Looking forward to a safe 5776

August 25, 2015

The attacks on two synagogues in December, 2014 (in Har Nof, Jerusalem and Chabad Headquarters in Brooklyn) and the shooting in the Charleston church should inform our High Holiday planning. Security and emergency response planning must be an important component of your overall planning.

While there are no specific threats to U.S. Jewish institutions or individuals — out of an abundance of caution — JCRC-NY recommends that Jewish institutions increase their levels of vigilance. This is especially true during the High Holidays, when people know that Jews congregate.

As a general rule, synagogues should:

  • Create a culture of security. Institutions shouldn’t merely subcontract security. Even buildings with well-trained security personnel should expect that staff and constituencies should be part of the security equation. Everyone should have heightened vigilance in times like these. For tips on security awareness, click here and the ADL’s Guide to Detecting Surveillance of Jewish Institutions and 18 Best Practices for Jewish Institutional Security.
  • Be in contact with your local police. Someone (or more than one) should have ongoing personal relationships with key police personnel. They should know you, your building and your organizational activities:
    • Discuss your security procedures with them and ask them for suggestions for improvement.
    • Inform them of the dates and times of your services, regular events and special events.
    • Police coverage on the High Holidays
      • Special attention is given to a synagogue based on an assessment of the current threat balanced by the availability of resources. In some jurisdictions it is a longstanding practice to assign police personnel to synagogues during services. In others, patrol cars are directed to visit synagogues at regular intervals. Discuss your situation with local police officials as soon as possible so that they have time to make their assessment and to secure the resources that they need to protect you. They will be in contact with federal, state and county officials, as well as the regional fusion center to make their assessment. They also factor in local incidents.
      • In some instances the traffic conditions surrounding services warrant police attention and officers will be assigned.
      • Some police departments allow private parties to hire uniformed officers for events. For more information click on our contact form here and someone will get back to you.

Read More Looking forward to a safe 5776

Focus on resources: DHS Protective Security Advisors

August 03, 2015

PSA imageRecently, we received an inquiry from an out-of-state colleague. Some of his questions could be answered over the phone, but it was clear that an on-site consultation was in order.

I asked my colleague, “Do you know your Protective Security Advisor (PSA)?” He replied, “What?”

DHS employs PSA’s in all 50 states and many states have multiple regions. Our experience here in NY is that our PSA’s are a wonderful resource. They are hard-working, knowledgeable and professional.

  • Security surveys. Subject to time constraints you can ask your PSA to conduct security surveys and assessments of your facilities. We’ve joined our PSA’s during some of these sessions and their suggestions are both sound and pragmatic.
  • Training. PSA’s have access to a wide variety of training options, e.g. active shooters, suspicious packages, severe weather. Even if you don’t know your exact need, talk to them. They can open up a variety of resources for you.
  • Special events planning. Let them know if you are planning a high profile event. They can advise you on security and logistical issues.
  • Outreach. Get on their radar. They will invite you to various trainings and events.

Click here for more information on Protective Security Advisors. To contact your local PSA, please contact PSCDOperations@hq.dhs.gov. To contact NY PSA’s or if you have questions or need other assistance please complete the form below.

Resources to Help Prepare Houses of Worship for Emergencies

July 06, 2015

Webinar recording (June 2015): http://bit.ly/1JzXMAn

Points of Contact:

Preparedness resources for house of worship:

 Emergency Operations Planning Resources:

Active Shooter Preparedness Resources

Free online independent study courses for everyone:

All hazard preparedness resources

Youth Preparedness Websites:

Additional webinars of interest:

July 1 FEMA Webinar – Houses of Worship

June 29, 2015

Webinar:
Resources to help houses of worship prepare for emergencies  

This webinar is a collaborative effort between the DHS Center for Faith-based & Neighborhood Partnerships, a center of the White House Office of Faith-based & Neighborhood Partnerships and the Federal Emergency Management Agency to help connect faith-based and community organizations with tools, resources, and partners to help prepare their houses of worship for all hazards, including active shooter incidents.

 Date: Wednesday, July 1, 2015   Time:  2:00 – 3:15 p.m. (EDT)

How to Join the Webinar:

 

Preparing Houses of Worship for Emergencies Webinar

April 24, 2015

The Department of Homeland Security Faith-based and Neighborhood Partnerships and FEMA are hosting a webinar on April 28 from 2-3 p.m. ET to prepare faith-based organizations for disaster. This webinar will provide faith-based and community organizations with critical local, tribal, state, and national resources that can help get communities better prepared for disasters and emergencies. Subject matter experts from emergency management, the faith-based and volunteer sectors, and the federal government will also answer questions about engaging the faith-based community in disaster preparedness activities.   Interested participants can register for the webinar online. Closed captioning will be offered.

Nonprofit grant package released in NY, due May 4th

April 07, 2015

The application package was released in record time, thank you Shelley Wahrlich and Marianne Lindsay! Sign up for the April 14th webinar now!

The FY 2015 Urban Areas Security Initiative Nonprofit Security Grant Program (UASI NSGP) has been posted on the New York State Division of Homeland Security and Emergency Services website and is ready for immediate action by interested eligible nonprofits.  A maximum of up to $75,000 in grant funds can be applied for to provide funding support for target hardening and physical security enhancements to nonprofit organizations that are at a high risk of a terrorist attack.  Please note that in NY, only nonprofits from the NYC Urban Area (5 boroughs and the counties of Nassau, Suffolk and Westchester) may apply. (Click here for the areas outside of NY.)  The NY Request for Application and other required documents can be found at  http://www.dhses.ny.gov/grants/

Nonprofit organizations that are applying for this funding opportunity must be PREQUALIFIED in the NYS Grants Gateway prior to application submission. If you Prequalified last year, check your Document Vault to confirm if any of your documents need to be updated. To learn more about prequalification, go to the Grants Reform website http://www.grantsreform.ny.gov/Grantees).

The due date for applications is 11:59 PM on May 4, 2015.  Any applications and supporting documentation received after the due date and time will not be considered.  If you have any technical questions you can call 1-866-837-9133.

Sen. Charles Schumer, Sen. Kirsten Gillibrand, the NY Division of Homeland Security and Emergency Services and the Jewish Community Relations Council of New York will offer a grant webinar on Tuesday, April 14th at 10:30 AM. The webinar will feature representatives of the NY Division of Homeland Security and Emergency Services discussing the application process and guidance from the JCRC-NY on how to complete the core of the application: the Investment Justification. Of course you can find detailed help at our Security Grants website:www.jcrcny.org/securitygrants.

  1. Download the NY application package here. It contains the official “Request for Applications” and supporting documents. Consider this site the “final word” on all matters in NY. Applicants outside of NY should contact their state authorities.
  2. Register for the webinar. Click here to register for the April 14th webinar. Instructions on how to sign on will be sent to all registrants by email prior to the webinar.
  3. Subscribe. Click here to subscribe to the JCRC-NY Security and Emergency Preparedness Alert list. Subscribers will receive updates on the security grant program and other alerts.
  4. Investment Justification. This is the core of the application package. You can see this year’s template here.
  5. Assessments. The application requires a “previously conducted risk assessment.” The assessment could be a crime prevention survey from your local police or other governmental sources, from private vendors or self -conducted. For more information see: www.jcrcny.org/securityresources#surveys

Nonprofit Security Grant: the process begins

April 02, 2015

Remember, we warned that the application period will be abbreviated. Sorry.

The U.S. Department of  Homeland Security released its guidance on the Nonprofit Security Grant Program today. The NY Division of Homeland Security and Emergency Services will release the NY application package by the middle of April. Depending on the release and due date, applicants will probably have to submit their packages sometime during  the first  week of May (NY DHSES must review, process and submit the applications by May 19th). Most of the necessary 2015 forms and information can be found at www.jcrcny.org/securitygrants.

Sen. Charles Schumer, Sen. Kirsten Gillibrand, the NY Division of Homeland Security and Emergency Services and the Jewish Community Relations Council of New York will offer a grant webinar on Tuesday, April 14th at 10:30 AM. The webinar will feature representatives of the NY Division of Homeland Security and Emergency Services discussing the application process and guidance from the JCRC-NY on how to complete the core of the application: the Investment Justification. Of course you can find detailed help at our Security Grants website: www.jcrcny.org/securitygrants.

  1. Register for the webinar. Click here to register for the April 14th webinar. Instructions on how to sign on will be sent to all registrants by email prior to the webinar.
  2. Subscribe. Click here to subscribe to the JCRC-NY Security and Emergency Preparedness Alert list. Subscribers will receive updates on the security grant program and other alerts.
  3. Get started now. We expect that there will be few changes in the application process. See the graphic below the registration form, outlining the steps you can immediately take to start the New York process now:
    • Pre-qualify. Your application will not be accepted without a 2015 “Status Report” showing that your Document Vault is complete. Click here to go to the New York State Grants Gateway.
      • If you Pre-qualified last year, check your Document Vault to confirm that none of your documents need to be updated.
      • If you never Pre-qualified, register immediately and begin to collect your documents.
    • E-Grants. You must submit your application and documents through the NY DHSES E-Grants system. Click to the E-Grants page, download and fill out the simple application and e-mail to grants@dhses.ny.gov. You will receive information on how to sign on. If you already have an account, you’re OK. The E-Grants system is pretty straightforward and has an excellent tutorial.
    • Assessment. The application requires a “previously conducted risk assessment.” The assessment could be a crime prevention survey from your local police or other governmental sources, from private vendors or self -conducted. For more information see: www.jcrcny.org/securityresources#surveys
    • Investment Justification. This is the core of the application package. You can see this year’s template here. Get started. Transfer your completed questions onto the form provided in the New York application package.

Find detailed help at our Security Grants website: www.jcrcny.org/securitygrants. Here are the steps to get started:

Cybersecurity: WordPress Vulnerabilities

April 01, 2015

FBI (April 7) ISIL Defacements Exploiting WordPress Vulnerabilities. Continuous Web site defacements are being perpetrated by individuals sympathetic to the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and al-Shams (ISIS). The defacements have affected Web site operations and the communication platforms of news organizations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international Web sites. Although the defacements demonstrate low-level hacking sophistication, they are disruptive and often costly in terms of lost business revenue and expenditures on technical services to repair infected computer systems. Click here for the full alert.

Best practice. The FBI recommends the following actions be taken:

  • Review and follow WordPress guidelines: http://codex.wordpress.org/Hardening_WordPress
  • Identify WordPress vulnerabilities using free available tools such as
    http://www.securityfocus.com/bid,
    http://cve.mitre.org/index.html,
    https://www.us-cert.gov/
  • Update WordPress by patching vulnerable plugins:
    https://wordpress.org/plugins/tags/patch
  • Run all software as a non-privileged user, without administrative privileges, to diminish the effects of a successful attack
  • Confirm that the operating system and all applications are running the most updated versions.

Hacktivist
Click on the graphic to open a PDF version of this notification.

The FBI is warning U.S. companies that cyber terrorists from the Middle East and North Africa are planning to conduct cyber-attacks against Israeli and Jewish interests next week.  The Bureau stated in a security notice to U.S. industry on Sunday that, as of early March, “several extremist hacking groups indicated they would participate in a forthcoming operation, #OpIsrael, which will target Israeli and Jewish Web sites.”

“Given the perceived connections between the government of Israel and Israeli financial institutions, and those of the United States, #OpIsrael participants may also shift their operations to target vulnerable U.S.-based financial targets or Jewish-oriented organizations within the United States,” the FBI warning said.

The FBI predicts that the threat to U.S.-based infrastructure from the coming cyber attack is low for well-maintained and updated networks. So, make sure that your techies and hosts maintain and update your systems.

The FBI said members of at least two extremist hacking groups it did not identify are currently working to recruit hackers for the attacks next week. The hacker group Anonymous this week also threatened an “electronic Holocaust” in a video statement.

The FBI estimated that the threat to U.S.-based infrastructure from the coming cyber attack is low for well-maintained and updated networks. However, as part of its program to notify private industry of major cyber threats, the FBI is notifying several possible targets.