Daily Archives: 10/11/2014

Ward Security champions personal safety initiatives in Kent and Berkshire

National security provider Ward Security has launched a personal safety initiative with schools and businesses in Kent and Berkshire as part of its ongoing commitment to improving safety in the local communities where the company is operational.

The initiatives have coincided with the clocks going back and the end of Daylight Saving Time, and promote the importance of maintaining personal safety while people are walking to school or work during the darker nights.

Meadow Vale Primary School in Bracknell and Northborough Junior School in Maidstone both held an assembly as part of Ward Security’s specialised school safety initiative, the Walk to School ‘Be Safe’ Campaign, which included safety talks from Ward Security personnel to everyone at the school with the support of local Police Community Support Officers. Children were told of the importance of walking to school safely and provided with information leaflets and fluorescent ‘glow in the dark’ keyrings to place on their school bags.

Ward Security has been raising awareness of security issues across local communities

Ward Security has been raising awareness of security issues across local communities

Police Community Support Officer Daemon Farry from Bracknell Police said: “Walking to school in the darker months can be a daunting and unnerving experience for young children. It’s really great to see a local company like Ward Security taking such an interest and proactively helping to promote awareness of the importance of walking safely when pupils are on their way to and from school. The school children were really engaged with the talk and the keyring giveaway will hopefully serve as a good reminder to them when they’re walking to and from school.”

Personal safety for business employees

Ward Security has also visited Brachers in Maidstone, Kent to promote the importance of personal safety. The company handed out free torches to employees at the law firm’s offices, as well as personal safety Best Practice guideline sheets to provide general reassurance for those members of staff making their way to and from the office as the nights draw in.

Denise Hooton, associate director of marketing at Ward Security, commented: “As a security company we are keen to ensure wherever we operate that we’re helping to promote safety awareness in the local community. The Walk to School ‘Be Safe’ Campaign and Brachers torch giveaway events went extremely well. We hope the information provided goes some way towards reassuring and protecting children and adults as they travel to and from school and work.”

Joanna Worby, managing partner at Brachers, added: “We’re always concerned to ensure the safety of our staff and were delighted to work with Ward Security on helping to raise awareness of personal safety issues.”

The torch giveaway follows on from a number of initiatives created by Ward Security to improve personal safety awareness at a number of locations near their Bracknell and Manchester offices over the past year.

Leave a comment

Filed under Risk UK News

“Organisations must act now to avoid hackers’ oldest trick in the book” urges ICO

The Information Commissioner’s Office (ICO) is warning organisations that they must make sure their websites are protected against one of the most common forms of online attack – SQL injection.

The warning comes after the hotel booking website, Worldview Limited, was fined £7,500 following a serious data breach where a vulnerability on the company’s site allowed attackers to access the full payment card details of 3,814 customers.

The data was accessed after the attacker exploited a flaw on a page of the Worldview website to access the company’s customer database. Although customers’ payment details had been encrypted, the means to decrypt the information – known as the decryption key – were stored with the data. This oversight allowed the attackers to access the customers’ full card details, including the three digit security code needed to authorise payment.

Christopher Graham: the Information Commissioner

Christopher Graham: the Information Commissioner

The weakness had existed on the website since May 2010 and was only uncovered during a routine update on 28 June 2013. The attackers had access to the information for ten days. The company has now corrected the flaw and invested in improving its IT security systems.

Worldview Limited would have received a £75,000 penalty but the ICO was required to consider the impact any penalty would have on the company’s financial situation.

Attacks are preventable

Simon Rice, the ICO’s Group Manager for Technology, said: “It may come as a surprise to many in the IT security industry that this type of attack is still allowed to occur. SQL injection attacks are preventable but organisations need to spend the necessary time and effort to make sure their website isn’t vulnerable. Worldview Limited failed to do this, allowing the card details of over 3,000 customers to be compromised.”

Rice added: “Organisations must act now to avoid one of the oldest hackers’ tricks in the book. If you don’t have the expertise in-house then find someone who does, otherwise you may be the next organisation on the end of an ICO fine and the reputational damage that results from a serious data breach.”

Leave a comment

Filed under Risk UK News

Scottish Parliament debates fire risk assessment procedures ten years on from Rosepark Care Home tragedy

Ten years after the fatal fire at the Rosepark Care Home in Lanarkshire, Scotland, MSP Michael McMahon has tabled a Parliamentary Motion (debated in the Scottish Parliament on Wednesday 29 October) recommending that all fire risk assessors should be qualified and, preferably, third party certificated.

The fire at Rosepark on 31 January 2004 claimed the lives of 14 elderly residents after flames broke out in a cupboard and subsequently ripped through the building. In support of his Parliamentary Motion, McMahon pointed out that one key finding of the fatal accident enquiry into Rosepark was that the fire risk assessment had been inadequate and the person who carried it out wasn’t qualified to do so.

The MSP for Uddingston and Bellshill in Glasgow believes an awareness campaign would help Duty Holders responsible for care homes to understand the contents of the guidance and those at commercial premises to appreciate the requirements placed on them by the Fire (Scotland) Act 2005. McMahon’s Parliamentary Motion also highlights the contents of the Scottish Government’s Practical Fire Safety Guidance for Care Homes, published back in March this year.

McMahon acknowledges that there has been progress since the fatal Rosepark fire, but added: “Fire risk assessments in complex buildings such as care homes are challenging exercises. The Duty Holder has to rely heavily on the capabilities and competencies of the fire risk assessor. How can the Duty Holder be confident that the fire risk assessor is competent and the advice given is up to standard and up-to-date?”

The fire at Rosepark in January 2004 claimed the lives of 14 elderly residents after flames broke out in a cupboard and ripped through the building

The fire at Rosepark in January 2004 claimed the lives of 14 elderly residents after flames broke out in a cupboard and ripped through the building

According to the MSP, third party accreditation is the only way forward and McMahon is now urging the Scottish Government to take immediate action by:
*Launching an awareness campaign (including direct contact through leaflets and via the Scottish Fire and Rescue Service) demonstrating to businesses the need for fire risk assessments
*Embracing and advocating third party certification
*Consulting the industry and stakeholders to make third party certification mandatory before an assessor can offer fire risk assessment services

Acting decisively to prevent further fires

McMahon feels that much has been done since the Rosepark tragedy, but stresses that more needs to be achieved in the area of fire risk assessment. “We owe it to the memory of those who lost their lives in Rosepark ten years ago, and their friends and relatives, to act decisively and prevent further fires,” urged the MSP.

The Parliamentary Motion was supported by Margaret Mitchell MSP, who commented: “Ten years on from Rosepark, it’s appropriate to evaluate whether or not there are sufficient requirements placed on care homes to prevent such an accident from happening again.”

MSPs Kenneth Gibson and Siobhan McMahon have also supported the Motion, stating that more can be done and that there’s no room for complacency. They agree that third party certification is the best way forward.

Community safety minister Roseanna Cunningham responded by saying that much had already changed. The minister added that the Regulatory Review Group is currently looking at fire safety legislation and is due to report back early next year. Cunningham has promised to write and ask the group to look at fire risk assessment as part of that extensive review.

In a bid to remove potential fire hazards, commercial buildings and non-domestic premises in Scotland are already forced to carry out a fire safety risk assessment under the Fire (Scotland) Act 2005 in conjunction with the Fire Safety (Scotland) Regulations 2006. If the assessment is thought to have been carried out to an insufficient extent, the enforcing authority has the power to prosecute the Duty Holder.

Leave a comment

Filed under Risk UK News

Survey finds Londoners ready to tackle the terrorist threat

A survey has revealed that nearly three quarters (73%) of individuals who live or work in the City of London are concerned about terrorism compared to 68% of all London adults. An even greater number of Londoners (87%) think that members of the public are important in fighting terrorism, with nearly three quarters (73%) of survey respondents stating they’re likely to report suspicious behaviour to the police.

The survey, undertaken after the UK terrorist threat level was raised from ‘Substantial’ to ‘Severe’, shows that the message from the City of London Police to remain vigilant at all times is one shared by the public. The survey also highlights a gender bias, with 76% of women concerned about terrorist attacks compared to only 59% of men.

The City of London Police continues to pioneer a new and innovative approach to deter terrorism and detect crime through Project Servator. This involves joint deployments with the British Transport Police (BTP) as well as private sector security officers from hundreds of businesses to ensure a ‘Ring of Steel’ around The Square Mile.

Adrian Leppard: City of London Police Commissioner

Adrian Leppard: City of London Police Commissioner

Adrian Leppard – Commissioner of the City of London Police – explained: “Members of the public should be vigilant to the threat posed by terrorism. This survey shows that they are willing to work with the police to prevent such attacks. The people of London are resilient and knowledgeable about the risks from terrorism and know they are key to helping fight that threat.”

Commissioner Leppard added: “Project Servator’s success lies in the partnership between the City of London Police and British Transport Police working with the private security industry, businesses and the public to create a ‘Ring of Steel’ around The Square Mile.”

Project Servator: the detail

Project Servator uses behavioural detection officers and specialist teams to spot suspicious activity and has already led to a total of 98 arrests and 31 cars being seized since launch in February of this year.

Servator involves new tactics and cutting-edge training for police officers that will help deter people from carrying out hostile reconnaissance and detect those with malicious intent. It also increases the opportunity for interaction between police officers and members of the public, provides further reassurance to the public and helps deter and detect other criminal perpetrators.

Hostile reconnaissance is the purposeful observation of people, places, vehicles and locations with the intention of collecting information to inform the planning of a hostile act against a target. Criminals – whether extreme protest groups, organised crime groups or terrorists – have to conduct hostile reconnaissance in order to plan a successful attack. If they can be disrupted and deterred at an early stage, it’s likely that they will abandon their plans.

Following three years of intensive work and study by a Government organisation, the City of London Police ran an initial pilot scheme which heralded a change in the way police use tactics to deter hostile reconnaissance. Due to the way in which the scheme works, these tactics should also have beneficial effects on crime in general.

*Unless otherwise stated, all figures are from YouGov plc. The total sample size was 2,076 London adults. Fieldwork was undertaken between 24-30 October 2014. The survey was carried out online. Figures have been weighted and are representative of all London adults (aged 18+)

Leave a comment

Filed under Risk UK News

Government minister urges crackdown on ‘free movement of serious criminals’

Karen Bradley – the Minister for Modern Slavery and Organised Crime – has urged that more information on serious criminals must be shared across Europe in order to protect members of the public.

Bradley has also called for action to stop those responsible for crimes including murder, rape and child abuse from being able to cross national borders either to escape justice or prey on new victims.

Speaking to delegates at a conference in The Hague, the UK MP explained: “We must all face up to the fact that, while free movement is seen by many in Europe as having only positive impacts, there are some very clear negatives – not least of which is the ability for criminals to exploit this freedom of movement and further their own illegal activities across borders.”

Bradley continued: “If we’re to tackle this problem properly then the free movement of information needed to combat criminality must work as effectively – and, ideally, more effectively – than the free movement of criminals.”

Serious Offending by Mobile European Criminals Project

The minister told the final meeting of the UK-led Serious Offending by Mobile European Criminals (SOMEC) Project that great improvements had already been made on the sharing of information, but that more needs to be done.

Bradley stressed the importance of the UK remaining part of a number of crime and policing measures that Parliament will vote on and which have greatly improved our ability to find out about foreign offenders who move to the UK.

Karen Bradley MP

Karen Bradley MP

“Public protection must not be lost in a wider debate about the UK’s place in Europe,” stated Bradley. “More must be done to prevent offenders like paedophiles, rapists and murderers from exploiting free movement rights to slip unnoticed into another nation where they can then prey on unsuspecting new victims. It’s vital we know when these predators arrive on our shores. We need more powers to tackle them, not fewer. That’s why it’s in the public interest – and is absolutely essential – that the UK remains a part of key European measures.”

In conclusion, the MP commented: “Failure to do so would send us back to the Dark Ages of being unable to find out anything about foreign criminals who’ve moved to our country, in turn making it impossible to act against them. There’s no doubt that this would carry a serious public protection risk and could even cost lives.”

Management and exchange of data

The SOMEC Project was established to examine the management and exchange of data on mobile serious sexual and violent offenders across Europe. Final recommendations on how improvements can be made are expected to be published in early 2015.

Parliament will vote today (Monday 10 November) on a small number of EU crime and justice measures the Government intends to remain part of in the public interest after opting out of a much larger number.

Parliament will vote on Monday 10 November on a small number of EU crime and justice measures the UK Government intends to remain part of in the public interest after opting out of a much larger number

Parliament will vote on Monday 10 November on a small number of EU crime and justice measures the UK Government intends to remain part of in the public interest after opting out of a much larger number

The measures the UK intends to remain part of include the Swedish Initiative, the Second Generation Schengen Information System (SIS II) and the European Criminal Record Information System (ECRIS). These have all been identified by the SOMEC Project as being important existing tools that should be used more effectively across Europe so as to track mobile serious criminals.

Leave a comment

Filed under Risk UK News

BCI: “Don’t wait for an emergency to prepare an emergency communications plan”

A newly-published report from the Business Continuity Institute (BCI) highlights the fact that, while overall results indicate a good uptake of emergency communications planning, a significant minority of companies remain passive or have difficulty securing management buy-in.

Supported by Everbridge, the report concludes that emergency communications remain an essential part of any business continuity programme. This research demonstrates that, while a great majority of companies are aware of the importance of such communications, there are some gaps in implementation that demand to be addressed.

In order to be effective, emergency communications plans must be continuously updated to reflect the risks that a business faces and embedded well enough within the organisation. Relevant training and education programmes – as well as ensuring top management buy-in – are necessary in promoting a culture of awareness and reducing the risk of communications failure during incidents.

It’s worrying to note that, among those organisations without an emergency communications plan, two-thirds (63.4%) of them would only consider adopting one after a business-changing event. Something akin to shutting the stable door once the horse has bolted. This could have dire consequences as previous BCI research suggests that business-affecting events may often severely affect an organisation’s viability.

A newly-published report from the Business Continuity Institute highlights that, while overall results indicate a good uptake of emergency communications planning, a significant minority remain passive or have difficulty securing management buy-in

A newly-published report from the Business Continuity Institute highlights that, while overall results indicate a good uptake of emergency communications planning, a significant minority remain passive or have difficulty securing management buy-in

Further findings from the report are as follows:

• In a sign of growing awareness, only less than 13.5% of organisations surveyed do not have an emergency communications plan in place
• Emergency communications plans are quite comprehensive in their scope. At least 70% of organisations have plans covering the following threats: IT outages (81.2%), fire (77.8%), power outages (76.2%), weather-related incidents (75.6%), natural disasters (74.9%) and security-related incidents (70.0%). These mirror the top three causes of business disruption as reported by respondents in the last 12 months: IT outages (59.8%), power outages (51.6%) and weather-related incidents (47.2%)
• Almost one fifth of respondents (18.7%) belong to organisations where more than 500 staff members travel internationally on a regular basis. More than 30% report travelling to ‘high risk’ countries
• Almost two-thirds of companies (64.7%) report having training and education programmes in place related to emergency communications. Most have regularly scheduled programmes (64.2%)
• Around 15% of organisations regularly schedule exercises of their emergency communications plans. Most schedule their exercises once a year (55.8%). This is a worrying finding considering that almost half of organisations (49.6%) are likely to invoke their plans more than once during any given year
• More than 70% of organisations take 30 minutes or less to activate their emergency communications plans. Nonetheless, more than a quarter of organisations (27.4%) do not request responses from their staff in the event of an incident or have defined acceptable response rates (28.2%)
• Social media appears to play an important role in an emergency communications plan. 42% of respondents report using social media to monitor their staff during emergencies and almost a third (31.6%) use it to inform stakeholders

Benchmarking of arrangements

Patrick Alcantara, research associate at the BCI and author of the new report, commented: “This survey is seen as the first step towards benchmarking an organisation’s emergency communications arrangements. It’s hoped that it will allow companies to take a second look at their emergency communications capabilities and introduce improvements that will rebound to their benefit. Given how emergency communications may improve survival during extreme situations, it’s important that organisations take heed and aspire towards a robust capability before it’s too late.”

In a sign of growing awareness, only less than 13.5% of organisations surveyed do not have an emergency communications plan in place

In a sign of growing awareness, only less than 13.5% of organisations surveyed do not have an emergency communications plan in place

Imad Mouline, CTO at Everbridge, added: “Fluctuating global threat levels, sophisticated cyber attacks and an ever-growing mobile workforce present increasingly diverse and complex risks to business interests. In this unpredictable environment, business continuity practitioners are consistently faced with the challenge of planning for the unexpected while ensuring the safety of their staff and communities and protecting their businesses from both financial loss and reputational damage. Undoubtedly, this survey provides a benchmark for emergency communications planning.”

This is the first dedicated piece of research into understanding the emergency communications plans of a wide range of organisations and learning how they’re integrated within wider recovery programmes. The results support the anecdotal feedback from the industry, demonstrating that such plans form an established and vital element of continuity plans for medium-to-large size enterprises while also offering some practical ideas for those looking to improve their capabilities in this area.

Leave a comment

Filed under Risk UK News

UK retailers lose £2.7 billion to shoplifting, employee theft, internal fraud and administrative errors in last 12 months

According to the latest Global Retail Theft Barometer, shrink – comprised of shoplifting, employee theft, vendor or supplier fraud and administrative errors – has cost the retail industry more than £81 billion worldwide in 2013 and £2.7 billion in the UK alone. This represents 0.97% of all UK retailer sales on average.

Underwritten by an independent grant from Checkpoint Systems, the research was carried out in 2014 by The Smart Cube and Ernie Deyle, a retail loss prevention analyst. It’s based on in-depth phone and written survey interviews conducted in 24 countries among 222 retailers responsible for no less than £475 billion in sales.

The average cost of retail crime per person (which, unlike shrink, is based on dishonest employees, shoplifters, fraudulent suppliers and the cost of loss prevention) across the 24 countries surveyed ranged from £46 to £338. The annual cost of retail crime to UK shoppers, as passed on from retailers, averages £80.00 per person.

Shrink appears to be down slightly in most countries. The lowest shrink rates were recorded in Norway (.83% of retail sales) followed by Japan and the UK (.97%). The US came in at 1.48% of retail sales, down slightly from 1.50% last year. The highest rates were recorded in Mexico (1.70%) and China (1.53%).

Shrink (comprised of shoplifting, employee theft, vendor or supplier fraud and administrative errors) cost the retail industry more than £81 billion worldwide in 2013

Shrink (comprised of shoplifting, employee theft, vendor or supplier fraud and administrative errors) cost the retail industry more than £81 billion worldwide in 2013

Russell Holland, vice-president of sales for the UK and EMEA distributors at Checkpoint Systems, said: “Over the last year, retailers in the UK have been taking great strides and made substantial investments in the fight against retail crime. Many UK retailers reported that improved security methods have helped them to keep losses under control. We’re also seeing retailers invest in their employees’ education and understanding of loss prevention, marking an encouraging step in the fight against retail crime in the UK.”

While shoplifting remains the biggest cause of all retail shrink in 16 of the 24 countries surveyed, here in the UK both administrative and non-crime losses ranked first (at 36.5%) with shoplifting next on the list (at 25.3%).

Stolen merchandise: the most popular items

The most-stolen items across Europe are those products that are easy to conceal and harbour a good resale value, such as fashion accessories, wines and spirits. Other frequently stolen products include power tools, mobile accessories and make-up products.

Survey respondents state that source tagging – the application of EAS or RFID labels on goods prior to their arrival at retail stores – has increased around the globe. Such tagging is currently used on high value and high theft items like meat, health and beauty products and alcohol.

80% of UK retailers are source-tagging up to 10% of products. A further 20% are source-tagging over 20% of all merchandise. In addition, 50% of European retailers plan to increase the number of source-tagged SKUs.

According to The Smart Cube: “This report provides detailed descriptions of the sources of shrink and helps retailers understand the most cost-effective ways of addressing their problems. A number of Best Practices emerged from our research, including appropriate spending ranges to address the issue.”

Alcohol is a prime target for thieves

Alcohol is a prime target for thieves

“We’re pleased to support this global statistical research for the thirteenth year,” said Per Levin, president and chief sales officer for shrink management and merchandise visibility solutions at Checkpoint Systems. “Our hope is that retailers can learn more about the causes of shrink and work with their suppliers and solutions partners to create joint programmes designed to reduce shrink and its associated costs.”

Interested parties can obtain a copy of the latest Global Retail Theft Barometer report by logging on at: http://www.GlobalRetailTheftBarometer.com

*Retailers wishing to participate in next year’s Global Retail Theft Barometer study may register here

Leave a comment

Filed under Risk UK News