www.counterterrorbusiness.com | ISSUE 45
TERROR THREAT
TECHNOLOGY
BREXIT
EXTREMISM
RIGHT WING TERROR
Comparing the rise of the far right in the United States and Europe
PHYSICAL SECURITY
SECURED BY DESIGN
The importance of improving the physical security of buildings
DESIGNERS, MANUFACTURERS AND INSTALLERS OF AWARD WINNING PERIMETER SECURITY PRODUCTS
@healduk
Heald Ltd
Heald Ltd
HealdLtd
www.heald.uk.com +44 (0)1964 535858 info@heald.uk.com Heald Ltd, Northfield, Atwick Road, Hornsea, United Kingdom, HU18 1EL
COMMENT
COUNTER TERROR BUSINESS 5
www.counterterrorbusiness.com | ISSUE 45
TERROR THREAT
TECHNOLOGY
BREXIT
EXTREMISM
RIGHT WING TERROR Comparing the rise of the far right in the United States and Europe
PHYSICAL SECURITY
SECURED BY DESIGN
The importance of improving the physical security of buildings
Follow and interact with us on Twitter:
@CTBNews
2021: A NEW YEAR, BUT THE SAME PROBLEMS The start of 2020 may seem a little quiet with most parts of the western world in various stages of coronavirus-fuelled lockdown, but that is not to say it has not been without incident. Most noticeably in Washington, D.C, where a mob of supporters of outgoing President Donald Trump attempted to overturn his defeat in the 2020 presidential election by storming of the United States Capitol. Much was made of Trump’s decision to rile those involved, before labelling them ‘very special’, but more importantly it raises questions overs the issue of domestic terrorism in the US. Dozens of people present at the riot were later found to be listed in the FBI’s Terrorist Screening Database, most as suspected white supremacists. New President Joe Biden has been quick to overturn many of his predecessors policies on climate, but how he handles the fallout of the insurrection, and the discontent behind it, remains to be seen. Closer to home, the Manchester Arena inquiry continues with the response and coordination of the emergency responders under review. The inquiry has not been easy for any involved, but there is no denying that it has highlighted the need for Martyn’s Law to pass through Parliament sooner rather than later. Michael Lyons, editor
ONLINE // MOBILE // FACE TO FACE To register for your FREE Digital Subscription of Counter Terror Business, go to: www.counterterrorbusiness.com/digital-subscription or contact Public Sector Information, 226 High Road, Loughton, Essex IG10 1ET. Tel: 020 8532 0055
www.counterterrorbusiness.com PUBLISHED BY PUBLIC SECTOR INFORMATION LIMITED
226 High Rd, Loughton, Essex IG10 1ET. Tel: 020 8532 0055 Web: www.psi-media.co.uk EDITOR Michael Lyons PRODUCTION MANAGER & DESIGNER Dan Kanolik PRODUCTION CONTROL Lucy Maynard WEB PRODUCTION & ADMINISTRATION Victoria Casey PUBLISHER Jake Deadman
Counter Terror Business would like to thank the following organisations for their support:
© 2021 Public Sector Information Limited. No part of this publication can be reproduced, stored in a retrieval system or transmitted in any form or by any other means (electronic, mechanical, photocopying, recording or otherwise) without the prior written permission of the publisher. Whilst every care has been taken to ensure the accuracy of the editorial content the publisher cannot be held responsible for errors or omissions. The views expressed are not necessarily those of the publisher. ISSN 2399-4533
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
3
WORLDWIDE WORLD CLASS PROTECTION The Westminster Group Plc is a trusted global brand delivering strategic security solutions, managed services and best in class equipment to keep people safe, secure assets and maximise prosperity in high growth and emerging markets around the world. The Westminster Group operates in over 50 countries, serving blue chip clients, governments and infrastructure - providing training, consultation and support in threat and risk management as well as the provision of skilled manpower and specialist equipment.
www.wg-plc.com enquiries@wg-plc.com +44 1295 756300
KEEPING PEOPLE SAFE
Westminster Group PLC, Westminster House, Blacklocks Hill, Banbury, Oxfordshire OX17 2BS
CONTENTS
CONTENTS CTB 45 07 NEWS CTB365 event to look at radicalisation behind bars; Government must learn from 5G security risks; ‘Break momentum’ of terror attacks, ex PM May told police; and Bioterrorism reinsurance conference to be held in March
13 BREXIT There is now a Brexit agreement, but much of the security aspects of the paper are unclear. So, with what we now know, how will Brexit impact on the UK’s ability to counter terrorism?
18 EXTREMISM Historically, there has been little overlap between patterns of right-wing terror in Europe and the United States. Given recent events at the US Capitol, the Counter Extremism Project compares the issue across the continents
Supported by:
22 TERROR THREAT Continued threats to the global order, the likelihood of states testing the resolve of the new US administration, and increasingly polarised populations are all factors that will dominate 2021. Here, Justin Crump explores more
24 PHYSICAL SECURITY Alfie Hosker, Technical Manager with Secured by Design, explains the increasing importance of improving the physical security of buildings and incorporating counter terrorism measures into the layout and landscaping of developments
28 TRANSPORT SECURITY In December 2020, British Transport Police celebrated the fifth anniversary of Project Servator deployments across the rail network. This feature looks at how successful the deployments have been
30 SECURITY & POLICING Security & Policing will be held online this year between 9-11 March 2021, offering a world-class opportunity to meet, network and discuss the latest advances in delivering national security and resilience
32 CYBER SECURITY CTB has again caught up with Roderick Jones, executive chairman at Concentric Advisors and former member of Scotland Yard’s Special Branch, to discuss all things cyber security, coronavirus and the recent US Election
34 TECHNOLOGY Over the past four years, Tech Against Terrorism has found evidence of terrorists uploading terrorist material to more than 350 different platforms. The organisation explore the increasing use of the internet by terrorist groups
38 CYBER CRIME With 2021 already a month in, we need to think about the new year and make cyber security predictions to stay ahead of relentless cyber criminals. Stephen Burke shares his cyber crime learnings and predictions for 2021
@CTBNews
Counter Terror Business magazine // www.counterterrorbusiness.com ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
5
CTB NEWS CTB365
CTB365 event to look at radicalisation behind bars
The UK’s pandemic lockdown over the past year has had us all addressing our own work and personal issues, but what is its influence on our country’s prisoners, and notably, what is the ongoing effects on their radicalisation and switch to terrorist activity? Through our CTB365 online event on 25 February, along with key experts from across the counter terror sector and thought leaders in the fields of deradicalisation and offender
management, we drill down into the role that prisons can play in radicalising people – and in reforming them. Speakers will set the scene for you, update on emerging innovations and assess what needs to be done now to prevent threats. The pandemic may have limited available opportunities for prisoners to mix with one another, but this no doubt paves a new direction that should be taken to combat and – at the very least – amend strategies.
Also, because of our partnership with the Security Institute, all CTB365 events are CPD-Accredited – meaning that you will earn double CPD points for attending! Please register for this influential gathering of radicalisation experts, online, to further your knowledge and to engage with the leaders in the field.
CLICK TO READ MORE
5G
PRISON
Government must learn from 5G security risks
£70m for prison leavers to prevent reoffending
The Commons Science and Technology Committee has published a report highlighting the dependency of the UK’s 5G rollout on just two vendors, posing risks to network resilience and security. After years of telecommunication market consolidation and the recent decision to exclude Huawei, the UK is reliant on just two equipment vendors. MPs say that the government’s 5G supply chain diversification strategy has come too late to prevent this, and will—by its own admission— take years to achieve any success. In order to avoid similar situations arising in other technologies, the House of Commons Science and Technology Select Committee says that the government must act to urgently assess its potential dependence on suppliers of emerging technologies. The report warns against repeating mistakes as new and important technologies evolve. MPs call on the government to publish a new assessment of the risks of global technological divergence of standards—and the UK’s
action plan—within 12 months. The recommended White Paper should identify critical emerging technologies and associated risks of dependency on high risk vendors, and lay out the government’s proposed response, including consideration of domestic capability and international co-operation, research and supply chain security, and fair, transparent standards setting. Greg Clark, who chairs the committee, said: “A lack of strategic foresight in 5G has seen the UK become dependent on only two vendors for a crucial technology. We must learn from this experience to avoid making our economy and security vulnerable from a lack of acceptable alternatives in emerging technologies. AI and quantum technologies are just two examples of fields of development which can greatly advance the prospects for our economy and society, but can pose potential threats.”
CLICK TO READ MORE
Homeless prison leavers will be temporarily housed in basic hostels to reduce the risk of them reoffending, backed by £70 million of new investment. Analysis suggests that offenders are 50 per cent more likely to break the law again if released without somewhere to stay. Prisons and Probation Minister Lucy Frazer has announced that more than £20 million will be invested in supporting prison leavers at risk of homelessness into temporary basic accommodation for up to 12 weeks, giving them the foundation for a crime-free life. Launching in five of the 12 National Probation Service regions, it will support around 3,000 offenders in its first year. While there, offenders will get help to find a permanent home so there is less reason for them to turn back to crime. At least £23 million of funding will go towards the Government’s plans to build 200 new spaces in Approved Premises (APs), formerly known as bail hostels, which allow probation staff to closely monitor and support the highestrisk offenders in the community. The expansion is expected to see an extra 1,700 prison leavers receive closer supervision each year, boosting public safety.
CLICK TO READ MORE
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
7
ADVERTISEMENT FEATURE
The Hottest Tactical & EDC Products for the Counter Terror and Security Sector
E
Streamlight® Inc., a leading provider of high-performance lighting devices, offers a range of high-quality products built with precision and performance, especially for law enforcement, fire & rescue and the military. Most important, Streamlight understands that when your life is on the line, you need to count on your flashlight to perform every time. Streamlight continues to develop new tactical flashlights that you can trust, and approach new ideas, innovations and the ‘Brilliant Thinking®’ that sets Streamlight apart. Compact, Rechargeable, High-Performance EDC Flashlight New for 2021, the Wedge™ is a new compact USB-C rechargeable waterproof EDC (everyday carry) flashlight that is ergonomically designed for clean pocket carry and to comfortably fit in your hand. Featuring two lighting modes, it’s outfitted with an intuitive rotating thumb switch to provide tactile control over the Constant-On and THRO™ (Temporarily Heightened Regulated Output) mode for maximum brightness. With a 3-hour run time and delivering 1,000 lumens on momentary THRO™ mode, this rugged anodised aluminium flashlight is a durable product that performs. Make The Brightest Decision with the Stinger® 2020 From clearing a room to searching for evidence, the Stinger® 2020 revolutionises the idea of a rechargeable, super-bright duty flashlight for police, military and other first responders.
Delivering 2,000 lumens and up to a 24-hour run time, the Stinger® 2020 features an anti-roll body design, non-slip side panels and an ergonomic shape for perfect grip. It also features dual power switches and an intuitive mode selector slide switch allow for flexibility in lighting intensity and run time. Ultra-Compact that Packs a Punch In addition to EDC flashlights, Streamlight is introducing the TLR-7® sub, a 500 lumen compact rail-mounted tactical light designed for a broad range of sub-compact railed handguns. Like the original TLR-7®, it is designed to maximise visibility and targeting capability in a variety of tactical applications. Featuring an ambidextrous on/ off rear switch, the TLR-® 7 Sub also includes a safe off feature, locking it so it cannot be turned on accidentally. Integrated Laser Features Streamlight also has updated the TLR® RM 1 and the TLR® RM 2, compact rail-mounted tactical lighting systems for long guns with an integrated red laser and two independent switches in one: push-button tail switch and remote pressure switch. The TLR® RM 1 offers 500 lumens and the TLR® RM 2 provides 1,000 lumens. The sheer power and beam range of these models, along with their solid peripheral coverage and switch options, provide the security of knowing you’ll always have light in tactical and other applications.
www.streamlight.com I facebook.com/streamlightUK I twitter.com/StreamlightUK I instagram.com/streamlight_europe
CTB NEWS MANCHESTER ARENA
‘Break momentum’ of terror attacks, ex PM May told police which included 3,000 MI5 subjects of interest and 600 live operations. It also included increased efforts to ‘further disrupt and destabilise the activities of members of proscribed terrorist organisations, particularly al-Muhajiroun’. Al-Muhajiroun was linked to Khuram Butt, the leader of the 2017 London Bridge attack; Khalid Masood, the Westminster attacker; and numerous other terrorists and plotters in Britain. Salman Abedi, the Manchester Arena bomber, was not associated with the group but had links to foreign fighters and terrorist prisoners, and had voiced support for Isis before the attack. Basu also gave evidence on the response by counter-terrorism police and senior officers on the night of the Manchester attack, of whom he said ‘did an exceptional job in horrific circumstances’.
Assistant Commissioner Neil Basu has told the public inquiry into the Manchester Arena attack that Theresa May told police and MI5 to ‘break the momentum’ of terror attacks in Britain following the bombing. Basu, who is now the head of UK counter-terrorism policing but was the senior national coordinator for counterterrorism at the time, recalled the then Prime Minister’s direction for the inquiry,
which is looking into the May 2017 incident which killed 22 victims. The Manchester Arena attack was the second terror attack to strike Britain in 2017 and was followed by two other fatal attacks within a month - including at London Bridge. In his evidence Basu said that a ‘surge of activity’ was triggered as police attempted to crack down on terrorist activity, with assets focused on pursuing known threats,
MANCHESTER ARENA
MANCHESTER ARENA
Showsec errors ‘did not contribute to bombing’
‘Acute and pressing’ need for Martyn’s Law
Showsec’s barrister Jonathan Laidlaw QC has told the inquiry into the Manchester Arena bombing that although security errors were made at the venue before it was attacked, they had not contributed to the bombing. Laidlaw told a hearing the security firm had fallen short in some areas at the venue but had not been ‘complacent’, going on to say that there was ‘little doubt’ the bomb would have been detonated even with security intervention. The hearing has previously been told two Showsec stewards, Mohammed Agha and Kyle Lawler, were made aware of attacker Salmab Abedi’s suspicious behaviour in the minutes before the explosion but failed to report it to a supervisor or the control room. Laidlaw said if there were failures on the part of those stewards, ‘this cannot be attributed to a lack of appropriate training’. Abedi went on to detonate a homemade device in the arena’s City Room foyer as fans left an Ariana Grande concert on 22 May 2017, killing 22 people and injuring hundreds more. Earlier in the hearing, Richard Horwell QC, representing Greater Manchester Police (GMP), accused arena operators SMG of not spending enough time or attention on security measures before the terror attack.
CLICK TO READ MORE
A barrister representing the relatives of the Manchester Arena victims has told the public inquiry into the attack that there was an ‘acute and pressing’ need for Martyn’s Law amid the continued terror threat in Britain. Figen Murray, the mother of victim Martyn Hett, has been campaigning for legislation in his name that would require measures potentially including bag searches and scanners. Families of the victims killed in the Manchester Arena bombing have called for the government to stop ‘dithering’ over the issue and guarantee minimum security protections at venues. John Cooper QC said evidence on
CLICK TO READ MORE
security on the night of the May 2017 bombing ‘served to tragically demonstrate that the current security regulatory regime has created an environment in which the UK’s biggest entertainment venue operators and security providers can fall far short of the standards of the time, with devastating results’. Writing on Twitter, Figen Murray said that Martyn’s Law ‘has to happen sooner rather than later’ and said that they represent ‘a very common sense set of measures which quite frankly should exist’.
CLICK TO READ MORE
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
9
CTB NEWS BIOTERRORISM
Bioterrorism reinsurance conference to be held in March
Terrorism reinsurer Pool Re has announced the launch of its inaugural BioTerrorism Livestream Conference, to be held on 24-25 March 2021. The livestream event will be the
first bioterrorism (re)insurance conference in the industry, examining the threats posed by the malicious use of biological pathogens from the perspectives of policymakers, scientists, counter terrorism specialists, and (re)insurance experts. Pool Re and the Biosecurity Research Initiative team at the University of Cambridge will be co-hosting the two day virtual conference, which will explore the likelihood of the emerging threats from bioterrorism and the lessons that can be learnt from the coronavirus pandemic. A panel of experts will also share their experience and responses to the potential challenges of bioterrorism and the risk planning for organisations
and the overall reinsurance community. Keynote speakers include: former Chancellor of the Exchequer Alistair Darling; Amber Rudd, former Home Secretary and Secretary of State for Work and Pensions, Minister for Women and Equalities); Lord Mark Sedwill, a former National Security Advisor and Cabinet Secretary; Lord Des Browne, former Defence Secretary and visiting Researcher at the Centre for the Study of Existential Risk at Cambridge University; Karin Von Hippel, Director General of the Royal United Services Institute; and Julian Enoizi, CEO of Pool Re.
CLICK TO READ MORE
FACIAL RECOGNITION
BSIA launches industry-first ethical AFR framework The British Security Industry Association’s video surveillance section has launched an ethical and legal use guide for Automated Facial Recognition (AFR). The guide is the first of its kind, following recommendations on responsible use of Artificial Intelligence (AI) by the Organisation for Economic Co-operation and Development (OECD), and encompasses useful terms and abbreviations, ethical uses, and more.
The guide has a specific focus on distinctive application types verification (is it you?) and identification (who is it?). Both industry experts and the general public should be able to understand the framework as it is aimed at all levels, whilst matching key messaging with that of the UK Government’s Surveillance Camera Commissioner. The guide showcases a precise picture of how AFR works and is designed to remind users of what to consider
before adding a facial recognition solution to their security system. Automated Facial Recognition: A Guide to ethical and legal use will be available from today to download on the BSIA website and the working group looks to further develop this guidance document into a Code of Practice or British Standard.
CLICK TO READ MORE
EXTREMISM
Digital conference launched on ‘tackling hateful extremism’ A new digital conference is taking place Monday 8 February 2021 which will explore a whole-society approach to combating hateful extremism. Hate crime figures are at record levels, with more than 105,000 incidents recorded in England and Wales in 2019-20, an increase of eight per cent on the previous year. The ‘Tackling Hateful Extremism Digital Conference’ will bring together expert speakers and practitioners working with those vulnerable to radicalisation and the victims of hate incidents, to explore a whole-society approach to combating hateful extremism. Expert Speakers include Dr Keith Spiller, Senior Lecturer in Criminology, Birmingham City University; Sara Khan, Commissioner for Countering Extremism, Home Office, and
Chief Superintendent Nik Adams, National Co-ordinator for Prevent, Counter Terrorism Policing. There will be an update from the Commission for Countering Extremism on the review of legislation relevant to hateful extremism, as well as a look at how hateful extremists are exploiting the pandemic. There will be perspectives from police and community leaders on
how to build trust and strengthen community resilience to extremist narratives, and innovative interventions to counter hateful extremism online and offline. There will also be a look at young people at risk and preventing radicalisation, giving practical advice for parents, teachers and youth groups.
CLICK TO READ MORE
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
11
ADVERTISEMENT FEATURE
TM
Secondary Glazing
Selectaglaze, UK manufacturer of Security Secondary Glazing; Protecting our heritage buildings
E
Selectaglaze was founded in 1966 and granted a Royal Warrant in 2004. It is a family run company based in St Albans which has earned an enviable reputation for designing, manufacturing and delivering high quality security secondary glazing to the built environment across the UK. The British made bespoke security units provide enhanced protection to a single vulnerable window or to a complete building. Windows have traditionally been seen as “soft targets� for physical attack and points of entry for intruders and have provided little defence against bomb blast. The strengthened window designs and flexibility that formed aluminium provides, along with secure locks and specialist glass, has enabled Selectaglaze to gain performance certification for physical entry, blast mitigation and ballistic attack. Secondary glazing for physical attack provides a second barrier to entry. Units have been tested by 3rd party organisations to prove their integrity, as can be seen in the video. The window: glass and frame are repeatedly attacked using a variety of tools. The levels
of accredited security are assessed as to what the unit can withstand, during certain periods of time. Lower level security includes units which are accredited to PAS24:2016 and Secured by Design which use secure locking systems. For higher levels of security, LPS1175 SR1, SR2 and SR3, they not only have secure locks, but more robust frames and sophisticated combinations of glass and polycarbonate. These secondary glazing systems can be an aesthetic alternative to unsightly bars and grilles. For buildings deemed at high risk and exceptionally vulnerable, Selectaglaze has developed a range of products which have been tested for blast mitigation against ISO 16933, achieving rating levels of EXV45 – EXV19. Fixings, frame, locks and glass are all designed to work in harmony deflecting and yielding to absorb the blast wave. Over the last 50 years, a vast range of products has been developed to suit a wide variety of applications to improve the thermal performance, acoustic insulation and security in Listed and heritage buildings, as well as new-build. Please contact or visit the website for free technical advice or to book a RIBA approved seminar on security secondary glazing.
www.selectaglaze.co.uk I 01727 837271 I enquiries@selectaglaze.co.uk
BREXIT
HOW WILL BREXIT IMPACT ON THE UK’S ABILITY TO COUNTER TERRORISM? O ne of the things that the UK and the EU can agree on is that counter terrorism (CT) cooperation must continue beyond the Brexit transition period. This includes protecting CT capabilities, such as mechanisms for rapid and secure data exchange; practical measures to support cross-border operational cooperation; and UK cooperation with EU law enforcement, intelligence and criminal justice agencies. Yet, time is running out, and the UK is now unlikely to secure a bespoke Internal Security Treaty, providing permanent access to most (if not all) EU information systems. This was always ambitious, given the lack of legal basis or precedent and the UK’s refusal to adhere to the Court of Justice of the European Union (CJEU). Instead, the scenario that the UK will crash out of the EU, losing access to all information systems and databases established on the basis of EU law is more likely. Even if the UK manages to negotiate a deal, this will likely be more restrictive than that awarded to Schengen Area
associated states, representing a major loss of capability. The UK will attempt, and may to some extent succeed, in building parallel structures and workarounds. However, the end result is likely to involve more friction and reduced levels of cooperation. The impact on the UK’s terrorist threat picture is, however, likely to be minimal.
WORST-CASE SCENARIO: ‘NO DEAL’ BREXIT Law enforcement and intelligence agencies in Europe see terrorism primarily through a national lens. Even in the worstcase scenario, relationships between the UK’s security and intelligence services and their counterparts in EU countries will continue to operate on the basis of direct contact between national agencies. The UK will also continue to be a member of the Counter Terrorism Group (CTG), which facilitates CT cooperation across 30 European Intelligence and Security services. The CTG has the capability to undertake CT operations globally and provides valuable proactive and sometimes E
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
13
D
E
S
I
G
N
I
M A
N
U
F A
C T
U
R
E
I
I
N
S T A
L
THE RIGHT DECISION COMES WITH A 25-YEAR-GUARANTEE A Jacksons perimeter fence offers no-nonsense security with a 25-year-guarantee. No umming, no ahhing, just decisive protection that keeps what matters to you safe.
Call 0800 408 4766 or visit www.jacksons-security.co.uk
L
BREXIT
pre-emptive threat intelligence that would otherwise be unavailable. In any case, the UK’s most significant and successful international CT collaboration is the Five Eyes community, principally the United States, but also Australia, Canada and New Zealand. Those and other extra-European connections will remain unaltered by Brexit. This does not fully protect the UK against the loss of access to law enforcement and criminal justice tools resulting from a nodeal Brexit. In this scenario, the UK would see its access to EU capabilities fall below that of other third countries such as the US, Canada and Australia. This potentially exposes the UK to risks in three key areas: 1) identifying terrorists; 2) tracking their travel; and 3) extradition of terrorists to the UK.
1. IDENTIFYING TERRORISTS Even in the event of a deal, the UK will lose membership of Europol – the EU’s law enforcement agency. A hard Brexit would mean losing access to the Europol Information System (EIS), a database containing information on more than 86,000 suspected criminals and terrorists. UK investigators would no longer be able directly to check whether information on a potential terrorist suspect existed in any other member states’ systems. The UK would also be unable to exchange sensitive and restricted data through the Europol Secure Information Exchange Network Application (SIENA). This would be compounded by the loss of access to the European Criminal Records Information System (ECRIS), which enables rapid exchange of information on criminal records
and convictions, including terrorist information, across EU member states. This could cause delays in the retrieval of time sensitive intelligence that is paramount in the wake of a terrorist attack. 2. TRACKING TERRORISTS’ TRAVEL A no-deal scenario would mean the UK would be denied participation in the Schengen Information System II (SIS II), losing real-time information on persons of interest, objects and vehicles travelling to the UK. The UK would also lose access to the EU Passenger Name Record (PNR) airline programme and would be unable to identify terrorist suspects in advance of travel, including those travelling under aliases. In preparation, the UK is imposing stronger border controls, including E
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
15
BREXIT £20 million of additional funding for the Home Office. This aims to help improve the intelligence picture about threats moving in and out of the UK, strengthening the multi-agency response to people and goods entering the UK and support investment in new capabilities for Border Force and Counter Terrorism Policing (e.g. improved detection equipment). 3. EXTRADITING AND PROSECUTING TERRORISTS A hard Brexit would also mean that the UK would lose access to the European Arrest Warrant (EAW) regime, with no equivalent alternative arrangement in place. EU member states could therefore refuse to extradite their own nationals to the UK. To illustrate the EAW’s value to the UK: before the EAW existed, it took 10 years to extradite Rachid Ramda from Britain to France over his role in the 1995 Paris metro bombing. In 2005 it took just 56 days to bring the failed 21/7 London tube
16
bomber Hussain Osman back from Italy to London using an arrest warrant. A LIMITED DEAL IS REACHED Whilst the UK appears to have accepted that it will lose unrestricted access to the EU’s capabilities outlined above, it is still in the interest of both sides to reach a deal. The level of access would vary by tool, and currently only Schengen Area associated states (Norway and Switzerland) are granted full access to any EU data system. UK aspirations to maintain the core features of its current membership with Europol are unlikely. The UK could establish an operational agreement similar to the US, Switzerland and Australia, which would allow it to station liaison officers at Europol headquarters, and access Europol’s messaging facility and other services. This would not extend to the EIS. UK investigators seeking information on a potential terrorist suspect would have to make separate requests to
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
member states to check whether they held relevant information. The process of determining whether EU nationals visiting the UK have terrorist convictions in their home countries could also take up to ten times longer in the likely event that the UK is unable to access ECRIS. It is also not evident that the UK will benefit from real-time alert mechanisms of terrorists travelling into the UK, at least in the short term, given that the EU is unlikely to offer more than basic access to SIS II. There is also no legal basis for the UK’s hope for reciprocal transfers of PNR flight data. Any access is likely to come at a cost. The UK would be paying to use the very same system that it was instrumental in developing. The UK has already announced that it is not seeking to participate in the EAW but aims to establish a fasttrack extradition arrangement, based on the EU’s surrender agreement with Norway and Iceland. This treaty took 13 years to enforce after it was signed in 2006, though it is likely
BREXIT that both sides will want a post-Brexit agreement in place much faster. WHAT IS THE OVERALL IMPACT ON TERRORISM IN THE UK? The UK will be unable to replicate its existing relationship in any scenario. The main impact will likely be felt in terms of time and efficiency. Even in the event of a hard Brexit, after a period of initial disruption, most challenges would likely be mitigated by strengthening existing bilateral relations with member states and other rapid adjustments. Anti-Western jihadists have shown relatively little interest in Brexit. The UK leaving the EU is unlikely to have any impact in terms of judging which countries should be targeted in future Islamist attacks. The effect of Brexit upon far right terrorism is more difficult to predict. If Brexit is perceived as a partial victory over ‘liberal internationalism’, this could inspire violent attacks to hasten its demise.
More importantly, the existing capacity of the UK to counteract any form of terrorist violence is unlikely to be greatly damaged. The reality is that neither the UK nor European governments want a terrorist attack that can be pinned, in part, on Brexit having caused a lack of preventive transnational coordination. Counter terrorism security is one of the few areas in which Brexit will ultimately make comparatively little difference. L
This article was written by Emily Winterbotham in December 2020, just prior to the published agreement governing future relations between the UK and the EU. Emily is Director of the Terrorism and Conflict group and Senior Research Fellow at RUSI, focusing on extremism and radicalisation, countering violent extremism and peacebuilding.
SECURITY IN THE BREXIT AGREEMENT There is now a Brexit agreement. In the final document the elements covering ‘Law Enforcement and Judicial Cooperation’ are set out over 84 pages. The UK retains access to critical databases, including DNA information exchange (Prüm) and Passenger Name Records (PNR). The UK will maintain a working relationship with the main EUwide law enforcement agencies, Europol and Eurojust, which provide platforms for sharing information, mounting joint investigations, operations and prosecutions. There are also some potentially important arrangements for maintaining and building practical cooperation on cybercrime, cybersecurity, and the security of emerging technologies, including working with the EU Agency for Cybersecurity. However, UK access to the EU’s criminal records exchange (ECRIS) and instant operational alerts on the movement of people and objects (Schengen Information System 2) is not preserved in a formal sense. UK police and border guards were consulting this hundreds of millions of times a year. The agreement sets out what are intended to be alternative arrangements. The effectiveness of these arrangements will be tested by events in the period ahead. The consequences of the loss of access are not yet clear.
FURTHER INFORMATION
www.rusi.org
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
17
EXTREMISM
FAR-RIGHT EXTREMISM IN EUROPE AND THE UNITED STATES
H
istorically, there has been little overlap between patterns of right-wing terror in Europe and the United States. This, on its face, is not surprising. The ideological roots of rightwing extremism differ significantly between the two continents. The American far-right has long been composed of an uneasy mix of white supremacists and neo-confederates with a disdain for federal government. By contrast, right-wing extremists in Europe are animated more by the historical remembrance of European fascist regimes and conspiratorial fears of civilisational decline.. White supremacy is certainly an important element of European far-right ideology, but it is distinctive from the American variant in its tangible Nazi roots. Terrorist indexes for the past decade, however, reflect a curious trend. Not only are the rates of right-wing extremist terror rising sharply in both Europe and the US, but they are rising with startling synchronicity. Authorities are beginning to see the writing on the wall. In early February 2020, FBI Director Christopher Wray told Congress that racially motivated extremists are ‘the top threat we face from domestic violent extremists’. The German Minister for Justice Christine Lambrecht also declared last year that far-right terror ‘is the biggest threat to our democracy right now’. A COMMON NARRATIVE Independent developments on both sides of the Atlantic have helped to trigger the
18
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
EXTREMISM
THE BIDEN ADMINISTRATION ALREADY SEEMS INTENT ON TACKLING THE ISSUE OF DOMESTIC EXTREMISM HEAD ON, AND THERE IS ALSO AN AIR OF HOPE ABOUT BOLSTERING US-EU SECURITY COOPERATION rise in far-right terror threats. The rise of the extreme right in Europe, for example, has been driven in no small part by the Syrian refugee crisis. Two of the most prominent assassinations carried out in the past decade targeted vocally pro-asylum European politicians: UK Labour MP Jo Cox in 2016 and local German Christian Democrat representative Walter Lübcke in 2019. In the United States, the election of Barack Obama was, according to FBI reports, a highly successful far-right recruitment tool. However, one important development which ought not to be overlooked in analysing this trend is the coalescing of both continents’ extreme right discourses around a common ‘Great Replacement’ narrative. While this narrative owes more to European ideological legacies, it is not totally dissimilar to the ‘White Genocide’ theory which arose among US neoconfederates during the reconstruction period. It has also been adapted, in the American case, to fit with current
mainstream right-wing anxieties about Southern border migration. When a far-right terrorist gunned down 23 people at a Walmart store in El Paso, Texas in August 2019, he did so, according to his manifesto, as an ‘incentive’ for Hispanic people to leave the country, thus ‘remov[ing] the threat’ of the antiRepublican Hispanic voting bloc. His writings reflected a preoccupation with ‘cultural and ethnic replacement’ generally and an ‘Hispanic invasion’ specifically. This case, one of the most notable in recent US history, is illustrative of the broader trend. First devised in its current form by the far-right French writer Renaud Camus, this conspiratorial narrative fundamentally promotes the belief that the white race is set to be wiped out through some combination of immigration, violence and miscegenation, and secondly, that Western elites, usually characterised as ‘globalists’ and ‘Jews’, are intentionally complicit in this process due to their E
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
19
EXTREMISM
TERRORIST INDEXES FOR THE PAST DECADE, HOWEVER, REFLECT A CURIOUS TREND. NOT ONLY ARE THE RATES OF RIGHT-WING EXTREMIST TERROR RISING SHARPLY IN BOTH EUROPE AND THE US, BUT THEY ARE RISING WITH STARTLING SYNCHRONICITY. AUTHORITIES ARE BEGINNING TO SEE THE WRITING ON THE WALL. pro-immigrant, multiculturalist commitments. This narrative also helps justify the use of violence as a response, which is intended to intimidate enemies into halting migration and also to ‘awaken’ the white race to the danger it faces. The ultimate goal is to provoke a race war, meant to resolve the crisis and lead to an ethnically pure homeland. In virtually all recent high-profile cases of far-right terror some permutation of this narrative has been offered as justification by the perpetrator. A TRANSCONTINENTAL MOVEMENT The convergence of both discourses around this replacement narrative, speaks to the increasingly networked, transcontinental nature of rightwing extremism in the digital age. Just as ISIS was able to attract foreign fighters from across Europe and the US, so too do groups like the Order of the Nine Angels, The Base, Feuerkrieg and Attomwaffen, boast a truly global membership. We are living in an era where it is not uncommon to see US extremists go to fight in Ukraine or to see German neo-Nazis get weapons training from the Russian Imperial Movement. In both the US and Europe, far right extremists are open enough about seeing themselves as engaged in a cross-border struggle. Norwegian terrorist Anders Breivik, who massacred 77 people in 2011, has been cited by countless subsequent attackers the world over as an inspiration. The perpetrator of last February’s shootings in Hanau Germany, which killed 11 people, had, in the past, posted videos on social media, specifically communicating with Americans in the hopes of attaining a global audience. This desire to be seen speaks further to how the very purpose of far-right terror has been transformed in the digital age. It has been noted by experts that, historically, right-wing terror incidents have tended to be low casualty and highly discriminatory in their choice of targets. Furthermore, it was rare for the perpetrators of these attacks to take credit for them or attempt to explain their motives. It is only in the past decade or so that American and European rightwing terrorists have taken to writing manifestos and posting evidence of their atrocities in public view online.
20
Their attacks are also increasingly indiscriminate and oriented around producing the largest number of victims possible. Not unlike Jihadists seeking to ignite a worldwide caliphate, the goal of far-right extremism today is thus specifically to capture attention, inspire like-minded extremists and destabilise societies to the greatest extent possible. The health of this transatlantic movement is therefore intimately connected with the development of social media. Not only do tech platforms have a lot to answer for when it comes to imbuing extremists with a sense of belonging to an international cause, but it encourages them to actively seek out financing and to engineer their acts of violence around the prospect of attaining virality. Furthermore, as has many times been noted, far-right social media echo chambers are a petridish in which conspiracy theories and disinformation are nurtured, away from public scrutiny. A TRANSCONTINENTAL RESPONSE A transcontinental extremist movement of this magnitude requires an equally substantial transcontinental response. The Biden administration already seems intent on tackling the issue of domestic extremism head on, and there is also an air of hope about bolstering US-EU security cooperation. On the European end, the combined legislation to be implemented in the Digital Services Act and Terrorist Content Online regulations, offer a promising framework for policing the extremist communications and disinformation. In addition to this, at the request of member states, the European Commission recently brought forward the release of its Counter-Terrorism Agenda and it contains a number of interesting proposals for dealing with these problems as well. Finally, there is the problem of trying to deal with the ideological and rhetorical drift between farright extremism and hard right mainstream politics in a manner that doesn’t impede on freedom of expression. In both the US and Europe, anti-immigrant talking points used by mainstream politicians veer dangerously close to the views espoused by extremists.
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
Determining the limits of respectable discourse will undoubtedly be a challenge, but if ever there was a year in which to begin holding our representatives accountable it is the one we have just entered. L
FURTHER INFORMATION
www.counterextremism.com
EXTREMISM
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
21
TERROR THREAT
THE EVOLVING TERROR THREAT IN 2021 C
ovid-19 has accelerated a variety of global trends. Some of these are perhaps ultimately good, for example moves towards more investment in AI and automation, or a growing focus on taking this opportunity to making lasting changes to benefit the environment. Many others are, however, quite concerning. Continued threats to the global order, the likelihood of states testing the resolve of the new US administration, and increasingly polarised populations are all factors that will dominate 2021. Terrorism, similarly, is a global trend that is experiencing something of a resurgence due to the consequences of the Covid crisis. From
22
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
2016, Sibylline’s quantified ASTRA model showed that this was one of the few risk areas that had experienced a fall globally. This was mainly driven by the reduction of Islamic State in Syria and Iraq, the limitations on the previously high-threat al-Qaeda in the Arabian Peninsula, and a fall in activity across North Africa. Although the Sahel, West Africa, Somalia and Afghanistan continued to see jihadist activity, and there were also numerous attention-grabbing attacks in countries such as the UK, US, and across Europe, these did not offset the global decline in the threat posed by the main jihadist organisations. Despite the declining prominence of international jihadist groups over the last two
TERROR THREAT
THE CLOSE OF 2020 APTLY DEMONSTRATED THE CAPACITY FOR CULTURAL AND RELIGIOUS FAULT LINES TO GENERATE TENSIONS, EITHER INADVERTENTLY OR DELIBERATELY, FOLLOWING HOSTILE RHETORIC TOWARDS FRANCE AND FRENCH INTERESTS FROM LEADERS IN THE MUSLIM WORLD years, terrorism and associated political violence remains a major concern and we expect this to be exacerbated by a variety of region-specific factors in the year ahead. This upturn in risk trends will be catalysed by the consequences of Covid, with the situation offering substantial opportunities to would-be threat actors. Drivers include increased economic hardship in many countries most impacted by terrorism; international distraction mitigating effective responses to threats; the ability to exploit and benefit from inter-state rivalries, for example Turkey employing former Syrian fighters in Nagorno-Karabakh; and overstretch of domestic security services. Lockdowns have also given people time to research and radicalise, with societal divisions and stress hardening mindsets. CULTURAL DIVISIONS The close of 2020 aptly demonstrated the capacity for cultural and religious fault lines to generate tensions, either inadvertently or deliberately, following hostile rhetoric towards France and French interests from leaders in the Muslim world. This arose as a consequence of President Emmanuel Macron’s assertion of the right to freedom of expression in the wake of Islamist terror attacks, but exemplifies the differences in societal values and norms that have the capacity to provoke violence when sensitivities are either misunderstood or ignored. The response both in the form of a public embargo of French goods in Islamic countries and, of concern, violent attacks was swift and highly impactful – showing how serious such issues can be. This will likely prove a lasting problem. The cultural divisions exposed by Macron’s attempts to crackdown on political Islam in France risk a return to threat levels not seen for several years in Western Europe. The hostility to Islam and lack of respect many otherwise moderate Muslims believe the president has demonstrated risk sparking a surge of lone-wolf attacks against soft targets, which will be extremely difficult to police. Moreover, as Western leaders increasingly feel obliged to defend Macon’s secularist position, they risk their own countries becoming targets in the short term. This is not to suggest that the kind of sophisticated and consistent attacks coordinated by Islamic State across
Turkey and Europe from 2014-16 are set to return in 2021. The once-powerful network has been effectively contained within its primary sphere of operations. In the former ‘Caliphate’, however, IS will continue to threaten Western interests. This is of greatest concern in Iraq, where the political instability of the last year has only fuelled historic concerns among the Sunni community that proved an effective recruiting tool for the militant group and its antecedents over the last decade. Now, however, militancy in Iraq is once again increasingly driven by Shia factions, whose anti-American sentiment and substantial resources have seen increasing IED and rocket attacks on US interests rise substantially throughout 2020. This is likely to spike in through 2021, as the Iranian leadership seeks to test the resolve of the new US administration ahead of Tehran’s own leadership elections. PROBLEMS IN AFRICA It is Africa, though, that has seemingly taken on the mantle of the Middle East as the cradle of jihadism. Endemic government failures have seen longrunning insurgencies escalate over 2020 and many now threaten to spread into new theatres. Mozambique has seen the most significant development in militancy over the last year, with the Islamist insurgency in Cabo Delgado threatening to establish territorial control over urban centres and launch more frequent operations into neighbouring Tanzania. While this is not likely to spread fully along the continent’s east coast, networks nonetheless run from north to south, and link into criminal interests. This has long been the trend in the north-west of the continent, where Nigeria and the Sahel countries remain unable to rein in Islamist and tribal militants that have essentially displaced state authorities in rural areas. Levels of activity are increasing and this is drawing attention from Western countries, with military action gradually escalating in an attempt to contain the threat. Meanwhile, long-running militant violence in South Asia threatens to spike in 2021, especially on the AfghanistanPakistan border and in Kashmir. Narendra Modi’s bullish approach to the latter will provoke militant groups to launch new campaigns, with any backlash among Hindu nationalists
threatening to the spread of politicised sectarian violence in India more broadly. Political violence will not be constrained to traditional militancy in the year ahead, however, nor necessarily to developing nations. The increase in right-wing terrorism and political violence has arguably been the greater threat in the US during the Trump presidency and tensions have peaked around the recent election. Despite Biden’s victory, the recent campaign along with the summer’s anti-racial injustice protests and subsequent backlash, have created a febrile environment and mistrust in institutions.This could easily lead to radicalised individuals launching lone-wolf attacks against political opponents or religious targets, which will prove hard to prevent. Meanwhile, the more sophisticated plots by right-wing militias targeting Democrat politicians in response to their imposition of Covid-19 restrictions may continue, spurred on by Trump’s rhetoric. These are much more likely to be intercepted by law enforcement, however, but will nevertheless fuel partisan fears and radicalisation on both left and right. For business, these challenges will be routine in many jurisdictions and, in the case of far-right extremism in the West, have been rising concerns for the last two years already. Outside of escalating insurgencies in Africa, which will continue to trouble the energy and mining sectors, the step-change in 2021 will emerge from corporate responses to touchstone social issues. Western executives are under pressure to take sides on issues from racial justice to freedom of expression, but in doing so they expose themselves and their companies to retaliation from a diverse range of extremists, from American white nationalists to radical Islamists. The makings of a perfect storm are therefore present in both Europe and the US, given likely trends. Although the direct impacts are often minimal, the nature of terrorism is such that it has a disproportionate effect on business, and particular sectors face a growing threat. Financial services and technology firms also face an indirect challenge from increasing regulation and demands by lawmakers that they ‘do more’ to help mitigate the use of platforms by increasingly sophisticated threat actors. As the world struggles to recover, these adversaries will seek to take advantage; it behoves us to be ready. L
Contributed by Justin Crump, CEO and founder of Sibylline, a British Citizen and based in the UK.
FURTHER INFORMATION
www.sibylline.co.uk
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
23
PHYSICAL SECURITY Alfie Hosker, Technical Manager with Secured by Design, explains the increasing importance of improving the physical security of buildings and incorporating counter terrorism measures into the layout and landscaping of developments
INCORPORATING COUNTER TERRORISM MEASURES S
ecured by Design (SBD) is the official police security initiative that works to improve the security of buildings and their immediate surroundings, reducing the opportunities for crime and providing safe places to live, work, shop and visit. It is part of the Police Crime Prevention Initiatives (PCPI) group of initiatives, which also includes the Police Crime Prevention Academy (PCPA) and Licensing Security & Vulnerability Initiative (Licensing SAVI). Working closely with government, local authorities, architects, developers and builders, SBD looks to incorporate police crime prevention and anti-terrorism measures from the initial concept and design stage through to construction and completion of buildings and developments. This work not only covers the construction of new
24
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
buildings and developments, but also refurbishment and landscaping projects. Unfortunately the threat from terrorism is an ongoing concern with recent events such as the attacks on London Bridge and Manchester Arena here in the UK. Whilst the chances of getting caught up in a terrorist incident remain extremely low, it is nevertheless essential that the threat of terrorism is considered by those stakeholders involved at the earliest design stage of a development scheme. The UK Police Service have a number of specialised staff called Designing Out Crime Officers (DOCOs), whose role includes working with the relevant planner, architect, engineer, security/facilities manager or other stakeholder across both new build and refurbishment projects to incorporate
PHYSICAL SECURITY the relevant site specific designing out crime measures into the project. Where applicable, this work is also undertaken alongside a Counter Terrorism Security Adviser (CTSA), who will advise on all aspects of counter terrorism protective security. In addition, CTSAs are responsible for the provision of protective security advice to crowded places - areas where there may be large crowds who could be vulnerable to terrorist attack, such as shopping centres, sporting stadiums, pubs and bars or transport hubs etc. As part of their professional development, SBD and the PCPA regularly bring together specialist police officers working in the Crime Prevention and Designing out Crime areas, ensuring they keep pace with changing patterns of criminal behaviour and advances in building design and new technology. DOCOs are recommended as a source of assistance by the Centre for the Protection of the National Infrastructure (CPNI) due to their comprehensive, specialist training. Both the National Planning Policy Framework (NPPF) and National Planning Practice Guidance (NPPG) promote creating safe and sustainable communities, encouraging preapplication discussion between planners, CTSAs and DOCOs and involving architects, developers and key stakeholders. A Memorandum of Understanding (MOU) is in place between CTSAs and DOCOs to support this measure and ensure they work together effectively to provide formal responses to relevant planning applications. SBD is referenced in the National Counter Terrorism Security Office’s (NaCTSO) newly released and updated Crowded Places guidance suite of documents (November 2020), directing those seeking advice to the SBD website. GUIDANCE SBD has produced a series of authoritative Design Guides to assist incorporating security measures into developments. These guides advise on all aspects of design and layout that impact on the creation of safe and secure environments. This includes road layout, footpath design, communal areas, dwelling boundaries, car parking and lighting and they cover a range of building sectors, including residential, education, health, transport and commercial. The Guides are regularly updated to keep pace with changing patterns of criminal behaviour and advances in manufacturing design and new technology. Other PCPI initiatives support this work, with the Licensing SAVI initiative for example supporting the owners and operators of licensed premises in managing a safe and secure E
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
25
Glazed steel profile system
FIRE RESISTANT
ACOUSTIC REDUCTION
BALLISTIC RESISTANT
INTRUDER RESISTANT
Up to 120 mins EN 1634-1 up to EI 120
Up to 45dB
BS EN 1522 FB3NS to FB7NS
BS EN 1627 RC2 to RC5 & PAS 24
> Tested to PAS 24 and approved by Secured by Design. > Ideal for use in shopping centres, airports, hospitals, schools and similar public buildings. > Available made-to-measure > Available as Glazed Wall Section, Glazed Doorset and Glazed Double Leaf Sliding Doors.
Robust by name. Robust by nature. For more information please call, email or visit our website:
01782 592900 sales@robust-uk.com www.robust-uk.com
PHYSICAL SECURITY
environment for the benefit of staff, customers and local communities. This initiative was developed in conjunction with the Home Office and NaCTSO, and assists licensees with their responsibilities around public safety. Other guidance available includes ‘Protecting Crowded Places: Design and Technical Issues’, which encourages designers to adopt designing out crime methods to effectively develop safer and more secure environments. It also describes the role of the DOCO, how they can assist in the planning and development process and makes reference to the SBD Design Guides and award scheme. ‘Crowded Places: The Planning System and Counter Terrorism’ discusses designing out crime and advocates the use of suitably trained DOCOs as a source of counter-terrorism advice. Physical security is important in protecting against a range of threats and vulnerabilities, including terrorism. These threats can range from the use of vehicles in the form of Hostile Vehicle attacks to the marauding attacker on foot. Consequently incorporating the appropriate physical security measures into buildings and developments across our communities can either prevent an attack or reduce the potential damage and injuries should an incident occur. Such measures can include but are not exclusively limited to doors, windows, roller shutters, bollards and perimeter security. For most organisations the recommended response will involve appropriate investments in products that deter as well as detect; measures that will also protect against other criminal acts such as theft and vandalism. However SBD recognise that in some cases, whether due to the nature of the asset being protected, the function of
the building or the gathering of large numbers of people associated with the night time economy, more robust security measures that offer better protection, are required. The key to this is to ensure that the products or services which are incorporated into either a new build development, refurbishment projects or the nature of the identified threat, are fit for purpose. SBD recommends that the products are successfully tested and, where possible, third party certificated by a suitably qualified body, who have the relevant expertise and specialist skills to formally test the product to the security standard required to ensure that the product actually does what it is supposed to. An example of this might be bollards, which naturally need to be correctly tested, certified and to deal with the perceived risk, which could be a 7.5 tonne lorry or car travelling at a certain speed or range of speeds. One such body is CPNI, the Centre for the Protection of the National Infrastructure. Whilst all security-related products listed on the SBD website have achieved the Police Preferred Specification standard for their crime prevention and deterrent capabilities, SBD has developed a specific area on the website listing security products that have passed more stringent security tests than those used for traditional residential and commercial purposes, products that may provide greater protection prior to or during a terrorist attack. All products that gain a listing on this page have passed exacting and demanding assessments. In addition to the security measures incorporated during the design and build stage, businesses and organisations also need to ensure that their protective security measures and plans are kept up to date with the
latest counter terrorism security advice, whether it is a town centre shopping arcade or an individual restaurant. This is essential in supporting and underpinning operations like Project SERVATOR, which is a strategic method of policing to deter, detect and disrupt a wide range of criminal activity from pickpocketing and property theft to terrorism and which also provides a reassuring presence for the public and the communities they serve. Action Counters Terrorism (ACT) is another such operation, encouraging communities across the country to help the police tackle terrorism and save lives by reporting suspicious behaviour and activity. Though this article highlights the importance of physical security, it is essential to understand that this is only part of a robust protection against such criminal attacks. An integrated approach to devising such measures also includes business plans, continuity planning, supporting access control and cyber security measures for instance, which can all be identified and addressed by carrying out operational requirements, risk analysis and/or obtaining advice from a suitably qualified security professional. These must be continually revisited and assessed to update and mitigate any vulnerabilities which may arise and it is worth remembering that CTSAs are available to advise local authorities, businesses, organisations and professional bodies about counter terrorism protective security guidance that should be incorporated into their general crime prevention plans, advice and guidance. The Police Crime Prevention Academy have developed a range of courses and qualifications to understand current threats posed by terrorism and extremist behaviour, understanding best practice to mitigate such threats and understanding the actions to be taken in the event of an incident. These are tailored to different levels of expertise and responsibility within organisations, and are open to everyone who is engaged in policing, security and supporting safer communities. As part of PCPI, the Police Crime Prevention Academy is affiliated with the Secured by Design initiative, so are the leading experts in delivering Secured by Design standards and guidance. L
Further information on the Police Crime Prevention Academy range of qualifications is available at www.crimepreventionacademy.com Further information on the Licensing SAVI initiative is available at www.licensingsavi.com.
FURTHER INFORMATION
www.securedbydesign.com
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
27
TRANSPORT SECURITY
FIVE YEARS OF PROJECT SERVATOR ACROSS ENGLAND, SCOTLAND AND WALES I
nternational transport hubs, such as airports and major train stations, unfortunately have been, and continue to be, a key target for acts of vehicle-related terrorism. British Transport Police (BTP) polices Britain’s railways, working with rail operators to ensure the safety of the 8.6 million passengers who use the network every day. The force also polices networks such as the London Underground, Midland Metro tram system and Glasgow subway. Much in the news again lately because of the ongoing inquiry into the attack, BTP officers were the first emergency responders to arrive following the Manchester Arena attacks in May 2017, providing life-saving care to the injured and making the area safe for other emergency services. It is also worth noting that a BTP officer, PC Wayne Marques, was seriously injured as he attempted to protect members of the public during the London Bridge attack, while the force’s armed officers formed part of the specialist response to that incident, working alongside members of the Metropolitan Police and City of London Police. BTP’s counter terrorism activities also include providing awareness training for staff
28
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
members from the rail industry and associated businesses. Under the ACT-Action Counters Terrorism banner, the programme is delivered at locations across the country, and aims to equip individuals to detect, deter and report terrorist activity. The sessions cover topics such as possible methods of attack and how to recognise terrorist reconnaissance, while also aiming to build effective working relationships between rail staff and BTP officers, empowering people to report suspicious activity. In particular, rail staff members are told to be aware of people who may be showing interest in restricted areas or appear to be checking security arrangements, for example filming CCTV cameras at a station, or avoiding rail staff and police officers. PROJECT SERVATOR BTP officers continue to play an important role in Project Servator, an initiative that was initially set up by the City of London Police (in February 2014) and introduced by BTP in November 2015. Project Servator deployments are unpredictable and designed to be highly visible. Their aim is to make the rail network an uncomfortable place for criminals to operate, while simultaneously reassuring
TRANSPORT SECURITY members of the public and rail staff. Operations use high-profile techniques such as officers in uniform and hi-vis clothing, in addition to search dogs and armed police. They are intended to appear unpredictable in terms of where and when they take place and can happen anywhere and at any time. Deployments involve officers who are specially trained in identifying criminality. In particular, Project Servator officers will be looking for anyone who might be carrying out hostile reconnaissance or who may have other malicious intent. Hostile reconnaissance can be defined as the purposeful observation of people, places, vehicles and locations, with the intention of collecting information to inform the planning of a hostile act against a target. Criminals, whether extreme protest groups, organised crime groups or terrorists, have to conduct hostile reconnaissance in order to plan a successful attack. Project Servator patrols aim to disrupt and deter them at an early stage, with the intention they will abandon their plans. Tactics such as these help to create an enhanced and strategic approach to protecting the critical national infrastructure and are part of BTP’s drive to deploy its resources more effectively. Project Servator is a standardised and consistent approach across many UK Police Services to disrupt, detect
Supported by:
and deter terrorism, and all crime types during the act and during the planning stages. This is achieved by completing unpredictable and highly visible deployments using an agreed engagement method. FIVE YEARS ON In December 2020, British Transport Police celebrated the fifth anniversary of Project Servator deployments across the rail network. Since the launch in 2015 there have been almost 650 arrests as a result of Project Servator deployments across England, Scotland and Wales, which have seen everything from knives and drugs to stolen goods and wanted criminals being taken off the streets. Superintendent Sandra England said: “We are delighted to be celebrating five years of Project Servator at British
Transport Police this month. Project Servator deployments are vital in creating a network of vigilance and a difficult environment for terrorists considering their targets and individuals looking to commit crime. “Everyone that uses and works across our rail network has a vital role to play in being our eyes and ears, and I would like to thank the public for their continued support in reporting things that don’t feel right to them. If you see us out and about, come and say hello and find out more about the work we are doing to keep you safe.”
FURTHER INFORMATION
www.btp.police.uk
Guaranteed safety ●
Mobile vehicle barriers for temporary events
●
Low-maintenance High Security bollards with electromechanical operator
●
NEW: Sophisticated, inconspicuous design bollards
01530 516868 doorsales.lei@hormann.co.uk
Design 204-21 ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE Commercial end customers
29
SECURITY & POLICING
SECURITY & POLICING GOES ONLINE THIS MARCH S ecurity & Policing - the official government global security event – will be held online this year between 9-11 March 2021, offering a world-class opportunity to meet, network and discuss the latest advances in delivering national security and resilience with UK suppliers, UK government officials and senior decision makers across law enforcement and security from the UK and overseas. Hosted by the Home Office’s Joint Security & Resilience Centre (JSaRC), the three-day, online, closed event will give approved visitors and exhibitors access to an innovative, digital event experience from the comfort and safety of their own workspace, at a time when we cannot meet in person. JSaRC and government partners are committed to working with industry and academia to bring the very best of Security & Policing (S&P) online this March, to enable the UK security and resilience sector to continue to develop and collaborate on the products, services and capabilities needed to cut crime, prevent terrorism, detect illegal immigration and promote growth.
30
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
Security & Policing presents the ideal setting to learn about the innovation, policies and equipment available to respond to the latest and future security challenges and threats. This year in response to the ongoing challenges of the Covid-19 pandemic and continuing to evolve security and policing through innovation, the event will be centred around three core themes of Resilience, Recovery and Rebuild. FULLY INTERACTIVE This is not just your average webinar event. S&P 2021 will be hosted via an innovative, secure and interactive digital platform, with networking functionality and virtual exhibition halls that will ensure engagement between exhibitors, key stakeholders, international participants, police services and government departments remains at the heart of the event. Approved visitors will have access to an extensive programme of live and on-demand video content and keynotes led by senior UK government officials as well as other major speakers across virtual auditoriums. The fully interactive virtual exhibition hall will showcase best in class solutions
SECURITY & POLICING
from leading UK exhibitors, allowing attendees to navigate virtual stands and search for companies, personnel, products, services and capabilities of interest via keyword search functionality and themed groups of exhibitors. Core to previous Security & Policing event, the online platform will offer ample networking opportunities with UK and international approved visitors and exhibitors across the event. Networking functionality includes advanced and categorised search functionality, 1:1 meetings, video conferencing, instant messaging and dedicated networking areas. Attendees can gain online access and exposure to senior decision makers and policy developers in government via a dedicated virtual government networking and showcase zone, where you can engage with officials and operational staff from a range of UK government departments and law enforcement agencies. Returning by popular demand after launching last year, the virtual Fusion Forum will offer leading insight and promote new and integrated ways to delivering security solutions across government, industry and academia. It will include a range of exciting video content incorporating a blend of keynote addresses, fusion panel sessions and industry challenges. TECHNOLOGY IN POLICING JSaRC is also collaborating with other government departments to create an
interactive online industry showcase feature in the event, which will provide an integrated demonstration of various innovative security solutions, brought together under one overarching narrative. After attending the event for the first time earlier this year, Rt. Honourable Kit Malthouse, Minister of State for Crime and Policing, has underlined the importance of the event to present and learn about the latest technology and innovation for a secure future: He said: “At Security & Policing last year my eyes were opened to the possibilities of assistance that technology can bring to policing both now, and in the future. “It is extremely important to step forward and register for Security & Policing 2021, not least because I will be there again
-albeit virtually, but crime is ever evolving and the criminals are getting more and more ingenious about the way they prosecute their appalling activities, and we need to stay one step ahead of them. “I invite you to come on board with Security & Policing next March in the hope we can continue to stand shoulder to shoulder in fighting crime here and across the word.” L
Watch a preview of what to expect at this year’s Security & Policing event via the video below.
FURTHER INFORMATION
www.securityandpolicing.co.uk
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
31
CYBER SECURITY
Q&A: 2020 AND AN INCREASE IN CYBER VULNERABILITIES L
ast month, Counter Terror Business (CTB) caught up with Roderick Jones (RJ), executive chairman at Concentric Advisors and former member of Scotland Yard’s Special Branch, to discuss all things cyber security, coronavirus and the recent US Election. CTB: Cyber security has become one of the leading global considerations for the coronavirus crisis. In light of this, how important is it that organisations remain aware of the inevitable vulnerabilities that come from this? RJ: Most organisations in the world had to rapidly stand up a remote IT infrastructures in response to the Covid crisis. For the most part this worked very well as people moved over to video conferencing and other mediums to manage their work. However, much of this infrastructure has been pieced
32
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
together in a way, which potentially leaves it vulnerable to exploitation by hackers. The cyber security industry is responding to the new needs thrown up by remote working by these solutions will take time to fully get into market. Increased digital insecurity is likely to be a significant legacy of the covid crisis and a continued unwelcome cost on organisations seeking to repair the economic damage they’ve endured.
CTB: It would seem likely that, even if a vaccine is available soon, remote working will be an increasing trend in 2021 and beyond. What role does device-layer cyber security have in mitigating this threat? RJ: The volume of traffic a personal device is expected to manage now is greater than before. Work, School, Food ordering, social
CYBER SECURITY
life, gaming are often all managed from the same device. That opens up an enormous new level of threat to most organisations and there isn’t as yet an easy to use cyber security product, which provides advanced security for your device. There are a number of enterprise solutions and significant activity in that space but these solutions will not reach the majority of the public due to the way cyber security is deployed for consumers.
CTB: When we spoke to you in September 2017, you said that terrorism had almost wholly virtualised in the period from when you were in Scotland Yard’s Special Branch to then. With many countries now experiencing their second form of lockdown, how has the digital threat evolved again? RJ: One significant evolution in the digital threat has been the rise and impact of disinformation. So while threats to information remain, threats through information have been seen to have increasing impact. The functioning of a democracy relies on an agreement about the facts being debated. When you have a situation when society has become so vulnerable to disinformation that basic assumptions about whether the world is flat or round are being challenged there is a real problem.
Arguably the lockdown combined with the power of disinformation has brought previously fringe domestic extremists back into a functioning form of popularity, which in turn has changed the nature of the terrorist threat for the first time since 2001.
CTB: In an age of misinformation and wide-ranging access, how can consumers maintain a cautious eye towards manipulation and cyber attack opportunities? RJ: Fortunately, the dangers of misinformation are top of mind for a number of government and tech leaders. The labelling of misinformation was an important step to take and I’m sure there will be a number of policy changes attempted and suggested to re-introduce the editorial function into the media we consume. CTB: Lastly, the recent US election. The digital integrity of the US Presidential election took on new heights in November. What steps can the United States take to rebuild public trust in the electoral process, and, more importantly, ensure that its digital systems cannot be easily manipulated by foreign interference, disinformation and misinformation?
RJ: It would appear the establishment of CISA had an enormous effect on the security of the election and successfully did the job it was designed to do. There seems to be little factual reason to distrust the electoral process in the United States. President Trump notably questioned the integrity of the election he won in 2016 and the one he lost in 2020. At the same time CISA was established under his administration to defend the digital integrity of US elections, which it did. The damage being done to public trust in the US election system is all driven from within the country and mainly by elected officials making unsubstantiated claims about the system. Foreign adversaries of the USA may seek to amplify some of this language to further damage the USA but frankly, that their job is being done for them from within the country. L Roderick Jones has over 15 years of experience operating at the highest levels of the international security environment. During his time as a member of Scotland Yard’s Special Branch, Roderick focused on international terrorism and the protection of a prominent British cabinet member.
FURTHER INFORMATION
www.concentricadvisors.com
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
33
TECHNOLOGY
TERRORIST USE OF THE INTERNET
34
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
TECHNOLOGY
T
errorists and violent extremists use a variety of interlocking technologies to share content and plan operations. Tech Against Terrorism (TAT) recognises four categories of tech platforms that are used to ensure content longevity: beacons, content stores, aggregators and circumventors. This diverse eco-system is exemplified by both viral and more routine propaganda operations. According to TAT’s research, terrorists use a vast number of smaller platforms to disseminate terrorist propaganda, ranging from messaging apps to video streaming and file sharing platforms. A seven-day study conducted by TAT found over 800 unique IS-related ‘outlinks’ on a messaging app leading to more than 90 different platforms. Over the past four years, we have found evidence of terrorists uploading terrorist material to more than 350 different platforms. The use of small platforms by malevolent actors has increased in recent years, in part due to bigger tech platforms’ improved capability to remove terrorist content often leading to such
groups migrating elsewhere. This, coupled with the fact that small platforms struggle the most in terms of lacking resources to tackle such exploitation and moderate content on their platforms, creates serious challenges for such platforms to for them to act swiftly and accurately. For example, a platform run by just one person might be overwhelmed by having to accurately identify hundreds of ISIS videos whilst ensuring that takedown does not result in restriction on freedom of speech. This risk is serious: undermoderating content enables terrorists to radicalise, recruit, and plan operations; overmoderating content can risk infringing upon freedom of expression online. This dilemma is exacerbated by the sheer volume of terrorist content online. Terrorists use a range of freely available tools to ensure content longevity online – such as archiving tools, URL generators, and file mirroring services. Terrorist groups are also thinking through operational security, as exemplified by IS’ Electronic Horizons Foundation, which advises supporters on how to stay hidden E
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
35
TECHNOLOGY online. Increasingly, we are also seeing terrorist groups building and maintaining their own websites archiving vast amounts of propaganda, mitigation of which presents a myriad of legal and operational challenges. Further, there are concerns about the role played by so-called ‘alt-tech’ sites, platforms created to allow for lax content moderation rules, due to fears that such platforms could create fertile ground for particularly far-right violent extremist and terrorist groups. This makes it an ever-evolving threat landscape, where the dissemination of terrorist content fluctuates and survives in different forms and locations. In addition to the proliferation of terrorist content and the general complexity of terrorist use of the internet, small platforms lack resources to moderate terrorist content and tackle the exploitation of their platforms. CONTENT MODERATION CHALLENGES Tech platforms face numerous challenges when tackling terrorist exploitation. The context, definition, sheer volume, and government pressures met with a lack of clear guidance, create obstacles for platforms engaging in moderation of
36
terrorist content. Though the difficulties of terrorist content moderation apply to all tech platforms, small platforms face these issues to a greater extent, as they lack capacity, resources, and guidance on not only understanding the threat of terrorist or violent extremist use of their platforms, but also the essential best practice policies or operational support to effectively moderate content and tackle the exploitation. Terrorist propaganda comes in many forms and each piece of content contains nuances and depends heavily on context. Though some terrorist content depicts violence which would be prohibited under many platforms’ terms of service, other forms of propaganda can go undetected as they do not directly depict violence. An IS propaganda video detailing the caliphate’s medical services is an example of nonviolent content that is still heavily propagandistic. Even larger platforms like Facebook struggle with contextualisation. This is seen with Facebook’s Oversight Board, whose first cases have highlighted some of the complex decisions relating to context that Facebook’s moderators regularly face. The issue of defining terrorist content relates to a much larger, international
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
dilemma; there is no internationally recognised definition of terrorism. In turn, there is no consensus on the definition of online terrorist content. Thus, governments have domestic laws and tech companies are left to navigate the discrepancies between laws and adjudicate on them, in order to influence their own content standards. In fact, company policies often prohibit speech that is legal in the countries they operate in. This is sometimes necessary in order to take action on terrorist content. For example, since many states have not designated any far-right terrorist groups, tech companies would in such instances need to rely on their own policies as a basis for action. Therefore, governments should increase accurate and responsible designation of terrorist groups as a way to clarify what content they expect tech companies should take action on. Platforms face a wide range of regulations imposed by each country globally. In TAT’s recent Online Regulation Series, we noted that many governments are imposing disproportionate regulations on tech platforms’ content moderation actions. Though it is important to create frameworks which regulate illegal online content, smaller platforms struggle with
TECHNOLOGY regulations that are under a ‘one-sizefits-all’ approach, which apply more easily to companies that are larger and have more resources. Small platforms suffer from seemingly impossible timeframes such as 24-hour, or even one-hour (as proposed by the EU) deadlines to remove content flagged by authorities. Within such a limited window, small teams cannot ensure that they are following rule of law and properly justify the removal of a given content. Companies who fail to meet those deadlines, only when enshrined into law, suffer penalties. A concern from civil society is that companies under such pressure would err on the side of over-removal of content, which could result in legal content wrongfully being taken down, ultimately infringing on freedom of expression. Such regulations could hurt smaller tech platforms and their users, as well as hinder technological innovation. Similarly, calls from lawmakers for mandatory transparency reporting for tech platforms also risk ignoring the difficult practical challenges for smaller tech platforms in producing such reports. Tech platforms thus have to balance the task of moderating terrorist content and all of its complexities and challenges
with pressure from governments and regulation, which all makes effectively and accurately responding to terrorist use of the internet incredibly difficult. TECH AGAINST TERRORISM Tech Against Terrorism works with such smaller platforms to support them with their internal processes and policies to better combat terrorist use of their services, while ensuring users’ rights. We work with all types of tech companies, such as social media, pasting, filestorage, messaging, fintech platforms, and web infrastructure providers. In 2019, we have had direct engagement with more than 80 tech companies through our workshops, webinars, partnerships, and bilateral discussions. In doing so, we provide support through a wide range of workstreams. The first is threat analysis and outreach, where we carry out extensive opensource intelligence analysis to identify platforms at risk and build constructive working relationships with the tech sector. The second is through knowledge sharing and best practices wherein which we facilitate intra-industry and cross-sector support mechanisms through online tools, guides, and
practical datasets to support policy and content moderation decisions. We support companies through our membership and mentorship programmes, providing best practice on content standards, human rights compliance, transparency, and content moderation. As platforms establish terms on terrorist content, having accurate yet robust content standards is vital to effectively tackling terrorist use of a service. In the mentorship process, TAT completes a forensic review of a company’s content standards, including their Terms of Service, Community Guidelines, and other policies, providing policy recommendations for areas that might need consideration. TAT also provides guidance to platforms to help them ensure that their policies and processes are created and enforced to preserve and enhance users’ rights. Companies are asked to sign the TAT Pledge, which provides a framework to ensure that companies will actively consider freedom of expression and human rights in their counter-terrorism measures. Finally, TAT supports companies to either introduce or improve on their transparency reporting processes, providing policy advice around standards to report on and, if necessary, support in data collection processes. TAT additionally provides technical support and resources for tech companies to improve their counter terrorism mechanisms, for example through data science or development support. An example of this is TAT’s current work on the Terrorist Content Analytics Platform (TCAP), which is a secure online platform that hosts terrorist material including verified terrorist content collected from open sources and existing datasets to facilitate secure information sharing between tech platforms, academia and data scientists. The TCAP alerts platforms to branded content associated with designated (farright and Islamist) terrorist organisations. These alerts aim to provide relevant context about the content as well as groups and their designation status. This empowers tech companies to swiftly make independent and informed decisions about content removal on their platforms, which is meant to offset some of the main challenges listed earlier for small platforms. It is through this multi-pronged approach that Tech Against Terrorism aims to facilitate smaller tech platforms in providing necessary external resources, as well as improving their internal processes and policies, to better tackle terrorist exploitation of their services, while upholding and enhancing their users’ rights. L
FURTHER INFORMATION
www.techagainstterrorism.org
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
37
CYBER CRIME
CYBER CRIME PREDICTIONS FOR 2021 N othing could have prepared us for 2020 - a year that demanded a swift and dramatic restructure of corporate operations in response to the Covid-19 pandemic. Remote workforces were created overnight, even within industries who never had the experience of managing effective, remote working teams. With limited time and resources to prepare and support home working employees, a makeshift remote setup was thrust upon us. This, consequently, created an opportunity for massive cyber security breaches and a stream of cyber attacks, which can have a devastating impact on businesses when the cost of a data breach averaged between $184,000 and $715,000 for a medium-sized business in 2019. 2020 was an opportunistic year for cyber criminals, who took advantage of a time of uncertainty. In the UK, businesses experienced a 31 per cent increase in cyber crime during the height of the pandemic, with phishing emails up by nearly 700 per cent, preying on what should be a company’s greatest cyber defence asset; their employees. As the new year starts, it’s important all businesses reflect on last year’s challenges overcome, mistakes made and to ask the questions: what have we learnt from this turbulent time? Are cyber attacks getting worse? Why isn’t simple scheduled training enough anymore? And will a more humancentric approach to cyber training make a difference? We also need to think about the
38
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
new year and make cyber security predictions to stay ahead of relentless cyber criminals.
1. Cyber security risks increasing
We have seen the methods cyber criminals use evolve in sophistication as well as in volume, pushed even further during this pandemic period where staff are working in new ways, often separated from IT help. This increased level of sophistication makes cyber attacks much harder to identify and therefore far more threatening. While phishing, ransomware, malware and DDoS attacks were among the most common methods employed by cyber criminals in 2020, there was also a rise in new methods. This can be seen in attacks on popular collaboration tools like Zoom, Slack and Microsoft 365 and the massive SolarWinds attack; where 18,000 private and government users downloaded a tainted software update, causing the largest hack of the US federal government networks in years. Cyber criminals are always on the lookout for new opportunities and emerging trends, taking advantage of unpatched vulnerabilities before businesses have a chance to ensure staff are adequately trained and their networks are properly secured and protected.
2. Technology has its limits In the Covid-19 era we have all learnt the importance of community and culture, this same lesson has been learnt in cyber
CYBER CRIME security too. With an increased remote workforce, businesses are more vulnerable to cyber crime than ever before. Knowing that over 90 per cent of data breaches are the result of human error, it is recognised how people’s actions are a huge part of the problem, so they must therefore be part of the solution - a business is only as strong as their staff and technology alone is not enough to protect a business. William Hill, Lloyd’s Bank, Clear Channel and the NHS are examples of organisations that have changed their cyber security training to create the cybersecurity work culture that is vital to preventing cyber attacks, especially whilst staff work remotely. William Hill even received an award for its in-house training methods for staff. And Clear Channel who changed their training to a real time human-centric approach saw impactful results when focusing on their staff. Ashish Shrestha, director of Information Security for Clear Channel International, said: “Cyber Risk Aware’s platform identified key human risks within our business, instilling positive behavioural changes in staff and helped to protect our network against cyber crime from the inside out.”
3. Scheduled training alone doesn’t cut it anymore Scheduled cyber security training sessions are often outdated, avoided by staff and forgotten by the time employees actually need the knowledge or are faced with a potential cyber attack. This renders them pointless and an ineffective use of both time and money. Training content must be digestible and easy to understand and delivered regularly to create actual behavioural change and allow staff to learn. Using world-leading Real Time functionality which enables a company to monitor risky behaviour on the network, from any location, on any device is vital for those with remote workforces. Short and regular training which immediately notifies staff when they make a risky cyber decision at that exact moment of need, alerting them and educating them as to why their actions are unsafe leaves a business protected from accidental employee actions that often lead to costly security incidents. Scheduled training and lectures are useful, but as they are training ahead of a problem companies can never anticipate happening, leads it to be ineffective when compared to point-in-time training in response to specific user actions. 2021 PREDICTIONS SEE CYBER SECURITY RISKS ESCALATING While 2020 may have highlighted the security challenges of remote working, 2021 will see businesses face further heightened security
risks as Covid-19 and the vaccine take us into the new year. COVID TO CAUSE FURTHER CYBER RISK The global pandemic and lockdowns have changed the lives of us all, both at home and the way we work. It is unlikely we will see a sudden mass return to the office and these changes reversed in the start of 2021, even with the Covid-19 vaccine people will not be working as they did before for some time. However, later in the year when people do start returning to the office and re-joining the corporate network they will be doing so with insecure hardware that has been used for remote working for months. These devices may store confidential data and could have been used by other household members. The risk of these devices having insecure software installed or have visited insecure websites over the past 10 months is undeniably high. This could cause mass unsecure device attacks as they rejoin corporate networks and allow hackers access to the 17 million files employees averagely have access to. Additionally, as our ticket back to normal pre pandemic life, the Covid19 vaccine, becomes more readily available this year, we are likely to see an increase in related cyber crime hacking. This could be similar to what we saw with PPE in 2020, where governments were scammed into ordering millions of pounds worth of non-existent PPE, but this time with the Covid-19 vaccination ordering and rollout. Businesses must question if they are prepared for this? As phishing scams become increasingly sophisticated will they and their employees be able to identify a phishing scam when it comes in? It is imperative all employees are trained and educated in real time, to spot the latest phishing scam before it’s too late, as one click on the wrong email can bring entire corporate networks to their knees. CUTTING COSTS IN A SMART WAY It’s been a tough year for businesses financially and cuts unfortunately may take place. Companies will be looking to leverage the spending they have already made to ensure they are in both a mature business and cyber security position. To do this they need a platform that can deliver training to staff in real time at their exact moment of need, in response to employees actions. Businesses should leverage their existing tech by using a platform that requires less admin staff to manage and is capable of integrating with existing technology and working flexibly on any device, in any location to cause actual behaviour change in staff through training. COPYCAT ATTACKS TO RISE As technology evolves so do cyber criminals, who latch on to newsworthy events for new opportunities to infiltrate
a business, with many businesses having to change their business practises to survive the pandemic, there is more online trading and therefore more opportunity for cybercrime than ever. Copycat attacks are also common, so there is a chance we will see cyber criminals copying recent successful cyber attacks such as the recent SolarWinds attack, where Malware provided remote access into an organisation’s networks allowing information to be stolen, undetected for months, affecting up to 33,000 of SolarWinds Orion customers. Additionally, we are likely to see copycat attacks continue with Ransomware. There was a 40 per cent increase in ransomware attacks in Q3 2020 it is likely that this will continue to rise in 2021 along with the continued sophistication of phishing and vishing to target new companies and untrained individuals. This last year has provided endless challenges and struggles, but an equal amount of lessons can be learnt and put to use in 2021, although little good has come from the pandemic, perhaps this is the push that was required to make industries embrace remote working. With the rise of the cloud, an increase of global businesses and soaring office rental costs in capital cities remote working was ultimately inevitable. And the pandemic has pushed us to achieve these future goals much earlier than initially thought possible. As a result the much needed conversation of cyber security has been brought forwards and companies like Cyber Risk Aware have now been recognised by Gartner, written about in Forbes and, most importantly, have empowered employees to feel cyber secure and confident in their online actions. It is only by creating this workplace confidence and cyber culture that businesses can have the vital best practices in place, continually educating staff to ensure the business and networks are protected from the inside out. L
Stephen Burke has been working at the sharp end of cyber security since 2009. He was formerly VP, Chief Information Security Officer (CISO) and Cyber Insurance Underwriting Adviser at RenaissanceRe. He founded Cyber Risk Aware in 2016 having consistently found that cyber criminals were targeting people not systems. Stephen firmly believes that staff are the greatest security asset in a company and are not the weakest link like so many others would make you believe. An effective information security program must include a human centric approach otherwise it will fail.
FURTHER INFORMATION
www.cyberriskaware.com
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
39
BAPCO
DISCOVER BAPCO: THE ONLINE EVENT A s a key event in the public safety technology calendar, it’s a shame that the Annual BAPCO Show and Exhibition will not be able to run inperson in March. It has been a particularly challenging year for the emergency services, and there is pent-up demand for the vital support, guidance, and connections the show would normally provide. To help bridge the gap until the sector can meet again in-person, the organisers have announced the launch of a brand-new virtual event, taking place 2-4 March. This event has been designed to help keep you connected and engaged with the public safety community in the absence of the physical show.
40
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
The new virtual event will consist of a cutting-edge conference programme, representing the very best of the UK public safety communications sector. It will also feature an innovative online exhibition, through which the biggest companies in the industry will be able to showcase their technology. The conference will feature many of the industry’s leading experts, discussing key topics such as the ongoing roll-out of ESN, the use of ‘future technologies’, and much more. Attendees will be able to join in discussions via real-time conference session chats, Q&As and polls.
BAPCO
THE CONFERENCE PROGRAMME Running across the course of the event’s three days, the conference will offer a range of cutting-edge presentations, delivered by some of the most respected thought leaders in UK public safety communications. Topics will include mission critical broadband, the UK’s current Airwave TETRA network, ‘future’ technology, and much more. As with the organisation’s previous events, a key feature of the BAPCO Online conference will be the presence of the UK Home Office, discussing the ongoing Emergency Services Network roll-out. This will include a keynote from ESN Programme Director John Black giving a ‘big picture’ update on the project, as well as the programme’s Becca Jones discussing the deployment of the network. Alongside the usual plethora of UKrelated content meanwhile, visitors will also have the opportunity to absorb related best-practice from around the globe. This includes Ed Parkinson and Jeffrey Bratcher talking about FirstNet in the United States, as well as Erillisverkot’s Ari Toivonen discussing the burgeoning Finnish critical broadband network, Virve 2.0. Speaking of the programme, organisation President John Anthony said: “BAPCO events have always been known for their extraordinarily strong conference content, and BAPCO Online is no different. We are extremely proud of the line-up which has been put together, representing cutting edge best practice from across the industry. “This is going to be an extremely important year for the sector, and there is no better way to keep informed early on than with BAPCO: The Online Event. The show will also provide the perfect primer for our rescheduled annual Conference & Exhibition taking place in October.” KEYNOTE SESSIONS ESN: a big picture update In this session, John Black, ESN Programme Director, will provide
a full update on ESN progress in the last year, including how Covid19 has affected ESN delivery, and what is coming up next. John Black, ESN Programme Director, Emergency Services Mobile Communications Programme
value video content to bring you an experience like no other.
Personalised Agenda - Create your personalised agenda and receive reminders throughout the event. Book conference sessions, panel discussions or meetings with suppliers and view your planned activity all in one place.
Deployment of ESN This session will describe the ESN deployment process and progress to date while end users will share their first-hand experience of the network. The next steps for users will also be discussed. Becca Jones, ESN Director of Deployment and User Insight, Emergency Services Mobile Communications Programme
Livestream Content - BAPCO: The Online Event will run three days of live and on-demand content. Hear expert speakers discuss vital developments and challenges and participate via chats, polls and Q&As during each session.
Putting digital and data before technology. How we need to move from technology delivery to business change and support There are a lot of demands being put on policing and emergency services. This session will focus on how public safety organisations can be supported with the best technology and how they can exploit its benefits, to help them to deliver for their communities. Wayne Parkes, Director of the National Enabling Programmes, National Police Technology Council Ian Bell, CEO of the Police ICT Company, National Policing The three-day agenda also features plenary talks and interactive panel discussions across a host of topics such as AI & ML, control rooms, cyber security, drones and UAVS, Internet of Things, interoperability and interworking, lessons from the pandemic, mental health, national networks, new technologies and Next Generation 999/911.
Network & Engage - Share your experiences in event group chats. Ask questions and discuss your needs with suppliers via direct messages. Discuss ideas with expert-speakers and the community in dedicated conference session chats. Virtual Booths - Discover market-leading suppliers and visit their virtual booths to find out more or get in touch. Narrow your search with advanced filters such as region or product category to help find suppliers most relevant to you. Product Marketplace - Discover, compare and source products and services at the BAPCO Online product marketplace. Looking for something specific? Narrow your search with advanced filters such as price and product category. Connection Matchmaking - View a selection of AI-recommended ‘people you should meet’. Visit the profiles of suppliers and speakers that are of interest to you, send connection requests and book virtual one-to-one/group meetings. L
THE VIRTUAL EXPERIENCE BAPCO: The Online Event utilises cutting edge virtual event technology combined with high production
FURTHER INFORMATION
online.bapco-show.co.uk
ISSUE 45 | COUNTER TERROR BUSINESS MAGAZINE
41
SECURITY IN A BACKPACK Rapid deployment. High quality images. Fast decisions. Introducing the new, robust and powerful ThreatScan®-LS3. Designed in collaboration with first responders, this is a small, lightweight and compact unit that’s designed to be rapidly deployed. High quality, real-time X-ray images (305 x 256mm), materials discrimination, pan, zoom, DeepFocusTM, 3D Emboss, measurement and annotation all enable rapid and accurate decision-making. The complete system fits in a backpack and is also suitable for robot integration.
www.3dx-ray.com
The complete x-ray security solution
ADVERTISERS INDEX The publishers accept no responsibility for errors or omissions in this free service ADS Group
3DX-RAY Ltd is a global market and technology leader in line‑scan x-ray imaging systems for security inspection, having supplied systems worldwide directly and through partners, agents and distributors. The company’s systems combine high image quality with ease of use and competitive pricing. Portable, mobile and fixed systems are offered to meet a wide range of inspection needs and 3DX-RAY’s quality management system is certified to ISO 9001:2015. The portable ThreatScan® systems allows bomb technicians to perform rapid and accurate threat assessment in a wide range of operational scenarios. Each system consists of a generator, a detection panel and an imaging station as
42
standard. The detector panel is lightweight and incredibly thin, and is available in a large format imaging area of 600 x 460mm, or a compact imaging area of 462 x 273mm. The complete system can penetrate up to 34mm steel at 120kV while producing high quality, sub‑millimetre resolution images. ThreatScan® can be used to inspect suspect bags and packages in mass transit areas as well as general security inspection by first responders such as police, military and private and government security agencies. Specialising in x-ray inspection. When it matters most, 3DX-RAY Ltd has the insight you need. FURTHER INFORMATION
www.3dx-ray.com
COUNTER TERROR BUSINESS MAGAZINE | ISSUE 45
10
Dupree International
8
Frontier Pitts
6
Heald IFC Hormann (UK)
29
Jacksons Fencing
14
Robust UK
26
Selectagaze 12 Westminster International
4
To register for your FREE Digital Subscription of Counter Terror Business, go to: www.counterterrorbusiness.com/digital-subscription or contact Public Sector Information, 226 High Road, Loughton, Essex IG10 1ET. Tel: 020 8532 0055
Follow and interact with us on Twitter:
@CTBNews
THE NEW INTERACTIVE ONLINE EVENT SERIES FROM COUNTER TERROR BUSINESS
COMING SOON SOON... WATCH OUT FOR ANNOUNCEMENTS OF OUR NEXT EVENT ON
MISSED OUR 8TH OCTOBER EVENT - EVENT MANAGEMENT SECURITY? YOU CAN CLICK HERE TO REGISTER AND WATCH IT ON DEMAND
CTB365 ON DEMAND – NEVER MISS ANOTHER CTB EVENT. EVER.