A report from the U.S. Department of Homeland Security's Inspector General calls for changes to the national emergency alert system. The report, FEMA's Oversight of the Integrated Public Alert & Warning System (IPAWS) was requested by U.S. Senator Mazie K. Hirono after officials in Hawaii mistakenly sent out an alert warning that a ballistic missile was headed for the United States. The report recommends that software manufacturers be required to include features that allow operators to preview and cancel messages. The report also calls for software providers to offer training for users.
The Miami Herald is reporting that three assistant principals and a security specialist from Marjory Stoneman Douglas High School have been reassigned in the wake of a report showing "communication failures and untimely responses" related to a shooting that killed 17 people and injured 17 more in February 2018. In part, the reassignments were linked to miscommunication around video surveillance, according to the Herald. School officials knew that the video feed from school cameras was delayed but failed to convey this information to the police, leading law enforcement to continue to search the campus for the shooter after he was gone. There was also confusion among staff as to who was authorized to call for a lockdown. This delayed the lockdown announcement by three minutes, though alarms were already going off. This led to students entering the hallways thinking they were responding to a fire alarm.
The North Yorkshire Police in the United Kingdom will not file criminal charges against a cyber researcher who uncovered a vulnerability in the York city council's mobile app. The app, designed to coordinate garbage pickups, left the private information of citizen's vulnerable. A researcher accessed the information and sent a small portion along with details of the vulnerability to the city. According to a report by ZDNet, city officials reported the unauthorized access to the police. Responding to public outcry, the police offered a public statement: "We recognize the benefits of software vulnerability disclosure as part of a healthy security environment and the researcher has acted correctly."
In other news: the U.K.'s Financial Conduct Authority has announced that it will punish financial companies that fail to implement basic cyber protections, a panel of experts says that cybersecurity posts are difficult to fill because recruiters are looking for the wrong skill set, and the U.K. government is looking for proposals on best practices for school security.