Doug Bedell — March 22, 2019, 2:17 pm

Leading In a Crisis – Security Requires Empathy

Here’s a post on a situation in which security was lacking, big time, and what a leader did when things went terribly awry. Something always to keep in mind: however bad things are, don’t make them worse.

In Homeland Security reports on the response of New Zealand’s prime minister, Jacinda Arden, to two shooting attacks, on March 17, in Wellington in which at least 50 people were killed and 36 injured.

“Throughout this ordeal, Ardern chose compassion over stoicism. She didn’t distance herself. She came in close, reaching out her arms to hold mosque members as they cried. She came to them dressed in the black clothing of mourners. She wore a headscarf. In her moment of strength she allowed everyone to see and feel her tenderness. She didn’t offer ‘thoughts and prayers’ as leaders often do. She gave love.”

Indeed, empathy is a key element in long-term security.

Doug Bedell — March 20, 2019, 9:00 am

Passwords and Biometrics: Which Are Safer In the Long Run?

Here’s where we’re headed in terms of computer security, according to a Security Infowatch post: Instead of alpha-numeric passwords eight to 12 digits long, we’ll have cameras peering from our screens to certify that the face peering from them matches the fingerprints provided. A moment later, we’ll have access to our system. No chance of losing or garbling the password.

Great, except that if a biometric password is compromised “it’s compromised forever. We can’t change our physical attributes like we change a password.”

Moreover, “Privacy and confidentiality are also issues with deep ethical implications. If privacy means having control over how and when we are represented to others, then biometrics that uniquely identifies us might easily be encroaching on our fundamental privacy. That’s especially true when you acknowledge that we, as individuals, don’t control the collection, storage, or use of these proxy bits of our identity”.

Suddenly, it’s looking as though keeping a well-tended password book safely at the ready isn’t such a bad practice after all.

Doug Bedell — March 18, 2019, 4:41 pm

Security and a Vexing Question of U.S. Army Readiness

On Homeland 411, a post on how the U.S. Army is facing, or not, the challenge of rapid expansion, should that be necessary, is a challenging bit of national security analysis.

“Where prior generations of U.S. Army leaders were routinely expected to grow and deploy the Army over the course of months, the modern U.S. Army sees expansion as something requiring years,” the piece advises. “Indeed, listening to some Army leaders one gets the impression that rapid expansion is an unwanted ability, since it would give the congress justification to cut Army end-strength without incurring significant risk.”

Remember the post-World War II era of the draft and eight weeks of basic training? That’s how the Army “breathed” in those days. And it was at-the-ready. A challenge of today’s security situation is how much is “ready”, ready or not?

Doug Bedell — March 15, 2019, 12:53 pm

New Zealand, Too, a Stage for Terrorism

The reach of terrorism ends who knows where, when you consider that Christchurch, New Zealand, has just been struck by terror attacks on two mosques there, with 49 killed and scores more injured.

This hard-to-take information comes on In Homeland Security, in a Washington Post story by Isaac Stanley-Becker, who notes that “Portions of the ghastly attack at the downtown mosque were broadcast live on social media by a man who police confirmed had also released a manifesto railing against Muslims and immigrants.”

Wired advises that the attacker posted warnings on social media and live-streamed the rampages, footage that went viral – it’s still hard to detect such material and take it down as it appears.
The whole world, it appears, is an arena for Internet-enhanced thuggery. Be mindful, and alert.

Doug Bedell — March 13, 2019, 8:54 am

Schneier: ‘Privacy Still Not Facebook’s Highest Priority’

Bruce Schneier discusses whether Facebook is feckless over privacy. It’s hardly a close call. “Facebook users have limited control over how their data is shared with other Facebook users and almost no control over how it is shared with Facebook’s advertisers, which are the company’s real customers…

“The company could give people better control over how — and whether — their data is used, shared, and sold. For example, it could allow users to turn off individually targeted news and advertising. By this, we don’t mean simply making those advertisements invisible; we mean turning off the data flows into those tailoring systems. Finally, since most users stick to the default options when it comes to configuring their apps, a changing Facebook could tilt those defaults toward more privacy, requiring less tailoring most of the time.”

There’s more, all of which leaves one less than comfortable about using Facebook.

Doug Bedell — March 11, 2019, 3:08 pm

Security Drills Aren’t Second Nature, but They Should Be

We hold fire drills and worry about readiness for nasty weather, but do we hold security drills? Not readily or often, if at all, Security magazine notes in a post by A.Benjamin Mannes. Good point.

“I am often left puzzled by how many organizations go to great lengths to assess their vulnerabilities and create plans to address them, but almost never test their ongoing effectiveness,” Mannes writes.

Maybe we “chicken out” because a security drill would too challenging. But approached in a planned, orderly manner, security drills could become readily accepted organizational exercises (Mannes’ term for drills).

“Remember,” Mannes concludes, “the threat assessment and planning process never ‘ends.’ Regular assessments and exercises are the key to identifying and eliminating emerging risks. Each time you run through a disaster scenario, you will discover new issues to be addressed where training and security measures may be needed.”

So, cook up a security drill, and keep doing them.

Doug Bedell — March 9, 2019, 9:23 am

Ultimate Security? Marines Look Into ‘Wiring’ Battlefields
advises that the Marine Corps Systems Command is looking into whether battlefields could be “wired” for “transmitting large amounts of voice, video and data.”

“The adage ‘move, shoot, communicate’ hasn’t changed, but how we communicate is rapidly changing,” says Major Eric Holmes, project officer. “Given the rapid pace of innovation in technology, the Marine Corps is currently evaluating maturing capabilities.”

The new system “must be capable of providing a ‘high-bandwidth transmission path used for voice, video and data communications,” an MC release says.

Now, if battlefields could only be wired for assured victory as well. Heroism is still required.

Doug Bedell — March 6, 2019, 9:30 pm

Stick-With-It Zeal Missing In Data Security Moves

Security Info Watch puts it starkly: “Data breaches at organizations both large and small have become so common in recent years that the mantra among cybersecurity professionals is that it’s not a matter of if but rather when you business will be victimized.”

The difference from the past, as this threat grew, is that “92 percent of surveyed organizations reported they had a data breach response plan.”

So what’s the problem? “Of those organizations that did have a plan in place, over a third of those srveyed said they still weren’t prepared to respond. Additionally, 42 percent reported that there was no follow up or scheduled time to update their breach response plans and 23 percent said that they had not updated their current data breach plan since it was originally put into place.”

Oops. Sounds like backsliding already. Data security requires more attentiveness, or stick-with-it-ness, than that.

Doug Bedell — March 4, 2019, 7:36 pm

First Responders Face Risks Requiring a Fair Response

Stresses encountered by firemen, policemen and other first responders to emergencies may cause psychological as well as physical injuries. A post on In Public Safety notes that, due to such injuries, “responders may be unable to function as they did prior to the traumatic event and may need to retire altogether from their profession.”

That’s not what responders expected in their devotion to duty. “However, psychological injuries often don’t receive the same attention or compensation options as physical injuries.”

Recognizing the risks to rescuers, the post urges that compensation limits be reviewed in light of such hazards. Doing good can be hurtful and just amends are in order. At such times, responders’ benefits should be viewed as coming from a treasury of obligation and gratitude.

Doug Bedell — March 1, 2019, 4:14 pm

A Need to Be Clear About Drug Smuggling Routes

One of the biggest security issues of the day – if not the biggest – is President Trump’s asserted need for a wall, or even a fence, on the southern border to stop human trafficking and drug smuggling there.

Yet, a Sylvia Longmire column on InHomeland Security is entitled “Why Border Fencing Won’t Stop the Top Drug Threat to America.” The top threat is, of course, the opiate crisis, chiefly the need to stop “opiates like heroin and fentanyl from entering the country from Mexico”.

Unfortunately, Longmire writes, “the vast majority of fentanyl “is being smuggled into the United States through either the U.S. Postal Service or ports of entry along the U.S-Mexican border” and fencing or a wall won’t stop it.

A big mode of transit is from China, “where the chemicals used to create fentanyl are largely manufactured.” And they enter the U.S. by mail. Before anything else in security matters, there’s a need to be clear about alleged realities.