November - December 2020 by Loss Prevention Magazine

NOVEMBERâ&#x20AC;&#x201C;DECEMBER 2020 | V19.6 LOSSPREVENTIONMEDIA.COM

LOSS PREVENTION MAGAZINE THE AUTHORITY ON ALL THINGS ASSET PROTECTION

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS TO FIGHT ORC THE STORY BEHIND A $50 MILLION ORGANIZED RETAIL CRIME CASE INSIDER THREATS: OUR OWN WORST ENEMY?

TABLE OF CONTENTS

The Irrational Fear of Cash and the Risks for Retail

6 EDITOR’S LETTER Organized Retail Crime Successes and Initiatives By Jack Trlica

10 RETAIL SPONSORS 12 INTERVIEWING Random or Planned? By David E. Zulawski, CFI, CFE, and Shane G. Sturman, CFI, CPP

The pandemic has changed people’s attitudes about using cash

24 CERTIFICATION Closing the Gap between LP and Safety Interview with Meredith Plaxco, LPC, PetSmart

By Tom Meehan, CFI, and Jessica Pohlen

The Power of Public-Private Partnerships

26 LPM EXCELLENCE LPM Magpie Award: Applauding Excellence Featuring Joe Hopkins, LAPD, and Rhett Asher, ThinkLP

By James Lee, LPC and Jacque Brittain, LPC

44 FUTURE OF LP The Danger of Misinformation on Social Media By Tom Meehan, CFI

35 EVIDENCE-BASED LP Accuracy and Precision By Read Hayes, PhD, CPP

Retailers, law enforcement, and the court system come together to fight ORC

46 ASK THE EXPERT Acting as One during the Pandemic Interview with Hedgie Bartol, LPQ, Axis Communications

Operation Proof of Purchase

59 SOLUTIONS SHOWCASE - Checkpoint - Solink - CONTROLTEK - Protos Security

The story behind a $50 million organized retail crime case

65 ANNUAL INDEX

By Jacque Brittain, LPC, LPM Editorial Director

66 NEW PRODUCT SPOTLIGHT 70 PEOPLE ON THE MOVE 72 ADVERTISERS

72 SUBSCRIPTION FORM

Our Own Worst Enemy?

73 VENDOR SPONSORS 74 PARTING WORDS Through It All, There’s Much to Be Thankful For By Jacque Brittain, LPC

Threats in the mirror may be larger than they appear By Garett Seivold, LPM Senior Writer

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

BECOME PART OF THE W LOSS PREVENTION & ASSET

Now more than ever, itâ&#x20AC;&#x2122;s important to work

With LPFâ&#x20AC;&#x2122;s world leadership in educating and certifying individuals together to network, learn and grow. By wo it the recognition we know it deserves, our LPF Me we provide relevant, convenient and ch

By becoming a part of the membership program, certifications, educational series, and much more while around the world. Help inspire others while movin

BECOM

Los

EDITOR’S LETTER

Organized Retail Crime Successes and Initiatives O rganized retail crime (ORC) is always top of mind to loss prevention and asset protection professionals. Losses to retailers continue to mount as ORC gangs get more and more sophisticated. Fortunately, with the help of partnerships with law enforcement and prosecutors, retailer investigative teams are making inroads against these criminals. Recently, one of the largest ORC busts on record took place in Northern California. LP Magazine was given exclusive access to the CVS Health team who coordinated the $50 million bust, which we first reported on our digital channel, LossPreventionMedia.com, in early October. On page 37 in this print edition, we’ve provided a detailed exposé, “Operation Proof of Purchase: The Story Behind a $50 Million Organized Retail Crime Case,” written by Jacque Brittain, LPC. John Liesching, vice president of asset protection, and Ben Dugan, senior manager of ORC, at CVS Health, praised the work of CVS investigators Anna Isabel Marquez and Ryan Puryear on the ground in Northern California as part of a joint investigation with the Division of Law Enforcement’s White-Collar Investigation Team, the San Mateo County Sheriff’s Crime Suppression Unit, the California Highway Patrol (CHP), and the San Francisco District Attorney (SFDA). This type of coordination between retail and law enforcement is critical to the success of stopping ORC. To further expand on this theme, Executive Editor Jim Lee, LPC, along with Brittain interviewed a panel of experts in the article “The Power of Public-Private Partnerships: Retailers, Law Enforcement, and the Court System Come Together to Fight ORC” on page 27. Christopher Walden from the Utah Attorney General’s Office, Detective Brandi “May” Streeter of

NOVEMBER–DECEMBER 2020

the Oklahoma City Police Department, and Home Depot investigators Rory Stallard and Jamie Bourne offer their insights into ORC and how to develop and leverage these partnerships between private retailers and public agencies. Here at the magazine, we’ve focused a great deal this year on various aspects of the organized retail crime situation in drafting original content and hosting webinars and podcasts. You can find much of this output in the Shoplifting & Organized Retail Crime topic tab on our website. Please check it out. This summer we also launched an initiative focused on promoting and supporting local, regional, and national organized retail crime associations (ORCAs) with a series of meetings with ORCA chapter organizers. These meetings were designed to help us understand the needs and challenges of these volunteer associations and attempt to connect them with industry solutions providers who can provide tools for sharing information and expanding their memberships. This initiative will culminate on December 1 with an ORCAs in Action virtual conference that we hope will be the beginning of a larger, more comprehensive campaign in 2021. For more information about the ORCAs in Action initiative, contact Brittain at JacB@LPportal.com or Kevin McMenimen, LPC, at KevinM@LPportal.com. And be sure to contact Brittain or me at JackT@LPportal.com if your ORC investigative team has success stories you want the industry to know about.

Jack Trlica Managing Editor

LOSSPREVENTIONMEDIA.COM

EDITORIAL BOARD

Charles Bernard Group Vice President, Asset Protection and Comprehensive Loss, Walgreens Ray Cloud Senior Vice President, Loss Prevention, Ross Stores Scott Draher, LPC Vice President, Loss Prevention, Safety, and Operations, Lowe’s Scott Glenn, EDJ, LPC Vice President, Asset Protection, The Home Depot Barry Grant Chief Operating Officer, Photos Unlimited Robert Holm Director, Global Safety & Security McDonald’s Seth Hughes Director, Asset Protection, Risk & Safety, Internal Audit REI Co-op Frank Johns, LPC Chairman, The Loss Prevention Foundation Michael Limauro, LPC Executive Leader, Asset Protection, Whole Foods Market

John Matas, CFE, CFCI Director, Global Fraud, Risk, and Compliance Operations Etsy Randy Meadows Senior Vice President, Loss Prevention, Kohl’s

EXECUTIVE EDITORS James Lee, LPC JimL@LPportal.com

Melissa Mitchell, CFI, LPC Director, Loss Prevention, MAPCO Express

Merek Bigelow MerekB@LPportal.com EDITORIAL DIRECTOR Jacque Brittain, LPC JacB@LPportal.com RETAIL TECHNOLOGY EDITOR Tom Meehan, CFI TomM@LPportal.com

Dan Moren Senior Manager, Starbucks

SENIOR WRITER Garett Seivold GarettS@LPportal.com CONTRIBUTING WRITERS Read Hayes, PhD, CPP Walter Palmer, CFI, CFE Ben Skidmore Shane G. Sturman, CFI, CPP David E. Zulawski, CFI, CFE

Richard Peck, LPC Senior Vice President, Loss Prevention The TJX Companies Joe Schrauder Vice President, Asset Protection, Walmart Stores Tina Sellers, LPC Vice President, Asset Protection, Rite Aid

DIRECTOR OF DIGITAL OPERATIONS John Selevitch JohnS@LPportal.com SPECIAL PROJECTS MANAGERS Justin Kemp, LPQ Karen Rondeau

CREATIVE DIRECTOR Larry Preslar ADVERTISING STRATEGIST Ben Skidmore 972-587-9064 office, 214-597-8168 mobile BenS@LPportal.com

Mark Stinde, MBA, LPC Vice President, Asset Protection, The Kroger Co.

SUBSCRIPTION SERVICES

Pamela Velose Vice President, Asset Protection, Belk

Loss Prevention, LP Magazine, LP Magazine Europe, LPM, and LPM Online are service marks owned by the publishers and their use is restricted. All editorial content is copyrighted. No article may be reproduced by any means without expressed, written permission from the publisher. Reprints or PDF versions of articles are available by contacting the publisher. Statements of fact or opinion are the responsibility of the authors and do not necessarily represent the opinion of the publishers. Advertising in the publication does not imply endorsement by the publishers. The editor reserves the right to accept or reject any article or advertisement.

CHIEF OPERATING OFFICER Kevin McMenimen, LPC KevinM@LPportal.com

DESIGN & PRODUCTION SPARK Publications info@SPARKpublications.com

Hank Siemers, CFI Vice President, Global Retail Security, Tiffany & Co.

NOVEMBER–DECEMBER 2020

2120 Crown Centre Dr. Ste 200 Charlotte, NC 28227 704-365-5226 office MANAGING EDITOR Jack Trlica JackT@LPportal.com

David Lund, LPC Vice President, Loss Prevention, DICK’S Sporting Goods

LOSS PREVENTION MAGAZINE

NEW OR CHANGE OF ADDRESS LPMsubscription.com or circulation@LPportal.com POSTMASTER Send change of address forms to Loss Prevention Magazine P.O. Box 92558 Long Beach, CA 90809-2558 Loss Prevention aka LP Magazine aka LPM (USPS 000-710) is published bimonthly by Loss Prevention Magazine, Inc., 2120 Crown Centre Dr. Ste 200, Charlotte, NC 28227. Print subscriptions are available free to qualified loss prevention and associated professionals in the U.S. and Canada at LPMsubscription.com. The publisher reserves the right to determine qualification standards. International print subscriptions are available for $99 per year payable in U.S. funds at circulation@LPportal.com. For questions about subscriptions, contact circulation@LPportal.com or call 888-881-5861. Periodicals postage paid at Matthews, NC, and additional mailing offices.

LOSSPREVENTIONMEDIA.COM

LOOKING FOR A RESOURCE THAT WILL MAKE YOU

STAND OUT FROM THE REST?

Become a part of our international membership community with an elite network of fellow industry professionals. Gain access to relevant, convenient and challenging educational resources with your membership to The Loss Prevention Foundation. As a member of The Loss Prevention Foundation, you join an association founded by and for loss prevention and asset protection professionals who are committed to elevating our industry to a respected profession. We have development tools tailored specifically to our industry to help you advance your career and other great member benefits such as exclusive discounts and access to resources and international networking and more.

JOIN THE LPF TODAY ...and become involved in our industryâ&#x20AC;&#x2122;s premiere education and certification organization.

LossPreventionFoundation.org

RETAIL SPONSORS

NOVEMBERâ&#x20AC;&#x201C;DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

a service provider to

Join these great companies as an LP Magazine corporate sponsor. Email JackT@LPportal.com for more information. LP MAGAZINE

NOVEMBER–DECEMBER 2020

INTERVIEWING by David E. Zulawski, CFI, CFE and Shane G. Sturman, CFI, CPP Zulawski and Sturman are executives in the investigative and training firm of Wicklander-Zulawski & Associates (w-z.com). Zulawski is a senior partner, and Sturman is president. Sturman is also a member of ASIS International’s Retail Loss Prevention Council. They can be reached at 800-222-7789 or via email at dzulawski@w-z.com and ssturman@w-z.com.

Random or Planned?

hile reviewing our newsfeeds we noticed an article titled, “The World’s Dumbest Criminals.” Of course, having met several incredibly dumb criminals in our careers, the article piqued our interest. Sure enough, there were plenty of examples of dumb mistakes by people committing crimes: leaving their wallet at the scene of the crime, leaving keys and prescriptions, using the back of their checkbook deposit slip to write their bank robbery note, and the list goes on. It makes one wonder if perhaps these people subconsciously wanted to get caught. Having interviewed tens of thousands of criminals in our careers, we highly doubt this is the case. In the post-confession interviews we have conducted, the suspects may say that they felt guilty for what they had done, but not one of them had turned themselves in before they got caught. We think that the simple expression of guilt is a means to justify their actions after the fact. But not one ever indicated they wanted to get caught.

polygraph examination was to clear all their past criminal activity, so they could be tested about their activities from that time forward. There were about 700 offenders, and between them, they made over 42,000 admissions of criminal activity that they had never been questioned, arrested, or prosecuted for. Clearly, this repeated offending made them optimistic about the likelihood of success in their future criminal acts. After all, what’s the odds you’ll get caught this time? Instead of putting his gun in the trunk, he leaves it laying on the front seat where the officer sees it as he approaches the car.

Planned In our experience, people begin to plan their criminal acts well in advance of actually committing them. They consider all the possibilities and eventualities, planning each and every step before they actually do the deed. This planning begins to diminish the fear of consequences and enhances their belief of success. That is not to say that every single crime is planned out from surveillance of the target to the planned getaway. We interviewed a young man who had just been released from custody for murder as a juvenile. Once he reached the age of twenty-one, he was paroled. Shortly after his release, he and a friend decided to go out for a “lick.” What this meant to him was that he and his friend were going to go out and commit a crime to get a taste of the good life. They were looking for an opportunity to present itself. Unfortunately, they were approached by a police officer intending to question them. Before the officer could get out of his car, they shot and killed him. This clearly was a random event, but their plan to commit a crime and their success in the past doing so made them optimistic about their success in committing some type of a crime. Sexual offenders in downstate Illinois were monitored by polygraph testing to assure they would not reoffend. The initial

NOVEMBER–DECEMBER 2020

This is very much like the liar who gets away with his deception repeatedly, giving them a sense of invincibility. This perceived invincibility in getting away with their deception causes them to lie boldly and unnecessarily. It gives the individual a sense of power that they can do or say anything, and nobody will disprove it. Whether it’s committing the crime or offering up a deception, there is an increasing level of confidence that they will be able to control whatever situation they step into. Their past successes allow them to reduce the perceived risk and mitigate attempts at deterrence. While planning varies across crimes, there is also variability due to the subjects’ individual experiences and personal continued on page 14 |

LOSSPREVENTIONMEDIA.COM

of an immediate reward versus long-term success. Still others may look to their peers to bolster their own self-image. The peer who has successfully gotten away with previous criminal acts reduces the appearance of risk since they have avoided punishment. All this, however, does not factor in with the opportunist. Observing a lone individual on the street, an unoccupied running vehicle can be prime targets for the opportunist whose planning may be limited to a quick view of the surrounding area. In these situations, the peer can become a co-decider in making the decision to offend. With the help of a friend, the individual can change his own perception of risk and reward making the decision to commit the crime easier. So the passive influence provides support, attention, or status to the person considering offending. These are only useful if the person is present or is likely to find out about the crime and respond positively to learning about it. The possibility of being rejected for one’s act can create anxiety and perhaps ridicule, seriously impacting the individual’s self-image. However, if the peers are supportive of the individual’s action, it reduces feelings of responsibility and lessens the seriousness of the incident by spreading it amongst others. Finally, and maybe as importantly as anything else, having a peer to share the excitement of the event can increase the pleasure of success. The shared enjoyment far outweighs a success experienced alone. What we have just discussed revolves around a passive peer influence versus one of an active nature. When peers act as instigators, they may point out opportunities that the individual would have missed or not considered. In a study titled “Peers and Offender Decision-Making” published in Criminology & Public Policy (Hoeben and Thomas 2019), 87 percent of group offenses committed by adolescents pointed to one peer as the instigator. This instigation may have been initiated by offering suggestions or advice. In some cases, it may have even revolved around reassurance that a correct decision was being made. Also actively influencing another may involve becoming a co-offender providing help and trusted advice on how to commit the offense. The division of labor and advice born from experience reduces the risk while increasing the likelihood of success. There is also an element of trust with the co-offender that provides the psychological support for the individual and his self-esteem. In our experience, people have planned their crimes to some extent by simply thinking through the possibilities that might occur and how they might have to deal with them. The dumb criminal is likely to be one who becomes careless because of past successes, much like the liar who lies when it is unnecessary. The level of planning certainly can be influenced by peers, and as we have discussed, this can be either in a passive or more assertive fashion to alter the individual’s perception of risks or potential rewards. Importantly, there is likely to be a leader amongst a group who instigates and later promotes the continued offending. While some offenders may give the appearance of committing a dumb crime, don’t be fooled that they were looking to be caught and punished. In our experience we have never found this to be the case.

continued from page 12

situations. Those that need money instantly for drugs or sustenance do less planning than others who are looking for a larger score. Depending on the individual, the planning could be visiting the target beforehand to understand the setting and perhaps conducting surveillance compared to those who make a more spontaneous decision after a few moments of observation. For example, in one study experienced and inexperienced shoplifters were walked through a simulated retail store. The experienced shoplifters reported paying more attention to employee positioning, access control, and tagging compared to the inexperienced individuals. The experienced shoplifters also took note of the store layout, fixture design, and packaging than the inexperienced. The risk of detection can also be mitigated by the experience of other criminals who have successfully committed crimes at the location. This street intelligence can be shared with others in the social group regarding opportunities or vulnerabilities of particular areas. This peer group probably has several advantages in mitigating risk for the individual.

The possibility of being rejected for one’s act can create anxiety and perhaps ridicule, seriously impacting the individual’s self-image. However, if the peers are supportive of the individual’s action, it reduces feelings of responsibility and lessens the seriousness of the incident by spreading it amongst others. Research has shown that the availability of a peer lowers the offender’s assessment of the risks of committing the crime while making him more tolerant of the risk. Certainly, the decision to offend is generally a rational one based on the probability of detection, possible punishments, and social disapproval of family and friends. These are balanced by the possible benefits derived from committing the crime. This could also include the thrill of the act, material benefits, and perhaps even increased status amongst peers. This rational decision-making will likely be different for different people. Some may see the thrill as more important than the reward while others view it differently. Still others may view immediacy as important while others view long-term rewards.

Opportunistic It’s often said that birds of a feather flock together, and this is never truer than with the criminal element. Peers can help shape an individual’s behavior over a long period of time and perhaps make committing a crime more rewarding. It is also likely that between peers there will be differences in their view

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

Photo illustration by SPARK Publications Foryoui3/Fotyma/bookzv/Vector-3D/Shutterstock.com

FEATURE

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL By Tom Meehan, CFI, and Jessica Pohlen

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL

cross the country, it feels like there is a push from retailers to eliminate cash. We see signs saying “exact change only” posted at cash registers due to the nationwide coin shortage, and there are even marketing efforts with the slogan “contactless payment options now available” popping up in commercials. Business owners are all too familiar with the challenges of accepting cash. Making sure you have the proper float for your employees, coordinating cash-in-transit (CIT) pick-ups, and reconciling point-of-sale (POS) data with bank deposit information can be difficult, not to mention the risk of internal shrink. Add on the recent and exponential growth in public concerns about the safety of using cash at all, and cash management really has become a challenge, rather than a solution. Universal concerns about the safety of using cash at all has retailers seizing the moment to push for cashless payment systems. The changing attitudes toward cash affects more than just the traditional retailer. This impacts any business where cash is transacted, from convenience stores and restaurants to stadiums and airports. Though the coronavirus pandemic has significantly changed nearly every part of our lives, the fear of cash itself is irrational. Now that the legitimate concern around being in public spaces has been validated, we understand the transmissibility of the virus that causes COVID-19 much better than we did six months ago. Likewise, retailers shouldn’t be too quick to disassemble their cash management infrastructure. After all, the fear of cash is a by-product of an unprecedented moment in history. While one of the biggest priorities to avoid the spread of the virus that causes COVID-19 is to reduce contact between people as much as possible, it is possible to take this too far. If retailers aim to eliminate cash from their business operations, they are not only alienating a large proportion of their customers, in many cases, but also embarking on a rapid digitization that opens the door to a great deal of security risk unique

to digital payments, such as fraud or data breaches. The approach doesn’t need to be all or nothing. The most critical piece currently missing from the retail leader’s tool belt is an awareness of options and best practices to conduct all payment transactions from a safe distance. With the rampant growth of technology in the retail space, there are many solutions for retailers to conduct cash transactions while protecting the health of both customers and employees.

COVID-19 Has Changed Consumer Behavior Since COVID-19 was first declared a national emergency in March of this year, fear has been the driving force behind many of the changes we have seen in the retail industry. A healthy dose of fear can be incredibly beneficial—studies have shown that safety measures such as wearing masks and washing our hands more frequently can slow the spread of the virus. Retailers were quick to react and extremely proactive in adopting increased health and safety measures, such as frequently sanitizing high-touch surfaces like shopping carts and checkout keypads, in their stores. Many loss prevention teams have eliminated reusable cash deposit bags, switching to single-use tamper-evident cash bags to protect their employees from unintended exposure to the virus. However, some of these safety procedures have created a psychological impact on consumers, making them concerned about leaving home for any nonessential purchases. Likewise, the varying levels of enforced protection from retailers have employees struggling to feel safe at work, where they must defuse confrontations with customers unwilling to wear masks or practice social distancing. Customers enter a store with the goal of getting in and out as quickly as they can. Employees go to work with the hope that they can minimize their contact with others as much as possible.

NOVEMBER–DECEMBER 2020

These anxieties, although perfectly understandable, have a real impact on how people view not just your store but the retail experience as a whole.

Making Customers Feel Safe in Stores In the new age of the pandemic, retailers have a greater responsibility than ever before to make their customers feel safe when they enter a store. Of course, retail loss prevention experts are familiar with all the threats that exist beyond the coronavirus, like shoplifting, internal theft, privacy risks, compromised data, and more. But safety measures to protect customers and employees from exposure to the virus are much more visible and have a direct impact on whether a customer even enters your store at all. Recently, I had my own experience going to a store about an hour from where I live to return an item I had purchased online. As I entered the store, mask on and staying six feet away from others, I saw that several people in the store were not wearing masks. I felt so uncomfortable by the situation that I just left without completing my return. I found myself wondering, “Why isn’t this retailer taking steps to make me feel safe?” I’ve never met anyone who intentionally goes to a store in the worst area of town, because they see it as a risk to their safety. The odds are that nothing will happen, but consumers will think twice before going, and they certainly will not linger for any longer than necessary. Similarly in this new paradigm, why would I risk shopping in-person, even if I used to enjoy the experience, if I don’t feel safe going in the store at all? Limited store occupancy, plexiglass barriers between the cashier and the customer, social distancing indicators on the floor, one-way aisles, and the avoidance of touching common items like cash, payment cards, and even the receipts—we have become so used to these protocols that not seeing them in a public space can even deter people from entering these spaces at all. Perceived safety, or security theater, is just as important as the actual safety of the

LOSSPREVENTIONMEDIA.COM

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL Security experts are even looking at how to adapt technology outside of traditional loss prevention to the new demands of the retail space. For example, thermal imaging cameras have hovered in the periphery of retail loss prevention for a few years. With temperature screening as one of the most common public safety measures in a COVID-19 world, many retailers are

Implementing Effective Safety Measures, Not Just Popular Ones

WHYFRAME / Shutterstock.com

situation. When it comes to COVID-19 strategies like masks and social distancing, this security theater is even more valuable. Enforcing these protocols not only helps reduce the spread of the virus but also shows your customers that you care about their health. A study from McKinsey found that in-store foot traffic will only return when people trust that these

With so many unexpected changes in the retail industry this year, we’re also seeing an evolution in how customers and retailers will manage the in-person shopping and transaction experiences. How can we balance the need for safety and a desire for normalcy while also pursuing digital transformation for the long-term future of retail? spaces are safe and virus free. This isn’t limited to increasing disinfecting routines or mandating masks for all customers and employees: retailers must consider the shopping experience as a whole. Contactless options, such as pick-up lockers, curbside pickup, and self-checkout, have become more popular than ever, particularly among millennial and Gen Z shoppers. As retail stores shift operations to accommodate more self-checkout or scan-and-go transactions, retail leaders are racing toward the technologies they know in hopes of reengineering the transaction experience.

looking to thermal imaging as a solution for screening customers’ temperatures at the entrances to their stores. Given advancements in security technology, customers’ perception of their safety in stores hasn’t been a major challenge for retailers for at least a couple of decades. With the pandemic challenging customers’ sense of safety, it is important that we rely on our security expertise to find solutions that are as effective at protecting everyone in the store as they are at signaling security theater. Both reassure customers about in-store safety and provide effective protection for everyone in the store. LP MAGAZINE

NOVEMBER–DECEMBER 2020

As we continue to learn about the most effective health and safety measures to implement in public spaces, we’re also finding that some of the methods pushed early on in the pandemic aren’t exactly logical. For example, one-way aisles were widely adopted in essential retail businesses as early as April. Walmart, Kroger, and other retailers led the initiative to implement directional arrows to guide customers through the store layout. This strategy was created with good intentions—to reduce the chances that customers would run into each other while moving through store aisles. However, many customers became frustrated by how one-way aisles extended the time they spent in the store and put them at greater risk for exposure to the virus. In May of this year, the supermarket chain Giant announced that they would no longer enforce one-way aisles in their stores, in response to customer concerns about increased shopping times. Like one-way aisles, some retailers have started using a collection tray to accept and return cash, instead of physically touching the coins and notes. While the intention is noble, unless exact change is given, both the consumer and the employee will touch the money that was handled by the other. The only potential positive in this experience is the perceived effort on behalf of the retailer. We’ve seen many technological solutions to address widespread health concerns, such as thermal imaging cameras that measure body temperature to QR codes replacing physical menus at restaurants. However, when we look closely at public concerns about the transmission of COVID-19, they really all come down to reducing shared touchpoints. Rather than overinvesting your resources in health and safety “trends,” look closely at your operations and your customers.

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL

Along with public concern about the risk of exposure in stores, there is also a residual uncertainty about the risk of viral transmission from cash. The confusion about the safety and hygiene of cash transactions is in part due to a misrepresented comment from the World Health Organization (WHO) in March about the possibility that banknotes could transmit COVID-19. At the time, the British media immediately reported that the WHO stated that cash could spread the virus. In actuality, the WHO had stated that everyone should wash their hands after handling money, especially if they are handling or eating food, as a general practice of good hygiene predating the pandemic. Although this comment was clarified, we are still seeing misplaced fears about cash. This type of public concern isn’t new. Throughout American history, public health crises, such as the smallpox outbreaks in the nineteenth and early twentieth centuries, have blamed cash for spreading disease. However, back then we didn’t have the science to understand basic hygiene, let alone the resources to study cash as a vector for transmission. Since that misreported WHO comment, central banks and many other cash advocates have funded research, released reports, and launched campaigns to reassure the public that cash is safe. LendEDU, an online marketplace for financial products, tested a range of high-contact surfaces, such as door handles, park benches, and public restrooms, along with credit cards and cash, and found that both cash and coins carry far less bacteria than credit cards. Studies have found that the virus that causes COVID-19 can live on plastic for up to seventy hours, compared with twenty-five hours for cardboard. The WHO announcement and other articles may have affected the way consumers behave at checkout, but not as much as some would care to believe. In fact, the Federal Reserve Bank of San Francisco reported that 70 percent of survey respondents are

not avoiding using cash during the coronavirus pandemic. In fact, while in-person payments have decreased since March, 59 percent of people still use cash during COVID, maintaining a similar rate of cash usage in person compared to prepandemic times.

Increased Expectation of Contactless Payments However, it’s clear that consumers are still concerned about handling money. According to a study from Rapyd, a global payments company backed by digital payment giant Stripe, 60 percent of consumers surveyed

throughout Europe and Asia, but this digitization could take years for the United States. Consumer adoption of digital payments has been expected to take years. But COVID-19 ramped that up into mere weeks. In Latin America, 13 million people made their first-ever e-commerce transaction by the end of March of this year.

Cash Is Not a Bygone Payment Method Given the popularity of digital payments with millennials and Gen Z, whose decisions will shape the future of the payment ecosystem, sometimes

Pressmaster / Shutterstock.com

Cash Transactions Have Been a Casualty of the Pandemic

A study from McKinsey found that in-store foot traffic will only return when people trust that these spaces are safe and virus free. This isn’t limited to increasing disinfecting routines or mandating masks for all customers and employees: retailers must consider the shopping experience as a whole. plan to use digital or other contactless payments in the future, rather than cash and coins, because of the COVID-19 virus. Although the majority of respondents did not support eliminating paper money and coins entirely, we can see that consumers are expecting a rapid adoption of digital payments across the retail space. Contactless payments and digital wallets are already incredibly popular

NOVEMBER–DECEMBER 2020

it really does look like we are on the path to a fully cashless society. Rapid digitization throughout the retail industry makes the shift to digital payments seem even more urgent. The retail push for cashlessness has gained enough traction that many municipal and state governments are using legislation to fight it. In 2019, cities like San Francisco and Philadelphia, along with the state of

LOSSPREVENTIONMEDIA.COM

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL New Jersey, banned merchants from accepting only card and contactless payments. New York City followed in their footsteps earlier this year, passing a bill to ban cashless businesses.

The Most Accessible Form of Payment There is a major reason we cannot eliminate cash as a payment method: nearly 20 million (6 percent) Americans are unbanked, meaning they live in a household holding no accounts with formal, insured financial institutions. Another portion of Americans are underbanked, which means they have at least one account at an insured institution, but they also use financial services outside of the banking system, like payday loans or cash-checking services. Combined, these groups make up approximately 25 percent of the population: that’s tens of millions of Americans, often low-income people and minorities, who rely on cash as their primary form of payment.

By definition, a cashless system would exclude millions of people, who often simply cannot afford to be part of the American banking system. Most major banks have high barriers to entry, such as requiring checking and savings accounts to carry a minimum balance to avoid service fees. Combined with overdraft fees, ATM withdrawal fees, and even debit card swipe fees, it can be very expensive to have a bank account at all. In fact, most unbanked people today used to have bank accounts but closed them so that they wouldn’t have to pay unexpected fees. The majority of these issues cannot be resolved on an individual level. It’s not about changing the consumer mindset about bank accounts but rather addressing large structural issues that prevent these spenders from having regular, affordable, and worry-free access to a bank. If cash continues to be de-incentivized by retailers, unbanked or underbanked individuals without access to the latest fintech could basically

LP MAGAZINE

NOVEMBER–DECEMBER 2020

become second-class citizens, unable to even pay for groceries if stores like Amazon Go become the norm.

Misconceptions about the Popularity of Cash Only older generations like to use cash. False. Cash use is just as high among individuals aged eighteen to twenty-four—the prized Gen Z market—as it is among those fifty-five and older. Gen Z also nearly doubled the average amount of cash they hold from $20 in 2018 to $39 in 2019. Consumers don’t use cash because they prefer to shop online. False. The increase of online payments has been extremely slow, growing from 3 percent in 2016 to just 4 percent in 2019. Furthermore, the significant majority of payments are still being made in person. Cash remains the most-used in-person payment, making up 35 percent of in-person transactions. Everyone is switching to online payments. False. Seventy-five percent of survey respondents did not switch from

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL in-person to online or phone payments due to the coronavirus; those who switched did so primarily for restaurants, fast-food, and big-box stores.

How Society Views Cash Could Put Retailers at Risk The public concern for health risks during a pandemic isn’t the only factor behind cash’s poor public image. For retailers, cash can be more of an inconvenience than a benefit. There are many reasons behind this perspective—cash management is an added expense, cash transactions are slower than debit and credit card or digital payments, and cash is just a lot heavier than a virtual ledger of digital payments. The sudden increase in civil unrest over the summer introduced another obstacle to retailers and how they manage cash—how to protect the cash they keep in their stores. In our discussions with several retailers, we’ve found that most have not changed their core cash handling processes. However, many have changed the amount of money that they’re keeping in the till, as a preemptive measure against looters or other types of civil unrest that could affect their stores. Keeping the opening till amount low requires more frequent cash drops into a smart device or through more frequent pick-ups with the retailer’s CIT partner, in order to reduce the amount of cash at risk for loss or theft. While this keeps retailers’ cash safe, it also affects their business operations. If they don’t have cash on hand to make change, do they have the digital infrastructure to take debit and credit cards or other cashless payments?

The Risk of Rapid Digitization Rapid digitization has been a consistent challenge for organizations across all industries looking to keep up with their digitally native competitors. For years now, both the retail and banking industries have been on a sort of digitization roller coaster—constantly in pursuit of technology to varying degrees of success.

With the shift in consumer behavior toward online shopping, e-commerce has come under an even stronger microscope than ever before. Organizations outside of retail are looking at e-commerce as an example of how to move their business operations online, harnessing software like Zoom to bridge the gap between their employees and customers at home for virtual appointments. The progression to a more widespread use of technology in different areas of our lives has been happening slowly over the past few years, only to be expedited by the unprecedented crisis of a pandemic in the age of globalization. More than ever before, we need technology to keep us connected. This transition has moved even more quickly than many retailers are prepared for, opening the door to fraud. COVID has become a force multiplier of digitization, increasing both merchant expectations and consumer demand in ways we haven’t imagined. This creates a wide variety of challenges, including cyber risk, consumer adoption risk, training changelessness, life cycle management, and resource availability, to name a few. Some retailers have been slow to adopt digital payments. The pandemic has forced them to take what would normally be an eighteen-month rollout and condense it into a one-week adoption. This poses a significant risk to contactless fraud, customer friction, shrink, and employee error. By making payments digital, retailers open themselves up to the risk of bad actors gaining access to their systems in a whole new way. With cash, the risk is contained to the physical store. By moving online, this information could be accessed by anyone, anywhere in the world. One of the major challenges for retail cyber security is protecting sensitive data, like customers’ delivery addresses and phone numbers. When this information is compromised in a data breach, it mostly affects the retailer. While a data breach can obviously be a huge setback for the retailer’s bottom line, their reputation among customers isn’t as impacted. The customer doesn’t lose money.

NOVEMBER–DECEMBER 2020

But if payment information is compromised, this hurts customers directly. Because of a data breach that gave bad actors access to their credit card information, customers can face problems like identity theft and credit card fraud, which can irrevocably damage a retailer’s public image. And a good reputation is something that no amount of money invested in technology can buy. Digital payments can be much more expensive than cash for retailers. The processing fees for credit cards and digital payments cost retailers more, since these fees are charged per transaction, rather than per cash pickup with a CIT company. In the long term, processing digital payments can become much more expensive than the costs of cash management, especially for retailers who want to transition the majority of their payment processes to digital. For smaller businesses, their margins can be seriously impacted by taking more digital payments. Contactless and mobile payments, while convenient for the customer, put the burden on the retailer to install new technology in their stores. New POS systems aren’t cheap, and the fees to process all these new digital payments can add up, reducing a business’s profit more than they anticipated.

The Resilience of Brick-and-Mortar Sales There is a risk of “over-digitizing” retail, beyond the numbers and dollar signs. Despite the unexpected changes in the retail industry brought on by the COVID-19 pandemic, the industry is not much different than it was even just a few months ago. Retail is still predominantly a brick-and-mortar market. Over-digitizing retail, without giving consumers enough time to adapt to the “new retail,” could alienate those who are used to the near-immediate satisfaction of in-person shopping. While online retailers are even more visible than before, retail has kept up with e-commerce for decades. Many retailers have transformed their stores into experiences, which cannot be replicated online. Brick-and-mortar stores offer

LOSSPREVENTIONMEDIA.COM

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL Digital transformation is moving much more rapidly than we predicted, and we will all have to move with it. As digitization of the retail industry continues, we need to include cash in this evolution as well.

Why Forced Innovation Doesn’t Work Innovation is one of the driving forces in the evolution of retail, along with basically every other industry out there.

processes, or making more cost-effective decisions. In fact, when we find ourselves focused on innovation purely for the sake of it, we can even lose sight of the issues unique to our own organizations. One of the most popular innovations in retail in recent years is self-checkout. It’s an incredibly attractive technology. You can reduce the amount of employees needed at cash registers, freeing up your team to focus on customer service or inventory control,

Stokkete / Shutterstock.com

in-person customer service, such as technical experts and advisor programs, to facilitate long-term customer relationships. By the end of the third quarter of this year, e-commerce made up 16.1 percent of all retail sales in the United States, a small increase from 11.8 percent in the first quarter of this year. In fact, the share of e-commerce sales in the midst of the COVID-19 pandemic has not changed from its share of retail sales in 2019, reported as 16 percent based on data from the US Department of Commerce. Although online shopping is convenient for consumers, many people prefer the satisfaction of purchasing an item in store. Buy online, pick up in-store (BOPIS or sometimes BOPUS) sales went up over 250 percent in August 2020, compared to August 2019. BOPIS allows shoppers who are concerned about the safety of in-store shopping to have the best of both worlds—the convenience of shopping online and the almost immediate gratification of picking up their purchase at the store. A survey from Adobe Analytics also found that 30 percent of respondents prefer BOPIS over delivery, giving brick-and-mortar retailers another edge over e-commerce. As states reopen businesses, e-commerce sales are slowing down while brick-and-mortar retailers continue to improve BOPIS and in-store health and safety measures to protect both customers and employees. BOPIS isn’t a new phenomenon in any industry. In fact, we’ve seen this approach work quite successfully in another field: quick-service restaurants (QSR). For years, QSRs have relied on contactless transaction methods such as drive-thru to drive their businesses. By catering to the consumer’s demand for convenience, the QSR industry has evolved beyond drive-thru to even more efficient processes, such as integrated mobile-order systems that connect the kitchen to the customer pick-up window. Although this technology began in the QSR world, these strategies can be implemented in other industries as well, just as we’ve seen with BOPIS in the retail space. Though brick-and-mortar retail is far from dead, it will never be the same.

LendEDU, an online marketplace for financial products, tested a range of high-contact surfaces, such as door handles, park benches, and public restrooms, along with credit cards and cash, and found that both cash and coins carry far less bacteria than credit cards. Studies have found that the virus that causes COVID-19 can live on plastic for up to seventy hours, compared with twenty-five hours for cardboard. Organizations want to stay ahead of their competitors, so we naturally gravitate toward innovation as the means to do so. But when we view innovation as the ultimate goal, that’s when it becomes forced, instead of a natural evolution. As soon as we set innovation as our goal, the only possible results are either success or failure. And from there, innovation no longer becomes about solving problems, like looking for inefficiencies, simplifying LP MAGAZINE

NOVEMBER–DECEMBER 2020

and it’s very appealing to customers. When considering implementing technology like self-checkout, retailers typically stop at the question, “Can it be done?” But there are more important questions, such as, “Is it scalable? Will it enhance the customer experience? Will it help us earn more?” Self-checkout isn’t a one-size-fits-all solution. For retailers who sell high-value merchandise such as electronics or luxury

THE IRRATIONAL FEAR OF CASH AND THE RISKS FOR RETAIL handbags, it can obviously become a huge risk to their asset protection strategies. Retail loss prevention experts should look at new technology, like mobile POS systems and RFID tracking, with a similar critical eye. Ask yourself, “Will this technology add value to my organization in areas that need it?” If this solution doesn’t resolve one of your business’s problems or prevent an issue from happening at all, then you might have fallen into the trap of forced innovation.

For retailers who want to reduce physical interaction as much as possible, we can look at the “assisted self-checkout” process, where the cashier still rings up the customer’s purchase, but the payment step is all on the customer. This process is faster than “pure” self-checkout, which takes longer because the customer has to scan their own items and then pay at the end. Assisted self-checkout uses POS cash recycling

to handle cash or touch payment terminals at all. POS cash recyclers automate transactions, so cashiers never touch the cash provided by the customer, and likewise, customers are receiving their change from a machine rather than from someone’s hand. This also offers an incredible benefit to loss prevention because it removes cash from the hands of cashiers and gives the LP team real-time visibility of the cash stored at

All of this isn’t to say that technology is the enemy. In fact, technology has driven the retail industry to evolve in ways we haven’t expected, from using RFID technology to improve inventory control to creating smart safes that count and validate cash, streamlining the CIT and cash reconciliation process. When we’re looking at how to improve retail cash management, it’s not a binary question of staying analog or going completely digital. Technology works successfully when it’s used as a tool to improve our existing processes, not to replace the human element of retail, even in the age of the coronavirus. Although many retail technologies have a reputation of replacing employees, most of these solutions can create a hybrid experience.

Imagining a New Checkout Process Retailers are now looking into solutions that facilitate cash transactions, similar to the card payment terminals just outside the plastic barriers at cash registers in stores. With this type of cash processing technology, cash transactions can become just as seamless as cashless payments, eliminating retailer concerns around inefficiency. These newer terminals are often constructed with easily cleanable surfaces that are meant to undergo frequent sanitation, compared to the keypads that have been routinely destroyed from cleaning solutions under COVID-19 sanitation recommendations.

Andrey_Popov / Shutterstock.com

Technology Can Provide Cash Security for Both Consumers and Employees

Cash transactions can become just as seamless as cashless payments, eliminating retailer concerns around inefficiency. These newer terminals are often constructed with easily cleanable surfaces that are meant to undergo frequent sanitation, compared to the keypads that have been routinely destroyed from cleaning solutions under COVID-19 sanitation recommendations. to give customers contactless payment options beyond debit and credit cards or digital payments. If a customer wants to pay with cash, they can insert paper money or coins into the machine, which will also give them their change, just as we see at typical self-checkout terminals.

Contactless Cash Transactions as a Long-Term Solution By leaving the payment step entirely in the hands of the customer, employers are able to eliminate the need for employees

NOVEMBER–DECEMBER 2020

each till, centralizing cash responsibility. This type of technology widely adopted in Europe has failed to make major traction in the US thus far, but that is set to change with COVID. With solutions like assisted self-checkout, retailers can both minimize touchpoints and improve the customer experience in a sustainable way that will last beyond the COVID-19 pandemic.

What Can Retailers Do Next? While COVID-19 is a temporary challenge we are all facing, it’s impossible

LOSSPREVENTIONMEDIA.COM

to deny that this pandemic will have permanent effects on our world, particularly within the retail space. As we continue to adapt our lifestyles to the evolving post-pandemic landscape, we must look toward the long-term future of retail, rather than only seeking out solutions for short-term problems. As with the evolution of retail as a whole, retailers still have to adapt their operations based on consumer desires. This means making adjustments for customers, many of whom prefer the in-person retail experience but need reassurance that retailers are taking health and safety concerns seriously. While the fear of cash itself is irrational, it is imperative for retailers to stay up to date with cash management trends, both within the industry and among consumers. By looking at cash as another part of customer service, rather than a necessary evil, retailers can implement solutions that not only make the process more streamlined but also improve the customer experience, now and in the far future. TOM MEEHAN, CFI is retail technology editor for LP Magazine as well as chief strategy officer and chief information security officer for CONTROLTEK. Previously, Meehan was director of technology and investigations with Bloomingdale’s, where he was responsible for physical security, internal investigations, systems and data analytics. He currently serves as the chair of the Loss Prevention Research Council’s (LPRC) innovations working group. Meehan recently published is first book titled Evolution of Retail Asset Protection: Protecting Your Profit in a Digital Age. He can be reached at TomM@LPportal.com. JESSICA POHLEN serves as the vice president of global product commercialization, responsible for global go-to-market strategy at SUZOHAPP, a global payments management technology leader. Her knowledge of global markets comes from living a decade in Brazil, where she successfully launched an import, distribution, and consulting enterprise. Her keen observation of consumer behavior launched her into the cash management world in 2016 through work with CataMoeda, a Brazilian Fintech IoT. LP MAGAZINE

NOVEMBER–DECEMBER 2020

CERTIFICATION Interview with Meredith Plaxco, LPC

Closing the Gap between LP and Safety

Plaxco joined PetSmart in 1997 and has been with the company for over twenty years. Prior to her current role as vice president leading the company’s loss prevention and safety organization, she has held various leadership positions in LP and safety on the finance team, as well as leadership roles within the stores/field, store operations, and corporate communications teams. Plaxco’s organization is accountable for safety, security, regulatory compliance, crisis management, asset protection, total loss, and investigations, but they call it simply “keeping the pack safe and protecting profit.”

Why did you decide to pursue your LPC certification? In large part, to give my team and me some refreshed industry-based points of view to continue evolving our strategic framework, embedding innovation, and developing our long-term plan for results. Many of us in the LP and safety industry are guided by our cross-functional experience and education coupled with mentors, leaders, and trusted advisors, and I wanted to challenge my assumptions around how we obtain our current and future success.

extremely well done, especially the amount of legislative and regulatory safety requirements. As more and more retailers gravitate toward the model of loss prevention and safety as one department, this is a gap in many certifications, but LPC met the need and then some on both fronts. What benefits have you seen from taking the course? I have encouraged the team to challenge more and evolve time-tested thinking to try and do things differently—starting with the Loss Prevention Foundation standard and building from there. The coursework and areas covered create a common language when interviewing and networking externally as well.

Was the coursework what you expected? I was surprised at how robust the content was, the depth of topics, and the quality and quantity of material examples that were included in the coursework, all of which give you compelling takeaways to apply as you’re going through the prep coursework.

If you could offer one key takeaway to someone currently considering getting certified, what would it be? You owe it to the team you serve to develop yourself. Yes, it’s a challenging course, but in completing it you will see a multiplying effect in your leadership and your ability to lead well into the future. Don’t wait. Just start and keep going—the time will pass anyway.

Talk about the process of going through the coursework and taking the exam. Time-boxing and calendaring your plan for completion is key here. There is no shortcut for absorbing the content, and no amount of cramming will overcompensate for poor planning up front. The online coursework is outlined well to allow you to properly plan and conveniently complete the work, but be prepared to do the work. This certification is both challenging and rewarding, and you will walk away a better safety and asset protection professional.

How would you compare the foundation certifications to other educational courses that you’ve taken? In comparison, other industry courses have often been stale and even out of date. The LPC is the opposite. You will be challenged to think differently, and the content is relevant. The modules are very well done—a good mix of content delivery for all learning styles.

Looking at your own personal background and knowledge, what information in the course helped you the most? The content and concepts were a great refresher and reestablished our baseline surrounding crisis management, criminology, financial accounting, and management of the various forms of loss across e-commerce, supply chain, and bricks-and-mortar theft and fraud, on top of new content and calculations in assessing loss to scale treatment and prevention strategies.

How has certification changed your expectations of loss prevention as a career, for yourself and for others? The course has helped me identify and recruit talent from unexpected backgrounds by the linkages the content helps you draw to other professions outside of LP and safety. Pulling in other areas of expertise and showing them how their backgrounds can make them strong leaders and contributors in our space is invaluable to growing the value of any LP and safety organization.

What was the most eye-opening information that was part of the curriculum? The balance of content between enterprise loss prevention (specifically the Total Loss approach) and safety was

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

Would you recommend certification to others? Wholeheartedly, yes! This is not a watered-down, easy LP/safety certification. Be prepared to work, and you will be rewarded in your competence, confidence, leadership, and perpetual growth potential for your organization.

Newly Certified

Following are individuals who recently earned their certifications.

Recent LPC Recipients

Michelle Albrecht, LPC, Helzberg Diamonds Derek Ball, LPC, TJX Chris Barkis, LPC, TJX Dwayne Bryant, LPC, Ascena Retail Group James Connell, LPC, Walmart Marisa Correa, LPC, TJX William Dammarell, LPC, TJX Joan Dawson, LPC, TJX Lou DiLorenzo, LPC, Allied Universal Ronald Gillenberg, LPQ, LPC, CFI, Navy Exchange Service Command (NEXCOM) Tiffany Gray, LPC, Walmart David Johnson, LPC, John Lewis PLC Kenneth Labadie, LPQ, LPC, The Parker’s Companies Leslie Lorquet, LPC, Whole Foods Market David McCreary, LPC, Lowe’s Micah McGhee, LPC, Meijer Billie Moore, LPC, TJX Christina Nolin, LPC, TJX John O’Mara, LPC, TJX Joseph Park, LPQ, LPC, Heinen’s Fine Foods Manuel Queiroga, LPC, PETCO Steven Rock, LPC, Dollar General Catherine Rock, LPC, TJX Marc Santagata, LPC, Big Y Foods Marc Stallo, LPC, Kroger Zebulon Strickland, LPQ, LPC, Albertsons Nicholas Trischitta, LPC, Century 21 Stores Adella Warren, LPC, TJX

Recent LPQ Recipients

John-Paul Bonilla, LPQ, T-Mobile Kat Chapman, LPQ, Meijer Greg DePuy, LPQ, Meijer Keeley Lockhart, LPQ, DICK’S Sporting Goods Bob Mastenbrook, LPQ, Meijer Byron McGee, LPQ, Finish Line Michael Monaghan, LPQ, Steve Madden Tim Read, LPQ, ThinkLP Barb Roper, LPQ, Meijer Andres Rosales, LPQ, Home Depot Elaine Singer, LPQ, JCPenney Hutchens Stacey, LPQ, Home Depot Chris Steinman, LPQ, Meijer David Stone, LPQ, Meijer Joshua Suderback, LPQ, Home Depot David VanderBaan, LPQ, Meijer LP MAGAZINE

NOVEMBER–DECEMBER 2020

LPM EXCELLENCE

LPM Magpie Awards: Applauding Excellence

The LPM “Magpie” Awards offer a means to celebrate industry accomplishments on an ongoing basis, recognizing the loss prevention professionals, teams, solution providers, law enforcement partners, and others that demonstrate a stellar contribution to the profession. The ability to influence change is a product of drive, creativity, and determination, but it also requires a unique ability to create a shared vision that others will understand, respect, support, and pursue. Each of the following recipients reflects that standard of excellence, representing the quality and spirit of leadership that makes a difference in our lives, our people, and our programs. Please join us in celebrating the accomplishments of our latest honorees.

Excellence in Partnerships

“When building public-private partnerships, or any meaningful partnerships for that matter, I believe that it’s extremely important that all parties involved carry an open mind and be considerate of the issues and responsibilities impacting their counterparts,” said Hopkins. “While we may ultimately share the same goals, quite often the priorities of each organization may not always fully align. We can have different perspectives and different approaches, so it is imperative to establish common ground. Cooperation and mutual respect provide the foundation that everything else is built upon.” A twenty-three-year veteran of the Los Angeles Police Department (LAPD), Hopkins has worked various detective assignments such as crimes against persons, burglary, financial crimes, and commercial crimes, among others. His current assignment is with Commercial Crimes Division, Cyber Crimes Section, and he is the section’s community business coordinator where he serves as the liaison to numerous public-private partnerships, including the Los Angeles Area Organized Retail Crimes Association (LAAORCA). He is an advising board member for the International Association of Financial Crimes Investigators (IAFCI), a director of Law Enforcement and Private Security (LEAPS), and was instrumental in the founding of the California Organized Retail Crimes Association (Cal-ORCA). He was recently named a board member for the Coalition of Law Enforcement and Retail (CLEAR). “Early in my career I realized the value of working together—employing resources outside of my department to further my investigative efforts and resolve issues,” he said. “My advice to young leaders is to be both receptive and outgoing while forming strong professional relationships. It is equally important to cultivate relationships through flexibility, creativity, ongoing communication, and genuine respect.”

“As most know, I love people. Since my early adulthood, learning, growing, teaching, helping people, and building relationships in the retail industry has been my life,” said Asher. “I like knowing what makes people tick and how to make the most out of every encounter. Whether personally or professionally, I always strive to find a way to provide value to each and every relationship and leave people with a good feeling.” Asher began working in retail during high school and over the next several years worked for multiple retailers, taking on new opportunities, tougher challenges, and expanded responsibilities. This eventually led to roles with several retail trade associations and solution providers, working with retail executives in loss prevention, asset protection, crisis management, safety, supply chain and logistics, risk management, and cyber security. Yet while these roles continued to grow and expand, he remained grounded in basic principles. “While I feel my growth was based on a combination of determination and drive to make a difference, I believe that honesty, integrity, and a passion to always help others is crucial. Without that, and the generous support of the wonderful people in this industry, you really don’t have anything meaningful to build off of,” he said. “Those partnerships—our conversations and time together—fuel me every day.” Asher continued, “As cliché as this may sound, I believe in working hard and treating people well. Always be willing to take criticism with the same positive attitude that you take when accepting congratulations. Learn from mistakes and share in the kudos. Do things because it’s right and help others along the way. Never be afraid to go out on a limb for someone, take a chance on someone, or help someone who’s down. And lastly, be yourself. People will respect you for that.”

Joe Hopkins, Detective III Los Angeles Police Department

Rhett Asher, Vice President of Strategy ThinkLP

Nominate Your Peers at Excellence@LPportal.com 26

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

INTERVIEW

Mopic/Shutterstock.com

THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS

RETAILERS, LAW ENFORCEMENT, AND THE COURT SYSTEM COME TOGETHER TO FIGHT ORC By James Lee, LPC and Jacque Brittain, LPC

THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS

n markets across the country, loss prevention teams, law enforcement, and offices of the district attorney are coming together to form and strengthen cooperative partnerships to fight the ongoing battle against organized retail crime (ORC). While this fight has cost retailers and retail customers tens of billions of dollars over the past several decades, we have reached the dawn of a new level of awareness and cooperation in these public-private partnerships. In many ways, the storm is breaking due largely to the devotion and commitment of retail industry leaders, public leadership, and the teams in the field that have worked diligently to build these critical relationships. Naturally, there is much left to do, especially considering the tenacity of those involved in the illicit activity, the determination and ingenuity of those leading these criminal operations, and the multitude of platforms available to sell stolen products through online marketplaces. We need strong leaders and robust plans to make these partnerships most successful and drive results that will expose ORC operations, prosecute those involved, and make our stores and our communities safer as a result. With this is mind, LP Magazine recently sat down with some of the field generals leading these efforts against organized retail crime to get their insights on the subject and the importance of building these public-private partnerships. To help broaden our perspective, we spoke with members of a retail ORC team, a dedicated law enforcement partner, and devoted partner with an attorney general’s office. All are exceptional talents in the efforts to fight organized retail crime and devoted partners as part of these public-private partnerships. Christopher Walden is an eighteen-year veteran law enforcement officer and is currently a supervisory special agent with the Utah Attorney General’s Office. Currently, Walden Christopher Walden supervises the economic crimes unit C.A.S.E. (Crimes Against Statewide Economy). He is a certified fraud examiner and has proffered expert opinions regarding fraud in court. He is also a board member with the Utah Organized Retail Crime Association (UTORCA).

Detective Brandi “May” Streeter is an eight-year veteran of the Oklahoma City Police Department. Streeter previously worked as a patrol officer and as part of the vice Brandi Streeter unit, helping establish and later being assigned to the ORC unit. While in college she worked part-time for the US Secret Service through a work-study program. Streeter is also a board member with the Oklahoma Organized Retail Crime Association (OKORCA). Rory Stallard is the senior manager of AP investigations for The Home Depot based out of Atlanta. He has twenty-four years of AP experience, specializing in ORC for more than Rory Stallard twenty-one years. Stallard has helped to expand or create ORC programs with three different retailers. In 2012, he helped to create the Georgia Retail Association Retail Crime Alliance (GRAOCRA), and in 2015, he was the recipient of the GRAORCA Partnership of the Year Award. Stallard has been involved with local and state ORC legislation efforts throughout the country. He has been a criminal justice consultant for the Georgia Board of Education, an advisor for several university criminal justice programs, and assisted the Loss Prevention Foundation in developing the ORC certification course. Jamie Bourne is currently an organized retail crime manager for The Home Depot, covering parts of the Southern and Western divisions. Bourne has nearly twenty-two years of retail experience, specializing in ORC for Jamie Bourne the past eighteen years. He has spent the last six years leading various ORC teams across the country for The Home Depot. Bourne is a board member with the Texas Organized Retail Crime Association (TEXORCA) and is an active participant in other ORCAs across the Southern and Western United States. He also assisted the Loss Prevention Foundation in developing the ORC certification course.

NOVEMBER–DECEMBER 2020

LPM: Thank you everyone for joining us today. To our public partners, let’s begin with your opinions on the general subject of ORC. What do you feel is the most misunderstood aspect of organized retail crime from a public perspective? WALDEN: The impact on our economy. Many retailers will mark up the prices of items in their stores to cover losses due to theft and other crimes. Regular consumers like me must then pay, just a little more, for retailers to make an adequate profit margin. If retailers made more money, they could create more jobs or even pay existing employees more. ORC has a huge impact on our economies, and I wish consumers were more aware. Also, as I have spent the last two years working these types of cases, I have found that organized retail crime is “one step away” from other major crimes. We have uncovered leads into organized crime and even human trafficking all due to working these types of complex issues. Control the property crimes inside of your jurisdiction, and you can control other major criminal factors more easily. STREETER: I believe organized retail crime is underestimated by the vast majority. It is largely viewed the same way as a petty theft, with individuals stealing merchandise for sustenance rather than for profit. On the contrary, organized retail crime requires preparation, a hierarchy, and is carried out for profit. If more light was shed on what organized retail crime truly is and how it branches off into other crimes, we would have fewer issues and greater success toward combating the problem. LPM: To all our partners, what do you feel has contributed most to the rise in organized retail crime? STALLARD: From a retail perspective, there are several factors we believe contribute to this ongoing concern. In many states, criminal laws have not been amended to catch up to the ORC problem. Organized retail crime is still viewed as shoplifting in many areas, and without the proper ORC laws on the books, offenders are simply not deterred. Lacking stiffer penalties that keep them from committing ORC-related crimes, these professional criminals have realized that it

LOSSPREVENTIONMEDIA.COM

THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS is more lucrative and less risky to commit thefts in retail stores than to participate in the criminal activity that they were once involved with. BOURNE: Retailers have a diverse breadth of products readily available on the shelves that have high consumer demand, and this merchandise can easily be converted to cash via online platforms. The ease of using the online marketplace to sell stolen product has also made it very advantageous to cut out the middleman altogether. Unfortunately, the current state of the online marketplace also allows for the criminal to sell anonymously and live in the shadows. A booster can travel ten to twenty miles, hit several stores, and walk out with thousands of dollars’ worth of product. Since there are numerous online platforms that can be used to sell the stolen property, they do not necessarily even have to go through the traditional brick-and-mortar fence to convert that product to cash. STREETER: The rise in dollar amount for felony thresholds across the nation has also played a huge role in the escalation of organized retail crime. For example, in Oklahoma our threshold rose from $500 to $1,000. I have interviewed numerous boosters post-apprehension that have responded, “It wasn’t a felony amount,” or “Can I just get my ticket and go home?” Boosters know the dollar amounts associated with felony charges and specifically steal under those thresholds to avoid more serious charges. Most police departments do not have a team that specifically works organized retail crime, which also allows for a rise in these types of crimes. With numerous larcenies occurring 24/7, organized retail crime cases at these departments get worked as petty thefts instead of being given the time and attention they require. Police officers and detectives are also bound by the state statutes and city ordinances in the jurisdictions they serve. Technology is another contributing factor to the rise in organized retail crime. It is easy for those involved, at any level, to use online platforms to further their criminal activity. The use of online resources also contributes to organized retail crime rings conducting their illicit business across state lines, which makes it more difficult for local law enforcement to track activity when it falls outside of their jurisdictions.

I feel another component can be the corporate policies in place at some retail establishments. Just as boosters research and are aware of the felony thresholds, they also know which stores report theft to law enforcement and which are “hands off.” Although these establishments don’t want to give in to organized retail crime, like law enforcement, they are bound by their own policies. WALDEN: I agree that ease of use, or the low-risk, high-reward nature of the crime, is a primary factor. A person can steal merchandise and fence it themselves through several online e-commerce platforms. It’s fast and easy. Many retailers have gone to a hands-off approach, so now it’s easier than ever before. I would also argue a lack of customer service provides a prime opportunity to commit theft. As a sixteen-year-old, I worked for a large retailer. I attended the onboarding portion held by my loss prevention associate who discussed that the best deterrent to theft was fantastic customer service. As a young associate, I knew where every item in my section (toys and sporting goods) was located. If anyone entered my portion of the sales floor, I could walk them directly to the item, and I knew if the item was in stock. I knew my department inside and out. I also knew when someone suspicious was walking around in my section, and I knew exactly what items were considered “high theft.” I had absolutely no problem providing top-quality customer service because I knew that this not only was a fantastic sales model but also would deter theft on a large scale. Now, as an adult consumer, it feels like everyone on the sales floor is busy with stocking shelves or something else that preoccupies their time. If every sales associate

went out of their way to provide an awesome customer experience, I think it would deter a large amount of theft. LPM: Rory, what do you feel is the best approach to getting the support of company leadership in regards to ORC issues? STALLARD: AP leaders need to educate executive leadership to understand the unique business impact ORC has on profitability and the need for specialized resources to combat the business problem. Once we prove our business case, it is up to asset protection leaders to build the most dynamic investigations team that can deliver tangible results. That requires great diversity of thought, background, and varied experience in selecting the right team to achieve the return on investment needed to sustain or even grow this type of program. At Home Depot we are fortunate that our executive leadership team understands our busines needs and supports our efforts as we continue to dedicate resources to focus on combatting ORC issues. LPM: Brandi, what about on the law enforcement side? What do you feel is the best approach to getting the support of leadership in regards to ORC issues? STREETER: I am blessed to be part of a police department that has been very supportive of our efforts in combating organized retail crime. The Oklahoma City Police Department has its own organized retail crime unit and has assisted in numerous blitz operations and suppressions in conjunction with retailers. Even though COVID-19 has largely impacted the retail community, our unit, which consists of two

“I believe organized retail crime is underestimated by the vast majority. It is largely viewed the same way as a petty theft, with individuals stealing merchandise for sustenance rather than for profit. On the contrary, organized retail crime requires preparation, a hierarchy, and is carried out for profit. If more light was shed on what organized retail crime truly is and how it branches off into other crimes, we would have fewer issues and greater success toward combating the problem.” – Detective Brandi “May” Street, Oklahoma City Police Department

LP MAGAZINE

NOVEMBER–DECEMBER 2020

THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS detectives, has recovered over $250,000 in stolen merchandise this year alone. The organized retail crime unit has only been in existence for three years. To create the unit, three sergeants working patrol, myself included, worked a large multimillion-dollar federal case that spanned across numerous states. We were able to take that case and build from it to show our command staff how organized retail crime is not the same as average larceny. However, it wasn’t just a single case that made our unit a reality. We built relationships with local retailers and monitored our cases to show the impact organized retail crime has on Oklahoma City alone. I also showed our supervisors research conducted by the National Retail Federation to support these efforts. LPM: Chris, what do you feel is the best approach to getting the support of the public regarding ORC issues? WALDEN: This is a fantastic question. I really feel that education is a key component. As far as local involvement, retail professionals should regularly be communicating with elected and appointed leaders. I would love to see store managers

and loss prevention professionals attend city council meetings in their communities and voice their shrink concerns and losses, publicly. I would love to see “open houses” at local retailers inviting the public to listen to a meeting of loss prevention professionals, listening to their concerns. I would like to see store leadership become “honorary colonels,” a group of volunteers that openly support law enforcement and regularly engage in dialog as stakeholders in the community. On a state level, I think being able to paint a clear picture of shrink numbers and the missed sales tax revenue to state legislators is key. This is what we did here in Utah. Several retailers approached my office after a large case and asked if we (the Utah Attorney General’s Office) could investigate these types of cases on a full-time basis. After having several discussions with retailers and legislators, we were able to create a unit to address these issues. It has been my experience that our legislators are very supportive, especially after they gain an understanding of the situation and are presented with an adequate plan to address the problem. They are stakeholders and should be at the table. Legislation and public policy are fantastic ways to

“We have numerous cases over the past several years where we have seen smaller theft crews grow to large criminal enterprises over periods of time. These enterprises expanded their operations beyond their city to other areas of the country and used their funds to facilitate other criminal activity. One such international group that affected us was sent over from a European country to commit theft and fraud in our stores. The crew had a “boss” that gave them traveling money, rental cars, and maps to our stores.” – Rory Stallard, The Home Depot 30

NOVEMBER–DECEMBER 2020

address problems inside of the stores across local markets. LPM: Organized retail crime cases often seem to build into significant and, at times, multimillion-dollar investigations on a fairly consistent basis. Why do you think this is? BOURNE: There are many unique aspects of organized retail crime as it relates to property crimes. Many ORC cases involve complex methods of stealing from retailers that sometimes go unnoticed for extended periods of time. These criminal enterprises have often studied their victims and know how the various retailers operate. They can find the loopholes in policy and/or gaps in physical security. Many of these crimes will cross city, county, and even state lines, which only adds to the complexity when working with our law enforcement partners to prosecute and resolve these investigations. Unfortunately, it can take some time to resolve these cases, and the losses can quickly add up. WALDEN: For those with malicious intent, it’s such a simple, easy way to make money. Keeping the numbers simple, let’s just say that an average working professional makes $25 an hour, and he or she works a ten-hour day. That’s $250 a day (before taxes of course). As a professional shoplifter involved in ORC, I have the ability to go to a big box retailer and steal an item or two in fifteen minutes, take that to my fence, or fence it myself, and make that $250 in significantly less time. Further, I do not have to pay taxes on that money. I can do this every day for weeks, only working two hours a day (travel, theft, listing, and selling the items). I work one fifth of the amount of time for twice as much profit. If I become organized, I can easily cause retail losses of $5,000 to $7,000 a day! Further, if/when I get caught, the penalty for a property crime is significantly less or even nonexistent. The reward far outweighs the risk, and those rewards can be extremely lucrative. STREETER: I believe this is due to the lack of law enforcement, retailers, and the legal system not regularly investigating, properly reporting, and sentencing those involved in organized retail crime to the extent that they can be. I have found organized retail crime works the same way

LOSSPREVENTIONMEDIA.COM

THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS as narcotics. The players are the same, the venues are similar, and the crimes are being committed at the cost of society in the same way. However, I also believe the expansion of organized retail crime into large-scale investigations hinges on a risk versus reward mentality. Law enforcement and the legal system have been working together to combat narcotics for years, but they haven’t been fighting against organized retail crime with the same tenacity. It doesn’t help that there is a lack of consistent laws nationwide specifically laying out what organized retail crime is and the penalties for being involved in these crimes. Organized retail crime rings can be working for years before anyone in law enforcement, retail, or the legal system become aware of their existence. Once these rings are uncovered, the punishments for thousands, sometimes millions, of dollars in retail theft are minimal in comparison. Therefore, the reward for conducting organized retail crime far outweighs the risk. LPM: We often hear organized retail crime described as a

“gateway” crime to other types of criminal activity. Can you provide us with an example that supports that belief? WALDEN: We have observed ORC cases turn into large-scale narcotic arrests, fugitive arrests, and even some early indicators of human labor trafficking. We have observed theft cases turn into complex consumer fraud issues and selling items overseas. I recently attended a training class discussing the wide usage of gift cards and in-store credit cards. It is estimated that $40 billion a year is transferred onto gift cards. This makes money laundering simpler because they fall short of current government compliance measures. It’s easy to move money around the world on a preloaded gift card that easily disguises as your bank debit card. All of these crimes can easily begin with ORC cases. STREETER: I have seen numerous boosters evolve throughout their criminal journeys. It starts with simply stealing merchandise for a minimum payout, growing to stealing to provide merchandise for property fences for a larger profit, and

LP MAGAZINE

NOVEMBER–DECEMBER 2020

then needing to steal to maintain a lifestyle or addiction, which ends in the booster assaulting retail employees. When individuals “get away” with a crime numerous times they become accustomed to the outcome. When the outcome changes, they resort to a flight or fight mentality. Unfortunately, when this scenario ends in a fight approach, it is at the expense of employees and sometimes even law enforcement officers. I have seen known boosters involved in robberies, armed robberies, narcotics distribution, and gang activity. Even if organized retail crime isn’t the “gateway,” the vast majority of boosters are involved in both property and person crimes. STALLARD: We have numerous cases over the past several years where we have seen smaller theft crews grow to large criminal enterprises over periods of time. These enterprises expanded their operations beyond their city to other areas of the country and used their funds to facilitate other criminal activity. One such international group that affected us was sent over from a European country to commit

THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS theft and fraud in our stores. The crew had a “boss” that gave them traveling money, rental cars, and maps to our stores. After thefts and fraud transactions occurred, crew members would leave rental cars behind filled with merchandise for others to later come and retrieve. Once the group had completed their circuit, they would fly out of town while all the stolen product would be loaded up into rental vans and driven to another state. There, the product went through a fence and was sold online to buyers across the globe. After arrests were made, we learned that the leaders of this group had ties to organized crime in another country, and the money this crew was producing was being used to help fund their drug, prostitution, fraud, weapons, and gambling operations in Europe. LPM: We know that building relationships is critically important

in our efforts against organized retail crime. In general, what can retailers do to build and improve these relationships with law enforcement and other public partners? What can law enforcement and other public partners do to build and improve these relationships with retailers? BOURNE: The foundation of the partnership cannot simply be based on a need for law enforcement to resolve our investigations. When we talk about a specific ORC investigation, it is imperative that retailers do as much of the leg work up front to present law enforcement a prosecutable case that requires minimal effort on their part. Once they see all we can offer to support an investigation and we show them the level of detail we put into our cases, they see us differently. We now have a seat at the

table, and they see us as investigative peers that are a resource to help them resolve the investigation as opposed to just being the victim that wants law enforcement to resolve their case. Retailers need to be willing to support law enforcement in ways that may not directly impact their organization. It could be through financial or charitable support, or it could be just through providing evidence needed to help them resolve an investigation that does not even impact their organization. Additionally, a relationship is a two-way street. Law enforcement and prosecutors need to be willing to meet with retailers to understand their business challenges. It is okay for law enforcement to turn to ORC industry experts to help provide training for them if they have not had much exposure to organized retail crime. Training and education for the public sector is critical, and often it needs to

Lobbying for the INFORM Act to Prevent Selling Fake or Stolen Products Online By Lisa LaBruno COVID-19 has accelerated changes in how Americans shop, and this year’s holiday shopping season will continue this trend. Promotions and deals have started earlier than ever before, and retailers are encouraging more online ordering and home delivery. This trend has also exacerbated a growing problem in retail, the explosion of counterfeit and stolen goods being sold online via third-party marketplaces. While organized retail crime (ORC) has always been a concern for retailers, it has become an even bigger issue in recent years as third-party platforms like Amazon, Facebook Marketplace, and others have made it easy for criminal networks to anonymously sell fake or stolen products to unwitting consumers. According to the Department of Homeland Security’s report on counterfeit and pirated goods, multiple accounts can easily be set up across different platforms, allowing bad actors to simply establish new profiles in the event that one of their pages is taken down. Pursuing them is a game of whack-a-mole for asset protection professionals and our partners in law enforcement. While third-party marketplaces have attempted to downplay the incidence of such crimes, the evidence is mounting that their scope and sophistication is growing. These attacks are more than simple property crimes; they are organized and put store employees in harm’s way. And it’s not just a concern for local retailers. ORC networks are often tied to other criminal activities, including human trafficking, money laundering, and narcotics. The key to reversing this trend is basic transparency. One of the top priorities for retailers in the next Congress will be an effort to modernize consumer protections laws by passing the Integrity, Notification, and Fairness in Online Retail Marketplaces for Consumers (INFORM) Act. The INFORM Act will shine a bright

NOVEMBER–DECEMBER 2020

light on the dark corners of the Internet and make it much more difficult for fraudsters and criminals to create a business selling counterfeit and stolen goods. The INFORM Act is quite simple. It will require online marketplaces to collect and verify third-party sellers’ government ID, tax ID, bank account information, and contact information, as well as require high-volume sellers to disclose contact information to consumers. Basic transparency and verification requirements will not hurt legitimate businesses, but it will remove anonymity on these platforms and make it harder for bad actors to catfish consumers with fake and deceptive profiles. And importantly, it will provide retail asset protection teams and law enforcement agencies with greater visibility to track illicit sales and organized criminal activity. Nobody has figured out how to eliminate criminal activity, but we can make it harder and less lucrative to profit from theft. The INFORM Act will make it more difficult for bad actors to build an illegal business by targeting local retailers and stealing mass quantities of merchandise for resale. Without the ability to hide behind fake accounts, the risks will be greater, and the odds will be even. And the days of playing whack-a-mole will be over. LISA LABRUNO, ESQ. is senior executive vice president of retail operations with the Retail Industry Leaders Association, a founding member of the Buy Safe America Coalition. Buy Safe America represents a diverse group of responsible retailers, consumer groups, manufacturers, intellectual property advocates, and law enforcement officials who support efforts at all levels of government to protect consumers and communities from the sale of counterfeit and stolen goods.

LOSSPREVENTIONMEDIA.COM

THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS be led or facilitated by the retail community who have the experience and are dealing with ORC issues on a daily basis. STREETER: Relationships are key in combating organized retail crime. Law enforcement must be willing to put in the time and effort to working the cases properly. Retailers must be prepared to work with law enforcement by providing loss prevention reports, written statements, CCTV footage, and/or photographs for evidentiary purposes, and the willingness to prosecute. Prosecutors must be willing to work with investigators to provide proper charges and fight for appropriate sentencing. We all must be willing to put trust in these relationships and share information in order to reduce and resolve these crimes. I have found sharing information and taking the time to explain organized retail crime at multiple levels aides in stronger relationships amongst law enforcement, retailers, and the legal system. However, it must be noted the issues that sometimes create tension throughout these parties are above the level of those in the field actively working to combat organized retail crime. Therefore, patience and information sharing are key in keeping relationships on good working terms. WALDEN: I am a firm believer in building and fostering relationships. The open communication between stakeholders is imperative for success. I have many partners outside law enforcement, that work for retailers, that I literally collaborate with daily. As I hear of different trends in the ORC community, I regularly run those issues past my cohorts and have them weigh in on trends they are observing. I have been told by contacts inside of my network that this approach is unique and that I don’t treat the loss prevention or asset protection folks as “security guards.” These are my thoughts regarding these types of partnerships: the loss prevention and asset protection folks inside of my network are the experts; I am not. I rely on them to bring me complex cases and explain them to me and answer my silly questions until I fully understand the scheme. Further, I rely on them to come and testify at trial and explain to a jury these complex issues as well. The law enforcement community is great at building cases, but the retailers

need to have the case basically complete before bringing it to law enforcement. I regularly visit with my network of corporate investigators and explain what else would be beneficial in prosecuting cases. I show them what law enforcement needs to compile the case and what prosecutors need to file the case. In turn, my corporate investigators learn what a “completed” case in Utah needs to look like. This saves time for everyone. LPM: How important do you feel the role of organized retail

LP MAGAZINE

NOVEMBER–DECEMBER 2020

crime associations (ORCAs) play in dealing with the ORC problem? STREETER: Information sharing and working together is of the upmost importance when it comes to combating organized retail crime, and organized retail crime associations provide a platform to do just that. Since organized retail crime rings often travel out of single jurisdictions, we must share incidents that occur in our own precincts with others. This helps to identify suspects, show

THE POWER OF PUBLIC-PRIVATE PARTNERSHIPS trends in crimes, track down suspects, and gather theft totals for victims. WALDEN: The Utah Organized Retail Crime Association (UTORCA) is the only ORCA I have any experience with. I am on the board along with two of the investigators assigned to the task force I supervise, as law enforcement representatives. We communicate, literally daily, with members of UTORCA. Our website is used to disseminate information very quickly, for free, to a network of retail and law enforcement investigators. I also have an analyst that immediately gets the information and uses several investigative techniques to identify the suspects. Even if the case does not come to my unit, we will call the local jurisdiction and let them know that we may have identified a suspect for them. STALLARD: The ORCAs can play a critical role in bridging the gap between the public and private sectors. ORCA meetings and conferences are great networking and learning events. They can provide essential training opportunities for retailers without a dedicated ORC unit and even provide continuous education credits to our law enforcement partners. ORCAs also provide

affairs and/or company legal departments is critical in speaking the same language to legislative bodies on the impact ORC has on the profitability of our companies. LPM: What do you think are the most These resources also help to influence important steps that we can take law makers on the impact ORC has on moving forward to address the issue our business and helps them see where of organized retail crime? changes in the laws might need to occur. WALDEN: I think that education and Our government affairs team has helped us awareness are key components moving tremendously over the past several years in forward. Engaging law enforcement several states where we have needed some leadership on a local level will be key— help with getting prosecutor support and teaching local police detectives to work with changes in laws to help address ORC issues. retail investigators in a partnership. I have They also continue to work with other heard so many times from law enforcement retailers and organizations as well to address that the local retail investigator is not capable the ease that stolen product is being sold of putting together quality information to through online platforms. file a case. I have heard from local retail STREETER: I believe all involved parties investigators that law enforcement is lazy and can aide in moving forward to address will not follow up on their case even though it the issue of organized retail crime. I also is a “slam dunk.” understand this will take time as this task Simply put, there is a breakdown in isn’t easy with a lack of manpower across the communication. As law enforcers, let us take board, a global pandemic, and the mindset time to train the local retail investigators. of society focused on judicial and law Teach them exactly what is needed for enforcement reform. prosecution. Also, explain that most bottle It would be helpful if there was a federal necks in prosecution are occurring at the court standard for organized retail crime in which level and are not controlled by the police. the public easily understood the elements, Further, the outcome of the case is outside of and each state could base their own laws off the control of either party. of it. If each police department had resources The local retailer needs to partner with working to combat organized retail crime, law enforcement to show them exactly what this would also be helpful. This could the capabilities and limitations are regarding be accomplished by creating task forces surveillance equipment. There is much we can encompassing multiple agencies working learn from each other. together. Retailers stepping up and filing BOURNE: Every state is different when charges would also be helpful in gaining it comes to laws and statutes that address momentum in this fight against organized ORC. Without the appropriate laws it is retail crime. All in all, there is something nearly impossible to attack the issue. We for everyone to improve upon to make believe it starts with organizations having the this effort to combat organized retail crime appropriate resources to assert themselves in successful. If we aren’t evolving as quickly as the legislative process. Leveraging government these criminals, we will constantly be falling further behind. Awareness is also going to be key in moving forward. I am constantly explaining “Retailers need to be willing to support law enforcement what organized retail crime is to family, in ways that may not directly impact their organization. It friends, and coworkers. Interviews, news could be through financial or charitable support, or it could stories, conferences, meetings, and press be just through providing evidence needed to help them releases like this are great platforms to get the word out about these crimes that are affecting resolve an investigation that does not even impact their our economy. organization. Additionally, a relationship is a two-way street. All of these things cannot be accomplished Law enforcement and prosecutors need to be willing to meet alone. We must work together to achieve the with retailers to understand their business challenges.” desired outcome of seeing a dent put in the amount of organized retail crime nationwide, – Jaime Bourne, The Home Depot but it is not an impossible task.

a way to communicate thefts across a broad network to help identify subjects and bring cases to quicker resolution.

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

EVIDENCE-BASED LP

by Read Hayes, PhD, CPP Dr. Hayes is director of the Loss Prevention Research Council and coordinator of the Loss Prevention Research Team at the University of Florida. He can be reached at 321-303-6193 or via email at rhayes@lpresearch.org.

Accuracy and Precision W

e all want to be accurate. We want to be correct in how we think about issues, how we feel about and respond to our loved ones, and generally what we believe is really going on around us. And in asset protection and loss prevention (collectively LP), that means we also need to get things right. We’re here to safeguard people, reputations, and tangible assets. And we need to be very accurate in our perceptions and our protective responses. But since what we do as LP leaders is critical, we might spend a minute defining accuracy and precision. There is an important difference, particularly when dealing with life safety issues. “Accuracy” refers to how close our perceptions and security measures are to the “true” or intended target or value, while “precision” refers to how close our intended action measurements are to each other. This image shows

that simultaneous high accuracy and precision is our objective to reach our goal. If we use data analyses, brainstorming, and testing to dial up a preferred solution or solution package, we might be precise in reducing a problem. But if we haphazardly deploy the solution and miss optimal places, times, and assets, we’re being precise but may not be even close to accurate. Plan and measure for both.

“Accuracy” refers to how close our perceptions and security measures are to the “true” or intended target or value, while “precision” refers to how close our intended action measurements are to each other. Getting There

Low Accuracy Low Precision

We’ve discussed this before here, but it’s always important to get better and more effective at reducing problems by reducing the conditions that lead to those problems. We have some serious issues and not a lot of budget to address them. For those of us dealing with thousands of locations and tens of thousands of assets, being accurate in both our diagnoses and our treatments is imperative.

Low Accuracy High Precision

Problem Dynamics

High Accuracy Low Precision

We always start here: understand the who, what, when, where, why, and how of the problem. What are the problem’s dynamics? What assets, specifically what departments, SKUs, stores, days, and times? How are the problems are unfolding? Who’s involved? Who’s in charge? How are we currently protecting these assets? What’s going on around that location? What might make this asset or place, for instance, be more of a problem than others? These are all good questions to ask and answer.

High Accuracy High Precision

LP MAGAZINE

NOVEMBER–DECEMBER 2020

Maybe find the time to look up my and others’ articles on the SARA (scanning, analysis, response, and assessment) problem-solving process. The procedure is very simple and especially good for very critical issues like protecting people and assets during pandemics, looting, theft, robbery, and fraud events—the type of real-world problems LP is charged to dealing with to safeguard and enable people and the enterprise.

Proud Boys, antifa, police supporters, RevCom, and others—were involved. The dynamic mapping component allows retailers to identify areas with repeated problems ranging from their stores being cut off to looted and/or burned, and where both right- and left-leaning groups were involved. Similarly, LPRC INNOVATE Project Coordinator Logan Brown and LPRC Research Scientist Cory Lowe, PhD, developed LPRC FusionNet to connect corporate and local-area LP practitioners with each other before, during, and after dangerous weather and looting events. The platform provides RSS feeds, curated news, and social media postings, and allows for two-way text and voice-channel communications. During the hottest times (approaching storms or possible civil unrest triggers), retailers meet daily via the app at 10:30 a.m. and 5:30 p.m. (EST) to discuss the latest reports and open-source intelligence, to share their preparations or recovery efforts, and more. LPRC INOVATE R3 (rapid response research) is driving these and many more projects, including curbside optimization, mobile and other transactions, and artificial-intelligence-driven problem detection. Please let me know your innovation opportunity ideas and suggestions.

We always start here: understand the who, what, when, where, why, and how of the problem. New Tools Tested in the Heat of Action Kenna Carlsen, the Loss Prevention Research Council’s (LPRC) research team leader, searched for ways she might support LP team members to provide a little more accuracy and precision in where they might prioritize “target hardening” during dangerous 2020 looting and attacks. Her tool, called LPRC ViolenceTracker, is built in a stable, readily modifiable data analytics platform. It is populated with datasets from research organizations studying multiple variables for every known 2020 US demonstration, including whether violence occurred and what self-identified groups—including Boogaloos, BLM,

2020 Virtual LPRC IMPACT Replays Please reach out to us at operations@lpresearch.org, and the team will make sure you can reply any or all IMPACT sessions.

Connect With Your Crew Let your audience choose their preferred platform to increase awareness and participation. At LPM Media Group, our mobile and digital solutions move meaningful connections from possibility to reality.

#connectwithyourcrew | www.LPMmediagroup.com 36

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

FEATURE

Siwakorn/Shutterstock.com

OPERATION PROOF OF PURCHASE THE STORY BEHIND A $50 MILLION ORGANIZED RETAIL CRIME CASE By Jacque Brittain, LPC, LPM Editorial Director

OPERATION PROOF OF PURCHASE

cooperative operation between the organized retail crime team at CVS Health and law enforcement led to a massive recovery of stolen merchandise in Northern California culminating on September 30 in one of the largest organized retail crime cases ever recorded in the United States. Multiple arrests have been made, and a mountain of health and beauty products were seized from several locations throughout the San Francisco Bay Area following a well-planned and diligently executed campaign that ultimately resulted in a $50 million case against a sophisticated organized retail crime (ORC) operation that had been targeting retailers in the area for several years. More than $8 million in stolen product was recovered on-site as authorities continue to sort through the inventory of razor blades, white strips, over-the-counter medications, mouthwash, shampoo products, and other health and beauty merchandise while gathering additional details. More

than $1.6 million in razor blades alone were recovered. All of the product recovered has been confirmed as stolen from stores across the Bay Area and Northern California.

Constructing a Plan

Even as the COVID-19 pandemic ravaged the country, many retailers that were considered “essential” businesses remained open, with dedicated employees ensuring our communities had the products they need while millions were forced into lockdown due to the threats of the virus. Retailers had to adjust to the way they approached the business, the way they interacted with customers, and the way they dealt with every facet of the business as all of us adjusted to life with the pandemic. Being prepared and having a plan was the best way to approach the challenges posed by the ongoing threat in all aspects of the business, including asset protection. As part of a May–June 2020 feature with LP Magazine, “Preparing for an

More than $8 million in stolen product was recovered on-site as authorities continue to sort through the inventory of razor blades, white strips, over-the-counter medications, mouthwash, shampoo products, and other health and beauty merchandise while gathering additional details.

NOVEMBER–DECEMBER 2020

ORC Epidemic Post COVID-19,” Ben Dugan, senior manager of organized retail crime for CVS Health, shared an overview of their plan: “We’ve heard a lot of Ben Dugan bad news about how the coronavirus is impacting our lives and businesses, and ORC investigations are no exception. Police response has been further slowed as a result of the pandemic. Courts are closed, and the criminal justice system has basically shut down. To make matters worse, at least 8,000 nonviolent offenders have been released from jails, many of whom are ORC offenders.…But for those who have a plan, there is some good news. The partnership with law enforcement has never been better. The increased cooperation with property crimes detectives and prosecutors has been unprecedented. The detectives are still working, and we’re making a lot of great connections. We’re getting amazing cooperation, and we’re identifying more suspects now than we ever have before. What we really need to make sure we do is take advantage of that and all it offers.” The asset protection team at CVS Health evolved its ORC strategy to work with key stakeholders across the company to ensure appropriate focus and investments continue to be made in this critical area. This included intelligence starting with store employees, reviewing video and previously gathered evidence, verifying intelligence, thoroughly researching all available information, completing necessary documentation, and finalizing case presentations to identify these perpetrators and ensure the stores continued to operate smoothly, productively, and safely while mitigating retail crime. “The ORC landscape has changed over the last several years and, one can argue, exponentially since COVID-19,” explained John Liesching, vice president of asset protection at CVS Health. “ORC operations are getting more sophisticated, especially given the volumes of stolen

LOSSPREVENTIONMEDIA.COM

OPERATION PROOF OF PURCHASE merchandise being sold through online marketplaces. Thus, it requires retailers to ‘up their game’ by making strategic and timely investments in their tools, processes, and John Liesching people to appropriately bring to justice these illicit enterprises. That is exactly what we have and will continue to do at CVS in supporting a zero-tolerance approach to this type of criminal activity.” The CVS strategy would act as a roadmap to guide investigators through the three phases of large-scale ORC investigations—define, disrupt, and dismantle—which is part of a new “urban ORC” strategy deployed to target rising and changing ORC trends in cities like San Francisco, Los Angeles, Boston, New York, Washington, DC, and Miami. “Dismantling these criminal enterprises represents the greatest opportunity for ORC teams to positively impact shrink and remove the most significant threats to profitability,” said Dugan. “True professional thieves are hard to detect. They often use distraction and concealment techniques to avoid attention. They are not deterred by product protection or physical security countermeasures. ORC teams are built to be the mechanism retailers use to defend themselves and mitigate the risk of perpetrators that cannot be stopped by traditional methods.” That strategy has clearly paid dividends as CVS put their plan into action over the next several months. As more and more perpetrators were identified, CVS worked in close partnership with prosecutors and law enforcement teams across the country. In Northern California, those efforts soon came to fruition.

Operation Proof of Purchase Operation Proof of Purchase was a collaborative effort between the CVS Health organized retail crime team as part of a joint investigation with the Division of Law Enforcement’s White-Collar Investigation Team, the

San Mateo County Sheriff’s Crime Suppression Unit, the California Highway Patrol (CHP), and the San Francisco District Attorney (SFDA). Approximately 100 Anna Isabel law enforcement Marquez officers were involved in the investigation as part of the public-private task force. The retail side of the investigation found its roots with the organized retail Ryan Puryear. crime team at CVS Health led in Northern California by investigators Anna Isabel Marquez and Ryan Puryear. All successful criminal investigations are based off real intelligence. During COVID-19, store reporting on external events at CVS skyrocketed as employees monitored customer behaviors. Working from home, Marquez and Puryear vetted all the increased intelligence and identified which subjects were linked to criminal organizations. These subjects were eventually identified with unprecedented cooperation from property and economic crimes detectives that were also working from home. Significant time was also invested in identifying and monitoring the movements of bad actors involved in the resale of stolen merchandise through online marketplaces, which included identifying the origin of products being offered by top sellers of every major online marketplace. As state and corporate restrictions lessened, the investigators were back in the field in the safety of their vehicles and with company-issued personal protective equipment. They used this time to gather additional information on the whereabouts and movements of the professional thieves that had just been identified. Most importantly, they were also able to determine where the stolen products were being sold. As courts opened back up and police response improved, investigators LP MAGAZINE

NOVEMBER–DECEMBER 2020

started to disrupt the organizations by apprehending and arresting the professional shoplifters, or “boosters.” These boosters were debriefed at the time of apprehension, and many agreed to cooperate when faced with charges by multiple agencies and enhanced charges through aggregated theft amounts. Once several professional boosters were identified and agreed to cooperate, surveillances and additional intelligence led to the identification of a team of “street fences” who allegedly purchased the stolen goods from the shoplifters. The alleged “street fences” involved in the operation included twenty-eight-year-old San Francisco resident Edgar Geovany Robles-Morales, twenty-six-year-old San Francisco resident Isis Vasquez-Villanueva, and forty-five-year-old Daly City resident

OPERATION PROOF OF PURCHASE

The investigation continued to expand as additional intelligence was gathered, branching to involve other criminal activity to include commercial burglaries, auto burglaries, and residential burglaries that were occurring throughout San Mateo County. In addition to the retail merchandise, other stolen property included electronics, laptops, and cameras.

Jose Villatoro. This expansive theft operation stretched throughout the San Francisco Bay Area, with millions of dollars of retail products being stolen and resold well below retail value. As the investigation continued to unfold, it was learned that the stolen goods were being sold to an illicit wholesale operation allegedly operated by Danny Drago, otherwise known as “The Medicine Man.” Drago would allegedly direct the shoplifting teams to steal small items with extended expiration dates and high resale value to maximize the “return on investment.” The investigation continued to expand as additional intelligence was gathered, branching to involve other criminal activity to include commercial burglaries, auto burglaries, and residential burglaries that were occurring

investigation due to their broad reach, specialized expertise, and understanding of the broader scope of organized retail crime. “Any one of these police departments is not going to be able to connect the dots on these less-than $1,000 thefts,” said CHP Lieutenant Kevin Domby. “But the retailers will know that they’ve had ten stores hit and might have ten different law enforcement agencies working on those smaller cases. The retailer knows they’re connected to something larger. We can then work with everyone involved to put it all together.” Working with the task force, investigators were led to an organization in the Tenderloin neighborhood of San Francisco that was purchasing and then selling the stolen property to suspects operating a distribution warehouse in Concord, California. They then tracked the stolen goods to three residences, two distribution warehouses, and eleven storage units across the Bay Area. Search warrants were served, and several additional arrests were made to include fifty-year-old Danny Drago and

throughout San Mateo County. In addition to the retail merchandise, other stolen property included electronics, laptops, and cameras. “Based on our reconnaissance, they were going across the bay, they were going into San Francisco, and it just kept getting larger and larger,” claimed Captain Mark Duri with the San Mateo County Sheriff’s Department. “More and more people were getting involved.” That’s when the CHP Golden Gate Division’s multiagency Organized Retail Crime Task Force was brought in. The task force includes investigators from CHP, SFDA, San Francisco Police Department (SFPD), and the United States Postal Inspection Service along with CHP Cargo Theft Interdiction Program investigators. This team was extremely valuable to the ongoing

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

OPERATION PROOF OF PURCHASE his wife, forty-eight-year-old Michelle Fowler, both from Concord, California. When Drago’s home was searched, investigators recovered $85,000 in cash, a high-speed bill counting machine, and several vehicles. At the home of Edgar Morales, the crew boss, investigators found stacks of $100 bills hidden behind picture frames on the walls of the home. Drago has allegedly been selling goods online through a shell company, D-LUXE OTC, using online marketplaces such as eBay, Craigslist, Facebook Marketplace, and Amazon, according to authorities. The money Drago received from these illicit sales was then allegedly laundered through real estate investments and other businesses. While $8 million in merchandise was recovered, tens of millions more in stolen product is believed to be involved. To date, the total value of the case based on investigative findings is approximately $50 million in stolen merchandise, according to investigators with CVS, Walgreens,

Rite Aid, Target, and several grocery chains. Over the course of the investigation investigators also uncovered evidence exposing the international scope of the theft ring. The suspects also allegedly transported, stored, and sold stolen goods in other countries and laundered the money back to the United States. Criminal charges for the five suspects include criminal profiteering, money laundering, conspiracy to commit, possession of stolen property, and organized retail theft, all felony charges in the state of California.

Executing a Strategy During the Pandemic

“Like every retail operation in the country, COVID-19 caused us to rethink many of our core strategies. This included our loss prevention strategies—specifically the way we were approaching organized retail crime,” said Dugan, who is also the sitting president of the National Coalition of Law Enforcement and Retail (CLEAR) and is strongly

LP MAGAZINE

NOVEMBER–DECEMBER 2020

supporting the ORCAs in Action initiatives currently being implemented by the nation’s organized retail crime associations (ORCAs) in concert with LP Magazine. He continued, “We were put in a position where we had to evaluate how we would effectively deal with ORC issues during the pandemic, putting together the right plan to focus research efforts, collect information, increase awareness, and continue to build key partnerships with our law enforcement partners. Many of the nation’s property crime detectives were forced to work from home, and this provided an opportunity to work closely with law enforcement to gather and develop critical intelligence information. This case is just one (significant) example of how that strategy has paid dividends. “Heightened employee awareness, support, and communication was essential to the success of the operation. By providing critical information and working with our investigators, we were able to identify

PREPARING PROOF OPERATION FOR ANOF ORC PURCHASE EPIDEMIC POST COVID-19 several of the professional shoplifters that were hitting our stores. “With information gathered during the height of the COVID pandemic, the CVS team in partnership with law enforcement were then able to identify additional ORC team members, make initial arrests, build intelligence, gather evidence, and construct a case that culminated in the last few days. We really need to give credit to the hard work of our team and our exceptional law enforcement partners. This really came down to executing the plan, and they did a terrific job.”

The Reality of Organized Retail Crime

Organized retail crime is not simply a shoplifting problem. Retailers are being victimized by large-scale product diversion operations that involve stolen products pilfered from the stores, cleaned, repackaged, and sold in huge quantities through various outlets. Following an explosion of online fencing operations, many

of the products are being sold by the truckload and offered for sale through various online marketplaces. Others may even be sold in bulk back to unknowing retailers through different outlets. “Online demand is really pushing the market for these products,” said Dugan. “People are looking to get the products they need at the lowest possible price, which is understandable. But if you take the time to think about it, you might learn that you’re contributing to a much bigger problem that many simply don’t fully understand.” Dugan further offered that dedicating resources to identifying the origin of the products being offered by the top sellers of every major online marketplace including Amazon, eBay, and Facebook is a key component to CVS’s overall ORC strategy. Retail shrink remains a significant problem, costing retail companies across the country tens of billions of dollars each and every year. This

is a complicated issue, with many different factors contributing to a company’s losses. However, there is zero doubt that theft, fraud, and other illicit activity is a primary driver of retail losses. This case may provide a strong example of how organized retail crime groups can impact retail operations on a large scale, but it is not in any way an isolated incident. In fact, the D-Luxe OTC Case closure is just one of three major case closures in the Bay Area by Marquez and Puryear in the last three months. Multimillion-dollar ORC cases are being uncovered on a regular and consistent basis by retailers across the country, impacting businesses of every size, shape, and form. These types of efforts are being echoed in public-private partnerships across the country through special task forces, organized retail crime associations, and other relationships.

The Importance of Building Public-Private Partnerships

What has only become clearer is the absolute need to work together to resolve this illicit activity. Organized retail crime is more than a retail problem—it is a community dilemma that can touch each and every one of us in many different ways. We’ve seen time and time again that it is truly a gateway crime that can often be tied to more violent crimes, drug abuse, and other troubling problems. It robs communities of tax revenue and costs consumers everywhere in the form of higher prices. It makes all of us less safe. It’s past time for that message to sink in and take hold. Working together is critical, as Operation Proof of Purchase clearly illustrates. “This case was the result of the strong partnership we hold with law enforcement as well as the direction and guidance from the leadership at CVS,” said Puryear, who also praised the support he received from his peers at Walgreens and Rite Aid. “Consistent case closures can only be achieved by maintaining close relationships with law enforcement and having the right investigative

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

OPERATION PROOF OF PURCHASE

strategy,” said Marquez. “Ryan and I are going to continue to lean on the strategy we have in place and are committed to continued success.” “We worked together and didn’t lose focus,” said Dugan. “We put together the right strategy and executed it as a team. In retail asset protection, the relationship with law enforcement is the most important tool in your toolbox. These agencies worked with us diligently every day and did a fantastic job.” Dugan was part of a team of experts that shared thoughts on this strategy as part of LP Magazine’s webinar series. To watch the recorded webinar, “Preparing for an ORC Epidemic Post COVID-19,” go to the Webinars tab on the magazine website, LossPreventionMedia.com. You may also listen to an audio version in episode 21 on the podcast tab on the magazine website. Jacque Brittain, LPC, is editorial director for LP Magazine. Prior to joining the magazine, he was director of learning design and certification for Learn It Solutions, where he helped coordinate and write the online coursework for the Loss Prevention Foundation’s LPC and LPQ certifications. Earlier in his career, Brittain was vice president of operations for one of the largest executive recruiting firms in the LP industry. He can be reached at JacB@LPportal.com. LP MAGAZINE

NOVEMBER–DECEMBER 2020

FUTURE OF LP By Tom Meehan, CFI Meehan is retail technology editor for LP Magazine as well as chief strategy officer and chief information security officer for CONTROLTEK. Previously, Meehan was director of technology and investigations with Bloomingdale’s, where he was responsible for physical security, internal investigations, systems and data analytics. He currently serves as the chair of the Loss Prevention Research Council’s (LPRC) innovations working group. Meehan recently published is first book titled Evolution of Retail Asset Protection: Protecting Your Profit in a Digital Age. He can be reached at TomM@LPportal.com.

The Danger of Misinformation on Social Media

ith the presidential election looming over our heads in recent months, it’s not too surprising to see that the news cycle has become hyper focused on anything to do with the election. And it’s not just the basics of a political election in the United States: the media has become dominated by topics like right-wing politics, antifa, protests, and the many political buzzwords that have suddenly become part of our everyday vocabulary. A global pandemic during an election year is almost a perfect storm. With so many of us staying at home and unable to distract ourselves from the news, it’s all too easy to scroll through social media all day. What else is there for us to do besides “doomscrolling” through our all social media feeds? But constantly watching social media isn’t the same as staying engaged and informed about current events.

security. And I’m not alone. In fact, about 20 percent of American adults rely on social media as their go-to source of news. However, the Pew Research Center recently reported that adults who use social media as their main news source are less likely to follow major news stories, like the coronavirus pandemic or the 2020 presidential election. They also tend to have less political knowledge than adults who follow the news using more traditional methods, like print or TV or even with a news website or app. Social media is an incredible tool: it keeps us connected to people and events we wouldn’t even know existed without this technology. We can’t deny that social media has helped people learn more about current events and politics. But social media is not a traditional news source, and it shouldn’t be treated as such. There’s no oversight to make sure that every bit of information shared on social media is factual, like most newspapers and other news sources have. While social media has made it possible for anyone to share news, that’s just the issue: anyone can suddenly become a “journalist,” reporting on the latest news in their area. We are all aware of the nature of social media and that we shouldn’t automatically trust something we see on Twitter that hasn’t been verified by other sources. But because social media is so ingrained in our lives, it’s become difficult for us to remember this, even more so with the constant influx of news updates about COVID-19 and the election.

Relying on Social Media as a News Source I’ve always been a huge proponent of staying informed with whatever method is most convenient for you. For me, it’s a combination of reading the latest articles from my go-to news sources and checking Twitter and LinkedIn to catch up on current events, along with industry news about loss prevention and cyber

Social media is an incredible tool: it keeps us connected to people and events we wouldn’t even know existed without this technology. We can’t deny that social media has helped people learn more about current events and politics. But social media is not a traditional news source, and it shouldn’t be treated as such. There’s no oversight to make sure that every bit of information shared on social media is factual, like most newspapers and other news sources have. 44

NOVEMBER–DECEMBER 2020

The Proud Boys and Social Media Perception One of the topics I’ve seen trending on social media lately is the Proud Boys, a far-right street-fighting organization officially launched in 2016 with a sizeable online following and a presence across the United States. Although the Proud Boys claim not to discriminate based on race or sexual orientation, they’re well known for discriminating against people based on race, religion, and sexual orientation—and for loving Donald Trump. Many civil rights organizations, such as the Southern Poverty Law Center, have designated the Proud Boys as a hate group for their white nationalist and alt-right ideology. Although the Proud Boys are a small group that doesn’t have a lot of influence on the national scale, the perception of this group on social media is far different. Part of this is because one of the central tenets of the Proud Boys is that violence is the best way to solve any problem. News reports about violence get far more clicks and views than reports about the reality of the Proud Boys. With growing public concerns about political polarization and the |

LOSSPREVENTIONMEDIA.COM

violence that could result from that, it’s natural for us to be afraid of a group that preaches this type of ideology. However, reports show that the actual membership of the Proud Boys is merely in the hundreds, and they are often outnumbered by counterprotesters at public demonstrations. The alt-right has a very visible presence on social media, which makes it all too easy for people to perceive them as much more influential and dangerous than they really are. Although some Proud Boys have been convicted of violent crimes, the influence of the Proud Boys has been blown out of proportion due to social media.

Why Misinformation Spreads Easily on Social Media The “threat” of the Proud Boys isn’t a new social media phenomenon. We’ve seen this kind of overblown social media trend before with the antifa (short for “antifascist”) movement. Antifa is a loosely organized collection of groups who believe in aggressive and often violent opposition to far right-wing political groups, such as the Proud Boys. The antifa movement entered mainstream media after they clashed with white supremacists at the Unite the Right rally in Charlottesville, Virginia, in August 2017. As I mentioned earlier, the current political climate has led to an increased risk of political violence at public events such as protests. Antifa’s violent approach to political protest has thrust them into the spotlight, making them almost synonymous with anything to do with political violence at all. When the Black Lives Matter protests started up again earlier this year in June, there were countless rumors on social media about antifa infiltrating

LP MAGAZINE

these demonstrations in order to start physical altercations with both protesters and law enforcement. It’s more common than not for news about antifa to really be misinformation spread on social media. Oftentimes, these false reports begin on major social media networks such as Twitter, Facebook, or YouTube before eventually filtering to community networks, like local Facebook groups or NextDoor, where people are more likely to trust this information. So what could originally be a random tweet from an unverified account on Twitter could eventually lead to local municipalities warning their communities to prepare for violent counterprotesters coming from out of town. This type of misinformation spread like wildfire, even leading to a far right-wing community uprising in retaliation to rumored antifa presence in Forks, Washington, in June. The visceral image of busloads of antifa counterprotesters traveling hundreds of miles to instigate violence in suburban communities is hard to let go of. And although it seems pretty unlikely in hindsight, it’s not completely unbelievable given the many instances of political violence we’ve witnessed in recent years. I’ve written about using social media monitoring as a tool in your loss prevention strategy, but it’s important to remember that it’s not an infallible source of information. Instead, I recommend that you treat information you learn from social media as just one potential truth. When you are conducting investigations or surveying social media for any threats against your organization, you should always verify the information you find before investing your resources in fighting a threat that might not even exist.

NOVEMBER–DECEMBER 2020

ASK THE EXPERT

Acting as One during the Pandemic T

Interview with Hedgie Bartol, LPQ Bartol serves as business development manager for the retail segment in North America at Axis Communications. In this role, he works closely with partners and retailers on strategic surveillance installations designed to maximize loss prevention and streamline business operations. Bartol is a well-known industry advisor on video solutions.

he role solutions providers played in 2020 changed immediately when the world locked down this spring. With little or no travel, meeting with customers and prospects to support their technology programs required a different approach. We asked one industry advisor how he and his company pivoted to make a difference this year.

these tough times, we wanted to be that resource for LP and AP professionals. The best way to do this is listening. We created a weekly meeting called Axis Retail Open Mic where retailers could share information, experiences, solutions, and current issues. We know that our yearly Retail Leadership Forum, where retail end users can share, network, and discuss challenges they face, has been well accepted amongst leading retailers. These ongoing calls include a mix of US and Canadian retailers helping and learning with each other as 2020 has thrown everything at them. Retail doesn’t have borders; therefore, we united our teams in the US and Canada to collaborate and invite all retailers in North America to attend. Our calls are a variety of technical, emotional, and sometimes just a good laugh to shed some stress. In the end its about supporting one another. Our attendees have said, “Having a person to lean on and share experiences with has gone a long way this year.” One of the great outcomes for us was to provide learning opportunities for retail teams such as the de-escalation webinar we did with Bottom Line Matters and the Loss Prevention Foundation. There was a need in the industry for this type of information to deal with and mitigate aggression in the workplace, and we were happy to provide it. We’re always listening and encourage anyone to reach out to us with ideas for future topics.

What has Axis learned this year? It’s been one heck of a year. We’re all learning how to work in new ways with plenty of different tools and platforms. What the kids have been doing for the last fifteen years finally caught up to us and fast! Besides learning new tricks and maybe a couple of TikTok dances, we’ve learned the importance of being human. Playing a supportive role may not make you a quick dollar, but it’s the right thing to do. Everyone has heard it a million times, but it is the truth—we are all in this together, and we have to work together and interact with each to get through this year and next. Even if that means taking a mental break or being a friendly face on the other side of a Microsoft Teams call and sharing a joke or two. How has Axis positioned themselves this year with the loss prevention community? Early on, the retail team made a conscious decision not to be opportunistic and to be as supportive as possible for the community. We made sure that if someone reached out to us that we did everything we could to assist, even if that meant helping them find the right answer that wasn’t neccessarily an Axis solution. For example, Axis fielded many questions about thermal cameras—they are very expensive and are not meant for medical use. And at the end of the day, when we go back to our pre-COVID state, you’re stuck with an expensive camera that bears little functionality. While the sales from those cameras would have been nice for us, it simply wasn’t the right thing for our customers in our minds. Beyond that, we attended the happy hours on Zoom, we signed up for the webinars, and we tried out the virtual trades shows just as we would if we were in person.

What is your outlook for retail in the new normal? This is a great question, and everything is still very much a fluid situation. But retailers are resilient and have learned a ton during the shutdown whether they stayed open or had to close for a bit. First and foremost, brick-and-mortar stores are not going away. They are evolving. Through the pandemic, it has forced that evolution on many retailers, while others have been a step ahead for a few years. The future of stores might include a smaller storefront. Secondly, customer service will also go through its own evolution to provide an enhanced customer experience. This will include an increase in technology use including the camera but beyond surveillance. What’s next for Axis? Well, we aren’t out of this yet. The retail team will continue to “Act as One” and be a resource that retailers and the loss prevention community can lean on for help. We will continue to encourage the community to work together, assist each other, and be mindful of our mental health. We will remain ready and willing to lend a hand. Simply reach out to us, and you may be surprised in how we can help.

What ways did Axis get involved? Axis prides itself in its culture. One of our core values is “Act as One.” This means many things, but to us here, it means being supportive and helping each other out. We extend this piece of us to our customers, partners, and entire ecosystem. We strive to nurture thought leadership in the retail industry, and during

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

AndriyShevchuk/ Mia Stendal/Reamolko/ Minerva Studio/Shutterstock.com Photo illustration by SPARK Publications

FEATURE

OUR OWN WORST ENEMY?

THREATS IN THE MIRROR MAY BE LARGER THAN THEY APPEAR By Garett Seivold, LPM Senior Writer

OUR OWN WORST ENEMY?

oss prevention executives are keenly aware of the threat from insiders. After all, we’re many decades removed from when industry data revealed that employees—not shoplifters—were a greater cause of shrink. We’ve set up delivery controls, auditing systems, and background check protocols. We create exception reports to bubble-up workers associated with anomalous transactions. We zoom in on cashiers who issue an inordinate number of discounts to see if they’re pocketing proceeds. We do trust, but we are big on verify. The insider threat, however, has evolved beyond the reach of employee bag checks and point-of-sale (POS) cameras. For all organizations, retailers included, the threat surface that employees can attack has grown, and so have the types of assets that they can exploit, misuse, or mistakenly expose. Never has so much of value been this accessible to a company’s workforce. Never have companies been so vulnerable to their dishonesty, mistakes, or retribution. “There are threats posed by insiders at retail organizations that go unaddressed,” warned Florindo Gallicchio, managing director at NetSPI, a penetration testing firm out Florindo Gallicchio of Minneapolis. “Oftentimes, only the most obvious threats are considered, such as stealing money from the cash drawer,” he told LP Magazine. The insider problem is not particularly acute in retail, but it is not less serious, according to Mario Paez, director of cyber and technology errors and omissions at Mario Paez Marsh & McLennan Agency. From his vantage point—dealing with incidents handled by insurance companies—he is witness to events and the full range of potential harms. “In the retail environment, we certainly are seeing issues like in any other organization,” he said. “You might have line-level employees

who gain access to a corporate database through an in-store network; vendors and supply chain providers that might have access to your sensitive information; a rogue employee in the IT department with unchecked access; and intellectual property available to numerous employees in different functions in retail organizations.” The volume of transactional data that the retail industry produces is second to none, but there is more than customers’ payment information. There are marketing plans, and contracts, and financial reports, and strategy papers, and legal agreements, and store and distribution center blueprints, and much more. So what should retailers do about today’s exposure? A theme emerges after listening to experts speak on the insider threat. Just as the insider threat has broadened, retail organizations may need to broaden their perception and management of the insider threat to stay ahead of it.

One Problem, Many Avenues

The annual GSX+ security conference was forced to go virtual in September, so it was no surprise that discussions of the pandemic dominated the event. How security professionals can navigate the risks it has catalyzed, the way it has reshaped the threat environment, and how organizations can build resilience against future seismic events were all frequent points of discussion. But while the pandemic was an ever-present backdrop, specific security topics were also in focus—and none more so than the insider threat. Discussions on the harm that employees and other trusted parties can do dominated the proceedings. The frequency of events is undoubtedly one force driving attention. A significant majority of organizations, 70 percent, say they’ve suffered an increase in insider attacks over the last twelve months, according to Haystax’s Insider Threat Report. Insiders pose the biggest cyber-security problem because they can cause the most damage and are harder to detect and prevent, say experts. The expanding threat surface is surely another. Trade secrets, innovation, brand reputation, intellectual property—these now tend to be an organization’s most vital assets, not just for technology companies

NOVEMBER–DECEMBER 2020

but also in manufacturing, services, and even industries like retail. The effectiveness of corporate security today depends significantly on how well organizations manage this shift from securing hard assets to protecting intangible aspects of company value. “It’s easier to be mindful of insiders related to technology and the payment process, but it goes beyond that to all sensitive information that needs safeguarding,” said Paez. It is within context of the dishonest worker that companies have an opportunity to improve both the protection of customer data and trade secrets/proprietary information, say experts. The same protective measures that retail organizations should adopt to guard the privacy of customer data can safeguard companies’ own secrets as well. Speed is another complicating factor. In today’s warp-speed business cycle, there is less time than ever to mull over the possible security implications of every business move. Companies must change, adapt, and dive into new opportunities just to stay alive, including embracing new communications technologies. At the same time, companies are engaging in a greater exchange of information with more constituencies to drive innovation and become more efficient. Sharing and integrating information across the global retail enterprise—and with customers, partners, and suppliers—is seen as critical to survival. “As more processes are performed by suppliers, the integrity of those suppliers is becoming ever more important,” warned Paez. Consider the wide range of insiders that organizations think pose significant security risk, according to the Haystack survey: privileged IT users/administrators, 59 percent; contractors/service providers/ temporary workers, 52 percent; privileged business users, 49 percent; regular employees, 49 percent; other IT staff, 25 percent; executive managers, 24 percent; business partners, 16 percent; and customers/clients, 15 percent. An independent study by Ponemon Institute, sponsored by IBM, examined actual insider-related data breach events impacting organizational costs over the past twelve months. Financial firms were the greatest victims. Retailers landed near

LOSSPREVENTIONMEDIA.COM

OUR OWN WORST ENEMY? the middle of the thirteen industry sectors examined, suffering less than hospitality companies but more than consumer products firms. But while some other industries may lose more, the amount lost by the retailers in the survey was not significantly less than the annualized total losses suffered by firms in the most affected industries. Generally, the insider threat seems well appreciated, but data show organizations are paying a growing price for them. Why? Paez thinks there is a need for companies to address the risk more comprehensively. It can be strictly seen as a chief information security officer function, or as a security systems technology issue, but success relies

focus security efforts on their primary risk. Consumer-facing companies like retailers and others that fall under privacy protection laws often do a better job of auditing their handling of private information, but they may neglect to protect their business secrets. By leaving it to each department to protect the information they deem it necessary to protect, blind spots often develop, experts warn. Instead, an organization might benefit from an enterprise approach, one that starts with an internal audit to identify all the information it needs to protect. Such an endeavor is best done by a comprehensive cross-functional team or data security task

A significant majority of organizations, 70 percent, say they’ve suffered an increase in insider attacks over the last twelve months, according to Haystax’s Insider Threat Report. Insiders pose the biggest cyber-security problem because they can cause the most damage and are harder to detect and prevent, say experts. on a wide range of activities by many players, starting with whom the retail organization employs. “It is important to understand the integrity and character of the people being hired. HR should be involved on the hiring front and for handling the disciplinary process,” said Paez. Because of the diffuse nature of the threat, Paez said that the organizations he sees managing the insider threat most effectively typically address it with a committee rather than making it the responsibility of a single function. He said it’s important to have a realistic view of how the many different puzzle pieces of an organization’s controls come together—or don’t. The benefit of a holistic strategy may seem obvious, but many businesses compartmentalize data security issues and unknowingly play right into the hands of dishonest employees, warn experts. At the heart of the problem is the tendency of businesses to exclusively

force with members that might include: operational employees with knowledge of the company’s technical and trade secret information; marketing employees with knowledge of the consumer information maintained by the company; human resources employees who know what private information, including protected health information, the company maintains about employees; security or facility managers who understand the company’s physical security; IT personnel who have knowledge of how to secure the company’s computer and technology resources; and legal advisors who can articulate the requirements that apply to the company. Armed with a full accounting of what needs protection, an insider threat team can analyze the risks insiders pose to it, the controls in place to protect it, and seek to answer the critical question: can we do more to maximize our ability to prevent insider events without inhibiting innovation and work performance? LP MAGAZINE

NOVEMBER–DECEMBER 2020

Experts warn it can be a rabbit hole: the more deeply security leaders examine the insider threat, the more gaps they are likely to find. But they insist that loss prevention—if it is to be comprehensive and responsive to the assets that need protecting today—must look deeply at many aspects of the insider threat.

Who, When, and Why?

All organizations—regardless of size, industry, or region—must recognize the scale of harm they might experience from an insider attack, warned consultant Tommy Hansen, CPP, Hansen Security Risk Management, in a presentation at the GSX+ security conference. “The frequency of incidents has spiked. It’s truly a global challenge on the rise,” he said. But too many companies treat insider threat security as purely a hiring issue, said Hansen. “In my experience, when organizations are confronted with questions of how Tommy Hansen they approach insider risk, ‘background checks’ is their answer,” he said. “This is not to say they’re not effective, but they are not effective against people who enter an organization intent on goodwill only to later reveal themselves as an insider.” Hansen worked as project manager on the development of an insider threat self-assessment tool for the petroleum industry, which he has since translated and encourages any organization to use and adapt (see sidebar). Its fifty questions intend to push organizations to address the life cycle of insider risk and to broaden their approach to prevention. “There is a clear link between an insider act taking place and exploitable weaknesses in an employer’s protective security and management process,” said Hansen. “The point is that we do not rely on one category of measures, for example technological measures, and instead have a holistic approach to insider risk.” Most employees join an organization in good faith, but a bad performance review, getting passed over for promotion,

OUR OWN WORST ENEMY? or a perceived threat of their employment status can change all that, warned Lina Tsakiris, CPP, director of global corporate security programs at the Canadian Imperial Bank of Commerce, in the 2020 GSX+ presentation, “Insider Threats: Understanding the Threat Landscape.” So, too, can outside stressors, such as loss of income, marital issues, or losing a loved one—all more likely in the current global health crisis. Tsakiris said that in studies of hundreds of insider cases—from theft and fraud, to network sabotage, to the Fort Hood shooter—the insider displayed some sort of indicator in advance and often even told another employee of their intention to harm the organization. “Insider threat is very much a people problem,” she said. “There is a good chance, in fact almost always, that someone was aware of the intended threat before the event occurred.” Triggering events can light the spark in cases of insider fraud and are almost certainly behind cases of insider system sabotage or hacking, according to studies by Carnegie Mellon (CM) of insider cases. It finds that “insider disgruntlement contributes directly to the rate of inappropriate technical actions taken by the insider, especially actions that facilitate the attack.” On a hopeful note, CM’s Management and Education of the Risk of Insider Threat (MERIT) project finds that insiders who hack or sabotage IT systems usually tip their hand that they might do it. In 80 percent of cases, before committing cyber crimes against current or former employers, perpetrators appeared disgruntled, showed up late, argued with coworkers, and/or exhibited other performance problems. In studying sabotage incidents, researchers found worker disgruntlement fell into three familiar categories: 1. The insider expected certain technical freedoms using the organization’s computer and network systems but was reprimanded by management for exercising those freedoms. 2. The insider expected to have control over the organization’s computer and network system, but control was revoked or never given.

3. The insider expected recognition or prestige from management but suffered some sort of rebuke instead, such as being passed over for a promotion. The issue of rogue behavior among technology systems workers is not abstract. Carnegie Mellon studies of insider cyber-security breaches have found that people in technical positions are the primary culprits, and most of them had system administrator or privileged system access. In 2018, for example, the FBI’s Las Vegas Division announced it had busted an information technology professional whose job gave him access to the personal information for thousands of employees and customers. He methodically copied

than any single employee could manage to steal. In addition to being able to cause greater damage, a worker in information systems may not actually deserve the high level of trust they typically enjoy. Some cleaning staff are dishonest, to be sure, but one in three IT employees admit to snooping through confidential information at their workplaces, like wage data and personal emails. Additionally, insider threat research shows it is rare for dishonest workers to go outside of their normal scope of work in the commission of a workplace crime. So while companies should be mindful that unscrupulous cleaning staff might steal someone’s personal property, it should appreciate

At the heart of the problem is the tendency of businesses to exclusively focus security efforts on their primary risk. Consumer-facing companies like retailers and others that fall under privacy protection laws often do a better job of auditing their handling of private information, but they may neglect to protect their business secrets. that information, took it home, and opened about 8,000 fraudulent and unauthorized PayPal accounts. He then applied for linked credit accounts using the stolen identities and engaged in a series of complex web transactions that ended with him at bank ATMs extracting cash from debit cards. He had eight computers running an automatic script to open online accounts using the names and identifying information he’d stolen from work. Other data presented at the GSX+ conference suggests that corporations remain preoccupied with staff who, even if dishonest, are generally incapable of doing an organization extensive damage, while often turning a blind eye to workers who can do real harm, such as IT workers. Workers who have access to the purse strings have always presented an obvious insider threat, but in a technology-driven world, it is system operators and specialists who may be able to cause more damage

NOVEMBER–DECEMBER 2020

that the IT department may have an equal percentage of dishonest workers—and that they have far more valuable assets at their disposal. The same company that locks file cabinets to prevent late-night staff from poking where they shouldn’t often gives IT workers the run of the network even when they don’t need it, noted one cyber-security expert. Organizational change needs to start in the hiring process. Prospective loss prevention and cleaning staff are typically examined with an eye toward “can I trust this guy?” IT workers shouldn’t—but often do—escape the same scrutiny. “Identify where your organization’s risks are. Who in your environment has keys to the kingdom or are in higher risk roles? How capable are they of causing harm to the organization? And then how does that compare to the risk controls in place?” said Tsakiris. “Insider prevention requires good hiring practices and applying life-cycle

LOSSPREVENTIONMEDIA.COM

OUR OWN WORST ENEMY? personnel management to rescreen and conduct enhanced monitoring for employees in higher-risk roles or who are starting to display concerning behaviors,” she added.

Life-Cycle Personnel Management

Knowing that insiders are disgruntled first and strike later, experts focus on the connection between them. Within the gap, they suggest opportunity. If managers, who supervise technical workers and others in unique positions to do harm, recognize performance and behavioral problems as a possible security issue—and communicate it as such—then retail organizations can better prevent incidents. Several experts advised security leaders to push their organizations to pay greater attention to concerning behavior by an employee following a negative work-related event, to possibly include greater monitoring of the employee’s network activity. A company may not have the capacity to watch everyone’s online activity all the time, in which case it’s valuable to maintain awareness of employee dissatisfaction and troublesome behavior to target proactive system monitoring. Targeted monitoring of online activity by employees of concern can prevent insider theft and sabotage by immediately detecting technical precursor activity, they advise. The reason behind insider activity is typically complex, according to Hansen. There is often more than one motivation, perhaps a toxic mix of financial troubles, a lack of loyalty, and perceived insufficient recognition. He suggested security needs to be equally layered to match it, by taking a “defense in depth” approach. It starts with looking for indicators of trouble during the hiring process—for financial, personality, and other red flags—but must extend to controls throughout the employee’s lifetime. One often overlooked risk is when employees temporarily take on roles during job vacancies. Too often, Sherri Ireland

temporary privileges extended to an employee while companies fill positions are never revoked, according to Sherri Ireland, CISSP, president of Security Exclusive, a cyber and physical security consulting firm. “It’s happened to me when I would oversee another department while they were looking for a new hire,” she noted. “It’s really important to audit to make sure your employees have access they require to do their jobs and nothing more than that.” Organizations tend to do a good job advocating for the concept of “least privilege,” but they often do an incomplete job of auditing whether they follow it, she warned. Security controls also tend to grow lax around long-time employees, which runs counter to the actual threat. “Major employee fraud typically occurs by employees with at least five years tenure,” said Ireland. Case in point: the eye-popping case a decade ago when a Fry’s Electronics employee of twenty years was found guilty of embezzling $66 million over four years. Or the arrest a few years ago of a wireless retailer’s veteran chief operation officer who, for several years, held a secret consulting agreement with a financial services firm to provide it with confidential information regarding sales, compensation, and product launches at the retailer’s 400 locations. Ireland warned that insider theft is often committed with security controls in mind, citing an example of a retail employee who stole just under its investigation Malique Carr threshold of $50 every day for fifteen years before being caught. Malique Carr, PhD, a psychologist and vice president for TorchStone Global, a global risk mitigation and security firm, similarly warned that organizations must review their theft prevention posture against both insiders that opt for the “low-and-slow approach and skim a little off the top” and those that go for the big score. “Employees need privileges to perform their roles effectively and responsibly, LP MAGAZINE

NOVEMBER–DECEMBER 2020

but privileges should be accompanied by controls, with segregation of duties for example,” said Hansen. As such, employee monitoring and recognizing threat indicators are key elements in safeguarding a company against the insider threat, along with educating nonsecurity managers about threat indicators. Often, activity a security professional would recognize as a threat, nonsecurity personnel don’t, noted one asset protection professional. “You need cyber-awareness training all the way up to the C-level,” added Ireland. Once triggered, an insider’s behavior will often reveal their activities if an organization has positioned itself to notice it. Carr said common indicators may include failing to follow security protocols, questionable downloads or data transfers, changes in computer and phone use, and printing off large amounts of material. Data security tools, improved by AI, are a necessary layer of protection against rogue insiders, said Ireland. “IT activity needs to monitor for anomalous activity. Why is she coming in and downloading documents at 3 a.m.?”

OUR OWN WORST ENEMY? Continuous evaluation by technology is hugely valuable, but not as a standalone, according to Scott Stewart, vice president at TorchStone Global. “The AI tools are helpful, but they do require effective and constant analysis from a human being, a human being that is going to look at those records and put their arms around it,” he told the GSX+ audience. “Humans are quite good at spotting insider threat actors. And even better if they are trained. And if there is a good program in place and they know where to report that information, and they know that the information Scott Stewart

full awareness of all access paths available to each of their employees, conference presenters noted. An access path that is unknown to management is not necessarily illegitimate, but organizations should reduce unknown access paths by identifying them, reviewing each for validity, and disabling those without a justified business need. In investigations of actual incidents, several cases have involved system administrators who created backdoor accounts with system administrator privileges, knowing that because account audits were not conducted the account would not be detected, and they could conduct an attack following the end of employment. Other insiders have configured malicious code logic bombs to go off after getting fired,

On a hopeful note, CM’s Management and Education of the Risk of Insider Threat (MERIT) project finds that insiders who hack or sabotage IT systems usually tip their hand that they might do it. In 80 percent of cases, before committing cyber crimes against current or former employers, perpetrators appeared disgruntled, showed up late, argued with coworkers, and/or exhibited other performance problems. they report is going to be examined professionally and handled confidentially, then insider threat patterns can be disrupted.” Tsakiris made a similar point in her conference presentation: “Awareness of technical and behavior-based indicators that exist is the key to early course correction.” It’s critical that the life-cycle approach to insider threat security extends to the end of employment, stressed several experts. “If an employee resigns, IT needs to know, and there needs to be monitoring for any unusual activity in the weeks before they leave,” advised Ireland. Some studies suggest that nearly half of insider attacks on company systems are by ex-employees whose access to company systems are not revoked. Disabling access following termination is critical—and to do it effectively, organizations must have

knowing that their employer didn’t have configuration management procedures to detect it. Finally, other technical insiders used passwords for shared accounts to get in because there was no formal tracking mechanism for access to those accounts, so they were overlooked when the worker was fired. In short, it’s critical that companies don’t perceive removing network access as a procedure to follow when a worker is terminated; rather, as an ongoing process that ensures the performance of proactive, ongoing, rigorous access management practices that make it possible to remove access when a worker is fired. An insider threat can take many forms: employees, former employees, trusted third‐party suppliers, and contractors and subcontractors. While nefarious motives are certainly behind

NOVEMBER–DECEMBER 2020

many insider incidents, Tsakiris said organizations also need to examine how simple mistakes can lead to data leakage, exposure of sensitive materials, or unwittingly cause loss. As the cause of 44 percent of data loss incidents, the unintentional employee insider—either negligent or unwitting—is the single greatest source. “They are actually the biggest risk,” said Tsakiris. “This is the employee who simply didn’t follow policy and isn’t even aware of what they did.” She said it underscores the importance of building an insider risk program around a holistic approach that includes providing education to workers and creating a workforce culture of security and data protection. “That figure also tells us that we need to be keenly aware of what both malicious and nonmalicious threat indicators look like and to not wait for a threat event to occur for a first point of contact with the insider.” Mario Paez said retailers should be particularly mindful of the risk from the inadvertent or negligent practices of vendors and suppliers. He cited a case last month when an electronics manufacturer was hit by ransomware, potentially posing a risk to large retail partners, but that they were quick to identify it. “The retailers had some very good vendor risk management and auditing processes in place to react to the incident to make sure their systems were not affected and to assess if their supply chain was going to be impacted,” he said. “Ideally, this is an exposure where retailers should train more eyes and ears. Currently, there is probably not enough attention on that aspect of the insider risk.” NetSPI’s Florindo Gallicchio agreed, telling LP Magazine that he’s found vendor/employee collusion to be an underrecognized threat by retail organizations. “Shoplifting by customers and employees and underpaying at self-serve checkout lines [are recognized]. Not enough consideration is given to insiders leveraging external/third-party sources to perpetrate a crime,” he said. Risk is present whenever a retailer uses a third-party for generating or supporting their business, he warned. “Retailers must

LOSSPREVENTIONMEDIA.COM

OUR OWN WORST ENEMY? strengthen their procedures and apply accounting checks to every transaction to stop this theft.” Both Stewart and Hansen stressed the importance of organizational culture in either preventing or promoting insider activity. Security and loss prevention leaders need to be honest about the culture they have if they are to align security controls with the insider threat level. Warning signs accompany insider threat activity, but whether they will be identified, reported, and addressed depends a lot on a retail organization’s existing culture. “If you develop a good workplace culture, one that cares for people and shows that care, then issues or experiences that might otherwise be triggering events can be a chance to help employees,” said Stewart. “People are more willing to discuss and report issues when there is a sense that the company is interested in helping employees and when it’s not a death sentence for reporting someone’s issues or troubles.” Early intervention not only helps prevent

insider threat but also results in greater productivity and employee retention. “A good security culture is vital, and trust is an important issue,” agreed Hansen, noting that line management plays a particularly important role. “Research indicates that when employees are happy, they thrive. And if they are treated fairly, they are less likely to become insiders. Tell insiders that the organization trusts them but be clear when people join and when rules change that the organization expects them to protect the information and the systems to which they have access. Impress upon them that they have a personal responsibility to uphold the trust and then make trustworthiness concrete for them by describing what are acceptable and unacceptable behaviors.”

Under a New Normal

“During this time of pandemic, major real-world stressors like financial strains from family members losing work, health crises, family deaths, relationship

strain leading to breakups, coupled with people not having access to normal coping strategies and support systems, have really created this perfect storm for insiders to act out in ways they wouldn’t normally,” said Dr. Malique Carr. Experts note that, in some ways, remote work and workforce changes make the insider threat more manageable, in other ways more complicated. A malicious insider may not have the necessary physical access to commit some acts—to an office, or network, or company printer, for example—but they also may be harder to identify as they move through that insider threat kill chain. Regardless, they say, all retail organizations need to review how insider risk may have changed during the pandemic. The COVID-19 pandemic has brough immeasurable financial, physical, Val LeTellier

Tired of Waiting on a Promotion? Take control of your future, get loss prevention certified and STAND OUT from your competition.

n n n n n

Loss prevention managers College students Store managers Operations support roles Anyone interested in a career in loss prevention SM

Commit to your future TODAY!

LPCERTIFIED Designed to provide advanced loss prevention education for experienced LP professionals with three years’ experience or more: POWERED BY THE LOSS PREVENTION FOUNDATION

www.losspreventionfoundation.org LP MAGAZINE

NOVEMBER–DECEMBER 2020

Loss prevention management Loss prevention executives

OUR OWN WORST ENEMY?

25 Tips for Preventing, Detecting, and Responding to Today’s Insider Threat Below are quotes compiled from interviews with security consultants, technology officers, LP executives, and expert presenters at the 2020 ISC and GSX+ conferences.

1. A governance model is a key foundation of an insider

16. Rotating roles is an excellent practice to ensure

risk program. 2. Retailers that segregate systems and are compliant with all required data security and privacy safeguards already greatly reduce insider risk, but you need to be compliant and auditing. 3. Use tabletop exercises to examine how your organization would respond to different changes in employee behavior and in a range of different insider threat events. 4. Educate senior people about insider threats to prevent an overly “trusting” attitude to flow from the top down. 5. To avoid a conflict of interest, incidents captured by an employee hotline or “ethics line” should be accessible by more than one department: HR, legal, security, internal audit, or others. 6. Create an insider incident response plan. 7. Review controls for time and attendance fraud: it is both exceedingly common and more costly to organizations than most realize. 8. Whenever you hire a contractor or consultant, you need to confirm that the individual is not a former employee who was fired for cause. 9. Business partner access to computer networks should be accompanied by a formal permission request and an internal business case for why network access is needed. 10. Any manager who supervises tech workers that can sabotage company systems should be trained on relevant risk markers, including emotional outbursts, black-and-white thinking, inability to take constructive criticism, and disengagement. 11. Social media is an excellent early warning source of potential insider threat activity. 12. Insider threat programs can harm morale if operated carelessly. Run all insider threat program activity through a prism of employee privacy and morale issues. Ask, “Does it bring true value to your strategy?” 13. Bring a whole-threat approach to an insider threat program. 14. Be mindful that money is probably in short supply for company insider risk programs and use that to guide how you advocate for reducing insider threats. A key issue is how you are going to measure and show a return for effort spent to reduce the insider threat. 15. Company risk managers are valuable but often underutilized assets for preventing insider threat activity.

NOVEMBER–DECEMBER 2020

redundancy in an organization, improve morale, and deter employee fraud. Separation of duties is an internal business control that helps prevent fraud and identify errors. 17. Whether or not you have an established insider threat program, you are probably dealing with insider incidents. It’s important to step back to view how they are being handled and see if there are ways that coordinating the effort might provide efficiencies or reduce risk. 18. Including security in new employee orientations can help build a security culture and foster a culture of trust around security issues that makes insider threat activity less likely. 19. Top executives can be unintentional insiders. By posting pictures of a family vacation in Spain on Instagram, for example, they create opportunities for spoofing attacks. 20. Training the team that is going to be doing an internal investigation is critical. You want to make sure they understand what the process, procedures, and protocols are and that they don’t do their own thing—not only because privacy and employee relations are on the line in insider investigations, but also to avoid overlooking something or missing part of the process. 21. Evaluate contracts for whether they prohibit files to be transferred across unprotected networks/systems, which home/personal systems won’t meet. 22. Background checks for store employees need to be particularly rigorous for individuals who are going to have access to critical or sensitive data. Especially at middle market retailers, these checks are frequently too cursory. 23. Data breach detection, investigation, and response protocols are critical because too often retail organizations have problems detecting and dissecting breaches. It’s why some surveys report external hacking is the source of most incidents while others say it’s insiders. 24. Companies allocate resources to protect customer, medical, and payment card information, as they should, but more emphasis needs to be placed on protecting the intellectual property and data that has intrinsic value. If IP is lost, it can cause long-term competitive harm. 25. If the issue is solely data leakage, then IT pros can carry the heavy load. But when motives are more sinister, security leaders need to step in.

LOSSPREVENTIONMEDIA.COM

OUR OWN WORST ENEMY? and emotional stress to the world, explains Val LeTellier, an insider risk consultant, former counterintelligence officer, and chair of the Insider Threat Committee on the ASIS International Defense and Intelligence Council. “And make no mistake. Just as ordinary stress levels push insiders to action, extraordinary stress levels push more insiders to greater action.” In the store environment, the impacts could be profound, thinks Ian Kelly, vice president of operations at NuLeaf Naturals. “I think it is important to remember that employee theft occurs under some specific circumstances: feeling like they are ‘owed’ something and desperation,” he told LP Magazine. “If, as a company, you have been unable to provide enough hours or are cutting corners when it comes to employee support and safety, you will see an increase in employee theft.” A lack of resources Ian Kelly could compound

retailers’ troubles. “COVID-19 has certainly changed the nature of the insider threat for retail organizations, and given the reduced workforce retailers are employing, there is reduced monitoring,” warned Gallicchio. Reduced capacity at retail stores to combat attacks could lead to more opportunities for attackers to steal, he suggested. In the current environment, loss prevention and employee relations are more intertwined than ever, suggests Kelly. “This is a time when employees need to be shown they have value as well as humanity. Doing anything less than this will inspire them to retaliate,” he said. “Even if you are unable to retain all of your employees or give hazard pay, try to give support in other ways.” These include being transparent in communications, extra perks, perhaps steeper employee discounts, and being supportive of employees when they must deal with confrontational customers who put their safety at risk. “You must give employees reasons to be loyal, especially during difficult times when everyone is struggling,” said Kelly.

LP MAGAZINE

NOVEMBER–DECEMBER 2020

LeTellier said many companies’ temporary remote work programs are drifting toward permanence. Expect remote work to continue to grow, he said. “With more employees working from home, plus those already working from client sites on the road, the result is an amorphous digital fence, with insiders having greater responsibility but far less direct oversight.” Alex Sharpe, principal at Sharpe Management Consulting, characterized COVID-19 as the ultimate accelerator for remote work. “Dining room tables became desks. Bedrooms became home offices. Suddenly 42 percent of people were working from home,” he said during his GSX+ presentation, “Securing the Remote Worker and the Cloud.” Alex Sharpe In-store retail and grocery operations remain familiar, but corporate office models are changing as they are in just about every industry, he

OUR OWN WORST ENEMY? said. It complicates conventional insider risk prevention and degrades traditional early warning resources. “Everything is hybrid, not completely in the cloud and not completely on-premises. The question becomes, then, how do we ensure access control across all applications no matter where the user is located?” said Sharpe. “We’re going to rely more on the remote worker to have good cyber hygiene, and since remote workers very rarely work exclusively from home, usually working in multiple locations and often coming back to the office, we’re going to have to have security processes and policies that transfer across the different environments.”

When the perimeter is porous, identity is critical, as it provides the basis for access control and user permissions. But identity management is all based on a “source of truth,” warned Sharpe. “Who are the employees? Who are the contractors? Are they still employed? What’s the location? What’s the contact information? And then privileges are formed around that. Unfortunately, most sources of truth are out of date,” he said. Where organizations tend to have a problem, said Sharpe, is failing to update permissions to align with employees as their status and duties change. “A lot of breaches occur because a terminated

employee’s account is compromised, and that’s only going to increase.” Threat indicators are also different for employees of retail organization who are now working from home—many for the first time. With respect to the unintentional insider risk, there is the potential for sleep issues, greater substance use, or additional stress from multitasking with extra issues at home—and it can be hard to see workers’ level of distraction or disengagement remotely, said Dr. Carr. “This could also be the person who is just not very tech savvy, who might have outdated protection on their home networks, or just someone who is very trusting and open.” Managers

Simulated Effects of Policy Levers to Mitigate the Insider Threat Lever

Description

Effect

Employee intervention

Positive interventions like employee assistance or counseling that attempt to lower disgruntlement directly, to reduce inappropriate behavioral or technical actions by insider.

Sanctioning

Punitive measures that attempt to motivate the have the opposite effect of increasing insider to reduce their inappropriate behavioral or May disgruntlement and inappropriate actions. technical actions to avoid additional sanctioning.

Technical monitoring

Real-time measures to track and analyze an insider’s online actions, such as the use of access paths or information and resources accessed.

If technical monitoring is not initiated or quality is low, management may not have an accurate sense of the risk that an insider poses.

Training

Education of employees on appropriate usage of computer and network systems and the consequences if misused.

Training quality affects the rate of inappropriate online actions and attacks by insiders.

Tracking

Efforts by management to keep track of access paths.

Poor tracking leads to high rates of access paths unknown by management, making it more difficult to disable paths and easier for the insider to conceal his actions.

Auditing and disabling access paths

Efforts by management to discover, understand, review, and disable access paths available to the insider. Allows comparing employees’ abilities and efforts to access information, create access paths, or use access paths against acceptable policies and procedures.

Facilitates discovery of access paths available to the insider. Poor audit allows insiders to amass many unknown access paths making it easier to conceal actions and attack after termination.

Termination threshold

The threshold of risk posed by the insider to the organization above which management fires the insider.

Too high a threshold may give a malicious insider additional time to attack the organization or take technical actions to set up an attack following termination. Too low a threshold may cause firing of valuable employees who just need a little intervention to solve their problems.

Termination time

termination time is too long, then the The time it takes the organization to terminate an If insider maintain authorized access to the insider once the termination threshold is reached. system may long enough to facilitate an attack.

May not be effective if quality of intervention is low.

Source: MERIT project, CERT Coordination Center, other sources

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

OUR OWN WORST ENEMY? should be mindful to watch for an increase in mistakes, late-night emails, alerts that they click on potentially malicious links, oversharing on social media, or poor boundary issues when it comes to work information. “These are employees who now may unwittingly become insiders.” “Since COVID-19 there has been an explosion in accidental sharing,” according to Sharpe, referring to nonmalicious accidental leaks of company information. As a percentage of information breaches, this has seen a 30 percent increase, he said. “In general, this kind of thing is fairly easy to take care of with awareness training, but as we get into the new normal, it’s something we clearly have to watch.” The malicious insider risk in work-from-home arrangements is also evolving with COVID, warns TorchStone Global’s Scott Stewart. “It’s easier for employees to fall into insider threat patterns because of stressors, and the two big tools we’ve had to stop it in the past are observation and cohesion. Cohesion leads to loyalty and feelings of responsibility, and that’s been lost in many organizations,” he said, along with less direct observation. Because of fewer “human sensors,” organizations may have to rely more on technical monitoring for insider threat activity. Training can also help, and many companies have stepped up their training, according to State of Cybersecurity, a study by CompTIA released in September. Along with more advanced technology, and greater use of cyber insurance, they are three ways that organizations are responding to enhanced cyber threats during COVID-19.

Culture Matters

Malique Carr cited a case from May in which a customer service rep was bribed by an external party to provide information on 164 million active users of an online gaming platform. “It was suggested that the worker felt they weren’t being adequately compensated,” she said, noting that such grievances can be harder to pick up on in remote work. The role employees play in systems vulnerability is clear when examining threats by the numbers. Data show 38 percent of system

penetrations involve a cooperating insider, Sharpe said. “This number has remained basically stable over the past ten years, roughly two in five.” Customer service representatives (CSRs) are currently a particular area of concern, said Sharpe: “By the nature of their duties, to resolve customer issues, they need to have more access and capabilities than most system users. And recruitment of CSRs appears to be on the rise. One development that’s been reported anecdotally is that the number of CSRs being approached to sell corporate information has gone through the roof.” Workers now could be more susceptible to the pitch. Without the peer review from working alongside other employees, natural checks and balances are missing, Sharpe noted. And when it comes to stealing and selling sensitive or proprietary data, the timeline of the insider threat kill chain accelerates when an individual is recruited, warned Stewart. A recent study by RedOwl and Intsights found front-line retail employees to be frequent targets of sophisticated criminal actors. “Our research showed continued recruiting of retail workers that have access to consumer credit card information,” according to Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web. Employees may be more drawn to commit large insider fraud in the current climate, warns Carr. “Those engaged in insider fraud are likely to have financial stressors, and it may be much easier for someone to engage in fraud if they’re working remotely and don’t feel a sense of attachment and loyalty to a company or their coworkers.” Tip-offs may also be harder to spot, which Carr said may include violations of company financial policy, possible data manipulation, getting a bit too chummy with suppliers, suspicious expenses, or demonstrating excessive control over financial duties. “The insider might also show signs of living large, or larger than you would expect given their position, but when it comes to remote work, you might have LP MAGAZINE

NOVEMBER–DECEMBER 2020

to look for more of these signs on social media,” she said. The malicious ex-worker also demands additional attention in today’s changing work environment. “Especially with remote employees, there needs to be a plan in place to eliminate all access points, retrieve all sensitive data, materials, equipment, and credentials ahead of termination, as it could be really hard to retrieve equipment after the fact,” said Carr. Sharpe agrees. “Employee termination is the hardest one,” he said. When remote terminations replace those done in-person, traditional catalysts for cutting off credentials are absent. “The moment someone is terminated, shut off everything: their devices, access to applications, their VPN, their MFA. Just have a policy and procedure—automated as much as possible with checks—to terminate it,” he said. “I cannot tell you how many times I have run into situations where something didn’t happen because a termination wasn’t handled personally.” The potential loss from a major incident is substantial, but even minor cases—a terminated employee

WE ALL KNOW…OR DO WE? OUR OWN WORST ENEMY? using a company credit card for months afterward—are still costly. Even the risk of insider workplace violence may be impacted from today’s world of work. “The remote work environment can be a backdrop to workplace violence, like when delivery personnel use their position to sexually assault a customer, or the recent case in which a man was arrested for a string of interstate shootings while working for a major shipping company,” said Carr. Compounding the risk from both intentional and unintentional data leakage

is that organizations are increasingly making sensitive data available to workers at “end points,” which in the case of a remote worker means their home. Security consultant Alex Sharpe said data show a 41 percent increase in such end-point data since COVID-19, accelerating an existing trend. “With COVID and remote workers, that end point is now outside of our castle. They’re not on our network, and we don’t physically control the space.” And, often, it means sensitive data resides in insecure devices. Some 90 percent of laptops, for example, are running two

Experts note that, in some ways, remote work and workforce changes make the insider threat more manageable, in other ways more complicated. A malicious insider may not have the necessary physical access to commit some acts—to an office, or network, or company printer, for example—but they also may be harder to identify as they move through that insider threat kill chain. versions behind, which include patch levels, according to Sharpe, adding that is the vulnerability through which 60 percent of data breaches occur. “Hackers know that there is now a window, where all the basic blocking and tackling that we have inside the castle is not in place in a remote office, and they try to take advantage of that,” said Sharpe. “They also know that many corporations have spent a lot of time focused on physical and technical controls, but they haven’t instilled a true cyber-security culture, at least not a cyber culture that is appropriate to a home office, so they’re trying to exploit that before that changes.” Peer pressure tends to reinforce good security practice, and out of view of colleagues, unsafe cyber practices can go unnoticed, Sharpe noted. He said a colleague who runs compliance for a major insurance company said, since COVID-19, that reports to their security hotline went to nearly zero as watchful eyes are removed from the equation. Remote work does make some threats less likely, such as someone exploiting sensitive information

NOVEMBER–DECEMBER 2020

they find in a printer, but it changes the threat rather than eliminating it, requiring security to retool to fit. Sharpe noted that remote work also tends to make workers feel less connected to the enterprise and—because they don’t get that routine feedback natural to in-person environments—are often less secure in their employment prospects. Both are triggers for turning a loyal LP team member or other employee into a potential threat to the organization. In short, insider threat prevention is getting more complicated. As such, it becomes even more important for organizations to be intentional in getting to know employees, according to Carr. “To be aware of which employees may be more susceptible to becoming an insider, to watch for precipitating events, and to always be screening for possible indicators of insider threat with every online and offline interaction,” she said. “We need to ensure it stays top of mind even while employees are out of sight and to work really hard to create and maintain community and connection.”

Additional Resources

There are many different aspects to the insider threat. The following LP Magazine resources delve deeper into some of them. Each of these articles can be found on the magazine website, LossPreventionMedia.com. ■ “The ‘Why’ Behind Intellectual Property Theft Cases“ ■ “How to Keep Data Secure from Insider Threats“ ■ “Supply-Chain Security Issues: Reducing the Risk of Data Breach“ In addition, there is a downloadable PDF “Insider Risk Self-Assessment Tool” on the website available to help security departments benchmark their internal policies and procedures against global standards.

GARETT SEIVOLD is senior writer for LP Magazine. A trained journalist, he has spent the majority of his career writing about security, risk management, supply chain, and loss prevention topics. He can be reached at GarettS@LPportal.com.

LOSSPREVENTIONMEDIA.COM

SOLUTIONS SHOWCASE CHECKPOINT

Welcoming Back Customers In-Store, In-Style Sleek Appearance, Maximum Detection

Features Wireless Connectivity Boosted Detection ■ Quick Fit Based ■ ■

Advantages ■ ■

Instant Synchronization No Floor Cutting

ming Back Customers In-Store,Customizable In-Style Acrylic Etching ■ ■ ■

pearance - Maximum Detection

RGB LED Colors Alarm Notification via Audio WAV File

is the first transparent acrylic antenna to ed in the NEO range. Designed with store s in mind, this sleek and slim antenna ich Bluetooth™ wireless connectivity and he highest performing electronics on the ur NG10 is the first transparent acrylic antenna to be he advance released RF technology de-aesthetics in in the NEO range.improves Designed with store mind, this sleek and slim antenna features richin Bluetooth™ igher detection rates mean reduction wireless connectivity and delivers the highest-performing electronics shrink across even the smallest ofimproves tagged on the market. The advanced RF technology detection.

Higher detection rates mean reduction in inventory shrink across even the smallest of tagged products.

With intelligence built in, the NEO platform advances performance capabilities beyond the traditional antenna. A sophisticated sensor, NEO can connect directly to store networks, by NEO smartphones, and the Checkpoint cloud platform with no middleware, allowing continuous and seamless data gathering. With its 24/7 real-time remote monitoring, any issues are picked up advancplatform NEO thenew in, The igence built immediately. electronics mean the antennas are compact and slimmer with the scope of supporting more technology, without the traditional beyond mance capabilities changing the aesthetics of the antenna frame.

A sophisticated sensor, NEO can connect the MAGAZINE store networks, smartphones and LP nt cloud platform with no middleware,

“As the first acrylic antenna to be released in the NEO range, we are CUSTOMIZABLE: excited to see the market reaction to • the Acrylic Etching NG10. We have already sold almost 1,000 units ahead of its launch, exceeding • RGB LED Colors expectations with thevia unbeatable • Alarm Notification Audio WAV File detection that NEO is renowned for.” – Simon Edgar, Senior Director of Global Product Management, Checkpoint Systems

NOVEMBER–DECEMBER 2020

SOLUTIONS SHOWCASE SOLINK

Thrift Store Operator Goodwill Cuts Costs and Shores up Defenses with Solink’s Intelligent Video

oodwill is an American institution that has expanded around the world. Founded in 1902, this nonprofit social enterprise provides job training, employment placement, and other community-based programs. Goodwill funds itself through a massive network of nonprofit thrift stores. Goodwill of Central and Northern Arizona operates about 125 locations in the state. Ensuring the safety and security of these locations is the responsibility of Larry Cruse, director of asset protection and safety.

“The time had come to upgrade to a system that would give us remote access, cloud storage and backup, and integrate with our points of sales more reliably,” Cruse said. This search led to Solink.

Solution: Intelligent Cloud Integration Unlocks the True Power of Video “We look at the ROI of any investment we put in place,” Cruse said. “We really liked Solink’s cloud-based system with its point-of-sale integration and exception-based reporting capabilities. When we asked about a camera from a different manufacturer, Solink did the homework on it. The Solink team never tried to push one vendor on us over another. They made sure we had the right information and connected us with the right people to make an informed choice for the results that we wanted.” With Solink—unlike the old video system used by Goodwill of Central and Northern Arizona—a tablet or smartphone can give access to the entire store network from anywhere. Cruse can receive real-time alerts triggered by activity and other exception-based reporting criteria, filter through hours of video in seconds, clip excerpts, and collaborate with his team and law enforcement in minutes. In addition, Solink’s integrations with Goodwill’s point-of-sale platforms solve a recurring headache Cruse endured with his old system.

Benefits: Sharp Drop in Repair Costs and Stronger Defense against Liability With Solink, Cruse has dramatically reduced the odds that Goodwill of Central and Northern Arizona will ever lose a fraudulent claim in court again. This has proven to be a powerful argument to deploy Solink across its entire footprint. He estimates that Solink will save him $200,000 to $300,000 a year in unexpected repair and replacement costs. His operational costs will also be lower since he has more flexibility with increased camera integrations as well as increased efficiency in his LP/AP program. Customer service is also a big part of what Cruse values about Solink. “Everyone at Solink is really centered around what the customer needs versus what’s easy for them as the vendor,” he said. “They are proactive, always looking at different ways to improve an existing system and identify issues before my team is even aware of them. No one at Solink is ever satisfied with the status quo.” For more information on Solink, to receive a free Apple TV, and speak to a Solink video surveillance specialist, visit www.solink.com/hello_lpm.

Challenge: Poor Defense against Fraudulent Claims and Rising Repair Costs Cruse and his team have long relied on a mix of analog and digital video surveillance technologies at each location. Video surveillance has been central to the LP program for two reasons: first, video reduces your liability, whether it relates to internal or external specific claims; second, video provides visual evidence for investigation and serves as a deterrent. Cruse and his team had become increasingly dissatisfied with their video surveillance maintenance and repair costs. They lacked key features to help reduce loss and liability. In several cases, Goodwill had lost court cases to fraudulent claims because video wasn’t accessible and didn’t meet retention standards.

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

SOLUTIONS SHOWCASE CONTROLTEK

Now Is the Time Retailers Should Consider Implementing an RFID Solution Regardless of Their Size

etailers are living in a time of speed, efficiency, and pressure to secure assets while exceeding customers’ expectations. If you add in the evolving challenges presented by COVID-19 and the demand for contactless and e-commerce shopping experiences, it is no wonder why many retailers are turning to RFID solutions to help automate their inventory and business operations while creating a more seamless customer experience. Retailers with a limited budget may be hesitant to implement RFID because they view it as costly to integrate or having a long return on investment. The rapid advancement of technology, along with a reliable solutions provider, has improved RFID systems making them more affordable, scalable, and simpler to implement, allowing retailers to generate a quick return on investment.

RFID Solutions Help Retailers Gain Insight into Inventory and Enhance Customer Experience

RFID technology has endless potential to help retailers combat their ever-changing environments and gain access to real-time data for better insight and decision-making. Here is a breakdown of some of the many benefits of implementing an RFID solution.

Better Logistics and Supply Chain Management RFID technology enhances omni-channel fulfillment by automatically tracking assets throughout the supply chain journey, from manufacturing through distribution to warehouse to the sales floor. This enhanced visibility and control of the supply chain process reduces the need for human interaction, increasing efficiency while reducing human error.

Automated Inventory and Stock Counting Managing inventory no longer needs to be a manual process. Compared to the more familiar barcode inventory system, RFID allows retailers to scan hundreds of tags at once without them having to be visible. Not only does this speed up and streamline LP MAGAZINE

the process, but also it complements preexisting inventory procedures with little to no confusion for store associates. Simple and regular counts enable retailers to have accurate stock information more frequently and allows them to take full control of their inventory.

Real-Time Stock Availability and Instant Item Location The pandemic has accelerated customer behavior and expectations for omni-channel shopping experiences. With BOPIS (buy online and pickup in store), curbside delivery, and same- and next-day delivery, it is critical to have accurate stock quantities for customers who shop both online and in stores. RFID technology provides a 99 percent accurate overview of a retailer’s assets and the exact location of items. Real-time visibility into stock levels and location minimizes out-of-stock situations and simplifies merchandise retrieval, resulting in increased sales and enhanced customer satisfaction.

Advanced Self-Checkout As customers look for efficient and contactless shopping experiences, retailers can truly provide a contactless method of checkout with RFID. Friction during the checkout process comes from the time it takes for store associates to scan merchandise. With RFID technology, items are instantaneously checked out once placed on the self-checkout counter, eliminating the need to scan items. This reduces the time customers must wait in the checkout queue and provides them with an efficient, seamless, and truly contactless experience.

Point of Sale RFID can also be integrated with point-of-sale (POS) systems, allowing inventory to be displayed in real time. Store associates can see in-stock items at checkout and use that gathered data to track the sales patterns of specific items, allowing you to make more efficient restocking decisions. RFID can also help streamline the return process and combat growing return problems. Rather NOVEMBER–DECEMBER 2020

than having store associates manually log returns, items can be scanned quickly, saving the time it takes to get them processed and back on store shelves. Also, RFID tags conveniently track the history of an item, giving retailers visibility into whether an item was purchased and at what price, helping retailers combat fraudulent returns.

to eighteen hours of continuous operation, Android 9 software, and one of the largest displays in the industry. We also offer the Nordic ID EXA21, the world’s smallest RFID reader, a wearable device that is compatible with Android, iOS, or PC. Its lightweight and compact design makes it the ideal portable RFID reader for easy and comfortable on-the-go data reading.

RFID as EAS

The rapid advancement of technology, along with a reliable solutions provider, has improved RFID systems making them more affordable, scalable, and simpler to implement, allowing retailers to generate a quick return on investment.

A retail store’s security system is one of the most effective tools in fighting shrink and deterring theft. The addition of RFID technology makes that system a future-proof EAS solution. RFID tags and systems can act in the same role as traditional EAS tags and systems while also having the ability to store and communicate incredibly useful information for retailers. From an anti-theft standpoint, if an asset with an RFID tag leaves the store without being paid for, not only will the tag trigger the alarm, but also employees can see which exact product left the store, making it easier for them to ensure all the missing items are recovered, as well as having the ability to replenish the item to not lose a future sale.

Smart Software Solutions

We offer highly intuitive software solutions to enable complete visibility into your operations. We understand no two retailers are the same, so our software solutions have infinite configurability to match your operations, your complex workflow, and your requirements. Our solutions are easy to deploy and integrate seamlessly into your existing infrastructure. The power of RFID technology allows you to automate asset management and business processes and collect and consolidate information, so you can quickly transform it into actionable business intelligence.

Discover the Best RFID Solution for You with CONTROLTEK

When evaluating an RFID solution, it is essential to choose a solution that is a match for your short- and long-term goals to ensure the best return on investment. For the past forty-five years CONTROLTEK has partnered with many organizations, including banks, retailers, government institutions, armored couriers, and logistics companies, to understand their unique challenges and implement technology to help solve their problems. When it comes to RFID solutions, CONTROLTEK provides retailers, regardless of their size or budget, access to the highest-quality hardware, software, consumables, and seamless systems deployment.

Versatile Labels and Tags

Regardless of the type of assets you need to protect and track, we have RFID tags and labels to match. From freezers, to electronics to elegant apparel and cosmetic displays, CONTROLTEK’s line of RFID tags and labels help protect a variety of products in flexible and unobtrusive ways. We offer a variety of shapes, sizes, specialty materials, adhesives, and inlays, as well as customizable options.

First-Time-Right Deployment

High-Performance Hardware

At CONTROLTEK, we want to make it easier for your LP team to get the technology you need, help you get the return on investment you expect, and alleviate the most common pain points in the process. From start to finish, we focus on your business goals and budget, so you can protect your profitability. Our team of technology experts works with you to find the right RFID solution for your retail store for maximum results in your environment.

We understand the demands of a retail environment and the importance of hardware that will stand up to the test. In partnership with Nordic ID, we offer sustainable, long-lasting solutions designed for comfort and ease of use day in and day out. Introducing the newest and one of the lightest, rugged-designed handheld RFID readers on the market—the Nordic ID HH85 is made to perform in the most challenging conditions. It is the only handheld reader on the market that has NFC, RFID, barcode, and an integrated camera. It is built with an easy-to-hold ergonomic pistol grip, a battery life of up

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

SOLUTIONS SHOWCASE PROTOS SECURITY

Be Prepared to Pivot This 2020 Holiday Season By Kris Vece, LPQ

t’s no secret that this is an unusual time and that many staff and/or security officers are needed, either to fill in for functions within retail, loss prevention especially, others feeling unwell or to provide backup in the event of will be different. We face a volatile holiday season nearby protests. as increasingly cautious consumers and retailers both Even locations spared from being past epicenters of worry about illness, civil unrest, unemployment rates, the the virus or from previous protesting can experience rapid broader economy, and more. With changes in one (or both) concerns. COVID-19 restrictions alone, we This was demonstrated as the know that many stores may still virus spread through various need to limit capacity, leading to countries and even various states more consumer time spent waiting within the US, creating new and just to enter the store. Nearby often unforeseen epicenters. There restaurants with limited seating are numerous sources for tracking will make it more challenging for national to local COVID-19 consumers to shop all day, and trends, so the most important former holiday staples, like mall factors are ensuring the use of a Santas, will be rare. While there is reliable and consistent source of much that we can’t control this year, information that is kept as up to we can always work toward being date as possible. more prepared. Civil unrest can often be more To better understand and address complex to track, and it can current concerns, Protos Security be even tougher to determine – Kris Vece, LPQ, Protos surveyed its retail clients about their what might escalate to a level of Security, Vice President plans and challenges for the 2020 rioting and looting. Discussions of Strategic Accounts holiday season. All respondents expect around civil unrest frequently to continue the COVID-19 safety pick up a following online and measures they already have in place echo through various social such as requiring masks, enforcing media channels. Retailers and loss social distancing, and frequent prevention can begin to manage cleaning. The top concern among this risk by monitoring social retailers was less traffic to physical media to establish an awareness stores, regardless of the specific of the conversations and contributing factor (or combination continue to track the ones that of factors). So what can retailers and are escalating toward action in their loss prevention teams do to areas where retail locations may mitigate risks this holiday season? be vulnerable.

“We can’t control the future, but we can empower ourselves to respond proactively by being aware of trends and emerging threats.”

Ensure Adequate Loss Prevention Staffing and Updated Trainings

Track Trends for the Pandemic and Civil Unrest

Loss prevention can’t control locations where the virus will spread more rapidly or predict exactly where future incidents will spur civil unrest, but we can empower ourselves to respond proactively by staying informed through the available information. Being aware of trends and hotspot areas will enable us to be ready in the event that retail locations in a specific area may need to close again, as well as in the event that additional loss prevention LP MAGAZINE

Now more than ever, it is essential to make sure that your security provider has sufficient loss prevention staffing and the appropriate options in place to make last-minute changes, such as increasing coverage when needed. Loss prevention personnel and security officers need to continue to show up on time, take precautions to remain healthy, continue to comply with the newer safety guidelines, and be NOVEMBER–DECEMBER 2020

adaptable with newer responsibilities in their roles, such as providing hand sanitizer and enforcing social distancing. Moving beyond the basics, like arriving healthy and as scheduled, timely training adjustments and staff for such a critical safety-related role are essential in uncertain times. If the situation evolves and further safety measures need to be taken, your security provider needs to be able to adapt with you. Essential training now must cover the new normal procedures, and topics such as conflict resolution are more important than ever. With stress levels already heightened from a difficult year, along with growing pandemic fatigue as safety precautions continue and now the addition of holiday stressors, retail locations may continue seeing increasingly agitated consumers.

Avoid Neglecting Prepandemic Plans

to pay more attention this year to a potentially increased risk with online sales. Based on the increasing need for cyber security, we know that shrinkage and other theft doesn’t stop when people are behind screens.

Moving Forward

With any emergency, it’s essential to prepare by having plans in place ahead of time. The pandemic is a reminder that even the threats we tend to view as highly unlikely can not only occur but also escalate faster than we’d expect. Retail and loss prevention leaders need to be more prepared than ever this holiday season while balancing stagnant or only slightly expanded budgets, according to the National Retail Security Survey. Luckily, we’ve learned a lot over the past few months on how to provide a safe shopping experience, navigate rapidly evolving risks, and keep the industry moving forward. Our upcoming challenges—new and old—will be best navigated if we’re working together to share best practices and create a safer consumer and employee environment in spite of the year’s challenges. For questions or more information about the Protos Security retail client survey, contact marketing@protossecurity.com.

The year’s newer risks have taken the spotlight, but our enduring risks still deserve attention.

The year’s newer risks have taken the spotlight, but our enduring risks still deserve attention. Threats like active-shooter incidents can easily feel like prepandemic problems, but these incidents have not stopped. In fact, holiday shoppers are at a unique risk during a time when many other activities that would have drawn large crowds are canceled or postponed. Unfortunately, this means that holiday shoppers can become the best access to large crowds for potential active shooters. Active-shooter scenarios are just one example—it is important to check existing emergency and continuity plans for various threats. Even the best prepared plans may need to be altered for a pandemic environment, and we may need to be prepared for a culmination of different factors creating more complexity than we would have anticipated in prior years. As always, shrinkage will continue to be a challenge, especially after being at an all-time high for fiscal year 2019. According to the National Retail Federation’s National Retail Security Survey 2020, retailers attributed the majority of that to in-store loss, but we already know that 2020 will be an unusual year. While fewer people in physical stores do not guarantee less in-store shrinkage for 2020, we may have

About Kristine Vece, LPQ As Protos Security’s vice president of strategic accounts, Vece is responsible for all aspects of sales and client relations. Through relationship-building and a focus on excellence, she has earned a reputation as a loss prevention expert. She is an active member of the Loss Prevention Foundation, International Association of Interviewers, ASIS, and the New Jersey Food Council.

BECOME PART OF THE W LOSS PREVENTION & ASSET P

Now more than ever, it’s important to work t

With LPF’s world leadership in educating and certifying re individuals together to network, learn and grow. By work it the recognition we know it deserves, our LPF Mem we provide relevant, convenient and cha

By becoming a part of the membership program, y certifications, educational series, and much more while c around the world. Help inspire others while moving

Are you interested in obtaining your LPC or LPQ certification? Or do you know someone who would benefit from this career-advancing certification? Find out how Protos Security can sponsor you to obtain your LPC or LPQ: protossecurity.com/pausewithprotos.

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

BECOME

Loss

ANNUAL INDEX January–February 2020 A Long and Winding Road by Garett Seivold, LPM Senior Writer (p. 15) Incident Reporting Best Practices by Steve Hewitt (p. 39) How to Set Up a New Team for Success from Day One by Bruce Tulgan, RainmakerThinking (p. 51)

Ethics with Dustin Ares, LPC, Malong Technologies (Jul/Aug 2020 p. 36) Do Not Procrastinate with Lea Tamarack, LPC, Big Lots (Sep/Oct 2020 p. 36) Closing the Gap between LP and Safety with Meredith Plaxco, LPC, PetSmart (Nov/Dec 2020 p. 24)

March–April 2020 Getting in on the “Good” Thing by Garett Seivold, LPM Senior Writer (p. 15) Running Scared by Kenna Carlsen, LPRC (p. 41) The Evolution of Interviewing by Tony Paixao, CFI, CFE, Wicklander-Zulawski (p. 53)

Cyber Security by Garett Seivold Cyber versus Physical Security: What Do CEOs Care About? (Jan/Feb 2020 p. 56) Another Phish in the Sea (Mar/Apr 2020 p. 50) Preparing for Return-to-Work Cyber-Security Risks by Stephen Burke (Jul/Aug 2020 p.48) Are RFID-Blocking Wallets Necessary to Prevent Credit Card Fraud? (Sep/Oct 2020 p. 68)

May–June 2020 In Sickness and in Health by Garett Seivold, LPM Senior Writer (p. 15) Preparing for an ORC Epidemic Post COVID-19 by Jacque Brittain, LPC, LPM Editorial Director (p. 39) The Evolution of ORC in Retail Today by John Matas, CFE, CFCI (p. 47) July–August 2020 Protests and Property Protection by Garett Seivold, LPM Senior Writer (p. 15) Caught on Camera by Adrian Beck (p. 39) Becoming Your Workplace’s Go-to Person by Bruce Tulgan, RainmakerThinking (p. 49) September–October 2020 Eyes Wide Open by Garett Seivold, LPM Senior Writer (p. 15) Improving Inventory Record Accuracy by Colin Peacock, ECR Community (p. 39) We All Know…or Do We? by Cory Lowe, PhD, and Read Hayes, PhD, LPRC (p. 49) November–December 2020 The Irrational Fear of Cash and the Risks to Retail by Tom Meehan, CFI, and Jessica Pohlen (p. 15) Operation Proof of Purchase by Jacque Brittain, LPC, LPM Editorial Director (p. 37) Our Own Worst Enemy? by Garett Sievold, LPM Senior Writer (p. 47) Interviews by James Lee, LPC A National Shoplifting Prevention Coalition with Caroline Kochman, Barbara Staib, and Renee Sirianni (Jan/Feb 2020 p. 27) The Importance of Managing Shrink and Waste with Mike Lamb, LPC, Kroger (Mar/Apr 2020 p. 29) Speaking Out in a Pandemic. Solutions providers pivot their businesses to meet customer and community needs. (May/Jun 2020 p. 29) From Burglar Alarm Salesman to Executive Vice President with Mike Grady, LPC, Vector Security (Jul/Aug 2020 p. 29) Reflections on a Generation of Leaders. Notes on the careers of recently retired LP executives (Sep/Oct 2020 p. 29) The Power of Public-Private Partnership. Retailers, law enforcement, and the court system come together to fight ORC. (Nov/Dec 2020 p. 27) Ask the Expert Key Control Should Control Access and Costs with Cita Doyle, LPQ, InstaKey (Mar/Apr 2020 p. 57) All Hands of Deck with Kevin O’Brien, DTiQ (May/Jun 2020 p. 67) How Retailers Can Use Computer Vision to Adapt to Changing Times with Tom Meehan, CFI, CONTROLTEK (Jul/Aug 2020 p. 57) Supportive Coaching Reduces Shrink and Adds to the Bottom Line with Corey Adams, Appriss Retail (Sep/Oct 2020 p. 48) Acting as One during the Pandemic with Hedgie Bartol, LPQ, Axis (Nov/Dec 2020 p. 46) Certification Expanding Your LP IQ with Troy Harding, LPC, Kroger (Jan/Feb 2020 p. 36) A True Benefit with Byron Smith, CFI, LPC, 7-Eleven (Mar/Apr 2020 p. 38) Industry Knowledge and Credentials with Raymond Sosa, LPC, CVS Health (May/Jun 2020 p. 37) The Benchmark for Performance and

Diversity & Inclusion Leveraging Diversity to Enhance the Customer Shopping Experience by Timothy Williams, Esq. and Paul Jaeckle, LPC, Meijer (Jan/Feb 2020 p. 45) Editor’s Letter by Jack Trlica Why Cyber Security? (Jan/Feb 2020 p. 6) Coronavirus and Retail Security (Mar/Apr 2020 p. 6) Communications During the Pandemic (May/Jun 2020 p. 6) Take a Stand. Wear a Mask. (Jul/Aug 2020 p. 6) Retail Innovation Due to the Pandemic (Sep/Oct 2020 p. 6) ORC Successes and Initiatives (Nov/Dec 2020 p. 6) Evidence-Based LP by Read Hayes, PhD, CPP Signature Alerts (Jan/Feb 2020 p. 49) Addressing Both Red and Green Customers in Zones 4 and 5 (Mar/Apr 2020 p. 48) Getting Back to Business Safely (May/Jun 2020 p. 45) Making Judgments Only on Behavioral Cues Or Actions (Jul/Aug 2020 p. 55) Computer Vision Can Enhance DecisionMaking (Sep/Oct 2020 p. 57) Accuracy and Precision (Nov/Dec 2020 p. 35) Future of LP by Tom Meehan, CFI 2020 Retail Trends (Jan/Feb 2020 p. 47) Using Social Media as a Security and Threat Assessment Tool (Mar/Apr 2020 p. 26) Why You Should Leverage OSINT and Social Media Monitoring during COVID-19 (May/Jun 2020 p. 26)

Cyber-Security Strategies during COVID-19 (Jul/Aug 2020 p. 46) What Happens When Civil Unrest Turns Violent? (Sep/Oct 2020 p. 46) The Danger of Misinformation on Social Media (Nov/Dec 2020 p. 44) Interviewing by David Zulawski, CFI, CFE, and Shane Sturman, CFI, CFE The Words Matter (Jan/Feb 2020 p. 12) Types of Denials (Mar/Apr 2020 p. 12) Storytelling: Part 1 (May/Jun 2020 p. 12) Storytelling: Part 2 (Jul/Aug 2020 p. 12) Timeline: Another Interviewing Tool (Sep/Oct 2020 p. 12) Random or Planned? (Nov/Dec 2020 p. 12) LPM Excellence Recognizing the Best in LP Read Hayes, LPRC, and Shane Sturman, WZ (Jan/Feb 2020 p. 38) Fritz Hirchert, NEXCOM, and Mat Schriner, LP Foundation (Mar/Apr 2020 p. 28) The Retail Industry and Everyday Retail Heroes (May/Jun 2020 p. 28) Lisa LaBruno, RILA and Guy Yehiav, Zebra Technologies (Jul/Aug 2020 p. 28) Millie Kresevich, Luxottica, and Adrian Beck, University of Leicester (Sep/Oct 2020 p. 28) Joe Hopkins, LAPD, and Rhett Asher, ThinkLP (Nov/Dec 2020 p. 26) Parting Words by Jim Lee, LPC Closing Thoughts from Sandy Kennedy (Jan/Feb 2020 p. 66) What’s Golf Got to Do with It? (Mar/Apr 2020 p. 66) Hard Times (May/Jun 2020 p. 66) Your Impact on Others Matters More than You Think by Kevin McMenimen, LPC (Jul/Aug 2020 p. 66) Take Action in the New School of Uncertainty by Merek Bigelow (Sep/Oct 2020 p. 74) Through It All, There’s Much to Be Thankful For by Jacque Brittain, LPC (Nov/Dec 2020 p. 74) Supply Chain Loss Prevention Russian Style by Glenn Master (Jan/Feb 2020 p. 24) The Impact of COVID-19 on Supply Chain Theft Activity by Ryan Shepherd, CargoNet (May/Jun p. 54) The COVID-19 Evolution and the Global Supply Chain by Glenn Master (Sep/Oct 2020 p. 55)

Statement of Ownership Publication title: LossPrevention. Filing date: 10/1/20. Issue frequency: bi-monthly. No. of issues annually: 6. Mailing address of office of publication: 700 Matthews Mint Hill Rd, Ste C, Matthews, NC 28105. Mailing address of headquarters: same. Name and address of publisher, editor, and managing editor: Jack Trlica, same address as above. Corporate owner: Loss Prevention Magazine, Inc., 700 Matthews Mint Hill Rd, Ste C, Matthews, NC 28105. Stockholders: Jim Lee, 10433 Pullengreen Dr., Charlotte, NC 28277; Jack Trlica, 7436 Leharne Dr., Charlotte, NC 28270. Publication title: Loss Prevention aka LP Magazine. Issue date of circulation data below: July-August 2020. Avg. No. Copies No. Copies of Single Each Issue During Issue Published Preceding 12 Months Nearest to Filing Date Total no. of copies 14,867 14,600 Outside county paid/requested subscriptions 11,709 11,003 In-county paid/requested subscriptions 0 0 Other paid/requested distribution outside USPS 2,011 2,003 Requested copies distributed by other mail classes through USPS 0 0 Total paid and/or requested circulation 13,720 13,006 Outside county nonrequested copies 196 1,174 In-county nonrequested copies 0 0 Nonrequested copies distributed by other mail classes through USPS 0 0 Nonrequested copies distributed outside the mail 236 0 Total nonrequested distribution 432 1,174 Total distribution 14,152 14,180 Copies not distributed 715 420 Total 14,867 14,600 Percent paid and/or requested circulation 97% 91.7% Electronic copies requested 14,203 14,872 Total print and electronic requested 27,923 27,878 Total distribution print and electronic 28,353 29,052 Percent paid and/or requested both print and electronic 98% 96% Name and title of publisher: Jack Trlica, Editor and Publisher Date: 10/1/2020 LP MAGAZINE

NOVEMBER–DECEMBER 2020

New Product Product Spotlight New Spotlight

ADT Commercial

Unpack the Truth in E-commerce Returns

Recognized as Axis Communications’ 2020 Retail Partner of the Year, ADT Commercial provides comprehensive, integrated security services and scalable solutions to retail facilities. We strive to be the best technically trained team in the business and take a holistic approach in effectively protecting the people, property, and assets in retail environments across the US.

Verify® return authorization from Appriss Retail can help you prevent fraud and protect profits in omni-channel returns before you even need to consider logistics by: • Supporting customized return recommendations for any channel • Bridging all channels to analyze both purchases and returns • Providing a single interface for all returns • Managing the best customer experience

adt.com/commercial/retail

bit.ly/3jHVeoo

The Platform for Retail Crime Investigators of the Future

Take Control of Your Inventory with RFID

Auror Investigate is designed to help power the retail crime investigators of the future by:

When it comes to RFID solutions, CONTROLTEK provides retailers access to the highest-quality hardware and software and provides seamless systems deployment. In partnership with Nordic ID, we offer reliable RFID devices like the new rugged HH85 handheld and EXA21, the world’s smallest RFID reader that turns any compatible smart device into an RFID reader.

• Automatically converting incidents into detailed timelines, links, maps, and evidence in your investigation • Managing caseload, tracking outcomes, and proving ROI in platform • Inviting, managing, and securely collaborating with trusted partners Find out how you can resolve more cases, faster, today.

controltekusa.com/rfid-technology

auror.co/for-investigators

NOVEMBER–DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

Switch Tech: Mechanical Made Digital

DefenseLite: Protect What’s Important to You

Replace virtually any small-format interchangeable cores (SFIC) with Switch™ Tech quickly and easily. Switch Tech allows for digital access control where previously impossible and eliminates key-management headaches. Switch Tech is easy and affordable with technology that delivers access intelligence at the core.

Designed to keep intruders out and to prevent smash-and-grab burglary, DefenseLite® is a patented security-glazing system designed to mount onto the existing storefront, transforming windows and doors into impenetrable openings that are 250 times stronger than glass alone. BulletShield® is the UL-tested bullet-resistant version for advanced forced-entry protection.

timeforaswitch.com

defenselite.com

Save Money with Better Key Control

Track Keys and Reduce Spending SecurityRecords.com® is cloud-based key tracking software offering visibility and control over all aspects of mechanical key system management in a way that paper files, spreadsheets, and PC-based software can’t. Tracking keys to key holders improves operational compliance and allows organizations to reduce spending on materials through visibility into training opportunities.

Get more than just locks and keys! InstaKey’s KeyControl Program is designed to harden security and save time and money. We do this with user-rekeyable locks (no locksmith needed), keys that cannot be copied, and cloud-based key tracking software that provides the data and insights needed to manage it all.

bit.ly/3lzuHuk

bit.ly/38yxPD7

LP MAGAZINE

NOVEMBER–DECEMBER 2020

New Product Product Spotlight New Spotlight

Give Associates Peace of Mind with Motorolaâ&#x20AC;&#x2122;s Body-Worn Cameras

Deterrence = Prevention Losses come in many forms: slip, trip, fall, fire, and shrink. Autonomous security robots can help by providing an ever-vigilant patrol of your facility that looks for anomalies, reminds employees and visitor to be safe, and documents incidents with 360-degree high-definition, eye-level video. Book a demo today to learn how we can help you.

The Motorola VT100 BWC is a small, unobtrusive device that can capture customer interactions on video and lower the possibility of aggressive situations. It provides video and audio evidence of any incidents and gives employees who wear them a valuable new way to feel confident while they continue to provide superior service.

knightscope.com/demo

lnlsystems.com/lpvt100

Protos = Security Officers + Monitoring

A VMS for Today and Tomorrow Now more than ever, affordable, scalable video surveillance software is essential to ensuring safety and security. Salient is enabling businesses of all sizes to continue critical monitoring activities with powerful new bandwidth management features and a new subscription offering.

With 4,000-plus vendors across North America and technology that places you in control of your security program, Protos has the local reach and customizable options to cover loss prevention needs both large and small. Request a demo today.

resources.salientsys.com/vmsfortoday

bit.ly/protos-demo

NOVEMBERâ&#x20AC;&#x201C;DECEMBER 2020

LOSSPREVENTIONMEDIA.COM

Introducing VisionWorks

VisionWorks for COVID-19

A cutting-edge collection of video-based analytic agents delivering operational insights using computer vision, artificial intelligence (AI), and machine learning. Vision Agents are created from industry-standard models in partnership with Intel and optimized using Sensormatic’s proprietary AI algorithms. Vision Agents can be deployed and leverage existing cameras and a Smart Hub appliance.

The Occupancy Agent helps retailers follow occupancy directives. Using camera feeds, this solution features a live tracker, so store occupancy doesn’t exceed retailer-set limits. Mask Detection Agents utilize store video to detect the masks. Mask Detection can be used with the Occupancy Agent to ensure shoppers wear masks upon entry. sensormatic.com

sensormatic.com

Innovative Technologies that Reduce Shrinkage and Risk to Increase Profits

A Data Scientist for Every Team ThinkLP’s Analytics & EBR platform was created to help LP teams of every size and budget turn data into valuable and actionable insights—even without a data scientist on staff. Run your loss prevention team on ThinkLP’s central intelligence platform to automate your data discovery efforts with beautiful and insightful dashboards and reports. It’s simply awesome.

Tally Solutions’ patented Smart Shelf platform alerts to potential ORC activity by measuring the amount of product removed from the shelf. Out-of-stock monitoring applications allow store managers, category managers, and brand specialists to see item-level movements at the shelf, judge customer behaviors, and eliminate out of stocks.

thinklp.com/loss-prevention-analytics

linkedin.com/company/tallyretail-solutions-llc

LP MAGAZINE

NOVEMBER–DECEMBER 2020

PEOPLE ON THE MOVE David Nagy is now

manager of internal controls for East Europe at adidas (Czech Republic). Derrick T. Dicoi is now

SVP and chief strategy officer at ADT. Steve McKinney was

promoted to regional AP manager at Advance Auto Parts. William Heard is now

director of AP at All Star Sports.

specialized revenue guardian; Michael Young, LPC, district LP manager; and Willie Gatling, district LP manager.

to area AP leader at Big Lots Stores. Tiago Anis is now

leader of LP at Brasil Supermarkets (Brazil).

John Matas is now

head of global fraud, risk, and compliance operations for Etsy.

Justina Reading, CFE, CFI is now a regional

LP manager at Brooks Brothers.

Micah Sheffield, LPC is now

a regional AP manager at Family Dollar.

Colin Kinlan was promoted

to investigation and analyst manager for ORC at Bunnings (Australia).

Amazon announced the following promotions: Brendan Saritschniy to head of global programs and services; Sean Donnelly to director, AMER fulfillment center LP; Nicola Street to senior LP program manager (Australia); Manish Shukla to senior program manager reverse logistic LP (India); Alex Cantrell to regional LP manager; and Kenny McCarty to multisite LP site lead.

Irene Mayol is now

Jack (John) Richards, ACFT is now fraud profit

Pablo Osvaldo Trevisan Quiroga was promoted

Ryan Torres is now

manager of data, systems, and investigations at Five Below.

inventory and fixed asset accountant at Burger King (Puerto Rico).

Efran Padilla, LPC was

promoted to divisional director of LP and safety at Floor & Décor.

Mike Nelson, LPC, CFI is

now a district AP manager at Burlington Stores.

Michael Caston is now

senior fraud analyst at Fortnum & Mason (United Kingdom).

Nadia Arciero is now a

regional LP manager at Canadian Tire (Canada).

Sanford Siegel, LPC is now

Doug Strange is now an

a regional LP manager at Fossil Group.

AP manager at Carvana.

Robert Mirakaj, CFI was

protection manager at American Golf (United Kingdom).

to head of national logistics and facilities at Cencosud S.A. (Brazil).

promoted to senior director of global security and business resiliency at Gap Inc.

Rafael Zinni was promoted

Christopher Perry, CFI Legacy was promoted to

Allan Watters, LPC is now

to LP supervisor at Americanas (Brazil).

Carlos Spindola is now a

LP coordinator at Aramis Menswear (Brazil). Edmundo Velazquez CFI, MA was been promoted

to national operations manager, profit protection at Coles (Australia).

Talisha Hare is now an area

AP manager at JCPenney. Claire Tuck was promoted

to senior manager of corporate profit protection at John Lewis & Partners (United Kingdom). Nate Manning was

promoted to president of building solutions for North America at Johnson Controls Andrew Leonard, CORCI was

promoted to manager of remote operations and investigations at Kohl’s. Marshall Poe is now a

regional AP manager at L Brands. Angel Ye, CICPA is now an

internal control manager at L’Oréal (China). Edouard Kane, CPP, AMBCI

is now head of security and safety for EMEA at Louis Vuitton (France).

now general coordinator of LP at GMAP Supermarkets (Brazil).

Rafael Davi Pires Ferreira is

Fil Rico was promoted

multistore AP manager at Home Depot.

Lowe’s announced the following promotions and new hires: Jon LaFontaine, corporate AP and safety manager; David Neer, LPC, regional AP, operations, and safety director; Austin Langenfelder, regional investigations manager; and Phillip Rice, district AP manager.

cofounder and CEO at Global Tradewinds.

director of AP and safety at CKE Restaurants.

Leonard Tetteh is now a

to regional director of enterprise risk for the US at Aritzia.

Aaron Wilder was promoted

Jonathan Duran, CPO is

now manager of security electronics at GSM Security (Mexico).

Tristen Shields, MA was

to director of LP at The Container Store.

Gilliard Ribeiro Antunes is

David L. Maxim Jr. is

Edward LeFever is now

Stephen McIntosh, MBA CPP CFI was promoted to

an AP coordinator at Hannaford Supermarkets.

senior manager of field AP USA at lululemon.

Jim Zurawski was

Anthony Pfleger is now

now LP coordinator at Atacado Máximo (Brazil). Stephen Hall was

promoted to division VP of LP at Bealls. Sandra Hughes, LPC, CFI is

now project manager of LP strategies and analysis at Bed Bath & Beyond. Marcus Toussaint, LPQ is

now a senior analyst for retail LP operations at Bell Canada Enterprises (Canada).

Lisa Kilgore was promoted

now a regional LP business partner at CosmoProf Beauty. Jerome Cromwell and John Kelly are now district AP

promoted to senior area LP manager at H-E-B.

leaders at CVS Health.

Chuck Jayson is now

DICK’S Sporting Goods announced the following promotions and new hires: Jih-Hao Jim Cheng, LPC, Esq., director of LP operations; Jessica Pierce, LPC, regional director of LP; Katie Rieken, digital LP reviewer,

NOVEMBER–DECEMBER 2020

a regional manager of investigations at Luxottica Retail.

executive VP of retail business development at Hilco Merchant Resources.

Jammel Ward is

Kevin Olynyk is now

Chase Seitz was promoted

manager of LP at Holt Renfrew (Canada).

promoted to senior director of global AP and corporate security, and

LOSSPREVENTIONMEDIA.COM

now a regional AP manager at LVMH. to director of field investigations at Macy’s.

Vanessa Assis was

promoted to head of process control and LP consultant at Multivarejo (Brazil). Christine Piacentini was

promoted to fraud team lead at Myer (Australia). Corey May, LPC, CBCI

was promoted to director of global readiness and business continuity at Nike. Bruce Francis was

promoted to program manager of emergency management, and Corey Hilton and Michael Ebert are now area LP managers at Nordstrom. Howard Brooks is now a

district LP manager at Ollie’s Bargain Outlet. Tom Colman is now a

regional security business partner at One Stop Stores (United Kingdom). Gabriel De Hoyos Villarreal

was promoted to head of security, LP, health, and safety at OXXO (Mexico). Tom Stein, LPC, CFI, CFE is now director

of AP and safety at Paradies Lagardère. Gregory Bleakley, CFI, LPC

is now a regional AP manager at Party City.

Alyssa Wilson is now VP of marketing, and Michelle Sell is now director

of digital marketing at Protos Security.

now a LP investigator at The Real Real. Ranganath KR is now state

lead of security and LP, integrated supply chain, and new commerce at Reliance Retail (India). Donald Schwab was

promoted to manager of investigations and AP analytics at Retail Business Services. Tina Sellers, LPC is now VP of AP, and Michael Cavallo, LPQ is now a regional

AP leader at Rite Aid.

Rosario Rodriguez is now

director of organizational safety and security at Ross Stores. Adam Taylor was promoted

to district AP manager at Roundy’s Supermarkets.

Raul Vera is now director of

AP at Saks Fifth Avenue. corporate investigator at Saks Off 5th. Gabriel Paiva is now

LP and security manager at Samsung Electronics (Brazil).

Dermot Fitzsimons is now

Ian Vernon, CFI is now a

Nicholas Cranfill is

Carlos E. Ortiz is now a

Sharon Costanza Jackson

regional AP investigator at SpartanNash. regional LP manager at Spirit Halloween.

Johnny Mendoza is

Erik Ruiz, CFI is now a

Jason Selkirk, LPQ is now a

manager, partner and AP at Starbucks.

Stop & Shop announced the following promotions and new hires: Mandy Koski, regional VP of operations; Debra Martin, director of store operations; and Ariel Demers, shrink specialist II. Jennifer Kajzer is

now a senior AP director at Target. Joe Rutlidge, MSyl, APCIP was promoted

to group shrink and security partner at Tesco (United Kingdom). Subramanian Kalyanaraman

is now compliance and LP manager at Tim Hortons International (United Arab Emirates). Doug Ronspies and Simon Chadwick (United

Kingdom) were promoted to regional LP managers, and Emily Gaydos, CFI is now distribution center investigator at the TJX Companies. Matthias Balmer was

promoted to director of field LP and safety at PetSmart.

Arcellas Byrd, PPS is now

an area LP investigator at Sephora.

promoted to European central LP operations and communication manager at TJX Europe (Germany).

Lonndon Seely is now

Rodolfo Vitor is now

Catherine Stasiowski was

Bryan Hillman was

leader of LP and safety at Sequoia Logistics Solutions (Brazil).

promoted to senior director of LP and safety at Total Wine & More.

promoted to head of profit protection and safety at Poundland & Dealz (United Kingdom).

Ahmad Manshad was

Darrell Rose is now LP

promoted to head of LP and security at Six Flags (Canada).

officer manager at United Supermarkets.

Tara Nutley is now

Rodrigo Almeidais now

now director of LP and security at Urbn Leaf.

an AP leader with PharmaCann.

Mandy Fitzpatrick was

director of video service at Prosegur USA.

director of LP at Vanilla Sky/Madrad/10Spot. now director of LP at Variety Wholesalers.

is now national account manager at Vector Security Networks. Nick Hoskins was promoted

to regional investigations manager at Verizon Authorized Retailer, TCC. Michael Mainville, CFI and Andy Humphreys

(UK & Ireland) are now regional AP managers at Victoria’s Secret. Fernando Guinzani is now

anti-fraud and wealth intelligence manager at Vivo (Brazil).

Walmart announced the following promotions: Matthew Walsh, director of data analytics, investigative analytics, and intelligence for global investigations; Ketrina Shyti, manager II of finance and accounting global audit; Eric Wachtman, market AP operations lead; and Deanna DeCourcy, LPC, market AP operations lead. Lauren Gale is now a

senior investigator at Wizards of the Coast. James Ishum was

promoted to regional security manager at XPO Logistics. Scott Pethuyne was

promoted to senior manager of industry solutions at Zebra Prescriptive Analytics.

Anthony Vanderhorst is

head of LP at Spani Atacadista (Brazil).

To stay up-to-date on the latest career moves as they happen, sign up for LP Insider, the magazine’s daily e-newsletter, or visit the Professional Development page on the magazine’s website, LossPreventionMedia.com. Information for People on the Move is provided by the Loss Prevention Foundation, Loss Prevention Recruiters, Jennings Executive Recruiting, and readers like you. To inform us of a promotion or new hire, email us at peopleonthemove@LPportal.com.

LP MAGAZINE

NOVEMBER–DECEMBER 2020

ADVERTISERS 7P Solutions.............................................19 7pgps.com AFA......................................... 51, 55, 57, 58 afap.com Appriss Retail............................................2 apprissretail.com Checkpoint.........................................23, 33 checkpointsystems.com/neo ClickIt..........................................................3 clickitinc.com CONTROLTEK.............................................1 controltekusa.com

Subscribe for Free LOSS PREVENTION MAGAZINE

LP Magazine is available free to loss prevention and retail professionals throughout the US and Canada. There’s no excuse for anyone interested in keeping up with the LP industry to not get the magazine. To sign up for a free subscription, go to LPMsubscription.com. It’s simple. Takes only a minute. Or fax the completed form below to 714-226-9733.

International Subscription. LP professionals outside the US and Canada can either read the digital magazine free or receive the print version for $99 per year. Contact circulation@LPportal.com to purchase an international subscription.

❍ Y es, I would like to receive/continue to receive LP Magazine FREE of charge. ❍ No thanks.

receive your e-newsletter FREE of charge.

❍ No thanks.

Cyber Security Summit............................7 cybersummitusa.com

Please fill out completely:

InstaKey....................................................43 instakey.com

Telephone__________________________________________________________________________________

Loss Prevention Foundation....... 9, 25, 53 losspreventionfoundation.org

Email_______________________________________________________________________________________

LP Portal App...........................................45 google play or apple app store

Title________________________________________________________________________________________

LPM Media Group.............................36, 41 lpmmediagroup.com Protos Security........................................75 protossecurity.com/pausewithprotos Sensormatic Solutions...........................76 sensormatic.com siffron........................................................31 siffron.com ThinkLP...............................................42, 55 thinklp.com Total Retail Loss Certificate....................5 lppro.com Wicklander-Zulawski.............................13 w-z.com

Signature___________________________________________________________ Date___________________ Fax________________________________________________________________________________________ First__________________________ Middle______________________Last______________________________ Company___________________________________________________________________________________ Address1___________________________________________________________________________________ Address2___________________________________________________________________________________ City________________________________________________________________________________________

❍ USA ❍ Canada You must answer both questions to receive LP Magazine.

State/Province__________________ Zip/Postal Code____________________ Country 1. What is your company’s primary business? (Check one only) Retail ❍ (A) Department store/mass merchandiser ❍ (B) Discount/wholesale club/outlet/

2. What is the primary focus of your job? (Check one only) Retail Loss Prevention/Security ❍ (10) Corporate/regional/district manager ❍ (11) Store LP manger/investigator/

❍ (C) Specialty apparel/footwear/gifts/

❍ (12) DC/logistics/supply chain

❍ (D) Home center/hardware/appliances/

❍ (19) Other LP manager

❍ (E) Drug store/pharmacy/vitamins ❍ (F) Office supplies/electronics/videos/

Other Retail ❍ (20) Corporate operations/store manager ❍ (21) Finance/HR/legal/IT/training manager ❍ (29) Other retail manager

off-price

jewelry/sporting goods furniture

music/books

❍ (G) Grocery/supermarket/

convenience store

❍ (H) Restaurant/hospitality/

CALENDAR

entertainment

❍ (X) Other retailer_____________________

Due to the many event cancellations and postponements because of the COVID-19 pandemic, we are not listing industry events here. Please go to the magazine website Events page to get the most up-to-date calendar listings. LossPreventionMedia.com/events

❍ Y es, I would also like to receive/continue to

Non-Retail ❍ (N) Consulting/integrator ❍ (P) Product manufacturer ❍ (R) Services/outsourcing ❍ (S) Law enforcement/government/military ❍ (T) Education/library/media ❍ (Z) Other non-retail ________________

NOVEMBER–DECEMBER 2020

associate manager

________________________________

Non-Retail ❍ (30) Vendor executive/owner/

manager

❍ (31) Consultant ❍ (32) Sales/marketing manager ❍ (33) Police officer/active military ❍ (34) Educator/student/librarian ❍ (39) Other non-retail manager

LOSSPREVENTIONMEDIA.COM

________________________________ Fax to 714-226-9733

VENDOR SPONSORS

VENDOR ADVISORY BOARD ADT Commercial Rex Gillette Vice President of Sales

Checkpoint Stuart Rosenthal Vice President Sales

Hanwha Techwin America Jordan Rivchun Retail Solutions & Strategy

Appriss Retail Tom Rittman Vice President, Marketing

ClickIt Inc. Jim Paul Director of Sales

InstaKey Security Systems Cita Doyle, LPQ Vice President, Sales & Marketing

Axis Communications Hedgie Bartol, LPQ Business Development Manager, Retail

ControlTek Kim Scott Director of Marketing

Knightscope Stacy Dean Stephens EVP and Chief Client Officer

Detex Ken Kuehler General Manager

Protos Security Kris Vece, LPQ Vice President of Client Relations

CAP Index Stephen B. Longo Vice President, Strategic Initiatives

LP MAGAZINE

NOVEMBERâ&#x20AC;&#x201C;DECEMBER 2020

Sensormatic Solutions Joan Sparks Director of Marketing, Vertical Leader for Americas Siffron Robb Northrup Director of Marketing Communications & Support Solink Rob Tucker President ThinkLP Rhett Asher Vice President, Strategy

PARTING WORDS

Through It All, There’s Much to Be Thankful For

Jacque Brittain, LPC

his has been a year of change and challenges. Viewed largely as a time when the unexpected became the norm, the first year of the new decade was veiled by loss and uncertainty, mauled by division and civil unrest, and shadowed by a global pandemic that has stolen far too many lives while threatening even more. So while fighting through a tentative era of personal, professional, social, academic, and economic evolution, is this a time when we should be giving thanks? Absolutely. The holidays are a time to celebrate all that we are—and all that we have. It’s a time to recognize what we’ve accomplished and all that we’ve overcome. We face our shortcomings and vow to get better. We remember those we love, accept those we should, honor those we’ve lost, and forgive those we can. We allow others to share with the same courtesy and respect. We remind ourselves that we should be doing all these things throughout the year, even when we don’t. There were difficulties, but there were also positives along the way that all of us can find if we’re willing to look. We praise everything we’re grateful for and try to minimize those things that might stand in the way.

potential consequences. We appreciate the sense of conviction, but we’ll be grateful when they stop being so selfish, start thinking more about others, and decide to do the right thing.

We’re Grateful for the Innovators

No one wants or likes our current circumstances, but while certain challenges remain, necessity is the mother of invention. Through the landslide of change we’ve faced over the past year has come new and innovative approaches to the way we go about our lives and our businesses. Many employees have learned to be effective and productive while working from home. In some ways, technology has helped us take an important step forward. In many ways, through online meetings and other virtual events, we’ve even had the opportunity to become closer to coworkers by being offered a glimpse into their lives and their homes. Brick-and-mortar locations have adapted to customer needs by enhancing safety and sanitization, using curbside services, boosting interactive services and technology, and improving customer efficiencies. Online business and business services have grown in size and importance during this time. With technology increasing efficiencies, shrinking the distance between professionals, some business functions and strategic partnerships have benefitted as well. With all these innovations, some may diminish in importance while others will be with us to stay. We’re grateful for the ideas and the effort.

We’re Grateful for the Fighters

In any given year, every one of us have faced hardships, heartbreaks, and regrets. For many, this year may have been particularly difficult. Many have taken ill, falling victim, but are fighting back to overcome to the virus. We’re grateful for your determination and resilience. We’re grateful for the brave men and women who risk their health and safety for the greater good. Many of us have lost friends and family. Others have lost those closest to them and have the fortitude to honor and respect those they’ve lost, take their next breath, and continue moving forward. For those we’ve lost, we’re grateful for your memory. For those still with us, we’re grateful for your example. Many have faced forced business closures, been furloughed, or lost their jobs. We’re grateful for your courage and fighting spirit. We believe in you and know you’ll land on your feet. Some feel inconvenienced by social distancing and the need to wear a mask. They resist the disruption and ignore the

NOVEMBER–DECEMBER 2020

We’re Grateful for You

This year will be one that most of us won’t soon forget, although there may be certain aspects that we may wish we could. But through it all, we are both proud and grateful for each of you. We’re grateful for the leaders and field generals that give their all to keep our customers, employees, and businesses safe and protected. We’re grateful for the board members, sponsors, and solution providers that make the magazine possible. We’re grateful for our magazine team for bringing it all together. We’re most grateful for our readers for the privilege of providing you with a voice. And we’re grateful that 2021 is knocking on the door—bring it on!

LOSSPREVENTIONMEDIA.COM

Retail Solutions

Loss Prevention | Traffic Insights | Inventory Intelligence

What Makes SuperTag 4 Super? Secure. Smart. Seamless. The Complete SuperTag 4 Family SuperTag 4 is the latest innovation in the SuperTag portfolio, providing our highest level of anti-theft protection to date. Its remarkable design offers increased security to help further reduce shrink in high-value brands and merchandise categories. • • • •

Designed with additional security to help reduce shrink and increase profitability Offers ideal protection for high-value merchandise categories and brands AM/RFID version offers excellent product protection and item-level visibility Helps deliver a more user-friendly, frictionless shopper experience in self-checkout

Visit Sensomatic.com/supertag4 or call us on 800-642-7505 today. Copyright © 2020 Johnson Controls. All rights reserved. SENSORMATIC SOLUTIONS and the product names listed in this document are marks and/or registered marks. Unauthorized use is strictly prohibited.

AD_LPM Magazine_SuperTag4 AD.indd 1

11/13/20 5:34 PM