Feb. 11, 2014

IAPSC Annual Conference 2014

April 27-30 in New Orleans
Come jam with the IAPSC at the largest and most exclusive gathering of top security consultants in the nation, the IAPSC Annual Conference 2014. This year's conference offers a wide range of topics focused on Building the Business, Practice Management, Forensics & Physical Security, and Technical Security. With each carefully tuned session, you'll interact with top experts who will discuss major trends affecting the security industry, including practical ways to integrate technology to drive business, how to become a true trusted advisor, and advice on how to successfully bring your expertise into the courtroom.
For more information, visit the conference website. Register now.More

IAPSC Education at ISC West

This popular, one-day intensive seminar will show you how to develop, market and deliver security consultant services effectively. Learn how to avoid the costly mistakes that can sabotage the success of your security program. IAPSC members are entitled to complementary admission to the exhibit hall, 20 percent off SIA Education@ISC, as well as VIP Executive's Club benefits. Contact iapsc@iapsc.org for the registration link.More

Forstater publishes article in Homeland Security Today Magazine
IAPSC Board Member Dutch Forstater was asked by the editor of Homeland Security Today Magazine to write the cover feature for the latest issue of the magazine. It covers his long-held belief in our current technical dependencies while recommending new responsible strategic implementation. Facts and examples emerge of the technologies in use in many systems that are truly outdated and involve patchworks of add-on elements with inherent limitations.

Welcome new member: Manuel Avila
Manuel Avila, BSc, CPP, has been a security practitioner for 20 years and has performed the following roles in corporate and private environments: Loss Prevention Analyst at a petrochemical company, Security Manager for a U.S. trans-national oil company in Venezuela, President & Principal Consultant, Senior Risk Consultant, and Security Supervisor for the largest property management company in Canada. He is currently the Director & Principal Consultant of ARM — Avila Risk Management, a security risk management consulting firm established in Calgary, Canada in August 2008. Avila has a Bachelor's Degree in Materials Engineering from Simon Bolivar University in Venezuela and got his equivalence from Alberta's IQAS in 2010. Before making his career move to the security industry, he worked in quality assurance, maintenance, and static equipment inspection. View his IAPSC Profile.More

Welcome new member: Raymond Marciano
Ray Marciano, CPP, is a retired U.S. Army Military Police Soldier with extensive experience in security planning and operations. After retiring from the U.S. Army, Marciano worked for the U.S. Department of Energy as a Security and Counter-Terrorism Instructor. After five years with the DOE, Marciano founded Marciano Security Management Solutions LLC to enter private sector security as a security consultant and instructor. Marciano's experience includes: Security Project Manager, Senior Security Consultant, Security Operations and Counter-Terrorism Instructor, Security Operations Manager, Force Protection Manager, and Assistant Chief of Police. He earned a BS in Criminal Justice (Summa Cum Laude) from Kaplan University and is currently pursuing a Masters Degree in Safety, Security, and Emergency Management from Eastern Kentucky University. View his IAPSC Profile.More

'Checkbox compliance' won't stop Target-like breaches
USA Today
Most organizations that have gone through a successful compliance audit are still susceptible to a security breach. Management typically spends the bare minimum to get a passing grade from the auditor yet the expense drains real dollars out of drastically needed IT budgets and doesn't add to the bottom line. The Verizon 2013 Data Breach Investigations Report indicates most companies don't have sufficient IT resources to manage their tools and systems.More

OSHA launches website to promote hospital safety
Business Insurance
The U.S. Occupational Safety and Health Administration has launched a new educational website designed to help hospitals prevent on-site employee injuries and enhance patient safety. The Worker Safety in Hospitals website contains a library of factbooks, self-assessment tools and best practice guides for hospital risk managers seeking to identify and address workplace safety needs, improve patient handling programs and implement more comprehensive safety and health management systems within their facilities. More

Pre-audit planning: 4 keys to a successful IT security audit
SearchSecurity (free subscription required)
For many information security professionals, a visit from an auditor is perceived as something to be feared or endured. However, an experienced auditor can offer many benefits, such as a neutral and honest review of an organization's security posture, validation and support of the company's efforts, and useful advice on how to mitigate gaps and meet requirements.More

When employees violate anti-violence policy, make sure everyone is disciplined equally
Business Management Daily
Nothing will get you in trouble faster than discipline that's harsher for members of some classes than others. That's especially true in cases where someone has been accused of violating anti-violence policies.More

5 reasons the big hacking wave is no big deal
If you're worried about hackers gaining access to your confidential information, now has been the winter of your discontent. Across tech and retail, big companies have been the target of big, successful attacks: Skype and Snapchat, Target and Neiman Marcus, and at least three other prominent retailers, according to Reuters, suffered recent breaches. The season's climate of fear intensified this month as hacking rumors dogged cloud-storage site Dropbox, some of whose users experienced up to two, daylong outages.More

Focus on app security design to gain client trust
Computer Business Review
Banks can regain the trust of their customers by placing more security focus on mobile banking design, one security architect has suggested. Recently, a researcher found numerous vulnerabilities in 40 personal banking apps from 60 of the world's largest banks. Testing just iOS devices, Ariel Sanchez from IOActive discovered that 90 percent of the apps contained non-SSL links, meaning a hacker could potentially intercept the traffic and inject random JavaScript/HTML code in order to create a fake login phishing attempt.More

US military has emergency escape plan for athletes
Pilot Military News
The U.S. military will have warships and transport aircraft at the ready in case American athletes and officials need to make an emergency escape from the 2014 Sochi Olympics. A contingency plan has been established in case "something happens like a major terrorist attack and we need to get Americans out," an unnamed U.S. official told CNN.More

Correct emergency planning oversight
The Intelligencer
West Virginia has a Department of Homeland Security. Working with first responders, health care providers and others throughout the state, it has developed contingency plans for various threats to public safety. But no strategy was in place to deal with tainted water threatening about 300,000 people in and near Kanawha County, it was recently reported.More