| |
Security Fears Cloud Libyan Oil Growth
Wall Street Journal (09/12/12) Faucon, Benoit
The return of foreign oil workers in Libya is expected to be further slowed by the murder of Christopher Stevens, the American Ambassador to Libya, by Islamic extremists. "It's a serious blow to Libya in terms of security," explains Tarek Alwan, the head of the consultancy SOC Libya, which advises international companies investing in the North African nation. "It will delay the return of international oil companies and expatriates." The oil companies that have returned are expected to tighten security measures in the wake of the death of Stevens and three other American diplomats. While Libya has already brought oil production close to what it was prior to the revolution that ousted dictator Moammar Gadhafi, international companies-- including the U.K.'s BP, Germany's Wintershall AG, Eni SpA of Italy, and Total SA of France-- have revised staffing plans because of concerns for worker safety. Those international workers who are on Libyan soil have already begun to be protected with armored convoys and security guards, a practice that is expected to increase in the coming weeks.
Unrest Hits Platinum Mines
Wall Street Journal (09/12/12) Maylie, Devon
The unrest that began with labor strikes at a South African platinum mine in August continued to spread throughout the country on Wednesday, prompting Anglo American Platinum to close five of its South African mines. Strikes and protests have also continued at Lonmin and Gold Fields mines, and the the South African military was put on alert ahead of a speech by political firebrand Julius Malema to suspended soldiers in Johannesburg. Malema, the former leader of the ruling African National Congress party's youth wing who was ejected from the party for his extreme and racially charged rhetoric, has become a major figure in the ongoing labor unrest, giving speeches praising striking workers and further stoking unrest. South African military spokesman Brig. Gen. Xolani Mabanga said that the military had been put on alert over fears that Malema's speech to soldiers suspended after striking for better pay in 2009 could spark attacks on military facilities. Labor unrest has also affected the state-owned electric utility Eskom Holdings, which saw protests by dozens of workers at the site of an under construction power plant in Limpopo.
Executive Protection's 'Seven Deadly Sins'
SecurityInfoWatch.com (09/11/12) Griffin, Joel
Robert Oatman, the president of the executive security firm R.L. Oatman & Associates, spoke this week at the 2012 ASIS Seminar and Exhibits security conference about carelessness, over-familiarity, impulsiveness, inexperience, inattention to duty, and pride, or what Oatman calls executive protection's seven deadly sins. Oatman says that the careless or impulsive security agent is one who is too comfortable with his surroundings or too ready to leap into action, making him prone to over- or under-reaction. Oatman says agents have to maintain a professional relationship with their principals and not think of themselves as friends or part of an entourage. Indecisiveness is a terrible trait in a profession where quick and decisive action can mean the difference between life and death, Oatman added. Having the right training is a must, says Oatman, and simply hiring a former cop or soldier is no substitute for a properly trained agent. "If you think executive protection is about multitasking, you're probably in the wrong business," says Oatman, explaining that in this field smartphones and other media are unacceptable distractions. Finally, Oatman says to avoid pride and be open to receiving criticism.
WSCC Offers Private Security Course
Parkersburg News and Sentinel (WV) (09/11/12) Shawver, Sam
Washington State Community College in Marietta, Ohio, is now offering a 10-week training and certification program for private security workers. The 145-hour program, or academy as it is called, is designed to help meet the growing need for trained private security workers in Ohio. WSCC Public Safety Academies Coordinator John Burdette says that there are currently jobs available in this field at factories, hospitals, and private businesses, and that the expanding shale oil and gas industry in Ohio is set to create demand for even more trained security workers. The academy offers specific training for a variety of positions, including loss control specialists, uniformed and plain-clothed security personnel, armored car operators, and VIP protection. The U.S. Bureau of Labor Statistic projects that employment within the private security industry will grow by 18 percent between 2010 and 2020.
The PSIM Potential for Security Professionals
Security Director News (08/30/12) Chutchian, Kenneth Z.
Physical security information management (PSIM) systems are one of the latest major trends in the security market. The software and systems used for PSIM are only about six or seven years old, making this an excellent time to assess their strengths and potential for growth. “The definition of PSIM shouldn’t be difficult,” says Mark Denari, a former security director who is now senior manager of integrated solutions for SAIC Energy Environment & Infrastructure. “It’s physical security information management software. … Anyone who says it does more than that is either uninformed or uninitiated, or the product is misrepresented.” Despite his wry assessment, Denari explains that PSIM is extremely helpful for integrating several security systems into one platform and one workstation. While this use does offer incredible growth potential, many experts disagree on just how big or small that potential might be. Some, like Denari, say that aggressive estimates are overzealous, but others, like VidSys CTO James Chong, argue that even projections as high as $2.79 billion over 10 years "might be low." Some of these projections are informed by the high prices commanded by PSIM vendors; however, those same price tags are what make other industry observers skeptical, pointing out that the costs make them impracticable for all but the richest of companies. Even in the face of these disagreements, experts do concur that PSIM remains a fast-growing market as the private sector attempts to come up with solutions to make the quality of what we're seeing in the public sector.
Anti-American Protests Over Film Enter 4th Day
New York Times (09/14/12) Kirkpatrick, David D.; Cowell, Alan
Protests against a video that depicted the Prophet Muhammad in a manner that many Muslims found to be offensive continued in Cairo for a fourth straight day on Friday, as demonstrations threatened to spill out beyond the Middle East. Protesters in Cairo threw rocks and Molotov cocktails near the U.S. Embassy, and police responded by firing tear gas to disperse the crowds. Egypt's Muslim Brotherhood has called for additional protests following Friday prayers, though the group urged demonstrators to hold rallies outside of their mosques instead of marching to Tahrir Square in downtown Cairo. Meanwhile, protests continued in Yemen. Several dozen protesters who were holding signs and shouting slogans gathered near the U.S. Embassy, though security forces armed with batons and water cannons blocked off streets near the building. Just the day before, two people were killed in violent demonstrations in Yemen. That same day, protesters were able to break through the American Embassy's outer security perimeter. Thousands of demonstrators also gathered in Bangladesh to burn American and Israeli flags and march on the U.S. Embassy, though police and security forces ensured that they remained several miles away from the facility.
U.S. Consulate Attack in Libya Said Twin Operation
Associated Press (09/14/12) Alfitory, Osama; Hendawi, Hamza
A new account from Libyan Deputy Interior Minister Wanis el-Sharef of the Tuesday night attack on the U.S. consulate in Benghazi suggests the attack was a well organized, two pronged operation that may have been aided by elements within Libya's security forces. El-Sharef says that the attack on the consulate was in truth two attacks, the initial attack on the consulate itself and another hours later on a safe house that only U.S. and Libyan security officials should have known about. The initial attack on the consulate reportedly began just as Libyan security forces were evacuating consulate officials from the compound, when armed men who had massed outside the consulate hurled grenades into the compound before scaling the walls and spraying the area with bullets. It is believed that U.S. ambassador J. Christopher Stevens died of asphyxiation in the initial attack after a grenade set a portion of the consulate on fire and Stevens became separated from the other staff being evacuated. Another consulate employee died in the initial attack and then hours later the safe house to which the rest of the staff had been evacuated also came under assault, just as security forces arrived to escort them to the Benghazi airport. El-Sharef says that the other two casualties occurred during the second attack, and argues that the mere fact attackers knew the location of the safe house suggests that they had been tipped off by someone affiliated with Libya's security forces.
Congress Members Voice Doubt About BioWatch
Los Angeles Times (09/14/12) Willman, David
Congress members expressed great skepticism about the capabilities and future viability of the BioWatch pathogen detection system Thursday during a joint hearing before the House Homeland Security Committee. The hearing was held to discuss a new report on the program from the Government Accountability Office. The report, released earlier this week, faulted the Department of Homeland Security for the apparent failure of the program, which is prone to false positive results and has cost taxpayers at least $1 billion since 2003, and calls into question the effectiveness and necessity of a third generation upgrade to the program projected to cost an additional $3.1 billion. Rep. Bennie G. Thompson (D-Miss.) said of the program, "we must understand that we are on Generation 3 because Generations 1 and 2 did not work ... it is time to reconsider the likelihood of the risk and adjust our priorities." Reps, Yvette D. Clarke (D-N.Y.), Laura Richardson (D-Calif.), and co-chair Gus M. Bilirakis (R-Fla.) also criticized BioWatch, DHS's administration of the program, and its ballooning costs, while calling for a halt to the Generation 3 upgrade and a re-review of the program. DHS has said that it will make use of a third party to conduct a new cost-benefit analysis of BioWatch before proceeding with the Generation 3 contract, though it did not offer specifics.
Since 9/11, Wave of Improved Airport Screening
Citizens Voice (PA) (09/11/12) Iorfino, Michael
As the nation marks the 11th anniversary of the Sept. 11 terrorist attacks, federal officials are pointing to the tighter security measures that have been put in place since al-Qaida terrorists crashed hijacked airplanes into the Pentagon and New York's Twin Towers. For instance, the Transportation Security Administration--which itself was created in response to the attacks--has implemented 20 layers of security at the nation's airports in order to prevent additional terrorist attacks, including random passenger screening and checkpoint screening technology. Bomb-appraisal officers and trained flight crews have also been put in place since the Sept. 11 attacks. According to TSA Public Affairs Manager Ann Davis, these security measures--most of which were not in place at the time of the attacks in 2001--have made it more likely that a terrorist who attempts to commit a attack involving airports will fail. In addition to the 20 layers of security that have been put in place at U.S. airports, the TSA has also increased the number of bags that are screened for explosives, Davis said. She noted that just 5 percent of checked baggage was screened for explosives before the Sept. 11 attacks, though that figure has since increased to 100 percent. Other security measures that have been put in place since 9/11 include advanced imaging technology that is capable of alerting TSA screeners to the presence of suspicious items hidden under passengers' clothing.
'Dirty Bomb' Threat at Hospitals Remains, GAO Report Says
Washington Post (09/10/12) Gearan, Anne
A new report released by the Government Accountability Office on Tuesday has found that the vast majority of high-risk hospitals are not doing enough to properly secure dangerous radiological material used and stored on their premises. Numerous hospitals in the U.S. utilize radioactive isotopes and materials such as cesium-137 for diagnosis and treatment of cancer and other maladies, and concerns were raised following the 9/11 attacks that such materials could be used to construct a crude radiological explosive device, or "dirty bomb." As a result of this, the U.S. Nuclear Regulatory Commission and National Nuclear Security Administration created a list of some 1,503 medical facilities they deemed "high-risk" and created security requirements and standards to improve the security of their radiological materials. However, according to the new GAO report, these efforts have gone poorly, with only 321 of the 1,503 high risk facilities having completed security upgrades, with the NNSA estimating it could take until 2025 for all the high-risk facilities to be secured. The report also cites incidences of gross negligence at some facilities and others that have simply refused to take part in the program. The GAO says that this is in large part because the current security standards regarding medical isotopes and radiological material are voluntary and overly broad, and the office is calling for increased government oversight.
8 Steps to Promote Secure Mobile Apps
GovInfoSecurity.com (09/12/12) Chabrow, Eric
The Federal Trade Commission recently published a guide meant to help the makers of mobile apps design and sell their apps in ways that conform to U.S. law and respect the privacy of users. FTC attorney Laura Berger says the agency put out the guide, titled "Marketing Your Mobile App: Get it Right from the Start," to make app creators, many of whom are individuals or small businesses without extensive knowledge of online and business law, aware of their legal and ethical obligations. The guide features eight basic guidelines, starting with a truth in advertising reminder that making false or misleading claims, or omitting important information can open a developer to legal action. The other guidelines focus on communicating an app's capabilities clearly and completely to users, limiting data collection, informing users what will be collected and when, and securely storing and properly disposing of such data. Developers also are reminded to seek and obtain users' approval before collecting users' data. Developers designing apps aimed at or likely to be used by children also are reminded of their obligations under the Children's Online Privacy Protection Act, which limits what information apps can collect from and about underage users.
Which Information Security Services Are Most Popular?
Network World (09/12/12) Oltsik, Jon
Enterprise is increasingly making use of managed and professional IT security services, according to a new study from ESG Research. Fifty-eight percent of security professionals said their organizations use of third-party IT security services had grown somewhat" r "substantially in the last two years. The top five services being sought were security architecture/infrastructure design consulting, threat intelligence services, network monitoring services, security/risk management/regulatory compliance assessments, and Web threat management. Other services being sought by enterprise include email security, vulnerability scanning, penetration testing, and part-time staffing. According to ESG, these findings indicate that enterprises are increasingly making use of third-party services to farm out mundane security tasks, access specialized knowledge and skill sets without having to hire new workers, and simply supplementing their own in-house security. With a persistent skills shortage in IT security, it is likely that the use of third-party IT security services will continue to grow among enterprise.
Identifying State-Sponsored Malware Increasingly Difficult
ZDNet (09/12/12) Phneah, Ellyne
It is becoming increasingly difficult to distinguish state-sponsored malware from malicious cyberattacks. Cybercriminals have evolved from using "broad, scattershot approaches" of mass-market malware to sophisticated and unique malware used to steal valuable information such as sensitive data, intellectual property, authentication credentials or insider information, says FireEye's Phil Lin. The key factor in identifying state-sponsored malware is the creator's intent, as most state-sponsored malware are designed for data-gathering, cyberespionage, or sabotage, says Trend Micro's Myla Pilao. State-sponsored malware also tend to have specific targets, as opposed to cybercriminals who try to hit as many victims as possible, notes Panda Security's Luis Corrons. "Cybercriminals from one country can easily set up command-and-control servers used to store exfiltrated data in a different country leading to incorrect attribution of the nationality of the threat actors, not to mention their ultimate nation-state ties," Lin says. In order to uncover the threat actors, a thorough digital forensic examination of the advanced targeted attack lifestyle, from exploit to exfiltration, should be completed within the enterprise and government infrastructure, Lin says. In addition, threat protection technologies also must be implemented for continuous threat monitoring and geo-attribution.
Hackers Graffiti Utah Health Exchange Portal
Salt Lake Tribune (UT) (09/11/12) Stewart, Kirsten
A spokesperson for the Governor's Office of Economic Development announced that the Web portal for Utah's Health Exchange, which is housed within the agency, was vandalized, although no one's personal information was breached. Spokesman Mike Sullivan says the Web pages were vandalized several weeks ago, calling it a "pure act of graffiti" because headlines were blurred, words were garbled, and some sites were rendered inaccessible. Sullivan notes that when people request price quotes via the exchange, they must share their name, address, birth date, and medical history, all of which is done on a separate, secure site. The Web site was inoperable for about 10 days, but Sullivan doubts the vandalism had any significant impact on business.
GoDaddy Suffers Outage
Wall Street Journal (09/10/12) Sherr, Ian
The domain name registrar GoDaddy reports that it is investigating a server outage that occurred at 1:35 p.m. ET on Sept. 10. Two hours later, the company said that it had received "so many messages" from customers having trouble accessing their sites that it was overwhelmed. The hacker group Anonymous has claimed responsibility for the outage in a Twitter message sent from an account associated with the group. GoDaddy representatives, on the other hand, say they are investigating after restoring service at approximately 4:00 p.m. ET. If it turns out the outage was caused by an attack by Anonymous, GoDaddy would be the latest of a string of major corporations and government institutions targeted by the group, including Sony's PlayStation Network, Nintendo, the U.S. Senate, and the Arizona Department of Public Safety.
Abstracts Copyright © 2012 Information, Inc. Bethesda, MD |
No comments:
Post a Comment