Experts are meeting today and tomorrow at Carleton University to discuss “the challenges of dealing with natural resource development projects and activism" - or, in the words of one participant, how to protect Canada's infrastructure from "domestic extremists".
Why are conference events so good for intelligence? Because they bring the experts together customers, competitors, government regulators, suppliers, academics and so forth – experts with information. From a collection perspective, people attend events with the objective of exchanging information, so they are keen to talk.
Despite its ambitious mission, will the revived National Strategy for Critical Infrastructure be able to sidestep long-standing problems associated with private sector ownership of critical infrastructure and the limits of emergency management in a federal system that may undermine it’s effectiveness while also raising fresh questions regarding the strategic concept of resilience?
As Canadians, it’s in our DNA to be helpful and to avoid saying “no.” So why is it that “no” is the typical response from a security-minded IT organization when asked to enable a new application on the network? While it may not be the case everywhere, it is certainly widespread enough that in many organizations the CSO is often referred to as the CS-NO. That said, the CSO should certainly have our sympathies because he/she is confronted with a nearly impossible choice when it comes to balancing network productivity and network security.
Sensor networks are not born of the Internet. They are not intended to exist on the Internet and they possess unique security requirements compared to systems and service found on the Internet. For instance, sensor networks will frequently be composed of “constrained” devices: low power, low processing, low memory, and as a by-product of the first 3, low security capabilities.
C4i Consultants have signed a memorandum of understanding with the Caribbean Disaster Emergency Management Agency (CDEMA) to support the "One Million Lives" project.
In collaboration with C4i, CDEMA is embarking on a multi-phase project to create a world-class emergency disaster management training facility with remotely deployable classrooms. C4i’s Emergency and Disaster Management Simulation (EDMSIM) software will be used to equip trainees with realistic tabletop exercises.
Countering corporate espionage has much more to do with your business culture than bars in the windows, more firewalls, or checking the locks after hours. Given that espionage is mainly perpetrated by insiders, an effective security program hinges on your employees and their buy-in of the security culture.
A worldwide survey of 10,000 executives in 154 countries by Forbes revealed that corporate security, including cyber-security budgets, had been reduced at a time when cyber breaches were rising dramatically. The survey found that corporate boardrooms were either ignorant of the risks, or demonstrating “ostrich-like” behaviour and ignoring the risks of cyber-security breaches.
Human errors cause the vast majority of information security breaches. Numerous studies, such as a report by the Ponemon Institute, have compiled statistics that attribute more than half of breaches to human elements. And it takes human beings – “an army of foot soldiers,” to quote my colleague John McClurg – to defend an organization’s information assets.
Larry and his company were the victims of aggressive competitive intelligence collection utilizing social engineering (including social hacking and escalated recruitment). He needed to identify the leaks and any third parties involved, and prevent further loss of proprietary intelligence.
Blogging became popular around 1999 with the arrival of platforms that facilitated publication of content to the web by non-technical users. WordPress was such a platform and quickly became the most popular of its kind with more than 74 million web sites using it today. Although initially created to make blogging easier and convenient, it is used today by organizations of all sizes to manage content for their web sites.
As anyone not living in a cave can attest, literally a day does not go by without some new revelation of cyber hacking, cyber attacking, cyber vulnerabilities or some new cyber surveillance scheme being perpetrated against ‘we the people’ by murky corporate interests – or our own, possibly murkier, governments.
As disasters strike around the world, and each seemingly more devastating than the last, the visible damage is all too apparent. However, we are often not aware of the pervasive psychological damage that goes along with such physical destruction.
PTSC-Online is Canada’s virtual on line community for emergency management, business continuity and critical infrastructure protection professionals. It is also a source of emergency management related information for the Canadian public. This report underlines key points of its operation as a test project since mid-year 2010. It also highlights the benefits of using and supporting PTSC-Online, identifies the financial needs for its continued operation, and offers options for continued financial support.
At the beginning of 2010, the government had just published its Critical Infrastructure Strategy and Action Plan and published this October another major document, its Cyber Security Strategy. Mr Justice Major revealed the findings of his inquiry on the Air India intelligence and other law enforcement shortcomings. Canada had the Olympics, the G8 and G20 to secure in an ever more visibly terror-laden world.
Today’s changing and complex environment of national security and public safety has underlined the role that innovation plays in battling terrorism and mitigating the effects of large scale national disasters. The need for cooperation and the coordination of resources is required if the world is to be effective in battling sustained terrorist threats or to mitigate major disasters.
In July of 2004, the damage done during the ‘Peterborough Flood’ devastated many businesses and organizations in the area. Non profit agencies were the hardest hit. Many were unable to attend to their clients for days. “Business Continuity” immediately became the new buzz word!
A few months ago, the concept of a nationwide Canadian emergency management network was just that – a concept, a dream. Today, Partnerships Towards Safer Communities Online (PTSC-Online) is a reality. Its growing membership has a good grasp on current issues facing Canadian emergency managers and are deriving value from their participation in this program.
Developing and implementing a comprehensive emergency management program can provide organizations with a structured capability to continue operations in the face of a major emergency or business disruption. A comprehensive emergency management program involves a complete process aimed at reducing loss and protecting assets from all types of hazards through a risk-based program of prevention, mitigation, preparedness, response and recovery activities.
Businesses of all types and sizes face the risk of insider fraud. This can be for corrupt personal gain, criminal or terrorist extortion or combinations of these. Responsible and successful organizations anticipate and take measures to mitigate such risk. For instance, one must realize that organized crime is first and foremost a business. As such, it has objectives, a management structure, financial performance goals, and metrics. Given this framework, anticipation and mitigation demand that you think like a predator.
Our main theme for this edition is on Critical Infrastructure Protection. The protection of these essential assets (80% of which are privately owned) is a major government responsibility that requires proper legislation and coordination. It is saddening how little progress and attention seems to have been brought to this real safety concern for all Canadians. The pleas go unanswered, but we continue – it is that important!
The profession of emergency management is a recent development. Similarly, emergency management program standards are also relatively new.
Although it is difficult to actually pinpoint when emergency management emerged as a recognizable and distinct profession, it can safely be said that the idea or concept of practitioners schooled in risk management started to evolve in the 1990’s. By the early 2000’s, emergency management was both the buzzword and the business!
There is no more important role for government than the security of its homeland and the safety of its citizens.
While government is ultimately accountable for a nation’s safety, it is by no means exclusively responsible for it. The private sector shares this responsibility and must be an integral contributor to the government’s national security framework for the following three reasons: