Global Accreditation For Certification Programs Available From ASIS
ASIS International, a society for security management professionals, has been awarded accreditation by the American National Standards Institute (ANSI), the U.S. member of the International Organization for Standardization (ISO). This endorsement confirms that ASIS's international certification programs adhere to the highest professional standards.
ASIS offers three international certifications: the Certified Protection Professional (CPP), the Professional Certified Investigator (PCI) and the Physical Security Professional (PSP)....
Industry Input Wanted On Proposed OSIPS Framework-ANSI Standard
The Security Industry Association (SIA) has announced the opening of the third formal Public Review of BSR/SIA OSIPS-01-200x, Open, Systems Integration and Performance Standard (OSIPS) -- Framework as an American National Standard. SIA is an American National Standards Institute (ANSI) accredited Standards Developing Organization. The public comment period is open until Jan. 7, 2008.
The OSIPS Framework is the foundational standard for the OSIPS family of standards. Since OSIPS is directed at enabling the open integration of so many various types of components, it is essential to establish precise definitions of shared system elements and common means to communicate....
From The Field
CORPORATE Allianz Insurance JSC Deploys Software To Protect Its Corporate Network Allianz Insurance JSC, a leading insurance and asset management company...
Partners Converge
By Michael Fickes
A couple of months ago, a security manager at O'Hare International Airport handed a box of green, color-coded security badges to a worker and told him...
A Secure Check-Up
As long as there are auto owners and quick change oil stores, there will be the occasional friction. Auto owners sometimes have car problems that begin...
10 Tips For Data Safety From A Former CIA Officer
Today's global economy often requires that professionals conduct business while on-the-go. That makes protecting personal and corporate information a...
No Laughing Matter
By Sandra Kay Miller
Have you heard the one about the Harvard graduate who gave up being CEO of two leading information security consulting firms to raise a family and tell...
Cyberspace Security Opinion Varies Across Board
How the military and how business and industry view cyberspace is different than how everyday people view it, an expert in security for Microsoft told The Shreveport Times.
The military sees cyberspace as "the electromagnetic spectrum," from copper wires to microwaves, where communications, control, intelligence and energy can be delivered to defend, destroy or shape the world, just like land, air, sea and space.
"But some 85-90 percent of what is critical infrastructure in cyberspace is not in government hands," says David Aucsmith, who in more than 20 years in telecommunications security work has dealt with the military, business and government agencies....
VeriSign, BSI Management Help Achieve IT Security Compliance
Organizations aiming to achieve IT security compliance using the ISO 27002 International Standards Organization (ISO) controls for information security can now get there with help from VeriSign Inc., a provider of digital infrastructure for the networked world.
Through an alliance with BSI Management Systems, an international standards, testing, registration and certification organization, the VeriSign Global Security Consulting Services group can help prepare organizations to acquire an official ISO 27002 Certificate of Compliance, which is granted by BSI....
Control Panel Standard Revision Approved And Commended
The Security Industry Association (SIA) has released the latest revision of ANSI/SIA CP-01-2007 (Revision of ANSI/SIA CP-01-2000) Control Panel Standard -- Features for False Alarm Reduction. This voluntary standard details recommended design features for security system control panels and their associated arming and disarming devices to reduce the incidence of false alarms.
Intended for use by manufacturers that design control panels and alarm signal receivers, this revised standard can also be referenced by security system installers, specifiers and users, central stations and local authorities.
This effort was undertaken to address manufacturers' requests for interpretation on the 2000 version of the standard. In addition, the revised standard clarifies the issue of UL listings for control panels and the impact that CP-01 revisions have on a listing....
ASTM Introduces Perimeter Barriers Testing Standard
ASTM International Committee F12 on Security Systems and Equipment has approved a new standard, F 2656, Test Method for Vehicle Crash Testing of Perimeter Barriers. The new test method, developed by Subcommittee F12.10 on Systems, Products and Services, provides a range of vehicle impact conditions, designations and penetration performance levels for the testing of perimeter barriers that are used to prevent attacks on facilities by moving vehicles.
According to Dean Alberson, assistant agency director, Texas Transportation Institute, and a member of Subcommittee F12.10, prior to the publication of F 2656, the U.S. State Department had the only standard for testing of perimeter security devices. However, in 2003, that document was modified and penetration ratings were dropped from it. Because these ratings were still extensively used, particularly by the U.S. Army Corps of Engineers, Committee F12 agreed to develop F 2656....
Partner Practice
By Ashley Roe
Suppliers in the security industry are realizing the advantages of collaboration over competition in producing converged and integrated technologies that...
Facilitating Loyalty
Here is a way to develop, encourage and maintain employee loyalty within your organization, according to The Encyclopedia of Security Management, by John...
3 Keys To A Successful Incident Response Plan
BY DONNA ROSS
Relationships In my experience, relationships are the most critical element of incident response planning. Business partners, IT support staff and other...
A Potential Mobile Mess
By Marleah Blades
You're probably used to seeing the epilogue Sent from my BlackBerry Wireless Handheld below the signature of e-mails from your busy colleagues. You may...
The Project Life Cycle, Nexus for Security Convergence
BY MIKI CALERO, CISM, PMP
Challenges to be faced in achieving security convergence include identifying stakeholders and organizational influences. The project life cycle (PLC)...
Project ID-Vault
By Jacqueline Emigh
It's no longer surprising to come across a situation where the same ID management system is used for controlling access to computers, buildings and grounds....
Lights, Camera, Action
Bosch Security Systems Inc., a full-line manufacturer of high-quality security solutions, has been selected by CBS Studio Center to provide video surveillance...
Manufacturers Collaborate With Partners via Non-Secure Channels
High-tech manufacturing firms not only are collaborating with value chain partners through non-secure communications tools, such as Web e-mail and personal instant messaging, they also have serious concerns about the potential for loss of intellectual property, reports a new survey from Microsoft Corp.
The Microsoft Collaboration in High-Tech Manufacturing Survey 2007, conducted by Washington, D.C.-based KRC Research and commissioned by Microsoft, found that 78 percent of business decision-makers (BDMs, such as directors of supply chain) and 85 percent of technology decision-makers (TDMs, such as chief intelligence officers and IT managers) at high-tech firms reported they had used at least one of a number of non-secure public communications tools to collaborate with partners. More importantly, the survey found that product plans, technical data and other proprietary information were sent using those tools....
Gartner: No Additional Investment Needed For Security Threats
IT managers trying to figure out how much money to budget for information security purposes each year might want to take note of some recent advice from Gartner Inc.: Despite the growth in targeted attacks and the continuing discovery of new vulnerabilities, almost 90 percent of the threats companies face today can be handled without any extra investment in security.
Instead, companies need to reduce some of the money they've spent over the past few years protecting against mass attacks -- redirecting those freed-up resources to confront more narrowly directed emerging threats.
A lot of companies spend too much money on security controls such as firewalls, antivirus software and other desktop protection tools designed to defend against traditional mass attacks, Gartner analyst John Pescatore told ComputerWorld....
Security Executive Council Offers "Ask the Experts" Online Feature
The Security Executive Council (SEC) has announced the launch of a new online feature: Faculty Advisor (secleader.typepad.com). Through this interactive function, security professionals can call on the knowledge and experience of SEC faculty to answer pressing questions on all types of security-related topics, including security careers, business alignment, executive relationships, regulations, security's value, measures and metrics and SEC tools and products.
This new, free service will provide security practitioners impartial, expert advice on issues that directly impact their security programs. Any security practitioner may submit a question....
New Standard Of Good Practice Launched For 2007
The Information Security Forum (ISF) has publicly launched the 2007 version of its international Standard of Good Practice for Information Security, which can be downloaded free of charge from www.isfstandard.com.
Aimed at major national and international organizations, the Standard provides a key resource for organizations committed to reducing the business risks associated with information systems. Drawing on the practical experiences of more than 300 international organizations, including many of the Fortune 100 companies, the standard reflects the latest thinking on information security through workshops, face-to-face meetings and interviews, as well as the results of the ISF's in-depth research and its comprehensive information security-benchmarking tool -- the Information Security Status Survey. ...
The Most Powerful Weapon: Asking A Good Question
The most useful, effective, deterring and inexpensive weapon against criminals and terrorists is the ability to ask a good question, according to Chameleon Associates, an investigation and security services consulting firm.
For years, security has been investing billions of dollars into hardware, weapons, technology, manpower and especially training. Armed security officers are required to undergo training in handling a gun and in shooting. Many of those officers go through numerous weeks of training to hone their tactical skills. But how many officers are trained to effectively use the one weapon readily available and that affords the most powerful impact in terms of protection? ... a good question....
Survey Says Corporations Don't Trust Web Applications Security
Cenzic Inc., a provider of application security vulnerability assessment and risk management solutions, and Executive Alliance have released the results of a study that examines the state of application security entitled "The Voice of IT Leadership on Web Security: 2007." The survey focuses on security issues and insights affecting the C-level executive, with the results reflecting responses from 476 information security professionals.
The survey uncovered that among executives there is a general lack of confidence in current solutions and methods protecting companies from being hacked, with half of respondents either partially or not at all confident that their current application security methods and solutions can protect their organization's Web site from hackers....
NASCO Presents 2007 Colonel Minot B. Dodson Award
The National Association of Security Companies (NASCO), a contract security trade association representing firms that employ nearly 450,000 security officers nationwide, presented the 2007 Colonel Minot B. Dodson Award to long-time private security industry leader G.R. "Rick" Massimei, special consultant, U.S. Security Associates at NASCO's Private Security Breakfast held during the ASIS International Annual Seminar and Exhibits in Las Vegas on Sept. 24.
During the breakfast, attended by nearly 100 senior contract security executives, The Brownyard Group, a provider of liability insurance to security guard firms, also recognized Security Officer Tim Foster from U.S Security Associates with the W.H. Brownyard Award for his heroic action in the face of adversity. ...
