Counter Terror Business 26 by PSI Media

www.counterterrorbusiness.com | ISSUE 26

NEWS: NEW COUNTER EXTREMISM LEGISLATION INCLUDED IN QUEENâ&#x20AC;&#x2122;S SPEECH IFSEC INTERNATIONAL

NEWS TASER CALL

EUROSATORY 2016

PERIMETER SECURITY

ORGANISATIONAL RESILIENCE How a holistic approach to organisational resilience can work at both strategic and operational levels PRISONS

REIGNING IN RADICALISATION Best practice to help avoid radicalisation in prisons, as well as methods to better support vulnerable offenders

test The la siness b ce u defen ws p43 ne NCE

ZINE

AGA ESS M

EFE FOR D

USIN THE B

l annua The bi atory Euros p45 event

COUNTER TERROR BUSINESS

Extremism given vague priority in Queen’s Speech

www.counterterrorbusiness.com | ISSUE 26

Wednesday 18 May saw the State Opening of Parliament, with a list of laws that David Cameron and his comrades hope to get Parliamentary approval on this coming year. While extremism and counter terrorism featured heavily, a lack of clarity protected the Prime Minister from immediate controversy.

NEWS: NEW COUNTER EXTREMISM LEGISLATION INCLUDED IN QUEEN’S SPEECH NEWS TASER CALL

IFSEC INTERNATIONAL

EUROSATORY 2016

PERIMETER SECURITY

ORGANISATIONAL RESILIANCE How a holistic approach to organisational resilience can work at both strategic and operational levels PRISONS

REIGNING IN RADICALISATION Best practice to help avoid radicalisation in prisons, as well as methods to better support vulnerable offenders

est The lat siness ce bu defen ws p43 ne CE

ESS MAGA

ZINE

Comment

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

FOR DEFEN

THE BUSIN

nnual The biaatory Euros p45 event

What we do know is that the government will continue to push ahead with its controversial Investigatory Powers Bill in a bid to crack down on extremism through digital means. This is the second time it has been carried over from the preceding Parliamentary session, and the second time that it has been accompanied by a parade of concerns. Which will falter first – the doubts over the Bill’s powers or Theresa May’s determination to see it approved? Elsewhere, a new ASBO-style civil order regime is set to be introduced to restrict extremist activity, while consultations will take place on the possibility of government intervention in councils that fail to tackle extremism and the radicalisation of children in ‘unregulated education settings’. Additionally, the Queen’s Speech also included plans for a large shake-up for prisons in England and Wales. The new reforms will add an extra emphasis on training, rehabilitation and education, but more importantly will place more freedoms to governors, allowing autonomy to set direction on finances – similar to the less than successful academy plans for schools.

Follow and interact with us on Twitter: @CTBNews

Peter Dawson of the Prison Reform Trust addresses the best methods to avoid radicalisation and manage extremism in prisons in a timely article on page 21. Michael Lyons, acting editor

! ONLINE ! IN PRINT ! MOBILE ! FACE TO FACE If you would like to receive 4 issues of Counter Terror Business magazine for £100 a year, please contact Public Sector Information, 226 High Road, Loughton, Essex IG10 1ET. Tel: 020 8532 0055, Fax: 020 8532 0066, or visit:

www.counterterrorbusiness.com PUBLISHED BY PUBLIC SECTOR INFORMATION LIMITED

226 High Rd, Loughton, Essex IG10 1ET. Tel: 020 8532 0055 Fax: 020 8532 0066 Web: www.psi-media.co.uk EDITOR Angela Pisanu ACTING EDITOR Michael Lyons ASSISTANT EDITOR Tommy Newell EDITORIAL ASSISTANT Rachel Brooks PRODUCTION EDITOR Richard Gooding PRODUCTION DESIGN Jacqueline Lawford, Jo Golding PRODUCTION CONTROL Sofie Owen WEB PRODUCTION Victoria Leftwich ADVERTISEMENT SALES Rachael McGahern, Chris Jones, Harry Harris BUSINESS DEVELOPMENT MANAGER Martin Freedman PUBLISHER Sally Brockman ADMINISTRATION Vickie Hopkins, Charlotte Cassar REPRODUCTION & PRINT Argent Media

© 2016 Public Sector Information Limited. No part of this publication can be reproduced, stored in a retrieval system or transmitted in any form or by any other means (electronic, mechanical, photocopying, recording or otherwise) without the prior written permission of the publisher. Whilst every care has been taken to ensure the accuracy of the editorial content the publisher cannot be held responsible for errors or omissions. The views expressed are not necessarily those of the publisher. ISSN 1362 - 2541

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

WE SET THE STANDARDS WHEN ITâ&#x20AC;&#x2122;S MISSION CRITICAL CESG Certified Professional Scheme. Independent assessment and verification for information assurance professionals. Now available for the private sector.

BCS, The Chartered Institute for IT, is the business name of The British Computer Society (Registered charity no no. 292786) 2014

BC988/LD/AD/1114

bcs.org/ia

CONTENTS 09

06 CTB NEWS

Queen’s Speech details counter extremism legislation; and rural police lack capabilities for terrorist attack

09 CYBER SECURITY

The volume of risk that an organisation undertakes in order to meet their objectives is explored by Adrian Wright, of the UK chapter of the Information Systems Security Association

15 CRITICAL COMMUNICATIONS WORLD

The 18th annual Critical Communications World, a leading conference and exhibition dedicated to critical communications, will open its doors at the RAI Amsterdam on 31 May

17 INTERSEC

21 PRISONS 17

The issue of radicalisation in prisons is of growing concern in the UK. Peter Dawson, deputy director of the Prison Reform Trust discusses offender management and methods to better support vulnerable offenders

Contents

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

25 PERIMETER SECURITY

Steve Munden and Steve Taylor, of the Perimeter Security Suppliers Association, argue for a holistic approach to organisational resilience at both strategic and operational levels

31 IFSEC INTERNATIONAL

A month before IFSEC International returns to London’s ExCeL Centre for Europe’s largest security exhibition, IFSEC Global explore a theme of the show, and address how criminal gangs are abandoning traditional crimes in favour of cyber crime

34 UK SECURITY EXPO

After the terrorist attacks that rocked Europe last year at the Stade de France in Paris, UK Security Expo, taking place on 30 November, takes a closer look at stadium crowd management and security and the lessons that have been learnt

37 TRANSPORT SECURITY

Identifying and preventing criminal activity on British railway lines relies on more than just vigilance, says the British Transport Police. Here, they discuss details of Project Servator, a new approach to deploying officers to detect crime and deter terrorism on British rail networks

THE

43 DEFENCE NEWS

HMS Illustrious set for scrappage; and new MoD fleet management contract

45 EUROSATORY ‘16 37

On the 13-17 June, Paris will host leading international defence and security exhibition, Eurosatory. The 2016 exhibition will help visitors keep a

Counter Terror Business

finger on the pulse of the ever-evolving defence industry, with insightful seminars and cutting edge technology on display

BUS

INES

SM AGA

ZINE

FOR

DEF

ENC

Tur for th n to page 4 e la 3 b u s i n test defen ce e and fes s n e w s atures

www.counterterrorbusiness.com Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

CTB News

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

NEWS IN BRIEF Cameron suggests ISIL wants UK to leave the EU

Prime Minister David Cameron has made the bold claim that he suspects Abu Bakr al-Baghdadi, the leader of ISIL, would want the UK to leave the European Union (EU). The comment comes as part of the Prime Minister’s campaign for Britain to vote to remain in the EU on the 23 June referendum. Speaking at the World Economic Forum, Cameron said: “It is worth asking the question: who would be happy if we left? Putin would be happy. I suspect al-Baghdadi would be happy.” This warning comes as part of Cameron’s focus on the security and intelligence benefits of staying in the EU, as he claims that the UK’s capability to deal with terrorist threats and share information with European countries would be diminished if the UK were to leave the EU. However, this line of campaigning has been criticised as scaremongering by those in favour of Britain leaving the EU. READ MORE:

tinyurl.com/hgszzgz

Three counter-terror arrests made across London and Birmingham Counter terror police have confirmed that three arrests have been made in a number of raids across London and Birmingham, with suspected links to Syria. Officers searched a property in south London at 5:30am on 17 May where two suspects were detained on suspicion of raising funds for terrorism in the war-torn country. In a separate operation, officers in Birmingham held a 21-year-old man at a property in Handsworth, on suspicion of preparing to travel to Syria to join ISIL. A spokesman for West Midlands Police said: “Officers are this morning continuing to carry out searches at the address. The arrest was pre-planned and intelligence-led. There was no immediate threat to public safety.”

tinyurl.com/hwgfgt6

COUNTER TERROR BUSINESS MAGAZINE | Issue 26

QUEEN’S SPEECH

New counter extremism legislation included in Queen’s speech New measures to tackle radicalisation and protect the public against extremism were announced in the Queen’s Speech on 18 May. Addressing MPs and Peers at the State Opening of Parliament, the Queen said: “My government will continue to work to bring communities together and strengthen society. “Legislation will be introduced to prevent radicalisation, tackle extremism in all its forms, and promote community integration.” The new legislation will be introduced as part of the Counter-Extremism and Safeguarding Bill, which aims to ensure that law enforcement has a full range of powers to deal with extremism. Key new powers will include the capability to safeguard children from extremist adults by ‘taking powers to intervene in intensive, unregulated education settings that teach hate and drive communities apart’, as well as close loopholes so that Ofcom can continue to protect consumers who watch internet-streamed television content from outside the EU. A consultation will also be launched into introducing a new civil order regime to restrict extremist activity, as well as a consultation on powers to enable government to intervene where councils fail to tackle extremism. The speech also touched upon the forthcoming Investigatory Powers Bill, highlighting the government’s continued

HM The Queen: “Legislation will be introduced to prevent radicalisation, and tackle extremism in all its forms”

commitment to greater surveillance powers despite continued criticism from opposition parties, particularly the Liberal Democrats, the House of Commons Science and Technology Committee and tech firms such as Apple, who argue that the Bill lacks clarity and could compromise the privacy of British citizens. The Queen said: “My government will continue with legislation to modernise the law governing the use and oversight of investigatory powers by law enforcement, security and intelligence agencies. “Legislation will strengthen the capability and accountability of the police service in England and Wales.” READ MORE: tinyurl.com/jgkozzg

DRONES

Clarification required on drone killings case The legal case for using drone strikes outside of armed conflict needs ‘urgent clarification’ from ministers, the Joint Committee on Human Rights has said. Two UK citizens, Raheed Khan and Ruhul Amin, were killed in Syria last year by a nearby RAF drone, with the government defending its actions by claiming it is prepared to take ‘lawful action’ over direct threats to the UK. Khan, it is claimed, had been plotting ‘barbaric’ attacks on UK soil, making the strike an ‘act of self-defence’. However, that defence, used by Prime Minister David Cameron, is not justified under international law, and later statements justified the killing in the context of the armed conflict in Iraq. The Committee has said that while it understands the drone strikes as Law of War, the explanation provided by the government contained contradictions and inconsistencies, and asked for clarification. Harriet Harman, Committee chairman and

Labour MP, explained on BBC Radio 4’s Today programme: “As the world faces the grey area between terrorism and war, there needs to be a new international consensus on when it is acceptable for a state to take a life outside of armed conflict. “Our government has said they’re going to be targeting people in other parts of the world, but there’s no independent scrutiny afterwards.” A UK government spokesman said: “Where we identify a direct and imminent threat to the UK we will take lawful action to address it and report to Parliament after we have done so. “Such actions are only to be carried out as a last resort when all other options have been exhausted, and we would always do so in accordance with international humanitarian law.” READ MORE: tinyurl.com/ju6ehgn

FIREARMS

NEWS IN BRIEF Rural police could be ‘sitting for frontline police ducks’ in event of terrorist attack Calls to be armed with tasers Rural police officers in England fear they lack capability and would be ‘sitting ducks’ in the event of an armed terrorist attack, according to a Police Federation chair. John Apter, chair of Hampshire Police Federation, has warned that a national shortage of armed officers could leave isolated areas vulnerable. Speaking to the BBC, Apter said that in some rural communities the nearest armed officers are up to 70 miles away, which could leave potential targets such as energy plants at risk. Apter said: “Being realistic, if a firearms unit was coming from the middle of the county you are still talking about 30 miles away - you are not talking about a few minutes. There would be an understandable delay. “If a firearms unit is the other side of the county they could be 70 miles away so you are talking a significant distance. So the only officers that you have available are unarmed and vulnerable officers and they are the officers that are saying to me that in a terrorist situation they would be sitting ducks.”

READ MORE: tinyurl.com/j7n9awv

TRAINING

Greater Manchester Police apologises for ‘Allahu Akbar’ cry in training exercise Greater Manchester Police has apologised for having a ‘suicide bomber’ shout ‘Allahu Akbar’ during a terrorist training exercise. The exercise took place at the Trafford Centre and saw a person playing the part of a terrorist make the cry, which means ‘God is Greater’, before letting off an explosion. The force has come under heavy criticism following the exercise, with many taking to social media to voice their frustrations and demanding to know why the exercise was directly linked to Islam. Following the wave of criticism, assistant chief constable Garry Shewan responded saying it was ‘unacceptable’. He said: “It is a necessity for agencies including the police to train and prepare using exercises such as this, so that we would be in the best possible position to respond in the event that the unthinkable happened and an attack took place. “The scenario for this exercise is based on a suicide attack by an extremist Daesh [ISIL] style organisation and the scenario writers have centred the circumstances around previous similar attacks of this nature, mirroring details

of past events to make the situation as real life as possible for all of those involved. “However, on reflection we acknowledge that it was unacceptable to use this religious phrase immediately before the mock suicide bombing, which so vocally linked this exercise with Islam. We recognise and apologise for the offence that this has caused.” Tony Lloyd, Greater Manchester’s Mayor and Police and Crime Commissioner, praised the operation on whole, but also criticised the decision to use the phrase ‘Allahu Akbar’ as part of the attack. Lloyd said: “It is frustrating the operation has been marred by the ill-judged, unnecessary and unacceptable decision by organisers to have those playing the parts of terrorists to shout ‘Allahu Akbar’ before setting off their fake bombs. “It didn’t add anything to the event, but has the potential to undermine the great community relations we have in Greater Manchester.” READ MORE: tinyurl.com/gsa6xng

CTB News

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

Representatives at the Police Federation annual conference have called for a national roll out of tasers for frontline officers. According to the Police Federation, the roll out of tasers and culture change are needed to tackle the issue of assaults on police officers. Addressing the conference, John Apter, chair of Hampshire Police Federation, said that it was wrong to accept assaults on police officers as ‘part of the job’. He said: “It’s a disgrace to say that taser use shouldn’t be rolled out further. It is an essential piece of kit. I accept it’s expensive, but what’s the cost of the safety of officers?” Apter also said that chief officers needed to drive change and suggested that relationships with other agencies, such as Crown Prosecution Service (CPS), College of Policing and Her Majesty’s Inspectorate of Constabulary (HMIC), were vital to reducing the overall number of assaults on officers. Apter also cast doubt on the reliability of figures that suggest around 23,000 officers are assaulted each year. He claims that in Hampshire only 25 per cent of officers voluntarily recorded their assaults, so it was unlikely that the national figure would be accurate. In addition to the roll out of tasers, Apter also called for standardised officer safety training across England and Wales. He said: “It isn’t right that there isn’t a standard. It isn’t good enough. If we get it right, we can look after our people.”

tinyurl.com/zq3p28h

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

Cyber Security

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

RISK MANAGEMENT

Written by Adrian Wright, vice president of research, ISSA UK

Enterprise risk management – an appetite for destruction Risk appetite is considered the volume of risk that an organisation is willing to take in order to meet their strategic objectives. Adrian Wright, vice president of research at the UK chapter of the Information Systems Security Association, explores risk appetite in more detail If the title of a 1987 Guns n’ Roses album sounds an unlikely opening for a cyber security article – you are probably right. But when applied to the broader question of enterprise risk management and the need to develop a top-down risk tolerance strategy, the relevance may become clearer. Failure by organisations to develop, communicate and monitor a suitable risk appetite strategy can lead to catastrophic business failure either way; by either accepting too much inherent risk, or conversely being too cautious and allowing the business to be overrun by spiralling governance costs and far bolder competitors. COSO defines it thus: “Risk appetite is the amount of risk, on a broad level, an organisation is willing to accept in pursuit of value. Each organisation pursues various objectives to add value and should broadly understand the risk it is willing to undertake in doing so.” Organisations encounter risk every day as they pursue their business objectives. Senior management must therefore deal with the fundamental question of: How much risk is acceptable while pursuing these objectives? Additionally, external regulators and other bodies need to evidence organisations’ risk management processes and board oversight, which is

another area of risk in itself. But not all risk is bad. Modern businesses need to innovate to compete and survive; and you cannot innovate without taking on risk. Sometimes a lot of risk. Essentially there is no longer a ‘safe path’ to stick to if you want to both stay in the game and win it.

process, remains a daunting task that not every business is yet prepared to embrace. Like the elephant in the room, it is often easier for the various risk management functions to just keep pushing along doing what they do while hoping for the best. Unfortunately that’s no longer enough.

MANAGING RISK, MANAGING EXPECTATIONS A few years ago I attempted to open up a conversation with the board of a large multinational around risk acceptance, with the aim of striking a balance between the costs of security countermeasures versus the likely cost of any losses: thereby setting expectations around what was achievable. This endeavour fell at the first hurdle of ‘what level of per event or annualised loss is acceptable to the business?’ ‘None’ came the inevitable response, thus sealing the end of that debate. Nowadays, boards cannot possibly ignore the endless tide of publicised breaches and corporate collapses that adorn the media every day, and boards now seem to have accepted the ‘not if, but when’ philosophy, which acknowledges that you can’t secure everything and therefore losses are bound to occur – no matter how much money you throw at managing risk. Nonetheless, having that debate at a senior level and then executing an organisation-wide programme to embed the risk appetite and risk tolerance strategy into every business

RISK APPETITE AND TOLERANCE Completely defending a large organisation against the onslaught of growing numbers of threats, and increasingly sophisticated attacks would require more resources than many businesses are worth, and then some. So there needs to be some conscious acceptance of risk at the strategic level, which is then fine-tuned to each critical business function as a tactical solution to managing ongoing risks. This is where the terms Risk Appetite and Risk Tolerance appear: the former constitutes a strategic, board sanctioned, policy message and plan; and the latter a more tactical approach to identify the most critical parts of the business operation and apply an acceptable level of risk acceptance variation each entity is willing to accept; based on the operational criticality of each function to the overall business. Without these formal statements on risk appetite and tolerance clearly mandated, communicated and integrated across a business, it is hard to set goals and priorities or to allocate resources to best manage all forms of risk across the organisation. Yet research suggests that only around a quarter of large public and private companies have a formally articulated statement of risk appetite in place. There is a view that this absence of !

Arou a quart nd large p er of private ublic and c have a ompanies articula formally te of risk ad statement place – ppetite in res suggestearch s

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

MULTIPLE PERSONALITY ORDER Manage multiple identities seamlessly and securely on one device. In today’s world, police and security officers face ever-greater physical and electronic risk. WorkFone® reduces this risk by delivering multiple professional identities on a single smartphone, increasing control while securely handling all communication needs, including voice and SMS. It’s simple and it’s familiar. If you can use a phone, you can use WorkFone.

WorkFone. For every you.

Visit us at Congress Radicalization & Terrorism 2016 31 May 2016 | The Hague Security Delta | The Netherlands

www.workfone.io

RISK MANAGEMENT

There needs to be some conscious acceptance of risk at the strategic level, which is then fine-tuned to each critical business function as a tactical solution to managing ongoing risks ! a formal and coherent risk appetite strategy across three-quarters of organisations is at the root of ever increasing numbers of breaches and failures in recent times. Too much gets spent securing functions and assets the business could still survive if lost; while the real Achilles heels lie relatively unprotected due to distractions elsewhere. So, what to do? Well whatever you decide to do you cannot do it in isolation. There needs to be a will and mandate from the top which leads to federation of the various risk functions in pursuit of a set of common objectives. Education and influence are key to introducing these concepts in a way all parties will understand and buy into. Sometimes you don’t know you have a problem until someone educates you enough to see it. So if you are natural

educator and influencer who happens to be sitting in one of the risk functions in a business that’s lacking a current strategy and statement that deals with risk appetite: then you know what to do! "

Adrian Wright is CEO and founder of Secoda Risk Management, vice president of Research at the ISSA-UK, and former global CISO of Reuters for eight years. Having 20 years of experience in corporate information security and technology risk, Adrian researches and consults widely on a range of security and governance issues such as cloud computing, human factors in awareness and compliance, incident management, and managing insider threats. FURTHER INFORMATION www.issa-uk.org

Cyber Security

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

Two thirds of UK businesses have had cyber security breached According to the Cyber Security Breaches Survey, conducted by the government, two thirds of large businesses have experienced a cyber attack over the past year. In the report, the government has urged businesses in England to better protect themselves from cyber criminals. The research found that in some cases, cyber breaches had cost companies millions to resolve, with the most common attacks being viruses, spyware or malware which could have been prevented using the government’s Cyber Essentials scheme. The survey found that while 25 per cent of large firms experience data breeches regularly, only half of all firms have taken the recommended actions to identify and address vulnerabilities. It also found that only a third of all firms had formal written cyber security policies, with just 10 per cent having an incident management plan in place. Ed Vaizey, minister for the Digital Economy, said: “The UK is a world-leading digital economy and this government has made cyber security a top priority. Too many firms are losing money, data and consumer confidence with the vast number of cyber attacks. It’s absolutely crucial businesses are secure and can protect data. “As a minimum companies should take action by adopting the Cyber Essentials scheme which will help them protect themselves.” The results of the survey have been released along with the government’s Cyber Governance Health Check. The Cyber Governance Health Check found that only a third of the UK’s top 350 businesses understand the threat of a cyber attack; only a fifth of businesses have a clear view of the dangers of sharing information with third parties; and many firms are, however, getting better at managing cyber risks, with almost two thirds now setting out their approach to cyber security in their annual report.

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

PROTECTING YOUR

CROWN JEWELS

SIMPLY & SECURELY WITH

DATA ENCRYPTION

nCrypt Data Security Specialists

DATA SECURITY

WHAT THE GDPR MEANS FOR BUSINESSES Since it is a regulation, not a directive, compliance is mandatory, without the need for each member state to ratify it into its own legislation. The new legislation is needed as the original directive of 1995 was formulated in what now appears to be a different technological era. Back then, just one per cent of the worldâ&#x20AC;&#x2122;s population was using the Internet, but today it is almost ubiquitous across the EU. Cloud computing and social media were not known then, nor were smartphones or tablets. Today, the vast majority of information is produced and consumed electronically, making it harder to protect. MAJOR CHANGES IN THE GDPR The GDPR expands the scope of data protection so that anyone or any organisation that collects and processes information related to EU citizens must comply with it, no matter where they are based or the data is stored. Cloud storage is no exception. The definition of personal data has also been expanded. It states that personal data includes information from which a person could be identified, either directly or indirectly. Under the new definition, identifiers such as IP addresses and cookies are included as personal information. Prior to the GDPR, there has been no uniform legislation regarding breach notification. The GDPR introduces mandatory breach notification unless the breach is unlikely to result in a risk to the rights and freedoms of the data subjects concerned. A particularly onerous demand in the new regulation is that organisations suffering a data breach must notify data protection authorities within 72 hours of its discovery. Sanctions for non-compliance with the regulation have not only been made uniform. For a minor breach, organisations can be fined up to two per cent of their worldwide revenue or 10 million Euros, whichever is higher, although a warning can be given for first offences. For more serious violations, fines of up to four per cent of worldwide revenues can be imposed or 20 million Euros, whichever is higher. Many are worried about the impact of the GDPR. According to Ovum, 52 per cent of organisations believe that the

GDPR will result in fines for their business and 68 per cent feel that it will dramatically increase the costs of doing business in Europe. WHAT IS REQUIRED FOR COMPLIANCE? The GDPR is not prescriptive in the technologies that should be used to achieve compliance. Rather, the GDPR states organisations need to take appropriate technological and operational safeguards for securing data, including putting in place strong privacy controls. It states that organisations should adopt internal measures that meet the principles of data protection by design and default. What this means in practice is data protection and privacy must be considered right from the beginning of the security planning process. There is, however, one exception to the regulation being non-prescriptive in terms of technologies. Encryption is specifically called out, along with pseudonymisation, as an appropriate safeguard for securing data. By encrypting data, organisations that suffer a data breach are not obligated to notify data subjects as the data is considered to be adequately protected, as long as the encryption was properly implemented. Where pseudonymisation is used, in which data is processed in such a way that it cannot be attributed to a specific individual, pseudonymised data must be held separately from any additional information stored in clear form to ensure that it cannot be attributed to a specific individual. Whilst encryption is an extremely good tool

for data protection, it is not sufficient by itself. Organisations should ensure that they have adequate access controls in place to prevent unauthorised access when the data is decrypted and to control what users can do with the data according to their role. For example, a system administrator needs to be able to perform management tasks, such as back ups, but should not be able to read the content of the data e.g. in an HR system. This applies, in exactly the same way, for applications accessing data which should have access controls applied to them.

Written by Colin Tankard, managing director, Digital Pathways

The long awaited general data protection regulation (GDPR) of the EU was provisionally agreed in December 2015. The final publication of the regulation is expected around July 2016. There will then be a two-year period until every organisation, both public and private, that does business in, or with, the EU complies with the regulation

Advertisement Feature

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY â&#x20AC;&#x201C; www.counterterrorbusiness.com

CONCLUSIONS After years of wrangling, the GDPR is now a fact and compliance deadlines are looming. The time to start preparing is now. In fact, Digital Pathways has been promoting technologies that link access control to encryption for over 20 years, and started its managed encryption service, nCrypt, three years ago to bring this technology to any organisation. Groups need to ensure that they are not caught out and face sanctions for non-compliance. With the right precautions in place, organisations should have little to fear. The time and effort required to achieve compliance will vary greatly from one organisation to another, but it is well worth the effort. ! FURTHER INFORMATION www.digpath.co.uk 0844 586 0040

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

UNIFYING YOUR CRITICAL COMMUNICATIONS

Visit www.taitradio.com/unify and watch our demonstration at CCW on stand C7 from 31st of May to 2nd of June

Critical Communications

EVENT PREVIEW

The consequence of good critical communications The 18th annual Critical Communications World, a leading conference and exhibition dedicated to critical communications, will open its doors at the RAI Amsterdam on 31 May Following from last year’s success in Barcelona, Critical Communications World will deliver 4,000 professionals and over 150 exhibitors to discuss the latest critical communication developments in an era of data, applications and emerging technologies. Critical Communications World will deliver leading masterclasses, conference and seminar programmes from senior decision makers. The 31 May will host nine half day masterclasses providing delegates with the opportunity to take part in more in depth discussions. Hosted by experts from the TETRA and Critical Communications Association, these masterclasses will introduce TETRA and LTE, as well as discussions on Evolution to Broadband; Critical Communications for Transport; Removing cost from the control room; Exploring next generation in-building public safety networks through LTE and digital distribution; and Mission Critical Applications, where, through real world end user experiences, this masterclass will enable you to get the most out of your applications and data as well as network with other applications users.

Minna Nyman, head of Rakel & Command and Control Systems Office, Swedish Civil Contingencies; Mansoor Hanif, director of Radio Access Networks, EE; Barbara Held, Federal Agency for Public Safety Digital Radio Germany; Bernd Vleugels, chief inspector, Lokale Politie Antwerpen (LPA); Matthias Kolb, head of IT Center, Airport Stuttgart; WC Chu, COO, China Light & Power; and JunMyung Do, senior manager, IT Division, KEPCO. NEW DEEP DIVE PANEL SESSIONS Delegates will have the opportunity to get down to the core issues of some of the major critical communications projects currently taking place globally. Projects covered will include Critical Communication in Finland – cross agency and cross PDDR & non PPDR, Sweden & Norway’s Inter-system interface trial, effectively increasing TETRA usage to 600,000 users in Germany and Bilbao metro – using LTE as a security boost to an existing TETRA network.

Critical tions nica Commuld will Wor ading le deliver classes, master rence confe inar and sem mes program

KEYNOTE PRESENTATIONS With a 41 per cent increase in operator speakers, this year’s congress will welcome industry pioneers to discuss the future of evolution of TETRA networks. Expert speakers include: Gordon Shipley, Emergency Services Mobile Communications Programme, Home Office; Professor Carlo Ratti, director of Senseable City, MIT; Jonathan Lewin, deputy chief, Chicago Police;

NEW FEATURES FOR 2016 To celebrate and showcase the most forward thinking and innovative solutions on offer to public safety, oil and gas, utilities, transport and defence, Critical Communications World will host the Future Technologies Awards on the 1 June for the first time. With the help of our expert judging panel, the winner will be the company who has displayed that their product is the most likely to make the biggest impact on the critical communications industry in the next three years. Providing an efficient face-to face professional networking model similar to ‘speed dating’, Speed Networking will enable participants to make new contacts through one-on-one focused conversation lasting between two-four minutes.

As a critical communications user, Interactive Demo Tours will take delegates on a sector or topic focused guided tour of the exhibition by an expert from the TETRA and Critical Communications Association. Participants will visit eight of the most innovative companies who will give you a five minute introduction to their product. Additionally, end users will be able to discuss their challenges with leading advisors and subject matter experts at the Critical Communications User Clinics. Critical Communications will host three new seminar programmes providing visitors with the opportunity to learn about the latest developments, challenges and emerging technologies to hit the critical communications markets. These new seminar programmes are New Future Technologies, Data Apps & Control Rooms and Cyber, and are all free to attend. MAXIMISING EXPERIENCES A dedicated social programme is in place to ensure delegates maximise their event experience and make those important business connections in a relaxed informal setting. Join us for the official opening ceremony of the Critical Communications World exhibition at 16:00 on Tuesday 31 May, and be the first to meet the exhibitors and access the latest technologies and new Critical Communications products. Alternatively, join us at 17:00 onwards on Tuesday 31 May for the CCW networking drinks reception. Continue to discuss the issues of the day whilst making new contacts and enjoying drinks and entertainment with your colleagues from around the world. Finally, join the speakers, VIPs, delegates, sponsors and exhibitors at 18:30 on Wednesday 1 June at the Heineken Museum. Take this opportunity to make new contacts within the international critical communications community over a beer or two. ! FURTHER INFORMATION www.criticalcommunicationsworld.com

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

PROTECT YOUR LONE WORKERS… WITH SECUREWEST’S TRAVEL RISK MANAGEMENT SOLUTIONS Securewest International provides global tracking solutions protecting your people and your assets. Duty of care forms an integral part of your corporate strategy – Securewest’s travel risk management solution enables you to manage your own risk, providing 24/7/365 protection and Emergency Response. METHODOLOGY: PREPARE – your workforce prior to departure SAFEGUARD – in areas of elevated risk by providing track & trace RESPOND – and support your workforce and assets during emergency situations RECOVER – from any disruption to daily routine SOLUTION: • Workforce and asset protection • Around the clock positioning and emergency alerting • Global mapping and tracking platform • Comprehensive selection of tracking solutions for your people and assets (Lone Worker App, Satellite devices, GSM devices) • Easy to access and use web portal FEATURES: • Detailed mapping • Track History • Emergency Alert, Man-down and monitoring capability • Machine to machine messaging

+44 (0)1548 856001 info@securewest.com www.securewest.com

UK PAVILIONS

A large number of UK companies are taking advantage of the benefits that exhibiting as part of a UK Pavilion brings. Daren Wood, export services manager at the British Security Industry Association, highlights some of these advantages For many UK security companies, presence at overseas exhibitions is a no-brainer. The opportunity to showcase new products or services to buyers in target markets and the ability to meet with existing overseas customers, distributors and specifiers is an attractive proposition. Whilst many companies still choose to exhibit independently, more and more UK companies are taking advantage of the benefits that

exhibiting as part of a UK Pavilion brings. As the UK Trade & Investment (UKTI) Approved Trade Organisation (ATO) for the security sector, the British Security Industry Association (BSIA) is responsible for liaising with UKTI and other organisations to identify international exhibitions that UKTI, through the

ATO, should support. These exhibitions will form part of the UKTI’s Tradeshow Access Programme (TAP) calendar of events. The BSIA also organises UK Pavilions at these shows, enabling UK companies to benefit from a wide range of benefits before, during and after the show.

Intersec cont to thrivinues importa e as an the sec nt fixture in UK PAVILION calenda urity events BENEFITS r The first benefit, and recent w– the most perhaps the most cent lar as 10 per important for exhibitors, ger is that the UK Pavilion in 2015 than forms a focal point for end-users and security buyers.

Written by Daren Wood, export services manager, BSIA

Exhibiting as part of the Great British brand

Intersec

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

By exhibiting under the same ‘Great British brand’, UK companies are able to benefit from increased footfall as buyers are attracted to the Pavilion to source the quality products and services that the UK’s security industry is globally renowned for. The UK Pavilion is located in a prime, central location on the show floor providing the exhibitors within it access to increased exposure and visibility to visitors. A further benefit from exhibiting together is that UK security exporters enjoy a reduced cost to exhibiting, which further increases the profitability of attending overseas shows. On top of the reduced costs, the BSIA also helps companies to access the UKTI’s TAP funding programme, which can offset an exhibitor’s costs by up to £2,500. Logistically, the BSIA takes the strain out of booking stand space by acting as the main liaison between exhibitors and the show organisers; managing stand design, construction, furnishings and fittings. The BSIA also appoints a freight forwarder to assist companies with the shipment of their goods; and on site, BSIA representatives oversee the construction process and are available to deal with any technical issues. In addition, by working closely with the show organisers, the BSIA ensures that the UK Pavilion, and the companies that exhibit within it, are promoted in relevant trade publications, local media and show literature. This ensures that visitors to the show are aware of the range of UK !

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

Combi tools for tactical cutting & spreading

We look forward to welcoming you at GPEC 2016. Leipzig | Germany | 7-9 June Booth B71 | www.gpec.de

Holmatro (hand-operated) combi tools are the ultra-lightweight, compact solution for tactical cutting, spreading and squeezing. Important features are low visibility, quiet operation, quick and easy use, high forces and optimal portability. You can choose between models (H)CT 5111 ST with highest spreading force and (H)CT 5117 ST with highest spreading distance. Special Tactics equipment holmatro.com/en/ST

Intersec

UK PAVILIONS ! companies in attendance and the products and services that they will be showcasing. The UK Pavilion also provides a great opportunity for exhibitors to build connections with fellow exhibitors, experts and representatives in the security industry and to enhance their international reputation. All of these benefits ultimately contribute to a more successful, stress-free and profitable show for exhibitors. INTERSEC 2016 Most recently, the BSIA organised three of the UK Pavilions (Commercial Security, Fire and Rescue, and Homeland and Policing) at Intersec Dubai over 17-19 January 2016, helping 73 UK companies to attend as exhibitors. Intersec continues to thrive as an important fixture in the security events calendar. The most recent edition was 10 per cent larger than in 2015, spanning 50,000sqm with over 2,400 brands on show. 2016’s show welcomed 31,261 visitors from 128 countries which made it the largest and most international Intersec to date. The importance of Intersec to UK security companies is clear. According to research carried out by the BSIA’s Export Council – a dedicated forum for BSIA member companies who are focused on extending their business to overseas markets – further increases in overseas trade are expected for 2016, with a clear focus on the Middle East. In fact, 40 per cent of respondents identified the Middle East as the single most important target market, whilst 80 per cent of respondents claimed that they are looking to increase their level of business in this region. At Intersec 2016, UK companies illustrated this fact by attending in force. The UK Pavilion took more exhibition space than any other pavilion in attendance at

Sheikh Mansour Bin Mohammed Bin Rashid Al Maktoum visits the UK Pavilion

Middle Eastern market. Many of the companies that decided to exhibit as part of the UK Pavilion at Intersec 2016 reported that the show was particularly successful and that the UK Pavilion had helped to contribute to this. One BSIA member company, RGL Electronics Ltd, have been active in the Middle East for a number of years and attended Intersec 2016 as an exhibitor for the first time. Geoff Jones, director of RGL Electronics, said: “By exhibiting at Intersec this year, we had the opportunity of getting in front of the people that really matter and we were able to build upon what is already a major marketplace for the RGL brand. We showcased our range of access control products and a disabled toilet alarm, all of which attracted a good response from visitors to the show. The quality of the contacts we have made has been very high and I anticipate that some of these contacts will develop into orders over the coming months. “ Storm Interface launched the S60 range of mullion format keypad readers at the show, which received a fantastic

The BSIA organised three of the UK Pavilions (Commercial Security, Fire and Rescue, Homeland and Policing) at Intersec Dubai over 17-19 January 2016, helping 73 UK companies to attend as exhibitors the show and attracted a huge amount of international visitors. During the show opening ceremony, His Highness Sheikh Mansoor Bin Mohammed Bin Rashid Al Maktoum took the time to visit the UK Pavilion and talk to representatives from UK companies. By visiting the UK Pavilion in person, His Highness demonstrated the appetite of the Middle East region to develop relationships with UK security companies; something that many exhibitors were keen to reciprocate. Intersec plays a pivotal role in enabling UK companies to meet with potential customers, existing distributors or partners and as a platform to launch new products into the

response from prospective customers. Peter Jarvis, senior executive vice president at Storm Interface, commented: “The response to the Storm S60 was absolutely astonishing. When developing the product, we found that there was a real need for a product that would not affect the aesthetics of landmark buildings where typically, you wouldn’t want to drill into the building materials to affix a traditional reader. We’ve found that there is a real demand in the Middle East for products that meet the design specifications of landmark buildings, especially in Dubai.” Commenting on the value of exhibiting as part of the UK Pavilion at 2016’s Intersec,

he said: “We were really impressed with the level of support that the BSIA provided both before and during Intersec. Association with the BSIA is absolutely essential at these types of exhibition. The BSIA’s excellent organisation of the UK Pavilion freed us up at Intersec so that we could focus on what we needed to do; meet with target contacts, promote our products and make valuable sales.” GLOBAL MARKET CHALLENGES Clym Brown, marketing director at Texecom, also found Intersec to be a positive show: “We see themes at Intersec that resonate with global market challenges – the proliferation of advanced wireless security devices, home network and smartphone connectivity for users taking control of their own security, and increased connectivity and integrated features for commercial and security applications. At Intersec, we found our breadth of system offerings, using the same architecture and programming structure throughout, was really well received by visitors looking to provide the highest levels of security for a wide range of applications.” Elsewhere, BSIA member company, Remsdaq, estimated that they recorded approximately 25 per cent more validated leads at Intersec 2016, when compared to the previous year. Alan Hardy, EMEA sales manager, commented: “It was an extremely satisfying exhibition with unprecedented numbers of good quality contacts visiting our stand. There was an extremely positive reaction from all our visitors to our EntroWatch, EntroStar and EntroPad range of access control solutions. We are confident that our business in the region will increase significantly as a direct result of our participation in the show.” "

The BSIA is now taking bookings for stand space in the UK Pavilion at 2017’s edition of Intersec – 22-24 January at the Dubai International Convention and Exhibition Centre. FURTHER INFORMATION www.bsia.co.uk/events.aspx www.intersecexpo.com

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

Prisons

EXTREMISM

Written by Peter Dawson, The Prison Reform Trust

Managing radicalisation and extremism in prisons Peter Dawson, deputy director of the Prison Reform Trust discusses offender management and the issue of radicalisation in prisons, outlining best practice to help avoid radicalisation, as well as methods to better support vulnerable offenders I guess most people over a certain age will remember where they were when the second plane hit the twin towers. I was in Brixton prison. I was its deputy governor and stood transfixed in front of the TV in the board room with a few colleagues. For some time, nothing about what was happening seemed real, still less to have any relevance to the role I was performing. But Brixton at the time had the national role of holding prisoners awaiting extradition – something of a historical anomaly to be frank – and amongst the prisoners we were holding on that day were two men accused in the United States of a previous plot to blow up the World Trade Center. My last memory of the day was their faces as they boarded a prison van to go to top security Belmarsh prison under police escort. Were those two men any more dangerous on that evening than they had been in the morning? Or any more or less motivated to escape? I doubt it. But the world had changed. Nearly 15 years on, and it is more or less unthinkable that two men accused of a terrorist plot could be sitting in a not terribly secure Victorian gaol more or less unnoticed by either their captors or their peers. Nowadays, they would be well known, their photographs endlessly re-published and their every experience in prison liable to be broadcast via the Internet from a prisoner’s mobile or a disgruntled member of staff. If they were Muslims, they would also have a good deal more company at Friday prayers. But some things would not be different. They would still

expect to live day to day in the company of men convicted of very different crimes and serving a range of sentences – some close to release, some doubting that they will ever be free. They would still live in a community drawn from countless different nationalities and ethnicities, and worship in a room that serves for every religion represented in the prison. They would still interact with staff from many different backgrounds, of very different ages and from both genders.

in the workshops and the prison kitchen, as well as on the landing. They form over time, incrementally, through unacknowledged tests that establish boundaries on both sides, and small tokens of trust. Relationships keep people alive – the officer who notices a change in mood in a prisoner known to self harm, or the quiet tip off about a dispute between prisoners that has got out of hand, with weapons created and ready to use. They produce the trust that allows risks to be taken and managed – a period of temporary release to visit a dying relative, or a special event like a theatre workshop. They produce the intelligence that allows the prison to intervene to protect staff, other prisoners or the public, that points to corruption or to threats of disorder. Relationships sustain the hope that makes a long sentence survivable. Sometimes that will be through the formal process of sentence planning, but often through the day to day experience of interactions that are not defined by imprisonment or by the roles people are playing. It is no coincidence that some of the most effective relationships in prison are formed in the gym or on the sports pitch, where staff and prisoners are collaborating, and deriving mutual pleasure – or frustration – from a shared passion. !

Everyo safety rne’s ultimatests on the ely of relat quality ion within t ships institut he ion

INSTITUTIONAL RELATIONSHIPS The British model of prison management is not unique, but it is unusual. It requires not just prison officers, but all those who work in prisons from a wide variety of different agencies, to be comfortable spending their working day surrounded and outnumbered by prisoners. Everyone’s safety rests ultimately on the quality of relationships within the institution and the consent, normally tacit, of the people who live in the prison to accept a degree of authority being vested in those that work in it. Everything that happens in the prison is rooted in those relationships. The safest prison is the one where there is most space for those relationships to form, space created by a regime that unlocks prisoners for the whole of the day and most of the evening, and by adequate staffing levels, including teachers, nurses and instructors. Relationships form

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

Prisons

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

EXTREMISM ! OLD DILEMMAS So how do we deal with the prisoner who utterly renounces these relationships, to whom they are anathema, even apostasy? This is the dilemma for the long awaited review led by Ian Acheson for the Ministry of Justice. The first, perhaps most important lesson is to remember that this is nothing new. Prisons sometimes wallow in the cliché that they have seen everything before, but in this instance it contains a vital truth. Because not only have British prisons always held terrorists ideologically opposed to the authority under which they are detained, they have also always held people who survive the experience by their resistance to it. We understand the

challenge of working with people convicted of the most despicable crimes. The ability to say, truthfully, ‘we will always listen and talk to you regardless of whether you listen and talk to us’ is vital. Making relationships is sometimes the longest of long hauls, but time is always on the prison’s side. The second lesson for me concerns the limits of what we have got used to calling ‘offender management’. The phrase was coined to describe an admirable ambition of working with prisoners to create a plan for a sentence that leads to successful resettlement. But it has sometimes been interpreted too literally, encouraging a view that offenders can literally be ‘managed’,

Not only have British prisons always held terrorists ideologically opposed to the authority under which they are detained, they have also always held people who survive the experience by their resistance to it

more like an industrial process than a human being. The much more promising approach, happily now well established in official thinking, draws on ‘desistance’ theory to stress the importance of the prisoner’s own agency in any lasting change. So, for example, an approach to offender management founded on desistance theory requires the prisoner to define what a better life for them might look like, and to negotiate the steps towards it. It places trust in the development of a small number of key relationships rather than multiple interventions from dispassionate technicians, and devotes as much attention to the prisoner’s strengths as to their weaknesses. This may sound like pie in the sky for the committed terrorist, and dangerously laissez faire for the prisoner vulnerable to radicalisation. But we know that the alternatives – for example trying to isolate the ideologues completely – do not work. IRA hunger strikers in the 1970s proved that radicalisation does not depend on face to face contact, or personal access to the media. And the peace process ultimately rested on the promise of a life that was demonstrably better without terrorism than with it. THE TROUBLE WITH THE LONG GAME There are structural obstacles to the success of this ‘long game’ approach, however. It relies on the absolute legitimacy of the state’s authority and the manner in which it is exercised. The state must always occupy the moral heights. So the exceptionally long sentences which have become the norm in this country over the last 10 to 15 years require a re-think. This is certainly not just about sentencing for acts of terror. Young men routinely now receive life sentences with tariffs (the guaranteed period of imprisonment) that exceed the length of time they have been alive. In many cases, a conviction under ‘joint enterprise’ means that they find it hard to accept that they even committed the offence with which they were charged. That creates anger, followed by hopelessness, and fertile ground for recruitment to a cause that denies the legitimacy of the state that passed the sentence. Many of those vulnerable to radicalisation have also experienced a steady accumulation of institutional discrimination. The gross disproportionality in the representation of young black men in the prison population reflects a long series of discretionary decisions rather than a single unfair act, but can only generate expectations of further discrimination when they come to prison. GROUNDS FOR OPTIMISM Regimes in many prisons are impoverished. A miserable life inside, and few official incentives to use your time constructively, will increase the attractions of an alternative, informal hierarchy of respect and reward. There may be

no more difficult operational challenge for the prison service than containing and ultimately eliminating the threat of radicalisation, and it must find its way through in the glare of political and press attention. But a very recent inspection of HMP Full Sutton gives good ground to be optimistic that the skills exist for it to do so, and a successful national policy will ultimately be founded on some familiar tenets. Such a policy should ensure that the principles for a safe prison system hold good – making space for relationships and equipping staff of all disciplines to use that space underpins both resettlement and security success. The state must occupy the moral high ground, modelling just and compassionate ideals. In the long run, it must deliver on the promise of a better life. Institutional injustice, whether in the sentencing framework, entrenched discrimination or an impoverished regime within prison, makes that very much more difficult. It is important to remember that this is a long game. Consistency and determination are at a premium, and the tools that are needed – recruiting and retaining the best people, training and supporting them – need to be delivered throughout. If something appears to be a quick fix, it should be discounted on those grounds alone. !

Prisons

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

Relationships produce the intelligence that allows the prison to intervene to protect staff, other prisoners or the public, that points to corruption or to threats of disorder

FURTHER INFORMATION www.prisonreformtrust.org.uk

FIRST CHOICE FOR HOMELAND SECURITY SOLUTIONS

TRAINING

QUALIFICATIONS

DISPOSALS

CONSULTANCY

MENTORING

THE WORLD’S FIRST ACADEMICALLY-ACCREDITED ORGANISATION FOR COUNTER-TERRORISM, EXPLOSIVES & SECURITY TRAINING.

ARE YOUR SECURITY STAFF PREPARED FOR A _ MAJOR INCIDENT? FULLY IMMERSIVE COUNTER-TERRORISM TRAINING

ISSEE Limited, Centre for Homeland Security, Talbot Hall, Heythrop Park, Oxfordshire, OX7 5UE

WWW.ISSEE.CO.UK ADMIN@ISSEE.CO.UK

+44 (0) 1608 678382

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

Perimeter Security

RISK MANAGEMENT

Steve Munden and Steve Taylor, of the Perimeter Security Suppliers Association, argue for an holistic approach to organisational resilience at both strategic and operational levels

Risk does not only come in an external physical or cyber form. Risk vulnerabilities can be hidden, buried within the processes of the business itself posing a real threat to security as well as your profit line. Becoming more resilient enables an organisation to cope with the unexpected and adapt to change through the management of safety, security and sustainability, together with product and process innovation. This allows the business to manage risks and exploit opportunities, ensuring survival and growth. Terrorists and criminals look at the whole opportunity and then pick the weakest spot to exploit. Security systems are apt to be driven by compliance obligations, leaving some possibly more significant areas unattended, maybe because attention and budgets only stretch to a list of specific must-haves. Add to this, the supply chain is fragmented and works against a ‘whole solution’ approach.

But take away or weaken any one element and you weaken the whole business system. It is vital therefore, when considering security in particular to have clearly defined governance, risk, compliance and assurance structures. Every organisation (and its directors) has a moral and legal duty of care to protect itself, its staff and others from harm and loss. Businesses on all sides of the security industry are in danger of focussing too much on external threats from physical or cyber security that they overlook their internal organisational resilience. If the latter is vulnerable or inadequate, safeguards are weakened as the overall organisational system and overview is poor. Sadly, some rely on ISO 9001, thinking they are adequately covered, but there are many examples where ISO 9001 has not been helpful in ensuring robust product specification, testing and conformance to requirements. Unfortunately,

Busine are in d sses of focu anger much o ssing too threats n external fr or cybe om physical that the r security y ove interna rlook resilien l ce

Written by Steve Munden, Steve Taylor, the Perimeter Security Suppliers Association

Organisational resilience in practice

it is still not uncommon to find even large ISO 9001 certified companies whose ‘quality management system’ is not an active part of management of the business. However, with so many regulations, standards and advisory documents available, businesses often choose to ignore what could be the most economical way to protect their company. USE ONE OF THE SIMPLEST KEYS TO ADDRESSING TERRORIST THREATS Companies often do not realise that the strongest and simplest tools they have access to are Standards. Using Standards to achieve security objectives and business resilience makes the same good sense in addressing terrorist threats, as it does in mitigating health and safety hazards, environmental impacts or ensuring customer satisfaction through high quality products and services. !

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

Our watchful eye is your tower of strength

Security Management Technology Introduction What’s in it for you?

As a security guard supplier, Tower Eye recognizes that the ability to remotely manage and supervise our officers is important in providing our clients with high quality service. As a result, we have invested in real-time security management technology to help ensure that our officers are performing to the standards that our clients deserve. Daily Activity Report – centralized access to detailed

Accountability

reports of officer’s activities.

Efficiency

Guard Tour & Patrol – ensures officers conduct comprehensive patrols of our clients’ properties.

Reliability

Incident Reporting – available to view via email, PDF or Excel spreadsheets and can include videos and/or photos.

Data Analysis

Visitors Registration – no more paper visitor logs, allowing you to capture visitors’ information quickly;

Assurance

accurately identify, track and manage all visitors in your property

Simplicity

Geolocation – view list of locations an officer patrolled and checked and visually verify their location in real-

Transparency

time. Also provides Lone Worker Protection. All the above is accessible in REAL-TIME by client. Please feel free to enquire and inform us if you would like this feature added to your service.

K e e pi ng y o ur b us i ne s s i n s a f e ha n ds

138 Challenge House, 616 Mitcham Rd, Croydon, Surrey CR0 3AA www.towereyeservices.co.uk enquiries@towereyeservices.co.uk

Tel: 0208 684 8655

RISK MANAGEMENT

Becoming more resilient enables an organisation to cope with the unexpected and adapt to change through the management of safety, security and sustainability, together with product and process innovation ! Sometimes it takes a little insight and patience to drill down into the Standards to understand how to achieve their requirements. By doing so, however, businesses of all sizes can meet the expectations of clients and have an edge on competitors. This is an important consideration for anyone working in security. The effort is worth it though, since the management framework and foundations of the business are strengthened and capabilities increased. NO NEED TO OVERDO IT Clearly, selection of the right standards, using a ‘no more than necessary’ approach, allows companies to evaluate what is best for them and saves money through a structured methodology and efficient use of resources. This can be a difficult job for those with limited resources and capabilities, such as SME’s, although it is also fair to say that even larger organisations structured by functions, product groups or market sectors are also unable to piece together an holistic solution. Add to this a general lack of knowledge and understanding across the industry, or at best it is confined to a specific (point solution) area, plus the multiplicity of ICT systems and the constant need to keep abreast of updates, it is no wonder many companies shy away from what actually could be their company’s strongest and most straightforward asset in underpinning their organisational resilience. That is why a lot of businesses chose to use temporary contracted help or outsourced services on the basis that it’s more cost-effective than wasting time in-house as they are without the expertise and it can be a minefield. Simple models, like the one here, can help to understand complex environments – but they cannot be taken to be accurate representations of reality. Some key steps in moving from risk to resilience: context – understanding your surroundings, be they a hostile complex overseas environment or the business environment in which your business trades, it is essential to avoid costly and preventable incidents occurring or failing to spot new risks or opportunities; governance – establishing clear policies, processes and procedures to ensure that appropriate controls are in place, risks are managed and people know exactly what to do if an incident does occur; compliance – being alert to new or changing legal requirements to ensure that the business is not exposed to non-compliance. Ensuring

that changes are made to the business’s policies, processes and procedures to prevent exposure to legal non-compliance. Keeping up to date with changing market and industry standards, sometimes used for the practical implementation of legal requirements by governments, and implementing their provisions, which can be used as a defence in law if a case is brought; assurance – at the business level, ensuring that controls for safety, security, sustainability, etc. have been adequately applied at operational level and that strategic risks have been adequately managed; and operational deployment – ensuring that operations are adequately prepared, resourced and have the capabilities, capacity and competences needed to ensure safety of staff ‘on the ground’ and adequate protection of property, both physical and virtual. PRACTICAL FOR YOUR PEOPLE What is also important to recognise is accountability. Is the strategic direction of management being clearly understood at an operational level and reciprocally are actions taken ‘on the ground’ reflecting the company’s objectives and ensuring appropriate representation thereby protecting reputation and profits? Take an example where an employee is deployed abroad and may enter a country without having conducted a travel risk assessment. Whether it be the inconvenience of theft, a lost passport, or worse still being caught up in a terrorist incident, the ramifications for the management team and the mayhem of trying to manage the situation remotely could be easily mitigated through a set of pre deployment considerations documented through policy, procedure and

enforced by management, taking into account the ‘what ifs’ and ‘actions on’, perhaps some pre deployment security awareness training and maybe the consideration of a tracking app, for example. All of which would cover compliance and legal responsibilities, build confidence within the organisation in having a robust structure to support overseas workers and foster a culture of ‘security risk awareness’, thus creating all round better organisational resilience. Nowadays the terrorist threat isn’t just confined to the complex environments where the rule of law may have broken down, it is on our doorstep and imminent! The responsibility of business owners means taking their heads out of the sand and away from the ‘it won’t happen to us’ mantra to being accountable and committed to creating a safe working environment and an organised resilient structure. The culpability can be alleviated through a management framework that is actionable and utilised. It’s great having the certificate on the wall and ticking the box but when disaster strikes can you answer the question when asked “Were your policies and procedures followed and enforced?” WHAT THE FUTURE HOLDS In the UK and Europe governments are looking at what regulations, standards and compliance structures are needed for security, but will they be timely and robust enough to stop the evolving terrorist attacks? Standards still do not exist for many products, leaving buyers vulnerable. Also few test criteria are recognised and conformity assessment is patchy. But whatever is decided at governmental level, businesses should make sure they protect themselves and their enterprise by keeping up to date with developments. Standards can play a vital part but robust security management and operational deployment, backed up by intelligent use of specialist assurance, both internal and independent, can provide a roadmap from risk to resilience. " FURTHER INFORMATION www.pssasecurity.org

Perimeter Security

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

www.marshalls.co.uk/pas68

BAM Construction Case Study

Problem For the completion of a modern glass fronted shopping, retail and leisure park, Marshalls were approached by the client to supply physical perimeter protection in fitting with the aesthetics of the project. A key consideration for the product specification was a 200mm depth restriction in the landscape due to underground services. What’s more, the client also required a range of other street furniture products such as cycle stands and motorcycle stands. Solution By working closely with the client, Marshalls were able to find a solution to satisfy a number of issues outlaid in the initial brief. The depth restriction was overcome with the recommendation of the RhinoGuard 25/40 Shallow Mount bollards which require a foundation depth of only 152mm. To avoid delays, Marshalls worked closely with BAM to ensure that they could excavate foundations prior to the products being delivered to site to enable them to move on to other areas of the project. The client opted for Stainless Steel Sleeves, which oﬀer a sleek and modern aesthetic to the products. All of the chosen products are PAS68 rated, reassuring clients and space users of the safeguarding of the space, people and infrastructure. Benefit Marshalls worked closely with the client to overcome a number of restrictions throughout the project to ensure a high quality result. The chosen bollards oﬀer the required level of protection whilst also allowing for shallow installation and enhancing the aesthetics of the project.

genetec.com

Subscribe to innovation

The world is changing in diverse and divergent ways. At Genetec™, we understand that, which is why our software is designed to evolve with you. It transforms from a single product to a comprehensive, unified platform, seamlessly. It adapts to how you want to build your security infrastructure, be it on-premises or in the cloud, by perpetual license, and now also by subscription. Whether you’re a compact café or an expansive enterprise, a successful security platform is one that is ready for change – just like you.

To learn more, visit genetec.com/subscribe

Some crime may simply be displaced from the physical to the virtual world.

Maintaining control in an age of cyber crime IFSEC International returns to London’s ExCeL Centre on 21-23 June for Europe’s largest security exhibition. Here, a month before the show opens its doors, IFSEC Global explore how criminal gangs are abandoning traditional crimes in favour of cyber crime The expression ‘crime doesn’t pay’ isn’t exactly entirely true. It needs a caveat: ‘unless you get away with it’. And let’s face it, lots of people get away with it. But not as often as they used to, perhaps, when you consider the dramatic advancements in crime-fighting methods and technologies over recent years and decades. Take CCTV, for instance, with more than 1.85 million surveillance cameras now watching over UK streets and businesses (and we published a debate on the influence of CCTV in falling crime last year). For a long time, of course, criminals could be confident that any grainy footage captured would likely be inadmissible in court. Not anymore. Not only can the latest surveillance cameras match high-end 4K televisions for image quality and latency, but video analytics platforms have given control-room operators an unprecedented ability to identify, track and zoom in on suspicious persons. Meanwhile, developments in forensic science mean that even the most careful of criminals have been convicted based on a single hair or skin cell. And it’s easier than ever before for security services to track suspects’ activities through their digital footprint, whether via social media, Google maps or – as was the case with one suspect in the Hatton Garden Raid – use of an Oyster card. Such factors, along with many others like improvements in home security, go a long way to explain the 60 per cent drop in recorded UK crime since a 1995 post-war peak and similar trends across the Western

world for the past 30 years (although the causes are hotly disputed, with changes in crime reporting, changes in demographics and – most bizarrely – the legalisation of abortion in the 1970s also being blamed). Certain crimes have all but disappeared. The bank heist, a staple of movie scripts, is almost a thing of the past. The Hatton Garden raid attracted so many headlines in part because it was such a novelty. And who now hears of ‘joy riders’? But if advances in automotive security have seen car thefts fall from 400,000 a year in 1997 to 86,000 in 2012 then criminals could soon harness technology themselves to wrest control of modern cars – while their owners are driving. Cyber crimes like these were added to the official crime statistics for the first time this year, triggering a doubling of the annual crime rate to more than 11.6 million offences. Did crime, taken as a whole, ever really fall as much as it seemed? It’s perhaps a bit of a stretch to suggest the rise of cyber crime can solely account for the entire decline post-1995, when the internet was in its infancy. But it doesn’t seem unreasonable to surmise that many criminals will consider cyber crime both more lucrative and less risky than traditional, physical crimes.

A VIEW ON CRIME CHANGE We asked a number of experts whether advances in physical security and the huge widespread vulnerabilities in IT networks were persuading criminals to migrate, at least partially, from armed robbery, drug smuggling and the like to data hacking and other forms of cyber crime. Paul Stokes, chief operating officer at Wynyard Group, said: “Recent research from Cambridge University shows a large number of convicted cyber criminals have records for traditional offences such as theft and burglary. This strongly suggests that traditional criminals are changing their behaviour and moving to the internet for their next targets. “From grooming children to financial fraud, cyber crime is increasingly perceived by criminal gangs as a lower risk and higher reward type of offending. Financial gains from cyber crime could be immense. And gangs can commit this type of crime to any organisation or individual, all from the comfort of their own homes. “Take criminal attacks on banks as an example: armed robbers breaking into a branch to raid for cash have become very rare. The reality now is that theft is largely undertaken by sophisticated hackers breaking into banks’ digital channels to siphon off huge amounts of money and steal valuable customer data. “As criminals move online businesses need to shift their approach to focus more on protecting their digital assets. Understanding changing criminal behaviours and having the capability to detect anomalies within your network are going to be key.”

IFSEC International

EVENT PREVIEW

UNDERSTANDING THE SMART CRIMINAL Phil Wood, security and resilience at Buckinghamshire New University, said: “The technology that we rely on also offers gaps that can be exploited and gives organised criminals real opportunities. Felson and Cohen’s Routine Activity Theory in criminology says there are three components that can conjoin in time and space to allow a crime to take place: a suitable target, a likely offender and the absence of a capable guardian. “IT systems offer all of these components while technological advances in security access control, detection and alarm systems make the act of entering a building and stealing assets much more challenging. The smart criminal (and they are) will expend their efforts on softer targets that cyber gaps offer. And as we continue to use IT and mobile systems, they will increasingly target us for identities and money. It is the easy route to riches and there is no softer target.” !

You can mo the atta unt your ar ck from virtuall mchair, in the w y anywhere or than hald – rather v physica ing to lly b there e

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

Get the best products in the industry at the leading security exhibition and be secure The global stage for security innovation and expertise

3 Pre-book 1-2-1 meetings with the suppliers you really want to do business with the “Meetings Service” 3 Learn from experienced security professionals and develop your knowledge by attending free seminars 3 Grow your network through connecting with over 27,000 of other leading security professionals 3 See the evolution of security systems in the Smart Zone, looking at Home Automation & Smart Buildings 3 Addressing the demand in physical and perimeter security, visit the dedicated zone to ﬁnd the right product for your business

Supported by

Organised by

Part of

EVENT PREVIEW ! Julia McCarron, operations director, Advent IM, shared her views, commenting that: “It would be difficult to state that there is a definite correlation between any perceived fall in ‘traditional’ or physical crime in favour of cyber crime. However, there are some valuable points to be made. “The Europol IOCTA findings (Organised Crime study) pointed to the rise of CaaS or Crime as a Service and the high levels of organised crime gangs using cyber crime such as phishing to fund other illegal activities. The Deepnet has been abused into service for this purpose too, along with crypto-currencies like Bitcoin. In practical terms, the prison sentence for walking into a bank with a weapon and marching off with the contents of the vault is significantly higher than for defrauding a bank or it’s customers via the internet, so this will naturally have a greater criminal appeal. More Geeky Blinder than Peaky Blinders?” NEWER FORMS, NEWER SKILLS Guy Bunker, senior vice president of Clearswift, stated: “The skills required for cyber crime activity are very different to the more usual criminal activity. However, there are now multiple cyber-crime ‘kits’ available which means that almost anyone can mount a cyber attack. And what’s more, you can mount the attack from your armchair,

virtually anywhere in the world – rather than having to physically be there. “Of course, mounting the attack and then ‘fencing’ the goods are two different things. Understanding the value of the information and who to sell it to, or where to go to sell it, is not easy – which is why we are seeing more ransoms being requested. If you don’t know who to sell it to, then sell it back to the organisation with the demand that if they don’t, it will be posted online. “Furthermore cyber attacks are not just about money, there are now attacks aimed at damaging a business’s reputation as well. In this case, there isn’t anything to sell per se. Organisations need to be aware if this, even if they don’t think they have anything worth stealing. They also need to be aware of the fairly low level of entry into the cyber attack world, given the ‘commercially’ available packages enabling anyone to mount an attack. Protecting critical information needs to be their top priority.” This opinion was echoed by John Flatley, head of crime for the Office of National Statistics. He said: “It has been argued that crime has not actually fallen but changed, moving to newer forms of crime not captured by the survey. Clearly some crime has moved online but this should be seen in the context of the long-term fall in traditional crime. It can be difficult for organisations

and individuals to understand what a cyber threat may look like. The reality is that ‘cyber’ is just another opportunity route for plain old criminal activity.” Finally, Paul Rogers, president and CEO of Wurldtech Security Technologies Inc., and general manager of Industrial Cyber Security for General Electric Company (GE), remarked that: “As production systems become more interconnected, the exposure to network-based cyber incidents increases, putting production, reputation and, ultimately, profits at risk. In particular, attacks on critical infrastructure such as in oil and gas, utilities, smart grid, transportation, medical facilities and others can lead to serious consequences in the economic, political, personal, public safety and privacy arenas. “Furthermore, as operational technology (OT) leverages the benefits of the network, the threat of a successful cyber attack greatly increases with the expanded attack surface. System operators and security directors face challenges in responding to the growing number of security threats they face in today’s environment.” "

IFSEC International

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

IFSEC will be taking place on 21-23 June 2016 at London ExCeL, UK. FURTHER INFORMATION www.ifsec.co.uk

Recognize AND Analyze Premier face recognition technology for real-time video screening and anonymous people analytics Is she a known suspect? How often was she here this month? When, where did she enter? Is she authorized to enter this zone? How old is she? Has she been here before with another suspect?

See it in action at IFSEC, stand B600! Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

UK Security Expo

STADIUM SECURITY SHAKE-UP

Taking a closer look at stadium crowd management After what happened at the Stade de France in Paris, UK Security Expo takes a closer look at stadium crowd management and security From the various reports that have come out since that fateful November evening it would appear that the fans at the Stade de France, who were happily watching a friendly football game between France and Germany, had an extremely lucky escape in the way that events unfolded, especially in light of the 130 individuals who sadly perished at the Bataclan theatre and elsewhere. Crucially, at the Stade de France none of the terrorists were able to get beyond security at the ground. Looking back, the first sign of trouble came just 15 minutes into the match when one of the terrorists was prevented from entering the stadium during a routine security check when his suicide belt aroused suspicion. This, it is suggested, caused him to blow himself up outside the stadium, followed by a second individual detonating a suicide vest close to another entrance, and then – just over 20 minutes later – the final bomber setting-off the explosives he was concealing outside a nearby food outlet. Although someone was killed walking past, things could have been much worse if the bombers had been able to reach the thousands of fans inside. The fact that nuts and bolts were said to have been packed into their suicide vests shows that they were going out with the intention of maiming and killing as many as possible.

COUNTER TERROR BUSINESS MAGAZINE | Issue 26

Managi security ng at footbal l g a m no eas es is best of y task at the t you sta imes before rt terroris to throw mi the mixnto

REVIEWING SECURITY Not surprisingly, in the days that followed the authorities across Europe were on high alert, with the potential for follow-on attacks uppermost in their minds. This resulted in the cancellation of a number of football matches including Belgium v Spain in Brussels – with some of those involved in the multiple Paris attacks having travelled from France’s near neighbour. In the case of Hannover, an evacuation was instituted less than two hours before the Germany v Netherlands kick-off. According to Germany’s minister of the interior, Thomas de Maiziere, this was based on a credible threat about plans to ‘detonate explosives’. So what are the ramifications of the Stade de France situation for security providers and venues on the frontline? In a statement, Karen Eyre-White, chief executive of the UK’s Sports Grounds Safety Authority (SGSA) reiterated that the SGSA is committed to ensuring the safety and comfort of spectators at sports grounds. She went on to urge sports grounds, and those involved in spectator safety to ‘remain vigilant’ and ‘review relevant contingency plans’: “The UK government has issued a statement reminding that the threat from terrorism remains ‘Severe’.” Eyre-White added that the National Counter Terrorism Security Office (NaCTSCO) had

re-issued its advice on protecting crowded spaces and said that the SGSA was liaising with the government, NaCTSCO, the UK Police Football Unit, the football authorities and other parties. Eric Alexander, managing director of events at G4S was also willing to offer some initial feedback. Alexander confirmed that, not surprisingly, there have been ‘numerous conversions in the security industry and with various stadia’ around the topic. He said: “It is precautionary and wise to review all procedures. We are still very much guided by the police, Home Office and other government agencies who are basically saying that the threat level is as it was.” Discussing the practicalities, Alexander says that managing security at football games is no easy task at the best of times before you start to throw terrorism into the mix. He added: “Trying to get tens of thousands of people into a football ground is tricky enough, bearing in mind most arrive at the ground maybe 12-15 minutes before kick-off so there is a surge of people in those last minutes. If you create a queuing situation at security that is going to have operational effects as well.” Ultimately, Alexander says that there is much

thinking to be done in the weeks and months ahead regarding how the logistics of all of this might play out for the authorities, emergency services, stadiums and security providers. RUGBY SUCCESS Turning attention away from terrorist violence to a much more positive sporting experience, stadium-wise, the 2015 Rugby World Cup, Alexander reveals that G4S was involved in some of the security elements for a number of the venues, especially those where it already had a sporting connection. Asked how the security procedures for an international rugby game compare to those of football, for example, Alexander replies that the most noticeable distinction – especially in the case of the Rugby World Cup – is that the event organisers were stipulating a ‘security overlay’ from the start. He said: “Our people were doing bag searches and random searches before spectators got to the turnstiles, which is very different to match-day football.” Having said this, Alexander reveals that bag searches were also instituted at a recent Scotland-Poland football game: “That was derived from the fact that they wanted to make sure there wasn’t anything going into the stadium that shouldn’t have been brought through. For that match we were basically looking for glass bottles and flares. Obviously that sort of focus might change in light of what happened last November [the Paris attack].” INVESTMENT AT TWICKENHAM Back on the rugby field, a number of other security providers and manufacturers secured business in the run-up to, and during, the Rugby World Cup. For its part, Traka – the key and asset management specialist – reveals that its key management system was installed by the Rugby Football Union (RFU) at Twickenham Stadium prior to hosting the tournament. The programme included investment in the latest access control technology to unlock the ability to automatically track who has taken a specific key and, crucially, when it is returned. According to Traka the associated software even enables the on-site security team to grant access rights to users or individual key sets, as required. Continuing on with the Twickenham theme, last summer, Vindex Systems announced that it had been awarded the CCTV and access control upgrade for the venue. Interestingly, as part of this, Vindex Systems said that the contract involved upgrading CCTV and access control systems to a unified Genetec platform (Security Center) plus full system and match-day maintenance support. Talking about why Genetec’s Security Center solution made sense for Twickenham, Phil Parker, head of security at the RFU, says he was looking for a security platform that would be feature-rich yet operator-friendly.

He said: “We wanted to make the lives of my operators easier by having all of our systems using one platform.” TOUCHDOWN AT METLIFE Out of the other venues where Genetec’s Security Center solution has scored highly, perhaps the most notable is the 82,500 seat MetLife Stadium, home to New York Giants and New York Jets NFL teams. A pivotal factor in sealing the deal was the requirement for undisrupted video coverage throughout the venue. Chris Ritter, director of sales for Northeast United States for Genetec, who was involved in the MetLife project takes-up the story: “The first priority was the safety of the fans. What have put a lot of features in our product [Security Center] to take care of them when they are coming in or out.” He adds that what is referred to as a ‘Federation’ functionality within Security Center means local law enforcement can ‘work that system’ for instant viewing and access: “If something happens immediately they can be involved and you can escalate that to other emergency assistance.” In addition, Ritter explains that Genetec has built-in the functionality to deal with different threat levels: “I like to refer to it more as situational levels so there is the ability to change the status of the system ‘on the fly’, firstly from a regular day to a game-day. This might be for an active shooter situation where by the touch of a button, or mobile app, your operators can have the system go into a lockdown on your door access control, change the status of your cameras, and then create a workflow for your operators.” BUILDING BOLLARDS Of course with the heightened threat of terrorist attack, high security solutions like

bollards are becoming a vital ingredient to mitigate the risks posed by hostile vehicles targeted at major stadiums. One provider, Safetyflex Barriers, which was involved in protecting multiple venues at the London Olympics recently reported its first order in Brazil on the back of its successful deployment during 2012. Marcus Gerrard, director, said: “We’re delighted to have been chosen to secure key sites ahead of the Rio 2016 Olympics and Paralympics.”

UK Security Expo

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

THE RIGHT GAME PLAN At this stage the full ramifications of what happened at the Stade de France are still to emerge. Certainly in future more attention is likely to be given and whether aspects like searches, evacuation plans, and ways of picking up suspicious activity need re-working, alongside the more usual crowd safety concerns. UK SECURITY EXPO 2016 Major events will continue to be a target for terrorists and it is essential stadiums and other large venues continually review what technologies and training are available to help keep operations safe and secure. The ‘Major Events Conference’ taking place at UK Security Expo in London this December will focus on protective strategies aimed at sporting events, major games, stadia, concerts and festivals and political summits. Topics will include: Lessons learned from Paris, Immigration issues for temporary workers, Incident response and interagency collaboration, The insider threat and Olympics and Commonwealth Games Case Studies. ! FURTHER INFORMATION www.uksecurityexpo.com

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

connecting the world of travel

Critical decision making relies on trusted air travel intelligence

global airline schedules

passenger traffic and origin

real-time flight status information

Use air travel data with confidence from the most trusted provider in the world

www.oag.com/government

Transport Security

RAILWAYS

Identifying and preventing criminal activity on British railway lines relies on more than just vigilance. The British Transport Police discusses Project Servator, a new approach to deploying officers to detect crime and deter terrorism ‘We love rush hour – it gives us 300,000 extra pairs of eyes’. That is the message from British Transport Police (BTP), which is using innovative tactics, labelled Project Servator, to deter, detect and disrupt crime on the rail network. Project Servator deployments are highly visible police patrols designed to identify and prevent a range of criminal activity, from pickpocketing and theft to more serious crimes, including terrorism. They involve both uniformed and plain-clothed officers trained to detect suspicious activity, supported by other resources, such as armed officers, police dogs, a network of CCTV cameras, and the thousands of rail staff and the community that BTP works alongside. Officers work with rail staff and retailers based at railway stations to develop a network of vigilance. The aim is to empower them to support the police in keeping the railway safe and secure. Alun Thomas, temporary assistant chief constable, said: “Working together to create a network of vigilance is the key to making Project Servator a success. Rail staff and people who work at stations are so crucial in the fight against crime because they are our eyes and ears on the network. They know their environment better than anybody, so they will know if something is out of place or doesn’t feel right.” Lord Tariq Ahmad, Transport Minister, agrees. He said: “Our foremost priority is the safety of the British public. British Transport Police and railway staff play a vital role in preventing criminal activity on the network and it is important we work together to ensure security measures across the network are up to date.” REASSURING THE PUBLIC Rail staff and retailers also play an important role in helping to let the public know what is being done to make sure they get home safe, secure and on time every day. BTP officers

carrying out Project Servator deployments also spend time talking to the travelling public. These officers inform and reassure the public about their activities and explain how they can help the police and become part of the network of vigilance, by reporting unattended items or suspicious behaviour. Alongside this face to face engagement, BTP displays posters and leaflets in train stations and coffee bars and retailers at the stations, and audio announcements are made to help explain what they are doing. Using the tagline ‘Together we’ve got it covered’, the posters feature BTP personnel, including Malinois and Spaniels from the dog unit, and members of the public. One of the adverts plays on the partnership between the public and the police, with its headline “We love rush hour, it gives us 300,000 extra pairs of eyes.” The patrols were met with a positive response from members of the public who were surveyed during test deployments at Waterloo, Euston and Paddington stations in London in September 2015. The research showed that the majority were reassured by Project Servator deployments and that they also appeared to be prepared to be part of a network of vigilance, with 64 per cent and 66 per cent saying they would be more likely to report unattended items and suspicious behaviour respectively.

Written by The British Transport Police

Detecting and deterring crime on the rail network Games’ safety and security plans. BTP has worked with both forces to carry out joint deployments covering railway stations and city centres and continues to do so. All three forces’ approaches have been evaluated, with 2,600 interviews conducted with members of the public to gauge their reaction to the deployments. This broader body of research has found that the public find the communications used as part of Project Servator to be reassuring, particularly when they experience increasing numbers and forms of communications, for example being spoken to by a police officer and seeing a poster. Professor Paul Baines, professor of Political Marketing at Cranfield University, who has researched the impact of Project Servator and similar approaches, explains: “The public should not fear for their safety because security measures are in place to protect them. They should in fact feel reassured. But criminals should be fearful as they are the target of Project Servator. The message for this group is received differently, namely to be fearful that they could be detected and arrested because of the security arrangements in place. This is compounded by the public’s response to the deployments and messaging, which is to be more likely to report suspicious activity.” Alun Thomas explains what people can expect to see at stations: “This could mean you see a highly visible presence of officers at your station more often. We will turn up unannounced to carry out patrols. They !

Rail staff an people d who work at s t a tions ar so cruci a l i n the fighe against t cr they ar ime because e and ear our eyes so networ n the k

A COMMUNICATIONS SUCCESS Project Servator was first introduced by City of London Police, which adopted the collaborative community approach in early 2014, aimed at further protecting the City and reinforcing the existing ‘ring of steel’. It was also used during the XX Commonwealth Games in Glasgow by Police Scotland and partners in the summer of 2014, to build on and complement the

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

SOLUTIONS TO SECURE YOUR ASSETS An acknowledged leader in counter-terrorism design, testing and explosive safety ● Hostile Vehicle Mitigation Design and Specification ● Architectural Solutions to Ballistic Threats ● Physical & Electronic Security Design ● Blast Resistant Design of Structures ● In-house Blast and Ballistic Testing ● Explosive Storage and Handling ● Firing Range Design Successful Public & Private Sector Counter Terrorism Solutions: ● Oil, Gas and Petrochemical Industries ● Critical National Infrastructure ● Energy & Water Industry ● Transport Hubs ● Sports Venues ● Retail Centres ● Data Centres

D.J. Goode and Associates Ltd, The Old Control Tower, Lavenham Airfield UK CO10 9BT www.djgoode.com | p1@djgoode.co.uk | +44 (0) 1284 827 472

Bringing the Emergency Services together to improve public safety A unique event for everyone who works in the emergency services • Network with like-minded emergency staff • Source new kit and save money • Meet the market leaders in emergency services products • Get updated on collaboration and multi-agency plans • See the newest products on the market • Gain CPD points from our free College of Paramedics workshops • Learn from past emergency situations at the free seminars • Get up to speed on UAV technology in the Drone Zone • Watch live water rescue demo's For more information visit www.emergencyuk.com.

ESS - the only show for the entire spectrum of the Emergency Services www.emergencyuk.com Show supporters and sponsors include COLLEGE OF

paramedics leading the development of the paramedic profession

COUNTER TERROR BUSINESS MAGAZINE | Issue 26

RAILWAYS ! could happen at any time, last for different amounts of time and involve varying numbers of officers and resources. The key to deterring, detecting and disrupting crime on the network is making our deployments unpredictable. “Don’t be surprised or alarmed if you see a Project Servator deployment being carried out at your station. Our officers are there to keep you safe. You can play a vital role by being vigilant when you are travelling and reporting anything that doesn’t feel right, for example an unattended item or someone acting suspiciously. Don’t leave it to someone else to report it.” HAS THE USE OF SERVATOR CHANGED? The use of Project Servator has not changed by any significance in the six months since BTP introduced the project. We are very conscious that every time the teams deploy they deliver the maximum impact. There have been some minor changes around the look and feel of the deployments. The use of other assets from Specialist Operations such as firearms, dogs and the specialist response unit enables us to provide a layered approach to the policing activity. Since December a concerted effort has been made to promote Servator within the policing hubs at the main stations and to the station staff and retailers. Servator presentations have been and will continue to be delivered to partners and key stakeholders. The ultimate objective is to promote Servator and its objectives throughout the communities we police. Initially BTP employed Servator tactics in

London and Birmingham. There have been a number of Servator deployments at other stations in England, Scotland and Wales. The Servator team sits centrally within the Specialist Operations department and has a national remit. By geography alone, the London locations will get a larger proportion of Servator activity because of where the teams are based but the expansion of the Servator capability across the Force is ongoing in terms of awareness and ability. HAVE RECENT ATTACKS HAD AN IMPACT ON HOW SERVATOR IS BEING USED? Before Brussels we focused on reassurance and increased vigilance. And it remains that way. The key messages the teams deliver daily during any Servator deployment are reassurance, encouraging the reporting of anything an individual considers unusual or suspicious and deterring those intent on planning or carrying out criminality on the rail and underground network, essentially making it a hostile environment for the criminal to comfortably operate in. What is important to note is the positive feedback the teams received back from passengers, public and staff immediately following the horrific events in Brussels. In the main, these individuals felt reassured by the increased presence of uniformed officers rather than anxious. The proactive engagement the officers have with people during a Servator deployment reduces that concern and anxiousness which, in turn, allows daily routines to continue uninterrupted. The tactics used by the team are always being

Officers work with rail staff and retailers based at railway stations to develop a network of vigilance. The aim is to empower them to support the police in keeping the railway safe and secure

reviewed. The foundations and key messages that are expected to be delivered during a Servator deployment remain. We are always looking for opportunities to deliver the best product for the organisation, partners and customers. So the tactics will evolve. It is important to remember what worked well today may not work as well tomorrow.

Transport Security

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

ARE OTHER FORCES ADOPTING IT? There are a number of other police forces currently considering adopting Project Servator in crowded places and at public events. Essex Police is considering using Servator at crowded sites, such as shopping centres and airports. Project Servator is also being adapted from open sites to closed ones, with the aim of enhancing and augmenting the effectiveness of existing protective security measures such as CCTV and security officers. Servator is currently being trialled by the Civil Nuclear Constabulary and by the Military Defence Police. " FURTHER INFORMATION www.btp.police.uk

Help keep the rail network safe and secure by reporting anything that doesn’t feel right: Tell a police officer or member of rail staff. Call BTP on 0800 40 50 40 or the Anti-Terrorist Hotline on 0800 789 321. Text BTP on 61016. Call 999 in an emergency.

Advertisement Feature Written by Mike McCabe, Intelligence Fusion

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

SECURITY TRENDS

EUROPE’S DESCENT INTO CHAOS As a dedicated security professional I spend much of my time studying social, political and economic developments in our landscape and how these changes may impact the current, and more importantly, future security trends Three articles have caught my eye in recent months. The first article was regarding the Swedish Police struggling with 52 blacklist no-go zones, where parallel societies exist outside of police control. The second article talked about the French Army’s contingency plans for ‘re-appropriating national territory’, meaning to win back neighbourhoods where the population has become hostile to security forces and has easy access to weapons. The third article concerned Sweden’s Army chief warning men under his command in an internal document, that they could expect to be fighting a war in Europe against skilled opponents ‘within a few years’. These articles would be unheard of and seen as alarmist or even absurd only a few years ago. So what is the current situation in Europe that has led to parallel societies, the need for military plans to be drawn up to regain national territory and a senior military commander warning of a possible third world war?

TERRORISM The terrorist attacks against Charlie Hebdo, Stade de France, Bataclan Theatre and Brussel’s Airport have shown how significant the threat is that Europe currently faces from Islamic terrorism. These attacks have made apparent to the general public, how overstretched the European security services are and impacting their confidence on the state’s ability to protect them. The Brussels attacks in particular shone a spotlight on Molenbeek, Europe’s so-called ‘jihadi central’. This no go zone of Brussels has become a breeding ground for extremism because of ineffectual state policing, leading to limited oversight, allowing criminality to prevail and radical Islamists to obtain a foothold. The key point though is that Molenbeek is not a one off in Europe. In Sweden, the National Criminal Investigation Service highlighted 52 areas which have been put on a ‘blacklist’ which are then divided into three categories from

The terrorist attacks against Charlie Hebdo, Stade de France, Bataclan Theatre and Brussel’s Airport have shown how significant the threat is that Europe currently faces from Islamic terrorism

‘risk areas’ to ‘seriously vulnerable’. An example of one of these areas is Rinkeby in Stockholm, which the report describes as an area where police are attacked, there is open support for religious extremists and people of Jewish faith should avoid the area. In Ronna, Geneta and Lina, areas of southwest Stockholm, criminals eat at restaurants without paying, drive their cars at high speeds and park wherever they like without legal retribution. They also sell guns and drugs and intimidate locals and police. In Norsbord, criminals have been reported to let children as young as 12 carry weapons and they have an undue influence on local politics. These are just a few examples of no go zones in Europe at present, prior to the current wave of mass migration. MIGRATION WITHOUT INTEGRATION Conflict, poverty and population pressures in Africa and the Middle East are causing mass migration to Europe, at such a rate that the host nations are finding it impossible to effectively police, never mind assimilate the new arrivals. These migrants often lack the skills and abilities for the high tech job market of Europe, leading to unemployment, social deprivation and in many cases criminality. Another barrier to employment is the lack of language skills, with the welfare state enabling the formation of ghettos because migrants can live on state handouts with integrating. Without effective integration, the problems which I have highlighted in Molenbeek and Stockholm will become commonplace across Europe. OLD GRUDGES NEW CONTINENT Migrants to Europe are also bringing with them their grudges and many of these issues are playing out in tit for tat attacks. In mid-February, a Kurdish man was shot while attending a pro-Kurdish rally in Stockholm. A couple of days later a Turkish cultural centre in Stockholm was bombed. Many migrants that have come to Europe from Syria have fought for different factions and it seems likely that we will witness violence among these communities. An interesting Twitter profile to look at is @EU_Interpol. They are not actually associated officially with Interpol, however, they use open source

COUNTER TERROR BUSINESS MAGAZINE | Issue 26

intelligence methods to highlight Syrian militants now living in Europe, which brings me onto the topic of training and experience.

Advertisement Feature

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

SKILLED MILITANTS Europol warned in January that Islamic State has set up training camps across Europe to prepare fighters to carry out ‘special forces style’ attacks in EU countries. The key point regarding this topic is that with the Iraq, Syrian and Libyan conflicts particularly, there are significant quantities of military aged males who have battle experience, training in weaponry, tactics and explosives, who are now living in Europe. CRIMINALITY Although the majority of our reporting focuses on emerging markets and supporting client’s operations in these areas, Europe’s deteriorating security situation is taking up more of our time. A large proportion of that reporting involves crimes committed by migrants, either against Europeans or other migrants. Some examples of the types of criminality we are monitoring include, rape and sexual violence, murder, smuggling, weapons sales, terrorism, rioting, fraud, arson, drug dealing and paedophilia. RELIGIOUS AND ETHNIC POLITICS Another destabilising factor that is currently playing out in Europe are the reports of undue influence on the political system. The Mayor of Tower Hamlets, a district in London, was removed in 2015 for vote rigging and voter intimidation. Lutfur Rahman was Britain’s first Muslim executive mayor and was accused of spiritual intimidation of voters, urging them ‘to retain truth, righteousness and practise religious belief’ by voting for him. In Norsborg, Stockholm, police report that criminal gangs in the area have an undue influence on local politics. A group of criminals from Södertälje and Norsborg have formed a movement called the Assyrian National Party. Police currently have very limited oversight of the group and are unware if they are a political party or a tool for recruitment for the conflicts in Iraq and Syria. The key issue here is that as Europe becomes more socially diverse, fragmented and polarised, so will its politics, making the continent difficult to govern due to a disparate set of parties, with differing ideological beliefs and objectives for society. THE CEMENTING OF THE RIGHT Terrorist attacks and migrant criminality is polarising European opinion on mass migration. On 27th March 2016, at a memorial for those who were killed in the Brussels terror attacks, a group of 500 people, some of which were reportedly from the right wing group ‘The Nation’ protested against terrorism and immigration. From Corsica in the south to Sweden in the north we are seeing attacks on migrant centres and mosques and the rise of nationalist ‘self-defence’

and protest groups, such as PEGIDA and the Soldiers of Odin. In eastern Europe, The People’s Party – Our Slovakia, a far-right group who wear uniforms modelled on a second world war Nazi puppet state, won seats in parliament for the first time and right wing parties are on the rise across the continent. THE DESTRUCTION OF COMMUNITY COHESION, A TACTIC OF ISLAMIC STATE Islamic State are using a tactic in Europe that they have used in Iraq for years. By attacking one community they erode cohesion with the intention of creating a sectarian war. If Muslims feel that far right groups are going to attack them, they may seek out help and support from the more radical elements of society, which only serves to add fuel to the problem. European fear of radical Islam will increase prejudice, discrimination, ghettoisation and unemployment, which will only serve to radicalise more Muslims. As more attacks are conducted, far right groups will also gain in support leading to a highly polarised society with the right wing one end of the spectrum and the left and Islam on the other end. CONCLUSION With mass migration, criminality, terrorism and the rise of far right political parties and self-defence groups, Europe is currently on a path to political, economic and civil turmoil. Security services are currently overstretched in some countries and the sudden influx of millions of migrants, associated language difficulties and cross border investigations will only make the problem more acute. Add to this the potential for right and left wing terrorism, which cannot be discounted and seems likely in the medium term, suddenly intelligence and police institutions will be completely overwhelmed. There is also the issue of a clash of civilisations. Many of Europe’s new arrivals have been raised in another religion and represent a radically different culture, with

different beliefs and values. Two cultures living side by side peacefully is difficult, just take Northern Ireland as an example. That is a country where the people are of the same race and speak the same language. What will happen when there are suddenly numerous religions and ethnicities living side by side? In Malmo, for example, certain migrant communities are currently engaged in a race war. Europe is heading for a clash of civilisations and any reaction by political groups to enforce European cultural dominance will be seen as discrimination, leading to further divisions and eventually if the political process cannot solve these issues, conflict and warfare. The process I have outlined will take place over a matter of years and decades, however, with the European economy still precariously unstable, should an economic deterioration occur this process will be significantly quickened. People who support the Soldiers of Odin, Britain First or the English Defence League represent a section of society who have little to lose, which is why they are the first to protest. The middle classes will only come out to protest when they are being significantly impacted by a situation, so if millions across Europe suddenly lose their jobs and houses, there is nothing to hold them back from venting that anger. In that situation, I would agree with the head of Sweden’s armed forces that we would witness another world war in Europe. If you are interested in European or indeed global security and would like to discuss how Intelligence Fusion can help you or your organisation, then please get in touch for a confidential discussion. ! FURTHER INFORMATION www.intelligencefusion.co.uk

Issue 26 | COUNTER TERROR BUSINESS MAGAZINE

Advertisement Feature

THE BUSINESS MAGAZINE FOR SECURITY TECHNOLOGY – www.counterterrorbusiness.com

SECURITY

WAGTAIL UK – THE UK’S LEADING DETECTION DOG COMPANY The UK’s leading detection dog company, Wagtail UK Ltd, has announced a brand new suite of dedicated search dog courses available for 2016

key is that we focus on the ‘now’. While it’s important to give credence to historical events, it’s paramount to stay focused on current and emerging trends and to have the skills to combat terrorist activity.” The company strongly believes that all potential handlers must have the underpinning knowledge and a broader understanding of the security industry – its courses are set within the holistic search environment and from the outset, the dog team could be viewed as an integral part of any security operation’s planning.

The multi award-winning company has added yet another string to its bow by launching the Wagtail International School of Excellence (WISE). A fully approved centre endorsed by Highfield Awarding Body for Certification, also approved by the UK Ministry of Defence. WHAT THE SCHOOL DOES The school runs full courses in drugs, tobacco, explosives and body detection. It also runs Continuation Training days, allowing an opportunity for all those needing expert advice on training methods, focus training or simply need to put their dog over real kit; canine first aid and even taster days – suited to those undecided about their career path. Managers who wish to gain knowledge about the capabilities of search dogs may also find them useful. PROGRESSION FOR WAGTAIL Collin Singer, founder of Wagtail UK, said: “We feel our extensive experience and success in the detection dog arena more than qualifies us to pass on the wealth of knowledge that we’ve accumulated over the years. We saw an

COUNTER TERROR BUSINESS MAGAZINE | Issue 26

opportunity to enable us to provide a school of excellence for dog handlers – we felt it was the next natural progression for the company.” The UK’s market leader in the provision of dogs to protect borders and a leading provider in the detection of illicit goods, Wagtail is keen to uphold the same high standard for their courses, furnishing learners with additional skills beyond the scope of basic guidelines to enrich their depth of understanding and maximise their potential. MEETING REQUIREMENTS Andrew Ellis, training school manager, elaborates: “Courses offered in the commercial sector are very often heavily condensed. You have to be mindful that you are still delivering a course which is appropriate to the clients’ requirements and that meets the high standards they will undoubtedly want. “We are fortunate enough to be in a position where all of our instructors have been engaged in front line security operations in the UK and overseas, enabling us to stay up-to-date with crime and counter terrorist progressions and industry expectations. The

UNDERSTANDING THE THREAT Wagtail believe that people must fully understand the threat if they are to work in this environment and strive to give handlers the supporting knowledge. Students are provided with anecdotal evidence and case study material so that they fully appreciate the threat posed by terrorism – and measures in which to reduce any potential dangers. This theme is woven into the courses, with learners fully expected to analyse the Threat and formulate appropriate search plans. Valuing its high standing in the detection field, Wagtail are keen to begin training people to meet with the standard that they have already set. There are dedicated first-class training facilities on site at WISE and venues that lend themselves to realistic scenarios, with a wide range of ‘live’ training areas in the local area to enrich the learning experience. Home Office-approved to hold real training samples, they believe that training on real substance is best practice and a superior option to pseudo scent samples. Collin Singer concludes: “I would like to see WISE develop into an internationally-recognised school that can deliver training of the highest standards. We’re already receiving lots of interest from people wanting to train with us and it’s very rewarding to be able to set and deliver standards for world-class training.” Wagtail’s philosophy is to deliver quality without compromise. ! FURTHER INFORMATION www.wagtailuk.com

CARRIER

HMS Illustrious destined for scrap The Ministry of Defence (MoD) has revealed that the HMS Illustrious is to be sold for scrap following preservation schemes falling through. The MoD has now invited scrap dealers to bid to recycle the carrier, ending hopes that HMS Illustrious can be saved. Following the retirement of her Harriers in 2010, Illustrious operated as one of two Royal Navy helicopter carriers. By 2014 she was the oldest ship in the Royal Navy’s active fleet, having 32 years’ service. It is believed that three cities submitted proposals to preserve the vessel for the nation as a floating museum, but each fell through. An MoD spokeswoman said: “We have done all we can for over two years to find a home for the former HMS Illustrious in the UK, and regrettably no suitable bidder has come forward. While it is a difficult decision, we have announced an open competition for the recycling of HMS Illustrious, while remaining open to heritage options.” The notice states: “The Disposal Services Authority (DSA) is inviting expressions of interest for the sale of the former HMS Illustrious for recycling.

“She was decommissioned in 2014. All parties interested in acquiring the vessel should note that a Bank Guarantee of £2 million will be required by the DSA and will not be released until the recycling of the vessel is nearing completion. Viewing of the vessel is due to take place in June (date to be confirmed).”