Message to the Board: Why YOU are the reason for insider threats.
Enjoy a 20 minute presentation on why executives are the cause for many to most insider threat cases…
Message to Government and Private Sector: YOU are the reason for insider threats
Everyone is missing the boat on the insider threat issue – INSA too…to paraphrase James Carville, “It’s leadership stupid.”
Government and private sector organizations are the primary reason for insider threats – senior leaders and the boardroom grow them internally.
With very minor exception, NO ONE COMES TO WORK FOR YOU ON DAY ONE WITH THE INTENT TO HURT YOU, steal your secrets, or sell your intellectual property.
It’s how you treat them, over time, that turns them into insider threats.
- You put them in the wrong jobs;
- You fail to trust them;
- You make it hard for them to do their jobs;
- You put asshole/untrained managers over them;
- You treat them like furniture;
- You , threaten their existence in your companies and agencies;
- You kill their spirit; and
- Then, you wonder why they decide to hurt you.
Want to reduce/eliminate the insider threat? Treat you staff the way you did on day one:
- Welcome them as a human being;
- Be aware of how they are cared for in your organization;
- Show them you care about them and their families;
- Give them a future;
- Put r-e-a-l leaders over them;
- Give them a voice; and
- Pay them well.
In other words, treat them as you would want to be treated.
Now, why is that so hard?
And, why do NONE of the plans I have seen for combatting the insider threat even mention poor leadership as a factor?
INSAonline.org | 9.12.13 Assessing Insider Threat Programs of U.S. Private Sector http://www.insaonline.org/i/f/pr/9.12.13_InsiderThreat_WP.aspx
DHS Fusion Center Assessment Report is out…How’d we do?
The Department of Homeland Security (DHS) released its 2012 National Network of Fusion Centers Assessment Report and the results are encouraging. DHS reported that (overall) fusion centers improved their capability scores by 11 points over the 2011 assessment report card. Summary findings, based on Critical Operating Capabilities (COCs):
COC 1 – Receive
- All fusion centers (77 or 100%) have access to federally sponsored Sensitive But Unclassified (SBU) information sharing systems.
- Every fusion center (77 or 100%) has at least one person cleared to access Secret information, but regular staff turnover means that fusion centers will continue to request new clearances (approximately 500 new clearance requests in the next 12 months).
- A significant number of fusion centers have on-site access to classified information sharing systems (66 or 85.7%).
- Fusion center use of the DHS Secret Internet Protocol Router Network (SIPRNet) Whitelist (Whitelist) is limited (41 or 53.2%).
COC2 – Analyze
- Fusion centers are highly involved in assessing threat and risk for their area of responsibility (AOR) (72 or 93.5%).
- Fusion centers are obtaining and using customer feedback on their analytic products (structured feedback: 65 or 84.4%).
- Analytic production plans are used widely across the National Network (60 or 77.9%).
- Critical infrastructure protection capabilities continue to expand across the National Network (75 or 97.4%).
COC 3 – Disseminate
- Despite progress since 2011, less than half (35 or 45.5%) of the National Network have a process in place to verify that customers are receiving their products.
- Fusion centers are increasingly designating a single, primary information sharing system (72 or 93.5%), but Homeland Security Information Network (HSIN) Intel is not frequently cited (23 or 29.9%) as the primary system for unclassified communication between fusion centers.
COC 4 – Gather
- The number of fusion centers that have developed Standing Information Needs (SINs) has increased (59 or 76.6%), but continued attention to SINs development is necessary.
- The National Network has a robust request for information (RFI) management capability (69 or 89.6%).
- A significant percentage of the National Network are involved in the Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI), in particular in providing line officers with information on the behaviors identified in the Information Sharing Environment (ISE)-SAR Functional Standard (SAR line officer training: 66 or 85.7%).
DHS has identified three areas for improving fision center capabilities:
- Use Standing Information Needs (SINs) as the foundation of a customer-driven fusion process:
Fusion centers need to have a process for a) deriving and cataloguing regional and federal information and intelligence needs SINs , and b) actively tagging/associating these SINs with the information and intelligence products they produce. - Document key business processes and ensure consistent access to training:
High turnover in critical fusion center staff positions is going to be the norm, for a number of reasons – staff rotations, augmentation, contract renewals, promotions, etc. Fusion Center Directors must plan for this “churn” by taking the time to a) document the center’s core business processes, b) keep SOPs and policies up to date, and c) develop training and other performance support tools to minimize the impact of staff turnover on center operations. - Implement organizational planning and evaluation processes to continuously improve fusion center operations:
Fusion centers should clearly develop and communicate their center’s mission, goals, and objectives by developing a strategic plan, and using that plan as a tool to measure its performance. The strategic plan and periodic performance reports should help to communicate how investments in the fusion center result in tangible results, and b) help to drive annual budget requests to sustain or enhance current center capabilities.
I see gaps in these areas in my own work with fusion centers…unfortunately, many fusion centers are so busy with operational activities, that developing SOPs, training, strategic plans, etc., ends up on the back burner.
One other area, not directly addressed by the DHS assessment process is the development of an effective plan and roadmap for building an IT infrastructure that supports the four COCs. This too gets relegated to the back burner. In some cases, IT is addressed, but in a piecemeal fashion – Fusion Center Directors should elevate the need for an integrated IT plan, one developed from Fusion Center business processes and describes three key areas.
Suggested Components of a Fusion Center IT Strategy
- Information and Intelligence exchanges – what information, data, and intelligence comes-in and goes-out of the Fusion Center?
- What functional capabilities does the Fusion Center have now and which systems deliver those capabilities? (as-is)
- What NEW functional capabilities does the Fusion Center need, and how will the center procure them? (to-be)
- How much money does the Fusion Center need to a) sustain current capabilities and b) to implement the new capabilities?
Feel free to reach out to me if your center would like to discuss enhancing your operational and/or IT planning capability.
r/Chuck
LEIM 37th Annual IACP: Tuesday May 21st 2013
This was my second year attending LEIM and certainly the most enjoyable as the setting for this year was the beautiful Fairmont Scottsdale Princess Hotel. Coming from a country (Ireland) that has been deprived of good summers for the last few years, I was overwhelmed by the glorious sunshine.
As I walked around the beautiful grounds of the Fairmont Princess, enjoying the heat, I took in the perfectly manicured lawns, the towering cactus displays and the perfect little bunnies. This was just heaven and so far away from the cold, rainy Dublin I had left some days previous.
I’m glad to say as I write this from my kitchen in Dublin; the sun is streaming in the window, and is bringing back memories of Scottsdale!
I discarded my swimsuit and dressed more appropriately for the Opening Ceremony of LEIM 2013. Scott Edson, the past year’s Chair, opened LEIM with a warm welcome for everyone and a brief outline of the next few days events and sessions. He was joined by Alan G. Rodbell, Chief of Police, Scottsdale and Bart Johnson, Executive Director, IACP; they too gave a brief introduction and welcomed all.
After the opening I went along to my first plenary session of LEIM, The Evolving Role of Technology in Policing. This sessions also included results from the previous days Information Technology (IT) summit. Tom Casady spoke about technology changes over the years and how it changed law enforcement.
- The telephone was a big innovation from the 1930’s, and is still a critical tool today.
- Cars and motorcycles changed everything for the average policeman patrolling the street on foot.. Harley Davidson credits Detroit, Michigan as being the first purchaser of police motorcycles as early as 1908. The use of cars and motor cycles by police was widespread by the 1930’s.
- Two-way radio with the invention of the Motorola Police Cruiser Radio Receiver in 1936 again changed policing for the better. This was a rugged one-way car radio designed to receive police broadcasts. These have of course evolved into the Police Scanners we know today.
- In 1968 the first 911 call centre began where people could contact police on a simple but easy number to remember, in an emergency. This highly successful contact is still used to this day.
- The typewriter was used from the early 20th century and of course has evolved from the 1960’s, to the computers and laptops that are used today.
- Finally, in 1974, the stun gun was invented. It became an invaluable tool to subdue fleeing or potentially dangerous persons, and gives officers a less lethal alternative to firearms in many situations. As many lives as it has saved, it is still a subject of controversy, as it’s use has been implicated in some instances of serious injury or death. But having seen its use over the years, and in particular, the British police recently using this device to subdue the two terrorists responsible for the killing of Drummer Lee Rigby in Woolwich on May 22nd, I do agree with police being armed with them.
Of course technology has evolved from all this, to the brilliance of what we have today. From Cell phones, Laptops, Augmented Reality, Wearable Technology, i.e.: Cameras, Voice Recognition, Facial Recognition, Predictive Analytics, DNA Biometrics, Embedded GPS and to Social Media using Twitter and Facebook as a means of getting information from the public at the time and place of a crime or disaster.
There are a few articles and more information on this subject below:
Stay tuned for a couple more blog postings about the 2013 LEIM Conference.
Thanks…r/Mary
Letter to Congressman Reichert: If you want LE information sharing, please aim your pen at a different target
If you want law enforcement agencies to share information, go to the source and help the Chiefs and Sheriffs to push their data in the FBI’s National Data Exchange N-DEx. Trying to impose information sharing with unfunded standards mandates will not work.
As someone who has been in the standards business since 1995, history has proven to me that:
- The business need must drive standards, standards can NEVER drive the business; and
- Trying to SELL the business on standards is a losing strategy.
Hi Congressman Reichert,
You won’t remember me, but a long time ago we were in meetings together in Seattle with the likes of John McKay, Dave Brandt, Scott Jacobs, Dale Watson, and others working on building the Law Enforcement Information Exchange (LInX); I was the technical guy on the project, working with Chief Pat Lee and our very dear lost friend Julie Fisher (may she rest-in-peace, I sure miss her).
A hell of a lot of water has gone under the bridge since then–it’s been nearly TWELVE YEARS. If we look back over this time, we have had so many bills, laws, strategies, policies, papers, speeches, conferences, proclamations, and other assorted attempts to prod law enforcement data loose from the nearly 18,000 agencies across our country. While we are far better off than we were back then, I think we can agree that we still have a long way to go.
Where we differ, I’m afraid, is in the approach to get there – a few days ago, you proposed legislation, the Department of Justice Global Advisory Committee Authorization Act of 2013, as a means to improve information sharing among law enforcement agencies – do we really believe another “stick” will work to get agencies to share information? Do we really believe it’s a technology or data standards problem that’s preventing law enforcement data from being shared? As a technologist for 34 years, and someone who has been involved in law enforcement information sharing since the Gateway Project in St. Louis, MO in 1999, I can tell you it is neither.
While I applaud the work of the GAC, and I have many colleagues who participate in its work, I’m afraid having more meetings about information sharing, developing more standards, approving more legislation, and printing more paper will NOT help to reach the level of information sharing we all want.
Instead, I want to propose to you a solution aimed at capturing the commitment of the men and women who can actually make law enforcement information sharing happen, and virtually overnight (metaphorically speaking) – namely, the great men and women who lead our police and sheriffs departments across America.
Now to be fair, many of these agencies are already contributing their records to a system I am sure you are familiar with called the National Data Exchange (N-DEx). Built by the FBI CJIS Division, this system has matured into a pretty respectable platform for not only sharing law enforcement information, but also for helping cops and analysts to do their respective investigative and analytic work.
Now, in case you are wondering, I do not own stock in any of the companies that built N-DEx, nor has the FBI signed me up as a paid informant to market N-DEx. I write to you on my own volition as a result of my nearly six years of volunteer work as a member of the International Association of Chiefs of Police (IACP) Criminal Justice Information Systems (CJIS) Committee.
About two years ago I volunteered to lead a small sub-group of the committee who have either built, led, or managed municipal, state, federal, or regional information sharing systems. Our charge was (and still is) to help CJIS take a look under the hood of N-DEx to see what’s in there (data wise) and to help figure out what needs to be done to make it a more effective tool to help cops across America catch more criminals, and maybe, just maybe, even prevent criminals from acting in the first place.
While our work is far from done, I can tell you that one thing we need is more data – as you well know, be it N-DEx, LInX, RAIN, or any other information sharing system, it is only as good as the data that’s put into it.
Believe it or not we already have the data standards in-place to get the data into N-DEx. CJIS has developed two Information Exchange Packet Descriptions (IEPDs) that tells agencies exactly what to do and how to format and package up their data so it can get to N-DEx. Additionally, CJIS has an extensive team ready to assist and my colleagues over at the IJIS Institute hold training sessions sponsored by BJA, to help agencies along the process (NIEM training).
These two IEPDs can help law enforcement agencies today to share the following law enforcement records:
- Service Call
- Incident
- Arrest
- Missing Person
- Warrant Investigation
- Booking
- Holding
- Incarceration
- Pre-Trial Investigation
- Pre-Sent Investigation
- Supervised Release
So what’s the hold up? Speaking only for myself, and I will be very straight with you, I believe the root cause for not getting more law enforcement data into N-DEx is the current piecemeal, politically charged, hit and miss grant funding process that the Act you propose, if passed, will burden even further – see page 3, lines 17-25 and page 4, lines 1-6.
Instead, I ask that you please answer the following question…
If law enforcement information sharing is important enough to push though a Public Act, where is the nationwide project, with funding, to get all shareable law enforcement data loaded into the one system that would give ALL law enforcement officers and analysts access to collective knowledge of the nearly 18,000 law enforcement agencies?
The immediate answer might be “we already have one; N-DEx;” however, N-DEx is only a piece of the answer…it’s as they say, “one hand clapping.” And in all fairness to my friends and colleagues at the FBI CJIS Division, that program was only charged and funded to build the N-DEx bucket, they were never funded to actually go get the data to fill the bucket.
The strategy, for whatever reason back then, was relegated to a “build it and they will come” approach, that IMHO has not worked very well so far and may take another 5-10 years to work. I should also note that the bucket isn’t totally empty…there are quite a number of agencies and regional projects, like LInX, that have stepped up and are helping to fill the bucket – however, if we want to expedite filling up the bucket, focusing on mandating more standards is not the answer
What I submit is the “other hand clapping” is the need for a shift focus, away from policy, standards, and technology, and establish a funded nationwide project that will offer a menu of choices and support packages to the Chiefs and Sheriffs that will enable them to start sending as many of their shareable records as possible to N-DEx.
Some of the options/support packages could include:
- Provide direct funding to agencies and regional information sharing systems to develop N-DEx conformant data feeds to N-DEx;
- Grant direct funding to RMS and CAD system providers to develop N-DEx conformant data feeds from their software, with the stipulation they must offer the capability at no additional cost to agencies that use their products;
- Establish a law enforcement data mapping assistance center, either bolted on to IJIS NIEM Help Desk, as an extension of NLETS menu of services, or through funding support at an existing information sharing project like the Law Enforcement Technology, Training, & Research Center who works in partnership with the University of Central Florida.
At the end of the day, we all know that the safety and effectiveness of law enforcement is greatly affected by the information he or she has at their fingertips when responding to that call.
Do you really want to leave it to chance that that officer’s life is taken, or a criminal or terrorist is let go because his or her agency wasn’t “lucky enough” to win the grant lottery that year?
So, let’s empower the single most powerful force that can make sure the information is available – the Sheriff or Chief leading that agency. Let’s stop with the unfunded mandates, laws, standards, studies, point papers, etc., and let’s finally put a project in-place with the funding necessary to make it happen.
v/r
Chuck Georgo,
Executive Director
NOWHERETOHIDE.ORG
chuck@nowheretohide.org
Addressing the Intersection between Behavioral Health and Criminal Justice Systems – Webinar, January 23rd
I had the opportunity to participate in a webinar on Wednesday (January 23) on the subject of Addressing the Intersection between Behavioral Health and Criminal Justice Systems. The three speakers were:
- Patricia A. Griffin, PhD, a senior consultant in Pennsylvania Mental Health and Justice Centre of Excellence;
- Bob Mann, RN, LSW, an Administrator of Mental Health Operations in the Oklahoma Department of Corrections; and
- Donna Bond, LPC, Manager of Correctional Criminal Justice and Re-Entry Services, Oklahoma Department of Mental Health and Substance Abuse Services.
Speaker #1
The webinar began with Patricia Griffin; she opened with some statistics:
- 16.9% of all jail admissions have a serious mental illness;
- Of this, 14.5% are male and 31.0% are female.
These numbers surprised me, in particular the fact that there were twice as many females with mental disorders than males. Patricia also spoke about the high rates of co-occurring substance abuse disorders and other challenges involving trauma, medical problems, and homelessness. When arrested and convicted, these people convicted face long stays in jail.
Patricia then informed us of a collaborative effort by the state of Pennsylvania (PA) to have an impact on this issue – they wanted to do something about the high number of inmates with mental issues. It’s called The Sequential Intercept Model, a framework for understanding how people with mental illness interact with the criminal justice system.
- The term Sequential is meant to illustrate how people move through the criminal justice system in predictable ways;
- And, Intercept refers to the desire to examine the process to identify ways to intercept persons with severe mental illness.
The Westmoreland County Mental Health and Mental Retardation Program and multiple other local stakeholders requested the Pennsylvania (PA) Center of Excellence (CoE), Cross-Systems Mapping and Taking Action for Change workshops to promote progress in addressing criminal justice diversion and treatment needs of adults with mental illness in contact with the criminal justice system. They also wanted the CoE to provide additional information to help guide the implementation of newly received Day Reporting Center and Criminal Justice Liaison grants.
Mapping workshops were set up across the country to help communities address the problems; 27 counties in PA completed the workshops. The attendees were Judges, Law Enforcement, Social Services and local families whose members have been through this system. They serve as a springboard for counties to move forward and to improve their local services within their communities and to try to build better collaborative efforts.
Workshop participants got to understand what is happening at local level and begin to get a clear picture of what resources are available and how people work together. They learned from the workshops sessions that there was a clear pattern showing a lack of sobering service, detox facilities, medical assistance, and housing—this last one was a major concern for people who offend and re-offend. The workshop also found that there should be:
- More collaboration and communications;
- More training for staff; and
- Cross training between systems and expanding housing opportunities.
The workshops were a great success; participant evaluations showed that 94% of the participants would recommend the workshops to other counties.
Speaker #2
The second speaker was Bob Mann who talked about the Oklahoma Collaborative Health Program which started in 2007. This program is a collaboration of several Mental Health partners including: The Oklahoma Dept. of Corrections, The Oklahoma Dept. of Mental Health & Substance abuse, The Dept. of Human Services, The Oklahoma Health Care Authority, Social Security Administration and the Dept. of Rehabilitation Services – Disability Determination Division. The key elements contributing to the success of this program were:
- Benefit Planning – this helps people with high risk return in making sure that their benefits are in place to help them on release from prison; and
- Focus Groups – Looking at gaps causing people who return to prison.
About 50% of offenders have a history of, or are exhibiting some form of mental illness and 26% exhibit serious mental health problems. Also of note was the massive increase in people on psychotropic medication – from 1998 – 2006, there was an increase of 289%.
Speaker #3
The third speaker was Donna Bond. She explained how her inter-agency mental health re-entry program is unique in that the Oklahoma Department of Mental Health has taken ownership for the continuity of Mental Health services for offenders with the highest level of Mental Health need.
Discharge Managers (boundary spanners) receive considerable training and serve as part of the treatment team. The goal is for the individual to leave prison with Social Security benefits in place, a Medicare entitlement aligned so funding is in place for medical and mental health services following release. This process starts 120 days prior to offenders scheduled discharge.
Re-entry Intensive Care Co-ordination Teams (RICCT) meet with offenders a minimum of 90 days before the release date from prison, and they work with the offender in the community, until the offender has adjusted to life following incarceration. RICCT teams also work at helping getting the offender housed immediately on release, and also taking care of the offenders clothing and hygiene, and generally getting them a good start back into the community. Bob Mann said that 46.3% of most re-offenders return to prison within 36 months – the program has shown very good results – only 25.2% of offenders processed through the RICCT teams return.
My Thoughts
This is a subject that I am very interested in, and I’m curious why there are there more offenders today who have mental health problems, compared with thirty to forty years ago? A lot of these problems may stem from the natural percentage of the population who suffer mental illness and secondly from health problems connected to serious substance (drug) abuse.
The latter is a real and ongoing problem. From reading the stories in the newspapers we can see that drug abuse generally cause more crimes to be committed. There have been many recent news stories about crime committed by people with drug related addictions. A few examples below:
- Thomas Ashcroft, a homeless burglar in the U.K., started fires at hospitals so he could steal money to buy drugs. The fires caused a distraction so he could steal from the tills to help fund his drug addiction. He has been sentenced to eight years in prison.
- James Holmes the gunman who massacred 12 people in a cinema in Aurora, Colorado, was hooked on prescription painkillers. He started out life as a bright, quite brilliant young boy.
- In Sundays Irish Times, Jan 27th 2012, a story showed that Crime Figures for the Republic show a sharp rise in the number of sexual offences, kidnappings and drug related crimes between 2006 and 2010, according to Central Statistics Office figures recently published. Sadly, drugs are available everywhere in Ireland; young people have easy access to them, there is never a problem buying them or knowing where to find them.
It also seems like mental health problems are on the increase. We only have to open our newspapers each day to see tragic stories of people who have taken their own life, or have killed loved ones and themselves. Some were probably receiving treatment from mental health services, and then may have stopped attending clinics or they ran out of money to pay for treatment. We need to come up with better ways to take care of people with mental health problems. Not to “control” them, but to ensure they are getting appropriate treatment and to make sure they are taking their medicine.
People with mental health illnesses need care and attention, and people in their family and local community should be aware of their problem and “look out” for them. If they should need help, families and people in the community should know who to contact if they feel something is not quite right.
The Oklahoma program is a good example of this, and the statistics show that this is a successful approach. The hard work of people like Patricia Griffin, Bob Mann and Donna Bond is crucial in the success of such program. They are committed and passionate about their work in helping to re-habilitate people, to keep them from a life of crime, and help them to adjust to a happier life without re-offending. It’s important for everyone to become more aware and supportive of community efforts like this, and to help, where we can.
until next time…Is fhearr fheuchainn na bhith san duil
Mary
Wrap up of 112th Congress Justice and Public Safety bills signed into law
Here’s a quick wrap up of Justice and Public Safety related bills passed by the 112th Congress…r/Chuck
- Katie Sepich Enhanced DNA Collection Act of 2012 authorizes grants to offset states’ costs for testing the DNA of arrestees. The new law does not require states to collect DNA from arrestees, and participation in the grant program would be voluntary.
- Synthetic Drug Abuse Prevention Act of 2012 bans the use of synthetic marijuana, known as “K-2” or “Spice,” and other synthetic drugs, such as bath salts. The bill adds the cannabimimetic agents and several hallucinogenic substances to Schedule 1 of the Controlled Substances Act. The law also extends the period for which the Attorney General may temporarily schedule a substance to two years with a one-year extension. Previously, a substance could only be put temporarily on the Schedule I list for one year with a six-month extension. The bill passed as an amendment to the Food and Drug Administration Safety and Innovation Act.
- SAFE DOSES Act increases the federal penalties for the theft of drugs, medical devices and infant formula before the products reach store shelves. The goal is to target criminal organizations that steal sensitive goods for resale in the wholesale drug market. Under the new law, the maximum sentence is 20 years, or up to 30 years if the offense resulted in serious bodily injury or death.
- Residential Appointment Efficiency and Streamlining Act of 2011changed the way about 10 percent of all presidential appointments are handled, thereby reducing the burden on the Senate and the time spent getting new appointees approved. Under the new law, the President will appoint, but the Senate will no longer need to confirm, the directors of the Bureau of Justice Assistance (BJA), Bureau of Justice Statistics, (BJS), National Institute of Justice (NIJ), Office of Victims of Crime (OVC) and the Office of Juvenile Justice and Delinquency Prevention (OJJDP).
- Resolving a long-standing priority of the emergency management and law enforcement community, Congress passed a bill allocating to public safety the D Block section of the nation’s telecommunications spectrum. In addition to designating the D Block for public safety, the bill set aside $7 billion for the build out of a nationwide public safety broadband network and provides for the governance of the spectrum and for the preservation of the 700 MHz narrowband voice spectrum.
- Child Protection Act of 2012 increases the maximum penalties from 10 to 20 years for child pornography offenses that involve prepubescent children or children under the age of 12. The new law allows a federal court to issue a protective order if it determines that a child victim or witness is being harassed or intimidated and imposes criminal penalties for violation of a protective order. The Act also reauthorizes for five years the Internet Crimes Against Children (ICAC) Task Forces, a national network of investigators who have arrested more than 30,000 individuals involved in child exploitation since 1998.
- Investigative Assistance for Violent Crimes Act of 2012 authorizes the Attorney General or Secretary of Homeland Security, at the request of a state or local government, to assist in the investigation of violent acts and shootings occurring at schools, colleges, universities, nonfederal office buildings, malls, and other public places, and in the investigation of mass killings and attempted mass killings. The new law defines “mass killings” as three or more killings in a single incident.
Signs, signs, everywhere are signs: We have to take better care of each other
Pop quiz…what do the following have in common:
- Bradley Manning, US Army soldier who released 750,000 documents to wikileaks
- Jacob Tyler Roberts, another young man who shot up an Oregon mall
- Adam Lanza, young man who killed 26 at a Newtown, CT school
- Marijana Bego, NYC art gallery owner who jumped to her death yesterday
The answer? One or more people knew something was wrong BEFOREHAND.
I am now convinced that EVERY incident, whether it is a tragic shooting, a terrorist act, espionage, or a sole suicide, there were signs ahead of time that something was not quite right with the individual(s) involved.
So what can we do? We have to take better care of each other. When we see signs that someone isn’t quite the way they used to be, call them on it. Ask questions. Take action BEFORE something bad happens.
Scared that you’ll embarrass them? scared you’ll embarrass yourself? If so, just think how you will feel if you don’t take action and something even worse happens…how will you feel then?
- In Bradley’s case, the Army knew there were reasons NOT to put him in a position of trust, and they did anyway!
- In Jacob’s case, his own roommate said he acted weird and talked about moving and selling his possessions!
- In Adam’s case, the school district security officer knew he had disabilities!
- And, in Marijana’s case, many people around her knew she was erratic and not happy.
I would hate to be in any of those person’s shoes…
so, for 2013, let’s try and take better care of each other, and vow to intervene early, maybe we can save a life.
Merry Christmas and Happy New Year
r/Chuck
Why can’t Johnny be good? The making of an insider threat
“When Johnny reports to work for you on Day 1, they DO NOT intend to do you or your organization’s information systems any harm; something happens to them, either in their personal or work life that changes this – the CEO’s or Agency Head must be held responsible for making sure they know what’s going on with all of the Johnnys (and Janes) in their organization to prevent the good people they hired from becoming insider threats.”While most of the world is focusing on “technology” as a solution to preventing insider threat attacks to organization/agency information and systems, hardly anyone is focused on leadership’s responsibility to create and sustain a work environment that minimizes the chance for an employee to turn into an insider threat.
On October 21, 2012, I had the chance to speak on this issue at the 2012 International Cyber Threat Task Force (ICTTF) Cyber Threat Summit in Dublin, Ireland a few weeks ago; here is a video recording of my presentation, I hope you find it informative and useful.
r/Chuck
To solve piracy at sea, we must address root problems ashore in Somalia
Personal for SACEUR, Admiral Stravidis:
I saw on the NATO Allied Command Operations (ACO) Website Link of the Day that you are attending a the Counter Piracy Working Group today in London, England. I thought I would share a piece of work that I out together a while back that suggests a menu of activities (a 360 degree approach) for reducing piracy at sea. The activities in the diagram below point to initiatives that can be launched in a number of political, military, economic, social, infrastructure, and information infrastructure (PMESII) categories, ashore and at-sea. I hope they can help guide some of the discussion at your meeting today.
v/r
Chuck Georgo
