INTERNATIONAL FOUNDATION FORCULTURAL PROPERTY PROTECTION
News
Reposted from AAM
As a result of the COVID-19 pandemic, museums everywhere have become more people-centric. Top-line conversations have centered on the thoughts and feelings of our visitors as we have reopened under new safety standards and societal norms. For those of us working on the frontlines of museums, this has been especially crucial. Unlike many others, we have not been able to take a “wait and see” approach to living in the post-pandemic world, as we have had to make concrete and immediate decisions about how to operate in our evolving environment every day. Not in our wildest dreams would we have fathomed two years ago the situation we are currently in. There is very little literature and few if any best practices to draw on. And so, we must come up with what we believe to be the best way to serve our audiences and get back to the important work of supporting our missions and visitors.
Because there have been no definite answers to operating under these new conditions, I wanted to get a fuller picture of how other experience professionals have developed their post-disaster action plans. So, I spoke to people doing this work on the front lines around the country. While everyone I interviewed expressed relief and gratitude that their visitors were beginning to return, they also emphasized a need to pivot, flex, be agile, and tighten up—all verbs I recognized as the tenets of our reality over the past two years. Synthesizing what they shared with me, I captured four main ideas they have leaned on:
The aftershocks of the pandemic, much like those of any other disaster—environmental, social, or otherwise—have left us uncertain. These times have been unnerving to us all, but as safe spaces and havens for harboring a sense of community and belonging, museums have a responsibility to remind those who sustain us that we can sustain them too.
This was what the Natural History Museums of Los Angeles set out to do when they reopened their outdoor areas, including their nature and butterfly gardens, after a five-month whole-organization closure at the start of the pandemic. The museums’ Director of Guest Experience, Daniel Stewart, says visitors were palpably relieved to be able to come back, and surveys showed the team’s efforts helped them feel safe while doing so. “It almost seemed therapeutic for them to be able to participate in a beloved pre-pandemic activity,” Stewart reflects, “and on the front-line, we directly affected those feelings by adhering to the current best practice safety standards.”
Stewart says the museums also showed support to their dedicated supporters by pausing their membership program during the months of closure, to minimize the feeling of missing out on anything. Reaching out with support, rather than marketing messages or requests for money, can be a critical message coming off of such a tough time. The time for “selling” your visitors something is not during a closure or mid-pandemic. At that juncture, the aim is to remind your constituents that you care. The past two years have been an excellent reminder to sell less, support more.
In today’s world, we cannot just think of the museum as a “repository of things.” To fulfill our missions, we must consider how we can meet the people who use that repository where they are. This could mean physically, as in bringing museum content and programs to them, or mentally, as in serving as a place of magnificent distraction—precisely what many of us need right now.
One museum that has learned to meet visitors where they are is the Denver Museum of Nature & Science. During the pandemic, the museum switched to an online timed ticketing reservation system, and staff found it improved visitor experience in multiple ways. One involved limiting the number of visitors arriving at one time. “We have a somewhat small welcome area, and it could feel overwhelming when large numbers arrived at once. By pulsing visitors in at specific times, we can better control the flow and allow more time to greet visitors,” Stephanie Wood, the museum’s Director of Guest Services, told me. The system also changed how they conducted visitor surveying. They had traditionally used in-gallery intercepts, but since they could capture email addresses through the reservation system, they switched to post-visit electronic surveys. Overall, they found this produced deeper insights and a broader understanding of their visitors’ thoughts. They have since gone back to surveying in-gallery, but Wood say they may eventually reinstate electronic surveys again in addition.
Many museums had limited resources before the pandemic closures, and now they have returned from those closures (if they have returned) with only more constraints than before, and more demands on top of it. Digital resources are more in-demand, for instance, as are staff who know how to effectively use those digital resources. We may never go back to being a society dependent on physical contact, and so new ways of utilization have become necessary. All this means that flexibility and ingenuity have never been more important. It will take novel solutions to stretch limited resources into expanded experiences.
One example of such a novel solution comes from Space Center Houston. For visitors to the museum, Guest Experience Director Chance Sanford explains, a popular experience is to take the NASA Tram Tour to visit the NASA Johnson Space Center. Pre-COVID, visitors queued for the tram in traditional serpentine fashion, but after reopening, staff realized it would be a challenge to continue this practice under new physical distancing norms, so they decided to develop a virtual queue system to replace it. In the process, they discovered that not only did this solution provide a safer way for visitors to wait to board, but it also positively affected the length and quality of their stay, because they were now free to roam the exhibits while waiting their turn, rather than spending a portion of their visit waiting in line. Especially in the pandemic era, people have become accustomed to the idea that digitization can get you want you want faster (for example, grocery delivery services and next-day delivery on Amazon), so why would visitors expect to physically queue? The use of technology has shown us that there is no need to waste time in a line.
Throughout the pandemic, norms and expectations have fluctuated, and keeping up with them has required agility. In visitor experience, this means seeking out regular updates on how visits are transpiring: tapping social media and evaluation platforms like Trip Advisor and Yelp for quick and transparent guest reads, soliciting boots-on-the-ground insight from front-line employees, and paying attention to signs of failure and reevaluating the way you are proceeding often.
One way we are staying agile at the Tampa Bay History Center is using self-service kiosks, similar to the ones you might have seen at the supermarket or drugstore. We think of these kiosks not as a means to replace human interaction, but to complement it, and a support to lean on during fluid times. With them in place, we’re ready to accommodate physical distancing and stretches when a visitor’s preference may be to interact with technology instead of a person. Agility is defined as the ability to move, think, and understand quickly, and self-service kiosks accomplish just that. They give museum front-line staff the ability to better allocate their time based off of visitor need and desire.
Post-disaster, as in regular times, visitor experience work will lead to a few negative interactions, since front-line museum employees often bear the brunt of frustrations and anxiety. There are “help wanted” signs everywhere you look right now, as front-line workers in all industries have been pushed to the brink of human endurance. The “Great Resignation” is affecting museums, restaurants, retail stores, and pretty much any outlet that serves people. Many places are posting signs in guest-facing areas urging patrons to “be patient with those who showed up” because they can’t afford to lose any more workers to abusive customers—not exactly the prettiest picture of our new normal, but accurate in many cases, and a good reminder of just how valuable our front-line is.
Through it all, each day brings an opportunity to learn more, and although the COVID-era reality has been volatile, it has brought on an essential reminder of the benefits of agility and flexibility, and perhaps most importantly, it has underlined that for museums, people are one of the most important assets they have the responsibility to protect.
See Original Post
Reposted from The New York Times
For months before the bombs started falling, Hayden Bassett watched over the cultural riches of Ukraine — the cathedrals of Kyiv, the historic buildings of Lviv, museums across the country and the ancient burial sites that dot its steppes.
Using satellite imagery, Bassett, 32, an archaeologist and director of the Cultural Heritage Monitoring Lab at the Virginia Museum of Natural History, has monitored and mapped much of the country’s national heritage as part of a civilian effort to mark the sites that could be devastated by war.
This is the kind of job envisioned for a cadre of U.S. Army specialists being hired to succeed the storied Monuments Men of World War II, who recovered millions of European treasures looted by the Nazis. But more than two years after the Army, with some fanfare, announced the new effort, styled after the old, of dedicated art experts working in a military capacity to preserve the treasures of the past, the program is still not up and running.
“There are a lot of growing pains,” acknowledged Corine Wegener, director of the Smithsonian Cultural Rescue Initiative, a partner in the program.
“There is this capability,” she said, “that the Army ought to have that’s not available to commanders at the moment.”
The lack of that capability has become pressing as Russia invades, and explosions threaten the golden domes and ancient frescoes of Ukraine’s cities. The pandemic certainly played a part in the hiring delay, but candidates looking to join the unit, and leaders who are forming it, have pointed to a host of other issues as well.
Some candidates describe a torturous process in which applications have been mislaid and Army review boards have been slow to decide on whether to hire the many civilian archaeologists, conservators, museum specialists and archivists who have expressed interest.
One leader of the effort, Col. Scott DeJesse, an Army Reserve officer and painter from Texas, said the military is determined to make this happen, but a large bureaucracy — whose crucial missions include emerging military threats — is being asked for the first time to directly commission civilian cultural heritage specialists into military ranks. During World War II, the Monuments Men were soldiers who had already enlisted and happened to have art historical or other specialized backgrounds.
“Look, I plan on changing the world with these people, and yes, I wish it was done sooner,” said Colonel DeJesse, who does not direct the hiring process but concentrates on the operational side of the new unit. “Are people dragging their feet? No. Is it a major priority? No. It is just the speed of a major organization like the Army.”
The plan reflects a recognition that the military needs a force of scholarly experts to advise U.S. commanders and local authorities on how to protect cultural heritage, a recognition that has intensified after the destruction and looting of ancient objects during and after the wars in Iraq and Afghanistan. The experts will, among other things, delineate sites to avoid in airstrikes and ground fighting, and mark places like museums to be protected against looting.
Beyond the inherent value of such preservation work, officials say that efforts to protect cultural legacies have the power to bind local people and foster peace, once the shooting stops. And as a matter of diplomacy and soft power, the sight of American forces helping to save other countries’ cultural treasures can be a powerful tool in the battle for hearts and minds.
“Monuments Men is one of the best images out of the Second World War,” said Andrew Kless, director of the global studies program at Alfred University in upstate New York, an applicant to the new corps who learned in 2020 that he had been selected for an officer’s position; he is still waiting for news of his final appointment.
“This is taking longer than anything I have experienced,” he said. “That has not changed my mind about joining it. I am taking a long-term view. This is a new program.”
Col. Marshall Straus Scantlin, director of strategic initiatives, U.S. Army Civil Affairs and Psychological Operations Command (Airborne), said the pandemic had hindered the ability to convene review panels, which are typically conducted in person. “It just takes time and we want to make sure we get it right,” he said.
Several people who tracked the hiring process said they worried that some qualified candidates had been turned away. And several civilian applicants were assigned one rank and subsequently downgraded, a reflection perhaps of institutional resistance to accepting newcomers at ranks that could upset career military officers. Two candidates have written to their Senators to complain.
Colonel DeJesse said that Army staff members told him it was sometimes difficult to equate civilian candidates’ seniority and work experiences with military rank, and that ranks assigned to civilian hires were being reviewed.
But he defended the quality of candidates selected so far. As for those rejected, he said some applicants had not addressed the specific requirements of the job in their résumés. Others had a good bit of experience, but not as outlined in the Army specifications, which require 48 months of work experience in a specialized field after receipt of an advanced degree.
In October, during a virtual meeting that included candidates for the cultural heritage assignments, Colonel DeJesse spoke to the frustration about how long the process was taking.
“We’re right there with you and we appreciate your patience,” he said. “It’s so important that you guys stick with it as best you can.”
The specialists are to be part of the Army Civil Affairs and Psychological Operations Command, which has its headquarters at Fort Bragg, N.C. Colonel DeJesse, who did tours of duty in Iraq and Afghanistan, said the unit might number as many as 33 specialists, “the highest number of monuments officers since the late 1940s,” he said.
He said several experts who were already reservists had transferred successfully into the role and some were already at work — for example, training units deploying to Central America, Africa and other regions about how to help countries identify and preserve their cultural heritage.
He said another 12 outside candidates had been selected and hoped the first five or so of those could finally get “pinned on” — be formally appointed — at an event scheduled at the Smithsonian in August.
Another twelve would have their applications considered by a review board in May, he said.
As they wait, candidates have been continuing to submit documentation and prepare for the Army physical test, which they will take once commissioned. (It involves six exercises — lifting a 60-pound weight three times; throwing a 10-pound medicine ball; doing consecutive push-ups for two minutes; sprinting and dragging and carrying a weight; leg tucks or planks; and a two-mile run.)
Reposted from Campus Safety Magazine
The head of security at Florida State University’s Strozier Library was arrested last week for allegedly stealing $500,000 worth of rare artifacts from a comic book collection.
Todd Peak, 38, who was employed by the university for eight years, has been charged with grand theft over $100,000, dealing with stolen property, and sale of stolen property through the Internet, reports FSU News.
Library employees reported the stolen items four months prior to Peak’s arrest. The comic books were part of the Robert M. Ervin Jr. Collection which consists of comics and serials on superheroes, science fiction, fantasy and horror. Publications include Marvel Comics and DC Comics.
Police said Peak had been selling the stolen property to private buyers and comic book stores for two years. In total, 4,996 items were missing from the collection. Police have recovered 2,843 of the missing items so far.
Police conducted a search of Peak’s Google search history through a subpoena and discovered that between April 2020 and Jan. 2021, Peak made 448 searches for information about the stolen comic books, often looking for information about their value.
According to a police report, suspicions rose that Peak was selling stolen comics when buyers noticed he had rare comics that were listed as missing from FSU’s Special Collections & Archives.
Investigators spoke with several people who bought comics from Peak. One of the buyers, the owner of a comic book store, told investigators that it was “too great of a coincidence” that Peak worked at the library where the comic books were stolen.
Katie McCormick, the associate dean of libraries for special collections, told investigators that shortly after the theft, Peak asked her to review the inventory sheet for the collection and that he offered to help — something not typically associated with his job.
According to a report released following initial documentation of the crime, FSU Libraries is said to have conducted “an additional internal audit (based on professional practices for Special Collections and Archives) of security protocols and practices to improve the integrity of collections areas and help protect against future theft.”
The collection is housed in the sub-basement of the library and is kept behind a chain-link fence protected by a padlock, according to USA Today. Peak had one of four keys for the lock.
Anyone with knowledge of the whereabouts of any of the stolen items is asked to contact FSUPD at (850) 644-1234.
The carpenters and the security guards at the Philadelphia Museum of Art had long been members of a union when in 2020, workers from departments across the museum — curators, conservators, educators and librarians — voted to create one of the largest museum unions in the country with nearly 250 members.
Workers at the Whitney Museum of American Art, the Art Institute of Chicago, the Guggenheim and the Museum of Contemporary Art in Los Angeles, soon formed their own unions, part of a wave of labor organizing efforts at nearly two dozen art institutions where employees have created new collective bargaining units in the last three years.
Many of the workers who have recently joined unions have come from the curatorial, administrative and education staffs — white-collar office workers who often had not previously been represented by collective bargaining units.
The surge in organizing has even spawned a podcast, “Art and Labor,” whose producers say they “advocate for fair labor practices for artists, assistants, fabricators, docents, interns, registrars, janitors, writers, editors, curators, guards, performers, and anyone doing work for art & cultural institutions.”
And it comes, surprisingly, at a time when the national union membership rate matched historic lows, down significantly from the 1950s, when more than a third of American workers were part of a collective bargaining unit. Last year, according to the federal government’s Bureau of Labor Statistics, the union membership rate for workers was 10.3 percent.
So why are museums the outliers in an otherwise diminished national labor movement?
Organizers say their efforts to convince white-collar arts workers to unionize have been fueled by increasing frustration over the pay gap between museum employees and executives, and that pandemic layoffs only heightened the concerns of some employees looking for better wages and job security.
“Museum workers realized that the human resource policies in terms of pay and benefits were oftentimes byzantine,” said Tom Juravich, a professor who researches labor movements at the University of Massachusetts Amherst. “They realized that they were being treated more like servants to the elite.”
Mary Ceruti, the director of the Walker Art Center in Minneapolis, which unionized in 2020, said that labor efforts are part of a larger push for change at institutions that are also being asked to diversify their work force and to feature a broader sweep of art.
“Unionizing has emerged as one way that staff are trying to affect institutional change,” said Ceruti. “Most museum leaders share the same goals as our staff organizers: to make museums places that both reflect and inspire our constituencies.”
Indeed, some have accused museums of being hypocritical when they champion progressivism in their art exhibitions and embrace new diversity policies in the wake of the 2020 George Floyd protests while challenging the efforts of workers to seek better pay and conditions.
“There is a residue of elite sensibility,” said Laura Raicovich, the former director of the Queens Museum, who recently wrote a book about why cultural institutions have become central to political debates around diversity and equity. “Museum directors have been trained to think of unions as organizations that don’t take into consideration the bigger picture.”
Maida Rosenstein, the president of Local 2110, a chapter of the United Automobile Workers union that represents 1,500 staff members from nearly 20 cultural institutions, said the expansion of the labor movement to a wider set of museum workers originated in the early 1970s when an organization called the Professional and Administrative Staff Association of the Museum of Modern Art, also known as PASTA, started picketing.
It was heralded at the time as the first self-organized union of professional employees at a privately financed museum. Organizers complained that staff were poorly managed and underpaid, leading to a strike in 1971, and another in 1973 that made the cover of Artforum magazine and popularized demands for transparency from museum trustees that are still echoed today.
“There used to be this narrative from museum management that workers were supposed to be very privileged,” said Rosenstein. “You were working for prestige. Your expectations were supposed to be low.”
PASTA didn’t immediately spark a labor movement in the art world, but it became a touchstone 50 years later when more than 3,000 cultural workers in 2019 began to anonymously share their salaries through an online pay transparency spreadsheet. Employees at the New Museum began organizing around this time, and started comparing their wages to the executive salaries disclosed in the financial reports that museums and other nonprofits must publish.
“It was egregious at the New Museum when we started organizing and some of my colleagues were making around $35,000 a year,” said Dana Kopel, a former employee at the museum who now helps other nonprofits unionize.
Lisa Phillips, the director of New Museum, has previously said that “staff and board are united around our purpose and values and we’ve accomplished so much working together.”
A contract later established minimum salaries ranging from $46,000 to $68,500 alongside increased paid time off and reduced employee contributions to health care costs. Unionization at the New Museum helped pave the way for organizers who called out pay differentials at institutions like the Guggenheim and the Philadelphia Museum of Art.
Opinion surveys of American workers suggest labor unions are more popular than they have been, with a 2018 study claiming that 48 percent of nonunion employees would join a union if given the opportunity. And new labor organizing is evident on college campuses, inside Amazon warehouses and at Starbucks locations.
Though organizing efforts at many museums have been successful, agreement on contract terms has not always been swift. Museums have said that multimillion-dollar losses of revenue during the pandemic shutdowns have impeded their ability to make long-term deals.
So nearly a year after voting to unionize, more than 100 workers at Boston’s Museum of Fine Arts formed a picket line outside their institution in November to grab the attention of museum leaders who have not yet agreed to a contract. More than two years after the Museum of Contemporary Art, Los Angeles voluntarily recognized its employee union, organizers are also waiting for a contract and have complained that officials rejected their proposals of higher wages and other benefits. And at the Philadelphia Museum of Art, organizers are also locked in bargaining nearly 18 months after its unionization.
“I naïvely thought that you win an election and most of the work gets done,” said Adam Rizzo, the president of the Philadelphia museum’s union, “But the work gets harder as you negotiate with management and continue to do the weekly outreach.”
Norman Keyes, a spokesman for the Philadelphia museum, said the institution is “committed to reaching a collective bargaining agreement that achieves the best outcome for our staff while sustaining the museum for generations to come.” Amy Hood, a spokeswoman for MOCA, said her museum is “close to finalizing a favorable agreement.”
The Museum of Fine Arts, Boston released a statement that said in part: “We continue productive dialogue with the union and look forward to arriving at an inaugural collective bargaining agreement.”
Nevertheless, some workers within the museum industry have claimed that their employers are stalling negotiations to demoralize their bargaining units; others have gone further to accuse officials of retaliating against staff members who support unionization.
Workers involved in union organizing at the Art Institute of Chicago and the American Museum of Natural History have argued that they received negative performance reviews because of their union advocacy.
In Chicago, organizers have filed an unfair labor practice complaint with the National Labor Relations Board against the institution on behalf of a worker.
Katie Rahn, a spokeswoman for the Art Institute, said it could not respond to the allegations of retaliation because there is a policy to respect the privacy of personnel matters. “We look forward to working with the union through the collective bargaining process toward an agreement that meets the needs of all parties,” she said.
At the Museum of Natural History, an anthropologist, Jacklyn Grace Lacey, said she was fired after organizing to expand the union membership of District Council 37, which has two union shops at the museum, one representing guards and another representing clerical workers. Those shops together comprise roughly 250 members; District Council 37 is working to add a third local that could include dozens of employees to the union ranks with titles like curator and scientist. Last week, the union filed for arbitration with the museum over Lacey’s firing.
Anne Canty, a spokeswoman for the museum, said in a statement that “The museum respects the right of our staff to decide whether to vote to unionize, and we are hearing many viewpoints from staff as they inform themselves on this issue.” The statement added that “Jacklyn Lacey’s termination is entirely separate from the current union organizing effort.”
Many museum employees who have hitched their futures to collective organizing say they are optimistic that unions will protect them in an uncertain world.
“We want equity baked into our contract,” said Sheila Majumdar, an editor and union organizer at the Art Institute of Chicago, which plans on having its first bargaining meeting in spring.
“We have gotten further away from the myth of the cultural worker just being grateful to have a job in this sector,” she explained, adding that younger workers have a better understanding of their value. “We are the ones who make museums.”
You come into your office, juggling your gym bag and a cup of hot coffee, and boot up your laptop to an ominous red and black screen that announces:
“All your files and documents have been encrypted!”
Congratulations, you’ve been hacked.
Last week the New York Times published an article highlighting the rise in ransomware attacks: incidents in which hackers lock down entire computer networks and demand payments to let users recover their data and regain control of their systems. The author cites data documenting a 41 percent increase in ransomware attacks from 2018 to 2019, for a total of over 205,000 reported attacks last year. The average ransom payment jumped to over $190 thousand. And, as the article notes, these numbers probably underrepresent the true costs of such attacks, as organization often don’t want to publicize that they have been hacked.
To that point, I know of at least three museums that have been the targets of ransomware attacks, but so far none have been willing to go on the record about their experiences. Evidently ransomware is the digital equivalent of STDs—but the stigma of (unwarranted) shame attached being a victim is misplaced and counterproductive. By sharing information, museums can become better able to defend themselves and recover from such attacks.
Meanwhile, I’ve compiled some facts on ransomware drawing on free web resources for training and response. Each of the sources excerpted below provide a variety of advice and resources. Take the time to explore them and bookmark useful information—hopefully before an attack takes place!
What is ransomware?
“Ransomware is a type of malware that blocks access to a system, device, or file until a ransom is paid. This is achieved when the ransomware encrypts files on the infected system (crypto ransomware), threatens to erase files (wiper ransomware), or blocks system access (locker ransomware) for the victim. The ransom amount and contact information for the cyber threat actor (CTA) is typically included in a ransom note that appears on the victim’s screen after their files are locked or encrypted. Sometimes the CTA only includes contact information in the note and will likely attempt to negotiate the ransom amount once they are contacted.” (Source: A Security Primer—Ransomware, Cybersecurity.org)
How does ransomware infect computers?
“Here are some of the ways computers and mobile devices can be infected:
(Source: McAfee. See also their 2017 white paper Understanding Ransomware and Strategies to Defeat It.)
Is my museum at risk?
Yes. Hackers are targeting a wide variety of businesses, large and small, as well as individual users. Dozens of cities have been hit by ransomware attacks—and if your museum is part of a municipality, your data may be compromised as well. Keep in mind that university museums inherit the risk of their parent organizations, too. (Last year Regis and Stevens Universities suffered devastating attacks.)
How can I prevent ransomware attacks?
(Source: U.S. Department of Homeland Security, National Cyber Awareness System, Protecting Against Ransomware.)
Are there training programs that can help prevent successful attacks?
Yes. The Alliance uses KnowBe4 for its security awareness training. There are a number of similar programs like AwareGO and Mimecast. All programs follow a similar framework, reoccurring short video training sessions mixed in with periodic assessments. Administrators can use the results to gauge the organization’s risk and impact of training program. Costs are based on the number of users enrolled in the program and start as low as a couple dollars per month. Since threats are evolving it is important to view this training as on-going and not a one-time rubber stamp.
I’ve been attacked by ransomware—what’s the first thing I should do?
The BackBlaze Blog recommends that your first step should be to isolate the infection:
“The first thing to do when a computer is suspected of being infected is to isolate it from other computers and storage devices. Disconnect it from the network (both wired and Wi-Fi) and from any external storage devices. Cryptoworms actively seek out connections and other computers, so you want to prevent that happening. You also don’t want the ransomware communicating across the network with its command and control center.
Be aware that there may be more than just one patient zero, meaning that the ransomware may have entered your organization or home through multiple computers, or may be dormant and not yet shown itself on some systems. Treat all connected and networked computers with suspicion and apply measures to ensure that all systems are not infected.”
What’s next?
Your museum’s IT department or security office may have a procedure in place to respond to ransomware attacks. This may include shutting down and isolating other devices that may have been connected to the infected computer and ensuring that your backup data (you have backup data, right?) is offline and secured.
Where can we get help with responding to a ransomware attack?
Many firms offer to help with recovery of data after a ransomware attack. Be cautious if you decide to engage such a firm—an investigation by Pro Publica revealed that some companies that promise to recover encrypted data simply pay the hackers and pass the charge on to the victim. I have not found a credible, independent review of reputable recovery services. Let me know if you have any source to share.
Should we pay the ransom?
Opinions vary, but many cybersecurity experts (including Lee Mathews, writing for Forbes) argue that you should never pay a ransomware ransom. For one thing, as Mathews points out, only 19% of ransomware targets who pay the ransom actually get their data back. The NYT article I cite at the beginning of this article makes the case that paying ransoms will fuel more attacks, by “giving attackers more confidence that they will get paid.”
Can we recover our data without paying a ransom?
Maybe. Even as hackers create new ransomware programs, programmers race to create encryption programs to free locked data. You can work with a forensics and data recovery program to try to recover what you can. That said, your best recovery strategy is to have a good backup system.
Should we report the attack?
The Department of Homeland Security asks that you report ransomware attacks immediately to CISA at www.us-cert.gov/report, a local FBI Field Office, or Secret Service Field Office.
Reposted from the New York Post
Face it — he’s no Picasso.
A bored security guard in Russia damaged a prized $1.4 million painting of blank faces by doodling eyes onto them at a museum, according to reps from the art house.
The 60-year-old guard allegedly drew the peepers on Anna Leporskaya’s avant-garde artwork, “Three Figures” with a pen during his first day of work at the Yeltsin Centre gallery in Yekaterinburg, a museum spokeswoman told The Guardian Wednesday.
“His motives are still unknown but the administration believes it was some kind of a lapse in sanity,” said the exhibit’s curator Anna Reshetkina, adding that he used a ballpoint “Yeltsin Center-branded pen.”
The security guard, who was not identified, was fired and charged with vandalism last week, The Age newspaper reported.
It’s now expected to cost $4,600 to restore the 1930s painting, which had been on loan from the State Tretyakov Gallery in Moscow.
“The ink has slightly penetrated into the paint layer, since the titanium white used to paint the faces is not covered with author’s varnish, as is often the case in abstract painting of that time,” Ivan Petrov wrote in Russia’s Art Newspaper, which was first to report the story.
“Fortunately, the vandal drew with a pen without strong pressure, and therefore the relief of the strokes as a whole was not disturbed. The left figure also had a small crumble of the paint layer up to the underlying layer on the face.”
Gallery-goers first noticed the faceless defacing in December but the city’s ministry of internal affairs initially deemed the damage “insignificant” and declined to press charges, according to The Guardian.
But the country’s ministry of culture later complained to the prosecutor general’s office, and cops last week announced they’d launched an investigation.
If found guilty, the guard could be sentenced to up to three months in jail.
Reposted from Security Management Magazine
Bob was one of the most successful telecommunications salespeople in his company, generating $1.2 million in broadband sales to small businesses in less than six months. That success led to his promotion to sales manager, supervising 14, and he quickly set out to create a high-producing team. But his age—24—and his lack of management experience derailed that plan. Within the first three months, he alienated himself from his team.
His major problem? Bob tried to “take over” everyone’s sales and close major deals on his own. His team members thought that made them appear ineffective in front of the customers. Bob’s team also complained that he held only one team meeting a month, and, during the meetings, he relied on football analogies when speaking to his diverse staff. He also frequently criticized people’s ideas and missed many management meetings because he was out of the office on appointments. After several abrupt resignations and resulting low morale, Bob’s boss told him that he needed to improve his performance, or he would be fired. Frustrated at having gone from a company superstar to a moderate performer, Bob left the company within 60 days, believing he was a total failure as a manager.
But it’s clear that the company failed Bob as well. Bob’s bosses apparently believed in the myth that effective managers lead intuitively and instinctively. But the majority of effective managers are not born; they learn and practice basic management skills to become effective leaders. Unfortunately, many companies thrust new, untrained employees into positions of authority with little or no formal training.
If you’re a new manager and are feeling overwhelmed, here’s some good news: There are immediate steps you can take to acclimate yourself to a leadership role. While none of these are quick fixes, and they will take time and effort to achieve, by taking small steps into your new role, you will succeed.
First, you need to make the shift from being an individual contributor to being a supervisor of others. In short, you must learn to promote yourself into your new role and respect the authority that comes with the position. New managers often fail to realize that their new job is to ensure that the work gets done correctly by others, not to continue doing their former jobs. Yet many managers continue to “do” instead of “manage.” They allow themselves to become overworked at the expense of managing their team.
Second, work toward creating a productive relationship with your boss so you know what’s expected of you and your peers—and ask successful team leaders how they managed the transition from individual contributor to team leader. As you gather data and ask for support, take time to identify skills from your former role that you can still use, and identify the managerial skills you need to develop. The sooner you spot potential vulnerabilities, the quicker you will be able to ask for specific help from your company to support you in developing your leadership capabilities.
New managers also must keep the company’s objectives in mind as they begin to direct others. Because organizations constantly shift strategies, it’s easy for managers to lose sight of their primary focus. The result is that many new managers are unclear about their priorities. Seek the advice and counsel of people in upper management to fully understand your company’s expectations. Having a mentor within your company can help you navigate through corporate culture and lead a team toward your company's vision. And look to the HR department to provide guidance on assimilating into your new role and provide advice on the responsibilities of being a leader within your company.
Concentrate on developing strong interpersonal skills and your ability to talk with subordinates. Most new managers make the mistake of mimicking an assertive and aggressive managerial style. Instead, they need to learn how to make effective requests, delegate with clear guidelines for performance and provide effective feedback.
Effective managers make specific requests—including who will do what, actions needed and conditions for fulfillment—and they spell out timing and deadline expectations. The clearer you are in presenting your team’s goals and letting team members know the resources available to achieve the results, the more likely your team will respond in kind. It’s also important to make realistic requests and avoid stretch goals that may drive your team to its breaking point.
Effective leadership language is inclusive. Today, as business continues to evolve, we see a more diverse workforce in terms of gender, race and nationality, and global customers are increasingly common. Effective managers must use a language that is respectful and sensitive to an increasingly multicultural workforce. Phrases like “making a touchdown,” “scoring one for the team,” “a hole in one,” “dog eat dog,” or “delivering a one-two punch” used to dominate the business world. But today, those old-fashioned sports analogies or warrior metaphors tend to undermine communication and collaboration. So, pay attention to the words and phrases you use to support others in getting the job done.
Team building is about improving the quality of communications and creating respectful relationships among team members. When properly approached, team building opens up lines of communication to address critical organizational issues, solve legitimate business problems, and achieve lasting results. Many new managers think that taking their team out for drinks, going bowling, tackling an obstacle course, or hiring a motivational speaker to come in and deliver the latest rah-rah speech are the primary ways to build a high-performing team. However, these isolated incidents rarely do anything to build a cohesive team dynamic.
Instead of large-scale events, focus on regular team meetings to develop a sense of collaboration and camaraderie among team members. You can conduct these exercises with little or no resources or cost, and the result is often priceless. Make use of smaller exercises on a consistent basis to develop your team. You'll find that 15 to 30 minutes a week engaging in some form of healthy dialogue will result in significant benefits for you, your team, and ultimately your company.
Perhaps the best thing you can do as a newly promoted manager is to realize you’re not perfect and embrace your inherent vulnerability. Saying “I don't know” isn't a sign of weakness. Instead, it can help you create an instant bond with your team members—and establish greater credibility—than acting as if you’ve got all the answers. People see through someone who’s “faking it.” (Check out Actualized Leadership: Meeting Your Shadow and Maximizing Your Potential (SHRM, 2019) by William Sparks.)
The bottom line? Even if your company doesn't have resources to invest in your role, it’s important that you acknowledge your transition to leadership, learn to take stock of your strengths, and honor your developmental areas when it comes to managing people.
Reposted from Security Magazine
With the digital acceleration across industries over the past year and a half, fraud has reached an all-time high in 2021. With the increase in fraud, attacks have gotten more sophisticated, including tactics for phishing, extortion and identity theft, costing businesses $42B over the last year.
As we enter the new year, and with our world only becoming more connected, we’ve gathered the top 4 emerging fraud threats that we will see companies facing in 2022 and beyond.
The Rise of Metaverse Digital Identity Passports
Digital fraud has never been so rampant, and this rise has been largely accelerated by the social media era we are living in. Leading social platforms such as Facebook have pivoted their focus to the metaverse, and are championing the use of “digital identities” for work and leisure. However, although this new technology is on the horizon, with every innovative digital advancement, fraudsters will find a way to capitalize on the new landscape and attack consumers and businesses.
As a result of the new vulnerabilities, there will be an increasing need for nimble digital fraud prevention to keep up with the pace of change. Digital identities are easy to create, so security teams will need to consider how to use these online footprints to accurately identify fake accounts and fraud attempts, while consumers will need to take steps to protect their own digital identities from being exploited by fraudsters.
AI and Machine Adoption for Fraud Prevention Accelerates in E-Commerce
Innovative technologies such as AI and ML have helped automate processes across industries, but as e-commerce has boomed, fraud has gone up exponentially. On average, the e-commerce industry gets hit with 206,000 web attacks per month. And despite 42% of businesses saying that digital fraud hampers innovation and expansion into new channels, only 34% of companies are investing in fraud prevention and mitigation.
With e-commerce booming and no signs of slowing down, AI and ML to defend against fraud will be on the rise in 2022 and beyond. This will help online retailers keep up with fraudsters evolving tactics and will help them spot patterns that might have been missed with manual checks. Using AI and ML will also help merchants analyze historical data and compare it to current transactions, which will be especially beneficial during the busier shopping seasons.
The Rise of Crypto Exchange Fraud
Crypto exchange fraud can be defined as every attack designed to extort value from a cryptocurrency exchange through illegal means. Most attacks happen when fraudsters use stolen credit cards for payment and fake IDs to bypass the KYC checks when buying cryptocurrency, which can lead to high chargeback rates. As with online banks and loan providers, exchanges are highly vulnerable to fraud because, although digital, it is the fastest way to access monetary assets.
We have seen a rise in third-party solutions like Coinbase Commerce and BitPay for businesses who want to accept cryptocurrencies. But despite their popularity, even the most secure cryptocurrency exchanges can’t protect users from advanced phishing and social engineering fraud attacks. As cryptocurrency is still fairly new, there is a lack of awareness of crypto exchange safety and protection methods which will drive the rise of fraud next year.
Economic Instability and Pandemic Fallout Means More Fraud
The pandemic shifted the way we work and play to a more digital environment, and with this shift comes more opportunities for new fraud tactics. Phishing, smishing (SMS phishing) and other similar scams more than doubled in 2020 according to the FBI’s Internet Crime Complaint Center and will only continue to grow next year.
Additionally, with the unstable economy, people were out of work and receiving unemployment and economic stimulus benefits, which will lead to an increase in financial fraud attempts. As fraudsters are able to easily create unlimited disposable email addresses or buy real emails through darket/clearnet marketplaces, they will continue to target vulnerable people online through these scams.
In the new year, we can expect to see organizations capitalizing on new digital innovations across industries; however, these modernized solutions can open businesses and consumers to fraudulent acts. As fraudsters adapt to the digital transformation in nearly every industry, attacks will continue to rise and become more advanced, and the ‘internet crime sprees” will only get better and faster. Advanced detection and prevention strategies and tools in emerging sectors will help reduce cases of fraud and will save time, money and effort in resolving attacks, which will be on the rise in 2022 as we continue to be more connected than ever.
At the Oakland Museum of California (OMCA), diversity, equity, inclusion, access, and anti-racism are commitments that have long been a part of our DNA, both internally and in our work with our community, partners, and other cultural institutions. Over the decades of our existence, we’ve made great strides in these commitments, but we also recognize that they exist on a continuum, and much work remains. In that light, we’ve recently taken our work a step further, collaborating across departments to identify more concrete ways to build equity into our own processes, including new ways of working together as individuals and colleagues moving this organization forward.
OMCA’s commitment to equity began in its founding as the “museum of the people.” It was born in 1969 in the shadow of racial division and protest, amid demonstrations to free Huey Newton, founder of the Black Panther Party, who was on trial across the street from the museum at the Alameda County Courthouse.
Our focus on equity is compelled not only by this history but also by our location in one of the most diverse cities in the country, defined by a history of social justice and activism. Since our founding, we have collaborated with advisory councils and volunteer groups to connect to the communities of Oakland. We have been committed to presenting the multicultural stories of the state, and even more recently, specifically focusing on the untold and undertold stories of California.
Over the past decade, we have worked to live up to these foundational values by diversifying our board, staff, and our audience. We adapted our recruitment process for staff to reduce bias and promote equity, as well as to provide greater access to learning and development opportunities for all. We have also begun to measure the impact we are having on the well-being of our community beyond traditional measures of attendance or financial benchmarks.
By the end of the summer of 2020, the ADT teams presented six high-level priorities supported by some 160 recommendations for short-term actions and long-term strategies, first to the full staff, then to the Executive Team, then to the Executive Committee of the Board of Trustees, and finally to the Board of Trustees.
In January 2021, OMCA undertook a major organizational redesign which included a restructuring of its staff after the final impacts of COVID, and used these recommendations to center anti-racism as a core value and principle in the process. A few of the changes that have taken place since the redesign was implemented in the spring of 2021 include:
The museum is currently in the midst of implementing its new structure, creating new processes and cross-functional teams to move the organization forward. OMCA remains committed to this journey and knows that the work is never done; we will continue to look inward and examine how we can evolve as individuals and colleagues collectively and to share our learnings with the broader museum field.
To reflect on this process and what the organization has been working on over the last few years, OMCA’s Director & CEO Lori Fogarty recently sat down for a conversation with colleagues Johwell Saint-Cilien and L. Autumn King to discuss what the institution has learned, and how OMCA continues to move this work forward. Watch the video below to hear their reflections.
A complete disregard for the law. A lack of empathy for others and lack of remorse with regards to harming others. According to the Mayo Clinic, these are only a couple of the symptoms that could describe someone afflicted with antisocial personality disorder.
They also aptly describe Mother Nature—especially when she throws a tornado, flood, wildfire, or any other natural disasters into the path of an organization, its facilities, and its workforce.
The United States is home to more tornados than anywhere else in the world, according to the Insurance Information Institute. Before 1991, it was rare to see more than 1,000 tornadoes within a year. But between 1991 and 2010, the U.S. National Oceanic and Atmospheric Administration’s Storm Prediction Center recorded a yearly average of 1,228 tornadoes.
More recently, there were 1,517 tornadoes in 2019, which directly resulted in 42 deaths; 1,075 tornadoes in 2020 linked to 76 deaths; and 1,174 tornadoes between 1 January 2021 and 25 November 2021, during which 14 people died. This does not include the series of tornadoes that tore through Kentucky and other U.S. states on 10 December 2021, which killed at least 90 people—a death toll that may still be increasing.
Statistics with hurricanes are not much more encouraging. According to data from the National Hurricane Center, in 2017 there were 17 named storms that emerged out of the Atlantic Ocean; in 2018 there were 15; in 2019 that number climbed to 18; and in 2020 it jumped to 30. Before 2020, the last time there were more than 19 named storms within a year was in 2005 during which there were 28, and before that there were 20 storms in 1933.
But after the storm passes—whether literal or figurative—businesses and communities are left to pick up the pieces. By now, whether because of a natural disaster or instead thanks to the COVID-19 pandemic, most organizations have a business continuity plan, while “anti-fragility” and “disaster recovery plan” have become industry watchwords.
Having business continuity and recovery plans in place—especially ones specifically tailored to a natural disaster—can help protect a business and curb the amount of downtime that an organization might spend returning to an operational status. Various organizations, such as government agencies and insurance providers, offer resources and guidance for businesses—advising on what an individual company or facility can do to prepare or protect itself.
“It doesn’t matter what the threat vector is, the end goal is still the same: that you’re able to survive the situation,” says Nicole McDargh, CPP, vice president of safety and loss prevention for pizza giant Domino’s. “This is where that anti-fragility bent comes from.”
While she aims to focus on “controlling the controllables,” McDargh also acknowledges that when it comes to natural disasters, significant elements and impacts cannot be reigned in by an organization or person, even after a storm has passed. “You have to solve for the things you can solve,” she says.
Planning to resist a weather event is difficult given its ability to decimate entire communities and regions. There’s not exactly a way to fortify a facility against an earthquake if the ground opens underneath it. So instead, McDargh opts to not only consider every bad thing that could happen to a facility or its employees, but to also consider how to limit any damage.
“Not solve for it or eradicate it—but mitigate it. What can I do to make it the least amount of damage to my people or to my business?” McDargh says. “How do I get back up to speed?” This train of thought is part of her larger aim: not only getting the business back up and running and ensuring employees and facilities are safe, but also learning from previous incidents and returning to normal operations faster than before.
For an organization looking to prove itself resilient to a natural disaster, the planning phase must take into account steps well before an event blips on a radar, as well as look beyond its own walls.
After a weather event, one key consideration to consider while planning for recovery and getting back to speed sooner rather than later is coordination with the local community. While threats from inside or external attackers might target a specific business or person, a climate event doesn’t differentiate between one building and another, much less one person and another. The value in having previously connected and developed a positive relationship with other community stakeholders—including churches, first responders, community centers, and utilities—is that this network can assist in a speedier recovery.
According to Nora O’Brien, a business continuity planning expert and CEO for Connect Consulting Services, organizations should go beyond networking and a general awareness. She recommends having memorandums of understanding (MOUs) with other businesses or organizations that a company may need to rely on during recovery efforts.
For example, a hospital may want an MOU with a childcare company, one that outlines the number of employees needed to care for hospital staff’s children in the event of a natural disaster or other emergency—allowing doctors, nurses, administrators, and other staff to focus on caring for those injured by a weather event instead of how to get home to their children.
O’Brien also suggests that local networking relationships should take these partnerships a step further, potentially conducting drills or other training together. At the very least, there should be meetings between stakeholders to discuss readily available resources and establish expectations, such as whether community shelters be set up in the local high school’s gymnasium or a hotel’s ballroom.
“The more you do in advance, the higher levels of community resilience,” O’Brien says.
While reopening for-profit businesses immediately benefits the companies returning to normal hours and operations, a 2016 paper from the think tank RAND Corporation, What Role Does the Private Sector Have in Supporting Disaster Recovery, and What Challenges Does It Face in Doing So?, noted that the benefits are felt throughout the surrounding community. “Businesses’ ability to reopen and ensure few disruptions in payroll is most critical for economic recovery,” the report said, and these organizations can provide goods or services, such as logistics, even during response and recovery.
Private businesses’ assistance to an area hit by a disaster is sometimes quantified through monetary donations to relief funds or regional or specialized recovery funds and nonprofits. Other times, such as within a community network, it’s not about the money.
McDargh recalls that local Domino’s restaurants sent over food to line workers trying to fix power lines downed by Hurricane Ida around early September, even though there had been no call for a delivery order. From the perspective of the company, such scenarios are symbiotic. One organization can feed those in need of food, fueling the people who will help refuel power supplies, supplies that in turn help bring the company back to 100 percent operational capacity, along with the rest of the community.
“Without you doing your job, you’re not going to be able to help me do my job,” McDargh says. “I’ve got backup generators, but I need power eventually, so I need to keep you fed.” And McDargh has found that in general, those receiving a service are willing to reciprocate, whether that reciprocal behavior presents as restored power, shelter for employees and their families, additional fuel for generators, or other goods and services.
While natural disasters do not discriminate, the unexpected outcome during recovery efforts is that everyone in a community is united in their attempts to not only survive, but thrive in the aftermath, hopefully coming out stronger and faster than before. “Nothing brings us together like an absolutely hideous event,” McDargh says.
When it comes to determining who in the community can help in this fashion, the nature of the network will depend on the nature of the business.
While a superstore might have an emergency facility that can withstand a storm or tornado, a power plant or a luxury goods store probably cannot make its entire site available to the public given its need for high security in at least some areas. Instead of shelter, a different kind of exchange of services or goods would likely be more beneficial to the overall community as well as to the individual organization.
When putting together this kind of recovery plan, McDargh notes that it’s also wise to look up and down the organization’s vertical. For example, a grocery store might need to rely on a nearby warehouse to resupply its shelves, but what if that warehouse is somehow cut off from the store or major highways altogether? And what is the plan if that happens—who can help and how can that person or group be helped in return?
Failing to have those conversations and build those relationships before the next storm or disaster hits, especially after weathering one before, can not only hurt an organization as it works to recover but also further down the road.
“If it happens again—and it will happen again—you were already unprepared the first time, but now it’s almost negligent,” McDargh says. “You know that it can happen, and you know that there were some things that you possibly could have done better.”
QUICK LINKS
ConferenceMembershipTraining & CertificationDonate to IFCPP
TRAINING & EVENTS
1305 Krameria, Unit H-129, Denver, CO 80220 Local: 303.322.9667 Copyright © 1999 International Foundation for Cultural Property Protection. All Rights Reserved
Contact Us
