Archives

Security Management Magazine Cover
​Beginning December 2016, Security Management will also be available as a PDF. View ​Issues available for Download

 June 2019

 

 

https://sm.asisonline.org/Pages/Young-and-Incarcerated.aspxYoung and Incarcerated2019-06-01T04:00:00Zhttps://adminsm.asisonline.org/pages/claire-meyer.aspx, Claire Meyer<p>​Americans who are younger than 26 today are more likely to be arrested than Americans born in previous decades, according to a RAND Corporation study, <em><a href="https://journals.sagepub.com/doi/abs/10.1177/0011128718787514" target="_blank">The Long-Term Economic Impact of Criminalization in American Childhoods​</a>. </em>Twenty-three percent of Americans born between 1979 and 1988 were arrested before turning 26, compared to only 10.7 percent of those born between 1949 and 1958. </p><p>The rising rate of arrests and convictions—occurring most rapidly among white Americans and women—is associated with lower probabilities of being married, fewer weeks worked, lower hourly wages, and lower family incomes during Americans’ adulthood. The findings are based on a 50-year survey of 5,000 American families, representative of 95 percent of the American population (excluding career criminals). </p><p>Rates of arrests, multiple arrests, and convictions quickly rose over time for all ethnic and gender groups, and the arrest rate for white men increased nearly three-fold in recent decades. </p><p>“Increased enforcement is likely a critical driver of this trend,” said James P. Smith, author of the study and distinguished chair in labor markets and demographic studies at RAND. “The evidence suggests that the growing criminalization of American youth is increasingly affecting all races and genders.” </p><p>People arrested only once during childhood averaged about $6,000 less in annual earning as adults; people with violence or drug arrests averaged about $11,000 less in annual earnings, the report said. </p>

 

 

https://sm.asisonline.org/Pages/Book-Review-Security-Management.aspxBook Review: Security ManagementGP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p><em>​Contemp­orary Security Management​​, </em>Fourth Edition</p><p>By John J. Fay and David Patterson. Butterworth-Heinemann; Elsevier.com; 558 pages; $99.95.</p><p>The fourth edition of <em><a href="https://www.elsevier.com/books/contemporary-security-management/patterson/978-0-12-809278-1">Contemp­orary Security Management</a></em> is an essential resource for anyone who is or will be in the security management field. As an instructor, I have used earlier editions as required textbooks. This new edition follows the same outline as previous ones, but has an expanded table of contents, which makes finding the content easier for both instructor and student. </p><p>What makes this edition even better is that it contains examples of security management assessment analyses and tools useful to any security manager, regardless of experience. The addition of Web resources is an improvement over the previous edition, as is the new section on self-assessment of IT security within the “Managing Risk” section. This is now a required element of any security program. The “No Intent and No Framework Means No Governance” legal concept under the section on IT governance is something instructors should emphasize to their students, including the associated costs of exposure if a cyber breach occurs. </p><p>The chapter “Critical Infrastructures and Key Resources” has been replaced with “The Importance of Policies and Procedures,” which is an improvement. Every security manager will face this, whether assessing and upgrading an existing security program or starting from scratch (a scary proposition). This essential addition explains how to write security policies and procedures, one of the most difficult tasks for a security manager. Another excellent feature is the framework tool in the appendices. I highly recommend this new edition of <em>Contemporary Security Management</em> and will be referring to it often. It will also be an invaluable study aid for those preparing to earn their CPP certification.</p><p><em>Reviewer: Terry V. Culver, CPP, CMAS (Certified Master Anti-Terrorism Specialist), is a security program specialist for Georgia Tech Research Institute. She has more than 25 years of experience in defense and industry security management.</em></p>
https://sm.asisonline.org/Pages/Book-Review-Casino-Security.aspxBook Review: Casino SecurityGP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​Cognella Academic Publishing; <a href="https://cognella.com/" target="_blank">cognella.com</a>; 454 pages; $99.95.</p><p>Security management strategies vary from city to city and from establishment to establishment. They also evolve over time. While it isn’t strictly a security management title, <em><a href="https://titles.cognella.com/the-comprehensive-guide-to-casino-security-9781516517961" target="_blank">The Comprehensive Guide to Casino Security</a></em> offers many examples that apply to any industry. </p><p>Although the specifics of casino security are referenced throughout the book, the author sometimes writes in generalities. For example, in his opening chapter he discusses customer service, safety committees, risk management, and valet parking—all of which can apply to most businesses with a security department.</p><p>Communication in any industry—especially in the security industry—is vital to providing information to employees, visitors, customers, management, and the media. Author Anthony DiSalvatore writes that the security team must “effectively communicate with patrons, guests, and employees in a professional, courteous manner by exhibiting good manners and following the rules of etiquette.” However, he does not specify what those rules of etiquette are. </p><p>Chapter 3 covers casino standard operating procedures, many of which are critical to security management, not just casino security. </p><p>In chapters that specifically pertain to the casino industry, DiSalvatore captures the reader’s attention. In “Know Your Money,” “Determine How Your Casino is Unique,” “Casino Operations Center,” and “Investigations,” DiSalvatore provides insight into the casino industry and targets his intended audience. For example, he discusses the importance of the fire command center and illustrates with lessons learned from the MGM Grand Hotel fire in Las Vegas in 1980.</p><p>DiSalvatore’s background and know­ledge of the casino industry are broad and when he discusses specific methodologies within the casino industry, his experience is evident. The book is divided into 10 chapters plus a preface, appendices, and review questions with answers. </p><p>Individuals who are new to the casino or gaming industry will find this book useful for its valuable information and strategies. Practitioners with years of experience in the casino or gaming industry may find the book too general. </p><p><em>Reviewer: Kevin Cassidy is a professor in the Security, Fire, and Emergency Management Department at John Jay College. He is a member of ASIS.</em></p>
https://sm.asisonline.org/Pages/The-Power-of-Awareness.aspxThe Power of AwarenessGP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>For citizens in Sarpy County, Nebraska, reporting threats is as easy as clicking a button. Anyone with Internet access can report suspicious behavior and activity by clicking on a red square labeled TIPS, located on the websites of the county’s schools and law enforcement agencies. </p><p>The tool is part of Awareity, a Web-based platform for threat assessment teams.  </p><p>“We’ve had well over 400 tips since we’ve been involved in this,” says Captain Kevin Griger, investigations commander for the Sarpy County Sheriff’s Office. </p><p>Griger played an essential role in building a communitywide threat assessment team in Sarpy County. Originating in January 2016, the idea was to keep tabs on people and cases of interest and to involve stakeholders who could act to prevent or mitigate those threats, including schools, the county attorney, the probation office, behavioral health officials, and others.</p><p>Once the participating organizations—including schools, city officials, and the military—signed a memorandum of understanding, the sheriff’s office funded the first contract with Awareity in July 2016. The four school districts in the county now fund the platform, and the most recent contract was renewed in July 2018. After an initial licensing fee, Awareity charges a small amount for each user. </p><p>“You can click on the button and submit a tip, like ‘Bill has a gun and he’s threatening to shoot up the school tomorrow,’ or ‘Sally has a hitlist,’” Griger says. “Sometimes they are less serious in nature—but we get everything.”  </p><p>The Web-based platform contains detailed reports and allows users to make updates on particular threats. Notifications about new threats or updates to existing cases are emailed to team members. For privacy purposes, the emails contain only a link that goes to the secure Awareity website where threat information can be viewed. </p><p>“As people come up on the radar, one way or another—whether through the school or through anonymous notification—our threat assessment team then sits down and decides what course of action to take to try to mitigate any issues ahead of time, instead of waiting until something has happened,” Griger explains.</p><p>However, not all threats contain plans to harm others. “We’ve had three suicides prevented as a result of it, where somebody felt it was serious enough to report,” Griger says. </p><p>For example, a school was able to intervene when someone reported that his girlfriend was talking seriously about suicide. </p><p>“When we get that information, we’re able to send somebody out to make contact, come up with a safety plan right then, and deal with the situation,” Griger adds. </p><p>Awareity allows users to build out different teams and have emails directed to just those groups. So, if an issue comes up at Bellvue High School—for example—school officials with access to Awareity can choose to provide the details of the case only to that school’s personnel.</p><p>“I think every one of our four superintendents has a license, so they see in real time anything that comes in through their particular school,” Griger says. “The particular people that are assigned to our threat assessment team can get onto Awareity and see the documents that pertain to each individual case.” </p><p>There are times, however, when schools may choose to escalate the threat and make everyone on the team aware of it. </p><p>“If they think it’s something that’s bigger, and say, ‘You know what, we need to bring this to the threat assessment team meeting and talk about this kid’…then you can open it up and let everybody on our team see it, all 20 people,” Griger says.</p><p>When dealing with threat information, he adds that privacy concerns are treated with the utmost consideration. </p><p>“Because we are talking about students, school records, behavioral health issues, juvenile arrest records, things like that—we restrict it as much as possible,” Griger notes. “Everybody signs a memorandum of understanding for confidentiality that the things we discuss in our threat assessment meetings are only for those meetings.” </p><p>While the reported threats or tips involve students about 80 percent of the time, sometimes the cases pertain to the community at large. One man, for example, was put on the list for making threatening comments to a county official. </p><p>“He’s always bringing in these odd things to the courthouse where he’s suing us for $5 million, but they don’t make sense, just weird gibberish that he writes out,” Griger says. “But he did threaten one of our county attorneys, so while he’s somebody we don’t feel has the means to carry it out or even the heart to carry it out, it’s somebody we are watching.” </p><p>At monthly meetings, the threat assessment team discusses cases and can decide to eliminate threats that are no longer credible. </p><p>“I have a list that we maintain, and I say, ‘Okay John Doe is on this list, we have a safety plan,’ and after six months we decide if we can drop John Doe off the radar,” Griger notes. “We don’t need to talk about him every month if there’s no change or update.” </p><p>Awareity has been responsive about making tweaks or changes to the platform to better suit the county’s needs, according to Griger. </p><p>“It’s been a great program for us. The business itself has been very receptive to any ideas that we have to make it more user friendly, so if we ask, ‘Is it possible to tweak it like this?’ they say, ‘Absolutely,’” he adds. “They are very responsive to doing things and changing things the way we want them done.” </p><p>Overall, Griger notes that smaller threats can have a snowball effect, sometimes quickly escalating into bad situations, so prevention is key. </p><p>“While being picked on while riding the bus isn’t a big deal in the grand scheme of what’s happening in the entire world, to that kid who reported it, or to his parents, it’s a big deal to them,” Griger notes. </p><p>He points out that the student could decide to retaliate one day with violence if the bullying doesn’t stop. “If we can deal with issues early on, that is better for everyone,” Griger says. </p><p><em>For More Information: Rick Shaw, [email protected], </em><a href="https://awareity.com/" target="_blank"><em>awareity.com.</em></a></p>
https://sm.asisonline.org/Pages/Accessing-Federal-Facilities.aspxAccessing Federal FacilitiesGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​More than 14 years have passed since the U.S. government issued Homeland Security Presidential Directive 12 (HSPD-12), which—like many federal initiatives following 9/11—aimed to strengthen security at federal facilities around the country. It called for the establishment of a governmentwide identification verification system that would standardize how agencies approached physical access control—using an interoperable system to verify the identity of government employees and contractors accessing federal buildings across the country.</p><p>But when the U.S. Government Accountability Office (GAO) looked into implementation efforts last year, it found that the Office of Management and Budget (OMB) and the General Services Administration (GSA)—which are responsible for the program’s oversight and identifying appropriate technology—have no data on agency efforts to adhere to HSPD-12. Based on GAO’s interviews with industry experts and select federal agencies, most federal facilities may not be fully compliant. </p><p>“Here we are, 14 years later, and we really don’t know what progress has been made,” says Lori Rectanus, director of physical infrastructure at GAO and the author of the recent report. “We lack a lot of good data to know what agencies are doing, and in our report, we found that OMB just wasn’t getting the kind of information it needs to know: have we made good progress, or have we not? We did speak to some private sector companies, and some of them say that less than 10 percent of systems in the federal sphere are compliant. There’s no data one way or the other to support that.”</p><p>In its report, <em><a href="https://www.gao.gov/assets/700/696229.pdf" target="_blank">Federal Building Security: Actions Needed to Help Achieve Vision for Secure, Interoperable Physical Access Control​</a>,</em> GAO interviewed five agencies on what it takes to acquire and implement HSPD-12-compliant physical security systems. The results were varied—and raise the larger question of whether a one-size-fits-all access control solution is the best approach to securing hundreds of facilities with diverse needs. </p><p>There are two overarching aspects of HSPD-12. The first is the use of personal identity verification (PIV) cards by employees, which must be interoperable with every federal agency’s physical access control system. The report explains that when cardholders attempt to enter an area managed by an access control system, they will use a card reader, which determines whether the cardholder is authorized to enter that area. </p><p>The GAO report emphasizes the importance of governmentwide interoperability—ideally, the card reader should be connected to an interconnected network that could prevent former federal employees, or those with only a certain amount of access, from entering secured areas, no matter what facility they are in.</p><p>“In order to realize the full security benefit of PIV cards, physical access control systems must have a network connection that enables them to validate a given cardholder’s access credentials,” the report states.</p><p>That’s where the second part of HSPD-12—system procurement—comes into play. The GSA has developed an approved products list of access control solutions that have meet federal requirements and are interoperable with PIV cards, regardless of manufacturer. GSA also manages a website of approved products and is tasked with aiding agencies in the procurement and implementation of systems in accordance with the latest federal supply schedule updates.</p><p>The product implementation required to make a facility HSPD-12-compliant isn’t cheap, the report notes. The U.S. Transportation Security Administration (TSA) alone is expected to spend about $73 million over the next five years to implement physical access control systems. Most of those funds will be spent acquiring new systems from the GSA’s approved products list. </p><p>However, based on GAO’s interviews, HSPD-12-compliant access control and interoperability does not seem to be a top priority for many agencies—and the OMB and GSA don’t have the data needed to track implementation levels or improvement.</p><p>“We found that neither OMB nor GSA currently collect data on agency efforts to implement physical access control system requirements, including use of the approved products list,” GAO states in its report. “This is significant because our interviews with physical access control systems’ manufacturers, integrators, and selected agencies indicate that governmentwide implementation of physical access control systems may be limited and raises questions about governmentwide progress.”</p><p>Each of the five agencies interviewed by the GAO has its own implementation concerns, and some agencies have found the HSPD-12 requirements clash with their own security needs. For example, the Bureau of Prisons (BOP) has successfully implemented approved access control systems at its headquarters and regional offices but cannot comply with HSPD-12 at its prisons. </p><p>“Bureau of Prisons officials told us that physical security and screening procedures at prisons are more stringent than those that occur with typical building-access procedures as persons and belongings are scanned and searched,” the report states. “Physical access control system equipment at these prisons may in fact be problematic.”</p><p>None of the U.S. Coast Guard’s 1,400 facilities with security responsibilities fully adhere to the requirements, largely because decisions about physical access control systems are made on a facility-by-facility basis, and there is no systemic tracking of equipment purchases. Similarly, the Environmental Protection Agency (EPA) currently does not have approved access control at any of its 72 facilities. The EPA had previously purchased approved system equipment, but because security requirements have changed over time, the buildings are no longer compliant.</p><p>On the other hand, the Transportation Security Administration (TSA) is actively striving to make its 139 facilities fully compliant. GAO found that the only item missing is the capability for interoperable identity verification checks among federal agencies, which TSA is planning to implement this year—at a cost of $14 million a year.</p><p>Rectanus points out that the variance in even these agencies’ physical security measures shows the challenges in becoming—and staying—fully compliant to HSPD-12. And while most facilities have likely implemented some sort of security, even if it’s not compliant, there’s no way to tell just how successful it is.</p><p>“I think if we don’t have interoperability at a facility, the facilities are trying to do what they can to control access,” Rectanus tells <em>Security Management.</em> “The risk you run is that—because my PIV card is not talking to a physical access control system—if I show up at an agency and I present my badge to a person, and they give me access to the building, they don’t really know that I’m still working for this organization, or that I really am who this card says I am. Agencies are doing what they need to do, obviously, but in the absence of this integrated network they really can’t ensure that I have the right to go to a particular place in the building.”</p><p>How did federal facility access control become so fractured? Beyond the fact that there has been no meaningful federal oversight, the GAO report points to the costs of updating equipment, confusion about what schedules and requirements must be adhered to, challenges in integrating new access control systems with legacy equipment, and lack of leadership and training about how to actually become HSPD-12-compliant—which has led to a broader skepticism of governmentwide interoperability.</p><p>“Some agency officials are reluctant to more fully integrate their physical access control systems,” the report notes. “This reluctance is due to concern about a perceived increase in security risks resulting from more broadly networking physical access control systems’ equipment and access credentials like PIV cards.” However, other federal officials tell Security Management that this concern is unfounded. According to these officials, integrating agencies’ physical access control systems will enhance security, increase government efficiency, reduce identity fraud, and protect personal privacy by electronically authenticating the validity of access credentials. </p><p>Rectanus also points out that federal agencies are not immune to the struggle of many security departments in the private sector—it’s hard to tell if a security approach is inadequate when nothing goes wrong, especially when it comes to the insider threat.</p><p>“Security is one of those funny things where nobody really thinks there is a problem until something happens,” Rectanus says. “At this point I think many facilities may not know if people are infiltrating their locations unless something inappropriate happens, or if they can track back any hack or invalid access to this problem. It is true that we did not find any specific instances where, due to this problem, there was some sort of unauthorized access, but I’m just not sure it’s something that people are focused on. We know right now that you can mock up a government badge, go into a facility that doesn’t have these interoperable systems, and you could get in the building. It only takes one or two folks to potentially do something dangerous with that…and just because it hasn’t happened doesn’t mean the risk is not there.”</p><p>Rectanus notes that, in light of the lack of baseline data from OMB and GSA, talking with several security industry leaders—physical access control system manufacturers, integrators, and other organizations—helped GAO understand what the government can do to further improve physical security best practices. For example, she notes that they raised concerns about manufacturers or integrators that present themselves as being HSPD-12-compliant, even though they haven’t completed GSA testing and are not on the approved products list. This is one reason why facilities might think they are compliant when they actually aren’t.</p><p>“The industry stakeholders would like to see more leadership, incentives, and movement towards interoperability, because from their perspective they are very much an industry that understands the value of this governmentwide integration,” she explains. “They would like to help get across that idea that broader integration is actually a better thing, not a worse thing.”</p><p>Realistically, there will never be total HSPD-12 compliance in all federal facilities, whether it’s because the agency’s own security requirements clash with the directive or there just isn’t enough money to upgrade every system. However, agencies can still make steps towards fostering access control interoperability. To overhaul the physical security requirements to more accurately meet each agency’s needs, there needs to be a baseline understanding of where facilities stand—something that is currently lacking. </p><p>“I think the OMB obviously must recognize that agencies must have specific needs, and there are budgetary constraints,” Rectanus says. “There could be particular locations where maybe it doesn’t make sense to have a physical access control point that relies on swiping a badge, such as in prisons. From our perspective, this HSPD-12 mandate is still out there, and GSA is still being instructed to work with agencies to help them buy HSPD-12-compliant technology. I think the expectation is that, until we have a better system, this is probably the best one, and realize that an agency has to prioritize where it’s most relevant.”</p>
https://sm.asisonline.org/Pages/Certification-profile-Rose-Miller-CPP.aspxCertification Profile: Rose Miller, CPPGP0|#68cd7623-cf23-49f8-9b16-7610e085f76c;L0|#068cd7623-cf23-49f8-9b16-7610e085f76c|ASIS;GTSet|#8accba12-4830-47cd-9299-2b34a4344465;GPP|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997<p>​As a military police officer in the U.S. Army for 27 years, Rose Miller, CPP, led hundreds of law enforcement and security professionals in meeting global security challenges. When seeking a second career, her objective was to share her experience and skills and continue to grow as a security professional. </p><p>“An Army colleague introduced me to ASIS International,” she says, “and I found that the association’s networking and education opportunities would significantly assist my transition to the private sector.”</p><p>When searching for positions in corporate security, she encountered several roles that listed security certification as a required qualification—and she promptly launched her pursuit of the Certified Protection Professional (CPP®) credential.</p><p>She gathered study materials and spent six months preparing for the exam. Using the practice exams, she identified areas where she needed additional study—and she successfully passed the CPP exam in 2011.</p><p>Within 90 days after earning her certification, she was offered a position as a director of security in a large hospital in Washington, D.C. </p><p>“My CPP certification made the difference in the successful translation of my military experience to the security management profession,” she notes. “As a military security professional, the CPP helped define my level of competence to private sector employers.”</p><p>“The healthcare industry under­stands, recognizes, and encourages certifications,” she adds. “Respecting my commitment to certification, C-suite executives comfortably rely on my recommendations and actions in all security functional areas. It is very satisfying for me to be able to relieve senior executives of security concerns and allow them to focus on taking care of patients and running the business.”</p><p>One of her most memorable moments was the day the vice president of the United States paid her hospital a visit—on only two hours’ notice. </p><p>“Our security team, established programs, collaborative relationships, technology, and senior leader support all came together for a flawless execution of the mission,” she reflects.</p><p>After more than three years in the position, Miller made the leap to security consulting—looking to diversify her expertise and expand opportunities to share her knowledge. As a consultant, she continues to reap the rewards of her CPP. Potential clients seeking security consultants not only respect ASIS certifications, but often require them. She routinely leverages both the network and educational resources of ASIS. </p><p>She now gives back to the Society by volunteering with the ASIS International Military Liaison Council. She is active in her local chapter and serves as a Women in Security Council liaison.  </p><p>“A career in security is honorable and rewarding,” she offers. “When I served my nation in the military, I was honored every day that because of our efforts, citizens were able to feel safe and secure while enjoying the freedoms of family, work, and play. Embarking on a career in the security profession allows me to continue to help protect those freedoms.”  </p><p><em>Profile by Steven Barnett, ASIS communications coordinator</em><em></em></p>
https://sm.asisonline.org/Pages/April-SM-Online.aspxApril 2019 SM OnlineGP0|#21788f65-8908-49e8-9957-45375db8bd4f;L0|#021788f65-8908-49e8-9957-45375db8bd4f|National Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<h4>​SCHOOL SHOOTING RESOURCES</h4><p><a href="http://www.fdle.state.fl.us/MSDHS/CommissionReport.pdf">The initial report from the Marjory Stoneman Douglas High School </a>(MSDHS) Public Safety Commission offers an analysis of the Parkland, Florida, school shooting. <a href="https://www2.ed.gov/documents/school-safety/school-safety-report.pdf">The Parkland shooting also spurred a report</a> from the Federal Commission on School Safety. The U.S. Department of Homeland Security​ offers resources for schools on safety planning, including <em></em><a href="https://www.dhs.gov/sites/default/files/publications/K12-School-Security-Guide-2nd-Edition-508.pdf">School Security: A Guide for Preventing and Protecting against Gun Violence</a> and the <a href="https://rems.ed.gov/docs/rems_k-12_guide_508.pdf">Guide for Developing High Qu​ality School Emergency Operations Plans​</a>.​</p><h4>DIGITAL REVOLUTION</h4><p><a href="https://www.asisonline.org/globalassets/internal/future-of-physical-security.pdf">A white paper from Microsoft and Accenture argues </a>that the global digital revolution, which has transformed the world, has also inadvertently created new threats.</p><h4>​COMPLIANCE</h4><p>The U.S. Government Accountability Office<a href="https://www.gao.gov/assets/700/696229.pdf"> interviewed five agencies on what it takes to acquire</a> and implement HSPD-12-compliant physical security systems.</p><h4>​FURLOUGH EFFECTS</h4><p>The FBI Agents Association <a href="https://www.fbiaa.org/sites/default/files/downloadable/FBIAA%20Voices%20from%20the%20Field.pdf">spoke to agents about the effect of the U.S. government's partial shutdown</a> on their morale and commitment to the Bureau.</p><h4>PRIVACY</h4><p><a href="https://epic.org/amicus/bipa/rosenbach/Rosenbach-v-Six-Flags-Ill-Supreme-Court-Opinion.pdf%3b%20https://epic.org/amicus/bipa/rosenbach/">The Illinois Supreme Court ruled that no actual injury or harm needs to be proved</a> in order to seek damages from a private entity that violated the state's Biometric Information Privacy Act. </p><h4>​ESPIONAGE</h4><p><a href="https://www.justice.gov/opa/pr/chinese-national-charged-committing-theft-trade-secrets">U.S. Department of Justice charged a Chinese national</a> with theft of trade secrets. </p><h4>​DATA PRIVACY</h4><p><a href="https://www.cnil.fr/en/cnils-restricted-committee-imposes-financial-penalty-50-million-euros-against-google-llc">France imposed a €50 million fine ​</a>on Google for GDPR violations.</p><h4>​OSHA PENALTIES</h4><p>Federal fines for OSHA <a href="https://www.oshalawblog.com/2019/01/articles/osha-penalties-increasing-once-the-government-reopens/">violations are increasing.​</a></p><h4>HAZARDOUS CHEMICALS</h4><p>The U.S. Department of Homeland Security's Chemical Facility Anti-Terrorism Standards (CFATS) Program<a href="https://www.congress.gov/bill/116th-congress/house-bill/251?q=%7b%22search%22:%5b%22congressId:116+AND+billStatus:%5c%22Introduced%5c%22%22%5d%7d&s=4&r=2"> was extended for 15 months.</a></p><h4>​DISCRIMINATION. </h4><p><a href="https://www.xperthr.com/news/new-york-passes-bill-prohibiting-discrimination-based-on-gender-identity-or-expression/35969/">New York passed a bill </a>prohibiting discrimination based on gender identity or expression. </p><h4>DISCRIMINATION</h4><p>Michigan furthers<a href="https://www.hrc.org/blog/michigan-governor-gretchen-whitmer-signs-directive-protecting-lgbtq"> LGBT protections.</a> </p><h4>​DATA BREACH</h4><p>Yahoo! Inc. shareholders<a href="https://www.jdsupra.com/legalnews/yahoo-derivative-data-breach-suit-14879/"> sued former company directors</a> and officers over massive data breaches. </p><h4>​FIREARMS</h4><p>The U.S. Supreme Court<a href="https://www.scotusblog.com/case-files/cases/new-york-state-rifle-pistol-association-inc-v-city-of-new-york-new-york/"> will listen to arguments concerning New York State Rifle & Pistol Association Inc</a>. v. the City of New York, New York. </p><h4>​SEXUAL HARASSMENT</h4><p>Atlantic Cape Fisheries & BJ's Service Co. <a href="https://www.eeoc.gov/eeoc/newsroom/release/1-30-19.cfm">settled a sexual harassment and retaliation lawsuit </a>for $675,000.  </p><br><p> </p>

 

 

https://sm.asisonline.org/Pages/Securing-the-Sum-of-Many-Parts.aspx2019-05-01T04:00:00ZSecuring the Sum of Many Parts with Endpoint Management
https://sm.asisonline.org/Pages/May-2019-Industry-News.aspx2019-05-01T04:00:00ZMay 2019 Industry News
https://sm.asisonline.org/Pages/Book-Review-Reducing-Turnover-in-the-Services-Sector.aspx2019-05-01T04:00:00ZBook Review: Reducing Turnover in the Services Sector
https://sm.asisonline.org/Pages/May-SM-Online.aspx2019-05-01T04:00:00ZMay 2019 SM Online
https://sm.asisonline.org/Pages/Getting-to-Know-Jaime-P-Owens-CPP.aspx2019-05-01T04:00:00ZGetting to Know: Jaime P. Owens, CPP
https://sm.asisonline.org/Pages/A-Day-in-the-Life-of-Elizabeth-Moslander.aspx2019-05-01T04:00:00ZA Day in the Life of Elizabeth Moslander, CPP
https://sm.asisonline.org/Pages/The-Six-Year-Reset-for-Security-in-Mexico.aspx2019-05-01T04:00:00ZThe Six-Year Reset for Security in Mexico
https://sm.asisonline.org/Pages/Book-Review-Cyber-Research.aspx2019-05-01T04:00:00ZBook Review: Cyber Research
https://sm.asisonline.org/Pages/Infrastructure-Issues.aspx2019-05-01T04:00:00ZInfrastructure Issues
https://sm.asisonline.org/Pages/Body-Camera-Complications.aspx2019-05-01T04:00:00ZBody Camera Complications
https://sm.asisonline.org/Pages/Starting-From-Scratch.aspx2019-05-01T04:00:00ZStarting From Scratch
https://sm.asisonline.org/Pages/Public-Private-Partnership-Addresses-Supply-Chain-Security.aspx2019-05-01T04:00:00ZPublic-Private Partnership Addresses Supply Chain Security

 

 

https://sm.asisonline.org/Pages/April-2019-Flashback.aspx2019-04-01T04:00:00ZApril 2019 Flashback | september 1978
https://sm.asisonline.org/Pages/Book-Review-Casino-Security.aspx2019-04-01T04:00:00ZBook Review: Casino Security
https://sm.asisonline.org/Pages/The-Power-of-Awareness.aspx2019-04-01T04:00:00ZThe Power of Awareness
https://sm.asisonline.org/Pages/Accessing-Federal-Facilities.aspx2019-04-01T04:00:00ZAccessing Federal Facilities
https://sm.asisonline.org/Pages/Certification-profile-Rose-Miller-CPP.aspx2019-04-01T04:00:00ZCertification Profile: Rose Miller, CPP
https://sm.asisonline.org/Pages/April-SM-Online.aspx2019-04-01T04:00:00ZApril 2019 SM Online

- Issues

June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004 February 2004 January 2004 December 2003 November 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 April 2003 March 2003 February 2003 January 2003 December 2002 November 2002 October 2002 September 2002 August 2002 July 2002 June 2002 May 2002 April 2002 March 2002 February 2002 January 2002 December 2001 November 2001 October 2001 September 2001 August 2001 July 2001 June 2001 May 2001 April 2001 March 2001 February 2001 January 2001 December 2000 November 2000 October 2000 September 2000 August 2000 July 2000 June 2000 May 2000 April 2000 March 2000 February 2000 January 2000