Showing posts with label IAPSC. Show all posts
Showing posts with label IAPSC. Show all posts

Friday, April 5, 2013

Security Consultant Alert - IAPSC Annual Conference in Napa, CA

NOTE: It is not too late to register. Be a hero. Take your significant other to Napa for a few days.

The International Association of Professional Security Consultants (IAPSC) Annual Conference is the largest and most exclusive gathering of top security consultants.

Their 2013 conference offers a wide range of topics focused on Security Consulting and Business Profitability, as well as, Technical, Forensic, and IT Security. 

Presenters will discuss security standards, best practices, risk management, promotional uses of media, including webinar development, marketing and communications techniques for consultants, retirement and selling your business, as well as technical and forensic security focused sessions.

Visit the conference website
View the conference program
Download the brochure
Register Now

Not yet an IAPSC Member? 

When you register to attend the conference, ask about special registration offer available exclusively to new members. (more)

I have been attending IAPSC conferences, each year, for about two decades. Every one has been well worth attending. I return to the office with a broader knowledge of security, fresh ideas about improving services to my clients, and recharged mental batteries. If you are on the fence about going, hop off... and into the vineyard. Try it once. You will see what I mean. Be sure to find me and say hello. ~Kevin

Wednesday, September 7, 2011

Internal Office Snoops and Spies - 50% of the problem

Marie McIntyre, Ph.D., is an office coach. She has more than 20 years experience as a manager, business owner and the HR director at a Fortune 500 company. Here is an office eavesdropping question she recently fielded...

Question: A co-worker told me that he brings a voice recorder to work to catch people talking behind his back. He will tape it underneath a desk or hide it behind a picture. We used to be friends, but I now seem to be on the list of people that he hates. I’ve started searching my work area every morning to be sure his recorder isn’t there. Although this guy’s weird behavior makes me sick, I’m not sure what to do about it. Should I bring this to the attention of human resources? —Nervous in Indiana

Answer: Yes, you should immediately have a confidential talk with your HR manager. Your colleague’s devious behavior is both appalling and a little frightening.

His suspiciousness, combined with a growing “enemies list,” may indicate paranoid tendencies. If he feels betrayed, he could decide to seek revenge. So when you report his clandestine activities, ask the HR manager not to reveal your name.

If you fear that HR may fail to protect your identity, describe the situation in an anonymous note. Although unsigned complaints are often disregarded, management is unlikely to ignore this one. 

I can add to her answer...  
About 50% of electronic eavesdropping in the business environment is caused by employees. The reasons range from office romance, job insecurity, promotion competition, and on up to conducting espionage for outsiders – either for money, ideology or under pressure from blackmail.

We hope the HR director in this particular case will realize that hiding a recorder for eavesdropping purposes is a criminal offense and takes the proper steps to protect the employee and the employer. A good first step would be contacting a security consultant who specializes in illegal electronic surveillance matters.

Tip: All types of security consultants are listed in the IAPSC.org Security Consultant Directory.

Tuesday, November 20, 2007

Guest Consultant - Effective Security Management

Charles A. Sennewald, CMC, CPP, CPO, is the author of Effective Security Management. He has a genius for turning difficult into easy!

Here is his tip for disciplining subordinates...


Torture as Part of the Disciplinary Process

To discipline a subordinate is deemed by many a supervisor and manager as a personal ordeal or a form of torture. “Torture” in terms of being obliged to confront and criticize the performance, or lack of performance, of a fellow employee. We agonize over sitting down face-to-face to deal with the problem. Not a pleasant task! No one wants to do it.

BUT WAIT! We can take the torture out of the process if we understand three simple principles:
1. The word discipline is derived from the Latin discipulus which means learning. The word disciple comes from the same root, hence the disciples of Christ were students, hence discipline really means a learning process, not a punitive action.

2. This learning process, really a form of training, corrects, molds or strengthens an employee in the interests of achieving departmental or organizational goals.

3. Thus the effective disciplinary process condemns the wrongful act, not the employee, i.e. you’re okay but what you did is not okay. By focusing on the conduct and performance rather than the personality the whole process takes on a constructive dimension which is easy to handle and is acceptable by all.

Adios Torture.

Muchas gracias, Chuck!

Saturday, November 10, 2007

Feds Kill 250,000 Zombies With One Shot

Remember our cautionary tale 'Zombie Computers From Planet Earth' from last month? We knew it would move from cautionary tale to documented disaster. But, we never expected this...

"Security Consultant Admits to Hijacking PCs to Use in Crimes"

Los Angeles Times

A Los Angeles man entrusted with making personal computers safer has admitted to hacking into them to create a rogue network of as many as a quarter-million PCs, which he used to steal money and identities.

Federal prosecutors Friday said that John Kenneth Schiefer, a 26-year-old computer security consultant, used an army of hijacked computers, known as a "botnet," to carry out a variety of schemes to rip off unsuspecting consumers and corporations.

Schiefer agreed to plead guilty to four felony charges in connection with the case and faces up to 60 years in prison and a $1.75-million fine, according to court documents filed Friday in federal court in Los Angeles.

Schiefer, who on the Internet went by the handles "acidstorm," "acid" and "storm," is the first person to be accused under federal wiretapping law of operating a botnet, said Assistant U.S. Atty. Mark Krause in Los Angeles.

In all, the federal indictment includes four counts of accessing protected computers to commit fraud, disclosing illegally intercepted electronic communications, wire fraud and bank fraud. Federal authorities said they were still trying to identify victims and the scope of their losses. (more)

Bookmark this directory of real and trusted Security Consultants -
IAPSC.org

Tuesday, October 23, 2007

Five Red Hot 'Shoplifter in Custody' Tips

Charles A. Sennewald, CPP - one of the world's leading shoplifting security experts - shares 5 red hot do not's for when you have a shoplifter in custody:

1. Don't threaten a detained person with any use of force, exposure or incarceration.
2. Don't make any promises of rewards, benefits or leniency in return for cooperation.

3. Don't use any profanity, abusive or offensive at or in the presence of a person detained, even if provoked.

4. Don't belittle, make light of, laugh at or otherwise ridicule a detained person.

5. Don't make any comments about a person's race, ethnic origin or religion.


"Extend the same dignity to the person in your custody, you'd appreciate and hope to receive if the shoe was on the other foot.
"

Want to know more about Chuck?
Profile: IAPSC.org
Website: shoplifting.com