Latest Posts:
TheTechAgents
Tag

RPT

Browsing
Internet

Leverage technology to accelerate response to school violence: RPT By Techagents

Schools are pouring a flood of money on safety products. Yet, according to a new report from Parks Associates, there hasn’t been enough thought about how products can be leveraged to better respond to violence in schools.

The market research and consulting company in Edison, Texas, noted in its report that schools have promoted access control practices, the use of faculty badges and security cameras for nearly 20 years, but the measure does not adequately secure schools. have found. violence.

Citing data from the School Survey on Crime and Safety, the report said that during the 2017-18 school year, 71% of schools experienced at least one violent incident, and 21% reported one serious violent incident. experienced. The National Center for Education Statistics released similar figures for the 2019-20 school year.

“Although these data points are from a variety of organizations, the numbers show a 4% increase in serious violent incidents even though the use of surveillance cameras, access control and other security systems on school grounds is at an all-time high,” wrote author Parks . President and CMO Elizabeth Parks and research intern August Ward.

“Schools are spending a lot of money on security products, but they don’t do a great job at thinking through feedback,” said Mark Hatton, CEO of MutualLink, a provider of interoperability security solutions based in Wallingford, Conn.

“All of those security products are produced proof after the fact. They haven’t been coordinated and considered for response,” Hatton told TechNewsWorld.

better access control

The report notes that evolving school safety technology is providing increasingly efficient support to first responders.

“Advanced technologies increasingly give first responders a lot of additional information about what’s happening in the environment without relying on humans to relay that information,” Parks told TechNewsWorld.

The report noted that access control systems allow people to skip the step of tracking the closing of doors. Access control systems enable people to control whether the doors have been locked or not.

In the Uvalde tragedy, it added, a school door that would normally have been closed was left open, allowing gunmen to enter. A machine locking system may have prevented this.

The report indicated that advances in artificial intelligence and machine learning could also accelerate reaction times. AI and ML can identify suspicious activity, identify dangerous objects, recognize patterns and organize data and evidence, it continued. These are powerful capabilities to improve safety and response times, especially when this can happen without the assistance of an operator.

However, Parks said that automation should not be a substitute for human intervention. “Technology and automation should be used not to replace humans but to provide better information to humans so that humans can respond better,” she said.

zeroeyes technology

Dot Blackwell, the superintendent of Vassar Public Schools in Vassar, Michigan, however, believes that school safety technology is less effective at addressing violence problems when it relies on staff for monitoring or management.

Vassar Public School, 45 minutes from Oxford High School, the scene of a mass shooting in November 2021 that killed four students, and injured seven people, including a teacher, recently installed a new security system called ZeroEasy. was done.

ZeroEyes works with existing video surveillance systems at a school to identify firearms. It can alert first responders of a potential threat in three to five seconds – even though the image of a threat must pass human muster before it can be forwarded to the appropriate authorities.

Blackwell told TechNewsWorld, “ZeroEyes Technology is the first product our school district has discovered, offering an innovative way to monitor activities in our buildings and our parking lots that could give us precious minutes to save lives.” Is.”

press panic button

Another technology cited in the report is panic devices that enable emergencies to be reported without explanation. In some respects, technology is more efficient and effective than humans.

MutualLink can amplify information sent to first responders before tools such as panic buttons.

“When you press a panic button, in about four seconds, the school’s floor plan along with the camera feed is sent to the police,” Hatton explained.

“The fact is, if someone wants to cause harm, they are likely to enter the school,” he said.

“When security products designed to keep intruders out of school fail to do so, MutuLink may immediately share information about those products with police.”

“MutualLink converts day-to-day security products into effective response products,” Hatton said.

Technologies need to work together

The report also referred to the Personal Emergency Response System. It explained that the PEAR device enables school staff with just the press of a button to contact first responders when needed. According to the report, the technology can improve and simplify response times, which is one of the most important problems with threats operating on campuses.

One of the benefits of the devices mentioned in the report is their low cost, which is why they are being used more frequently in schools. However, one challenge with this technology and security systems, in general, are false alarms.

According to Parks’ research, nearly half of security owners say their security system triggers too many false alarms. Additionally, 62% of home security owners report experiencing one false alarm in the past 12 months, and about 10% report having experienced more than five false alarms in the past year.

The report states that a number of technologies must work together to effectively secure a school. Every school has a different layout, population size, and funding, which means that one set of security solutions will not work for everyone. Every state, it continued, has different rules and grant systems for their schools, which in turn makes it difficult to integrate security companies nationwide.

Time will tell how these new technologies perform, Parks’ report predicts. School safety technology is beneficial, but currently, more metrics are needed to evaluate the technology used for school safety. It noted that the technology cannot guarantee flawless defense against security breaches and threats. Nevertheless, it can help reduce the likelihood of a dangerous situation occurring and create efficiency in emergency response.

“How can we stop school violence is a million dollar question,” Parks said. “I don’t know if we have the answer yet. But any threat to the safety of children in school is the best answer we can have.”

Read More
By
Internet

Around 50% of 2021 phishing aimed at government employees: RPT By Techagents

Nearly 50% of all phishing attacks in 2021 were aimed at taking away the credentials of federal, state and local government employees, according to a report released Wednesday by the endpoint-to-cloud security company.

Phishing attacks on civil servants increased 30% from 2020 to 2021, with one out of every eight workers exposed to phishing threats during this period, a report prepared by Lookout and 200 million devices and 175 million apps Based on the analysis of unknown data from The company deals with federal, state and local government customers.

While malware delivery is dominated by mobile phishing attacks outside the public sector, credential theft is on the rise, a 47% increase in 2021 compared to the previous year, as malware delivery declined by 12% during the same period .

Compromised credentials provide an easy way for those threatened to get their hands on the valuable data that governments hold.

“The first thing that comes to mind is nation-state actors trying to establish a presence on government networks,” said Mike Fleck, senior director of sales engineering at cloud-based security provider Siren in McLean, Va.

“Fraudsters will also be interested in access – think fake unemployment claims and “cleaning up” of stolen vehicles,” he told TechNewsWorld.

“When it comes to government,” said Lookout Senior Manager for Security Solutions Steve Banda, “there is going to be some highly confidential information available that is going to be valuable to some party somewhere, either a malicious person or nation state.”

Expansion in BYOD Government

The report also noted that all levels of government are increasing their reliance on unmanaged mobile devices. The use of unmanaged devices in the federal government increased by about 5% from 2020 to 2021 – and closer to 14% for state and local governments during the same period.

“We’ve seen a lot of change in what organizations are starting to do with mobile devices,” Banda told TechNewsWorld. “There is a big shift toward unmanaged, especially as agencies become more comfortable adopting BYOD strategies.”

“Remote work has certainly accelerated BYOD,” he said.

While the increased use of unmanaged equipment suggests an expansion of remote working, it may also be a recognition of the benefits of BYOD for employees and agencies.

“I’ve had separate work and personal phones before, and it’s very easy to do everything on one device,” Fleck said.

“Covid forced remote work faster than any government procurement cycle,” he explained. “It is understandable that agencies were forced to adopt BYOD policy faster than their ability to purchase and deploy mobile device management platforms.”

Greater Phishing Exposure

Permitting the use of unmanaged equipment also indicates that agencies are finding that employees can work effectively remotely, maintained a safety awareness advocate at KnowBe4, a safety awareness training provider in Clearwater, Fla. .

“Modern software and tools allow for unprecedented collaboration capabilities, and the tools being used are more capable than ever,” he told TechNewsWorld.

“With the onset of Covid forcing many organizations that were resistant to working remotely to implement the strategy, a lot of organizations have seen benefits in allowing this to continue,” he said.

More than a third of state and local government employees are using personal devices for work in 2021, the report said, adding that these agencies are leading the adoption of BYOD.

While this offers employees more flexibility, it acknowledged that these unmanaged devices are more frequently exposed to phishing sites than managed devices, as unmanaged personal devices connect to a wider range of websites and more diverse types. use of apps.

“My experience shows that remote workers may be more vulnerable to phishing because they are working in an environment that blurs the line between job and home life than they are in the office. become more comfortable and less alert,” Krone said.

Ray Stein, CSO of Mainspring, a provider of IT-managed services in Frederick, MD, said remote workers are no more likely to fall for a phishing scam than other employees.

“But without the supervision or protection of an enterprise firewall, it’s easy to reach them through different channels,” he told TechNewsWorld. “This increases the number of phishing scams they are exposed to, leaving them more vulnerable than long-term office workers.”

old android version

The report had good and bad news about government employees running older versions of Android on their phones.

The bad news was that nearly 50% of state and local government employees are running the older Android operating system, exposing hundreds of device vulnerabilities to them.

The good news is that this is a marked improvement in 2021, when 99% of mobiles were running older versions of the operating system.

The report states that keeping the mobile operating system up to date is the best form of cyber security. However, government agencies or departments may choose to delay the update until their proprietary app is tested, it continued. This delay creates a vulnerability window during which a threat actor can use a mobile device to access an organization’s infrastructure and steal data.

“New releases or versions of the OS build on their previous releases, including all security enhancements and improvements,” said Stuart Jones, director of the CloudMark division at Proofpoint, an enterprise security company in Sunnyvale, Calif.

“Without the latest version of the OS,” he told TechNewsWorld, “the benefits of these enhancements are not available on the device or for the user.”

Stein said that in 2021, Google’s Threat Analysis Group (TAG) discovered at least nine zero-days affecting its products, including Android devices.

“Patches for those vulnerabilities were included in Android updates, but users stuck on older OS versions may not benefit from them,” he said.

need for extreme caution

Banda said it can be challenging to keep pace with Android due to its fragmented environment.

“To update to a certain level, you must have the correct combination of mobile operator and device manufacturer’s firmware,” he explained. “There are a number of factors that determine whether you can take on release.”

Not only does this make it difficult for the user to keep their Android version running, but it also makes it difficult for employers to keep the devices secure. “A company needs to know who is running which version of Android,” Banda said. “They have to figure out how to get that visibility and create policies so everyone can get up to speed on the latest version available to them.”

After working in the federal space for most of his career, Sami Allini, a biometrics specialist at Contrast Security, a maker of self-protecting software solutions in Los Altos, Calif., said he’s tormented about how long adversaries will exploit and infiltrate government institutions.

“As an activist in this field, one must be vigilant about all interactions, including those with colleagues,” he told TechNewsWorld. “As this report shows, phishing, a form of social engineering, is on the rise, and for good reason. Social engineering is one of the most effective ways to gain access to information or property that someone has access to. Shouldn’t have passed.”

Read More
By
Internet

Around 50% of 2021 phishing targeting government employee credential theft: RPT By Techagents

According to a report released Wednesday by the endpoint-to-cloud security company, nearly 50% of all phishing attacks targeted at government personnel in 2021 were taking away the credentials of federal, state and local government employees.

Phishing attacks on civil servants increased 30% from 2020 to 2021, with one out of every eight workers exposed to phishing threats during this period, a report prepared by Lookout and 200 million devices and 175 million apps Based on the analysis of unknown data from The company deals with federal, state and local government customers.

While malware delivery is dominated by mobile phishing attacks outside the public sector, credential theft is on the rise, a 47% increase in 2021 compared to the previous year, as malware delivery declined by 12% during the same period .

Compromised credentials provide an easy way for those threatened to get their hands on the valuable data that governments hold.

“The first thing that comes to mind is nation-state actors trying to establish a presence on government networks,” said Mike Fleck, senior director of sales engineering at cloud-based security provider Siren in McLean, Va.

“Fraudsters will also be interested in access – think fake unemployment claims and “cleaning up” of stolen vehicles,” he told TechNewsWorld.

“When it comes to government,” said Lookout Senior Manager for Security Solutions Steve Banda, “there is going to be some highly confidential information available that is going to be valuable to some party somewhere, either a malicious person or nation state.”

Expansion in BYOD Government

The report also noted that all levels of government are increasing their reliance on unmanaged mobile devices. The use of unmanaged devices in the federal government increased by about 5% from 2020 to 2021 – and closer to 14% for state and local governments during the same period.

“We’ve seen a lot of change in what organizations are starting to do with mobile devices,” Banda told TechNewsWorld. “There is a big shift toward unmanaged, especially as agencies become more comfortable adopting BYOD strategies.”

“Remote work has certainly accelerated BYOD,” he said.

While the increased use of unmanaged equipment suggests an expansion of remote working, it may also be a recognition of the benefits of BYOD for employees and agencies.

“I’ve had separate work and personal phones before, and it’s very easy to do everything on one device,” Fleck said.

“Covid forced remote work faster than any government procurement cycle,” he explained. “It is understandable that agencies were forced to adopt BYOD policy faster than their ability to purchase and deploy mobile device management platforms.”

Greater Phishing Exposure

Permitting the use of unmanaged equipment also indicates that agencies are finding that employees can work effectively remotely, maintained a safety awareness advocate at KnowBe4, a safety awareness training provider in Clearwater, Fla. .

“Modern software and tools allow for unprecedented collaboration capabilities, and the tools being used are more capable than ever,” he told TechNewsWorld.

“With the onset of Covid forcing many organizations that were resistant to working remotely to implement the strategy, a lot of organizations have seen benefits in allowing this to continue,” he said.

More than a third of state and local government employees are using personal devices for work in 2021, the report said, adding that these agencies are leading the adoption of BYOD.

While this offers employees more flexibility, it acknowledged that these unmanaged devices are more frequently exposed to phishing sites than managed devices, as unmanaged personal devices connect to a wider range of websites and more diverse types. use of apps.

“My experience shows that remote workers may be more vulnerable to phishing because they are working in an environment that blurs the line between job and home life than they are in the office. become more comfortable and less alert,” Krone said.

Ray Stein, CSO of Mainspring, a provider of IT-managed services in Frederick, MD, said remote workers are no more likely to fall for a phishing scam than other employees.

“But without the supervision or protection of an enterprise firewall, it’s easy to reach them through different channels,” he told TechNewsWorld. “This increases the number of phishing scams they are exposed to, leaving them more vulnerable than long-term office workers.”

old android version

The report had good and bad news about government employees running older versions of Android on their phones.

The bad news was that nearly 50% of state and local government employees are running the older Android operating system, exposing hundreds of device vulnerabilities to them.

The good news is that this is a marked improvement in 2021, when 99% of mobiles were running older versions of the operating system.

The report states that keeping the mobile operating system up to date is the best form of cyber security. However, government agencies or departments may choose to delay the update until their proprietary app is tested, it continued. This delay creates a vulnerability window during which a threat actor can use a mobile device to access an organization’s infrastructure and steal data.

“New releases or versions of the OS build on their previous releases, including all security enhancements and improvements,” said Stuart Jones, director of the CloudMark division at Proofpoint, an enterprise security company in Sunnyvale, Calif.

“Without the latest version of the OS,” he told TechNewsWorld, “the benefits of these enhancements are not available on the device or for the user.”

Stein said that in 2021, Google’s Threat Analysis Group (TAG) discovered at least nine zero-days affecting its products, including Android devices.

“Patches for those vulnerabilities were included in Android updates, but users stuck on older OS versions may not benefit from them,” he said.

need for extreme caution

Banda said it can be challenging to keep pace with Android due to its fragmented environment.

“To update to a certain level, you must have the correct combination of mobile operator and device manufacturer’s firmware,” he explained. “There are a number of factors that determine whether you can take on release.”

Not only does this make it difficult for the user to keep their Android version running, but it also makes it difficult for employers to keep the devices secure. “A company needs to know who is running which version of Android,” Banda said. “They have to figure out how to get that visibility and create policies so everyone can get up to speed on the latest version available to them.”

After working in the federal space for most of his career, Sami Allini, a biometrics specialist at Contrast Security, a maker of self-protecting software solutions in Los Altos, Calif., said he’s tormented about how long adversaries will exploit and infiltrate government institutions.

“As an activist in this field, one must be vigilant about all interactions, including those with colleagues,” he told TechNewsWorld. “As this report shows, phishing, a form of social engineering, is on the rise, and for good reason. Social engineering is one of the most effective ways to gain access to information or property that someone has access to. Shouldn’t have passed.”

Read More
By