May. 20, 2014

IAPSC 2014 Conference resources now available
An online photo album from the IAPSC Annual Conference in New Orleans is now available!

View the photo album

Download the conference program

Download presentations from the Members' Library:


IAPSC publishes updated best practice: Forensic methodology
The latest version of the best practice document, including a minor edit/caveat, is now available for IAPSC members in the Members' Library. Click here for access.More

Frank Pisciotta achieves IP video certification
IPVM certified professionals pass rigorous college level courses in advanced security technologies and concepts, requiring participation in a series of live online classes, discussions, exam and essays. Launched in 2012, over 200+ professionals have gained IPVM certifications. Courses are held throughout the year. Those who achieve this certification should be congratulated as the average attendee studied ~150 hours for the class and only 41 percent of attendees pass.More

How to handle counterespionage
Kevin D. Murray, IAPSC Member
You know everything about managing facilities, but a request from management to debug your building can throw even the most seasoned FM for a loop. With the help of an outside professional, you can ensure speech privacy and business security.More

Smartphone spyware and eavesdropping thwarted by SpyWarn 2.0
Kevin D. Murray, IAPSC Member
Business espionage, personal spying and government snooping are pandemic facts of 21st century life. Cellphones are the top technical targets. Most "spyware detection" apps only scan for known spyware. New and well hidden spyware goes unnoticed, and detecting baseband eavesdropping isn't even offered.More

Justice is fast-tracking cyber hires
The Justice Department is recruiting cyber professionals under special rules to fill vacancies more quickly now that funding constraints have eased somewhat, the department's top network security official said. While the severity of hacks is increasing, civilian agencies still struggle to bring capable computer programmers on staff. More

Retailers launch cybercrime info sharing center
The Associated Press via SecurityInfoWatch
Some of the nation's largest retailers are banding together in hopes of protecting consumers' personal and financial information from hackers and thieves. The Retail Industry Leaders Association, along with several top retailers ranging from Gap Inc. to Walgreen Co., launched an intelligence sharing center focused on the prevention of cybercrimes against retailers.More

Chinese military unit charged with cyber-espionage against US firms
The Washington Post
The Justice Department charged members of the Chinese military with conducting economic cyber-espionage against American companies, marking the first time that the United States has leveled such criminal charges against a foreign country. Industries targeted by the alleged cyberspying ranged from nuclear to steel to solar energy, officials said. In some cases, they said, the hacking by a military unit in Shanghai was conducted for no other reason than to give a competitive advantage to Chinese companies, including state-owned enterprises.More

More than 100 people nabbed in global hacker crackdown
Computer hacker forums lit up last week as FBI agents and police in 17 countries began knocking on doors, seizing computers and making arrests. On the popular websites where cybercriminals buy and sell software kits and help each other solve problems, hackers issued warnings about police visits to their homes. The hackers quickly guessed that a major crackdown was underway on users of the malicious software known as Blackshades.More

Report: Average US business fields 10,000 security alerts a day
Techworld via CIO
The average North American enterprise fields around 10,000 alerts each day from its security systems, far more than their IT teams can possibly process, a Damballa analysis of Q1 2014 traffic has found. Culled from an analysis of large amounts of ISP and mobile traffic plus the firm's own customers, Damballa calculated that the noisiest networks of all generated an overwhelming 150,000 alerts.More

Security chief sees US cyber legislation this summer
Congress is likely to agree on cybersecurity legislation this summer, U.S. Homeland Security Secretary Jeh Johnson said, citing growing consensus among lawmakers on the need to help industry share data with government about attacks on computer networks. Lawmakers have been considering legislation to clarify how private companies should be required to disclose security breaches and cyber threats, but spats over liability and privacy protections have repeatedly thwarted comprehensive cybersecurity bills.More

New algorithm revolutionizes cryptography
Homeland Security News Wire
Researchers have solved one aspect of the discrete logarithm problem. This is considered to be one of the "holy grails" of algorithmic number theory, on which the security of many cryptographic systems used today is based. They have devised a new algorithm which calls into question the security of one variant of this problem, which has been closely studied since 1976.More

Study: Cloud security improving, but still a work in progress
Comfort levels with cloud are rising, and more and more organizations are transferring sensitive or confidential information to public cloud services — even though more than a third expect a negative impact on security posture. In response, the use of encryption is increasing, but more than half of respondents still admit their sensitive data goes unprotected when it is stored in the cloud.More