How To Know Which NIST Framework To Use

“One of the most important aspects of the recent cybersecurity executive order is also the aspect causing the most confusion.

When President Donald Trump signed the executive order in May, it included the requirement federal agencies use the NIST Cybersecurity Framework to manage their cybersecurity risk. However, some have confused the NIST CSF with the NIST Risk Management Framework, which all federal agencies have been required to follow since its 2010 introduction.

To put it succinctly, they are two different frameworks. As industry and government work together to execute this order, it is very important for everyone to fully understand the two frameworks, and how they differ.

NIST CSF Overview

The NIST CSF was released in February 2014 in response to a 2013 executive order that called for a voluntary framework of industry standards and best practices to help organizations manage cybersecurity risk.

The CSF was created as a result of collaboration between government and the private sector. It “uses a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on businesses.”

The heart of the NIST CSF is the Framework Core, which consists of five functions: identify, protect, detect, respond and recover. The functions and their components aren’t a checklist of actions to be performed in order. Rather, they are concurrent and continuous activities that “provide a high-level, strategic view of the life cycle of an organization’s management of cybersecurity risk.”

Read More

Corporate Sector Special Operations: Myths & Realities

“It was still dark outside when the first undercover operative arrived at the Palace Hotel in San Francisco. A thick layer of fog swirled through the streets as the operative made his way into the lobby. He sat down to wait for his partner, and for the man who had hired them for the job. The hotel was to be the site of a large tech conference that day, and the two operatives had to be in position fast. Conference attendees would soon be streaming in for registration, and before long, the guest speakers would begin to arrive—including one specific Silicon Valley billionaire they would be watching for.

As the hubbub in the lobby built to a crescendo, the operatives slid into the background. It was imperative for their mission that no one knew who they were or what they were doing there.

While this might sound like a nefarious plot in some Hollywood movie, this was actually a covert protective operation, and part of a whole undercover world that very few people know exists—an invisible world I call the “surveillance zone.”

Introducing the “Surveillance Zone”

Let me offer you a peek behind the curtain—and into the “zone.” That first undercover operative mentioned above? That was actually me, and the man who had hired us was the senior security director for a well-known Silicon Valley corporation. We’d been hired to covertly protect the billionaire founder and CEO, whose company—despite some dramatic downswings and falling stock prices—was about to unveil a new venture. The mix of angry stockholders, excited techies, and nervous investors had company execs feeling skittish and us on our guard, and made for a tricky and interesting assignment.

On top of all that, the CEO had been receiving increasingly violent threats from a dedicated stalker who had demonstrated the will and ability to take things to the next level. Having surveilled the CEO’s home and workplace, and even physically confronted the CEO, there was ample reason to take the stalker’s intentions seriously.

When the threat to harm the CEO at the convention had come in (just a day before the event), the company decided to take action. At ten pm, I received a call from the security director, requesting our presence at the hotel at six am the following morning.”

Read More

Security and police make several arrests at Livingston Mall

“Police assisted security officers and made several arrests with various charges on May 13 and May 14 at the Livingston Mall.

The first call from the Livingston Mall was about person being held in the parking lot by security for potentially being in possession of stolen property, according to police.

Upon police arrival, it was revealed that the individual possessed multiple items stolen from six different stores at the Livingston Mall. Subsequent to investigation, Robert Braswell, 33, of East Orange was arrested and charged with receiving stolen property and was released on his own recognizance pending court action.

The next afternoon, police received a call from both Lord & Taylor security and Livingston Mall security, whom were attempting to take an individual into custody who may have previously passed bad checks. Upon arrival, the female was fighting with security officers, according to police.

Ultimately, Latesha Shavers, 35, of Perth Amboy, was charged with assault and resisting arrest. Police said she had also been under investigation by Lord & Taylor security the previous week for passing bad checks.

Shavers was subsequently charged by Livingston police for passing bad checks and theft by deception on an incident that occurred on May 7. Following these charges, she was remanded to the Essex County Jail.”

View Source

Barona Casino Security Points Deputies to International Counterfeiting Ring

“Barona Resort and Casino security guards alerted San Diego County Sheriff’s Department deputies to an international counterfeiting operation.
Deputies arrested Lien Do, Hao Nguyen, and Ben Ven Pham on Christmas Day last year.
They found $300,000 worth of counterfeit chips in the suspects’ car.
“It appears that what they were seeking to do was convert those chips into cash and to walk out the casino with the cash,” said Prosecutor Daniel Shim.
The defendants were charged with multiple felonies, including grand theft, burglary, forgery and possession of counterfeit marks.
“When the sheriff’s department searched their home in Garden Grove, they found about $2 million in casino labels,” Shim said. “During Mr. Pham’s interview, he indicated he received those chips from Vietnam.”
Two of the defendants plead guilty to lesser charges and are serving one-year jail terms. Charges against a third defendant were dropped and he returned to Vietnam.
“The Sheriff’s department did a great job in investigating this case. They did a very thorough investigation,” Shim said.
The criminal investigation expanded to at least six other casinos in Southern California, several of which are located in San Diego.
It remains unclear if any of the fake chips were actually used in any of those casinos.
“It is still unknown if the operation had any ties to organized crimes,” Shim said.”

View Source

How Private Investigators Can Effectively Handle Intense Situations

“A private investigator’s days are often filled with uneventful surveillance and dead ends, but that’s only part of the job. On occasion, PIs may land in hot water and must rely on their communication and negotiation skills to get them out of it.

It takes talent, poise, and honed interpersonal skills to talk an enraged spouse out of swinging at you. Physical weapons are not always available, so we use what we do have in our arsenal—words, empathy, and emotional intelligence—to de-escalate a volatile situation.

Operating effectively under stress is a must-have skill in this line of work. No amount of training can prevent us from feeling fear in extreme situations. But we can learn to mitigate the stress symptoms, and even harness them—to laser-focus our energies on solving the problem at hand.

The Adrenaline Rush

In stressful conditions, our adrenal glands secrete a hormone to prepare the body for “fight or flight.” That shot of adrenaline can feel like a head rush: Your heart races. You breathe faster and deeper. You feel a surge of energy, heightened awareness, or even a suppressed pain response. And under extreme stress, you may experience tunnel vision, auditory exclusion (temporary hearing impairment), or a sense that time has slowed.

Some people seek out that rush (in its milder forms) as a welcome distraction from the more tedious aspects of investigative work. But when the job brings us into contact with unpredictable people and dangerous places, that physiological fight or flight response isn’t just a bungee-jump in the park anymore; it’s a survival mechanism.

The flip side is that those same symptoms that prepare us to deal with danger can also cloud judgement and make clear thinking a challenge.”

Read More

Ancestry.com Helps Family of Dead Boy Find Man Posing as Him

“A Pennsylvania man who assumed the identity of a baby who died in Texas in 1972 has been arrested on charges of Social Security fraud and aggravated identity theft after the baby’s aunt discovered the ruse on Ancestry.com.

Jon Vincent, 44, was arrested in Lansdale, near Philadelphia, on Monday, but had also lived near Pittsburgh and York, Pennsylvania since 2003 — after first obtaining a Social Security card in the name Nathan Laskoski in 1996, federal prosecutors said. Vincent remained jailed Wednesday, when a federal magistrate ordered him to appear for arraignment May 2.

The real Nathan Laskoski died in December 1972, two months after he was born near Dallas. Vincent stole the dead child’s identity after escaping from a Texas halfway house in March 1996, and used the dead baby’s identity to start another life, prosecutors said. The Texas conviction was for indecency with a child, though the precise sentence Vincent was serving wasn’t immediately clear, said Michele Mucellin, a spokeswoman for the U.S. Attorney’s Office in Philadelphia.

Vincent lived in also lived in Mississippi and Tennessee under his assumed name, holding jobs, getting drivers’ licenses and even getting married and divorced as Laskoski before the scheme unraveled late last year, according to online court records.

That’s when Laskoski’s aunt did a search on Ancestry.com, a genealogy website.

In researching her family tree, Nathan Laskoski’s name came up as a “green” leaf on the website, which led to public records suggesting he was alive. The aunt told Laskoski’s mother, who did more research and learned that someone had obtained a Social Security card under her son’s name in Texas, as well as finding public marriage and divorce records, Laskoski’s mother filed an identity theft complaint with the Social Security Administration.

An investigator from the SSA’s Office of Inspector General took it from there in January, court records show.

Read More

Op-Ed: Doing “God’s Work” from the “Dark Side”

“Prosecutors like to say they are “doing God’s work” by representing the interests of victims. An ex-prosecutor I interviewed for my book, Making a Case for Innocence, used those words when I asked her why some prosecutors are willing to lie or hide evidence to get a conviction, and why some prosecutors seem more focused on winning cases than getting to the truth.

“At the end of the day, we want justice,” she said.

A vague answer, at best.

Still, it might explain the tunnel vision I see infecting some prosecutors: Too many of them seem so driven in their mission to “put the bad guys away,” that they become overconfident in their rightness and are tempted to bend the rules—all to ensure a “mission accomplished.”

I admit, it rubs me the wrong way when a government employee suggests that justice is only served by a conviction. Putting “bad guys” away is all well and fine, but some prosecutors seem to forget that not everyone sitting at the defendant’s table is a “bad guy.”

To a degree, it’s a problem of philosophy: Many prosecutors are in the business of pursuing guilt, so they see it everywhere. To a hammer, everything looks like a nail. And many police departments view themselves more as law enforcers than as society’s protectors, or as crime preventers.

Meanwhile, many criminal defense attorneys and investigators feel as strongly as prosecutors do that they are doing “God’s work.” By protecting the rights of people charged with crimes, they counterbalance the power of prosecutors and police, and thus, make our system fairer for all.

We don’t know the exact number of innocent people currently incarcerated, but we can estimate based on exoneration rates:”

Read More

Miami Student Sentenced for Cyberstalking on Facebook and Instagram

“A Miami student was sentenced yesterday for cyberstalking on Facebook and Instagram.

Wifredo A. Ferrer, United States Attorney for the Southern District of Florida, and George L. Piro, Special Agent in Charge, Federal Bureau of Investigation (FBI), Miami Field Office, made the announcement.

Kassandra Cruz, 23, of Miami, Florida, was sentenced by U.S. District Judge Frederico A. Moreno to 22 months in prison, followed by three years of supervised release, a $100 special assessment, and $2,178.32 in restitution, stemming from her conviction on one count of cyberstalking, in violation of Title 18, United States Code, Section 2261(A)(2)(B).

According to court documents, beginning in June 2015, victim “S.B.” received a “friend” request from Cruz on her Instagram and Facebook accounts. In an effort to gain “S.B.’s” friendship, Cruz created a false persona on her Instagram account wherein she portrayed herself as a male who was an active duty U.S. Marine. Under that ruse, “S.B.” accepted the friend request.

From late June 2015 until September 2015, Cruz, posing as Giovanni, “liked” and commented on pictures “S.B.” posted on both her Instagram and Facebook accounts. However, when “S.B.” noticed that Cruz had begun “following” and “liking” all of her friends pages and posts, she became suspicious and “blocked” and “unfollowed” Cruz from her social media accounts.

As a result, Cruz threatened that “S.B.” would face repercussions at her job and with her family if she did not comply, and specifically threatened to expose “S.B.’s” past via social media. The threats to “S.B.” persisted from Cruz on social media and later via text messaging, and Cruz ultimately demanded on multiple occasions $100,000 in exchange for no further contact, adding that she “knew where “S.B.’s family lived and they should watch their backs because someone would be heading to…to deal with them.” In total, “S.B.” received over 900 unwanted calls and text messages since the beginning of 2016, and the extortionate and threatening messages continued until late April 2016. Ultimately, Cruz was arrested and taken into custody during a pre-arranged meeting in Miami.

Mr. Ferrer commended the investigative efforts of the FBI. This case is being prosecuted by Assistant U.S. Attorneys Jodi L. Anton and Francis Viamontes.

View Source

Arlington Heights police warn about ‘grandkid scam’

Arlington Heights police are warning residents to be wary of calls seeking money to bail loved ones out of jail after an elderly woman was taken for $4,000 last week in a so-called “grandkid scam.”

A scammer phoned the woman on Thursday, claiming to be her grandson, with another person saying her grandson needed money to get out of jail, according to Crime Prevention Officer Brandi Romag.

The woman then followed the scammer’s instructions to go to a local Target store and buy gift cards totaling $4,000, Romag said.

“The sooner they get you moving, the sooner they’ve got you,” Romag said.

She said the scammers told the woman to call them back with details about the gift cards she purchased.

“They ask for the gift cards’ numbers and the PIN, and instantly, the money is gone,” Romag said.

The “grandkid scam” typically begins with a call in which an elderly person is told his or her grandchild needs money for bail, for a medical bill or to get out of some other kind of trouble, according to the Federal Trade Commission website www.ftc.gov. The victim is commonly told the matter is urgent and must be kept a secret, the site says.

“Scammers are good at pretending to be someone they’re not,” the website says. “They can be convincing, sometimes using information from social networking sites or hacking into your loved one’s email account to make it seem more real. And they’ll pressure you to send money before you have time to think.”

Officials advise that anyone receiving such a call should hang up immediately, then call his or her grandchild’s phone number or another family member to determine whether the problem is legitimate. But the scammers can be very persuasive, authorities say.

“Sometimes these callers are very adamant, and they tell the victim they’ll stay on the line with them or will call them back in 10 minutes,” Romag said.

She said often the phone scams involve an easily obtained gift card.

“These offenders prey on your emotions,” Romag said. “It doesn’t make any sense that you’d need to buy a gift card in these situations, but the elderly victims are being told that their grandchildren are in trouble and by the time they figure out something’s not right, it’s too late.”

View Source

U-Haul truck filled with ATMs found by police

WASHINGTON (ABC7) — D.C. Police say they discovered ATM machines inside an abandoned U-Haul truck Monday, and now they are working with police in neighboring Prince George’s County to see if they include some of the five machines recently stolen there.

A resident of a Southeast Washington neighborhood called in to report the abandoned U-Haul, which was blocking parking spaces in an area near 2021 38th Street SE.

When police looked inside, they say they saw at least four ATM machines and a safe.

The area where the U-Haul was found is just a couple blocks from the border with Prince George’s County, where police say five ATM machines have been stolen in the last month.

Prince George’s County did not give the exact locations where the ATM machines were stolen but did say they were scattered in different parts of the county.

ABC7 News confirmed with an employee at a Mobil Corner Mart on Livingston Road in Fort Washington that an ATM had been stolen from outside the store last week.

The employee expressed hope that the machine had been found.

The employee says surveillance video shows that the thieves tied the ATM machine to a white truck and then yanked it from its place outside the store. The theft happened this past Wednesday.

View Source