Is no place secure from cyber intrusions? Certainly not, as Carly Page of the TechCrunch site reports, a California Pizza Kitchen (CPK) where a data breach “exposed the Social Security numbers of more than 100,000 current and former employees”.

“The U.S. pizza chain, which has more than 250 locations across 32 states, confirmed the incident in a data breach notification posted this week. The company said it learned of a “disruption” to its systems on September 15 and moved to “immediately secure” its environment. By October 4, the company said it had determined cybercriminals had infiltrated its systems and gained access to certain files, including employee names and SSNs.”

“While CPK didn’t confirm how many people are impacted by the breach, a notification from the Maine attorney general’s office reported a total of 103,767 current and former employees — including eight Maine residents — are affected. CPK employed around 14,000 people as of 2017, suggesting the bulk of those affected are former employees. (TechCrunch contacted CPK for more but did not immediately hear back.)

“’Information security is among our highest priorities, and we have strict security measures in place to protect information in our care,” CPK added. “Upon discovering this incident, we immediately took steps to review and reinforce the security of our computing environment. We are reviewing existing security policies and have implemented additional measures to further protect against similar incidents moving forward.’”

Offering security guard tips, Casey Evans on the Silvertrqc site advises that incident reports should kept clearcut. “Remember,” he says, “the basics.”

“The Who: Who were the individuals involved? Were you able to collect contact information or a visual description of the persons involved? Make “sure you remain courteous and objective when describing others.
“The What: What actually happened? This is your chance to really explain the chronological events that took place. Do your best to be as descriptive as possible without including unnecessary information. When you are unsure whether certain information is relevant, go ahead and include it just to heir on the side of caution. It’s better to have too much than too little.
“The When: Do your best to include the time the incident took place. If you’re not sure, use a window of time rather than guessing.
“The Where: Include details like the address, location, scenery, and other pertinent details like the weather, or lighting conditions.
“The Why: This can often be the most difficult to answer, so unless you have a clear understanding of the motive behind the incident, it’s best not to speculate.
“The How: How did the incident occur? This could also be difficult to answer so only include details that you are positive took place.”

Flash mob, flash rob – whatever you call it, it’s astounding how, as Today in Security reports, in Walnut Creek, California, “Approximately 80 people perpetrated a coordinated attack on a Nordstrom department store just before it closed at 9:00 p.m. A reporter from the local NBC affiliate saw dozens of people swarm the store, armed with crowbars and various other weapons, snatch merchandise, and run to approximately 25 cars, which were lined up in front of the store to effectuate a quick exit.”

“The incident is one of several recent incidents in the San Francisco area in which looting-style tactics—a swarming form of grab-and-run theft—on high-end stores in the San Francisco area. On Friday night at least 10 stores in San Francisco’s posh Union Square shopping district experienced break-ins and theft of more than $1 million in merchandise, and on Sunday a group smashed glass cabinets and stole merchandise from a mall jewelry store.”

That’s hardly in the holiday spirit of giving.

For securing critically important areas, a barbed wire-topped fence may not be enough, SecurityInfowatch.com advises. Radar might be added to insure redundancy.

Where perimeter protection is essential – as at utilities and airports – “it is imperative to deploy multiple best-in-class sensors to improve detection times and deliver real-time, dynamic situational awareness to security personnel. Deploying fixed and multispectral pan-tilt-zoom (PTZ) thermal cameras in a PIDS, for example, can ensure security operators maintain visibility of their perimeter even after dark and increase detection range beyond what a standard visible surveillance camera can see.

“One predominant trend for creating redundancy in this sort of perimeter security infrastructure involves implementing ground-based radar systems alongside both thermal and visible light sensors. According to the 2019 Perimeter & Drones Security Report from IHS Markit, ground-based radar systems are becoming a much more common option for perimeter protection applications.”

So, if the need is critial enough, don’t get caught relying on a barbed wire fence or surveillance cameras alone.

From the Homeland Security Digital Library comes an advisory from the Rand Corporation on the decay of truth in news reporting. That’s important because national security depends on an accurate shared understanding of daily events worldwide.

Rand focuses on “Tracking news manipulation by state actors”. “The world,” it explains, “is experiencing a crisis related to disagreements over the established truth, a phenomenon that RAND refers to as Truth Decay — a shift in public discourse away from facts and analysis that is caused by four interrelated drivers (Rich and Kavanagh, 2018):

“1. An increasing disagreement about facts and analytical interpretations of facts and data
“2. A blurring of the line between opinion and fact.
“3. An increasing relative volume, and resulting influence, of opinion and personal experience over fact.
“4. A declining trust in formerly respected sources of factual information.

“Truth Decay is a serious threat to both domestic U.S. and international security, one that is being exacerbated by malign efforts from a variety of national bad actors. These ill-intentioned efforts to misuse information are labeled many ways—readers might have seen these efforts labeled as disinformation, misinformation, fake news, and information operations…”

The U.S. Department of Homeland Security has announced “a new personnel system that will enable DHS to more effectively recruit, develop, and retain our Nation’s top cybersecurity professionals” – the Cybersecurity Talent Management System (CTMS). Its aim is “to recruit and retain world-class cyber talent”.

“The DHS Cybersecurity Talent Management System fundamentally re-imagines how the Department hires, develops, and retains top-tier and diverse cybersecurity talent,” said Secretary of Homeland Security Alejandro N. Mayorkas. “As our Nation continues to face an evolving threat landscape, we cannot rely only on traditional hiring tools to fill mission-critical vacancies. This new system will enable our Department to better compete for cybersecurity professionals and remain agile enough to meet the demands of our critical cybersecurity mission.”

“To learn more about CTMS and jobs in the DHS Cybersecurity Service,” the November 15 announcement adds, “visit DHS.gov/cybersecurityservice. To apply for jobs in the DHS Cybersecurity Service, visit http://dhscs.usajobs.gov/Home.”

The Security Industry Association (SIA) provides a rundown of what the recently passed, and about to be signed by President Biden, $1.2 trillion infrastructure package “means for security and life safety companies”.

There will be $39 billion for public transit, $66 billion for passenger and freight rail, $25 billion for airports, $17 billion for port infrastructure, $5 billion for the electric and low emission bus program, and lesser, but still significant, amounts for a host of other programs.

Included is $1 billion for a state and local cybersecurity grant program under which “state and local governments will receive assistance when needed for recovery from cyberattacks, but also for proactive cybersecurity measures to protect government networks, including modernization that ensures alignment between information technology and operational technology cybersecurity objectives.”

SIA recommends that “security industry manufacturers and integrators play close attention to these policies.”

Elie Bursztein offers “10 easy steps for staying online.” His “most important rule for being safe online is to choose a different hard-to-guess password for each website you use”.

For that, unless you choose to keep your own list of passwords, Burzstein recommends 1password. “The most important rule for being safe online is to choose a different hard-to-guess password for each website you use. Long, random passwords prevent brute-force attacks. Using a different password for each account prevents having all your accounts compromised at once when a data breach occurs because of password reuse. However, because no one can invent and remember a gazillion random passwords, the best way to have a strong unique password for each site is to use a password manager. My personal choice is 1password, but there are other good alternatives.”

That notebook of passwords you have, and seek to maintain, can become pretty jumbled over time.

Small to midsize businesses can be especially challenged by cyberattacks. Here are four tips from John Roman on the Dark Reading blog on combatting cyber attacks.

1. Educate Yourself. “Business owners often think, ‘It won’t happen to me,’ when in reality, it’s not a matter of if a cyberattack will happen, but when.”

2. Adopt Strong Policies and Best Practices. “One of the first steps to securing your network is to make sure your employees understand security policies and procedures.”

3. Educate and Train Employees. “Employees are one of the leading causes of data breaches for small businesses; they offer a direct path into a business’s systems. Teaching employees basic Internet best practices can go a long way toward preventing cyberattacks.”

4. Invest in Cybersecurity Tools. “For an added layer of protection, the next step businesses should take is investing in cybersecurity software. While there is no substitute for dedicated IT support, businesses can still take measures to improve their security. Businesses need antivirus software that can protect all devices from malware, viruses, spyware, ransomware, and phishing scams.”

5. Arm Your Business Against Cyberattacks. “Cyberattacks will continue to pose a threat to small and midsize businesses. By taking these necessary defensive steps, you will safeguard your company from future attacks, keeping your businesses protected and operational.”

There’s further elaboration of each point; it’s worth your time to read on.

Cybercrime, the memoori site advises, “is up 600% during the COVID-19 pandemic. That staggering statistic from a 2021 PurpleSec report includes all forms of cybercrime, from theft or embezzlement to data hacking and destruction. The rise of cybercrime is expected to cost companies around the world $10.5 trillion annually by 2025, growing from just $3 trillion in 2015. This rapid increase has even led US research firm, Cybersecurity Ventures, to call modern cybercrime “the greatest transfer of economic wealth in history”.

“Without question, we’re seeing an explosion of ransomware attacks. We’ve seen ransomware grow to a point where now it’s not just about locking up data and just collecting a ransom to release that data. It’s about extortion,” said Steve Morgan, CEO of Cybersecurity Ventures. “The largest reason for the increase in these attacks, is that more companies are choosing to pay the ransom to get their data back, and cybercriminals are taking note. It’s the proverbial get rich quick scheme for a lot of criminals.”