| |
Confronting the Stigma of Suicide at Work
Guardian Unlimited (UK) (10/09/09) Janes, Cath
Increasing suicide rates at work have made it a workplace issue instead of just a personal issue, although many organizations and employees remain ill-equipped to deal with it. Research from Oxford and Stockholm Universities found that people who have a colleague who committed suicide are three times more likely to commit suicide themselves. In the United States, workplace suicides rose by 28 percent in 2008. In the U.K., meanwhile, there were 5,865 suicide deaths in the United Kingdom and Republic of Ireland in 2007, according to the organization Samaritans. The group also found that men between the ages of 25 and 54 are almost four times more likely than women to end their lives. Tonja Schmidt, head of development and evaluation at the Samaritans, said that the stigma of suicide often prevents people from discussing it, as they may lack the words to express themselves. She also noted that many people who have suicidal thoughts can feel pressured to hide personal emotions. Not everyone who considers suicide is mentally ill, and speaking to a colleague about suicide will not encourage them to go through with it. Suicidal feelings should be taken seriously, and may be temporary, so timely action should be taken to provide support and encouragement.
Deutsche Bank Spy Case Will be Probed by Prosecutors
Bloomberg (10/08/09) Matussek, Karin; Kirchfeld, Aaron
Prosecutors in Frankfurt, Germany, have announced that they will investigate whether data-protection crimes were committed when Deutsche Bank hired detectives to spy on Michael Bohndorf, a Deutsche Bank shareholder who drew the ire of the bank when he asked questions about a conflict between it and German businessman Leo Kirch at its 2006 annual meeting. Kirch had sued Deutsche Bank a number of times over the collapse of his media empire. According to Doris Moeller-Scheu, a spokeswoman for the Frankfurt prosecutors, there is evidence that Bohndorf's personal data may have been collected for a fee. She noted that if that is true, it would be a violation of the Federal Data Protection Act. However, prosecutors will not investigate Deutsche Bank supervisory and management board members because there is no evidence that they did anything wrong, Moeller-Scheu said.
Warships Ward Off Somali Pirates
USA Today (10/08/09) Michaels, Jim
The number of ships seized by pirates in the waters off the coast of Somalia is on the decline, according to the U.S. Navy. The Navy noted that no ships were seized by pirates off the coast of Somalia in August and September of this year, compared with 16 ships in the same period last year. Navy officials have attributed the decline to a number of factors, including the increase in the number of international navy ships operating in the region. In the aftermath of the April hijacking of the Maersk Alabama, the number of international navy ships operating in the waters off the coast of Somalia has tripled to an average of 25 to 30, the Navy says. In addition, naval vessels in the region are dispatching boarding parties to inspect suspicious ships on a regular basis. The crews of merchant ships passing through the region are also taking steps to fight pirates, including traveling at faster speeds, installing concertina wire, and using water hoses to protect against pirates. Some crews are also storing Molotov cocktails on board to use to fight off pirates, though experts are advising against the use of such explosive devices, saying that crew members risk having an explosion on board their ships if pirates fire rocket-propelled grenades.
Experts: U.S. Worker-on-Worker Violence Under-reported
Reuters (10/05/09) Wulfhorst, Ellen
There were 444 homicides in U.S. workplaces last year, down from nearly 900 in 1995, according to government statistics. Most of those deaths involved robberies of taxi drivers and clerks. The number of homicides involving an employee who kills a colleague stands at roughly 100 per year, according to Tom Tripp, the co-author of "Getting Even: The Truth About Workplace Revenge." However, some experts say that the number of instances of worker-on-worker violence may be underreported and undercounted. There are a number of reasons why the number of reported instances of employee-on-employee violence may not be accurate. For example, the definition of workplace violence is unclear. Some experts say workplace violence is limited to physical violence or work days lost, while others say it includes verbal abuse, stalking, and threats. In addition, threatening or harassing behavior is often not reported by workers who witness it because they feel that it is none of their business, said Richard Denenberg, the author of "The Violence-Prone Workplace." Although the prevalence of worker-on-worker violence may not be known, experts do know the cost such violence has for businesses. According to statistics, businesses across the country lose more than $120 billion a year as the result of lost productivity, lost wages, interrupted business, and security and legal expenses associated with workplace violence.
Fostering Awareness
Security Management (10/09) Vol. 53, No. 10, P. 108; Kelly, Lee
Although implementing and maintaining security technologies and policies are an important part of efforts to protect sensitive corporate data, companies can also reduce security threats to their information by providing their employees with security awareness training. An effective security awareness program should be tailored to the different types of employees a company may have. Although all employees should receive the same basic security awareness training, some employees--including those in the IT and security departments--should receive additional training designed specifically for them. IT employees, for example, need to be educated about which information is sensitive and needs the most protection, while security employees should be trained on what types of suspicious activity to look for and how to respond to security breaches, among other things. In addition to being tailored to the various types of employees, effective security awareness training programs should also incorporate new methods for informing workers about security programs, including the use of messages from managers delivered to employees via printed media such as the corporate newsletter or bulletin board notices. Managers may also want to consider using Internet-based meeting software to communicate with employees who are not in the office on a regular basis and using data from security applications to illustrate data security rules. In addition, security awareness training programs should provide incentives for employees who follow security policies. Finally, security training programs should include metrics that help managers see how they are valuable.
Partial Patriot Act Extension Is Approved by Senate Panel
Washington Post (10/09/09) Nakashima, Ellen; Johnson, Carrie
The U.S. Senate Judiciary Committee on Oct. 8 voted to send a bill to the full Senate that would renew three provisions of the USA Patriot Act that are set to expire at the end of the year. Under the committee's bill, which was approved by a vote of 11 to 8, investigators will continue to be able to use roving wiretaps to monitor terrorism suspects who change their cell phone numbers. In addition, the bill allows investigators to continue to obtain the business records of terrorism suspects and to track individual terrorist suspects, or "lone wolves," who are acting alone on behalf of foreign governments or terrorist organizations. The bill also addresses some of the controversial aspects of the Patriot Act, including the provision that allows the FBI to issue administration subpoenas known as national security letters to obtain the personal records of terrorism suspects, including their phone and credit records. Under the Senate Judiciary Committee's bill, the FBI will now be required to provide "specific facts" that show how the records are relevant to a terrorism investigation. Senate Judiciary Committee Chair Patrick J. Leahy (D-Vt.), one of the sponsors of the bill, praised the legislation on Thursday, saying that it struck a balance between national security concerns and privacy and civil liberty concerns. However, the legislation has been criticized by some Democrats and civil libertarians who say that it does not go far enough in bolstering privacy protections. Republicans have also criticized the bill, saying that it would place a heavy burden on investigators.
UCLA Student Brutally Attacked in Chemistry Lab
Los Angeles Times (10/09/09) Blankstein, Andrew; Gordon, Larry
A 20-year-old male student slashed open the neck of a 20-year-old female student in a UCLA chemistry lab on Oct. 8. Police have arrested the suspect, Damon D. Thompson, on suspicion of attempted murder. Thompson was apprehended inside of the university's Young Hall several minutes after the incident. The victim, whose name has not been released, was taken to Ronald Regan UCLA Medical Center on campus, in critical condition. She underwent surgery and reports indicate her condition is improving. The Los Angeles Police Department say that the motive for the attack is unknown. An anonymous source, however, said that there may have been a verbal altercation prior to the slashing. Both students were UCLA seniors, and some campus sources say they were lab partners. UCLA students were alerted of the attack by officials via text message.
FBI Eyes Terror Suspect's Travel Talk
Associated Press (10/08/09) Barrett, Devlin; Hays, Tom
Investigators now believe that suspected terrorist Najibullah Zazi was in communication with accomplices in New York City as he made a cross-country trip home to Denver. Officials, speaking anonymously, say that it is unknown if Zazi sent instructions to his associates at that time to purchase more bomb-making chemicals. If that is indeed the case, it could provide an essential missing piece in the investigation. Zazi is charged with conspiring to detonate explosives in the United States due to his alleged involvement in a plot to attack New York City around the anniversary of Sept. 11. Zazi has pleaded not guilty to all charges. Some believe that Zazi's suspected accomplices are still under surveillance, but officials say they pose no immediate threat as the plot has been disrupted; however, more arrests are expected in the case. The biggest concern to investigators is that they have been unable to find the large amounts of explosives that Zazi and his accomplices were reportedly constructing, although they have found evidence that Zazi was making bombs in a hotel room in Colorado. It is possible that Zazi detonated those explosives in a yet undetermined location, and that is why he instructed his accomplices to purchase more materials.
Congress OKs Transfer of Some Detainees From Guantanamo Bay to U.S. for Trial
Bloomberg (10/08/09)
Leaders in both the U.S. House and the Senate have agreed to let some Guantanamo Bay detainees into the United States to stand trial. This advance for the Obama Administration on closing the prison came in language included in a military budget bill and a Department of Homeland Security (DHS) bill, both of which still must face a full vote in both houses. Both measures also include language that would prevent the release of any detainees into the United States. The DHS legislation would also limit the transfers of detainees who face trials and require the President to notify Congress before any transfer to the U.S. or another country is finalized. The defense measure would also require a risk assessment 45 days before the transfer of any detainee. The administration is currently reviewing the cases of 223 remaining Guantanamo detainees to determine if they should be transferred to other countries, put on trial, or held indefinitely.
FBI Finds Weapons, Documents in Hidden Home of Teen Suspect in Dallas Terrorism Case
Fort Worth Star-Telegram (10/07/09) McDonald, Melody
Members of the Joint Terrorism Task Force recently searched a mobile home believed to be the residence of Hosam "Sam" Smadi, a 19-year-old Jordanian immigrant who has been accused of attempting to use weapons of mass destruction on U.S. soil. Smadi was arrested after attempting to detonate a car bomb under Fountain Place tower in Dallas, Texas. Fortunately, the device was a fake provided by FBI agents posing as al-Qaida operatives. Smadi gave agents written permission to search the mobile home, where he moved on Sept. 22. Officials report that they found inside a Beretta handgun, two loaded magazines, one box of Winchester 9 mm ammunition, a laptop, a digital camera, and numerous documents. These included Smadi's passport, tax returns, a visa, and a birth certificate. The property was found to be vacant except for a dog, and federal officials believe that Smadi lived and acted alone.
Cyberthieves Find Workplace Networks Are Easy Pickings
USA Today (10/08/09) Acohido, Byron
Cyberthieves have found workplace networks to provide multiple opportunities for data theft, even using relatively simple hacking techniques. Companies, hospitals, government agencies, and universities are all common targets because of their complicated networks and propensity to store private information. As Barmak Meftah, senior vice president of security firm Fortify Software, points out "Networks have become a hodgepodge of components stitched together, creating security holes that can easily be taken advantage of." The non-profit Identity Theft Resource Center identified approximately 656 reported data breaches in 2008, up from 446 in 2006. In the first nine months of 2009, the resource center also tracked 391 data thefts that got reported in the news. One common weakness leading to these breaches comes from retail stores that use password-protected Wi-Fi to transmit data from cash registers to a central computer server. Unfortunately, these connections can easily be hacked using free password-breaking programs available on the Internet. Once cybercriminals have penetrated the network, they can set up "sniffer" software that will recognize and capture sensitive data. What makes this problem worse is that companies rarely discover these breaches until months or even years after they have been hacked, and then they often fail to report them. According to Verizon Communications, which dispatches investigators to track data breaches, the majority of the 600 corporate data theft cases that the company has handled since 2004 showed that thieves often took days to locate and breach valuable databases after initially hacking into the network. Furthermore, they often then spent weeks to years extracting data before they were discovered. Verizon principle research Wade Baker reports that "The length of time it takes an organization to discover that data is leaving is often five to six months."
City Errantly Releases Private Data Gathered in 'Apps' Contest
New York Times (10/08/09) P. A27; Chan, Sewell
New York City's Department of Information Technology and Telecommunications announced that the city accidentally released the personal information of 1,100 representatives of women's groups, including the answer to the secret question they were asked when logging on to a Web site run by a city agency. The released information was part of a data set that the city provided to local programmers and developers as part of the NYC BigApps competition, which aims to help programmers and developers build applications for the Web and mobile phones by providing them with raw municipal data sets. In a statement announcing the accidental breach, the Department of Information Technology and Telecommunications noted that it had taken steps to correct the error, including removing the data from the city's Web site. Officials also said there is no indication that the personal information contained in the data set was used to log on to the Web site run by New York City's Commission on Women's Issues.
Hotmail Phishing Attacks Spread to Other Email Services
Wall Street Journal (10/06/09)
Security firms say that the phishing attack that targeted users of Microsoft's Hotmail e-mail service on Monday also affected users of other services, including Google's Gmail, Yahoo!, and AOL. No malware activity has been connected to the 30,000 e-mail accounts that were breached in the attack, according to Beth Jones, a threat researcher at Sophos. However, some of the affected addresses have appeared in spam, Jones said. Meanwhile, some of the e-mail services that have been affected by the phishing attack have taken a number of security precautions to protect their users. Google, for example, has reset the passwords of all Gmail users who were affected by the attack. The company also plans to reset the passwords on other accounts if necessary, a spokesman said. The users of other e-mail services, meanwhile, are being advised to change their passwords if they suspect their accounts may have been compromised.
Federal Taskforce to Focus on Cybersecurity Metrics
InformationWeek (10/05/09) Hoover, J. Nicholas
Federal CIO Vivek Kundra has announced that the federal government is planning to introduce standard metrics for measuring the effectiveness of cybersecurity efforts such as the Federal Information Security Management Act. The metrics, which will be drawn up by the newly-established Security Metrics Taskforce and will be released by the end of this year, will focus on outcomes rather than compliance, Kundra says. He notes that doing this will provide "new and actionable insight" into the information stored by federal agencies as well as their network security postures and the vulnerabilities they may have. In addition, the metrics--which will be based on best practices from both federal agencies and private companies--will help provide insights into how to better protect federal systems, Kundra says. Meanwhile, there are a number of efforts currently underway to strengthen the cybersecurity metrics that are already in place. The U.S. Department of Homeland Security, for example, is working on building a set of metrics that will allow the public and private sectors to make decisions on cybersecurity based on data rather than "religion," says Phil Reitinger, director of the National Cyber Security Center.
Keeping IT Secure During a Budget Crisis
GovInfoSecurity.com (09/29/09) Chabrow, Eric
Although California has been forced to make significant cuts to its budget in order to cope with the impact from the recession, the amount of money the state provides for cybersecurity has held steady, according to state chief information security officer Mark Weatherford. However, the state is looking at ways in which it can spend the money allocated for cybersecurity more efficiently, Weatherford says. He notes that one step California has taken is to reduce number of points of presence for the Internet across the state government, which can help the state save money since it can allow for the consolidation of its perimeter security posture. According to Weatherford, the program is similar to the trusted Internet connections program that the federal government started several years ago. In addition, Weatherford says he is working on rolling out an enterprise threat and vulnerability management program, which aims to offer security services to state agencies for things such as penetration testing, Web application assessments, wireless assessments, and network monitoring. Weatherford also says his office is wrapping up a project to refresh and develop a comprehensive security policy for the state. He notes that his office is preparing to draft those policies soon, with an eye toward rolling them out across the state government a year or so after they have been completed. All of those policies, as well as California's entire security program, will be built around the National Institute of Standards and Technology Guidance, Weatherford says.
Abstracts Copyright © 2009 Information, Inc. Bethesda, MD |
I just came across from this article and I read it. It is too good and worth reading. And now I would like to say that thanks for sharing with me such nice article. I visit on that site very often. For the more information visit on www(dot)sunsecurity(dot)com.
ReplyDeleteHidden Security Camera
Nice post!!!
ReplyDeleteThanks for the great information ...