INTERNATIONAL FOUNDATION FORCULTURAL PROPERTY PROTECTION
News
Reposted from NPR
Thomas Gavin may be one of the most prolific artifact thieves in U.S. history.
There are no movies or books about him, and no wild police chases or Indiana Jones-like adventures. In fact, until a couple of years ago no one even knew who he was.
But Gavin had been on a tear in the '60s and '70s, hitting nearly a dozen museums on the East Coast. He mostly stole antique firearms and stashed them in his hideout — a cluttered, non-descript barn in rural Pennsylvania.
Gavin's crime spree was so under the radar, no one caught on until 2018, when he tried to unload a rare, Revolutionary-era rifle to a local antiques dealer.
At first, Kelly Kinzle didn't know what he was looking at.
"I looked at it and I said, 'Well, this is a copy of a famous rifle,' " Kinzle recalls. "I said, 'This isn't the original — has to be a copy.' And he didn't say anything, didn't correct me, and I bought it literally for a copy of a famous gun."
But when Kinzle brought it home, he still had a feeling that bothered him and kept looking at the gun.
"I took it apart and when I took it apart. It was period. It was correct. I went to a reference book — I had bought an old out-of-print book — and I flipped through it and I found a photograph of the gun," he says. "And under the photograph, the caption was: 'Stolen from the Valley Forge Historical Society in 1970.' "
It wasn't just any old gun, but one of the few surviving rifles made by master gunsmith John Christian Oerter.
The copy Kinzle thought he bought for $4,000 was actually valued at $175,000.
The FBI, of course, was looking for the rifle. And when they questioned Gavin about how he got it, the long jig was up. That was in 2019, and now finally the saga has made its way to the courts and a ruling.
It's unclear how many items the now 78-year-old Gavin pilfered. It's been so long that a lot of the places he claimed to hit don't exist anymore, or they don't have a record of the thefts. And most of the statutes of limitations on the items he stole have expired.
In court last week, Gavin pleaded guilty to one count of disposal of an object of cultural heritage stolen from a museum. The judge took Gavin's age and declining health into consideration and, incredibly, sentenced Gavin to one day in prison for decades of theft.
Still, Kinzle, who spent a lot of his own money to help solve this crime, isn't upset with Gavin's light sentence.
"I think he's trying to do the right thing now and and get some of these things back," Kinzle says. "Or at least, you know, nobody's ever going to be made whole.
"Personally, I wish I never got the call and never had to be involved in this. But you know, I think in the end, we're all going to come out better for it."
And as for the rifle? It's now on display the Museum of the American Revolution in Philadelphia, where it's on loan from the Pennsylvania Society of Sons of the Revolution.
See Original Post
Reposted from Artnet News
There are a near-record 10.5 million job vacancies in the United States, according to the latest figures from the Bureau of Labor Statistics. The hiring crunch has left the upper echelons of the art world empty, with almost two dozen openings for what may be the most coveted role in the cultural sector: museum director.
The openings are the product of a perfect storm. There’s a generational shift among leaders sparking a wave of retirements, while controversies, pandemic-induced budget shortfalls, and demands for increased DEAI engagement are pushing other leaders out the door. According to an analysis by Artnet News, no fewer than 22 director positions are currently open at important art institutions across the country.
The organizations seeking new leadership range from some of the country’s largest and wealthiest, like the J. Getty Paul Getty Trust, the San Francisco Museum of Modern Art, and the Philadelphia Museum of Art, to smaller ones that serve as pillars for their local communities, such as the San Antonio Museum of Art, the Frist Art Museum in Nashville, and the Wadsworth Atheneum in Hartford, Connecticut.
“There is a tremendous amount of leadership transition underway,” said Bruce Thibodeau, president of the Arts Consulting Group, which is currently helping PlayPenn, a Philadelphia incubator for playwrights, find a new artistic director. Many executives who had planned to retire in early 2020 delayed their departures because of the pandemic, he said, but are now leaving their posts alongside those who had originally planned to depart this year. Both groups are “making their transitions simultaneously, which is creating more vacancies than normal.”
The question now is whether there are enough qualified—and, perhaps more importantly, interested—candidates to fill these roles at a time when the job of museum director is considerably less desirable than it used to be.
“People really don’t want to be directors right now because the jobs are emotionally unsustainable and it’s a challenge to navigate the wealth gap between low-paid staff and wealthy trustees,” said Laura Raicovich, a museum executive who recently published a book on the political and economic challenges facing art institutions today.
Oftentimes, the public reads organizational failings as a reflection of bad management. Some museum directors said this leaves them feeling like lightning rods responsible for absorbing shock while the trustees escape scrutiny—despite having the final say in major decisions like acquisitions, workplace policies, and building expansions.
The Cooper Hewitt Smithsonian Design Museum in New York is on its second interim director after ousting Caroline Baumann from its top position last year. The Smithsonian had launched an investigation into potential problems regarding the procurement of a dress and venue for Baumann’s 2018 wedding. Two people close to the inquiry told the New York Times that the investigation turned up evidence of an apparent conflict of interest. Baumann has since rejected the investigation’s findings, calling it a “sham report.”
Newfields in Indiana has had an interim president for nearly nine months since its former leader, Charles Venable, resigned after he was criticized for a job posting that described the museum’s core audience as “white.” Around the same time, SFMOMA’s director Neal Benezra announced that he would be stepping down after the institution completed a major expansion in 2016 and, more recently, faced criticism for its response to George Floyd’s murder and alleged censorship of Black employees. The directors of Museum of Contemporary Art, Detroit, and the Cantor Arts Center at Stanford University also left in response to complaints from staff about abusive work environments.
While such controversies can reflect the harsh management philosophies of directors, there is a growing awareness of the pressures directors are under from their boards. Museum experts said that the three-way relationship between staff, leaders, and trustees is more complex than it appears—and contributes to the challenge of the director role.
ere are a near-record 10.5 million job vacancies in the United States, according to the latest figures from the Bureau of Labor Statistics. The hiring crunch has left the upper echelons of the art world empty, with almost two dozen openings for what may be the most coveted role in the cultural sector: museum director.
“The director serves at the pleasure of the board and there is always a complicated relationship in having to be the visionary who is inspiring trustees but at the same time reporting to them,” said Raicovich, who attributed difficulties to the growing wealth gaps between wealthy board members and everyone else. “I know very few directors who don’t deeply empathize with their staff.”
Over the summer, Timothy Rub, the Philadelphia Museum of Art’s director and chief executive officer, announced his plan to retire after 13 years in 2022. More than a year ago, Gail Harrity, who joined the museum in 1997 and became its president and chief operating officer, announced her departure; her role remains unfilled.
While experts say it is not unusual for museum leadership to turn over after the completion of a major capital campaign, the PMA also experienced a turbulent year of employees alleging sexual and physical misconduct against former managers as well as a financial squeeze wrought by the pandemic that resulted in 85 layoffs and more than 40 buyouts.
Philadelphia, a city that has seen leadership turnover at nearly every one of its major cultural organizations over the past year, serves as a valuable case study for what happens when executive turnover meets the financial challenges of the pandemic. “Philadelphia may be the canary in the coal mine,” Raicovich said.
Public spending for the arts was one of the first things to go when the city was facing an estimated $749 million budget shortfall last year. Allocations for the arts through the Philadelphia Culture Fund decreased from more than $3 million to $1 million after cuts, reducing the amount of organizations that received support by nearly 40 percent, according to the city.
In addition to the Philadelphia Museum of Art, the Pennsylvania Academy of the Fine Arts lost its museum director, Brooke Davis Anderson, who went to lead a philanthropic fund based in New York. The academy is also searching for a president and chief executive officer.
“Sometimes individuals determine that their future lies elsewhere,” said Priscilla Luce, interim head of the Greater Philadelphia Cultural Alliance, which also happens to be searching for its next leader. “I certainly think the stress and strain of Covid-19 has added to the equation.”
But a spate of new hires in Philadelphia also offers a glimpse at what the future of the sector might look like. After a lengthy recruitment process, the African American Museum recently announced that Ashley Jordan, previously an executive with the National Underground Railroad Freedom Center in Cincinnati, would become its next president and chief executive.
“There is great opportunity for the next generation of Philadelphia’s museum directors as art history evolves and the status quo is challenged,” said Jordan, who, at 37, belongs to the city’s new cohort of young leaders. Last year, Philadelphia’s Institute of Contemporary Art hired Zoë Ryan as its new director; in 2019, the Fabric Workshop & Museum tapped Christina Vassallo, 41, to lead the organization.
Both within Philadelphia and elsewhere in the U.S., the majority of museums that have completed their executive searches over the past year have chosen women and BIPOC candidates to lead their organizations. That includes institutions like the Peabody Essex Museum in Massachusetts, the Bronx Museum in New York, and the Saint Louis Art Museum in Missouri.
“Directors now have the chance to ask boards about how willing they are to rethink their strategy, especially in the areas of diversity and inclusion,” said Jane Hsu, an associate vice president at the Arts Consulting Group. “Nobody wants to step into a position and realize there is a major issue.”
If the trio of new directors in Philadelphia is any indication, the future of museums will be more digital and more collaborative than ever before. All three women are now embarking on projects aimed at expanding their museums online after the pandemic tanked their attendance figures. Their institutions recently received a combined $856,200 in grants from the Pew Center for Arts & Heritage meant to help reshape business and revenue models.
The African American Museum’s $256,200 grant will fund two new staff positions responsible for bringing the nonprofit’s exhibitions and programming online. “Young leaders want to help their museums move forward,” Jordan explained. “I’m already feeling a great synergy among us directors in the city of brotherly love.”
The directors have also formed a consortium that helps arts leaders from across the city collaborate. The group has experimented with joint fundraising and programming; it’s now focused on improving communication among institutions and challenging “the values underlying what museums do, who they serve, and how they function,” according to its website.
For now, executive recruiters say that prospective museum directors have the upper hand in negotiations. That type of leverage gives new leaders a chance to challenge board directors and other structural barriers that might have hampered their predecessors.
“It’s a job seeker’s market,” said Hsu, the arts consultant. “You could get some great finalists for a museum job, but maybe they are candidates for multiple other positions.”
Reposted from Security Management Magazine
When the COVID-19 pandemic suddenly turned millions of U.S. employees into remote workers, some leaders began to worry whether their staffs were actually working or, instead, whiling away the hours watching Netflix or helping their children with schoolwork.
The consequences of a lack of trust can be significant, impacting employee productivity, engagement, and ultimately retention.
It's a particularly relevant issue now, as many organizations consider whether to offer a hybrid workplace going forward. A recent survey by PwC found that almost 70 percent of executives want employees in the office at least three days a week, while more than half of employees want to work remotely at least three days a week and almost 30 percent would prefer to permanently work from home.
“Trust is the foundation of every relationship in our life,” says Jen Fisher, U.S. chief well-being officer for the consultancy Deloitte. “Every positive relationship starts from a place of trust.”
Trust also serves as a foundational component of a healthy and well work environment, adds Fisher, co-author of Work Better Together: How to Cultivate Strong Relationships to Maximize Well-Being and Boost Bottom Lines. And in this time of uncertainty caused by the pandemic, trust may be more important than ever.
Fisher notes how the COVID-19 outbreak accelerated changes in technology and remote work. “The pandemic has catapulted us into the future in many ways,” she says. “With uncertainty, you need trust and meaningful and supportive relationships.”
But how can organizations make this happen?
“In order to gain trust, you should give people as much stability as possible,” says Liane Hornsey, executive vice president and chief people officer at Palo Alto Networks based in Santa Clara, California. The cybersecurity company has about 9,000 employees who have been working remotely for more than a year. To foster stability and security, the company announced early on that there would be no pandemic-related layoffs and said employees wouldn't return to the workplace until this month at the earliest.
Organizations “move at the speed of trust,” says Elaine Yang, HR business partner manager at Lever, which offers a software platform that helps companies hire and grow. So having a workplace built on trust can lead to quicker decisions and better collaboration. “Efficiency and productivity depend on the trust of teammates,” she says.
A culture of trust needs to be set at the top, and the HR department has a key role to play in advising senior leadership to help establish the right tone for the organization, says Paul Eccher, president and chief executive officer of the Vaya Group, a talent management consultancy based in Warrenville, Illinois.
At Lever, whose 185 employees primarily worked in the company’s offices in San Francisco and Toronto before the pandemic hit, the biggest change in the past year has been increased communication and transparency between leaders and employees. Open discussions are held on everything from companywide decisions to goals and projects, Yang says, and all-hands meetings are conducted every two weeks with an extensive question-and-answer session at the end of each meeting.
Stephanie Stewart, SHRM-CP, HR director at Reconciled, a virtual bookkeeping and accounting service for small businesses, sees trust as a driver for employee engagement. “If employees feel trusted, they feel more engaged,” she says. “Nobody likes to be micromanaged.”
The Burlington, Vermont-based company, which has about 50 employees and 30 contractors, discusses autonomy with job candidates during the interview process, Stewart says. Employees generally work Monday through Friday from 9:00 a.m. to 5:00 p.m., but the company doesn't dictate what they work on or when they work on it. “We trust you to manage your schedule, prioritize work, and reach out when you need help,” she explains.
In a recent survey, 97 percent of Reconciled employees said they felt trusted to do what was expected of them and 92 percent said they trusted their co-workers. “That's really important to us in a remote organization,” Stewart says.
Reconciled holds a monthly all-hands staff meeting, where employees can discuss topics such as self-care or their goals for the year, as well as regular department meetings and team meetings, all of which are virtual.
Palo Alto Networks has employed remote workers for years. “It’s not where you work that really matters; it’s how you work,” says Hornsey, who adds, “I would not work for somebody I don’t trust.”
But not all organizations are ready to embrace trust. Even before the pandemic began, half of organizations monitored employees’ e-mail and social media posts, says Reid Blackman, founder and CEO of Virtue, an ethics consultancy based in New York City.
The number of companies monitoring their employees has likely climbed during the pandemic. According to a 2020 Gartner survey of executives at 119 organizations, 60 percent use technology tracking tools to monitor some or all of their hybrid or remote employees.
A company that uses monitoring software should be transparent about it, Blackman says. Otherwise, such monitoring threatens to deteriorate trust and create a bad relationship between employees and the employer.
Employers may use the information generated by monitoring to make ill-informed decisions on who to fire, promote, or give bonuses to, he says. Such data often provides insight into the quantity, rather than the quality, of an employee’s work.
But, Blackman says, “It’s not crazy for employers to be concerned about employees working less and producing less. It’s an entirely reasonable fear.”
With the uncertainty caused by the pandemic, employees “need to trust that leaders and the company are there for them,” says Maggie Laureano, vice president of human resources for the Americas at Bureau Veritas. The company, headquartered in Paris with 78,000 employees worldwide, offers testing, inspection, and certification services.
HR can “encourage leaders to be open and flexible with a strong line of communication between the employee and employer,” Laureano says, so employees feel comfortable acknowledging when they need extra support, such as from an employee assistance program. HR can also help leaders understand how to read employees’ body language and detect when something is wrong, she adds.
Plus, Fisher says, by “being open and authentic about how I’m doing and how I’m feeling, it creates a reciprocal environment. It’s OK to not be OK.” Just about everyone had experienced a major challenge over the past year, such as mental health, childcare, or elder care issues, she adds. While such issues have always been present, addressing them was not a top concern for employers prior to the pandemic.
Employees are also more willing to trust and open up if managers are empathetic, says Caroline Walsh, vice president in the HR practice of Stamford, Connecticut-based research and advisory company Gartner. Empathy is particularly important in this era of remote work, she notes.
“In a high-empathy-based management environment, performance is about three times higher,” she adds.
While some people are naturally empathetic, empathy is a skill that can be taught to those who are not, Walsh says. HR can establish peer coaches who work with managers to help them develop empathy and learn how to have challenging conversations with employees.
Some organizations are taking tasks off managers’ plates to give them time to check in with their remote employees or to learn new skills, she adds.
According to Laureano at Bureau Veritas, HR has worked to support employees by offering a total well-being program with webinars on such topics as stress management, meditation, yoga, sleep, diet, and financial well-being. “Leaders have really upped the ante in terms of the programs we provide,” she says.
As employees face uncertainty caused by the pandemic and a return to physical workplaces, organizations need to strive to create a sense of stability.
While many organizations have temporarily eliminated performance appraisals, Hornsey says, Palo Alto Networks continues to set goals and milestones because doing so gives employees something to hold on to and brings a sense of achievement.
Organizations also need to provide meaningful feedback, which can help build trust, says Adam Hickman, content manager at analytics company Gallup in Washington, D.C. “They hear what employees want and need and respond.”
Things fall apart for employees, Hickman says, “if they don’t know what's expected of them so they don't know what to do.” It's important for HR practitioners to be clear and honest, he notes.
Adds Eccher of the Vaya Group: “The more you trust someone, the more they tend to show more trust in return.”
Organizations also need to help employees trust themselves, Eccher says, by upskilling the workforce so it's better prepared to succeed in a remote-work environment. Before the pandemic, employees who worked remotely often were those with stellar track records who had gained the trust of managers, he notes. Today, younger workers and those without previous remote-work experience may have “no confidence they can work effectively from home,” he says, while managers may not “truly trust themselves to lead a remote workforce.”
Managers need to give employees autonomy, empowerment, and accountability, Eccher says, and focus on outcomes as they work to demonstrate and increase trust.
Along with fostering trust between an organization and its workers, HR has a role to play in building trust among employees.
Co-workers “all experienced the pandemic together,” Fisher says. “That brought people together in a different way.”
Stewart says Reconciled schedules fun virtual events such as game days and regular coffee hours with employees and the CEO to discuss nonwork topics.
At Lever, the HR team holds regular check-ins on Mondays, Wednesdays, and Fridays. But they also mix it up with yoga sessions, dance parties, and trivia contests. With employees missing out on opportunities to run into one another at the watercooler or break room, Yang says, “we have to build in intentional opportunities to have small talk.”
Palo Alto Networks has set up groups called “circles” that bring together employees with similar interests, such as those who are home schooling their children or interested in cooking, Hornsey says. Employees are trained to facilitate the sessions.
Previously taboo subjects, such as politics and racial justice, are also permeating today's workplaces. “Employees are absolutely talking about important political and social issues in the workplace,” Walsh says, which can lead to mistrust and contentious relationships between employees.
Walsh adds that in response, some organizations are publishing conversation guides for managers. HR has a role to play in helping employees address negative emotions. “This is an anxiety-provoking, difficult time,” she says.
Some organizations are hosting gatherings so employees can share their honest reactions to current events, such as the anniversary of the death of George Floyd, Walsh says. By encouraging workers to share in a collaborative environment, employers communicate that they trust employees.
Developing trust can be more challenging when new hires come onboard in a remote-work environment.
At Reconciled, new employees film a video introduction to the staff in which they answer random questions about themselves, Stewart says. In addition, new hires are paired with a mentor for 90 days so they can ask questions, adjust to a remote-work environment, and discuss their struggles. The mentors provide a safe space for the new hires, she says, and the pairs typically form a close relationship.
“A core value is for people to feel connected to the company, not alone and isolated,” Stewart says. “It takes a lot of intentionality.”
Since the pandemic began, Palo Alto Networks has hired about 1,500 new employees, some of whom are recent graduates, Hornsey says. A group has been set up for new hires to discuss and share, and those who are early in their careers are assigned a mentor.
Fisher explains that being paired with a buddy can help a new employee learn a company’s culture, and it can create a sense of belonging. Being part of a team “impacts job satisfaction and loyalty to an organization,” she says.
While leaders and managers are being told to overcommunicate with employees right now, Eccher says it can be something of a balancing act. It’s one thing to touch base and see how employees are doing and another to constantly check up on and micromanage them. It can make an employee think, “I feel like a second-grader. I'm not trusted to do my job anymore.”
If an organization lacks trust, it runs the risk of creating an environment in which employees feel it’s better to cover up mistakes or withhold important input and feedback, he adds.
When trust is missing, that can also fuel turnover. A report commissioned by the Achievers Workforce Institute found that more than half of the 2,000 respondents surveyed in February are looking for a new job. Many said they feel less connected to their company and have noticed a change in the company's culture since the pandemic began. As many organizations contemplate a complete return to the workplace or a hybrid work environment, trust will continue to be an important factor.
At Bureau Veritas, more than 70 percent of the company’s employees in the United States and Canada are considered essential workers, and they have been working in the field or in laboratories throughout the pandemic. It’s not clear when the office workers who switched to remote work will return to the workplace, Laureano says.
It’s important for those who work in labs or in the field to be able to trust that Bureau Veritas’ leadership will keep them safe by providing personal protective equipment, as well as current information on COVID-19 testing and vaccinations, Laureano says. She explains that the company partners with the Cleveland Clinic and has hosted town hall meetings to provide all of its employees with the most current information regarding COVID-19.
For Hornsey, “trust is a differentiator,” and the pandemic “has thrown into sharp focus what we should have known anyway.”
Even before the COVID-19 pandemic changed so much of daily life, there was a transformation happening in workplaces. Physical boundaries were no longer the only perimeter defining secure workplace access. Identity became a new—and often the only—perimeter.
Both perimeters must now be protected to ensure a secure, safe, and productive workforce, requiring a new approach to physical identity and access management that unifies physical access and cyber/IT access. This approach encompasses credential management, multi-factor authentication, and secure visitor management, as well as the management of guard tours. It also embraces the same touchless access experiences that have been pivotal to re-opening the workplace during the pandemic.
A more hybrid workforce that is not permanently based in an office complex requires a visitor management solution that can handle multiple types of visitors to a site: contractors, employees, customers, suppliers, and partners.
The latest solutions have enabled organizations to go touchless during the COVID-19 pandemic with self-service visitor badging kiosks, while automating wellness and other screening questionnaires. The solutions can also be used to monitor and analyze activity if there is a COVID-19 outbreak. They can simplify retrieval of historical visit reports, while making it easier to generate a workplace occupancy map and timeline, thereby automating and enforcing evolving compliance with visitor access and policy-based registration.
Remote work and its virtual perimeters must also be flexibly supported. An enterprise-grade, cloud-based authentication solution accomplishes this by making it easier to support employees who need to as simply and safely access enterprise resources from not just inside but also outside the office. In practice , this means employees may securely login to their workstation, company network, and access any application from home, while traveling, at an alternate office location, or simply at their usual workplace.
Adding multi-factor authentication to a unified physical identity and access management solution significantly improves remote work security. One of its biggest benefits is eliminating the vulnerabilities associated with passwords that are typically hard for users to track, remember, and manage. As a result, they resort to weak passwords or reusing passwords that enable cybercriminals to easily breach company systems and data. Passwords also often make their way to the Dark Web following a data breach, which hackers can use to gain access and plan future intrusions or attacks.
Multi-factor authentication solutions solve this problem, protecting an organization’s networks, applications and data by requiring a second validation via, for example, a mobile app before granting access.
Multiple authentication form factors and methods should be supported so that there are sufficient options to meet security needs. For instance, mobile push authentication enables users to log in securely with a simple swipe of their phone to quickly authenticate to prove their identity before accessing protected applications. It is just as easy to swipe and deny a fraudulent login attempt.
Organizations can also choose from biometrics, cards, or security keys enabled with industry-recognized security technologies such as FIDO, PKI, and one time passwords, to provide a seamless, passwordless experience. The inclusion of a bundled Certificate Authority (CA) gives organizations a choice of a publicly trusted or private dedicated CA for strengthened security.
In addition to incorporating high assurance smart cards and security keys that provide a single sign-on authentication experience, organizations should also include technology compatible with physical access control infrastructure to ensure a drop-in replacement for any access control card. Additionally, providing employees with a single, secure authenticator for both logical and physical access streamlines and simplifies the overall workplace experience.
Today’s cloud-based credential management services automate and simplify the issuance of physical access badges, as well as digital credentials, while eliminating inefficient, manual processes. Organizations have access to detailed insights about issued credentials including who has them, what they are for, why they have been credentialed, and for how long. Credential revocation is also automated, which mitigates insider security risks.
These services also provide details of active credentials, wherever they are being used. Today’s ISO27001-certified platforms simplify employee access to the physical and digital workplace while solving administrative issues, regulatory compliance, and other business challenges. Including unified authentication back-end functionality allows organizations to choose the optimal security protocol for each use case while maintaining consistent rules and audit management capabilities.
Even in today’s hybrid work environments, there are still requirements to patrol a physical perimeter. This can be automated and enhanced by combining Near Field Communications (NFC) technology and cloud-based authentication into Internet of Things (IoT) applications for accurately tracking security checkpoints.
Using this approach, trusted NFC tags can be deployed to identify assets, checkpoints, and people throughout the facility. Security guards on patrol can then simply tap their NFC-enabled smartphone to these tags at each checkpoint on his/her designated tour, without any manual sign-in process. The checkpoint is identified by name, and timestamp information is automatically uploaded. Databases are updated in real time, enabling security guards to digitally prove their patrol stop took place at the proper location, and instantly respond and report fraudulent activities throughout the building.
Touch-free trusted-identity technologies are proliferating across a wide variety of use cases that benefit from the safety, security, convenience, and efficiency of contact-free interactions with both the physical and digital worlds. They enhance perimeter protection by simplifying how users enter secured areas and access print resources and other building services.
As an example, mobile IDs carried on smartphones and other devices eliminate person-to-person ID card issuance or revocation, as well the need to physically touch cards, readers, or keypads when accessing secured areas. Users simply present their device to a reader to open doors, gates, and elevators. Visitor management is similarly a more hands-off experience now as cloud-based solutions limit face-to-face interaction through self-service check-in. Even the badging process no longer requires visiting a crowded issuance center—today’s cloud-based solutions enable cards to be designed and printed from any office or satellite campus, on any device via a web interface.
Hybrid work environments are redefining the perimeter. Organizations must protect both the physical perimeter and a new perimeter defined by the identities of people and things. Cloud-based solutions are increasingly being used to protect these perimeters by simultaneously addressing both cyber and physical security, compliance, and business challenges, as well as the traditional guard patrol in today’s dynamic work environment.
Reposted from AAM
Museums make their communities better, stronger, and more resilient in myriad ways. Some of these are directly related to their missions: enriching local education, improving health and well-being via arts engagement, providing context from history and science that helps citizens to make informed decisions. But museums are also incredible resources simply by virtue of the operational resources they amass—space, equipment, skills, expertise, connections. In the current era of rising risk, museums’ resources can be a vital part of a community’s capacity to respond to emergencies such as heat, flood, fire, storm, and civil unrest. Today on the blog, Chief Operating Officer ZeeAnn Mason tells us how the Museum of the American Revolution stepped up to help neighbors in need in the wake of disaster.
–Elizabeth Merritt, Vice President, Strategic Foresight and Founding Director, Center for the Future of Museums, American Alliance of Museums
As a new museum in 2018, we at the Museum of the American Revolution—home to General George Washington’s War Tent—had yet to celebrate our first Presidents’ Day weekend. We were pulling out all the stops for the February 17-19 weekend with special programming and events. On Saturday, we were pleased to welcome over 2,000 guests. Sunday was anticipated to be an even bigger day, with a sold-out brunch featuring a costumed George Washington interpreter. Little could we have imagined that instead of serving visitors, we would be serving our community that day.
At 3:13 a.m. on Sunday, a fire broke out across the street from the Museum’s location in historic Philadelphia. Apartment dwellers and hotel guests evacuated the buildings across the street in their night clothes. It was a cold night. The fire raged, growing to two, three and four alarms. More people were evacuated as the fire escalated. Miraculously, the Museum was unscathed. City busses were brought in to keep people warm.
Staff security notified our operations team who rushed to the scene. A call came from the fire chief—could we open the museum to house those who were evacuated? There was no question or discussion—of course. Staff led roughly 60 displaced neighbors to our classrooms. We could offer warmth, restrooms, and water. Soon we were able to offer more.
Our catering team had somehow managed to arrive on-site despite the nearly impassable streets that were clogged with emergency vehicles. They were preparing the sumptuous brunch for the 85 registered guests. By 7am, with the fire intensifying, it became clear we would not be opening to the public that day. What better use of that delicious food than to offer it to our evacuated neighbors? They were surprised, delighted, grateful.
Firefighters battled the fire for more than nine hours, declaring the fire under control – but not yet out – at 12:23 p.m. No injuries were reported. Said Noelle Foizen, deputy director of the city’s Office of Emergency Management. “It was a rager, so they were really fortunate that they got everyone out.”
On Tuesday, we were offered another opportunity to help our neighbors when we received a call from staff from the hotel across the street. Their building had suffered extensive smoke and water damage and would be closed indefinitely. They wondered if we could provide office space and telephones for their sales team so they could begin contacting and cancelling more than 800 bookings. Among the more difficult calls they needed to make were to the brides whose weddings were planned for the coming weeks. We were happy to set them up in a spacious office to do their work and heartened to learn how the local hotel community responded with generous offers to help, often greatly reducing their rates to match what the client had been contracted to pay.
Over the ensuing months and years, as demolition, rebuilding, and the investigation into the cause of the fire ensued, we were happy to offer meeting space for fire, police, staff from license and inspections and emergency management. We collected donations from our guests who were eager to assist the displaced residents.
Just this year, the cause of the fire was made known. We were pleased that footage from our external security cameras became critical evidence that enabled the authorities to pin down the time of the fire and how and where the initial explosion occurred. It also captured footage of a passer-by who was ultimately charged with arson.
The aftermath of the fire continues to this day. Several businesses never recovered, and tenants have yet to return to their apartments. The hotel is scheduled to reopen in early 2022.
Our museum is the newest addition to this historic block. We were honored – at a moment of crisis—to be able to contribute to our community in such a meaningful way—not as a cultural institution, but as a neighbor, doing what we could for other neighbors in need.
Reposted from Associations Now
The Great Resignation is real. A recent Gallup poll found that 48 percent of America’s workforce is actively job searching or watching for opportunities, and a record 4 million people quit their jobs in April alone, according to the Labor Department. A lot of business leaders are wondering why this mass exodus is happening.
It’s not that employees are discovering something different about themselves they didn’t know before the pandemic, said Josh Christopherson, CEO of technology and coaching companies iCUE Technology and Achieve Today. Normally lots of people have different points in their career when they wonder if they are happy and fulfilled in their jobs. But when the pandemic hit and everyone went home at once, it caused many people to reassess everything.
When everyone shifted to working from home, a lot of leaders expected their managers to suddenly know how to manage remote workers. At Christopherson’s companies, leadership recognized that managers didn’t necessarily have those skills and so they focused on training them on how to deal with issues employees might be having at home, how to address them, and how to be sensitive about it, he said.
Traditional quarterly reviews suddenly seemed irrelevant for remote work, so managers were retrained on how to review remote employees and determine their production levels, while also keeping challenges they might be facing in mind. Because management was checking in to see how employees were doing at home and asking if they needed help, it built a better culture of communication.
“We’ve talked very openly about what’s going on and that we’re here to support our employees through it,” Christopherson said. “Communication is a huge part of it.” And it comes from the top down so employees are comfortable coming to their managers, or even Christopherson, to talk about issues they are struggling with. “It’s being willing to have those conversations, being transparent, and working with each other,” he said.
Another way the companies foster a positive culture is by sending out quarterly, anonymous employee surveys to find out what changes and improvements staff would recommend. They use a Google form, which is free, and keep it to three simple questions:
1.) How satisfied are you with your experience? (The answer field is a scale from 1 to 10 ranging from “totally unsatisfied” to “I love it here!”)
2.) What is one thing you would like to change or discuss?
3.) What is one thing you really like?
The senior team picks three survey responses every quarter to work on, advance, and implement. It helps build trust and show staff that their concerns matter and, more importantly, will be addressed.
There are also weekly strategy team meetings for managers where they can talk about challenges they are experiencing in their departments, or with employees, and then the strategy team works together to come up with solutions on how to fix the issues and move forward.
“Not only are we helping our employees, but we’re also helping our managers have a community of people they can talk to and go to for solutions,” Christopherson said.
When it comes to cybersecurity, there are many terms and concepts that are beneficial for physical security professionals and IT professionals alike to understand. Oftentimes, these terms are incorrectly used or interchanged—which can create confusion.
Three of the most confused terms are vulnerability, exploit, and backdoor. Each of these terms has its own distinctly different definition and purpose.
A vulnerability is a flaw in a system, or in some software within a system, that could provide an attacker with a way to bypass the security infrastructure of the host operating system or of the software itself. It isn’t an open door but rather a weakness that, if attacked, could provide a way in. All software has flaws or vulnerabilities, which are usually discovered over time. A software company’s internal testing will generally try to eliminate all of them before release, but it’s impossible to test software in every different network and system integration.
Once an attacker finds a vulnerability in a software’s code or in a system, an exploit is achieved by painstakingly figuring out how to take advantage that vulnerability for the purpose of a malicious act. Exploiting is the act of trying to turn a vulnerability (a weakness) into an actual way to breach a system. A vulnerability can be “exploited” to turn it into viable way to attack a system.
Turning a software vulnerability into an exploit can be hard. Google, for example, rewards security researchers for finding vulnerabilities in its Chrome Web browser. The payouts Google makes are in the range of $500 to $3,000. However, it also runs competitions for security specialists to present exploited vulnerabilities. These specialists are awarded much larger sums—as much as $60,000—for their work. The difference in payouts reflects the magnitude of the task when trying to exploit a vulnerability.
Backdoors are entrances often to the management functions of a device, intentionally placed there by the code developer. This is commonplace in the development of code since it can be difficult to predict what may happen when new code or features are being added. If something goes wrong during the development process, the backdoor allows the developer to get back into the code or device. The backdoor is then typically removed from the code before it is released for use by customers.
Like the aforementioned terms, assessments or tests related to cybersecurity are often confused. Two of the most common are the vulnerability scan and the penetration test (also known as a pen test or pentest).
A vulnerability scan is an automated, high-level test that looks for and reports potential or known vulnerabilities. In contrast, a penetration test is a detailed, hands-on examination conducted by a real person who tries to detect and exploit weaknesses in your system.
Vulnerability scans are a snapshot in time that compare known vulnerabilities to a product’s current software/firmware version and configuration. A vulnerability scan doesn’t mean that the vulnerability has been exploited. Furthermore, vulnerability scans are unable to predict future vulnerabilities. Since they simply scan devices seeking documentation, they are not proof of any overall system security and should be followed up on.
Governance, risk management, and compliance (GRC), along with regulation, are all closely related concepts that aim to assure an organization reliably achieves objectives, addresses uncertainty, and acts with integrity.
Governance is the combination of processes established and executed by the directors (or the board of directors) that is reflected in the organization’s structure and how it is managed and led toward achieving goals.
Governance comprises not only the external regulations a business must comply with, but also the internal guidance a business applies to itself to manage risk and threats. This further protects the business beyond just what regulations mandate. As an example, PCI-DSS (Payment Card Industry Data Security Standard) imposes regulations on a bank regarding using encryption to protect payment and credit card data. The internal governance from the bank can take things a step further by writing a policy that requires the encryption of all data on the company network. Now the bank is not only protecting the payment data, but all its data—thereby further reducing the risk of other critical business information from being intercepted.
Risk management involves predicting and managing risks that could hinder the organization from reliably achieving its objectives under uncertainty.
When it comes to risk management, a good starting point is for businesses to evaluate their potential cybersecurity risks in terms of their probability and their potential impact. In doing so, it’s important for a business to identify the data, devices, systems, and facilities that help it achieve its goals, as well as identify who’s responsible for them. This includes inventorying devices, systems, software, firmware, etc.; identifying mission-critical objectives; identifying procedures and security policies; and then performing a risk assessment and determining a risk management plan. There are solid risk management frameworks that exist to support companies in their evaluation process. A good example is the NIST Cybersecurity Framework.
Compliance is the adherence to mandated boundaries (laws and regulations) and voluntary boundaries (corporate policies, procedures, etc.).
Essentially, compliance is the process of ensuring that the business is adhering to the control objectives outlined by governance and regulations. It can consist of testing (penetration testing or internal testing) to ensure that (like in the bank example) all data is encrypted. It also provides documentation or proof that a business is backing up its stated policies with actions.
This is important because in some regulations—like ISO 27001, SOC2, or U.S. Department of Defense’s Cybersecurity Maturity Model Certification—external auditors will verify that the business is doing what the policies say they are doing.
This process is important because if someone misconfigures a device and it’s not encrypted, a breach could occur. In this instance, the bank must prove to a court that it was not negligent. The bank will need to demonstrate through policies, testing, and auditing that the business did take steps to prevent the breach. Compliance helps prove that the business wasn’t reckless. Obviously the fine or penalties the business would pay would be many times more if it is found negligent.
Regulation is management by a governmental administrative agency that has been granted the authority to oversee and enforce proper conduct—via regulations or rules—within a given area of responsibility.
Regulations (and legislation, or proposed regulations) are what a business is mandated to do. Regulations come in three basic forms: contractual, statutory, and regulatory. Depending on the type of business a company is running, it will have more or fewer regulatory obligations compared to other companies. For example, a chain of coffee shops will have far fewer regulatory obligations than a hospital, bank, or a government contractor.
At the end of the day, a business must comply with regulations—the minimum requirements. The intent should be to take these minimum requirements and create policies and extract control objectives out of them. Regulations are often the starting point for policies.
Risks and threats are two other terms that are often used interchangeably, and thus incorrectly. To better understand these terms, consider that you have an asset that you’re trying to protect and, like all assets, it has a vulnerability. With a vulnerability, there exists the threat that someone could exploit that vulnerability. The magnitude of the threat depends on the likelihood of someone exploiting the vulnerability. The risk is the potential impact to or loss of the asset to the business if the threat does occur or the vulnerability is exploited.
With the worst of pandemic disruptions behind us (we hope) some museums are using this as an opportunity to rethink their operations, rather than simply rebounding to the previous norm. COVID amplified the inequities between stable and precarious jobs and highlighted the stratification that has characterized museum work for many decades. Today on the blog, Margaret Koch, Director of the Bullock Texas State History Museum, tells us how she and her staff are using the time and space afforded by the pandemic pause to reshape hiring and staffing in order to increase staff diversity, and provide pathways for staff at any level to advance within the museum.
As if dealing with an earth-shattering pandemic were not enough, many museum leaders have seen the headlines and felt the pain of the “Great Resignation,” terminology first attributed to Anthony Klotz at the Mays Business School of Texas A&M University and quickly grasped by media outlets such as NPR, The Washington Post, The Atlantic and many others. While the pace of this phenomenon may have picked up speed as a result of people re-assessing career goals, life-professional balance, etc., I don’t see it as a new development that inexplicably appeared during the pandemic. I view it as a situation decades in the making. From my perspective, it is of our own unfortunate design as for years we low-balled salaries in the field, hired for the organizational structure we wanted to maintain rather than the one we said we aspired to, and threw “everything plus the kitchen sink” into job descriptions. The flight of committed, experienced staff members through the Great Resignation amplifies our own past practices (for which there be many reasons, but ones we should admit we choose not to address), and the stress of dealing with a devastating crisis with a very real human toll. As we as administrators reflect on the losses we have witnessed and personally experienced, we also have the opportunity to shape a stronger internal, equitable environment in which diversity in leadership can thrive, and emerging leaders receive the tools and confidence they need to succeed in any aspect of their chosen career paths.
At the Bullock Texas State History Museum, we have been wrestling with how to retain experienced staff and attract qualified applicants, while trying to be cognizant of and responsive to the communities we serve throughout Texas in both human resources and programming. A significant challenge for us is that, although a state institution established by legislative action in the late 1990s, our annual operational budget is primarily funded through earned revenue, rather than state appropriation. Until a few weeks ago when a fund for maintenance and capital projects was passed by the state legislature, we had no endowment in our 20 year existence. Combined with concerns about equitable compensation in a competitive market like Austin, Texas, we find ourselves challenged to rethink and strengthen key elements of our business model, including pace of work and benefits to employment. These issues are critical to our financial sustainability as well, since it is the excellence of our team that makes service and relevance to our communities possible.
Currently, only 23 positions of a fully staffed 90 are funded by the state. Despite that, unlike many other cultural entities that had to temporarily close to the public, the Bullock did not eliminate positions when the pandemic began. Instead, we depleted our trust fund to keep staff on payroll, believing that their ability to pay rent and put food on the table was important for their own health as well as the community’s. First and foremost this decision was driven by concern for our staff members’ welfare. The longer-term advantage to this decision related to our financial stability; by caring for staff, we would have qualified people in place when it was safe to reopen. The state hiring process is complex and lengthy, and we did not want to take a chance of losing the experienced, dedicated people we relied upon to get us up and running. However, as some people decided to retire, move closer to families, rethink and realign professional goals with personal ones, or search for higher-paying jobs, we held off rehiring for their positions, which left about 22% of our positions open. While open positions resulted in delays and reprioritizing where ever possible and admittedly longer days for leadership, in rebuilding our team we are taking the opportunity to restructure positions and hiring goals to increase the diversity of our staff and provide pathways for advancement.
Amidst the pandemic-induced postponement of projects and deadlines, and reduction in the days open to the public, we dedicated time for evaluation of what we were doing well, and what required improvement to better serve our mission. Each department examined itself in relation to institutional mission and its role in fiscal responsibility. During this process, we identified our staff as one of three primary institutional stakeholders, along with educators/students and museum members, and expanded our definition of leadership to include mid and lower-level managers. This has begun to improve the multi-faceted communication process. By providing clearer conduits for those who may not be supervisors, but who nevertheless have a critical mission-focused role to play, staff stakeholders recognize we value and need their contributions for creating a more equitable internal as well as external environment.
Our new fiscal year began on September 1, 2021, and our finances have stabilized for the present due to being the extremely fortunate recipient of federal COVID relief funds. Now we are working on changes to our internal staff systems that support our goals to diversify hiring and create pathways for staff advancement. These include:
I would be remiss if I didn’t point out a few of the challenges to our evolution. When you have a good team in place, but one that identifies as mostly white, to diversify staff you either need funds to create new positions or wait for positions to open through voluntary turnover. We are in the latter category. New positions are difficult to add without the added revenue, and revenue streams are still suffering from the effects of the pandemic. In a culture of promoting from within, we run the risk of staying within the same staffing demographic, which in turn makes it more difficult to foster a team aware of and willing to deal with their biases. Learning to communicate more respectfully but honestly means staff must be prepared to hear opposing perspectives and participate in uncomfortable conversations that call for self-reflection. We don’t like critiquing or even gently confronting our colleagues and asking for change, even if doing so might fix a problem. Our salaries do not yet, (and honestly may never), match the private/corporate sphere and the cost of living in Austin is rising exponentially. The multi-stepped hiring process within a state institution is often tedious and time-consuming. Even as we offer good health and retirement benefits, candidates may not be in a position to wait for the process to be completed. For all these reasons, we often lose strong candidates to other entities and cities. And lastly, it is difficult to create the hybrid positions we want to use to strengthen professional development because such a classification within the state system of employment does not currently exist.
In conclusion, we are on a journey to fight against complacency and sliding back into old habits. The potential rewards though, strike to the very heart of what it means to be a healthy place. Despite the challenges, I think it is possible for museums of all sizes to become stronger as cultural institutions in service to their constituents. Connecting with accomplished museum leaders during the pandemic across the country through virtual gatherings gives me hope, because I see that our field is fostering many creative and sustainable ideas and practices. Our decision to renew investment in the team at the Bullock, we hope, will have positive, lasting effect on how we serve our communities, so that every individual is able to find themselves in the Story of Texas now and into the future. I also hope that those of you in private and municipal institutions share how you are shaping and dealing with the issues before us. For administrators such as myself who are closer to the end of our museum careers than we are to the beginning of them, we do have a responsibility in words attributed to Georgiana Ross Baker, the mother of human rights activist Ella Baker, to “lift as you climb.”
Reposted from The Guardian
Detectives are investigating after two artworks, commissioned in response to a series of homophobic and transphobic attacks in Liverpool, were destroyed. Merseyside police said they are treating the incidents as hate crime.
The artworks were vandalised within days of going on display as part of Homotopia festival’s Queer the City outdoor exhibition.
The incident, caught on CCTV, involved several individuals ripping down a poster reading Queer With no Fear at 4am on Wednesday, according to Homotopia’s director, Char Binns.
The work, by the artist Ben Youdan, had been displayed in the window of Fact, a cinema and cultural centre. “It was found by a member of staff from Fact scrunched up in a ball at the Bombed Out church later that morning,” Binns said.
A similar incident occurred on 29 October, when a piece entitled Hate Has No Place in Liverpool was ripped from a wall in the city centre. The artist Rosa Kusabbi described her illustration as a “joyous celebration of all things LGBTQIA and Liverpool”, including a banner reading Here and Queer.
Binns said she was “absolutely gutted” by the incidents. “It’s very hard not to take it personally. We can’t say definitively what the motive was behind these artworks being removed, but we already operate as queer people in this climate of fear and this work was created in response to hate crime in our city. So regardless of the motive, it still makes us feel afraid and attacked.”
Hundreds of people protested in Liverpool in June after a series of violent attacks. In one incident, a gay couple and their friends were threatened at knifepoint and beaten up by a group who shouted homophobic abuse.
Youdan’s artwork, funded by Liverpool council’s culture department in response to the attacks, was intended as “something positive coming out of something very negative”, said Binns. She said the incident had left the team behind Homotopia, the UK’s longest-running LGBTQI arts and culture festival, feeling frustrated.
“We want to be visible as a community. Homotopia is all about being out and proud and loud and fabulous. But if that makes us vulnerable, how do you do that? How can you be both visible and safe?” she said.
Binns vowed that the artworks would be reinstated. “The bigger picture is that we are in the middle of this joyful festival where we have deliberately commissioned joyful queer art because we all need a break. We will reinstate this art. It will be bigger, it will be queerer. This is not going to stop us.”
Actions, thoughts, and emotions do not exist in isolation. The way they interact will influence your perception of the world around you. Alongside attempting to meet your basic and psychological needs, as emphasized by Abraham Maslow in his influential paper “A Theory of Human Motivation,” our behaviors are influenced by the way we experience feelings of confidence in our personal and professional activities or how we feel valued and respected by our friends, families, teammates, and wider social structures.
When individuals’ values align with the organization’s, this expression can be positive. In cases where those values clash, negative emotions—sadness, frustration, anger—can result in inappropriate behaviors and choices. This can be detrimental in the workplace and requires employees to be empowered with the knowledge of potential insider threats and options available to mitigate them which can include behavioral analytics systems, data loss prevention tools, ongoing vetting, and internal employee monitoring processes.
In fostering a multidisciplinary approach to countering insider threats—involving insider protection teams, intelligence and investigations, legal, and human resources—an educational campaign can provide employees with confidence that they can operate openly and quickly to help mitigate risk.
Security professionals can also take proportionate and cost-effective action to managing insider threats by proactively managing disgruntled employees.
All employees should strive to provide a strong example of appropriate behavior that both develops and underpins an effective business and security culture. If an employee’s behavior breaches those expectations security leaders may benefit from taking the time to observe the incident and ask some reflective questions.
This proactive approach to managing risks to teams, business processes, intellectual property, and confidential information takes a different stance to traditional security—it assumes that people have good intent. Such threats may be averted through emotional, rather than security intelligence. Employees who identify a change in the behavior of others can act quickly to engage with the individual in question to investigate concerns, detect threats, offer support, or escalate concerns.
For example, asking why someone may be acting in a way that is unexpected and considering whether something in his or her personal life may have influenced his or her behavioral choices. This can provide leaders with an opportunity to use soft skills to demonstrate care to employees and increase team unity and loyalty, which in itself can positively benefit security posture. In addition, posing reflective questions to employees to encourage them to consider their choices’ impacts can provide growth opportunities, which will help develop them as both individual practitioners and team members. Such reflective practice can be performed during team performance reviews, after service incidents, and potentially after engagements between individuals that were observed as being potentially inappropriate.
Such a caring approach may in fact be the support the employee in question needs to get back on track to being the high performer you originally invited to join the team.
There are a range of training resources available—in addition to Daniel Goleman’s essential book, Emotional Intelligence—to develop communication skills and an awareness of emotional intelligence. Behavioral change takes time, however, and managers seeking to adjust security culture may need to be patient with employees and colleagues.
If security leaders are advising asset custodians and managers about how they can approach this shift, they might consider three conditions that are commonly accepted as prerequisites for malicious activity: opportunity, rationalization, and incentive. Leaders should also consider the ways that one—or all of them—can be reduced during a period of behavioral change to protect the business and to give the employee the best chance of success.
Opportunity can be reduced through the design and implementation of asset protection systems. The personal motivations of employees can be influenced through a range of employee loyalty rewards and schemes, which can be financial or focused on positive reinforcement of appropriate behaviours.
Taking the time to develop a deeper understanding about colleagues and employees can play an important role in the development of a holistic risk management system. It will help security leaders assess situations and judge them against expected behaviors. A phased approach can be adopted.
Take the time to develop an understanding and awareness of team members. Getting to know employees plays a crucial role in motivating them to deliver their best work, and it can help managers understand their needs and the organization’s expectations. This is crucial information for determining whether team members are happy with their jobs, whether they feel ignored or left out, and if anything may be going on in their personal lives which could influence behavior.
Identify security threats and risks. It is imperative that assets are identified and classified according to sensitivity and value. Through a business impact analysis, security leaders can determine what the effects would be if assets are damaged or fall into the wrong hands. Managers and employees should become familiar with the security threats to their organization and team, and leaders should provide clear information about the behavior that is expected of employees.
Determine appropriate security behaviors. Appropriate security behaviors should be determined in line with your organizational security policies, and all team members should be briefed on the expectations. Team performance can then be assessed against the security policies and the identified security behaviours to identify vulnerabilities and mistakes and respond or adjust accordingly.
Determine existing levels of security knowledge and awareness. It is important to determine what a team knows and what they do not know about security policies and procedures. The identification of skills and knowledge gaps will enable you to design appropriate training programs.
Encourage your team to care. Ensure that security conversations form part of your regular team meetings so that all employees have an opportunity to inform others of their concerns or questions. Team members should be encouraged to take the time to check in with each other. Along with holding regular calls or meetings to provide project updates, dedicate time to caring for each other by asking questions and taking an interest in what motivates team members, what their interests are, and what challenges them. This can help team members and managers identify when a behavioral change has taken place, giving colleagues and managers an opportunity to divert the person from becoming a potentially harmful disgruntled employee.
Act quickly. Security breaches can happen anywhere and at any time. Reporting, record keeping, and response systems must be in place to ensure that risks are tracked and mitigated as quickly as possible.
QUICK LINKS
ConferenceMembershipTraining & CertificationDonate to IFCPP
TRAINING & EVENTS
1305 Krameria, Unit H-129, Denver, CO 80220 Local: 303.322.9667 Copyright © 1999 International Foundation for Cultural Property Protection. All Rights Reserved
Contact Us
