This document provides information about multiple security education courses offered by ASIS International, including:
- APC I: Concepts and Methods, a foundational course covering fundamentals of assets protection held in November 2009 in Philadelphia.
- APC II: Practical Applications, a more advanced course applying security principles through case studies and strategies, held in May 2009 in San Francisco.
- APC III, focusing on leadership and management skills for senior security professionals, held in June 2009.
The document outlines the goals, benefits, schedules, locations, costs and registration details for each course. It promotes the courses as opportunities for security professionals to expand their knowledge and networks.
The agenda covers governance, risk, and compliance (GRC). GRC involves governance which defines how companies are directed, risk which is the effect of uncertainty on business objectives, and compliance which is adhering to external laws and regulations. The presenter discusses what is driving increased focus on GRC such as regulations, standards, risks, technologies, and transparency demands. Views of GRC include avoiding negative consequences and being fundamental to complex business operations. Getting started with GRC involves acknowledging that information security is about risk management and that security and auditors have similar goals. Developing a GRC strategy involves analyzing processes, discovering dependencies, and creating a roadmap.
This document provides an overview of a course on security of computers and data. The course will cover topics such as information security landscape, human factors in security incidents, legal issues in computer crime, security standards and policies, and disaster recovery. It will be taught by a professor with extensive experience in IT security. Students will read required texts and complete a term paper. Course policies outline grading, plagiarism rules, and ADA accommodations. Specific topics to be covered include access control, application security, business continuity, cryptography, governance and risk management, and legal/regulatory issues in computer investigations.
The document discusses the importance of conducting thorough site surveys and risk management assessments. It outlines a 6-step process for assessing assets, threats, vulnerabilities, risks, countermeasures, and making risk management decisions. The process involves identifying critical assets, potential threats, existing vulnerabilities, likelihood and impact of risks, cost-effective countermeasures, and selecting strategies to reduce risks to acceptable levels. Conducting a comprehensive risk assessment is essential to developing effective security plans to protect clients and personnel.
I have been asked several time to refresh the content of my 2013 presentation on this topic. While much of the core principles remain the same, I have provided some additional resources to consider for those that are looking to develop an Insider Threat Program.
This document discusses staffing the information security function within an organization. It covers placing the security function within the organizational structure, qualifications for security positions, and key information security roles. The main security roles discussed are the Chief Information Security Officer, Security Manager, and Security Technician. The CISO manages the overall security program, the manager oversees day-to-day operations, and the technician focuses on technical implementation and troubleshooting of security controls. Qualifications for security roles can include a technical background, understanding of business operations, and strong communication and policy development skills.
This document is a resume for Charity A. Winkler summarizing her career experience in Information Technology and leadership positions in the United States Air Force over the past two decades. She has expertise in network administration, training, personnel management, and information technology systems development. Her most recent role was as a Network Admin Manager at Barksdale Air Force Base from 2014 to present.
Security methods are always changing, and Deft Security Consultants are always researching the latest innovative trends. Read a primer on designing a comprehensive program.
The agenda covers governance, risk, and compliance (GRC). GRC involves governance which defines how companies are directed, risk which is the effect of uncertainty on business objectives, and compliance which is adhering to external laws and regulations. The presenter discusses what is driving increased focus on GRC such as regulations, standards, risks, technologies, and transparency demands. Views of GRC include avoiding negative consequences and being fundamental to complex business operations. Getting started with GRC involves acknowledging that information security is about risk management and that security and auditors have similar goals. Developing a GRC strategy involves analyzing processes, discovering dependencies, and creating a roadmap.
This document provides an overview of a course on security of computers and data. The course will cover topics such as information security landscape, human factors in security incidents, legal issues in computer crime, security standards and policies, and disaster recovery. It will be taught by a professor with extensive experience in IT security. Students will read required texts and complete a term paper. Course policies outline grading, plagiarism rules, and ADA accommodations. Specific topics to be covered include access control, application security, business continuity, cryptography, governance and risk management, and legal/regulatory issues in computer investigations.
The document discusses the importance of conducting thorough site surveys and risk management assessments. It outlines a 6-step process for assessing assets, threats, vulnerabilities, risks, countermeasures, and making risk management decisions. The process involves identifying critical assets, potential threats, existing vulnerabilities, likelihood and impact of risks, cost-effective countermeasures, and selecting strategies to reduce risks to acceptable levels. Conducting a comprehensive risk assessment is essential to developing effective security plans to protect clients and personnel.
I have been asked several time to refresh the content of my 2013 presentation on this topic. While much of the core principles remain the same, I have provided some additional resources to consider for those that are looking to develop an Insider Threat Program.
This document discusses staffing the information security function within an organization. It covers placing the security function within the organizational structure, qualifications for security positions, and key information security roles. The main security roles discussed are the Chief Information Security Officer, Security Manager, and Security Technician. The CISO manages the overall security program, the manager oversees day-to-day operations, and the technician focuses on technical implementation and troubleshooting of security controls. Qualifications for security roles can include a technical background, understanding of business operations, and strong communication and policy development skills.
This document is a resume for Charity A. Winkler summarizing her career experience in Information Technology and leadership positions in the United States Air Force over the past two decades. She has expertise in network administration, training, personnel management, and information technology systems development. Her most recent role was as a Network Admin Manager at Barksdale Air Force Base from 2014 to present.
Security methods are always changing, and Deft Security Consultants are always researching the latest innovative trends. Read a primer on designing a comprehensive program.
Security Testing for Testing ProfessionalsTechWell
Today’s software applications are often security-critical, making security testing an essential part of a software quality program. Unfortunately, most testers have not been taught how to effectively test the security of the software applications they validate. Join Jeff Payne as he shares what you need to know to integrate effective security testing into your everyday software testing activities. Learn how software vulnerabilities are introduced into code and exploited by hackers. Discover how to define and validate security requirements. Explore effective test techniques for assuring that common security features are tested. Learn about the most common security vulnerabilities and how to identify key security risks within applications and use testing to mitigate them. Understand how to security test applications—both web- and GUI-based—during the software development process. Review examples of how common security testing tools work and assist the security testing process. Take home valuable tools and techniques for effectively testing the security of your applications going forward.
Lessons learnt from the 2012 cyber security audit of Western Australian State...Edith Cowan University
The document summarizes audits of cybersecurity practices at Western Australian government agencies. It found that most agencies failed to detect hostile internet scans and vulnerabilities allowed internal access. Lessons learned include the need for patching systems, improved governance, risk management practices, and increased focus on user education since people remain the weakest link against cyber threats. The establishment of a State Office of the CIO may help improve security standards and guidance across agencies.
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
The document discusses the use of use cases to define the goals and metrics for a security operations center (SOC) program. It suggests developing use cases around monitoring specific threat vectors like the perimeter, infrastructure, and privileged accounts. Use cases should also align the SOC's capabilities with the threats the organization cares most about, such as script kiddies, insider threats, or nation-state actors. Properly defining use cases allows an organization to justify SOC expenditures and determine if it is achieving success.
The SEC is now requiring hedge fund managers to appoint a Chief Information Security Officer to oversee cybersecurity. This has prompted funds to search for candidates to fill this role. Potential candidates include the CTO, CRO, CCO, or outsourcing the work. However, the role requires expertise in technology, risk management, and compliance. Additionally, the person in the role may face personal liability if a breach occurs. As a result, funds are struggling with how to structure the position and provide appropriate resources and support.
Mitigating Risk from Cyber Security AttacksTripwire
This document discusses strategies for mitigating risks from cyber security attacks. Traditional security controls like firewalls and antivirus software are ineffective against targeted attacks. To combat cyber threats, organizations must define a security baseline and monitor for any changes, detect abnormalities as early as possible to minimize damage, and implement automated solutions along with security processes and expertise, as manual auditing alone is not scalable for most organizations. Continuous monitoring that identifies and correlates changes can help quickly detect breaches and threats while providing intelligence to security teams.
Making the Business Case for Security InvestmentRoger Johnston
(1) Traditional ROI arguments for security spending often don't convince executives who are unaware of security issues and risks. (2) Executives may not envision security failures occurring on their watch and would rather save money now. (3) Estimating attack probabilities and costs is difficult, and long-term damage is underestimated in ROI analyses. (4) The author proposes an 8-step hybrid approach using best practices, legal perspectives, competitor comparisons, vivid failure scenarios, and scare tactics to convince executives to invest in security.
Building Human Intelligence – Pun IntendedEnergySec
Presented by: Rohyt Belani, Phishme
Abstract: In the physical world, the human brain has evolved to avoid danger. The threat of physical pain triggers fear – and we have learned to avoid behavior that causes pain. In the electronic world of email, however, this concept doesn’t translate. Clicking on a malicious link or opening an attachment laced with malware doesn’t cause pain, and often a user won’t even notice anything is wrong after doing it. How then, can we teach fear perception in the electronic world? Is it even possible? In this presentation I’ll discuss how immersive training can key on psychological triggers to teach people to become skeptical email users who not only avoid undesired security behavior but can aid intrusion detection by reporting suspicious emails, helping to mitigate one of the most serious problems in security: slow incident detection times. According to reports from Mandiant and Verizon, average detection time for an incident is in the hundreds of days. A properly trained workforce is not only resilient to phishing attacks, but can improve detection times as well.
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
Presented by: Gib Sorebo, SAIC
Abstract: For the last few years, energy companies, particularly electric utilities, have been scrambling to meet the onslaught of cybersecurity regulations. However, hackers don’t follow regulations, so the need to rapidly address evolving threats is imperative to meet expectations of senior leadership, board members, and shareholders. This session will discuss how a mature governance structure and a cybersecurity strategy based on a comprehensive understanding of business risk can be used to address threats, comply with regulations, and obtain support from company stakeholders.
The document discusses new security measures that have become important for architects to consider after 9/11. It emphasizes the importance of conducting vulnerability assessments to identify threats, critical assets, and security weaknesses. The document also stresses incorporating security experts early in the design process to implement principles of crime prevention through environmental design. Proper security criteria and countermeasures are needed at the concept stage to reduce costs and prevent poor security system design.
Talon Security Solutions - Sell Sheet (1)Tom Coyle
Most organizations are at risk from insider threats and data breaches that can compromise valuable intellectual property and business intelligence. Disclosure or data breaches caused by employees, whether intentional or unintentional, can result in serious consequences like losing customers, falling behind competitors, and struggling to retain employees. Talon Security Solutions can assess, design, implement, and optimize an insider threat management program customized for an organization's culture and processes to help raise awareness, effectiveness, and consistency of protections against these growing threats. Their solutions include monitoring employee activity, ensuring compliance with relevant regulations, effective communications programs, and advising on technology and gaining workforce buy-in.
With increased use of technology in all aspects of our
lives, the need to protect our computers, networks, and
data increases as well. In the United States alone, there
are 400,000 unfilled jobs in the field of cyber-security.
You’ll learn what training programs exist and how
major corporations are committing to cyber-security
education. We’ll discuss how Rotarians can work to
connect underserved communities with training and job
opportunities both locally and internationally.
This document provides an overview of key concepts from the CISSP exam, beginning with the (ISC)2 Code of Ethics. It then discusses risk management terminology and processes, including identifying assets, vulnerabilities, threats, and risks. It also covers security frameworks like NIST, COBIT, COSO, and ISO 27000. Cryptography concepts are defined, including encryption, decryption, algorithms, keys, and cipher types.
The Taylor Group was founded in 1987 and has grown to offer 50 certification programs and 24/7 global threat monitoring services internationally. It provides public safety training, criminal forensics courses, and threat monitoring services to industries such as schools, retail, entertainment, and healthcare. The company aims to help clients enhance security and protect personnel and assets from evolving global threats. It is led by President Robert E. Taylor, Sr. and also includes Anthony Taylor as COO and Robert Taylor Jr. as EVP.
The document discusses cyber security and presents a framework for an effective cyber security program. It outlines the key elements of a comprehensive security approach, including assessing risks, architecting security controls, applying protections, administering security operations, raising user awareness, ensuring agility, defining the appropriate risk appetite, and aligning security with business needs. The framework emphasizes that security is a continuous process requiring skills in various areas to successfully manage risks.
This document discusses the challenges of audit compliance and proposes a continuous monitoring approach. It describes how organizations often scramble to prepare for audits in an unplanned, reactive way that disrupts work and does not maintain long-term compliance. The document proposes establishing security controls integrated with daily operations to make compliance a natural byproduct. It provides steps for continuous monitoring, including categorizing assets, determining risk thresholds, setting monitoring frequencies, and generating detailed reports to assess risk and guide security improvements. The benefits are presented as leveraging automation to reduce audit effort while providing objective data to address gaps and priorities.
Xevgenis_Michail_CI7130 Network and Information SecurityMichael Xevgenis
- The document discusses a security assessment of an organization that provides secure data storage for clients. It outlines the organization's key assets including proper system operation, data security, software, hardware, and employees.
- An analysis team is formed to conduct the security assessment using the OCTAVE framework. The team includes specialists in networking, IT, human resources, security, and business.
- The assessment will identify vulnerabilities and develop security strategies to mitigate risks to the organization's reputation, data protection, availability, and proper operation. Countermeasures proposed will focus on improving the organization's defensive capabilities.
Erau cybersecurity and security degreesERAUWebinars
Slides from a degree briefing presented in April 2018 covering Embry-Riddle degrees in Aviation Security and Cybersecurity. Covers the BS in Aviation Security, the MS in Cybersecurity Management and Policy, the MS in Cybersecurity Engineering, and Non-credit Aviation Cybersecurity 3-day course.
This document discusses key insurance coverages for entrepreneurial companies including property, product liability, cyber risk, intellectual property infringement, and international risks. It also outlines common risks that keep CFOs awake including financial, human capital, intellectual capital, operational risks, regulatory risks, and credit risks. The document then discusses building scalable insurance programs and the importance of management liability insurance including directors and officers liability, employment practices liability, fiduciary liability, and ERISA bonds. It concludes with an overview of privacy and cyber risks and coverages.
El documento discute dos preocupaciones principales relacionadas con la privacidad en Internet: la privacidad de los datos personales y los piratas informáticos. En cuanto a la privacidad, señala que los usuarios a menudo no son conscientes de cómo se almacenan y comparten sus datos personales una vez que los publican en línea. Con respecto a los piratas informáticos, explica que algunos acceden ilegalmente a sistemas ajenos para cometer fraudes u otros delitos cibernéticos, lo que plantea interrogantes sobre la seguridad en
El documento describe 5 actividades relacionadas con la seguridad informática. La primera actividad explica cómo realizar copias de seguridad automáticas en Windows y Linux. La segunda actividad compara cómo actualizar el sistema operativo en ambos sistemas. La tercera actividad analiza la diferencia entre hackers y crackers. La cuarta actividad recomienda sitios web sobre últimas amenazas. La quinta actividad contiene preguntas sobre virus en Linux, última copia de seguridad realizada, amenazas a los ordenadores y programas de protección.
Security Testing for Testing ProfessionalsTechWell
Today’s software applications are often security-critical, making security testing an essential part of a software quality program. Unfortunately, most testers have not been taught how to effectively test the security of the software applications they validate. Join Jeff Payne as he shares what you need to know to integrate effective security testing into your everyday software testing activities. Learn how software vulnerabilities are introduced into code and exploited by hackers. Discover how to define and validate security requirements. Explore effective test techniques for assuring that common security features are tested. Learn about the most common security vulnerabilities and how to identify key security risks within applications and use testing to mitigate them. Understand how to security test applications—both web- and GUI-based—during the software development process. Review examples of how common security testing tools work and assist the security testing process. Take home valuable tools and techniques for effectively testing the security of your applications going forward.
Lessons learnt from the 2012 cyber security audit of Western Australian State...Edith Cowan University
The document summarizes audits of cybersecurity practices at Western Australian government agencies. It found that most agencies failed to detect hostile internet scans and vulnerabilities allowed internal access. Lessons learned include the need for patching systems, improved governance, risk management practices, and increased focus on user education since people remain the weakest link against cyber threats. The establishment of a State Office of the CIO may help improve security standards and guidance across agencies.
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
The document discusses the use of use cases to define the goals and metrics for a security operations center (SOC) program. It suggests developing use cases around monitoring specific threat vectors like the perimeter, infrastructure, and privileged accounts. Use cases should also align the SOC's capabilities with the threats the organization cares most about, such as script kiddies, insider threats, or nation-state actors. Properly defining use cases allows an organization to justify SOC expenditures and determine if it is achieving success.
The SEC is now requiring hedge fund managers to appoint a Chief Information Security Officer to oversee cybersecurity. This has prompted funds to search for candidates to fill this role. Potential candidates include the CTO, CRO, CCO, or outsourcing the work. However, the role requires expertise in technology, risk management, and compliance. Additionally, the person in the role may face personal liability if a breach occurs. As a result, funds are struggling with how to structure the position and provide appropriate resources and support.
Mitigating Risk from Cyber Security AttacksTripwire
This document discusses strategies for mitigating risks from cyber security attacks. Traditional security controls like firewalls and antivirus software are ineffective against targeted attacks. To combat cyber threats, organizations must define a security baseline and monitor for any changes, detect abnormalities as early as possible to minimize damage, and implement automated solutions along with security processes and expertise, as manual auditing alone is not scalable for most organizations. Continuous monitoring that identifies and correlates changes can help quickly detect breaches and threats while providing intelligence to security teams.
Making the Business Case for Security InvestmentRoger Johnston
(1) Traditional ROI arguments for security spending often don't convince executives who are unaware of security issues and risks. (2) Executives may not envision security failures occurring on their watch and would rather save money now. (3) Estimating attack probabilities and costs is difficult, and long-term damage is underestimated in ROI analyses. (4) The author proposes an 8-step hybrid approach using best practices, legal perspectives, competitor comparisons, vivid failure scenarios, and scare tactics to convince executives to invest in security.
Building Human Intelligence – Pun IntendedEnergySec
Presented by: Rohyt Belani, Phishme
Abstract: In the physical world, the human brain has evolved to avoid danger. The threat of physical pain triggers fear – and we have learned to avoid behavior that causes pain. In the electronic world of email, however, this concept doesn’t translate. Clicking on a malicious link or opening an attachment laced with malware doesn’t cause pain, and often a user won’t even notice anything is wrong after doing it. How then, can we teach fear perception in the electronic world? Is it even possible? In this presentation I’ll discuss how immersive training can key on psychological triggers to teach people to become skeptical email users who not only avoid undesired security behavior but can aid intrusion detection by reporting suspicious emails, helping to mitigate one of the most serious problems in security: slow incident detection times. According to reports from Mandiant and Verizon, average detection time for an incident is in the hundreds of days. A properly trained workforce is not only resilient to phishing attacks, but can improve detection times as well.
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
Presented by: Gib Sorebo, SAIC
Abstract: For the last few years, energy companies, particularly electric utilities, have been scrambling to meet the onslaught of cybersecurity regulations. However, hackers don’t follow regulations, so the need to rapidly address evolving threats is imperative to meet expectations of senior leadership, board members, and shareholders. This session will discuss how a mature governance structure and a cybersecurity strategy based on a comprehensive understanding of business risk can be used to address threats, comply with regulations, and obtain support from company stakeholders.
The document discusses new security measures that have become important for architects to consider after 9/11. It emphasizes the importance of conducting vulnerability assessments to identify threats, critical assets, and security weaknesses. The document also stresses incorporating security experts early in the design process to implement principles of crime prevention through environmental design. Proper security criteria and countermeasures are needed at the concept stage to reduce costs and prevent poor security system design.
Talon Security Solutions - Sell Sheet (1)Tom Coyle
Most organizations are at risk from insider threats and data breaches that can compromise valuable intellectual property and business intelligence. Disclosure or data breaches caused by employees, whether intentional or unintentional, can result in serious consequences like losing customers, falling behind competitors, and struggling to retain employees. Talon Security Solutions can assess, design, implement, and optimize an insider threat management program customized for an organization's culture and processes to help raise awareness, effectiveness, and consistency of protections against these growing threats. Their solutions include monitoring employee activity, ensuring compliance with relevant regulations, effective communications programs, and advising on technology and gaining workforce buy-in.
With increased use of technology in all aspects of our
lives, the need to protect our computers, networks, and
data increases as well. In the United States alone, there
are 400,000 unfilled jobs in the field of cyber-security.
You’ll learn what training programs exist and how
major corporations are committing to cyber-security
education. We’ll discuss how Rotarians can work to
connect underserved communities with training and job
opportunities both locally and internationally.
This document provides an overview of key concepts from the CISSP exam, beginning with the (ISC)2 Code of Ethics. It then discusses risk management terminology and processes, including identifying assets, vulnerabilities, threats, and risks. It also covers security frameworks like NIST, COBIT, COSO, and ISO 27000. Cryptography concepts are defined, including encryption, decryption, algorithms, keys, and cipher types.
The Taylor Group was founded in 1987 and has grown to offer 50 certification programs and 24/7 global threat monitoring services internationally. It provides public safety training, criminal forensics courses, and threat monitoring services to industries such as schools, retail, entertainment, and healthcare. The company aims to help clients enhance security and protect personnel and assets from evolving global threats. It is led by President Robert E. Taylor, Sr. and also includes Anthony Taylor as COO and Robert Taylor Jr. as EVP.
The document discusses cyber security and presents a framework for an effective cyber security program. It outlines the key elements of a comprehensive security approach, including assessing risks, architecting security controls, applying protections, administering security operations, raising user awareness, ensuring agility, defining the appropriate risk appetite, and aligning security with business needs. The framework emphasizes that security is a continuous process requiring skills in various areas to successfully manage risks.
This document discusses the challenges of audit compliance and proposes a continuous monitoring approach. It describes how organizations often scramble to prepare for audits in an unplanned, reactive way that disrupts work and does not maintain long-term compliance. The document proposes establishing security controls integrated with daily operations to make compliance a natural byproduct. It provides steps for continuous monitoring, including categorizing assets, determining risk thresholds, setting monitoring frequencies, and generating detailed reports to assess risk and guide security improvements. The benefits are presented as leveraging automation to reduce audit effort while providing objective data to address gaps and priorities.
Xevgenis_Michail_CI7130 Network and Information SecurityMichael Xevgenis
- The document discusses a security assessment of an organization that provides secure data storage for clients. It outlines the organization's key assets including proper system operation, data security, software, hardware, and employees.
- An analysis team is formed to conduct the security assessment using the OCTAVE framework. The team includes specialists in networking, IT, human resources, security, and business.
- The assessment will identify vulnerabilities and develop security strategies to mitigate risks to the organization's reputation, data protection, availability, and proper operation. Countermeasures proposed will focus on improving the organization's defensive capabilities.
Erau cybersecurity and security degreesERAUWebinars
Slides from a degree briefing presented in April 2018 covering Embry-Riddle degrees in Aviation Security and Cybersecurity. Covers the BS in Aviation Security, the MS in Cybersecurity Management and Policy, the MS in Cybersecurity Engineering, and Non-credit Aviation Cybersecurity 3-day course.
This document discusses key insurance coverages for entrepreneurial companies including property, product liability, cyber risk, intellectual property infringement, and international risks. It also outlines common risks that keep CFOs awake including financial, human capital, intellectual capital, operational risks, regulatory risks, and credit risks. The document then discusses building scalable insurance programs and the importance of management liability insurance including directors and officers liability, employment practices liability, fiduciary liability, and ERISA bonds. It concludes with an overview of privacy and cyber risks and coverages.
El documento discute dos preocupaciones principales relacionadas con la privacidad en Internet: la privacidad de los datos personales y los piratas informáticos. En cuanto a la privacidad, señala que los usuarios a menudo no son conscientes de cómo se almacenan y comparten sus datos personales una vez que los publican en línea. Con respecto a los piratas informáticos, explica que algunos acceden ilegalmente a sistemas ajenos para cometer fraudes u otros delitos cibernéticos, lo que plantea interrogantes sobre la seguridad en
El documento describe 5 actividades relacionadas con la seguridad informática. La primera actividad explica cómo realizar copias de seguridad automáticas en Windows y Linux. La segunda actividad compara cómo actualizar el sistema operativo en ambos sistemas. La tercera actividad analiza la diferencia entre hackers y crackers. La cuarta actividad recomienda sitios web sobre últimas amenazas. La quinta actividad contiene preguntas sobre virus en Linux, última copia de seguridad realizada, amenazas a los ordenadores y programas de protección.
El documento describe el funcionamiento del sistema de posicionamiento global (GPS) y el sistema de navegación GLONASS ruso. Explica que el GPS usa una constelación de 24 satélites para proporcionar ubicaciones a los receptores en la Tierra. Los satélites GLONASS funcionan de manera similar pero son controlados por Rusia. El documento también describe las partes que componen los satélites, como sus paneles solares y relojes atómicos, y cómo ayudan los sistemas de navegación a mejorar el transporte vehicular.
Relevant Bangsamoro Basic Law Provisions on Local Governance, Policing and L...Ram Toledo
From the presentation of lawyer Jesus Doque IV at the workshop on LGU roles and LGU-Bangsamoro relations organized by the Institute for Autonomy and Governance in partnership with UNICEF, Makati City, 25 September 2014
Historic Injustice: Root cause of armed conflict in the BangsamoroArmi Beatriz Bayot
This is a presentation I gave in Tacloban City on February 5, 2016 in an event organized by the Philippine Information Agency and the Office of the Presidential Adviser on the Peace Process. While I also had a presentation on the technical aspects of the Comprehensive Agreement on the Bangsamoro, I felt strongly about first providing context on the armed conflict in the Bangsamoro and the rationale for the peace process that seeks to address it.
The document outlines the Bangsamoro Basic Law roadmap to peace in the Philippines. It discusses the 2012 Framework Agreement between the government and Moro Islamic Liberation Front to create an autonomous Bangsamoro entity to replace the ARMM by 2016. The Bangsamoro refers to the original inhabitants of Mindanao and adjacent islands. It will be a secular government for all Filipino citizens in the region. A plebiscite will determine which areas join the new Bangsamoro territory based on the current ARMM provinces and certain municipalities. The Bangsamoro Basic Law further defines the territory, powers, and government of the new autonomous entity.
The document summarizes the key events surrounding the creation of the U.S. Constitution. It discusses that the Articles of Confederation gave states too much power over the central government. This led representatives from 12 states to meet in Philadelphia in 1787 to draft a new Constitution that established a stronger federal government with three branches of power: legislative, executive, and judicial. The Constitution was then ratified in 1790.
The document discusses different tactical room entry methods and techniques for clearing rooms and hallways safely and efficiently as a team. It describes the closed and dispersed stacks for entering a room with a closed door, with the heavy side entering first. Key steps for clearing a room are outlined, such as clearing the doorway, corners, and dominating the room. Techniques are provided for clearing corners using near-far and high-low methods. Methods for quickly clearing hallways and stairs are also reviewed.
Executive Protection Training For Security Personnel and LEjerrymaccauley
Executive protection training for law enforcement personnel covers key differences from other security functions, including strict codes of conduct and confidentiality. Trainees learn how to blend in and protect executives discreetly through low-profile techniques like site surveys, route selection, and formations that provide concentric circles of protection. The training also includes threat assessments, emergency responses, defensive tactics, weapons handling, and scenarios to prevent accidents and embarrassment to protected principals.
The CEO of Exclusive Protection & Associates introduces the company, which provides executive protection services including operational security plans and protection packages. They have expertise from former US Secret Service agents. Protection details include security agents, surveillance systems, and armored vehicles. Membership options provide various benefits like hourly rates and access to transportation and surveillance systems. The company aims to detect and neutralize threats to provide a safe environment for clients.
The document describes a vehicle-mounted jamming system for blocking remote-controlled improvised explosive devices. It has 1530 watts of output power across multiple frequency bands from 20 MHz to 3000 MHz. The system uses modular components and antennas to provide 360-degree protection. It can operate in sweep, GSM, or open communication window modes and is designed for VIP protection and convoy security applications.
The document provides guidance on close quarters combat (CQC) techniques for military units operating in urban environments. It discusses organizing soldiers into fire teams of 2-4 individuals and clearing buildings in a systematic manner by first moving tactically outside and entering buildings quickly. Key elements of CQC addressed include controlling weapons, clearing hallways, intersections, stairwells, and rooms while maintaining overlapping fields of fire and sectors of responsibility. The document emphasizes speed, violence of action, and surprise to gain control of rooms and eliminate threats during clearing operations.
This document outlines principles and tactics for close quarters battle (CQB). It discusses the 3 principles of CQB: speed, surprise, and violence of action. It also covers the 8 fundamentals of CQB, initiative based tactics, room clearing procedures and responsibilities, hallway procedures, and other CQB techniques. Emphasis is placed on rehearsal to ensure operators default to their training under stress.
Lesson 15 British And American GovernmentsPatrickwolak
The document provides an overview of the British and American systems of government. It describes the United States as having a federal government with three branches: the executive branch headed by the President, the legislative branch known as Congress made up of the Senate and House of Representatives, and the judicial branch headed by the Supreme Court. The United Kingdom has a constitutional monarchy where the monarch's power is limited by Parliament, similar to the US system of checks and balances between branches of government. Key aspects of the British Parliament and its relationship to lawmaking are also outlined.
Share with the class the most valuable topic or subject area you l.docxbagotjesusa
Share with the class the most valuable topic or subject area you learned about during this course and why. When responding to classmates' posts, explain how the topic they chose was also valuable to you. Pick from below topics:
1. Data Security
2. Unions
3. Incentives
4. Appraisals
5. Recruiting
Susan Flammia
This course really influenced my thoughts on how to handle daily operations as being a human resource manager. With given the readings on best practices within the HR function as well as the discussions, I learned a lot. I would have to say that module 4 was my favorite topic, more specifically background investigations. No two companies conduct their investigations the same way and it is interesting to see from least to most in depth background checks. This past January, as the HR Manager, I implemented a new protocol for all new employees as a pre-onboading process where background checks are conducted based on criminal and employment verification. In the past there was only reference verification so by adding the extra layer, we eliminated the "bad apples."
Rachel Arthiste
The most valuable topic I've learned from this class was the article on the Kia recruitment process. Being an administrative assistant for over 15 years and working side by side with recruiting and HR, it was eye opening to see the length Kia went through to reach potential candidates. From setting up computers and work stations at the libraries and schools for those who did not access to ensuring assessments were part of the application process to weed out candidates. There are endless way to recruit and ensure you are reaching an entire population. So many people miss opportunities because they don't have a computer at home or their library has limited resources. Kia made sure they gave everyone an opportunity to apply and gain employment if they qualified.
The company I work for links up with the local colleges in our area and participate in their yearly career fair. They even have a special program to hire these young professional and put them through an extensive training program to learn a role that would have otherwise been unavailable to them due to lack of experience. It is important for businesses and companies to attract talent from all areas and ensure they are being diverse in their recruitment process.
Chapter 6 Best Practices for the Prevention and Detection of Insider Threats
This chapter describes 16 practices, based on existing industry-accepted best practices, providing you with defensive measures that could prevent or facilitate early detection of many of the insider incidents other organizations experienced in the hundreds of cases in the CERT insider threat database.1 1. This chapter includes portions from “Common Sense Guide to Prevention and Detection of Insider Threats 3rd Edition–Version 3.1,” by Dawn Cappelli, Andrew Moore, Randall Trzeciak, and Timothy J. Shimeall. This chapter was written for a diverse audience. Decision.
The document describes the Certified Security Management Professional (CSMP) certification program. It is a 12-month distance learning program divided into 12 modules that cover key areas of security management knowledge. Upon completing all modules and assignments, students earn the CSMP certification. The cost is £750 plus VAT. The certification is accredited by Industry Qualifications and Skills for Security in the UK. It is intended for security managers and professionals to enhance their skills and credentials. The program has hundreds of graduates from over 85 countries.
The document discusses the importance of basic security procedures and personnel protection for transportation facilities. It emphasizes that the security patrol officer is critical for any security scheme and they must be adequately trained. It also covers procedures for vehicle searches, the importance of thorough hiring practices such as background checks, and the need for employee training, indoctrination, and quality assurance programs. Executive protection is also discussed as protecting executives from threats like kidnapping or assassination.
The document provides an overview of designing and developing an effective security awareness and training program. It defines security awareness training, discusses why such programs are important, and outlines best practices for doing it correctly. The presentation agenda includes defining security awareness training, discussing its importance, and presenting Mittal Technologies' security awareness training solution. The document then provides details on developing effective security awareness training, including establishing goals and success criteria, designing the program, developing training content at different levels, and tracking results.
Cyber security practices involve preventing malicious attacks on computers, servers, mobile devices, electronic systems, networks, and data. It is also called information technology security or electronic information security.
https://www.infosectrain.com/courses/ceh-v11-certification-training/
Top 10 Measure to Mitigate Insider Security Threats.pptxinfosec train
Attackers are continually targeting companies, but what if the attacks originate from within? Insider security threats are posing a greater threat to businesses than at any other time in history.
https://www.infosectrain.com/
The Science and Art of Cyber Incident Response (with Case Studies)Kroll
In this joint presentation for the ISSA-LA Summit X in Los Angeles, Jennifer Rathburn, a cybersecurity and data privacy law expert at Foley & Lardner LLP and William Dixon, Associate Managing Director in Kroll's Cyber Risk practice, highlight three incident response scenarios and tips on breach preparation and response.
To learn more, contact Jennifer or William at:
Jennifer Rathburn, Foley & Lardner LLP
jrathburn@foley.com; 414-297-5864
William Dixon, Kroll, a Division of Duff & Phelps
william.dixon@kroll.com; 213-247-3973
Explanation of the most common types of administrative risksPrathitha cb
Organizational risk management provides great benefits to the organization because it helps to prioritize the resources, increase interoperability, and reduce costs incurred due to the adverse effects. It helps to prevent unauthorized access to personally identifiable information which will lead to security breaches.
Netspective Opsfolio captures your risks, catalogs your IT assets, and documents your ops teams’ work. Plus it gives you an API-accessible central repository for sharing risks, documentation, and assets across systems. Use it to help prevent, detect or recover from security breaches. For more information visit https://www.netspective.com/opsfolio/
The document provides information about training programs offered by Risk Control Academy in Nigeria in 2015. It discusses certification courses in areas like asset protection management, safety and security supervision, and electronic systems. The academy provides security training and vocational programs, and partners with the National Board for Technical Education for accreditation. Details are given on course contents, durations, dates, and fees for different certification programs aimed at upskilling security professionals in Nigeria. Contact information is also provided to register or request customized training for organizations.
PROFESSIONAL CERTIFICATE IN SECURITY MANAGEMENT - FOR TODAY'S LEADERSRuth Jones
Has Security Management become more of a crucial concern with today’s unprecedented challengers and vulnerabilities and complexities faced? It is imperative and essential to preserve the highest standard of your Security Measures to keep your corporate reputation, assets/properties, employees, customers and people!
*The attack on Brussels airport / *Istanbul's Ataturk Airport attacked/ *Saudi security officer killed in drive-by shooting in Qatif.
“The bombs that exploded in Istanbul today could have gone off at any airport in any city around the world,” President of Turkey said. “Make no mistake: For terrorist organizations, there is no difference between Istanbul and London, Ankara and Berlin, Izmir and Chicago or Antalya and Rome.”
PROFESSIONAL CERTIFICATE IN SECURITY MANAGEMENT
Running for the second time backed with popular demand!
Date: 21st – 24th November 2016
Venue: Radisson Blu, Deira, Dubai.
Just on time for Security Leaders and Managers of all levels to be equipped with current case studies, insights and experience in managing security risk and threats and to be better prepared to take on the complex security challenges.
The document provides an overview of information security audits from an expert's perspective. It discusses how to prepare for an audit, what to expect during each phase, how to communicate with auditors, and tips for passing the audit, including having proper documentation, controls, policies, and management support. The goal is for the audit to be a learning experience and opportunity to improve the security program rather than a failure.
Serious Incident Prevention (SIP) provides critical training designed to reduce catastrophic events.
Participants will learn how to:
Identify risks and work practices critical to addressing those risks
Measure and track those work practices
Encourage conversations around those critical work practices
Identify improvement targets and creates action plans
Include an effective Process Safety Leadership
Develop a Team that involves representative engineers, management, operators, and maintenance
Measure behaviors that are critical to serious incidents:
Maintenance of instrumentation and controls
Completion of hazard analysis, inspection, and testing
Compliance with work permits and procedures
Completion of process upset logs and review at shift change
TESTIMONIALS
“Best workshop I have ever been to. I have been struggling for a while as to how I could engage in our safety program in a meaningful way. You have given me the keys.”
“This is exactly what we needed. And it comes at a great time in the development of our safety program”
For full details, download the PDF brochure today OR contact kris@360bsi.com.
Best Practices for Security Awareness and TrainingKimberly Hood
This document discusses building an effective security awareness program. It emphasizes that the biggest risk to an organization's security is the actions or inactions of employees, so training is important. Effective training uses real examples, feedback, and individualized lessons. Compliance standards like PCI DSS, ISO, and HIPAA require awareness training. Building a security culture requires buy-in from executives and employees. Enforcing policies through graduated penalties helps change behavior. Measuring effectiveness through metrics like compliance and data breaches allows improvement. Social engineering tests and phishing simulations can train employees while easing security fatigue.
Building your social engineering awareness programsurferdave71
This document outlines how to build a social engineering awareness program. It defines social engineering as manipulating human trust through techniques like phishing, vishing, and dropping infected removable media. The document recommends establishing policies, educating employees on common techniques, testing employees through simulated attacks, and taking corrective action on failures to strengthen security awareness over time. The goal is to train employees to become an organization's strongest security asset through mitigating the inherent human vulnerability to manipulation.
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE360 BSI
Are you effectively securing your organization’s IT systems that store, process, or transmit organizational information?
Is your IT risk management plan tailored to the specific risk profile of your business and being coordinated across all functional and business units?
With the release of IT Governance frameworks, requirements for risk management and new international standards entering the market, the pressure is mounting to ensure that all your IT risks are identified and the necessary action is taken – be this to mitigate them, accept or ignore them. So, how safe is your IT system? What are the risks that your organization is being exposed to?
The solution to this challenge is to establish an effective risk management process that protects the organization, not just its IT assets, and provides it with the ability to perform its mission.
Risk management is the process of identifying and assessing risk and taking preventive measures to reduce it to an acceptable level. It is critical that you develop an effective risk management program that assesses and mitigates risks within your IT systems and better manages these IT-related mission risks.
BENEFITS OF ATTENDING THIS WORKSHOP
Identify common IT project risks
Learn how to assess threats and vulnerabilities to create a risk response strategy
Understand what qualifies as risk with IT projects
Understand the most common IT risk sources
Qualify and quantify IT risks
Learn the difference between negative and positive IT risks
Develop an IT risk management plan
Plan risk response methods for IT risks
Create risk mitigation and contingency plans
Monitor and control project risks
Overcome resistance from stakeholders and team members
WHO SHOULD ATTEND THIS WORKSHOP
IT risk managers
IT security managers
Compliance officers
Program and project managers
IT project managers
IT operation manager
Contact Kris at kris@360bsi.com to register.
ION-E Defense In Depth Presentation for The Institiute of Internal Auditorsmdagrossa
The document discusses the concept of defense in depth (DID) as it relates to cybersecurity. DID is defined as building mutually supporting layers of defense to reduce vulnerabilities and protect against attacks. The key aspects of DID include understanding threats, seeing the full battlefield, using defensive advantages, concentrating defenses, coordinating assets, and balancing security and legal constraints. The document advocates applying DID principles through multiple overlapping controls and frameworks, rather than relying on a single compliance standard, in order to provide comprehensive security that can withstand attacks from various threat actors.
Cyber presentation spet 2019 v8sentfor uploadsavassociates1
An accountant is a valuable asset to any organization. He or she is a professional who performs accounting functions. Accounting is not only confined to tax and financial matters as per what people generally think.
What is Cyber Security
What is Cyber Threat and Threat Landscape
Is Cybersecurity an IT Problem? It’s a human Problem
Role of a CFO
Well accepted Cybersecurity Frameworks and common Themes
SOC (Service Organization Control) and SOC for Cybersecurity
Recommended risk mitigation strategies for the weakest links of the Cybersecurity chain
Key Takeaways
Best Practices
Serious Incident PreventionSM(SIP) provides critical training designed to reduce catastrophic events.
Participants will learn how to:
Identify risks and work practices critical to addressing those risks
Measure and track those work practices
Encourage conversations around those critical work practices
Identify improvement targets and creates action plans
Include an effective Process Safety Leadership
Develop a Team that involves representative engineers, management, operators, and maintenance
Measure behaviors that are critical to serious incidents:
Maintenance of instrumentation and controls
Completion of hazard analysis, inspection, and testing
Compliance with work permits and procedures
Completion of process upset logs and review at shift change
TESTIMONIALS
“Best workshop I have ever been to. I have been struggling for a while as to how I could engage in our safety program in a meaningful way. You have given me the keys.”
“This is exactly what we needed. And it comes at a great time in the development of our safety program”
For full details, download the PDF brochure today OR contact kris@360bsi.com.
This document outlines an information security assessment process and methodology provided by Opportune Corporate. It includes an agenda, overview of information security and its importance, Opportune's profile and experience, an information security assessment framework and methodology, approach and timeline, deliverables, and resumes. The methodology involves confirming the assessment scope, conducting various scans, reviewing policies and configurations, identifying vulnerabilities, analyzing and prioritizing risks, developing a remediation roadmap, and presenting final reports. Case studies demonstrate applying this methodology to assess the security of an oil and gas company and a mineral and royalty owner.
Similar to Assets Protection Course_I_BR_1109 (20)
1. Experience,
D
edication, and Leadership in Security EDUCATION
Assets Protection Course I:
Concepts and Methods
November 16-19, 2009
Philadelphia, Pennsylvania
2. Begin by establishing a solid foundation,
then move to practical applications, and
conclude with functional management.
From network security to convergence, workplace
violence to terrorism, intrusion detection to executive
protection, today’s security professionals have a lot to
deal with. Why go it alone?
Gain a broad, in-depth perspective of the demands of
assets protection at APC I. Don’t miss this opportunity
to exchange ideas, discover new techniques, and identify
strategies that will energize you in today’s challenging
security environment.
Once you’ve mastered the fundamentals, you’re
prepared to learn how to put those solutions to work.
APC II continues the security principles presented in
APC I, but now you’re ready to explore the more complex
aspects. You’ll get the vital information you need for
security planning and meeting operational requirements.
Join some of the most experienced professionals in the
security industry in discussing the latest crime
detection, prevention, and intervention techniques,
while reviewing the importance of relevant
laws and legal issues.
Don’t miss the opportunity to
advance in your profession.
Take the first step now and register today.
The APC Series provides professionals with broad-based
knowledge to keep their personnel and assets protection
a step ahead of today’s risks and threats. From beginning
through advanced topics, the APC programs expose you
to proven techniques and give you a solid understanding
of all aspects of assets protection.
3. Introduction to Assets Protection
Review the basics of commercial
and industrial security, and then
put together a comprehensive
assets protection plan.
Security Surveys and
Vulnerability Assessments
Learn how to assess and reduce
security loss and risk exposure by
using surveys and assessments.
Crime Prevention Through
Environmental Design
Gain an appreciation of this
passive, low-cost, effective crime
prevention technique.
Locking Concepts
Discover the pros and cons of
various locking devices and learn
how to integrate them into your
program.
Barriers
Evaluate the cost-effectiveness and
uses of structural barriers.
Access Control
Examine the purpose, theory, and
technology behind access control.
Review what’s in general practice
today.
Intrusion Detection—Interior and
Exterior Sensors
Review the advantages and
vulnerabilities of the major sensor
types and current protection
system strategies.
Security Lighting and Video
Surveillance
Extend the value of surveillance
by learning how to match your
security lighting objectives to
functional solutions.
Deception Detection
Discuss behavioral analysis
and preparation for successful
interviews. Explore proven
deception detection techniques.
Professional Security
Management and SOPs
Apply practical management
principles and methods for
improved results. Learn how to
consistently incorporate best
practices into your standard
operating procedures.
Investigations
Examine the investigative process
and learn to conduct thorough,
complex workplace investigations.
Review techniques, resources, and
procedures used by experienced
investigators and fact-finders.
Security and the Law
Examine the legal framework in
which a security organization
operates. Explore constitutional
immunities, civil areas of tort
and contract liability, civil and
consumer rights, administrative
procedures, and ethical
considerations.
Ethics
Evaluate the implications and
dilemmas inherent in real-life
ethical decision-making.
Workplace Violence
Develop detection, prevention,
and intervention strategies for
violent behavior and workplace
aggression. Analyze recent
workplace violence cases and
learn how to defuse the most
challenging situations.
Emergency Planning
Understand what constitutes
a disaster situation and then
establish procedures to prevent,
control, and recover from all types
of disasters.
APC I: Concepts and Methods
March 16–19, 2009
New Orleans, Louisiana
November 16–19, 2009
Philadelphia, Pennsylvania
Program Overview
APC I, the cornerstone of ASIS’ educational programming, is essential
for all professionals involved in the protection of assets. Not only does
it provide a solid basis for advanced development, but it goes beyond
to give you the broad view and in-depth perspective you need to
succeed in today’s challenging security landscape. Register today and
climb to the top faster than you thought possible.
Studying for your
CPP certification?
APC I can serve
as an additional
source of study in
preparation for the
CPP exam.For updates, check www.asisonline.org
4. • Master the fundamentals of assets protection.
• Familiarize yourself with methods to recognize, detect, and prevent
fraud and employee theft.
• Identify ways to conduct incident, background, and undercover
investigations.
• Obtain proven methods of analyzing and assessing security loss/risk
exposure.
• Learn steps to help you develop emergency/disaster plans and
procedures.
• Explore the various components of integrated security systems.
• Acquire a comprehensive understanding of contemporary legal issues.
Immediate Benefits
Fast Facts: APC I
Registration Hours
Sunday
5:00 pm–6:00 pm
Monday
7:00 am–8:00 am
Program Hours
Monday–Wednesday
8:00 am–5:00 pm
Thursday
8:00 am–4:00 pm
Hotel Information
March 16-19, 2009
Be sure to mention ASIS when
requesting the special room rate of
$179 single/double (plus tax). This
price will be honored until February
20, 2009 or until the room block
is full.
Omni Royal Orleans Hotel
621 St. Louis Street
New Orleans, LA 70140
1-504-529-5333
1-800-the-Omni
November 16-19, 2009
Be sure to mention ASIS when
requesting the special room rate of
$179 single/double (plus tax). This
price will be honored until October
19, 2009 or until the room block is
full.
Hyatt Regency Philadelphia at
Penn’s Landing
201 S. Columbus Blvd.
Philadelphia, PA 19106
1-215-928-1234
1-800-233-1234
Registration Fees
ASIS member: $1,100
Nonmember: $1,300
Fees include daily continental
breakfast, a reception Monday
evening, refreshment breaks, and
a custom manual that includes
relevant chapters from the
Protection of Assets (POA) Manual.
Hotel costs are not included.
Attire
Business casual is recommended.
Program Advisor
Severin Sorenson, CPP
President and CEO
Sikyur.com
Faculty
Joseph P. Buckley III
John E. Reid & Associates
Michael A. Crane, CPP
IPC International Corporation
Eugene F. Ferraro, CPP, PCI
Business Controls, Inc.
Shannon J. Gregg, CPP
Gregg Services, Inc.
George E. Ronne, Jr., CPP
ASIS Lifetime Member
Frank W. Sulzer, CPP
Sulzer Enterprises
Faculty subject to change.
Updates will be posted online.
• Professionals new to security management
• Professionals needing an overview of security management functions
• Supervisors of security personnel
• Others with security responsibilities, including human resources, facilities,
and legal personnel
Who Should Attend
5. APC II: Practical Applications
May 4-7, 2009
San Francisco, California
Top experts share real-life cases, proven solutions, best practices, and
field-tested strategies at APC II: Practical Applications. Don’t miss this
unique opportunity to put your skills to the test, identify dangers
ahead, network with the best, and pick up ideas you can implement
right away—and use again and again.
For updates, check www.asisonline.org
Financial Investigation and the
Badges of Fraud
Revolutionize your ability to
conduct financial investigations
by making the most of the vast
amount of public information
available via commercial databases
on the Web. Get information
on the “badges of fraud,” learn
how to recover fraudulently
conveyed assets, and protect your
organization from fraud.
Effective Interrogation
Videotapes of actual interviews
and interrogations will be used
to: discuss the interrogation
process, beginning with how to
initiate the confrontation; develop
the interrogational theme; stop
denials; overcome objections; and
use the alternative question to
stimulate an admission.
Investigative Law
Keep the law on your side and
get answers to questions that
matter. Understand the law’s
impact on internal, EEOC, workers’
compensation, and corporate
investigations. Get updates on
legal decisions affecting security
professionals and their work,
compensation, and corporate
investigations.
Executive Communication: The
Key to Developing and Selling
Your Ideas
Learn how to strengthen your
executive communication skills
by writing more powerful letters,
creating compelling proposals,
developing eye-catching
presentations, and presenting
yourself like a CEO.
Advanced Violence Risk
Assessment
Gain insights into the issue of
violence in the workplace. Learn
techniques and best practices for
evaluating and mitigating threats
and violence in the workplace.
Conclude with case studies.
Executive Protection
Learn how to efficiently conduct
a comprehensive site survey,
distinguish probable threats from
unlikely threats, effectively use
organizational resources, and
design and craft a comprehensive
executive and employee protection
plan.
New Internal Controls
Examine the motivation and
rationalization of those who
commit fraud against their
employers as well as the amazing
assortment of fraud schemes they
use. Review an array of internal
controls, and demonstrate how
they are used to reduce fraud and
expose those who commit it.
New Investigative Strategies and
Techniques
Examine investigative strategies,
techniques, resources, and
missteps. Broaden your vision, gain
concrete investigative applications,
and incorporate the essentials
of reporting and recording
investigative activities.
ASIS Standards and Guidelines:
An Update and Overview
Gain a comprehensive overview
of the exciting new developments
in ASIS International Standards
and Guidelines. Learn how to get
involved.
Corporate Response to Terrorism:
Practical solutions
Convince senior management of
terrorism’s impact. Learn practical
solutions to the reality that
terrorism affects the way we think,
feel, and behave. Appreciate its
powerful impact on productivity
and ultimately profitability.
Program Overview
Why stop now?
Develop leadership
and management
skills vital for
senior security
professionals
at APC III.
June 15-18, 2009
6. About ASIS International
ASIS International (ASIS) is the largest organization for security professionals, with more
than 36,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing
the effectiveness and productivity of security professionals by developing educational
programs and materials that address broad security interests, such as the ASIS Annual
Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role
and value of the security management profession to business, the media, governmental
entities, and the public. By providing members and the security community with access
to a full range of programs and services, and by publishing the industry’s number one
magazine—Security Management—ASIS leads the way for advanced and improved
security performance. For more information, visit www.asisonline.org.
• Design and manage an effective executive protection program that will
properly protect high-risk employees and personnel.
• Examine the complex problem of global terrorism and how to prevent it
from affecting your organization and its bottom line.
• Detect white-collar criminal frauds and schemes, and recover losses
when they occur.
• Identify and safely address workplace threats and violent behavior.
• Learn how to sell your security program to top management and
communicate like an executive.
• Consistently obtain admissions through practicing the Reid Technique.
Immediate Benefits
Fast Facts: APC II
Registration Hours
Monday
7:00 am–8:00 am
Program Hours
Monday–Wednesday
8:00 am–5:00 pm
Thursday
7:30 am–11:45 am
Hotel Information
Be sure to mention ASIS when
requesting the special room rate of
$195 single/double (plus tax). It will
be honored until April 11, 2009 or
until the room block is full.
Hyatt Fisherman’s Wharf
555 North Point Street
San Francisco, CA 94133
1-415-563-1234
Registration Fees
ASIS member: $1,100
Nonmember: $1,300
Fees include daily continental
breakfast, a reception Monday
evening, refreshment breaks, and
a custom manual that includes
relevant chapters from the
Protection of Assets (POA) Manual.
Hotel costs are not included.
Attire
Business casual is recommended.
Updates will be posted online.
Program Advisor
F. Mark Geraci, CPP
Sr. Director Corporate Security
Bristol Myers Squibb Company
New York, New York
Faculty
Joseph P. Buckley III
President
John E. Reid Associates
Chicago, Illinois
Joe Henry Dickerson
President
Dickerson and Associates
Denver, Colorado
Jerome M. Gatto
JM Gatto Consulting, LLC
Sedona, Arizona
Glenn Massie, CPP
Principal
Protective Services Group
Encino, California
Ed McDonough, CPP
Director of Global Security
TYCO International
Boca Raton, Florida
Shirley A. Pierini, CPP, PCI
CSO Director
Jackson Family Enterprises
Santa Rosa, California
Judy Spain, Esq.
Spain Spain
Richmond, Kentucky
Faculty subject to change.
• Security executives and managers
• Individuals with direct or indirect responsibility for security, particularly
human resources, facilities, and legal personnel
• Supervisors of security personnel and proprietary operations
• Professionals moving into security management positions regardless of
experience
• Individuals transitioning from the public to the private sector
Who Should Attend
7. Name:
ASIS member #:
q New member (Membership application and dues payment must be attached.)
q Change of address
Title:
Company:
Address:
City: State/Province:
Country: ZIP/Postal code:
Phone: Fax:
E-mail:
Web
www.asisonline.org/
profdev.html
Fax
703-518-1473
Phone
703-519-6200
Mail
ASIS International
P. O. Box 17673
Baltimore, MD
21297-1673
How to
Register
Register Here. Register now.
Please register me for:
Meeting # Program Fee member/nonmember
989 APC I March 16-19, 2009 $1,100/$1,300
1000 APC I November 16-19, 2009 $1,100/$1,300
977 APC II May 4-7 2009 $1,100/$1,300
978 APC III June 15-18 2009 $1,100/$1,300
Membership (attach application) www.asisonline.org/application.pdf $
Subtotal $
CPPs, PCIs, PSPs receive a $25 discount per program $ ( )
Total (Registration will not be processed unless paid in full) $
Method of Payment
q Check (drawn on a U.S. bank in U.S. dollars and made payable to ASIS)
q MasterCard q Visa q American Express q Discover
Account #: Expiration date:
Amount: $
Name (as it appears on card):
Cardholder signature:
PHOTO ID
REQUIRED FOR
ADMISSION
ON-SITE.
Acceptable IDs
include a valid
driver’s license,
passport, or
military ID.
JOIN ASIS AND SAVE!
Programming, schedule, locations, and pricing are subject to change.
PERTINENT INFORMATION
Certificates of completion: ASIS
reserves the right to withhold
certificates if attendance requirements
are not met.
Continuing Professional Education
(CPE): Each 50-minute instruction hour
is worth one CPE.
Confirmation: Will be issued upon
receipt of full payment and should be
brought to the program to expedite
processing and ensure admission. If
confirmation is not received within
three business days prior to the start
date, call 703-519-6200, fax
703-519-6299, or e-mail
asis@asisonline.org.
On-site programs: All of ASIS’
educational programs can be brought
to your facility or customized to meet
specific needs. Call 703-518-1429 for
details.
Member rate: You must be an ASIS
member in good standing at the time
of registration. Badges are
non-transferable.
Team discounts: If registering three
or more attendees from the same
organization, call 703-518-1434.
Cancellations: For a full refund,
written cancellations must be received
by ASIS at least 10 business days
before the start date. Those received
less than 10 days prior will be charged
$100 per person. No refunds are
made for cancellations received on
or after the start date. Fax to ASIS
Member Services at 703-519-6298.
Last-minute registrations: While we
welcome all registrations, including
those on-site, the availability
of handout materials cannot be
guaranteed.
Solicitation: Selling products or
services during the program is
prohibited.
Rental car discount: Call AVIS at
800-331-1600 or visit www.avis.com
—reference AWD-D005038.
Returned check fee: $25.