Risk UK June 2015 by Western Business Media Limited

FrontCover June2015_001 04/06/2015 15:09 Page 1

June 2015

Security and Fire Management

Security in the Urban Arena Safer and Smarter: Creating The Cities of Tomorrow International Terrorism: Current Threats and Policing Plans Understanding Violence Risk Management: Best Practice Regulatory Change: The Evolving Role of Compliance IFSEC and FIREX International 2015: Solutions Guide

Project1_Layout 1 03/06/2015 15:06 Page 1

Contents June2015_riskuk_Dec12 04/06/2015 12:46 Page 3

June 2015

Contents 31 IFSEC and FIREX International 2015

The Security Market: Solutions to Risk (pp20-22) 5 Editorial Comment 6 News Update Queen’s Speech: Government’s plans for repeal of Human Rights Act “on hold”. Cifas Fraudscape study: 27% rise in identity fraud during Q1 2015. BSIA research targets public sector attitudes on data security procurement

8 News Special: Safe Cities at IFSEC International

This month’s Risk UK Event Supplement is wholly focused on IFSEC and FIREX International, which run at London’s ExCeL from 16-18 June as part of UBM’s Protection and Management Series. Topics covered include network video, Oxygen Reduction Systems, cameras and low light performance, avoiding the risks around counterfeit fire detectors, CCTV and ‘Big Data’, data security in ‘connected’ intruder systems, integrated security management, VADs and voice sounders for evacuation, protecting commercial property from squatters and realising the potential of digital video. We also examine integrated security systems, The IFSEC Innovation Arena, video surveillance for large-scale areas and transitioning from analogue to IP

58 The Security Institute’s View 60 In the Spotlight: ASIS International UK Chapter

Given that security professionals from all over the globe will be descending on London this month for IFSEC International 2015, Risk UK sat down with some leading industry figures in a bid to delve deeper into one of this year’s key topics: Safe Cities

63 FIA Technical Briefing

11 Opinion: Tackling International Terrorism

Phil Huggins argues that the time has now come to move the cyber resilience of supply chains further up the corporate agenda and re-evaluate how such risks are managed

We’re now facing perhaps one of the biggest challenges in our history – that of the current and future threat posed by international terrorism. Mark Rowley outlines how and where the police service is targeting its security efforts

14 Opinion: Security’s VERTEX Voice Much has been made in the national media about the Government’s austerity cuts to public services. Peter Webster assesses the present state of play around ‘The Thin Blue Line’

17 BSIA Briefing James Kelly gauges the thoughts of BSIA member company representatives planning to address the topic of Safe Cities during the course of IFSEC International 2015

20 The Security Market: Solutions to Risk In the second instalment of a three-part series dedicated to Best Practice in risk management techniques, Peter Speight and Peter Consterdine concentrate on requirements-pull, the technology push, cyber threats and the resilience – and cyber security – of technology in today’s built environment

24 Security Contracts: A Question of Liability Focusing on contracts for security services, John Spratt runs the rule over liability issues and the TUPE Regulations

27 The Evolving Role of Compliance David Strachan explains why CCOs must reassess and optimise their three key enablers: people, processes and technology

66 Security Services: Best Practice Casebook 68 Cyber Security: Managing Supply Chain Risks

70 Training and Career Development Stuart Galloway formulates some practical ideas for potential improvements to security qualification assessment procedures

72 Risk in Action 74 Technology in Focus 77 Appointments All the latest people moves within the security and fire sectors

79 The Risk UK Directory ISSN 1740-3480 Risk UK is published monthly by Pro-Activ Publications Ltd and specifically aimed at security and risk management, loss prevention, business continuity and fire safety professionals operating within the UK’s largest commercial organisations © Pro-Activ Publications Ltd 2015 All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means electronic or mechanical (including photocopying, recording or any information storage and retrieval system) without the prior written permission of the publisher The views expressed in Risk UK are not necessarily those of the publisher Risk UK is currently available for an annual subscription rate of £78.00 (UK only)

Editor Brian Sims BA (Hons) Hon FSyI Tel: 0208 295 8304 Mob: 07500 606013 e-mail: brian.sims@risk-uk.com Design and Production Matt Jarvis Tel: 0208 295 8310 Fax: 0870 429 2015 e-mail: matt.jarvis@proactivpubs.co.uk Advertisement Director Paul Amura Tel: 0208 295 8307 Fax: 01322 292295 e-mail: paul.amura@proactivpubs.co.uk Administration Tracey Beale Tel: 0208 295 8306 Fax: 01322 292295 e-mail: tracey.beale@proactivpubs.co.uk Managing Director Mark Quittenton

Risk UK PO Box 332 Dartford DA1 9FF

Chairman Larry O’Leary

Editorial: 0208 295 8304 Advertising: 0208 295 8307

3 www.risk-uk.com

EditorialComment June2015_riskuk_jul14 04/06/2015 15:04 Page 4

$XGLEOH 9LVXDO 6LJQDOOLQJ

Visit us: Stand G130 6RQRV 3XOVH FHUWLÃ&#x20AC;HG E\ 1) 9G6 /3&% 6RQRV 3XOVH YLVXDO DODUP GHYLFHV KDYH UHFHQWO\ DFKLHYHG 1) DQG 9G6 FHUWLÃ&#x20AC;FDWLRQ WR (1 DGGLQJ WR H[LVWLQJ /3&% FHUWLÃ&#x20AC;FDWHV 6RQRV 3XOVH GHYLFHV FRQWDLQ 3XOVH $OHUW 7HFKQRORJ\ .OD[RQÂ·V (1 FRPSOLDQW YLVXDO QRWLÃ&#x20AC;FDWLRQ IRU ZDOO DQG FHLOLQJ PRXQW GHYLFHV 3XOVH $OHUW 7HFKQRORJ\ SURYLGHV YLVXDO QRWLÃ&#x20AC;FDWLRQV WKDW DUH XQPLVVDEOH DQG XQPLVWDNDEOH HQVXULQJ WKDW HYHU\RQH LV QRWLÃ&#x20AC;HG RI D Ã&#x20AC;UH HYDFXDWLRQ HPHUJHQF\

EditorialComment June2015_riskuk_jul14 04/06/2015 15:05 Page 5

Editorial Comment

6RQRV 3XOVH &HLOLQJ (1 &RYHUDJH &

Sonos Pulse Wall (1 &RYHUDJH :

)($785,1*

• (1 FRPSOLDQW EHDFRQ WHFKQRORJ\ • :DOO DQG FHLOLQJ PRXQW OLJKW RULHQWDWLRQV • :LGH FRYHUDJH SDWWHUQ RQH GHYLFH FDQ SURWHFW PRVW URRPV • P$ EHDFRQ FXUUHQW # +] ÁDVK UDWH

Trust in Ethics he UK is making steady progress when it comes to tackling fraud and corruption but, in relation to ethical behaviours, the myriad enforcement agencies, regulators and Boards of Directors are still struggling to translate policies into improvements. That’s one of the key findings outlined in EY’s 2015 Europe, Middle East, India and Africa Fraud Survey. The bi-annual study polled 3,800 employees of large-scale businesses in 38 countries, 100 of them from the UK. The findings reveal that 46% of UK respondents believe the level of regulation in their sector has increased in the past two years. However, only 15% said this was having a positive impact on improving ethical standards within their particular company. On a more positive note, 28% of UK-based interviewees also rated their own business’ ethical standards as being ‘Very Good’, a figure standing narrowly ahead of the 26% EMEIA average. John Smart, partner and head of EY’s Fraud Investigations and Disputes Team, commented: “While progress has been made in the UK on tackling overall fraud and corruption, high profile scandals such as LIBOR have thrust corporate ethics into the spotlight. They highlight the need to ensure that the right behaviours and values are being fostered at every level of an organisation, from the Boardroom through to the office.” Most firms in the UK have been successful at implementing policies, rules and procedures to meet fraud and bribery challenges, with a strong focus on staff training, whistleblowing hotlines and Codes of Conduct. That said, EY’s survey certainly unearths a good deal of room for improvement. For instance, 60% of those surveyed on home shores stated their company has anti-bribery or anti-corruption policies and Codes of Conduct in place, but only 25% had witnessed their organisation take action against employees for breaching them. The biggest contrast between corporate policy and perceived reality on the ground lies with whistleblowing. 79% of UK respondents’ businesses operate a whistleblowing hotline, but just 28% (which is below the EMEIA average of 32%) suggested that management always follows up on reports. “It appears that UK employees have heard it all before on antibribery and anti-corruption issues, and are lacking faith in senior management to ‘clean up’ situations that arise,” urged John Smart. “The whistleblowing statistics are particularly alarming as employees are at their most vulnerable when they choose to uncover misdemeanours within their ranks. Failing to follow up on whistleblowing allegations can seriously erode trust in an organisation’s ability to tackle fraud and corruption issues.” Inevitably, regulators and enforcement bodies have a huge role to play in helping businesses uphold integrity and ethics. Policies are just one lever among many for managing fraud, bribery and corruption risk, and it must be recognised that changing cultural behaviour is a difficult and long-term process. However, in order to meet the corporate ethics challenge, it’s fair to say that Boards of Directors will need to supplement their anti-fraud, bribery and corruption policies with consistent messaging from the top, together with the right enforcement, rewards for whistleblowers and the highlighting of role models.

Brian Sims BA (Hons) Hon FSyI Editor

Tel: +44 (0)1706 233879 ZZZ NOD[RQVLJQDOV FRP ÀUH

December 2012

www.risk-uk.com

NewsUpdate June2015_riskuk_may15 04/06/2015 18:05 Page 6

Queen’s Speech 2015: Government’s plans for repeal of Human Rights Act “on hold” he new Conservative Government has seemingly delayed its proposed plans to replace the Human Rights Act with a British Bill of Rights and Responsibilities. While many of the Conservative’s General Election Manifesto commitments appeared in the legislative agenda, the Queen’s Speech to Parliament stated only that ‘proposals’ would be brought forward for a British Bill of Rights. Although it duly appears in the Queen’s Speech, there’s no legislation, then – either in full or draft form – on a British Bill of Rights. Instead, ministers will now consult on the pros and cons of potentially replacing the Human Rights Act with a new legal framework of rights and responsibilities. An Investigatory Powers Bill will revive plans for what many commentators have previously dubbed a ‘Snoopers’ Charter’, giving State bodies wide-ranging new tools to collect and process all communications data. According to the Queen’s Speech: “New legislation will modernise the law on communications data.”

Prime Minister David Cameron

Extremism Bill: New Banning Orders

Home Secretary Theresa May

6 www.risk-uk.com

The planned Extremism Bill is designed to create new Banning Orders, Extremism Disruption Orders and Closure Orders. Liberty believes this will “curb free speech” under the guise of tackling extremist behaviour. The Bill includes measures to tackle the broadcasting of extremist material. The Government is also intent on strengthening Ofcom such that it can take action against channels transmitting extremist content. This proposed legislation will also put forward the introduction of the aforementioned Banning Orders for those extremist organisations who use so-called ‘hate speech’ in the public domain but whose activities fall some way short of proscription. New powers allowing police services and local authorities to close down premises used to support extremism are also on the cards while employers will be able to check whether or not an individual working within their company is an extremist. Prime Minister David Cameron has stated: “As the party of one nation, we will govern as one nation and bring our country together. That means actively promoting certain values. Values like freedom of speech. Freedom of worship. Democracy. The rule of law. Equal rights

regardless of race, gender or sexuality. We must say to our citizens: ‘This is what defines us as a society. To belong here is to believe in these things.’ It also means confronting head-on the poisonous Islamist extremist ideology. Whether they are violent in their means or not, we must make it impossible for extremists to succeed.” Home Secretary Theresa May commented: “The twisted narrative of extremism cannot be ignored or wished away. This Government will challenge those who seek to spread hatred and intolerance by forming a new partnership of every single person and organisation in this country who wants to defeat the extremists.”

Immigration Bill: the proposals The Government’s proposed Immigration Bill enshrines plans to criminalise undocumented migrants working in the UK and also to confiscate their earnings. The Bill would extend ‘Deport First, Appeal Later’ provisions. The Immigration Bill is most certainly designed to clamp down on illegal immigration and protect public services. To this end, it will include a new offence of illegal working, with the police service afforded necessary powers enabling the seizure of wages paid to illegal workers as the ‘proceeds of crime’. It would become an offence for businesses and recruitment agencies to hire from abroad without first advertising their vacancies in the UK. Indeed, this replicates a policy which featured heavily in the Labour Party’s General Election Manifesto. In addition, a new enforcement agency will be established in a bid to tackle what Prime Minister David Cameron has termed “the worst cases of exploitation”.

Policing and Criminal Justice Bill Meanwhile, the Policing and Criminal Justice Bill promises to “improve the law” by making local communities “safer” while also “building confidence and enhancing efficiencies” in the criminal justice system. This Bill includes plans to reform pre-charge bail in England and Wales and ban the use of police cells for the emergency detention of mentally ill people under the Mental Health Act. There are additional proposals afoot to reform the Police Federation of England and Wales, plans to extend police-led prosecutions and the potential for overhaul of the police complaints system.

NewsUpdate June2015_riskuk_may15 04/06/2015 17:06 Page 7

News Update

Cifas Fraudscape study shows 27% rise in identity fraud during Q1 2015 New data shows that identity fraud was the dominant fraud threat in the first quarter of 2015. 34,151 confirmed instances of identity fraud have been recorded by Cifas, the UK’s Fraud Prevention Service, representing a 27% increase from the same period of the previous year and accounting for just under half (47%) of all frauds recorded in Q1 2015. Identity fraud occurs when criminals abuse personal data to impersonate an innocent victim or otherwise create fictitious identities in order to obtain products and services. According to the latest Cifas Fraudscape report, recorded frauds increased by 5% in the first quarter of 2015 when compared with the same period last year. Further examination of the identity frauds recorded in the first three months of 2015 reveals: • The total number of recorded victims increased by 31% from 24,482 to 32,058 • Credit cards (14,103 confirmed cases: 41% of all identity frauds) and bank accounts (9,349 cases: 27% of all identity frauds) are the identity criminals’ preferred targets • Over 80% of all identity fraud in the first quarter of 2015 was attempted or perpetrated online • The average age for both male and female identity fraud victims is 46 years old • Those in the 21-30 age range continue to be increasingly targeted: 3,970 people in this age range were targeted by identity criminals (16% of all identity fraud victims) representing a 26% increase from 2014 These trends are in line with the major findings identified in Cifas’ latest Fraudscape report. The data shows that the trends have been maintained so far this year, and that identity fraud remains the biggest reported fraud threat among Cifas’ members. Speaking about the Fraudscape report, Simon Dukes (CEO at Cifas) commented: “Fraud figures fluctuate over time as fraudsters adapt and try new ways of achieving their aims. What these figures show is that identity fraud continues to be the most serious fraud threat. Also, the first quarter of the year has been a very profitable one for organised identity criminals.” Dukes went on to state: “Our data is just the tip of the iceberg. More needs to be done to identify the true scale of fraud in the UK and educate individuals about the dangers and the steps they can take to protect themselves.”

According to the latest Cifas Fraudscape report, recorded frauds increased by 5% in the first quarter of 2015 when compared with the same period last year

BSIA research targets public sector attitudes on data security procurement Research aimed at assessing the buying behaviour of public sector organisations seeking secure data destruction services has been launched by the British Security Industry Association (BSIA). Following a number of high profile data breaches within NHS Trusts and local authorities, secure data destruction is now a top priority across the public sector. Organisations operating within this sector have been particularly prone to poor data management, with many incurring fines of up to £500,000 from the Information Commissioner’s Office. With previous research highlighting a worrying lack of awareness regarding British Standards and legal obligations, the BSIA has decided to energise a new campaign designed specifically to educate those responsible for procuring information destruction services. Kicking off this campaign is an initial research piece. Aimed at those organisations operating within the public sector, the detailed study is designed to gauge their understanding of the various standards operating within the marketplace and to gain an overview of current procurement practices and specifications. Open to organisations of all types – and predominantly including those within the healthcare, education and local authority sectors – the research takes the format of an online survey which can be accessed via the following link: http://svy.mk/1ExAJQu (All responses will be treated as being anonymous). Adam Chandler, chairman of the BSIA’s Information Destruction Section, commented: “An overarching theme identified by the BSIA’s previous projects is a general lack of understanding when it comes to the standards that should be specified of a professional information destruction supplier. This often leads to organisations specifying unnecessarily stringent requirements with regards to factors such as shred size, transport and destruction processes.” As the leading authority on information destruction Best Practice, the BSIA’s Information Destruction Section is aiming to overcome this issue and further highlight the benefits of various standards – including EN15713 – by launching an educational campaign targeted at end users within the public sector who are considering procuring information destruction services. • Further information on EN15713 and procuring a professional information destruction company is available at: www.bsia.co.uk/information-destruction

Following a number of high profile data breaches within NHS Trusts and local authorities, secure data destruction is now a top priority in the public sector

7 www.risk-uk.com

NewsSpecialIFSECInternational2015SafeCities June2015_riskuk_apr15 04/06/2015 17:04 Page 8

Safer and Smarter: The Cities of Tomorrow Given that security professionals from all over the globe will be descending on London this month for IFSEC International 2015 (which takes place from 16-18 June at ExCeL), Risk UK sat down with some leading figures in a bid to delve deeper into one of this year’s key event topics – Safe Cities

*The Protection and Management Series is the UK’s largest event dedicated to protecting and managing property, people and information. Organised by UBM EMEA, the series incorporates IFSEC and FIREX International, Safety & Health Expo, The Facilities Show and Service Management Expo

isk UK posed key questions to DCI Mick Neville (head of the Central Forensic Image Team at the Metropolitan Police Service), Roz Euan-Smith (senior analyst for Smart Homes and Smart Cities at IHS Global) and James Hill (business development manager with NG Bailey) to gain their considered views on what we mean by Safe Cities and exactly what professionals within the security sector are actively doing to foster such environments.

Risk UK: How would you define a Safe City? Roz Euan-Smith: In 2014, IHS Technology published a report defining a Smart City as a city that has deployed, or is currently piloting, the integration of ICT solutions across three or more of mobility and transport, energy and sustainability, physical infrastructure, governance and safety and security city-based functions in order to improve efficiency, manage complexity and enhance citizens’ quality of life, in turn leading to a sustainable improvement in city operation. This year, IHS Technology plans to launch a new Smart City Intelligence Service which will also include healthcare as a core city function. In the 2014 Smart City report, the safety and security element of a Smart City was forecast to demonstrate the highest compound annual growth rate between 2013 and 2025, although it should be noted that this is growing from the smallest base. The Safe City concept is based on a consolidated IT platform which combines public safety information of different types and from different sources, obtained through sensors and multi-agency collaboration.

8 www.risk-uk.com

Risk UK: Do you think that the Safe City concept is still a relatively new one? Roz Euan-Smith: We’re seeing some really exciting examples of Smart City projects around the world, such as the Rio Operations Centre in Brazil and the New York Real-Time Crime Centre in the States. However, we see the Safe City and Smart City concepts as ones that are still evolving. Terms such as Smart City, Safe City and Future City are often used interchangeably. Just as every city is different, so too it stands to reason that every city’s approach towards smart ICT programs designed to manage particular challenges will also be different. Risk UK: What do you feel is likely to be the biggest impact that the Internet of Things will have on security and public safety in the modern city environment? Roz Euan-Smith: The Internet of Things as it relates to Safe Cities is all about how those sensors deployed across a city can be brought into a common operating picture and used to enhance the operator’s situational awareness. This can help lower response times as well as potentially predict incidents before they occur. James Hill: Put simply, the data we can harvest. Significant technical expertise is required when developing new technology and this will demand new investment in skills and training. Identifying and analysing the data will also be a challenge. The Internet of Things is arguably the biggest challenge our industry has ever faced, but if we can find a way to harness the opportunities involved then we may save energy and become more efficient while also keeping people safe. Risk UK: What do you believe to be the biggest security threats posed to smart, interconnected cities? Roz Euan-Smith: Many cities are considering

NewsSpecialIFSECInternational2015SafeCities June2015_riskuk_apr15 04/06/2015 17:04 Page 9

News Special: IFSEC International 2015 The Safe Cities Agenda

how the convergence of physical security and cyber security should be handled, and whether they ought to be unifying their approaches to both. Cyber and data security and privacy are issues of public concern so, in order for the Internet of Things to deliver the maximum potential benefits for a Smart City, a solution would need to be found for these issues. James Hill: Cyber attack has to be the answer here. Network security is now every bit as important as physical security. Network security and physical security are no longer mutually exclusive. They now go hand in hand. Risk UK: Within the next five years, what do you feel will be the most profound changes in terms of how cities operate in the real world? James Hill: The introduction of the Internet of Things in the security arena will undoubtedly bring about the most profound changes in terms of how cities operate. We’re also going to see the Smart Cities trend emerge which, with the use of digital technologies, will enhance the well-being and performance of city environments while also reducing costs and resource consumption. Risk UK: Would you class London as being a leading Safe City? Mick Neville: Yes indeed. I would class London as a leading Safe City because it has one of the best police forces in the world and an excellent CCTV network which we are learning to use more effectively and efficiently. James Hill: Yes. I would most certainly class London as a leading Safe City. As one of the most important cities on the planet, security is paramount to its success. London has achieved such a status at least in part because it offers a safe and secure environment. One of the best examples of that is the 2012 Olympic and Paralympic Games. From a technology perspective, London 2012 set the standards for all future Olympics, keeping the city and all of its international visitors safe throughout the various competitions. Risk UK: For London to advance as a Safe City, what do you suggest would be the basic requirements necessary to see that happen? Mick Neville: The effective prevention of crime and terrorism. James Hill: A more cohesive approach between security and IT professionals is going to be needed. Having a more collaborative approach means that the IT solutions offering the most

value to the city can then be implemented on both an efficient and effective basis. Risk UK: Who should attend your conference sessions at IFSEC International and why? Mick Neville: My presentation at IFSEC International 2015 will be wholly relevant for CCTV operators, manufacturers, installers, security consultants, end users such as security managers and members of the police service. James Hill: You should attend my IFSEC International presentation if you care about intelligence and what that means for big data and the Internet of Things. These terms are no longer just buzz words. Rather, they are the here and now. How we harness them is vitally important if we’re to remain safe and secure.

All of the latest surveillance technologies will be on display at London’s ExCeL in June

Safe Cities Education Programme Safe Cities at IFSEC International 2015 will focus on major topics including the protection of larger urban areas, Critical National Infrastructure and business continuity. Suited to senior and strategic personnel responsible for the protection of major assets within a city, Safe Cities will provide high level thought leadership sessions offering further insight around this fast-growing concept. Networked technologies and current trends all feature heavily in the dedicated Safe Cities Seminar Theatre which is exclusively sponsored in 2015 by Eaton. • Roz Euan-Smith will present on Smart CitiesSafe Cities on Tuesday 16 June at 2.00 pm in the Safe Cities Seminar Theatre. This session will look at the evolution and development of Smart Cities and the role of the Internet of Things in Safe City technology • Detective Chief Inspector Mick Neville follows this presentation at 3.00 pm with a detailed overview of ‘CCTV for Safer, Smarter Cities’ • James Hill’s presentation takes place in the Security Solutions Theatre at 11.00 am on Tuesday 16 June and looks at electronic security for the urban environment encompassing its developmental journey to date The 2015 Protection and Management Series of events runs from 16-18 June at ExCeL, London

“The introduction of the Internet of Things in the security arena will undoubtedly bring about the most profound changes in terms of how cities operate” 9 www.risk-uk.com

Project1_Layout 1 04/06/2015 17:46 Page 1

OpinionCounteringTheInternationalTerrorismThreat June2015_riskuk_apr15 04/06/2015 16:12 Page 11

Opinion: Countering the International Terrorism Threat

International Terrorism: Facing The Challenge organised criminal enterprises whose objectives are solely financial. Indeed, these groups feature extremely rarely in our counterterrorism operations. Rather, we’re talking about the street gangs and loosely affiliated groups of misfits, dropouts and criminals. The focus is on the type of law-breaker that we all come across in day-to-day policing and, most notably, in our towns and cities. This is but one reason why the police service’s role in countering terrorism is so vitally important.

Targeting the vulnerable

While the present security focus is understandably on the threat posed by ISIL, it’s worth making the point that the Syriarelated challenge represents just over 50% of the work conducted by the counter-terrorism network. Mark Rowley outlines how and where the police service is targeting its security efforts

he level of terrorist activity is as high as it is broad and complex. It ranges from the planning of sophisticated and co-ordinated attacks against strategic targets through to crude, spontaneous acts of violence perpetrated by self-starting lone actors. In the UK, over 700 extremists are known to have gone to Syria. That number is growing. Around half of those British extremists are believed to have returned. Many will be militarised and radicalised. They will shape the threat in the UK for the foreseeable future. There’s now increasing evidence of links between those involved in gangs, neighbourhood drug-dealing and low-level criminality and extremists, radicalisers and would-be terrorists. Those vulnerable to joining a gang can be just as attracted to joining a terrorist cause. We’re seeing this happen again and again, with many of today’s terrorists being yesterday’s street criminals. When gangs and extremists come together there are potentially grave consequences, particularly so when you consider that some of these gangs have access to firearms. While this is of course a concerning development, we are somewhat reassured that access to highpowered weaponry is extremely difficult in Britain. This is largely thanks to years of investment by the authorities in stemming the flow of devastating military-grade weapons commonly seen on the continent. In this context, the term ‘gangs’ isn’t designed to reference the drug cartels or the

Another concerning development is the deliberate targeting by recruiters and extremists of vulnerable people, including those who are homeless, in trouble with the police or harbouring mental health problems. We have also seen young people from homes with a history of domestic violence leave their families to head for Syria. Young people from troubled families can find their place and an identity in extremism. Those failing at school or at life or those with mental illnesses are vulnerable to a narrative that offers self-belief and promised rewards. These often impressionable people are being manipulated to carry out acts of violence. However, it’s not just the vulnerable who are falling for the extremist Call to Action. ISIL is also able to attract more ‘successful’ candidates, including ‘Grade A’ students, professionals, doctors and teachers who are persuaded – despite ISIL’s brutality – to join and even bring their families along. Another environment where radicalisation is a factor is the prison estate. Being in prison is becoming a key enabler for extremist activity. The number of prisoners with an extremist mindset is increasing and, unless there’s rapid and resolute effort expended to tackle this situation, we face a future where such prisoners become even more extremist and also radicalise others. One element of concern is that more than a third of the 700 British travellers have no previous counter-terrorism history with us. That creates massive challenges both in terms of a growing cohort of terrorists and uncertainty as we try to spot those who might be the next individuals to step towards terrorism. At present, the terrorist threat is rated ‘Severe’. Confronting that threat is challenging at best, but now we have an operational context in front of us that’s making this challenge more and more difficult.

11 www.risk-uk.com

OpinionCounteringTheInternationalTerrorismThreat June2015_riskuk_apr15 04/06/2015 16:12 Page 12

Opinion: Countering the International Terrorism Threat

Metropolitan Police Service Assistant Commissioner Mark Rowley: National Lead for Counter-Terrorism at the National Police Chiefs’ Council

We’re seeing an increasing threat emanating from unstable countries and failed states from which terrorists seek to plot attacks against us. Due to dysfunctional – or even non-existent – law enforcement and national security capabilities in those countries, this severely hampers our own ability to gather critical intelligence that could save lives on home shores. Putting it bluntly, there is sometimes no credible law enforcement partner to work with when it comes to preventing terrorists from projecting their threat. Regrettably, we’re also seeing a degradation in our ability to tap into the crucial information that exists in the virtual world. We are very much at risk of the Internet becoming another ‘ungoverned space’ that provides a safe haven for terrorists to radicalise others and organise attacks across the globe.

The Snowden revelations In tackling organised crime and terrorism for the last two decades, it’s fair to say that for most of this period all of the methods available to criminals around communicating with each other were within our reach. Properly authorised and lawful surveillance is, of course, critical. However, the Snowden revelations mean that terrorists and major criminals are now better informed about our techniques and potentially able to exploit blind spots. Indeed, the fall-out from the Snowden revelations led to some communications providers being less helpful to law enforcement agencies in sharing their information, in turn aggravating an already serious problem. What about the scale and range of the challenge, particularly within the Government’s ‘Pursue’ agenda? We currently have hundreds of live counter-terrorism investigations ongoing, ranging from those focused on fundraising to attack planning. 60% of those investigations are jointly managed between the police service and the Security Service, including the tenth that involve attack planning. The remainder are police-led. Around 20% involve collaboration across the regions of the national counter-terrorism policing network. One third involve work with local forces and, when it comes to taking executive action, on nearly all occasions there’s close working with local forces to manage the community concerns that can arise.

Let’s explore for a moment the critical relationship that exists between the police counter-terrorism network, the Security Service and other security and intelligence agencies. The police service and MI5 are effectively a joint task force. The relationship is the most joined-up operational collaboration I’ve seen in my service. It was not always that way, but the growing demands and the nature of the threat over the past 15 years have enabled us to form a highly effective and successful partnership. The Security Service (with its national security lead) and the police service with our public protection, investigation, intelligencegathering, disruption and prevention remit make for a formidable pairing. It’s one that’s envied across the world. Just as important as the relationship with the Security Service is the essential contribution of local policing and its links with the counterterrorism policing network. That local contribution delivered all over the country gives us thousands of pairs of eyes and ears, crucial community links built on engagement and confidence, access to covert human intelligence, ‘Prevent’ engagement and safeguarding of those who are vulnerable, an armed response capability and a joined-up investigative capability against the street-level gangs, criminals and fraudsters. As stated, the police and the Security Service are currently working on hundreds of counterterrorism investigations. Last year alone, we foiled several plots against targets in the UK and 89 people were convicted of terror-related offences. 114 individuals are now awaiting trial.

Developing strong interoperability Over the past three years, the number of counter-terrorism related arrests has increased by 56% compared with the previous three. The only quarters with more arrests were those immediately after 7/7 and 9/11. The charge rates – and volumes of individuals charged – have increased significantly over the last four years suggesting the pursuance of good quality investigations. We’ve developed a strong counter-terrorism network that sits brilliantly within policing, bridging as it does our local-to-global reach, a unique partnership with our intelligence agencies and strong interoperability and relationships with local forces.

“The level of terrorist activity is as high as it is broad and complex. It ranges from the planning of sophisticated and co-ordinated attacks against strategic targets through to crude, spontaneous acts of violence” 12

www.risk-uk.com

Project1_Layout 1 05/03/2015 12:18 Page 1

OpinionSecurity'sVERTEXVoice June2015_riskuk_apr15 04/06/2015 16:14 Page 1

Have we reached the end of ‘The Thin Blue Line’?

Much has been made in the national media about the former Coalition Government’s austerity cuts to public services and, in terms of the security space, the Police Federation of England and Wales continues to be vocal in its opposition to the proposed reduction of police officer numbers. Where is it all going to end? Peter Webster assesses the present state of play around ‘The Thin Blue Line’ – to deal with certain types of criminal act. Retail crime, for example, appears to be at the sharp end. Indeed, the British Retail Consortium (BRC) has expressed its members’ fears that the police service regards shoplifting as a ‘victimless crime’ and perhaps one which is not to be taken too seriously. To my mind, nothing could be further from the truth.

Dealing with criminality

ust a few weeks ago, an incident occurred at Corps Security’s headquarters in London’s Farringdon that could have cost us a significant sum of money. Paul Craggs, our Chief Financial Officer, received an e-mail purporting to have been sent by myself and which posed a question around how to arrange a payment to a third party. After we established that this communication was a deliberate attempt at cyber fraud, we wrote back asking for the name of the person to whom we should send our payment and their bank account details (both of which were given to us by return). Therefore, swift action could have identified the perpetrator through the bank account before the time came when it was inevitably closed. At this point, we duly called the police service to provide them with this information such that fast and appropriate action could be taken. Let’s just say that the level of disinterest with which we were met was truly shocking. Effectively, we were simply asked to report this incident so that it could be recorded, and then informed that no further action would be taken. This albeit anecdotal experience is but one example of what appears to be a worrying trend regarding the police service’s desire – or ability

Peter Webster: Chief Executive of Corps Security

www.risk-uk.com

In January this year, the BRC published details of a study which found that UK retailers recorded an estimated three million offences against them in 2013-2014, while the average value of each theft in store increased by 36% to £241 – the highest level for a decade, in fact. This rise has helped to push up the direct cost of retail crime by 18% to £603 million. Part of the problem appears to stem from the Anti-Social Behaviour, Crime and Policing Act 2014 which received Royal Assent in March last year. Section 176 makes theft from a shop of goods worth £200 or less a summary-only offence which can be considered for police-led prosecution provided a guilty plea is indicated. For some, this was seen as the authorities ‘going soft’ on shoplifters and did not take into account that a sum of just £50 can seriously affect a small shopkeeper’s bottom line. This isn’t a recent issue, though. Back in 2013, crime logs revealed that police in Birmingham were failing to record or investigate more than 60% of shoplifting offences in the city. Hard to believe, I know, but some cases were being ignored because police officers wrongly believed that shoplifting – a criminal offence under the Theft Act 1968 – was a civil offence. It would seem that this level of ignorance wasn’t just an isolated case. Despite assurances from the Police Federation that the police service does take the matter seriously, a growing raft of evidence suggests otherwise to

OpinionSecurity'sVERTEXVoice June2015_riskuk_apr15 04/06/2015 16:14 Page 2

Opinion: Security’s VERTEX Voice

the extent that shoplifting is effectively being decriminalised by stealth.

Austerity measures: the effects Of course, it’s appreciated that the police service has witnessed some massive cuts over recent years, having lost nearly 16,000 officers from forces in England and Wales – the equivalent of losing all the police forces in the South West of England. When challenged on the implications of political and economic ‘Austerity’, Paul Ford – secretary of the Police Federation’s National Detective Forum – has stated that these issues are affecting the police service’s ability to protect communities and respond to calls. The issue is as much about resource allocation as it is about numbers of police officers. Lots of time, manpower and money are thrown at thwarting the growing terrorist threat. While this is necessary, it’s at the expense of what are considered less serious crimes. Unfortunately, Joe Public is the one to bear the brunt of such decisions. My big concern is where all of this will ultimately lead us. Yes, the retail sector is already feeling the effects, but other sectors are suffering as well.

Robbery at Hatton Garden The Hatton Garden Safe Deposit Robbery both shocked and amazed me. The fact that such an audacious robbery was carried out so successfully in an age where surveillance, access control and alarm technology has never been more sophisticated was simply incredible. The thieves involved even managed to come and go on two separate occasions. Reports suggest they first entered the building after 9.00 pm on 2 April and then left shortly after 8.00 am on 3 April. They then returned to the scene soon after 10.00 pm on 4 April and were recorded on CCTV leaving the premises at around 6.40 am the following day. It also appears that the police decided not to respond to an intruder alarm alert issued by the Alarm Receiving Centre. We’re yet to discover why, but in a statement Scotland Yard said: ‘It’s too early to say if the handling of the call would have had an impact on the outcome of the incident.’ Given what we now know, I think that it would have been prudent to have at least attended the scene. Not doing so proved to be a very costly mistake. While more details about this staggering incident will likely emerge in due course, it’s abundantly clear that there was a ‘disconnect’ at some point in the process and that follow-up actions were not carried out in the proper

fashion. A more joined-up approach to the building’s security provision would have created an effective operational system whereby others would have been asked to investigate such an event and more sophisticated technology implemented. For example, we’ve all seen the image of the hole that was drilled to gain access to the safety deposit boxes, so was a seismic detection solution in place and was the intruder alarm system correctly specified?

Should we take it on the chin? Those who’ve had the utterly grim misfortune to be the victims of burglary, vandalism or criminal damage will know only too well that, in most cases, the issuing of a crime reference number is the full extent of police involvement. It appears to me that the victims of crime are being forced into a position whereby the only alternatives to police inaction are to launch a costly and time-consuming civil legal action, or else simply take it on the chin. From my own point of view let me tell you that I’m extremely uncomfortable with both scenarios, and firmly believe that the only way in which to prevent crime paying is to have a robust and effective police service that acts as a deterrent to those with criminal intent. To put it bluntly, anything less than that scenario places us all in danger.

*The author of Risk UK’s regular column Security’s VERTEX Voice is Peter Webster, CEO of Corps Security. This is the space where Peter examines current and often key-critical issues directly affecting the security industry. The thoughts and opinions expressed here are intended to generate debate among practitioners within the professional security and risk management sectors. Whether you agree or disagree with the views expressed, or would like to make comment, do let us know (e-mail: pwebster@corpssecurity.co.uk or brian.sims@risk-uk.com)

“Lots of time, manpower and money are thrown at thwarting the terrorist threat. While this is necessary, it’s at the expense of what are considered less serious crimes” 15

www.risk-uk.com

Project1_Layout 1 03/06/2015 14:38 Page 1

ALL WILL BE REVEALED... Join us at IFSEC where we’ll be announcing some exciting new developments. To celebrate, we’re giving away a host of prizes including thousands of pounds’ worth of Amazon vouchers, product discounts and much, much more. Simply ﬁnd the card inserted in this magazine, scratch away the panel, and bring it to the Vista stand to see what you’ve won – there’s a prize for every card! In addition, come along to see the new winning combination of qulu and HP. Working in partnership, we have developed a range of servers to support the new qulu 2.3 software. Features of this latest software edition include video wall, failover and integration with Paxton Access Control.

VISIT US AT: Stand D1300

HD CCTV FROM VISTA

g Web: vista-cctv.com

g Email: info@vista-cctv.com

g Tel: 0118 912 5000

BSIABriefing June2015_riskuk_may15 04/06/2015 12:44 Page 2

BSIA Briefing

Safe Cities: The Security Agenda ue to the complexity of today’s modern city environments the potential for the unexpected to happen at any time most certainly exists, as recent terrorist attacks in Paris, Ottawa and Sydney have illustrated all too starkly. Alongside this truism, the widespread public disorder associated with the London riots of 2012 flags up just how quickly situations can – and very often do – escalate in a social media-savvy world where large numbers of individuals may be drawn to our cities’ streets in a relatively short space of time. Beyond such headline-grabbing situations which, seemingly, appear ‘out of the blue’, cities are also the location of choice for planned events like the Olympic Games, protest marches and music festivals where those taking part – not to mention the wider community – need to be kept safe and secure. Of course, it’s not just physical disruption which city managers should have on their radar. There’s also the whole cyber security aspect which, increasingly, has to be factored-in to any Safe Cities equation. That’s the message from Mike O’Neill, managing director of British Security Industry Association (BSIA) member company Optimal Risk Management and chairman of the BSIA’s Specialist Services Section who’s scheduled to speak on the subject of Security Risk Management for Safer Cities during IFSEC International 2015. O’Neill is keen to discuss some of the risks that can emerge as the operation of cities, including their transport infrastructure, becomes even smarter and more centralised. “The key challenge that strikes me,” stated O’Neill, “is that with the drive for connectivity and interconnectivity comes a great deal more vulnerability.” O’Neill explained that the more centralised the form of control cities adopt to enhance efficiency, the more attractive they become – potentially, at least – to those who may wish to destabilise them. “We could be talking about hackers creating mischief just for fun through to terrorist groups or even State actors and their proxies who may be seeking to cause asymmetric confusion,” stressed O’Neill. He cited the example of what happened with the Sony Pictures attack and how problematic that was to one organisation, venturing that for an entity on the scale of a large city such an attack could prove even more disruptive. “If you think about a city that has interconnectivity then the vulnerability is huge.

With IFSEC International 2015 running at London’s ExCeL from 16-18 June, one subject that’s topping the agenda in this ever more complex, challenging and interconnected world is how the private and public sectors can work together more effectively in keeping our fast-growing urban centres safe and secure. Given this reality, James Kelly gauges the thoughts of BSIA member company representatives planning to address the topic of Safe Cities during the show Going forward, this is one aspect about which we need to be much more aware.”

Joined-up security thinking For his part, Geoff Zeidler – immediate past chairman of the BSIA and lead on the Police and Security (PaS) Group initiative on behalf of the Trade Association – feels that collaboration between the police service and the private security sector is an absolutely pivotal element in making cities safer. As part of the Safe Cities Academy at IFSEC International 2015, Zeidler will be outlining how, within this context, Best Practice is being developed across the city of London. Certainly, police service and security sector partnerships have become much more prevalent in the past few years. Project Griffin was the first significant engagement between the police and the private security sector with a focus on training. More recently, national celebrations such as Her Majesty The Queen’s Diamond Jubilee and the London 2012 Olympic and Paralympic

James Kelly: CEO of the British Security Industry Association

www.risk-uk.com

BSIABriefing June2015_riskuk_may15 04/06/2015 12:44 Page 3

BSIA Briefing

Games certainly created an unprecedented demand for collaboration. The latter served as a catalyst for the CrossSector Safety and Security Communications (CSSC) initiative, itself designed to cascade important information relating to security among key partners involved with the Games and which was then developed as a legacy project (and replicated north of the border for 2014’s Commonwealth Games held in Glasgow). Putting the PaS Group into context, Zeidler revealed that the concept was first considered by the BSIA and the Metropolitan Police Service after the 2012 Games, but then found new impetus as a result of the Mayor of London’s Office for Policing and Crime’s Business Crime Strategy. In essence, the PaS Group is focused on finding ways to build effective collaboration, starting in London but also aiming to ensure consistency across the UK. “We launched a consultation to identify what all the ‘capability’ participants see as the enablers and barriers to success,” commented Zeidler. “This process generated an excellent response, the detailed results of which we are about to release. The other steps involved were to map existing local and national collaboration projects to improve co-ordination and identify Best Practice and then to develop a ‘roadmap’ that establishes what success looks like and the steps needed to achieve it.” Zeidler doesn’t underestimate the scale of the task at hand and the need for support from the entire security sector. “This is a key issue for all parties, and one in which hundreds of organisations have shown that they’re keen to be involved in solving. We’ve now established work streams focused on Effective Collaboration, Information and Communications and Standards and Training that are seeking to provide better clarity and simple guidance in these areas. We have also enjoyed fantastic support from the Metropolitan Police Service’s Business Hub, which is starting to produce a regular newsletter for subscribers.”

Prospect of safer searches At IFSEC International, Dirk Wilson – managing director at Sector Security Services and vicechairman of the BSIA’s Police and Public Services Section – is offering his thoughts on how to support Safe Cities and major events within the context of security searches.

“If you think about a city that has interconnectivity then the vulnerability is huge. Going forward, this is one aspect about which we need to be much more aware” 18

www.risk-uk.com

A particularly pertinent topic at the moment, according to Wilson, as the BSIA has just developed a new Code of Practice for Security Searches. This landmark document sets out welcome guidance on the searching of individuals, areas, buildings and vehicles. As well as highlighting the specific content of the Code of Practice at IFSEC International, Wilson will be exploring the wider lessons that emerged from the London 2012 Olympic Games search procedures, the importance of having a standard in place for personnel carrying out searches and why this has the potential to unlock greater police and general public confidence in the private security sector (and its ability to provide support at major events). Tackling security searches, Wilson believes that a Code of Practice also offers a measure of reassurance for practitioners – ie security officers – conducting searches and those whose people and assets they are protecting, and particularly so when they’re faced with problematic individuals.

Conversion to a British Standard On the subject of whether there are any common pitfalls or issues associated with security searches that the BSIA’s new Code of Practice seeks to address, Wilson responded that one area which immediately springs to mind relates to the use of CCTV in search areas. “This is now something that’s part of a key recommendation,” replied Wilson. “It makes sense in a person-to-person search situation, for example, to have a secondary individual with oversight and that all procedures are recorded in an area monitored by CCTV.” Wilson added that, to convert the Code of Practice into a British Standard, the next stage is to implement an open and full industry review alongside obtaining comments from public bodies such as the police service. “It’s only after a fairly stringent analysis and assessment that the Code will have a chance of reaching the goal of becoming a recognised British Standard.” Given the challenges which today’s cities face in order to maintain safe and secure environments, the message has to be that it makes sense for municipalities – and other public sector bodies – to unlock the expertise which the private security sector can offer, whether that be through partnership initiatives, the development of Best Practice guidance or remaining up-to-speed with the latest criminal and terrorist threats. It’s also crucial that managers remain abreast of the myriad techniques that can be applied to bridge any potential gaps in security.

Project1_Layout 1 02/06/2015 13:38 Page 1

Improving your vision with our solutions. Working with you to deliver safe, secure and sustainable projects. At the forefront of design innovation, weâ&#x20AC;&#x2122;ve been providing safety and security for homes, education, commercial and industrial developments for almost 70 years. Our portfolio includes RoSPA approved, LPS 1175 certiďŹ ed and Secured by Design preferred security fencing and gate solutions, environmental noise barriers, storage, automated access control and decorative timber fencing, gates and landscaping features; all designed to give a service life well beyond our 25 year guarantee.

Timber and steel fencing

Vehicle and pedestrian gates

CPD training

Vehicle access and parking control

Access control

Cycle, recycling and fuel storage

Noise barriers

Pedestrian safety

I CE LI

YEARS

AR NT A

AT ME N

YEARS

AR NT A

M AT I

MONTH

Call 0800 41 43 43 to speak to an expert

Find out about our products and services including drawings, data sheets, Q40s and CPDs at www.jacksons-fencing.co.uk.

AR NT A

www.jacksons-fencing.co.uk

PrioritisingRiskManagementIssuesandRiskResponse June2015_riskuk_apr15 04/06/2015 16:15 Page 20

The Security Market: Solutions to Risk In the second instalment of a threepart series dedicated to Best Practice in risk management techniques, Peter Speight and Peter Consterdine concentrate on requirements-pull, the technology push, cyber threats and the resilience – and cyber security – of technology in today’s built environment

www.risk-uk.com

hen it comes to risk management, we could save ourselves a good deal of work if we jumped straight to ‘The Solution’ without defining ‘The Problem’, so why don’t we do just that? Simply put, if we take this shortcut we’re likely to find our solution may not be the best choice among possible alternatives or, worse still, that ‘The Solution’ doesn’t even solve ‘The Problem’. Defining requirements and adhering to developing solutions to address those needs is often referred to by the phrase ‘requirementspull’. In this scenario, end user requirements drive product development and equipment installation and guide the path forward as necessities dictate. This is a powerful circumstance in which fulfilling requirements becomes the key focus of product development and no possible solution is disregarded. At the other extreme is its opposite: the ‘technology push’. Here, we start with a solution – perhaps a new technology – and see what problems it might enable us to solve. The danger in this approach is becoming enamoured of ‘The Solution’ and neglecting to ensure that it does solve ‘The Problem’. With technology push, it’s likely that actual user requirements may be modified or even ignored in order to ‘force-fit’ the desired solution. Technology push should not be ignored. If the goal is successful transition to the field with acceptable risk, the technology being pushed must be compared with alternative solutions against a set of user requirements. Aside from assuring that ‘The Solution’ actually solves ‘The Problem’, requirementspull driven design has a further advantage in

that the requirements provide criteria against which a product’s successful deployment can be measured. Specifically, if the security product was developed to address a set of quantified operational requirements then its success is measured by operational test and evaluation to validate that an end user can use the product and achieve their operational goals.

The Cyber Dimension Recent terrorist attacks have highlighted the risks associated with ‘home-grown’ Islamic extremist terrorism in the form of physical shootings and bombings, but what about computers and terrorism? What’s the worry? When a number of businesses were asked in a recent survey what action they’ve taken in response to the risk of political violence, companies who took part in the research referred to increased computer security. As many as 40% of all firms and 55% of larger companies state that they’ve raised their spend on IT security to confront such threats. Today’s violent groups are adept at using IT for communication and networking. Indeed, some of them employ online sources to market their cause or recruit and train members. However, this kind of activity must be distinguished from an attack designed to disrupt or damage the victims’ IT networks. There are some politically motivated hackers who’ve defaced websites or launched Denial of Service attacks on corporate IT systems. These cyber crimes can be expensive, but they’re more likely to be initiated by ordinary hackers. Usually, the definition of cyber terrorism is restricted to infiltration of IT systems with intent to damage whatever is controlled. Overall, there are a host of good reasons to invest in IT security. Terrorists and other violent groups may not alter significantly the kind of risks faced or indeed the solutions needed, but they do add to the urgency of the problem. Statistically, 93% of large corporations and 87% of smaller businesses reported a cyber breach in 2012. On average, every month no less than 33,000 malicious e-mails are blocked at the Gateway to the Government Secure Intranet (GSI). These e-mails are likely to contain – or link to – sophisticated malware. Cyber attacks can have a major impact on a business, its supply chains and customers. Monetary theft may result due to financial systems being accessed. Hackers may also infiltrate systems to steal trade secrets or valuable intellectual property. Business

PrioritisingRiskManagementIssuesandRiskResponse June2015_riskuk_apr15 04/06/2015 16:15 Page 21

Prioritising Risk Management Issues and Risk Response

interruption may be realised due to the shutting down of critical systems. There’s also the potential loss of customer, employee or other commercially sensitive data as well as damage to brand through loss of customer trust or malicious attack. In November 2011, the Government launched the ‘UK Cyber Security Strategy: Protecting and Promoting the UK in a Digital World’. The strategy acknowledges the importance of a safe cyber environment for business. Its basic purpose is to inform professionals involved in the development and operation of intelligent or smart buildings about the resilience and cyber security issues potentially arising from a convergence of technical infrastructures and computer-based systems. The cyber risks include viruses, identity theft (spyware, WiFi eavesdropping and hacking, etc) and threats to wealth (ie fraud and identity theft possibly arising from spam e-mails). Creation of intelligent or smart buildings requires greater integration of systems, both in terms of the operational and business solutions used by building occupants and a wide range of infrastructure systems. Typically, this is being achieved through the convergence of technical infrastructure and the use of readily available commercial and open source technologies.

Resilience in the built environment Although the initial focus for the designers of intelligent or smart buildings has been on developing solutions to make them more energy-efficient, there’s now an increasing focus on the interaction of systems. The drivers for intelligent buildings – and, therefore, systems integration – arise from the need for new energy-efficient interventions, real-time decision support systems, enhanced building and personnel security and better management information dashboards offering access to Key Performance Indicators. Economic and environmental factors place increasing pressure on building owners and operators to adopt a converged (ie common or shared) IT infrastructure and to achieve integration between multiple electronic systems supporting building management functions and business applications. Given that systems integration blurs the boundaries between traditional roles and responsibilities in any organisation, it’s important to adapt business practices and governance processes to work effectively across organisational boundaries. In view of the significant level of systems convergence in intelligent buildings and the consequent higher probability of systems

failure, the design of the built environment should take resilience into account. Sharing of IT infrastructure and the integration of corporate IT and industrial control systems – including building systems – in an intelligent building poses a number of design and operational challenges if a safe, secure and resilient environment is to be achieved. Whenever upgrades or new investments are planned, a strategic review of new or upgraded threats should inform and underpin the requirements and design brief. From a resilience perspective, the greatest threat to a building is likely to come from single points of failure which may be the building fabric or structure, utilities, infrastructure, systems or processes. When considering the potential threats to a building, any assessment should take into account non-malicious acts, malicious acts (by employees, contractors, visitors and, in open access buildings, the public) and potential effects of natural causes. A serious challenge with some incidents – more so those that are cyber security-related – may be identifying the cause of an episode. The task is particularly difficult where there’s a lack of data or system logging and audit.

Focus on the design phase

Dr Peter Speight CSyP DBA MPhil MSc MIRM: Director of Risk and Consultancy at Securitas

During the design phase of a building project, appropriate solutions to the resilience and cyber security requirements should be

Peter Consterdine is Managing Director of Future Risk Management

“If the goal is successful transition to the field with acceptable risk, the technology being pushed must be compared with alternative solutions” 21

www.risk-uk.com

PrioritisingRiskManagementIssuesandRiskResponse June2015_riskuk_apr15 04/06/2015 16:16 Page 22

Prioritising Risk Management Issues and Risk Response

*Next month: Physical Security Information Management – the active bridge between security and information technology

developed. As part of a design assurance exercise, the proposed design should be assessed to ensure that it hasn’t introduced any new or unforeseen risks. Bear in mind that assuring the continuity of intent through the construction phase may require investment in competent resources. During construction of the building, resilience and cyber security issues need to be addressed while managing the supply chain, monitoring design integrity, maintaining physical security and implementing systems security. Once the building is in operational use, its resilience should be proactively managed to prevent any unforeseen or emergent loss of that resilience and to identify any additional requirements arising from changes in the building’s use. The building’s IT systems are at risk from the outset. The application of some 20 developed critical controls can provide protection by detecting reconnaissance, preventing unauthorised access or actions, detecting any such unauthorised access or actions and mitigating cyber security events. When changes to the building, its infrastructure, systems and use are being planned and implemented, the impact on resilience and cyber security should be assessed and appropriate steps taken to address any new or modified risks. This should include assessment of the impact of any decommissioning procedures. A key theme in these solutions is the increased IT-based interaction between physical assets with supporting communications, energy and transport infrastructures. Examples of this integration would include an intelligent building interacting with the smart grid to manage energy demand and ensure the most economic use of supply tariffs. In the future, it could include interaction with urban transport systems to inform building users of the current local travel situation. This integration affects both the operational and business systems used by the buildings’ occupants and a wide range of infrastructure systems that maintain a comfortable, safe and secure environment. Historically, this integration has been difficult due to the proprietary nature of many building systems. However, the increasing adoption of open standards and commercial ‘off the shelf’

“A serious challenge with some incidents may be identifying the cause of an episode. The task is particularly difficult where there’s a lack of data or system logging and audit” 22 www.risk-uk.com

products to build these systems – for example TCP/IP networking and the use of commercial operating systems – has now rendered integration very much easier. Unfortunately, the use of these technologies can create significant issues from a resilience and security perspective. For instance, some software products have ‘remote access’ links inbuilt, connecting them to their suppliers for upgrade and maintenance support by default, while the increasing use of browser-based control interfaces has encouraged some manufacturers to require Internet access to their systems for condition monitoring and diagnostic purposes. If these remote connections are not adequately protected and managed they create vulnerabilities and adversely affect system security and resilience. The greatest economic and environmental benefits are likely to be derived from the deployment of new automation and control systems that take information from business solutions and data from sensor networks and building set-ups to automate routine functions, maintain an optimum environment and ultimately achieve improved performance. Chaos can result when there are system failures or unwanted/unauthorised human intervention. The more complex the technology and the greater the reliance on its fault-free operation, the greater the need will be for integrity, availability and confidentiality from a safety, security and reputational perspective.

What is an intelligent building? The precise definition of an intelligent building varies around the world. Although there’s no agreed definition, there is a common theme – the integration of technologies. We would define an intelligent building as one that provides a responsive, effective and supportive environment within which an organisation can achieve its business objectives. Intelligent buildings may also be referred to as smart buildings. The fact that a building contains some of the listed systems (HVAC controls, access control, lighting control, intruder alarms, security/CCTV, fire alarms, water management, waste management and utilities, stand-by generators and UPS, etc) does not make it an intelligent building: it’s the systems integration to achieve operational efficiencies, energy efficiency, additional functionality or other user benefits that delivers the intelligent element. An intelligent building is one that needs to be designed and operated such that it provides a safe, secure and highly resilient environment.

Project1_Layout 1 04/06/2015 17:53 Page 1

Specialist Security Products for Professionals Tried & tested products that deliver what they promise.

Roller Barrier the nonaggressive anticlimb product that protects your perimeter and flat roofs against climbers without the risk of causing impalement injury

...other stock products include; l Search Mirrors l Security Screws l Metal Detectors l Random Search Selectors

l Safety & Security Mirrors l Window Security Bars l Safety Products l Bird Free the Safe & Instant Bird Deterrent

...and there are hundreds more to choose from

Proven products Free expert advice Risk Free No Quibble Money Back Guarantee With hundreds of Security and Safety products available for next day delivery, ...whatever your needs we’d love to help, see “Roller Barrier” and our full product range at:

www.insightsecurity.com

Units 1&2 Cliffe Industrial Estate Lewes, East Sussex, BN8 6JL tel: 01273 475500

NegotiatingContractsforSecurityServices June2015_riskuk_apr15 04/06/2015 17:01 Page 24

Security Contracts: A Question of Liability

In the second instalment of an exclusive two-part series for the readers of Risk UK focused on contracts for security services, John Spratt runs the rule over liability issues, the TUPE Regulations and the termination – or suspension – of security contracts

Disclaimer While everything has been done to ensure the accuracy of the contents of this article and its predecessor (‘Contractual Basics, Negotiations and Risk’, Risk UK, May 2015, pp24-25), Spratt Endicott LLP points out that these articles are intended as a general guide only. The articles are not fully comprehensive and do not constitute legal advice. Specific legal advice should always be sought in relation to the particular facts of a given situation

www.risk-uk.com

iability is often a source of protracted negotiation between buyer and seller. Each should enter into negotiations with a thorough knowledge of the extent of their own insurance. The seller will be unwilling to accept liability which goes beyond the level of the insurance that they can reasonably obtain in the market. The buyer should pay due regard to the insurance cover they already have in place. The buyer may well ask to be named as an additional insured party on the seller’s insurance policy, and to receive satisfactory evidence of the seller’s policies. The seller will usually not object to this but will object – as would their insurer object – to the buyer’s request to take priority in payment of compensation from the insurer or for the insurer to surrender its rights of subrogation. The seller will object to any attempt by the buyer to impose strict or no fault liability (ie liability in the absence of breach of contract, negligence or breach of statutory duty). This type of liability would arise out of words such as: ‘The seller will indemnify the buyer against any loss incurred by the buyer arising out of the seller’s performance of the services’. It’s possible for liability to arise on that basis without any fault on the part of the seller. Generally speaking, sellers’ insurers will not cover this risk since it is, in effect, a blank guarantee which takes us back to the output basis of description of the services which sellers and their insurers alike try to avoid. Buyers – and notably American buyers – will try to obtain their remedy for breach of contract, negligence or breach of statutory duty by means of an indemnity given by the buyer.

This means that the buyer will be entitled to be reimbursed directly for the cost of any loss they suffer without the need to mitigate that loss (and even if, overall, that particular breach and the loss which comes from it is compensated by other aspects of the contract such that, again overall, the buyer is in no worse a position as a result of the seller’s breach than they were beforehand). For this reason, the seller will argue that the buyer’s remedy should be in common law damages only. The expressions ‘Consequential loss’ and ‘Financial loss’ are not legal terms of art and, if they’re used in a contract, they should be carefully defined by reference to the specifics of the buyer’s business. Frequently, attempts in standard terms of business of the seller to exclude consequential loss altogether will give rise to the possibility that a court will find this exclusion unreasonable and, therefore, unenforceable under the principles set out in the Unfair Contract Terms Act 1977. Be aware that this Act doesn’t apply to negotiated contracts. The buyer may try to impose unlimited liability on the seller. The seller will invariably object and a negotiation will follow to agree limitation of the seller’s liability. The same negotiation will be necessary if the starting point is the seller’s contract which contains exclusions and restrictions that are too wide.

Ways in which to restrict liability There are several ways in which liability can be restricted, including requiring the buyer to give notice of the claim as soon as possible and in any event within a short time frame (after which the claim falls away). Liability can be excluded to the extent that the loss is caused by the buyer’s failure to implement the seller’s advice. It’s also possible to agree separate caps on each category of the seller’s liability. Each cap can be agreed in the following categories: aggregate liability over the entire life of the contract, aggregate liability in each year of the contract or liability per claim (or series of linked claims). Sellers will generally object to liability to indemnify the buyer against claims made against the buyer by third parties, certainly unless liability is limited. For their part, buyers sometimes omit a force majeure clause from their first draft. The seller will always require it to be reinstated. It means that the seller will not be liable for failure to perform the contract for reasons beyond their

NegotiatingContractsforSecurityServices June2015_riskuk_apr15 04/06/2015 17:02 Page 25

Negotiating Contracts for Security Services

control. Force majeure is not a legal term of art and needs to be defined after negotiation. The Transfer of Undertakings (Protection of Employment) Regulations have significant effect in pretty well every security contract and are particularly significant when it comes to security guarding contracts. The effect of the TUPE Regulations is that any employee wholly engaged in the security operation for the buyer – whether employed by the buyer direct or employed by the buyer’s then current security service provider – will automatically transfer to be employed by an incoming provider on the date that the contract takes effect. This is ‘a TUPE transfer’. In law, the effect of a TUPE transfer is that the new employer becomes liable for any claims which the transferring employee may have against their old employer, and will also be responsible for continuing such employees’ Terms of Employment in relation to salary, benefits, hours and overtime, etc.

Agreement on special terms Set against this background, it’s good practice for a company outsourcing its security services to require the provider to agree on a number of special terms relating to their employees including the following: • an obligation on the provider to supply full and accurate employment information to the incoming provider • not to change the Terms of Employment of their relevant employees – or remove those employees from their tasks without the agreement of the buyer – within the six months before termination of their contract (this is to avoid the outgoing provider creating a ‘poison pill’ for an incoming provider) • an indemnity against any loss or claim suffered by the company or an incoming provider from a transferring employee in respect of events occurring before the transfer These provisions protect the buyer as they negotiate a new contract with a seller in several ways. If the seller asks for a price adjustment in the event that the employment information is wrong, the buyer can assign to the seller their right of recourse against the outgoing provider. The buyer will not confront difficulties in persuading the seller to take on the contract as a result of the outgoing provider changing employment terms or removing good employees from the contract. In addition, the buyer will be able to pass on to the seller the right of indemnity from the outgoing provider in respect of claims from transferring employees deriving from events before the transfer.

The buyer and seller should have no difficulty in agreeing a mutual ‘no poaching’ of the employees’ provision. Finally, the buyer should not expect to have the right – unilaterally and without justification – to require the seller to remove an employee from the buyer’s contract: this could leave the seller exposed to a claim by that employee for discrimination or constructive unfair dismissal. The buyer’s right to require removal should be qualified that it doesn’t cause the seller to do anything unlawful. This enables the seller to carry out a fair procedure under the employment legislation in order to achieve the buyer’s requirement.

Contract termination or suspension The buyer will frequently require – and succeed in obtaining – the right to terminate for convenience (in other words, without cause) on three months’ notice. The seller may ask for such a provision but will rarely succeed. Termination for breach of contract on the part of the seller should be qualified by the buyer’s requirement to give notice of the breach, in turn affording the seller the opportunity to remedy within a reasonable time. Suspension of provision of the services by the seller (or even termination of the contract by the seller) for late payment by the buyer is often negotiated on the basis that the seller has to give two or even three successive written notices, each one within a certain period of the other such that there’s no possibility that termination or suspension of services will occur where it’s not absolutely justified. Either the buyer or the seller may require to be able to terminate the contract in the event that there’s a change of control of the other party. Such a clause needs to be negotiated against the specific background of each company, bearing in mind the possibility that control may change to a competitor. Contracts will almost always be expressed to terminate automatically on the insolvency of the other party. The seller may ask for the ability to terminate the contract in the event that, for reasons beyond its control, it’s unable to continue to have adequate insurance cover for the services provided. Often, this issue is resolved by the seller agreeing that its right to terminate goes if the buyer can procure that insurance for the seller at the seller’s expense.

John Spratt: Corporate Partner at Spratt Endicott

Summary If the contract process is managed properly using the processes described, and with proper preparation and understanding of the issues likely to be negotiated, the contract negotiations can be achieved within a good timetable, on time and with an enhanced working relationship between buyer and seller

“In law, the effect of a TUPE transfer is that the new employer becomes liable for any claims which the transferring employee may have against their old employer” 25

www.risk-uk.com

Project4_Layout 1 07/11/2014 16:05 Page 1

Securitas, a true focus on Security The skills of our people, alongside the best in technology produce total integrated solutions that safeguard your business.

0800 716 586 www.securitas.com

RegulatoryChangeandBusinessCompliance June2015_riskuk_apr15 04/06/2015 16:18 Page 2

Regulatory Change and Business Compliance

The Evolving Role of Compliance here’s now an increasingly ethical dimension to the issue of regulatory compliance. Indeed, Martin Wheatley – CEO of the Financial Conduct Authority – has moved to contrast the “ethics of obedience” with the ethics of care and reason1. However, this is not purely a UK phenomenon. William Dudley, president of the Federal Reserve Bank of New York, has spoken of his supervisors looking for evidence of “consistent application of ‘should we’ versus ‘could we’ in business decisions”2. Regardless of the precise words or formulation chosen, it’s clear that there’s now an increasing expectation from supervisors that companies will act on an ethical footing. Businesses must ensure that they have the right culture in place to deliver their strategy and compliance with the laws and regulations to which they are subject. Unlike capital and liquidity, which can be translated into pounds and pence, the ethical dimension of compliance requires judgement. Supervisors are looking beyond the letter of the law to assess if the right action was taken, even when regulation was silent on the matter. While it’s true that this concept has always existed, it’s increasingly being applied to supervision, both prudential and conduct. This poses particular challenges for the Chief Compliance Officer (CCO), and particularly so if issues are assessed by supervisors with the benefit of hindsight.

Who’s responsible for compliance? In order to embed a strong culture, the focus needs to shift towards promoting behaviours which encourage all staff to take responsibility for doing the right thing all of the time. This is a positive development in that it actively reinforces accountability within the (business) front line. However, it also raises some questions about where the CCO’s role begins and finishes. If compliance is a collective responsibility, what then is the purpose of the compliance function? In many organisations, the compliance function encompasses elements of advisory (including, in some cases, legal advice), monitoring, assurance, control and the management of regulatory relationships. This can blur perceptions. Is the compliance function working in partnership with the business – a ‘Big Brother’ peering over the shoulders of the company and challenging

The personal accountability regime, greater emphasis on judgmental supervision and an evolving regulatory environment are all making the role of the Chief Compliance Officer ever more important and complex. David Strachan explains why those officers have to reassess and optimise their three key enablers: people, processes and technology every action – or a combination of both? If the answer to that last question is ‘Yes’, there’s a material issue about how the compliance function can be a truly independent second line of defence if, for example, it’s challenging a course of conduct or a transaction on which it has already given advice. There are a number of emerging models which seek to address this issue. Some companies have a front line compliance function which sits within – and actively supports – the business teams. In turn, the (separate) central compliance function monitors and assesses the effectiveness of compliance across the company, and specifically the advice provided by the front line compliance teams. Other models use the legal function as their front line advisor with the compliance function acting as a wholly independent ‘second line’, carrying out monitoring and assurance. Clarity in this respect is not costless. Being less involved in day-to-day advisory matters, the compliance function can become more remote from the business and lose some of its currency in terms of market practice and standing with the ‘first line’.

David Strachan: Head of Deloitte’s EMEA Centre for Regulatory Strategy

www.risk-uk.com

RegulatoryChangeandBusinessCompliance June2015_riskuk_apr15 04/06/2015 16:18 Page 3

Regulatory Change and Business Compliance

Moreover, the fact that the compliance function is involved solely with monitoring and assurance necessarily means that the demarcation between it and the internal audit function is somewhat less evident. All of this points to the need for ex-ante clarity in terms of the allocation of roles and responsibilities to the CCO and the compliance function more generally and, as part of this, dealing with any scope for conflicts of interest within the function itself.

The Senior Managers Regime References 1http://www.fca.org.uk/news /speeches/ethics-andeconomics 2http://www.newyorkfed.org /newsevents/speeches/2014 /dud141020a.html

The proposed Senior Managers Regime (SMR) in the UK will require businesses to clarify any previously blurred lines of responsibility. Mapping these responsibilities will help regulators pinpoint accountability for failings. Moreover, the SMR makes it quite clear that individual senior managers are personally accountable for compliance with relevant requirements in the areas of business for which they are responsible. That said, there’s a question as to whether a regulatory contravention within a senior manager function’s responsibility area will also automatically trigger a related CCO accountability due to a perceived failing in the prevailing compliance controls. On the face of it, such a link would seem to run contrary to the individual accountability that the SMR is seeking to instill but rest assured this will be carefully scrutinised as the SMR is rolled out. The skills needed to succeed as a CCO – and, indeed, within the compliance function in general – are both broadening and deepening. In addition to the ‘traditional’ skill sets of understanding the rules and requirements and their application to the firm’s business, CCOs and their compliance functions must also now understand and review a broader set of compliance and conduct risks (including those arising from behavioural biases and competition issues) as well as infrastructure and technology risks (ie inherent risks posed by legacy technology infrastructure and areas such as cyber crime).

Solving the talent problem It’s well publicised that some major companies have been strengthening their compliance functions of late. This is putting continuing pressure on supply and, as a consequence, compensation levels.

“In order to embed a strong culture, the focus needs to shift towards promoting behaviours which encourage all staff to take responsibility for doing the right thing all of the time” 28

www.risk-uk.com

The talent challenge has to start with a ‘Back to the Drawing Board’-style approach. While beginning with a capabilities matrix is not in itself innovative, it’s a necessary first step. Clarity about the roles and responsibilities of the compliance function in the face of changing demands will help identify the capabilities required. This will provide a first view of headcount and skills gaps as well as ‘Key Person’ risks across the business. On that basis, the recruitment and development of talent within the compliance function can be defined and aligned with the overall business strategy. Resource pools with transferable skill sets may need to be tapped. Some CCOs are actively broadening the range of skills within the team by employing auditors, former supervisors and consultants. An accredited training programme with a well-defined compliance and personal development curriculum will help to nurture and maintain capabilities in-house.

Process and technology efficiencies Meeting compliance mandates in a costefficient way is clearly important. Companies should define and implement a globally consistent set of compliance processes: a ‘compliance taxonomy’, if you like. Compliance must be a proactive endeavour wherein policy and practices are embedded within the business as robust and repeatable processes. Such robust processes will be a key element for individual senior managers should they have to avail themselves of the ‘reasonable steps’ defence under the reversed burden of proof introduced by the SMR. Robust technological tools increase the business’ ability to report, govern and aggregate risks. This allows the compliance function to focus more of its time on the analysis of results, root causes and forwardlooking horizon scanning. Understanding why things went wrong is far more valuable than just knowing that they went wrong. Analytics can draw on data sources from all compliance activity in the business and from external sources to establish insights that provide a more comprehensive assessment of risk. This is particularly powerful when a risk – such as conduct risk, for example – is dispersed across multiple data sets. Senior level personal accountability and the ethical dimension of compliance are very much here to stay. Compliance functions need to innovate and leverage technological advancements to understand, challenge and deliver for the needs and requirements of a diverse set of stakeholders.

Project1_Layout 1 03/06/2015 14:36 Page 1

INTELLIGENT CONTROL & MONITORING SOLUTIONS

THE MOST ADVANCED MONITORING CENTRE IN THE UK AN INDEPENDENT AND ADVANCED MONITORING FACILITY, CORPS MONITORING COMBINES BEST IN CLASS CCTV AND ACCESS CONTROL TECHNOLOGY WITH WORLD-CLASS REMOTE BUILDING MANAGEMENT AND MONITORING. PART OF CORPS SECURITY, PROVIDING INDUSTRY LEADING SECURITY.

• CCTV MONITORING • FIRE DETECTION/INTRUDER ALARM MONITORING • ACCESS CONTROL MONITORING • INTEGRATED BUILDING MONITORING SERVICE • CORPSGUARD/LONE WORKER MONITORING • MANNED KEY HOLDING /ALARM RESPONSE • BARRIER LIFT/GATE CONTROL • CAMERA PATROL • STAFF ESCORT SERVICE

CORPS MONITORING TEL: 0800 0286 303 WWW.CORPSMONITORING.CO.UK CORPS SECURITY WWW.CORPSSECURITY.CO.UK

85 COWCROSS STREET, LONDON, EC1M 6PF

Corps Security is the trading name of Corps of Commissionaires Management Limited.

Project1_Layout 1 03/06/2015 15:09 Page 1

Automated SIA Licence Checking Online Quality Management Compliance Automation Mobile Patrol Management

SecuriTech Securitech Software is the market leader in Realtime Compliance Automation

SE solutions for the security industry

www.securitechsoftware.co.uk Tel: +44 (0) 844 332 8956 | info@securitechsoftware.co.uk

IFSECandFIREXInternational2015FrontCover June2015_001 04/06/2015 15:21 Page 31

June 2015

Security and Fire Management

Showtime at ExCeL London IFSEC and FIREX International 2015 in the Spotlight Complete Security and Fire Safety Guide for End Users Network Video and Integrated Security Management Fire Detection Systems, VADs and Voice Sounders Making the Transition from Analogue to IP

IFSECandFIREXInternational2015AxisCommunications June2015_riskuk_may15 04/06/2015 15:11 Page 32

IFSEC and FIREX International 2015: Solutions Guide

Life in the Zipstream

igh quality video sources are of no value if storage is limited and the system has been configured to remove critical information before it’s needed. There are various methods available to cut back on storage needs, such as limiting the storage retention time, saving video in a lower resolution, reducing the frame rate and compressing video. In all of these methods, though, information about something critical might be missing when really needed. Before video from surveillance cameras can be efficiently stored on any media it has to be processed to fit into the allowed space. To fit video with high resolution and full frame rate on to SD cards – recognised as the most costefficient media for embedded applications – the original information has to be encoded. This is done using video compression algorithms that encode video data by reducing and removing redundant information. Video compression algorithms are deployed to find regions in the video that have already been transferred and don’t need to be sent again in the next image frame. The algorithms also identify where in the video details can be removed without reducing visual quality. State-of-the-art video compression algorithms that function well together are grouped into an international standard which is

Camera technologies such as sensors and optics have evolved rapidly over the last decade, resulting in video with higher resolutions and better frame rates. However, today’s networked surveillance systems can be limited by the amount of video that may be stored for later use. Is Zipstream the answer to end users’ prayers? a video stream syntax created for storing, sharing and viewing video. Today, the most employed video compression standard is H.264 which is able to contain several days’ worth of surveillance video on a single SD card. The algorithm used to compress video according to H.264 is not part of the standard: only the syntax and the method to perform playback is standardised. Furthermore, this enables improved H.264 encoding solutions to be created while keeping the file format for interoperability (video decoder compatibility).

Surveillance-unique methods Zipstream technology is a more effective implementation of an H.264 video encoder for surveillance applications. It includes various surveillance-unique methods that enable networked cameras to produce video with markedly lower bit rates. In essence, Zipstream technology is a collection of algorithms in the camera that analyse the video stream in real-time. Interesting details and motion are preserved with the given video quality while the specific module can filter other areas with a view to optimally using the available bandwidth. Zipstream technology is not in any way a replacement for High Efficiency Video Coding (HEVC)/ITU Telecommunication Standardisation Sector (ITU-T) H.265, which was jointly developed by the ISO/IEC Moving Picture Experts Group (MPEG) and the ITU-T Video Coding Experts Group (VCEG). Rather, Zipstream is a video coder enhancement which may be applied on many video compression standards with minor adaptions and increases forensic detail.

Axis Communications will be at IFSEC International 2015 on Stand E1000. Make sure you pay the company a visit and find out all you need to know about the end user benefits of Zipstream 32

www.risk-uk.com

Project1_Layout 1 03/06/2015 14:41 Page 1

IFSECandFIREXInternational2015WAGNERUK June2015_riskuk_may15 04/06/2015 18:03 Page 34

IFSEC and FIREX International 2015: Solutions Guide

Removing the Fire Threat in Warehouses All traditional forms of fire protection and extinguishing rely on a fire starting in order for them to work, so some damage and disruption is inevitable. However, in warehouses – where conventional fire protection is difficult to install and maintain and/or business continuity and stock protection is paramount – a different approach may well be required

hese days goods must be available around the clock. Consumers expect that an item purchased online today will be delivered to their door tomorrow. Modern, automated, high bay storage areas in large centralised locations are often at the heart of such operations. While maximising efficiency, the consolidation of logistics operations within one location also creates a single point of failure throughout the entire supply chain. In warehouses where goods worth millions are stored, fire can cause enormous problems and paralyse operations, as was the case with Asos in June 2014. A fire that ripped through the online shopping company’s main warehouse was reported to have cost the fashion retailer up to £30 million in lost revenue after it was forced to suspend sales for several days. Large open spaces such as warehouses and logistics facilities represent one of the most demanding environments for fire protection designers. Requirements in the logistics sector continue to grow and, with them, the height and capacity of the rack storage areas. The increasing cost of land, new building techniques and advances in stock automation are driving the trend towards constructing everhigher buildings. Fires originating in the stock itself are rare. Most fires in logistics operations are due to defects in electrical equipment present in most

warehouses like switch cabinets and control boxes, electrical motors and, in deep freeze storage areas, refrigerators and defrosters. High rack storage areas reach heights of over 40 metres. Together with the small gaps left between the stored goods, this provides the ideal conditions for a fire to spread. Goods in higher racks can become heated so quickly by the rising fumes that the flames suddenly spread right up to the roof of the warehouse. This process can take only a few minutes if adequate protection isn’t in place. Even slight exposure to soot or smoke can contaminate the stored goods and render them unusable. Detecting fires as early as possible is one thing, but extinguishing them is another. The installation of sprinklers or gas suppression systems involves the addition and maintenance of extensive pipework throughout the facility. This is often very expensive for large warehouses, with the extinguishing systems causing damage and disruption when activated.

Oxygen Reduction Systems Of course, removing oxygen to prevent a fire from developing isn’t a new concept. However, Oxygen Reduction Systems employ innovative technology that continuously reduces the percentage volume of oxygen within a given space by adding nitrogen to the air. Oxygen is reduced to a level in which most combustibles do not inflame and an open fire is impossible. The effects of lowered oxygen levels on the human body have been highly researched over the years and safety guidelines have been established that allow staff to enter or work in the protected area. The natural ratio of oxygen to nitrogen remains the same at high altitude levels as it does at sea level: the amount of oxygen is less because of the overall lower air pressure. The amount of breathable oxygen in a firefree environment is similar to the volume of oxygen we would breathe in an aircraft cabin or when exposed to mountainous air but, importantly, the air pressure remains the same as the ambient level. Nitrogen is employed to inert the area as it’s a completely non-toxic natural gas and can be easily produced on site.

To find out more detail concerning Oxygen Reduction Systems and specialist fire protection solutions make sure you visit the WAGNER Group at FIREX International 2015 (Stand E140) 34

www.risk-uk.com

Project1_Layout 1 04/06/2015 17:56 Page 1

Our focus is providing you with a 360-degree overview in a single image

Never miss a thing with FLEXIDOME IP cameras. Blind spots can seriously undermine the reliability of your video surveillance solution. With the range of FLEXIDOME IP panoramic cameras from Bosch, you will never miss a thing. Thanks to a choice of 5 or 12 megapixel sensor resolution at high frame rates and ďŹ sh eye lens, a complete overview without blind spots and easy capture of moving objects signiďŹ cantly improves the quality of every video surveillance operation. So you can capture objects of interest with superb clarity, eliminate blind spots and always see the bigger picture. Learn more at www.boschsecurity.com/hdsecurity Tel: 01895 878095 | Email: security.systems@uk.bosch.com

Come and see us at IFSEC 2015. Stand F700, Hall S5.

IFSECandFIREXInternational2015SamsungTechwin June2015_riskuk_may15 04/06/2015 15:26 Page 36

IFSEC and FIREX International 2015: Solutions Guide

Visibility in Low Light

Day/Night Cameras Similar to colour/mono models, but they use a switchable IR cut filter in the camera to give best possible colour images in the day and maximum IR sensitivity at night. Spectral Range An important element when selecting appropriate surveillance is the spectral range of the camera and how it matches the wavelength of the light source. If there’s existing IR lighting on site then it’s essential to ascertain the light wavelength of the lamps and check that this is within the spectral range of the chosen camera.

Low light performance has always been a key issue to be taken into account for the design of video surveillance solutions. That being the case, what are the main areas security managers need to think about when focusing on the deployment of cameras in those environments where difficult lighting conditions may exist?

ow light cameras will typically incorporate a feature called frame integration or ‘senseup’ which enables the camera to build up layers of images like the slow shuttering on a still camera. This technology allows images in conditions where no ancillary lighting can be used down to .001 lux (ie starlight). Perfect for stationary objects in near darkness, but any movement will ‘ghost’ and leave a trail behind it. Therefore, most sense-up cameras have an automatic setting that will only come into play when the light level falls below that required for normal operation and a maximum setting can be applied to actively restrict the degree of ghosting.

Colour/Mono These cameras switch between colour mode and monochrome mode depending on the lighting conditions. They use a permanently fixed IR cut filter that cuts out IR light from the sun or from illuminators at night. Despite this, they give good colour rendition during the day and produce clean monochrome images at night. They’re pretty much the ideal cameras for when IR illumination isn’t used. Caution: There are colour/mono cameras that do not use any IR cut filter. However, these often give poor colour rendition due to the sensitivity of the CCD sensor to the sun’s IR light affecting the colour image.

IR LEDs Cameras with built-in IR LEDs are becoming increasingly popular as they help to avoid the potential problem of light pollution. They also consume low amounts of energy. Most importantly, though, they eliminate the need for installing supplementary lighting which can prove to be very expensive if civil works are required. At night, or in any environment with lighting, the cameras’ built-in IR LEDs are automatically activated and, depending on the camera model, can provide effective lighting up to a distance of 100 metres. With cameras that have a zoom feature, the IR intensity is automatically adjusted to provide the appropriate level of IR light depending on the zoom ratio. Some models even incorporate a twin glass front to avoid light from the IR LEDs reflecting back into the lens as a result of dirt or water settling on the glass front. Lens selection Using a standard lens may compromise back focus. Visible light and infrared light have different frequencies. This causes a focus shift as the camera switches from colour to monochrome mode. The focus cannot be correct in all conditions, so it’s always worth considering whether the type of lens you’re using is going to enhance or detract from the camera’s other features. Also, consider the use of aspherical lenses designed to let more light focus directly on to the CCD. Using low shutter speeds lets more light in, but targets moving at speed could be blurred. Increasingly, cameras also make use of technologies such as frame integration.

Additional detail around the key issues that need to be considered for the deployment of cameras in environments where there may be difficult lighting conditions can be accessed at IFSEC International 2015. Visit Samsung Techwin Europe on Stand G800 36

www.risk-uk.com

Project1_Layout 1 28/05/2015 14:27 Page 1

See us on stand B605 at IFSEC IFSEC International International

IFSECandFIREXInternational2015ApolloFireDetectors June2015_riskuk_may15 04/06/2015 15:10 Page 38

IFSEC and FIREX International 2015: Solutions Guide

Fire Detectors: Avoiding The Counterfeits Recognising a counterfeit fire detector is crucial such that the use of these potentially catastrophic devices is avoided. How might end users ensure their installed and commissioned fire detection products are the ‘real deal’, and what procedures underpin the detailed testing processes bona fide devices undergo to ensure their safe application?

hen it comes to fire detection equipment, the rigorous design processes, validation testing, testing before and during production and quality checks that authentic professional manufacturers carry out are all absolutely key to the reliability of life safety products. No counterfeit product will ever benefit the end user in terms of protecting and saving life as well as one which has been through the meticulous testing procedures adopted by a genuine and reputable fire detection company. All products should undergo comprehensive testing procedures to ensure performance and reliability in real life situations is achieved. Inhouse fire test facilities should replicate every scenario a product may encounter, from extreme environmental conditions to harsh electrical and radio interference. Products should be verified not only with a view to meeting European regulations, but also the approval requirements of every country to which solutions are delivered. Once the testing stage is complete, products will then proceed to the third party testing

stage for appropriate certification before heading to manufacture. The whole testing process can take anything from three to six months for an MCP switch and up to two years for a new fire detector.

Avoiding the risks The two main dangers of counterfeit fire detection equipment are their non-compliance with industry standards and non-compatibility within an overall fire detection system. To avoid these risks, customers need to take steps to ensure that the products they’re installing are reliable and fit for purpose, particularly if they’re dealing with a new or unknown supplier. The authenticity of fire detection equipment should never be taken for granted and always be verified at source. Checking certifications is the first step in ascertaining a product’s authenticity. The back of each device should display not only the product number, but also the individual approval logos and relevant certification numbers which can be checked with the governing body concerned. If you place a genuine fire detector next to a fake one, a number of differences can often be seen. An example includes the grade of the plastic used. Genuine detectors tend to be a bright white whereas counterfeit products are often a creamier-yellow colour.

Cost: an extremely strong indicator What if you’re new to fire detection products or have no genuine product for comparison? As well as using a reputable distributor or supplier, end users should carry out background research by looking at a company’s website and checking their device against the images and certificates shown. Using common sense is also fundamental. For example, cost will almost always be the strongest indicator. If a product appears too cheap then it’s well worth making as many additional checks as you can. The importance of purchasers taking the responsibility to ensure that they’re installing, commissioning and maintaining authentic fire detection products which are fully warranted can never be stressed too highly.

Apollo Fire Detectors is exhibiting at FIREX International 2015. For all the latest detail and information on fire safety systems and standards visit Stand G100 38

www.risk-uk.com

Project1_Layout 1 03/06/2015 14:38 Page 1

RUN Milestone Mobile AND DOCUMENT ANY EVENT WHILE IT HAPPENS

Let your staff stream live video from their smartphones, wherever they are By allowing your staff to stream live video from the device’s camera directly into your Milestone solution, the Milestone Mobile app gives operators in your central monitoring station immediate awareness of incidents no matter where they occur. Compatible with all Milestone XProtect® video management software and the Milestone Husky™ NVR series, the Milestone Mobile app provides extended live visibility and the ability to use video streams in later investigations. Explore more surveillance and security opportunities with Milestone video management solutions at milestonesys.com Milestone will be exhibiting at IFSEC UK 2015. Visit our Booth no. E750 to learn more about XProtect® video management software and Milestone Husky™ NVRs! Milestone Systems UK Tel: +44 (0) 1332 869380

POSSIBLE STARTS HERE

IFSECandFIREXInternational2015BoschSecuritySystems June2015_riskuk_may15 04/06/2015 15:16 Page 40

IFSEC and FIREX International 2015: Solutions Guide

Coping with ‘Big Data’

Estimates suggest that the UK now has somewhere between three and six million CCTV cameras in operation. Within that cohort, the enhanced deployment of IP cameras – and the impressive resolutions they offer – has generated vast increases in the volumes of data needing to be stored image capture, the lower bitrate doesn’t compromise video quality. IDNR significantly reduces storage costs and lessens network strain by only using bandwidth when it’s needed.

Intelligent Auto Exposure

torage requirements used to be referenced in gigabytes. Now, entry level DVRs come with Terabyte hard drives as standard and storage on large systems is discussed in terms of Petabytes (that’s 1,024 Terabytes), but what’s being done with all of that data we’re hoarding? In the majority of cases it’s never actually used. It’s simply overwritten. So can we record less or only record what really matters? Might we capture the relevant images under any conditions and then store and review this data wherever and whenever we like? The approach should be based on three fundamental pillars. First, the provision of the highest quality and relevant IP video images anytime, anywhere. Then it’s about guaranteeing the most efficient bitrate and lowest storage requirements. Last but not least, the focus shifts towards the delivery of superior intelligence and analytics at the edge. How might end users reduce their storage costs and network strain without compromising video quality? Quiet scenes with little or no movement require a lower bitrate. By distinguishing between noise and relevant information, such as movement, Intelligent Dynamic Noise Reduction (IDNR) reduces bitrate by up to 50%. Given that noise is reduced at the source during

Fluctuations in backlight and front light can ruin your surveillance images. To achieve the perfect picture in every situation, Intelligent Auto Exposure (IAE) automatically adjusts the exposure of the camera. It offers excellent front light compensation and incredible backlight compensation by automatically adapting to changing light conditions. With IAE, the perfect exposure is delivered at every time of asking under virtually any lighting conditions. Intelligent Video Analysis (IVA) can be used to alert CCTV monitoring staff when pre-defined alarms are triggered (after 20 minutes, operators can miss 90% of the activity on a screen). By smartly combining IVA rules, complex tasks can be made easier and false alarms reduced to a minimum. IVA also realises sense and structure for your stored video by adding metadata. This enables end users to quickly retrieve the relevant images from hours of stored video. Metadata may also be employed to deliver irrefutable forensic evidence or to optimise business processes based on, for example, people counting or crowd density information. Now, we have only the relevant images to store and process – a significant reduction from the initial big data situation. Further, Video Recording Manager (VRM) technology helps users easily manage their data with maximum reliability while lowering costs. VRM enables a camera to stream only the pre-defined relevant video data directly to the available storage devices without the use of network servers.

Bosch Security Systems is exhibiting at IFSEC International 2015. Detail around Intelligent Video Analysis will be available on Stand F700 40

www.risk-uk.com

Project5_Layout 1 03/06/2014 11:20 Page 1

Project1_Layout 1 05/02/2014 17:39 Page 1

Have you tried Integriti yet?

Sophistication is not about size The Integriti Security Management System is an IP connected access control and intruder security system that oﬀers sophisticated centralised management for both small systems on a single site, or large systems distributed across the country or across the globe.

With a growing list of new installations take a moment to think of what you’re missing! The Integriti system oﬀers an advanced suite of software, hardware and integrated solutions to deliver complete management of your entire integrated system.

Inner Range Europe Limited Units 10-11 Theale Lakes Business Park Moulden Way, Sulhampstead Reading, Berkshire RG74GB UNITED KINGDOM

integriti@innerrange.co.uk a4 integriti 0ne page UK.indd 1

+44 (0) 845 470 5000 www.innerrange.com 4/12/2013 8:40 am

IFSECandFIREXInternational2015Texecom June2015_riskuk_apr15 04/06/2015 15:30 Page 43

IFSEC and FIREX International 2015: Solutions Guide

Data Security in ‘Connected’ Intruder Systems The world has become increasingly connected. This is having a profound effect on how end users expect to interact with, control and monitor their security systems. With the Internet of Things offering enhanced connectivity options, the selection of professional alarm systems is vital in order to safeguard the integrity of remote communications ecurity alarm system manufacturers have been adding self-monitoring and ‘smartconnected’ functionality into their systems over the past few years but, given the proliferation of portable smart devices and the continual hype surrounding the Internet of Things, modern security systems need to increase the level of connected features in order to keep pace with user demand. Common system functions include cloudbased access to IP-enabled cameras, system notifications and ‘smart automation’ solutions for controlling heating and lighting. The challenge for security alarm system manufacturers is balancing the need to provide solutions quickly to satisfy user requirements while also ensuring that the new connected systems are both robust and secure.

Trusted by end users Security alarm professionals should always exceed these requirements. End users have an inherent ‘trust’, and it’s vital that all interaction with professional security equipment lives up to their expectations. Data security, encryption, immunity from hacking: these are all detailed areas that

require specialist knowledge which may reside outside the traditional electronic security manufacturer’s skill set. Providing Internet-enabled devices and services is possible without investing in high security protocols which can be tempting for some when targeting a first-to-market competitive advantage. Cloud-based services in particular are relatively easy to offer if security and data protection are not the core concerns. However, for professional security services it’s very much the case that integrity is imperative. High quality professional providers should invest heavily in ensuring the highest levels of data protection. Thankfully, there are professional-quality systems available that offer self-monitoring functionality and smart-connected interactivity without compromising on data security or the integrity of the system. When evaluating systems, the question of data security is as important as the added value of the smart-connected services on offer. Developers that can adequately answer the security concerns raised by purchasers will be the ones offering a considered, robust and secure remote communications solution.

Maintaining data security in ‘connected’ intruder systems is one of the topics to be discussed by Texecom at IFSEC International 2015. Visit Stand E1100 for more information 43

www.risk-uk.com

IFSECandFIREXInternational2015InnerRange June2015_riskuk_may15 04/06/2015 15:23 Page 44

IFSEC and FIREX International 2015: Solutions Guide

When Systems Don’t Talk

nflexibility: Organisations may be forced to run their operations to accommodate system restraints, in turn leading to time-consuming processes and reduced productivity. Increased risk of access and data breaches: If an employee leaves an organisation their details and permissions have to be physically updated on every system, making it extremely difficult to instantly revoke access across the entire operation. Weakened reporting opportunities: Without the ability to consolidate valuable information across multiple systems, opportunities for improvement and growth can be overlooked.

The Power of Integration Integrating multiple business applications within an easy-to-use central management system provides organisations with the ability to co-ordinate, schedule, control and monitor events and actions across any number of subsystems, allowing events on one sub-system to invoke actions on another. As an example, let’s take an employee asked to leave an organisation with immediate effect. Due to the nature of the dismissal, the Human Resources (HR) manager needs to ensure that this individual’s access to all company systems and sites is immediately revoked. Without an integrated security management system in

Every organisation, large or small, depends on multiple business systems to control and manage different areas of their operation, such as security, Human Resources and payments. What, though, are the implications if these systems are not integrated? place, the organisation would need to administer each system independently to revoke access, taking time and effort. During this period, the dismissed employee may be able to gain access to some systems or buildings, thereby realising a potential security risk for the company. The implementation of an intelligent integrated security management system would allow the administrator to instantly stop access to every system and site, invalidating all access codes and smart cards as well as username and password. The management systems would also notify the administrator if the user attempted to access the site or any of the business systems, allowing the organisation’s HR and legal team to take action if required.

Integrated Security Management In terms of an integrated security management system, a quality solution will offer integration with leading brands and be continually adding the latest and most popular technologies to its partner list. Key systems would be Microsoft Active Directory, leading CCTV brands, visitor management systems and elevator control. Ensure the management system can ‘talk’ to business systems already in use. To make certain of a higher return on existing system investments, also ensure that the management solution has the capabilities to integrate with those systems already implemented. Scalability of the system is extremely important. Organisations with multiple sites, either on a national basis or across the globe, should ensure that their chosen solution will allow centralised control of their entire operation, with the ability to scale up or downsize if and when required. For multiple configuration options, check that you can install and configure the system using technologies like TCP/IP, RS45 and UniBus.

If you would like to learn more about integrated security management systems and their deployment talk to Inner Range Europe on Stand F1550 at IFSEC International 2015 44 www.risk-uk.com

Project1_Layout 1 03/06/2015 14:34 Page 1

Visit Axis at IFSEC: ExCeL London Booth E1000 June 16-18

Elephant proof. Our cameras are much tougher than they look. That’s because we don’t just give them a few strikes during testing, as you might expect. Instead, we subject them to about 30 heavy strikes – directly on their weakest spots. Don’t worry though, we keep them away from elephants. It’s just one of the tough tests Axis cameras face, so you can be sure you’ll always get the best image quality and high performance – no matter what’s thrown at them.

Learn more about Axis’ quality assurance work at axis.com/quality

IFSECandFIREXInternational2015Vimpex June2015_riskuk_may15 04/06/2015 15:31 Page 46

IFSEC and FIREX International 2015: Solutions Guide

VADs and Voice Sounders for Evacuation ‘Noise confusion’ in the built environment means that occupants can become complacent and ignore safety-critical alarm tones. Specifying audible and visual devices augmented with voice can significantly reduce reaction times to critical alarms as they deliver an unambiguous instruction that’s clearly seen, heard and understood

oday’s modern building environment is characterised by high levels of both noise and light pollution. Fire alarm bells, sirens, sounders, security alarms, Public Address systems and mobile ringtones are but some of the sounds included within the cacophony of noises that bombard us on a daily basis. The introduction of Visual Alarm Devices (VADs) meeting the requirements of EN54-23 reinforces fire alarms and enables timely evacuation, particularly for those who are hard of hearing or for staff members working in noisy environments. Combining voice with VADs creates the best of both worlds, ensuring that all building users are evacuated quickly and safely. Devices are being developed that combine a voice sounder with a VAD that will deliver significant installation cost savings and flexible solutions for both the designer and end user.

Voice sounders: the detail EN-approved multi-message voice sounders combine the normal sounder signals with clear and unambiguous voice messages. They require no special wiring and can be retrofitted to existing fire alarm installations. What’s more, they’re fully synchronised and have an exceptionally low current consumption. Voice sounders can serve as a replacement for standard electronic sounders or bells to broadcast a clear message for any situation – evacuation, chemical spills, gas extinguishing, security or general information. Each voice sounder may be programmed with a number of user-defined messages selected from a library of hundreds of prerecorded multi-lingual messages covering evacuation, alert, test and ‘All Clear’. A family of different models allow compatible voice sounders to be installed both inside and outside in a wide range of commercial and

industrial applications. Some models can also be fitted with an integral strobe to further aid evacuation procedures. One example of the flexibility of today’s voice sounders is their use in a growing number of gas extinguishant systems. In fact, voice sounders may be seamlessly integrated within any gas suppression system. Gas panels have traditionally used two sounder circuits to give different tones for first, second and third stage extinguishant release warnings. The result of an ignored message could have hazardous consequences for the occupiers of the protected room. Voice sounders can deliver a clear and unambiguous message at each stage of the gas release process.

Role of Visual Alarm Devices For many years, VADs – in the form of beacons or combined sounder/beacons – have been part of fire alarm systems, mainly to satisfy the needs of the Equality Act (formerly the Disability Discrimination Act). They assist the hard of hearing to recognise when a fire alarm has been activated. That said, the visibility of such devices has never been subject to measurement against an industrywide standard. Now, a new product standard – EN54-23:2010 Fire Detection and Fire Alarm Systems, Part 23: Fire Alarm Devices: Visual Alarm Devices – has been introduced to standardise the requirements, test methods and performance of VADs and ensure that light output is measured in a uniform manner. VADs must produce sufficiently intense light such that an individual located anywhere in a given area, looking either towards or away from the VAD, would be alerted in the event of an emergency. The positioning and spacing of the VADs is therefore of vital importance. VADs can either be ceiling-mounted or wall-mounted (or discretely mounted under fire detectors). Sophisticated, well-designed VADs use innovative lens and LED light technologies to ensure maximum visibility and consistent coverage at minimum current consumption. Voice sounder manufacturers are producing VADs that incorporate electronic sounders or multi-message voice sounders in one device.

Further information and advice about Visual Alarm Devices and voice sounders for building evacuation is available by visiting Vimpex at FIREX International 2015 (Stand D142) 46

www.risk-uk.com

Project1_Layout 1 04/06/2015 17:57 Page 1

Demand more from your access control system EX t

notify EX

Site Plans

Photo & ID

Events & Reports

Bio m

tro llers

Database Management

tri cs

n Co Ac

Because everyone deserves peace of mind

EXvisito

Fire

r ou

That’s why we carefully select our integration partners in order to provide our customers with a holistic system incorporating complimentary technologies that seamless integrate via EXgarde, TDSi’s own software platform.

Visit us on stand F1100 at IFSEC from 16th to 18th June at London’s ExCeL Centre

ontrol tC

TDSi is committed to delivering high quality integrated solutions in partnership with best of breed manufacturers across the security industry.

Lif

Intruder

ssories

Read

Cards

www.tdsi.co.uk sales@tdsi.co.uk +44 (0) 1202 723 535

IFSECandFIREXInternational2015WardSecurity June2015_riskuk_may15 04/06/2015 15:32 Page 48

IFSEC and FIREX International 2015: Solutions Guide

Protecting Property from Squatters The levels of homelessness and squatting in the UK are staggering for a developed nation. Government statistics suggest a 55% rise in people sleeping rough across the UK since 2010. This number is even greater in London, where over 6,500 people slept rough during 2013-2014 – a 77% rise. With an ongoing housing crisis, we should not expect these figures to improve anytime soon ith regards to squatting, 39% of single homeless people have squatted at some point. That figure may well include people who, until 1 September 2012, squatted in residential properties. However, on that date the law changed, making it a criminal offence to squat in a residential property. Punishment was harsh, with up to six months in prison or a fine of £5,000 under Section 144 of the Legal Aid, Sentencing and Punishment of Offenders Act. Changes in the law were not extended to commercial premises, with the inevitable outcome that squatters turned their attentions away from residential properties to vacant and under-development commercial properties such as empty shops, pubs, warehouses and offices. It’s not hard to find somewhere to squat in the UK. The latest figures suggest that nearly 12% of retail units across the nation are empty, with the Local Data Company predicting a fifth will never be reoccupied. While the level of vacant offices has generally fallen, and notably so in London, there are still plenty of such premises available for squatters to target.

Inflicting substantial damage Owners of commercial buildings and landlords faced with a squatting issue must bring about costly and time-consuming civil proceedings against trespassers. Any plans to lease, sell or redevelop a given property will have to be put on hold. It’s not uncommon for squatters to inflict substantial damage to premises,

including the stripping of building assets. The costs for repair if/when the squatters are evicted can soar, while many insurers will not cover the cost of repairing property damage caused by squatters. Building owners and landlords might even be liable for any injuries incurred by the trespassers. In view of a legal framework which, it can be argued, makes it easier for squatters to target commercial premises – and which gives little support for owners and landlords – an obvious approach to the problem ought to be one of prevention. It’s an approach that should begin even before the premises become vacant. A risk assessment which reviews the most effective ways of protecting the property will help in making necessary changes before it becomes vulnerable to trespassing. If there’s no time to conduct a review prior to the building becoming vacant, it’s hugely important to act quickly when it does and immediately implement a security solution. The solution will be dependent on the property, but can include on-site security officers or frequent patrols, CCTV and/or wireless intruder detection systems. Efforts to afford buildings the appearance of occupation are also important, such as the use of timed lighting and arranging for third parties (eg cleaners) to make regular visits. If a property is likely to remain unoccupied for a long period of time, consider letting the premises on a short-term trading basis.

Void property management and protection solutions encompassing CCTV, security guarding and intruder detection will be detailed by Ward Security at The Facilities Show. Visit Stand N1070 48

www.risk-uk.com

Project1_Layout 1 03/06/2015 14:39 Page 1

Secure your connected premises

Premier Elite ComWiFi Connect any Premier Elite control panel to your WiFi network. The Premier Elite ComWiFi integrates with any Premier Elite control panel for simple, secure network connectivity. WiFi connectivity provides a host of benefits to Premier Elite systems, including compatibility with Texecom’s suite of Premier Elite Mobile Apps, and upload/download diagnostic control via Wintex software. • Enables alarm system control via Premier Elite Mobile Apps • Upload / download via Wintex software

Perfect for Premier Elite Mobile Apps Premier Elite control panels can be remotely controlled via smartphone and tablet. The 3 apps offer end user, master user and system engineer functionality. Premier Elite Mobile Apps have been recently updated to include system alerts via Push Notification and IP-enabled camera control.

Visit us: STAND E1100 Registered Installers get entry to the VIP lounge

Sales: 01706 220460 Visit: www.texe.com

IFSECandFIREXInternational2015MilestoneSystems June2015_riskuk_may15 04/06/2015 15:26 Page 50

IFSEC and FIREX International 2015: Solutions Guide

Realising the Potential of Digital Video

There’s a great many industry statistics showing the strong growth of IP/digital video in contrast to sluggish single-digit growth of analoguebased CCTV. Why, then – and particularly in the UK – are so many CCTV systems still being sold when the weight of opinion favours migration to digital video?

here remains an army of traditional security installers who only have the skills to work with analogue CCTV systems. Ethernet networks are an anathema to them, but it’s also useful to look at why corporate end users are still buying into the old analogue technology. Part of the answer lies in the mindset. Put simply, some end users view CCTV systems as just that: a closed-circuit TV system designed to provide live and recorded images for surveillance purposes. Nothing more, nothing less. However, they’re not asking the question: “How do we take the new visual data sources and use them to improve our business?” Digital/IP video is about far more than just the video images. The visual data gathered can now be analysed in multiple ways and used to help enhance the manner in which businesses operate. It can assist in automating processes, in turn generating untold efficiencies. Digital video is a data source like all other data sources in IT infrastructure. This means that video data can be fed to other IT systems since true open video management software (VMS) may operate as a digital video hub, not only feeding video data into other IT systems but also integrating business functions. Today, most digital video systems are still used for monitoring and securing people, perimeters and assets but, in truth, they increasingly deliver far more value than this. Take the example of a new video system being fitted in a car park. In the case of an

analogue installation, you would be able to see the video and review it after the event if, for example, a customer complains that they’ve been given a parking ticket in error. You might use a digital video system to do the same thing. However, you could extend that same system, employing it to analyse how many parking spaces are still available and perhaps offering this information on a display at the entrance to the car park. This system could also be used for other advanced security purposes. The car park operator could analyse the video’s metadata linked to approaching cars, comparing this with external data sources. If your database details that the license plate in view is normally associated with a grey VW Golf and the car entering the car park is a Red VW Passat then security staff could be alerted immediately.

Return on Video Investment Analogue video surveillance systems are often regarded as being cheaper than their digital cousins. Analogue cameras and recording systems typically cost less than IP cameras and computer servers and VMS software licenses. There may even be legacy coaxial cabling in place which might also limit the cost of continuing with CCTV any further. Again, a shift in mindset is required to think beyond installation cost and concentrate instead on measuring the speed of Return on Investment and real Total Cost of Ownership. Digital video systems will simply be upgraded and extended iteratively and in a cost-effective manner as newly-identified business or security requirements demand. Digital video systems also reduce time spent searching for relevant video evidence so companies need to think of the small increase in digital video systems installation cost as being an investment in the future. There’s one more change that needs to happen inside businesses before they truly embrace digital video systems. The IT Department must treat video systems as a valuable source of intelligence and not simply as a drain on the corporate network. IT management should now consider the real potential of video for their businesses.

End users can gain further insight on digital video and its benefits for the business community at IFSEC International 2015. Visit Milestone Systems on Stand E750 for more information 50

www.risk-uk.com

Project1_Layout 1 03/06/2015 14:41 Page 1

Early ﬁre detection with TITANUS®

16-18 June 2015 ExCeL London UK booth E140

W E H A V E O N LY O N E G O A L : T O P R O T E C T Y O U R G O O D S A N D A S S E T S R E L I A B LY

Intelligent fire protection solutions for storage and logistics. In warehouses the material stored is usually densely packed. Coupled with easily flammable packing material this represents a heightened risk of fire. To protect stored goods reliably, TITANUS® aspiration smoke detection systems are 2,000 times more sensitive than a conventional fire detector. This essential time advantage provides maximum protection of people, goods, assets and property – a solution proven in practice worldwide. WAGNER sets standards for innovative and comprehensive solutions in fire protection: With TITANUS® for very early fire detection, FirExting® for fire-extinguishing, with OxyReduct® to actively prevent fires from breaking out and VisuLAN® for hazard management. WAGNER UK Ltd. Call us: +44 870 333 6116 Visit us: www.wagner-uk.com

IFSECandFIREXInternational2015TDSi June2015_riskuk_may15 04/06/2015 15:27 Page 52

IFSEC and FIREX International 2015: Solutions Guide

Security Integration: What’s the point? The development of interacting technologies has never been so rapid, touching all parts of our lives. As well as being highly beneficial to the security sector, the wider integration of technology has actually become a ‘must have’ requirement for everything we do. On that basis, it’s vital to understand the implications of not providing customers with the flexible tools they really need

ny business sector can become selffocused and dismissive of the changes going on around it. For its part, the security sector has traditionally been keen to embrace technology, but perhaps slower to adopt wider trends – erring on the side of caution and good sense in order to ensure things work properly before taking the plunge. IP integration has revolutionised the physical security space both in terms of products and business practices. Even 20 years ago, the idea of linking security systems to the Internet was unthinkable. Now, it’s almost the reverse. In some ways, the basic principles of locking doors and monitoring secure areas haven’t changed much in decades. What the IP revolution has done is to ensure that all these key ingredients are combined and used to their full advantage on a cost-effective basis.

The Internet of Things The Internet of Things concept has undoubtedly shaped the public perception of technology. Rather than just presenting technology integration as a possibility, this propagates the expectation and desire to buy and use products which work together. Previously, sales and marketing efforts pushed integration to a market that needed some persuasion. Now, it’s the customers themselves demanding these features.

Software has taken centre stage in physical security. Once the preserve of logical security, physical security only used software to control relatively rudimentary standalone access control and surveillance systems. Now, it’s a key component for integrated IP systems and has taken a starring role in terms of commercial sales for many developers. With IP integration of hardware, software is the glue that enables these previously disparate systems to not only communicate with one another, but to also become part of a broader network of controllable assets. Another important element of IP-enabled security is the way in which operators interact with these systems. Smart phones and mobile devices are a key part of the modern connected world. Many individuals and businesses rely upon these devices to stay connected. As IPbased security integration software tends to be run through the Internet, it makes perfect sense to ensure that authenticated mobile devices can also be used for administration. Inevitably, this will mean developing apps for the major smart phone operating systems which can be time-consuming and expensive. However, failing to meet this requirement from the market would be a costly gamble.

Attractiveness to buyers Tailoring the way in which end users interact with integrated security solutions is a key part of ensuring these systems are attractive to buyers. For example, ensuring the interface is user-friendly and has a familiar format – be it as part of a smart phone app or as a general web browser – will always help to engage the market with the product. The beauty of using software solutions to unite the different security elements is that the end user never needs to worry about how unification is achieved. All of the technical requirements can be hidden ‘under the bonnet’, leaving the security team with nothing to worry about but their core role. The security business sector should never be seen as an isolated bubble. Rather, it’s a crucial part of many organisations within all vertical markets and cannot ignore the major responsibility to provide what its clients need.

Further information on integrated solutions and IP-enabled security is available from TDSi at IFSEC International 2015. Visit Stand F1100 52

www.risk-uk.com

Project1_Layout 1 02/06/2015 13:40 Page 1

Value engineered Competitively priced megapixel and Full HD bullet cameras and domes from a brand you can trust.

Delivering a heavyweight performance at an ultra light price, WiseNet Lite 1.3 megapixel and 2MP Full HD cameras and domes share many of the features built into Samsung Techwinâ&#x20AC;&#x2122;s award winning WiseNetIII camera series. Plus, a Hallway view function for the efficient monitoring of narrow vertical areas such as aisles, corridors, tunnels and roads. With WiseNet Lite, Samsung Techwin continues to support installers with affordable solutions that will meet budget limitations, as well as demanding functionality requirements of any size video surveillance project.

Securing your future WWW.SAMSUNGSECURITY.CO.UK STESECURITY@SAMSUNG.COM T: +44 (0) 1932 82 6700

Join us at IFSEC on Stand G800

IFSECandFIREXInternational2015BenchmarkInnovationArena June2015_riskuk_may15 04/06/2015 18:18 Page 54

IFSEC and FIREX International 2015: Solutions Guide

The Innovation Arena IFSEC IN ASSOCIATION WITH

Security professionals visiting IFSEC International 2015 at London’s Excel from 16-18 June will want to see the latest solutions. The IFSEC Innovation Arena on Stand B1800 – run in association with Benchmark – is designed to bring together all of the leading technologies enchmark Magazine (sister publication of Risk UK) has teamed up with UBM (the organiser of IFSEC International) to present The IFSEC Innovation Arena, which is designed to highlight the very best new and emerging technologies for security installers, integrators, consultants and end users. The numerous presentation sessions on Stand B1800 will cover video surveillance, access control, site protection, video analytics, business intelligence and infrastructure. Across the three days of the show, no less than 35 security solutions developers will deliver ten-minute presentations solely focused on innovation and technological developments. Attendance is free to visitors at IFSEC International, while the sessions are designed to deliver exactly the type of key information that today’s security professionals really need. The focus will be on what the security innovations are, how they work and what benefits can be gained by using them. The short, sharp and punchy presentations are all about helping you to build better security solutions. The IFSEC Innovation Arena will take place on Tuesday 16, Wednesday 17 and Thursday 18 June at London’s ExCeL, and bring together scheduled pitches from manufacturers of innovative solutions to ensure attendees are kept fully updated when it comes to all of the latest security technologies. Solutions developers taking part include Risco Group, Texecom, Pyronics, UTC Fire and Security, Intergrated Security Manufacturing, Genetec, Vidicore, FoxStream, Flir Systems, Panasonic, Avigilon, Bosch Security Systems, Synology, Milestone Systems, Samsung Techwin Europe, Aimetis, Vicon, ACT, Meyertech and Secure Logiq. Also in attendance are Seagate, Comnet, Phybridge, Iomniscient, Davantis, Myrasis, Agent Vi, Vanderbilt Industries, Axis Communications, Optex, BPT Security, Impro, Paxton, Spica and Nedap. Make sure you visit Stand B1800 during IFSEC International.

Stay up-to-date with all the latest security solutions by attending presentations in The IFSEC Innovation Arena (Stand B1800) 54

www.risk-uk.com

Project1_Layout 1 03/06/2015 14:34 Page 1

N EVOLUTION IN FIRE DETECTION STARTS NOW WITH THE INTELLIGENCE OF TM

16-18 JUNE

FIREX 2015 EXCEL LONDON VISIT US AT

STAND G100

FOR MORE INFORMATION

To find out more, please visit the website www.apollo-fire.co.uk/soteria

IFSECandFIREXInternational2015Dallmeier June2015_riskuk_may15 04/06/2015 15:18 Page 56

IFSEC and FIREX International 2015: Solutions Guide

Video Surveillance for Large-Scale Areas Improve service delivery and lower operating costs with the foremost technology for effectively managing remote working security staff â&#x20AC;˘ Monitors in real-time actual visit times and attendance duration â&#x20AC;˘ Verifies site attendance â&#x20AC;&#x201C; proof that a visit was made â&#x20AC;˘ Avoids service breakdown with â&#x20AC;&#x2DC;no-showâ&#x20AC;&#x2122; alerts â&#x20AC;˘ Eliminates paper timesheet processing â&#x20AC;˘ Delivers major savings in payroll processing and payroll costs â&#x20AC;˘ Improves and simplifies staff scheduling â&#x20AC;˘ Delivers instant real-time changes to work schedules â&#x20AC;˘ Helps meet duty of care obligations for lone working staff Providing an unrivalled resource for effectively managing security staff in the immediate period ahead; Ezitracker improves operational EFÂ&#x153;CIENCY REDUCES PAYROLL COSTS ACCURATELY MEASURES CONTRACT PROÂ&#x153;TABILITY AND SIGNIÂ&#x153;CANTLY INCREASES TENDER BID SUCCESS RATES

Call 0845 699 6969 or visit:

www.ezitracker.com

Without cameras, security technology would be blind in the truest sense of the word. There are thousands of PTZ cameras in use today, but when video-recorded evidence is required itâ&#x20AC;&#x2122;s fair to say that some are often found to be looking in the wrong direction imilarly, there are hundreds of thousands of static cameras that might be looking in the right direction but, when reviewed and a digital zoom function is used, the images are too pixelated to result in any relevant evidence. How, then, can large areas be monitored more efficiently by security professionals? Multifocal sensor (MFS) technology solves this problem with a completely novel lens and sensor concept. Unlike conventional HD and megapixel cameras, the multifocal sensor technology works with several lenses, each of which has a different focal length. Thanks to this new sensor concept, even objects that are farther away can be displayed with the same resolution as objects in the foreground of the picture â&#x20AC;&#x201C; in real-time and at high frame rates of up to 30 fps. Regardless of the part of the surveillance area an operator focuses on at a particular moment, the overall action is recorded at all times with maximum resolution of detail. As a result, an incident can also be reconstructed in detail after the fact, no matter where it occurred. Furthermore, since fewer camera installation locations are needed than is the case with single-sensor cameras, the requirements for the infrastructure are lower along with the necessary expenditures for servicing and maintenance. Another advantage of MFS technology is a substantially higher dynamic range. Each sensor selects its own exposure strategy in order to achieve ideal saturation. The MFS technology can make distinctions more effectively. Light areas are exposed for a shorter time and dark areas for a longer time. As a result, situations with a large dynamic range can also be recorded with good quality and, importantly, without overexposure or â&#x20AC;&#x2DC;drownedâ&#x20AC;&#x2122; black areas. With MFS technology, a huge area can be surveyed from a single location in extraordinary detail. This offers tremendous advantages, notably for management and video analysis. Movement of people or vehicles may be reconstructed over long distances without any gaps in the recording or camera switching. This opens up a wide range of analysis options for todayâ&#x20AC;&#x2122;s end users that were not possible with prior technology.

Further information on the surveillance monitoring of larger areas or zones is available online at www.dallmeier.com 56

www.risk-uk.com

IFSECandFIREXInternational2015KBCNetworks June2015_riskuk_apr15 04/06/2015 15:25 Page 1

IFSEC and FIREX International 2015: Solutions Guide

With IP offering end users greater flexibility and a whole new suite of features, the migration from analogue to IP-based security systems is happening. However, once system requirements go beyond the straightforward like-forlike swap from analogue and begin to demand all that IP promises, many end users have found the move to digital far from easy imply put, an analogue CCTV system sends a camera signal over a direct connection back to a Control Room where it’s viewed or recorded. It’s a straightforward, closed and centralised system. With IP, however, the system is decentralised. Cameras, data sources and sensors may be accessed from just about anywhere in the world and from multiple locations. Video, voice and data can be sent over both fixed and mobile networks while end users taking advantage of the public infrastructure can do so at a fraction of the cost of leased lines. The IP ‘revolution’ truly has the potential to afford end users far greater functionality but, in practice, many systems start to hit snags once they extend beyond a simple implementation. Users have been left with unstable systems while installers can face network problems that only an in-depth knowledge of IP will resolve. IP video management systems are often designed for Local Area Networks (LANs), so once you start to transmit over a Wide Area Network (or WAN, such as the Internet), and cross from one network boundary to another, they start to lose functionality. For example, port forwarding issues can mean that you cannot access video from more than one location without opening up multiple ports on a firewall and exposing your network to potential threats. Then there’s the issue of sending sensitive information over a public network. Recently, the national media has highlighted this vulnerability by exposing footage from a number of IP security systems. Hackers had gained access to systems across the world, allowing them to spy on people at work and in

From Analogue to IP their own homes. Translate such a scenario into an industrial or Government system and the frightening reality could include compromised access control solutions, intruder alarms, IT networks and surveillance cameras.

The VPN Solution There are, of course, solutions to all of this. It’s commonly accepted that a Virtual Private Network (VPN) will provide both security and the ability to work over multiple networks. However, even VPNs are gaining a reputation for being difficult to configure and, in many router-based systems, can prove to be inherently unstable. The answer lies in careful planning of the solution, and also in the specification of the products themselves. Changes to an existing installation can be expensive so the planning and specification must be right from the start. Whether you decide to work from individual elements upwards, or from the whole system down, a layered approach is often the best way forward. This process provides the blueprint for what needs to be achieved. It should identify as much of the physical network as you have access to, detail any devices and application platforms, include changes and updates to hardware or software, recognise potential risks, ascertain security requirements for each network segment and, importantly, consider how the system will operate as a whole. The output from this process should help to pinpoint the most suitable type of hardware. Its specification should include the ability to work over more than one network segment, deal with different locations, withstand common and known network attacks and communicate over different IP layers (LAN is normally IPV4 while WAN could be IPV6). It should also provide the ability to maintain the network and implement changes simply while dealing with network outages. With careful planning, the implementation of an IP network for security or surveillance doesn’t need to be complex. Secure, stable and flexible devices that are easy-to-use will always lead to better solutions. The right specification will mean that putting IP’s benefits into practice should be straightforward and trouble-free.

KBC Networks will be at IFSEC International 2015 on Stand B605. Pay the company a visit and learn more about transitioning successfully from analogue to IP-based surveillance 57

www.risk-uk.com

TheSecurityInstitute'sView June2015_riskuk_apr15 04/06/2015 15:37 Page 58

Understanding Violence Risk Management

The subject of violence as a corporate risk area is not a new entity but, despite that truism, there are often fundamental flaws when it comes to the ways in which organisations respond to it. Here, Richard Diston outlines Best Practice techniques in the realm of violence risk management included in wider Health and Safety precautions. It’s this fact that introduces the first failure in its management.

Violence: a dynamic proposition

hy might organisations fail to treat violence risks appropriately and, importantly, what can they do to improve their resilience around this matter? One reason for poor violence management might be ‘risk blindness’. With significant market pressures placed on today’s businesses, they may well choose not to spend time and resources understanding what they perceive to be an unlikely risk event and remain oblivious to the potential impacts. However, such incidents present significant costs to an organisation. There’s the direct harm perpetrated upon members of staff, both physically and emotionally. The human cost of violence can translate directly into financial expense by dint of increased absenteeism, more problematic recruitment and reduced output due to cultural harm. Then there are the more direct costs. The Health and Safety Executive statistics for prosecutions from 2013-2014 demonstrate a 95% conviction rate, with an average £15,000 fine per breach of Health and Safety legislation. Common breaches will be a failure to risk assess compounded by a failure to act on any risk assessment and lack of consultation with staff. These failures stack up in an organisation pretty much like a Jenga set, waiting for an event to bring them all tumbling down. It’s important to note that Health and Safety failures are criminal acts that increase the organisational risk beyond human costs and, as such, cannot be transferred to third parties. As an area of Health and Safety concern, the management of violence is often logically

www.risk-uk.com

Violence must be recognised as a dynamic risk. As a result, it cannot – and should not – be assessed in the same way as static risks such as trip hazards or hazardous substances. There are significant factors present in situations of violence risk that a standard risk assessment form isn’t designed to capture. Most mentions of violence in typical risk assessments are usually one line in a standard form with a suggested control measure of: ‘Follow your training and company procedures’. As risk assessment is the bedrock of controlling the risks of harm to people, any lack of a reliable risk assessment model for violencerelated risks is a major obstacle to companies looking to protect staff and customers alike. One specific reason for poor violence management may be organisational culture and attitudes. These can vary from outright denial (‘It will not happen here’) to total acceptance (‘It’s a part of the job’). In any risk area, successful treatments require acceptance and understanding. Violence is a complicated and emotive subject that, more often than not, triggers denial responses. Denial does not support understanding. If an organisation truly seeks to reduce its liability for violence risk, it needs to start by understanding how and why violence may be perpetrated at its locations. Certainly, violence has many vectors into an organisation. In the real world, it could arise due to the attempted detention of a shoplifter by a security officer or as the result of a return visit by a disgruntled ex-employee. It may be a factor in another criminal act perpetrated against the organisation or in any one of dozens of other ways. If the risk vectors for violence are myriad, the typical organisational responses are equally varied. This is largely due to the fact that, at present, there are no recognised standards or

TheSecurityInstitute'sView June2015_riskuk_apr15 04/06/2015 15:38 Page 59

The Security Institute’s View

accepted training in place for the management of work-related violence. Organisational policies on violence management are often well meaning but illinformed, usually creating significant additional risk by the issuance of policy statements to staff that are often confused or, worse still, outright unlawful. As this is a specialist risk area, reliable and qualified advice is hard to come by. That being so, companies often create their policy based on documents they find by surfing the Internet or they simply update an old document in their risk folders with a few changes that are never cleared for either legality or appropriateness. These documents duly enter the canon of procedure and, over the years, become accepted as the correct way of doing things without ever being questioned or assessed by qualified practitioners. Companies may seek to transfer their risk to a third party for the management of violence (perhaps by using private security provision), but may in fact be retaining or even exacerbating the situation. Such organisations often direct their contracted service providers using their own policies and procedures.

Service Level Agreements Client satisfaction is sometimes measured using Service Level Agreements that may also have unintended consequences. While there may be strong arguments for measuring the number of arrests in a retail establishment, for example, this may also influence behaviour that increases the risks of violence. Due to commercial pressures, retailers may employ a lone security officer who’s then tasked to perform arrests in an environment where there’s no suitable holding facility. There are a number of risks in this scenario. Current Best Practice indicates that the minimum number of security officers required to safely detain a single individual on a physical basis is four. However, retailers are unlikely to quadruple their security spending. Consequently, open communication, partnership and innovation are required to provide such businesses with viable solutions. An imperfect understanding of both security and risk management may lead an organisation towards engaging security providers who can ill afford to explain the risks they’re inheriting even if they themselves understand them. Years of uninformed practice and commercial pressure make it extremely difficult for enlightened contractors to guide their clients towards new Best Practice, particularly if it means increasing costs to reduce risks. These

contractors may well be inheriting huge risks that they cannot transfer but must not retain. The security sector itself does not fully understand the risks of violence, with most operating procedures on arrest and detention being years out of date while at the same time exhibiting no clear genesis. In a recent survey, the British Retail Consortium noted that many incidents of violence are as a result of security personnel stopping suspected shoplifters. Where this occurs and leads to either direct harm or an accident during a pursuit, it raises the question as to where liability lies. It could be argued that any harm occurred as a direct result of the actions of the security officer in giving chase, creating a chain of causation and, therefore, potential liability.

Treating the violence risk What actions should an organisation take to treat their violence risks? Establish a culture of acceptance and a response system to support victims. This is good practice and can reduce the emotional impact of an event. Engage a qualified person to review relevant policies and systems of work for responses to violence as well as for working practices that might serve as behavioural triggers. Also, engage a qualified and experienced individual to perform a full suite of violence risk assessments, including recommended controls. Create an annual training strategy based on the risk assessments and budget accordingly. Consult with all employees who may be considered at risk of violence in the workplace. This is a Health and Safety requirement. Last but not least, source a suitable specialist training provider and implement a robust reporting procedure configured to ensure that all incidents (and near incidents) are duly captured for analysis. Violence risk management is both a complex and specialised area. It’s certainly one in which the cost of mitigation is far outweighed by the human, cultural, financial, legal, reputational and financial costs of a significant event. Make sure your company doesn’t become the victim.

Richard Diston MSc MSyI: National Training Manager at Axis Security Services

“The human cost of violence can translate directly into financial expense by dint of increased absenteeism, more problematic recruitment and reduced output” 59

www.risk-uk.com

InTheSpotlightASISInternational June2015_riskuk_apr15 04/06/2015 15:33 Page 60

The Pharmaceutical Industry: Assessing The Security Risks The global pharmaceuticals market is currently worth US$300 billion per annum, with the ten largest drugs companies controlling over one third of the market. What does the threat landscape look like right now, and how can organisations guard against acts of criminality? Rowena Fell has the overview companies – that may seek to target pharmaceuticals’ intangible assets, particularly when considering the perceived immaturity of the pharmaceutical market in nations outside of North America and Europe?

What is The Threat Landscape? ooking at the Top Ten drug-producing companies on the worldwide stage, several generate sales revenues in excess of US$10 billion every year, with six being located in the United States and four in Europe. The North American market has remained the largest with a 41% share, while Europe has achieved a 26% market share. It’s predicted that North and South America, Europe and Japan will continue to account for a full 85% of the global pharmaceuticals market well into the 21st Century. When considering the European Union’s (EU) trade environment in 2012, the majority of EU exports were to Russia, with the least amount of imports being from Israel. Furthermore, 21 countries were identified as having an emerging pharmaceutical sector and, collectively, will add US$187 billion in annual sales by 2017. This equates to two thirds of global pharma growth and will increase the ‘pharmerging markets’ global share from 23% in 2012 to 33% in 2017, with Brazil, Russia, India and China in the Top Ten by sales value. The European Federation of Pharmaceutical Industries and Associations notes: ‘The research-based pharmaceutical industry is a key asset of Europe’s economy. It’s one of the top performing high technology sectors.’ Having scanned the figures mentioned, what would you consider to be the countries – or

www.risk-uk.com

The industry is comprised of companies who make, patent and sell drugs that have therapeutic effect. The market is highly competitive and entry is difficult due to a combination of strict regulations and the need for extensive research and development involving time-consuming clinical trials. In addition, high research and development costs, expiring patents and difficulty in gaining product approval from the appropriate regulatory bodies combine to mean that companies must produce ‘blockbuster’ drugs (and continue to do so in order to remain in good standing). Other challenges facing the industry include pressure from purchasers, such as hospital managers who negotiate discounts with wholesalers or manufacturers when buying in bulk, in turn increasing pressure on pharmaceutical companies to produce costeffective drugs that will remain competitive. There’s also the necessary requirement to gain approval for new drugs. According to the Centre for Drug Evaluation and Research, on average there have been less than 23 approvals on an annual basis over the past decade. Although patents protect the intellectual property rights of specific drugs, usually for a period of around two decades, the timing of the patent application is crucial. Too early and the product isn’t protected for a sufficient time

InTheSpotlightASISInternational June2015_riskuk_apr15 04/06/2015 15:34 Page 61

In the Spotlight: ASIS International UK Chapter

period when it reaches the market (affecting profitability due to patent expiration). Too late and the research is exposed for too long and open to compromise and copying. Furthermore, pharmaceutical companies face increasing pressures related to generics. These are drugs comprised of the same ingredients as patented drugs, but sold under a drug’s chemical name rather than the pharmaceutical brand name. Medical professionals can prescribe drugs under their chemical name without specifying a brand.

Terminology: Trade Secrets Trade secrets relate to information that’s not generally known and which companies, researchers, inventors and creators treat as confidential in order to gain or otherwise preserve a competitive advantage. They are not exclusive Intellectual Property Rights. For an asset to be considered a trade secret it must have value, either real or potential. It must only be known to the company and be seen to be protected. Trade secrets can range from the chemical composition of drug products through to manufacturing methodologies and software algorithms. Virtually anything that has economic value derived from not being generally known – and that’s adequately protected – can be a trade secret. With no expiry date, trade secrets may be valuable and perpetual assets for a company. Additionally, no registration is required. The term ‘trade secret’ is an important one. Risk UK’s readers may be following developments at the European Parliament and European Commission (EC) on the protection of undisclosed know-how and business information against their unlawful acquisition, use and disclosure, more commonly referred to as the Trade Secrets Directive. This document is currently in the consultation phase and aims to ensure fair and honest competition, providing innovators with a means of defence against attacks on their knowledge assets. It may surprise you to learn that there’s currently no standardised civil or criminal law applicable in the EU to protect trade secrets. EU Member States’ legal enforcement of trade secrets varies by country. Some Member States don’t have legislation on misappropriation, relying instead on general laws as interpreted by the Judiciary. In some Member States, trade secrets are only protected against misappropriation by competitors. Not all appropriate remedies are present in all Member States, and the courts don’t always have mechanisms in place to ensure confidentiality of trade secrets during and after

litigation. Often, recourse designed to address misappropriation is through employment law. The legislative landscape to protect trade secrets is fragmented, then, and that’s exactly why the very best line of defence is to prevent the trade secret from leaving the enterprise in the first instance.

Acts of Misappropriation The Trade Secrets Directive resulted from a study on Trade Secrets in the Internal Market conducted in April 2013 and prepared for the EC. In the study, respondents confirmed that they had suffered from attempts at acts of misappropriation of trade secrets across the last decade, both within and outside the EU. Out of the 537 interviewees, 20% had suffered at least one attempt of misappropriation within EU countries. The majority of companies experiencing such acts were found to be in the chemical, motor vehicle and pharmaceutical sectors. Larger organisations report a higher frequency of attempts at (or actual) acts of misappropriation than SMEs both inside and outside the EU. The parties identified as being primarily responsible for attempts or acts of misappropriation are competitors, former employees and customers. Current employees are deemed to have been responsible for misappropriation in 18% of cases. It’s worth noting here that the loss or compromise of trade secrets is one of the most under-reported business statistics so we can infer that these numbers are likely to be somewhat higher.

Adverse consequences in view A 2012 survey conducted by The Ponemon Institute and involving a substantial 3,317 respondents noted several interesting statistics. Companies reported substantial adverse consequences, both reputational and financial, as a result of attempts of acts of misappropriation of trade secrets. Survey respondents indicated they had suffered a loss of sales, clients and contracts (56% of affirmative responses), costs attributed to internal investigation (44%) and increased expenditure for protection (35%), costs around negotiating settlements (34%) and also for prosecuting and litigation measures (31%). Companies must mitigate the human threat while also taking care of the technical aspect.

Rowena Fell MA CPP FSyI: Associate Director of the Intellectual Property and Trade Secrets Protection Programme (EMEA) for Merck Sharp & Dome’s Global Security Group

“For an asset to be considered a trade secret it must have value, either real or potential. It must only be known to the company and be seen to be protected” 61

www.risk-uk.com

paper ad_Layout 1 04/06/2015 17:59 Page 1

thepaper

Pro-Activ Publications is embarking on a revolutionary launch: a FORTNIGHTLY NEWSPAPER dedicated to the latest financial and business information for professionals operating in the security sector

Business News for Security Professionals

The Paper will bring subscribers (including CEOs, managing directors and finance directors within the UKâ&#x20AC;&#x2122;s major security businesses) all the latest company and sector financials, details of business re-brands, market research and trends and M&A activity

FOR FURTHER INFORMATION ON THE PAPER CONTACT: Brian Sims BA (Hons) Hon FSyI (Editor, The Paper and Risk UK) Telephone: 020 8295 8304 e-mail: brian.sims@risk-uk.com www.thepaper.uk.com

FIATechnicalBriefing June2015_riskuk_apr15 04/06/2015 15:06 Page 63

FIA Technical Briefing

he fire is out. The whole fire detection and alarm system worked perfectly. The Fire Service attended your premises and may have already left yet there’s a room on your site that, because of the fire episode, is fatal to enter. You have no way of knowing this, though, and are duly sending occupants back in to a potentially deadly situation. The reason is carbon monoxide (CO). A colourless, odourless, tasteless gas which, in sufficient concentrations, can cause serious brain injury and may even prove to be fatal. CO is generally recognised as an unwanted by-product of malfunctioning or incorrectly ventilated commercial and domestic fossil fuel burning appliances. However, it may also be generated following the combustion of specific materials during a building fire. As such, CO ought to be considered as a contributing factor in fire-associated deaths. CO affects the haemoglobin in the blood. The gas is highly toxic in volumes above 35 ppm and its effects are cumulative over short periods of time. You don’t have to spend time in a room with high concentrations to be affected. Simply inhaling small quantities of CO can adjust someone’s blood chemistry to potentially harmful levels while repeatedly visiting an area containing the gas only compounds the effect. The way in which CO affects the body means it’s very easy to be quickly overcome by the gas and, as a result, serious injury or even a fatal situation can occur. Currently, under European Standards there’s no requirement for CO detection to be included as part of a fire detection system. In the USA the story is very different. A spate of both fire and non-fire related incidents have led authorities in the United States to push for CO detection’s inclusion in most commercial buildings both old and new. This mandate has led to a change in their standards including setting out how these devices should be connected to, reported on and managed by a building’s fire safety system.

Embracing the changes It’s my belief that ‘The EN World’ simply cannot be left behind and must embrace the changes American standards bodies are making by translating them into our own guidance. “Hang on” you may say. “CO detection has been part of commercial fire detection and alarm systems for many years”… You’d be right to point this out, but these specialist devices are strategically placed in suitable areas to detect a fire in the same way that a smoke or heat detector is used. They

Carbon Monoxide: Fire and Life Safety Standards

Carbon monoxide is a colourless, odourless and tasteless gas, but it’s far from being harmless. In sufficient concentrations, it can cause serious brain injury or even death. In relation to fire safety, Aston Bowles discusses the changing landscape of carbon monoxide detection in the USA and its potential implications for the European market have much higher sensitivity settings (looking for low concentration levels measured in parts per million) than those required for CO life safety detection, which is the case we are discussing here. CO detectors used for life safety – let’s call them CO-LS to avoid confusion – look for much higher (gas) concentration thresholds as an indication of danger to life if inhaled. Traditionally, they were standalone devices but are increasingly being integrated with domestic standalone smoke alarms as ‘combination smoke CO (fire/life safety) alarm devices’.

Roadmap for mandated sites Currently, the US Standard only mandates commercial CO-LS detection in sleeping areas and/or wherever CO can be produced and accumulated. These areas include newly constructed day care centres, lodging and rooming houses, hotels, dormitories and apartment buildings (with some exceptions). The roadmap for mandated sites is growing, and it’s clear that the direction of travel is for CO detection to become part of the commercial fire system specification. Given that CO-LS is now commonly installed as part of the fire system in the US, but has a very different function (ie not to detect fires),

Aston Bowles: Marketing Manager of Advanced Electronics

www.risk-uk.com

FIATechnicalBriefing June2015_riskuk_apr15 04/06/2015 15:07 Page 64

FIA Technical Briefing

detection is elevated above the other signals the fire panel may action and must have its own distinct warnings. Crucially, CO is no longer reported as a fire alarm but as its own distinct ‘Life Safety’ category. Again, the direction of flow here is very much away from ‘dumb, conventional devices’ to intelligent CO-LS management as part of the overall fire safety system.

NFPA Standards: leading the way

the NFPA 720 Standard for CO detectors was recently updated to mandate how CO-LS detection interfaces are reported and managed on the fire system. In the US, ‘Trouble’ is a synonym of our ‘Fault’, while ‘Supervisory’ relates to something like warning or pre-alarm. NFPA 720 requires: “CO alarm signals to be distinct and ‘descriptively annunciated’ from fire alarm, CO supervisory and CO trouble signals’. Furthermore, the CO alarm signal should take precedence over supervisory or trouble signals. The actuation of a CO detector or system should be distinctly indicated as a CO alarm signal.

Signalling the control panel “CO detector trouble signals must be indicated visually and audibly at the control panel and supervising station. Therefore, the CO detector must have a means to signal trouble conditions to the control panel, such as a sensor failure or sensor end-of-life signal.” This means that, when CO detectors are connected to a fire panel, they need to be handled differently. The reporting of CO

“CO affects the haemoglobin in the blood. The gas is highly toxic in volumes above 35 ppm and its effects are cumulative over short periods of time” 64

www.risk-uk.com

It may be difficult for some of us in Europe to hear, but the NFPA Standards often lead the way for the fire prevention industry. If nothing else, the US market is the world’s biggest and regional codes, such as those imposed in New York City, are among the strictest anywhere. UL is an aggressive and growing standard about which anyone selling EN devices outside Europe will need to be aware. It’s worth noting that UL is also ahead of EN in the methods used to wake people from sleep, with several States mandating the use of 520 Hz audio tones and often in conjunction with CO-LS detectors. This will also arrive on our shores eventually and we should determine to act immediately. In all honesty, that’s a subject for an article in its own right. Action must be taken now with a view to CO for life safety being included in the EN Standard for fire systems as soon as possible. It’s the right thing to do for the future of the EN Standard, but mainly we need to strive for inclusion because this will save lives.

What of the future? At this point it’s well worth noting that CO Fire Detector Standard EN54-26:2015 was published earlier this year. This document means that any CO fire detectors on the market must be in accordance with the legislation within 48 months – typical – while British Standard 5839 only refers to CO for fire detection. There doesn’t appear to be any work items in CEN or ISO on this topic. Even if it were accepted and work began today, it would be unlikely that a CO-LS standard would be issued with mandatory product conformity until 2019 at the earliest. Better news is that there have been detailed discussions between CEN/TC72 and CLC/TC216 which have led to the formation of a joint Working Group that will draft dedicated European Standards in this area. While it’s fair to say that we may still be lagging somewhat behind our American colleagues, the EU is at least now beginning to catch up on this vitally important matter.

Project1_Layout 1 04/06/2015 18:28 Page 1

CERTIFYING

SECURITY

The leading certification body for Guarding Services. Appointed Security Industry Authority (SIA) Approved Contractor Scheme (ACS) Assessing Body. ISO 9001 and Product Certification for Key Holding and Response Services, Door Supervisors, Static Site Guarding and Mobile Patrol Services, Event Stewarding, Crowd Safety, Security Wardens, Cash and Valuables in Transit, Close Protection Services and Security Dogs. Contact us for a free no obligation quote.

Telephone : 0191 296 3242

SSAIB

www.ssaib.org

solutions for a safer world

CONTRACT SECURITY SERVICES LIMITED CASH & VALAUABLES IN TRANSIT (CViT) SERVICE PROVIDER CASH PROCESSING & BANKING SERVICE (INCLUDING COLLECTION AND PROCESSING FROM CAR PARK MACHINES)

CASH CONSOLIDATION SERVICE SECURITY GUARDING AND MOBILE PATROL HEAD OFFICE: CHALLENGER HOUSE 125 GUNNERSBURY LANE LONDON W3 8LH T: 020 8752 0160 F: 020 8992 9536 E: info@contractsecurity.co.uk www.contractsecurity.co.uk

SALES: T: 01622 792639 F: 01622 882084 E: sales@contractsecurity.co.uk

DEPOTS: Brentford, London | Larkfield, Kent | Andover, Hampshire

SecurityServicesBestPracticeCasebook June2015_riskuk_jan15 04/06/2015 15:44 Page 66

Margin Erosion: How do we buck the trend? Despite growing a skilled workforce and benefiting from the introduction of regulation by way of the Security Industry Authority, the private security sector is still having to wrestle with the fundamental problem that’s labelled ‘margin erosion’. Bandwagon discounting, failure to differentiate and staff engagement struggles are all part of the mix, as Carl Palmer describes

rguably, the private security sector has been slow to demonstrate the value it can add to what has, in the past, been seen as a commodity or even a distress purchase. ‘Grudge purchase’ remains the favoured phrase for many commentators. The public perception of the private security sector is way below where it should be and, frustratingly, it would appear that little is being done by the sector to change matters to a significant degree. Certainly, we have much work to do if we’re to encourage young talent into this business in the required numbers. That being so, it’s high time we – the security companies – determined to become more progressive and dynamic in our approach. The sector – including its regulatory and trade bodies – has collectively failed to communicate the true costs of our services. Clients are the victims of that status quo, with many suffering the premature termination of contracts due to the miscalculation of costs in an effort to secure business within what is an arguably flawed tender process. We’re all acutely aware that the current state of the market leaves security guarding companies’ margins tightly squeezed and that the total FM giants have the ability to claw back profit lost in lowering their costs for guarding services by dint of bundled services selling with higher margin offerings. Is this the correct order of things? Surely it has always been the case that a well-trained

Carl Palmer: Executive Chairman of CIS Security

66 www.risk-uk.com

security officer is much more valuable to an organisation than any supporting technical kit they might be using? From my perspective people always respond best to people and, what’s more, it will always be that way. The problems highlighted are not the fault of the client base. They are the fault of our sector. All security companies should demonstrate their expertise and experience by adhering to Best Practice methods and priding themselves on being transparent about the costs of doing things correctly. Put simply, we must all show our clients how this approach can benefit them in the long term with a demonstrable return on their investment. We cannot sit back and ask our clients to feel sorry for us because of the fact that our bottom line is suffering. Rather, we must recognise that we can – and actively do – introduce planning for service level improvements and efficiencies over the length of any given contract.

Differentiation and specialisation From the client’s point of view, there appears to be little that sets one security company apart from its competitors within our sector. That being the case, we need to highlight differentiation and specialisation, in turn duly visualising these differences through clear branding and communication and, in doing so, aid our clients’ understanding. This, of course, requires a higher investment in the marketing of our products and services. Businesses who are experts in the field of corporate security also have a responsibility to engage and rally their workforce to become a more confident and active part of the sector by sharing good stories, Best Practice ideas and innovation, supporting the truism that effective security simply does cost more.

SecurityServicesBestPracticeCasebook June2015_riskuk_jan15 04/06/2015 15:44 Page 67

Security Services: Best Practice Casebook

Look at other industries and how they have fared through the process of heavy discounting. Of late, there has been a popular viral quote shared on social media. It states: “Maybe we should stop asking why real food is so expensive and start asking why processed food is so cheap.” For their part, companies operating in the private security sector need to encourage their clients to stop asking why professional security is so expensive and instead question why poor security is so cheap. Premium security provision is now a skilled and educated business practice. Clients at this level expect security professionals to be trained and vetted to the highest degree. They want to see knowledge-driven and licensed officers who can think on their feet and deliver excellent customer service on a continual basis. Many customers are beginning to understand that such a premium service comes at a price. Increasingly, clients will look to us, as security experts, to recommend a tailored solution with well-structured Key Performance Indicators, and will reward innovative efficiencies with the promise of longer contracts. First class security at this level is all about stability and resilience. Staff contentment is a key part of the mix but, without ongoing checks, it can be a factor that’s neglected. With so few organisations committing to the Living Wage, is it any surprise that 60% of security professionals don’t renew their SIA licence cards? Historically, staff churn has been a huge and damaging issue for the sector. The acquisition of fresh talent – by way of apprenticeship schemes, for example – ought to be a far larger focal point for all security businesses. Why not work more collaboratively in encouraging more females into our sector, too? 9% is a level that can, without doubt, be improved. There’s a huge opportunity for us to engage both male and female staff thanks to the recent ‘out-of-the-box’ thinking demonstrated in the FM sector. The creativity in the solving of FMcentric issues has been truly impressive. Traditional problems around employee and visitor engagement are being dissolved through systematic and methodical approaches encompassing end user feedback, the careful application of new technology and even good old-fashioned customer service training. The future for the next generation of FM professionals is bright, that’s for sure.

“Surely it has always been the case that a well-trained security officer is much more valuable to an organisation than any supporting technical kit they might be using” published by The Security Institute should read it from cover to cover. This is a piece of work which imbues a feeling of optimism for our business sector. The Manifesto talks about security as being “a force for good” which is a great proposition for the next era of private security business development. There’s now a definite rumble of excitement about the possibilities that lie before us and how the seizing of opportunities could have a real game-changing effect on the modern day corporate security experience. Clients, therefore, need to be informed about the real value of having outstanding security with properly engaged and in-control officers on site who will proactively develop and improve the service. In an age where brand experience is seen as having the highest impact on brand equity than any other single element of the marketing mix, why are so many organisations neglecting to invest in the very first person a visitor will meet when they enter a building? One of the most visible individuals on their very doorstep who may also be responsible for diffusing situations with the utmost diplomacy as well as being vigilant enough to spot risks that might prevent the host business from running smoothly. Let’s put more effort into shaping not just how our end user customers feel about our product, but also how the general public feels about us. Let’s listen to as many views as we can, share and act upon the feedback and use this to improve our staff engagement levels, skills and technological innovations. That will benefit both customers and members of the public while also making them feel safer.

How might security evolve? A little closer to home, how might security evolve within this changing FM landscape? Anyone involved in facilities management who hasn’t come across the recent Manifesto

www.risk-uk.com

CyberSecurityRethinkingSupplyChainRiskManagement June2015_riskuk_apr15 04/06/2015 18:07 Page 68

Cyber Security: Rethinking Supply Chain cyber breaches have shown Risk Management Recent that determined attackers are actively and successfully gaining access to corporate systems through third party suppliers. Host organisations continue to place ‘blind faith’ in external suppliers, but it’s a practice that can no longer be sustained. Phil Huggins argues that the time has now come to move the cyber resilience of supply chains up the corporate agenda and re-evaluate how such risks should be effectively managed

he complexity of supply chains has increased, fuelled largely by outsourcing and interconnectivity. In turn, the risks directly involved with them have risen exponentially. Not surprisingly, it’s very much the case that regulators are increasingly turning their spotlight towards this issue. Benjamin Lawsky, the head of New York’s Department of Financial Services, has highlighted a new approach to cyber security regulation for regulated banks. This includes an increased focus on the cyber security due diligence of third party service providers such as law firms and accountants. The approach echoes similar calls by the Prudential Regulation Authority and the Financial Conduct Authority in 2014 targeted at regulated financial services bodies. The risks are omnipresent and not always immediately obvious. Take, for example, the scenario of an internal Finance Department that relied on its counterparts in the finance teams of suppliers to re-run previous days’ transactions in the event of systems failure. The approach seemed reasonable and would have allowed them to recover IT and reconcile errors at a later date. However, with multiple suppliers using the same cloud provider, in the event of an attack a significant number of transactions would not be run across the supply chain for several days or even weeks.

Phil Huggins: Vice-President of Security Science at Stroz Friedberg

www.risk-uk.com

At present, most businesses either undertake no active assurance of their suppliers or extend their own concepts of IT security compliance to external organisations via contractually mandated third party assurance activities. The shortcomings of the latter approach are further compounded by the lack of a ubiquitous standards regime fit for today’s threats. While the Statement on Auditing Standards (SAS) No 70 (SAS70) and the more recent Statement on Standards for Attestation Engagements (SSAE) No 16: Reporting on Controls at a Service Organisation (SSAE16) have formed the basis of some initiatives, there’s recognition that they don’t meet the needs of cyber security. In large part, this is due to the wide variety of control definitions between each organisation in the supply chain.

Cyber Essentials Scheme The UK Government has attempted to address this issue by defining a baseline of cyber security standards within the Cyber Essentials certification scheme. Mandated for the Government’s own supply chain late last year, this scheme independently verifies that an organisation is completing some basic cyber ‘hygiene’ measures. In reality, internally developed policies and control definitions continue to be used as yardsticks when assessing how closely an individual supplier meets those targets. This approach presents a range of issues and flaws. Business rarely engages with an external review by using this as an opportunity to improve. Rather, it’s much more common that every opportunity is taken to demonstrate

CyberSecurityRethinkingSupplyChainRiskManagement June2015_riskuk_apr15 04/06/2015 18:29 Page 69

Supply Chain Cyber Security Risk: Strengthening Resilience

notional compliance so as to limit the costs of externally imposed remedial work. The result? Confidence in the veracity and completeness of third party assurance returns is low. Also, controls and policies designed for one organisation reflect the threats, risks, risk appetite and capabilities of that company. While similarities may exist, these are unlikely to be exactly the same across the supply chain.

Aspiration and reality There’s a void between aspiration and reality, with many businesses expecting a level of controls and policy compliance from their suppliers that they only aspire to internally but have so far failed to embrace. If exposed at any point, this can lead to reduced trust in the business relationship. Larger organisations within a supply chain often have mature cyber security capabilities and resist changing them to meet external customer requirements. Conversely, the smaller organisations within a supply chain rarely have access to the funding or skills required to effectively address cyber security requirements. A compliance-led approach to cyber security is not enough to manage the threats presented by the rise in highly-capable and determined adversaries. The focus must change to riskinformed resilience, detection and response rather than an exclusive reliance on protection and prevention. Every organisation in the supply chain assesses – and is assessed – by every other organisation. This creates an expensive and distracting industry of rolling security controls assessments with each organisation addressing the same risks in a different manner. Supply chain risk management is increasingly concerned with engagement, collaboration and alignment, focusing on the identification of shared goals and objectives and the use of contracts to incentivise suppliers and reduce divergence in these goals rather than enforce unwanted requirements. In parallel, internal cyber security is moving towards a collaborative, intelligence-driven approach, with a focus on preparation and training to deal with breaches. This is driving the development of information sharing forums within different sectors (already a common practice for many years at the larger end of the financial services sector).

A new, more collaborative and shared approach is needed to manage supply chain cyber risks as opposed to treating the supply chain as an external source of risk. What, then, might such an approach look like? The first step is to identify existing information sharing relationships and invest time, money and trust in developing them. It’s crucial to evaluate the value of such forums to the wider extended ecosystem rather than the value of participation to a specific business. Larger players in the supply chain will have greater visibility and more capability to contribute than the smaller players. A second step is to work towards identifying a definition of common controls or standards which can secure the backing of multiple participants in the supply chain. There are several options already available, with the Council on Cyber Security Critical Security Controls a good contender for larger organisations and the IASME standard for SMEs and Cyber Essentials an alternative for smaller organisations. Where consensus can be reached with suppliers and competitors, the ability to compare like-for-like across the supply chain will be improved. A key move is looking for opportunities to reward supply chain participants for information sharing and good hygiene as a replacement for punishing non-compliance. While a contract should be put in place to safeguard minimum standards, alignment and engagement should be the major priorities.

Sharing of capabilities Finally, those firms and supply chain partners with mature cyber security capabilities – such as Security Operations Centres, incident response teams, security architecture practices, risk analysts and security testing teams – should consider moving beyond information sharing to the sharing of capabilities. Experience has shown that this helps improve coverage, efficiency and response times across the supply chain. By using the Security Operations Centre of an existing supplier to provide services to the wider supply chain, a data breach in the extended enterprise may be detected much earlier. As a result, it’s much less likely that the business continuity plan may have to be invoked due to a supplier failing to deliver part of a process.

“By using the Security Operations Centre of an existing supplier to provide services to the wider supply chain, a data breach in the extended enterprise may be detected much earlier” 69

www.risk-uk.com

TrainingandCareerDevelopment June2015_riskuk_apr15 04/06/2015 15:37 Page 70

Improving Assessment in Security Qualifications

hat has to be realised at the outset is that if an individual and/or an assessment centre is intent on committing malpractice and fraud they will do so irrespective of the quality assurance mechanisms any awarding organisation has in place. Malpractice can and will occur. What matters are the measures put in place to reduce the opportunity of that malpractice occurring. When the Security Industry Authority (SIA) licence-linked qualifications moved to the Qualifications Credit Framework (QCF), invigilators were introduced who did not have a direct involvement in relation to the training. From my own point of view this represented a step in the right direction. Malpractice in assessment can take many forms, ranging from students using mobile devices or ‘cheat sheets’ in examinations through to the allegations that we witnessed on the BBC’s recent Inside Out broadcast (‘BSIA Training Providers Section defends security industry suppliers in wake of BBC’s Inside Out programme’, Risk UK, April 2015, pp8-9). A number of commentators claim that independent assessment at a school or college would be the way forward because of their perceived experience in these matters and the fact that their image to most of us is one that’s squeaky clean. At the risk of repetition, malpractice will happen if an individual or an organisation is intent on committing malpractice. That’s no less true for schools and

Stuart Galloway Cert Ed MIfL Dip RSA: Senior Associate at WSG Associates and a Specialist in Business and Education Support Services

www.risk-uk.com

Last month, Risk UK carried a direct response (‘Best Practice in Security Training and Assessment: What should it look like?’, Risk UK, May 2015, pp12-13) to the White Paper written by Industry Qualifications’ CEO Raymond Clarke focused on training and assessment controls in the UK’s security sector (‘Controls on Security Training and Assessment: Why they must be strengthened’, Risk UK, April 2015, pp58-59). Here, Stuart Galloway focuses on one specific area: improvements that could be made in relation to the assessment of security qualifications colleges, where penalties issued to staff around reported malpractice for GCSEs and A Levels in England, Wales and Northern Ireland shot up by 16% in 2014, with 69% of all penalties imposed on school or college staff for giving inappropriate assistance to candidates. Indeed, the number of penalties issued to schools and colleges for malpractice ascended by an alarming 35% in 2014 and have risen by over 400% since 2011. Penalties have been issued to schools and colleges due to breaches of security and giving undue assistance to candidates. Other reasons include schools and colleges not adhering to the requirements of an examination by allowing the early opening of question papers without authorisation, permitting candidates to sit an examination at the wrong time or a lack of appropriate invigilation during test scenarios. Does any of this sound familiar?

SIA Licence-Linked Programmes Across the awarding organisations, it would appear that there are some differing views around the inconsistency of examination paper questions. The answer is a simple one. Have one bank of questions in place for each unit that all awarding organisations must use. In terms of identity checks, the current system in place for anyone undertaking examinations in the security sector is sufficient. It’s difficult to think of ways in which to make any improvements other than introducing an electronic or biometric system of some kind, but this may be too costly to implement. Invigilation procedures are no different to those in schools and colleges so how do we, as

TrainingandCareerDevelopment June2015_riskuk_apr15 04/06/2015 15:37 Page 71

Training and Career Development

a business sector, look to improve matters? Training and nominated invigilators are two of the key areas where we can make enhancements. In the same way that tutors are nominated when registering a course with the awarding organisation, invigilators should be nominated. Greater evidence of the training of invigilators is required and must be provided to the awarding organisations before those invigilators are accepted as being approved. This training doesn’t need to be onerous and may, for example, take the form of a simple elearning package. The fact of the matter is that invigilators are recognised and identified from the outset. When it comes down to assessment practices, as most of us are fully aware the theoretical units are assessed through multiple choice questions. It’s not an approach with which many wholeheartedly agree. From my perspective, it would be better to see a more blended approach towards examination questions with a selection of multiple choice, short answer and True/False-style options. It’s understandable as to why this may prove difficult, but can we put a price on ensuring that someone has the appropriate basic knowledge?

Assessing vocational competence At present, tutors can assess practical elements of the units within Close Protection, CCTV and Physical Intervention without having undergone any training or harbouring experience and/or qualifications in assessing vocational competence. Many tutors only have the basic requirements necessary to hand that enable the delivery of training and, indeed, have carried out little or no CPD other than what was mandated in relation to the delivery of Physical Intervention tuition. An educated guess would likely suggest that, of those delivering the training, the minority will have assessment-related competence

and/or qualifications. However, the assessment of vocational competence requires a very different skill set to that for the effective delivery of training. For some reason, in the security sector having this skill set isn’t seen as being a necessary prerequisite, yet we expect operational education and training staff to assess competence without ensuring that they have the skill set to do so. Changes to the courses for training and assessment staff – now the Level 3 Award in Education and Training – and assessor qualifications known as TAQA more than accommodate the requirements to provide for assessing vocational competence. We should introduce the requirement for those assessing the practical elements to hold the necessary assessing units/qualifications in the same way that this is required for NVQs. To the very best of my knowledge, only one of the current awarding organisations – namely SQA – presently stipulates this within its qualification specifications. In a bid to further enhance the integrity of the practical assessment process, independent assessors should be the ones to carry out the observations and make the necessary assessment judgements. In terms of clarifying what’s meant by ‘Independent’, reference is made to an appropriately qualified and sectorcompetent individual who has had no input or bearing when it comes to training delivery.

Embracing the use of technology The primary focus here has been on the assumption of assessment practices being paper-based, but many practitioners – myself among them – have become huge advocates of embracing technology, particularly through the use of e-assessment with examinations conducted online and marked automatically with almost instant feedback to centres and learners on achievement outcomes. Technology and e-assessment can also help to improve invigilation procedures and processes and tighten up on identification validity when looking to determine who has sat for a particular examination. In relation to the practical-based assessment around elements of Close Protection, CCTV and Physical Intervention courses, one way forward for awarding organisations would be to encourage the use of e-Portfolios.

“Greater evidence of the training of invigilators is required and must be provided to the awarding organisations before those invigilators are accepted as being approved” 71

www.risk-uk.com

RiskinAction June2015_riskuk_jun15 04/06/2015 16:19 Page 72

Credit: www.sindone.org

Risk in Action SOT chooses Winsted for Control Room furniture project Winsted has been chosen to equip a stunning new Control Room on behalf of Bulgaria’s leading security provider SOT 161. Specialising in the delivery of a highly professional and focused range of security services, SOT’s 4,500 security staff protect more than 85,000 sites across the country, all of which are managed centrally from the company’s National Operations Centre located in Sofia. The National Operations Centre runs on a 24/7, 365 days a year basis and monitors the assets of numerous companies and properties, including Embassy residencies, Government buildings, banks, High Street stores, sports facilities, hotels, car dealerships, offices and ATMs. SOT realised that the company’s staff have to be able to operate effectively in the Control Room as this is a major factor when it comes to influencing the response time and outcome of incidents. An ergonomic solution was a must. Winsted was invited to provide ideas for the Control Rooms’ furniture requirements and duly produced CAD drawings and colour renders affording a complete visualisation of the project. While great importance was given to workstations having an optimum ergonomic design, the use of space and aesthetics were also important considerations in selecting the correct console design and space layout for the Control Room. Winsted proposed and delivered a solution based on a Prestige Sight-Line console, with a standalone M-View media wall selected for its modern aesthetics within a contemporary environment. Console design allows for 19” rack-mounted electronic equipment, while Winsted’s Versa-Trak display mounting system provides ergonomic comfort and ‘adjustability’. Combined with VESA-compliant brackets, Versa-Trak has enabled the Control Room screens to be easily attached and allows horizontal and vertical adjustability.

Showsec on fast track to more success in wake of Silverstone contract win Event security and crowd management specialist Showsec has won a new contract with one of the UK’s most iconic sporting venues. The company is now providing its services at Silverstone, the world-renowned home of the Formula One British Grand Prix as well as many other high profile motor racing events in the annual sporting calendar. The contract win represents a highly significant development for Showsec as the company endeavours to develop an even stronger presence within the world of sport. The greatest events in British motor racing take place at the Northamptonshire circuit during the course of a packed programme

www.risk-uk.com

Samsung Techwin safeguards the Holy Shroud during 2015 Exposition More than two million pilgrims are expected in Turin for the 2015 Exposition of the Holy Shroud, which is currently taking place in the city’s cathedral until 24 June. As was the case in 2010, the Enzo Hruby Foundation is collaborating with Samsung Techwin to protect the sacred relic by dint of employing the latest generation of video surveillance technology. Turin-based Centro Sistemi Antifurto designed and installed the video surveillance system required to monitor the areas dedicated to the Exposition. Images captured by the Samsung cameras are recorded and transmitted in real-time to an Operations Centre at the police headquarters in Turin, in turn enabling a quick response should any incidents arise. Samsung Techwin’s SNP-5430H 1.3 Megapixel HD weatherproofed PTZ speed domes are among the cameras deployed. The powerful 43x zoom capability of the SNP-5430H is enhanced by an auto-tracking feature. SNO-6084RP 2 Megapixel Full HD Bullet cameras have also been installed. They are equipped with a motorised varifocal lens and built-in IR illuminators. which runs from the end of March through to the beginning of November each year. “This is a prestigious opportunity for the company to work with a venue which enjoys iconic status in the world of sport and, indeed, beyond that arena,” explained Richard Church, Showsec’s regional manager for the Midlands. “We feel privileged to be given this chance of playing a key role in upholding that proud reputation over the busy programme of events which lies ahead, and look forward to this being the start of a long-term relationship.” Church added: “We believe there’s real synergy between Silverstone and ourselves in terms of the commitment to customer experience. Our own legacy of successfully delivering crowd management and security plans for large-scale sporting events, such as last year’s Tour de France, will certainly be of tremendous value to us in undertaking this exciting new challenge.”

RiskinAction June2015_riskuk_jun15 04/06/2015 16:19 Page 73

Risk in Action

Security ‘all sewn up’ for Royal College of Surgeons thanks to Axis Surveillance specialist Axis Communications has implemented an efficient IP-based video and monitoring control solution at The Royal College of Surgeons of Edinburgh during a time of major refurbishment works. The Royal College is one of the oldest surgical corporations in the world. Over 500 years old, it’s an historic professional members’ organisation that pursues excellence and advancement in surgical and dental practices. The College is spread over a number of buildings around Hill Square and is home to the Surgeons’ Hall Museum (Scotland’s oldest medical museum). In addition, the College boasts offices for 150 staff, a modern surgical skills training facility and auditorium in addition to a four-star hotel providing accommodation for visitors and tourists. With building refurbishment due to take place over a long period of time, a security system had to be installed that was flexible and included discreet cameras offering excellent picture quality while also being aesthetically pleasing so as not to detract from the make-up of the Grade A-listed buildings. A state-of-the-art solution has been developed combining Axis Communications’ network cameras with Milestone XProtect Professional software. To effectively cover the numerous locations where refurbishment work was taking place while also affording secure coverage for hotel staff and guests, the initial surveillance set-up includes 17 cameras. The project involves a series of Axis M30007PV network cameras. These 5 Megapixel fixed mini dome cameras are mounted on either walls or ceilings and provide four feeds of detailed, high quality panoramic views. Chosen because of their flexibility, they can be repositioned to move along as the refurbishment progresses with no time or fitting constraints. The Axis P3364-LVE is fitted to monitor the hotel and its exteriors. This fixed dome network camera produces high quality, low noise video even in a completely dark environment.

Citigroup’s award-winning Frankfurt Data Centre secured by Siemens The German branch of Citigroup decided to build its impressive Frankfurt Data Centre in order to create a high performance, energy-efficient facility and duly appointed Siemens as the company’s technical partner of choice. Siemens has subsequently delivered intelligent safety and security technology, reliable building automation and an uninterruptible (and redundant) power supply. High system availability, security and energy efficiency are key elements for Citigroup. Processed data is stored in duplicate within the data centre and mirrored to other Citigroup data centres. In the building itself, a dual power feed, duplicate downstream medium and low voltage switchboards with duplicate switches, busbars and dual cooling technology ensure maximum redundancy. If a power failure were to occur, two independent UPS units and the emergency supply would ensure power capability for more than 72 hours. To guarantee the safety and security of the building, its assets and processed data, all of the installed Siemens security and safety systems have been aligned with Citigroup’s global safety and security requirements. There’s also a facility for regular emergency evacuation and safety drills. Installed solutions include a Desigo building automation system, 1,600 Sinteso fire detectors, early fire detection via smoke extraction systems, sensors and cameras for the 1,300-metre perimeter fencing, 150 internal and external CCTV cameras and an intrusion detection system.

Delta Security enhances dedicated access control regime at Oak Hill Theological College Delta Security, the CCTV and access control solutions specialist, has installed a new access control system at Oak Hill Theological College to protect students, residents, employees and property alike. The college is set in 60 acres of Hertfordshire land and plays host to a modern academic centre complete with lecture theatres, seminar rooms, library space and study facilities as well as considerable residential accommodation for both year-round and term-time residents. Delta Security’s completed installation encompasses a SALTO Systems access control solution including ID passes and ad hoc printable passes, as well as new automatic electronic gates at the college’s main entrance. Tim McMahon, operations vice-principal at Oak Hill Theological College, believes that the key to the new system is the fact that the institution now has more detailed information to hand on access usage and greater control over what access is afforded to various parties. The security system has been designed such that the college can tailor access according to end user needs. It also accommodates different entry ‘media’ including ID cards, codes and help buttons.

www.risk-uk.com

TechnologyinFocus June2015_riskuk_jun15 04/06/2015 15:40 Page 74

Technology in Focus IDIS and 4Sight Imaging unveil ANPR solution for end users IDIS and 4Sight Imaging – a leading imaging technology company – have announced the successful integration of DirectIP with Veracity, a powerful and intuitive Automatic Number Plate Recognition (ANPR) software engine. Proving “ten times more accurate” in independent comparative testing, the IDIS and 4Sight solution combines leading image analysis technologies with next generation DirectIP HD cameras, in turn leveraging the latest system architectures and advances in solid state lighting to allow a wide, multi-lane field of view that’s accurate across a wide range of weather, lighting and number plate conditions. The solution eliminates the challenges traditionally associated with ANPR systems by removing complicated set-up, configuration and constant maintenance. System adjustments are made possible through both companies’ patented plug-andplay technology. The end result translates to low system configuration times and fast deployment that delivers benefits in terms of affordability and a continued low cost of ownership for the end user. www.idisglobal.com

Jacksons unveils timber and steel combination HVM fencing

Jacksons Fencing has introduced a novel high performance PAS 68 crash fence for end users featuring the outward appearance of a traditional timber post and rail fencing system. Jacksons’ Linebacker has passed the PAS 68 rating of PAS 68:2010 V/7500(N3)/80/90:7.3/21.4. Linebacker PNR features the PAS 68-certified and Secured by Design preferred Linebacker crash fence system concealed within a traditional timber post and rail fence design. Linebacker PNR is shallow-mounted and only requires a 500 mm foundation. The end result is a hostile vehicle mitigation barrier capable of arresting a 7.5 tonne vehicle travelling at 50 mph (80 km/h) and which is equally capable of blending into its surrounding environment. The proven Linebacker cable crash fence is accommodated within treated timber rails (treated to use Class 3) fixed to timber posts and treated to use Class 4 (allowing for direct contact with the ground or freshwater). Linebacker PNR is ideally suited to those end user sites which require both PAS 68 certified perimeter protection performance and a visually attractive fence that doesn’t draw attention to the high security nature of the site. Peter Jackson – CEO of Jacksons Fencing – told Risk UK: “This product combines Jacksons’ significant heritage and reputation in the timber sector with the company’s credibility as a leading designer, manufacturer and installer of a broad range of tested, certified, approved and preferred steel physical security and access control solutions. We fully anticipate that Linebacker PNR’s appeal as a robust and ultra secure barrier disguised within a post and rail configuration will prove popular with high security sites looking to achieve robust perimeter protection without sacrificing any aesthetics.” www.jacksons-security.co.uk

www.risk-uk.com

Milestone Systems expands device support with introduction of Pack 7.9 for partners and customers Milestone Systems – the open platform company specialising in IP video management software (VMS) – has released Device Pack 7.9 for partners and customers using Milestone XProtect security solutions. Device Pack 7.9 harbours support for 1,012 tested ONVIF devices, all using the same optimised driver. The XProtect Device Packs include tested and certified drivers optimised to enable the relevant capabilities of a camera or other hardware device to be managed by the XProtect software. Testing the drivers ensures the highest quality for a video surveillance solution, which is obviously important for total system operability. Milestone works closely with the device manufacturers in the Camera Partner Program (CaPP) to achieve the optimal interaction between their devices and the XProtect VMS. www.milestonesys.com

End users can stay one jump ahead with SALTO’s new product line-up

SALTO Systems has introduced a detailed new range of access control products and technologies offering “unrivalled usability, capability and flexibility”. Consisting of both hardware and software, the new JustIN technology brings real-life and flexibility to access control and makes it both easy and secure to use smart phones as part of an access-based solution. SALTO’S JustIN Mobile Key app allows end users to employ their BLE-enabled smart phone to securely receive their keys online, anytime and anywhere, and then access doors directly with their phone. An alternative solution is JustIN mSVN (mobile SALTO Virtual Network) that permits extending or changing access rights on an instant basis and remotely Over The Air using SALTO’s mSVN app for NFC-enabled phones. For its part, ProAccess SPACE is designed to build on the established SALTO ProAccess and HAMS software family. www.saltosystems.com

TechnologyinFocus June2015_riskuk_jun15 04/06/2015 15:41 Page 75

Technology in Focus

360 Vision Technology releases Predator Steel camera systems

Talking the language of security integration: that’s Inner Range Europe

Inner Range has now developed a new series of modules and interfaces such as the SIFER smart card reader, the Standard LAN Access Module, the latest Sony CCTV interface and it’s new browser-based access control system designated Inception. SIFER is a multi-drop RS 485-based smart card reader that employs 128 bit AES encryption from the card through to the door module, in turn providing a far superior level of security than that of traditional Wiegand-based card readers. The Integriti Standard LAN Access Module (SLAM) can be used to control and monitor up to two doors on the Integriti RS 485 LAN, or via IP LAN if connected with CLOE modules. The SLAM offers a complete suite of programmable options to provide advanced high security access control, security area control and door alarm monitoring functions for end users. Meanwhile, the latest high level CCTV interface with Sony delivers many benefits to security solutions end users such as live and historic video streaming. www.innerrange.com

MATRIX AIR heralds “significant step forward” for access control

DORMA’s MATRIX AIR represents “a significant leap forward” in terms of design and ease of use for access control. With this latest addition to its product portfolio, DORMA can now offer end users a multitude of door and access control solutions. The new MATRIX AIR access control range has been designed with “the thinnest profile on the market” to enhance the aesthetics of a modern interior design scheme. The range includes integrated lever handle fittings and electronic access cylinders. Suitable for individual doors or as part of a complete access control solution, MATRIX AIR can be designed for “hassle-free” implementation and use, particularly when deployed in conjunction with the MATRIX AIR app which allows administrators to manage access rights on an efficient basis.

CCTV design and manufacturing company 360 Vision Technology has announced the release of a new stainless steel variant to its range of highly successful Predator ruggedised high-speed PTZ camera systems. Featuring a compact and robust housing fabricated from anti-corrosive 316L stainless steel, Predator Steel has been designed to withstand the toughest of operational environments. Offering advanced performance throughout a range of extreme temperatures (from -40oC to +60oC), Predator Steel is ideal for installation at petrochemical, aviation and oil and gas sites as well as ports. With a variety of HD and analogue colour/mono camera and lens size variants available, Predator Steel encompasses the same fully-featured performance as the rest of the Predator camera range models. Models include cameras with Sony ExView 670 TVL resolution, low-light capability down to just 0.01 lux, up to 44x zoom capability with autofocus and Wide Dynamic Range for excellent low-light imaging. “Retaining the look, size and performance of Predator but with the strength of a stainless steel IP68-rated housing, the introduction of this new compact version provides end users with a competitivelypriced and rugged camera system,” explained Mark Rees, business development director at the company. www.360visiontechnology.com

DORMA has also introduced its Automatic Folding Door, the DORMA FFT Flex Green. An ideal space-saving solution, this provides maximum clear opening widths of 2.4 metres and meets the requirements for emergency escape routes in line with Approved Document B. The in-built locking mechanism is designed for easy integration with access control. The FFT Flex Green Automatic Folding Door also offers excellent thermal separation efficiency as well as quiet operation. An Automatic Sliding Security Door, the DORMA ST Flex Secure has been configured for applications that require the very highest levels of security. The company has also been working on an entirely new concept designed to “show the future of access control” – where authentication is carried out by the door itself without the need for traditional card or fobbased wall readers. www.dorma.com

www.risk-uk.com

Project1_Layout 1 07/04/2015 13:23 Page 1

Discover security at ifsec.co.uk/ Risk

The global stage for security innovation and expertise

Plan your travel to IFSEC International today by using our handy travel centre. Visit ifsec.co.uk/travel to book discounted travel and accomodation. Join the community: #IFSEC @IFSEC ifsecglobal.com/Risk Plus, year round news and insight on IFSEC Global.com and with key global events bringing the latest in security to new regions.

Organised by

Appointments June2015_riskuk_jun15 04/06/2015 12:42 Page 77

Appointments

Mark Beadle

Support services provider Emprise Services plc has appointed Mark Beadle as CEO and Howard Sharp as chief financial officer in addition to making a number of other key appointments for the business which presently boasts a turnover of circa £80 million and employs around 5,000 people to deliver a range of integrated solutions for its clients on a national basis. Mark Beadle has been a director of public and private sector companies since the mid1990s, serving as CEO, Chief Operating Officer and/or Chief Financial Officer at organisations including Planet Hollywood Europe, Esporta plc, ITV Digital, the Priory Group, Capio Nightingale and Aitch Care Homes. Beadle is the non-executive chairman of Springfield Healthcare and is a Fellow of the Institute of Chartered Accountants. In terms of his new role at Emprise Services plc, Beadle’s specific aim is to grow the core businesses of the specialist security and cleaning functions under the larger Emprise brand. “Emprise has a terrific track record of delivering first class service to an impressive client base,” outlined Beadle in conversation with Risk UK. “I’m delighted to have joined the company at this very exciting time.” Referencing his new role as CFO, Howard Sharp stated: “I’m pleased to be back at Emprise after five years away from the business, and look forward to building the company with our new management team.” In addition, Emprise has appointed Bridget Hodgson as head of Human Resources, Lucy Irish as national sales manager and Maria Cane in the role of leisure account director.

Graham Orme The European Fire & Security Group (EFSG) has appointed Graham Orme as chairman for a three-year term of office. The EFSG is an association of established certification bodies in Europe specialising in the fire and security sectors. It provides a network of highly experienced certifiers with respected quality marks who actively assist product and systems manufacturers to access European and worldwide markets. The certification bodies and their associated test laboratories co-operate to form agreements which allow mutual recognition of each other’s test results. This enables a manufacturer to obtain multiple quality

Appointments Risk UK keeps you up-to-date with all the latest people moves in the security, fire, IT and Government sectors Steve Mowatt and Carl Meason

Unipart Security Solutions has recently announced the key promotions of Steve Mowatt (pictured, right) and Carl Meason. Mowatt joined Unipart in late 2010, working at the company’s Monitoring and Alarm Receiving Centre (MARC) in Cowley, Oxfordshire as duty controller. After a brief introduction to ‘The Unipart Way’, Mowatt was inspired to implement some of the tools and techniques learned within the MARC. The results were excellent and saw the MARC’s monitoring performance improve remarkably. In September last year, Mowatt was seconded to Unipart Expert Practices to assist in the rollout of a major contract won by Unipart Group. He now returns to Unipart Security and a new role as quality, compliance and training manager for Unipart Security Solutions. Carl Meason joined the Unipart Security team back in January 2014. His initial appointment saw him based at the MARC and, having impressed in that environment, it was decided that Meason should focus his energies and determination for improvement on the systems installation side. That being the case, he has assumed responsibility for the systems element of the business and a new role as director of electronics for Unipart Security Solutions. Meason has improved team momentum and productivity while also recruiting a number of highly-skilled engineers to encourage increased sales and an even better client service offering. certification marks on the basis of one set of tests and, as a consequence, make significant savings in terms of both cost and time. Speaking about his new role, Orme (an experienced director at BRE Global), told Risk UK: “I’m very pleased to be appointed as chairman by the EFSG and look forward to further development of the organisation while assisting industry to make inroads across both European and other global markets.” Orme joined BRE Global from Warrington Certification back in October 2009 to take up the position of standards manager. In that role, Orme actively promoted the certification work of BRE Global in overseas territories, focusing in particular on both the popular LPCB and BREEAM brands.

77 www.risk-uk.com

Appointments June2015_riskuk_jun15 04/06/2015 12:43 Page 78

Appointments

Rachel Parker

Louise Devitt

Ultimate Security, the London-based specialist security services company, has appointed Louise Devitt as Human Resources (HR) and support services director. Devitt brings over a decade’s worth of experience in director and senior level HR roles to the business. “Louise is a highly experienced generalist HR practitioner with a strategic and comprehensive understanding of HR management, business issues and organisational change,” stated Steve Hall, CEO of Ultimate Security. “She has a proven track record of developing and implementing coherent and robust HR strategies in a timely manner while also improving internal processes.” Paul Harvey, director at Ultimate Security, added: “In order to be the best company we can be, we always need to attract and retain the very best talent. Our commitment to a strong, engaged and highly-motivated workforce is one of our core business principles. I’m very much looking forward to working with Louise in shaping our culture and continuing to put our people and values at the very heart of the company.” Founded in 1999, Ultimate Security provides a range of integrated security solutions for clients including Land Securities, CBRE and Broadgate Estates.

Jon Hill

Samsung Techwin has appointed Jon Hill as the company’s new business development manager with a specific focus on the transport sector. Hill, who was a sales executive at NICE Systems prior to joining Samsung Techwin, has worked within the electronic security industry since 1993. He has previously achieved sales success while with Mirasys as well as during a previous spell of employment at Samsung Techwin. In addition, for eight years Hill represented Siemens Security Products as the company’s video systems specialist. Hill will now be responsible for developing relationships with security consultants, system designers and specifiers in order to identify opportunities within the transport sector for Samsung Techwin’s popular IP network-based video surveillance solutions. “We’re delighted that Jon has rejoined the Samsung Techwin team and that he will be spearheading our efforts to generate sales opportunities for installers and systems integrators across the transport sector,” said Simon Shawley, director for Northern Europe within the Security Solutions division of Samsung Techwin Europe. Shawley continued: “The railway sector has become an important vertical market for us following the issuing of the PADS Certificate of Acceptance for our IP network cameras, domes, recorders and Ethernet switches.”

www.risk-uk.com

FTSE 250 facilities management company Mitie Group plc has appointed Rachel Parker as regional director for London and the South East within the business’ Total Security Management division. Parker, who boasts over 20 years’ experience in the security industry (most recently with Wilson James), will now focus on Mitie’s London and South East portfolio. Parker is particularly well versed in contract retention, key account wins, mobilisation and security provision for large-scale events. “I’m delighted to be joining Mitie and will be seeking to grow the London and South East portfolio,” said Parker in conversation with Risk UK. “I was keen to join the business because of its client-focused and innovative approach towards security and look forward to working with the team.” Mitie Group plc is well positioned for future growth. 85% of the 2015-2016 budgeted revenue has already been secured, while the sales pipeline is buoyant at £9.7 billion.

Ben Draper

Ward Security has promoted Ben Draper to the Executive Board of Ward Security Holdings Limited. The move is in recognition of all the hard work Draper has put into the company over the last three years overseeing tremendous growth and ensuring that the business’ financial systems are robust enough to cope with projected expansion going forward. Speaking about the promotion, David Ward – managing director at Ward Security – told Risk UK: “Ben has built a very progressive team around him to ensure that the finance team delivers accurate information in a timely manner to both our clients and our own internal departments. This has been crucial to supporting the substantial growth we’ve achieved in recent years and the setting up of operations such as our new Scottish office and Ward Belgravia.” Ward Security is a national provider of security guarding solutions, offering a full range of security services including guard dog security, CCTV security systems, key holding and patrol services.

apr15 dir_000_RiskUK_jan14 07/04/2015 15:52 Page 1

Best Value Security Products from Insight Security www.insight-security.com Tel: +44 (0)1273 475500 ...and lots more Computer Security

Anti-Climb Paints & Barriers

Metal Detectors (inc. Walkthru)

Security, Search & Safety Mirrors

ACCESS CONTROL

Security Screws & Fastenings

Key Control Products

Empty Property & Lone Worker Alarms

Traffic Flow & Management

see our website

ACCESS CONTROL – BARRIERS GATES & ROAD BLOCKERS

FRONTIER PITTS Crompton House, Crompton Way, Manor Royal Industrial Estate, Crawley, West Sussex RH10 9QZ Tel: 01293 548301 Fax: 01293 560650 Email: sales@frontierpitts.com Web: www.frontierpitts.com

ACCESS CONTROL

ACT ACT – Ireland, Unit C1, South City Business Centre Tallaght, Dublin 24 Tel: +353 (0)1 4662570 ACT - United Kingdom, 2C Beehive Mill Jersey Street, Manchester M4 6JG +44 (0)161 236 3820 sales@act.eu www.act.eu

ACCESS CONTROL – BIOMETRICS, BARRIERS, CCTV, TURNSTILES

UKB INTERNATIONAL LTD ACCESS CONTROL

APT SECURITY SYSTEMS The Power House, Chantry Place, Headstone Lane, Harrow, HA3 6NY Tel: 020 8421 2411 Email: info@aptcontrols.co.uk www.aptcontrols-group.co.uk

Planet Place, Newcastle upon Tyne Tyne and Wear NE12 6RD Tel: 0845 643 2122 Email: sales@ukbinternational.com Web: www.ukbinternational.com

B a r r i e r s , B l o c k e r s , B o l l a r d s , PA S 6 8

ACCESS CONTROL, CCTV & INTRUSION DETECTION SPECIALISTS

SIEMENS SECURITY PRODUCTS ACCESS CONTROL

KERI SYSTEMS UK LTD Tel: + 44 (0) 1763 273 243 Fax: + 44 (0) 1763 274 106 Email: sales@kerisystems.co.uk www.kerisystems.co.uk

Suite 7, Castlegate Business Park Caldicot, South Wales NP26 5AD UK Main: +44 (0) 1291 437920 Fax: +44 (0) 1291 437943 email: securityproducts.sbt.uk@siemens.com web: www.siemens.co.uk/securityproducts

ACCESS CONTROL & DOOR HARDWARE

ALPRO ARCHITECTURAL HARDWARE

ACCESS CONTROL

COVA SECURITY GATES LTD Bi-Folding Speed Gates, Sliding Cantilevered Gates, Road Blockers & Bollards Consultancy, Design, Installation & Maintenance - UK Manufacturer - PAS 68

Tel: 01293 553888 Fax: 01293 611007 Email: sales@covasecuritygates.com Web: www.covasecuritygates.com

Products include Electric Strikes, Deadlocking Bolts, Compact Shearlocks, Waterproof Keypads, Door Closers, Deadlocks plus many more T: 01202 676262 Fax: 01202 680101 E: info@alpro.co.uk Web: www.alpro.co.uk

ACCESS CONTROL – SPEED GATES, BI-FOLD GATES ACCESS CONTROL MANUFACTURER

NORTECH CONTROL SYSTEMS LTD. Nortech House, William Brown Close Llantarnam Park, Cwmbran NP44 3AB Tel: 01633 485533 Email: sales@nortechcontrol.com www.nortechcontrol.com

HTC PARKING AND SECURITY LIMITED 4th Floor, 33 Cavendish Square, London, W1G 0PW T: 0845 8622 080 M: 07969 650 394 F: 0845 8622 090 info@htcparkingandsecurity.co.uk www.htcparkingandsecurity.co.uk

ACCESS CONTROL - BARRIERS, BOLLARDS & ROADBLOCKERS

ACCESS CONTROL

HEALD LTD

INTEGRATED DESIGN LIMITED

HVM High Security Solutions "Raptor" "Viper" "Matador", Shallow & Surface Mount Solutions, Perimeter Security Solutions, Roadblockers, Automatic & Manual Bollards, Security Barriers, Traffic Flow Management, Access Control Systems

Integrated Design Limited, Feltham Point, Air Park Way, Feltham, Middlesex. TW13 7EQ Tel: +44 (0) 208 890 5550 sales@idl.co.uk www.fastlane-turnstiles.com

Tel: 01964 535858 Email: sales@heald.uk.com Web: www.heald.uk.com

www.insight-security.com Tel: +44 (0)1273 475500

apr15 dir_000_RiskUK_jan14 07/04/2015 15:52 Page 2

CCTV

ACCESS CONTROL

SECURE ACCESS TECHNOLOGY LIMITED Authorised Dealer Tel: 0845 1 300 855 Fax: 0845 1 300 866 Email: info@secure-access.co.uk Website: www.secure-access.co.uk

CCTV POLES, COLUMNS, TOWERS AND MOUNTING PRODUCTS

ALTRON COMMUNICATIONS EQUIPMENT LTD Tower House, Parc Hendre, Capel Hendre, Carms. SA18 3SJ Tel: +44 (0) 1269 831431 Email: cctvsales@altron.co.uk Web: www.altron.co.uk

AUTOMATIC VEHICLE IDENTIFICATION

NEDAP AVI PO Box 103, 7140 AC Groenlo, The Netherlands Tel: +31 544 471 666 Fax: +31 544 464 255 E-mail: info-avi@nedap.com www.nedapavi.com

CCTV

G-TEC Gtec House, 35-37 Whitton Dene Hounslow, Middlesex TW3 2JN Tel: 0208 898 9500 www.gtecsecurity.co.uk sales@gtecsecurity.co.uk

ACCESS CONTROL â&#x20AC;&#x201C; BARRIERS, GATES, CCTV

CCTV/IP SOLUTIONS

ABSOLUTE ACCESS

DALLMEIER UK LTD

Aberford Road, Leeds, LS15 4EF Tel: 01132 813511 E: richard.samwell@absoluteaccess.co.uk www.absoluteaccess.co.uk Access Control, Automatic Gates, Barriers, Blockers, CCTV

BUSINESS CONTINUITY

3 Beaufort Trade Park, Pucklechurch, Bristol BS16 9QH Tel: +44 (0) 117 303 9 303 Fax: +44 (0) 117 303 9 302 Email: dallmeieruk@dallmeier.com

CCTV & IP SECURITY SOLUTIONS

PANASONIC SYSTEM NETWORKS EUROPE Panasonic House, Willoughby Road Bracknell, Berkshire RG12 8FP Tel: 0844 8443888 Fax: 01344 853221 Email: system.solutions@eu.panasonic.com Web: www.panasonic.co.uk/cctv

BUSINESS CONTINUITY MANAGEMENT

CONTINUITY FORUM Creating Continuity ....... Building Resilience A not-for-profit organisation providing help and support Tel: +44(0)208 993 1599 Fax: +44(0)1886 833845 Email: membership@continuityforum.org Web: www.continuityforum.org

COMMUNICATIONS & TRANSMISSION EQUIPMENT

KBC NETWORKS LTD. Barham Court, Teston, Maidstone, Kent ME18 5BZ www.kbcnetworks.com Phone: 01622 618787 Fax: 020 7100 8147 Email: emeasales@kbcnetworks.com

PHYSICAL IT SECURITY

RITTAL LTD

DIGITAL IP CCTV

Tel: 020 8344 4716 Email: information@rittal.co.uk www.rittal.co.uk

SESYS LTD High resolution ATEX certified cameras, rapid deployment cameras and fixed IP CCTV surveillance solutions available with wired or wireless communications.

1 Rotherbrook Court, Bedford Road, Petersfield, Hampshire, GU32 3QG Tel +44 (0) 1730 230530 Fax +44 (0) 1730 262333 Email: info@sesys.co.uk www.sesys.co.uk

INFRA-RED, WHITE-LIGHT AND NETWORK CCTV LIGHTING

RAYTEC

TO ADVERTISE HERE CONTACT: Paul Amura Tel: 020 8295 8307 Email: paul.amura@proactivpubs.co.uk

Unit 3 Wansbeck Business Park, Rotary Parkway, Ashington, Northumberland. NE638QW Tel: 01670 520 055 Email: sales@rayteccctv.com Web: www.rayteccctv.com

CCTV SPECIALISTS

PLETTAC SECURITY LTD Unit 39 Sir Frank Whittle Business Centre, Great Central Way, Rugby, Warwickshire CV21 3XH Tel: 0844 800 1725 Fax: 01788 544 549 Email: sales@plettac.co.uk www.plettac.co.uk

www.insight-security.com Tel: +44 (0)1273 475500

apr15 dir_000_RiskUK_jan14 12/05/2015 14:31 Page 3

TRADE ONLY CCTV MANUFACTURER AND DISTRIBUTOR

COP SECURITY Leading European Supplier of CCTV equipment all backed up by an industry leading service and support package called Advantage Plus. COP Security, a division of Weststone Ltd, has been designing, manufacturing and distributing CCTV products for over 17 years. COP Security is the sole UK distributor for IRLAB products and the highly successful Inspire DVR range. More than just a distributor.

TO ADVERTISE HERE CONTACT: Paul Amura Tel: 020 8295 8307 Email: paul.amura@proactivpubs.co.uk

COP Security, Delph New Road, Dobcross, OL3 5BG Tel: +44 (0) 1457 874 999 Fax: +44 (0) 1457 829 201 sales@cop-eu.com www.cop-eu.com

WHY MAYFLEX? ALL TOGETHER. PRODUCTS, PARTNERS, PEOPLE, SERVICE – MAYFLEX BRINGS IT ALL TOGETHER.

MAYFLEX Excel House, Junction Six Industrial Park, Electric Avenue, Birmingham B6 7JJ

Tel: 0800 881 5199 Email: securitysales@mayflex.com Web: www.mayflex.com

CCTV & IP SOLUTIONS, POS & CASH REGISTER INTERFACE, EPOS FRAUD DETECTION

AMERICAN VIDEO EQUIPMENT Endeavour House, Coopers End Road, Stansted, Essex CM24 1SJ Tel : +44 (0)845 600 9323 Fax : +44 (0)845 600 9363 E-mail: avesales@ave-uk.com

CONTROL ROOM & MONITORING SERVICES

THE UK’S MOST SUCCESSFUL DISTRIBUTOR OF IP, CCTV, ACCESS CONTROL AND INTRUDER DETECTION SOLUTIONS

NORBAIN SD LTD ADVANCED MONITORING SERVICES

EUROTECH MONITORING SERVICES LTD.

Specialist in:- Outsourced Control Room Facilities • Lone Worker Monitoring • Vehicle Tracking • Message Handling • Help Desk Facilities • Keyholding/Alarm Response Tel: 0208 889 0475 Fax: 0208 889 6679 E-MAIL eurotech@eurotechmonitoring.net Web: www.eurotechmonitoring.net

DISTRIBUTORS

210 Wharfedale Road, IQ Winnersh, Wokingham, Berkshire, RG41 5TP Tel: 0118 912 5000 Fax: 0118 912 5001 www.norbain.com Email: info@norbain.com

EMPLOYMENT

FIRE AND SECURITY INDUSTRY RECRUITMENT

SECURITY VACANCIES www.securityvacancies.com Telephone: 01420 525260

EMPLOYEE SCREENING SERVICES

THE SECURITY WATCHDOG Cross and Pillory House, Cross and Pillory Lane, Alton, Hampshire, GU34 1HL, United Kingdom www.securitywatchdog.org.uk Telephone: 01420593830

sales@onlinesecurityproducts.co.uk www.onlinesecurityproducts.co.uk

IDENTIFICATION

ADI ARE A LEADING GLOBAL DISTRIBUTOR OF SECURITY PRODUCTS OFFERING COMPLETE SOLUTIONS FOR ANY INSTALLATION.

ADI GLOBAL DISTRIBUTION Chatsworth House, Hollins Brook Park, Roach Bank Road, Bury BL9 8RN Tel: 0161 767 2900 Fax: 0161 767 2909 Email: info@adiglobal.com

www.insight-security.com Tel: +44 (0)1273 475500

apr15 dir_000_RiskUK_jan14 12/05/2015 14:32 Page 4

COMPLETE SOLUTIONS FOR IDENTIFICATION

PERIMETER PROTECTION

DATABAC GROUP LIMITED

GPS PERIMETER SYSTEMS LTD

1 The Ashway Centre, Elm Crescent, Kingston upon Thames, Surrey KT2 6HH Tel: +44 (0)20 8546 9826 Fax:+44 (0)20 8547 1026 enquiries@databac.com

14 Low Farm Place, Moulton Park Northampton, NN3 6HY UK Tel: +44(0)1604 648344 Fax: +44(0)1604 646097 E-mail: info@gpsperimeter.co.uk Web site: www.gpsperimeter.co.uk

INDUSTRY ORGANISATIONS

POWER TRADE ASSOCIATION FOR THE PRIVATE SECURITY INDUSTRY

BRITISH SECURITY INDUSTRY ASSOCIATION Tel: 0845 389 3889 Email: info@bsia.co.uk Website: www.bsia.co.uk

POWER SUPPLIES – DC SWITCH MODE AND AC

DYCON LTD

THE LEADING CERTIFICATION BODY FOR THE SECURITY INDUSTRY

Cwm Cynon Business Park, Mountain Ash, CF45 4ER Tel: 01443 471 060 Fax: 01443 479 374 Email: marketing@dyconsecurity.com www.dyconsecurity.com The Power to Control; the Power to Communicate

SSAIB 7-11 Earsdon Road, West Monkseaton Whitley Bay, Tyne & Wear NE25 9SX Tel: 0191 2963242 Web: www.ssaib.org

STANDBY POWER

UPS SYSTEMS PLC

INTEGRATED SECURITY SOLUTIONS

Herongate, Hungerford, Berkshire RG17 0YU Tel: 01488 680500 sales@upssystems.co.uk www.upssystems.co.uk

SECURITY PRODUCTS AND INTEGRATED SOLUTIONS

HONEYWELL SECURITY GROUP Honeywell Security Group provides innovative intrusion detection, video surveillance and access control products and solutions that monitor and protect millions of facilities, offices and homes worldwide. Honeywell integrates the latest in IP and digital technology with traditional analogue components enabling users to better control operational costs and maximise existing investments in security and surveillance equipment. Honeywell – your partner of choice in security. Tel: +44 (0) 844 8000 235 E-mail: securitysales@honeywell.com Web: www.honeywell.com/security/uk

INTEGRATED SECURITY SOLUTIONS

INNER RANGE EUROPE LTD Units 10 - 11, Theale Lakes Business Park, Moulden Way, Sulhampstead, Reading, Berkshire RG74GB, United Kingdom Tel: +44(0) 845 470 5000 Fax: +44(0) 845 470 5001 Email: ireurope@innerrange.co.uk www.innerrange.com

UPS - UNINTERRUPTIBLE POWER SUPPLIES

ADEPT POWER SOLUTIONS LTD Adept House, 65 South Way, Walworth Business Park Andover, Hants SP10 5AF Tel: 01264 351415 Fax: 01264 351217 Web: www.adeptpower.co.uk E-mail: sales@adeptpower.co.uk

UPS - UNINTERRUPTIBLE POWER SUPPLIES

UNINTERRUPTIBLE POWER SUPPLIES LTD Woodgate, Bartley Wood Business Park Hook, Hampshire RG27 9XA Tel: 01256 386700 5152 e-mail: sales@upspower.co.uk www.upspower.co.uk

SECURITY PRODUCTS AND INTEGRATED SOLUTIONS

TYCO SECURITY PRODUCTS Heathrow Boulevard 3, 282 Bath Road, Sipson, West Drayton. UB7 0DQ / UK Tel: +44 (0)20 8750 5660 www.tycosecurityproducts.com

TO ADVERTISE HERE CONTACT: PERIMETER PROTECTION ADVANCED PRESENCE DETECTION AND SECURITY LIGHTING SYSTEMS

Paul Amura Tel: 020 8295 8307 Email: paul.amura@proactivpubs.co.uk

GJD MANUFACTURING LTD Unit 2 Birch Business Park, Whittle Lane, Heywood, OL10 2SX Tel: + 44 (0) 1706 363998 Fax: + 44 (0) 1706 363991 Email: info@gjd.co.uk www.gjd.co.uk

www.insight-security.com Tel: +44 (0)1273 475500

apr15 dir_000_RiskUK_jan14 12/05/2015 14:32 Page 5

SECURITY

INTRUDER ALARMS – DUAL SIGNALLING

WEBWAYONE LTD CASH & VALUABLES IN TRANSIT

CONTRACT SECURITY SERVICES LTD Challenger House, 125 Gunnersbury Lane, London W3 8LH Tel: 020 8752 0160 Fax: 020 8992 9536 E: info@contractsecurity.co.uk E: sales@contractsecurity.co.uk Web: www.contractsecurity.co.uk

QUALITY SECURITY AND SUPPORT SERVICES

CONSTANT SECURITY SERVICES Cliff Street, Rotherham, South Yorkshire S64 9HU Tel: 0845 330 4400 Email: contact@constant-services.com www.constant-services.com

PHYSICAL CONTROL PRODUCTS, ESP. ANTI-CLIMB

INSIGHT SECURITY Unit 2, Cliffe Industrial Estate Lewes, East Sussex BN8 6JL Tel: 01273 475500 Email:info@insight-security.com www.insight-security.com

11 Kingfisher Court, Hambridge Road, Newbury Berkshire, RG14 5SJ Tel: 01635 231500 Email: sales@webwayone.co.uk www.webwayone.co.uk www.twitter.com/webwayoneltd www.linkedin.com/company/webwayone

LIFE SAFETY EQUIPMENT

C-TEC Challenge Way, Martland Park, Wigan WN5 OLD United Kingdom Tel: +44 (0) 1942 322744 Fax: +44 (0) 1942 829867 Website: http://www.c-tec.co.uk

PERIMETER SECURITY

TAKEX EUROPE LTD

Aviary Court, Wade Road, Basingstoke Hampshire RG24 8PE Tel: +44 (0) 1256 475555 Fax: +44 (0) 1256 466268 Email: sales@takex.com Web: www.takex.com

FENCING SPECIALISTS

J B CORRIE & CO LTD Frenchmans Road Petersfield, Hampshire GU32 3AP Tel: 01730 237100 Fax: 01730 264915 email: fencing@jbcorrie.co.uk

INTRUSION DETECTION AND PERIMETER PROTECTION

SECURITY EQUIPMENT

PYRONIX LIMITED Secure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QY. Tel: +44 (0) 1709 700 100 Fax: +44 (0) 1709 701 042 www.facebook.com/Pyronix www.linkedin.com/company/pyronix www.twitter.com/pyronix

OPTEX (EUROPE) LTD Redwall® infrared and laser detectors for CCTV applications and Fiber SenSys® fibre optic perimeter security solutions are owned by Optex. Platinum House, Unit 32B Clivemont Road, Cordwallis Industrial Estate, Maidenhead, Berkshire, SL6 7BZ Tel: +44 (0) 1628 631000 Fax: +44 (0) 1628 636311 Email: sales@optex-europe.com www.optex-europe.com

SECURITY SYSTEMS

BOSCH SECURITY SYSTEMS LTD

CQR SECURITY

PO Box 750, Uxbridge, Middlesex UB9 5ZJ Tel: 01895 878088 Fax: 01895 878089 E-mail: uk.securitysystems@bosch.com Web: www.boschsecurity.co.uk

125 Pasture road, Moreton, Wirral UK CH46 4 TH Tel: 0151 606 1000 Fax: 0151 606 1122 Email: andyw@cqr.co.uk www.cqr.co.uk

SECURITY EQUIPMENT

INTRUDER AND FIRE PRODUCTS

CASTLE INTRUDER ALARMS – DUAL SIGNALLING

CSL DUALCOM LTD Salamander Quay West, Park Lane Harefield , Middlesex UB9 6NZ T: +44 (0)1895 474 474 F: +44 (0)1895 474 440 www.csldual.com

Secure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QY TEL +44 (0) 1709 700 100 FAX +44 (0) 1709 701 042 www.facebook.com/castlesecurity www.linkedin.com/company/castlesecurity

www.twitter.com/castlesecurity

SECURITY SYSTEMS INTRUDER ALARMS AND SECURITY MANAGEMENT SOLUTIONS

VICON INDUSTRIES LTD.

RISCO GROUP

Brunel Way, Fareham Hampshire, PO15 5TX United Kingdom www.vicon.com

Commerce House, Whitbrook Way, Stakehill Distribution Park, Middleton, Manchester, M24 2SS Tel: 0161 655 5500 Fax: 0161 655 5501 Email: sales@riscogroup.co.uk Web: www.riscogroup.com/uk

ONLINE SECURITY SUPERMARKET

EBUYELECTRICAL.COM Lincoln House, Malcolm Street Derby DE23 8LT Tel: 0871 208 1187 www.ebuyelectrical.com

TO ADVERTISE HERE CONTACT: Paul Amura Tel: 020 8295 8307 Email: paul.amura@proactivpubs.co.uk

www.insight-security.com Tel: +44 (0)1273 475500

Project1_Layout 1 02/06/2015 13:39 Page 1

Introducing the future of perimeter protection from Hill & Smith

Bristorm Zero is the latest High Performance Anti Ram crash rated security fence from Hill & Smith Ltd. Its fully tested and rated to ASTM F2656-07 M50 P1 and offers Zero penetration by the attacking vehicle. Designed, developed and manufactured in the UK its quality and high performance can be relied upon to protect your valuable site and asset.

For more information please visit www.bristormzero.com or call 01902 499400 and speak to a member of our sales team

New Rope mounting bracket technology

Zero penetration

No tensioning requirements â&#x20AC;&#x201C; Ideal for extreme temperature environments

ASTM F2656-07 M50 P1 tested and rated

Scan for more information or visit

www.bristormzero.com

Tested in soft ground

Simple installation, allowing for installation worldwide

The total solution in barrier systems