Training: Learn how to do your own risk assessment

March 14, 2012

Organizations wishing to do their own risk assessment for their Nonprofit Security Grant Program application should consider attending this workshop. It is good knowledge to have.

Training – Enhanced Threat and Risk Assessment Course for Faith Based Organizations – March 22-23, 2012

On March 22 and 23 (9 AM – 5 PM) at the NYC Office of Emergency Management (165 Cadman Plaza East, Brooklyn), the NYC Office of Emergency Management will be hosting a workshop on Enhanced Threat and Risk Assessment Course for Faith Based Organizations.  This workshop will provide attendees with the skills necessary to conduct a comprehensive assessment of the critical vulnerabilities on their facilities and develop an action plan to prevent, reduce, and/or mitigate the potential damage from a terrorism incident.  At the end of this course participants will be able to conduct a hands‐on assessment of a facility using the techniques learned in this class and produce a written report outlining the vulnerabilities of that facility.  The intended audience are members of faith based organizations charged with security for their facilities.  Please feel free to contact Training@oem.nyc.gov with any questions or comments.  To register, visit here.

Security Grant Package Released-Due April 16

March 06, 2012
The FY 2012 Urban Areas Security Initiative (UASI) Nonprofit Security Grant Program (NSGP) has been posted on the DHSES website and is ready for immediate action by interested eligible nonprofits.  A maximum of up to $75,000 in grant funds can be applied for.   The RFA and other required documents can be found at  http://www.dhses.ny.gov/grants/rfa-uasi-nsgp.cfm .
The due date for applications is 11:59 PM on April 16, 2012.  Any applications received after that date and time will not be considered.
Please note that only eligible nonprofits from the NYC UASI region (includes New York City and the counties of Nassau, Suffolk and Westchester) may apply. 
NYS Division of Homeland Security and Emergency Services
1220 Washington Avenue
State Office Campus, Bldg. 7A
Albany, NY  12242
grants@dhses.ny.gov
1-866-837-9133

 

Nonprofit security grants: details and training

March 01, 2012
  • New York Nonprofit Homeland Security Grant application will be available next week and due mid-April 2012
  • Grant workshops & webinar scheduled for Monday, March 12, 2012
Nonprofit Security Grant Application Workshop
Monday, March 12, 2012
Join us in person in Manhattan or Westchester or via a live webinar of the workshop on your desktop computer (you will need a highspeed internet connection and speakers or earphones).
  • Manhattan: 11:30AM-1:00PM, 130 East 59th Street@Lexington Ave.
  • Westchester: 7:30-8:30 PM, Scarsdale Synagogues-Temples Tremont and Emanu-El, 2 Ogden Road, Scarsdale
  • Webinar (Sign-on instructions will be sent as reservations are received).
Note: Reservations are a must. Click here to reserve.

For further information call David Pollock at the JCRC-NY at (212) 983-4800, ext. 132 or email him here.
We would like to thank our colleagues at the New York State Office of Homeland Security and all those involved with the Homeland Security Information Network (HSIN) for helping us provide this important webinar.

  Overview: Nonprofit Security Grant Program FY 2012

There have been minimal changes from last year. The basics follow:

Grant amounts. Approximately 150 nonprofit organizations nationally will share the $10,000,000 allocated to this grant. Eligible applicants will be able to apply for up to $75,000 to bolster their physical security and conduct preparedness training. There is no match requirement this year.

Eligibility. Applicants must be tax exempt organizations (under IRS Section 501(c)(3)) located in New York City, Nassau, Suffolk or Westchester. Unless a New York nonprofit is located within these jurisdictions it is not eligible to apply. Those located outside New York should click here to check whether they are in an eligible jurisdiction.

Equipment. The grant funds two categories of security equipment and activities: Physical Security Enhancement Equipment; and/or Inspection and Screening Systems. Any improvements requested under this program must fall within one of these equipment categories. A more detailed list can be found here.

Training. Nonprofit organization personnel may only use FY 2012 NSGP funds to attend security-related training courses and programs within the United States. Allowable training topics are limited to the protection of critical infrastructure key resources, including physical and cyber security, target hardening, and terrorism awareness/employee preparedness. Training conducted using FY 2012 NSGP funds must address a specific threat and/or vulnerability, as identified in the nonprofit’s Investment Justification.

Previous grantees/new applicants. Organizations that received grants in previous years are eligible to apply again for a FY 2012 award. However, new applicants receive a bonus point on their ranking score.

Investment Justification. The key element of the application is the Investment Justification (IJ) which can be viewed here. Applicants are required to submit their answers via an Excel spreadsheet (available when the New York State Division of Homeland Security and Emergency Services releases its Request for Applications). The questions and requirements are substantially the same as in past years.

Ongoing guidance. Remember, check out the JCRC-NY’s Security Grant Website often for suggestions on how to start collecting information (e.g., your vulnerability assessment, DUNS number, etc.) even before the application is released.
For further information. The Security Grant Website has a wealth of information and tips. Please check it first. If you need further information, call David Pollock at the JCRC-NY at (212) 983-4800, ext. 132 or email him here.

Caution. If you choose to download the DHS guidance here, be prepared to be confused. The “Grantee” referred to in the guidance is New York State. Our SAA is the New York State Division of Homeland Security and Emergency Services (NY DHSES). Nonprofit organizations will have to submit applications to the NY DHSES to be evaluated, prioritized and forwarded to Washington.

Kudos to the movers and shakers. The fact that there is a FY2012 program is due to the ongoing work and incredible professionalism of a coalition, led by the Jewish Federations of North America/JFNA and its Senior Director, Legislative Affairs, Rob Goldberg (with JCRC-NY and UJA-Federation playing active roles). The JFNA Washington Office, directed by William Daroff, is the lynchpin in this process and deserves our collective thanks.

We owe a special debt of gratitude to those dedicated public servants who actually administer the grants and answer our questions, especially Shelley Wahrlich, Steve Tierney and Valerie Bloomer. This program could not be successful without their dedication, patience and expertise.

Worrying about Iran

February 05, 2012

For years, intelligence sources have concluded that a confrontation over Iran’s nuclear program could have spillback here in New York City. The 1994 bombing of the AMIA building in Buenos Aires shows that Iranian intelligence operatives and Hezbollah terrorists have no compunctions about killing Jews. Last summer’s interrupted plot to kill the Saudi Ambassador in Washington, DC indicates that Iran’s Revolutionary Guards are willing to commission terrorist acts on U.S. soil. Iran’s leader Ayatollah Ali Khamenei threatened the state of Israel during a weekly sermon in Tehran on Friday. “We have intervened in anti-Israel matters, and it brought victory in the 33-day war by Hezbollah against Israel in 2006, and in the 22-day war…From now on, in any place, if any nation or any group confronts the Zionist regime, we will endorse and we will help…[Israel is a] cancerous tumor that should be cut and will be cut.”

While there is no specific threat against the New York Jewish community, the NYPD increased its coverage of Israeli and high-profile Jewish targets on Friday, deploying its Atlas and Sampson units. Consider the following recommendations:

  1. The JCRC recommends that Jewish groups should review their security operations, paying particular attention to access control and detecting hostile surveillance. For more tips, see the JCRC Security Resources page at: www.jcrcny.org/securityresources. Remember, if you see something, say something. Call 1-877-NYCSAFE.
  2. While the details are currently being negotiated, it is likely that there will be a Nonprofit Security Grant Program for the coming year. The DHS guidance should be released on or about February 23rd. Applicants may not have much time to apply. Therefore review the grant requirements from last year at www.jcrcny.org/securitygrants. The most important recommendation is to update your vulnerability assessment. Learn about vulnerability assessments here. 

Prospects for NSGP 2012

January 18, 2012

Will there be a Nonprofit Security Grant Program in 2012?
On December 23rd, the President signed into law the Consolidated Appropriations Bill for FY2012, including funding for Homeland Security. The bill contained contained changes to the 12 current Homeland Security State and Local Grant Programs.

For the first time, Congress included the Nonprofit Security Grant Program (NSGP), as a stand alone program, one of the 12 that is no longer attached to the Urban Area Security Initiative (UASI). UASI is a program with geographic limitations that may no longer apply to NSGP in FY2012.

  1. The changes give the Secretary of Homeland Security new discretionary authority to determine both the allocations to be dispersed among the 12 grant programs (virtually all of the state and local funding distributed by DHS), and, for NSGP, the geographic areas for inclusion (Last year NSGP applicants were required to be located in a Tier 1 UASI. Congress gave the Secretary discretion to define the areas or to require no area at all). 
  2. Total funding for the 12 grant programs was provided this year as a single allocation, at a significantly reduced amount (a cut near $860 million or 43%). The Secretary will determine how the allocation will be split among the grant programs.

By law, the Federal Emergency Management Agency (FEMA), which administers the grant programs, must publish its grant guidance for these programs on or about February 23rd. The reforms of the DHS grant programs raise questions about the future direction  of the NSGP. In advance of this guidance, the Washington Office of JFNA will be meeting with senior officials at the Department of Homeland Security to advocate for a strong NSGP program. All of us owe the Washington Office of JFNA our deepest gratitude.

JCRC-NY guidance
Once the guidelines are published at the end of February, JCRC-NY will update our guidance materials based on the new grant materials and schedule tranings. For further information contact David Pollock at pollockd@jcrcny.org. You may obtain guidance from the JCRC at www.jcrcny.org/securitygrants and the Jewish Federations of North America at: www.jewishfederations.org/homelandsecurity.


White supremacist may pose a threat

December 29, 2011

UPDATE: December 29. Danny Warner was arrested by local police in Lake Havasu, Arizona without incident. He is being charged with being a convicted felon in possession of ammunition, and there are additional charges expected.

A known White supremacist might pose a security threat to Jews or Jewish institutions, probably in the South. He is considered armed and dangerous.

While the available information indicates that he intends to head to the South, it is worthwhile to review your security procedures, especially those dealing with access control and hostile surveillance. See the JCRC resources available at www.jcrcny.org/securityresources.

The ADL bulletin below has some excellent suggestions in their alert.


Anti-Defamation League
SECURITY ALERT

December 28, 2011

We wanted to alert you to a potential security threat involving Danny Lee Warner, Jr., a white supremacist.  In a letter allegedly sent by Danny to his wife last week, he told her, “I’m headed down South to kill some niggers and Jews until the government gets me- hopefully I’ll get enough to make it all worth it before I go.”  Warner has a long history of serious violence and spent most of the last decade in prison in Utah.  While in prison, he was active in the Silent Aryan Warriors (SAW), a white supremacist prison gang.

He was last known to be in Chippewa Falls, WI, where he located after being released from prison.  The letter to his wife was postmarked on 12/19/11 from Cedar Rapids, Iowa.  His current whereabouts are unknown. Possible states of destination include: IA, NJ, NY, MT & UT.

He is believed to potentially be armed and driving a red 2002 GMC Envoy, WI license plate #364TFL.  He was born 11/29/1974.  His description is as follows: Male, Caucasian, 6’2’’, 190 lbs, brown hair, hazel eyes, tattoos. Aliases may include: Tyrsegil Bloodketil, Danny Jay Potter, Danny Peterson, or Jody White.  He may use the prison gang moniker of Tombstone or Swift.

He is currently wanted in Wisconsin on probation violation.

Each communal institution should review its security plans and procedures in light of this situation.   Each institution should consider having a plan in place for responding if this person shows up at the institution.   Moreover, each institution should consider reaching out to their local law enforcement contacts to discuss this matter.

If he visits your institution, contact law enforcement immediately, and then ADL.

As always, we recommend using this as an opportunity to review your security policies and procedures and encourage you to do the following:

  • Keep your eyes and ears open for anything unusual or suspicious and call law enforcement immediately if you come across something. Unusual behavior should be promptly reported to the police or security personnel.
  • Consider not letting anybody you don’t know into your facility, and not allowing any new visitor to your facility roam around unescorted.
  • Ensure that your staff members, including newly hired personnel, know what to do in the event of an emergency, and that they know your policy on when to allow persons to enter the facility.
  • Make sure to use the security devices you have in place and that access controls are being used properly.  For example, ensure that communications equipment (for instance, walkie-talkies) and video cameras are working and properly used.
  • Review and practice security procedures.  In particular, review with all personnel their role in security.  For instance, if vigilance has slipped in mail and package delivery safety procedures, now is the time to revisit this area.
  • Renew/establish relationships with local law enforcement and discuss security.  It has been our experience that local jurisdictions are working very hard to maintain close relationships with their Jewish institutions.  If you have not established personal relationships with key police personnel, set up a meeting to do so.
  • Trust your instincts. If something strikes you as being out of place or problematic, call the police immediately.

Security is a long-term process that cannot be efficiently or effectively deployed only when there is an alert.   It is important to review security procedures on a regular basis and to be thinking of ways to improve security.

ADL’s security manual – Protecting Your Jewish Institution– and your local ADL regional office are important resources in your security planning.  ADL’s security website is www.adl.org/security.

Traveling with Personal Internet-Enabled Devices

December 19, 2011
National Cyber Alert System
Cyber Security Tip ST11-001

Holiday Traveling with Personal Internet-Enabled Devices

The internet is at our fingertips with the widespread use of internet-enabled devices such as smart phones and tablets. When traveling and shopping anytime, and especially during the holidays, consider the wireless network you are using when you complete transactions on your internet-enabled device.

Know the risks

Your smart phone, tablet, or other internet-enabled device is a full-fledged computer. It is susceptible to risks inherent in online transactions. When shopping, banking, or sharing personal information online, take the same precautions with your smart phone or other internet-enabled device that you do with your personal computer — and then some. The mobile nature of these devices means that you should also take precautions for the physical security of your device (see Protecting Portable Devices: Physical Security for more information) and consider the way you are accessing the internet.

Do not use public Wi-Fi networks

Avoid using open Wi-Fi networks to conduct personal business, bank, or shop online. Open Wi-Fi networks at places such as airports, coffee shops, and other public locations present an opportunity for attackers to intercept sensitive information that you would provide to complete an online transaction.
If you simply must check your bank balance or make an online purchase while you are traveling, turn off your device’s Wi-Fi connection and use your mobile device’s cellular data internet connection instead of making the transaction over an unsecure Wi-Fi network.

Turn off Bluetooth when not in use

Bluetooth-enabled accessories can be helpful, such as earpieces for hands-free talking and external keyboards for ease of typing. When these devices are not in use, turn off the Bluetooth setting on your phone. Cyber criminals have the capability to pair with your phone’s open Bluetooth connection when you are not using it and steal personal information.

Be cautious when charging

Avoid connecting your mobile device to any computer or charging station that you do not control, such as a charging station at an airport terminal or a shared computer at a library. Connecting a mobile device to a computer using a USB cable can allow software running on that computer to interact with the phone in ways that a user may not anticipate. As a result, a malicious computer could gain access to your sensitive data or install new software. Don’t Fall Victim to Phishing Scams If you are in the shopping mode, an email that appears to be from a legitimate retailer might be difficult to resist. If the deal looks too good to be true, or the link in the email or attachment to the text seems suspicious, do not click on it!

What to do if your accounts are compromised

If you notice that one of your online accounts has been hacked, call the bank, store, or credit card company that owns your account. Reporting fraud in a timely manner helps minimize the impact and lessens your personal liability. You should also change your account passwords for any online services associated with your mobile device using a different computer that you control. If you are the victim of identity theft, additional information is available from http://www.idtheft.gov/.
For even more information about keeping your devices safe, read Cybersecurity for Electronic Devices.
Produced in 2011 by US-CERT, a government organization. US-CERT is part of the Department of Homeland SecurityTerms of use

Another parcel bomb in Europe

December 09, 2011

The reports of a second parcel bomb in Europe raises obvious concerns. Organizations should be reviewing their mail handling procedures. See the links on the previous blog posting or at the JCRC Security Resources page.

Explosive Device Sent to Bank CEO

December 07, 2011
The NYPD confirmed that a mail (package) explosive device was addressed and sent to CEO, Dr. Joseph Ackermann of Deutsche Bank in Frankfurt, Germany.  The package was detected by x-ray technology inside the mail room.  The package did not detonate.  

An investigation is ongoing.We suggest that you review our previous posts:Rethinking mail screening and More tips for package screening. You can also download Guidelines for Suspicious Mail or Packages, Informational Bulletin on Suspicious Envelopes and Suspicious Package indicators.
 

The NYPD SHIELD unit advises that all mail room employees become aware of this information and pay special attention to incoming deliveries.