Travis Scott is facing lawsuits and a barrage of well-deserved criticism in the wake of the terrible Astroworld disaster, which claimed the lives of eight people and injured many more.
Concertgoers took to social media to express their dissatisfaction with the event’s management, claiming a lack of security and medical personnel. Others have blamed the enraged spectators for their antics.
3 key factors that are essential for implementing a successful special event security plan are:
- Pre-event site risk assessment
- Working with local officials
- Post-Event Review
1. Pre-Event Site Risk Assessment
Event venues are usually enormous spaces with complex layouts, which generally translates into numerous security risks. Therefore, a pre-event venue inspection checklist is critical for security guards to familiarize themselves with the venue and obtain a high level of security awareness.
In collaboration with event planners, security leaders should decide strategic checkpoints, guard posts, high traffic/high-risk areas, and any other particular requirements for that specific venue and event during the pre-event inspection.
At the very least, a comprehensive event security checklist should include:
- A detailed risk assessment.
- Crowd controlling measures.
- Emergency response plan.
- Communications and coordination plan.
Astroworld security challenges
Several security officers who worked at the Astroworld festival said they were unprepared for the event. According to one security guard, he was “understaffed in every sense of the word.” Eight people were killed, and several were injured due to a claimed crowd surge during the concert. Scott later stated that he was unaware of the gravity of the situation.
2. Working with local officials
Local law enforcement and first responders are usually present on the day of the event. Still, security leaders must ensure that personnel knows specific contingency plans regarding how they are to collaborate and assist in an incident.
The event’s nature will necessitate collaboration among a slew of municipal, regional, and federal authorities, each with its own set of tasks and responsibilities. Formal and informal interactions with these stakeholders are essential for creating strong relationships that will be needed throughout the event, as well as organizing crossing-cut activities in operational plans.
Lack of security guard training
To put it mildly, the requirements for becoming a qualified security guard are essential, and unless the trainee has previous military or law enforcement experience, the training does not prepare them for real-world challenges. In Texas, for example, you only need to complete a 48-hour class to be an armed security guard. Additionally, the State of Florida requires security guard training to be taught at a licensed security school and necessitates 40 hours of training to be eligible for the class D security license.
Unfortunately, most security guard training only introduces a few broad topics without reinforcing fundamental security skills.
3. Post-event review
A debrief is necessary whether there was an incident or the event was completely safe with no issues. All parties involved in the debriefing should be present, including the security personnel, event organizers, and, if possible, local officials. This allows all participants to assess their performance and, more importantly, learn how they might improve in the future.
Keys to successful event security
Event security requires much more than simply stationing security personnel across the site. Communication plays an important part and that is why at @DavidSecurity we are dedicated to helping organizations write authentic and actionable security content.
Each event presents its own unique set of challenges and requires a great deal of collaboration and communication. By taking time to conduct a pre-event assessment and collaborating with local officials, event planners won’t eliminate all risks but they will at the minimum ensure that everyone is focused on the one thing that matters most: human safety.
Content writing is not exactly a new digital trend, but its reach has expanded in recent years. Even before the great digital shift of 2020, B2B companies were using digital content marketing strategies at a high rate.
In 2019, as many as 87% of B2B companies used digital content marketing to drive engagement and promote brand awareness.
The power and value of content writing can not be understated. Consistent, high-quality content writing is an invaluable way to connect brands with their consumers.
The good news is that businesses of all sizes may now leverage the internet to obtain greater visibility than ever before. Security service providers that provide guard and patrol services and physical security integration can use content writing to improve audience engagement and retention.
The challenge is finding competent content writers that can deliver authentic and engaging security content.
Use this checklist to avoid wasting time on writers that aren’t a good fit for your requirements:
5-step guide for hiring an optimal security content writer.
1. Know where to look
2. Ask for writing samples
3. Conduct a tone check
4. Check past feedback
5. Setup for success
Subscribe to get the best security marketing insights straight to your inbox!
Qualities of a strong freelance content writer
It’s scary to recruit outside help since you don’t want to harm your company’s reputation and standing. It may take some time and effort to find the proper fit, but it is possible. It is feasible to find a successful freelance content writer if you know where to look.
You want a self-starter that knows your industry and has strong research skills as well as a solid understanding of SEO. Above all else, you want someone that you can trust and collaborate with efficiently.
The good news is that these experienced article writers do exist, and they can assist your company in generating new leads. They can give credibility and worth to your blog and online material that would otherwise go undetected. They are critical to your overall success.
Hiring a freelance security content writer
Working with a skilled writer is an essential part of a successful content marketing strategy. This is especially true for the security service sector. Working with a content writer that has a strong security background and can communicate well with your target audience will make all the difference in the world!
Here are five practical steps that will help you identify and hire your ideal security content writer:
1. Know where to find qualified security writers
The best place to start is by searching freelance platforms such as UpWork and nDash. These sites contain a great selection of reputable and experienced content writers with a track record of success. This can be both good and bad, as the sheer volume of candidates can make it challenging to identify the ideal content writer. However, by following the steps below, you can narrow the candidates and determine the best match.
2. Ask for writing samples
You can get a sense of the talent and abilities of a content writer by simply reviewing their previous work. In my opinion, they won’t be worth the money if they are not familiar with the security industry or at the very least have a base level understanding of your particular field, sector, or mission. This is because your goal should be to increase your authority and position in the market, not to jeopardy your service or reputation.
3. Conduct a tone check
When reviewing a writer’s previous work, you want to focus on tone. To put it simply, tone refers to how a writer employs specific words in a particular way to connect with the reader. Not only does tone assist in delivering data, but it also does so with an attitude. Make no mistake about it; the right tone will deliver higher engagement and motivate the reader to take further action.
4. Check past feedback
Once you’ve limited it down to a handful of freelancers you’d want to approach, go ahead and give each one a little more thought. First, examine their previous work and portfolios. Then, take the time to read their writing to see if their tone, voice, and point of view are compatible with you and your company.
5. Setup for success!
Let’s say you’ve found someone who’s a good match for you. They have a strong security background and track record of success. You’ve conducted your due diligence and they are on board with your project terms. Now you have to provide them with the information and support they need to deliver authentic and engaging content.
It’s critical for your company’s success to connect with a qualified security content writer that can deliver authentic and engaging content. Find a writer who is a good fit for your requirements. Before you hire somebody new, ask yourself what your marketing and company goals are. Find a writer specializing in SEO security content if you want to provide quality content for your customers.
Make sure that your needs are precise and that you provide your writer with all the ingredients to succeed. Review these 5 steps to avoid wasting time and remember that authentic content writing is a process that requires collaboration, patience, and trust.
Whether you are a security expert or a newbie, if you work in the physical security industry, you are likely to receive a lot of security marketing. In fact, in today’s security-conscious world, chances are that even if you’re not in the security field you are still seeing all types of ads about the importance of security and safety, especially if you spend time on LinkedIn and Youtube.
If you’re on the marketing and sales side of security, how do you leverage your message to reach the right buying audience? In other words, how do you get CSO Steve to click on the link, more specifically how do you get people to take action? In this article, I’ll cover the value of actionable marketing and provide some effective examples.
What is Security Marketing?
So you are scrolling through LinkedIn and you come across a flashy post about “the benefits of thermal security cameras”. Curious, you click on the post and read about the benefits of thermal security cameras and now you want to learn more. What just happened?
Well many things. In fact, too many to list in one single article but let’s just say that when it comes to security marketing (or any type of marketing for that matter!) there is a science and an art element that most people are not aware of.
Security marketing is not just about getting your attention and making you click on a link (sure that’s part of it) but it is also about educating, and promoting security solutions to the right market in various ways, from print to digital. Remember that it’s more than just security cameras and keyfobs, it’s also video management systems, cloud-based systems, and much more.
What makes Security Marketing effective?
Every industry has its own unique challenges and opportunities and physical security is no different. Digital marketing can work for any business in any industry. Regardless of what your company sells, digital marketing still involves building out buyer personas to identify your audience’s needs and creating valuable online content.
Need Authenitc and Actionable Security Content? Learn how @DavidSecurity can help.
Actionable Security Marketing
At the end of the day, effective marketing is about being able to answer a pain point. It is about posting value and inspiring ACTION!
Actionable marketing focuses on getting prospects to engage with your brand and buy from your company in a transparent way that builds trust and relationships. It’s a hybrid of branding and direct marketing that works across different platforms and devices creating value for both the company and the customer.
When it comes to selecting a physical security product or service Security Directors and decision-makers are basically looking for 3 main factors before even considering clicking the “Learn More” or “Subscribe” bottoms.
I like to call these factors the 3 Ts of Actionable Security Marketing. Actionable security markeitng is
- Trust- The issue of trust is a major factor within any industry but when it comes to life safety and security the bar is raised to another level. Before clicking on the link security decision makers need to feel that warm and fuzzy feeling that tells them “this company is legit”.
- Technology:-Security professionals want to stay one step ahead of the bad guys. They want to feel like they’re on the cutting edge, so words and images that express technical inovation are important.
- Time-Security decision makers are busy professionals. The chances of them clicking on a post that offers the “complete history of the manufcaturing industry” are not as good as the “top 5 security cameras for warehouses”.
By now I think we’ve covered enough of the theories and prinicples. Let’s review some examples of effective actionable security marketing.
10 Examples of Great Security Marketing
1. Axis Communications
Axis Communications digital marketing is always on point! This LinkedIn post is very effective because it starts off with an informative question. Questions are one of several rhetorical devices commonly used to drive engagement. When utilized correctly, they can be a boon to your copywriting because they inspire your audience to take action!
Hikvision video productions are on another level! I don’t really need to say much regarding how effective their thumbnail is, if you haven’t clicked on the video already, just read it one more time and if you are in the market for an IP-based video security system there is a BIG chance you are going to click it right away.
Honeywell really makes an impact with this post. They know that security professionals on LinkedIn are scrolling with a purpose. That’s why they use IMPACTFUL statistics that are sure to get a reader to slow down. More importantly, their message is backed by substance which makes you want to learn more.
FLIR is the Jason Bourne of security marketing. Their content is crafted for security professionals that want to either purchase or learn more about the latest innovations. This is especially true when it comes to thermal cameras have a strong position within the market.
Brivo Earth Day post was fantastic! With the increasing environmental concerns in recent years, many organizations are now incorporating environmental issues into their content. The fact that they back their words with action is a win/win for the security community and environment.
Openpath really has no competition when it comes to explaining the value of touchless solutions. This video is just one example of the many engaging content that they create regarding touchless solutions.
Avigilon (Motorola Solutions), does a great job here of using words and powerful images to generate engagement. There are so many good points to this post that I would need to write a separate article for it. Let’s just say that the words free thermal camera and act fast are not there by accident.
HID Global does a great job with this explainer video. Explainer videos are so effective because they combine audio and visual stimulus to explain a concept in a simple and understandable way.
Kisi combines the power of images and effective questioning to generate action. Various reports show that questions lead to more engagement. How much does access control cost? Very few security decision-makers will continue scrolling after reading that powerful question.
Bosh delivers with this video by doing what all the previous examples did and adding extra creativity. “Imagine when you know what’s next?” The power of that question is undeniable. Everything about the thumbnail, title and video are excellent examples of actionable security marketing.
Security marketing covers a wide range of products and services, from thermal security cameras to access control installations. While the number of security manufacturers and integrators are many it all comes down to creating engaging content and then delivering as promised.
Are you a security manufacturer or integrator? Well then we can help with authentic and actionable security content. Reach out if you want to hear more.
What new security marketing idea are you ready to try for your brand?
A big part of success in physical security comes not in winning battles but in avoiding them altogether. In order to make our buildings, facilities, and warehouses less attractive for would-be criminals we need to have effective preventive measures in place. Preventive measures reduce the likelihood of a deliberate attack, introduce delays, reduce vulnerabilities, or otherwise cause an attack to be unsuccessful. Let’s talk security!
Preventive measures protect vulnerable resources, introduce delays, and make an attack unsuccessful or reduce its impact. They include both physical and psychological deterrents. Physical security measures such as anti-climb fences, bollards, and locks are physical deterrents. Even more effective than these are psychological deterrents such as security cameras, security guards, and high-tech security innovations such as mobile surveillance devices. A quote from the great Bill Russell actually teaches us a lot about the key to effective preventive measures:
“The idea is NOT to block every shot. The idea is to make your opponent believe that you might block every shot.”-Bill Russell
Subscribe to the @DavidSecurity blog and receive regular security management insights!
Physical Security Prevention
When it comes to physical security, prevention is the most desirable option. Enhancing existing security systems and introducing appropriate security measures based on vulnerability assessments are crucial to preventing security incidents.
A Security Vulnerability Assessment is the process that includes determining the likelihood of an adversary’s successfully exploiting vulnerability, and the resulting degree of damage or impact. Based on this assessment, judgments can be made on the need for additional countermeasures.
5 Steps to Develop Effective Physical Security Measures
Since it is difficult to completely eradicate all risks, we must rely on sound principles that improve our security posture. Here is a five-step process to develop effective physical security measures:
- First, an organization should commission the Chief Security Officer (CSO) or consult with a security professional to conduct a threat assessment of its facilities and operations. The purpose of this analysis is to identify significant hazards and determine the risks of a security incident.
- The second step is to establish monitoring protocols to ensure that operations are not disrupted by identifying critical control points (the locations, processes, functions, or times when the operation is most at risk) and critical control points (the locations, processes, functions, or times when the operation is most at risk).
- With the above data, we can assess significant threats or hazards, as well as exposure, to evaluate the probability of occurrence and critical control points.
- Now we are ready to develop and implement preventive measures to reduce hazards. These preventive measures will be a combination of architectural, operational, and system measures.
- Finally, we can confidently develop security monitoring procedures for each critical control point.
It is important to note that monitoring procedures are systematic, periodic activities meant for ensuring that critical controls are in place and not compromised in any way. Equally as important to note is that this is a continuous process that requires a collaborative approach.
Before we get into physical protection systems, it is important to note that in order to protect your company and its assets, the very first step is to perform a threat and vulnerability analysis. Based on that analysis, the Chief Security Officer (CSO) or property manager, etc., can then coordinate with security integrators and implement physical protection systems (PPSs) to provide safeguards that mitigate the threats.
A physical protection system (PPS) integrates people, procedures, and equipment for the protection of assets or facilities against theft, sabotage, or other malevolent human attacks.
Physical Protection Security Measures
Physical security involves the use of multiple layers of interdependent systems that can include CCTV surveillance, security guards, protective barriers, locks, access control, perimeter intrusion detection, deterrent systems, fire protection, and other systems designed to protect persons and property. For the purposes of simplicity we can divide security measures into three types:
- Preventive measures: These are arrangements that reduce the likelihood of a deliberate attack, introduce delays, reduce vulnerabilities, or otherwise cause an attack to be unsuccessful.
- Corrective measures: These are efforts meant to reduce the effects of an attack and restore the facility to normal operation.
- Detective measures: These steps and plans meant to help discover attacks and activate appropriate preventive or corrective measures.
Physical protection systems consist of a proper mixture of architectural, operational and security systems elements.
PPS Architectural Elements
Architectural elements include barriers and locks, exterior and interior lighting, critical building services, space layout, parking, and dock facilities just to name a few. For example retraceable bollards serve as an effective solution to address the challenge of securing access points that are shared by both vehicles and pedestrians.
PPS Operational Elements
Operational elements refer to organization and staffing, policies and procedures, training, visitor control, security guard staffing, incident responses, and the administration of security systems among other factors. In the picture above, we can see a campus security guard on duty at their operational center. Campus security guards respond by observing and reporting violations related to their policies and regulations.
PPS Security Systems
Security systems include automated access control systems, intrusion detection and alarm systems, closed-circuit television (CCTV) systems, communication systems, and security control center equipment. Additionally, touchless technologies and cloud-based security solutions are increasingly becoming essential components of an organization’s security toolbox.
Emerging Touchless Access Control Technologies include:
- Wave-to-Open Door Sensors
- Mobile Credentials
- Contactless Fingerprint Sensors
- Iris Scanners
- Facial Recognition
- Touchless Turnstiles
Future of Physical Protection Systems
In today’s highly technological and health conscious world, Physical Protection Systems (PPS) will have to address both new as well as traditional risk factors. This will give rise to more touchless cloud-based security solutions that enable organizations to enforce safety guidelines while maintaining a strong security posture.
The stakes are high and the importance of balancing technology and human factors are more important than ever. The physical security field is currently going through a massive shift away from traditional physical security systems to technological solutions. While there is a lot of excitement and optimism, with great change comes even greater challenges.
Make sure to follow my blog and connect with me on LinkedIn to receive regular physical security analysis and updates.
The Federal Bureau of Investigation (FBI), issued an alert to inform companies about the use of out-of-date Windows 7 systems, dangers that come with the desktop sharing software TeamViewer, and the importance of having strong passwords.
The latest warning was in response to the Oldsmar incident in which an attacker managed to gain access to a water treatment plant’s network and (as shocking as it may sound) managed to modified chemical dosages to dangerous levels.
Receive weekly UPDATES with Cybersecurity Insights, practical security awareness advice, and MUCH MORE!
The FBI’s investigation identified TeamViewer as the attacker’s entry point into the Oldsmar water treatment plant’s network. This was determined after they confirmed that the attacker connected to a computer in the plant’s network via TeamViewer on several occasions.
Regarding TeamViewer, the FBI’s exact advisory was:
“Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” the FBI said.
“TeamViewer’s legitimate use, however, makes anomalous activity less suspicious to end users and system administrators compared to typical RATs.”
Issues with Windows 7
Guess which operating system they were using the Oldsmar water treatment plan? If you guessed Windows 7 you are correct!
Last year the FBI advised US companies about the dangers of using Windows 7, after it reached end-of-life, on January 14, 2020. While the investigation is still ongoing, the FBI says that continuing to use any unsupported operating system exposes networks to attacks and other vulnerabilities that can compromise security.
Here 9 basic security best practices that the FBI recommends:
- Use multi-factor authentication;
MFA helps protect you by adding an additional layer of security, making it harder for bad guys to log in as if they were you. Your information is safer because thieves would need to steal both your password and your phone.
- Use strong passwords to protect Remote Desktop Protocol (RDP) credentials;
One way of initiating security for your remote desktop connection is by generating a strong password. This will serve as the first line of defense of your organization’s RDP against any unwanted attacks and threats. Pro tip: Your password must contain at least one numeric character and one special character in it.
Tips 3-6 are mainly for IT & Cybersecurity Professionals but you should still consider them...
3. Ensure virus, spam filters, and firewalls are up to date, properly configured, and secure.
4. Audit network configurations and isolate computer systems that cannot be updated;
5. Audit your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts;
6. Audit logs for all remote connection protocols;
7. Train users to identify and report attempts at social engineering;
Employees are your biggest vulnerability—at least until they are prepared to recognize and report phishing attempts. Phishing and related social engineering campaigns are today’s number one attack vector. Over 90,000 unique phishing campaigns are launched every month. Surveys show that phishing is seen more than any other type of threat, and that phishing and social engineering attacks are the number one concern of security professionals.
Watch VIDEO on how to Phish Your Users in Under a Minute…
8. Identify and suspend access of users exhibiting unusual activity;
Your organization should have a strong cybersecurity awareness program that covers how to report unusual activity. When in doubt, the FBI encourages victims to report information concerning suspicious or criminal activity to their local field office.
9. Keep software updated.
If the Oldsmar water treatment incident taught us anything it was that we must ensure that our software are up to date. So instead of procrastinating about software updates, see those updates as one of the most essential steps you can take when it comes to protecting your information.
The bottom line is that Oldsmar water treatment attack reminded us that in order for organizations to operate safely in the Age of Information they must value cybersecurity and adopt a proactive mindset.
2020 was a tough year on many fronts. As far as cybersecurity, it was a volatile year in which the number of ransomware-related breaches more than doubled according to a recent report.
In fact, ransomware is now responsible for 46% of healthcare data breaches and more than 35% of all breaches are linked to ransomware attacks. Worst yet, the average ransomware attack can cost a company an average of $713,000 per incident or more when you factor in the expense of downtime and lost business due to reputational harm.
Data breaches are in the headlines every day so we know that ransomware attacks are not going away any time soon. The question is: What can we do about it?
Receive weekly UPDATES with Cybersecurity Insights, practical security awareness advice, and MUCH MORE!
Here are some basic yet effective tips to minimize ransomware risk:
- Be Prepared.
“Don’t depend on the enemy not coming; depend rather on being ready for him.” While ransomware is a relatively new threat, Suz Tzu ancient advise still rings true. According to analysts, ransomware attacks will only increase. That is my it is important that we invest in our cybersecurity awareness programs to foster a culture of vigilance.
- Back it UP!
One of the most effective ways to limit the impact of a ransomware attack is to not forget the value of backups. Simply stated, if you have no backups your defenses are weak. As a good practice, Network segmentation and constant monitoring are critical.
- Pick a standard.
Whether it is the NIST Risk Management Framework in the United States or the guidelines set out by the European Union Agency for Cybersecurity (ENISA), it is a good idea to align one’s practice with a recognized authoritative source.
The bottom line is that the term ransomware will continue to appear in the headlines so it is up to us to prepare and stay vigilant. By putting these tips to action and investing in cybersecurity awareness we will at least be able to minimize the impact of a ransomware attack.
Every Thursday we deliver a 5-Minute Travel Security Report with practical advice and insights so that you can explore the world safely!
This week we’re focusing on the only North African country with a monarchy …Morocco!
Morocco Travel Security Brief
Before we get into the Travel Security Brief remember that this is a Quick Security Brief and our goal is to empower you with a solid security foundation NOT to sell you on a travel package. Now for the briefing:
Morocco is located in the northwest corner of Africa and is bordered by the North Atlantic Ocean and the Mediterranean Sea. Algeria and Western Sahara are the land borders to the south and east. Morocco is about the same size as California. And let’s face it, Morocco is down right beautiful!
Demonstrations occur frequently in Morocco, and are typically about internal issues dealing with local politics. Although many protests take place throughout the year they are mostly peaceful and not directed at foreigners.
The Buddy System
It is important to note that visitors, especially females, should strongly consider traveling with a buddy. Traveling in pairs is a good practice in any major city. However, in Morocco many travelers have noted that Western women receive frequent unwanted attention and solicitation.
Public transportation is somewhat reliable in Morocco. Drivers often do not follow road safety rules or traffic laws, and many vehicles lac proper maintenance. Watch belongings on any type of public transport.
Subscribe and receive weekly Travel Security Insights practical security.
According to the U.S. Department of State, Casablanca is considered a HIGH-threat location and Rabat MEDIUM-threat location for crime directed at or affecting official U.S. government interests.
The government of Morocco’s 2020 Crime Rate Report highlighted an 8.6% decrease in violent crimes in 2019, noting that law enforcement ultimately resolved 90% of cases. The report also noted increased efforts to combat criminal networks, particularly those involved in illegal immigration and forgery.
The U.S. Department of State has assessed Casablanca and Rabat as being MEDIUM-threat locations for terrorism directed at or affecting official U.S. government interests.
The Government of Morocco is very proactive when it comes to counterterrorism. The Moroccan security forces have foiled countless terrorists organizations, plots, and low level criminals.
Cybercrime in Morocco thus far remains generally limited to common scams requesting money up front for promised services, or chances to obtain more money with a down payment.
ATMs are generally safe when taking normal precautions. There have been several recent reported cases of debit/credit card fraud. In all cases, the victims reported money withdrawn from their accounts after using their cards at ATMs, or their credit cards being billed for unaccounted charges after using them at local establishments.
Health & Safety
Morocco has adequate medical services in the larger cities, but the quality of care diminishes elsewhere. The medical facilities and hospitals in Rabat and Casablanca can treat most general illnesses, and can provide emergency trauma care. However, specialized care is not as easily accessible in Morocco as in Western countries.
Consider insurance and flight options before leaving home, and be sure to carry insurance policy identity card as proof of such insurance. The U.S. Department of State strongly recommends purchasing international health insurance before traveling internationally. Review the State Department’s webpage on insurance overseas.
@DavidSecurity Travel Rating
Overall I give Morocco a 4.6 out of 5 in terms of Travel Safety.
The bottom line is that when visiting Morocco, think & act like you would in any major city. Pay attention to your surroundings and avoid playing the role of the clueless tourist.
That’s your Morocco Travel Security Brief– Let me know what you thought of it in the comment section and if you want more information about travel security t
That’s it for now. @DavidSecurity reminding you to Travel Safe and let’s keep it going!
Technology Tuesday! Insights on the SolarWinds Cyber Attack and One Important Resource for American Businesses Operating Abroad…
Subscribe and receive weekly UPDATES with Cybersecurity Insights, practical security awareness advice, and MUCH MORE!
Do you want to get the attention of a cybersecurity professional? Just mention the word “SolarWinds“. What happened? Basically, a group gained access to government and other systems through a compromised update to SolarWinds’ Orion software and caused havoc like the cybersecurity world has never seen before.
SolarWinds was NOT just another cyberattack…
Indeed cyberattacks have become more common than we think. In fact, since 2019 AT LEAST 16 billion records, including credit card numbers, home addresses, phone numbers and other highly sensitive information, have been exposed through data breaches. The first quarter of 2020 was one of the worst in data breach history, with over 8 billion records exposed.
After compromising the infrastructure of SolarWinds, the hackers gained access to their network and applications monitoring platform called Orion. Using that access they were able to produce and distribute trojanized updates to the software’s users.
This was a BIG deal because according to SolarWinds their customers included 425 of the US Fortune 500, the top ten US telecommunications companies, the top five US accounting firms, all branches of the US Military, the Pentagon, the State Department, as well as hundreds of universities and colleges worldwide.
This case is far from being closed. As of January 2021, the U.S. federal government and private sector are still investigating the incident. In the meantime businesses have to take proactive measures and ensure that their Cybersecurity Awareness Program remains strong.
Resource for American Businesses Operating Abroad
In response to this major cyber incident, the Overseas Security Advisory Council put together a Resource Guide to educate and assist American organizations operating abroad. The guide contains useful information including helpful articles, and can be viewed by any good standing OSAC member.
To learn more about the OSAC, how to become a member and access the Resource Guide feel free to visit their website.
This concludes this week’s Technology Tuesday UPATE. Let me know if you have any questions and stay safe!
Every Thursday we deliver a 5-Minute Travel Security Report with practical advice and insights so that you can explore it safely!
This week we’re focusing on beautiful Tunisia!
Subscribe and receive weekly Travel Security Insights practical security.
Tunisia Travel Security Brief
Before we get into the Travel Security Brief remember that this is a Security Brief and our goal is to empower you with a solid security foundation NOT to sell you on a travel package. Now for the briefing:
Tunisia is at the northmost point of Africa and is boarded on the west by Algeria and by Libya on the south. Not in the best neighborhood but Tunisians are one of the most friendliest and welcoming people in the world.
Unfortunately, Tunisia is NOT the best place in the world when it comes to road safety.
Road safety poses one of the greatest risks to foreign travelers. According to the Tunisian National Road Safety Observatory, there were more than 6,700 recorded traffic accidents, approximately 1,421 traffic-related deaths, and well over 10,000 injuries in 2017.
Driving in Tunisia is a CHALLENGE!
On that note, I should also add that I do NOT advise travelers to take public transportation in general especially the yellow minibusses…because well let’s just say those drivers do not have a good track record.
The U.S. Department of State has assessed Tunis as being a LOW-threat location for crime directed at or affecting U.S. citizens. Also worth noting that crime involving the use of firearms is rare in Tunisia. Although violent and nonviolent crime (personal robberies, residential breakin-ins, financial scams, thefts) occur in Tunis and other large/tourist cities in the same way they do in any major city.
The most-reported criminal incidents against foreigners are crimes of opportunity (pickpocketing, purse/phone snatching, petty theft). The targets tend to be foreigners who appear unfamiliar with their surroundings and look very shall we tourist-like.
The U.S. Department of State has assessed Tunis as being a HIGH-threat location for terrorism and it is important to note that a state of emergency put in place after a 2015 terrorist attack in Tunis continues…pretty much the government reinstates it monthly like clockwork.
There have also been some notable terrorist attacks mainly against Tunisian Security forces but it is something to keep in mind.
It is well documented that the internet played an important role in the historic evens of the Arab Spring. Furthermore, Tunisia has one of the most developed telecommunications infrastructures in North Africa with broadband prices among the lowest in Africa. Internet access is available throughout the country using a fibre-optic backbone and international access via submarine cables, terrestrial and satellite links.
Data protection law: A draft law on the protection of personal data designed to replace the previous Law No. 63 was approved in March 2018 and came into force on May 25, 2018. Tunisia has a data protection agency, the National Authority for Personal Data Protection (INPDP).
Health & Safety
Well, we know that the pandemic is something to consider and Tunisia has been affected by it in the same way that most countries have during this time period. The important thing when visiting Tunisia is to know the requirements before traveling at the minimum be prepared to present a recent (72hrs) or less PCR test.
@DavidSecurity Travel Rating
Overall I give Tunisia a 4.7 out of 5 in terms of Travel Safety unless you are one of those adventure-seekers that wants to hang out by the border or climb a restricted mountain located in a military zone.
The bottom line is that if you carry yourself as you would in any major city and practice situational awareness you will greatly reduce your chances of being a crime victim and have a great time.
That’s your Tunisia Travel Security Brief– Let me know what you thought of it in the comment section and if you want more information about traveling to Tunisia make sure to check out our active Tunisia Security Update Facebook Page where I share all the latest updates on Tunisia and travelers from all over the world interact and share information.
That’s it for now. @DavidSecurity reminding you to Travel Safe and let’s keep it going!