National Cyber Security Awareness Month

Recognizing the importance of cybersecurity, President Obama designated October as National Cyber Security Awareness Month (NCSAM). NCSAM is designed to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cybersecurity and increasing the resiliency of the nation in the event of a cyber incident. October 2012 marks the ninth annual National Cyber Security Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance (NCSA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC).
Follow these simple steps to keep yourself, your personal assets, and your private information safe online:

• Set strong passwords and don’t share them with anyone.
• Keep your operating system, browser, and other critical software optimized by installing updates.
• Maintain an open dialogue with your family, friends, and community about Internet safety.
• Limit the amount of personal information you post online and use privacy settings to avoid sharing information widely.
• Be cautious about what you receive or read online – if it sounds too good to be true, it probably is.

Check out the resources for information security on the "Resources" page of the Preparedness, LLC website.

New National Terrorism Advisory System

April 20, 2011

The Secretary of Homeland Security has announced the implementation of the Department of Homeland Security’s (DHS) National Terrorism Advisory System (NTAS)— that will provide timely information to the public about credible terrorist threats. This system replaces the former five color-coded alert system.

Under NTAS, DHS will coordinate with other federal entities to issue detailed alerts to the public when the federal government receives information about a credible terrorist threat. NTAS alerts provide a concise summary of the potential threat including geographic region, mode of transportation, or critical infrastructure potentially affected by the threat, actions being taken to ensure public safety, as well as recommended steps that individuals, communities, business and governments can take to help prevent, mitigate or respond to a threat. NTAS Alerts will include a clear statement on the nature of the threat, which will be defined in one of two ways:

• “Elevated Threat”: Warns of a credible terrorist threat against the United States
• “Imminent Threat”: Warns of a credible, specific, and impending terrorist threat against the United States

Depending on the nature of the threat, alerts may be sent to law enforcement, distributed to affected areas of the private sector, or issued more broadly to the public through both official and social media channels—including a designated DHS webpage (www.dhs.gov/alerts), Facebook, and via Twitter @NTASAlerts. NTAS alerts and posters will also be displayed in places such as transit hubs, airports and government buildings.

NTAS threat alerts will be issued for a specific time period and will automatically expire. Alerts may be extended if new information becomes available or as a specific threat evolves.

Our National Preparedness Standard, NFPA 1600 “Standard on Disaster/Emergency Management and Business Continuity Programs” calls for conducting a risk assessment to “identify hazards and monitor those hazards and the likelihood of their occurrence.” It also calls for “a process to monitor the identified hazards and adjust the level of preventive measures to be commensurate with the risk.” The National Terrorism Advisory System is an example of monitoring terrorism and the likelihood of occurrence. Each organization’s emergency management and business continuity program should identify actions that will be taken to enhance security and protect personnel, facilities, and business operations when advisories are issued. Guidance can be found on the "Resources Page" of the Preparedness, LLC website. We have developed customized action plans for many of our clients.

Preparing for Arctic Freeze & Winter Storms

Before the heavy snow warnings are broadcast and the frigid blasts of arctic weather arrive, it’s important to prepare your facility and your employees. Preparations now can save costly damage to equipment and facilities and maintain important fire and life safety systems.

Loss Data

A study by property insurer FM Global[1] for the period 1984 through 1995 revealed over 3500 freeze-related insurance claims. Of these incidents, 42% were due to sprinkler leakage, which accounted for 17% of the gross dollar loss estimate. Process equipment breakdown due to freezing accounted for 10% of the incidents but 26% of the gross dollars.

FM Global’s analysis revealed a pattern of freezing over the Christmas holidays when planned reductions in production, shutdowns, and vacations occur. Idle facilities contributed to reduced space heating, reduced or no heat in production equipment, and few or no people to monitor temperature and respond to freeze conditions.

Winter Preparations

Walk the entire roof and check to ensure roof drains, gutters, and downspouts are clear. Clean any accumulations of leaves or other debris that could be swept into and clog drains. Check all roof mounted equipment to ensure air conditioners, fan housings, antennas, signs, and other equipment is properly anchored and access panels are secure. Check to ensure roof flashing is intact and roof vents are tight. Plan for access to the roof in case the roof hatch is inaccessible.

Evaluate the structural strength of sections of roofs likely to accumulate heavy snow drifts and water. Excessive snow drifts increase the weight applied to the structure and can cause collapse. These areas include intersections of low and high roofs; valleys between two peaked roofs; intersection of roof and roof mounted equipment. Look for bent, deflected, twisted roof members/decks that might indicate susceptibility to overload.

Prepare all sprinkler systems, heating systems, process equipment, emergency generator, and snow removal equipment or service. Check that sufficient heat will be available in buildings protected by wet pipe sprinkler systems. Drain condensate from the low points of all dry pipe sprinkler systems and ensure that heating equipment in valve closets are working properly. Check fire pump house and suction/gravity tank heaters as well. Use approved heat trace on exposed pipes that cannot be drained.

Preparations before the Arctic Freeze or Winter Storm

• Determine personnel and resource needs to protect the facility and handle storm cleanup.
• Review emergency plans for loss of heat, electricity, and protection system impairments. Assign responsibilities and review alerting and communications procedures.
• Test emergency generators under a full load at least annually. Maintain generator fuel tanks ¾ full. Arrange for fuel delivery before a storm approaches.

When an Arctic Freeze or Winter Storm is Forecast

• Monitor National Weather Service and local news media advisories.
• Have security guards check for low temperatures, open doors, cracked windows, or other openings that can allow the cold to enter.
• Check fire protection and life safety systems periodically.
• Monitor temperatures in areas with water pipes to detect low temperatures—especially those not normally occupied.
• Check exterior windows to ensure they are intact and water tight and doors align with frames.
• Prepare to activate your emergency management and business continuity plan and alert staff to respond if called.
• Keep driveways clear for emergency vehicle access. Coordinate with your contractor or Public Works as needed.
• Clear the exterior of exit doors to allow for emergency egress.
• Shovel areas around sprinkler valves and fire hydrants to allow emergency access. Inspect roof drains and remove any debris.
• Clear roof drains of ice dams to allow melting snow to drain.
• Clear exterior down spouts of snow or ice buildup at outlets.
• Stay alert for the beginning of ponding-deflection cycles. As snow compresses, it absorbs rainwater and the increased weight on the roof will create depressions where water will accumulate and not drain. Often this condition worsens and leads to roof collapse.
• Remove dangerous snow loads if deemed safe. Priority areas include changes in roof elevation, moderate or low-sloped peaked single gable or curved roofs where winds cause drifting, valleys formed by multiple-gable or multiple peaked roofs, and roofs with multiple projections.
• Remove snow from standing seam metal roofs in strips starting at the peak to the eaves alternating side to side to assure the roof load is maintained in balance.
• Maintain awareness of surface water flooding caused by poor street drainage. Direct surface water away from the building.

If Heat is Lost and Pipes Freeze

• Use only approved space heaters to provide temporary heating. Check with the local fire department to determine what is approved for your area. Kerosene and propane heaters should only be used if permitted and in supervised areas where adequate ventilation and fire protection is available.
• Do not use torches to thaw frozen pipes.
• Follow insurer and fire department required impairment precautions if sprinkler systems freeze.

This eNewsletter has been published by Preparedness, LLC and is available on our website. You can subscribe to future eNewsletters from the website.

[1] FM Global Property Loss Prevention Data Sheet 9-18/17-18, January 2007

Fire Prevention Week, October 5-11

October 5-11 is Fire Prevention Week, an annual campaign focused on fire safety and promoted by the National Fire Protection Association. Did you know that fire departments responded to nearly 400,000 home fires in 2006? That's why this year's theme is titled "Prevent Home Fires." I strongly encourage you to educate your family about fire safety. Practice EDITH (exit drills in the home.) Make sure everyone knows to get out and stay out if there is a fire in the home. Make sure everyone knows where to meet, so everyone can be accounted for. Conduct a fire inspection in your home to identify hazards--before they can ignite a fire. Make sure your smoke detectors are working properly and that extinguisher, too. As a long time member of NFPA, I can attest to the conviction, expertise, and professionalism of the NFPA staff. I urge you to take their advice to heart. For more helpful information and educational tools, check out the following on the NFPA Fire Prevention Week website:

• Read our blog
• New survey looks at heating costs, fire risk
• Send a Sparky® e-card to friends
• Interactive learning stations for your open house.
• The Great American Fire Drill
• Online safety quiz.
• Free Scholastic materials
• View three new Dan Doofus FPW videos
• Home inspection checklist

"Reproduced from NFPA's Fire Prevention Week Web site, www.firepreventionweek.org. ©2008 NFPA."

October is National Cyber Security Awareness Month

For the fifth year, the U.S. Department of Homeland Security’s National Cyber Security Division (NCSD) is spearheading National Cyber Security Awareness Month, a comprehensive outreach campaign to empower all Americans and businesses to take steps to secure their part of cyberspace. During the month of October, events will take place across the country to raise awareness of the growing need to protect the Nation’s critical infrastructures and key resources from cyber threats and vulnerabilities.The NCSD is partnering with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center, along with other government agencies and the private sector. The month's activities include press and media events, educational workshops, state cyber exercises, and lectures hosted by public and private partners, proclamations by state governors, and other stakeholder outreach activities. Here are 10 actions you can take to improve cyber security in your organization:

1. Use strong passwords at work and at home. Update your password frequently and encourage others to do the same.
2. Make sure that your anti-virus software and firewalls are up-to-date. New threats are discovered everyday and keeping your software and firewalls updated is one of the easiest ways to protect yourself from an attack. Set your computer to automatically update for you.
3. Hold an event at your facility designed to increase cyber security education and awareness. Download EDUCAUSE’s cyber resource kit online at http://www.educause.edu/7479.
4. Reach out to people that you know – your children, co-workers, friends – about good online safety and security habits, including protecting their personal information and their reputation. For more information and tips go to http://www.staysafeonline.org/ and http://www.us-cert.gov/.
5. Print cyber security posters from http://www.onguardonline.gov%20/ and post them in workrooms, hallways, bathrooms and other employee gathering places. Print and post cyber security tips near your computer at home and at work. Review them with your colleagues, employees and family members.
6. Create a separate section for cyber security tips on your organization’s web site. Download online buttons and banners about phishing, identity theft, file-sharing, and other cyber security topics at http://www.msisac.org/ or http://www.onguardonline.gov/ and place on your organization’s home page.
7. Use regular communications – newsletters, email alerts, websites, etc. – as an opportunity to promote your commitment to cyber security. Some newsletter topics to consider include: updating software processes; protecting personal identifiable information; and securing your wireless network.
8. Subscribe to the National Cyber Alert System from the US Computer Emergency Readiness Team at http://www.blogger.com/www.us-cert.gov. Through the Alert System, you can receive timely information about current cyber security problems to protect home and office computers. This information includes weekly bulletins with summaries of new vulnerabilities, patch information when available, and tips on common security topics, such as privacy, email spam, and wireless protection.
9. Back up important files. If you have important files stored on your computer, back them up to removal media, to a server, and best yet to an online backup service. Secure your backup media to prevent unauthorized access and store the media in a location where it will not be damaged from a hazard that affects your computer (what if your place of business was destroyed by fire?)
10. Ask IT security specialists at your workplace to report any potential cyber incident, threat, or attack to the United States Computer Emergency Readiness Team (USCERT) at 1-888-282-0870 or US-CERT.gov.

These links along with dozens of others that related to risk assessment, hazard prevention, risk mitigation, emergency response, and business contininuity have been added to the growing "Resources" page of the Preparedness, LLC website.