Reposted from Denver News

The thousand-year-old Indian statue sat in the Denver Art Museum’s Asian art collection for six decades, a gift from prominent New York art dealer Robert Ellsworth.

Sculpted around the 10th century, the 38-inch sandstone piece depicts a celestial woman beneath a mango tree. It was once part of the Ghatesvara Temple in northern India, built as a shrine to the Hindu god Shiva.

Indian archaeologists, for years, said this priceless work was stolen. Four years ago, the museum quietly handed the statue to U.S. law enforcement to be repatriated to India.

Denver Art Museum officials did not issue a press release. The artifact has been scrubbed from the institution’s website as if it was never there. Aside from saved webpages on Internet archives, there’s no public-facing evidence that the statue was once a part of the museum’s collection.

For years, the Denver Museum has carefully curated which repatriations and deaccessions — pieces removed from its collection — it chooses to publicly announce, a practice that goes against industry recommendations. Unlike some other institutions, it’s impossible in Denver to see which pieces, and how many, the museum has returned after foreign governments or U.S. authorities provided evidence that they were stolen or illegally trafficked.

Other institutions, including Boston’s Museum of Fine Arts and the San Antonio Museum of Art, provide detailed information for all works they choose to remove from their collections — though that practice still represents the exception, not the rule.

Art experts say this should be the gold standard, an important tool for transparency and accountability as a public institution with an educational mission.

“Museums should be telling these stories not just for the sake of transparency but because they are intrinsically important stories that tell us really deep and meaningful things about how we understand other peoples’ cultural belongings,” said Elizabeth Marlowe, a professor of art and director of Colgate University’s Museum studies program. “That’s central to any universal museum.”

A Denver Art Museum spokesperson, Andy Sinclair, said the institution follows all field guidelines, practices and policies for collections and deaccessions. The museum is focused, she said in an email, on adding to its online collection database. Information on deaccessions will be made available “upon request,” she said.

When the celestial goddess remained part of the Denver Art Museum’s collection, anyone could find its photo, description and provenance information on the institution’s website.

But at least as far back as September 2019, museum officials scrubbed the antiquity from the site. The link to its entry now says, “the requested page could not be found.” An archived version of the webpage can still be accessed through the Internet Archive’s Way Back Machine.

The same is true for other artworks the museum has deaccessioned in recent years. A host of Southeast Asian relics donated to the museum by Bunker in 2016 also have vanished from the website amid the federal investigation.

Further ommissions include dozens of pieces donated or sold to the museum by indicted or convicted art dealers, such as Latchford and former New York gallery owners Nancy Wiener and Subhash Kapoor.

Latchford sold, loaned and gifted at least 14 works to the Denver Art Museum between 1999 and 2011. But his name no longer appears in any provenance section on the museum’s searchable collection database.

Museum leadership sometimes puts out press releases when it gives up artworks to U.S. authorities for repatriation to source countries. Those announcements include multiple objects returned to Cambodia since 2016, a collection of Indian works given back last year and older repatriations to Guatemala and a Native American tribe.

But pieces such as the celestial goddess garnered no public announcement. And the press releases for these repatriated pieces do not include accession numbers, provenance information or object descriptions — all key for academics, law enforcement and members of the public interested in researching a museum’s collection.

The Association of Art Museum Directors, an organization of museum leaders from the United States, Canada and Mexico, in 2010 issued a recommendation that member museums “publish on its website within a reasonable period of time works that have been deaccessioned and disposed of.”

The guidance is simply a recommendation, though, not a requirement.

Still, after the association published the policy, a growing body of museums have adopted the practice of maintaining a database with deaccessioned works.

The Museum of Fine Arts in Boston allows the public to see information about all 2,289 objects the institution has removed from its collection.

The museum includes extensive information about the items and their ownership histories. The institution deaccessioned a 7th-century Italian vessel, for instance, after New York authorities supplied evidence, it had been looted.

The object page outlines how the piece was illicitly excavated and sold to a New York collector before making its way into the museum’s collection in the 1990s. Museum officials note that the vessel was one of nine that came from a site that had been heavily looted and was later trafficked by a known illicit antiquities dealer.

“We feel transparency is important,” said Victoria Reed, the Boston museum’s curator for provenance. “We have a particular responsibility to our audience. We’re a public institution. If we decide to deaccession something, to remove it from public view, then we are accountable to our audience. We have a responsibility to share our thinking and information that led us to conclude what we did.”

The San Antonio Art Museum also faced this question in 2021 while repatriating objects to Italy. The simplest solution, museum leadership decided, was to keep the items on the institution’s website with updated details.

Researchers who want to study them will still be able to get information this way, since the museum can’t provide access to items no longer in its collection, said Lynley J. McAlpine, the San Antonio museum’s associate curator of provenance research.

“We hope that doing so will make information easy for people to find,” she said.

The Dallas Museum of Art and Cleveland Museum of Art also provide details of deaccessioned works on their websites. The Met in New York this month pledged to soon do the same for restituted objects.

Former museum directors and other industry experts say the Denver Art Museum should adopt these best practices as it continues to probe its collection for problematic works.

In recent years, the museum’s past questionable dealings with suspected or convicted illicit antiquity dealers have put a spotlight on the Mile High City’s preeminent art institution. In response, the museum last year hired a full-time senior provenance researcher, calling the work an “essential component of our commitment to ethical collecting practices.”

But the public, industry watchers say, continues to be left in the dark.

“It’s embarrassing,” said David Gill, a professor of archaeological heritage at the University of Kent in England. “It shows your curators have been recommending dodgy things for the museum. It shows the trustees haven’t really engaged in due diligence. It shows museums are actors closing a blind eye to the problem.”

The selective press releases, Gill said, seem to serve more as controlling the publicity.

“It’s all about, ‘We’ve done the right thing,’” he said, “rather than saying, ‘How did you get into this position in the first place?’”

While repatriations can be seen as bad press for a museum, they’re not antithetical to an institution’s mission, said Marlowe, the Colgate University professor.

“The Denver Art Museum could have a really powerful, honest display in which they say, ‘When we accepted these objects 30 years ago, we understood them differently,’” she said. “Telling that story of that broad shift in cultural values is a way to admit mistakes, show they’ve learned and bring audiences into the story.”

See Original Post

Reposted from The Art Newspaper

Environmental activists defaced the Louvre pyramid on 27 October, covering the landmark glass monument with orange paint. Protestors from the Dernière Rénovation group threw balloons at the famous glass structure while one of the demonstrators climbed up the edge of the pyramid; according to the Telegraph, a dozen people were arrested following the incident.

A Louvre spokesperson confirmed to The Art Newspaper that the activists attempted to cover the pyramid, the museum’s main entrance, with an orange liquid. “One of them climbed onto the pyramid's outer glass roof using climbing equipment. The liquid was sprayed onto the glass; traces are visible on the [structure]. No damage to the pyramid has been reported at this stage. Visitor access to the museum was maintained throughout the operation,” the spokesperson adds.

The website of Dernière Rénovation says that humanity has just “513 days left” until societal collapse (referring to the carbon emissions peak predicted for 2025), adding that: “It is now up to us, ordinary citizens, to enforce the commitments to which our government refuses to comply. It is up to us to enter into civil resistance.” The group is demanding that the French government implements a nationwide plan for the thermal insulation of buildings.

The glass pyramid, designed by the Chinese-American architect I.M. Pei, was inaugurated by the then French president François Mitterrand on 4 March 1989 after years of vitriolic debate—unheard in Paris since the early days of the “useless and monstrous” Eiffel Tower. Supported by a 200-ton steel and aluminum structure, the pyramid is surrounded by water basins and three smaller pyramids.

See Original Post

Reposted from AMM

Save the Date! We're heading to Columbus, OH in 2024!

Join us in one of the fastest growing cities in the Midwest in 2024 - Columbus, Ohio!

With its diverse neighborhoods, thriving food scene, and 30+ museums and galleries, we can't wait to explore Columbus, Ohio, with you next summer. 

We'll kick off the conference with a virtual day on Wednesday, July 24, hosted in collaboration with the Ohio Museums Association. Then, we'll gather together in-person at the Hilton Columbus at Easton from July 31-August 3 for sessions and many opportunities to connect with our peers. Of course, we'll also get out and experience Columbus museums!

In the coming weeks, we'll announce this year's conference theme, provide instructions for booking your room at the conference hotel, and open the Call for Proposals. Stay tuned!

See Original Post

Reposted from CISA

Today, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published “Phishing Guidance, Stopping the Attack Cycle at Phase One” to help organizations reduce likelihood and impact of successful phishing attacks. It provides detailed insight into malicious actor techniques, as well as technical mitigations and best practices to help prevent successful phishing attempts.  

A form of social engineering, malicious actors commonly use phishing with the intent to get their targeted victims to visit an illegitimate website or to download malware. To help organizations better understand this activity, this guide categorizes phishing into two common tactics: phishing to obtain login credentials and phishing to deploy malware. It expands upon the two tactics by detailing the techniques frequently used by these actors, such as impersonating supervisors/trusted colleagues, using voice over internet protocol to spoof caller identification, and using publicly available tools to facilitate spear phishing campaigns. 

With our NSA, FBI, and MS-ISAC partners, CISA produced this guide to provide practical, actionable steps to reduce the effectiveness of phishing as an initial access vector. Many of the controls described in this guide can be implemented by technology vendors, reducing burden and increasing security at scale.  

This guide also recommends software manufacturers incorporate secure by design principals and tactics into their software development practices. The authoring agencies provide several recommendations to mitigate the success of phishing emails reaching users and users interacting with the email.   

In addition to the joint guide, CISA published a blog with more information on phishing and this joint guide.  

All organizations, from small and medium-sized businesses to software manufacturers, are encouraged to review this joint guide and blog to better understand evolving phishing techniques and implement tailored cybersecurity controls and best practices to reduce the risk of compromise.

See Original Post

Reposted from CISA

The Cybersecurity Infrastructure Security Agency (CISA) is pleased to formally announce next steps of an important effort to update the National Cyber Incident Response Plan (NCIRP). As directed by the White House, in the 2023 National Cybersecurity Strategy, CISA will lead the process to update the NCIRP.  

 

As set forth in the National Cybersecurity Strategy Implementation Plan, CISA, in coordination with the Office of the National Cyber Director (ONCD), will gather input from public and private sector partners– including the federal interagency, Sector Risk Management Agencies, and regulators to incorporate appropriate changes to the NCIRP to make it more modern, agile, and flexible. The updated NCIRP will strengthen existing processes, procedures, and systems to more fully reflect that a “call to one is a call to all.” 

 

First published in 2016, the NCIRP is the Nation’s framework for coordinated response to significant cyber incidents. Since that time, much has changed to both the threat landscape and the cyber defense ecosystem. Through the Joint Cyber Defense Collaborative (JCDC), CISA will work to ensure that the updated NCIRP addresses significant changes in policy and cyber operations since the initial NCIRP was released. 

In leading the development of NCIRP 2024, CISA will ensure the work is grounded in the following principles:  

 

1. Collaboration. National cyber incident response requires deep commitment to partnerships across all levels of government, industry and with our international partners. The NCIRP 2024 will reflect this commitment to the vast community of diverse stakeholders and promote collaboration. 
2. Shared Responsibility. Cybersecurity is a collaborative effort with entities across the cybersecurity ecosystem uniquely contributing to a national cyber incident response. The NCIRP 2024 will challenge traditional methods of working with our partners, and move toward more forward-leaning, action-oriented collaboration to deploy the full potential of each party’s authorities, capabilities, and expertise.  
3. Learning from the Past. The past eight years have seen cyber incidents of unprecedented scale, impact, and sophistication. The NCIRP 2024 will incorporate lessons learned from past cybersecurity incidents to and further enhance incident response coordination efforts.  
4. Keeping Pace with Innovation. The cybersecurity landscape is a complex ever-evolving environment. The NCIRP 2024 will integrate processes capable of maneuvering its dynamic nature. This approach reflects a shift to greater proactivity for achieving clearly defined and intended outcomes. This change demonstrates our commitment to the sophisticated cybersecurity landscape by remaining vigilant and acting quickly whenever needed.   

The NCIRP 2024 planning initiative is part of the JCDC Planning Agenda, bringing together government and the private sector to execute cyber defense plans that achieve specific risk reduction goals and enable more focused collaboration.  

We are committed to remaining transparent about the work being performed throughout this process over the next year and a half and invite the public to follow its progress by visiting The National Cyber Incident Response Plan (NCIRP) or reviewing the fact sheet.

We look forward to the work ahead and are grateful for the willingness of our colleagues across all levels of government, the private sector and civil society to participate in this important process.

See Original Post

Reposted from DHS

WASHINGTON – Today, the Department of Homeland Security (DHS) released the 2024 Homeland Threat Assessment (HTA), which continues to identify a high risk of foreign and domestic terrorism in 2024. The HTA provides the public and the Department’s partners with a detailed report on the most pressing threats to the United States as part of the Biden Administration’s continuing effort to assist them in preparing for, preventing, and responding to the diverse and dynamic threat environment.  

Going forward, the annual HTA will serve as the primary mechanism for sharing the terrorism threat level, which has previously been done through the National Terrorism Advisory System (NTAS). The issuance of NTAS advisories will be reserved for situations where DHS needs to alert the public about a specific or imminent terrorist threat or about a change in the terrorism threat level. This shift will provide the public and DHS partners both in-depth annual reports and urgent updates, as needed.  

“Sharing information with the public on the threats we face is a vital part of protecting our homeland from today’s evolving security challenges,” said Secretary of Homeland Security Alejandro N. Mayorkas. “The annual Homeland Threat Assessment is a publicly available resource on the most pressing challenges facing the nation. By sharing our analysis of the threat landscape, we will enable our partners across state, local, tribal, and territorial government, along with the private and non-profit sectors, to make better-informed decisions that account for these security challenges.”   

Assessments from the 2024 HTA:  

• Foreign and Domestic Terrorism: The Department expects the threat of violence from individuals radicalized in the United States to remain high, but largely unchanged, mainly seen through lone offenders or small group attacks that occur with little warning. While sustained counterterrorism pressure has significantly degraded the ability of foreign terrorist organizations to target U.S. interests, foreign terrorist groups like al-Qa’ida and ISIS are seeking to rebuild overseas, and they maintain worldwide networks of supporters that could seek to target the homeland. 
• Border and Immigration Security: The complex border and immigration security challenges we have faced over the last year are likely to continue. In addition to the immigration challenges, the trend of an increased supply of fentanyl and variations in its production during the last year that have increased the lethality of these drugs is expected to continue. 
• Foreign Misinformation: The spread of mis-, dis-, and malinformation aimed at undermining trust in government institutions, social cohesion, and democratic processes will remain a likely strategy for adverse nation-states. Foreign actors leverage cyber and Artificial Intelligence (AI) tools to bolster their malign influence campaigns by improving the translation quality of their content. 
• Economic Security: We expect adverse nation states to continue using predatory economic practices, espionage, and cyber-attacks to try harm the U.S. economy, gain advantage for foreign companies, and steal U.S. intellectual property and trade secrets. 

Examples of DHS Efforts to Combat Threats Identified in the 2024 HTA: 

• United States Secret Service’s National Threat Assessment Center (NTAC) provided over 280 trainings and briefings to over 28,000 participants in the past year, the most in the NTAC’s history, including to state and local law enforcement, government officials, educators, mental health professionals, faith-based leaders, and workplace security managers across the country.  
• In 2022, DHS’s Nonprofit Security Grant Program (NSGP) awarded over $250 million in funding to support target hardening and other physical security enhancements to non-profit organizations at high risk of terrorist attack.   
• DHS provides funding for state, local, tribal, and territorial governments, nonprofits, and institutions of higher education with funds to establish or enhance capabilities to prevent targeted violence and terrorism through its Targeted Violence and Terrorism Prevention (TVTP) Grant Program. On September 6, 2023, DHS awarded $20 million in funding to 34 organizations working to develop and strengthen their community’s capability to combat targeted violence and terrorism.  
• In addition to biometric and biographic screening and vetting of every individual encountered, CBP has expanded information sharing agreements with international partners to enhance their ability to prevent, detect, and investigate trafficking and other crimes. CBP’s National Targeting Center continuously works to detect individuals and travelers that threaten our country's security, while also building a network of partner nations committed to fighting global threats.  
• DHS launched the Prevention Resource Finder (PRF) website in March 2023 in collaboration with more than a dozen federal partners. The PRF is a comprehensive web repository of federal resources available to help communities understand, mitigate, and protect themselves from targeted violence and terrorism.  
• The DHS Center for Faith-Based and Neighborhood Partnerships engages a coalition of faith-based and community organizations, as well as members of the Faith-Based Security Advisory Council (FBSAC), which DHS reconstituted in July 2022, to help build the capacity of faith-based and community organizations seeking to protect their places of worship and community spaces.  
• I&A’s National Threat Evaluation and Reporting Program continues to provide tools and resources for federal, state, local, tribal, and territorial partners on preventing terrorism and targeted violence, including online suspicious activity reporting training.  
• DHS’s Transportation Security Administration (TSA) Intermodal Security Training and Exercise Program (I-STEP) and Exercise Information System (EXIS®) work with government and private sector partners – including owners and operators of critical transportation infrastructure – to enhance security and reduce risks posed by acts of terrorism.  
• Among many investments and initiatives to counter fentanyl and transnational criminal organizations, the Department's recent Operations Blue Lotus and Four Horsemen stopped nearly 10,000 pounds of fentanyl in just two months. CBP’s Operation Artemis is building on that effort by leveraging intelligence and investigative information derived from Operation Blue Lotus to target the fentanyl supply chain. Concurrently, USBP’s Operation Rolling Wave is significantly increasing inbound inspections at Southwest border checkpoints and HSI is running Blue Lotus 2.0, to continue significantly increasing resources to Ports of Entry, while increasing coordination of operations to target the fentanyl supply chain.  
• DHS’s Cybersecurity and Infrastructure Security Agency (CISA) works with government and private sector partners – including owners and operators of critical infrastructure and public gathering places – to prepare for and respond to cyberattacks, as well as enhance security and mitigate risks posed by acts of terrorism and targeted violence by providing resources addressing Active Shooters, School Safety, Bombing Prevention, and Soft Targets-Crowded Places.  
• DHS’s Center for Prevention Programs and Partnerships (CP3) educates and trains stakeholders on how to identify indicators of radicalization to violence, where to seek help, and the resources that are available to prevent targeted violence and terrorism. 
• In 2021, 2022, and 2023 DHS designated domestic violent extremism as a “National Priority Area” within its Homeland Security Grant Program (HSGP), enabling our partners to access critical funds that help prevent, prepare for, protect against, mitigate, respond to, and recover from related threats.  
• SchoolSafety.gov consolidates school safety-related resources from across the government. Through this website, the K-12 academic community can also connect with school safety officials and develop school safety plans.  

See Original Post

Reposted from CISA

The Cybersecurity and Infrastructure Security Agency (CISA) is pleased to announce the release of a new resource titled, Security Planning Workbook, which can assist critical infrastructure owners and operators with developing a foundational security plan. This workbook is designed to be flexible and scalable to suit the needs of most facilities. It is intended for any individual who is involved with an organization’s security planning efforts, including those with varying degrees of security expertise, who are charged with the safety and security of facilities and people. This product also provides descriptions of critical elements of security planning information, offers a multitude of resources, and includes fillable fields to guide stakeholder efforts.

See Original Post

Reposted from CISA

Today, the Cybersecurity and Infrastructure Security Agency (CISA) is pleased to release a new resource, Protecting Houses of Worship: Perimeter Security Considerations Infographic. This product is a companion piece to the CISA and Federal Bureau of Investigation (FBI) co-branded Protecting Places of Worship: Six Steps to Enhance Security Fact Sheet. The infographic provides Houses of Worship stakeholders with low- to no-cost protective measures to enhance physical security. It also highlights grants and resources available to assist houses of worship in conducting vulnerability assessments, developing and updating security strategies and plans, bolstering physical security, and minimizing the impact of a potential attack.

See Original Post

Reposted from CISA

• On September 28, the Cybersecurity and Infrastructure Security Agency (CISA) kicked off the 20^th Cybersecurity Awareness Month. In tandem, CISA also launched a new, enduring cybersecurity awareness program known as “Secure Our World.” The Secure Our World program promotes behavioral change in all Americans, with a particular focus on how individuals, families and small to medium-sized businesses can Secure Our World by focusing on four critical actions: using strong passwords and a password manager, turning on multifactor authentication (MFA), recognizing and reporting phishing, and updating software. It also asks technology manufacturers to Secure our Products by designing products that are cybersecure right out of the box. Secure Our World is the theme for this year’s Cybersecurity Awareness Month and will remain the enduring theme for future awareness month campaigns.

  This October and year-round, CISA challenges everyone to help secure our

  ·        Use strong passwords that are long, random, and unique to each account, and use a password manager to generate them and to save them.

  ·        Turn on multifactor authentication on all accounts that offer it. We need more than a password on our most important accounts, like email, social media, and financial accounts.

  ·        Recognize and report phishing, as we like to say, think before you click. Be cautious of unsolicited emails or texts or calls asking you for personal information, and don't click on links or open attachments from unknown sources.

  ·        Update software. In fact, enable automatic updates on software so the latest security patches keep devices we are connected to continuously up to date.

•  world by adopting four simple steps that everyone can take to stay safe online:

• Additionally, as part of the effort to Secure Our World, we offer resources and tips: 

·        For individuals and families, the Secure Our World program emphasizes the importance of securing personal accounts, offering guidance on personal device safety, safe internet browsing practices, social media usage, and protecting personal information online. 

·        Small and medium-sized businesses (SMBs) face unique challenges, so we are working to help them Secure Our World by offering tools and resources that can help keep their businesses, employees, customers and, ultimately, our communities safer.

·        Tech manufacturers can Secure Our World by implementing security features built-in by design. Default settings should have the highest security measures implemented, and individuals can manually bypass security features if they don’t want them. Users should not have to opt-in to necessary security measures to make their products safe to use. Products should be safe for end users right out of the box.

By committing to safe online behaviors, we can easily minimize or prevent cybercriminals and hackers from infiltrating our devices and online accounts.

See Original Post 

Reposted from CISA

Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA) announced the opening of the application process for the Tribal Cybersecurity Grant Program (TCGP) to help tribal governments address cybersecurity risks and threats. The cyber grant program, established by the State and Local Cybersecurity Improvement Act as part of the Bipartisan Infrastructure Law, helps address the unique challenges tribal governments face when defending against cyber threats.    

  

Digital threats impacting Native American and Alaska Native tribes are increasing and becoming more complex. Tribal sovereignty creates unique cybersecurity challenges for these groups that often lack or can’t easily access resources needed to address them.    

  See Original Post