Ten years after its first report, the 9/11 Commission has issued a new one “reflecting the evolving and dangerous terrorist threat facing the nation.” Homeland Security Watch (HSW) notes that the new report reflects “mounting threats from the resurgence and transformation of al Qaeda, the situation in Syria and a rapidly changing cyber landscape.” With the 9/11 commission calling for, in HSW’s words, “a vigorous and proactive counterterrorism effort,” it isn’t getting any friendlier out there folks. The commission’s report is available at http://bipartisanpolicy.org/sites/default/files/%20BPC%209-11%20Commission.pdf
Tech people in organizations feeding into Information Week’s Dark Reading blog think their CEOs aren’t any too swift at appreciating what it takes to manage cyber security risks effectively.
Citing last year’s hacker attack on Target, a post notes that, “In the Dark Reading community, according to the results of our latest pool, members…show a stunning lack of confidence in their chief executives’ ability to marshal the talent, financial resources, skills and training to defend their companies from a similar attack.” Only 16 percent of 750 respondents give their CEOs an “A” for making cyber risk management a top priority. Twenty-six percent see organizations moving in the right direction, but lacking critical tools.
And 40 percent say companies are barely meeting cyber security standards or “‘flying blind’ with security teams who lack the latest technology and training.”
Get on board CEOs, this is important stuff, and is becomingly increasingly so.
Information Week’s Dark Reading provides some chilling reading indeed. Malware developed originally for government espionage “is now in use by criminals, who are bolting it onto their rootkits and ransomware.” That means, one can presume, that malware is becoming ever more sophisticated, adding to the computer security challenge.
One form of recently discovered malware, dubbed Gyges, says Sentinel Labs, which discovered this example, “is an early example of how advanced techniques and code developed by governments for espionage are effectively being repurposed, modularized and coupled with other malware to commit cybercrime.”
Here’s a scary topic: “nuclear forensics”. Eighty-eight member states joined in an International Atomic Energy Agency (IAEA) conference in Vienna last week on Countering the Evolving Threat of Nuclear and Other Radioactive Material out of Regulatory Control. The U.S. Department of Homeland Security (DHS) attended, of course, and provides this report on the meeting.
DHS was represented by its Domestic Nuclear Detection Office (DNDO), which discussed, along with the Department of State, “the development of National Nuclear Forensics Libraries and the results of Galaxy Serpent – an international nuclear forensics exercise conducted by the Nuclear Forensics International Technical Working Group.” One shudders to think of it, but we can appreciate their getting together.
DNDO is headed by Huban Gowadia, shown here.
Here, from Wired.com, is possibly great news about future airport security checks – development of a new hassle-free system for quick, self-actuated scans that wouldn’t require anyone but you to handle your carry-on bag, or even open it.
Developed by Qylatron, the system was tested/demonstrated at a World Cup stadium in Curitiba, Brazil. It’s called the Qylatron Entry Experience Solution, can handle five bags at a time, and people apparently loved it. (Be sure to watch the accompanying YouTube video.)
Philip J. Palin, a risk management practitioner, has put together an online library of “a reading list for a graduate symposium in homeland security.” It looks like a great resource, headed, no surprise, by the 9/11 Commission Report. Also includes such material as Global Risks 2014, and Global Trends 2030: Alternative Worlds, as prepared by the National Intelligence Council.
While not precisely fireside reading, it looks like the list will make/keep you deeply informed on the security field. Palin is requesting advice on “What else would you insist be on the list? What would you remove from my list without a second thought?” A colleague-oriented guy.
Here are two somewhat divergent views of the U.S. Homeland Security Department’s directive that cellphones and other electronic devices need to be turned on for security checks on flights to the U.S.
On In Homeland Security, Glynn Cosker seems more tolerant of the advisability of the precaution than Arnold Bogis on Homeland Security Watch, who fears that “a perverse ‘whack-a-mole’ instinct” may have taken hold at Homeland Security. But, apparently, the precaution has been ordered out of concern that an electronic device might be stuffed with an explosive instead of its circuit board. Such are our times.
Repercussions of Edward Snowden’s digital security – or insecurity – exploits keep bouncing around Washington. Now, Government Security News (GSN) reports, “a group of privacy organizations has written a letter to Congress saying that a newly released draft version of a bill, the Cybersecurity Information Sharing Act of 2014 (CISA), which aims to improve private and public sector sharing of cyber threat information, could pose a major risk to individuals’ privacy.”
It’s been a year since Snowden revealed the existence of U.S. government surveillance programs, and privacy groups like the Center for Democracy and Technology, the American Civil Liberties Union and the Electronic Frontier Foundation are seeking, GSN advises, “meaningful privacy reform and a roll back of the surveillance state created since passage of the Patriot Act.”
Here, from ThreatPost.com, is a look behind the scenes as Microsoft battles malware operators in ways that are rattling security gurus. It’s messy out there!
Recruiting security officers can be challenging, for the image of the job is often far less than its reality. Security guards have often been spoofed in movies like “Mall Cop”. But “in reality,” notes Jim Gillece on Security magazine’s blog, “security officers are diligent, highly trained men and women who act as our country’s first responders.”
The guard and patrol industry is projected to increase 5.2 percent annually to $24.5 billion in 2016, Gillece advises, quoting the Freedonia Group. That implies a lot of screening for “quality personnel who are the right fit for the position. Through 2016, the number of guards employed by private security firms is projected to rise 2.8 percent annually to 655,000.”
Security officers can face all kinds of taxing situations, from a lost child to a medical emergency or a power failure. We need to keep them in high regard as domestic front-liners.