ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:44 Page 1
INTERNATIONAL
TM
Newsletter
UNITED KINGDOM CHAPTER 208
SUMMER 2013
ASIS NEWSLETTER OF THE YEAR – WINNER 2012, 2008 & 2003 – HONOURABLE MENTION 2011, 2006.
AWARDS, AWARDS, AWARDS! At this year’s Association of Security Consultants Annual Lunch, Don Randall MBE, the ASIS nominee, won the Don Randall and Mike Alexander Notable Person prize in recognition of his “significant overall contribution to the security industry”. For the first time ever, the award was shared (with Baroness Ruth Henig formerly of the SIA). Unfortunately Don was unable to collect his award in person as he was out of the country on business so ASIS UK Dr Peter Speight CSyP became the first person to gain admittance to the Register of Chartered Security Professionals via the ASIS UK route. Peter received his CSyP tie, lapel pin and a kiss (lucky boy) from Sharon Williams CSyP who is the Chapter representative on the Chartered Security Professional Registration Authority. This is very significant because although there are already 15 ASIS members who have achieved CSyP status (about a third of the
Chairman Mike Alexander BEM received the award on his behalf from ASC Chairman Allan Hildage. On his return to the UK we arranged to present Don with his award at the Bank of England. This is the third year in succession that an ASIS member has won the award. L–R, Graham Bassett, Don Randall, Mike Alexander and Mike Hurst. total) Peter is the first to achieve this via ASIS UK, who became the second licensee of the register earlier this year. Most of the ASIS CSyPs also hold the CPP certification, which further demonstrates the value of CPP. If you are interested in becoming a CSyP, please contact the ASIS UK office (info@asis.org.uk) At the Summer Meeting on June 12th the Chapter was presented both with the ASIS Newsletter of the Year award 2012 and an award to celebrate “twenty years of outstanding service to members”.
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:44 Page 2
CHAIRMAN’S NOTES
Chairman’s notes Reporting back from our recent Committee meeting I am extremely proud to announce that your chapter is in good shape. Your chapter committee are working hard, often behind the scenes, but the results demonstrate we are spreading the word about the benefit of ASIS membership and the value of gaining CPP, PSP and PCI certification. Since I took the chair I have had a strategy in my mind and I have strived each year to not only lead the chapter but also to add new attributes and increase our appeal and penetration into membership opportunities within the wider security industry. There are a number of new initiatives in the planning and feasibility stage which line up with this strategy: • Young professionals • Mentoring future security leaders • WiS • Prompting academic, security and business related qualifications. With the possibility of launching a new Security MSc “For Professionals by Professionals”. I am delighted to announce that the June Chapter meeting, hosted at Nomura, thank you Andy, was very well attended with 147 members and guests signed up to attend, followed by the 20th birthday bash. The centrepiece and focal point of the party was a magnificent cake decorated with the ASIS 20th birthday logo and was very tasty. It was truly inspiring to see
past chairmen and senior committee members networking with new members and their guests. Where do we go next as a growing active chapter? Personally I am concentrating on Mike Alexander developing our industry in becoming recognised as more than just a job, but a professional career and the award of the second licence holder for the award of Chartered Security Professional status is a major stride towards making that becoming a reality. Anyone interested in applying for charter status please speak with our representative Sharon Williams CSyP. Finally the outcome from our latest charity event, which raised £20,000, was divided equally between two worthy police charities and cheques of £10,000 each were awarded to representatives from each charity: the Police Dependants’ Trust and the Metropolitan & City Police Orphans Fund. My thanks to all those who contributed both in time and financially. We will be holding another charity event in 2014 and hope to increase the grand total and potentially work together with other organisations to make this the best ever event. Let’s hope the weather improves so we can all enjoy a warm and sunny summer. Mike Alexander, Chairman ASIS UK Chapter
Editorial Team Graham
Helene Carlsson – Assistant Editor Helene has been working in the security industry over 25 years, both as a corporate security manager and as a consultant. She has worked with many different clients specialising in non-IT security, Business Continuity and Crisis Management. Helene has been a member of ASIS since 1989 and on the ASIS 208 committee for over 15 years. She has been actively involved on the Media sub-committee for the same amount of time and is a strong supporter of the chapter and the international edge the ASIS membership provides. Helene is working on the group writing the standard for Asset Protection by Physical Security Measures
Mike Hurst – Editor Mike entered the security industry in 1998 and initially worked in Sales and General Management roles. In 1992 he joined HJA Fire and Security, Recruitment Consultants where he is a Director. He recruits at all levels across a range of security disciplines. He is a Fellow of the Institute of Recruitment Professionals (FRIP) and a Director of The Security Institute. He is a regular contributor to numerous security publications. Mike is Editor of the Newsletter, Webmaster and set up and administers the ASIS 208 Blog. Mike is Chapter 208 Vice Chairman – Strategy.
Graham Bassett – Advertising and Seminar Exhibitors Graham has worked in the security recruitment profession for 20 years and is the founding director of GBRUK a London based recruitment firm. He was the founder Chairman of the BSIA Code of Ethics and was also on the Executive Committee for the REC Association of Executive Recruiters, responsible for standards, member‘s benefits and marketing. Like Mike he is a Fellow of the Institute of Recruitment Professionals (FRIP) and a Member of the Security Institute (MSyI). Graham is an avid supporter of taking ASIS forward within the security profession and welcomes your commercial support of the Chapter. Graham is Chapter 208 Vice Chairman – Operations, responsible for Seminars, Advertising, Exhibitors and Sponsorship.
helene.carlsson@btinternet.com
mike@hja.co.uk
graham@gbruk.com
Helene
2
SUMMER
2013
Mike
www.asis.org.uk
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:44 Page 3
DIARY
Diary of Events 2013 July 4th 12th 19th
Security Institute Dixie Queen BBA Anti-Bribery and Corruption Workshop BBA Addressing International Fraud Risks Briefing
September Be a Speaker at ASIS Europe 2014! Deadline for submission is 8 September 11th ASIS UK Chapter 208 Autumn Meeting 24th–27th 59th ASIS International Seminar and Exhibits, Chicago
October 1st 3rd 17th 17th–18th 21st–22nd 22nd 28th-31st
BRC Retail Crime Conference ASC CONSEC, Solihull SASIG ASIS European Conference Programme Committee meeting, The Hague Total Security Summit, Northampton Security, Risk & Business Continuity Conference, Northampton Security in Challenging Environments week
November 13th–14th 15th 15th 29th
Transport Security Expo ASC Masterclass National Association for Healthcare Security Brunch Briefing, Guys Hospital London ASC House of Lords Dinner
December 3rd–5th 11th
ASIS Asia-Pac Conference, Macau, China ASIS UK Chapter 208 Winter Meeting and AGM
2014
February 16th–18th
5th Middle East Security Conference and Exhibition, Dubai
March 20th
ASIS UK Spring Meeting
April 1st–3rd 29th–30th
13th ASIS European Security Conference and Exhibition, The Hague Counter Terror Expo
May 13th–15th
Security Technology Live
June 14th
ASIS UK Summer Meeting
17th–19th
IFSEC, London
September 11th
www.asis.org.uk
Chairman’s Notes
2
Diary
3
Syria
4
Summer Meeting
6
Absent Friends
7
Pharmaceutical Industry Security Forum
10
Social Media
11
Risk Management vs. Security Innovation
12
BRC Retail Crime and Loss Prevention
13
ASIS European Conference
14
ESSENTIAL INFORMATION JOINT EDITOR – Helene Carlsson (07802 864485). helene.carlsson@btinternet.com JOINT EDITOR – Mike Hurst (0845 644 6893) mike@hja.co.uk ADVERTISING – Graham Bassett (07961 123763); graham@gbruk.com Chapter Executive Officer – Jude Awdry, ASIS UK Chapter 208, PO Box 208, Princes Risborough, HP27 0YR. Tel: 01494 488599; Fax: 01494 488590; info@asis.org.uk MEMBERSHIP ENQUIRIES – Nigel Flower, CPP (01276 684709 nigelflower@msn.com) PUBLISHERS – The 208 Newsletter is published by Chapter 208 of ASIS International. FREQUENCY – The 208 Newsletter is published four times per year, Spring, Summer, Autumn & Winter – please contact the editorial team for deadlines. IN GENERAL – The 208 Newsletter welcomes articles & photographs, but while every care is taken, cannot be held responsible for any loss or damage incurred while in transit or in our possession. Please send all material to the editors. The Newsletter may publish articles in which the views expressed by the author(s) are not necessarily those of ASIS. ISSN N0 – 1350-4045
ASIS UK Autumn Meeting
December 11th
INSIDE THIS ISSUE:
ASIS UK Winter Meeting and AGM
If you know of an event that you feel should feature in our calendar, please contact the editor, Mike Hurst. Mike@hja.co.uk
SUMMER
2013
3
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:44 Page 4
SYRIA
WHY HIZBALLAH’S INVOLVEMENT IN SYRIA MATTERS TIM WILLIAMS In early June rebels in Syria announced that they had withdrawn from al-Qusayr, between Homs and the Lebanese border. The Assad regime supported by several thousand Hizballah fighters had put considerable effort into recapturing the town, which served as a gateway for rebel supplies and personnel coming from Lebanon. Its loss will greatly reduce the rebels’ ability to bring men and materiel into the country from Lebanon but it is the increased contribution of Hizballah to the pro-Assad cause that will reverberate across the region. On 26 May Hizballah’s leader, Hassan Nasrallah, made his first open admission of the movement’s involvement in the civil war. The death of Hizballah fighters in Syria had previously been acknowledged but on this occasion he vowed that his forces would achieve “victory” in Syria. The movement’s more prominent role in the conflict has already driven a significant spike in sectarianism among mainstream communities and institutions throughout the Middle East. The prominent cleric and spiritual leader of the Muslim Brotherhood Yusuf al-Qaradawi has since called for a “jihad” in Syria and accused Iran and Hizballah of supporting Damascus with the goal of “massacring” Sunnis. In doing so he explicitly aligned himself with Saudi clerics, who have typically been more critical of Iranian and Shia influence. He also used sectarian language, for example asking “how could 100
4
SUMMER
2013
million Shia defeat 1.7 billion [Sunnis]”. These comments reflect a significant shift in alQaradawi’s stance since he was previously moderate towards Hizballah and Tehran and avoided sectarianism. Similarly, Egypt’s respected alAzhar Islamic institution, which has taken a moderate view of Iran and Hizballah in the past, issued a statement fiercely criticising the Lebanese group’s involvement in Syria. A senior aide to Egypt’s Brotherhoodbacked President also said that Egyptian authorities will now not take action against people travelling to fight in Syria while Kuwaiti Salafists have begun collecting funds to buy weapons for the rebels. Saudi Arabia’s Chief Mufti (the Kingdom’s most senior cleric) praised alQaradawi’s comments and Salafists in Kuwait are openly collecting money for Sunni fighters in Syria. It will therefore be increasingly easy for jihadists to move funds and militants into the country. Meanwhile, Bahrain is leading Gulf countries in trying to ban Hizballah and prevent their citizens from contacting the group. Indeed, on 2 June the Gulf Cooperation Council met and agreed to take unspecified action against Hizballah members, suggesting that they may increase deportations of Lebanese nationals suspected of being affiliated with the group or place greater restrictions on their visas.
involvement in the civil war, and none more so than Lebanon. The movement’s role in the conflict in Syria is stoking sectarian violence between rival groups throughout the country, from Tripoli in the North to Sidon in the South. In addition, the capture of al-Qusayr by pro-Assad forces led the Free Syrian Army to threaten retaliation against Hizballah inside Lebanon and will also reduce the reluctance of principal Syrian jihadist group, Jabhat al-Nusra (JaN), to carry out attacks there. Prior to Hizballah’s large-scale engagement in al-Qusayr, JaN only targeted border areas in Lebanon to avoid undermining its supporters’ ability to use the country for logistic support and recruitment. Minor groups and individual jihadists had previously conducted attacks in parts of the South, such as Sidon, but there is now an increased risk that larger jihadist factions will do the same. For example, JaN might now
Tim Williams is the Director, Political & Security Risk for
It is, however, those countries neighbouring Syria that are most affected by Hizballah’s
www.asis.org.uk
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:44 Page 5
SYRIA
conduct isolated attacks against Hizballah in Beirut. However, al-Qaeda-linked jihadists such as JaN do not want to be seen as the cause of instability in Lebanon, which they understand would undermine their own support. They are therefore unlikely to launch a major campaign in Lebanon at this stage and will instead focus largely on expanding their support there. This approach would change if Hizballah were to engage in major violence against Lebanese Sunnis, for example by launching several days of operations against Sunni neighbourhoods of Beirut. In such circumstances, al-Qaeda-linked groups would likely draw on
support from global jihadist networks to conduct major attacks inside Lebanon. Israel is also experiencing limited consequences of Hizballah’s involvement in Syria. In late May a rocket was fired from southern Lebanon into Israel. The alQaeda-linked Abdullah Azzam Brigades (AAB) had claimed responsibility for several earlier rocket attacks on Israel and were likely responsible for this action. We believe the attack was an attempt to undermine Hizballah after Nasrallah had claimed that Israel was supporting jihadists in Syria; AAB subsequently challenged Hizballah to fire a single shot into Israel, alleging that it would not
dare to do so. Jihadists may target Israel in this way again if they wish to reiterate this point, although this is unlikely to be a major priority at this stage. The sectarianism that has been fuelled by Hizballah’s engagement in Syria is generating increased support throughout the Middle East for the concept of a religiously justified war against Assad. It is also contributing to the ever expanding influence of jihadists on the ground in Syria. This will accelerate Syria’s development into a major jihadist front – something that will have a lasting and significant impact across the region.
5th Middle East Conference & Exhibition – February 16-18, 2014 Dubai, UAE
www.asis.org.uk
SUMMER
2013
5
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:44 Page 6
SUMMER MEETING
Summer Meeting and 20th Birthday Party
A Brief History of ASIS Chapter 208 Until 1993 ASIS members based in the UK were all members of what was then Chapter 44 , the European Chapter, with its headquarters in Brussels. The British element used to meet in the cinema in the grounds of the American Embassy in Grosvenor Square, the Embassy staff helping us get established. Peter Graysmark pushed HQ to include the word “International” in the name of the organisation and championed the establishment of individual, national chapters and Chapter 208 was born. The Chapter has grown under the successive and successful Chairmanship of Mike Bowles,
the late Mervyn David after who our Chapter award is named, Geoff Whitfield, Bill Wylie CPP, Patricia Knight, Stuart Lowden, Derek Webster, Barrie Millett and Mike Alexander BEM. On the committee constantly since Chapter 44 days is Nigel Flower CPP (who helped prepare this history) with Helene Carlsson not far behind. Helene is of course much, much younger and she joined ASIS when she was only 5 (is that OK Helene?). Stuart Kidd CPP has been a member over 30 years and Angus Watts this year received his 25 year certificate. There have been many notable achievements over the years but hosting the first European Conference in 2001 and the biggest (and best?) in 2012 stand out. ASIS UK remains the largest chapter in Europe and has one of the highest ratios of CPP and PSP. Its members sit on the ASIS European Programme
Committee, ASIS Councils and have made huge contribution to the work on standards, both via ASIS and BSI. Additionally ASIS members have contributed to the work of the SIA, BSIA, IPSA, ASC, Security Institute and many other bodies. In 2012 membership reached almost 800. As the chapter moves forward its goal of promoting professionalism, education, certification, standards and provide networking opportunities remains the same. In fact with the Women in Security, Young Professionals and Mentoring programmes and the Chapter’s Police and Military Liaison activities the reach is widening. Please continue to participate in the life of the Chapter and enjoy the benefits of your membership and please encourage friends and colleagues to join us. Mike Hurst
Mike Bowles, Peter Graysmark, Godfried Hendriks CPP, Stuart Lowden CSyP, Mike Alexander BEM, Derek Webster, Eduard Emde CPP, Graham Bassett, Nigel Flower CPP, Mike Hurst, Peter French MBE CPP.
6
SUMMER
2013
www.asis.org.uk
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:44 Page 7
ABSENT FRIENDS
ABSENT FRIENDS We were delighted that many of the past Chapter Chairmen and ASIS leaders were able to join us to celebrate the 20th anniversary of Chapter 208 but here are a few messages from some of those unable to attend.
I am desperately sorry not to be with you for your 20th birthday celebrations but work, I'm afraid, now my Party is in coalition government, has rather taken over my life! May I wish the Chapter a VERY Happy Birthday and congratulate you all on the amazing achievements you have made within the security industry. Your professionalism and your cutting edge knowledge of how new technology is emerging within your sector is leading the way in securing the safety of this country's infrastructure and I thank you on behalf of everyone - even if they don't really appreciate how vitally important your work is within the totality of our security systems. I know - and security professionals know - that your input is absolutely vital, so keep up the good work and I hope to see you all soon. Have a great party!
Angela (Baroness Angela Harris—Chapter Patron)
Chapter 208 was my first close involvement with the politics of our profession in, I think, 1990, when I became Chapter Secretary after returning from Bahrain, where I had been inveigled into ASIS by one Vasu Dandanyak. Geoff Whitfield was then the Chapter Vice Chairman, and we followed each other through various posts (him ahead of me, as the much older man) and, ultimately, into the creation of The Security Institute. It must never be forgotten that the Security Institute (where, like the Chapter, I have the undeserved honour of being the Chairman and now a Vice President) was the creation of Chapter 208. The two organisations complement and overlap each other, but each is vital to the wellbeing of our business. Never, ever, has the Chapter been better served than under the recent leadership of Mike Alexander, who has given so much to its success. In recent times I have had little opportunity to involve myself in the professional bodies in
London, but on this, the 20th anniversary of our formation, it gives me the very greatest of pleasures to send the Chapter my sincerest and heartiest congratulations on its ongoing success. With best wishes, Bill Wyllie CPP CSyP Former Chapter Chairman
I would like to wish ASIS Chapter 208, yourself and all the members a very happy birthday on Wednesday. I remember very clearly the time when we established the UK Chapter and the subsequent significant influence and support that it has provided for the members of our profession over the years. I am extremely proud and privileged to have been able to play a part in 208’s rise to the prominence it has today. I really enjoyed my time as a committee member, Chairman and latterly as an Honorary Vice President. Good luck and best wishes for the future to you all. Geoff Whitfield Former Chapter Chairman
Anyone for cake? – Former Chairman Patricia Knight does the honour whilst Mike A looks on.
www.asis.org.uk
SUMMER
2013
7
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:44 Page 8
SUMMER MEETING
Angus Watts, receiving his 25 year pin from ASIS Chairman of the Board Eduard Emde CPP
Godfried Hendriks CPP & Mike Hurst
Tony Gauvain from Charity PTSD Resolution
Speaker and Benelux Chapter Chairman Erik De Vries CPP
Dr Peter Speight CSyP
Helene Carlsson and Steve Emmins
8
SUMMER
2013
Jim Mulheron of Colt Technology
www.asis.org.uk
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:45 Page 9
SUMMER MEETING
Mike A presenting the Police Dependants’ Trust with a cheque for £10,000
And another £10,000 to the Metropolitan & City Police Orphans Fund with Crawford Chalmers CPP and Andy Williams CPP.
Host for the day, Nomura’s shy and retiring Andy Williams CPP
www.asis.org.uk www.asis.org.uk
SUMMER
2013
9
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:45 Page 10
SECURITY FORUM
Pharmaceutical Industry Security Forum (PISF) Guy Matthias the pharmaceutical, biopharmaceutical and related industries. More recently that has expanded to include suppliers and customers of those industries, with whom best practice is also shared and wider support for members provided on additional security matters affecting their business.
“Securing the operating base for innovative research and development in the UK”
These objectives are achieved by conferences, meetings, seminars and networking events arranged on a non-for-profit basis.
Background The pharmaceutical industry is the biggest sector investor in R&D in the UK accounting for around 32% of total R&D investment by sector, valued at £4.8bn, about £13m a day in 2011.
Strategy: The strategy of the PISF is based on four cornerstones:
The UK industry has discovered and developed more leading medicines than any other country apart from the USA, and as much as the rest of Europe combined. Some 16% of the world's bestselling drugs were discovered and developed in Britain. In world terms, the UK industry has 9% of pharmaceutical R&D expenditure: only the USA (50%) and Japan (16%) are ahead. The UK is one of the largest European recipients of pharma R&D, accounting for 19% of total. The UK is one of the world's largest exporters of pharmaceuticals by value. Industry exports in 2010 were £22.7 billion and created a trade surplus of £6.1 billion. The PISF facilitates management of threats to the Life Sciences sector. Founded in 1991, for the previous twenty two years it has existed to provide opportunities for exchanges of information regarding security in
10
SUMMER
2013
It has been a successful formula, reflected by a list of sixty current members, for over 20 years.
Industry collaboration to improve the security of people and assets by shared protective security measures, for an industry which generates £6.1 billion* for the UK economy. * UK trade surplus 2011 – HM Revenue & Customs Engagement with UK Government and national authorities to enhance law enforcement and coordination. Supporting Government and industry bodies in raising awareness of threats and encouraging a positive societal response to biopharmaceutical research. Enabling the UK to remain at the forefront of innovative biomedical research. The role Provide opportunities for exchanges of information regarding security in the pharmaceutical, biopharmaceutical and related industries for the benefit and in the interests of individual members, their employers and customers. Partner with other agencies to set
up protocols to share our expertise in a formal way, and in turn through the PISF increase our collective voice on security issues. Protocols allow these agencies to properly involve us more directly in the decision making and information sharing processes. In partnership with other professional security organisations, other Industry sectors government law enforcement agencies and subject matter experts, the PISF is committed to delivering networking opportunities, intelligence/threat-based analysis, best practice and topical “master class” experiences to our member companies, as well as their security experts and professionals from other functions such as Legal, HR, Procurement etc. The group also engages in wider security issues affecting our sector including but not restricted to; product contamination, counterfeiting, supply chain security, liaison with law enforcement agencies, building confidence & business resilience in suppliers and customers. Because of our recognised role within our sector we were invited to and acted as the industry sector lead for the Olympics Cross Sector Security Communications Group in 2012.The over-reaching objective for each industry sector lead (and applicable to all UK Industry and law enforcement sectors) was to meet the challenge of representing all stakeholders within their sector. In our case we represented the wider life sciences and research sector in the Cross Sector Safety and Security Cascade project. I am pleased to report that PISF led the way on full engagement with the CSSC hub. Pre, during, and post Olympics (and para-Olympics), PISF
www.asis.org.uk
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:45 Page 11
SOCIAL MEDIA
reached out via the dissemination cascade system to 861 member and affiliated organisations, with daily updates on a 24/7 basis. We took the lead in establishing a system that worked – efficiently, quietly and without fuss – without a single problem.
We also continue with the on-going strategy to strengthen and formalise important relationships with external partners particularly law enforcement and government. We hold a number of PISF-badged events throughout the year. This year we will be running two Master Classes on ‘Workplace and Personal Security’ in June and ‘Travel Security and High Risk Environments’ in October.
Guy Matthias of PISF. If you have any questions about the UK PISF, or wish to consider applying to join, please do not hesitate to contact us at info@pisf.org.uk
Social Media
We now have a Chapter 208 Twitter account, please follow us at @ASIS_UK Some others you make like to follow. ASIS Tweets @ASIS_Intl @eduardemde – ASIS President Eduard Emde @ASIStweets @ASIS_EMEA @ASISFrance @ASIS_Jobs @ASISWomenSec @ASISRiyadh @ASISYoungProf @CSORoundtable – Head of CSO Roundtable @_MikeHurst ASIS UK Vice Chairman
@ngargan_npia—Chief Executive National Policing Improvement Agency @policesupers—The Police Superintendents’ Association @CSARN_Updates—City Security and Resilience Network @TheSecurityCo @BBCNews @metpoliceuk @Profsecman—Professional Security Magazine @FrankRGardner—BBC Security Correspondent @PoliceFedChair - The Police Federation @1stsecuritynews @ChatbackSy @GetSafeOnline @foreignoffice—Foreign & Commonwealth Office @SIAuk—The Security Industry Authority @securityspeak @TheSecurityLion - Brian Sims, UBM
LinkedIn There are a number of ASIS Groups on LinkedIn including one for the UK Chapter
Others @ISC2 @CEOPUK—Child Expolitation and Online Protection @Cyberchallenge— Cyber Security Challenge @bbw1984—Big Brother Watch @libertyhq—Liberty
www.asis.org.uk
SUMMER
2013
11
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:45 Page 12
RISK MANAGEMENT
Risk Management vs. Security Innovation Mark Vickers Innovating Security Security management is all about ensuring business continuity by managing risks that may be a threat to the continuity of the organisation. Change is usually perceived as a risk because anything new cannot be thought of as ‘proven’. New technologies have therefore been perceived by many within the security industry as a risky business. Both suppliers and buyers have shown a great deal of conservatism when it comes to implementing new ideas, concepts and technology in enterprise security environments. Risk management is about identifying risks and analysing the likelihood of the occurrence and what damaging effects are possible. The last few years have shown an increasing awareness that innovative systems and technology can greatly increase the effectiveness and efficiency of the way we manage risks. It seems that a new generation of industry experts have acknowledged the fact that innovation is not, by definition, related to risk. The introduction of IP-networks in our industry is one example of this perceived trend. However, if we look more critically at recent innovation in our industry, it is apparent that we have not yet witnessed real paradigm shifts: there has not been a major change in the way that we manage risks and ensure continuity by applying security measures and implementing security systems. Security management systems are able to integrate much better with several subsystems, more devices are now connected to IP-networks and the resolution of camera footage has greatly increased. However, until now, technological enhancements have mainly offered us efficiency benefits, but they have
12
SUMMER
2013
not forced us to change the way we think about security and the way we equip our buildings. The internet has irrevocably changed the way we interconnect and communicate on a global scale. Google has changed the way we search for information in our private and professional lives. Mobile phones and e-mail have significantly changed the way we communicate with colleagues and friends. Since the introduction of RFID badges and the first ‘modern’ security systems, our industry has not really witnessed anything equivalent to the examples of paradigm shifts provided here. Is there really no opportunity in our industry to greatly increase the quality of what we do? Is there really no need to change the way we approach security? Let’s review some recent and some expected technological developments that will potentially change the way we deal with security in our own organisations. The IT industry Let’s compare the security industry to the ICT industry. In the early eighties in the world of ICT if you needed to edit a text, you would use a text editing terminal; if you wanted to perform some calculations, you would use a calculator, and if you were trying to store lots of data, you would utilize a mainframe with a terminal. Nowadays, we use computer systems that all have a similar architectural design and that are able to host a common operating system, like Microsoft Windows, Apple Macintosh or Linux. Input devices (keyboard, mouse) are connected to a box with motherboard and processor. The intelligence in this box generates output that is shown on screen or on paper. By installing software on our computer, we acquire the
functionality that we need. Microsoft provides us with Word to do text editing, Excel to perform calculations and Access to store information in a relational database. And if we prefer those types of software packages from another vendor, then numerous alternatives are available for installation on our personal computer. In the “dark ages of security” we were confronted with a similar architecture to IT systems in the eighties. Boxes (controllers) with input devices and output devices for different kinds of purposes were available. Intrusion detection (boxes with infrared detectors), access control (boxes with badge readers), intercom (boxes with communication devices) and all kinds of lighting and HVAC systems (boxes with switches) were spread across our buildings. Frequently, each of these collections of boxes was supplied, maintained and supported by one specific supplier, usually the manufacturer of that system. The sad thing about this ‘history’ is that it is unfortunately still the reality of today. Unlike the IT industry, the security industry has never really witnessed a significant paradigm shift that was initiated by technological innovation. And while the IT industry is getting to grips with yet another paradigm shift (towards service oriented architectures), we find the security industry is still debating the added value of IP-networks. Wouldn’t it make sense to equip our buildings with generic hardware devices that were all interconnected through an IP network and that are able to run software? Your organisation would be able to install any system that it would need: Access control, intrusion detection, CCTV etc.
www.asis.org.uk
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:45 Page 13
RETAIL CRIME
This would only require the installation and configuration of software and attached devices. You would reduce costs related to the installation of dedicated cabling, and integrating installed systems would be much easier. Your security architecture would be easily expandable into new areas if new or improved software became available. Additionally, you can expect new software and functional to become available more often when companies freely turn new ideas into reality without having to worry about the hardware related details (such as the processor or memory access mechanisms). A standardised network, with
standardised application protocols, generic hardware and software based functionality: an interesting mix of ingredients that might enable new ways of thinking in our security industry. But if there is no cause, then no effect is to be expected. Significant change never occurs without reason. To run a project successfully, you will need a business case that appeals and makes sense to decision makers and influencers. We can ask ourselves the question: what will actually cause the security industry to change and to embrace the architecture we have just proposed?
Paul Scauzillo with two English “Bobbies” We are an International organisation and members are always willing to help as shown when Paul Scauzillo, who is in Chapter 40 in Southern California (and is a former Chapter Chairman), came over to visit London in April with his son, both sport fanatics. Paul saw many sights during his visit, to include the FA Cup government to hear the latest developments and strategies on tackling retail crime. KEY THEMES: • Reviewing the current state of retail crime • Developing a business crime strategy
BRC Retail Crime and Loss Prevention 2013 1st October – America Square Conference Centre, London ASIS UK is once again supporting The BRC Crime and Loss Prevention Conference is an essential learning and networking forum that brings together retail crime and loss prevention professionals, law enforcement agencies and
www.asis.org.uk
• Case studies: How retail is supporting local police and partnerships • Debate: Representatives from the police, partnerships and retail discuss developments to date and future action for tackling business crime • Combatting online and organised crime together • Horizon scanning – future threats and challenges for retail loss prevention
Mark Vickers is Channel and Marketing BDM for Nedap. For more information please visit www.nedap-securitymanagement.com or email mark.vickers@nedap.com
Final, Arsenal and West Ham game, Lords cricket ground, he was also in London during Margaret Thatcher’s funeral. Graham Bassett, our Vice Chairman, was in touch with Paul before his visit and was able to offer some travel advice and local knowledge. If anyone is visiting southern California Paul would be most happy to reciprocate. 2013 SPEAKERS INCLUDE: Colin Culleton, Group Security Manager, Next Julie Davies OBE, Business Crime Manager and Lead, Stoke On Trent Business Crime Reduction Partnership, PABCIS Jon Eyers, Head of Security, TJX Europe Professor Martin Gill, Director, Perpetuity Research and Consultancy International Michael Phipps, Head of Loss Prevention, Wilkinson Hardware Stores Roy Smith, Business Crime and Partnerships Manager, Metropolitan Police Phillip Willsmer, Director of Group Risk Services, The Co-operative Group For details of the full programme and speaker line-up, visit www.retailcrimeconference.com
SUMMER
2013
13
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:45 Page 14
EUROPEAN CONFERENCE
ASIS European Conference – A Personal Review Over 50 UK Chapter members attended the Gothenburg event in April and enjoyed some fabulous hospitality from our Swedish hosts and benefitted from some great speakers and networking opportunities. After the Volunteer Leaders Meeting at which your two Vice Chairmen spoke, there was an informal networking drink at which the new ASIS International Chairman, Geoff Craighead, spoke. Following this welcome drink Graham Bassett and I had organised a small get together for the Brits and a few selected European colleagues.
We chose a typically Swedish venue, John Scott’s Pub, which served a very passable Fish and Chips. In fact it was so good we and a few felt obliged to return there with a few hardy souls (you know who you are) on the Monday night after the President’s Reception, at the ornate and impressive City Hall, hosted by the Mayor of Gothenburg Anneli Hulthén. It may seem that this was all about eating and drinking, but I cannot stress enough the great educational and networking opportunities that these conferences offer and I heartily recommend that members try to
attend one in the future: all the ASIS International events are listed on page three. The next European Conference is in The Hague so why not stick it in your diary and meet us out there. Graham and I will be attending the Programme Committee meeting in October and checking out the city on behalf of the UK membership: apparently the Indonesian restaurants are to be recommended. I hope you all appreciate the sacrifices we make for you! Mike
Michael Gipps ASIS CSO Roundtable with James Butler from sponsors SMR
14
SUMMER
2013
www.asis.org.uk
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:45 Page 15
EUROPEAN CONFERENCE
An important Swedish person on a horse
www.asis.org.uk
Education VP Susan Melnicove
SUMMER
2013
15
ASIS Jul13__ASIS_RiskUK_jul13 02/07/2013 14:45 Page 16
Why choose an ASIS certification? ASIS was the first organization to offer a credential specifically for security managers, and our program remains the global standard. Developed by practitioners for practitioners, ASIS certifications provide you with a technical and financial edge.
Our credentials: Keep you up-to-date. ASIS continually conducts in-depth studies to ensure our credentials reflect the current skills, knowledge, and best practices you need to succeed. Encourage professional growth. You never have to worry about an ASIS certification becoming obsolete. Our recertification requirements ensure you earn continuing professional education (CPE) credits, which encourages you to continually develop your skills and stay current as the profession changes. Help you get ahead. ASIS certification offers financial benefits — the annual Security Management Salary Survey consistently shows that certification positively impacts security manager salaries — and helps you stand out and better market yourself to prospective employers. Validate your skill set. ASIS board certification means more than an enhanced title, more than the credentials after your name. Our certifications provide objective evidence that you possess substantial relevant experience, as well as demonstrated and tested competence. Enjoy worldwide recognition. Backed by the largest association for security management professionals, ASIS board certifications adhere to rigorous professional standards. Unlike many certificate programs on the market today, ASIS credentials have been awarded the ANSI/ISO 17024 designation — signifying the ASIS global certification process is conducted in a consistent, comparable, and reliable manner, which includes demanding quality reviews.
To learn about CPP, PCI, or PSP in the UK please contact info@asis.org.uk www.asisonline.org/certification