Reposted from SafeHaven Security

Upcoming Training

Date: January 23-24, 2025

Time: 8:30am-4:30pm CST (both days)

Location: SafeHaven Security Group Office

212 S 3rd St Unit 201, Rogers, AR 72756

Purpose:

Learn to recognize pre-incident indicators (warning signs) of potentially violent situations, to determine the danger level, and how to keep people safe.

Objectives:

1.  ASSESS situations of potential violence by recognizing warning signs you can identify before violence occurs
2.  MITIGATE and de-escalate potential violence through proven behavioral threat management strategies and tactics
3.  PROTECT the people you care about by keeping them safe and ensuring they feel safe. Protect against liabilities and protect your organization’s brand

CEU:

SHRM has approved this course for 16 credits.
HRCI has approved this course for 16 credits.

Candidates:

Human Resources, Workplace Safety, Security, Legal, Leadership Professionals and anyone who seeks to keep people safe from violence, active shooters, domestic violence spillover, etc

Curriculum:

You will receive life-saving instruction developed and taught by experts with decades of real-life experience in the field of Threat Assessment and Management. Methodologies used by mental health experts and agencies like the United States Secret Service to assess-mitigate-protect against potentially violent situations.

Method of Instruction:

This is a two day in-person course held at SafeHaven Security’s office. Certification requires successful completion of a competency-based exam at the end of the course to ensure you become proficient in the instruction you receive, participation in each course is limited to small groups.

See Original Post

Reposted from SafeHaven Security

Upcoming Training

Preparing for Civil Unrest

Webinar | Dec 5 | 10:00am CST

With political elections behind us and now an upcoming administration change, as a business professional, you need to be aware of the potential civil unrest and percussions for the business world. From altering economic policies to reshaping regulatory landscapes, the outcome of elections can directly affect your business operations and profitability. This webinar will provide you with practical information and steps on how you can use a combination of strategic planning, risk assessment and operational adjustments to minimize disruption and protect your people.

See Original Post

Reposted from CISA/DHS

Save the date! We’ve dedicated our November 26 CISA Live! to Making Progress on Critical Infrastructure Security and Resilience. Hosted on LinkedIn, this event will feature Dr. David Mussington, CISA’s Executive Assistant Director for Infrastructure Security, and Caitlin Durkovich, Deputy Assistant to the President and Deputy Homeland Security Advisor for Resilience & Response at the White House National Security Council (NSC), who will discuss the evolution of critical infrastructure security and resilience along with key offerings that can help all Americans Resolve to be Resilient. Bring your questions, since event participants can also participate in a live question & answer session. Join us on November 26 at 11:30AM ET and feel free to share this invite and the event page with others who may be interested, too. 

See Original Post

Reposted from CISA/DHS

We’ve dedicated our November 20 CISA Live! to Making Progress on Critical Infrastructure Security and Resilience. Hosted on LinkedIn, this event will feature CISA’s Executive Assistant Director for Infrastructure Security, Dr. David Mussington, who will share key areas of progress and highlight CISA’s recent initiatives and valuable resources designed to help all Americans Resolve to be Resilient. Bring your questions, since event participants can also participate in a live question & answer session. Join us on November 20 at 11:30AM ET and feel free to share this invite and the event page with others who may be interested, too. 

See Original Post

Reposted from CISA/DHS

In case you missed it, the Department of Homeland Security (DHS) released a significant set of recommendations aimed at advancing the safe and secure deployment of Artificial Intelligence (AI) in critical infrastructure. The Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure (the "Framework") provides essential guidance to stakeholders across the AI supply chain, from cloud providers and developers to critical infrastructure operators and civil society. This collaborative Framework, developed with insights from the DHS Artificial Intelligence Safety and Security Board—a public-private advisory group with leaders from industry, academia, civil society, and government—marks a critical step forward in ensuring the responsible use of AI in essential services that Americans rely on every day.

Key Highlights of the Framework:

 Collaborative Guidance: The Framework includes specific actions for key stakeholders—cloud and compute providers, AI developers, critical infrastructure owners, civil society, and public sector entities—to mitigate risks, safeguard consumer rights, and promote safe and transparent AI practices.

 Comprehensive Coverage: It addresses vulnerabilities unique to AI in critical infrastructure, such as attacks using AI, attacks targeting AI systems, and design failures, while also supporting a "Secure by Design" approach for AI developers.

 Endorsement from Leadership: DHS Secretary Alejandro N. Mayorkas emphasizes the transformative potential of AI in strengthening U.S. critical infrastructure resilience, urging leaders across sectors to embrace and implement the Framework.

If widely adopted, this voluntary Framework will not only improve the safety and reliability of critical services like power, water, and telecommunications but also build trust and transparency between entities involved in AI development and deployment.

See Original Post

Reposted from CISA/DHS

The Cybersecurity and Infrastructure Security Agency (CISA) released the Venue Guide for Security Considerations. CISA is committed to partnering with venue operators in mitigating the threat of targeted violence and preparing for any potential incidents. The guide serves as a broad catalog to support safe and secure day-to day operations and event management planning and execution. Applying the guide will enable venue operators to effectively identify and manage risk. This guide aims to help venue operators enhance safety, protect assets, and create secure environments through effective security measures and best practices. The guide:

1. Provides guidance for venues, such as evaluating security measures, complexity levels, costs, options, and threats mitigated by these measures. By balancing these factors, venues can create a secure environment for operators and guests.
2. Recommends broadly applicable considerations for evaluating security practices, such as assessing measures and improving physical security compliance to ensure staff and visitor safety.
3. Offers actionable guidance for prioritizing the most effective security practices and proactively reducing the risk of major threats.
4. Provides venue operators with a tailored menu of security options, allowing them to select the most suitable and effective measures for their venue’s budget, size, location, and risk factors.

See Original Post

Reposted from EMR-ISAC InfoGram

On Nov. 7, CISA announced the kickoff of Critical Infrastructure Security and Resilience (CISR) Month. CISR Month is CISA’s annual effort to educate and engage all levels of government, infrastructure owners and operators, and the American public about the vital role critical infrastructure plays in the nation’s security and why it is important to strengthen critical infrastructure resilience. The enduring theme this year remains “Resolve to be Resilient.” Throughout November, CISA is highlighting how critical infrastructure organizations can integrate the following practices to help make our critical infrastructure secure, resilient, and able to bounce back quickly and build back stronger when disruptions occur:

Know Your Infrastructure and Dependencies.

Assess Your Risks.

Make Actionable Plans.

Measure Progress to Continuously Improve.

CISA has provided resources on its Critical Infrastructure Security and Resilience (CISR) Month webpage, which includes a toolkit and social media graphics. The toolkit includes lists with quick actions that can be taken by various stakeholders. For example, state, local, tribal, and territorial governments can help make critical infrastructure more resilient by connecting public safety officials with private sector businesses, and by conducting or participating in a training or exercise to improve security and resilience.

The toolkit highlights CISA’s resources on the following topics:

Active shooter preparedness

Bombing Prevention and C-IED

Chemical security

Federal facility security

Insider threat

School safety

Resilience planning and supply chain security

UAS security

Public gatherings and physical security

Self-assessments and exercises

On Wednesday, Nov. 20 at 11:30 a.m. EDT, CISA will host a CISA Live! event, Making Progress on Critical Infrastructure Security and Resilience. CISA’s Executive Assistant Director for Infrastructure Security will share key areas of progress, highlighting CISA’s recent initiatives and valuable resources designed to help all Americans “Resolve to be Resilient.” Participants will have an opportunity to engage in a live Q&A. Visit CISA’s Critical Infrastructure Security and Resilience (CISR) Month webpage to learn more. Join the Nov. 20 CISA Live! on LinkedIn. Access this event and all past CISA Live! event recordings at https://www.cisa.gov/cisa-live. You can also follow CISA on social media to join the #BeResilient conversation. On Nov. 7, CISA announced the kickoff of Critical Infrastructure Security and Resilience (CISR) Month. CISR Month is CISA’s annual effort to educate and engage all levels of government, infrastructure owners and operators, and the American public about the vital role critical infrastructure plays in the nation’s security and why it is important to strengthen critical infrastructure resilience. The enduring theme this year remains “Resolve to be Resilient.” Throughout November, CISA is highlighting how critical infrastructure organizations can integrate the following practices to help make our critical infrastructure secure, resilient, and able to bounce back quickly and build back stronger when disruptions occur:

Know Your Infrastructure and Dependencies

Assess Your Risks

Make Actionable Plans

Measure Progress to Continuously Improve

CISA has provided resources on its Critical Infrastructure Security and Resilience (CISR) Month webpage, which includes a toolkit and social media graphics. The toolkit includes lists with quick actions that can be taken by various stakeholders. For example, state, local, tribal, and territorial governments can help make critical infrastructure more resilient by connecting public safety officials with private sector businesses, and by conducting or participating in a training or exercise to improve security and resilience.

See Original Post

Reposted from EMR-ISAC InfoGram

The Homeland Defense & Security Information Analysis Center (HDIAC) will host a webinar on Wednesday, Nov. 20 at 12 p.m. EDT, Don’t Forget to Inform the Public: Why Messaging Matters. Throughout the course of various crises, communication from government agencies and key stakeholders is critical. Unfortunately, this communication has been upended many times in a variety of ways. To alleviate public fear, some organizations have fallen into the trap of downplaying the seriousness of a catastrophic event.  In other cases, information posted on social media has been usurped by others and twisted into conspiracy theories or misinformation. This webinar will explore some historical successes and failures of public communications. A theme will emerge in which targeted communications and partnerships with organizations and individuals, heretofore ignored as a legitimate podium for public information dissemination, are critical in achieving information goals.

Key takeaways will include the following:

• The importance of messaging for managing crises.
• Maintaining public trust through messaging.
• Examples of targeted campaigns with successful results.
• Engaging with social media influencers.
• Enhancing training for public information officers.

HDIAC is a component of the U.S. Department of Defense’s (DoD's) Information Analysis Center (IAC) enterprise, serving the defense enterprise of DoD and federal government users and their supporting academia and industry partners. HDIAC regularly hosts live online technical presentations featuring a DoD research and engineering topic within one of HDIAC’s technical focus areas. These include many homeland defense topics relevant to the emergency services sector, such as medical and CBRNE defense, critical infrastructure protection, counterterrorism, environmental security, aviation security, law enforcement, building and facilities security, border security, disaster/emergency response and recovery, and cybersecurity/information management. This webinar is open to the public. Learn more and register at HDIAC.DTIC.MIL.

See Original Post

Reposted from EMR-ISAC InfoGram

Zero-days comprised the majority of the most routinely exploited vulnerabilities last year, an increase from 2022 which allowed cybercriminals to attack higher-priority targets, Five Eyes cyber officials said in a Tuesday advisory. The top five vulnerabilities exploited by attackers in 2023 were found in three vendors (Citrix, Cisco, and Fortinet) across networking devices, remote access servers and firewalls. Last year, the two pairs of CVEs in Citrix and Cisco products, respectively, comprised the four most-exploited vulnerabilities of the year.

See Original Post

Reposted from EMR-ISAC InfoGram

On Nov. 12, the House Committee on Homeland Security has released a new Cyber Threat Snapshot examining growing threats posed by malign nation-states and criminal networks to the homeland and the data of Americans. Unfortunately, cyberattacks on critical infrastructure increased 30 percent globally last year. To undermine U.S. sovereignty, Iranian hackers used spear-phishing to target campaign networks and government officials; China allegedly backed hacking group Salt Typhoon to infiltrate candidates’ phones; and Russia used a botnet to target social media feeds in an effort to spread their malign influence. From Iran-backed intrusions into our water sector and the targeting of satellites to the Chinese Communist Party-affiliated ‘Typhoon’ intrusions into numerous facets of our critical infrastructure, nation-states see the dangerous value in disrupting, manipulating, or surveilling the operational and information technology that supports the daily lives of Americans. Cyber insecurity also impacts the health and wellness of Americans, as cybercriminals increasingly target hospitals and other healthcare entities for ransom. The intrusions into the Ascension Health hospital system and Change Healthcare, a UnitedHealth subsidiary, showcase the damage that can be done to patient care and privacy when the IT that is foundational to emergency response is undermined by cyber criminals. Read the full Nov. 12 release and Snapshot at Homeland.House.Gov.

See Original Post