Feb. 24, 2015

Newly updated 'best practice' guidance now available
The IAPSC has recently updated and released three consensus-based and peer-reviewed Best Practices for the guidance of and voluntary use by organizations and individuals. These include:

Each is available for download when purchased online for $95 each or FREE for members in the Members Library.More

IAPSC members contribute to BD+C exclusive:
How security is influencing campus design and construction

IAPSC members Randall Atlas, James Clark, Fred Miehl, Chad Parris, and Frank Pisciotta contributed to this Building Design + Construction article discussing how campus crime – whether real or perceived – presents Building Teams with more opportunities for early-stage consultation with university clients.More

Chuck Sennewald publishes The Process of Investigation, 4th Edition
IAPSC Founder Chuck Sennewald has published the Fourth Edition of his book The Process of Investigation, which took six months to rewrite and submit and six months in production. The original (first edition) was published in 1981. Continuing in the tradition of its previous editions, it covers essential topics overlooked in books on the public aspects of investigation. Investigative skills such as surveillance techniques, interviewing and interrogation, collecting and documenting evidence, and taking confessions and written statements are all discussed, and supplemented with updated case studies and examples from the authors’ own professional experiences.More

New member benefit: Communication through your online profile
IAPSC is pleased to announce a new benefit for members! Prospective clients and visitors who visit your on-line consultant profile may now contact you via email using a secure online email form. Members will receive their messages as emails from iapsc@iapsc.org with the subject line "New email from your IAPSC profile" and will have the option to reply directly to the sender.

Please note that IAPSC does not vet or review these communications, so members are responsible for considering the requirements of the IAPSC Bylaws and Code of Ethics when evaluating received requests or proposals. For example, the Code of Ethics requires that “Members will neither accept nor pay fees or commissions for client referrals.”

If you have any questions, contact us at iapsc@iapsc.org or (415) 536-0288.More

IAPSC 'Successful Security Consulting' Workshop
ISC West: Free Exhibit Hall Pass for Members


On behalf of ISC and SIA, we'd like to invite you to join us at ISC West 2015 at the Sands Expo in Las Vegas. The Exhibit Hall will be open April 15-17 and SIA Educational sessions will be April 14-16. ISC West allows you to:

IAPSC Members: Contact us for FREE exhibit hall registration.

But that's not all. Join us for the IAPSC "Successful Security Consulting" Workshop on April 14, 8:30 a.m.-5 p.m., Sans Expo Las Vegas. This popular, one-day intensive seminar will show you how to develop, market and deliver security consultant services effectively. Learn how to avoid the costly mistakes that can sabotage the success of your security program.

View the SSC program outline and register now. More

IAPSC Annual Conference 2015 — Join us in Napa!
Register by March 2 to SAVE

Join your IAPSC colleagues for the IAPSC Annual Conference 2015, Old Growth vs. New Growth — the Future of Consulting, April 19-22 in Napa, California!

The 2015 program is built to provide you with the tools and knowledge to keep you at the forefront of the industry now and in the future. Sessions cover a range of topics including: cultural site security, security risks associated with infectious disease, terrorism and national security, college campus security, social media marketing, customer retention, and drone security. In addition, four sessions will feature case studies and real world applications of technical security solutions revolving around VMS, perimeter security, and access control.

View the Program
Visit the Conference Website More

Obama set to ratchet up pressure over Homeland Security funding
The Hill
The Obama administration is ratcheting up pressure on Republicans to fund the Department of Homeland Security, which faces a shutdown without action by Congress after Feb. 27. Congress appears stuck on the issue because the House is insisting that the funding bill also overturn President Obama’s executive actions on immigration that have provided legal status and work permits to millions of immigrants.More

Obama announces initiatives to curb recruitment of terrorist groups
The Washington Post
President Barack Obama argued that America must "discredit violent ideologies" if it wants to counter recruiting efforts by the Islamic State and al-Qaeda here at home. The president, in his keynote speech at the White House Summit on Countering Violent Extremism, aimed to strike a balance between addressing the risk of the radicalization of disaffected youths and the need to reassure Muslim Americans that their communities are not being targeted as a source of terrorist plots.More

Report exposes US computer-espionage tactics
The Wall Street Journal
New research from a Russian computer security company offers good news and bad news for U.S. intelligence agencies. On the one hand, the report by Kaspersky Lab appears to reaffirm that U.S. spies can hack into just about anything, including the preprogrammed code that helps a hard drive work. That means the U.S. could, in theory, burrow so deeply into a target's computer that its spyware would remain even if the target reinstalls every piece of consumer software.More

Retail CIOs focus on data security, digital innovation
In the wake of widely publicized breaches at firms like Target and Home Depot, retail CIOs are nearly unanimous in naming data security as one of their top priorities for 2015, according to a new survey. In that poll, produced by Forrester Research and the National Retail Federation, 97 percent of retail CIOs said that efforts to strengthen their cybersecurity defenses rank in the top five items on their agenda this year.More

Security experts: Health data increasingly being sold on black market
Consumer health data are increasingly being sold on the black market as health care organizations become popular targets for hackers, NPR's "all tech considered" reports. According to Symantec, a security firm, health care companies experienced a 72 percent increase in cyberattacks between 2013 and 2014. There have been more than 270 public disclosures of large health data breaches — which firms are required to disclose — over the past two years, according to "all tech considered."More

The secret to secured entries at schools
By Charlie Howell
Schools across the nation are reacting to the public outcry to do something in the name of security to protect students and teachers from violence. Many schools look at the concept of a secured entry — a holding vestibule for unauthorized persons until they are vetted and authorized to enter — as the big answer. However, these schools are spending money to create secured entries that are not likely to work when they are needed. I have only seen nine instances in approximately the last 100 implemented or planned secured entries that have a chance at performing their function.More

How to up your cyber security
The average cost to a U.S. business of a lost or stolen record containing customer information is $201, according to the 2014 Cost of Data Breach Study conducted by the Ponemon Institute for IBM. The most expensive incidents are due to malicious attacks, not to human error or process failure. That's a problem for your business. Mega-retailer Target may have had to pay cash to counter its late-2013 data hack, which reportedly affected up to 110 million customers, but it was lucky. Similar breaches have resulted in the destruction of companies.More

8 things physical security pros need to know about the 'Ghost' vulnerability
Security Info Watch
Cyber attacks continue to escalate. We experienced an increase in 2014 over 2013 and we do not see a reduction in sight. Most physical security systems are now connected to the internet for remote access, support, and maintenance or they are connected to the local network, which in turn is connected to the Internet. It's becoming apparent and critical that physical security systems get the same level of attention to cyber security vulnerabilities that have been given to traditional IT systems.More