Daily Archives: 22/11/2014

Centrify survey pinpoints ID theft as key concern for digital consumers

Identity theft has ranked as the top concern among 2,000 consumers questioned about their digital lifestyles in new research commissioned by Centrify Corporation. The survey reveals that 81% of respondents stated they are concerned – or very concerned – about the prospect of having their identity stolen online.

Having credit card information stolen on the Internet is also extremely worrying for consumers, with 79% ranking it the second biggest concern above being a victim of cyber crime (73%).

Surprisingly, cyber bullying is the least concerning prospect for respondents with just 40% of consumers showing any real concern, while privacy of social networks (59%) and e-mail spam (68%) both ranked much higher.

The comprehensive survey also reveals the numbers of respondents that have a high, medium or low ‘digital footprint’ based on the amount of time they spend online in a typical week e-mailing, texting and sharing or watching digital images, songs, games, videos and apps.

62% of those very concerned about identity theft have a medium digital footprint, 46% low and 26% have a high digital footprint. Equally, only 26% of those with a high digital footprint are concerned about having credit card information stolen on an online shopping website and their e-mail accounts being spammed, showing that those who spend more time online are less concerned about their identity being stolen.

One-in-four respondents to the survey have definitely (or probably) been a victim of identity theft, 43% of victims suggesting the problem took more than one month to fix with one-in-five saying it took more than ten hours. 47% of interviewees admitted to having to spend their own money to resolve the issue, with 28% noting they’ve spent at least £60 (in turn highlighting the need for increased password security).

Identity theft remains a key concern for online shoppers in both America and the UK

Identity theft remains a key concern for online shoppers in both America and the UK

Security of personal information at risk

“With so much of our time now spent online, be it in relation to social networking, banking or shopping, the security of our personal information and, more importantly, our identities is being put at risk on a daily basis,” explained Tom Kemp (CEO at Centrify).

“According to our survey, online purchases are the top reason why users feel they became victims of identity theft, underscoring the importance of confidence in one’s own online security. Consumers have very little faith in the absolute security of their passwords. Just 15% believe those passwords are very secure, regardless of the amount and type of characters used. Being able to manage our password security is crucial.”

Other research highlights:

• The groups that are most likely to say they’ve been victims of identity theft are those that probably best understand and notice the signs of identity theft: IT workers, online shoppers, higher salary workers, the ‘tech-savvy’ and those with a high digital footprint

• Those with the least confidence that their passwords are absolutely secure include individuals that do less online shopping (12%), those aged 50-64 (11%) and those with a medium digital footprint (11%)

• A plurality of consumers are only somewhat confident that their passwords for personal accounts could not be cracked by a computer program, but few are very confident

*The Widmeyer Survey was developed to assess people’s engagement with (and perception of) passwords in order to determine their efficacy in the workplace. The survey was completed in September 2014 with more than 1,000 participants in the UK and 1,000 in North America. Results were similar across both regions

Leave a comment

Filed under Risk UK News

“Victims let down by poor crime recording” states HMIC report

In its latest report entitled ‘Crime Recording: Making the Victim Count’, encompassing the results of what is the most extensive inspection and analysis of crime recording carried out to date, Her Majesty’s Inspectorate of Constabulary (HMIC) finds that the national average rate of under-recording of crime is almost one-in-five.

The inspection was designed to review the integrity of police-recorded crime data (it was not an inspection or inquiry into the integrity of the police service). In examining over 8,000 reports of crime incidents detailed to the police, the HMIC found the national average of under-recording of crime to be 19% (which amounts to over 800,000 crimes each year).

During the audit period November 2012-October 2013, police were found to be less likely to record violent and sexual offences as crimes than they were other crime types. The inspection also found that, on the national average, over a quarter of sexual offences and a third of violent crimes reported to the police each year are not being recorded as crime.

Every force was inspected, and the results from each have been used to build a statistically representative figure on a national basis. HMIC emphasises that the picture at a local level is mixed. Not every force is the same. In a few forces, crime recording is very good and highlights the fact that this procedure can be carried out very well and the statistics trusted. In some other forces, though, HMIC suggests the process is “unacceptably bad”.

During and since the inspection, some forces have taken significant steps to improve their procedures, a fact which is naturally welcomed by HMIC.

National crime recording rate is “inexcusably poor”

Commenting on the report’s contents, Her Majesty’s Chief Inspector of Constabulary Tom Winsor said: “The first duty of the police service is to protect the public and reduce crime. A national crime recording rate of 81% is inexcusably poor. Failure to properly record crime is indefensible. This is not about numbers and dry statistics. It’s about victims and the protection of the public.”

Winsor continued: “The position in the case of rape and other sexual offences is a matter of particularly serious concern. The inspection found 37 cases of rape which were not recorded as crimes. The national rate of under-recording of sexual offences (including rapes) as crimes was 26%, while the national rate of incorrect decisions to no-crime rapes was 20%. These are wholly unacceptable failings. Some police forces have exemplary records in this respect while others are very bad. It’s particularly important that, in criminal cases as serious as rape, these shortcomings are put right as a matter of the greatest urgency. In some forces, action is already being taken in this respect.”

Tom Winsor: Her Majesty's Chief Inspector of Constabulary

Tom Winsor: Her Majesty’s Chief Inspector of Constabulary

Her Majesty’s Chief Inspector of Constabulary also said: “The police should immediately institutionalise the presumption that the victim is to be believed. If evidence later comes to light which shows that no crime occurred then the record should be corrected. That’s how the system is supposed to work.”

Importantly, Winsor explained: “Victims need – and are entitled to – support and assistance. They – and their communities – are also entitled to justice. Failures in crime recording can also increase the risks to victims and the community of the denial of justice. The police need to take this subject very seriously. Trust in what the police tell others about crime is part of the essential trust which the public must have in the police service.”

The public’s view is unequivocal. When surveyed, 95% of respondents agreed that it’s important all crimes reported to the police are recorded accurately, but only 66% trust the police to do so. The inspection found that even when crime was correctly recorded, many incidents were removed or cancelled from the system as: ‘No crimes’. One-in-five of the 3,246 reviewed decisions to cancel a crime record were incorrect. This included over 200 rapes and more than 250 crimes of violence against the person.

The police should inform victims of these decisions, states HMIC, but in over 800 of the 3,246 decisions reviewed for this inspection there was no record of the victim having been told. This means that victims may be under the impression that their crimes are being investigated when in truth they’re not.

The inspection found that, once recorded, decisions on the classification of crimes were correct in 96% of cases.

Undue pressure placed on police officers?

Relatively little firm evidence was found of undue pressure being put on police officers to manipulate figures, despite allegations and assertions to that effect.

However, in a survey of over 17,000 police officers and staff, 39% of the 8,600 individuals who said they had responsibility for making crime recording decisions reported that performance and other pressures were distorting those decisions. When presented with that picture, a number of forces admitted it.

That said, the inspection also found that forces are making considerable efforts to change the culture in which such practices have been permitted in the past.

The HMIC inspection also looked at over 3,700 out-of-court disposals (consisting of cautions, penalty notices for disorder, cannabis warnings and community resolutions). In over a fifth of cases, HMIC found the offender should not have been given the sanction and should either have been charged and sent to court or given a different and more severe out-of-court disposal.

HMIC was also concerned that not all victims were asked for their views on the punishment (as the rules require).

Despite the clear framework and set of rules for the sound and consistent recording of crime by the police, the failures identified by HMIC are, in the main, attributable to lapses in leadership and supervision of officers and staff in addition to poor knowledge of the rules.

Victim Support is calling for all crime to be reported and accurately recorded

Victim Support is calling for all crime to be reported and accurately recorded

HMIC has recommended that the College of Policing should establish standard training to be provided by each force which ensures that all officers and staff who are likely to record crimes or have supervision of crime recording have a sound understanding of the relevant principles to be applied (and are periodically tested in that respect).

A number of forces are doing well in recording crime and have already tackled these issues. Some forces, including Kent and Merseyside, have moved swiftly to make improvements since the HMIC inspections. They’re already implementing changes and prioritising victims’ needs. This demonstrates how rapidly improvements can be made.

Number of crimes dismissed is “alarming”

In response to the HMIC’s findings, Adam Pemberton (assistant CEO of Victim Support) stated: “The sheer number of crimes that have been dismissed by the police is alarming. It’s equally astonishing that so many victims are not told if the police later decide that no crime took place.”

Pemberton stressed: “Each mistake represents a victim losing their chance for justice and support. Victims of crime rely on the police service to believe them and to investigate crime properly, and they should be able to trust them to do just that.”

Leave a comment

Filed under Risk UK News

City of London Police Commissioner calls on financial centres to act now and prevent a major cyber attack

International financial centres, Governments and law enforcement must work closely together to prevent organised criminals and terrorist organisations from bringing global markets to a standstill with a massive cyber attack. This was the message delivered by City of London Police Commissioner Adrian Leppard when he appeared as the keynote speaker at the Financial Crimes and Cyber Security Symposium in New York.

Hosted by the New York County District Attorney’s Office and held in the Federal Reserve Bank, the event was attended by more than 300 delegates from the world of policing, finance and public and private sector cyber security.

Commissioner Leppard, whose UK force is the National Policing Lead for Fraud, highlighted the increasingly sophisticated fraud and cyber threats facing world financial centres, with a particular focus on the City of London and Wall Street. He pinpointed the risks posed by state-sponsored espionage and terrorism using highly complex malware – such as Ransomware and Distributed Denial of Service (DDoS) attacks – to threaten the integrity of trading platforms and major deals.

Commissioner Leppard also stated it’s now vital that law enforcement and financial institutions share information on the current threats. He called for companies to be legally obliged to report to the authorities when they have fallen victim to a cyber attack and thereby ensure steps can be taken to protect other financial institutions and target the offenders.

Adrian Leppard: City of London Police Commissioner

Adrian Leppard: City of London Police Commissioner

In recognition of the rapidly evolving and expanding threats to the global financial districts, including London and New York, the City of London Police and the New York County District Attorney’s Office are to forge a closer alliance. From Spring 2015, there will be a staff exchange programme between the two agencies aimed at developing greater operational collaboration, intelligence sharing and de-briefing of investigative Best Practice.

This development comes hot on the heels of the City of London Police signing an agreement with the Royal Bank of Scotland to have financial experts from the bank providing specialist advice and guidance under the force’s new Corporate Volunteer Consultancy Scheme.

Determination of international criminals

Speaking from New York, Commissioner Leppard said: “We cannot underestimate the determination of international criminals, operating alone or as part of serious organised crime gangs or terrorist organisations, to launch a major strike against our financial centres, particularly in London and New York. It’s therefore crucial we take a proactive approach to this threat by putting in place the technical and legal systems that will keep trading platforms secure from malware and prevent companies from being compromised by a rogue employee or weak IT systems.”

The Commissioner continued: “The agreement signed by the City of London Police and the New York County District Attorney is another important step in the right direction, bringing the people who protect the Square Mile and Wall Street closer together and ensuring we’re doing everything we can to thwart what has become a common enemy.”

New York County District Attorney Cyrus R Vance Junior added: “An increasingly close connection between cyber crime and financial crime means that co-operation is more important than ever. Our international partnerships, in particular our ongoing collaboration with Commissioner Leppard and the City of London Police, reflect a changing landscape and the understanding that cyber criminal attacks will not be limited by state or national borders. This is why it’s essential for financial institutions, Governments and law enforcement agencies to work together in protecting the integrity of our markets and financial systems as well as our citizens.”

Leave a comment

Filed under Risk UK News

2013-2014 figures show rise in reported physical assaults against NHS staff

NHS Protect has released the 2013-2014 figures for reported physical assaults against NHS staff in England. The figures have been collated from 266 health bodies across the country.

The number of criminal sanctions following reported assaults has risen by 191, from 1,458 to 1,649 – an increase of 13.1%. Overall, there was a rise of 8.7% in total reported assaults from 63,199 in 2012-2013 to 68,683 in 2013-2014. A full breakdown of the results is available at: http://www.nhsbsa.nhs.uk/Documents/SecurityManagement/Reported_Physical_Assaults_2013-14.pdf

Richard Hampton, head of external engagement and services at NHS Protect, commented: “No member of NHS staff should be physically assaulted, and we encourage staff who are victims of violence to press charges against their assailants. Those who work in the NHS have the right to provide care in a safe environment. Employers must do all they can to support staff in preventing incidents and pursuing offenders.”

Advice for health bodies

NHS Protect is urging health bodies to:

• Note that NHS Protect’s guidelines entitled: ‘Meeting Needs and Reducing Distress – Guidance on the Prevention and Management of Clinically-Related Challenging Behaviour in NHS Settings’ was launched in December 2013 and provides NHS staff with the tools to de-escalate and reduce challenging behaviour within the NHS

• Take advantage of the joint working agreement with the Association of Chief Police Officers and the Crown Prosecution Service and use existing guidance to pursue local arrangements building on this national agreement in order to ensure criminal assaults are identified and do not go unpunished

• Seek advice from the network of NHS Protect’s Area Security Management Specialists. They give guidance to Local Security Management Specialists and assist in assessing risks of violence, addressing these through prevention work and pursuing legal action when assaults do occur

• Ensure staff are trained to use available powers to respond decisively to low-level nuisance behaviour before it escalates into violence against staff (these powers are available under the Criminal Justice and Immigration Act 2008)

• Be aware that NHS Protect has been included in the Anti-Social Behaviour, Crime and Policing Act 2014 in order to provide new tools for dealing with persistent anti-social behaviour within the NHS

Overall, there was a rise of 8.7% in total reported assaults on staff working in the NHS, from 63,199 incidents during 2012-2013 to 68,683 in 2013-2014

Overall, there was a rise of 8.7% in total reported assaults on staff working in the NHS, from 63,199 incidents during 2012-2013 to 68,683 in 2013-2014

Cheshire and Merseyside deal signed to protect NHS staff

A new agreement to help protect nurses, doctors, ambulance crews and other NHS staff from assault and abuse in Cheshire and Merseyside has been signed.

The Service Level Agreement between the Crown Prosecution Service (CPS) Mersey-Cheshire and NHS Protect commits both bodies to working closely together to ensure that people who attack NHS staff are prosecuted wherever appropriate. This helps implement the national joint working agreement between the Association of Chief Police Officers, the CPS and NHS Protect.

The Mersey-Cheshire Service Level Agreement aims to strengthen the prosecution process, recognising that there’s a strong public interest in prosecuting those who assault NHS staff or commit other offences that disrupt the provision of NHS services to the public.

John Mytton, North West Area Security Management Specialist for NHS Protect, said: “CPS Mersey-Cheshire and NHS Protect have worked hard to reach this point, with both of the CPS regions in the North West now covered by this agreement. We will continue to support health bodies to ensure that all incidents of violence and aggression against staff are addressed and appropriate sanctions brought forward wherever possible. This will improve the confidence and well-being of those who work in the NHS and their patients.”

Claire Lindley, Chief Crown Prosecutor for Mersey-Cheshire Crown Prosecution Service, added: “No NHS worker should have to do their job in fear of being assaulted. Some staff may feel that these assaults are part and parcel of their work and that they simply have to put up with them. This is not the case. We also know that some NHS staff mistakenly believe that nothing will be done if they report assaults. This is also not the case.”

Lindley continued: “This agreement shows the commitment of the NHS and the Crown Prosecution Service to making sure that the people who commit these assaults are brought to justice. We hope it gives people the confidence to report incidents and that offenders get the message – you will be caught and made to face the consequences.”

Leave a comment

Filed under Risk UK News

Strong growth and improved operating margins reported by Loomis

Revenues at Loomis (the Cash-in-Transit and cash management specialist) for the third quarter increased to SEK 3,600 million (2,897). Organic growth was 3% (4) and real growth 18% (4).

Loomis’s operating income (EBITA)1 amounted to SEK 406 million (311). The operating margin was 11.3% (10.7).

Income before taxes stands at SEK 366 million (294) while income after taxes totals SEK 278 million (207).

Earnings per share before and after dilution amounted to SEK 3.70 (2.76).

Cash flow from operating activities was SEK 384 million (368), equivalent to 95% (119) of operating income (EBITA).

Strong growth and improved operating margins have been reported by Loomis, the cash management specialist

Strong growth and improved operating margins have been reported by Loomis, the cash management specialist

January-September 2014

Revenue for the first nine months is reported at SEK 9,796 million (8,436) and organic growth 4% (1). Real growth is 12% (2).

Loomis’ operating income (EBITA)1 amounted to SEK 981 million (805) while the operating margin increased to 10.0% (9.5).

Income before taxes is SEK 878 million (764). Income after taxes is reported to be SEK 651 million (539).

Earnings per share before dilution was SEK 8.65 (7.21) and SEK 8.65 (7.15) after dilution.

Cash flow from operating activities is SEK 782 million (637), equivalent to 80% (79) of operating income (EBITA).

Comment from the president and CEO

“I’m pleased to present another quarter with strong growth and continued margin improvement,” explained Jarl Dahlfors, Loomis’ president and CEO. “The quarter was characterised by the integration of VIA MAT and a sustained focus on continuous improvements at our branches. Growth is mainly attributable to the acquisition of VIA MAT, implementation of new contracts and strong growth in the USA.”

Dahlfors added: “The profitability improvement is primarily a result of the strong growth within Cash Management Services and Loomis SafePoint. Ongoing work designed to improve efficiencies is continuing to yield results.”

Working for major financial institutions, independent ATM deployers, major retailers, public sector bodies and a huge range of businesses, Loomis has a presence in 20 countries, operates 400 offices and employs more than 20,000 people generating annual sales of £1 billion.

The company offers intelligent safe and deposit systems, cash collection/Cash-in-Transit services, cash processing, coin delivery, ATM services (which include ATM replenishment, maintenance and administration) and specialist transport services.

Reference

1EBITA – Earnings Before Interest, Taxes and Amortisation of acquisition-related intangible fixed assets, acquisition-related costs and revenue and items affecting comparability

Leave a comment

Filed under Risk UK News

Home Office plans next stage of engagement with suppliers on ESN

The Home Office has announced that it will be engaging with suppliers on detailed requirements for the new Emergency Services Network (ESN).

A Prior Information Notice has been published in the Official Journal of the European Union stating that the UK Government Department will engage suppliers regarding four separate parts of the contract for the new ESN, namely user devices, air-to-ground service and devices, vehicle installation and Control Room upgrades.

Minister of State for Policing, Criminal Justice and Victims Mike Penning said: “A modernised communications network is vital to help the emergency services protect the public and save lives. We are on track to deliver this critical part of our national infrastructure by 2017.”

The MP added: “We have seen strong interest in providing the new emergency services network and its supporting elements. I’m confident that the organisations we select will create a communications network that’s the best in the world.”

The Home Office has unveiled further plans for the Emergency Services Network

The Home Office has unveiled further plans for the Emergency Services Network

Tenders for the contracts will be submitted in the near future and will then be subject to detailed evaluation. Contracts will be awarded in 2015 and the new ESN will go live from 2017 as existing contracts expire.

The new network is being developed in close partnership with the emergency services and will add broadband data capabilities that will help save lives. Further information is available at: https://www.gov.uk/government/publications/the-emergency-services-mobile-communications-programme

Leave a comment

Filed under Risk UK News

NaCTSO promotes National Counter-Terrorism Awareness Week 2014

The National Counter-Terrorism Security Office (NaCTSO) has been working with partner organisations (among them ACPO and Police Scotland) on the launch of National Counter-Terrorism Awareness Week 2014, which runs from 24-30 November.

In August, the international terrorism threat level facing the UK was raised by the Joint Terrorism Analysis Centre from a rating of ‘Substantial’ to ‘Severe’, meaning that an attack is highly likely. As a direct result, law enforcement and other Government agencies are urging communities – including the business community – to be vigilant and report anything they perceive as suspicious behaviour.

To focus attentions, National Counter-Terrorism Awareness Week is being launched on Monday 24 November and aims to encourage members of the public to be vigilant, as well as advising of the simple steps that can be taken to make it that much harder for terrorists to attack us.

Counter-terrorism awareness will be raised on a national basis among the police family, the business sector and members of the public by way of community and business engagement, targeted briefings, police patrol activity, reviews and the testing of counter-terror plans.

Focus around five key themes

During National Counter-Terrorism Awareness Week, the focus of all activity will be around five key themes where action by the police family, the business community and members of the public can detect and deter terrorism. Those themes are: Crowded Places, Transport Hubs, Preventing Violent Extremism, Terrorist Financing and Firearms and Explosives (encompassing the tools that terrorists need in order to operate).

This poster is designed for display in back of house zones

This poster is designed for display in Back of House zones

Following the increase of the international terrorism threat level to ‘Severe’, there’s a heightened need to ensure that the UK is in the best possible position to deter and detect potential terrorist threats. As stated, while the ‘Severe’ threat level indicates that it’s highly likely a terrorist attack could happen in the UK, the authorities are quick to point out there’s currently no specific intelligence of a terrorist attack.

Everybody has a role to play in keeping the UK safe from terrorism. Be vigilant. If you suspect it, report it. Nobody is better placed to detect something that’s out of place in their communities than the people living in them. NaCTSO encourages individuals to report suspicious activity by calling the confidential Anti-Terrorist Hotline on 0800 789 321.

Cross-Sector Safety and Security Communications Hub

The Cross-Sector Safety and Security Communications (CSSC) Hub is an award-winning initiative that partners law enforcement agencies, local and national Government organisations and private sector businesses. CSSC aims to help businesses remain safe and secure by providing accurate, timely and authoritative messaging and information on an ongoing basis and in times of major incidents with potentially far-reaching impacts.

CSSC operates across more than 25 industry sectors. Each sector is represented by industry sector leads who regularly participate in briefing calls and events and then cascade information to the businesses within their sectors. CSSC is working closely with NaCTSO and its partners to support National Counter-Terrorism Awareness Week.

Addressing the organisation’s members, Andrew Nicholls (The Security Institute’s director of membership recruitment and benefits) said: “Information from the briefings will be disseminated and we hope that you will support us with increased vigilance in your day-to-day operations as well as reviewing your own business continuity processes and procedures.”

*Further information about National Counter-Terrorism Awareness Week can be found at: http://www.nactso.gov.uk/ctaw2014 Here, you’ll be able to download posters and briefing products that may be displayed Back of House

**In addition, a range of guidance documents for businesses can be found within the Business Toolkit Section of the CSSC website (www.cssc.gb.com). These cover topics from cyber crime and vehicle-borne IEDs through to building a ‘business battle box’

***For general information and assistance send an e-mail to: enquiries@cssc.gb.com

Leave a comment

Filed under Risk UK News

Dr Peter Speight CSyP wins prestigious CIR Risk Manager of the Year Award 2014

The UK Chapter of ASIS International has congratulated Dr Peter Speight CSyP – director of security risk management and consultancy services at Securitas in the UK – for winning the prestigious CIR Risk Manager of the Year Award 2014.

Now in their fifth year, the CIR magazine Risk Management Awards are specifically designed to recognise those individuals, organisations and teams that have significantly added to the understanding and practice of risk management. Judged by an independent panel of experts, the awards provide an opportunity for organisations and individuals to showcase their best products, projects and people.

The Risk Manager of the Year Award honours outstanding performance by a risk management individual deemed by the Judges to have accomplished most in the past 12 months in terms of reinforcing their organisation’s risk management framework, inspiring their team and offering creative thinking to the risk management community as a whole.

Risk professionals operational in organisations ranging from FTSE 100 blue chip concerns through to small and medium-sized enterprises are invited to enter submissions for this category.

Dr Peter Speight CSyP (centre) receives the Risk Manager of the Award 2014

Dr Peter Speight CSyP (centre) receives the Risk Manager of the Award 2014

The winner in 2014 is Dr Peter Speight CSyP, director of security risk management at Securitas UK (a role which Speight began back in November 2010) and author of the hugely popular book ‘Why Security Fails’ (more of which anon). Speight’s remit at Securitas focuses on strategic, tactical and operational enterprise risk management.

Prior to this, Speight served as director of security risk management with Reliance Security Services and (from February 2008 through until April 2009) as head of security consultancy with Perpetuity Risk and Consultancy International, during which time he concentrated on both strategic and operational security consulting.

In previous times Speight has also held end user roles, including a spell as group security manager for Allied Colloids and head of security operations at the BBC, where he worked from September 1999 to May 2000.

Peter’s a regular contributor to the security world’s leading journals and frequently speaks on risk issues as part of the sector’s many and varied conference programmes, among them that devised for IFSEC International.

Dr Speight is a long-time ASIS International UK member and, subject to election at next month’s AGM, will be joining the ASIS UK Leadership team as Chapter Secretary for 2015.

ASIS UK Chapter vice-chairman Mike Hurst stated: “Peter has been a champion of Enterprise Security Risk Management for many years now, and we’re absolutely delighted that his work has been recognised. ASIS International has produced several guidelines and standards on the subject of risk management so it’s fitting that an ASIS UK member is this year’s award recipient.”

Why Security Fails

Published in July 2012, Dr Peter Speight’s excellent book entitled ‘Why Security Fails’ examines a proposition that it’s possible to determine why security falls down within organisations.

There’s a detailed examination of the matrix containing security manpower, physical security assets, electronic systems and procedures. The operational effectiveness of these four distinct security facets is often not capable of critical assessment by the very organisation that’s paying for these assets and services. Therefore, it has been necessary to both determine and evidence a variety of security failures and, ultimately, contrast these sample conditions with examples of organisational security successfully achieving a range of targeted objectives (to the complete understanding and budgetary capability of the target organisation).

These contrasting situations are illustrated within the book which presents a detailed study of a multinational manufacturing organisation and the re-alignment of its security strategy following a comprehensive risk assessment and security audit.

The book also posits that it’s unlikely such security strategies can be effective unless based on a clear understanding of the threats, hazards and risks to which a given organisation may be subjected.

The issue of risk and security auditing is a key feature of ‘Why Security Fails’, as is the requirement to emphasise that the success of a security strategy (which would follow on from the assessment of risk and vulnerability) is not only underpinned by the accuracy of these processes, but also a clear understanding of the specific corporate culture, organisational security awareness and fiscal imperatives at play.

‘Why Security Fails’ also examines the role of risk management in the planning of crisis, continuity and safety issues, again from the perspective of contrasting the success of such planning when measured against the management of risks and the operationally assessed needs linked to the aforementioned four elements of security.

*To order your copy of ‘Why Security Fails’ contact: Protection Publications, 12B Wellgate Centre, Ossett, Wakefield WF5 8NS (telephone: 01924 266016)

Leave a comment

Filed under Risk UK News

‘A Manifesto for Professional Security’: The Security Institute’s ‘Vision of The Future’

On Tuesday 18 November at The Churchill War Rooms in central London, The Security Institute launched ‘A Manifesto for Professional Security’. The Keynote Speech was delivered by Emma Shaw CSyP, the Institute’s chairman, who duly outlined the organisation’s vision for making professional security more effective: a profession that’s recognised and respected for the immense value it delivers to society, to organisations in both the public and private sector and, indeed, individual members of the public.

Everything The Security Institute has done over the first 15 years of its existence has been building up to this point. We would like to think that our new document entitled: ‘Recognised, Respected and Professional: A Manifesto for Professional Security’ carries on the tradition of The Security Institute’s founding members. Back in 1999, those founding members were willing to seek change and courageous enough to do their utmost in a bold bid to realise that change.

This is the point at which I feel our professional body comes of age. The point at which we are mature enough to profess that we can only achieve our ambitions for this profession not by pursuing our own agenda or through acting as a member association with a narrow focus on member interests but instead by recognising that the first duty of a professional body is to serve the profession itself and all of its many and varied stakeholders.

We understand that, across the sector, there are valuable relationships currently being used for narrow benefit that could be developed to serve the greater good.

First and foremost, this new Manifesto is about collaboration. It sets out a vision and a series of initiatives that encourage working together to achieve key outcomes. In working to bring about those defined outcomes, all organisations within the sector would maintain full autonomy and retain their own individual identity and traditions while at the same time striving to achieve for the good of all.

Emma Shaw CSyP: chairman of The Security Institute

Emma Shaw CSyP: chairman of The Security Institute

A Manifesto for Professional Security: The Background

Undoubtedly, these are times of immense and rapid change for the security profession and all of its practitioners. The nature of the security threat is changing. Accessible information technologies, global networks, diversification of threats and disruptive technologies will all create risks for the public, for society and for businesses in equal measure. These complex threats require complex solutions and, in turn, this will demand far greater collaboration and co-operation from – and between – those responsible for the security of assets as well as the host organisations representing them.

We also need to remember that it’s not only security professionals who are our stakeholders. Ultimately, the end user of all our services is the general public and The Security Institute feels that not enough has been done to include that public in our thinking as a profession.

There’s a need for greater understanding of what the public perceives as threats, which tend towards the local and short term rather than the international and longer term focus of the Government’s National Security Strategy. Through its professional bodies, the security profession must strive to build bridges with the public it seeks to protect. It is the members of the public who are our primary stakeholders.

Following on from this, security also must engage more actively with its user stakeholders in a bid to demystify its practices and make its own case for wider recognition as a force for good in society. On an individual level, security must strive to promote a clear understanding and appreciation of the things the security profession does on a daily basis to maintain stakeholder well-being.

At a time when security is becoming ever more ubiquitous and might be perceived by some as overbearing, we absolutely cannot afford to let the public lose faith in the professionals who work tirelessly to manage and mitigate the risks it faces and, in so doing, keep members of the public safe.

In the pursuit of greater degrees of security, it must be said that a fine line exists between protecting members of the public and infringing their civil liberties. Here, the security profession has the opportunity to be a reassuring and independent presence between the public and the legislature. We can offer a reliable information channel.

Taking this argument a stage further, the security profession has to encourage an ongoing debate around the moral basis of security. It’s also fair to say that ethical challenges will frequently arise as technology empowers the profession to gather, analyse and use data about citizens.

The Security Institute has launched 'A Manifesto for Professional Security'

The Security Institute has launched ‘A Manifesto for Professional Security’

The security profession must evolve

The Institute feels strongly that the security profession must evolve in line with the changing nature of risks and equip practitioners to cope with those risks in order to enable them to meet the challenges facing society at large. Technology is one of the key drivers of change, and the security profession – and its cohort – needs to demonstrate the technical and intellectual skills that enable effective working within this environment.

New tools can help transform the sector. For example, big data analytics might be made into working tools, enabling complex data to be turned into smart data and allowing data analysis on a massive scale that quickly provides deeper insights while creating new types of services for host organisations.

We should also consider the make-up of the security profession. Security is still widely viewed as a second career for those coming out of the military or the police service. We need to encourage young people to enter the security world as a first-choice profession after leaving school or university.

Greater and closer co-operation between stakeholder organisations is essential if we are all to fulfil our individual organisational obligations to the profession.

What, then, are the reasons why things we would all agree need to be done are not being done? First, it’s apparent to many of us that ‘Security’ simply doesn’t speak the language of business or the public effectively and so doesn’t participate in the conversations that frequently set the agenda.

Second, one of the strengths of the security sector is the engagement of its members and the vibrant groups, associations and institutes they establish – but this is also its weakness. The security sector is fragmented and lacking in clear leadership.

We also believe that the nature of the relationship between the profession and the public should change. ‘Security’ needs to develop a relationship with the public whereby the users are the ones demanding the services rather than having services they haven’t asked for imposed upon them.

Returning once more to the key theme of collaboration and co-operation, The Security Institute feels there’s an overriding need for a true and sustaining partnership between the security profession, businesses and institutions and the general public.

The Front Cover of the new 'Manifesto for Professional Security'

The Front Cover of the new ‘Manifesto for Professional Security’

Setting aside parochial interests

The Manifesto asks a number of things of various stakeholders within this profession and those who have influence over it. However diverse, large or small they may be, we call upon all of the professional bodies in this industry to set aside any parochial interests and join with us in working independently and in parallel for the benefit of our profession, our industry and our society.

We call on educational bodies and awarding bodies to join with the professional bodies and examine the future development of structured learning programmes designed to up-skill the security workforce.

We call upon key commercial organisations to work with the professional bodies and provide the funding and support that some of these initiatives will entail.

We call upon Parliament and its many agencies to establish an enabling, meaningful and ongoing dialogue with the profession to ensure it develops in a manner that’s entirely consistent with the needs of Government and society.

To achieve this, the Manifesto proposes a number of initiatives that we – the professional bodies and member associations in the security sector – can establish through working together.

We encourage thoughtful and dynamic collaboration between groups, businesses and individuals. We believe we should establish a Security Commonwealth wherein all organisations come together on an equal basis, retaining their full individual autonomy while working collectively on the development of common approaches to joint challenges

We propose that we should work collaboratively with all willing groups and individuals within the industry to set up a Security Information Service. This will afford the public general advice via a website – ideally sponsored by the industry and, possibly, Government – on all aspects of personal, domestic, travel and cyber security. This can be used to steer public opinion in a favourable direction.

The Security Information Service will share information on how professional security succeeds at major events, such as the London 2012 Olympic and Paralympic Games and the 2014 Commonwealth Games in Glasgow, as well as on a day-to-day basis in peoples’ lives, for instance when they’re at the shops or using public transport. We will celebrate the achievements of those working for the public and support measures to address the abuse and misuse of security.

We wish to work together to improve and heighten the profile of the sector. The Security Institute encourages collaboration with universities and education providers, schools and university careers services and employers. We want to establish clear career paths that demonstrate progress from first entering the profession to roles in the top strata via specialist and generalist positions, technical and business roles.

Put simply, we need to show security to be the challenging, intellectually stimulating, exciting and public-serving discipline that it most certainly is. We can do this through the medium of a Security Careers Advisory Service.

The Foreword is written by Lord Carlile of Berriew, The Security Institute's president

The Foreword is written by Lord Carlile of Berriew CBE QC, The Security Institute’s president

Common position on professionalism

We want to work together on developing and sharing a common position on professionalism within our industry. Our joint aim should be the UK becoming the exemplar model that the world can copy. We can create a Working Group, entitled Security Outreach, and target this outreach to opinion formers, politicians and management organisations such as the CBI and the Institute of Directors. We can increase awareness through the Human Resources profession, the purchasing and supply function and Facilities Management, all of which are key enablers in our area.

We act together to promote The Gold Standard created by The Worshipful Company of Security Professionals, that of the Chartered Security Professional. We act in unison with other industry bodies to create a common point of view and voice that we will use to approach Government with clearly thought-out suggestions designed to encourage and influence the development of a Government White Paper on the future of the security profession. Security Outreach will play a key role in this process.

To ensure that our voice is heard we propose the creation of a Joint Security Associations’ Lobbying Group that would speak on behalf of all the associations – and through them – when representing the profession and its members.

There’s full recognition that this is an ambitious manifesto and requires all stakeholders in the security sector – the associations, the trade bodies, members of the press and individual members – to come together and work effectively for the good of the security profession.

Let’s recognise that we have a great deal in common and that, first and foremost, all bodies in the sector were established to support the members of this profession. There’s much we can and will continue to offer as individual associations, but let’s be brave enough to recognise that there will be many occasions when, if we are to be truly effective, the fact is we are better together, speaking with one voice and promoting a common viewpoint with the weight of our individual organisations firmly behind us.

We recognise that our ambition for the development of the profession is beyond the ability and resources of any one group, organisation or professional association within the sector. We realise that there are many perspectives on the future of the security profession and the broader sector, and that there are informed voices outside of our organisation who can claim thought leadership.

Strong contribution to the sector

We have no wish to necessarily lead these initiatives but undertake to work tirelessly to get them off the ground and to give them our full and continuing support as a willing participant. Indeed, so determined are we to make them a reality that we’re ready to contemplate a future in which The Security Institute itself may cease to exist in its present form and would possibly be subsumed within a larger, more representative grouping that carries greater authority through its universality.

As a professional body, The Security Institute is rightly proud of its journey over the past 15 years. The organisation has made a strong contribution to the sector. However, if this Manifesto meets with an enthusiastic response from other organisations, and we’re able to use its contents in bringing greater cohesion to the profession at large, then this will be our finest achievement to date.

Winston Churchill once famously stated: “I never worry about action, but only inaction.” Together, we have an opportunity before us to start something that’s truly great. Let’s not allow that opportunity to be brought to a halt through inaction. Work with The Security Institute to make it so.

*Read ‘Recognised, Respected and Professional: A Manifesto for Professional Security

Leave a comment

Filed under Risk UK News