National Cyber Security Awareness Month

Recognizing the importance of cybersecurity, President Obama designated October as National Cyber Security Awareness Month (NCSAM). NCSAM is designed to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cybersecurity and increasing the resiliency of the nation in the event of a cyber incident. October 2012 marks the ninth annual National Cyber Security Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance (NCSA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC).
Follow these simple steps to keep yourself, your personal assets, and your private information safe online:

• Set strong passwords and don’t share them with anyone.
• Keep your operating system, browser, and other critical software optimized by installing updates.
• Maintain an open dialogue with your family, friends, and community about Internet safety.
• Limit the amount of personal information you post online and use privacy settings to avoid sharing information widely.
• Be cautious about what you receive or read online – if it sounds too good to be true, it probably is.

Check out the resources for information security on the "Resources" page of the Preparedness, LLC website.

New National Terrorism Advisory System

April 20, 2011

The Secretary of Homeland Security has announced the implementation of the Department of Homeland Security’s (DHS) National Terrorism Advisory System (NTAS)— that will provide timely information to the public about credible terrorist threats. This system replaces the former five color-coded alert system.

Under NTAS, DHS will coordinate with other federal entities to issue detailed alerts to the public when the federal government receives information about a credible terrorist threat. NTAS alerts provide a concise summary of the potential threat including geographic region, mode of transportation, or critical infrastructure potentially affected by the threat, actions being taken to ensure public safety, as well as recommended steps that individuals, communities, business and governments can take to help prevent, mitigate or respond to a threat. NTAS Alerts will include a clear statement on the nature of the threat, which will be defined in one of two ways:

• “Elevated Threat”: Warns of a credible terrorist threat against the United States
• “Imminent Threat”: Warns of a credible, specific, and impending terrorist threat against the United States

Depending on the nature of the threat, alerts may be sent to law enforcement, distributed to affected areas of the private sector, or issued more broadly to the public through both official and social media channels—including a designated DHS webpage (www.dhs.gov/alerts), Facebook, and via Twitter @NTASAlerts. NTAS alerts and posters will also be displayed in places such as transit hubs, airports and government buildings.

NTAS threat alerts will be issued for a specific time period and will automatically expire. Alerts may be extended if new information becomes available or as a specific threat evolves.

Our National Preparedness Standard, NFPA 1600 “Standard on Disaster/Emergency Management and Business Continuity Programs” calls for conducting a risk assessment to “identify hazards and monitor those hazards and the likelihood of their occurrence.” It also calls for “a process to monitor the identified hazards and adjust the level of preventive measures to be commensurate with the risk.” The National Terrorism Advisory System is an example of monitoring terrorism and the likelihood of occurrence. Each organization’s emergency management and business continuity program should identify actions that will be taken to enhance security and protect personnel, facilities, and business operations when advisories are issued. Guidance can be found on the "Resources Page" of the Preparedness, LLC website. We have developed customized action plans for many of our clients.

Thunderstorms, Lightning & Tornadoes - eNewsletter

Summer is thunderstorm season, and thunderstorms bring lightning, heavy rainfall, hail, and tornadoes. Resulting fatalities, property damage, and losses from business interruption are significant. Natural hazards can’t be prevented, but emergency management can protect life, mitigation can reduce property damage, and business continuity planning can speed recovery and reduce operational impacts.

What is the potential impact on your business from a lightning strike or surge? What would you do if a tornado warning were issued?

Review this eNewsletter to learn more about the hazards of thunderstorms, lightning, and tornadoes. Identify mitigation opportunities and considerations for your emergency management and business continuity program.

http://www.preparednessllc.com/enewsletter/enewsletter_home.html

October is National Cyber Security Awareness Month

For the fifth year, the U.S. Department of Homeland Security’s National Cyber Security Division (NCSD) is spearheading National Cyber Security Awareness Month, a comprehensive outreach campaign to empower all Americans and businesses to take steps to secure their part of cyberspace. During the month of October, events will take place across the country to raise awareness of the growing need to protect the Nation’s critical infrastructures and key resources from cyber threats and vulnerabilities.The NCSD is partnering with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center, along with other government agencies and the private sector. The month's activities include press and media events, educational workshops, state cyber exercises, and lectures hosted by public and private partners, proclamations by state governors, and other stakeholder outreach activities. Here are 10 actions you can take to improve cyber security in your organization:

1. Use strong passwords at work and at home. Update your password frequently and encourage others to do the same.
2. Make sure that your anti-virus software and firewalls are up-to-date. New threats are discovered everyday and keeping your software and firewalls updated is one of the easiest ways to protect yourself from an attack. Set your computer to automatically update for you.
3. Hold an event at your facility designed to increase cyber security education and awareness. Download EDUCAUSE’s cyber resource kit online at http://www.educause.edu/7479.
4. Reach out to people that you know – your children, co-workers, friends – about good online safety and security habits, including protecting their personal information and their reputation. For more information and tips go to http://www.staysafeonline.org/ and http://www.us-cert.gov/.
5. Print cyber security posters from http://www.onguardonline.gov%20/ and post them in workrooms, hallways, bathrooms and other employee gathering places. Print and post cyber security tips near your computer at home and at work. Review them with your colleagues, employees and family members.
6. Create a separate section for cyber security tips on your organization’s web site. Download online buttons and banners about phishing, identity theft, file-sharing, and other cyber security topics at http://www.msisac.org/ or http://www.onguardonline.gov/ and place on your organization’s home page.
7. Use regular communications – newsletters, email alerts, websites, etc. – as an opportunity to promote your commitment to cyber security. Some newsletter topics to consider include: updating software processes; protecting personal identifiable information; and securing your wireless network.
8. Subscribe to the National Cyber Alert System from the US Computer Emergency Readiness Team at http://www.blogger.com/www.us-cert.gov. Through the Alert System, you can receive timely information about current cyber security problems to protect home and office computers. This information includes weekly bulletins with summaries of new vulnerabilities, patch information when available, and tips on common security topics, such as privacy, email spam, and wireless protection.
9. Back up important files. If you have important files stored on your computer, back them up to removal media, to a server, and best yet to an online backup service. Secure your backup media to prevent unauthorized access and store the media in a location where it will not be damaged from a hazard that affects your computer (what if your place of business was destroyed by fire?)
10. Ask IT security specialists at your workplace to report any potential cyber incident, threat, or attack to the United States Computer Emergency Readiness Team (USCERT) at 1-888-282-0870 or US-CERT.gov.

These links along with dozens of others that related to risk assessment, hazard prevention, risk mitigation, emergency response, and business contininuity have been added to the growing "Resources" page of the Preparedness, LLC website.