In Homeland Security advises of a new book on intelligence gathering and security matters – “Intelligence Operations, Understanding Data, Tools, People and Processes”. It’s described as a worthy successor to Allen Dulles’ “The Craft of Intelligence” of 60 years ago.

“If Dulles’ book could be considered a primer on what the super-secretive Central Intelligence Agency was all about, Kleinsmith’s book makes excellent required reading in college courses for aspiring intelligence gatherers and analysts. Kleinsmith now serves as Associate Vice President for Strategic Relations in Intelligence, National Homeland and Cybersecurity at American Military University.”

It’s a different security world now, and this new book sounds like a good advisory on the new setting.

There have been at least 30 shooting attacks at schools in 2019. Prompted by the latest one this week in Los Angeles County, the U.S. Secret Service is calling attention to its “Operational Guide for Preventing Targeted School Violence”, issued in July of last year. It’s something for school officials and parents alike to rally around.

These are the guide’s key considerations:
• In conjunction with physical security and emergency management, a threat assessment process is an effective component to ensuring the safety and security of our nation’s schools.
• Threat assessment procedures recognize that students engage in a continuum of concerning behaviors, the vast majority of which will be non-threatening and non-violent, but may still require intervention.
• The threshold for intervention should be relatively low so that schools can identify students in distress before their behavior escalates to the level of eliciting concerns about safety.
• Everyone has a role to play in preventing school violence and creating safe school climates. Students should feel empowered to come forward without fear of reprisal. Faculty and staff should take all incoming reports seriously, and assess any information regarding concerning behavior or statements.

The Secret Service advisory includes a five-step Targeted Violence Prevention Plan, one that’s recommended to all schools and parents. The guidance comes down to listen and observe intently and act accordingly.

The Secret Service is a unit of the U.S. Department of Homeland Security.

The global market for physical security products is strong, advises SecurityInfoWatch. Strong, but unbalanced. “Western manufacturers have competed better against Chinese competition this year, but they still have little possibility of penetrating the Chinese public sector business. China is by far the largest single market, probably accounting for 35% to 40% of world demand for video surveillance,” the biggest growth category.

“Access control was expected to deliver slightly higher growth than the 8.2% Memoori had estimated in 2019,” the post continues. “It now accounts for 24% of world sales.”

There’s more detail in the post, especially on “The China Challenge.” But ours is a security-conscious world.

On Veterans Day, it’s appropriate to note the differences between the military and civilian worlds and the challenges veterans face in moving from one to the other. Leischen Steiter notes on the In Public Safety blog that the transition isn’t always easy.

““One of the biggest challenges I faced was learning and accepting that I would be forever changed,” says Jennifer Bucholtz, a faculty member in American Military University’s criminal justice department who served as a counterintelligence agent for the Army. “Going to war changes every person who has deployed to a combat zone, whether they want to admit it or not.

“For someone coming out of the military, normal daily tasks such as grocery shopping, making phone calls, and cooking dinner become mundane and seem completely unimportant,” Bucholtz notes.

Yet those are precisely the sort of activities the military exists to protect and defend. Thank you veterans everywhere!

Do all you can to protect your computer(s) from cyber attacks – no one is safe from such digital intrusions – including hospitals, with some dire results. The DarkReading blog reports that “hospital cyberattacks have been linked to an increase in heart attack mortality.”

The evidence comes from researchers at Vanderbilt University’s Owen Graduate School of Management who “analyzed healthcare data breaches recorded by the Department of Health and Human Services (HHS).They investigated patient mortality rates at more than 3,000 Medicare-certified hospitals between 2012 and 2016, 10% of which had reported a data breach. They found attackers are not directly controlling medication; rather, hospitals’ approach to breach remediation is slowing down doctors, nurses, and other healthcare practitioners responsible for cardiac care, according to an article on PBS NewsHour…

“At the hundreds of hospitals in this study that reported data breaches, there were as many as 36 additional deaths per 10,000 heart attacks each year. It’s worth noting heart attacks are among the most common medical emergencies in the US: According to PBS, 735,000 Americans suffer one every year. The number of healthcare institutions affected by data breaches rose 20% in 2019, affecting medical records of 30 million health care customers – the most since 2015.”

It’s amazing how spammers and hackers are sometimes willing to place the lives of others at risk.

One key security tool is lifelong learning about how security challenges keep changing and evolving. That’s the pertinent word from the ASIS International 2019 conference on “Why Lifelong Learning is Vital in the Field of Security and Threat Management”.

Learning shouldn’t end when you reach a certain point in your career,” explains Dr. Nicole Drumhiller, an associate dean at American Military University, “it should be something you continuously pursue across your lifetime. As you mature, your areas of interest may change. Perhaps your personal and career goals may morph into something altogether different than what you originally intended.”

That’s an even more pertinent comment in the fields of organizational and computer security, which Barrier Briefs covers. Perpetrators too often seem to be in an attack mode, whether physically or digitally.

“Today’s educational environment is more dynamic than it has been in the past,” Dr. Drumiller notes, “leaving people with more options to gain the knowledge they want and need. From a higher education standpoint, universities and colleges are working hard to transform themselves in different ways.

“For example, there has been a transition from traditional Ph.D.-style doctorates to applied doctorates like the Doctorate in Strategic Intelligence or Doctorate in Global Security. These academic programs have their students work to address real-world problems of practice. In this manner, they take the education they receive in their classes and work to apply it within the fields in which they are currently employed or hope to work in.

“In addition, some universities now offer dual degree programs, such as the dual master’s degree in emergency and disaster management and homeland security. Some institutions are also starting to provide accelerated degrees to allow their students to rapidly advance from a B.A. to an M.A., saving those students time and money on their educational pursuits.”

It’s a challenging world out there, keep up with it, earnestly and continually.

.

The testimony of an eyewitness may not necessarily be a reliable security indicator, Dr. Jade Pumphrey of American Military University advises in a post on In Public Safety.

The problem may be as much with the questioners as those being questioned.

“During an investigation,” the post advises, “eyewitnesses may have several interactions with law enforcement. These interactions could influence the witness’s recollection of the scene. For example, suggestive questioning by officers—which could be intentional or unintentional—can put pressure on a witness to omit, create, or change details of their account.

“Time is another factor that can influence the accuracy of eyewitness accounts. While most statements are made immediately after the incident, there are times when witnesses may not be called to participate in a lineup until several weeks after the event. This passage of time often causes memories to slip.”

Such factors, and more in the post, argue for prompt questioning by officers with undoubted integrity.

Threatpost says cyberattacks on industrial control system (ICS) networks are likely to grow in resolve and complexity. “Analysts expect them to evolve from attacks that have an immediate direct impact to those with multiple stages and attack vectors that are more stealthy.”

‘While it remains extraordinarily difficult to mount successful attacks on critical infrastructure because of the complexity of industrial environments, it doesn’t mean adversaries with these targets are going to stop trying, according to the report, published Thursday by security firm Dragos.

“If attacks such as Stuxnet and Triton/TRISIS are any indication, bad actors already have the ability to create malware that can disrupt operations at power and manufacturing plants, according to Joe Slowik, report author and threat hunter at Dragos.”

Surely there is no room for complacency in sitting at a computer screen reading reports of what the bad guys may be aspiring to.

.
Ensuring security in an office setting is one thing; in the palm of an employee’s hand with a mobile device is another, and harder, matter. DarkReading says it’s a special challenge in employee relations, one requiring digital partnerships in workplaces.

“Developing this partnership begins with convincing users they’re an important part of business security. Depending on the industry, that could include training on regulations as they apply to mobile devices, education from cyber insurance companies, and presentations from intellectual property attorneys.

“Once employees are on board, what specific actions should be encouraged? We went looking for best practices across the Internet, and eight kept showing up. It’s important to note that only two of them require products or services that aren’t included with most mobile devices. Two of the tips involve user behavior. And the other four are all about using features of the mobile device or operating system in the most secure manner possible.”

So for security guidance: Never assume that security everywhere is self-evident to everyone.

One element in a steadily developing Internet of Things (IoTs) security system is footage from residential and business security cameras, the In Public Safety blog advises.

“Footage from residential and private business security cameras can be instrumental in police investigations,” the post notes. “New technology services such as Ring, Nest, LorexTechnology, and others offer internet-based, DIY, security systems with networked camera options. For example, these technology-based services allow the user to monitor their cameras using a smart device and send out alerts and footage when activity is detected. These high-quality, networked video surveillance systems also allow users to share footage.”

Installed on homes, the cameras can provide a record of unusual events in a neighborhood, such as traffic accidents in the street outside. They’re relatively low-cost and easy to install.

So add the locale of front-lawn security as a new possibility in an ever-wider wired world.