues as well as multiple system points of failure.

    The assumption that things are being done right, often, and as scheduled, has found many an organization on the wrong side of a basic software upgrade with maintenance remaining far down on the priority list in established environments.

    Platforms not operating on the minimum supported version and a lack of cross-system awareness creates vulnerabilities—yet in many organizations, all those boxes have been checked and the assumption is that everything is in order. But checking boxes doesn’t mean the task is being accomplished correctly, with assumptions signaling a break in communications leading to an overall lack of consistent security management. Therefore, when a manufacturer announces a vulnerability, teams frequently must scramble to assess their environment to learn if they have been exposed and what potential impact that brings to their security program at large. 

    Organizations need verification, qualification, and the surety that their security requirements and systems are updated and standardized. Developing a plan that backs a 24/7 “always on” model ensures organizations that any support and maintenance disconnects are overcome quickly and any vulnerabilities are mitigated swiftly.

    Overcome Disconnects by Future-Forward Planning and Standardization  

    As organizations move into a new workplace model, the risk of disconnects has become greater than ever. People and systems will be more widely dispersed across more locations, increasing the odds of the left hand not knowing what the right is doing. 

    To curb the growing risks this change brings, organizations must move now to address the most basic disconnects and build on that foundation for a more integrated, holistic approach to security.  

    See Original Post

  • February 01, 2022 8:00 AM | Office IFCPP (Administrator)

    Reposted from AAM

    What if every entry level museum job was designed to be the first rung in a career ladder for anyone who desires to climb? How could that change who wants to work in a museum, and whether they are willing to commit to the long-term? How might it help museums build a workforce that reflects the communities they serve?

    Even pre-pandemic, museums were grappling with challenges related to labor and equity, and the past two years have only raised the stakes. Responding to the most recent COVID impact survey by the Alliance (publication pending), directors ranked “labor and skills shortage” third in a list of disruption threatening their businesses in the next year, topped only by the pandemic itself and the slow recovery of travel and tourism. Over half of respondents are having trouble filling open positions, particularly for visitor-facing roles (guest services, admissions, frontline, and retail), essential support (facilities, maintenance, and security), and education. These positions not only suffer a disproportionate share of pandemic stress, they also typically offer relatively low pay and few opportunities for advancement.

    To build a workforce that supports their goals and aspirations and aligns with their mission and values, museums will have to rethink many aspects of labor, from how positions are designed to the benefits they provide in the short and long term. For this reason, I was very intrigued to come across several recent job postings in which the employer outlined where an entry level position fit into a potential career development path within the organization. As museums strive to attract and retain the staff they need, build a diverse workforce, and provide good, stable jobs, mapping position openings onto pathways for advancement could be an excellent practice to add to the HR toolkit.

    Here’s the most detailed example I came across in my browsing:

    The Barna Group, a research company that specializes in Christian faith and culture, includes an “Advancement Plan” with their job postings. For example, the description for Research Coordinator explains that “The next step for a Research Coordinator is dependent upon the individual’s interest. A coordinator may begin to manage projects, with coaching and oversight from experienced colleagues, prior to transitioning into a role as Associate. This provides an opportunity for learning and development before the coordinator has acquired the necessary broad spectrum of experience to take on additional responsibility and is an important stepping stone to advancement.” The posting also emphasizes not only what a person in this position will do, but also what they will learn.

    Last November, on this blog, director Margaret Koch described how the Bullock Texas State History Museum is building pathways for advancement inside the museum, including offering a wide variety of master classes for staff on a variety of issues such as technical skills and management training. To build paths out of what all too often become dead-end jobs, the Bullock hopes to create “hybrid” positions in which people work half time in a front-line job, and spend the other half apprenticing in another department such as exhibitions, education, communications, or development. I love the idea of designing entry level positions as training opportunities for advancement. For one thing, it would help museums to diversify their applicant pool by relying less on traditional academic credentials, and more on the skills, abilities, life experience, and character of candidates. On-the-job training and carefully crafted pathways for advancement can help create a future in which the staff of museums, including the people at the highest levels of leadership, reflect the demographics of the communities they serve.

    That sounds like a good first rung for a ladder to a brighter future.

    Interested in exploring this topic in more depth? This article from the Society for Human Resource Management provides an excellent overview of ways to develop career paths and ladders in organizations.

    See Original Post

  • February 01, 2022 7:56 AM | Office IFCPP (Administrator)

    Reposted from Smithsonian Magazine

    Last Wednesday, more than 70 museums and cultural institutions in the Netherlands temporarily reopened their storied galleries as makeshift nail salons, barber shops and gyms. Organizers of the coordinated event described it as a lighthearted protest of the government’s inconsistent Covid-19 restrictions. Under the rules, theaters, bars, cafés and museums must remain shuttered, while hair and nail salons and gyms are permitted to open, reports Anna Holligan for BBC News.

    Cultural institutions and venues have been closed since the country entered a national lockdown in December, in response to a surge in the Covid-19 pandemic attributed to the fast-spreading Omicron variant.

    Even as infection case numbers reached record highs, the Dutch government relaxed some of its lockdown restrictions last week, as hospitalizations fell, “reopening nonessential shops until 5 p.m., as well as gyms, hairdressers, nail salons and brothels,” reports Claire Moses for the New York Times.

    The Dutch art sector, still restricted from opening to the public, responded with a coordinated act of civil disobedience. At the Van Gogh Museum, manicurists created nail designs inspired by the Impressionist painter’s flowering trees and starry night skies. At Amsterdam’s royal concert hall, barbers offered haircuts during orchestra rehearsals, per BBC News. Meanwhile, patrons of the Amsterdam Museum rolled out yoga mats next to priceless paintings while actors performed plays in the hallways, reports Tessa Solomon for ARTnews.

    Performance artists Sanne Wallis de Vries and Diederik Ebbinge organized the protest. On the event’s website, they billed the daylong event as “a playful initiative to draw attention to the dire situation in the cultural sector.”

    Some institutions chose not to participate after local officials threatened fines, reports the Post. And while some 30 mayors across the country expressed support for the cause, others such as Amsterdam Mayor Femke Halsema stated that she would not permit the protest to occur, according to the New York Times.

    Despite the mayor’s statements, Emilie Gordenker, the director of the Van Gogh Museum, decided to go through with the planned event, according to BBC News.

    “A museum visit is a safe visit, and equally important as going to a nail salon, perhaps more so,” she says. “We just ask them to be consistent... make the rules in a way everyone understands them. At this point that seems to be lacking.”

    See Original Post

  • January 20, 2022 5:08 AM | Office IFCPP (Administrator)

    Reposted from TimeOut

    When Mayor Lori Lightfoot announced Chicago's proof-of-vaccination mandate last week, the order only applied to indoor dining and fitness venues, as well as entertainment and recreation venues where food or beverages are served. But when the affected businesses begin requiring guests to present a copy of their vax card (and a photo ID, if they're 16 or older) on January 3, some of Chicago's most prominent museums will follow suit.

    In the days since Mayor Lightfoot's press conference announcing Chicago's new proof-of-vaccination policy, the Field Museum, the Art Institute of Chicago, the Museum of Science and Industry, the Shedd Aquarium and the National Museum of Mexican Art have announced that visitors will need to present a vax card for entry. In fact, the Museum of Science and Industry and the National Museum of Mexican Art have already enacted the policy—the rest will begin requiring proof of vaccination on January 3, along with the city's bars, restaurants and indoor entertainment venues.

    Even though Chicago museums are "indoor entertainment venues," the halls containing exhibitions technically aren't covered under the current language of the Chicago vaccination requirement. In a statement to NBC 5 Chicago, a representative for the city clarified that, "it is only the dining area (food or drink) within a museum that needs to abide by the requirement." 

    While the Field Museum, the Museum of Science and Industry and Shedd Aquarium currently operate cafes and restaurants that are covered by the city's vaccination requirement, it's clear that local museums are approaching the coming weeks with an abundance of caution as case numbers in Chicago (and Illinois) are at an all-time high. In an email sent to guests, the Art Institute of Chicago explained that the the museum is requiring proof of vaccination "In an effort to ensure that our museum is as safe as possible for all."

    If you're planning on visiting any of the aforementioned museums in the coming weeks, here's what you'll need to provide upon entry:

    • Your vaccination card, a photocopy of your vaccination card, a digital photo of your vaccination card or a printed record from a vaccine provider (required for all guests age 5 and older)
    • A valid photo ID (required for all guests age 16 and older)

    While other prominent local institutions like the Museum of Contemporary Art, the Chicago History Museum and the DuSable Museum of African American History haven't yet announced whether or not guests will be required to provide proof of vaccination, it's entirely possible that they'll fall in line with their peers. If you're planning to check out some amazing museum exhibitions in the new year, you should probably bring your vax card.

    See Original Post


1305 Krameria, Unit H-129, Denver, CO  80220  Local: 303.322.9667
Copyright © 2015 - 2018 International Foundation for Cultural Property Protection.  All Rights Reserved