MPS-ISAO Warning Report, “Malicious Port Security Grant-Themed Email“. The MPS-ISAO received an email sample from a U.S. Port customer this morning, and have confirmed that it is malicious. The distribution list for this port security grant-themed email was over 500. Please click here to see the report for email indicators.
Thanks Lester Millet for the report.
Lester J. Millet III, LEM
Safety Agency Risk Manager / FSO Workgroup Chairman
Port of South Louisiana
Since 2013 there has been 159 homegrown jihadist cases in 30 states. Recent examples of homegrown terror-related incidents cited in the report include the case of a 28-year-old Ohio resident, Laith Alebbini, who was arrested Sept. 5 and charged with attempting to provide material support to ISIS. Also on Sept. 5, 26-year-old Alexander Ciccolo of Adams, Mass., was sentenced to 20 years in prison for the same crime. According to the snapshot, Ciccolo “planned to use pressure cooker explosives and firearms to target places where large numbers of people congregated, such as college cafeterias.” Ciccolo is the son of a Boston police captain.
To read more, click here.
There are still circumstances which may require your facility to resubmit a Top-Screen today, even if you have already resubmitted using CSAT 2.0. For example, a facility must report material modifications to its chemical holdings or facility operations, as these changes may alter a facility’s tier. Material modifications may include:
- The addition or removal of COI at the STQ and concentration
- Changes to quantity, location, or packaging of a COI as previously reported on a Top-Screen
Facilities are encouraged to report the highest expected quantity and concentration of COI they anticipate possessing over the lifecycle of their operations. By taking this approach, facilities can maintain a more efficient reporting process as they will not need to resubmit a Top-Screen when the quantity or concentration of a COI is reduced through normal operations.
Additionally, CFATS-covered facilities are required to update their Top-Screens on a regular basis, as determined by their tier:
- A Tier 1 or Tier 2 facility must update its Top-Screen two years after its SSP is approved
- A Tier 3 or Tier 4 facility must update its Top-Screen three years after its SSP is approved
Let us know if we can help you prepare and submit your CFATS Top Screen and prepare your facility for a Compliance Inspection.
To read about what to expect from a CFATS CI, click here.
Security planning must take into consideration that the Adversary sets the agenda and is better informed when plotting than the security strategist.
The threat adversary sets the agenda. This is an important and too little discussed reality.
Building occupants, even building security, do not know that an adversary is considering an adverse attack or criminal intrusion. The building and suite occupants “blindly” implement security measures that are customary and often “cosmetic”. However, the adversary has an agenda:
- They have an objective ranging from simple theft of purses and wallets to incidents of workplace violent, including rage killings.
- They know the “territory” – they have studied and surveilled the building and avenues of access. They know how ineffective the lobby guard is. They have a target and a plan.
- They want to enter incognito – their observations of building activity show they what to do to maintain a low profile.
- In active shooter situations, they may be suicidal and have no plan of escape, which makes them very dangerous.
- They will likely identify the same vulnerabilities that have been identified during a security assessment.
Security countermeasures must mitigate these risk as far as is reasonable and possible. They should be deterred by at least two access-controlled perimeters to complicate their plan and increase their risk of detection.
Watch for our series of blogs on the security assessment process.
On August 2nd, President Trump signed into law the Transportation Worker Identification Credential Accountability Act of 2018 (HR.5729). This formally prohibits the Coast Guard from implementing the Rule until DHS submits a satisfactory assessment of the TWIC program to Congress.
Furthermore, a U. S. District Court (Eastern, Virginia) issued a court order delaying the Rule at certain CDC facilities “until a further order of the court.” This is in response to lawsuits from several industry groups.
We will track this activity closely and keep you all informed.
The Transportation Security Administration (TSA) began issuing the new TWIC NexGen cards on July 10, 2018. The new cards incorporate enhanced security features (click here to read more).
Details about the new TWIC NexGen card:
- Current TWIC card holders do not need to replace a valid TWIC card with the new TWIC card design.
- Regulated entities that require TWIC for access will accept and recognize both the current and new TWIC designs until the card’s expiration.
- The new card design is compatible with qualified TWIC readers.
- To deter alteration of the card’s expiration date, the new card includes a color-coded expiration date box that will update on an annual basis.
- The fee for the newly re-designed TWIC card remains unchanged ($125.25) and the credential is valid for five years.
Click here to read more about the TWIC NexGen cards.
Click here for a TWIC NexGen Authentication Guide
Effective immediately, USCG facility inspectors are going to start using a new form for facility inspections. The new form, CG-835F, replaces CG-Form 835, “Vessel/Facility Inspection Requirements”. CG-835F is specifically formatted for facility inspections. There are no major changes to the new form or the information collected during the inspection.
Facility owners and operators may start seeing Coast Guard facility inspectors using the new form immediately, but some inspectors may still use the older CG-835 form during the transition.
Click here for a link to the new CG-385F form.
The Coast Guard has proposed to delay the effective date for implementation of TWIC Readers for certain facilities. The proposed delay is for two categories of facilities:
- Facilities that handle certain dangerous cargoes in bulk, but do not transfer these cargoes to or from a vessel, and;
- Facilities that receive vessels carrying certain dangerous cargoes in bulk, but do not, during that vessel-to-facility interface, transfer these bulk cargoes to or from those vessels.
The Coast Guard proposes delaying the effective date for these two categories of facilities by 3 years, until August 23, 2021.
Other vessels and facilities, including facilities that receive large passenger vessels and facilities regulated under 33 CFR 105.295 that handle certain dangerous cargoes in bulk and transfer it to or from a vessel, would be required to comply with the final rule by August 23, 2018.
Click here for the Notice of Proposed Rulemaking.
Click here and here for additional information regarding the TWIC Reader Rule.
Review this list with your contract Branch Manager or Supervisor and make these activities part of their everyday routine.
- Conduct meaningful daily Post Checks. In his book, management guru Ken Blanchard counseled – “Catch them doing something right (a moment of praise); or catch them doing something wrong (counsel them or take corrective action); or have a training moment (briefly review TWIC procedures or emergency call out processes, for example).
- Don’t deviate from your own rules. If homework is prohibited in the post orders, do not make exceptions. Same with Internet surfing, digital games, etc. When you deviate from your own rules, the whole operation can degrade and you are likely to be accused of favoritism.
- Daily mini-drills keep them on their toes: Place a ladder against the perimeter fence and see how long it takes for patrol to find it. Spend a moment in the guard building drilling them on proper truck inspections or baggage screening. Then fill out a brief drill report and file it with your FSP.
- Require detailed daily activity reports. Insist they are detailed, and follow up on entries often enough so the guards know you review them.
- Be receptive to questions. Create an atmosphere that encourages security officers to ask questions, seek clarification, and report unusual circumstances.
Don Greenwood & Associates has comprehensive templates for guard contracts, post orders, and security officer training programs. Give us a call if we can help develop procedures and tune up your guard force.
“I knew this was going to happen.” That is the statement given in more than 50% of workplace and school rage killings.
We have learned that employees are unlikely to report emerging situations to management unless they feel confident that management has a plan and an organized response to address the issue.
Don Greenwood & Associates has supported clients with workplace violence prevention and response programs since 1995 – companies in oil & gas, field services, manufacturing, business, chemicals and computing.
Our program is comprehensive, ready for rapid deployment throughout the workforce, and includes:
- A template for establishing a Threat Management Team (consistent with ASIS and SHRM guidelines) that includes specific responsibilities for Security, HSE, HR, Legal, and Operations.
- A Quick Action Guide addressing active shooter situations – ready for distribution to your employees immediately.
- A PowerPoint training program for employees that encourages reporting, engagement, and concise standards of behavior.
- A PowerPoint for managers and supervisors with guidelines and standards for intervening in and managing workplace disruption.
- Training materials to help employees formulate their own plans for run, hide, and fight – based on their immediate workplace environment.
- Guidelines on assessing the potential for violence in emerging situations and strategies for managing these threats.
The program is complete, cost effective, and ready to tailor to your company’s needs and culture.
Send me an email or give me a call for more information – Don Greenwood, email@example.com, 281-435-2339.
Check out our website – www.greenwoodsecurity.com
Don Greenwood & Associates, Inc. – Full Service Security Management Consultants since 2003