ANSI/ASIS PSC.1-2012; Implementation Recommendations

              Lisa DuBrock, CPA, CBCP, MBCI, is a Managing Partner for Radian Compliance, LLC, where she specializes in implementing private security company management system standards as well as information security standards for her clients. She is also a contributing writer to this website. Given some of the recent comments and questions presented to our staff regarding the steps needed to implement the ANSI/ASIS PSC.1-2012, Management System for Private Security Operations (soon to be released as a standard under ISO), our staff … [Read more...]

Data Breach Costs now Average $154 per Record

In a recently published benchmark research report it was found that executives in 2015 – motivated by growing concerns from ongoing data breaches and other cyber-attacks to their organizations – are now paying greater attention to the security practices of their organizations. To that point, research from that report also indicated that the average total cost of a data breach for the 350 companies participating in this research increased from $ 3.52 to $ 3.79 million US dollars (e.g. a 23% increase in total cost of data breach since 2013). The average cost paid for each lost or stolen … [Read more...]

Certification Body: Good Resource for Learning about PSC.1

By: Ben J. Carnevale In support of our staff’s efforts to further expand on the topic of the most recognized certifiable standard related to private security companies --- ANSI/ASIS PSC.1 – 2012: Management System for Quality of Private Security Company Operations --- this posting will introduce and offer our readers additional information and a beginning of a series of steps in the process of bringing a private security company (PSC) into compliance with and/or certification to this standard. One of our contributing writers on this topic-- Lisa DuBrock CPA, CBCP, MBCI, MBA– Managing … [Read more...]

Supply Chain Disruption Report Just Released

For many of our readers and the organizations where they work, any kind of supply chain disruption could easily qualify as a serious incident and one that would easily have been discussed and included in their disaster preparedness planning process. With that thought in mind, our staff recommends reading and potentially adding a recent EventWatch™ 2014 Supply Chain Disruption report to your organization’s business continuity and disaster preparedness team’s reading resource library. This report  This report was funded and supported by Resilinc’s database of over 40,000 suppliers and over … [Read more...]

Private Security Companies and PSC.1

As follow-up to an earlier posting on this website, and to several requests for more information regarding information and background on the ANSI/ASIS PSC.1-2012: Management System for Quality of Private Security Company Operations standard, our staff would like to direct our readers to an article recently posted by James Schmitt from the Human Analytics group. As reported earlier, members of the Human Analytics group participate often as contributing writers to this website and with a rising interest in our readership of standard related activities and private security companies, Schmitt’s … [Read more...]

Emergency Management and America’s PrepareAthon! Campaign

by Ben J. Carnevale Business Continuity, Resiliency and Emergency Management Planning teams are often looking for additional ideas, programs and campaigns to help those teams be more prepared and ready to mitigate losses from potential disasters affecting the organization where they work, and the community where they work and live with their families. Our staff believes that the America’s PrepareAthon™ campaign qualifies as one of the best resources for those teams to look for ideas and assistance for taking action to increase emergency preparedness and resilience. America’s … [Read more...]

Private Security Companies Considering Compliance with PSC.1

by Ben J. Carnevale Recently, our staff has been researching developments related to efforts by both the U.S. Department of Defense and the U.K. Foreign Commonwealth Office to support the creation of a certifiable standard for private security operations. This posting will try to address some of those developments and begin this website’s process to now include these activities as consideration and subject matter encompassed by this website’s   objective to keep our readers informed of all related continuity and compliance requirements affecting their companies where they work and their … [Read more...]

Is Password Recycling Addressed in Your Information Security Metrics?

                              Maria Deutscher, who is a staff writer for SiliconANGLE, recently reported on the results of a new report from Netskope, Inc. reinforcing perhaps much of what our readers already know – e.g. for many - if not most enterprises - cloud security and security metrics of effectiveness and privacy in the cloud remain a “work-in-progress”. Nonetheless, one of those issues of “work-in-process” is bringing attention to the information security related risks surrounding password recycling. However with that being said, this report … [Read more...]

Cyber Security Federal Workforce — Key to Reducing Federal Cyber Security Incident Levels?

In a recent report entitled “Keeping Talent” it was found that the federal cyber security workforce in the U.S. will erode due to fragmented governance and uncoordinated leadership, a complicated federal hiring process, a disconnect between hiring managers and the government's human resource specialists, and more importantly, a lack of qualified and skilled talent to fill these jobs. This report was sponsored and written by the cooperation of the Partnership for Public Service (PPS) and Booz Allen Hamilton groups, and, while it certainly talked of an apparent pending HR risk, of lacking … [Read more...]

FTC Allowed to Proceed with Lawsuit against Hotel Group after Information Security Breaches

This website and its readers are well aware of the risk management challenges and opportunities for companies to make decisions over the growing number of information security breaches related activities. Unfortunately, many of these concerns can easily be lost over these risk mitigation topics for small business firms. Nonetheless, supply chain management dynamics can often force even small business firms to have to pay attention to recent developments in this area of information security enforcement--- and --- it is with this point in mind that our staff focused its attention on the … [Read more...]