Cover aug13_Layout 1 02/08/2013 14:47 Page 1
August 2013
Risk management, loss prevention and business continuity
The changing UK terror landscape The diverse issues facing food processors Is the Cloud resilient enough for business? Essential news for risk mitigation professionals
Project1_Layout 1 05/08/2013 11:17 Page 1
What do you see?
Customer or thief?
Volkswagen & Audi car dealerships see both.
See for yourself. www.xtralis.com/IntrusionTrace
Copyright Š 2013 Xtralis Pty. Ltd. All rights reserved. Xtralis and the Xtralis logo are registered trademarks of Xtralis.
comment_riskuk_Dec12 06/08/2013 11:11 Page 1
Comment
Editorial Comment he Private Security Industry Act has been with us now for over a decade, and whilst many see the benefits in introducing licensing to the private security industry, others feel that the structure did not go far enough when it came to ensuring that those carrying a licence are actually proficient in the roles they are licensed to carry out. It is true that training is a required part of obtaining a licence, but the requirement is only for a very basic level. There are a number of training providers, including some that offer a guarantee of achieving the required level. There are a wide range of tasks covered by the need for an SIA licence. These include manned guarding (including security guards, door supervisors, cash-in-transit operatives, CCTV monitoring and close protection), key holding and parking enforcement and immobilisation (wheel clamping). Each has different training requirements, but the courses for all aren’t what you would call in-depth. That said, professional firms generally tend to ensure that additional training and support is in place, and many also subscribe to additional inspection regimes or other bodies designed to enhance and improve standards. It could be argued that because most of the tasks require a pool of personnel, other assets such as vehicles, communications links and operational equipment, there is a greater likelihood of spotting those companies which are doing the bare minimum to achieve their SIA licences. However, from 2014, a new element of the ‘private security industry’ is to fall under the SIA licensing regime: private investigators. Currently such businesses have no requirement for licensing, but steps have been taken to bring them into line with the other elements of the ‘manned’ part of the industry. The announcement was made by Home Secretary Theresa May on 31 July 2013. She stated, ‘It is vital we have proper regulation of private investigators to ensure rigorous standards in this sector and the respect of individuals’ rights to privacy.
T
The news that private investigators will be required to obtain an SIA licence under the Private Security Industry Act will be welcomed by many. However, the news coincides with moves to change the regulation process away from the SIA into a private initiative. For some, the question has to be whether investigative services need more than a basic licence scheme. ‘That is why I am announcing today the Government’s intention to regulate this industry, making it a criminal offence to operate as a private investigator without a licence. ‘Anyone with a criminal conviction for data protection offences can expect to have their application for a licence refused.’ The licences for private investigators will be granted when an applicant has completed training and achieved a government-recognised qualification, which includes understanding of relevant laws and standards, and the skills required to conduct activities ethically, as well as confirmed their identity and undergoing a criminality check. It could be argued – and should indeed be argued – that the competency-based training for a private investigator cannot be a two or three day course if this licensing is to be considered credible or realistic. There is far too much involved, including the rights of individuals and businesses that might be investigated in return for payment from a third party. The Select Committee looking at the role of private investigators rejected the need for a separate licensing regime, and for a Code of Conduct, instead citing the SIA – an organisation currently in flux – as the best placed to handle such licensing. It’s not that the SIA will handle the licensing which is of concern; it’s that with scant training and an ability to evade arrest for a criminal offence, anyone might become a licenced private investigator! Pete Conway Editor – Risk UK
It’s not that the SIA will handle the licensing which is of concern; it’s that with scant training and an ability to evade arrest for a criminal offence, anyone might become a licenced – and therefore seemingly credible – private investigator! December 2012
3
www.risk-uk.com
contents_riskuk_Dec12 06/08/2013 11:15 Page 2
Evacuate everyone
Sonos Pulse EN54-23 Fire Beacons In a fire, everyone matters. Sonos Pulse fire beacons and sounder beacons ensure that all personnel are notified of fire emergencies. With Pulse Alert Technology, buildings are evacuated quicker, evacuation requirements are unambiguous and everyone is made to feel safe and secure. Visit our new dedicated fire website for more information: www.klaxonsignals.com/fire
Signalling Solutions
contents_riskuk_Dec12 06/08/2013 11:16 Page 3
August 2013 Signalling Solutions
Sonos Pulse Ceiling EN54-23 Coverage: C-3-15
Contents 3 Comment The news that operating as a private investigator without a licence will be a criminal act does raise questions as to whether the licensing regime is robust enough.
6 News News stories relevant to risk management professionals
14 The Importance of Reporting
Sonos Pulse Wall EN54-23 Coverage: W-3.1-11.3
Businesses have an obligation to report certain incidents and accidents. However, a policy of accurate incident logging and management can deliver a host of benefits. Risk UK considers the reasons for accurate reporting.
18 Controlling the Processes The food processing industry faces a diverse set of challenges, which are generally unrelated. However, one solution could offer a range of mitigation options.
25 The Changing Terror Landscape The publication of David Anderson QC’s annual report on the Terrorism Act highlights how the terror landscape in the UK is evolving.
29 Blue Sky Thinking? The ‘Cloud’ has become somewhat ubiquitous in the consumer world, but does it deliver enough resilience to be considered as a valid tool for businesses and organisations?
FEATURING:
35 Cyber and Data News News of interest to data security professionals
38 Next Issue Risk UK looks ahead to the September 2013 issue
39 Risk UK Directory ŕ EN54-23 compliant beacon technology ŕ Wall and ceiling mount light orientations ŕ Wide coverage pattern - one device can protect most rooms ŕ 20mA beacon current @ 0.5Hz flash rate
ISSN 1740-3480 Risk UK is published 12 times a year and is aimed at risk management, loss prevention and business continuity professionals within the UK’s largest commercial organisations. © Pro-Activ Publications Ltd, 2013 All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without the written permission of the publisher. The views expressed in Risk UK are not necessarily those of the publishers.
Risk UK is currently available for an annual subscription rate of £78.00 (UK only)
Editor Pete Conway Tel: 0208 295 8303 E-mail: pete.conway@risk-uk.com Design & Production Matt Jarvis Tel: 0208 295 8310 Fax: 0870 4292015 E-mail: matt.jarvis@proactivpubs.co.uk Advertisement Director Paul Amura Tel: 0208 295 8307 Fax: 0208 295 1919 E-mail: paul.amura@proactivpubs.co.uk Administration Tracey Beale Tel: 0208 295 8306 Fax: 0208 295 1919 E-mail: tracey.beale@proactivpubs.co.uk Managing Director Mark Quittenton
RISK UK PO Box 332, Dartford DA1 9FF
Tel: +44 (0)1706 233879 www.klaxonsignals.com/fire
Chairman Larry O’Leary
Editorial: 0208 295 8303 Advertising: 0208 295 8307
5 www.risk-uk.com
news aug13_riskuk_aug13 06/08/2013 11:35 Page 2
Asis confirms first CSyP The ASIS UK Chapter held its Summer Meeting which was attended by 147 members and guests. During the event, Dr Peter Speight CSyP became the first person to gain admittance to the Register of Chartered Security Professionals via the ASIS UK route. He received the recognition from Sharon Williams CSyP, who is the Chapter representative on the Chartered Security Professional Registration Authority. Although there are 15 ASIS members who have achieved CSyP status, Speight is the first to achieve this via ASIS UK, who became the second licensee of the register earlier this year. Most of the ASIS CSyPs also hold CPP certification.
Ex-BRC crime advisor joins NBCS Catherine Bowen has been appointed as Policy and Stakeholder Director for the retail strand of the National Business Crime Solution (NBCS). She will be responsible for raising the profile of the NBCS with key retail stakeholders across the law enforcement community, as well as highlighting the benefits of membership to the wider business community. The NBCS helps businesses tackle crime through centralised and collective data sharing. Employing police analysts, using the wealth of intelligence including CCTV and ANPR held by businesses, and linking with law enforcement agencies such as GAIN (Government Agency Intelligence Network), a direct feed of business intelligence is fed to the police via the National Business Crime Intelligence Bureau. With a background in law enforcement and having spent the last six years working at the British Retail Consortium, Bowen has worked with a range of retail outlets from small independent stores to large multiples. Drawing on business crime issues raised by these retailers, she has petitioned the Government and the senior law enforcement community to establish a strategy for tackling business crime. Bowen stated, ‘The National Business Crime Solution is the most effective option for businesses wanting to take measures against retail crime. I have built my career around advising on business crime and I look forward to helping expand the reach of the NBCS with the ultimate objective of driving down business crime.’
6
www.risk-uk.com
News Hertel Offshore achieves ISO29001 certification Hertel’s Offshore Division has demonstrated their commitment to providing quality products and services to the oil and gas industry by achieving ISO29001 accreditation. The certification has been developed to provide global consistency and improved assurance in the supply quality of goods and services and place emphasis on those issues which are important to the oil and gas industry. The certification process assesses whether a company’s processes and practices are meeting strictly defined international benchmarks for quality of service. In order to qualify Hertel underwent a series of audits assessing its full quality management system. Richard Byrne, Head of Health, Safety and Quality at Hertel, stated, ‘I am delighted that Hertel has succeeded in the achievement of this important accreditation as it demonstrates its unrelenting focus on providing customers with the highest quality products and services.’
FIM Expo scheduled for Scotland The Fire Industry Manufacturers (FIM) Expo is due to take place at Murrayfield Rugby Stadium, Edinburgh. The expo, scheduled for 25 September 2013, is the third event since its inception in 2012. Organised by the Fire Industry Association (FIA), FIM Expo features many of the UK’s fire detection and alarm manufacturers and focuses on showcasing the latest products and developments in this sector. The expo is a road-show style event that provides an intimate forum for networking as well as finding out what’s new in fire detection. It features approximately 25 exhibitors, and is open from 10.00 to 17.00.
news aug13_riskuk_aug13 06/08/2013 11:35 Page 3
News
Safety triangle essential for workplace operations It has been claimed that 15 per cent of all workplace injuries come from the manufacturing industry, with a large number of these involving equipment such as pallet trucks, manual stacker trucks and aerial work platforms. The economic climate is dire enough for businesses, without the prospect of them facing a large insurance pay-out because of negligence. There are three main things that businesses can do in order to ensure they have fulfilled their obligations should a potential accident or injury case arise. They must perform in-depth risk assessments, conduct regular and thorough maintenance and train their staff to operate the relevant equipment. All equipment used in the workplace, whether it is a step ladder or an aerial lift platform, should have a comprehensive risk assessment carried out before it can be used. This assessment helps to evaluate the risks that employees will face, and encourages the employer conducting the assessment to take the necessary precautions. Carrying out a detailed risk assessment also provides employers with a written record of their evaluation, which could potentially be used as evidence in any insurance claim. Workers should also be encouraged to risk assess and document issues; if they come into contact with a hazardous substance or a faulty piece of equipment, it should be reported. Following on from the risk assessment element, all employees and employers should be well versed in the art of maintenance. Keeping equipment in prime condition is paramount to safe operations throughout the workplace. Regular inspections and checks should be carried out. Basic checks should be performed daily by those who will operate machinery or equipment, with more thorough checks on a weekly basis carried out by senior staff members. Training is pivotal; if those operating equipment are not adequately trained in all areas of health and safety, there is a higher chance that accidents and injuries could occur around the workplace.
ISM appoints Pye PSIM and intercom systems manufacturer ISM has appointed Geoffrey Pye as General Manager. Pye will head up the ISM team, reporting to the Board, with a remit to achieve bold but attainable growth targets in the next five years. Underpinning the targeted 100 per cent growth is an expansion into export markets. The manufacturer claims that PSIM systems carry huge growth predictions. In the last three months the company states it has appointed three new partners in America to provide technical support and back-up. The drive for export growth will be matched by a parallel strategy for the UK.
Panasonic acquires Cameramanager Panasonic has announced the acquisition of Cameramanager.com, a provider of Video Surveillance as-a-Service (VSaaS) in Europe. The acquisition of the cloud-based company sees Panasonic looking to extend its cloudbased solutions to the business and consumer markets. As part of the acquisition, the Cameramanager.com team will join Panasonic Europe. Laurent Abadie, Chairman and CEO of Panasonic Europe, stated, ‘This acquisition is an important strategic step towards enhancing our smart and connected services offering in the European and CIS market. With Cameramanager.com’s bespoke software and cloud-based solutions complementing our existing security business, we will be able to significantly enhance our presence in this space, by bringing together technical know-how and software skills, equipping us with the necessary assets to respond to future demands in cloud services.’ The service is offered on a subscription basis, and will continue to support devices from other manufacturers to deliver an open platform approach.
7
www.risk-uk.com
news aug13_riskuk_aug13 06/08/2013 11:36 Page 4
News
Tyco to acquire Exacq Technologies
SSAIB awards fire risk assessment certificate SSAIB, a fire, security and telecare certification body for organisations, has awarded a certificate to Beacon Fire Safety under its BAFE SP205 UKAS-accredited scheme. SSAIB recently introduced the SP205 scheme to enable anyone who is required by law to carry out a fire risk assessment of a premises - and who employs a specialist third party company to provide this - to demonstrate that they’ve taken the necessary reasonable steps to comply with their legal obligations and requirements under fire safety legislation.
Law At Work makes health and safety appointment Health and safety and employment law specialist, Law At Work (LAW), has appointed a new head to manage its health and safety division. Steve Ashton joins the consultancy from SSE (Scottish and Southern Energy), where he most recently managed the provision of the SHE (safety, health, environment) support on the Beauly to Denny power line, one of the largest engineering projects in Scotland. He brings over three decades of experience in the profession to the role, and has worked both as an in-house professional and consultant in a variety of sectors, including science, engineering, local authority, health, leisure, food and construction. Ashton will be responsible for developing LAW’s growing health and safety division, LAWSafe, sharing his expertise and knowledge with the consultancy’s staff and clients. Jane Wright, chief executive of Law At Work, stated, ‘The demand for our health and safety services has grown rapidly since we expanded our core product and service provision in April last year, as more organisations opt to stay safe and legal. Our clients come to us for the practical, expert advice and Steve’s wealth of hands-on experience will enable us to continue to extend this area of the business and the markets we serve.’ Throughout his career, Ashton has provided health and safety audit, advice, support and training services to a range of organisations, including BP, Scottish Power, Network Rail, UKAEA, Scottish Water and World Bank.
8
www.risk-uk.com
Tyco has announced an agreement to acquire Exacq Technologies, a developer of open architecture video management systems, for $150 million in cash. The acquisition is expected to complement Tyco’s video technology portfolio while strengthening its presence in the video security market. Exacq offers solutions that scale from small single camera applications to large, integrated systems with thousands of cameras. The business is expected to generate annualised revenues in the fiscal year 2014 of approximately $75 million. Following the acquisition, the company intends to integrate Exacq into its Tyco Security Products business unit. The transaction is expected to close later this year and is subject to customary closing conditions.
Petrotechnics appointment to drive international growth Petrotechnics, the provider of software solutions to improve frontline operational performance and risk management in hazardous industries, has appointed David Bleackely as Vice President of Sales. He joins from Aspentech where he was most recently senior sales director of global accounts, responsible for managing global account directors and strategic account managers. Bleackely will focus on accelerating the company’s global presence in new and existing geographies, along with managing the roll-out of its enterprise operational performance and predictive risk software platform. Phil Murray, CEO of Petrotechnics, stated, ‘David brings an energy and passion for helping clients solve their critical business problems. His widely respected sales experience and leadership adds tremendous value to our company and to our customers. He has a strong track record of global sales management and execution, driving marketleading growth and category leadership.’
Project1_Layout 1 05/08/2013 11:16 Page 1
Gartner Security & Risk Management Summit 2013 18 - 19 September, 2013 | London, UK | gartner.com/eu/risk
Reset Your World: CISOs and Chief Risk Officers are the new business leaders
Find out more by visiting gartner.com/eu/risk
HOT TOPICS: 4VIPSL ZLJ\YP[` *SV\K JVTW\[PUN HUK ZLJ\YP[` *`ILY ZLJ\YP[` >LI HWWSPJH[PVU ZLJ\YP[` )\ZPULZZ JVU[PU\P[` HUK KPZHZ[LY YLJV]LY` BYOD *VTWSPHUJL YLN\SH[PVU 9PZR THUHNLTLU[
news aug13_riskuk_aug13 06/08/2013 11:36 Page 6
News
Portal service for lone workers
The Security Institute signs MoU with Dubai Police The Security Institute has signed a memorandum of understanding (MoU) with the Dubai Police that outlines the intention of both parties to work together to enhance the status and perception of the security management profession. This collaboration is part of The Security Institute’s commitment to developing and promoting the highest standards of training, education and best practice throughout the security sector. As a result, it has seen significant interest in its activities throughout the countries that comprise the Gulf Cooperation Council (GCC), which incudes UAE, Bahrain, Kuwait, Oman, Qatar and Saudi Arabia. ‘GCC countries have well established and highly professional security sectors and we have a growing membership in this region as well as many Syl members who regularly travel to the EMEA region on business. Therefore, forging closer ties with the Dubai Police makes perfect sense,’ stated Emma Shaw, Chairman of The Security Institute. A co-hosted networking event took place earlier this year at the Dubai Police Academy, where members of The Security Institute and the Dubai Police were joined by a number of the region’s security professionals. As well as further networking events, plans are underway for a series of training and skills development focused seminars.
10
www.risk-uk.com
Skyguard has launched a Customer Service Centre (CSC) account management portal, providing clients with a range of tools to help protect lone worker employees. The CSC allows clients to manage their accounts, user’s personal information, escalation procedures and service features in real-time. Version 2.0 of the CSC includes over 100 new features and improvements, including a user-friendly front-end and new reports, which can now be scheduled for export to email addresses at regular intervals. Other features include Google Map functionality, a breadcrumb trail of user movement, wizard for easy account creation, online support, drag-and-drop functionality, personal safety device configuration changes, post incident reports and sharing of devices. The CSC portal can be accessed via any web browser from any PC, without the need for installing software. Unlimited use of the CSC is inclusive in the monthly subscription.
Research highlights need for sanitisers The need for hand sanitisers in the workplace has been highlighted after research revealed a quarter of people in the UK have faecal bacteria on their hands! The research carried out by hygiene experts from Queen Mary, University of London and the London School of Hygiene and Tropical Medicine found faecal bacteria on 26 per cent of hands, 14 per cent of banknotes and 10 per cent of credit cards in the UK. They also discovered that 11 per cent of hands are so contaminated they carry as many germs as a dirty toilet. According to the UN, hand washing is the most cost-effective intervention to prevent the spread of disease. Even during the London Olympics the Team GB athletes were warned not to shake hands during the games to prevent spreading germs and bugs on hands that could hinder their chances of success. Many people don’t wash their hands properly. The use of water alone isn’t adequate. Soap should always be used, the backs of the hands are as important as the fronts, and it’s vital that they are thoroughly dried. It must be remembered that germs can thrive on cloth towels.” Most workplaces recognise that poor hygiene spreads infections and increases employee absence levels and take steps to tackle the problem. This usually requires provision of high quality hand washing facilities as well as hand gels. Signs in bathrooms reminding people about the importance of washing their hands are also proven to increase hygiene.
Project1_Layout 1 01/08/2013 12:10 Page 1
The choice just became simple...
Longer Range Longer Battery Life More Locks per Hub
Introducing the
pro eLock T: E: W:
+353 1 466 2570 sales@accesscontrol.ie accesscontrol.ie
news aug13_riskuk_aug13 06/08/2013 11:38 Page 7
News
Switch approach to tackle skimming
Piracy still an issue Somali pirates are biding their time, a maritime security briefing has been told. Mary Harper, BBC Africa Editor, who has reported widely on events in the region, stated that Somali pirates are ‘sleeping’, and have not gone away. Growing political instability in Somalia and increasing global demands on national navies will continue to be the major contributing factors to on-going piracy activity in the medium-longer term, according to independent experts speaking at the security briefing in Hamburg for representatives from the shipping and maritime industries. Harper added, ‘The threat from pirates, which over the last few years has seen a number of major vessels seized, remains latent. Somali pirates are waiting for the west to relax its guard. If shipping organisations become complacent, it is likely the pirates will strike again. Somalia is becoming more politically fragmented with many different groups seeking to gain dominance over their area, which potentially creates a favourable environment for piracy.’ The event was organised by GoAGT, and its Chairman Admiral Philip Wilcocks said, ‘Growth in world economic output since the 1990s has driven an exponential expansion in maritime trade and this trend is set to continue. However, the main issue is that piracy in the Indian Ocean has not been eradicated, it has just been suppressed. Furthermore, economic pressures and wider global commitments may well constrain the world’s navies from their ability to sustain a significant presence in anti-piracy operations in this region.’
The potential fraud problems of data, money and identity theft from the use of RFID for Near Field Communications (NFC) in contactless access control, passports and credit cards has been well highlighted. Known as skimming, thieves can use easily available electronics or a smartphone to read the data on such devices without the user being aware of the attack. These contactless devices work by being waved over a reader and data is exchanged between the reader and the device. The problem comes from the fact that the devices are always on and ready to interact, even when in a wallet or bag. Peratech has developed a solution that overcomes this by incorporating an ultrathin switch into the credit card or other credential, so that it is always off unless the owner is actually pressing the switch to activate the device. This ensures that the owner has full control of when the data is accessed and by whom. ‘We could see that NFC had this fundamental flaw,’ stated David Lussey, Peratech’s CTO. ‘A number of card companies are now deploying contactless credit cards without protection that can have their details skimmed and used fraudulently so we expect problems to start becoming widespread.’ Peratech makes a very thin, pressuresensitive switch using Quantum Tunnelling Composites (QTCs) technology. This acts as an on/off switch in the circuitry of the device and is robust enough to be laminated into the credentials during manufacture. Only when the switch is deliberately activated by the owner will the device become active, and it immediately turns off when the pressure is removed.
NSI achieves 300 BAFE registrations NSI has announced that it has 300 BAFE Scheme registrations. NSI is licensed by BAFE to deliver a range of its fire-related third party certification schemes, including Fire Detection and Alarms (SP203-1), Fixed Gaseous Fire Suppression Systems (SP203-3), Emergency Lighting (SP203-4), Contract Maintenance of Portable Fire Extinguishers (SP101) and Life Safety Fire Risk Assessment (SP205). Organisations seeking BAFE registration are required to be independently audited through a UKAS-approved certification body such as NSI or SSAIB.
12
www.risk-uk.com
Project1_Layout 1 05/08/2013 11:24 Page 1
Memories. iFly Singapore, the world’s largest indoor skydiving simulator,
uses Milestone XProtect® Enterprise surveillance software to monitor park grounds and give visitors a lasting memory. Flying at speeds of up to 186 miles per hour, the software records each skydiver’s Ų¿½¾Ê ·Äº ¿Ä¼ÅÈ÷ʿÅÄ ËɿĽ ·º¿Å È»ÇË»Ä¹Ï º»ÄÊ¿Ű¹·Ê¿ÅÄ ƺ ƻƔ ¼Ê»È ʾ»¿È Ų¿½¾ÊƑ · Ì¿º»Å ÉÅËÌ»Ä¿È ¾»ÂÆÉ visitors relive all of the adrenaline-fueled moments. Proving again that XProtect is more than security.
Milestone XProtect® is the world’s leading IP video surveillance management software and is reliable, future proof and easy to use.
Ê ÉËÆÆÅÈÊÉ Ê¾» Í¿º»ÉÊ ¹¾Å¿¹» ¿Ä ¹·Ã»È·É ·Äº É»·Ã»ÉÉÂÏ ¿ÄÊ»½È·Ê»É Ϳʾ ¸ËÉ¿Ä»ÉÉ ·Äº É»¹ËÈ¿ÊÏ ÉÅÂËÊ¿ÅÄÉ É˹¾ ·É Ɣ ¾¿¹¾ û·ÄÉ ÏÅËÈ possibilities are unlimited and you can keep your security options open. See our new products and the new ways to use XProtect at: www.milestonesys.com
Milestone Systems UK »ÂƓ ̊ʻʻ ƺʷƻ ʸʺʺʹ ʿʽˀʺʿʷ
incident aug13_riskuk_aug13 06/08/2013 11:22 Page 2
Incident Reporting A cornerstone of risk mitigation is the ability to consider situational information, apply it to various risk analysis models, and to take important action as and when required. Of course, such an approach is dependent upon two things. The first is that appropriate and accurate reporting takes place, and the second is that the reporting is properly analysed and acted upon. Risk UK, with the help of Andrew Bennett of Eversheds, considers the arguments for correct incident reporting and auditing.
Andrew Bennett is a Solicitor in Eversheds’ Health and Safety and Environment Team.
14
www.risk-uk.com
n the history of health and safety law, it can often be seen that a number of major disasters may well have been avoided had there been effective auditing and reporting of health and safety issues and warning signs relating to safety concerns. It is tragic and depressing when preventable incidents happen - resulting in loss of life or serious injury - years after warnings or previous incidents should have alerted a company to take action. The largest fine for a health and safety incident remains the sum of £15 million that Transco were forced to pay for the deaths of four family members following a gas explosion in 1999. In this case, the judge found that the company had failed to properly maintain gas pipes (the company was aware they these would become corroded after a 10 year period, which had long since expired when the incident occured), and had not properly heeded the warning signals from its research department that indicated the company was transporting a potentially explosive substance through corroded mains pipes. A similar incident in 1988 (in Warrington) should have alerted the company to the risks of not undertaking serious remedial work to the corroded pipes. Furthermore, regarding the remediation work that was done before the incident, the judge considered that the method in which some of these corroded pipes had been replaced, and the priority given to certain aspects of this work, was ‘unconvincing’. Indeed, the defence argument that Transco considered issues with cast iron pipework to be more urgent was seen to have little bearing on
I
the fact that there were known issues with ductile iron corrosion which were not being adequately addressed. Effective auditing and reporting of the potential scale of any incident should have alerted management of the need to take more drastic remediation work. In another major case, the ThyssenKrupp fire in Turin (December 2007), the CEO for the company in Italy was sentenced to 16.5 years in prison relating to the deaths of seven workers. When the incident occurred, the company was in the process of closing its factory down. However, with fewer employees at the site, health and safety standards were not maintained. The senior management of the company knew this, and were aware that health and safety issues could not possibly be audited or reported properly in an environment of understaffing. There is certainly an element of a warning in this case for any businesses or organisations which are tempted to neglect health and safety measures in the current climate of redundancies, budget cuts and tax increases. More recently, in September 2012, National Grid were fined £17,500 and ordered to pay costs of £8,192 relating to an incident involving a gas leak in 2010. The leak has caused by engineers who had inadvertently drilled through a plastic gas main. The court found that the National Grid’s records and maps of area had not been updated properly. If the processes of updating these documents had been carried out correctly, the engineers would have been made
incident aug13_riskuk_aug13 06/08/2013 11:25 Page 3
Incident Reporting
aware of the presence of the plastic main and known of its vulnerability - something that National Grid was aware of since 2006. Thankfully, although gas was discovered to have penetrated homes some distance from the immediate leak, preventative action was taken in this case to prevent any adverse incident occurring.
Principles of auditing and reporting The principles behind the auditing and reporting of all health and safety issues are founded in the concept of risk assessment. The basis of risk assessment is made up of five key stages. The first stage is to identify hazards; this is then followed by an assessment of who might be harmed by the hazard. This is done by considering the needs of individual employees and any vulnerable workers. The third stage addresses a full evaluation of the risk. This should assess whether the hazard be removed, and if not should then evaluate how the risk can be controlled so that the threat of any harm is unlikely. The fourth stage is that those carrying out the risk assessment must record the results and implement the appropriate actions. Finally, the fifth stage demands that those responsible review the risk assessment on an on-going basis. Without accurate reporting and auditing of results, the final stages can never deliver the benefits of a genuine risk analysis, and so the results can only be flawed! It is plain to see that without employees or other parties being able to effectively record and communicate to a site’s management (on an on-going basis) any hazards or potential hazards at the start of the process, then a risk assessment will be of little value in preventing health and safety incidents. On a basic level, those involved in reporting must be trained and competent (with access to any necessary resources) in assessing health and safety issues. They must also be able to effectively prioritise any issues that need to be brought to the attention of management and dealt with urgently. For example, it is vital that those involved in reporting can clearly articulate the reasons why a health and safety issue could be serious and might potentially cause an incident. They should also be able to draft up proposed changes or additional training as a means of dealing with the issue. Another important skill is the ability to evaluate the timescales involved in implementing any required changes and/or training, including an understanding of the relevant budgets
required to deliver such actions. Finally, they must be able - even at a very basic level - to form conclusions as to the likely success of these changes and/or training in reducing risks or even eradicating them altogether.
Accident reporting Businesses and organisations should keep accurate records of all accidents that occur in the workplace, or incidents involving their employees whilst at work. Certain specific
The new FFI (finance for intervention) scheme now gives HSE the opportunity to require companies to pay its costs if they are found to be committing material breaches of health and safety law. 15
www.risk-uk.com
incident aug13_riskuk_aug13 06/08/2013 11:26 Page 4
accidents and/or incidents should be reported under the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 1995 (RIDDOR). If someone dies or is injured because of a workrelated accident, it may need to be reported if the accident that caused the death or injury was connected to a work activity. If the person who is injured or killed is not at work (i.e. a customer, member of the public, visitor, etc.) and they are taken to a hospital, by any means, for treatment, it may have to be reported dependent upon the degree of the injury. Employers must report listed occupational diseases once a written diagnosis from a doctor is received. There are also specific requirements for incidents involving flammable gas. These can relate to workplace injuries and deaths, as well as injuries and deaths associated with gas that a business or organisation has supplied. Employers should record details of workrelated injuries, whether reportable or not, in an accident book. Employees should be trained in how to complete the accident book. There should be an accident reporting procedure so that employees know, in the event of an accident, who to inform, what paperwork to complete and who is responsible for making a report (if required). The accident book is a valuable document that organisations can use to record accident information as part of their management of health and safety. An accurate accident book and reporting scheme can be used as a record of all details relating to injuries from accidents at work. It can also be used to provide information on accident statistics, and enables a business to subsequently monitor trends, for example the details of accident locations, injured persons, etc.. It can also play an important role as evidence in civil or criminal cases. As of 6 April 2012, under amendments to RIDDOR, if a worker sustains an occupational
There should be an accident reporting procedure so that employees know, in the event of an accident, who to inform, what paperwork to complete and who is responsible for making a report (if required). 16
www.risk-uk.com
injury resulting from an accident, their injury should be reported if they are incapacitated for more than seven days. There is no longer a requirement to report occupational injuries that result in more than three days of incapacitation, but you must still keep a record of such injuries.
Near misses A near miss is any incident, accident or emergency that does not result in actual injury. They are often referred to as dangerous occurrences. Dangerous occurrences are events that do not necessarily result in a reportable injury but have the potential to cause significant harm. Certain incidents, classified as dangerous occurrences, should be reported under the RIDDOR legislation. Dangerous occurrences should be recorded, investigated and monitored in the same way as accidents, because they have the potential to cause harm, and should the incidents recur at a later date, harm to persons might be the result. Schedule 2 of RIDDOR lists reportable dangerous occurrences. Recording non-reportable near misses is not a statutory requirement, but doing so and using the information provided is good safety management practice and it may help to prevent a re-occurrence. Recording near misses can help identify any weaknesses in operational procedures, as deviations from normal good practice may happen infrequently but could have potentially significant consequences. A review of near misses over time may reveal patterns from which lessons can be learned. Where a review of near miss information reveals that changes to ways of operating, risk assessments or safety management arrangements are needed, these changes should be put into effect. Moreover, if an incident does happen and it can be seen that previous warning signs and/or previous actual incidents have not been recorded, monitored and dealt with, they could become a serious aggravating feature that might be used by a judge to dramatically increase the size of any potential fine.
Working with contractors One of the biggest obstacles to the effective reporting and monitoring of health and safety issues will often be a failure of contractors to adopt similar procedures and communications processes. It is important for the creation of effective policies that contractors always comply with the requirements of the parties they are working with.
incident aug13_riskuk_aug13 06/08/2013 11:26 Page 5
Incident Reporting
Following health and safety guidance on contractor selection will be crucial in the early stages of any job, and a hazard identification and risk assessment should be carried out by the client before any contractor is engaged. This will enable the client to appreciate risks associated with the job that it is contracting out, as well as the risks and issues it expects the contractor to deal with. The contractor (or contractors, if there are multiple contractors and/or sub-contractors) should then prepare their own risk assessment and the two documents should be compared for areas of overlap and concern. Training staff in auditing and reporting, and ensuring that contractors are on-board with the appropriate levels of health and safety, will be key for many businesses and organisations. Clear auditing and reporting (or lack thereof ) will be scrutinised by the courts if there is a serious incident that is prosecuted. The new FFI (finance for intervention) scheme now gives HSE the opportunity to require companies to pay its costs if they are found to be committing material breaches of health and safety law. A material breach could be a lack of adequate training, or a lack of
auditing, reporting or recording of health and safety issues. As of the start of May 2013, the HSE had invoiced duty holders a total of ÂŁ2.6 million in connection with the FFI Scheme. This is clearly not an insignificant amount, and should give businesses and organisations (and particular those in senior management roles within them) yet another reason to ensure that the auditing and reporting of health and safety issues is performed and maintained correctly.
In summary Incident reporting and recording of details is, in a number of cases, a legal necessity. However, even where there is no requirement, the implementation of procedures to record and analyse data relating to incidents is vital towards delivering higher levels of health and safety performance. When looking at best practice with regard to risk mitigation, the identification of threats and the implementation of plans to deal with incidents can only be of benefit if accurate and detailed information is available. For most modern organisations, reporting is an essential part of the business of health and safety!
Simply Brilliant Setting new standards for Access Control, Security and Automation SCALABLE True Enterprise solution delivering 1000's of controllers, 1000's doors and 1000's of zones POWERFUL State of the art electronics designed to give many years of seamless operation RESILIENT Designed with high level of self-protection EFFORTLESS Simple "Plug & Play" system expansion
ARRANGE A DEMO Call the Integriti team on 0845 470 5000 or email integriti@innerrange.co.uk
FLEXIBLE Range of Controllers & LAN modules designed to meet simple or complex access control, intruder detection and automation specifications FAST Streamlined installation and commissioning
“Integriti is a true Enterprise solution controlling thousands of doors and zones across multicontroller IP networks�
food aug13_riskuk_aug13 06/08/2013 11:19 Page 2
Controlling the processes Food processing faces a range of diverse and seemingly disparate challenges with regard to risk mitigation and threat management. Whilst traditional thinking is that these issues require separate solutions, modern technology can deliver a system which has the flexibility and capacity to cope. Risk UK considers the argument for the implementation of video management systems in food processing applications. he food processing sector faces a variety of risks and threats, including some that are specific to tasks carried out during production. The industry often utilises hazardous or dangerous machinery as a part of the manufacturing line, and this in itself constitutes a significant health and safety risk. Also, many operations use a mix of automated processes along with those that require a high degree of manpower. Managing this to ensure continuity in operations is also a challenge. The threat of contamination is ever-present for those involved in the processing of foodstuffs. Such contamination might be accidental, unwitting or intentional, with the latter being carried out by staff with a grudge of external persons seeking to gain through extortion, blackmail or simply to discredit or damage a business’ reputation. Therefore, being able to secure, monitor and manage the supply chain, from raw materials arriving on site through to finished product leaving, is
T
Milestone XProtect Corporate VMS XProtect Corporate is an IP video management software package designed for large-scale, high-security deployments. Its management interface enables control of the system and all connected cameras and other devices, even when distributed across multiple sites. The package includes interactive maps linked to alarms and built-in support for video wall functionality. Edge storage support, failover recording servers and redundant management servers ensure performance is resilient. For high-security installations such as the food processing industry, which requires constant access to video, failover recording servers maintain operations with minimal interruption and video loss in the event of network problems, server failure, loss of power or any other system problem. The recording servers offer multi-stage storage with data management options. The recorded information can be regularly sent to archives on separate servers if required. The database is both encrypted and digitally signed to protect material against unauthorised viewing , modification or tampering. Edge storage offers a redundancy option, with data stored in cameras or encoders being automatically retrieved on a time schedule. With support for an unlimited number of cameras, users and sites, the package is flexible and has no limits in terms of scale.
18
www.risk-uk.com
vital. Where any contamination does occur, the process for rectification via recalls and possible compensation payments can be significant for any business or organisation. Managing machinery is also an important issue. If, for example, machines leak, the potential for wasted materials, downtime, contamination and even staff slips or falls can all have an impact on operational continuity. Like any manufacturing environment, food processing plants will experience times of high traffic flow, with raw materials arriving and products departing. For site management, the necessity to ensure that deliveries and collections are controlled is vital if the business is to operate in an efficient and cost-effective way. Also, like many other manufacturing sites, theft of materials is a potential threat. Whether carried out by staff or outside parties, considerations relating to the protection of assets have to be addressed. Even simple issues such as hand sanitisation are important, and must be effectively managed. Where staff do not follow the correct procedures they need to be identified, and then training or some other form of action must be taken to ensure that all products leaving the site meet the standards demanded by consumers, the law, and - of course - the food processing company itself! These issues are obviously diverse, and may at first reading seem totally unrelated. Initial thinking might indicate that they require separate and disparate systems, combined with a significant investment in man hours. However, one solution that delivers central control with benefits of risk mitigation for many of the aforementioned issues is a video management system.
Not just CCTV For those who consider such tools to be a part of, and exclusively linked to, a CCTV system, the depth of flexibility on offer might surprise them. It is true that video management systems (VMS) are used in a role of managing CCTV, but such usage really does understate the potential on offer.
food aug13_riskuk_aug13 06/08/2013 11:20 Page 3
Food Processing
These systems bring together video on demand, analytics for detection and business intelligence, alarm handling, event and incident management, monitoring of systems and machinery (including temperature, humidity, operational and environmental monitoring); indeed, the potential is often only limited by imagination. Complex scenarios can be created, which cover a wide range of issues, and automated actions can be instigated, with or without personnel intervention, dependent upon the demands of the site. If you compare the capabilities of modern video to the options of the past, the whole video surveillance sector has moved on in leaps and bounds. Resolutions are higher, flexibility is significantly enhanced, recording and management solutions offer higher degrees of functionality, and innovation is rife with regard to both the design and implementation of systems. When considering the management of an effective video surveillance system, softwarebased solutions can deliver inherent flexibility. As well as the standard roles of recording and playback, plus live viewing, a wide range of other features place the emphasis on the word ‘management’. The video element can be combined with access control, alarm handling, system monitoring, analytics, traffic management, personnel protection, automation – it could be argued that the dayto-day benefits are significant enough to make the use of a system viable without even considering the security role of the system. That security and safety can be maximised simply adds to the cost efficiencies! VMS packages can interface with a wide range of cameras, codecs, displays and storage systems, as well as a host of other security, safety and building management systems. If anything, VMS software is rapidly outgrowing its ‘video’ designation. VMS can operate on single sites or across multiple locations, with no geographical limitations. Multiple servers can be supported, and the linked systems can effectively control each other, dependent upon time zones, manned hours, etc..
Analysis and intelligence Increasingly, VMS-based systems can either be integrated with, or feature integral elements to provide, intelligent video analysis. Video analytics allows live and recorded video to be automatically processed, identifying any exceptions or events. The analytics capabilities can often be used to search
video, thereby delivering a swift and accurate tool to find any footage of incidents. Often referred to as IVA (intelligent video analytics), it is vital to understand that the way the term ‘intelligent’ is interpreted is very different to our understanding of human intelligence. If anything, when used for IVA, it is something of a misnomer. The basis of IVA is a set of complex mathematical algorithms, and these are applied to the content of video images. The
VMS packages can interface with a wide range of cameras, codecs, displays and storage systems, as well as a host of other security, safety and building management systems. 19
www.risk-uk.com
food aug13_riskuk_aug13 06/08/2013 11:20 Page 4
Food Processing
processing engine examines the content of each frame of video. With digital images, every pixel expresses a value. The analytics algorithms look for how these values change, relative to overall scene change, and identifies changes that correlate with those typical of the signature created by any
Business intelligence-based solutions can notify specific events: a conveyor belt in a food processing plant stopping, materials left outside of refrigerators or clean areas, staff entering food handling areas without using hand sanitisers, etc.. 20
www.risk-uk.com
given set of criteria. The real power of video analytics lies within these algorithms, and their ability to quickly and accurately identify change that is consistent with pre-defined signatures. Whilst this is a very basic explanation of the technology, is does illustrate some of considerations for analytics-based systems. Firstly, the system cannot make decisions or apply reason to its processes. No logic, understanding or assessment of the conditions is entered into. The event is signalled, typically to an operator, who can then make any reasoned judgements. Where complex situations are being managed, it is common practice for numerous rules to be linked, typically using ‘And/Or’ logic. One problem with security incidents, in terms of establishing analytics rules, is that often the system must address the unexpected. Because criminals will always try to conceal what they are doing, the potential variables which must be programmed into the video analytics engine are manifold. The biggest difference between security tasks and business intelligence tasks is that typically, the latter are simpler to define. This is because the system is looking for something specific and predictable. Security use of video analytics typically looks for exceptions to normal behaviour, of which there can be many, some of which are very hard to predict. It is much simpler to consider behaviours that are expected, and which you want to measure or validate. With most business intelligence-based solutions, the end user wants to be notified of specific events. These could include a conveyor belt in a food processing plant stopping, a build-up of materials during the manufacturing process, materials left outside of refrigerators or clean areas, staff entering food handling areas without using hand sanitisers, staff entering prohibited areas or leaning over guard rails with dangerous machinery, delivery vehicles entering the wrong bays or causing an obstruction, storage vessels leaking, etc.. The system could also assist with cost reductions by turning off lighting or ventilation when an area is unoccupied, or enhance health and safety by turning lighting on when people enter the area! Effectively, if the event which is to be notified contains visual information which can be captured by video – size, shape, colour, direction, motion or non-motion, speed, object appear or disappear, etc., then a rule can be created. The rule can then be used alone, or in conjunction with other rules or other events notified to the VMS, to generate an alert.
Project2_Layout 1 04/06/2013 13:22 Page 1
food aug13_riskuk_aug13 06/08/2013 11:21 Page 6
Food Processing
Many VMS packages also feature advanced event handling, allowing the user to build complex scenarios which in turn trigger actions. The inputs can be obtained from the video itself, via analytics, or through other monitoring. This can include sensors which detect motion, lack of motion, variations in temperature, humidity, flooding, leakage, pressure changes, dwell times and so on. Additionally, information from access control systems can be used, which not only allows the system to consider occupancy, but exactly who is occupying the space. If, for example, certain machinery such as bowl choppers must only be used when trained personnel are present, then the system can use the access control data to be aware of whether a qualified person is in the location. The scenarios aren’t limited to, ‘when X happens, instigate action Y’. Many systems allow a logical chain to be developed. Scenarios with multiple elements can be developed, such as ‘when X happens at a certain time of the day, and Y does not occur within a specified time, then instigate action Z, unless...’. The possibilities are enormous. This flexibility in VMS packages is traditionally used to send an alert to an operator in a control room, to flag an incident as an exception on a recording management system or to generate an alarm. However, other actions can be set, such as sending an email or SMS message, with a snapshot if required, to an authorised person. Alternatively, automated responses can be initiated. For example, if a
22
www.risk-uk.com
production line is over capacity, the system could automatically prevent further product being added, or switch operation to a secondary line. In truth, the actions instigated by a solution can be as flexible and varied as the causes of an exception. Every application can have bespoke ‘cause and effect’ actions created. VMS solutions can include an interface to data generating devices. These can include logging systems or workflow data systems. The data streams can be recorded along with the video, and can also be used as event triggers. For example, insufficient staff for certain processes, or untrained staff in specific areas, can be used to signal an alert. Where raw materials are bar-coded, the system can also use data about the product being processed, and can consider any special requirements. VMS can also generate reports covering any aspect of the processing to give site managers an instant real-time overview of what is happening. Of course, the VMS can also provide a very high level of security protection too!
In summary The potential on offer from modern VMS systems is significant. The flexibility inherent in the systems takes them far beyond mere security and safety applications, and for the various and diverse demands of the food processing industry, they represent an option that can deliver real-world benefits on a day-today basis.
risk web__RiskUK_dec12 31/01/2013 14:47 Page 2
In an increasingly volatile world, Risk UK is essential reading for risk management, loss prevention and business continuity professionals Increasingly, businesses and organisations need to operate in a risk-conscious world. The external threats to business are manifold and diverse. Issues range from security of people and property, loss prevention, health and safety, cyber threats, environmental issues and human resources management, through to terrorism, extortion and arson. Threats develop rapidly, and must be faced. Whilst the risks faced are complex, so too are the potential solutions. These need very careful consideration if the benefits on offer are to be fully realised. Risk UK delivers essential updates, advice and guidance to ensure that modern businesses are able to take proactive steps towards mitigating risk.
Risk UK offers a full web site and regular electronic newsletter, alongside its print publication, to help those who are active in risk management to better address external threats.
@riskukmagazine
www.risk-uk.com
dycon risk ad may13_Layout 1 05/08/2013 17:09 Page 1
Dycon
Designed and manufactured in the UK
More power to your elbow? Intruder, Fire, CCTV, Access Control systems; in fact anything that needs 12 or 24 Vdc or PoE!
Dycon provides advanced technology, switched-mode solutions for them all! • • • • • • • • •
Competitively priced Buy direct or from our specialist dealer network Supplied direct from our UK factory to you - no shipping delays All made in the UK to ensure optimum suitability and reliability Each PSU can save at least £20 worth of electricity p.a. Tough steel housings or pcb-only options Pcb-only options fit most existing housings, saving installation time Special connection options for CCTV systems, including BNC sockets Access control versions protected against ‘spikes’ from high power electric and magnetic door releases
terrorism aug13_riskuk_aug13 06/08/2013 11:42 Page 3
Terrorism Act Report
Terrorism landscape changing according to report ast month saw the publication of David Anderson QC’s annual report into the Terrorism Act. Anderson is a senior lawyer, and produced the report in a role as an independent reviewer of the Terrorism Act, a role he has performed since 2011. The role of an independent reviewer is to report to the public and Parliament, and to further the debate on counter-terrorism via written reports and delivering evidence to committees, as well as participating in liaison with Ministers, officials, police and other relevant parties. The report recognises that threats from terror groups organised by, or in association with, al-Qaeda have decreased since the early to mid-2000s. This has predominantly been due to the loss of members of the organisation’s hierarchy, along with constraints in the group’s operational freedom in certain territories. As a result, the core group has been less able to extend its control over cells in other parts of the world. The report highlights that while al-Qaeda might have restricted capabilities with regard to direct command over distributed terror cells, it still has the capacity to be involved in attack planning. Indeed, it can and does provide training and encouragement for self-organised extremist cells with intentions to carry out attacks when they return to the UK, posttraining.
L
The threat of terror-related incidents in the UK remains high, and whilst significant steps have been taken, both nationally and internationally, to mitigate the risks, the reality is that the challenges still exist. Changes in the structure and operations of terror-related groups have seen the method of attacks alter significantly, and this fact alone increases the need for continual reassessment of circumstances. If anything, the need for planning and ensuring that adequate protection is in place is more important for businesses and organisations. The report cites a number of cases that resulted in convictions, which all showed links to al-Qaeda training overseas. In late 2010, two London-based men and two from Cardiff created plans for attacks, including targeting the London Stock Exchange. They were further linked to three men from Stoke who trained in Pakistan and planned to run and take part in a terror training camp in Kashmir, with a view to carrying out future attacks. Two others associated with the group considered a mail-bomb campaign. In the autumn of 2011, 12 individuals from the Midlands were arrested for involvement in a plot to conduct a bombing campaign in the UK,
25
www.risk-uk.com
terrorism aug13_riskuk_aug13 06/08/2013 11:43 Page 4
Terrorism Act Report
which they claimed would be ‘bigger’ than 7/7. It involved the use of improvised explosive devices in rucksacks. Two of the cell had visited al-Qaeda terrorist training camps on two occasions, and had arranged training for four other individuals. Recordings released since their convictions indicate that they believed the plot was approved by al-Qaeda. Four men in Bedfordshire were arrested in Spring 2012 when planning a terror attack against a Territorial Army base in Luton. One of the four had visited Pakistan the previous year to meet al-Qaeda representatives, and was planning to revisit when arrested. Anderson goes on to state that those involved in terrorism are very difficult to categorise, even with reports such as his attempting to do so! However, the report identifies that the nature of al-Qaeda threats has changed. Complex large-scale attacks directly controlled by the group are less numerous, but the organisation still provides support and training for those wishing to selforganise, including individuals in the UK. The desire and capacity from self-organised cells to commit larger scale atrocities still exists in the UK. However, the threat is being mitigated by improved operations by the security services. More basic attacks are becoming more common. Because these involve small groups of people or individuals, and have significantly less planning, they can be very difficult to detect. The report quotes Jonathan Evans, retired Director General of MI5, from 2012 when he stated, ‘In back rooms and in cars and on the streets of this country there is no shortage of individuals talking about wanting to mount terrorist attacks here.’ It adds a comment from Evans in regard to al-Qaeda-related terrorism, which points out that, ‘Britain has experienced a credible terrorist attack about once a year since 9/11.’ The threat level with regard to Northern Ireland-related terrorism is at a Severe level (an attack is highly likely) in Northern Ireland itself. This is due to a substantial number of attacks along with a considerably greater number that were abandoned or thwarted.
26
www.risk-uk.com
Many attacks used crude but potentially lethal pipe bombs; more sophisticated devices were also evident. Towards the end of 2012 there was an increase in dissident republican activity, resulting in more sophisticated attack planning, due to a new grouping formed by a merger of terror groups. Terror activity has greatly reduced in volume since the Good Friday Agreement of 1998. The threat to Great Britain from Northern Ireland-related terrorism was reduced to Moderate (an attack is possible but not likely) in October 2012. Other threats such as from the extreme right wing are minimised as such organisations are fragmented. In this area, attacks tend to come from ‘lone wolf’ perpetrators. Where incidents do occur, political views are often overlaid with mental health issues, personality disorders, criminality and social isolation, which makes a true definition of the cause more difficult. However, as a note of caution, the report recognises that the 77 deaths associated with Anders Breivik in Norway shows that a lone perpetrator can take a significant number of lives. Other extremist organisations including animal rights, environmental protest, extreme left wing, anarchist and nationalist groups do not appear to have used violence in 2012 to achieve their goals. The trend towards lone wolf attacks (the authorities refer to such individuals as lone actors, because the phrase is considered less glamorous) means that terror incidents are ‘smaller-scale and less sophisticated’. However, this also makes them difficult to detect as they are unpredictable and can be initiated very quickly. In its conclusions, the report points out that the number of deaths caused by terrorism in the UK is small, and statistically ‘almost insignificant’. However, it goes on to state that, ‘The terrorist threat is far from negligible. Comforting as it may be to dismiss as mentally ill the perpetrators of religiously-inspired (or religiously-badged) violence, the evil inherent in such acts needs to be honestly recognised. ‘In 2012 alone, al-Qaeda related plots were thwarted which might have succeeded in blowing up an airliner in flight, with incalculable social and economic consequences, and in killing and maiming hundreds of people in an English city. ‘Even the smaller-scale home-grown incidents that now seem more prevalent have the capacity to spread bigotry and hatred and to poison community relations in a way that a gangland killing or a domestic feud cannot.’
Project1_Layout 1 06/08/2013 12:31 Page 1
OxyReduct® fire prevention
EURO GRADE
REMOVING THE T H R E AT O F F I R E .
SAFES WITH ADDED PROTECTION – GRADED 0-5
UP TO £100,000 CASH RATING EN 1143-1 CERTIFIED & TESTED MULTIPLE LOCKING OPTIONS
The new Library of Birmingham has
FIRE RESISTANT
chosen OxyReduct® to protect its
ALTERNATIVE SIZES AVAILABLE
valuable archives, the same as over 700 other businesses and organisations
LIGHTWEIGHT CONSTRUCTION
around Europe. Telephone: +44 (0)1252 311888 Web: www.securikey.co.uk Email: enquiries@securikey.co.uk
No matter how good your fire detection, extinguishing or suppression system is, a fire has to start for it to work – so some damage is inevitable. In mission critical applications where any business interruption is unaccep-
ARE YOU READY IF THE POWER FAILS?
table or where warehouse stock or archives are invaluable, a different approach to fire prevention is needed. OxyReduct® employs innovative technology that continuously reduces the oxygen level in a room by adding nitrogen to the air. The oxygen
STANDBY POWER FOR EVERY SECURITY APPLICATION
is reduced to a level in which combustibles do not inflame and an open fire is impossible. Importantly, people can enter the area of risk.
CCTV Battery back up systems and standby power for single and networked camera systems
Visit our in-house demonstration facility and
EMERGENCY LIGHTING
experience a fire-free environment at first hand.
Static inverters and central battery systems for all critical lighting systems
ACCESS CONTROL Back-up power systems to ensure continuity of access control
www.wagner-uk.com
TEL: 01488 680500 WWW.UPSSYSTEMS.CO.UK
Project1_Layout 1 05/08/2013 11:24 Page 1
Standard Rate
BCM World Conference and Exhibition 2013 Free to attend exhibition showcasing BC products and services from around the globe Conference programme with unique ‘three stream’ structure, which caters for the BC newcomer to the experienced practitioner Training at BCM World Exhibition seminar programme consisting of practitioner and vendor presentations The BCI Gala Dinner and Global Awards
MEMBER £890 + VAT NON-MEMBER £990 + VAT
Why register as a delegate?
Why visit the exhibition?
Why exhibit?
Ǧ
Ǧ ƽ ʬ ǂ
Ǧ ʬ ʭ
Ǧ
Ǧ ʬ
Ǧ Ǧ ʬ Ǧ
Ǧ ʬ
Ǧ ǂƽ ǂ Ǧ Ǧ ʬ
Ǧ
FOR SPONSORSHIP ENQUIRIES CONTACT faye.leo@thebci.org
FOR ALL OTHER ENQUIRIES CONTACT lucy.mcdonnell@thebci.org or nicky.tramaseur@thebci.org
6 – 7 ȝțȜȞ ƽ
FOR FREE
Gold sponsor
Visit www.bcm2013.com to learn more and register today!
cloud aug13_riskuk_aug13 06/08/2013 11:09 Page 3
Cloud Services
n the modern world, there seems to be few tasks (which do not involve physical raw materials) undertaken by businesses and organisations that are not being touted as ‘moving to the Cloud’. Often tasks which are undertaken with ease are – according to the salesmen of all things Cloud-driven – actually the cause of wasted resources, a drain on revenue and a general encumbrance to all involved. Luckily for us, one simple subscription fee will take all the pain away, save us money, and make our staff members smile again. One reason why the Cloud has increased its profile is because of the consumer sector, where it increasingly makes sense. For example, if you take a photograph on a phone (typically the most commonly used devices for this, even amongst those with a good range of cameras) it is a benefit if that photograph is saved to a Cloud-based account. This allows you to then view the image on other devices such as a PC or tablet, without transferring the file. If the Cloud link fails, or the service is unavailable, it might be an inconvenience, but the image still exists on the phone, and can be shared either in other ways or at a later time. Indeed, the most prolific Cloud services are simply storage services which enable sharing between multiple devices – either all owned by one individual, or amongst those of selected persons. Obviously, as the consumer market becomes more comfortable with the Cloud, and enjoys many of the benefits offered by a growing number of free services, so additional purchasable options have grown, including many using Software-as-a-Service (SaaS). For some, one benefit of SaaS is that there is no need to purchase and customise software to accomplish a specific task, especially where the tasks in question are not everyday jobs! Whilst the Cloud is unarguably blossoming in the eyes of the general public, the area where many vendors are concentrating their efforts is on the commercial sector. Businesses and organisations aren’t simply looking to share data or carry out basic tasks via service-based operations. The demands for performance are increased, the requirement for complete resilience is pivotal, and overall security of every part of the process has to be uncompromising. Before businesses even consider the financial benefits and workflow enhancements, any offering that cannot deliver – and be seen to deliver – 100 per cent reliability simply cannot be accepted by those assessing risk.
I
Blue sky thinking? The Cloud seems to be ubiquitous in today’s business world. Not only is every function seemingly available as a service, but the sales pitch seems to suggest that by placing all of your services, software, data and even risk mitigation processes into the Cloud cannot help but to make healthy, wealthy and wise. Of course, whilst the Cloud does offer some benefits for businesses and organisations, there remains a need for caution when considering off-site processing and storage.
29
www.risk-uk.com
cloud aug13_riskuk_aug13 06/08/2013 11:10 Page 4
Cloud Services
Theorists for the services liken the Cloud to a well-constructed fortress in which it is safe to do business. Those who are sceptical often point out that such a secure haven is meaningless if those travelling there to do business are robbed on the road in! The cloud undefined For many businesses and organisations, the issue with Cloud-based services is precisely the thing that makes them flexible in nature. Not every Cloud is the same. Some are created for simple and fast access, and security takes something of a back seat. Others can be slightly clumsy to access because security is very tight. The emphasis on user interaction is bypassed by the implementation of management policies! The fact that Cloud services are so diverse also means that not all offered services require similar levels of security. There is also the issue of defining the cause of any security breach or system failure. Did the issue originate from the business or organisation? Did it occur during transmission to or from the Cloud service? Was it created by third party services or systems put in place to protect the data during transmission? Did it occur during processes carried out by the Cloud service provider? If the latter turns out to be the case, is the failure or loss covered by an SLA, and will the contracted restitution cover any losses? Whilst based upon anecdotal evidence, a number of businesses have stated that their initial impressions of Cloud services were that whilst offering interesting benefits ‘on the surface’, these diminished somewhat when it was realised that the user’s business had to implement complex systems, and introduce new procedures, to cover any potential threats that might occur as a result of implementing Cloudbased services. Theorists for these services liken the Cloud to a well-constructed fortress in which it is safe to do business. Those who are sceptical often point out that such a secure haven is meaningless if those travelling there to do business are robbed
30
www.risk-uk.com
on the road in! Even those specialising in Cloud services are quick to point out that the onus for data and file security lies with the user during the transmissions. Another point to consider is that if data is being processed in the Cloud, then the data controller – the business that technically owns the data – is liable for the actions of the data processor. Whilst credible Cloud services will comply with relevant regulations and contractual obligations, this is an issue that must be considered as part of any risk assessment.
Risk considerations One of the first things businesses should consider is the extent of any SLA. It is vital that this agreement covers and protects the user, rather than simply reducing liabilities for the Cloud provider. Richard Blanford of Fordway points out, ‘With public cloud, a major loss of service such as a datacentre failure, security breach or other outage, or even reduced performance, can create significant issues for the customer. However, under most SLAs - if the provider even offers them - most providers will apologise, sincerely in most cases, and refund a proportion the monthly service fee. The user, on the other hand, does not receive full recompense for disruption, missed business opportunities and any costs they have incurred due to the outage. Also, compensation offered may be paid against future invoices.’ For many, security of data is a significant risk consideration. Neil Stephenson of Onyx Group states, ‘The fact that data and networks can be accessed anywhere in the world through the Cloud raises a number of security concerns for many companies, but there are a series of protocols that should be adopted to reduce the likelihood of security being breached. Simple steps such as ensuring a suitable firewall solution is in place are vital to protecting the perimeter of data storage. ‘Other safety practices must be utilised including encryption to protect information when at rest and in transit.’
Project3_Layout 1 03/07/2013 13:46 Page 1
FREEDOM TO...
At Apollo we have been protecting lives and property worldwide for more than 30 years. As industry leaders we use our experience to provide customers with the latest technology to meet the challenges of the most demanding environments.
We are the world’s largest independent smoke detector manufacturer offering unrivalled choice and giving customers the Åexibility to choose solutions that Ät their unique needs. Our entire range, certiÄed to key international standards, offers a 10 year product guarantee and we are proud to have trusted partnerships with more than 70 panel manufacturers. Apollo offers open digital protocol and forwards and backwards compatibility, giving customers complete freedom to choose a solution that’s right for them.
To Änd out more visit: www.apollo-Äre.co.uk +44 (0)23 9249 2412
UkGeneric_210x297_UK.indd 1
marketing@apollo-Äre.co.uk
14/06/2013 12:35
cloud aug13_riskuk_aug13 06/08/2013 12:02 Page 6
Cloud Services
Businesses and organisations should ensure that they are prepared for any issues that might arise when placing their data – or processing services – with a third party company. Trust is a significant issue in any such decision, but the balance of trust cannot be considered as accepted in any true risk assessment. If the Cloud provider is acquired or goes bankrupt, will the data be accessible, and can ownership of the data be established and enforced? If processing is taking place, will the contract be fulfilled, or can the provider deliver the capabilities to carry on processing data as per the SLA, should they cease trading? Whilst many initially worry about data being lost, stolen or used incorrectly, a bigger issue might be how difficult it will be for any business or organisation to extract themselves – and all of their data – from a third party should an issue arise. Even if legal steps are available, the delays in bringing essential data back into an internal IT processing environment could be critical for the wellbeing (and reputation) of a business.
Other considerations will include where the data is stored and/or processed, which could impact on DPA adherence. What resilience exists with regard to back-up, transfer and processing? What access do you have to your own data, both during contracted work and in the case of simple data management?
In summary The Cloud does offer benefits, if what the service provision delivers is in line with expectations. However, it carries with it a number of risks too. Some of these are operational, but most will be procedural. Too much emphasis is often placed on the role of downtime or throughput when a risk analysis is carried out for such services. However, whilst even a small amount of downtime might cause revenue losses, an inability to access or recover data could be fatal for many organisations. Those delivering Cloud services highlight how secure they make the data, but that is only one small part of overall picture. Resilience is important, but must extend to a wider range of parameters than just data storage!
ADVERTISING FEATURE
Over 60% of all fines issued by the Information Commissioner’s Office (ICO) relate to the use of un-encrypted email, often being sent to the wrong recipient. n-encrypted e-mail can be viewed a bit like a postcard where the content is immediately available to anyone who can see it - including the postman or nosey neighbour, or the wrong recipient! Insecure email is also about to get a lot more expensive with the European Data Protection Framework (EDPF), which is expected to come into force in 2014, carrying penalties of up to 2% of annual turnover for those found not to have taken the necessary action to prevent the data loss by establishing the necessary procedures and technical infrastructure. A further issue that results in data loss is
U
www.cryptshare.com/riskuk
32
www.risk-uk.com
that email does not handle large attachments at all well, causing users to send large files, those carrying the most data, via ever more insecure, and often much more expensive methods such as couriers, USB, consumer grade cloud services and USB sticks or DVDs. But how can we operate without e-mail. It’s our favorite tool, we’re all used to it, it’s universally available and it’s easy to use. We can even receive it on our mobile devices so we have access to it wherever we are. Solve the security and file attachment problems and e-mail is an effective tool rather than a major vulnerability. Cryptshare enables users to exchange fully encrypted emails and file attachments of unlimited size with anyone and from within existing email solutions such as MS Outlook and IBM Notes. Furthermore Cryptshare complies with all existing ICO requirements. Simply put, in addressing both issues, Cryptshare makes e-mail better. To find our more or start a free trial go to www.cryptshare.com and click Risk UK
Project1_Layout 1 06/08/2013 12:13 Page 1
Security solutions for today’s challenging times
Consultancy Operational Consultancy Manned Guarding Training Information and Intelligence Communications Support Technical Systems Equipment
Global economic pressures are forcing organisations to review expenditure across the board. But, the security issues remain the same. So, do you cut your security? Pilgrims offers a complete and complementary range of security, communications and support services, backed by an unmatched commitment to the highest level of quality, efficiency and client care, to reduce costs not cover. Our expertise and global experience allow us to deliver robust, practical solutions for today’s challenging financial climate.
For more than ten years, Pilgrims has been supporting clients across the globe, protecting and enabling their businesses to continue in spite of threats from terrorism, serious organised crime and natural disasters. Our personnel are handpicked for their experience, skills, training and personality to match the requirements of our clients. This, combined with our continual exposure to the world’s hot spots and difficult regions, makes Pilgrims the ideal choice for advice and support. Pilgrims provides a global service, with local knowledge through our employment of local personnel, quality control, continual ongoing training and our relationships with specialists and local partners.
We can help you find the right solution. Call Pilgrims on: +44 (0)1483 228 786 www.pilgrimsgroup.com
Project1_Layout 1 01/08/2013 12:11 Page 1
Bringing together the entire security buying chain In 2014 IFSEC International, the largest and longest running security event moves to a truly international venue. With more than 40 years at the heart of the security industry, reČľecting innoYatiYe industry trends and SroYiding insight into the Oatest technoOogy to NeeS Eusinesses and goYernments secure Put the date in your diary now! www.ifsec.co.uk/add2014
IFSEC International is Sart of
PROTECTION & MANAGEMENT Week
WWW.IFSEC.CO.UK
17-19 JUNE 2014 ExCeL LONDON
cyber news aug13_riskuk_aug13 06/08/2013 11:17 Page 1
Cyber News
Glasgow City Council fined by ICO The Information Commissioner’s Office (ICO) has issued Glasgow City Council with a fine of £150,000 following the loss of two unencrypted laptops, one of which contained the personal information of 20,143 people. The breach of the Data Protection Act comes after the council was previously issued with an enforcement notice following a similar breach where an unencrypted memory stick containing personal data was lost. The two unencrypted laptops were stolen from the council’s offices. The laptops were stolen from premises which were being refurbished; previous complaints of theft and a lack of security at the site had been made, and despite this the unencrypted data was left there. One laptop had been locked away in a storage drawer, and the key was placed in the drawer where the second laptop was kept. The second drawer was subsequently left unlocked overnight, allowing the thief access to both laptops. One of the laptops stolen contained the council’s creditor payment history file, listing the personal information of over 20,000 people, including 6,069 individuals’ bank account details. The ICO’s investigation found that a previous warning, and in breach of the council’s own policy, it had issued a number of its staff with unencrypted laptops after encountering problems with the encryption software. While most of these devices were later encrypted, the ICO also discovered that a further 74 unencrypted laptops remain unaccounted for, with at least 6 of these known to have been stolen. Ken Macdonald, the ICO’s Assistant Commissioner for Scotland, stated, ‘How an organisation can fail to notice that 74 unencrypted laptops have gone missing beggars belief. The fact that these laptops have never been recovered, and no record was made of the information stored on them, means that we will probably never know the true extent of this breach, or how many people’s details have been compromised. ‘Glasgow City Council was issued with an enforcement notice back in 2010 after a similar incident where an unencrypted memory stick was lost. To find out that these poor practices have returned some two years later shows a flagrant disregard for the law and the people of Glasgow. The council should be held to account, and the penalty goes some way to achieving that.’ The council has also been served with an enforcement notice requiring it to carry out a full audit of its IT assets used to process personal data. It must also arrange for all of its managers to receive asset management training. The council must also carry out a full check of all of its devices each year so that the asset register can be kept up to date.
Cyber and Data Security News Attacks can have lengthy recovery periods Advanced cyber attacks being made by state-sponsored cyber terrorists can take months to control, even after being detected. Following the Annual Report 2012-2013 from the Intelligence and Security Committee, which indicated that cyber espionage had resulted in Ministry of Defence data being stolen, Alex Fidgen of MWR InfoSecurity stated, ‘Attacks targeting Government departments or industry suppliers can remain undetected and active for up to a year, so the problem becomes endemic. Furthermore, it can take months to control these attacks meaning that, during this time, huge amounts of information can be downloaded by the attacking party.’ The report focused on UK Government departments being targeted, but it has been claimed that the same scenario occurs daily amongst commercial organisations. Many businesses can lack the understanding or the capacity to deal with sophisticated attacks. Many businesses are simply not prepared to protect themselves against the complexity of attacks that now commonly occur. As more organisations are targeted, so fragmented information from numerous sources is being pieced together to provide a complete data set for attackers.
Lancope joins ONF Lancope has joined the Open Networking Foundation (ONF) to help secure and promote the adoption of Software-Defined Networking (SDN). ONF is dedicated to the commercialisation and development of open standards for SDN to achieve dynamic, manageable and adaptable network architecture. Kerry Armistead, vice president of product management for Lancope, stated, ‘As with any other new technology, security must be of the utmost concern during the early phases of SDN development. By joining ONF, we are working to ensure that it is developed and implemented in a way that does not jeopardise network security or increase enterprise risk.’ ONF is the steward of the OpenFlow protocol, an open programming interface for SDN. It provides standardised approaches that free organisations from vendor lock-in and allow users to achieve maximum organisational impact by innovating and governing the operation of their networks according to business objectives. ONF members include a mix of enterprise IT, cloud and telecom service providers, as well as network equipment and silicon vendors.
35
www.risk-uk.com
cyber news aug13_riskuk_aug13 06/08/2013 11:17 Page 2
Cyber News
Southern Health overhauls IT strategy Southern Health NHS Foundation Trust has deployed security information and event management (SIEM) and content security technology from Trustwave as part of a complete overhaul of its existing IT security strategy. A merger of two NHS Trusts forced the need to design a consolidated network – previously run by four different service providers – serving more than 150 sites around the south of England. The SIEM technology is being used to collect, analyse and assess security events proactively for rapid identification, prioritisation and response. ‘It offers us a security safety net that helps protect our networks, patients and stakeholders from potential data loss or theft of sensitive clinical or patient records’, stated Adam Newman, Infrastructure and Security Architect/Interim Security Manager at Southern Health NHS Foundation Trust. ‘It is a core part of our defence-in-depth strategy, allowing us to monitor and pre-empt security breaches; it can also act as a vital source of forensic data should the worst happen.’ A key requirement of the new infrastructure was to adhere to UK security guidelines GPG 13, which government organisations must follow if they wish to connect to the UK government’s Extranet. The Trust also wanted the ability to permit the secure remote working of health workers, allowing them to access the central network from patients’ homes or while on the road. ‘Security was a key priority for us, and we initially drew up a set of priorities that would accommodate the needs of the Trust today and into the foreseeable future’, said Newman. ‘Key to this was incorporating all the existing 9,000 users and critical apps, as well as those hosted on the NHS N3 cloud network which provides email, accounting, purchasing and RIO - the Patient Administration System - to Trust employees.’
Zero-day vulnerabilities discovered FireEye has announced the discovery of seven zero-day vulnerabilities during the first half of 2013. Each of the vulnerabilities was exploited by advanced attacks across a number of applications including Microsoft Internet Explorer, Adobe Flash, PDFs, Oracle and Java. The attacks highlight a growing trend of organisations seeing damage due to highly publicised zero-day threats. Zero-day flaws are especially dangerous because of their ability to evade detection from traditional and next-generation firewalls, intrusion prevention systems, antivirus, and Web gateways, leaving holes in network defences. As a result, the potential for loss and theft of customer information, intellectual property and confidential information increases. The zero-day flaws discovered include remote attacks to execute arbitrary code via a crafted website (Internet Explorer), retrieval of a template from the Web and creation of a window demanding payment (Java), execution of arbitrary code or memory corruption via crafted SWF content (Flash), execution of a malicious PDF file delivered via email (PDF), and unauthenticated network attacks via multiple protocols (Java).
36
www.risk-uk.com
Disaffected staff present data risk Disgruntled staff are increasingly likely to take data-related revenge, according to research from Iron Mountain. This indicates that resources invested in meeting stringent data protection laws could be wasted if firms fail to tackle the emotional fallout of employees who believe they have been treated badly. The study of office workers shows a number are motivated to take revenge against employers if they’ve been held responsible for something they believe wasn’t their fault (21 per cent) or treated unkindly (19 per cent). The survey showed that whilst almost one quarter of employees would let their opinion be known, either to colleagues or friends, eight per cent would deliberately take confidential or sensitive information, regardless of whether or not it was related to the original incident. Customer databases are the most likely items to be taken (45 per cent), followed by presentations (39 per cent), strategic plans (13 per cent), company proposals (9 per cent) and product/service roadmaps (7 per cent). The HR department appears to be the most sensitive, with 32 per cent saying they would take revenge in response to unfair blame, and 28 per cent saying they would do so if treated unkindly, compared to 13 per cent of those at the director level or above, and 16 per cent in Sales. Job-related set-backs were found to be less risky. Job loss (18 per cent), poor performance reviews (6 per cent) and missing out on promotions or pay rises (8 per cent) are less likely to result in data theft.
Dell SecureWorks launches threat hunting service Dell SecureWorks has launched a new targeted threat hunting service aimed at finding cyber attackers lurking in an organisation’s network. This solution is an addition to the Targeted Threat Services portfolio, a suite of security services designed specifically to combat targeted cyber attacks. Using cyber intelligence and proprietary hunting technology from the Counter Threat Unit (CTU) research team, experts will thoroughly search an entity’s IT networks and host computers for evidence of a compromise, leveraging pre-determined intelligence of adversaries and their methods. If threats are found, the service will outline a plan to eradicate the hackers and put defences in place to prevent them from re-entering. It is claimed that most organisations lack the threat intelligence, malware analysis and forensic capabilities needed to understand the full scope of the threat and extent of the compromise.
FINAL bm web house_001_Benchmark_jul11 08/08/2011 16:20 Page 1
www.benchmarkmagazine.com
BENCHMARK
Benchmark – dedicated to independent tests, assessments and reviews of security products and solutions
The Benchmark website is a PRODUCT TESTS All tests are fully independent, and manufacturers supplement to the monthly have no involvement in the process. Additionally, Benchmark makes no charge, financially or of any magazine, and includes a variety other kind, for inclusion in tests. All products are selected by an independent team. In short, it’s the of tests and assessments of the only way you can ascertain the truth about product latest products, as well as guides performance! to product selection, technology Tests are carried out by an independent team of experts, telling you the truth about the performance challenges and information about of a wide range of security equipment, warts and all. influential technologies in the CHECK PREVIOUS ISSUES Benchmark back issues are available on-line, in a security sector. All content fully interactive format, and can be accessed free of is taken from the published charge. If Benchmark has tested the product, then you can establish the level of performance expected editions of Benchmark, so you in the field! will not find drafts by GUIDES AND CHALLENGES The Benchmark website includes product guides, manufacturers marketing their highlighting products that have been tested, or that wares or marketing hype that is have been recommended by security installers, system integrators, specifiers and security regurgitated via so many other consultants. There are also Technology Challenges, debunking the hype by reporting real-world channels. The content is written experiences of the various technologies. in plain English, free from technobabble, and reflects STAY UP TO DATE genuine experiences with the Benchmark is always testing and assessing products and technologies. Keep up to date equipment, whether that be with the latest reports by following Benchmark on Twitter. good, bad or indifferent. The www.twitter.com/benchmarkmag website is free to view.
www.benchmarkmagazine.com
next issue_riskuk_Dec12 06/08/2013 11:41 Page 1
Next Issue
Next Issue...
38
www.risk-uk.com
Pandemic Planning
The Hacktivist Threat
According to Cabinet Office guidance published in February, ‘pandemic influenza is one of the most severe natural challenges likely to affect the UK’. While there’s no point for businesses and organisations to fly into a blind panic, or to be naïve enough to think that the pandemic risk is nonexistent, it’s also foolhardy to take the warning with a grain of salt. The pandemic alerts of the past few years should have businesses thinking about their risks and business continuity plans to ensure that they are in a position to mitigate the effects of a pandemic. In essence, a business shouldn’t panic, but they should be well prepared.
Cyber security has hit the headlines in recent times, with a wide range of incidents, breaches and emerging trends. For many businesses and organisations, the emergence of Hactivism – hacking and cyber attacks designed as acts of protest or defiance, rather than for gain – changes the risk landscape considerably, and presents many new challenges. Whilst some see such actions as ‘victimless’, the reality for businesses that are targeted is very different.
Airports, Ports and Borders Security of people, property and assets is a significant issue in many applications. However, it should be argued that in the case of airports, ports and other borders, security is paramount. In such applications, any lack of credibility in the security solution can lead to unthinkable consequences, even resulting in the loss of life.
aug 13 dir_000_RiskUK_aug12 06/08/2013 13:33 Page 1
Best Value Security Products from Insight Security www.insight-direct.co.uk Tel: +44 (0)1273 475500 ...and lots more Computer Security
Anti-Climb Paints & Barriers
Metal Detectors (inc. Walkthru)
Security, Search & Safety Mirrors
ACCESS CONTROL
Security Screws & Fastenings
Key Control Products
Empty Property & Lone Worker Alarms
Traffic Flow & Management
see our website
ACCESS CONTROL & DOOR HARDWARE
ALPRO ARCHITECTURAL HARDWARE ACCESS CONTROL
ACT Unit c1 South city Business centre Tallaght D.24 Ireland www.accesscontrol.ie tel: 00 353 1 466 2570 UK Lo Call Number: 0845 300 5204
Products include Electric Strikes, Deadlocking Bolts, Compact Shearlocks, Waterproof Keypads, Door Closers, Deadlocks plus many more T: 01202 676262 Fax: 01202 680101 E: info@alpro.co.uk Web: www.alpro.co.uk
ACCESS CONTROL, CCTV & INTRUSION DETECTION SPECIALISTS
SIEMENS SECURITY PRODUCTS
ACCESS CONTROL
APT SECURITY SYSTEMS The Power House, Chantry Place, Headstone Lane, Harrow, HA3 6NY Tel: 020 8421 2411 Email: info@aptcontrols.co.uk www.aptcontrols-group.co.uk B a r r i e r s , B l o c k e r s , B o l l a r d s , PA S 6 8
Suite 7, Castlegate Business Park Caldicot, South Wales NP26 5AD UK Main: +44 (0) 1291 437920 Fax: +44 (0) 1291 437943 email: securityproducts.sbt.uk@siemens.com web: www.siemens.co.uk/securityproducts
ACCESS CONTROL – SPECIALIST PRODUCT DISTRIBUTOR
MIRAS SECURITY SOLUTIONS LTD
ACCESS CONTROL
KERI SYSTEMS UK LTD Tel: + 44 (0) 1763 273 243 Fax: + 44 (0) 1763 274 106 Email: sales@kerisystems.co.uk www.kerisystems.co.uk
Speed Gates, Loop Detectors, LED Traffic Lights, Bi-Fold Gates, LED Traffic Signs, Turnstiles, Access Control, Bollards, Biometrics, Pay-on-Foot Solutions, Turnstile Hire, AVI Vehicle Tagging. Tel: 01633 420439 Mob: 07870 504 288 E: info@mirassecurity.co.uk W: www.mirassecurity.co.uk securitysolutions solutions security
miras
ACCESS CONTROL – SPEED GATES, BI-FOLD GATES ACCESS CONTROL
HTC PARKING AND SECURITY LIMITED
COVA SECURITY GATES LTD
4th Floor, 33 Cavendish Square, London, W1G 0PW T: 0845 8622 080 M: 07969 650 394 F: 0845 8622 090 info@htcparkingandsecurity.co.uk www.htcparkingandsecurity.co.uk
Bi-Folding Speed Gates, Sliding Cantilevered Gates, Road Blockers & Bollards Consultancy, Design, Installation & Maintenance - UK Manufacturer - PAS 68
Tel: 01293 553888 Fax: 01293 611007 Email: sales@covasecuritygates.com Web: www.covasecuritygates.com
ACCESS CONTROL ACCESS CONTROL MANUFACTURER
NORTECH CONTROL SYSTEMS LTD. Nortech House, William Brown Close Llantarnam Park, Cwmbran NP44 3AB Tel: 01633 485533 Email: sales@nortechcontrol.com www.nortechcontrol.com
ACCESS CONTROL - BARRIERS, BOLLARDS & ROADBLOCKERS
HEALD LTD HVM High Security Solutions "Raptor" "Viper" "Matador", Shallow & Surface Mount Solutions, Perimeter Security Solutions, Roadblockers, Automatic & Manual Bollards, Security Barriers, Traffic Flow Management, Access Control Systems
Tel: 01964 535858 Email: sales@heald.uk.com Web: www.heald.uk.com
SECURE ACCESS TECHNOLOGY LIMITED Authorised Dealer Tel: 0845 1 300 855 Fax: 0845 1 300 866 Email: info@secure-access.co.uk Website: www.secure-access.co.uk
AUTOMATIC VEHICLE IDENTIFICATION
NEDAP AVI PO Box 103, 7140 AC Groenlo, The Netherlands Tel: +31 544 471 666 Fax: +31 544 464 255 E-mail: info-avi@nedap.com www.nedapavi.com
ACCESS CONTROL – BARRIERS GATES & ROAD BLOCKERS
ACCESS CONTROL – BARRIERS, GATES, CCTV
FRONTIER PITTS
ABSOLUTE ACCESS
Crompton House, Crompton Way, Manor Royal Industrial Estate, Crawley, West Sussex RH10 9QZ Tel: 01293 548301 Fax: 01293 560650 Email: sales@frontierpitts.com Web: www.frontierpitts.com
Aberford Road, Leeds, LS15 4EF Tel: 01132 813511 E: richard.samwell@absoluteaccess.co.uk www.absoluteaccess.co.uk Access Control, Automatic Gates, Barriers, Blockers, CCTV
ACCESS CONTROL – BIOMETRICS, BARRIERS, CCTV, TURNSTILES
ACCESS CONTROL – MANUFACTURER
UKB INTERNATIONAL LTD
ROSSLARE SECURITY PRODUCTS
Planet Place, Newcastle upon Tyne Tyne and Wear NE12 6RD Tel: 0845 643 2122 Email: sales@ukbinternational.com Web: www.ukbinternational.com
Rosslare Security Products manufactures the Security Industry’s largest and most versatile range of Proximity and Smart Card readers.
Bletchley Park, Milton Keynes, MK3 6EB Tel: 01908-363467 Email: sales.uk@rosslaresecurity.com www.rosslaresecurity.com ISO 9001 and ISO 14001 Certification
www.insight-direct.co.uk Tel: +44 (0)1273 475500
aug 13 dir_000_RiskUK_aug12 06/08/2013 13:33 Page 2
BUSINESS CONTINUITY
BUSINESS CONTINUITY SOFTWARE & CONSULTANCY
CONTINUITY2 E232 Edinburgh House Righead Gate Glasgow G74 1LS Tel: +44 (0) 845 09 444 02 Fax : +44 (0) 845 09 444 03 info@continuity2.com
CCTV
G-TEC Gtec House, 35-37 Whitton Dene Hounslow, Middlesex TW3 2JN Tel: 0208 898 9500 www.gtecsecurity.co.uk sales@gtecsecurity.co.uk
CCTV
PECAN
BUSINESS CONTINUITY MANAGEMENT
CONTINUITY FORUM Creating Continuity ....... Building Resilience A not-for-profit organisation providing help and support Tel: +44(0)208 993 1599 Fax: +44(0)1886 833845 Email: membership@continuityforum.org Web: www.continuityforum.org
PHYSICAL IT SECURITY
Stortech Elec, Unit 2 spire green Centre Pinnacles West, Harlow, Essex CM19 5TS Tel 01279 419913 Fx 01279 419925 www.pecancctv.co.uk email sales@stortech.co.uk
CCTV / ACCESS CONTROL
GENIE CCTV LTD CCTV HOUSE, CITY PARK, WATCHMEAD, WELWYN GARDEN CITY, HERTFORDSHIRE, AL7 1LT TEL: 01707 330541, FAX: 01707 330543 EMAIL: sales@geniecctv.com www.geniecctv.com / www.genieaccess.com
RITTAL LTD CCTV/IP SOLUTIONS
Tel: 020 8344 4716 Email: information@rittal.co.uk www.rittal.co.uk
DALLMEIER UK LTD 3 Beaufort Trade Park, Pucklechurch, Bristol BS16 9QH Tel: +44 (0) 117 303 9 303 Fax: +44 (0) 117 303 9 302 Email: dallmeieruk@dallmeier.com
BUSINESS CONTINUITY 4 Scotia Close Brackmills Northampton NN4 7HR 01604 769222 www.bcontinuity.com
CCTV AND IP SECURITY SOLUTIONS
JVC PROFESSIONAL EUROPE LTD. 12 Priestley Way London NW2 7BA T: +44 (0)20 8208 6205 www.jvcpro.co.uk
BUSINESS SALES
CCTV LENSES
PENTAX RICOH IMAGING UK LTD. BUSINESS SALES Caroline Exley FCA 01925 756970 info@abalymm.com www.abalymm.com
ABA Lymm
• • • •
Business acquisitions Disposals Valuations & advice Confidential
Specialist in buying and selling security businesses
Security Systems Division, Heron Drive, Langley, Slough SL3 8PN UK Office: +44-(0)1753-21 10 71 Sales: +44-(0)7973-154 430 Fax: +44-(0)1753-21 10 90 Email: ssd@pentax.co.uk Web: www.pentax-security.com
CCTV & IP SECURITY SOLUTIONS
PANASONIC SYSTEM NETWORKS EUROPE
CCTV
Panasonic House, Willoughby Road Bracknell, Berkshire RG12 8FP Tel: 0844 8443888 Fax: 01344 853221 Email: system.solutions@eu.panasonic.com Web: www.panasonic.co.uk/cctv
MANUFACTURERS OF A COMPLETE RANGE OF INNOVATIVE INFRA RED AND WHITE LIGHT LED LIGHTING PRODUCTS FOR PROFESSIONAL APPLICATIONS INCLUDING CCTV SCENE ILLUMINATION, ARCHITECTURAL UP-LIGHTING AND COVERT SECURITY.
COMMUNICATIONS & TRANSMISSION EQUIPMENT
ADVANCED LED TECHNOLOGY LTD
KBC NETWORKS LTD.
Sales: +44 (0) 1706 363 998 Technical: +44 (0) 191 270 5148 Email: info@advanced-led-technology.com www.advanced-led-technology.com
Barham Court, Teston, Maidstone, Kent ME18 5BZ www.kbcnetworks.com Phone: 01622 618787 Fax: 020 7100 8147 Email: emeasales@kbcnetworks.com
CCTV POLES, COLUMNS, TOWERS AND MOUNTING PRODUCTS
DIGITAL IP CAMERAS
ALTRON COMMUNICATIONS EQUIPMENT LTD
SESYS LTD
Tower House, Parc Hendre, Capel Hendre, Carms. SA18 3SJ Tel: +44 (0) 1269 831431 Email: comms@altron.co.uk Web: www.altron.co.uk
Supplying digital IP camera for rapid deployment, remote site monitoring, fixed and short term installations. High resolution images available over mobile and wireless networks to any standard web browser.
1 Rotherbrook Court, Bedford Road, Petersfield, Hampshire, GU32 3QG Tel +44 (0) 1730 230530 Fax +44 (0) 1730 262333 Email: info@sesys.co.uk www.sesys.co.uk
www.insight-direct.co.uk Tel: +44 (0)1273 475500
aug 13 dir_000_RiskUK_aug12 06/08/2013 13:33 Page 3
END TO END CCTV SOLUTIONS/RECORDERS, CAMERAS, NETWORK PRODUCTS
DEDICATED MICROS 1200 Daresbury Park, Daresbury, Warrington, WA4 4HS, UK Tel: +44 (0) 845 600 9500 Fax: +44 (0) 845 600 9504 Email: customerservices@dmicros.com www.dmicros.com
INFRA-RED AND WHITE-LIGHT CCTV LIGHTING AND ANPR
RAYTEC Unit 3 Wansbeck Business Park, Rotary Parkway, Ashington, Northumberland. NE638QW Tel: 01670 520 055 Email: sales@rayteccctv.com Web: www.rayteccctv.com
TRADE ONLY CCTV MANUFACTURER AND DISTRIBUTOR
COP SECURITY Leading European Supplier of CCTV equipment all backed up by an industry leading service and support package called Advantage Plus. COP Security, a division of Weststone Ltd, has been designing, manufacturing and distributing CCTV products for over 17 years. COP Security is the sole UK distributor for IRLAB products and the highly successful Inspire DVR range. More than just a distributor.
COP Security, Delph New Road, Dobcross, OL3 5BG Tel: +44 (0) 1457 874 999 Fax: +44 (0) 1457 829 201 sales@cop-eu.com www.cop-eu.com
DISTRIBUTOR
FASTFLEX 2A Woodham Lane, New Haw, Addlestone, Surrey, KT15 3NA Contact: Chris Hobbs on 0845 276 1111 sales@fastflex.co.uk www.fastflex.co.uk
CCTV SPECIALISTS
WHY MAYFLEX? ALL TOGETHER. PRODUCTS, PARTNERS, PEOPLE, SERVICE – MAYFLEX BRINGS IT ALL TOGETHER.
PLETTAC SECURITY LTD
MAYFLEX
Unit 39 Sir Frank Whittle Business Centre, Great Central Way, Rugby, Warwickshire CV21 3XH Tel: 0844 800 1725 Fax: 01788 544 549 Email: sales@plettac.co.uk www.plettac.co.uk
Excel House, Junction Six Industrial Park, Electric Avenue, Birmingham B6 7JJ
Tel: 0800 881 5199 Email: securitysales@mayflex.com Web: www.mayflex.com
CCTV & IP SOLUTIONS, POS & CASH REGISTER INTERFACE, EPOS FRAUD DETECTION
AMERICAN VIDEO EQUIPMENT Endeavour House, Coopers End Road, Stansted, Essex CM24 1SJ Tel : +44 (0)845 600 9323 Fax : +44 (0)845 600 9363 E-mail: avesales@ave-uk.com
CONTROL ROOM & MONITORING SERVICES ADVANCED MONITORING SERVICES
EUROTECH MONITORING SERVICES LTD.
Specialist in:- Outsourced Control Room Facilities • Lone Worker Monitoring • Vehicle Tracking • Message Handling • Help Desk Facilities • Keyholding/Alarm Response Tel: 0208 889 0475 Fax: 0208 889 6679 E-MAIL eurotech@eurotechmonitoring.com Web: www.eurotechmonitoring.com
EUROPE’S MOST SUCCESSFUL DISTRIBUTOR OF CCTV, IP VIDEO, ACCESS CONTROL AND INTRUDER DETECTION SOLUTIONS
NORBAIN SD LTD 210 Wharfedale Road, IQ Winnersh, Wokingham, Berkshire, RG41 5TP Tel: 0118 912 5000 Fax: 0118 912 5001 www.norbain.com Email: info@norbain.com
EMERGENCY PLANNING SYSTEMS THREAT ASSESSMENT, REGULATORY COMPLIANCE, EMERGENCY PLANNING
DISTRIBUTORS
G4S TECHNOLOGY – ONEFACILITY Integrating people, process and technology to enable organisations and the facilities they run to achieve regulatory compliance, mitigate risk and remain one step ahead.
01684 850977 onefacility@uk.g4s.com www.1f.com
EMPLOYMENT EMPLOYEE SCREENING SERVICES
THE SECURITY WATCHDOG Cross and Pillory House, Cross and Pillory Lane, Alton, Hampshire, GU34 1HL, United Kingdom www.securitywatchdog.org.uk Telephone: 01420593830
IDENTIFICATION ADI ARE A LEADING GLOBAL DISTRIBUTOR OF SECURITY PRODUCTS OFFERING COMPLETE SOLUTIONS FOR ANY INSTALLATION.
ADI GLOBAL DISTRIBUTION Chatsworth House, Hollins Brook Park, Roach Bank Road, Bury BL9 8RN Tel: 0161 767 2900 Fax: 0161 767 2909 Email: info@adiglobal.com
www.insight-direct.co.uk Tel: +44 (0)1273 475500
aug 13 dir_000_RiskUK_aug12 06/08/2013 13:33 Page 4
POWER
COMPLETE SOLUTIONS FOR IDENTIFICATION
DATABAC GROUP LIMITED 1 The Ashway Centre, Elm Crescent, Kingston upon Thames, Surrey KT2 6HH Tel: +44 (0)20 8546 9826 Fax:+44 (0)20 8547 1026 enquiries@databac.com
INDUSTRY ORGANISATIONS TRADE ASSOCIATION FOR THE PRIVATE SECURITY INDUSTRY
BRITISH SECURITY INDUSTRY ASSOCIATION Tel: 0845 389 3889 Email: info@bsia.co.uk Website: www.bsia.co.uk
STANDBY POWER SPECIALISTS; UPS, GENERATORS, SERVICE & MAINTENANCE
DALE POWER SOLUTIONS LTD Salter Road, Eastfield Industrial Estate, Scarborough, North Yorkshire YO11 3DU United Kingdom Phone: +44 1723 583511 Fax: +44 1723 581231 www.dalepowersolutions.com
POWER SUPPLIES – DC SWITCH MODE AND AC
DYCON LTD Cwm Cynon Business Park, Mountain Ash, CF45 4ER Tel: 01443 471 060 Fax: 01443 479 374 Email: marketing@dyconsecurity.com www.dyconsecurity.com The Power to Control; the Power to Communicate
THE LEADING CERTIFICATION BODY FOR THE SECURITY INDUSTRY
SSAIB The Smoke Houses Cliffords Fort, North Shields, Tyne & Wear Tel: 0191 2963242 Web: www.ssaib.org
INTEGRATED SECURITY SOLUTIONS
STANDBY POWER
UPS SYSTEMS PLC Herongate, Hungerford, Berkshire RG17 0YU Tel: 01488 680500 sales@upssystems.co.uk www.upssystems.co.uk
UPS - UNINTERRUPTIBLE POWER SUPPLIES
ADEPT POWER SOLUTIONS LTD SECURITY PRODUCTS AND INTEGRATED SOLUTIONS
HONEYWELL SECURITY GROUP Honeywell Security Group provides innovative intrusion detection, video surveillance and access control products and solutions that monitor and protect millions of facilities, offices and homes worldwide. Honeywell integrates the latest in IP and digital technology with traditional analogue components enabling users to better control operational costs and maximise existing investments in security and surveillance equipment. Honeywell – your partner of choice in security. Tel: +44 (0) 844 8000 235 E-mail: securitysales@honeywell.com Web: www.honeywell.com/security/uk
INTEGRATED SECURITY SOLUTIONS
INNER RANGE EUROPE LTD Units 10 - 11, Theale Lakes Business Park, Moulden Way, Sulhampstead, Reading, Berkshire RG74GB, United Kingdom Tel: +44(0) 845 470 5000 Fax: +44(0) 845 470 5001 Email: ireurope@innerrange.co.uk www.innerrange.com
Unit 1 Viscount Court, South Way, Walworth Business Park Andover, Hants SP10 5NW Tel: 01264 351415 Fax: 01264 351217 Web: www.adeptpower.co.uk E-mail: sales@adeptpower.co.uk
UPS – UNINTERUPTIBLE POWER SUPPLY
RIELLO UPS LTD Unit 50, Clywedog Road North, Wrexham LL13 9XN Tel: 0800 269394 Fax: 01978 729 290 Email: sales@riello-ups.co.uk Web: www.riello-ups.co.uk
UPS - UNINTERRUPTIBLE POWER SUPPLIES
UNINTERRUPTIBLE POWER SUPPLIES LTD Woodgate, Bartley Wood Business Park Hook, Hampshire RG27 9XA Tel: 01256 386700 5152 e-mail: sales@upspower.co.uk www.upspower.co.uk
SECURITY
PERIMETER PROTECTION INFRARED DETECTION
CASH MANAGEMENT SOLUTIONS
GJD MANUFACTURING LTD
LOOMIS UK LIMITED
Unit 2 Birch Industrial Estate, Whittle Lane, Heywood, Lancashire, OL10 2SX Tel: + 44 (0) 1706 363998 Fax: + 44 (0) 1706 363991 Email: info@gjd.co.uk www.gjd.co.uk
1 Alder Court, Rennie Hogg Road, Nottingham, NG2 1RX T - 0845 309 6419 E - info@uk.loomis.com W - www.loomis.co.uk
PERIMETER PROTECTION
CASH & VALUABLES IN TRANSIT
GPS PERIMETER SYSTEMS LTD
CONTRACT SECURITY SERVICES LTD
14 Low Farm Place, Moulton Park Northampton, NN3 6HY UK Tel: +44(0)1604 648344 Fax: +44(0)1604 646097 E-mail: info@gpsperimeter.co.uk Web site: www.gpsperimeter.co.uk
Challenger House, 125 Gunnersbury Lane, London W3 8LH Tel: 020 8752 0160 Fax: 020 8992 9536 E: info@contractsecurity.co.uk E: sales@contractsecurity.co.uk Web: www.contractsecurity.co.uk
www.insight-direct.co.uk Tel: +44 (0)1273 475500
aug 13 dir_000_RiskUK_aug12 06/08/2013 13:33 Page 5
CCTV
ONLINE SECURITY SUPERMARKET
INSIGHT SECURITY
EBUYELECTRICAL.COM
Unit 2, Cliffe Industrial Estate Lewes, East Sussex BN8 6JL Tel: 01273 475500 Email:info@insight-security.com www.insight-security.com
Lincoln House, Malcolm Street Derby DE23 8LT Tel: 0871 208 1187 www.ebuyelectrical.com
FENCING SPECIALISTS
INTRUDER ALARMS – DUAL SIGNALLING
J B CORRIE & CO LTD
WEBWAYONE LTD
Frenchmans Road Petersfield, Hampshire GU32 3AP Tel: 01730 237100 Fax: 01730 264915 email: fencing@jbcorrie.co.uk
11 Kingfisher Court, Hambridge Road, Newbury Berkshire, RG14 5SJ Tel: 01635 231500
INTRUSION DETECTION AND PERIMETER PROTECTION
LIFE SAFETY EQUIPMENT
OPTEX (EUROPE) LTD Redwall® infrared and laser detectors for CCTV applications and Fiber SenSys® fibre optic perimeter security solutions are owned by Optex. Platinum House, Unit 32B Clivemont Road, Cordwallis Industrial Estate, Maidenhead, Berkshire, SL6 7BZ Tel: +44 (0) 1628 631000 Fax: +44 (0) 1628 636311 Email: sales@optex-europe.com www.optex-europe.com
Email: sales@webwayone.co.uk www.webwayone.co.uk www.twitter.com/webwayoneltd www.linkedin.com/company/webwayone
C-TEC Challenge Way, Martland Park, Wigan WN5 OLD United Kingdom Tel: +44 (0) 1942 322744 Fax: +44 (0) 1942 829867 Website: http://www.c-tec.co.uk
INTERCOM SOLUTIONS – SECURITY & COMMUNICATION
PERIMETER SECURITY
COMMEND UK LTD
TAKEX EUROPE LTD
Commend House, Unit 20, M11 Business Link, Parsonage Lane, Stansted, Essex CM24 8GF Tel: 01279 872 020 Fax: 01279 814 735 E-mail: sales@commend.co.uk Web: www.commend.co.uk
Aviary Court, Wade Road, Basingstoke Hampshire RG24 8PE Tel: +44 (0) 1256 475555 Fax: +44 (0) 1256 466268 Email: sales@takexeurope.com Web: www.takexeurope.com
INTRUDER AND FIRE PRODUCTS
SECURITY EQUIPMENT
CQR SECURITY
PYRONIX LIMITED
125 Pasture road, Moreton, Wirral UK CH46 4 TH Tel: 0151 606 1000 Fax: 0151 606 1122 Email: andyw@cqr.co.uk www.cqr.co.uk
Secure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QY. Tel: +44 (0) 1709 700 100 Fax: +44 (0) 1709 701 042 www.facebook.com/Pyronix www.linkedin.com/company/pyronix www.twitter.com/pyronix
SECURITY SYSTEMS
BOSCH SECURITY SYSTEMS LTD PO Box 750, Uxbridge, Middlesex UB9 5ZJ Tel: 01895 878088 Fax: 01895 878089 E-mail: uk.securitysystems@bosch.com Web: www.boschsecurity.co.uk
INTRUDER ALARMS – DUAL SIGNALLING
SECURITY EQUIPMENT
CSL DUALCOM LTD
CASTLE
Salamander Quay West, Park Lane Harefield , Middlesex UB9 6NZ T: +44 (0)1895 474 474 F: +44 (0)1895 474 440 www.csldual.com
Secure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QY TEL +44 (0) 1709 700 100 FAX +44 (0) 1709 701 042
INTRUDER ALARMS AND INTEGRATED SOLUTIONS
VICON INDUSTRIES LTD.
RISCO GROUP Commerce House, Whitbrook Way, Stakehill Distribution Park, Middleton, Manchester, M24 2SS Tel: 0161 655 5500 Fax: 0161 655 5501 Email: sales@riscogroup.co.uk Web: www.riscogroup.co.uk
www.facebook.com/castlesecurity www.linkedin.com/company/castlesecurity
www.twitter.com/castlesecurity
Brunel Way Fareham Hampshire, PO15 5TX United Kingdom www.vicon.com
www.insight-direct.co.uk Tel: +44 (0)1273 475500
Project1_Layout 1 05/08/2013 11:17 Page 1
VIDEO SM SMOKE DETECTION PROTECTING THE FOOD INDUSTRY Food processing presents a complex environment with high risk operations including ovens and conveyors using flammable hydraulic fluids, meaning that the risk of fire is ever present. As a video based system, monitoring the entire view of a camera and avoiding problems like smoke stratification, FireVu not only overcomes the problems experienced in such environments but also provides early fire detection. Video associated to each fire alarm supplies detailed situational awareness of the threat in hand, meaning that appropriate action can be taken. Responding at inception and not requiring the smoke to reach the vicinity of a ‘detector’, FireVu offers the best opportunity to protect commercial property quickly, limiting damage and cutting ‘down time’, which could be costly. of risk areas voles through early IlProtection essi aceaque sit veles et veriosam, conem rero vello et estiorum detection and visual warning. re quunt explandi dolorit laudicil explatiatiis
Sophisticated Smoke/Flame algorithms and false alarm rejection further reduce ‘down time’ and if accompanied by visual verification, eliminate the impact of false alarms.
Tel: +44 (0)844 822 3183 Email: sales@ad-networkvideo.com www.ad-networkvideo.com www.firevu.co.uk ©Copyright AD Group 30.07.2013