Suchergebnisse

Over the last decade, we have seen a shift in the focus of cyber attacks, moving from traditional IT systems to include more specialized Industrial Control Systems (ICS), often found within Critical National Infrastructure (CNI). Despite a push from governments to introduce appropriate legislation and guidance for such systems, operators of ICS and CNI still face multiple challenges in their cyber incident response and recovery capabilities, a theme that is often viewed as a last line of defence in minimizing the impact of cyber attacks. This paper provides the following contributions: Firstly, we analyze existing standards and guidelines within cyber incident response and recovery. This analysis provides a structure on key response and recovery phases, a foundational understanding of associated requirements for these, and identifies challenges that could affect the quality of in-practice response and recovery capabilities. Using this analysis as a baseline, we examine how response and recovery processes are currently undertaken in practice through engagement with UK-based CNI operators and regulators. Secondly, as a starting point towards improving identified challenges in existing standards and guidelines and their use in practice, we propose a framework, built using the outputs identified from the document analysis and the stakeholder engagement, for use by operators to support them in assessing and improving their response and recovery capabilities.

La coordinació és un factor important que afecta directament el resultat de les operacions de resposta en les xarxes de gestió d'emergències. Marcs de treball i protocols de gestió de catàstrofes estableixen una base per a la col·laboració de l'organització i coordinació en el cas d'una crisi (provocada per l'home o per causes naturals). Existeixen marcs de treball de gestió d'emergències que es basen en conceptes agafats de les pràctiques militars (i.e. comandament i control) i de les operacions organitzatives convencionals. Degut a la naturalesa complexa d'un desastre o d'una emergència, l'enfocament actual està fallant per a enfrontar-se a aquests alts nivells d'incertesa i a la intensa aparició de canvis en el transcurs d'un desastre. En comptes de romandre bloquejats amb plans de resposta rígids, les organitzacions i els individus es gestionen per a enfrontar-se a la complexitat dels desastres mitjançant la formació d'estructures en xarxa. Aquestes xarxes es formen en resposta a les necessitats que es desenvolupen per a enfrontar-se a un incident de desastre. La comprensió de les característiques d'aquestes noves xarxes en les operacions de resposta a desastres és fonamental per a tot el procés de l'elaboració de marcs de treball de resposta a desastres, els quals podrien ajudar en la prevenció de pèrdues de vides humanes i béns. En aquesta investigació, s'examinen exemples d'operacions de resposta a desastres per a estudiar els patrons de la xarxa de coordinació entre les organitzacions que participen en aquestes operacions de resposta. Per a assolir els objectius de la investigació, es desenvolupa una nova metodologia per a examinar la coordinació dinàmica en xarxes de resposta a desastres. El resultat de l'anàlisi ofereix una perspectiva dinàmica que descriu l'evolució de la coordinació dels clústers en les estructures organitzades en xarxes. La comprensió de las característiques dels clústers de coordinació ajuda a identificar les tasques crítiques i les unitats més enllà dels recursos requerits durant ...

Ein Hauptziel egozentrierter Netzwerkstudien besteht in der Erfassung der Einbettung von Akteuren in bestimmte Bezugsgruppen und der Analyse der hiervon ausgehenden Einflüsse. Die Realisierung dieses Ziels macht eine möglichst vollständige Erfassung der für diese Einflüsse bedeutsamen Merkmale der Bezugspersonen (Alteri) im sozialen Kontext der Zielpersonen (Ego) notwendig. Die Grundlage hierfür sind entweder die (Proxy-)Angaben von Ego über Alteri oder die Angaben der Bezugspersonen selbst. Inwieweit die Charakteristiken der Bezugsgruppe vollständig erfasst werden können, hängt bei der ersten Vorgehensweise von der Fähigkeit und Bereitschaft der Zielpersonen zur Beantwortung der Proxy-Fragen ab. Dagegen setzt die Verwendung der von den Bezugspersonen selbstberichteten Merkmale sowohl die Bereitschaft von Ego zur Herausgabe von Kontaktinformationen wie auch die Befragungsbereitschaft der Alteri voraus. Der Beitrag untersucht nun anhand einer Stichprobe von Grundschullehrern jene Bestimmungsfaktoren, die sich auf den Erfolg beider Operationalisierungen von Bezugsgruppeneinflüssen auswirken. Die analysierten Faktoren sind die sozialdemografischen Merkmale der Zielpersonen sowie die der Bezugspersonen, die Stärke der Beziehung zwischen beiden Personengruppen und Indikatoren für die generelle Antwortbereitschaft. Nach den Ergebnissen der Untersuchung sind weder die Ausfälle der Proxy-Angaben von Ego noch die der Selbstberichte der Alteri das Ergebnis eines Zufallsprozesses. Vielmehr variiert die Ausfallwahrscheinlichkeit signifikant nach Merkmalen von Ego wie auch der Alteri und unterscheidet sich nach der Beziehungsstärke genauso wie nach der allgemeinen Disposition der Befragten zu Nonresponse. Die Konsequenz ist erstens dass sich die Größe der für die Analyse von Bezugsgruppeneffekten effektiv verfügbaren Netzwerke systematisch nach den Charakteristiken der Zielpersonen unterscheidet. Es zeigt sich zweitens, dass die Zusammensetzung der verfügbaren Netzpersonenstichprobe einer im Vergleich zur Grundgesamtheit systematischen Selektivität unterliegt. (ICG2)

A significant cybersecurity event has recently been discovered in which malicious actors gained access to the source code for the Orion monitoring and management software made by the company SolarWinds and inserted malware into that source code. This article describes brief perspectives from a few experts regarding that incident and probable solutions. The attackers inserted malware into that source code so that, when the software was distributed to and deployed by SolarWinds customers as part of an update, the malicious software could be used to surveil customers who unknowingly installed the malware and gain potentially arbitrary control over the systems managed by Orion. One of the solutions is to improve government software procurement. Software is critical to national security. Any system of procuring that software needs to evaluate the security of the software and the security practices of the company, in detail, to ensure that they are sufficient to meet the security needs of the network they are being installed in. If these evaluations are made public, along with the list of companies that meet them, all network buyers can benefit from them.

"A multipurpose hall designed for CBRN (Chemical, Biological, Radiological, and Nuclear) purposes plays a vital role in enhancing preparedness, response, and recovery capabilities in the face of CBRN incidents. A multipurpose hall for CBRN purposes provides a dedicated and specialized environment to support CBRN preparedness, response, and recovery efforts. It enhances coordination, facilitates training and exercises, ensures proper equipment storage, and fosters collaboration, ultimately strengthening the ability to protect personnel, mitigate risks, and minimize the impact of CBRN incidents. This study is qualitative research based on the content analysis method. To design and build multipurpose halls for CBRN events, this study can be used as a checklist. The purpose of this study is to collect important factors and sub-factors in the design, construction, and equipping of buildings and multi-purpose CBRN structures."

This study examines the degree to which the use of the Incident Command System (ICS) influenced the performance of Texas emergency operations centers (EOCs) during Hurricane Rita. Staff in evacuation, transition, and host county EOCs completed a questionnaire that assessed demographic variables, EOC physical environment, ICS experience, ICS implementation, and team climate. The results indicated that the duties each ICS section performed varied substantially from one EOC to another. Moreover, ICS experience and ICS implementation lacked statistically significant correlations with team climate, even though EOCs' physical environments did. Finally, staff from emergency relevant agencies (e.g., public works and social services) seemed to have more problems with ICS than did staff from emergency mission agencies (e.g., fire and police departments). Thus, there needs to be further study of ICS application in emergencies other than structural and wildland fires, as well as the development of new ICS training materials for emergency relevant agencies to supplement the current ICS training materials for emergency mission agencies.

A significant cybersecurity event has recently been discovered in which malicious actors gained access to the source code for the Orion monitoring and management software made by the company SolarWinds and inserted malware into that source code. This article describes brief perspectives from a few experts regarding that incident and probable solutions. The attackers inserted malware into that source code so that, when the software was distributed to and deployed by SolarWinds customers as part of an update, the malicious software could be used to surveil customers who unknowingly installed the malware and gain potentially arbitrary control over the systems managed by Orion. One of the solutions is to improve government software procurement. Software is critical to national security. Any system of procuring that software needs to evaluate the security of the software and the security practices of the company, in detail, to ensure that they are sufficient to meet the security needs of the network they are being installed in. If these evaluations are made public, along with the list of companies that meet them, all network buyers can benefit from them.

An analysis of the Brinks armored car robbery/murder case, which occurred 20 Oct 1981 in Nyack, NY, using data from newspaper accounts & semistructured interviews conducted with 25 criminal justice agency officials directly involved in various aspects of the case. The event was unique from previous terrorist incidents in the US in two respects: (1) it began not as a traditional terrorist act designed to attain publicity, but as a robbery to obtain operating funds for terrorist groups; & (2) it involved collective action by a coalition of terrorist groups. Despite these differences, the examination of the incident highlights a number of issues relating to the law enforcement system's response to terrorist activities, including interagency coordination & cooperation, resource availability, investigation & prosecution conflicts, & security/management adequacy. A complete chronology of the incident, its investigation, trials of the participants, & aftermath is provided. 1 Figure. K. Hyatt

Forensic scientists, law enforcement, and crime scene investigators are often tasked with reconstruction of events based on crime scene evidence, and the subsequent analysis of that evidence. The use and misuse of firearms to perpetrate crimes from theft to murder necessitates numerous invitations to reconstruct shooting incidents. The discharge of firearms and the behavior of projectiles create many forms of physical evidence that, through proper testing and interpretation by a skilled forensic scientist, can establish what did and what did not occur. This book is generated from the authors numerous years of conducting courses and seminars on the subject of shooting incident reconstruction. It seeks to thoroughly address matters from simple to complex in providing the reader an explanation of the factors surrounding ballistics, trajectory, and shooting scenes. The ultimate objectives of this unique book are to assist investigators, crime scene analysts, pathologists, ballistics experts, and lawyers to understand the terminology, science, and factors involved in reconstructing shooting incident events to solve forensic cases. The book will cover the full range of related topics including the range from which a firearm was discharged, the sequence of shots in a multiple discharge shooting incident, the position of a firearm at the moment of discharge, the position of a victim at the moment of impact, the probable flight path of a projectile, the manner by which a firearm was discharged and much more.