Virtual reality technology offers the possibility of running through simulated lifelike crises without the risk. Where that virtual reality goal is in relation to real reality was the focus of a recent conference on modeling and simulation for emergency response. For example, Charles McLean of the National Institute of Standards and Technology (NIST) and Sanjay Jain, research associate professor at Virginia Tech, discussed NIST's effort to create a "framework for integrated emergency response." The framework would incorporate disaster type, affected parties, and applications such as vulnerability analysis and training. Rebecca Moses, Michael J. Taylor, and Gary R. Steiner spoke of a parallel effort at Oak Ridge National Laboratory and called for the creation of a national user facility that would be "responsible for developing and maintaining integrated emergency response simulation tools and high-quality supporting data." @ Summaries of these workshops have been collected into a document published by NIST, which is available from SM Online.
Every urban area has one: a nightclub noted for loud music, outbursts of violence, and plenty of drugs. In Burlington, Ontario, near Toronto, that club is called NRG/The Kingdom, and its crowd wreaked havoc in the neighborhood. Several years ago regional police collaborated with the club's owners on a multifaceted problem-solving approach. Access to railroad tracks behind the club was blocked. Extra lighting and gates were installed to prevent cars and pedestrians from parking near or skulking around neighboring businesses. Bushes were removed from a nearby vacant lot. Find out how the club and community did it .
In Toronto, citizens and businesses can choose whether police or private security personnel respond to alarms. Those who choose police bear the cost of false alarms.The video, developed by the Private Sector Liaison Committee of the International Association of Chiefs of Police, also identifies the worst false-alarm offenders: municipal buildings, banks, schools, and churches.
According to a recent survey by the Defense Manpower Data Center, active-duty U.S. troops have gotten the message about sexually harassing behavior. Over a seven-year period, the rate of harassment of female colleagues dropped from 46 percent to 24 percent, with fewer incidents by Marines spurring the decline. @ A summary of the survey is on SM Online.
While 71 percent of New Jersey companies are "very concerned" about drug or alcohol abuse among their employees, only 30 percent have implemented substance abuse education, training, or assistance programs for employees. Companies whose staff have serious alcohol or drug abuse problems are no more likely to have such programs than those without these problems. @ See SM Online for a survey on drug abuse policies in New Jersey workplaces.
Watch those tractors, loaders, and backhoes. According to the National Equipment Register (NER), these are the types of heavy equipment--used for construction, farming, and related fields--that are most often stolen. The high incidence is attributable to the equipment's mobility, according to the NER. @ An NER report, available via SM Online, includes theft information by state and site, as well as recovery statistics.
The United States is vulnerable to nuclear, biological, chemical, and radiological attacks. Pathways to the country via land, sea, and air are insecure. Critical infrastructures have few defenses. While this assessment seems to have been made in the weeks following 9-11, it is actually the current conclusion of the Democratic members of the House Select Committee on Homeland Security. A new report by these members documents gaps in intelligence, nuclear material protection, biodefense, and critical infrastructure protection, among others. Read America at Risk: Closing the Security Gap.
Some of the vulnerable areas cited in the aforementioned report, including border and cargo security, have been the subject of recent scrutiny by the U.S. General Accounting Office (GAO). GAO auditors, for instance, recently checked on the status of the US-VISIT (United States Visitor and Immigrant Status Indicator Technology) program, finding that it is "inherently risky, both because of the type of program it is and because of the way it is being managed." Specifically, US-VISIT is inherently risky because it is responsible for a critical, multifaceted mission; has a large and complex scope; must meet a demanding implementation schedule; and entails enormous cost. Risks relating to management include initial reliance on integrating existing systems that have problems. In testimony on cargo inspection, the GAO's Richard M. Stana noted that the Department of Homeland Security's U.S. Customs and Border Protection (CBP) fails to incorporate key elements of a risk management framework in its approach to risks posed by oceangoing cargo containers. CBP, Stana told the Subcommittee on Oversight and Investigations, House Committee on Energy and Commerce, hasn't determined the level of risk for cargo or the responses necessary to mitigate that risk. Moreover, CBP hasn't subjected its method of selecting and inspecting cargo containers to external peer review or testing, he said.
Conventional wisdom holds that terrorism preparedness is best when information is obtained at the local level and shared at the regional level and beyond. Three analysts from the U.S. Department of Justice contend that this model meshes well with community policing, in which law enforcement prevents crime by partnering with members of the community and sharing information with various local role players as well as with regional and state police. Thus, they say, community policing has the potential to incorporate a formidable antiterrorism component. "Connecting the Dots for a Proactive Approach," by Matthew C. Scheider, Robert E. Chapman, and Michael F. Seelman, is at SM Online.
In a case recently decided in Wales, United Kingdom, the High Court of Justice has ruled that it has jurisdiction over an Internet libel lawsuit. (King v. Lewis, High Court of Justice, Queen's Bench Division, No. [2004] EWHC 168 (QB), 52, 2004)
The House Transportation and Infrastructure Committee's Subcommittee on Aviation recently held a hearing on airport screening and checkpoint issues. Several government and industry representatives testified.
A bill (H.R. 3788) introduced by Rep. Loretta Sanchez (D-CA) would require the Coast Guard to develop and implement a secure, long-range automated vehicle tracking system. The system would be used to reroute vessels and maritime cargo in case of an emergency.
Introduced by Sen. Edward Kennedy (D-MA), a Senate bill (H.R. 1705) would prohibit an employer from refusing to hire or to discharge an individual based on that individual's sexual orientation. The bill would also prohibit discrimination in compensation, terms, conditions, or privileges of employment because of sexual orientation.
A bill (H.R. 2939) introduced by Rep. Randy Forbes (R-VA) would amend federal law to enhance the prevention and prosecution of crimes committed using weapons of mass destruction. The bill would make illegal any threat, attempt, or conspiracy to use weapons of mass destruction within the United States on any property, including property owned, leased, or used by a foreign government. penalties for certain crimes carried out at ports. Under the bill, it would be illegal to damage or destroy a vessel or maritime facility. Enhanced penalties would apply if the vessel carried high-level radioactive waste or spent nuclear fuel.
A Senate bill (S. 2060) introduced by Sen. Harry M. Reid (D-NV) would allow local law enforcement officers to carry weapons onto commercial aircraft. The officers would have to be full-time municipal, county, or state law enforcement officers. The officers would not have to be on duty to carry a weapon.
Introduced by Rep. Lamar Smith (R-TX), a bill (H.R. 3754) would make it illegal to knowingly provide material and misleading or false contact information in making, maintaining, or renewing registration of an Internet site domain name. The bill would also add seven years to the felony conviction of such a crime.
A bill (H.R. 3534) introduced by Rep. Thomas Tancredo (R-CO) would suspend the visa waiver program until the Department of Homeland Security (DHS) fully implements an automated entry-exit system and the use of biometric machine readers and passports.
A bill (S. 2216) introduced by Sen. Ernest Hollings (D-SC) would require the Homeland Security Department to conduct risk assessments of rail security threats and then recommend additional measures to increase safety. The recommendations would consider infrastructure, facilities, terminals, tunnels, bridges, and any other high-risk areas. The bill would include funding of $515 million.
Sen. Barbara Boxer (D-CA) has introduced a bill (S. 2171) that would require the federal government to establish a toll-free hotline that could be used by local government and nonprofit organizations to obtain information about federal grant programs and funding available for first responders and terrorism-preparedness programs.
The U.S. Supreme Court has ruled that an individual whose Social Security number was released to the public by the government cannot collect damages because he cannot prove that the disclosure caused him actual harm. In the case, a miner making a claim of black lung disease to the Department of Labor found that some of the information on official agency documents, which included the claimant's Social Security number, was revealed to the public. The miner sued the department, claiming that he was entitled to $1,000 damages from the government under the Privacy Act of 1974. The Supreme Court has ruled that because the disclosure did not cause the miner actual harm, he may not recover damages. (Doe v. Chao, United States Supreme Court, No. 02-1377, 2004)
A recent ruling by the Vermont Superior Court determined that the state's opt-in privacy regulations for financial institutions--under which companies can't use a customer's personal information for marketing or sell it unless the customer opts in to that program--are constitutional. Insurance groups filed the lawsuit claiming that the opt-in regulations violated the plaintiffs' First Amendment rights. The court ruled that the state had the authority to regulate privacy practices to protect the personal information of consumers. (American Council of Life Insurers v. Vermont Department of Banking, Insurance, Securities, and Healthcare Administration, Washington Superior Court, No. 56-1-02, 2004)
Students at the Delaware Valley School District in Pennsylvania have won an appeal of a case in which they sued the school district, claiming that its drug testing policy violated their privacy rights. The plan requires that all middle and high school students who want to play sports, participate in extracurricular activities, or park an automobile on school premises submit to an alcohol and drug test. The Supreme Court of Pennsylvania, affirming a lower court's ruling, found that the school must prove that the need for drug testing outweighs the privacy rights of students. In this case, the school did not provide evidence that the drug testing was needed. (Theodore v. Delaware Valley School District, Supreme Court of Pennsylvania, No. J-97-2004, 2004)
The Cyber Security Early Warning task force, which includes representatives from businesses, trade groups, and academia, has issued its first set of recommendations. First is a call for the creation of an Early Warning Alert Network (EWAN) that would work with existing public-private information-sharing organizations to establish "trust communities" across industry sectors that would receive critical alerts on vulnerabilities, attacks, and exploits. The task force also envisions a National Crisis Coordination Center (NCCC), "a single physical center that pulls together public and private sector constituencies for full crisis prevention and response coordination," complete with backup power, a hot site, and a full-time staff assigned for tours of duty by members of each critical infrastructure and government sector.
Section 404 of the Sarbanes-Oxley Act requires companies to include in their annual reports a report of management of the company's internal control over financial reporting. How IT risks and controls are affected is explained in a Q&A format in a new publication from risk-consulting company Protiviti. Link to the Protiviti paper, Guide to the Sarbanes-Oxley Act: IT Risks and Controls,
A dozen security IT vendors have established the Cyber Security Industry Alliance with the aim of improving cybersecurity "through public policy initiatives, public sector partnerships, corporate outreach, academic programs, alignment behind emerging industry technology standards, and public education."
A dozen security IT vendors have established the Cyber Security Industry Alliance with the aim of improving cybersecurity "through public policy initiatives, public sector partnerships, corporate outreach, academic programs, alignment behind emerging industry technology standards, and public education."
More than half of the businesses responding to a recent survey by the Yankee Group indicate that they expect IT security budgets to increase over the next three years, compared to only 8 percent who foresaw a decrease and 37 percent who expected the budget to remain the same. The survey was based on interviews with 404 decision makers in medium-size to large companies across a wide range of industries.
While users may forget their passwords easily, computers, like elephants, never forget. The persistence of that memory could pose a security problem if staff with limited access privileges were to figure out how to access the plain text passwords in the computer's database, says Abhishek Kumar, who authored a paper about this vulnerability.
The Department of Homeland Security's IT efforts are plagued with inefficiencies and problems, from an "organizationally weak" CIO office and the reliance on outdated technical systems to the need to outsource some benefits and payroll functions to other agencies. Those charges are leveled by Democrats on the House of Representatives' Homeland Security Committee in a recent report, America at Risk: Closing the Security Gap. @ The report is available at SM Online.
Virus disasters--where 25 or more computers within an organization are infected at the same time--increased 15 percent in 2003 from the previous year, and the costs of recovering from those disasters increased 23 percent over the same time period, from about $81,000 to almost $100,000. Those are some highlights of a survey of 300 companies and government agencies in the 9th Annual ICSA Labs Virus Prevalence Survey. @ More on the survey is available through SM Online.
The Judicial Conference of the United States has released a guide for allowing remote electronic access to criminal case files. This guidance states that if a document would be available to a member of the public at the courthouse, it should be available through the court's electronic access system. It also calls for the redaction of Social Security numbers and other sensitive data, and explains the types of documents--such as arrest warrants and juvenile records--that will not be available electronically. A separate document provides a model rule for compliance.
Powered by: Phase2 Technology