One of the ways the military services are improving their installations’ energy resilience is by leveraging private sector investment through energy savings performance contracts (ESPCs) and utility energy service contracts (UESCs). In its report accompanying the fiscal 2019 defense authorization bill, the Senate Armed Services Committee says it supports the approach and “strongly encourages” DOD to leverage its facilities sustainment, restoration and modernization accounts, in combination with third-party funding sources, “to maximize energy infrastructure investments.” That tactic could help the department reduce its massive infrastructure maintenance backlog as well as enhance installation resilience, the panel states.The panel remains concerned, however, that DOD has failed to streamline the procurement processes used to enter ESPCs, UESCs and power purchase agreements. In turn, the committee directs the Pentagon to set “a department performance contracting goal along with a tracking system to identify and address project phase bottlenecks, with a timeline goal of 18 months from notice of opportunity to notice of intent to award.” The lawmakers also request DOD to brief the committee on its progress by March 1, 2019.Photo courtesy of Army Corps of Engineers Huntsville Center Dan Cohen AUTHOR
Listen at WEAA Live Stream: http://amber.streamguys.com.4020/live.m3uIndiana’s so-called, “Religious Freedom Law,” has been characterized by a growing number of individuals and companies as a mandate for intolerance. We’ll examine the controversial issue with our panel of experts. Plus, AFRO reporter Roberto Alejandro, investigative journalist Stephen Janis and Taya Graham, co-editor of, “You Can’t Stop Murder: Truths About Policing in Baltimore and Beyond,” talk local politics and news. This and more coming up this evening on AFRO’s First Edition with Sean Yoes.
Growing a business sometimes requires thinking outside the box. Register Now » Free Webinar | Sept. 9: The Entrepreneur’s Playbook for Going Global Opinions expressed by Entrepreneur contributors are their own. 3 min read What’s inside your own company may hurt you. Recent research reveals that internal security breaches, including accidental ones by careless employees, are dangerous and rampant.Your business’s greatest cyber threat could be festering right inside your offices. A recent report by Forrester Research, called “Understand the State of Data Security and Privacy,” shows that one-fourth of survey respondents said that a malicious employee was the most common means to a data breach within the past year. However, respondents noted that 36 percent of data breaches resulted from employee errors.Related: 10 Data-Security Measures You Can’t Do WithoutA report from MeriTalk found that 49 percent of compromises occur when workers bypass security measures, e.g., downloading e-mail files. This report focused on the federal government. If the feds can’t protect themselves, how the heck can small businesses?Businesses are spending more and more resources on protection, such as antivirus software, anti-phishing software and firewalls, plus teaching employees security awareness but the problems are crooked insiders and careless employees.The MeriTalk report also reveals that 66 percent of respondents see security as time consuming and restrictive, while 60 percent believe their work takes longer due to additional cyber security tactics. Another 20 percent say they can’t complete their work due to security measures and 31 percent skirt around security measures at least once per week.The Forrester study reveals that 36 percent of data breaches come from accidental misuse of data by workers. Only 42 percent of respondents received security training and 57 percent weren’t even aware of their company’s current security protocols. One in four reported a breach was caused by malicious inside activity.What should be done? To start, focus on workers with access to sensitive data, such as employees in human resources, accounting, legal, administration and personnel but also company officers and contractors. Businesses need to work with all the key departments to identify vulnerabilities and devise security tactics that don’t obstruct productivity. Determine the level of risk for various kinds of data and set protections accordingly.Related: 5 Ways to Avoid a Costly Data Security BreachFollowing that, conduct a cost/benefit analysis. Review the different technologies that can be incorporated with the company’s existing systems. This includes data loss prevention technologies and internal system status monitoring. The goal is to limit who has access to what kind of data. Determine why an individual needs the data.Companies also need to examine their weaknesses from an outside-attack perspective. System-wide encryption should be implemented, as well as tools that report alerts and events. Access controls should be inspected and put in place, along with password management and multi-factor authentication.Device recognition is crucial. There must also be disposal for e-data, paper data and discarded devices.Transparency is also important. The more transparent that a business’s network security and security policies are, the more effective and clear each department will be communicating their requirements, needs and differences.Don’t be let efforts to combat outside cybercriminals blind you to internal threats. Attention on one should not diffuse attention on the other.Related: A Lack of Communication on Cyber Security Will Cost Your Business Big (Infographic) August 18, 2014