Reposted from CISA/DHS

We are pleased to share the 2024 CISA Year in Review, which invites readers to learn about CISA’s work over the past year and dive deeper into each topic through related links and videos. We are grateful to all our partners across industry, government at all levels, international partners, and beyond, whose strong collaboration contributed to a wide array of achievements across CISA’s broad cybersecurity, infrastructure security, and emergency communications missions.

Just a few of our efforts over the year include:

• Delivered almost 1,300 cyber defense alerts, advisories, and products, including 58 joint-sealed cybersecurity advisories and co-sealed products through the Joint Cyber Defense Collaborative (JCDC).
• Blocked 1.26 billion malicious connections targeting federal agencies, disrupting a significant number of attempted attacks.
• Hosted the federal government’s first tabletop exercise on AI cybersecurity incidents.
• Kept the nation’s emergency responders connected during crises with more than 31,000 new subscribers to the Government Emergency Telecommunications Service (GETS) and more than 247,000 new subscribers added to the Wireless Priority Service (WPS).
• Worked with election officials and other members of the elections subsector to protect our elections.
• Conducted 27 security exercises for K-12, with 1,441 participants, including a full-scale active shooter exercise in Fauquier County, VA with over 400 participants.
• Launched a Secure by Design pledge to gain commitments from more than 250 companies to build security into product design.
• Released the “We Can Secure Our World” public service announcement to educate and empower individuals to take proactive steps to be more secure online.
• Mitigated cyber threats from nation-state backed cyber actors from China, Russia, North Korea and Iran.
• Held Cyber Storm IX, the most extensive government-sponsored cybersecurity exercise of its kind, which brought together over 2,200 participants from 35 federal agencies, 13 states, over 100 private companies representing 12 critical infrastructure sectors, and 11 partner nations to simulate discovery of and response to a significant cyber incident impacting the Nation’s critical infrastructure.
• Completed over 9,400 stakeholder engagements with target-rich sector partners with government and private sector participants in 2024—including assessments, trainings, and sharing critical threat information.
• Conducted 3,368 Pre-Ransomware Notifications since the inception of the initiative two years ago, with 2,131 conducted this year as of November 2024.
• Used our Administrative Subpoena authorities, granted by Congress in the 2021 NDAA, to identify and drive mitigation of over 1,200 vulnerable devices used to control critical infrastructure like power plants and water utilities.
• Through our Vulnerability Disclosure Platform, legitimate security researchers enabled agency remediation of over 861 vulnerabilities this year, before they could be exploited by malicious actors and bringing the total to over 3,247 vulnerabilities since 2021.
• Made it easier to voluntarily report cyber incidents by moving our cyber incident reporting form to the agency’s new and enhanced secure CISA Services Portal, providing increased functionality, including integration with login.gov credentials.
• Developed a voluntary cyber incident reporting resource page listing the benefits of reporting along with an animation, steps to make sure you have the right information on hand, and additional resources to boost cybersecurity.
• Realized a significant milestone on the road to a permanent, unified headquarters facility when GSA awarded a fully funded, approximately $524 million building construction contract for CISA’s new headquarters on the Department of Homeland Security’s St. Elizabeth’s campus.
• Advanced Unity and Resilience this year, which contributed to our goal of a people-first culture of excellence and helped achieve our highest engagement and inclusion scores in CISA history.
• …. And so much more!

The 2024 Year in Review is in an easy-to-use, interactive web-based format that invites readers to learn about the agency’s work over the past year and dive deeper into each topic through links and videos. 

See Original Post

Reposted from CISA/DHS

The Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 25-01, Implementing Secure Practices for Cloud Services to safeguard federal information and information systems. This directive requires federal civilian agencies to identify specific cloud tenants, implement assessment tools, and remediate deviations from CISA’s Secure Cloud Business Applications secure configuration baselines. Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls, which attackers can use to gain unauthorized access, exfiltrate data, or disrupt services. As part of CISA and the broad U.S. government's effort to move the federal civilian enterprise to a more defensible posture, this Directive will further reduce the attack surface of the federal government networks. While this Directive only applies to federal civilian executive branch agencies, the threat to cloud environments extends to every sector. We are urging all organizations to adopt this guidance. When it comes to reducing cyber risk and ensuring resilience, we all have a role to play. 

See Original Post

Reposted from CISA/DHS

The Cybersecurity and Infrastructure Security Agency (CISA) published Mobile Communications Best Practices Guidance which provides individuals, especially highly targeted individuals, with practices they can apply to their mobile communications to protect against exploitation by People’s Republic of China (PRC)-affiliated and other cyber threat actors. “Highly targeted” individuals are senior government or senior political figures who likely possess information of interest to these threat actors. Recently, PRC-affiliated actors were identified conducting cyber espionage activity targeting commercial telecommunications infrastructure. This activity enabled the theft of customer call records and the compromise of private communications for a limited number of highly targeted individuals. Communications infrastructure organizations were encouraged to strengthen their visibility and harden their network devices. Recommended actions in the mobile communications guidance for individuals to apply include end-to-end encryption, Fast Identity Online, password manager and Telco Personal Identification Number. The guidance also recommends individuals do not use personal virtual private network and migrate away from Short Message Service-based multifactor authentication. This guidance includes specific recommendations for iPhone and Android mobile devices.  While no single solution eliminates all risks, implementing these best practices significantly enhances protection. CISA urges individuals, specifically highly targeted individuals, to immediately review and apply recommended best practices in this guidance.   

Reposted from EMR-ISAC InfoGram

The Federal Emergency Management Agency (FEMA) released the third edition of the National Disaster Recovery Framework (NDRF) this week. The revised framework includes feedback and recommendations from the public during a 30-day public comment period that ended in October 2024. The NDRF streamlines and clarifies the federal government’s approach to providing disaster recovery resources and support to disaster-impacted communities. It is one of five national planning frameworks for each of the five preparedness mission areas within the National Preparedness System – prevention, protection, mitigation, response, and recovery.

Key revisions include:

• Clarifying roles and responsibilities.
• Detailing the Federal Recovery Support Function structure and its role in supporting local recovery goals.
• Enhancing collaboration across the whole community.
• Providing practical resources to assist in recovery planning efforts.

FEMA encourages states, local governments, Tribal Nations and territories, as well as nonprofits and the emergency management community, to view and use the NDRF as a model to guide and inform their own disaster recovery planning and policymaking. The NDRF is valuable for recovery practitioners at all levels, ranging from full time professionals in state and county emergency management to individuals across the whole recovery community.

See Original Post

Reposted from AAM

MUSEUMS & TRUST

Reposted from learning cultural heritage.org

We are excited to announce that the January AFR meetup will be a joint learning opportunity with our National Heritage Responder network. Please join us as David Carmicheal presents how to conduct your own tabletop exercises.

Tabletop exercises are the safest, cheapest, and simplest way for a cultural repository to test its emergency planning and response. Having a disaster response plan is essential, but considering how you will apply that plan during a crisis is equally important. Tabletop exercises are simple, effective tools that any group can use to explore their assumptions about emergencies, predict their response, identify gaps in their thinking, assess their capabilities, and determine how to optimize their response in an actual emergency. This webinar will explain how tabletop exercises work and provide guidance for conducting your own.

David W. Carmicheal is the author of Implementing the Incident Command System at the Institutional Level: A Handbook for Libraries, Museums, Archives, and Other Cultural Institutions (Heritage Preservation and RescuingRecords.com, 2010) and two publications for the Council of State Archivists, Rescuing Family Records: A Disaster Planning Guide, and its companion volume, Rescuing Business Records: A Disaster Planning Guide for Small Businesses.

The webinar will take place January 15th from 2:00-3:00 ET. To attend, please register at https://learning.culturalheritage.org/products/exercise-without-leaving-your-seat-tabletop-exercises-for-effective-disaster-planning

See Original Post

Reposted from AAM

As you wrap up 2024, do you have the data you need to plan for the year ahead? 

Join a free webinar to hear what museumgoers had to say about inclusion, imagination, and repeat visitation, and learn how the Annual Survey of Museumgoers can help you make confident, data-informed decisions in the year ahead.  What is the Annual Survey of Museumgoers? It's a cost-effective way to learn about your visitors' experiences, what they value, and what your museum can do to keep improving. You simply sign up and send it out via email and social media. It's that easy.

See Original Post

As in the past, we invite you to propose content for ASTC 2025 for several different types of sessions:

• Concurrent Sessions. 60-minute sessions featuring an array of presenters from diverse perspectives.
• Lightning Sessions. 10-minute presentations or discussions that are combined with others on related themes.
• Posters. Share your project or idea graphically and engage with attendees informally during designated Poster Palooza sessions.
• Hands-On Showcase Sessions. 15-minute slots to put activities directly in the hands of attendees in the Exhibit Hall.
• Preconference Intensive Workshops. Half-day participatory and highly interactive workshops that offer a deep dive on a specific topic that result in tangible learning outcomes, tools, and/or resources.

ASTC 2025 will be held September 5–8, 2025, in the San Francisco Bay Area and is hosted by a consortium of eight ASTC members in the region.

See Original Post

Reposted from Art Loss Register

The Art Loss Register is the leading due diligence provider for the art market and maintains the world’s largest private database of stolen art, antiques and collectables. Experts around the world use our services to check the provenance of items before they buy or handle them. Police, insurers, the trade and the public may record items that have been stolen to maximize their chances of recovery, and to record disputes or items within collections. 

The Art Loss Register (ALR) was established in London in 1990. Our founding shareholders included major businesses from the insurance industry and art market. Satellite offices were subsequently opened in New York, Cologne, Amsterdam and Paris to cater to growing client bases in these countries. In January 2010, we consolidated the regional offices into one central, international office, run from London.

The ALR’s origin was The International Foundation for Art Research (IFAR), a not-for-profit organization based in New York. In an attempt to deter international art theft, IFAR established an art theft archive in 1976 and began publishing the “Stolen Art Alert”.

See Original post

Reposted from SafeHaven Security

Upcoming Trainings

Occupational Safety: How to Navigate New Workplace Violence Prevention Plan Laws

Webinar | Jan 30 | 10:00am CST

With incidents of workplace violence on the rise, promoting a safer and more secure work environment is becoming a priority for many employers. To try and address these concerns, the state of California introduced Senate Bill No. 553, raising the workplace safety standards by mandating specific actions employers must take around workplace violence prevention. What is the bill and what does it mean? What are the requirements? Join this webinar to learn more about SB 553 and how this affects your company, even if outside of the state of California. Be on the frontline of new laws and policies and prepare your organization for new standards.

Certified Threat Analyst Course

Training | Jan 23-24 | Springdale, AR

Receive life-saving instruction developed and taught by experts with decades of real-life experience in the field of Threat Assessment and Management. Methodologies used by mental health experts and agencies like the United States Secret Service to assess-mitigate-protect against potentially violent situations.

This is a two day in-person course held at the AR Law Enforcement Training Academy. Certification requires successful completion of a competency-based exam at the end of the course.

See Original Post