Community Guidance re Friday, Oct 13 Day of Action

October 13, 2023

October 13, 2023

On October 10, 2023, Hamas issued an official statement designating Friday, October 13, 2023, a day of action titled “the Friday of al-Aqsa Flood.” In their announcement, they called on the international community to voice solidarity with the Palestinian people and their cause by engaging in mass gatherings. They also called on individuals living in the West Bank and East Jerusalem to take part in mass protests against Israel.

A video has also surfaced featuring founding member and former Hamas leader, Khaled Mashal, praising the recent attack and calling on everyone to mobilize. He allegedly called on people in the region, particularly, to engage in uprising and resistance. He also allegedly encouraged individuals around the world to engage in the “Friday of Al-Aqsa Flood” to send a message of solidarity and anger to Zionists and America. He stated that jihad is everyone’s duty and an individual responsibility. The video appears to have been removed from mainstream sources.

The JSA is in close coordination with each other and our law enforcement partners, and at this time there are no known credible threats to the Jewish communities in New York and New Jersey. Accordingly, we are advising institutions to remain open and operational. However, given the heightened tensions, we encourage the following security precautions and procedures be implemented at your institutions:

  • LIMITED BUILDING ACCESS: Limit your building access to only one entrance/exit. Ensure all doors remain locked at all times and are only unlocked to admit known individuals. Do not open doors for unknown individuals.
  • DROP OFF & PICK UP: Security and staff should be outside at this time and on the lookout for any suspicious individuals in these high traffic times.
  • PERIMETER SWEEP: Upon opening your institution, conduct an outside sweep of your building’s perimeter. Report any suspicious items or individuals lurking outside to law enforcement immediately.
  • CAMERA COVERAGE: Ensure all building cameras are on and properly recording. Designate an individual to review security footage continuously throughout the day.
  • SYSTEMS CHECKS: Ensure that anything that is battery powered or electronically controlled is working properly. This could include access controls, panic buttons, AEDs etc.
  • MAIL AND DELIVERIES: Screen any packages and mail thoroughly that comes to the building. If you didn’t order it, do not accept it. Review your institution’s procedures for suspicious mail.
  • ACTIVE THREAT PROTOCOLS: Review your institution’s active threat situation protocols and ensure relevant staff is up to date on procedures. Consider conducting an
    institution-wide drill.
  • LAW ENFORCEMENT: Connect with your local law enforcement and provide them your schedule over the coming days, including school and prayer times.

Click here to download a PDF of this post. 

Consultant’s Corner

December 29, 2022

Welcome to Consultant’s Corner.  We have archived our training videos to assist you with your grant process.

Consultant’s Corner 2022-2023

12-20-2022

EHP Preparation

12-6-2022

How To Apply For The NYS Hate Crimes Grant (SCAHC)

11-22-2022

I Got A Government Security Grant – Now What?

View all our 2022-2023 training videos here in sequence:

Consultant’s Corner 2021-2022

3-29-2022

Developing a Training Program

3-22-2022

Year-to-Date Topics Summary

3-15-2022

Special Presentation: Your Security and Grant Questions Answered Live

3-8-2022

Reducing Door, Frame & Hardware Vulnerabilities

3-1-2022

Access Control 2; Mindset Plus Technology

2-22-2022

Access Control

2-15-2022

Protecting Windows

2-8-2022

Procurement Process

2-1-2022

Door Hardware and Door Hardening

1-25-2022

RFP Package Continued: Basics of Product Research

1-18-2022

RFP Package Part 2 and Lessons from Colleyville

1-11-2022

RFP and Bid Management

1-4-2022

Grant Management Part II

12-14-2021

Securing Communities Against Hate Crimes Grant (SCAHC)

12-7-2021

Environmental and Historic Preservation Form (EHP)

11-30-2021

Appointing A Project Manager

11-23-2021

What Do We Need, and How Do We Get Bids?

11-16-2021

I Received A Security Grant, Now What?

View all our 2021-2022 training videos here in sequence:

CSI Cyber: New ransomware resources

June 01, 2021

PNT Integrity Library published to help protect critical infrastructure -  GPS World

Today, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) releases an cybersecurity advisory, “DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks.” CISA and FBI are urging critical infrastructure asset owners and operators to adopt a heightened state of awareness and implement the recommendations listed in this advisory.

Recently, DarkSide actors deployed DarkSide ransomware against a U.S. pipeline company’s information technology (IT) network. In response to the cyberattack, the company proactively disconnected certain operational technology (OT) systems to ensure the safety of the system. At this time, there are no indications that the threat actor moved laterally to OT systems.

This joint advisory provides technical details on DarkSide actors and some of their known tactics and preferred targets. According to open-source reporting, DarkSide actors have been targeting multiple large, high-revenue organizations. Also, the actors have previously been observed gaining initial access through phishing, exploiting remotely accessible accounts and systems and virtual desktop infrastructure.

CISA and FBI strongly recommend that critical system owners and operators prioritize reading this advisory and follow recommended mitigation and guidance to help protect against this malicious activity. In addition to the cybersecurity advisory, CISA and FBI urge critical infrastructure asset owners and operators to review the following resources for best practices on strengthening cybersecurity posture:

Victims of ransomware should report it immediately to CISA, a local FBI Field Office, or a Secret Service Field Office.

Cybersecurity: Protecting your people and your systems

December 18, 2020
Click on the graphic to download the presentation

As cybersecurity concerns heightened, both worldwide and in the Jewish community, the Community Security Initiative and CISA offered a cybersecurity webinar on December 17, 2020. R. S. Richard Jr., CISM, CCISO, Cybersecurity Advisor, Region II of the Cybersecurity and Infrastructure Security Agency (CISA) offered explained about important cybersecurity measures that organizations should consider adopting and the resources that CISA makes available. View the video here and the presentation here.

CISA recently released its Cyber Essentials Toolkit, a set of modules designed to break down the CISA Cyber Essentials into bite-sized actions for technical staff and organizational leadership to work toward full implementation of each Cyber Essential. Each chapter focuses on recommended actions to build cyber readiness into the six interrelated aspects of an organizational culture of cyber readiness. We urge you to download and review these valuable tools.

Chapter 1: Yourself, The Leader – Drive Cybersecurity Strategy, Investment, and Culture

This chapter focuses on providing leaders with an understanding of what it takes from the top to drive a culture of cyber readiness within their organizations. Topic areas include, leading investment in basic cybersecurity; determining how much of the business’ critical operations are dependent on IT; how to approach cyber as a business risk; leading the development of cybersecurity policies; and building networks of trusted sector partners and government agencies for information sharing.

Chapter 2: Your Staff – Develop Security Awareness and Vigilance

This chapter focuses on an organizational approach to cybersecurity by educating employees and providing training resources that encourage cyber awareness and vigilance. Topic areas include: leveraging basic cybersecurity training; developing a culture of awareness; learning about phishing and other risks; identifying available training resources; and maintaining awareness of current cyber events.

Chapter 3: Your Systems – Protect Critical Assets and Applications

This chapter focuses on an organizational approach to cybersecurity by securing network assets and information. Topic areas include: learning what is on your network; leveraging automatic updates; implementing secure configurations; removing unauthorized hardware and software; leveraging email and browser security setting; and creating approved software polices.

Chapter 4: Your Surroundings – The Digital Workplace

This chapter focuses on an organizational approach to cybersecurity by ensuring only those who belong on your digital workplace have access. Topic areas include: learning who is on your network; leveraging multi-factor authentication; granting appropriate access and admin permissions; leveraging unique passwords; and developing IT polices to address user statuses.

Chapter 5: Your Data – Make Backups and Avoid the Loss of Information Critical to Operations

This chapter focuses on providing leaders with an understanding of what it takes to ensure their organization’s data is secure and recoverable. Topic areas include: learning what information resides on the organization’s network; learning what is happing on the network; domain name system protection; learning how the organization’s data is protected; leveraging malware protection capabilities; establishing regular automated backups and redundancies of key systems; and leveraging protections for backups.

Chapter 6: Your Crisis Response – Limit Damage and Quicken Restoration of Normal Operations

This chapter focuses on responding to and recovering from a cyber attack. Topic areas include: developing an incident response plan and disaster recovery plan; using business impact assessments to prioritize resources and identify systems to be recovered; knowing who to call for help in the event of a cyber incident; developing an internal reporting structure to communicate to stakeholder.

New CISA resource for Screening: The Power of Hello

December 02, 2020

When is a “hello” not merely a “hello”?

Remember: only “approved” individuals should be able to enter your facility. The right greeting can be a critical component of your security protocols, and help you to balance the need to be warm and welcoming, while making sure that everyone who comes through our doors is safe and secure. Security goes beyond just having solid doors. In the real world someone has the responsibility to observe, evaluate suspicious behaviors — and ultimately — decide who to admit?

Technology offers many solutions (ID cards, fobs, facial recognition, biometrics and more) to verify those who we know, but what about those we don’t?  It all comes down to screening. A screener can be an employee or a volunteer. What’s important is that they know your people.

Who shows up at our doors?

Three types of people show up at our doors

  1. The vast majority of the people who attend religious services are regulars. It is best practice to have someone at the door who knows most of the attendees and will welcome them upon arrival. They fill the largest bucket.
  2. A warm, simple greeting (Welcome, is this your first time here? Are you looking for someone in particular?) will usually elicit a response (e.g., I’m here for the Cohen bar mitzvah). Take the time to ask the Cohen’s for their guest list. Your screener can readily check that the visitor is on the list. These visitors fit into the smaller, second bucket.
  3. That leaves the Unknowns. What steps should be taken when an unknown is at the door. How can the screener decide whether an Unknown is a threat or a potential member of your congregation or facility?

DHS CISA‘s new guide

Simply saying “Hello” can prompt a casual conversation with a new person, providing an opportunity to observe and establish a connection. CISA calls it the “OHNO approach–Observe, Initiate a Hello, Navigate the Risk, and Obtain Help” developed to enable screeners to observe and evaluate suspicious behaviors, and to empower them to lower the risk and obtain help when necessary.

This guide promotes employee vigilance for our houses of worship stakeholders. Alert personnel can spot suspicious activity and report it. Keeping houses of worship facilities secure while sustaining the open and welcoming environment necessary for peaceful congregation requires a holistic approach to security.

Download these materials and think about how this guidance can make your facility safe and secure, without undermining your wish to be warm and welcoming. As always, institutions in New York City, Long Island and Westchester can reach out to their Community Security Initiative (CSI) regional security manager for assistance. Click here to send an email. Check out the new CSI video here.

Download links

Power of Hello Slicksheet (272.54 KB)
Power Hello Placemat (313.91 KB)
The Power of Hello Houses of Worship guide (2.1 MB)

Shifted to telework? Make sure you are secure.

September 30, 2020

Today, the Department of Homeland Security-CISA released the Telework Essentials Toolkit providing organization leaders, their IT staff, and employees recommendations for a more permanent telework solution beyond what may have been implemented as a quick fix or temporary solution.

The Toolkit provides three personalized modules outlining distinctive security considerations appropriate for each role:

  • Actions for executive leaders that drive cybersecurity strategy, investment and culture
  • Actions for IT professionals that develop security awareness and vigilance
  • Actions for teleworkers to develop their home network security awareness and vigilance

It is more important than ever that our partners like you are aware of cyber risks endemic to this new environment and are prepared with the tools to mitigate them. We encourage you to forward this notification and toolkit widely to other partners. With your support we can continue to develop a stronger, more resilient culture of cyber readiness from the c-suite to the end user.

This toolkit is available at cisa.gov/telework, a webpage CISA established as a one-stop shop for telework cybersecurity guidance for critical infrastructure, government, and citizens. Since it was launched, several new products have been added for a variety of sectors. Here are just a few of the varied resources you will find.

  1.  DHS-CISA partners with CYBER.ORG, to focus on cybersecurity for K-12 educators and students, including a series of cyber safety videos. Located in the “Additional Telework Resources” section, the inaugural videos address video conferencing safety and how to avoid being duped by a suspicious email or phishing attack. The videos in this series are applicable to any work or business environment, not just the education audience.
  2. Many state and local 9-1-1 agencies shifted staff to remote working environments. Through our consistent and close collaboration with state and local governments, CISA published information to help this important first responder community manage this transition. Located in our “General Telework Guidance”, you can read about the best practices used by the Arlington County Public Safety Communications and Emergency Management.

The COVID-19 pandemic forced organizations to rapidly stand-up telework procedures. Since then, we have seen entities across industries have servers forced temporarily offline because of ransomware attacks, poorly configured remote working tools, or unpatched vulnerabilities on their networks. Not only are these attacks costly (i.e. the cost in time and energy of responding IT staff, downtime costs etc.) but the hit to customer and worker confidence and trust can be equally steep.

New York State COVID -19 Interim Guidance for Jewish High Holidays Observances

September 16, 2020

Click here to download a PDF copy of this NYS Department of Health Guidance

September 16, 2020

Planning for Services and Observances

  • We continue to recommend that indoor occupancy be restricted to the minimum number of individuals necessary to conduct the service but no more than 33% of the capacity of the space, or the limit of the number of people that can fit within the space while maintaining a social distance of at least 6 feet at all times, and 12 feet if there is chanting or singing, whichever is the fewer number of people.
    • Gatherings in sukkahs can be considered outdoor religious events limited by the number of people who can fit at least 6 feet apart under the Sukkah roof. Social distance must be mandated during meals in the Sukkah and should be used to determine the number of attendees at congregational meals. Ventilation and outdoor air flow should be maximized to the greatest extent possible.
  • Social Distancing Indoor and Outdoor Services
    • All seating should be separated by at least 6 feet; 12 feet if there will be singing or chanting, irrespective if the services are indoors or outdoors.
      • Do this by removing seating or blocking off in between seats.
      • Only members of the same household can be closer than 6 feet.
    • Prevent congregating at closer distances by blocking off areas where people tend to gather, especially areas where children or teenagers tend to gather unsupervised.
    • Place 6 feet or 12 feet markers in standing areas and aisles to help individuals stay socially distanced.
    • When possible make aisles and staircases one direction only. If only one stairway is available, only one person should be on the stairway at a time.
    • Small spaces such as elevators should be limited to 50% capacity.
    • Holding or shaking hands, or other close physical contact, among people from different households during services or prayers should be strictly prohibited.
  • Face Coverings During Indoor and Outdoor Services
    • Face coverings must be worn at all times except while seated, provided all individuals are 6 ft. apart except for immediate household members, however individuals should be encouraged to wear them at all times during services or prayers even when seated. If singing or chanted is involved then a face covering must be worn even while seated.
    • Acceptable face coverings include but are not limited to cloth, surgical masks, and face shields when worn with a face mask underneath.
  • Suggestions for Reducing Interpersonal Contact
    • Limit in-person presence when possible.
    • Hold services outdoors when possible.
    • Offer multiple service times, including separate designated times for vulnerable populations.
    • Prioritize activities that allow for social distancing over those that do not.
    • Offer only self-served individually wrapped food and drink; provide enough space for attendees to be at least 6 ft apart when they eat or encourage attendees to take the food with them when they leave (e.g. whole apples not slices and packaged individual honey, challah rolls not passing a large challah).

Services and Observances

  • Screening of Attendees Prior to Entering the Building
    • Encourage attendees to take their temperature each time before leaving home/before holiday begins.
    • Anyone with symptoms or a temperature above 100 degrees F should stay home.
    • Implement mandatory health screening assessments asking about:
    • A person who answers yes to any of the screening questions symptoms must not be allowed to enter the gathering place and must be sent home with instructions to contact their healthcare provider for an evaluation and testing.
      1. COVID-19 symptoms in the past 14 days,
      2. positive COVID-19 test in the past 14 days,
      3. close contact with confirmed or suspected COVID-19 case in past 14 days; and
      4.  recent travel to a state listed on the NYS travel advisory, or to another country.

• Encourage Hand Hygiene and Respiratory Hygiene

    • Regular hand washing with soap and water for at least 20 seconds should be done:
      • Before and after eating
      • After sneezing, coughing, or nose blowing
      • After using the restroom
      • Before handling food
      • After touching or cleaning surfaces that may be contaminated
      • After using shared equipment and supplies
      • Before putting on and after taking off a face covering
    • If soap and water are not available, use an alcohol-based hand sanitizer that contains at least 60% alcohol.
    • Cover coughs and sneezes with tissues or the corner of elbow.
    • Dispose of soiled tissues immediately after use.
  • Sounding the Shofar Safely
    • Individuals gathering to hear the shofar must be at least 12 feet away from the shofar blower at all times, and must be 6 feet apart from each other.
    • Shofars should be blown outdoors whenever possible.
    • When it is not possible to be outdoors, place a surgical mask over the wide end of the shofar and set the building ventilation system set to “maximal fresh air without recirculation.” An alternative is to sound the shofar through an open window with the shofar blower inside the building facing out the window.
    • One shofar should not be used by multiple people and shofars should not be passed from person to person to hold.
  • Suggestions for Reducing Interpersonal Contact
    • Consider offering several different meals at designated times to limit the number of attendees at each meal (e.g., community break the fast during or in community Sukkah).
    • Ask families to bring their own meals or offer only self-served individually wrapped food and drink.
    • Encourage families to limit holiday meals to household members.
    • Do not encourage communal dancing unless social distancing can be maintained, and face coverings are worn.
    • Consider alternatives ways to honor the traditions and intentions of Simchas Torah. Avoid hand holding, strenuous activity such as dancing in large groups in close spaces, passing items from person to person, and handing out treats. Safer practices include socially distanced group walk through building or neighborhood with designated Torah carriers, limited number of participants in socially distanced dancing, and prepackaged treat bags.

After Services

  • Routine Cleaning and Disinfection
    • Regularly clean and disinfect the location and ensure high risk areas used by many individuals or that are frequently touched are cleaned and disinfected more frequently.
    • Cleaning and disinfection must occur at least after each service.
    • Examples of priority areas for cleaning and disinfection include:
      • High contact surfaces that are touched by many different people such as chairs, tables, light switches, handrails, and doorknobs/handles
      • Restrooms
      • First aid station / health office
      • Restrooms
      • Dining areas
      • Shared equipment or items
    • Routine cleaning, including tasks such as vacuuming of high traffic areas or dust- and wet-mopping or auto-scrubbing floors, should continue to occur on a periodic schedule as operational considerations allow, which may range from at least daily to up to 72 hours.
  • Cleaning and Disinfection
    • Cleaning removes germs, dirt and impurities from surfaces or objects. Disinfecting kills germs on surfaces or objects. Individuals do not need to wear respiratory protection while cleaning or disinfecting but should use personal protective equipment (e.g. gloves) as recommended on product labels.
    • Step 1: Cleaning
      • Always clean surfaces prior to use of disinfectants in order to reduce soil and remove germs.
    • Step 2: Disinfection
      • Use the DEC list of products registered in New York State identified as effective against COVID-19. If those products are unavailable, disinfect surfaces using an EPA- and DEC*- registered disinfectant labeled to be effective against rhinovirus and/or human coronavirus. If these commercial products are unavailable, it is also acceptable to use a fresh 2% chlorine bleach solution (approximately 1 tablespoon of bleach in 1 quart of water).
    • Step 3: Disposal
      • Place all used gloves and other disposable items in a bag that can be tied closed before disposing of them with other waste. Wash hands with soap and water for at least 20 seconds immediately after removing gloves or use an alcohol-based hand sanitizer if soap and water are not available.

Click here to download a PDF copy of this NYS Department of Health Guidance

High Holidays webinar recordings

September 14, 2020

The links to our High Holiday guidance can be found below:

Feel free to contact us at security.requests@jcrcny.org with any questions. Your Regional Security Manager will respond.

Best wishes for a happy, HEALTHY and safe New Year.

Federal and NY State security grants updates

February 23, 2020

Eligible nonprofits can now apply for both state and federal grants to upgrade their security. Some requirements apply to both sets of grants.

  1. All not-for-profit organizations must be prequalified in order to do business with New York State and to apply for grants. See the options below, under the appropriate grant.
  2. All New York State applicants must submit their grants through the E-Grants system. If you are already registered, use your existing username and password. If you need to register download the E-Grants Registration Form.
  3. Not-for-Profit (NFP) organizations receiving an award greater than $50,000 are required to complete a Vendor Responsibility Questionnaire.  This form is available at http://www.osc.state.ny.us/vendrep/forms_vendor.htm .  Vendors can also file the Vendor Responsibility Questionnaire online through the Office of the State Comptroller (OSC) New York State VendRep System.  To enroll and use the OSC NYS VendRep system, instructions are available at http://www.osc.state.ny.us/vendrep/index.htm

For New York State assistance contact DHSES at 1-866-837-9133 or email them at Grant.Info@dhses.ny.gov. To submit a question to us email to security.requests@jcrcny.org. Click on the buttons below for the necessary forms and the most up-to-date information. Click to the Community Security Initiative (a joint program of UJA-Federation and JCRC-NY) tutorials below for more information and guidance.

UASI

Federal Grant

Hate Crime

New York State Grant

In New York, federal Request for Applications due on March 18, 2020 by 5:00 p.m. Any at-risk nonprofit is eligible to apply for grants up to $100,000. Note the NSGP-UA is for organizations within a designated Urban Area (in NY:  NYC, Long Island and Westchester). Outside the NY Urban Area apply for the NSGP-S grant.

Click on the button above for the official downloads. Here are some additional helpful presentations and sources:

Some changes from last year.

New York State has two possible grants (check the eligibility criteria) and the due date for both Request for Applications is March 16, 2020 by 5:00 p.m. Organizations eligible to apply may request up to $50,000 per site. 

Click on the button above for the official downloads. Here are some additional helpful presentations and sources:

Note: State grant applicants may prequalify using a “streamlined” process found at https://grantsmanagement.ny.gov/securing-communities . Those prequalifying using the traditional prequalification process are prequalified for both grants.

Eligibility

 For the $25 million Securing Communities Against Hate Crimes grant, you must be:

  • a §501(c)(3) organization (see more details in the RFA); AND at least one of the following:
  • a nonprofit, nonpublic school; or
  • a nonprofit day care center; or
  • a nonprofit cultural museum, which is a building or site for the exhibition or promotion of arts and culture of a particular region or people; or
  • a nonprofit residential camp, which is occupied on an overnight basis by persons under eighteen years of age; or
  • a nonprofit community center (The best definition that we’ve seen is from FEMA, “A building, including attached structures and grounds, that is established and primarily used as a gathering place for a variety of social, educational enrichment, and community service activities consistent with the nonprofit’s IRS status.” (FEMA DAP9521.1) DHSES urges applicants that consider themselves to be “community centers” to do their best to explain why they are eligible.).

For the $20 million Securing Communities Against Hate Crimes for Nonpublic Schools and Day Camps grant, you must be:

To be considered for funding, eligible organizations must:

  • Have received a Recognition of Exempt Status Determination letter from the IRS pursuant to 26 USC §501(c)(3). Alternatively, the applicant may self-certify by providing a letter affirming that the organization qualifies as a §501(c)(3) organization and is exempt from tax pursuant to 26 USC §501(a); the organization must maintain tax exempt status throughout the life of the grant. If the organization’s tax-exempt status is jeopardized or placed into question at any point during the life of the grant, the organization must notify DHSES within fifteen (15) days;

AND

  • Meet at least one of the following:
    • are a nonprofit nonpublic school; or
    • are a nonprofit day camp, which is occupied on a scheduled basis at any time between June 1st and September 15th by children under sixteen years of age for a period of less than twenty-four hours;

AND

  • Be at risk of a hate crime due to ideology, beliefs, or mission as described by the applying organization under this RFA;

AND

  • Be registered, have recently applied for registration and such application remains pending, or be exempt from registering with the NYS Attorney General’s Office, Charities Bureau;

AND

  • Be prequalified, through New York State Grants Management at https://grantsmanagement.ny.gov/securing-communities prior to application submission.