Menu
Log in


INTERNATIONAL FOUNDATION FOR
CULTURAL PROPERTY PROTECTION

Log in

News


  • March 26, 2019 2:24 PM | Anonymous

    Reposted from CBS Denver

    A teenager who damaged 10 works of art at the Denver Art Museum pleaded guilty on Thursday. Jake Siebenlist was 18 when he was arrested last December.

    More than $96,000 in damage was done to the “Stampede: Art and Animals” exhibit on the fourth floor of the museum’s Frederic C. Hamilton Building.

    After pleading guilty, Siebenlist received a three year deferred sentence, meaning he will be on probation. The judge also ordered Siebenlist to pay back the $96,000 in restitution. Siebenlist also has been ordered to stay away from the museum.

    After Siebenlist’s rampage in the museum, Christoph Heinrich, the museum’s director, said he believed the works of art could be salvaged. The museum released a statement Thursday afternoon that said “affected objects are being evaluated by the Denver Art Museum’s art conservation staff, and specifics about repairs are not yet available.”

    See Original Post

  • March 26, 2019 2:21 PM | Anonymous

    Reposted from Facility Executive

    Last month, Aurora, IL made national headlines for a workplace shooting that left five people dead and several police officers injured. With workplace shootings occurring at places like Aurora, the Annapolis Capital Gazette, the Washington Navy Yard and others in recent years, it may not be surprising that roughly one out of seven Americans do not feel safe at work, according to new data from the Society for Human Resource Management (SHRM).

    Nearly half of human resources (HR) professionals said their organization had at some point experienced a workplace violence incident at some level—up from 36 percent in 2012. And of those who reported having experienced workplace violence, over half said their organization had experienced an incident in the last year.

    “Companies and HR should and must do more to make employees feel safe at work,” said Johnny C. Taylor, Jr., SHRM-SCP, president and chief executive officer of SHRM. “This data shows we have a lot of work to do in terms of security, prevention, training and response.”

    Unfortunately, nearly one-third of American employees and nearly one out of five HR professionals are currently unsure or don’t know what to do if they witness or are involved in a workplace violence incident.

    “The goal for employers—and this is something we address in our toolkit—is making your workplace a ‘difficult’ target for violent offenders and being prepared to react quickly,” Taylor explained. “If you make the investment in security and preparation, your employees will feel safer and respect you for valuing their safety.”

    While the majority of HR professionals say their organization already provides training to employees on how to respond to an act of workplace violence, more than one-third do not provide such training to employees. Additionally, while almost all say their company has a process for identifying employees with a history of violence, over half are unsure whether they have a workplace violence prevention program.

    According to the research, Americans understandably feel safer when employers provide prevention and training response programs. Additionally, more employees know how to react if their organization already has a workplace violence prevention and/or employee response training program.

    “Education has to start from the top down, and often that starts with HR,” Taylor said. “There’s naturally a lot of fear when people think of workplace violence. But preparing and providing employees with hands-on training helps empower them to react and take action in the event of a worst-case scenario.”

    SHRM’s newly released online toolkit, Understanding Workplace Violence Prevention and Response, provides information and resources to address workplace violence, including:

    • Creating a prevention plan;
    • Identifying how workplace violence is defined;
    • Recognizing warning signs;
    • Implementing a response team; and
    • Responding to workplace violence incidents.

    See Original Post

  • March 26, 2019 2:16 PM | Anonymous

    Reposted from BBC News

    A Frenchman has been given a life sentence for killing four people in an anti-Semitic attack in Brussels in May 2014.

    Mehdi Nemmouche, 33, opened fire with a Kalashnikov assault rifle and a handgun at the city's Jewish Museum.

    Three people died at the scene and one later in hospital. 

    Nemmouche spent a year fighting in Syria for the Islamic State (IS) group before returning to Europe to carry out the attack.

    A man who helped plan the attack and supply weapons, Nacer Bendrer, was sentenced to 15 years in prison. 

    Nemmouche and Bendrer were found guilty last week after a two-month-long trial involved apparent witness intimidation and testimony from former captives of IS in Syria.

    Bendrer, who is also French, told the court: "I am ashamed to have crossed paths with this guy [Nemmouche]. He is not a man, he is a monster."

    When asked to speak, Nemmouche reportedly said with a smirk: "Life goes on."

    Nemmouche's lawyers tried to suggest that he had been framed in an elaborate conspiracy which blamed the murders on foreign intelligence agencies. But they produced no evidence to support the claim. 

    Two Israeli tourists, a volunteer worker and a receptionist were killed in the attack on the museum.

    Who is Mehdi Nemmouche?

    He is believed by Belgian prosecutors to be the first European jihadist to return from war-torn Syria to carry out terror attacks in Europe. 

    He was born into a family of Algerian origin in the northern French town of Roubaix.

    He was previously known to French authorities, having served five years in prison for robbery. He is said to have met Bendrer while in prison.

    Both have been described as "radicalised" prisoners.

    Nemmouche travelled to Syria in 2013 and stayed for one year, during which time he is believed to have fought for a jihadist group in the country's civil war.

    Investigators say that while there, he met Najim Laachraoui, who was a suicide bomber in the Brussels airport attack of March 2016, which killed 32 people. 

    Four French journalists held hostage in Syria say they were guarded by both Laachraoui and Nemmouche during their captivity.

    Nemmouche was extradited to Belgium to face charges connected to the museum shooting, but may also face trial in France over the allegations he was involved in holding the French hostages. 

    What happened during the trial?

    Security was tight, matching that of the trial of jailed jihadist Salah Abdeslam, the sole surviving member of the 2015 Paris attackers.

    Days after the trial began, a lawyer representing a witness reported his laptop and some paperwork on the case had been stolen from his office.

    A baseball bat and replica gun were left in their place – something prosecutors viewed as a threat.

    In the dock the next day, Nemmouche denounced the attempt at intimidation - and the witness, 81-year-old Chilean artist Clara Billeke Villalobos, went on to testify anyway.

    Next came the orphaned daughters of Miriam and Emmanuel Riva, the Israeli tourists killed. 

    Ayalet, 19, and Shira, 21, described a mother "devoted to her family" and an unassuming father who "loved to travel". 

    Three weeks into proceedings, jurors were shown video of Nemmouche in custody after his arrest.

    Belgian newspaper Le Soir described it as showing an "arrogant" Nemmouche in front of police with a "disdainful smile", arms folded.

    Testimony from prisoners

    Two of the French journalists held for nearly a year in the northern Syrian city of Aleppo appeared in court, pointing to Nemmouche as their captor.

    Nicolas Henin told the court Nemmouche was "sadistic, playful and narcissistic", while Didier Francois said he had beaten him dozens of times with a truncheon.

    'Ultra-radicalised'

    Summing up, prosecutor Bernard Michel told the court Nemmouche was "not simply radicalised but ultra-radicalised".

    "If attacking a museum with a combat weapon is not violent and savage then nothing will ever be violent and savage," he said. 

    "For the killer, for Mehdi Nemmouche, the identity of the victims mattered little," he added.

    "The aim was simply that there should be victims. Everything was premeditated."

    'Lebanese-Iranian-Israeli plot'

    The closing argument from the defence was described by some as "mind-boggling", as it wove a web of conspiracy involving foreign intelligence agencies and assassination.

    Sebastien Courtoy, Nemmouche's lawyer, suggested that his client was recruited in Lebanon in January 2013 by Iranian or Lebanese intelligence to join the ranks of IS. But this claim went unsubstantiated.

    According to Mr Courtoy, the Jewish Museum murders were not an IS attack, but a "targeted execution of Mossad agents" - a reference to the Israeli intelligence agency, which he claimed the Israeli couple belonged to. The killing was carried out by an unknown person, he said.

    Yet judges investigating the museum attack last month told the court there was no evidence to support any link to Mossad.

    At one pointed the defence even argued that Nemmouche could not be considered anti-Semitic because he wore Calvin Klein shoes - an apparent reference to Mr Klein's Jewish heritage.

    A lawyer representing a committee of Jewish organisations called that observation "mind-boggling and incoherent".

    See Original Post

  • March 26, 2019 2:10 PM | Anonymous

    Reposted from StaySafeOnline

    Cybercrime campaigns based on social engineering can yield better results for crooks than regular malware attacks. These hoaxes don’t require any tedious software development efforts and the “vulnerabilities” of human nature often play right into the perpetrators’ hands. Add a little bit of malicious code into the mix and you’ve got yourself a tech support scam.

    The con artists behind tech support scams impersonate reputable technology companies to interact with would-be victims over telephone, via websites or by means of rogue software. The logic of such schemes is to persuade the user that their computer is infected with viruses, generating suspicious network activity or having system activation issues. The goal is to trick victims into paying for troubleshooting services they don’t need.

    There are several variations of the modern tech support scam. Whereas the common denominator always boils down to manipulation, the specific mechanisms of achieving this objective may vary and allow security analysts to single out three main tactics of these scammers.

    • The most old-school tactic relies on cold calling the potential victims. The impostor pretends to be from the support department of a major IT company and says they have detected malicious activity emanating from the user’s computer. Then, they ask the unsuspecting person to allow then remote access of their computer so they can fix the problem. Instead, the scammer will point to harmless items in system maintenance reports and claim they are serious problems. The malefactor will then attempt to offer a remote tech assistance subscription for a fee.
    • Another variant of tech support scams involves specially crafted websites that display bogus security alerts or error notifications. People hit these deceptive pages by clicking on a fishy ad on another site, or as a result of a redirect caused by a browser hijacker. To top it off, the code embedded in these web pages triggers popup alerts and splash screens that cannot be closed unless the victim terminates the browser process altogether. The self-proclaimed support agents instruct the user to dial a specific phone number so that they can remotely rectify the issue for a fee.
    • Some tech support scams engage scareware. Scareware is a malicious program that reports nonexistent security threats, imitates operating system crashes or displays counterfeit product activation windows. Most of these deceptive applications sneak into PCs as part of freeware bundles. The nag screens provide a phone number that the user is instructed to call for assistance. Again, the “operators” on the other end will try to sell the victim worthless support services.

    Latest trends

    The evolution of tech support scams has spawned new techniques that make these hoaxes more effective and increasingly elusive.

    1. Multiple layers of obfuscation

    Cybercrooks have recently devised a method to prevent their scams from being detected by antivirus software. It revolves around hiding malicious scripts behind several layers of obfuscation – usually backed by encryption. Following this is an intricate sequence of technical processes that keeps security software from identifying the scam.

    2. Call optimization services

    Some of the newer frauds mimic the activity of legitimate call centers. The scammers employ call optimization services that normally facilitate the process of routing calls by distributing the load and generating relevant phone numbers based on the user’s location.

    When a user is redirected to a scam page, they see a stubborn popup alert that cannot be easily closed due to persistent code. This notification includes a phone number for the visitor to dial in order to take care of the issue. With automatic call optimization in place, the attackers make sure the contact details inserted in the page align with the user’s geographic location. Furthermore, the service can dynamically generate new phone numbers that haven’t been blacklisted.

    3. Causing CPU to skyrocket

    Another recent tech support scam stands out from the crowd as it disrupts computer performance via the user’s web browser.

    The scam drags the web browser into a traffic loop that uses up all CPU power of the target machine. A warning message on the page maxes out the CPU and keeps it there, thus causing the browser to crash. Naturally, this also impacts the stability of the whole computer system and makes regular applications unresponsive. This tactic is used to pressure the victim into giving the feigned support agents a phone call as soon as possible.

    Not only are tech support scams prolific, but they are also becoming increasingly sophisticated and evasive. The exploitation of legitimate services make these hoaxes look convincing. To stay on the safe side, users should treat any online warnings with a fair degree of suspicion. The rule of thumb is to refrain from calling the phone numbers listed on such pages.

    See Original Post

  • March 26, 2019 2:05 PM | Anonymous

    Reposted from Hyperallergenic

    News that the thumb of a 2,000-year-old Chinese terracotta warrior was stolen by a guest of the Franklin Institute’s annual Ugly Sweater Party has become the least of the Philadelphia museum’s worries. The theft, which occurred in December 2017, resulted in three felony charges for Michael Rohana. Two public defenders representing the Delaware man are now petitioning the court for information about the museum’s security protocols and correspondences.

    According to a February 27 filing reviewed by the Courier Post, Rohana and two other guests were able to enter the darkened exhibit space housing the warrior more than two hours after the boozy holiday party began.

    “Needless to say, when Mr. Rohana in his ugly green sweater entered the Terracotta Warriors of the First Emperor exhibit to explore it, he was intoxicated,” the filing states.

    The lawyers would like access to the museum’s security records to help investigate whether or not Rohana’s actions were “more consistent with vandalism than with the specific intent to steal.”

    When the thumb-napping story broke (pun intended) in early 2018, Chinese officials urged American authorities to “severely punish those who have done [this]” in an interview between the Shaanxi Provincial Cultural Relic Exchange Center’s director and the state-run Chinese newspaper, Beijing Youth Daily.

    The 209 BCE statue from the Qin Dynasty is valued at $4.5 million and is considered a priceless piece of China’s cultural heritage. The life-size statues were originally built to guard the tomb of China’s first emperor, Qin Shi Huang. The site where they were discovered by a Shaanxi province farmer in 1974 is now a United Nations world heritage site.

    The de-thumbed warrior in question was part of a traveling exhibit that was scheduled to run at the Franklin Institute from September 30, 2017, to March 4, 2018. It included 10 sculptures from the Shaanxi mausoleum site.

    Although the alleged theft occurred on December 21, museum employees didn’t notice the missing digit until January 8, when the FBI Art Crime Unit was called in to investigate. Surveillance footage helped lead to Rohana’s arrest.

    Court records say that “when asked if he had anything in his possession he wanted to turn over to the FBI, Mr. Rohana stated he had a finger from a museum.” Rohana retrieved the thumb from his desk drawer in his bedroom.

    In addition to security footage, the public defenders also want a subpoena to access the museum’s record of alcohol sales the night of the Ugly Sweater Party, saying evidence of intoxication “may show that Mr. Rohana did not have the intent to commit the offense.”

    The request comes because, the lawyers say, the museum has not complied with earlier requests for multiple records, including communications between the Franklin Institute and Chinese authorities.

    Federal prosecutors have rebuffed these attempts, saying that the case “is not about any alleged negligence by the Franklin Institute. Nor is it about any accidental damage to objects exhibited at the Franklin Institute.”

    Opposing access to security records, Assistant US Attorney K.T. Newton clarified the government’s position that “this case is about [Rohana’s] guilt or innocence.” She added: “This is nothing more than a cover for the use of this information for jury nullification.” (Jury nullification defines the concept in which jurors exonerate a defendant on the grounds of opposing a law because they think it is unjust and not because they believe the accused has actually broken it.)

    The severity of Rohana’s prospective punishment also hinges on the thumb’s market value, which prosecutors estimate is $150,000. The defense says that this number is immaterial because the Chinese government owns the terracotta warriors, which cannot be sold; furthermore, they contend that market value for the whole statue cannot prove “the market value of the individual thumb.”

    See Original Post

  • March 12, 2019 12:56 PM | Anonymous

    Reposted from Security Management

    Awareness of police misconduct and calls for reform in the United States have increased over the last decade. In some cases, officers were investigated and prosecuted at the state level for their actions. Other incidents investigated by the U.S. Department of Justice resulted in criminal prosecution of a police officer for violating a person’s constitutionally protected rights.

    For example, from 2009 to 2012 the U.S. Department of Justice charged 254 police officers throughout the United States with violating the individual rights of Americans. 

    The private security industry remains historically insulated from claims of civil rights-related violations and the resulting criminal sanctions that can be imposed against security personnel. The private security industry in the United States is much larger than the public sector police force; the industry outnumbers public police by a ratio of at least three to one. This growing number of security personnel could lead to increased civil rights violations. 

    The security industry is also less regulated, meaning that security personnel have varying amounts of training while public sector police counterparts have mandated training programs. This discrepancy in training can also become a problem because many private security personnel have direct contact with the public, often performing quasi-judicial police-related activities. ​

    Criminal Sanctions

    One federal statute that has been used to prosecute police officers for civil rights violations is Title 18 of the United States Code, Section 242. It makes it a crime for anyone acting “under color of any law, statute, ordinance, regulation or custom” to willfully deprive a person of a right or privilege protected by the U.S. Constitution or state and local laws. 

    The statute also applies to public officials violating a person’s civil rights, including elected officials, public facilities’ care providers, correctional officers, court staff, and security officers.

    For example, if a police officer assaults a citizen, the officer can be prosecuted for assault and battery and be charged at the federal level for violating the citizen’s Fourth Amendment rights under Section 242.

    A conviction under the statute requires three elements. First, the act must violate a protected right guaranteed by the U.S. Constitution. If defendants reasonably understand that their actions are constitutionally impermissible, they can be held accountable for their actions. 

    Second, the accused must be acting under “color of law,” meaning an officer authorized under state or federal law and acting in his or her official capacity.

    Lastly, there must be intent to “deprive a person of a right which has been made specific either by the express terms of the Constitution or laws of the United States or by decisions interpreting them,” according to Screws v. United States (U.S. Supreme Court, 1945). 

    This case clarified that a defendant violated Section 242 when engaged in activities to deprive an individual of his or her rights and was also “aware that what he does is precisely that which the statute forbids,” according to the Court’s opinion. 

    ​Prosecutions

    Few federal Section 242 prosecutions have involved security personnel. Of those cases, however, private security personnel were prosecuted when they conferred with police powers, were working off duty or moonlighting, or when they were employed as security guards under government contracts.

    Police powers. Some security personnel were prosecuted under Section 242 when they were granted state-related powers and considered “state actors.” In the events leading to Williams v. United States (U.S. Supreme Court, 1951). Williams was a private detective with a special police officer’s card issued by the City of Miami. He had also taken an oath. Lindsey Lumber Company hired Williams to investigate a series of thefts, and during the investigation Williams used “brutal methods,” displayed his badge, and included the presence of a policeman to “lend authority” to the interrogations of four suspects who were “unmercifully punished for several hours,” according to court documents.

    A jury convicted Williams of violating Section 242. He appealed the ruling, ultimately appearing before the U.S. Supreme Court to answer the question of whether private persons could be prosecuted under the statute.

    In its opinion, the Court reasoned that Williams was acting under color of law and was not a private person. The Court concluded Williams’ actions were an “investigation conducted under the aegis of the state” because a regular police officer attended the interrogation and Williams was “asserting the authority granted him and not acting in the role of a private person.”

    The Court upheld his conviction and noted that Williams was “no mere interloper but had the semblance of a policeman’s power from Florida” and his conduct violated the due process right to be free “from the use of force and violence to obtain a confession.”

    Another case where private security personnel were convicted under Section 242 was United States v. Hoffman (U.S. Seventh Circuit Court of Appeals, 1974). In the case, two members of the Penn Central Transportation Company’s police force were convicted for physically assaulting trespassers on or near company property.

    The officers admitted that they attacked trespassers but argued that they were not acting under Illinois law. Instead, they said they were acting in a purely private capacity and as private persons at the time they committed the crimes.

    Ultimately, the appellate court determined the officers were acting under color of law because Illinois state statute had given the railroad company’s police force “police powers as those conferred upon the police of cities,” according to court documents.

    Moonlighting. Off-duty police officers granted government powers in a private security capacity have also been prosecuted and convicted of civil rights violations, such as in 2003 when a federal court ruled that a security guard in a strip club was acting under the color of law when he assaulted a dancer.

    The off-duty police officer, moonlighting as a private guard, was wearing his badge and gun during the assault, identified himself as a police officer, and prevented the victim from calling the police. He also filed an arrest report against the victim for allegedly assaulting him.

    The officer was found guilty under Section 242 and received a 27-month sentence as well as three years of supervised release. The officer appealed the decision, and the federal circuit court upheld the original ruling (United States v. White, U.S. Court of Appeals for the Sixth Circuit, 2003). A federal judge found that “displaying signs of state authority” by wearing his gun and badge, declaring himself to be a police officer while off-duty, and filing a police report “underscores his imposition of state authority,” according to court documents.

    Government contract. The third identified theme is that security personnel can be prosecuted under Section 242 when operating under a contractual relationship with the state. In cases where security personnel employed as contractors for the state were prosecuted under Section 242, private security personnel had positions within a state agency, making the parties liable for their actions under the statute. Private security personnel working in correctional settings have also been prosecuted under similar circumstances.

    Some of these cases are based on violations of a person’s Eighth Amendment right to be free from cruel and unusual punishment. In United States v. Mendez (U.S. District Court for the Eastern District of Texas, 2009), the defendant, an employee of a privately-owned prison transport company, received six months imprisonment and one year of supervised release for assaulting an inmate in her care and custody.

    In another case, United States v. Fuller (U.S. District Court for the District of New Mexico, 2009), four defendants who worked for the Wackenhut Corporation, a contractor for a New Mexico county correctional facility.

    Employed as correctional officers, two of the defendants physically assaulted an inmate, kicking him in the head multiple times. Prosecutors charged another defendant with failing to prevent the attack and indicted the fourth defendant with conspiracy for fabricating evidence, lying to, and providing false statements to police investigators. A jury convicted three of the defendants—the two defendants directly involved in the assault and the employee that lied to investigators—for violating Section 242.

    Fifth Amendment violations involving contract security also exist. In United States v. Loya (U.S. District Court for the Southern District of Texas, 2009), Loya was employed as a contract guard at an Immigration and Customs Enforcement (ICE) detention facility. 

    While working in the facility’s infirmary, Loya sexually assaulted female inmates—a violation of the detainees’ Fifth Amendment right, to “life and liberty, including the right to bodily integrity.” Loya pleaded guilty to Section 242 violations and served a 36-month sentence.

    Lessons

    These cases show that private security personnel can be prosecuted under Section 242, but also raise questions as to why so few cases have been brought. This may be because people fail to report violations, prosecutorial discretion, or the use of other federal statues to prosecute security personnel for civil rights-related violations.

    For example, federal prosecutors can recommend a case for diversion instead of prosecuting suspects under Section 242 when the accused agree to probation and dismissal of the charges upon completion of probation. 

    Additionally, proving all requirements to secure a Section 242 conviction can be a barrier. “Color of law” and the “willfulness” standards can be difficult to establish, subsequently insulating security officers from prosecution.

    Despite these factors that may limit prosecutions of private security personnel, the security industry should be aware of these liabilities, which could become greater as public-private partnerships expand to fight crime. Security managers should train their officers to protect the constitutional rights of the people they serve.  

    See Original Post

  • March 12, 2019 12:54 PM | Anonymous

    Reposted from Allied Universal

    Does this scenario sound familiar? You relied on your security services provider to hire the best staff and ensure everyone received the right training. But a handful of them have already quit and moved onto the next company, leaving your facility’s security at risk. A new stream of security officers are being hired and trained, but the gap in security has you feeling uneasy as there is no consistent security presence. 

    There is never a guarantee that an employee is going to stay in their position for any length of time, but there are ways to help avoid a high rate of turnover with in your security team. Turnover doesn’t have to be the standard for your security program if you work with a security provider who properly cares for their employees and understands your ultimate goals. 

    Here are some tips for avoiding unnecessary turnover at your facility: 

    1. Engage with the right security provider. Work together to find dependable, talented individuals who have a passion for securing your facility. This starts with the application process and continues throughout the career of the individual.

    2. Identify your staffing needs up front and vet the candidates to ensure they have the skills and characteristics you want for your facility. A security background doesn’t have to be the first thing you look for on a resume, sometimes customer service or industry experience may mean the best fit. It is also important to know where the applicants came from. Were they referred to the position from a friend? This information matters as this shows the relationship the security company has with its current employees.

    3. Training is critical to ensure your security team is compliant with any industry requirements and are well aware of your rules and regulations. Training can come in a variety of forms including in the classroom, hands-on or online. Work with a security provider who offers ongoing training to their employees as it equates to better prepared officers and can help increase retention rates.

    4. Relationships between your business partners, individuals within your facility and the security team are a key component in keeping a team together. The security team that builds a rapport with the people in your facility will become a reliable and trusted part of their environment. It is comforting knowing you are going to see the same person every morning when you walk in the door.

    5. When security officers feel valued by you, they become an integral part of your business. Many security teams feel like partners rather than a third party vendor. Security officers who are recognized for their efforts or accomplishments are more likely to take personal ownership in their work.

    See Original Post

  • March 12, 2019 12:50 PM | Anonymous

    Reposted from BBC News

    Glasgow School of Art (GSA) has been criticised by MSPs in a report into the fire which devastated the Mackintosh Building last year.

    Holyrood's culture committee said the school did not give sufficient priority to safeguarding the building.

    The blaze ripped through "The Mack" in June 2018 as a £36m restoration project, following a major fire four years earlier, was nearing completion.

    The GSA said it intended to "learn lessons" from the report.

    The MSPs also said a full public inquiry should be held into the circumstances surrounding the two fires at the building.

    The committee's report concluded that prior to the first fire in 2014, the art school had not addressed the heightened risk of fire to the Mackintosh Building or carried out an adequate risk assessment. 

    The committee was particularly concerned about the length of time taken for a modern mist suppression system to be installed. Such a system was still not in place when the second fire broke out.

    Committee convener Joan McAlpine said: "The board of Glasgow School of Art were custodians of this magnificent building, one of the most significant to Scotland's rich cultural heritage. 

    "They had a duty to protect Mackintosh's legacy.

    "Glasgow School of Art must learn lessons from its role in presiding over the building, given that two devastating fires occurred within their estate in such a short space of time."

    MSPs were also told during their inquiry that ventilation ducts which allowed the fire to take hold in 2014 were still in place at the time of last year's blaze.

    They had been due to be rectified at the end of the restoration project.

    The report also urged the GSA to take steps to repair a "loss of trust" with the local community.

    Responding to the report, Glasgow School of Art said: "There are always lessons that can be learned, and we are happy to take forward the most appropriate and helpful as we bring this much-loved building back to life."

    However, it said there were some "factual inaccuracies" in the report.

    It also added: "The Mackintosh Building is a national (indeed international) treasure, but it is not lost and it will certainly return."

    Representatives from Historic Environment Scotland told the hearing they could not offer any financial support for a new build of the Mackintosh building as grants are for the repair and conservation of existing historic fabric.

    However, bosses at the art school have said they are confident that it will be rebuilt.

    The committee made a number of recommendations about protecting other historically significant buildings, including:

    • Reviewing the remit of Historic Environment Scotland (HES), giving it extended statutory powers to intervene in cases where there is a risk to an asset of national significance
    • A review of Category A listed buildings with unique cultural or historic significance to discover if steps need to be taken to mitigate the risk of fire
    • A Scottish government review of the powers to compel owners to put in place enhanced fire safety measures to protect buildings of national significance.

    Deputy convener Claire Baker added: "If anything positive at all should come out of the loss of the Mackintosh it should be that further protection is put in place for some of Scotland's most significant historical buildings.

    "Throughout our investigation, it has been clear that there are weaknesses in the policy protecting our heritage. This is why the Committee has set out some very clear steps that must be taken in order to prevent any further loss.

    "Particularly key to this is giving Historic Environment Scotland further powers to intervene where there is a serious fire risk to some of Scotland's most important buildings."

    See Original Post

  • March 12, 2019 12:45 PM | Anonymous

    Reposted from Business Insurance

    Recognizing warning signs and instituting reporting policies are key steps in preventing active shooter incidents in the workplace, according to a Risk and Insurance Management Society Inc. report.

    Many workplace shootings involve employees, customers or someone related to the business, according to a RIMS report released on Monday. U.S. Bureau of Labor Statistics data showed that more than 20% of violent attacks in 2016 were carried out by individuals classified as people that employees likely recognized, with co-workers or work associates the assailants in 66 workplace homicide, students, patients, customers or clients responsible for 49 incidents, and relatives or domestic partners causing 43 incidents, according to the report.

    “Assailants often exhibit certain warning signs before escalating to violence” such as poor work performance, unkempt appearance, frequent outbursts, unexplained absences and tardiness, and volatile and defamatory social media activity that employees must understand and recognize, the report said. “Distinguishing whether those incidents are isolated or part of a progression may make all the difference in identifying threats.”

    The risk manager and human resources department should also establish a process where employees can safely and anonymously report threatening activity, regardless of the source, according to the report. And employees should be encouraged to alert human resources if they feel their spouse or domestic partner might intrude on the workplace either physically or through the internet or social media, according to the report.

    Risk managers can develop active shooter preparedness plans that work best for their organization based on the size, location or scope and within a reasonable budget and timeframe, but should also test and practice the plans throughout the entire organization – effective testing methods include walkthroughs, tabletop exercises and planned or unplanned drills, the report said.

    “An unplanned event is a bit more rooted in reality since participants will be forced to demonstrate what they know at a moment’s notice,” the report said. “And while this can be a great way to test employees’ reactions, there can be consequences as well. Operations may come to a halt and there’s always the chance that employees under duress may hinder progress.”

    See Original Post

  • March 12, 2019 12:19 PM | Anonymous

    Reposted from Security Management

    The U.S. Federal Emergency Management Agency’s (FEMA) operation in Puerto Rico after Hurricane Maria was the largest and longest response in the agency’s history. 

    Yet, as it had been with its responses to Hurricanes Katrina and Sandy, FEMA was widely criticized for how it handled the disaster, which caused more than $100 billion in damages to the island and killed possibly thousands of people.

    There were numerous factors that could have influenced this response. A U.S. Government Accountability Office (GAO) report found that 54 percent of federal emergency personnel were not qualified for the positions they held in October 2017—a month after Hurricane Maria made landfall. This challenge was echoed after Hurricane Katrina as well, largely due to differences between federal hiring processes that emphasize administrative background and education versus those in many state and local emergency management departments that recruit heavily from the fire, law enforcement, and emergency communications services. 

    FEMA also faced numerous challenges that “complicated response efforts,” the GAO said. These challenges included the timing and overlapping of three major hurricanes that caused staffing shortages and logistical challenges that complicated efforts to deploy resources and personnel quickly. 

    They also included the overall limited preparedness of the U.S. Virgin Islands and Puerto Rico for a Category 5 hurricane and the “incapacitation of local response functions due to widespread devastation and loss of power and communications,” the GAO explained.  

    FEMA “essentially served as the first responder in the early response efforts in Puerto Rico,” the GAO found. “FEMA officials said that many services provided—such as power restoration, debris removal, and commodity distribution—are typically provided by territorial or local governments.” 

    This again highlighted a major lesson learned in the governmental response in New Orleans when planning and infrastructure deficiencies at the local level hindered the federal government’s ability to provide effective support and logistics.

    Furthermore, FEMA and other U.S. government agencies also faced challenges in getting personnel on the ground in Puerto Rico to respond to the hurricane because of limitations on air travel and power outages. Instead of using commercial travel, FEMA had to rely on agency partners to provide chartered air transportation.

    The GAO’s analysis also found that while officials from Puerto Rico and U.S. Virgin Islands had engaged in disaster preparedness exercises before Hurricane Maria, they had not experienced or stored the resources that would be necessary to respond to a hurricane of its strength. “Specifically, Puerto Rico officials had not considered that a hurricane would cause a loss of power for as long as Hurricane Maria did,” the report said. 

    The challenges revealed by the response to Hurricane Maria highlight one major concern with emergency management disciplines—that they vary from place to place. Issues arise when the plans, capabilities, and management of the state and local partners receiving emergency management assistance are thwarted by operational issues that may create obstacles to disaster prevention, mitigation, or recovery. 

    The Role of FEMA

    Since 1803, the role of emergency management has morphed from an act of the U.S. Congress requiring that it provide financial assistance to local jurisdictions following disasters to civil defense functions to the current all-hazards approach to continuity of government and disaster recovery. 

    While the validity of the function of emergency management has never fallen into question, the landscape has changed with the addition of terrorist and active shooter incident mitigation to the already prevalent natural disasters officials plan for, mitigate, and recover from. Emergency managers are responsible for planning for worst-case scenarios. 

    With FEMA, the U.S. federal government’s ultimate obligation is to help state, local, or individual entities with funding, equipment, and manpower support in overwhelming circumstances. Emergency managers in the private and nongovernmental sector are responsible for the safety of their assets and continuity of essential operations. 

    Staffing—and even the existence of offices of emergency management—within state and local government agencies, critical infrastructure, education, and business vary widely depending on the area and the scope of the organization. 

    The role of emergency management has traditionally been defined as a planning and support mechanism for dealing with risk—and risk avoidance—from a broad range of situations. These professionals were normally tasked with disaster planning, emergency communications, command center operations, and obtaining funding for mitigation and recovery.

    Emergency managers have had closer relationships with fire services in the past than with the security and law enforcement communities. However, emergency management is integral to the security of organizations, and its integration with the security planning and response landscape is vital to its roles in response to recent major disasters.

    To address this area of vulnerability with FEMA, U.S. President Donald Trump appointed Brock Long as FEMA administrator. Before being placed at FEMA, Long worked for the Georgia Emergency Management Agency and was Alabama’s state emergency manager. 

    The appointment of a career emergency manager marks a departure from prior administrations who typically appointed administrators with no prior experience in disaster management. FEMA is also addressing how it hires, trains, and retains staff to ensure that it is prepared to respond to disasters that may occur simultaneously.

    With FEMA revamping its operations and staffing up in response to the latest hurricane season; it is imperative for state, local, and private emergency management to do the same. Many emergency managers outside of the U.S. federal government—and larger states and cities—perform basic business continuity planning to ensure incident survival. 

    Assessment

    Consideration of security threats is essential to the operational survival of local jurisdictions, businesses, and nongovernmental organizations. Therefore, emergency management must expand its current planning, response, and recovery operations to include security threats to ensure the physical safety of first responders and stakeholders. 

    Organizations should create emergency management functions within security management roles. Jurisdictions that already have emergency managers can also assess current operations and seek to create preincident working relationships with law enforcement and security agencies. These emergency managers are normally the incident commanders during man-made disasters, like terrorist attacks, until such time as the FBI or law enforcement takes over. 

    An example of this on the U.S. federal level was illustrated when former President George W. Bush signed the Homeland Security Act of 2002 into law, creating the U.S. Department of Homeland Security (DHS). The act charged the new cabinet-level agency with the mission of protecting the United States from terrorist attacks and minimizing the damage from attacks and disasters. This act incorporated FEMA into DHS. 

    Teamwork

    To ensure that security management and emergency management are working together, the author organized three roles into one directorate while serving as a director for North America’s largest medical board: chief security officer, head of investigations, and emergency manager. This configuration allowed the security department to work with cross-functional staff to create policies, procedures, and countermeasures that would allow the organization to protect its human, physical, and intellectual assets in an efficient way that addressed both emergency mitigation and security threats. 

    Assuring that emergency management coordinates effectively with all facets of public safety is a key function of mitigation. This differs from other emergency management disciplines in that it presents long-term solutions to reducing risk, instead of accepting that risks exist and preparing, responding to, or recovering from their eventuality. 

    However, mitigation involves coordination across a wide spectrum of public and private sector stakeholders. For instance, New Orleans officials hampered evacuation efforts after Hurricane Katrina by parking its fleet of buses in a lot susceptible to flooding—which delayed evacuation procedures until a new fleet could be sourced.

    In the wake of Hurricane Maria, FEMA conducted its own after-action report—in addition to the GAO analysis—and is making changes to address security planning and mitigation to address the shortcomings of the response in Puerto Rico. 

    “FEMA…made improvements in staffing for incidents, logistics operations, and refining communications from land mobile radios to satellite communications,” wrote Jim H. Crumpacker, CIA, CFE, director of departmental GAO-OIG Liaison Office for DHS in its response to the GAO report. “Finally, FEMA has updated high priority national level contracts to be better prepared to cope with responding to multiple concurrent disasters across the nation.”

    Additionally, FEMA incorporated objectives in its 2018 to 2022 strategic plan, including improving readiness of incident workforce cadres; building staff, equipment, and contract capacity; and streamlining the disaster survivor and grantee experience. 

    “Disaster can strike at any time and in any place, building slowly, or occurring suddenly without warning,” Crumpacker wrote. “FEMA is part of a larger team of federal agencies, state, local, tribal, and territorial governments, and nongovernmental stakeholders that share responsibility for emergency management and national preparedness.” 

    Those in charge of security for a particular location need to cross-plan for natural disasters and environmental threats. They also need to factor in the probable response by their federal, state, and local partners. 

    Just as threats like active shooters, unpermitted protests, and flash mobs have changed the face of security management, security threats have changed the face of emergency management. It’s incumbent upon security and emergency management professionals to work together before an incident to plan and assess their threats accordingly.  

    HOW TO DIAGNOSE YOUR EMERGENCY MANAGEMENT CAPABILITIES

    An Evaluation of Emergency Management Capabilities Begins with Questions Such as:

    • If a local jurisdiction is growing exponentially, is the state of its local emergency management planning addressing that growth and forecasting worst-case scenario needs?

    • If a transit agency’s emergency plans rely on local emergency management capabilities, does the local team have an independent office of emergency management that can weigh its geographic footprint in areas that may have minimal first responder capabilities?

    • Does a private sector organization include the principles of professional corporate security and emergency management in its business continuity planning?

    • If the organization relies on public sector stakeholders in emergency management, has it evaluated the effectiveness and track record of their plans and performance when conducting internal emergency management planning?

    ​These questions are critical because private organizations face some of the same challenges as government agencies when addressing emergency management. For instance, medical board administrators secure examinations that have copyrighted trade secrets; the workplace is secured in a similar manner to government offices where classified information is stored. During an emergency, such as a fire, a conflict could arise between security policy and local laws requiring access doors to automatically unlock—enabling people to evacuate the building but also providing access to criminals to steal from the facility. ​

    See Original Post

  
 

1305 Krameria, Unit H-129, Denver, CO  80220  Local: 303.322.9667
Copyright © 2015 - 2018 International Foundation for Cultural Property Protection.  All Rights Reserved