0

Black Hat Conference USA 2011 – According to the Twitterverse

Posted on August 8, 2011 by Josh Arrington

The Black Hat Conference (#Blackhat) has established itself as one of the technology industry’s leading events for the security elite.  More than just a hacker conference, many of this year’s presentations were equally as eye-opening for the C-Suite, especially in terms of raising awareness of lesser-known enterprise vulnerabilities that pose significant risk.

While Cyber-Ark didn’t attend the event, many of our customers and partners did, so we paid close attention to the buzz surrounding the event.  From SCADA systems and exploding batteries to Shady RAT, following are some of our favorite tweets that captured top stories from the event.

@buzzblog: New post: Scariest Black Hat story so far: Power plants at risk networkworld.com/community/blog… #Siemens

@KimZetter: Hardcoded Password and Other Security Holes Found in Siemens Control Systems – http://t.co/39ss0UR

@josphmenn: My reg req’d story based on scary #BlackHat presentations, etc: Utilities warned that many PLCs open to Internet hacks. http://t.co/1k7G1U8

@mathewjschwartz: China Suspected Of Shady RAT Attacks — InformationWeek #li #infosec #blackhat http://t.co/xfdnbhx

@SCMagazine: Black Hat: Insulin pumps can be hacked http://dlvr.it/dvG6c

@zdnetaustralia: A security threat has emerged and it comes from an unexpected source: laptop batteries http://bit.ly/r30tkR

@ryanarine: Microsoft’s BlueHat Prize: A new twist on security research incentives http://zd.net/q84Sf0

@CNNTech: Hacker shuts down Apple MacBook battery — and can do so remotely: http://t.co/QLMnAu7 by @jdsutter at #blackhat

And one of the event wrap-ups worth reading from @SecurityWeek: Black Hat Wrap Up: What Created the Most Buzz? bit.ly/p8qSZI #blackhat #defcon #infosec

What are your picks for top stories coming out of Black Hat?

0

Cyber-Ark Announces This Year’s Big Winner of the SysAdmin Appreciation Day Twitter Contest

Posted on August 1, 2011 by Josh Arrington

Today, July 29, 2011, marked another excellent SysAdmin Appreciation Day and the Cyber-Ark team is thrilled to have played a role in recognizing the efforts of these IT rock stars. As you know, on Monday, we kicked off our 2nd Annual System Administrator Appreciation Day Contest by asking participants to answer this simple question over Twitter: “What is your greatest enterprise IT accomplishment in the past year?”

As the responses rolled in, our esteemed judges, Standalone SysAdmin’s Matt Simmons, Cyber-Ark’s Bill Pesiridis, and the NubbyAdmin’s Wesley David, analyzed their merits and began to formulate their thoughts on who should be crowned the “winner.” While the judges determined that there were some truly exceptional responses, and that all of the achievements deserved recognition (more on that later), one stood out from the pack.

Without further ado, on behalf of our judges, we would like to formally declare Thomas Deliduka, aka @Tomnibus, as this year’s winner! Here’s the winning Tweet:

@tomnibus “@CyberArk Greatest Accomplishment: upgraded Exchange 2003->2010 on my own for 100+ users, two weeks start to finish, no hiccups #SysAdminDay”

The judges agreed that this was a significant achievement. For Wesley, Thomas’s response marked a serious accomplishment. An Exchange 2003-2010 rollout is no easy task, you can read more about that type of migration here, and he was impressed with the speed and efficiency. For Matt—the complexity of this type of project stood out from the pack. Bill concurred—he’s actually tackled the project himself and agrees that it is a daunting task. E-mail is a critical application for the end-user, and it can be very difficult to find the downtime to pull this migration off.

So there you have it once again—congrats Thomas! You’ll be hearing more from @Cyberark as you are soon to be the proud recipient of our grand prize—an Amazon Kindle.

But wait, there’s more. Wesley, Matt and Bill would like to recognize the efforts of the other participants who they deemed “honorable mentions”, as this was a very close competition. Check back next week for a new blog post that details their thought process when selecting the winner and these “finalists”—and stay tuned, especially, if you were a participant. We’ll be reaching out to you to learn more about your achievements. After all, in Matt’s words, while Thomas’ achievement was very impressive, “we could select any of these responses justifiably.” So great job participants—in true recognition of SysAdminDay, you provided us with some excellent insights into the great work you do on a daily basis. You truly deserve even more than just a day of celebration!

0

IT Security Rewind – Week of July 18, 2011

Posted on July 22, 2011 by Josh Arrington

As the summer heat continues to rise, it’s clear that news about the frequency of IT security breaches refuses to take a vacation.  This week the founder of popular online news site Reddit was caught red-handed while security influencers stayed cool reporting on some real threats for the utilities and government industries. Here is our take on this week’s hottest IT security stories:

  • Reddit Founder Hacks into MIT and Gets Himself Caught — Computerworld’s Grant Gross provided us with details of the indictment of the co-founder of online news site Reddit.  Aaron Swartz was charged with computer intrusion, fraud and data theft for allegedly stealing 4.8 million documents from an MIT network. If convicted, Swartz, who is also the founder of the political advocacy group Demand Progress, faces a possible 35 years in prison and fines of up to $1million.
  • Be Afraid, Be Very Afraid – We’ve all fallen for “doom-and-gloom-we’re-all-gonna-die” stories that make you want to stock your bomb shelter.  CSO’s Bill Brenner typically takes these reports as B-S; this week however, he shared an interesting report from Brian Ross, “New Terror Report Warns of Insider Threat to Utilities” to which he says “the insider threat is real.” While Brenner is referring to physical security in this particular piece, given the numerous flaws and vulnerabilities reported in SCADA software over the past few months we can’t help but draw the connection to an IT security threat as well.
  • Hackers Infiltrate Computers at the German Federal Police and Customs Service – It’s one thing to hack into a system and get the heck out of there – but to stay in that system undetected for say, months, is a whole other ballgame. In what could be an incredibly devastating data loss for the German Federal Police and Customs Service – hackers reportedly gained access to federal police computers in September 2010 and were able steal information undetected for months. In addition, hackers were able to gain access to the German customs service and publish stolen files on the Internet. In the words of an anonymous security officer, “that is pretty much the worst thing that could happen.”


What other hot stories would you add to this list?

1

Cyber-Ark’s 2nd Annual System Administrator Appreciation Day Contest

Posted on July 19, 2011 by Josh Arrington

sysadmin

On Friday, July 29th, the IT community will recognize the efforts of all the unsung hero’s that make our lives so much easier with the celebration of the 12th Annual System Administrator Day. This is an event that Cyber-Ark eagerly anticipates each time it comes around, and for the second year in a row, we will be hosting a contest via Twitter to show our appreciation for this special community. The full rules and details surrounding this year’s contest can be found on our website here — Cyber-Ark’s 2nd Annual System Administrator Appreciation Day Contest.

To summarize, this year we’re asking participants to answer this simple question over Twitter: “What is your greatest enterprise IT accomplishment in the past year?” Throw the #SysAdminDay hashtag and @Cyberark handle into your response and get CREATIVE! Unlike last year’s contest, participants are encouraged to include a URL in the Tweet that links to, for example, an image (TwitPic) or a blog post. This is not a requirement for eligibility but it may help participants to get their message across in a more impactful manner. The best response will be awarded with a prominent spot on this here blog, as well as a new Amazon Kindle!

Also, we’re adding a couple of other new wrinkles this year, namely the fact that we’re starting the contest on Monday, July 25th, and letting it run through 3 p.m. ET on Thursday, July 28th. We’ll use Friday, July 29th to promote the winner (and some of the other great responses). Even cooler, we’ve enlisted one of the SysAdmin community’s most influential evangelists and prolific bloggers, Standalone SysAdmin’s Matt Simmons to serve as judge.Matt will be joined by Cyber-Ark’s own rock star SysAdmin, Bill Pesiridis as well as Wesley David, another prolific contributor to the SysAdmin blogosphere over at his personal site, The Nubby Admin. Wesley also authors articles for such publications as SysAdmin Talk. Together, Matt, Wesley and Bill will choose the winner based on their own set of criteria for what they deem to be the best overall response. It’s safe to say that creativity will play a big role in attracting their attention, however.

In addition, on Wednesday, July 27th, we will post a new update on our blog with a link to the live Twitter Search feed of all of the entries to date (we’ll also be live streaming the participating entries through a blog plug-in throughout the week). On this post, we’ll encourage users to comment with a vote for their favorite Tweet (and we suggest that participants encourage their friends and followers to show their support with comments as well). While these comments/votes aren’t required and won’t have any bearing on the ultimate decision process for the judges, they do demonstrate excitement and community involvement for SysAdmin Day.

If you have any questions or comments—feel free to send them our way. Otherwise, we’ll see you on Monday, July 25th on Twitter. Please share this with the SysAdmin community and have fun with it!

–The Cyber-Ark team

On Friday, July 29th, the IT community will recognize the efforts of all the unsung hero’s that make our lives so much easier with the celebration of the 12th Annual System Administrator Day. This is an event that Cyber-Ark eagerly anticipates each time it comes around, and for the second year in a row, we will be hosting a contest via Twitter to show our appreciation for this special community. The full rules and details surrounding this year’s contest can be found on our website here — Cyber-Ark’s 2nd Annual System Administrator Appreciation Day Contest (Embed Landing Page Link Here).

To summarize, this year we’re asking participants to answer this simple question over Twitter: “What is your greatest enterprise IT accomplishment in the past year?” Throw the #SysAdminDay hashtag and @Cyberark handle into your response and get CREATIVE! Unlike last year’s contest, participants are encouraged to include a URL in the Tweet that links to, for example, an image (TwitPic) or a blog post. This is not a requirement for eligibility but it may help participants to get their message across in a more impactful manner. The best response will be awarded with a prominent spot on this here blog, as well as a new Amazon Kindle!

Also, we’re adding a couple of other new wrinkles this year, namely the fact that we’re starting the contest on Monday, July 25th, and letting it run through 3 p.m. ET on Thursday, July 28th. We’ll use Friday, July 29th to promote the winner (and some of the other great responses). Even cooler, we’ve enlisted one of the SysAdmin community’s most influential evangelists and prolific bloggers, Standalone SysAdmin’s Matt Simmons to serve as judge. Matt will be joined by Cyber-Ark’s own rock star SysAdmin, Bill Pesiridis. Together, Matt and Bill will choose the winner based on their own set of criteria for what they deem to be the best overall response. It’s safe to say that creativity will play a big role in attracting their attention, however.

In addition, on Wednesday, July 27th, we will post a new update on our blog with a link to the live Twitter Search feed of all of the entries to date (we’ll also be live streaming the participating entr

On Friday, July 29th, the IT community will recognize the efforts of all the unsung hero’s that make our lives so much easier with the celebration of the 12th Annual System Administrator Day. This is an event that Cyber-Ark eagerly anticipates each time it comes around, and for the second year in a row, we will be hosting a contest via Twitter to show our appreciation for this special community. The full rules and details surrounding this year’s contest can be found on our website here — Cyber-Ark’s 2nd Annual System Administrator Appreciation Day Contest (Embed Landing Page Link Here).

To summarize, this year we’re asking participants to answer this simple question over Twitter: “What is your greatest enterprise IT accomplishment in the past year?” Throw the #SysAdminDay hashtag and @Cyberark handle into your response and get CREATIVE! Unlike last year’s contest, participants are encouraged to include a URL in the Tweet that links to, for example, an image (TwitPic) or a blog post. This is not a requirement for eligibility but it may help participants to get their message across in a more impactful manner. The best response will be awarded with a prominent spot on this here blog, as well as a new Amazon Kindle!

Also, we’re adding a couple of other new wrinkles this year, namely the fact that we’re starting the contest on Monday, July 25th, and letting it run through 3 p.m. ET on Thursday, July 28th. We’ll use Friday, July 29th to promote the winner (and some of the other great responses). Even cooler, we’ve enlisted one of the SysAdmin community’s most influential evangelists and prolific bloggers, Standalone SysAdmin’s Matt Simmons to serve as judge. Matt will be joined by Cyber-Ark’s own rock star SysAdmin, Bill Pesiridis. Together, Matt and Bill will choose the winner based on their own set of criteria for what they deem to be the best overall response. It’s safe to say that creativity will play a big role in attracting their attention, however.

In addition, on Wednesday, July 27th, we will post a new update on our blog with a link to the live Twitter Search feed of all of the entries to date (we’ll also be live streaming the participating entries through a blog plug-in throughout the week). On this post, we’ll encourage users to comment with a vote for their favorite Tweet (and we suggest that participants encourage their friends and followers to show their support with comments as well). While these comments/votes aren’t required and won’t have any bearing on the ultimate decision process for the judges, they do demonstrate excitement and community involvement for SysAdmin Day.

If you have any questions or comments—feel free to send them our way. Otherwise, we’ll see you on Monday, July 25th on Twitter. Please share this with the SysAdmin community and have fun with it!

–The Cyber-Ark team

ies through a blog plug-in throughout the week). On this post, we’ll encourage users to comment with a vote for their favorite Tweet (and we suggest that participants encourage their friends and followers to show their support with comments as well). While these comments/votes aren’t required and won’t have any bearing on the ultimate decision process for the judges, they do demonstrate excitement and community involvement for SysAdmin Day.

If you have any questions or comments—feel free to send them our way. Otherwise, we’ll see you on Monday, July 25th on Twitter. Please share this with the SysAdmin community and have fun with it!

–The Cyber-Ark team

0

IT Security Rewind – Week of July 4

Posted on July 11, 2011 by Josh Arrington

Despite our nice little July 4th break in the U.S.  this week’s news continues  to suggest that 2011 has been anything but an IT security “holiday” for a number of organizations. Let’s take a look at some of the week’s biggest news items:

Big Brother, Where Art Thou? Remember the consultant who was able to exploit a hardcoded, default password in a police cruiser’s digital video recorder system to gain access to controls and manipulate its use? We thought that was bad news, but now according to figures released by the Big Brother Watch, over 900 police officers and other staffers were subjected to internal discipline for breaching the data protection act (DPA) in the U.K. It’s one thing when law enforcement’s technology is susceptible to a data breach, it’s another when the actual officers are illegally viewing computer records for “non-policing purposes.” Talk about an abuse of privileges.

Not an Even Trade Between U.S. and China - A ThreatPost article details the arrest of a CME Group employee who allegedly stole trade secrets and proprietary source code used to run trading systems for the Chicago Mercantile Exchange and passed them along to China. The implications here obviously are far reaching as the employee downloaded “thousands of files” containing “source code and proprietary algorithms” used by CME to run its trading systems.” What is unclear, however, is how he gained access to the systems—was it through an escalation of privilege to access this sensitive information?

IT Security Rewind, uh, Rewind – Clearly, we think it’s important to recap the week’s most important IT security related developments, so we are always excited to identify similarly detailed reports, like this one from Help Net Security, that covers recent security incidents. The report recaps some of the biggest events of the year—from RSA to Citibank—and highlights the impact of the breaches on the organizations and their users.

That’s it for this week—thoughts? Comments? Bring ‘em on.

0

Don’t shy away from data protection audits

Posted on July 6, 2011 by Mark Fullbrook

The UK Information Commissioner, Christopher Graham, today said that businesses should be more willing to undergo data protection audits.  This follows the publication of the Information Commissioner’s Office’s (ICO’s) annual report, which found that just 19 percent of private sector businesses contacted by the ICO following a data breach accepted the offer to undergo free data protection audits*.

Audits are a critical part of any well-run major business, helping to ensure efficiency, productivity, and, with data protection audits, security and accountability – so it’s odd that so many businesses would decline the offer a free data protection audit.

At Cyber-Ark, we believe in developing solutions that not only deliver security, but also help organisations meet audits more effectively.  For example, with comprehensive logging of all privileged activity – including tracking who logged in, what they did and when they did it – meeting an audit can be made far simpler.  Every action is recorded and accountability is assured.

* ICO News Release

0

2011 Gartner Security & Risk Management Summit – According to the Twitterverse

Posted on June 24, 2011 by Josh Arrington

Earlier this week the Cyber-Ark team headed down to Maryland to attend Gartner’s Security & Risk Management Summit and, of course, to eat some crab cakes. With keynote speeches, analyst sessions, roundtable discussions and workshops scheduled, the days were jam packed. While the conference was widely attended by many IT security professionals, those that couldn’t make the trip could still feel like they were there by following along with the #GartnerSecurity hash tag. We decided to take a closer look at the hottest topics that were addressed at the summit through the lens of some of the Tweets that were sent from the show floor. Here are some of our favorites  – that discussed some of the show’s hot topics like mobile security, internal and external cyber security threats as well as the consumerization of IT:

@TamirSigal: Caldwell: Info risk is like a grenade, don’t hold it, throw it 2 exec mgmt<-disagree. Everyone needs 2 be held accountable #gartnersecurity

@Jfbauer: Interesting, blocking web sites does not stop data loss nor exposure to malware anymore per Gartner #GartnerSecurity

@CesareGarlati: #GartnerSecurity Ken Dulaney on #Consumerization “in 2015 less than 50% of companies will have up-to-date mobile security plocies”

@Iglazer: Bellamy raises the point that it’s not that people don’t care about privacy, but that they are unaware of 2nd uses of data #gartnersecurity

@Cgonsalves: #GartnerSecurity Chertoff thinks US should start teaching cybersecurity to pre-schoolers. Says it’s like teaching hygiene. I kid you not.

@JTKeating: Wagner: By 2014, 70% of IT teams will be required to present annually on state of security to the Board of Directors. #GartnerSecurity

@reed_on_the_run: Mobility is #2 top security trend at #GartnerSecurity behind threat environment which is always #1

Thank you @TamirSigal, @Jfbauer, @CesareGarlati, @Iglazer, @Cgonsalves, @JTKeating and @reed_on_the_run for the inside look at 2011’s Gartner Security & Risk Management Summit, looking forward to 2012!

0

IT Security Rewind – Week of June 13

Posted on June 20, 2011 by Josh Arrington

Another week and yet another high-profile data breach with potentially disastrous implications. Already, this attack has forced one of the officials involved with the organization to refer to the exposed data as “political dynamite.” Let’s dig into this breach and the rest of this week’s headlines in our IT Security Rewind:

IMF—Stable but not secure: The biggest news item of the week actually originated over the weekend, when word first broke that the International Monetary Fund—an organization of 187 countries committed to ensuring the stability of the international monetary and financial system – was the target of a sophisticated computer security attack. While details on the culprits and severity of the attack are still only trickling out, Government Computer News reports that the hack may have been carried out by a foreign government. The coordinated attack, which resulted in the loss of a “large quantity of data” relating to “sensitive country financial information,” was likely initiated by an old school spear-phishing attack, but is there more to the story? Typically, spear phishing and similar tactics are simply the door hackers use to enter an organization—once inside, they use and exploit elevated privileges to reach their destination and the troves of sensitive data stored across systems.

Not Summer in the Citi: Last week’s massive Citigroup data breach continued to attract headlines. While the bank divulged that the attack affected 360,000 credit card customers, according to the Financial Times, U.S. officials are demanding more details regarding the extent of the breach and its potential for reoccurrence. The article also suggests that the breach not only calls into question the relative lack of regulation in place to protect consumer data, but also the security of online banking websites. In this instance, attackers may have been able to leverage flaws in the website’s programming language or the way it is administered.

Data Breach Notification—The Law is Taking a Stand: As this eWeek article points out, the United States Congress continues to push for new data breach legislation. This time, Congressmen have filed legislation that would require companies to notify customers when a data breach has occurred within 48 hours following the completion of an incident assessment. However, other Congressmen have expressed skepticism over this pending legislation—will this law just result in stalling tactics? What’s your take—would this law have a positive impact on the industry? Is there a better alternative?

That’s it for this week’s Rewind. As always, your comments are encouraged!

Another week and yet another high-profile data breach with potentially disastrous implications. Already, this attack has forced one of the officials involved with the organization to refer to the exposed data as “political dynamite.” Let’s dig into this breach and the rest of this week’s headlines in our IT Security Rewind:

IMF—Stable but not secure: The biggest news item of the week actually originated over the weekend, when word first broke that the International Monetary Fund—an organization of 187 countries committed to ensuring the stability of the international monetary and financial system – was the target of a sophisticated computer security attack. While details on the culprits and severity of the attack are still only trickling out, Government Computer News reports that the hack may have been carried out by a foreign government. The coordinated attack, which resulted in the loss of a “large quantity of data” relating to “sensitive country financial information,” was likely initiated by an old school spear-phishing attack, but is there more to the story? Typically, spear phishing and similar tactics are simply the door hackers use to enter an organization—once inside, they use and exploit elevated privileges to reach their destination and the troves of sensitive data stored across systems.

Not Summer in the Citi: Last week’s massive Citigroup data breach continued to attract headlines. While the bank divulged that the attack affected 360,000 credit card customers, according to the Financial Times, U.S. officials are demanding more details regarding the extent of the breach and its potential for reoccurrence. The article also suggests that the breach not only calls into question the relative lack of regulation in place to protect consumer data, but also the security of online banking websites. In this instance, attackers may have been able to leverage flaws in the website’s programming language or the way it is administered.

Data Breach Notification—The Law is Taking a Stand: As this eWeek article points out, the United States Congress continues to push for new data breach legislation. This time, Congressmen have filed legislation that would require companies to notify customers when a data breach has occurred within 48 hours following the completion of an incident assessment. However, other Congressmen have expressed skepticism over this pending legislation—will this law just result in stalling tactics? What’s your take—would this law have a positive impact on the industry? Is there a better alternative?

That’s it for this week’s Rewind. As always, your comments are encouraged!

0

Details of another data breach have hit the UK newswires

Posted on June 17, 2011 by Josh Arrington

Details of another data breach have hit the UK newswires today, with reports revealing that the National Health Service (NHS) has lost 20 laptops containing sensitive information from one of its store rooms. Whilst eight laptops have been recovered, it has been disclosed that one of the 12 remaining missing laptops containing some 8.6 million medical records, reportedly unencrypted.

We have quite clearly moved on from the time when data could be effectively safeguarded by placing it under lock and key.  It is therefore all the more concerning that such a large institution is still relying on such archaic methods to defend its data.

Organisations who want to truly safeguard their users and their information need to deploy proven tools which manage and protect sensitive data.  That way, even if a device should go missing, it needn’t make the headlines.

0

Are you a Security Spider-Man?

Posted on June 15, 2011 by Adam Bosnian

Spider-Man

After years in the works and a number of recent twists and turns in the story and production, the Broadway show “Spider-Man: Turn Off the Dark” finally opened in New York City last night to an eagerly-awaiting crowd of Spidey and U2 fans.  The show is amazing, with acrobatics unmatched elsewhere on Broadway and powerful music with Bono’s and The Edge’s unmistakable signature vibe. With countless stories detailing the problems the show has faced with a re-write of major portions, injuries to actors, technical and mechanical difficulties, the show endured plenty of pains before being ready for prime-time.  That said, this blog entry isn’t a review of the show’s performance; you can find plenty of them here, here and here.

Rather, the revival of Spiderman in the form of a Broadway show actually ties into the lives of IT professionals in many ways – whether purely as comic book fans or as an analog to the superheroes in the server rooms responsible for enterprise systems’ performance and security.  This especially holds true in the area of privileged identity management, where Uncle Ben’s proclamation, “with great power there must also come great responsibility” resonates so clearly.  If not managed or monitored properly, the power of privilege and the pervasiveness of embedded credentials and admin accounts pose a significant threat to data security and business performance.

It’s an operational and compliance imperative for companies to “Turn off the Dark” and shine a spotlight on their privileged users, applications and sensitive information.  Understanding where all the accounts and identities are, what they have access to – and what’s done once that access is gained — is a crucial step toward asserting better control of all these accounts and ensuring their appropriate use.  The privilege problem is more widespread than you probably think.  It’s not just about protecting your customer data base or credit card information; it’s about understanding all of the threat vectors and how to stop them.  At a time when the perimeter is disappearing, the workforce is increasingly mobile and a plethora of devices and systems tie into corporate networks, a security superhero’s job is never done.

For instance, consider recent headlines about Cisco’s videoconference products that contain vulnerable credentials hard-coded into the software that open the door for someone to gain access to the system.  Stuxnet gained notoriety by leveraging embedded credentials in programmable logic controllers from Siemens software, and was used to knock out centrifuges in Iran late last year.  As security professionals, it’s time to think beyond the perimeter and the ‘usual targets’ to realize that so many things in our every day lives come equipped with hard-coded passwords or weak admin accounts that afford backdoor access to high-value systems, networks and databases.

The power of these privileged accounts, identity and information needs to be understood and transparently controlled.  Whether your Green Goblin is an embedded credential, your Dr. Octopus is a shared account or your Venom is an admin account, you’ve got to use your web-slinging skills to vanquish these villains and restore order to your business before it’s too late.  Like Spider-Man, you may not be appreciated by the editor of the Daily Bugle for all the work you do to keep your city safe, but it’s still vitally important to doing what’s right for your company and its citizens.

So, are you a security Spider-Man?  What menace do you face each day?

Pages ... 1 2 3 4 5 6