Here, from Securosis, is background on email security – “…email-borne attacks are still a scourge on pretty much every enterprise. That doesn’t mean the industry hasn’t made progress – it’s just that between new attacker tactics and the eternal fallibility of humans clicking on things, we’re arguably in about the same place we’ve been all along.”

“It’s a bit like mixing a cocktail. You can have five different liquors, but knowing the proportions of each liquor to use lets you concoct tasty cocktails. Modern detection is largely about knowing what tactics and techniques to use, and even more about being able to adapt their composition and mixture because attacks always change.”

Read on in the Securosis post to gain insights into effective threat research in e-mail attacks.

Drones equipped with thermal cameras or night vision capabilities are being used as security “look-outs” by migrants seeking to cross the U.S.-Mexico border illegally, In Homeland Security reports.

In one instance, in mid-April, “a Border Patrol agent was monitoring the border at night using an infrared camera when he observed a small airborne object traveling northbound across the international boundary between the U.S. and Mexico border. Officials told KVIA 7 News that the object traveled roughly 100 yards over U.S. territory and then returned to Mexico. This happened three times, and about two minutes after the last return to Mexico, a group of 10 migrants entered the United States illegally in the same area where the drone was spotted.”

There are many different kinds of drones available on the market for both hobbyists and commercial operators, In Homeland Security advises. “Most do not come standard with thermal cameras or night vision capabilities, but even basic hobbyist drones can be modified to include this capability. Many drones can fly several kilometers away from their operators and controllers, and they can achieve speeds of 40 mph or greater.”

Thus the southern border tensions are raised by technologically adept drone operators. Of course, drones are also being used to detect illegal crossings.

Oh, the security dilemmas the military can get into. Take, for example, the Royal Canadian Navy. It recognizes that it won’t be recruiting sailors if they can’t bring their cell phones along. So, Military.com advises, in designing future ships, Canadian leaders are putting internet connection high on the list.

“We have sailors who’ve grown up in a digital world — they are digital,” Rear Adm. Donovan said at the annual Sea-Air-Space expo near Washington, D.C. “… When they embark on a Canadian surface combatant and we tell them to lock up their phone, they won’t just go ‘OK.’

“They won’t join the navy,” he said. So the Royal Canadian Navy recently lifted its ban on Wi-Fi at sea.

(The U.S. Navy, too, is making its peace with Wi-Fi by providing it as it sails along.)

Stresses from career engagement as military veterans or first responders can be deadly. The toll of veteran suicides is better known, but “another group is quietly struggling with its own suicide epidemic: First responders.”

That’s the dire insight presented in a post on In Public Safety.

“According to a study by the Ruderman Family Foundation, police officers and firefighters are more likely to die by suicide than from shootings, traffic accidents and fires combined. In addition, the Firefighter Behavioral Health Alliance (FFBHA) estimates that only 40% of firefighter suicides are reported. This makes it likely that first responder suicides are much higher than previously thought.”

The post goes on to explain how “winning the war against first responder suicides starts by acknowledging the problem.” The first advisory is to “assure officers that there will be no judgment of individuals seeking help. Of the 18,000 law enforcement agencies across the United States, only 3%–5% have suicide prevention training programs. That percentage is unacceptable.”

And so it is.

We post a lot about cyber security threats, but here’s an especially important one – cyber security training for the staff of a business, those who have to recognize the possibility that an attack is occurring in the first place.

Clearswift.com advises: “As a starting point, employers need to work to create an environment that supports the honest reporting of cyber threats and incidents. A shoot the messenger approach will not help the cause!

“Without a supportive environment, when a data breach occurs due to an honest mistake, employees will be reluctant to blow the whistle on themselves, instead possibly hiding the issue whilst they attempt to rectify their mistake before anyone else notices, or worse still, do nothing at all.”

When a cyber attack is suspected, don’t minimize what could be occurring. “Today, the average (business) cyber-attack costs over $1 million.”

There are more words to the wise businessman in this Clearswift post. Cybersecurity is, or should be, a new specialty of the house.

Russia is moving in the direction of creating its own, independent internet, much as China has, CNN reports. Russian President Vladmir Putin has signed a law creating a “‘sustainable, secure and fully functioning’ local internet,” to take effect in November, according to a report from the state news agency RIA-Novosti.

“The law calls for the creation of a monitoring and a management center supervised by Roskomnadzor, Russia’s telecoms agency. The state agency will be charged with ensuring the availability of communication services in Russia in extraordinary situations. During such situations, it would also be empowered to cut off external traffic exchange, creating a purely Russian web.”

It all sounds like another pending blow to global security rather than maintaining open communication in the interests of international understanding and cooperation.

Yoga training for firefighters has its place in the security spectrum, an In Public Safety post explains.

“Yoga is a new training modality used by many firefighters, but not all fire service professionals have embraced it. Many have the misconception that the sole purpose of yoga is to achieve balance, flexibility, or relaxation, often classifying it only within the categories of wellness or
stress management.

“Although yoga training does aid mental resilience and recovery, there is more to it. The true intention of yoga is to enhance overall human performance, both physically and mentally.”

Thus, a prime security technique is being open to possibly new approaches to training and readiness.

The Protection Circle blog discusses the unfortunate and, for many, uncomfortable subject of protecting houses of worship from terrorist attacks.

First, separate emotional reactions to protecting a church or synagogue from the practicalities of precautionary measures. What’s primarily involved is a change in mindset.

“For example,” says the post, “I can very clearly remember a time when people worried that installing security cameras would harm their warm and welcoming environment. Now, no one even bats an eye when they see cameras (if they even notice them at all).”

Be as discrete as possible, explain what’s being done, and live with the advisability of precautions. They’re likely to become second nature, and, let’s hope, won’t have to be called into play.

Cybersecurity professionals need help, there aren’t enough of them. That’s the word on SecurityInfowatch.com.

“We absolutely need more cybersecurity professionals that are trained properly and can protect our world,” says National Security Agency Director Harry Coker Jr. “Nationally, we’re experiencing a 12-year high in the cybersecurity expertise gap, and it’s not because we’re producing fewer cybersecurity professionals. Rather, it’s because the requirements for expertise in cybersecurity are growing exponentially.”

Coker spoke at the fourth annual Cybersecurity Centers of Academic Excellence Executive Leadership Forum in Pensacola, Florida last week. The University of West Florida, “a nationally-recognized leader in cybersecurity education and training that serves as one of eight Cybersecurity CAE Regional Resource Centers across the nation, partnered with the NSA and the U.S. Department of Homeland Security to host the forum.

The security of the Internet, as well as computer hookups everywhere, depends on countering hackers whose numbers are growing.

Should the U.S. Army be needed in a national crisis, how rapidly could it be deployed or expanded? This is a security question that’s highly pertinent to the nation’s well-being.

Homeland 411 provides a discussion of the Army’s overall readiness. “Over the past four decades,” it finds, “the Army has produced little innovation in its ability to rapidly expand the force in new or augmented units, while over the same period it has made tremendous progress in how it trains established units. This lack of balance in innovation is a problem.”

Security typically has more than one aspect, and that’s as true in the case of military readiness as in other contexts. “While military capability is doubtless important,” Homeland 411 continues, “one thing we know about war is that it has the power to surprise us in unpleasant ways. Nothing is more useful to surviving and overcoming those surprises than the simple power of numbers. Mass still matters, and the ability to produce it quickly deserves more of our attention.”

This is a subject that goes beyond brief… so we refer you to the full Homeland 411 post should you want to pursue it.