ASIS INTERNATIONAL HOUSTON CHAPTER

MEETING MINUTES: July 27, 2005

 

The luncheon meeting was held at Renaissance Hotel.  Chapter Chairman Darin Dillon CPP presided. 58 members and guests attended.

 

A special thank you is again extended to Charles Hutchinson and Crescent Realty for their generous luncheon parking sponsorship.

 

Opening prayer and Pledge: Lewis Eakins CPP

Committee Activities:

Treasurer:  Bob Cascino CPP reviewed and distributed the report.  There is approximately $19,466 in net proceeds from the Golf Tournament that have not been distributed yet.  The money will be used for Criminal Justice scholarships at several Universities.

Newsletter:  The issue was mailed early in July.  

Social Activity:  Approximately 30 members participated in the social held on Thursday June 30^th at 17:00 at Goode’s Armadillo Palace.

Crime Stoppers of Houston Gala is September 22 at the Houstonian Hotel. 

Training:

• International Conference on Security Management will be held on August 12 at UHD.  There is a $25 registration fee.  Details are provided on the web page.
• IAHSS Greater Houston Galveston Chapter is sponsoring a 4 hr seminar on Advanced Leadership & Communication Excellence.  Brian Polansky, PhD is the presenter.  The advance registration fee is $20; $25 at the door.  It will be held at the MH Education Center, 10201-C Katy Freeway.  Details provided on our web page.
• The Chapter will be a sponsor for an upcoming convention of NAWLEE (National Association of Women Law Enforcement Executives), held August 4-7 and hosted by Rice University.

Placement:  Mike Mason CPP reminded everyone there are 2-3 postings on the web site and he knows of several “unofficial” postings.  If you know someone looking for a job, please contact him.

Special presentation:  Darin showed a power point presentation based on some information shared at the ATAC meeting on Public Transportation.

• There are 8 billion US transit users per year
• 29 million “daily” utilize a subway, train or bus
• This type of transit is used 10 times more than the airlines
• Houston is one of the top users in the US
• Hence, transit is a potential terrorist target: How do we secure without defeating the purpose of public transit?  Would a stolen bus look out of place?
• Different solutions include: employee awareness, random checks, a formal reporting process, implementation of systems, procurement and training of dogs, and attempts to identify terrorists in advance.

 

Law Enforcement Recognition Award:   Harris County Deputy Sheriff Larry Smith

 

Deputy Smith is a 23-year veteran of the Department.  Prior to that, he spent three years in the Army Military Police.  Deputy Smith was accompanied by his supervisor Captain Paul Cordova, also a 23-year veteran of the Sheriff’s Department, a graduate of the FBI Academy and Master Peace Officer.

 

His citation reads “In 2004, Deputy Larry Smith filed 47 criminal charges and made 2,208 traffic stops that resulted in 1,478 code violations near elementary and middle schools.  Additionally in 2004, Deputy Smith responded to 3,808 police calls for assistance.  Deputy Smith’s devotion to duty and dedication to the highest standards in law enforcement are a credit to the community he serves and to the Harris County Sheriff’s Department.”

 

Deputy Smith receives many letters from children in the community.  One letter demonstrated that children do notice when it stated “Dear Mr. Officer: I may not know your name, but I know what you do every morning”.

Deputy Smith was presented a plaque in appreciation of his service to the community.

Speaker:  Paul E. Brown

                        President/CEO, CyberEvidence Inc.

Topic:  “Digital Forensics in a Global Enterprise Environment”

 

CyberEvidence Inc is company internationally recognized for computer forensic investigation and training.  Mr. Brown served over 28 years in law enforcement and helped start the first computer forensic lab for the Houston Police Department.  He has numerous certifications and is listed in the national registrar of Who’s Who for Executives and Professionals.

 

Mr. Brown started his presentation with the questions: Would you be concerned if:

• Confidential company information was put on the front page of the paper?
• Confidential company information was given to a competitor?
• The top people in your company unexpectedly leave your company within a week?
• Your competitor hired them?

 

We have all been traditionally trained to protect the physical evidence at a crime scene.  However, very few security or even IT specialists know how to preserve evidence on a computer.  There are four basic steps from an Incident Decision to an Action Decision:

• Preview
• How do you scan thousands of computers efficiently to search for a virus?
• Protect
• How do you protect business continuity?
• Prove
• It is difficult with intellectual property as it can be easily compromised or even deleted.
• Present
• Can you clearly present the evidence to a jury in common language?

 

The key to success is to establish a relationship with a company before you need them; who have the capability to collect court-ready and fully defendable digital evidence, as well as track and recover corporate dollars.  You cannot protect your company from something unless you know what’s there.  How do you know what’s going on in your company?  You must recognize there is a real threat.  Often the greatest threat is the employees.  You need to have a plan to safeguard your secrets.

o        Run employee background checks, including checks for lawsuits and criminal records. 

o        ID your intellectual property

o        Control access on a “need-to-know” basis

o        Have “consent to monitor” policies

o        Change passwords

o        Have a log-in banner with a disclaimer that states the employee has no expectation of privacy.  You can also have a display screen that opens as they access the Internet.

o        Watermark

o        Limit removable media

o        Have a HR Forensic Image for “insurance”

o        Use system logging for anomaly detection

o        Clients can be a great source of telling you employee actions

o        Have an incident response team

o        Have an incident response checklist

o        Contact LE when necessary

o        Shutdown when appropriate: the key is to secure and preserve

 

Education and training are critical to both the first responder and investigator of a computer crime.  They must have the right authority levels to collect evidence and transport that evidence safely maintaining chain-of-custody.  There must be secure storage.  Encase is a good product to meet these needs. 

 

Where IS the Internet?  If you can see the world; they can see you. 

Mr. Brown then gave a live demonstration using two computers to simulate one computer hacking into another computer.  He was able to copy the information to his forensic computer and open and search that information; all without the knowledge of the other computer’s user.

 

In summary, Mr. Brown suggests you find someone who specializes in digital forensics and establish a relationship before you require an investigation.  Look at their certifications, years of experience, references and appreciation that it’s about computers and the law.

 

Mr. Brown was awarded a plaque in appreciation of his time and expertise.

 

Our next luncheon meeting is August 31.  Our speaker, Ray Semko, is known as the D*I*C*E* Man; and will provide a briefing on Defense, Information to Counter Espionage.  His visit is arranged and sponsored by the Houston Office of the FBI.