| |
5 Reasons Why Banks Should Leverage PSIM
Security InfoWatch (12/03/13) Shabtai, Moti
Given that retail banks have hundreds or thousands of branches to protect and secure, which results in them investing in numerous physical security technologies, banks should consider adding physical security information management (PSIM) to their security efforts. This addition gives banks the opportunity to build stronger return on investment (ROI) as PSIM provides at least five ways that banks can reduce their capital investment and operating costs. PSIM allows banks to eliminate rip and replace costs by providing control center consolidation so that information from different legacy systems is blended onto one seamless interface, which results in reduced capital investments and lower operational costs. Having one environment where systems are integrated means that there is a shorter training time to get operators accustomed to the equipment. A PSIM system can even be used to conduct drills and threat scenario rehearsals. PSIM can also improve incident response times by as much as 75 percent, reduce the incidence of false alarms, and can be easily scaled to integrate new analytic applications, sensors, sites, and systems. Security operators are becoming more aware of the substantial cost savings offered by PSIM. Banks can break even on their original investment in PSIM in as little as a year and a half to two years. PSIM's adaptability, openness, and scalability, allow an investment in this type of system to continue providing value beyond the initial ROI.
Seattle Ferry Theft Prompts Security Review
Associated Press (12/03/13)
A SWAT team arrested Samuel K. McDonough on Sunday after he allegedly stole the Victoria Clipper, a vessel used for Seattle-to-Canada ferry service. Officials from Clipper Vacations, which owns the 132-foot catamaran allegedly stolen by McDonough, are reviewing security procedures with the help of a maritime consultant in an effort to ensure that trespassers are unable to board any of their three vessels in the future. Company CEO Darrell Bryan said that McDonough apparently climbed through a gap over an eight-foot chain link fence to enter Seattle's Pier 69, and managed to enter the vessel's wheelhouse, which Bryan said should have been locked. McDonough somehow started the $8 million vessel's engines, though McDonough later told police he did not know how to operate the Clipper or its lights. Bryan said that he noticed the ship moving away from the dock when he arrived at the pier and promptly called the Coast Guard. McDonough was brought into custody after the SWAT team boarded the ship. McDonough subsequently told police he wanted to take the ferry to Victoria, British Columbia. Security has already been stepped up following the incident. Bryan noted that barbed wire has been placed in the gap in the fence that McDonough crawled through.
Big Mall Owner’s ORC Initiative Shows Results
Security Director News (12/02/13) Canfield, Amy
General Growth Properties (GGP) has instituted the use of Retail Crime Action Teams (RCATs) at its shopping malls over the past five years to prevent organized retail crime (ORC), and has achieved great success in doing so. RCATs can identify suspicious activity and aid police by using security guards that are specifically trained to identify ORC. These officers work in plain clothes, looking for red flags like foil-lined bags designed to prevent alarm systems from going off or bags full of merchandise that have the name of a store not located in the mall. RCAT officers then pass off information to a dispatcher, who alerts both the store involved and police. In addition to these measures, GGP identifies ORC "hot spots," and ensures RCATs patrol those areas more frequently. These types of partnerships, which require cooperation from both retailers and law enforcement, do not happen overnight, advises GGP Corporate Director of Security Steve Crumrine. “We had to find a way to change the rules and work together," he explains. "‘You guys can do more,’ [retailers] told us. And that was the beginning of our partnership."
ORC Notification System Deemed 'Highly Effective'
Security Director News (12/02/13) Hoenen, Leah
The Retail Net-Alert notification system will be introduced at all 228 h.h. gregg stores nationwide following the holidays as part of an effort to combat organized retail crime (ORC). Retail Net-Alert was made to be tied into any current- or early-model closed-circuit TV (CCTV), security case management system or point of sale (POS) system. The system can be used to download images and video from existing CCTV systems onto smartphones or record surveillance video onto a mobile device. According to h.h. gregg Asset Protection Manager Willie Gatling, employees can then use their own smartphones to send and receive alerts to members in their network of fellow Retail Net-Alert users, which could be other stores in the same chain, same shopping mall, or geographic location. User-generated incident reports sent to all network members support the system, and can include a filled in form with an inserted picture, if available, or even a recorded voice alert describing the incident. Retail Net-Alert developer Rob Strickland says that photos of criminals could be inserted into a database so other stores are aware of who to be on the lookout for, and to help apprehend criminals and suspects. The system is also offered for free to law enforcement. Retail Net-Alert has been working with Atlanta police to create a version of the program for officers' phones and cars.
Customer Clashes Characterize Black Friday
Security Director News (12/02/13) Canfield, Amy
Experts say that the numerous incidents that occurred on Black Friday can be blamed on customers, not retailers, and that this Black Friday was relatively safe. Loss Prevention Foundation President Gene Smith and National Retail Federation Vice President of Loss Prevention Rich Mellor commented that retailers were well-prepared for problems this year, and were aware of the importance of having law enforcement involved. Smith commented that the preparations were of added importance this year, as there are fewer shopping days, which creates "a greater sense of urgency" among consumers. He noted that there was a limit to what could be done in the event a customer becomes violent, even with extra security and police on site. Mellor agreed with this outlook, noting that retailers cannot "control shopper personalities." However, Mellor said the incidents he saw on Black Friday were isolated and minor. Smith said efforts made by retailers, such as better cooperation with local law enforcement, the addition of more training, and better staffing, were crucial in generally maintaining order this Black Friday.
U.S., U.K. Intelligence Worried About Snowden's 'Insurance Policy' Cache
Homeland Security News Wire (12/06/13)
Intelligence officials in the U.S. and the U.K. have expressed concern that Edward Snowden may have a cache of unpublished documents that contain highly classified information, specifically the names of U.S. and allied intelligence personnel. According to Glenn Greenwald, the journalist for The Guardian who was one of the first to report on Snowden's leaked documents, the former National Security Agency (NSA) contractor has "taken extreme precautions to make sure many different people around the world would have these archives" if anything happens to him, "to ensure the stories will inevitably be published." Snowden is believed to have download between 50,000 and 200,000 classified documents from the NSA and Britain's Government Communications Headquarters (GCHQ), though it is estimated that he has released only 500 documents so far. Sources familiar with the materials taken by Snowden say the cache could contain the names of personnel at the CIA, the National Geospatial-Intelligence Agency, and the National Reconnaissance Office. Snowden is also thought to have documents containing the names and resumes of GCHQ personnel.
NSA Maps Targets By Their Phones
Washington Post (12/05/13) Gellman, Barton; Soltani, Ashkan
According to interviews with U.S. intelligence officials and top-secret documents provided by former National Security Agency (NSA) contractor Edward Snowden, the NSA collects close to 5 billion records per day on the locations of cell phones around the world. Though only known targets are specifically targeted, all other data is gathered "incidentally," a legal term implying that the collection of certain types of data was a predictable but not deliberate result of the data collection efforts. Using analytic tools collectively called CO-TRAVELER to analyze data collected both intentionally and incidentally can provide the NSA with information on the unknown associates of known targets. To determine such potential relationships, the analysis looks for those whose movements intersect or overlap with the target's. Location data, especially when collected over time, is widely considered by privacy advocates to be uniquely sensitive material. The American Civil Liberties Union's Chris Soghoian notes that the sensitivity of cell phone location data is due to the fact that it is virtually impossible for someone to hide his or her location when using a cell phone.
Stolen Nuclear Material Found Intact in Mexico
Homeland Security News Wire (12/05/13)
Mexican police said Wednesday that they found a cargo vehicle that was stolen Dec. 2 while transporting toxic radioactive medical waste material from a hospital in Tijuana to a radioactive waste-storage center. The truck was stolen when it stopped at a gas station in the town of Temascalapa, about 22 miles northeast of Mexico City. The material, cobalt-60, could have been used to construct a "dirty bomb." But Fernando Hidalgo, a spokesman for the Hidalgo state prosecutor, said that authorities believe the thieves "had no idea what they had stolen," adding that robberies and vehicle hijackings are common in the area. Juan Eibenschutz, the director general of Mexico's Comision Nacional de Seguridad Nuclear y Salvaguardias, said there are an average of six thefts of radioactive material reported each year in Mexico, though none target radioactive cargo. Prior to the theft, the International Atomic Energy Agency (IAEA) had warned that cobalt-60 could be used in a dirty bomb, which the agency's Director General Yukiya Amano had previously said could cause mass panic if detonated in a major city "as well as serious economic and environmental consequences." The IAEA has been urging its member states to strengthen security to help prevent nuclear and radioactive materials from falling into the wrong hands.
Obama: NSA Reforms Will Give Americans 'More Confidence' in Surveillance Programs
NBC News (12/05/13) Rafferty, Andrew
President Obama promised new reforms of National Security Agency (NSA) surveillance programs in a Dec. 5 interview with Chris Matthews at American University in Washington, D.C. "The NSA actually does a very good job about not engaging in domestic surveillance, not reading people's e-mails, not listening to... the contents of their phone calls," the president argued, although he did acknowledge that surveillance is "more aggressive" overseas. President Obama also discussed the ongoing review of NSA surveillance and other intelligence practices. In the meantime, he said he would be "proposing some self-restraint on the NSA and initiating some reforms that can give people some more confidence" in the agency. He did not give specific details on the nature of those reforms, nor did he directly comment on the most recent Washington Post report that accused the NSA of collecting 5 billion records per day to track cell phone locations. However, President Obama did say that the NSA is generally focused on protecting the American people and that the agency's practices are subject to "a big system of checks and balances, including the courts and Congress."
Terror Threat Highest in 5 U.S. Metros, Including San Francisco
San Francisco Business Times (12/03/13) Rauber, Chris
A report by the catastrophe modeling specialist Risk Management Solutions (RMS) has found that the threat of a large-scale terror attack occurring in the U.S. is high and will be high "for the foreseeable future," though it is concentrated in five high-profile metropolitan areas. The "Quantifying U.S. Terrorism Risk" white paper, distributed Tuesday, states that these metropolitan areas, in order of threat severity, are New York, Chicago, Los Angeles, San Francisco and Washington, D.C. According to RMS, 75 percent of the nation's "expected annual loss" from terrorist attacks is concentrated near high-profile targets located in those five metropolitan areas. The report compared the damages caused by potential car and truck bomb attacks to severe winter storms and "convective storms" such as tornado, hail or wind storms. It said that damages caused by a potential biological, chemical, nuclear or radiological attack are harder to estimate, but could "approach the surplus level of the entire U.S. insurance industry," which could leave the entire insurance industry bankrupt. Though the Terrorism Risk and Insurance Act (TRIA) provides a $100 billion federal backstop in the event of a large-scale terrorist attack, that law is scheduled to expire at the end of 2014.
'ZeroAccess' Click-Fraud Botnet Disrupted, But Not Dead Yet
IDG News Service (12/06/13) Kirk, Jeremy
Microsoft said Dec. 5 that it worked with A10 Networks, the FBI, and Europol, to disrupt the "ZeroAccess" botnet, which was used to carry out a click-fraud scam that defrauded online advertisers of $2.7 million a month. Microsoft, and the law enforcement agencies it worked with, was given permission by a U.S. federal court to block communication between the botnet and U.S.-based computers, and to take control of 49 domain names that were used by the botnet. Europol, meanwhile, executed search warrants and seizure orders on various computers related to 18 Internet protocol (IP) addresses that have been linked to ZeroAccess. Microsoft and its partners have not completely eliminated the network, though the company said it did not expect to do so given its complexity. The click-fraud scam was carried out by infecting computers with malware that interfered with search results by directing users to Web sites where cybercriminals profited off of fraudulent clicks on ads. Microsoft has also accused eight unnamed "John Doe" defendants of using the infected computers to launch distributed denial-of-service (DDoS) attacks and to commit identity theft.
Passwords Reset After 'Pony' Botnet Stole 2 million Credentials
IDG News Service (12/04/13) Kirk, Jeremy
Several major online services, including Facebook and Twitter, are resetting some of their users' accounts after a cache of stolen credentials was discovered on a Dutch server. Trustwave reported discovering the cache on Dec. 3, linking the 2 million stolen logins with the Pony botnet, which has been associated with the theft of personal information in more than 100 countries. Trustwave says its SpiderLabs research group has gained access to an administrator control panel on the server and has notified affected organizations. Payroll processor ADP attributed the data theft to a phishing campaign targeting users, and although it has reset several users' accounts, the company reports that none of its clients have been affected. Facebook also has reset several accounts, offering affected users two features, Login Approvals and Login Notifications, that will let them know if their account has been accessed from a different browser or machine, and require the input of a one-time passcode sent to the user's mobile device in such situations. Both Twitter and LinkedIn report resetting users accounts as part of their cooperation with Trustwave and SpiderLabs.
Coburn Blasts Homeland Security IT Weaknesses
Roll Call (12/02/13) Lesniewski, Niels
Sen. Tom Coburn (R-Okla.) sharply criticized the Department of Homeland Security on Dec. 2 following the release of an inspector general report which showed that it still has significant information technology vulnerabilities. Coburn, the ranking member on the Homeland Security and Governmental Affairs Committee, noted that the report revealed that while the department has made some progress in improving its cybersecurity, "components are still not executing all of the Department's policies, procedures, and practices." Coburn said DHS lacks "some of the most basic protections," including strong authentication. In addition, DHS "relies on antiquated software that's full of holes," and components that do not properly report security incidents, track weaknesses after identification, or repair identified weaknesses in a timely manner. The findings, he said, were one example of the broader issues that exist across federal IT systems, saying that the "federal government's classified and unclassified networks are dangerously insecure," which he said poses a risk to national security, the nation's critical infrastructure, and Americans' personally identifiable information.
Field Guide: Types of People Behind Today's Corporate Security Threats
ZDNet (12/02/13) Detwiler, Bill
ZDNet has created a field guide to help corporations identify and defend against security threats. The field guide notes that employees are often a company's greatest security threat. These threats can come about through deliberate actions by employees or through a mistake made by a well-meaning individual. To avoid having employees become threats, it is important that companies have good governance, set and enforce policies, offer education for employees, and take steps to know their employees. Though not typically behind attacks, CEOs and small business owners face the same attack vectors as other employees, such as phishing, social engineering, and infected USB drives. But higher-level employees can pose greater security risks because they are bigger targets, have greater access to corporate networks, and are often exempt from normal security policies. Though the same security techniques used for other employees can help protect CEOs, IT needs to be aware of the political implications of dealing with high-level employees and how to maintain security in instances where they cannot say no to a demand from management. Organized criminals are also a threat, as their attacks have become more sophisticated, and often involve skilled programmers and rented networks for launching distributed denial-of-service (DDoS) attacks and spamming campaigns. Companies can take steps to protect themselves from organized criminals by securing devices and networks, educating employees about IT security, and by establishing and enforcing strong security policies.
Continuous Security Monitoring: Wave of the Future
TechRepublic (12/02/13) Vogel, Dominic
Information security continuous monitoring (ISCM) programs are increasingly becoming a necessity in securing networks against attackers. The National Institute of Standards and Technology defines an ISCM as a program with the ability to "collect information in accordance with pre-established metrics, utilizing information readily available through implemented security controls." Previously, only large enterprises had taken advantage of ISCMs, but medium-sized enterprises are increasingly turning to them as vendors begin offering a broader array of options. Conventus' Dennis Norris says information security managers should follow a handful of guidelines when selecting an ISCM product. First, they should find a product that can provide consolidated information reports through a single, unified interface. The ISCM should be able to gather multidimensional data—information about security configurations in addition to network event logs—and gather data from multiple vendor's products. Norris says an ISCM solution should not be expected to replace existing security infrastructure, but rather act as the "chief integrator." Finally, with regards to price, Norris says a well-priced ISCM product should represent a relatively small portion—less than 5 percent—of an organization's overall investment in security.
Abstracts Copyright © 2013 Information, Inc. Bethesda, MD |
No comments:
Post a Comment