Category: Agency News

CREWS commits additional funding to strengthen Early Warning Systems in the Caribbean

Agency News, Industry News, Power/Energy/Oil & Gas sector, Water sector

Different and multiple hazards, such as severe weather conditions in land and at sea, droughts, hurricanes, floods, and earthquakes, pose a serious threat to the Caribbean, which is one of the most disaster-prone regions in the world. Combined, geological and hydro-meteorological hazards have affected more than 100 million people in the region, causing significant economic losses and casualties.

The development of Early Warning Systems has been identified by the Sendai Framework for Disaster Risk Reduction 2015–2030, the 2030 Agenda for Sustainable Development, and the Paris Agreement as a key pathway to prevent disasters and reduce the negative impacts of multiple hazards.

As defined by the UNDRR, Multi-hazard Early Warning Systems are "an integrated system of hazard monitoring, forecasting and prediction, disaster risk assessment, communication and preparedness activities systems and processes that enables individuals, communities, governments, businesses and others to take timely action to reduce disaster risks in advance of hazardous events".

The Climate Risk and Early Warning Systems Initiative (CREWS) is a mechanism that provides financial support to Least Developed Countries (LDCs) and Small Island Developing States (SIDS) to establish risk-informed early warning services, implemented by three partners, based on clear operational procedures. CREWS has recently donated an additional $1 million to support the project Strengthening Hydro-Meteorological and Early Warning Services in the Caribbean , which will be implemented by UNDRR in 2022.

The project aims to strengthen Early Warning Services (EWS) in the Caribbean and to articulate the response capacity of individuals, institutions, and communities through the development of a regional strategy to strengthen and streamline early warning and hydro-meteorological services. This includes developing appropriate approaches to risk-informed decision-making for EWS, identifying gaps in risk assessment at regional and national levels, and evaluating the resilience of already existing infrastructure such as forecasting centres, shelters, and National Meteorological and Hydrological Services. The project will also examine opportunities for building partnerships with the private sector and assess socio-economic benefits to ensure the sustainability of investments and activities.

This project aligns with the Sendai Framework and focuses on the implementation of target G, which aims to “substantially increase the availability of and access to multi-hazard early warning systems and disaster risk information and assessments to people by 2030”. The Sendai 7 campaign of the 2022 International Day for Disaster Risk Reduction will be focusing on this same target. Ensuring access to Multi -hazard Early Warning Systems in the Caribbean is regarded as a tool that enables individuals, communities, governments, businesses, and other stakeholders to take timely action to reduce disaster risk in advance of hazardous events.

This is also a matter of urgency, as disclosed in the Regional Assessment Report on Disaster Risk in Latin America and the Caribbean (RAR21), published last year: “In the short and medium term the occurrence of new mega-disasters in the region is almost inevitable given the extreme risk embedded there. It is therefore urgent to strengthen corrective and reactive management capabilities, especially early warning systems, preparedness and response.”

Leave a comment , , ,

Landmark IPCC report must be wake-up call for greater investment in disaster risk reduction

Agency News, Organisation Types, Transport sector, Water sector

Following the release of the IPCC Working Group II Report on Impacts, Adaptation and Vulnerability, Mami Mizutori, Special Representative of the UN Secretary-General for Disaster Risk Reduction, issued the following statement:

The findings of the latest IPCC report are dire. Communities around the world are being affected by climate change at a magnitude worse than expected. The devastating impacts of climate disasters are affecting every part of the world.

As the UN Secretary-General António Guterres said today “The IPCC report is an atlas of human suffering and a damning indictment of failed climate leadership.”

Many of the changes are at risk of becoming irreversible. On our current trajectory, the world is set to breach the 1.5 °C safe global temperature limit by the early 2030s, spiralling to dangerous levels of disaster risk. Almost half the human population is already in the danger zone

It is incomprehensible that we knowingly continue to sow the seeds of our own destruction, despite the science and evidence that we are turning our only home into an uninhabitable hell for millions of people.

Based on current trends, a record increase in medium and large-scale disasters is expected with droughts doubling, and extreme temperature events almost tripling to 2030. Overall, disaster events have doubled in the last 20 years compared to the previous 20 years. If countries and governments do not manage it properly and respond to the climate emergency with urgency, there’s a very real chance that we’ll see them double again.

Yet the world also has an opportunity to meet these challenges. At the Global Platform for Disaster Risk Reduction in Bali, Indonesia this May, organised by the UN and hosted by Indonesia, leaders will gather to discuss how to accelerate action for reducing these risks.

The IPCC report points to many solutions on improving regional and local information, providing sound data and knowledge for decision makers. This does work. Countries have succeeded in saving many lives through improved early warning systems and preparedness.

But climate disasters will undoubtedly worsen. There are very low levels of investments in disaster prevention and disaster risk reduction for the world’s most vulnerable countries on the front lines of impacts. We need to ramp up investment in disaster prevention if we are to cope with the exponential rise of disaster events in recent decades.

A crucial recommendation in the report today is the need for climate-resilient development – inclusive governance that embeds finance and actions across governance levels, sectors and timeframes.

Furthermore, all countries are impacted by climate change, but not in the same way. The most vulnerable communities and nations are the hardest hit, and need greater support on climate finance to adaptation and to avert, minimize and address losses and damages. This means increasing financing for climate change adaptation from tens to hundreds of million dollars.

We need to ensure that regulations and funding take into account disaster risk and that climate risk in financial markets is disclosed. Governments need to make disaster resilience a priority through dedicated funding to prevention.

Leave a comment , , ,

Fourth radio interface technology added to 5G standards

Agency News, Industry News, Telecomms sector

Members of the International Telecommunication Union (ITU) today approved a fourth technology as part of ongoing standards development for 5G mobile services.

Known as “DECT 5G-SRIT", the new technology supports a range of uses, from wireless telephony and audio streaming to industrial Internet of Things (IoT) applications, particularly in smart cities.

It was added in the first revision to ITU's key recommendation IMT-2020, which broadly encompasses fifth-generation, or 5G, networks, services, and devices.

This ITU Radiocommunication Sector (ITU-R) Recommendation – providing a set of global technical 5G standards – reflects continual consultation and discussion among governments, companies, regulators, and other stakeholders dealing with radiocommunication worldwide.

Along with fostering connectivity across borders, ITU promotes the global rollout of 5G as a key driver to achieve the UN's 17 Sustainable Development Goals.​

“New and emerging technologies like 5G will be essential to build an inclusive, sustainable future for all people, communities and countries," said ITU's Secretary-General, Houlin Zhao. “Under the ongoing International Mobile Telecommunications or IMT programme, our diverse global membership continues its long-standing contribution to advance broadband mobile communications, furthering our mission to leave no one behind in connecting the world."

A new radio interface technology

ITU – the United Nations agency entrusted with coordinating radio-frequency spectrum worldwide - published the specifications for the new technology as Recommendation ITU-R M.2150-1.

The technology is designed to provide a slim but strong technical foundation for wireless applications deployed in a range of use cases, from cordless telephony to audio streaming, and from professional audio applications to the industrial Internet of Things (IoT) applications, such as building automation and monitoring.

The European Telecommunications Standards Institute (ETSI) laid the essential groundwork jointly with the DECT Forum, a worldwide association of the digital enhanced cordless telecommunications (DECT) or wireless technology industry.

Leave a comment , ,

NCSC advises organisations to act following Russia’s attack on Ukraine

Agency News, Cyber Security CII sector, Industry News

Following Russia’s unprovoked, premeditated attack on Ukraine, the National Cyber Security Centre continues to call upon on organisations in the UK, and beyond, to bolster their online defences.

The NCSC – which is a part of GCHQ – has urged organisations to follow its guidance on steps to take when the cyber threat is heightened.

While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, there has been an historical pattern of cyber attacks on Ukraine with international consequences.

The guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack.

For the NCSC Guidance visit https://www.ncsc.gov.uk/guidance/actions-to-take-when-the-cyber-threat-is-heightened

Leave a comment , , , ,

Information Technologies for Managing Federal Use

Agency News, Industry News, Transport sector

Radio-frequency spectrum is a scarce natural resource vital to many commercial and government activities, including weather observation, air traffic control, and national defense. NTIA and government agencies have a responsibility to manage their spectrum use wisely. To do so, agencies rely on different spectrum-related IT, but NTIA has recently highlighted that existing IT is out-of-date and hinders spectrum management.

Federal officials said modernization of spectrum-related federal IT could provide benefits such as greater sharing of the limited spectrum and improved efficiency. For example, the current process for assigning spectrum relies on manual reviews of frequency requests and manual input of data. Automation could reduce errors and speed the process.

The FY21 NDAA contains a provision for GAO to review the current spectrum-related IT of covered agencies. This report describes (1) the existing spectrum-related IT that covered agencies employ to manage their spectrum use, and (2) the opportunities covered agencies and NTIA identified for improving spectrum management through IT modernization. The FY21 NDAA also contains a provision for GAO to conduct oversight of the implementation of agencies' spectrum-related IT modernization plans. This topic will be the subject of future GAO work.

Federal agencies use a variety of information technologies (IT) to manage their use of radio-frequency spectrum. The William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (FY21 NDAA) required the National Telecommunications and Information Administration (NTIA) and covered agencies to develop plans to modernize their spectrum-related IT (i.e., the software, databases, and other tools that comprise their spectrum infrastructure).

Currently, the NTIA provides agencies with some spectrum-related IT systems, such as software, databases, and engineering tools, so that they can participate in NTIA's spectrum management processes. These processes include assigning frequencies for agencies to use and certifying spectrum-dependent equipment. GAO found that all 20 agencies covered by the FY21 NDAA modernization requirement rely at least in part on NTIA-provided IT to manage their spectrum use. Additionally, most of these agencies—DOD and the Federal Aviation Administration, in particular—augment NTIA-provided IT with additional spectrum-related IT that meets their unique mission needs.

Many of the officials GAO interviewed broadly agreed that modernizing spectrum-related IT could provide opportunities to improve spectrum management, mostly related to the following: (1) improving current spectrum management processes by addressing some limitations in existing spectrum-related IT and (2) facilitating the potential for greater spectrum sharing (i.e., enabling more than one spectrum user to use the same frequency band without interfering with each another). As NTIA and the covered agencies advance their modernization efforts in 2022, it is not yet clear if their plans will target these opportunities.

 

Leave a comment , ,

CISA and FBI Publish Advisory to Protect Organizations from Destructive Malware Used in Ukraine

Agency News, Cyber Security CII sector, Industry News

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint Cybersecurity Advisory today providing an overview of destructive malware that has been used to target organizations in Ukraine as well as guidance on how organizations can detect and protect their networks. The joint Advisory, “Destructive Malware Targeting Organizations in Ukraine,” provides information on WhisperGate and HermeticWiper malware, both used to target organizations in Ukraine.

Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data. While there is no specific, credible threat to the United States at this time, all organizations should assess and bolster their cybersecurity. Some immediate actions that can be taken to strengthen cyber posture include:

- Enable multifactor authentication;
- Set antivirus and antimalware programs to conduct regular scans;
- Enable strong spam filters to prevent phishing emails from reaching end users;
- Update software; and
- Filter network traffic.

“In the wake of continued denial of service and destructive malware attacks affecting Ukraine and other countries in the region, CISA has been working hand-in-hand with our partners to identify and rapidly share information about malware that could threaten the operations of critical infrastructure here in the U.S.,” said CISA Director Jen Easterly. “Our public and private sector partners in the Joint Cyber Defense Collaborative (JCDC), international computer emergency readiness team (CERT) partners, and our long-time friends at the FBI are all working together to help organizations reduce their cyber risk.”

"The FBI alongside our federal partners continues to see malicious cyber activity that is targeting our critical infrastructure sector," said FBI Cyber Division Assistant Director Bryan Vorndran. "We are striving to disrupt and diminish these threats, however we cannot do this alone, we continue to share information with our public and private sector partners and encourage them to report any suspicious activity. We ask that organizations continue to shore up their systems to prevent any increased impediment in the event of an incident."

Executives and leaders are encouraged to review the advisory, assess their environment for atypical channels for malware delivery and/or propagation through their systems, implement common strategies, and ensure appropriate contingency planning and preparation in the event of a cyberattack.

CISA has updated the Shields Up webpage to include new services and resources, recommendations for corporate leaders and chief executive officers, and actions to protect critical assets. Additionally, CISA has created a new Shields Up Technical Guidance webpage that details other malicious cyber activity affecting Ukraine. The webpage includes technical resources from partners to assist organizations against these threats.

Leave a comment , ,

Critical Infrastructure Protection: Agencies Need to Assess Adoption of Cybersecurity Guidance

Agency News, Cyber Security CII sector, Health & Social Care, Industry News, Power/Energy/Oil & Gas sector, Space Sector, Telecomms sector, Transport sector, Water sector

Federal agencies with a lead role to assist and protect one or more of the nation's 16 critical infrastructures are referred to as sector risk management agencies (SRMAs). The SRMAs for three of the 16 have determined the extent of their sector's adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity (framework). In doing so, lead agencies took actions such as developing sector surveys and conducting technical assessments mapped to framework elements. SRMAs for four sectors have taken initial steps to determine adoption (see figure). However, lead agencies for nine sectors have not taken steps to determine framework adoption.

Status of Framework Adoption by Critical Infrastructure Sector

Regarding improvements resulting from sector-wide use, five of the 16 critical infrastructure sectors' SRMAs have identified or taken steps to identify sector-wide improvements from framework use, as GAO previously recommended. For example, the Environmental Protection Agency identified an approximately 32 percent overall increase in the use of framework-recommended cybersecurity controls among the 146 water utilities that requested and received voluntary technical assessments. In addition, SRMAs for the government facilities sector identified improvements in cybersecurity performance metrics and information standardization resulting from federal agencies' use of the framework. However, SRMAs for the remaining 11 sectors did not identify improvements and were not able to describe potential successes from their sectors' use of the framework.

SRMAs reported various challenges to determining framework adoption and identifying sector-wide improvements. For example, they noted limitations in knowledge and skills to implement the framework, the voluntary nature of the framework, other priorities that may take precedence over framework adoption, and the difficulty of developing precise measurements of improvement were challenges to measuring adoption and improvements. To help address challenges, NIST launched an information security measurement program in September 2020 and the Department of Homeland Security has an information network that enables sectors to share best practices. Implementing GAO's prior recommendations on framework adoption and improvements are key factors that can lead to sectors pursuing further protection against cybersecurity threats.

The U.S. has 16 critical infrastructure sectors that provide clean water, gas, banking, and other essential services. To help protect them, in 2014 the National Institute of Standards and Technology developed cybersecurity standards and procedures that organizations within these sectors may voluntarily use. Federal agencies are charged with leading efforts to improve sector security.

The GAO have found agencies have measured the adoption of these standards and procedures for 3 of 16 sectors and have identified improvements across 2 sectors. For example, the EPA found a 32% increase in the use of recommended cybersecurity controls at 146 water utilities.

Leave a comment , ,

2021 Trends Show Increased Globalized Threat of Ransomware

Agency News, Cyber Security CII sector, Industry News

In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) observed incidents involving ransomware against 14 of the 16 U.S. critical infrastructure sectors, including the Defense Industrial Base, Emergency Services, Food and Agriculture, Government Facilities, and Information Technology Sectors. The Australian Cyber Security Centre (ACSC) observed continued ransomware targeting of Australian critical infrastructure entities, including in the Healthcare and Medical, Financial Services and Markets, Higher Education and Research, and Energy Sectors. The United Kingdom’s National Cyber Security Centre (NCSC-UK) recognizes ransomware as the biggest cyber threat facing the United Kingdom. Education is one of the top UK sectors targeted by ransomware actors, but the NCSC-UK has also seen attacks targeting businesses, charities, the legal profession, and public services in the Local Government and Health Sectors.

Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors’ growing technological sophistication and an increased ransomware threat to organizations globally.

This joint Cybersecurity Advisory—authored by cybersecurity authorities in the United States, Australia, and the United Kingdom—provides observed behaviors and trends as well as mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.

Full report can be downloaded here >>

Leave a comment , ,

FEMA Resources for Climate Resilience

Agency News, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector, Water sector

As climate change increases disaster risks across the country, emergency managers and government officials are beginning to implement strategies to build community resilience. FEMA Resources for Climate Resilience provides a roadmap of Federal Emergency Management Agency (FEMA) programs and initiatives that advance community climate resilience. FEMA Resources for Climate Resilience assists FEMA’s state, local, tribal, and territorial (SLTT) partners in navigating the FEMA resources that are available to support communities in mitigating impacts of climate change.

Building resilience is a long-term, ongoing cycle that requires multiple steps to accomplish. Each section of the FEMA Resources for Climate Resilience corresponds with a step in that cycle and provides information about FEMA services, programs, and grants available to SLTT partners. Each SLTT partner has a unique experience with FEMA and has participated in different elements of the resilience cycle. SLTT partners with limited FEMA experience may choose to start from the beginning of FEMA Resources for Climate Resilience, while other SLTT partners may navigate directly to their program of choice.

Each section of FEMA Resources for Climate Resilience provides a brief description of the program, service, or grant, an overview of who can apply, examples of the FEMA programs in action, and helpful tools and resources for learning more about the program, service, or grant. In addition, where applicable, FEMA Resources for Climate Resilience also points out areas where equity can be prioritized. FEMA Resources for Climate Resilience explains how existing tools, such as the National Risk Index (Risk Index), can assist SLTT governments and their communities, right now, in making informed planning decisions including considerations of impacts from future weather conditions.

FEMA Resources for Climate Resilience also provides a quick glance at FEMA funding sources, such as the Building Resilient Infrastructure and Communities (BRIC) program, designed to support communities in building capability and capacity to mitigate the increasing impacts of climate change.

FEMA Resources for Climate Resilience is available to download at https://www.fema.gov/sites/default/files/documents/fema_resources-climate-resilience.pdf

Leave a comment , ,

DHS Issues National Terrorism Advisory System (NTAS) Bulletin

Agency News, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector

The Secretary of Homeland Security Alejandro N. Mayorkas has issued a National Terrorism Advisory System (NTAS) Bulletin regarding the continued heightened threat environment across the United States. This is the fifth NTAS Bulletin issued by the Department of Homeland Security since January 2021.

“DHS remains committed to proactively sharing timely information and intelligence about the evolving threat environment with the American public,” said Secretary Alejandro N. Mayorkas. “We also remain committed to working with our partners across every level of government and in the private sector to prevent all forms of terrorism and targeted violence, and to support law enforcement efforts to keep our communities safe. This NTAS Bulletin outlines the key factors that have increased the volatility, unpredictability, and complexity of the current threat environment, and highlights resources for individuals and communities to stay safe.”

The United States remains in a heightened threat environment fueled by several factors, including an online environment filled with false or misleading narratives and conspiracy theories, and other forms of mis- dis- and mal-information (MDM) introduced and/or amplified by foreign and domestic threat actors. These threat actors seek to exacerbate societal friction to sow discord and undermine public trust in government institutions to encourage unrest, which could potentially inspire acts of violence. Mass casualty attacks and other acts of targeted violence conducted by lone offenders and small groups acting in furtherance of ideological beliefs and/or personal grievances pose an ongoing threat to the nation.

While the conditions underlying the heightened threat landscape have not significantly changed over the last year, the convergence of the following factors has increased the volatility, unpredictability, and complexity of the threat environment: (1) the proliferation of false or misleading narratives, which sow discord or undermine public trust in U.S. government institutions; (2) continued calls for violence directed at U.S. critical infrastructure; soft targets and mass gatherings; faith-based institutions, such as churches, synagogues, and mosques; institutions of higher education; racial and religious minorities; government facilities and personnel, including law enforcement and the military; the media; and perceived ideological opponents; and (3) calls by foreign terrorist organizations for attacks on the United States based on recent events.

DHS and the Federal Bureau of Investigation (FBI) continue to share timely and actionable information and intelligence with the broadest audience possible. This includes sharing information and intelligence with our partners across every level of government and in the private sector. Under the Biden-Harris Administration, DHS is prioritizing combating all forms of terrorism and targeted violence, including through its efforts to support the first-ever National Strategy for Countering Domestic Terrorism. Since January 2021, DHS has taken several steps in this regard, including:

  • established a new domestic terrorism branch within DHS’s Office of Intelligence and Analysis dedicated to producing sound, timely intelligence needed to counter domestic terrorism-related threats;
  • launched the Center for Prevention Programs and Partnerships (CP3) to provide communities with resources and tools to help prevent individuals from radicalizing to violence;
  • designated domestic violent extremism as a “National Priority Area” within DHS’s Homeland Security Grant Program for the first time, resulting in at least $77 million being spent on preventing, preparing for, protecting against, and responding to related threats nationwide;
  • provided $180 million in funding to support target hardening and other physical security enhancements to non-profit organizations at high risk of terrorist attack through DHS’s Nonprofit Security Grant Program (NSGP);
  • increased efforts to identify and evaluate MDM, including false or misleading narratives and conspiracy theories spread on social media and other online platforms, that endorse violence; and,
  • enhanced collaboration with public and private sector partners – including U.S. critical infrastructure owners and operators – to better protect our cyber and physical infrastructure and increase the Nation’s cybersecurity through the Department’s Cybersecurity and Infrastructure Security Agency (CISA).

DHS also has renewed its commitment to ensure that all efforts to combat domestic violent extremism are conducted in ways consistent with privacy protections, civil rights and civil liberties, and all applicable laws.

This NTAS Bulletin will expire on June 7, 2022. This NTAS Bulletin provides the public with information about the threat landscape facing the United States, how to stay safe, and resources and tools to help prevent an individual’s radicalization to violence. The public should report any suspicious activity or threats of violence to local law enforcement, FBI Field Offices, or a local Fusion Center.

Leave a comment , ,
1 19 20 21 22 23 42