Subscribe to RSS - bridge


Napolitano gives first State of Homeland Security address

Thursday, January 27, 2011

This afternoon, Secretary Napolitano started a new tradition for the Department of Homeland Security. Just days after President Obama gave the annual State of the Union address, Napolitano decided to specifically address the nation's security position. While DHS remains a nascent agency, it has obviously garnered a lot of attention (and funding) since its inception and I think it's only appropriate for the public to hear about its progress and future goals.

The theme of the speech was this continued effort of "shared responsibility." DHS has really been advocating the various roles that everyone, from law enforcement to the public, shares the collective responsibility of securing the homeland.

In case you forgot: "Homeland security starts with hometown security."

She emphasized that DHS is working with other agencies to ensure that intelligence collected makes its way to the appropriate group of people, whether that be local law enforcement or members of the private sector.

Napolitano made a few big announcements including the formal end to the color-coded threat advisory system. "In its place, we will implement a new system built on a simple and clear premise: When a threat develops that impacts you, the public, we will tell you. We will provide you with whatever information we can so know how protect yourself, your families and your communities," she said. This new National Terrorism Advisory System "means the days are numbered for automated recordings at airports about the color code system." Here's the link to the official DHS announcement.

She also highlighted four areas that DHS will focus on in the coming year:

1. Counter-terrorism efforts. "We’ve worked hard to strengthen and build information-sharing architecture by increasing the capacity of our state's fusion centers and analytic centers of excellence," she said. She also discussed the department's effort to strengthen the global supply chain.

2. Border security and immigration enforcement. She discussed the improvements the government is making to increase technology and personnel to secure our borders. (No mention of the recent announcement to end the SBInet program, though.)

3. Cybersecurity. She discussed continuing to make the infrastructure more resilient to attacks.

4. Improving national preparedness. She touched on the President's announcement to designate the D Block spectrum for public safety communication and further improving technology and interoperability (Check out a recent SDN article on the topic based on a speech by the former director of FEMA.). She also announced that FEMA will run the largest exercise to date based on a massive earthquake scenario.

Overall, I wouldn't say there was anything particularly groundbreaking in this speech, but rather Napolitano's continued effort to encourage everyone to play their part and take national security seriously.

Why your management application might cause more harm than good

Thursday, November 18, 2010

By Lars Helgeson, GreenRope

Within any company or industry association, there’s typically a certain degree of role sharing. For example, there might be a variety of folks on the marketing commitee working collaboratively on an upcoming event which requires the use of a software application to manage everything from email marketing to registration to surveys.

While it’s necessary to have a system in place to handle these various tasks, allowing all team members accessibility can lead to serious problems - and even worse - major security issues. Companies should beware of the many consequences that can occur as a result of not selecting a secure business management application.

For companies currently using such tools or considering implementing one, select a provider that places great emphasis on security for these three reasons:

1. Prevent company data from leaving

A primary concern for any business arises when an employee terminates and has the potential to take customer information with them. In August 2010, Harris Interactive conducted a survey of 1,594 full-time and part-time employees concerning their attitudes on accessing and viewing company information. Approximately 29 percent admitted they would take customer data including contact information and 15 percent said they would take product information.

Businesses work diligently to gain the trust of their customers so they should take extra precaution to ensure those contacts cannot be transferred from a system and taken out the company door. Examine the systems currently in place and determine if any changes need to be made to ensure this dilemma is avoided at all costs. The last thing an executive wants to worry about is confidential information finding its way in the hands of the wrong person.

2.Avoid accidents
When one person is assigned to a specific task and another employee unfamiliar with the tools accesses that arena, there’s a greater risk that something unexpected could happen. For example, say an employee is responsible for handling event registration and another is responsible for building and sending out the event announcement emails. By isolating these two tasks, neither person can override the other. If organizations don’t secure each element of the management system, accidents are more likely to take place and have the ability to lead to chaos.

Only allow individuals who possess the knowledge and experience to fulfill their specific job functions with the access to those areas. If multiple staff members are permitted to use the application, ensure they’re all adequately trained to use the various tools.

3. Limit liability concerns

Users of web-based software provide personal information in good faith with the understanding that their data won’t be shared with outsiders. Companies need to do everything in their power to protect such records because if there is a breach of confidentiality, they will be liable in the end. It’s essential to store data using the most secure network that decreases the possibility of liability concerns for both the customer and organization.

By now it should be clear why companies should thoroughly investigate the security options of their management applications. Organizations must protect their property and minimize opportunities for terminating employees to depart with company information. When specific assignments are delegated, provide passwords and admin privileges to those folks alone.

Implementing a management application system that provides for a seamless operation is certainly important, but ensuring such tools come with security features that enable administrators to minimize the risk of losing confidential information or making unnecessary mistakes is a must. Just because there are collaborative tools available doesn’t necessarily mean that teamwork is required on all fronts. Allowing unlimited access to programs can turn out to do more harm than good.

Lars Helgeson is the founder of GreenRope, a secure web-based platform that empowers small businesses and strategic consultants with the ability to manage their contact database, marketing communications, calendaring and project management initiatives from one user-friendly platform. He can be reached at

Sorry boss, I got drunk and lost your $1.35 million painting. My bad.

Wednesday, September 8, 2010

I just can't get away from museum security. My interest stems largely from recent news reports of outrageous daytime thefts and valuable items being left totally unprotected.

According to the FBI, art theft is estimated to be a $6 billion illicit industry. So wouldn't you think museums and art collectors would step up security measures? Well, apparently it's not just a matter of installing video cameras and sensors and security officers to guard artwork. Nope, sometimes it's just a matter of common sense.

I just read this article about how a Manhattan man is being sued for losing a $1.35 million painting. And it's not like he was transporting Jean Baptiste Camille Corot's masterpiece, "Portrait of a Girl," in an armored truck and got robbed. Nope, instead he was just carrying the piece around and decided to stop in a hotel bar and ended up getting so wasted that he literally misplaced the painting. During his time at the hotel, surveillance footage shows him depositing the painting with the front desk (!) and then at the end of the night taking it back and stumbling out the door with it. However, apparently when he woke up from his drunken stupor, the painting was nowhere to be found.

Obviously, the owners of the painting are not exactly happy with this fool, but seriously, who would allow anyone to carry around a million dollar painting? First of all, it certainly would seem to increase the chances of damage thus comprising the painting's value, but this is also a reminder that people have no sense of security. Any Boy Scout could tell you it's always safer to use the buddy system. That way, at least there's two of you to keep track when those martinis start kicking in.

Wait. Does CFATS have a shot afterall?

Wednesday, July 28, 2010

As it turns out, CFATS legislation may not be "dead" after all. Today, the Senate Homeland Security and Government Affairs Committee unanimously voted to approve an amendment to the Chemical Facility Anti-Terrorism Act of 2009 (H.R. 2868).

The amendment would extend the existing Chemical Facility Anti-Terrorism Standards by three years to October 4, 2013 and give chemical facilities and the Department of Homeland Security time to more fully implement the regulation, rather than significantly altering the existing rules, according to a statement released by the the Society of Chemical Manufacturers and Affiliates.

Here's a few more highlights of this legislation:

* direct DHS to develop voluntary exercise and training programs to improve collaboration with the private sector and other stakeholders;
* establish a voluntary technical assistance program allowing DHS to provide non-binding recommendations or assistance to covered facilities at the request of the owners/operators of those facilities;
* create a chemical facility security best practices clearinghouse at DHS; and
* establish a chemical facility security advisory board to advise DHS on CFATS implementation and the voluntary technical assistance program.

All the legislation needs now is to pass a full vote in the Senate. But will it happen? Congress is scheduled to go on recess August 9 - September 12, so the amendment has seven days to pass. Obviously, it could also pass when Congressional folks return from their month-long vacation (P.S. I plan to talk to my boss about adopting a similar work schedule), but some have voiced concern that election season could interfere with the passage of this legislation.

However, at least SOCMA and other chemical security folks have a piece of legislation to support. They were none too happy with legislation introduced by Sen. Lautenberg on July 15 that "would mandate chemical facilities switch to so-called safer chemicals or processes." This legislation, known as the Secure Chemical Facilities Act, adopts the House version of the CFATS reauthorization bill, which includes controversial language regarding the use of "inherently safer technology." However, the legislation that passed yesterday, does not include the IST language and continues what folks are calling "common-sense performance standards."

Book reveals the 'real' reason we don't have full-body scanners

Wednesday, July 7, 2010

Full-body scanners supposedly make people nervous. And that makes sense. Individuals don't tend to like having their bodies exposed, in any form, especially to strangers. However, a new book, Skating on Stilts: Why We Aren't Stopping Tomorrow's Terrorism, tackles the "real" reason the TSA hasn't been able to deploy full-body scanners, despite the fact that the technology has been fully developed and found to effectively detect explosives and anomalies on the body.

The author, Stewart Baker, a former Homeland Security policy chief from 2005-2009, writes that civil-liberty advocates are the reason this technology still isn't in place and why our aviation system remains vulnerable. Baker blames privacy advocates on both the Left and Right for convincing the House of Representatives to pass a resolution in June 2009 forbidding the government from using the body imagers for primary screening. Which, by the way, I didn't know. And, apparently I'm not the only one. Baker addresses the public's misperceptions of how the government reacted after the attacks of 9/11:

"There's a well-established civil libertarian mythology about the nation's response to 9/11," Baker writes. "In the myth, a frightened U.S. government throws civil liberties out the window within weeks of the attacks, launching a seven-year attack on our privacy that a new administration is only now slowly … beginning to moderate. In real life, privacy groups mobilized within weeks of 9/11, and they won victory after victory, right from the start."

But Baker doesn't just discuss the issue of whole-body imaging technology, he also argues that these civil liberty groups worked to minimize the amount of information the TSA could gather in order to determine what passengers warranted additional screening. The original program was replaced with a system that only allows TSA to gather passengers name, gender and birthdate.

"If you've wondered why, eight years after 9/11, we're still looking for weapons and not for terrorists, now you know. Privacy advocates turned the use of even ordinary data like travel reservations into the policy equivalent of a toxic waste site," Baker said.

It'll be interesting to see how John Pistole changes the TSA's approach to intelligence gathering, especially considering that's his first order of business as the head of the TSA.

Thoughts from the show floor - video analytics

Friday, March 26, 2010

Now that we’re on the third and final day of ISC West I’d like to take a quick opportunity to summarize some of the themes I’ve been hearing throughout this show.

I attended an IMS Research press conference and was informed that 2009 was a tough year for video analytics (which wasn’t exactly surprising since 2009 was a tough year for everybody), but the most interesting part, I thought, was that in what they cited as the solution. One of the primary reasons that video analytics has been slow to adoption is due to a lack education of both end users and integrators about what the technology can and cannot do. I tweeted this to the ISC West Twitter community and one person responded that perhaps the solution was actually improving the product, which again, is a valid point. That noted, I think there is an important piece in better educating folks about what video analytics can and cannot do.

My next appointment just happened to be with NICE, who acquired Orsus, the command-and-control, or PSIM, software management company. I asked Jacob Fox, who is the former president of Orsus and now with NICE, about his take on video analytics. He said R&D is always important and there is certainly room for enhancement, but agreed that education of end users and integrators is also critical.

He said while there is so much potential for video analytics to improve not only security operations but also business operations, there has been an issue with mismatched expectations. End users need to know that implementing video analytics is an investment and while it can solve a lot of problems, it can’t solve them all and certainly not overnight.

During my time here at ISC West, I also had an opportunity to speak with several end users who have implemented video analytic technology. I spoke with Jim Miller from NiSource, an energy and utility company, who said they deployed video analytics and within two days, they caught people trespassing with apparent intent to do harm (well, they had guns). You can watch my sdnTVnews interview with Jim to hear for yourself.

Anyway, I think video analytics continues to be a very promising technology and more and more end users are seeing the value in it, but there's still a lot of work to do - for everybody.

ISC West - Day One

Wednesday, March 24, 2010

Already it feels like I've been in Vegas forever, but alas, it's only the second day. Well, technically, it's the first day of the show - the first HALF of the first day of the show as a matter of fact - and already I'm exhausted. But, that's just the name of the game here in Vegas.

Anyway, the panel that I helped organize on airport security went great this morning and was well attended, especially considering it was the first panel of the day. This is the first year I've attended ISC West that they've had the Public Safety & Security section of the show floor and I think having a venue like that, with a theater in the middle, is a great way to attract attention to important industry topics. No time to reiterate it here, but look for a story on next week's newswire.

So far the show seems to be well attended. I heard several accounts last night that the floor plan looked significantly smaller than last year, but it seems just as large and overwhelming to me. Aisles seem packed with lots of bodies to dodge. In my experience, the first day of the show isn't typically the busiest, so we could see even more traffic in .

Our booth is pretty cool this year, too. We're all set up for our video shoots and are located near the front of the show floor (#3064). Feel free to stop by and see us here, although chances are we'll be running around like crazy folks most of the time. Speaking of which, I gotta run to my next appointment now. More later!

Do we need security in gyms now?

Wednesday, August 5, 2009

After I read an article about the shooting yesterday in a gym in Pittsburgh that killed four women and injured nine more, I couldn't help but feel a sense of helplessness. I know this is yet another case of an unstable person getting a hold of a gun and taking out all his social inadequacies on innocent people, but it just doesn't seem fair. Is there really any way to protect against these kinds of incidents? We can't start hiring security officers at gyms, can we? I mean that's just preposterous. I have a hard time waiting in line to scan my card, I certainly don't want to wait for some guy to look through my sweaty gym bag to make sure I'm not packing a gun.

But what's the solution? Will the crazy people always win? I'm sure there's been a lot of thwarted incidents that never make the news, and that gives me hope, but I can't help but feel that security will never be able to do enough.

More 'security theater'

Monday, December 22, 2008

For those of you who missed the 60 Minutes segment on airport security because you were shoveling your driveway for the fourth time, here it is:

Watch CBS Videos Online

Too bad they didn't mention that we are in the middle of one of the safest flying periods in U.S. history.

I agree that not all the programs TSA has implemented have worked, but I do think they are doing some things right — the behavior screening, for example, is an effective program. All around, the agency gets a really bad rap and so do the screeners (I wouldn't want that job). It may be 'security theater' but if it helps keep me safe, I'm happy to play a role.

Parallel to convergence

Wednesday, July 23, 2008

As video and other physical security technologies continue the process of moving onto the IT network, another slow migration to "new" technology has begun as well.

Companies related to our industry that didn't used to care about the value and techniques behind optimizing their Web properties are becoming interested in SEO — Casino Managers can read all about it in an upcoming issue of Casino Enterprise Management. Blogs like this one are multiplying, and besides the social aspects, blogs have the power to contribute heavily to Web rankings.

The online ad rates at some business-to-business sites within the physical security sector — despite a relatively small niche readership —are commanding astoundingly high prices for online display ads — even after the dickering. This may change as advertisers get more savvy about comparative pricing and as publications are better able to value and sell their different advertising products. But the too-expensive online ads are selling and that says a lot about perceived value.

Attempts at forming independent online communities, until now fragmented, frustrating and fruitless, are actually taking hold:

  • CCTV Blog, with 97 members, has the potential to become something interesting. (JOIN and help it happen!)
  • IP Video Market Info, a site that constantly tracks and organizes new video surveillance information from company websites and across the web, reported an amazing 10,000 monthly visitors after just 4 months online. (Comment on John's excellent posts!)

- - - - - -

Contributed by Abigail Hamilton, director of marketing for Airship Industries, a developer of high-value digital video surveillance solutions that are flexible, scalable, and affordable.