|
|
|
|
|
|
|
|
|
It's 'CIS Week' on the D&D Daily!
Follow along in the 'Vendor Spotlight'
column below as
CIS Security Solutions
showcases solutions for the retail
industry
|
Leading Multi-brand QSR Franchiser, BRIX Holdings, Chooses Interface to
Streamline Network and Security Operations at All Locations
Interface will deploy standardized restaurant technology solutions at
Friendly’s, Red Mango Cafe, Smoothie Factory + Kitchen, Souper Salad, Orange
Leaf, Humble Donut Co, Greenz, and Pizza Jukebox
St. Louis, MO (June 13, 2023) —
Interface Systems, a
leading managed service provider of business security, actionable insights, and
purpose-built networks for multi-location businesses today announced that BRIX
Holdings (“BRIX”), a leading multi-brand franchising company that specializes in
the “better-for-you” QSR segment, has chosen Interface to deploy managed
network, business voice, PCI compliance, business security, and business
intelligence solutions for all their franchise locations, including Red Mango
Cafe, Smoothie Factory + Kitchen, Souper Salad, Orange Leaf, Humble Donut Co,
Greenz, Friendly’s and Pizza Jukebox.
Interface’s solutions enable BRIX to offer its franchisees a modern and proven
technology template that can be replicated with ease at any number of locations
consistently. By choosing Interface’s suite of managed services, BRIX has laid
the foundation to accelerate expansion and offers franchise operators a proven
technology model to run successful businesses.
Read more here
The U.S. Crime Surge
The Retail Impact
House Subcommittee Hearing on Organized Retail
Crime - Today
The Rise in Organized Retail Crime and the Threat to Public Safety
Date: Tue, 06/13/2023 - 2:00 PM
Location: 2141 Rayburn House Office Building
The House Judiciary Subcommittee on Crime and Federal Government Surveillance
will hold a hearing on Tuesday, June 13, 2023, at 2:00 p.m. ET. The hearing,
"The Rise in Organized Retail Crime and the Threat to Public Safety," will
examine the rise in organized retail crime that is causing businesses to close
and endangering the public. Criminals who engage in organized retail crime are
emboldened by leftist rogue prosecutors, progressive bail reform laws, and other
soft-on-crime policies in Democrat-run cities.
WITNESSES:
• Attorney General Kris Kobach, Kansas
• Lorie Mohs, Mother of Blake Mohs, organized retail crime victim Murdered at
Home Depot
• John Milhiser, former U.S. Attorney, Central District of Illinois
Subcommittees:
The Subcommittee on Crime and Federal Government Surveillance
house.gov
NRF worked closely with committee staff and provided the opportunity for several
retailers to talk to staff on background about the ongoing challenge of ORC. NRF
also submitted a written statement for the record
which can be viewed
here. NRF continues to encourage members to
send letters of support of the Combating Organized Retail Crime Act (S.
140/H.R. 895).
nrf.com
Stand up against organized retail crime.
Send a message to Congress today!
TODAY: Congressional hearing about organized retail crime
A key congressional committee is holding a
hearing today to discuss the rise in organized retail crime and how it
threatens public safety. It is crucial to voice your concerns to your
representatives in Congress and urge them to act.
Join NRF in calling on Congress to address rising retail crime by passing the
Combating Organized Retail Crime Act. This bipartisan bill enhances federal
coordination for law enforcement, targeting crime gangs that harm retailers and
jeopardize public safety.
Together, we can make a difference. Stand up against organized retail crime by
showing your support today.
SEND A MESSAGE
HERE
This may be our only chance to help get this passed.
The CEOs have stood up. Now it's time for everyone in this industry to Stand Up
and Be Heard by Sending the Message above!
NRF Urges Congress to Advance ORC Legislation Ahead of Hearing
WASHINGTON – The National Retail Federation today urged Congress to
formally advance the Combating Organized Retail Crime Act, which would amplify
resources and coordination among federal, state and local law enforcement
agencies to address ORC. The House Judiciary Committee’s Subcommittee on
Crime and Federal Government Surveillance meets tomorrow at a hearing
entitled “Rise in Organized Retail Crime and the Threat
to Public Safety” to examine the impact of ORC on communities
nationwide.
NRF submitted a
written statement for the record in advance of the hearing detailing the
growing negative impact of ORC on American businesses, workers and
consumers.
According to the statement:
“Retailers’
foremost concern with ORC activity is the safety of retail workers and their
customers. Individuals and groups committing these crimes have used threats and
acts of violence, including the use of weapons, to aid theft. Eighty percent of
retailers noted an increase in violence and aggression by customers toward
workers in 2021. Extremely concerning is the depressing fact that several retail
workers have been killed during recent theft incidents — including trained
security personnel as well as retail workers serving in customer-facing roles.
“As more acts of blatant and deadly thefts take place in stores, the
consequences are apparent for both retailers and consumers alike. Both store
associates and customers are being harmed and threatened. Shoppers are now
seeing everyday items like toothpaste and dish soap behind lock and key.
Retailers know it is an inconvenience for customers. The anti-theft security
measures can lead to lost sales from customers who must wait for an employee to
unlock a cabinet so they can access a product. As the theft of merchandise
continues, the cost of securing those items skyrockets. Retailers already
operate on very slim margins and can only absorb so much cost to remain
profitable.”
The testimony also cited NRF’s latest research on retail crime, which shows
retail loss is a nearly
$100 billion problem and growing. Another study cited from NRF and global
risk advisory firm K2 Integrity found that ORC groups are
growing in both their scope and complexity, making them harder to stop.
Both reports highlight the need for federal solutions like the Combating
Organized Retail Crime Act.
The hearing follows last week’s
NRF PROTECT event,
where more than 2,000 retail professionals convened in Grapevine, Texas, to
examine the loss prevention community’s most prominent issues, including ORC. In
a flash poll during the event among 232 retail professionals,
90% said ORC is more of a risk to their business than
it was three years ago.
As the leading authority and voice for the retail industry, NRF has spearheaded
industry efforts to address ORC, including support for the now-enacted
INFORM Act, which takes effect on June 27. The organization has also
launched a national
grassroots campaign in support of the Combating Organized Retail Crime Act.
nrf.com
Retailers Battle Crime As The Government
Continues to Fall Short
With new anti-theft stores, companies step in where governments are missing
Concepts
like the new Walgreens anti-theft store mark a further
shift in responsibility for managing criminal behaviour to
the corporate world from government. Increasingly, companies,
particularly retailers, are tasked with making sure law-abiding customers can
still get essential services – such as access to pharmacies – without
being victimized by bad apples.
The problem is, dealing with crime is not Walgreens’ job or the job of the
private sector in general. It’s the government’s job, and that’s why we pay
taxes to fund law enforcement.
Theft and violence against retail employees – and even customers – have
risen sharply in Chicago, New York, San Francisco, Los Angeles, Seattle and
other cities. The main culprits: roving bands of marauders whose
smash-and-grab methods make up a new commercial threat called organized retail
crime.
So prevalent is the problem that many retailers have
pulled out of troubled urban neighbourhoods after efforts to improve
store security using advanced electronic surveillance, product monitoring and
more security guards has failed.
The list of departures is the longest in San Francisco.
Old Navy recently said it would close its
flagship Market Square location after three decades because of losses and
concerns about employee safety. The clothier’s move follows closings by
T-Mobile, Whole Foods, Nordstrom, Office Depot, Starbucks
and Anthropologie, among others. Target
and others are restricting nighttime hours at downtown stores for security
reasons.
To be sure, the risk for Walgreens is in alienating customers in an effort to
reduce the cost of theft. Win or lose, the company deserves some credit.
For all the bad press companies get about putting performance ahead of people,
this is one example of how a company is finding new ways to manage the
unpleasant reality of modern urban life and serve its communities,
particularly those that are under-resourced.
The nuclear option is for Walgreens to do what so many retailers have done –
pull out all together. If the company did that, the South Loop neighbourhood
would be left without an important source of essential services. That doesn’t
seem like a people-first option at all.
theglobeandmail.com
Backlash to CA Bill That Prohibits Employees
From Confronting Shoplifters
Opinion: California's proposed shoplifting law would be a disaster
Few would deny crime is a growing concern in the Golden State, especially in
major cities. The culture has caused companies such as Walgreens, which
shuttered 22 stores in San Francisco alone over a period of five years, to
cease doing business in many of these locations. Many accused Walgreens
of “crying wolf” on the matter of retail theft, and California lawmakers
recently made it clear they don’t take the matter seriously.
Earlier this month,
the California Senate passed Bill 553, legislation that would discourage
retail store employees from confronting shoplifters. The legislation —
passed weeks after a Home Depot security guard
was shot and killed during a Pleasanton, California, robbery — is
designed to protect employees, supporters say, by forbidding employers from
instructing employees to confront shoplifters.
The legislation would be disastrous. A law that would prohibit employers
from telling their employees that customers are not allowed to take whatever
they want without paying would clearly incentivize shoplifting. It would
further promote the culture Fuller described, one in which it is viewed as
“optional” to pay for things.
This is the culture that is driving companies out of
California. It’s not just crime or high taxes or pandemic mandates.
It’s a culture that shows disdain for property rights, which are
the wellspring of all human rights and a pillar of civilization.
California lawmakers have shown utter contempt for property rights for years.
Making it illegal for employers to instruct employees to stop customers from
stealing is just the latest example.
Until California changes this culture and demonstrates it respects the property
rights of people and businesses, it will continue to decline.
washingtonexaminer.com
Funding Retail Crime Sting Ops & Two Positions
to Track and Help Prosecute ORC
Oregon ORC Bill Update: Retail Theft Funding Measure Advances
Two funding bills that are part of the organized retail theft package are moving
through the process.
SB 900, which would set up a grant program available to local governments to
bolster retail crime sting operations, moved through the Joint Committee on
Ways and Means June 2. Its companion bill,
SB 318, would fund an analyst and two investigator positions within Oregon
Department of Justice to help coordinate prosecution of organized retail theft.
It has been assigned the public safety subcommittee of the Joint Committee on
Ways and Means, a sign that it’s moving forward. A vote for that bill should
happen in the next week or two, though both bills ultimately would have to pass
the paralyzed Senate.
oregonbusinessreport.com
Bill to Fight Gun Store Smash & Grabs
Introduced in the Senate
New legislation cracks down on 'smash-and-grab' gun store robberies
A bill to toughen penalties for "smash-and-grab" thefts at federally licensed
gun stores has been reintroduced. Sen. Shelley Moore Capito, R-W.Va., joined
22 of her GOP colleagues, led by Sen. Lindsey Graham, R-S.C., to reintroduced
the Federal Firearms Licensee (FFL) Protection Act of 2023. The legislation
would address the unacceptably high number of "smash-and-grab" thefts targeted
at federally licensed gun dealers by enhancing penalties for criminals who steal
firearms from federally licensed firearms and ammunition dealers. "Burglaries of
gun dealerships continue to rise, which is why we must put solutions forward
that deter these would-be criminals from committing these robberies and
endangering our communities," Capito said in the announcement. "I'm proud to
support this legislation that implements swift and strong penalties for these
crimes, and further protects our communities." The act would increase the
statutory maximum penalty for knowingly stealing any firearm in an FFL's
business inventory from 10 to 20 years; impose a mandatory minimum sentence
of three years for burglary from an FFL and five years for robbery from an FFL;
and criminalize the attempted theft of a firearm from a licensed importer,
manufacturer, dealer or collector.
news.yahoo.com
Highest Number of Jewelry Industry Crimes Ever
Recorded
Jewelry Industry Crimes Hit Record Level in 2022, JSA Reports
JSA has released its 2022 Annual Crime Report which described how the number of
Crime against the U.S. jewelry industry reached a record level in 2022. The
total number of crimes committed against U.S. jewelry firms was 2,211 —
the highest number of crimes JSA has ever recorded,
according to a press release. The number of crimes in 2022 represented an
increase of 31.1% from 2021, when 1,687 crimes were reported to JSA.
“Soaring crime needs to be a concern for the entire diamond, jewelry and watch
industry,” said John Kennedy, president of JSA. “This Report can help jewelers
become better prepared for the dangerous crime risks they face every day, and
can alert law enforcement agencies to the serious crime risks of the jewelry
industry.”
instoremag.com
NY lawmakers pass controversial bill to seal most criminal records
The long-debated controversial Clean Slate Act — which will
automatically seal most criminal records — has passed both houses of the
state Legislature.
The legislation, which still must be signed into law by Gov. Kathy Hochul, wipes
a New Yorker’s conviction record clean three years after sentencing for
misdemeanors, and eight years for felonies.
nypost.com
Here’s How Long It Took To Buy Locked Up Basic Items in San Francisco Stores
NYPD Commissioner Keechant Sewell resigns
Research sheds light on the costs of mass shooting injuries
Employers Must Discuss Trauma Strategies Amid
Rising Violence
Do Workplaces Need to Discuss Trauma?
When talking to employees about an event, tell the truth while respecting
confidentiality, and only share what is absolutely necessary.
Workplace
shootings continue to increase. In 2023 more than 100 mass shootings have
occurred in the U.S. according to the
Gun Violence
Archive. Behind those numbers are victims as this grim
document from Statista shows. Along with the horror, what about the
trauma experienced by employees involved in these incidents?
In an
article in Harvard Business Review, Katharine Manning, president of
Blackbird DC, a training company, talks about what employees expect of their
employers.
When we are in a period of crisis, many of us look to our institutions to
support and protect us. If they fail to do so, or if they take steps that we
fear will harm us or those we care about, that can create a second injury,
called an institutional betrayal.
Thus, if we fail to respond appropriately in our work with those experiencing
trauma, we can add a second injury to the first. But if we respond well, we
build trust and connection. Either way, the manner in which we support each
other in times of crisis will reverberate in our organizations for many years to
come.
There are steps employers can take including
these strategies offered by Workplace Response.
Acknowledge what happened - Address that an
event or situation occurred that impacts workers and the workplace. The key
to this step is to check in and take the lead of the survivor or person who has
experienced or is experiencing harm or trauma. Be open and available to the
person experiencing trauma or violence, and take their lead. Their safety and
privacy are most important.
Practice Emotional Intelligence - Try and
let go of this solution-oriented mindset and approach with empathy, compassion,
and active listening. Let people know that you are here for them and will be
supportive in the ways that feel supportive to them.
Be aware of the signs and side effects of trauma and
stress - When these signs are present, reconnect, engage, and offer
support. As you help others, remember that you also deserve space to process and
receive support. You do not have to “have it all together” all the time.
ehstoday.com
Target Bomb Threats Continue to Make
National Headlines
Target Continues to Get Bombarded with Bomb Threats
Locations in at least five states were evacuated
this weekend
Target stores see more bomb threats over Pride merchandise
Target stores in at least five states were evacuated this weekend after
receiving bomb threats. Though no explosives were discovered, the
incidents tie into the backlash over the retail chain’s Pride Month merchandise.
The
threats Saturday in parts of Oklahoma, New York, New
Hampshire, Vermont and Louisiana mirror those made in recent weeks in
Ohio, Utah and Pennsylvania. In most instances, unknown individuals emailed the
threats to local news outlets. The FBI and the regional Joint Terrorism Task
Force have been assisting with the investigation in some jurisdictions.
Law enforcement investigated the threats and determined the stores are safe,
Target said in a statement. All stores are “currently open and operating regular
hours.”
News outlets in Vermont, New Hampshire and New York received the same
threatening email Saturday, according to South Burlington Police Chief Shawn
Burke. The message, which accused Target of betraying the LGBTQ+ community,
named a store in South Burlington, Vt., and ones in Plattsburgh, N.Y., and in
Keene and West Lebanon, N.H.
Burke said his officers helped evacuate the store and do a “cursory search to
render the store safe,” which lasted about 25 minutes.
washingtonpost.com
NRF Responds Amid Pride Month Threats
NRF Statement on Store Safety
WASHINGTON – The National Retail Federation has provided the following
statement regarding store safety.
“Acts
of violence – real or threatened – by those who seek to bring
attention to themselves and their cause have no place in retail stores.
“The number one priority for retailers is ensuring the safety and security of
both customers and workers. Retailers provide their teams with trainings to
prevent or de-escalate situations that may result in confrontation. Also, they
are close partners with law enforcement who help support them when situations
may escalate.
“Threats, violence and protest will not deter a retailer’s commitment to
protecting the health and safety of the customers they serve and the people they
employ.”
nrf.com
Click here to read the D&D Daily's Special Report over
recent retail bomb threats
More Highlights from NRF PROTECT 2023
The Vitamin Shoppe follows a people-first path to positive results
NRF PROTECT: Chief Operating Officer Andrew Laudato on building a safe
environment for innovation
It's
possible to innovate in a way that values safety and security, he said.
Build cybersecurity into the innovation process from the beginning, and identify
and prioritize risks up front and early.
Leaders should foster communication and cooperation between the innovation teams
and cybersecurity experts. And they must continuously monitor emerging threats
and technology.
But the best way retailers can create an environment where innovation thrives
is by putting people before technology.
“It’s all about the people,” he said. “Companies
don’t innovate, people do.” When he’s hiring, Laudato looks for four key
attributes — integrity, intelligence, ambition and temperament. “This may seem
aspirational, but you can teach someone the technology, the process, project
management, but you can’t teach them these attributes.”
After that, it’s up to retail leaders to keep those people. “There’s
nothing more important — no matter what your job is — than hiring the best
people, making them feel safe and then taking really good care of them. It’s
expensive to hire and hard to find good people. You’ve got to keep them.”
nrf.com
Facial Recognition's Continued Expansion to
Boost Safety & Security
Detroit Metro Airport’s TSA implements facial recognition technology for faster,
safer screening process
TSA is relying on facial recognition technology to not only speed up the
screening process but also to keep travelers safe. As the summer travel
ramps up, officials have an important reminder about something you must do
before heading to the airport.
A faster passenger screening known as CAT-2, which stands for Credential
Authentication Technology, is a machine that is quick and efficient with its
process. The device validates a passenger’s I.D. without those few extra
minutes of a TSA agent looking at your I.D., looking at you, looking at Your
I.D., and so on.
The TSA Federal Security Director for Michigan states that this will be a
time saver and says that images of your I.D. will not be stored. The machine
is used for onsite verification.
clickondetroit.com
Inflation cools sharply in May to 4%, lowest in 2 years
The Labor Department said Tuesday that the consumer price index, a broad measure
of the price for everyday goods including gasoline, groceries and rents, rose
just 0.1% in May from the previous month, far lower than the 0.4% increase
recorded in April.
Prices climbed 4% on an annual basis, slightly below the 4.1% increase forecast
by Refinitiv economists. It marked the slowest pace of inflation since March
2021.
foxbusiness.com
Ollie’s raises outlook, plans to open 45 new stores in 2023
Westpac to layoff 300 workers in business and retail unit, says trade union
Despite recent losses, DOJ doubles down on antitrust enforcement
Quarterly Results
Ollie's Bargain Outlet Q1 comp's up 4.5%, total net sales up 12.9%
Senior LP & AP Jobs
Market
Senior Loss Prevention Director job posted for Draeger's Supermarkets, Inc. in
South San Francisco, CA
Conduct
store surveillance via CCTV and sales floor. Safely detain shoplifters when
necessary. Protect company’s assets by conducting internal and external
investigations using data analytics (Hawkeye). Shrink Management - Identify
shrink caused by fraud, theft, operational errors, and policy violations, etc.
Produce and submit detailed reports supported by facts and evidences in a timely
manner. Implement metrics: areas of loss, remediation, strategy.
indeed.com
|
All the News - One Place - One Source - One Time
Thanks to our sponsors/partners - Take the time to thank them as well please. If
it wasn't for them The Daily wouldn't be here every day for you.
|
|
|
|
|
|
|
Fighting ORC with Gen6 SP
2021-2022, ORC was rising in alarming numbers. The US Government finally took
notice. Retailers were searching to increase security for their high-end
products, keep the brazen ORC mobs from stripping their stores and asked the
Solution Providers to help them. Some called CIS Security Solutions. We acted
immediately and started modifying the Gen6 alarming tethers. We needed solutions
that would give a good Customer Experience, yet still stop the gangs from
sweeping departments of expensive handbags and other merchandise.
We
created two new Gen6 versions at the request of our clients, modifying those in
2023 to integrate with our other alarming products. This larger alarming
recoiler has 98 dBl alarm, IR protection, 49-strand flexible steel cable with
120 lb. pull strength, and a thick poly sleeve making it harder to cut, and it
is visually deterring. It has ALL the benefits of sustainability with
replaceable parts, batteries, ease of use, and it WORKS!
In 2022 Gen6 had two Smart versions –
Smart Padlock (SP) and
Smart Release
(SR). These allowed you to deactivate and release the merchandise with one push
of a button on the decoder. Innovative, time saving, labor saving and now in
2023 we are finding ways to integrate the Gen6 with the CIS Tick-R-Tape Tag and
a brand new Smart Padlock.
Our latest Gen6 SP will enable you to secure and tether outer wear and boxed
goods, etc. Attaching the Gen6 SP to the Tick-R-Tape Tag will allow you to
tether larger items in boxes like vacuums and tools, still protecting from theft
even when the box is detached from the tether. The Tick-R-Tape Tag can be used
by itself, with one or two pieces of tape to secure it to the packaging and will
activate if the tape is cut, tampered with, or lifted from the box, and it will
also activate the EAS pedestals. The Gen6 will alert if the tether is cut or the
recoiler is lifted from the fixture. Both the Gen6 and Tick-R-Tape Tag will
alert if an unauthorized detacher is used.
Let’s fight ORC together! CIS’s line of
Gen6 alarming
tethers can accommodate your needs: Make it harder to steal items protected by
Gen6, a tether strong enough to pull a Jeep, a detachable EAS Padlock Tag, and
disarm and release from the Smart Release lock.
Call 772-287-7999 for more information or visit
www.cisssinc.com.
|
|
|
|
|
|
|
To Pay or Not to Pay - That is the Question
for Leadership & Security Teams
The FBI Could Help Retrieve Your Data After a Ransomware Attack
The
recommendation from the FBI is to not pay, stating on its website that
“paying a ransom doesn’t guarantee you or your organization will get any data
back. It also encourages perpetrators to target more victims and offers an
incentive for others to get involved in this type of illegal activity.”
And the FBI could play a role in ensuring you avoid paying the ransom and get
your data back without having to deal with the cybercriminal gang.
Tools Unavailable to Most Organizations
One of the first things an organization should do if they are hit with a
ransomware attack is contact the FBI. It’s not just because a ransomware
attack is a crime—although that is a compelling reason. It’s because law
enforcement agencies have tools that can help you get your stolen or encrypted
data back.
Perhaps one of the most eye-opening messages at RSA this year was the revelation
that the FBI has the ability to decrypt data held for ransom. (If it had
been mentioned once, it would have raised some questions, but the advice could
have easily been dismissed. But this was repeated in a number of
ransomware-related sessions and by a couple of keynote speakers.) As was
mentioned more than once, the FBI has access to the encryption codes for
a number of ransomware variants and, as at least one speaker suggested,
ransomware gangs are lazy and rarely bother to change encryption keys.
In a
document aimed at CISOs and security teams, the FBI stated that law
enforcement has access to tools that most organizations do not and can
enlist the assistance of international partners to help retrieve data. The
document also pointed out that the FBI can conduct investigations that minimize
disruptions and works closely with the organization to limit “unwarranted
disclosure of information.”
Emphasis on Victim Recovery
Ransomware has become so disruptive that the FBI has put a greater emphasis on
victim recovery, Deputy Attorney General Lisa Monaco told
The Record podcast.
This was evident in the FBI’s recent takedown of the Hive ransomware variant. As
the
Department of Justice explained, “Since late July 2022, the FBI has
penetrated Hive’s computer networks, captured its decryption keys and offered
them to victims worldwide, preventing victims from having to pay $130 million
in ransom demanded.”
In its focus on victim recovery, the FBI has shifted its strategy. The goal
now is to disrupt the threat actors and cut into their revenues. To take
down Hive, the FBI infiltrated the Hive crime ring’s servers and “hacked
the hackers.” Much like threat actors would do, the FBI’s team moved around
Hive’s server network and took over, so much so that they created decryption
keys for victims of the ransomware attack.
Federal law enforcement is uniquely situated to be an ally to your
organization’s battle against ransomware. If “contacting the FBI to report
ransomware attack” isn’t on your post-attack procedure guidelines already, it
should be added as one of the first things to do in the mitigation phase. Taking
that step will go a long way in guiding your decision about whether or not to
pay a ransom. Chances are favorable that you can recover your data with the
FBI’s assistance at no cost and little disruption.
securityboulevard.com
Data Breaches Cause Significant Damage
DOS Attacks Dominate, but System Intrusions Cause Most Pain
In the latest Verizon "Data Breach Investigations Report,"
denial-of-service attacks are the most common type of security incident, but
when it comes to breaches, nearly four-in-ten attackers compromise systems.
Denial-of-service
attacks continued to dominate the threat landscape in 2022, but breaches —
those security incidents that resulted in confirmed data loss — more likely
included system intrusions, basic Web application attacks, and social
engineering.
Out of more than 16,300 security incidents analyzed in Verizon's "2023 Data
Breach Investigations Report," more than 6,250, or 38%, were
denial-of-service attacks, while almost 5,200, or 32%, were confirmed data
breaches. While the denial-of-service attacks were disruptive until they
were mitigated — much of the data in the report came from DOS defense providers
rather than victims — data breaches through system intrusions, web application
compromises, and social engineering usually resulted in significant impacts on
business.
The two top attack types in the report — DOS attacks and system intrusions —
target different parts of the CIA (Confidentiality, Integrity, Availability)
triad. System intrusions typically affect confidentiality and integrity,
while denial-of-service attacks target availability, says Erick Galinkin,
principal researcher at vulnerability management firm Rapid7.
The data highlights the differences in threat activities that become notable
incidents and those that cause real harm to companies. The damage caused by
the average ransomware incident, which accounted for 24% of all breaches,
doubled to $26,000, according to the report. In contrast, only four of
the 6,248 denial-of-service incidents resulted in data disclosure, the "2023
Data Breach Investigations Report" stated.
The report also underscored the fact that while patterns are informative, they
can also vary widely, says Joe Gallop, intelligence analysis manager at Cofense,
an e-mail security company.
More System Intrusions, Because More Ransomware
- Employees Critical to Defense:
darkreading.com
Threat intelligence programs poised for growth
Enterprise organizations will increase spending, investing in areas like
threat intelligence distribution, digital risk management, and security
technology integration.
CISOs clearly believe that further investments in threat intelligence
programs can mitigate cyber-risks while improving threat prevention and
detection. Over the next 12 to 24 moths:
Thirty percent of organizations will prioritize sharing threat intelligence
reports more readily with internal groups. This is a step in the right
direction as threat intelligence has value beyond the security operations center
(SOC) for alert enrichment.
Twenty-seven percent of organizations will prioritize investing in digital
risk protection (DRP) services. As organizations expand their digital
footprints, they need a better understanding of the accompanying risks. DRP
services provide this visibility by monitoring things like online data leakage,
brand reputation, attack surface vulnerabilities, and deep/dark web chatter
around attack planning.
Twenty-seven percent of organizations will prioritize integration with other
security technologies. Beyond endpoints, email, and network perimeters,
CISOs want CTI integration with cloud security tools,
security information and event management (SIEM) and
extended detection and response (XDR) solutions, and security service edge
(SSE) tools like secure web gateways and
cloud access service brokers (CASBs).
Twenty-seven percent of organizations will prioritize acquiring a threat
intelligence platform (TIP) for threat intelligence collection, processing,
analysis, and sharing. Once the exclusive domain of the largest enterprises,
TIPs are slowly moving down market.
Twenty-six percent of organizations will prioritize developing a more formal
program. Organizations realize they can no longer skate by on some
open-source threat intelligence feeds reviewed by part-time threat analysts.
Rather, they need staffing and processes to execute a full CTI lifecycle.
csoonline.com
Fighting AI-Powered Fraud: Let the Battle of the Machines Begin
As cybercriminals tap the power of machine learning and generative AI to outwit
fraud-detection systems, online fraud-prevention technologies must evolve
accordingly.
Leveraging the power of the cloud, new malicious machine learning (ML) models
offer the prospect of automating tasks that only humans could perform a few
years ago.
How AI Can Help Fool Fraud-Detection Systems
Consider a typical fraud-mitigation system in a retail setting. Say a company
sets a rule that in certain locations, transactions over $900 are automatically
flagged for secondary verification. An ML tool could be programmed to calculate
through trial and error the point at which high-value transactions are
inspected. Then the adversary need only ensure their fraudulent transactions
stay under $900 and are based in the right geolocation to avoid detection. What
was once a time-consuming process becomes a simple matter of cloud-powered
analytics.
Even sophisticated ML models can be probed and attacked for weaknesses by
malicious AI. The more opaque AI systems become, the riskier they are to deploy
in production settings. Humans will only have a limited understanding of their
behavior and the outputs they might generate. Plus, to remain effective, they
need to be trained on data from previous attacks. This combination make them
vulnerable to exploitation when presented with a slightly different scenario. It
only takes some targeted trial and improvement for malicious AI to learn those
oversights and blind spots.
How Defenders Can Strike Back
darkreading.com
Examining the long-term effects of data privacy violations
Researchers Report First Instance of Automated SaaS Ransomware Extortion |
|
|
|
|
|
|
Ensuring Good VPN
Security Hygiene
Companies commonly use an enterprise
virtual private network (VPN) solution to connect remote employees to their
organization's IT network. An increase in vulnerabilities are being found and
targeted by malicious cyber actors during the current Coronavirus situation. It
is vital to keep VPNs, network infrastructure devices, and devices being used to
connect into work environments up-to-date with the latest software patches and
cybersecurity configurations. Ensure you have good VPN security hygiene with
these helpful articles from
Cybersecurity and
Infrastructure Security Agency (CISA):
Understanding Patches and
Securing
Network Infrastructure Devices. |
|
|
|
|
|
Amazon Delivery Route Turns Into Violent Scene
from a Movie
San Antonio Amazon worker shot, injured in alleged road rage incident
Seven
to 10 bullets hit the car.
An 18-year-old Amazon employee is on the mend after an
alleged road rage incident on his way to work early Sunday morning, June 11,
left him shot in the hand and leg,
according to an news article published by KSAT 12.
The injured teen was driving his usual route to work a little after 2 a.m. on
Sunday when what appeared to be a black Dodge Challenger
started speeding, attempting to cut him off. The teen, who told KSAT 12
he wanted to stay anonymous, said he and the other car began exiting 151 onto
Highway 90.
“I slowed down, he got on the right and he had rolled his window down. He
started talking, so I rolled down mine,” the injured driver said to KSAT 12.
When the teen rolled down his window, the driver of the Challenger pulled out a
gun. The teen put up his hands and replied, "Chill bro, I am just trying to
get to work," he recalled to KSAT 12.
The Amazon worker began to speed away before he heard the glass of his back
window shatter from gunshots. The teen said seven to 10 bullets struck his
car, hitting him in the hand and leg. The teen told KSAT, "I was screaming,
‘No way, no way this is happening.'"
The teen was transported to a local hospital with non-life threatening injuries.
He has since returned home from the hospital and wants to tell others to
avoid dangerous drivers on the roads by ignoring them and not conversing with
them, KSAT 12 said.
mysanantonio.com
Easing Inflation Impacting E-Commerce
Online Prices Down 2.3% In May; Biggest Decline In Three Years
Online prices declined 2.3% year-over-year in May, the biggest drop
recorded since the start of the pandemic, according to the Adobe Digital
Price Index report released today.
The Adobe report is another sign that overall inflation is easing. In April,
consumer price index inflation was below 5% for the first time since June, 2021.
That downward trend is expected to continue when the May CPI numbers are
released.
It also showed a continued trend away from big ticket items, as prices
for staples such as groceries continue rise. The appliance category had its
biggest price drop since Adobe began tracking digital prices in 2014. with
appliance prices down 7.9% year over year.
That echoes recent findings from the Commerce Department’s retail sales figures.
For online prices, May was the ninth consecutive month of an overall,
year-over-year decrease, according to Adobe.
forbes.com
Netflix: Is Password-Sharing a Crime?
On May 25, 2023 streaming content provider Netflix began
enforcing its policy prohibiting the sharing of Netflix accounts even among
family members who are not members of the same “household”—meaning living
together in the same house. It was always
Netflix’s
policy to prohibit such account and password sharing—it’s just that Netflix
finally began enforcing the policy and requiring each separate account holder to
have (and pay for) their own account.
Obviously, password sharing can (and does) deprive Netflix of a stream of
revenue. Netflix is entitled to create a “one account, one login” or “one
account, one household” policy as part of its revenue model and to enforce it.
Sharing passwords and accounts can constitute “theft of services” or a breach
of contract. If I sign up for cable TV, I can’t connect a box to my neighbor
and “share” my cable, but I can invite them over to my house to watch the
Orioles (or Nats) game. Sharing cable or satellite is a crime. So, my giving my
account login information to a third party could constitute theft, fraud, theft
of services, etc.
But is it a “trespass?” The answer is complicated.
securityboulevard.com
J.Crew’s new app gives shoppers a 48-hour headstart on launches
Gen Z likes shopping in stores just as much as they do online, survey finds |
|
|
|
|
|
|
|
Police investigating rash of jewelry store burglaries in NJ; 12 stores in 2
weeks
Police
in Maplewood, Scotch Plains and Union are investigating a string of smash and
grab burglaries that have impacted jewelry stores in New Jersey. The thieves
ripped off about a dozen jewelry stores in these areas in just the past two
weekends, with the most recent occurring Monday morning. At around 3:58 a.m.,
police responded to a call from an alarm company about multiple motion
activations inside Union Jewelers Exchange on Route 22 in Union. Surveillance
footage captured the thieves forcibly entering the front door, using a tire iron
and a sledgehammer.They made out with thousands of dollars' worth of jewelry.
According to Union Police Deputy Chief Scott Breslow, a dozen jewelry stores in
the area have been targeted in similar instances, dating back to June 2nd. Among
the mentioned, these other recent locations include Linden, Woodbridge,
Middletown, Eatontown, Green Brook, Hainesport, Robbinsville, Long Branch, and
Westfield.
abc7ny.com
Gurnee, IL: 4 suspects arrested for stealing thousands of dollars worth of
products from Gurnee Mills mall
Four California residents were arrested after prosecutors say they stole
thousands of dollars in products from the Nike store inside Gurnee Mills mall in
Gurnee. Lake County Assistant State’s Attorney Colleen McConnell said the Gurnee
Police Department was called on May 30 to a retail theft at Gurnee Mills. Five
suspects were reported to have stolen from the Nike Clearance Store. Officers
observed surveillance video and saw several people enter the store with empty
bags, McConnell said. The suspects placed merchandise into the bags and fled.
The suspects got into a vehicle outside the store and the license plate was
obtained, McConnell said. A license plate reader camera alerted officers days
later that the same suspect vehicle was detected again at Gurnee Mills.
McConnell said officers responded and located the same five suspects who were
involved in the May 30 retail theft. They recovered approximately 100 pairs
of shoes. The theft on May 30 resulted in a loss of $3,909.
lakemchenryscanner.com
Manchester, CT: Masked juveniles caught burglarizing Macy's at Shoppes at
Buckland Hills
Three juveniles were arrested at the mall in Manchester over the weekend after
they allegedly tried to steal more than $7,000 worth of jewelry during a
burglary, police said. Police were dispatched to the Macy’s store at the Shoppes
at Buckland Hills, at 194 Buckland Hills Drive, in the late evening hours
Saturday after a loss prevention employee observed on the store’s cameras three
suspects wearing masks at the jewelry displays filling up backpacks with
merchandise, according to the Manchester Police Department. Two of the suspects
were taken into custody following a brief foot pursuit after the first officers
arrived on scene, police said. A Connecticut State Police dog was called to the
scene, as it was believed the third suspect was hiding somewhere in the store,
according to police. South Windsor police helped establish a perimeter around
the building before that suspect was located in the store.
courant.com
Linden, NJ: 4 Newark Residents Charged with Trying to Steal Over $5500 in
Merchandise From Linden Kohl’s
Lower Makefield Township, PA: Police investigating $2500 Retail Theft at Kohl’s
|
|
|
|
|
|
|
|
Shootings & Deaths
Visalia, CA: Footage released after clerk, 16-year-old dead in liquor store
robbery
Footage
from the Visalia store where two people were killed over the weekend has been
released, showing the moment police say an armed 16-year-old pointed a gun at
the two store clerks. The footage released Monday shows the 20-year-old clerk
taking out his gun, and pointing it back at the armed robber. The then shows the
robber running into the parking lot, where he collapses after being shot. The
clerk was identified by the family as 20-year-old Krish Singh. Customers who
knew him stopped by the EZ Mart Liquor Store on Walnut Avenue and Giddings
Street on Monday to light candles and pay their respects.
yourcentralvalley.com
Denver, CO: NBA Finals: 10 wounded in Denver mass shooting after Nuggets win and
suspect taken into custody
Ten
people were wounded in a mass shooting early Tuesday in Denver in an area where
basketball fans had been celebrating the Nuggets first NBA title win, police
said, and a suspect was taken into custody. The shooting happened about 12:30
a.m. — about 3 1/2 hours after the game — and three of the injured were in
critical condition, the Denver Police Department said in a statement. The
suspect, a man, was one of the seven people who suffered injuries believed to be
non-life-threatening.
ksat.com
Vancouver, WA: Fleeing Armed Robbery Suspect Fires on Wash. Police
Body
camera footage released from a Vancouver police shooting last month shows an
armed man running from officers in the lot of a busy Safeway store, pulling a
gun and firing at one responding officer before he was fatally shot and
collapsed on the parking lot pavement. Joshua James Willson, 43, of Vancouver,
suffered multiple wounds to his chest, back and leg, according to the video, and
was pronounced dead at the scene on May 30. Police said Wilson was a suspect in
several armed robberies. Last month’s Vancouver police shooting was the first to
have occurred since the department equipped its officers with body-worn cameras
in February.
officer.com
Robberies,
Incidents & Thefts
Shawnee, KS: Man charged with attempted murder in knife attack on Johnson County
store clerk
A 33-year-old man is charged with attempted murder after allegedly attacking a
store clerk with a knife Friday afternoon in Shawnee. Johnson County prosecutors
charged Amanjit Singh, of Arkansas, with a single count of attempted
first-degree murder. He was being held Monday in the Johnson County jail on a
$500,000 cash bond. On Friday, shortly before 1 p.m., Shawnee police officers
were dispatched to Stonebridge Liquor at 6648 Nieman Road on a reported assault.
The 47-year-old woman was taken to the hospital in critical condition Friday,
police said, and told officers she was attacked by a man who had walked into the
store. Police arrested a suspect later Friday afternoon south of Kansas City.
ca.style.yahoo.com
Lancaster, TX: 15 hospitalized after 'hazardous material leak' at Food
Distribution Center
At least 15 workers have been taken to hospitals after a "hazardous material
leak" at a warehouse in Lancaster, city officials said. The incident happened at
a United Natural Foods (UNFI) distribution warehouse on Danieldale Road,
near Interstate 20 and Interstate 35E. Hazmat crews from Lancaster, Ovilla,
Grand Prairie, Cedar Hill and Glenn Heights responded to the area to investigate
the reported leak. Officials have not confirmed the contents of the leak. The
incident was initially reported as a possible ammonia leak. The warehouse was
also evacuated, but officials added that 15 workers were affected enough by the
leak that they had to be transported to a hospital for treatment. Their
conditions are unknown at this time. In a statement to WFAA, UNFI said workers
began smelling an odor believed to be ammonia around 12 p.m.
wfaa.com
Memphis, TN: Plexiglass blocks burglars at Memphis liquor store
Burglars
trying to break into one Memphis liquor store met their match after the owner
took extra steps to keep his business safe. Around 2 a.m. Monday outside
Southwind Liquor, it was clear the burglars were intent on getting in. Store
owner Boo Weeks said an outside video camera caught it all. “In the video, you
can see him going down and pushing trying to find a weak spot,” he said. Weeks
installed it after his last break-in back in September. It was the ninth at one
of his two stores. “I think we’re probably leading the city in break-ins here or
attempted with nine, so we had to do something because they were stealing
anywhere from 12 to $20,000 a time every time they come in,” Weeks said. Daniels
Sorces with Accent Glass installed the plexiglass and said it’s really hard to
break. “It’s a clear polycarbonate sheet material. It’s similar to acrylic
Plexiglas, but it has some properties to it that won’t let it shatter when
impacted with, said in this case, a hammer. It’s actually fairly unbreakable,”
Sorces explained.
wreg.com
Hamilton, OH: Police chase, apprehend suspect in 3 area Kroger robberies
|
|
•
C-Store – Tucson, AZ –
Armed Robbery
•
C-Store – Houston, TX
– Robbery
•
C-Store – Glen Burnie,
MD – Armed Robbery
•
C-Store – South Hills,
WA – Armed Robbery
•
Cellphone – Las Vegas,
NV – Armed Robbery
•
Clothing – Midland, TX
– Robbery
•
Dollar – St Louis, MO
– Armed Robbery
•
Grocery – King County,
WA – Burglary
•
Grocery - Middletown,
OH - Robbery
•
Hardware – Cheyenne,
WY – Burglary
•
Jewelry – Union, NJ –
Burglary
•
Jewelry – Maplewood,
NJ – Burglary
•
Jewelry – Glen Burnie, MD – Armed Robbery
•
Jewelry - Atlanta, GA - Robbery
•
Jewelry - Orlando, FL - Robbery
•
Jewelry - Lake Grove, NY - Robbery
•
Jewelry - Mission Viejo, CA - Burglary
•
Liquor – Visalia, CA –
Armed Robbery Clerk/ Susp both killed
•
Liquor – Shawnee, KS –
Armed Robbery / clerk stabbed
•
Macy’s - Manchester,
CT – Burglary
•
Marijuana – Warren, MI
– Armed Robbery / shots fired
•
Pawn – Manhattan, KS –
Burglary
•
Pharmacy – Cumberland
County, NJ – Armed Robbery
•
Restaurant- San
Francisco, CA – Burglary
Daily Totals:
• 16 robberies
• 8 burglaries
• 2 shootings
• 2 killed |
Click to enlarge map
|
|
|
|
|
None to report.
|
Submit Your New Hires/Promotions or New
Position
See all the Industry Movement |
|
|
|
Feature Your Job Here For 30 Days -
70% Aren't On The Boards
Post your job listing |
|
Featured Job Spotlights
An Industry Obligation - Staffing
'Best in Class' Teams
Every one has a role to play in
building an industry.
Filled your job? Any good candidates left over?
Help your colleagues - your industry - Build 'Best in
Class' teams.
Refer the Best & Build the Best
Quality - Diversity - Industry Obligation
Director of Retail Solutions - North America
Denver, CO - posted
April 5
This role will be focused on selling our SaaS retail crime intelligence platform
by developing new prospects, and progressing Enterprise level prospects through
our sales process. You will report directly to the VP of Retail Solutions -
North America, and work alongside our Marketing, Partnerships and Customer
Success team to grow our customer base...
Asset Protection Manager
Remote - posted
May 30
The Asset Protection Manager is responsible for supporting global field and
corporate operations execution of asset protection processes. This role has
analysis-based responsibilities as well as investigation and recovery of losses
within an assigned Region...
Region Asset Protection Manager: Fresco y Mas Banner
(Bilingual Required)
Miami, FL - posted
May 17
Responsible for managing asset protection programs designed to minimize shrink,
associate and customer liability accidents, bad check and cash loss, and safety
incidents for stores within assigned region. This position will develop the
framework for the groups’ response to critical incidents, investigative needs,
safety concerns and regulatory agency visits...
Store Loss Prevention Manager
Tacoma, WA - posted
April 24
Store Loss Prevention Managers are responsible for leading Loss Prevention
functions within a specific location and for partnering with Store Operations in
an effort to prevent company loss. You will be responsible for driving company
objectives in profit and loss control, sales performance, customer satisfaction,
and shrink results...
Manager, Regional Loss Prevention
Minneapolis, MN -
posted April 4
This position is responsible for managing all aspects of loss prevention for a
geographic area to reduce and control shortage and other financial losses in
124+ company stores. The coverage areas average $850+ million in sales
revenue...
Corporate Risk Manager
Charlotte or Raleigh, NC - posted
February 14
Summary of Role and Responsibilities: Proactive approach to preventing
losses/injuries whether they are to our employees, third parties or customers
valuables. They include cash in transit, auto losses or injuries; Report all
incidents, claims and losses which may expose the company to financial losses
whether they are covered by insurance or not...
|
|
Featured Jobs
To apply to any of today's Featured Jobs,
Click Here
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
How you leave an employer and how you start with a new employer are very
critical segments of time because they can tend to label executives and those
labels can last a very long time. Interesting how short the time periods are
relative to an executive's actual career. But the exiting process and the
on-boarding periods leave long-term impressions that follow executives.
Regardless of why an executive leaves, the important thing is to leave
professionally, quietly and making sure the employer has a detailed report on
all of your projects and work. And most certainly respect their intellectual
property which, in today's world, virtually every company has been a victim of
intellectual property theft. According to most recent surveys, 33% of employees
have stolen intellectual property and this is a major concern for every company
and is the primary reason some employers require the departing executive to
leave the day of their resignation.
Just a Thought, Gus
|
Post Your Tip or Advice!
(content subject to approval) |
|
|
See More Events |
Recruiting? Get your job e-mailed to
everyone... everyday Post on our
Featured Jobs Board! |
|
Not getting the Daily?
Is it ending up in
your spam folder?
Please make sure to add d-ddaily@downing-downing.com to your contact list, address book, trusted sender
list, and/or company whitelist to ensure you receive our newsletter.
Want to know how?
Read Here
|
|
36615 Vine Street, Suite 103 Willoughby, OH 44094
440.942.0671 copyright 2009-2019 all rights reserved globally |