NOBLE 2013 William R. Bracey CEO Symposium. Baltimore, MD February 21, 2013

NOBLE 2013 William R. Bracey CEO Symposium When Thursday February 21, 2013 at 9:00 AM EST -to- Saturday February 23, 2013 at 1:00 PM EST Add to Calendar Where Sheraton Inner Harbor Hotel 300 South Charles Street Baltimore, MD 21201 Driving Directions Dear Charles, Join us for the 2013 William R. Bracey Winter CEO Symposium with the theme, "What Happens When the Power goes Out: Post Hurricane Sandy." Join with federal, state and local officials to learn best practices as they relate to preparing your officers and their families for the impact of disasters. Hear from retired New Orleans Chief Warren Riley who was assistant chief during Hurricane Katrina and is now with FEMA. Discuss methods of engaging the community so they can be prepared to support themselves until help arrives, which in some cases may be days after the incident.  Don't miss this important symposium and your opportunity to contribute towards the resulting white paper.      Click on the link below to register or RSVP. Get more information Register Now! I can't make it SPONSORSHIP OPPORTUNITIES AVAILABLE! Please contact Valerie Shuford vshuford@noblenatl.org at the National Office 703-658-1529. Thank you for your support of NOBLE and we look forward to seeing you at the symposium. Sincerely, Joseph Akers Interim Executive Director National Organization of Black Law Enforcement Executives (NOBLE) 703-658-1529 Chapter Presidents will be emailed details for the Winter Chapter Presidents Meeting that is scheduled for Thursday, February 21st.  Chief William R. Bracey.

HSTODAY.COM: Authorities Seek More Integration Across Federal Screening and Credentialing Efforts

 

     

 

Authorities Seek More Integration Across Federal Screening and Credentialing Efforts

By: Mickey McCarter                 12/03/2012 ( 8:00am)

Federal agencies could do more to integrate screening and credentialing efforts throughout government to ease the process of vetting multiple individuals multiple times -- whether for the benefits of security clearances, restricted access, or trusted traveling, experts agreed during a panel Thursday.

"This is an area where no one really cares until you screw up or until you make people wait too long," commented Monte Hawkins, at deputy group chief at the National Counterterrorism Center (NCTC).

A few of the challenges facing enterprise screening and credentialing systems throughout the government include too many redundancies and multiple screenings of the same traveler or applicant, said Hawkins, speaking at a forum sponsored by the Center for Strategic and International Studies in Washington, DC.

The intelligence community (IC) also must improve the collection of information to build up more biographic details, he said. Agencies could accomplish this perhaps through collection of more detailed information on applicants also thereby easing recurring vetting for periodic renewal of the benefits for trusted travelers or cleared personnel.

Hawkins also called for more automation in processing information.

"We have processes that have been in place now for a while that have been very manual" and thus very time consuming, Hawkins said. "You have to rely on automation to do this triage for you."

Hawkins recommended a reexamination of the overall screening architecture across agencies, calling for a structure similar to the National Targeting Center at the Department of Homeland Security (DHS) except at a higher, national level.

IC communications also remain very pocketed and segmented despite dramatic improvement over the last 10 years, Hawkins observed. Opening those communications up a bit more between agencies would allow authorities to "connect the dots" faster. And more interconnected communications would make it easier for agencies that engage in a lower priority screening, such as for benefits eligibility, to make faster and easier determinations.

Still, screening and credentialing has evolved to a point where authorities quickly and systematically can make use of information from intelligence and law enforcement databases, said Victoria Newhouse, deputy assistant administrator for risk-based security at the Transportation Security Administration (TSA).

For example, TSA fully implemented Secure Flight in late 2010 to do just that, Newhouse said. TSA matches traveler information against intelligence and law enforcement databases to quickly determine if a traveler poses a danger to aviation security.

Still, TSA would like to improve the speed with which it can verify the identities of passengers presenting identification cards or even those who lose their identification while on vacation, Newhouse commented.

TSA PreCheck represents the direction TSA is embracing with regard to applying different applications of screening to travelers, depending upon the perceived level or risk represented by individual air passengers, she continued. PreCheck does not involve less screening but rather more screening is done upfront, of biographical data for example, to determine if individuals should receive more or less scrutiny at airport checkpoints.

Boosting information collection and cooperation among agencies will be key drivers to successfully implementing risk-based security measures, Newhouse said. DHS agencies require more integration with partners outside the department and more harmonization within the department.

Kelli Ann Walther, senior director of the DHS Screening Coordination Office, said the department maintains a flexible screening and credentialing framework to accommodate 40 individual programs within the DHS screening portfolio.

Some screening programs require a robust background check while some are lighter, Walther noted, and appropriately so depending on the benefits derived from the screening outcome.

"That demonstrates that there isn't one solution for all screening and credentialing programs but really there are not 100 solutions either -- that's not the solution," Walther remarked.

By applying standards across newer agencies like TSA and older agencies like the US Coast Guard, DHS seeks to harmonize different approaches and multiple credentialing efforts to reduce redundant vetting, Walther said.

The department sets objectives to set up credentials for multiple purposes instead of a single use, to standardize vetting procedures, and to share vetting results across programs, Walther said. Applicants also must have appropriate opportunities to seek redress.

IDENT, the DHS biometric storage and matching service, represents a good example of common applications across multiple credentialing programs, Walther said. TSA, Coast Guard, US Customs and Border Protection (CBP) and others can turn to the same enterprise service to verify biometrics like fingerprints from one uniform source.

In the future, DHS will look for more efficiencies and more opportunities to leverage such enterprise services, Walther said.

http://www.hstoday.us/industry-news/general/single-article/authorities-seek-more-integration-across-federal-screening-and-credentialing-efforts/176433bf25ae81c79bdf2c85ed451a82.html

HSToday.US: Plagues of Federal Cybersecurity

 

     

 

The Basics Still Plague Federal Cybersecurity

By: Dan Verton    12/05/2012 ( 7:30am)  

The federal government faces a cybersecurity threat that is more capable and relentless than at any time in recent history. And yet, agencies responsible for operating high-security networks and data centers continue to struggle with passwords, physical security, access control and a host of other relatively basic security precautions.

Greg Wilshusen, director of Information Security Issues at the Government Accountability Office (GAO), the investigative arm of Congress, told a gathering of federal and industry security officials on Dec. 3 that the number of security incidents reported to the US Computer Emergency Readiness Team (US-CERT) is on course to surpass 48,000 in 2012 – a 782 percent increase since 2006.

And that could spell real trouble this year for federal network security, especially because of the basic security weaknesses identified by GAO during multiple agency audits last year. For example, Wilshusen, who spoke at the Government Technology Research Alliance (GTRA) forum on government security, said every one of the top 24 federal agencies had weaknesses in basic access controls.

“This is the area where we find most of the computer system vulnerabilities,” said Wilshusen. “These are controls that relate to protecting an organization’s boundaries, [and] also include those procedures that agencies have to identify and authenticate the identity of their users and the devices that connect to their systems, use of encryption and physical security to control physical access to the data facilities and information resources.”

In addition, GAO last year regularly uncovered significant problems with other basic security precautions, such as passwords, physical security control and outdated user accounts that had not been deleted.

Passwords used by agency employees were often found to be “relatively easy to crack,” Wilshusen stressed. And, surprisingly, those employees found to have the least secure passwords were often the system administrators, he added. More troubling, however, was the large number of old user accounts and default accounts that remained accessible.

“Agencies also often do not change or delete vendor supplied passwords and IDs,” Wilshusen said, referring to the default accounts that often ship with new computers and operating systems. Likewise, GAO investigators often found “hundreds and sometimes thousands” of instances where training accounts or accounts belonging to former employees had not been deleted.

But even the users who had legitimate access to systems often had too much access, said Wilshusen. Referring to the so-called “principle of least privilege,” where users are given only the access they require to do their jobs effectively, Wilshusen said GAO investigators “often find instances, particularly in databases, where users are given access to all of the data to either write, read or update the data when generally they don’t need that level of access.”

Other weaknesses in basic security procedures that GAO encountered regularly last year include:

• Insufficient access controls for firewalls, switches, and routers;
• Agencies are slow to deploy the infrastructure to support logical access control devices, such as Common Access Cards and the Personal Identity Verification (PIV) card;
• Monitoring system configurations and the assets on the network still is not being done on a regular basis; and
• Inadequate physical security at highly-secure data centers (e.g. doors propped open with chairs so employees can take smoke breaks, and guards who did not check credentials properly).

But Ron Ross, a senior computer scientist and fellow at the National Institute of Standards and Technology (NIST), pointed to other basic precautions and policies that have been stymied by a combination of cultural impediments and the vast, complex federal IT architecture.

“There’s a new saying that the offense should be informing the defense,” said Ross. “But yet we find out that a lot of our CISOs and CIOs don’t even have [top secret compartmented] security clearances. So, how can you be informed of what the threat can do if you can’t even get the information that allows you to understand what that threat looks like? It’s a very serious problem.”

In January, NIST will release revision 4 of its Special Publication 800-53, Recommended Security Controls for Federal Information Systems and Organizations. “And there’s going to be a lot of gnashing of teeth when you see the number of controls and enhancements being added,” said Ross. The new version adds about 250 new controls, moving the total number from 600 to 850.

One such new control that will be added is firmware integrity. “The adversary is down at the firmware level now and probably even the hardware in some cases,” warned Ross. “Firmware integrity is critical. The adversary has demonstrated the capability to get into that firmware.”

But while hackers have demonstrated the ability to attack federal networks in more complex and sophisticated ways, federal security professionals have been unable to keep up with the challenges posed by complexity, said Ross. Because of the complexity of federal network architectures, “we ask our CISOs and CIOs to defend systems that are largely indefensible,” he explained.

Complexity, he said, “is ground zero of our problems today.”

http://www.hstoday.us/single-article/the-basics-still-plague-federal-cybersecurity/2f17908245131f5a8ebcdd761e94c111.html

Grant Opportunity: U.S. EPA. $60,000 in EPA Grants Awarded to Calif. University Groups

$60,000 in EPA Grants Awarded to Calif. University Groups

Funding for Sustainable Technology Design, Development Projects

SAN FRANCISCO – The U.S. Environmental Protection Agency today awarded $60,000 in grants to four California university student teams as part of phase 1 of EPA’s annual People, Prosperity and the Planet (P3) annual student competition for the design and development of sustainable technologies.

In total, EPA awarded $675,000 for 45 grants nationally, valued at $15,000 each, as part of phase 1 of the competition, and student groups will now begin the implementation of the design of their proposed technology.  

“EPA is proud to support some of California’s best student innovators working to improve the environmental conditions and the standard of living of individuals in the U.S. and around the world,” said Jared Blumenfeld, EPA’s Regional Administrator for the Pacific Southwest. “The ideas and projects spurred by these grants will help achieve lasting positive change for future generations.”

This year’s California award winners:

- University of California, Riverside, “Pasteurization Using a Lens and Solar Energy (PULSE) Method”: Project will create a solar disinfection technology device for use developing countries that will speed up the rate of water pasteurization.

- San Jose State University, “3D Printing Sustainable Building Components for Facades and as Window Elements”: Project entails researching sustainable, inexpensive, and recyclable building components for facades and windows using design methods appropriate for 3D printing technology.

- Stanford University, “Community-Level Water Disinfection Technology for Dhaka, Bangladesh Treatment”: Students will develop a low-cost chlorination device that will disinfect drinking water without relying on electricity or moving parts. Each chlorinator will provide safe drinking water to approximately 10-50 Bangladeshi households.

- California State Polytechnic University, Pomona, “Capturing CO2 with MgO Aerogels”: Students will determine whether it is practical and economically feasible to use Magnesium Oxide (MgO) aerogels to capture carbon dioxide in chemical and power plants.

                                                                                                      

After eight months of work on their projects, the phase 1 grant recipients will bring their designs to Washington, D.C. to participate in EPA’s National Sustainable Design Expo. During the event, a panel of scientific experts judges the projects. Winners receive a P3 award and recommendation for a second phase grant of up to $90,000 to further develop their designs and prepare them for the marketplace.

The 9^th Annual National Sustainable Design Expo featuring EPA’s P3 competition is scheduled for April 20-21, 2013, on the National Mall in Washington, D.C. The expo is open to the public and will display the 2012 P3 teams’ designs.

EPA is currently accepting applications for P3 awards for the 2013-2014 academic year through Dec. 11, 2012.

More information on the P3 2012 recipients: http://www.epa.gov/p3/2012recipients

More information on past P3 winners: http://www.epa.gov/p3/multimedia/index.html

###

U.S. DHHS. Office of Minority Health. Resources..Money & More

FYI: Minority Resources...Money & More Provided by the Office of Minority Health Resource Center's Information Services Team December 05, 2012 World Aids Day, Dec. 1, 2012 In honor of World AID's Day, please join the Office of Minority Health Resource Center's senior program analysts as they take a moment to talk about projects resulting from their work with different community-based organizations and gatekeepers. Learn More.   In This Issue ... Funding   Federal Grants   Non Federal Grants   Scholarships/Fellowships American Indians/Alaska Native Health Asian/Pacific Islander Health Cultural Competency/LAS Diabetes Emergency Preparedness Health Equity HIV/AIDS-STDs Infant/Child Health Men's Health Mental Health Substance Abuse Opportunities for Public Comment Funding Federal Grants Minority Population Specific: $500k or less . . .   HHS/National Institutes of Health: Opportunities for Collaborative Research at the NIH Clinical Center (U01) Grant. View Full Announcement $500k or more . . .   HHS/The Health Resources and Services Administration: Service Area Competition Grant. View Full Announcement HHS/National Institutes of Health: Coordinating Center for an Undiagnosed Diseases Network (UDN) (U01) Grant. View Full Announcement HHS/Health Resources & Services Administration: Medical Home Implementation for Children with Special Health Care Needs Grant. View Full Announcement $500k or less . . .   HHS/Centers for Disease Control and Prevention: Birth Defects Study To Evaluate Pregnancy exposureS (BD-STEPS) Grant. View Full Announcement HHS/Health Resources & Services Administration: National Center for Health Insurance and Financing for Children and Youth with Special Health Care Needs Grant. View Full Announcement HHS/Health Resources & Services Administration: Small Health Care Provider Quality Improvement Grant. View Full Announcement Non Federal Grants Minority Population Specific: $500k or less . . .  The Seattle Indian Health Board's Urban Indian Health Institute (UIHI): Partnership to Support Depression Programming. View Full Announcement [PDF | 69KB ] $500k or less . . . JBS International: Support for Evidence Based Adult Immunization and HPV Health Projects. View Full Announcement Scholarships/Fellowships The Emma Bowen Foundation: Minority Interests in Media Internships. View Full Announcement American Indians/Alaska Native Health Seattle Indian Health Board's Urban Indian Health Institute: New factsheet available. Healthcare Access and Utilization among Urban American Indians and Alaska Natives. Learn More [PDF | 1.8MB] Asian/Pacific Islander Health Events The National Council of Asian Pacific Americans (NCAPA): Webinar. What does going off the fiscal cliff will mean for Asian Americans, Native Hawaiians and Pacific Islanders and their health? Thursday, December 6, 2012, 4:00 pm - 5:00pm ESTLearn More Cultural Competency/LAS Health Roads Media: Online website providing a source of quality health information in many languages and multiple formats. Learn More Diabetes AHRQ: New report released. Screening and Diagnosing Gestational Diabetes Mellitus. Read Full Report Emergency Preparedness Events National Institute of Environmental Health Sciences: Webinar. Disaster Preparedness and Response. December 13, 2012, 1:00 pm - 2:30 pm EST. Learn More Health Equity Events Xavier University of Louisiana: New Orleans Sixth Health Disparities Conference. Improving Medical Effectiveness and Health Outcomes to Achieve Health Equity Through Interprofessional Collaborations. March 7 - 9, 2013 in New Orleans, LA. Learn More HIV/AIDS-STDs CDC: In collaboration with BeSmartBeWell.com, a short informational video now available. Let's Talk about Sexual Health. The five minute video is geared toward youth and young adults and encourages open communication between healthcare providers and patients about sexual health. Learn More PEPFAR: In honor of World AIDS day, December 1, a new blueprint report was released. PEPFAR Blueprint: Creating an AIDS-free Generation. Read Full Report [PDF | 2.6MB] AHRQ: New data report released. Screening for Hepatitis C Virus Infection in Adults. Read Full Report [PDF | 4MB] Events AIDS Education Training Center-National Multicultural Center (AETC-NMC) at Howard University: Webcast. Cultural Competence: Delivering Quality HIV Care within Homeless Communities. Learn More Infant/Child Health Pew Research Center: New data report released. In a Down Economy, Fewer Births. Read Full Report [PDF | 190KB] Men's Health Kaiser Family Foundation: New disparity data report released. Putting Men's Health Care Disparities On The Map: Examining Racial and Ethnic Disparities at the State Level. Read Full Report Mental Health SAMHSA: New data report released. Results from the 2011 National Survey on Drug Use and Health: Mental Health Findings and Detailed Tables. Read Full Report Substance Abuse SAMHSA: New data report released. State Estimates of Underage Alcohol Use and Self-Purchase of Alcohol: 2008 to 2010. Read Full Report CDC: Digital toolkit. The Impact of Unsafe Injection Practices in U.S. Healthcare Settings. Learn More Events Addiction Technology Transfer Center Network (ATTC): Webinar. Suicide Prevention and Substance Abuse: A Shared Framework. Thursday, December 13, 2012 10:00 am - 12:00 pm CST. Learn More Opportunities for Public Comment U.S. Preventive Services Task Force: Draft Reccomendation Statement open for comments. Screening for Hepatitis C Virus Infection in Adults. This draft Recommendation Statement is available for comment from November 27 until December 24, 2012, at 5:00 pm EST. Learn More U.S. Preventive Services Task Force: Draft Reccomendation Statement open for comments. Screening for HIV. This draft Recommendation Statement is available for comment from November 20 until December 17, 2012, at 5:00 pm EST. Learn More The U.S. Department of the Treasury's Community Development Financial Institutions Fund (CDFI Fund): Proposed report to assess the state of access to capital and credit in Native Communities now open for public comment. Native Communities Access to Capital and Credit Report. The draft report is available for comment by February 28, 2013. Learn More [PDF | 177KB]