Risk UK December 2014

Security and Fire Management

Rewriting The Script: Software Piracy Risk RemovalSecurity Risk Assessments, Surveys and AuditsTraining and Career Development: Corporate TransitionsBusiness Sector Focus: Security Guarding Solutions

December 2014

Making The Right Move‘A Manifesto for Professional Security’

FrontCover December2014_001 09/12/2014 11:55 Page 1

Sophistication is not about size The Integriti Security Management System is an IP connected access control

and intruder security system that offers sophisticated centralised management

for both small systems on a single site, or large systems distributed across the

country or across the globe.

With a growing list of new installations take a moment to think of what you’re missing! The Integriti system offers an

advanced suite of software,

hardware and integrated

solutions to deliver complete

management of your entire

integrated system.

Have you tried Integriti yet?

+44 (0) 845 470 5000Inner Range Europe LimitedUnits 10-11 Theale Lakes Business Park

Moulden Way, Sulhampstead

Reading, Berkshire RG74GB UNITED KINGDOM

[email protected]

a4 integriti 0ne page UK.indd 1 4/12/2013 8:40 am

Project1_Layout 1 05/02/2014 17:39 Page 1

Contents33 Security Guarding SolutionsSecurity Guarding is the theme of this month’s Risk UK BusinessSector Focus. Jason Towse talks about sectorisation (p35). PeterWebster concentrates on business licensing (p36). Technologyis Andrew Melvin’s subject (p38). David Ward tackles addedvalue (p40), Carl Palmer evaluates risk management (p41) andBrian Sims reports on the SIA’s latest consultation paper (p43)

44 On ParadeManaging security for a special event at an iconic venue inLondon demands much planning, as Brian Sims discovers

45 Bridging The GapIan Moore on Power Supply Units for security and fire systems

46 The Security Institute’s View

48 In the Spotlight: ASIS International UK Chapter

51 FIA Technical Briefing

54 Security Services: Best Practice Casebook

56 Security’s second chanceTerry Greer-King examines a security model that combines bigdata architecture with a continuous approach to provideprotection and visibility along the full cyber attack continuum

58 Training and Career DevelopmentJeff Little talks transition training for Armed Forces personnel

60 Risk in Action

62 Technology in Focus

65 AppointmentsThe latest people moves in the security and fire business sectors

67 The Risk UK Directory

December 2014

3www.risk-uk.com

ISSN 1740-3480

Risk UK is published monthly by Pro-Activ PublicationsLtd and specifically aimed at security and riskmanagement, loss prevention, business continuity andfire safety professionals operating within the UK’s largestcommercial organisations

© Pro-Activ Publications Ltd 2014

All rights reserved. No part of this publication may bereproduced or transmitted in any form or by any meanselectronic or mechanical (including photocopying, recordingor any information storage and retrieval system) without theprior written permission of the publisher

The views expressed in Risk UK are not necessarily those ofthe publisher

Risk UK is currently available for an annual subscription rate of£78.00 (UK only)

Risk UKPO Box 332Dartford DA1 9FF

Editor Brian Sims BA (Hons) Hon FSyI Tel: 0208 295 8304 Mob: 07500 606013e-mail: [email protected]

Design and Production Matt JarvisTel: 0208 295 8310 Fax: 0870 429 2015e-mail: [email protected]

Advertisement Director Paul AmuraTel: 0208 295 8307 Fax: 01322 292295 e-mail: [email protected]

Administration Tracey BealeTel: 0208 295 8306 Fax: 01322 292295 e-mail: [email protected]

Managing Director Mark Quittenton

Chairman Larry O’Leary

Editorial: 0208 295 8304Advertising: 0208 295 8307

5 Editorial Comment

6 News UpdateGlobal Retail Theft Barometer. Reference checking failures. BSIsurvey of IT decision-makers. Crackdown on serious criminals

8 News Analysis: Counter-Terrorism Bill Home Secretary Theresa May has brought before Parliament the“urgently needed” Counter-Terrorism and Security Bill

11 News Special: HMIC Report on Crime RecordingBrian Sims appraises the contents of ‘Crime Recording: Makingthe Victim Count’, the latest report to be issued by HMIC

12 Opinion: ‘A Manifesto for Professional Security’Chairman Emma Shaw outlines The Security Institute’s vision formaking professional security more effective in times ahead

16 BSIA BriefingJames Kelly explores what end users should be looking for whenprocuring the services of lone worker security solutions providers

19 Best laid plansFire detection and alarm system manufacturers are crucial interms of effective safety planning. Paul Pope has the detail

23 Surveillance: The Commercial ImperativeBusinesses are still not using CCTV to its greatest effect. JeremySimpson considers how the latest HD solutions can offer thegreatest degree of protection for both people and property

26 Security Risk Assessments, Surveys and AuditsCharlie Swanson defines security risk assessments, surveys andaudits and how they differ in nature and scope

28 Rewriting The ScriptCopyright infringement (or ‘piracy’) of software is an ever-increasing problem for the UK’s software community. JamieLongmuir assesses a form of criminality that’s hard to trace

30 Remote controlNicholas Banks focuses on the key areas to be addressed by ITand Security Departments when it comes to remote working

Protecting Britain’s Lone Workers (pp16-17)

Contents December2014_riskuk_Dec12 09/12/2014 12:21 Page 3

Audible & Visual Signalling

Tel: +44 (0)1706 233879

www.klaxonsignals.com

Klaxon Signals are specialists in the design and manufacture of world-class signalling equipment. Through innovation and technical expertise, Klaxon Signals produce state-of-the-art audible and visual signaling equipment, protecting and informing millions of people around the world.

Klaxon Signal’s audible and visual signalling equipment are primarily used in Fire Evacuation, Industrial

EditorialComment December2014_riskuk_jul14 09/12/2014 11:49 Page 4

5December 2012

www.risk-uk.com

Editorial Comment

The Regulation of Investigatory Powers Act (RIPA) 2000 – thelegislation governing communications data – “needs acomplete overhaul”. That’s the somewhat damning

conclusion of the latest Home Affairs Select Committee report. Chaired by Keith Vaz MP, the Committee acknowledges the

operational need for secrecy both during and after investigationssuch that investigative techniques in the broader sense are notdisclosed. However, there “has to be proper oversight andscrutiny” and the Committee recommends the Home Office usesits current review of the RIPA Code to “ensure that lawenforcement agencies discharge their RIPA powers properly”.

The Rt Hon Sir Paul Kennedy – the Interception ofCommunications Commissioner – launched an inquiry back inOctober to determine whether the acquisition of communicationsdata had been used to identify journalistic sources. Sir Paulwrote to all chief constables and directed them, under Section58(1) of RIPA, to provide him with details of every investigationthat had employed powers under Chapter 2 of RIPA (Part One) toacquire such data.

The Communications Data Code of Practice was drafted eightyears ago and contains no advice on dealing with professionsthat handle privileged information nor any guidelines on the useof confidential Helplines.

“RIPA is not fit for purpose,” suggests Keith Vaz. “We [theHome Affairs Select Committee] were astonished that lawenforcement agencies have failed to routinely record theprofessions of individuals who’ve had their communications dataaccessed under the legislation. Using RIPA to access thetelephone records of journalists is wrong. This practice mustcease. It deters whistle-blowers from coming forward.”

As far as Vaz and his Committee colleagues are concerned, therecording of information under RIPA is “lamentably poor” withthe whole process appearing “secretive and disorganised” andbereft of studious monitoring in terms of what data is beingdestroyed and what’s actually being retained.

When a senior Parliamentary Committee states that thecurrent RIPA legislation is not fit for purpose it’s an observationthat simply cannot be ignored. The law is seemingly out of date,oversight appears to be weak and the recording of ways inwhich the powers enshrined in RIPA are used is – as Big BrotherWatch director Emma Carr asserts – “patchy” at best.

Indeed, Carr continues: “The conclusion of the Committee thatthe level of secrecy surrounding the use of these powers ispermitting investigations deemed ‘unacceptable in a democracy’should make the defenders of those same powers sit up andtake notice. At present, the inadequacy and inconsistency of therecords being kept by public authorities regarding the use ofthese powers is woefully inadequate.”

Similarly, Isabella Sankey – director of policy at Liberty –believes that we need urgent safeguards in place to preventvaluable data from being accessed without judicial warrant.

Alongside RIPA, one wonders if the new Counter-Terrorism andSecurity Bill (News Analysis, pp8-9) will be seen as a ‘Snoopers’Charter’? Let’s hope not. It’s legislation that’s much needed.

Brian Sims BA (Hons) Hon FSyIEditor

RIPA in the dock

Visit the Klaxon website:

www.klaxonsignals.com

Fire Evacuation

Industrial Signalling

www.klaxonsignals.com/industrial&WAS

EditorialComment December2014_riskuk_jul14 09/12/2014 11:49 Page 5

6www.risk-uk.com

UK companies failing to check employee references ahead of start datesResearch carried out by HireRight – the global due diligence organisation – suggests that most UKcompanies are failing to check references before new employees start in their roles and arestruggling to respond to other companies’ reference requests.

The Point of Reference research suggests that two-thirds (66%) of new employees begin workbefore their reference checks are complete. Two-in-five (39%) of Human Resources (HR) functionleaders believe this is normal practice within their industry.

However, such pre-checks are absolutely vital. The HireRight study reveals that more than half(58%) of successful applications contain errors*. In tandem, one third (36%) of HR leaders admitthey need a clearer way of identifying those job candidates with malicious intent on their minds.

Steve Girdler, managing director (EMEA) at HireRight, explained: “References reveal importantdetails about an individual’s history and help employers ensure they can trust the people theyallow to work with their customers, clients and colleagues. By failing to carry out due diligencebefore people start work, companies risk hiring individuals unable to fulfil the duties of theirrespective roles and who may commit fraud or theft or even damage customer relationships.”

Girdler added: “A great deal of damage can be done between the moment an employee starts ata new company and when referencing requests are completed.”

HireRight’s Point of Reference research results are based on the perspectives of senior HRleaders in some of the UK’s biggest companies. The findings also highlight that reference checkingis seen as an ‘administrative burden’ for many HR Departments at a time when they’re alreadystruggling to find enough hours in the day for important strategic work.*The inaccuracies figure quoted is based on the analysis of data from candidate due diligenceprogrammes, with this quarter’s findings focused on 121,000 checks of almost 34,000 applicationssubmitted between July and September 2014

Retailers lose £2.7 billion to shoplifting, employee theft,internal fraud and administrative errors in last 12 months

According to the latest Global Retail TheftBarometer, shrink – comprised of shoplifting,employee theft, vendor or supplier fraud andadministrative errors – has cost the retailindustry more than £81 billion worldwide in2013 and £2.7 billion in the UK. This represents0.97% of all UK retailer sales on average.

Underwritten by an independent grant fromCheckpoint Systems, the research was carriedout in 2014 by The Smart Cube and Ernie Deyle,a retail loss prevention analyst. The results arebased on phone and written survey interviewsconducted in 24 countries among 222 retailersresponsible for £475 billion in sales.

The average cost of retail crime per person(based on dishonest employees, shoplifters,fraudulent suppliers and the cost of lossprevention) across the 24 countries surveyedrange from £46 to £338. The annual cost ofretail crime to UK shoppers, as passed on fromretailers, averages £80.00 per person.

Shrink appears to be down slightly in mostcountries. The lowest shrink rates wererecorded in Norway (.83% of retail sales)followed by Japan and the UK (.97%). The UScame in at 1.48% of retail sales, a fall from1.50% last year. The highest rates wererecorded in Mexico (1.70%) and China (1.53%).

Russell Holland, vice-president of sales forthe UK and EMEA distributors at Checkpoint

Systems, commented: “Over the last year,retailers in the UK have made substantialinvestments in the fight against retail crime.Many reported that improved security methodshave helped them to keep losses under control.We’re also seeing retailers invest in theiremployees’ education and understandingaround loss prevention. There’s no doubt thismarks an encouraging step forward in the fightagainst retail crime on home shores.”

While shoplifting remains the biggest causeof all retail shrink in 16 of those countriessurveyed, here in the UK both administrativeand non-crime losses ranked first (at 36.5%)with shoplifting next on the list (25.3%).

The most-stolen items across Europe arethose products that are easy to conceal andharbour a good resale value, among themfashion accessories, wines and spirits. Otherfrequently stolen items include power tools,mobile accessories and make-up products.

Survey respondents state that source tagging– the application of EAS or RFID labels on goodsprior to their arrival at retail stores – hasincreased around the globe.

80% of UK retailers are source-tagging up to10% of products. A further 20% are now source-tagging over 20% of all merchandise.

Access the Global Retail Theft Barometer at:http://www.GlobalRetailTheftBarometer.com

Steve Girdler: ManagingDirector (EMEA) at HireRight

NewsUpdate December2014_riskuk_dec14 09/12/2014 13:20 Page 6

News Update

Government minister urgescrackdown on ‘free movement ofserious criminals’

Karen Bradley – the Government Minister forModern Slavery and Organised Crime – hasurged that more information on seriouscriminals must be shared across Europe inorder to protect members of the public.

Bradley has also called for action to stopthose responsible for crimes including murderfrom being able to cross national borders toescape justice or prey on new victims.

Speaking to delegates at a conference inThe Hague, the UK MP explained: “We mustall face up to the fact that, while freemovement is seen by many in Europe ashaving only positive impacts, there are somevery clear negatives – not least of which is theability for criminals to exploit this freedom ofmovement and further their own illegalactivities across national borders.”

Bradley continued: “If we’re to tackle thisproblem then the free movement ofinformation needed to combat criminalitymust work as effectively – and, ideally, moreeffectively – than that of criminals.”

The minister told the final meeting of theUK-led Serious Offending by Mobile EuropeanCriminals (SOMEC) Project that greatimprovements had already been made on thesharing of information but more must be done.

Bradley stressed the importance of the UKremaining part of a number of crime andpolicing measures that Parliament will vote onand which have enhanced our ability to findout about foreign offenders moving to the UK.

“Public protection must not be lost in awider debate about the UK’s place in Europe,”stated Bradley. “More must be done toprevent offenders from exploiting freemovement rights to slip unnoticed intoanother nation where they can then targetunsuspecting victims.”

BSI: ‘Businesses at risk of “sleepwalking” into reputational time bomb’UK businesses are at risk of “sleepwalking” into a reputational time bomb due to a lack ofawareness on how to protect their data assets. As cyber hackers become more complex andsophisticated in their methods, organisations are being urged to strengthen their securitysystems to protect both themselves and consumers.

The BSI’s survey of IT decision-makers* finds that cyber security is a growing concern, withover half (56%) of UK businesses being more worried about this issue than was reported to bethe case 12 months ago. Seven-in-10 (70%) attribute this to hackers becoming more skilled andbetter at targeting businesses.

However, while the majority (98%) of organisations have taken steps to minimise risks to theirinformation security, only 12% are extremely confident about the security measures they have inplace to defend against these attacks. Worryingly, IT directors appear to have accepted the risksposed to their information security, with nine-in-10 (91%) admitting their organisation has beenthe victim of a cyber attack at some point. Around half have experienced an attempted hackand/or suffered from malware (49% in both instances).

Despite confidence in the security measures they have in place, three-in-five (60%) of thoseorganisations surveyed have not provided staff with information security training. More than onethird (37%) haven’t installed anti-virus software and only just under half (49%) monitor theirusers’ access to applications, computers and software.

Conversely, organisations that have implemented ISO 27001 – the international InformationSecurity Management System Standard – are more conscious about potential cyber attacks thanthose who haven’t (56% versus 12%). 52% of organisations with ISO 27001 implemented areextremely confident about their level of resilience against the latest methods of cyber hacking.

There appears to be a level of acceptance that nothing online will ever be wholly safe, leadingto a false sense of security that: ‘This will not happen to me’ among those who have not sufferedfrom a cyber attack/crime.

Speaking about the research, Maureen Sumner Smith – UK managing director at BSI –explained: “Best Practice security frameworks, such as ISO 27001, and easily recognisableconsumer icons like the BSI Kitemark for Secure Digital Transactions can help organisationsbenefit from increased sales, fewer security breaches and protected reputations. Our researchshows that the onus is very much on businesses to wake up and take responsibility if theywant to continue to be profitable and protect their brand reputations.”*Vanson Bourne conducted interviews with 200 IT decision-makers in UK businesses employingbetween 250 and 1,000 members of staff. Interviews were carried out in October 2014

7www.risk-uk.com

Maureen Sumner Smith: UKManaging Director at BSI

NewsUpdate December2014_riskuk_dec14 09/12/2014 13:21 Page 7

According to the Home Office, the all-newCounter-Terrorism and Security Bill willbolster the UK’s already considerable

armoury of powers to disrupt the ability ofpeople to travel abroad and fight, reduce therisks they pose on their return to home shoresand combat the underlying ideology that feeds,supports and sanctions terrorism.

The collapse of Syria, the emergence of ISILand ongoing instability in Iraq presentsignificant dangers not just in the Middle Eastbut also to Britain and across the West. Many ofthe estimated 500 British citizens who’vetravelled to Syria and Iraq have joined terroristorganisations alongside foreign fighters fromEurope and further afield.

The Bill – which is to be enacted “at theearliest opportunity” – will disrupt thoseintending to travel by:• Providing the police with a temporary power

to seize a passport at the border fromindividuals of concern

• Creating a Temporary Exclusion Order thatwill control the return to the UK of a Britishcitizen suspected of involvement in terroristactivity abroad

• Enhancing the UK’s border security as aresult of toughening transport security

arrangements around passenger data, ‘Nofly’ lists and screening measures

• Enhancing the UK’s existing terrorismprevention measures

To deal with those returning to – or already in– the UK, the Government is:• Enhancing existing terrorism prevention and

investigation measures, including theintroduction of stronger locationalconstraints and a power requiring individualsto attend meetings with the authorities aspart of their ongoing management

To support those at risk of succumbing toradicalisation, the Government is:• Creating a general duty on a range of bodies

to prevent people from being drawn into actsof terrorism

• Putting Channel – the voluntary programmedesigned for people at risk of radicalisation –on a statutory basis

To help disrupt the wider activities of terroristorganisations, the Bill is:• Enhancing vital investigative powers by

requiring communications service providersto retain additional information in order toattribute an Internet Protocol address to aspecific individual

• Amending existing law to ensure that UK-based insurance firms cannot reimburse thepayment of terrorist ransoms

Use of these powers – which are consistentwith all of the UK’s existing international legalobligations – will be subject to stringentsafeguards. These include appropriate legalthresholds, judicial oversight of certainmeasures and a power to create a Privacy andCivil Liberties Board designed to support thework of David Anderson QC, the currentIndependent Reviewer of Terrorism Legislation.

Removing terrorism-related materialThe Bill will sit alongside the existing range oftools used to combat the terrorist threat,including powers to withdraw the passports ofBritish citizens, bar foreign nationals from re-entering the UK and strip British citizenshipfrom those who have dual nationality.

The Government is also working with theInternet industry to remove terrorist materialhosted in the UK or overseas. Since February

Home Secretary Theresa May introduces “urgently needed” Counter-Terrorism and Security Bill

*The UK Government’sCounter-Terrorism and SecurityBill is the seventh majorcounter-terrorism lawintroduced in Britain since 9/11

Home Secretary Theresa May has brought to Parliament whathas been described as “urgently needed” legislation whichwill afford the UK some of the toughest powers in the worldspecifically designed to tackle the increasing threat posed byinternational terrorism. Brian Sims evaluates the detail

8www.risk-uk.com

Home Secretary Theresa May:determined to disrupt theactivities of would-be terrorists

NewsAnalysis December2014_riskuk_dec14 09/12/2014 12:07 Page 8

2010, the Counter-Terrorism Internet ReferralUnit has taken down more than 65,000 piecesof unlawful terrorist-related content.

Speaking about the new Bill, Home SecretaryTheresa May said: “We’re in the middle of agenerational struggle against a deadly terroristideology. These powers [outlined in theCounter-Terrorism and Security Bill] areessential to keep up with the very serious andrapidly changing threats we face. In an openand free society we can never entirely eliminatethe threat from terrorism, but we must doeverything possible in line with our sharedvalues to reduce risks posed by our enemies.”

The Home Secretary added: “This Billincludes a considered and targeted set ofproposals that will help to keep us safe at atime of very significant danger by ensuring wehave the powers we need to defend ourselves.”

Responding to the Home Secretary’sannouncement that the Counter-Terrorism andSecurity Bill will oblige Internet ServiceProviders (ISPs) to retain information linking IPaddresses with individual users, Liberty’sdirector Shami Chakrabarti commented:“There’s no problem with the targetedinvestigation of terrorist suspects, includingwhere required the linking of apparentlyanonymous communications to a particularperson. However, every Government proposal ofthe last so many years has been about blanketsurveillance of the entire population. Forgive usif we look for the devil in the detail.”

Big Brother Watch director Emma Carr added:“There are key issues to be addressed withthese IP-based proposals. For example, thereare questions over whether or not this will betechnically feasible. Proper safeguards must beintroduced to ensure that these techniques areused transparently, that there’s a proper level ofauthorisation and that the oversight andredress mechanisms can function effectively.”

Carr added: “If such a measure is introduced,time should then be allowed to ensure that itseffectiveness in relation to law enforcementinvestigations can be evaluated with due careand transparency.”

Disruption of terrorist attacksThe National Policing Lead for Counter-Terrorism is Assistant Commissioner MarkRowley of the Metropolitan Police Service. Asfar as Rowley’s concerned, countering terrorismhas for too long been thought of as the solepreserve of the police service, the securityagencies and the Government.

Rowley is now calling on citizens andbusinesses to be prepared to play their part inkeeping the country safe. “The danger posed

by violent extremists has evolved,” he said.“They are no longer a problem solely stemmingfrom countries like Iraq and Afghanistan, faraway in the minds of the public. Now, they arehome-grown in our communities, radicalised byimages and messages they read on socialmedia and prepared to kill for their cause. Thetragic murder of Lee Rigby last year was a starkwarning to us all about how real and local thethreat is at this time.”

Rowley continued: “Police officers and ourpartners are continuing to work 24 hours a day,seven days a week to protect the UK from aterrorist attack. So far this year we’ve disruptedseveral attack plots and made 271 arrestsfollowing counter-terrorism investigations, butthe eyes and ears of law enforcement and otheragencies alone cannot combat the threat.”

Pursue, Prevent, Protect, PrepareThe UK’s counter-terrorism strategy CONTESTfocuses on four key areas: Pursue, Prevent,Protect and Prepare. Most of the publicityaround terrorism is based on Pursue andPrevent, as these involve arrests, the disruptingof actual attack plots and turning people awayfrom extremism.

AC Rowley is keen to stress that everyone canbe doing more to Protect and Prepare, ensuringsecurity in crowded places, the monitoring ofour borders and being ready to respond to aterrorist attack.

“We don’t want to scare people, but we dowant them to understand the threat and bevigilant to things that are out of place orsuspicious and report it to the police service.We need businesses to check that their securitymeasures are effective and train their membersof staff to detect potential threats and, ifnecessary, respond to an attack.”

AC Rowley also stated: “Experience shows usthat terrorists target busy, well-populatedplaces to ensure that their attacks have amaximum impact. Businesses, particularlythose in crowded places, have an invaluablerole to play in our fight against terrorists,violent extremists and other criminals. Theirmembers of staff are often the first people tospot signs that something is wrong.”

Since the UK terror threat level increased on29 August, reports of suspicious behaviourhave nearly doubled. This is a direct result ofreporting by members of the public, and everyone of those reports is investigated.

However, AC Rowley wants more members ofthe public to have confidence in reporting theirsuspicions. “Please tell us if you know orsuspect something,” he urged. “Yourinformation could save lives.”

9www.risk-uk.com

News Analysis: Counter-Terrorism and Security Bill

Metropolitan Police ServiceAssistant Commissioner MarkRowley: National Policing Leadfor Counter-Terrorism

The UK’s counter-terrorismstrategy CONTEST focuses onfour key areas: Pursue,Prevent, Protect and Prepare

NewsAnalysis December2014_riskuk_dec14 09/12/2014 13:20 Page 8


The inspection was designed to review theintegrity of police-recorded crime data (itwas not an inspection or inquiry into the

integrity of the police service). In examiningover 8,000 reports of crime incidents detailedto the police, HMIC found the national averageof the under-recording of crime to be 19% (ieover 800,000 crimes each year).

During the audit period November 2012-October 2013, the police were found to be lesslikely to record violent offences as crimes thanthey were other crime types. The inspectionalso found that, on the national average, over athird of violent crimes reported to the policeeach year are not being recorded as crime.

Every force was inspected, and the resultsfrom each have been used to build astatistically representative figure on a nationalbasis. HMIC emphasises that the picture at alocal level is mixed. Not every force is the same.In a few forces, crime recording is very goodand highlights the fact that this procedure canbe carried out extremely well and the statisticstrusted. In some other forces, though, HMICsuggests the process is “unacceptably bad”.

Recording rate is “inexcusably poor”Commenting on the report’s contents, HerMajesty’s Chief Inspector of Constabulary TomWinsor said: “A national crime recording rate of81% is inexcusably poor. Failure to properlyrecord crime is indefensible. This is not aboutnumbers and dry statistics. It’s about victimsand the protection of members of the public.”

Winsor also stated: “The police shouldimmediately institutionalise the presumptionthat the victim is to be believed. If evidencelater comes to light which shows that no crimeoccurred then the record should be corrected.That’s how the system is supposed to work.”

Importantly, Winsor explained: “Victims need– and are entitled to – support and assistance.They – and their communities – are alsoentitled to justice. Failures in crime recordingcan also increase the risks to victims and thecommunity of the denial of justice. The policeneed to take this subject very seriously.”

One-in-five of the 3,246 reviewed decisionsmade to cancel a crime record were incorrect.

The police should inform victims of thesedecisions, states HMIC, but in over 800 of the3,246 decisions reviewed for this inspectionthere was no record of the victim having beentold. This means that victims may be under theimpression their crimes are being investigatedwhen in truth they’re not.

The inspection also found that, oncerecorded, decisions on the classification ofcrimes were correct in 96% of cases.

Undue pressure on police officers?Relatively little firm evidence was found ofundue pressure being placed on police officersto manipulate figures, despite allegations andassertions to that effect.

However, in a survey of over 17,000 policeofficers and staff, 39% of the 8,600 individualswho said they had responsibility for makingcrime recording decisions reported thatperformance and other pressures weredistorting those decisions. When presentedwith this picture, several forces admitted it.

That said, the inspection also found thatforces are making considerable efforts tochange the culture in which such practices havebeen permitted in the past.

Adam Pemberton – assistant CEO of VictimSupport – stated: “The sheer number of crimesthat have been dismissed by the police isalarming. It’s equally astonishing that so manyvictims are not told if the police service laterdecides that no crime took place. The victims ofcrime rely on the police service to believe themand to investigate crime properly. They shouldbe able to trust them to do just that.”

11www.risk-uk.com

“Victims let down by poor crime recording” states HMIC reportIn its latest publication entitled ‘Crime Recording: Makingthe Victim Count’, which encompasses the results of what isthe most extensive inspection and analysis of crime recordingcarried out to date, Her Majesty’s Inspectorate ofConstabulary finds that the national average rate of under-recording of crime is almost one-in-five. Brian Sims reports

News Special: HMIC Report on Crime Recording Statistics

Tom Winsor: Her Majesty’sChief Inspector ofConstabulary

NewsSpecialHMICReport December2014_riskuk_DEC14 09/12/2014 13:17 Page 11

Everything The Security Institute has doneover the first 15 years of its existence hasbeen building up to this point. We would

like to think that our new document entitled‘Recognised, Respected and Professional: AManifesto for Professional Security’ carries onthe traditions of The Security Institute’sfounding members. Back in 1999, thosefounding members were willing to seek changeand courageous enough to do their utmost in abold bid to realise that change.

This is the point at which I feel ourprofessional body comes of age. The point atwhich we are mature enough to profess that wecan only achieve our ambitions for thisprofession not by pursuing our own agenda orthrough acting as a member association with anarrow focus on our own members’ interestsbut instead by recognising that the first duty ofa professional body is to serve the professionitself in the most inclusive sense in addition toall of its many and varied stakeholders.

We understand that, across the sector, thereare valuable relationships currently being usedfor narrow benefit that could be developed toserve the greater good.

First and foremost, this new Manifesto isabout collaboration.It sets out a visionand a series ofinitiatives thatencourage workingtogether to achievekey outcomes. Inworking to bringabout those definedoutcomes, allorganisationswithin the sectorwould maintain fullautonomy andretain their ownindividual identity

and traditions while at the same time striving toachieve for the good of all.

Background to the ManifestoUndoubtedly, these are times of immense andrapid change for the security profession and allof its practitioners. The nature of the securitythreat is evolving. Accessible informationtechnologies, global networks, diversification ofthreats and disruptive technologies will allcreate risks for the public, for society and forbusinesses in equal measure. These complexthreats require complex solutions and, in turn,this will demand far greater collaboration andco-operation from – and between – thoseresponsible for the security of assets as well asthe host organisations representing them.

We also need to remember that it’s not onlysecurity professionals who are ourstakeholders. Ultimately, the primary end userof all our services is the general public and TheSecurity Institute feels that not enough hasbeen done to include that cohort in our thinkingas a profession. There’s a need for greaterunderstanding of what the public perceives asthreats, which tend towards the local and shortterm rather than the international and longerterm focus of the UK Government’s ownNational Security Strategy. Through itsprofessional bodies, the security professionmust strive to build bridges with the public itseeks to protect.

Following on from this, security must alsoengage more actively with end userstakeholders in a bid to demystify its practicesand make its own case for wider recognition asa force for good in society. On an individuallevel, security must strive to promote a clearunderstanding and appreciation of the thingsthe security profession does on a daily basis tomaintain stakeholder well-being.

At a time when security is becoming evermore ubiquitous and might be perceived bysome as overbearing, we absolutely cannotafford to let the public lose faith in theprofessionals who work tirelessly to manageand mitigate the risks we all face and, in sodoing, keep members of the public safe.

In the pursuit of greater degrees of security,it must be said that a fine line exists betweenprotecting members of the public and infringingtheir civil liberties. Here, the securityprofession has the opportunity to be a

‘A Manifesto for Professional Security’: The Security Institute’s Vision of The Future

On Tuesday 18 November at The Churchill War Rooms inLondon, The Security Institute launched ‘A Manifesto for

Professional Security’. Emma Shaw outlines the organisation’svision for making professional security more effective: a

profession that’s recognised and respected for the immensevalue it delivers to society, to organisations in the public andprivate sectors and, indeed, individual members of the public

12www.risk-uk.com

ManifestoforProfessionalSecurity December2014_riskuk_dec14 09/12/2014 12:05 Page 12

Emma Shaw CSyP FSyl MBAFCMI: Chairman of The SecurityInstitute

reassuring and independent presence betweenthe public and the legislature. We can offer areliable information channel.

Taking this argument a stage further, thesecurity profession has to encourage anongoing debate around the moral basis ofsecurity. It’s also fair to say that ethicalchallenges will frequently arise as technologyempowers the profession to gather, analyseand use data about citizens.

Security profession must evolveThe Institute feels strongly that the securityprofession must evolve in line with thechanging nature of risks and threats and equippractitioners to cope with those risks such thatthey can meet the challenges facing society.

Technology is one of the key drivers ofchange, and the security profession – and itscohort – needs to demonstrate the technicaland intellectual skills that enable effectiveworking within this environment.

New tools can help transform the sector. Forexample, big data analytics might be made intoworking tools, enabling complex data to beturned into smart data and allowing dataanalysis on a massive scale that quicklyprovides deeper insights while creating newtypes of services for host organisations.

We should also consider the make-up of thesecurity profession. Security is still widelyviewed as a second career for those coming outof the military or the police service. We need toencourage young people to enter the securityworld as a first-choice profession after leavingschool or university.

What, then, are the reasons why things wewould all agree need to be done are not beingdone? First, it’s apparent to many of us that‘Security’ simply doesn’t speak the language ofbusiness or the public effectively and sodoesn’t participate in the conversations thatfrequently set the agenda.

Second, one of the strengths of the securitysector is the engagement of its members andthe vibrant groups, associations and institutesthey establish – but this is also its weakness.The security sector is fragmented and lacking inclear leadership.

We also believe that the nature of therelationship between the profession and thepublic should change. ‘Security’ needs todevelop a relationship with the public wherebythe users are the ones demanding the services

rather than having servicesthey haven’t asked forimposed upon them.

Returning once moreto the key theme ofcollaboration and co-operation, The SecurityInstitute feels there’san overriding need for atrue and sustainingpartnership between thesecurity profession,businesses and institutionsand the general public.

The Manifesto asks a numberof things of various stakeholderswithin this profession and those whohave influence over it. However diverse, large orsmall, we call upon all of the professionalbodies in this industry to set aside anyparochial interests and join with us in workingindependently and in parallel for the benefit ofour profession, our industry and our society.

We call on educational and awarding bodiesto join with the professional bodies andexamine the future development of structuredlearning programmes designed to up-skill thesecurity workforce.

We call upon key commercial organisationsto work with the professional bodies andprovide the funding and support that some ofthese initiatives will entail.

In addition, we call upon Parliament and itsmany agencies to establish an enabling,meaningful and ongoing dialogue with theprofession to ensure it develops in a mannerthat’s entirely consistent with the needs ofGovernment and society.

Dynamic collaboration in the futureThe Manifesto proposes a number of initiativesthat we – the professional bodies and memberassociations in the security sector – canestablish through working together.

We encourage thoughtful and dynamiccollaboration between groups, businesses andindividuals. We believe we should establish aSecurity Commonwealth wherein allorganisations come together on an equal basis,retaining their full individual autonomy whileworking collectively on the development ofcommon approaches to joint challenges.

We propose that we should workcollaboratively with all willing groups and

Opinion: ‘A Manifesto for Professional Security’

“First and foremost, this new Manifesto is about collaboration. It sets out a vision anda series of initiatives that encourage working together to achieve key outcomes”

13www.risk-uk.com


14www.risk-uk.com

Opinion: ‘A Manifesto for Professional Security’

individuals within the industry to set up aSecurity Information Service. This will affordthe public general advice via a website – ideallysponsored by the industry and, possibly,Government – focused on all aspects ofpersonal, domestic, travel and cyber security.This can be used to steer public opinion in afavourable direction.

The Security Information Service will shareinformation on how professional securitysucceeds at major events as well as on a day-to-day basis in peoples’ lives, for instance whenthey’re at the shops or using public transport.We will celebrate the achievements of thoseworking for the public and support measures toaddress the abuse and misuse of security.

We wish to work together to improve andheighten the profile of the sector. The SecurityInstitute encourages collaboration withuniversities and education providers, schoolsand university careers services and employers.We want to establish clear career paths thatdemonstrate progress from first entering theprofession to roles in the top strata viaspecialist and generalist positions, technicaland business roles.

Put simply, we need to show security to bethe challenging, intellectually stimulating,exciting and public-serving discipline that itmost certainly is. We can do this through themedium of a Security Careers Advisory Service.

Position on professionalismWe want to work together on developing andsharing a common position on professionalismwithin our industry. Our joint aim should be theUK becoming the exemplar model that theworld can copy. We can create a Working Group,entitled Security Outreach, and target thisoutreach to opinion formers, politicians andmanagement organisations such as the CBI andthe Institute of Directors.

We can increase awareness through theHuman Resources profession, the purchasingand supply function and Facilities Management,all of which are key enablers in our area.

We act together to promote ‘The GoldStandard’ created by The Worshipful Companyof Security Professionals, that of the CharteredSecurity Professional. We act in unison withother industry bodies to create a common pointof view and voice that we will use to approachGovernment with clearly thought-out

suggestions designed to encourage andinfluence the development of a GovernmentWhite Paper on the future of the securityprofession. Security Outreach will play a keyrole in this process.

To ensure that our voice is heard we proposethe creation of a Joint Security Associations’Lobbying Group that would speak on behalf ofall the associations – and through them – whenrepresenting the profession and its members.

Let’s recognise that we have a great deal incommon and that, first and foremost, all bodiesin the sector were established to support themembers of this profession. There’s much wecan and will continue to offer as individualassociations, but let’s be brave enough torecognise that there will be many occasionswhen, if we are to be truly effective, the fact ofthe matter is that we are better together,speaking with one voice.

We recognise that our ambition for thedevelopment of the profession is beyond theability and resources of any one group,organisation or professional association withinthe sector. We realise that there are manyperspectives on the future of the securityprofession and the broader sector, and thatthere are informed voices outside of ourorganisation who can claim thought leadership.

Strong contribution to the sectorWe have no wish to necessarily lead theseinitiatives but undertake to work tirelessly toget them off the ground and to give them ourfull and continuing support as a willingparticipant in the way forward.

Indeed, so determined are we to make thema reality that we’re ready to contemplate afuture in which The Security Institute itself maycease to exist in its present form and wouldpossibly be subsumed within a larger, morerepresentative grouping that carries greaterauthority through its universality.

As a professional body, The Security Instituteis rightly proud of its journey over the past 15years. The organisation has made a strongcontribution to the sector. However, if thisManifesto meets with an enthusiastic responsefrom other organisations, and we’re able to useits contents in bringing greater cohesion to theprofession at large, then this will be our finestachievement to date.

Winston Churchill once famously stated: “Inever worry about action, but only inaction.”Together, we have an opportunity before us tostart something that’s truly great.

Let’s not allow that opportunity to be broughtto a halt through inaction. Work with TheSecurity Institute to make it so.

“The Institute feels strongly that the security profession mustevolve in line with the changing nature of risks and threats

and equip practitioners to cope with those risks”


OxyReduct® fire prevention

R E M O V I N G T H E

T H R E AT O F F I R E .

The new Library of Birmingham has

chosen OxyReduct® to protect its

valuable archives, the same as over

700 other businesses and organisations

around Europe.

No matter how good your fire detection,

extinguishing or suppression system is, a fire

has to start for it to work – so some damage

is inevitable. In mission critical applications

where any business interruption is unaccep-

table or where warehouse stock or archives

are invaluable, a different approach to fire

prevention is needed.

OxyReduct® employs innovative technology

that continuously reduces the oxygen level in a

room by adding nitrogen to the air. The oxygen

is reduced to a level in which combustibles do

not inflame and an open fire is impossible.

Importantly, people can enter the area of risk.

Visit our in-house demonstration facility and

experience a fire-free environment at first hand.

www.wagner-uk.com


From community healthcare employeesthrough to shopkeepers, museum curatorsand service station employees, a growing

number of Britain’s workers spanning a range ofindustry sectors are now required to work ortravel alone, either regularly or on anoccasional basis. Almost by definition, so-called ‘lone working’ can be intimidating and,at times, dangerous, with employees exposedto a number of risks from trips and fallsthrough to verbal and/or physical abuse.

Employers have a Duty of Care to look afterall of their employees and to ensure that theappropriate safeguards are in place that willprotect them while working in isolation.

An increased awareness of employers’ legalresponsibilities was highlighted in researchreleased only last year. This detailed analysisrevealed the growing importance of robustHealth and Safety measures to protect staff andbusinesses from potential corporatemanslaughter claims arising on those occasionswhen deaths are caused by managementfailures deemed to constitute a gross breach inrelation to Duty of Care.

Figures published in 2013 by law firm PinsentMasons LLP show that the number of corporatemanslaughter cases rose to 63 in 2012compared with 45 in 2011 (representing anincrease of 40%). The firm also warns of anincreased focus by the Crown ProsecutionService on corporate manslaughter claims,asserting that momentum is growing aroundenforcement of the 2007 CorporateManslaughter and Corporate Homicide Act.

In fact, the first prosecution under that Actrelated to a lone worker, illustrating theimportant emphasis that employers must placeupon taking care of such employees.

Protecting lone workers involves a two-foldapproach designed to provide safeguards butalso offer reassurances to the individualsinvolved. For many, this means providingemployees with the means to call for helpshould they find themselves in a challengingsituation. Here, technology comes to the fore.

Working with the police service and endusers, the private security industry hasdeveloped a combination of practice,technology and standards capable of providingan effective – and affordable – solution to riskin the form of personal alarms capable ofestablishing direct links with Alarm ReceivingCentres (ARCs) and the Emergency Services.

Having developed rapidly over the pastdecade, the market for lone worker security hasled to the creation of myriad protection devicesequipped with mobile phone technology thatconnects employees quickly and discreetly withan emergency response system that has directlinks to the police service. As such, loneworkers are now able to assess the risks theymight be facing in the knowledge that theypossess the means both to summon aid in anemergency and collect information that, ifnecessary, can be used in evidence.

As the lone worker market ‘comes of age’, anumber of lone worker products are nowcommercially available, including miniaturedevices that resemble ID holders in addition tospecialist smart phone apps.

With such a wide range of choice beforethem, it can be the case that end users aresimply unsure of where to start when it comesto sourcing quality lone worker solutions.

BS 8484: setting the standardConsidering the core requirement of a loneworker system and how it addresses the enduser’s needs, the ability to summon help – andrely upon police attendance – is crucial.

16www.risk-uk.com

Britain’s Lone Workers: Protecting them from harmFor many British companies, changes in technology andworking practices have led more employees to work either inisolation or without direct supervision. Given suchdevelopments place these ‘lone workers’ at potential risk,demand for security and safety mechanisms has skyrocketed.James Kelly explores the market for lone worker protectionand explains what end users should be looking for whensourcing a quality solutions provider

BSIABriefing December2014_riskuk_dec14 09/12/2014 11:43 Page 16

BSIA Briefing

17www.risk-uk.com

James Kelly: Chief Executiveof the British Security IndustryAssociation

British Standard BS 8484 is employed by allBSIA members in this field and forms the basisfor police response to lone worker systems.Indeed, BS 8484 is an ideal place to start whensourcing a lone worker system. As such, theBSIA recommends the use of devices or smartphone apps certified to BS 8484 and monitoredby ARCs certificated to BS 8484 (Part 6) as wellas BS 5979 (Category 2).

Choosing a solution that’s compliant to BS8484 through audit ensures that ‘at risk’employees are provided with the best and mostcost-effective level of protection if they shouldfind themselves in difficulty, at the same timeaffording employers the best level of protectionagainst litigation.

BS 8484 contains three main elements:• Part 4: The company providing the service

must be stable, properly financed, insured,have effective information security and becompetent to provide lone worker services

• Part 5: All devices used as personal safetyalarms must meet the functionalrequirements of the standard. This enablesan operator to verify an alarm as genuine,establish the situation and the locationbefore passing the relevant information tothe appropriate response service in a timelyand efficient manner

• Part 6: Refers to the ARC which is where thealarm is received, verified and a responserequest sent to the appropriate service –usually the Emergency Services. As stated,ARCs must meet BS 5979 Category 2standards as well as BS 8484 Part 6

Ensuring police responseImplementation has ensured that requests forpolice response are properly verified, originatewith approved ARCs and contain the rightinformation. The result is a minimum of falsealarms which justifies the commitment made bythe police service to provide an ‘immediate’response where possible.

The police manage alarms and approval for‘immediate’ response through the ACPOSecurity Systems Policy by issuing a UniqueReference Number (or URN). For lone workeralarms, the ACPO Policy demands that all linksin the chain are complete before a URN isissued to an ARC (ie the provider, the deviceand the ARC must all be accredited to theappropriate part of the standard).

Implementation of the standard benefits thepolice. More importantly, perhaps, it alsoprovides less tangible benefits for vulnerableemployees and their employers around staffattitudes. It has been shown that employerswho show proper concern for their ‘at risk’

members of staff can reduce employee absencethrough sickness and stress while alsoimproving staff retention levels.

Due to the fact they feel safer with adequateprecautions and training in place, employeesare more effective in implementing companypolicy in difficult situations. Such services havebeen shown to allow staff to work alone wherein the past ‘double manning’ has been required.

Expert guidance at handThe BSIA has published three associatedguides affording employers and lone workersthemselves with some easy-to-follow advice.

‘Lone Workers: An Employer’s Guide’ informsemployers about what to look for whensourcing a lone worker safety and securitysolutions provider. The guide covers anemployers’ responsibilities to its lone workers,as well as specific criteria for selectingtechnology and monitoring services andproviders (including the possession of qualitymanagement systems such as ISO 9001 and thedelivery of appropriate training).

‘Lone Workers: An Employer’s Guide’ can bedownloaded free by visitinghttp://www.bsia.co.uk/publications andsearching for Form 288.

For employees whose role requires them towork alone, the BSIA has issued a separateguide entitled: ‘Lone Workers: An Employee’sGuide’. This too is available as a free download.Visit http://www.bsia.co.uk/publications andlocate Form 284.

Furthermore, the Association has producedan end users’ guide to help users of loneworker devices or smart phone appsunderstand exactly when they should summonhelp using their device. The new guide,entitled: ‘Use of a Lone Worker Device or App’ isavailable free from the same Internet address.In this instance, look for Form 256.

BSIABriefing December2014_riskuk_dec14 09/12/2014 11:44 Page 17

16th & 17th March 2015, Radisson Blu, London Stansted

Media and Industry Partners

The best chance to attend face-to-face meetings with top

suppliers of security products and services.

As a delegate your attendance is FREE and we match-make

delegates with suppliers based on shared preferences to ensure

all meetings are of the highest quality.

Delegates benefit from:

• Pre-agreed 25-minute meetings with suppliers pre-selected by you

• Complimentary seminars• Overnight accommodation at a

luxurious venue• Buffet lunch and evening gala dinner

with entertainment• An event where you are in charge

Suppliers benefit from:

• 1-2-1 meetings with delegates• Professional but relaxed

networking environment• Overnight accommodation at a

luxurious venue• Dedicated stand for meetings with

Wifi, lighting and electrics

BOOK NOW

Contact Nick Stannard on 01992 374092

or email [email protected]


Paul Pope: BusinessInnovation Manager at ApolloFire Detectors

The development of an effective fire safetystrategy allowing early warning of a firecondition and the safe exit of occupants

from a building or a given area/zone is acomplex process. It’s one requiring the input ofexperienced specialists who can tackleeverything from the initial consultation anddesign stage through to commissioning,installation and ongoing building management.The fire detection system manufacturer is verydefinitely one of those specialists.

Fire detection and alarm systems provide onemethod for the early warning and evacuationstrategy to begin. Taking a step back, though,much work has to be undertaken in firstdeveloping the specialist products,communication protocols and system strategiesthat will ensure all elements come together andafford building occupants the best possiblechance to exit the premises both safely andquickly should a number of unforeseenscenarios arise.

From Apollo’s perspective, the majority of oursolutions begin life in the company’s Sales,Marketing and Research & DevelopmentDepartments where ideas are formed, productsjustified and development procedures managedfrom concept through to end of life.

It’s vitally important that the business isexperienced in understanding the complexmarkets, international standards andtechnicalities involved with the fire detectionand alarm industry in order to identify wherenew product and system enhancementopportunities exist.

Any new idea begins its journey on theproduction line as a ‘development map’ and,once this blueprint is deemed viable, moves onto the Technical Department (a nearly 40-strongworkforce consisting of electronic softwaredesigners, mechanical design specialists,researchers and PhD-level engineers). Here, theproduct ideas are extensively researched andconcepts drawn up.

At this point a concept is selected andprogresses through a stringent new productintroduction process where the potential

solution is designedand detailed usingadvanced Computer-Aided Engineeringand simulationsoftware operatedby experiencedengineering teams.“We’re rigorous withour developmentapproach,”commented Apollo’stechnical directorChris Moore. “It’sessential that a fit-for-purpose productis created with ‘rightfirst time’ principlesand that it’s suitablefor use in the highlyregulated life safety market.”

At the end of the design process, a productwill move towards the most crucial stage of all:the testing and validation procedure. Our siteincludes five test laboratories. Every piece ofequipment is put through its paces not only aspart of new product development but also forongoing quality control.

The combination of these five laboratoriesresults in a highly stringent testing andvalidation process whereby products are notonly tested to meet UK regulations, but alsothe approval certification requirements of everycountry to which we supply our solutions.

Once the testing and validation phase iscomplete, a product will then proceed to thethird party testing stage for the appropriatecertification (for example, EN54) beforeheading for manufacture. The whole testing andcertification process can take anything fromthree months to two years to complete.

Shaping fire planning strategiesFire detection system manufacturers and theirproducts play an integral role in shaping notonly effective fire planning strategies but alsohow the Fire Service operates on the front line.

19www.risk-uk.com

When it comes to effective fire safety planning, theexpertise and input of fire detection and alarmsystem manufacturers is often underestimated and,arguably, underused. Paul Pope explains howsolutions developers are crucial to the success ofany fire detection regime deployed for end users

Best laid plans

Fire Safety Planning: The Role of System Manufacturers

FireSafetyPlanning December2014_riskuk_dec14 09/12/2014 11:51 Page 19

www.risk-uk.com

“One of the biggest issues in fire protectionat the moment is false alarms,” explained AdairLewis, technical manager at the Fire ProtectionAssociation (FPA). “Last year, the EmergencyServices responded to over 400,000 cases offalse alarms. Not only is this clearly a waste ofresources which diverts help away frompotential incidents of real need, but it alsoinfluences the fire policies of different firebrigades throughout the country.”

Lewis continued: “An example of this can beseen in the deployment of fire advisors onmotorcycles in areas where fire brigades haveexperienced high numbers of false alarms.Whereas this clearly cuts down on theresources needed to attend an incident and, itmust be said, allows for the immediateassessment of a situation, the downside isundoubtedly that these advisors have limitedcapabilities when it comes to being able totackle a genuine fire situation.”

Lewis and his colleagues at the FPA openlywelcome the development by manufacturers ofmore multi-sensor fire, smoke and heatdetectors which can yield a wider picture of apotential situation and therefore reduce falsealarms and unnecessary brigade call-outs.

“Fire safety planners need to be working withmanufacturers to ensure that they’rerecommending detectors to their clients whichare fit-for-purpose,” added Lewis. “Eachinstallation can be subject to differentenvironmental conditions. For example, theremay be a factory environment where excessiveheat and steam is produced. The manufactureris a crucial point of reference for clarification ofthe best type of detector to use.”

Adair’s final point is one that’s crucial to anyeffective fire detection system and is an areawhere the expertise of a manufacturer shouldbe used as extensively as possible to yieldsound advice and guidance. It’s vital that allareas of a given building are assessed toensure the appropriate type of detection isused for differing fire risks. Understanding thetype of fire risk, the materials present, the fireload, the environment, sensor technology andthe best detector locations is critical for earlyand reliable fire detection.

It’s also imperative for protecting life that anyfire detection system operates and monitorsthe fire protection measures correctly accordingto a building’s fire evacuation strategy.Examples would include simultaneous orphased evacuation, closing fire containmentdoors, grounding lifts to a safe area relative tothe fire and fire and smoke damper control.

In addition, occupants may be unfamiliar withtheir surroundings, possibly orientated to adifferent time zone and understand onlydifferent languages. All of these issues need tobe accounted for in the event of a fire scenario.

Future proofing the systemAs well as advising on the most appropriate firedetection equipment to use, manufacturers canalso play a key role in recommending how theirproducts might best be implemented within astrategy and design to accommodate anypotential future works or changes at a site.

An example can be seen in our work at theiconic Tower Bridge in London. Installed byFiretecnics Systems, the fire detection systemfeatures an Apollo fire detection and alarmsystem with five Kentec open protocol panels,two graphics panels and three voice racks.

In addition, field detection equipmentencompasses 100 Manual Call Points, 350Discovery units, 50 XPander units and 12 beamdetectors. These detectors are supported by120 visual indicators, 50 interfaces and 200DNH speakers.

“Fire detection system manufacturers and their products play anintegral role in shaping not only effective fire planning strategies but

also how the Fire Service operates on the front line”

20


Fire Safety Planning: The Role of System Manufacturers

21www.risk-uk.com

Planned future works at Tower Bridge led toflexibility being key to the success of thesystem’s installation. We provided guidanceand technical support to Firetecnics Systems onhow to deal with a number of issues, includingthe planned relocation of the central securityarea (which will be moved temporarily for arefurbishment and then possibly relocatedfollowing further planning work). To facilitatethis, the network has been reconfigured so thatthe security area is provided with a repeaterpanel which can be relocated without actuallyhaving to break into the network, therebyallowing simpler construction in the future.

Additionally, around 50 wired devices havebeen replaced by wireless units that can besimply taken down for the period during whicha room or suite is being decorated andrefurbished and then re-installed andcommissioned when replaced. This minimisesdowntime but, crucially, still allows projectcompletion with a view to future works.

There’s a vast array of legislation andstandards that govern the protection ofbuildings and their occupants. Theconsequences of not bringing all these togetherand ensuring the highest levels of firedetection, safety and evacuation can havetragic results.

Those involved in the fire safety planningprocess should not be afraid to draw upon theknowledge and expertise of reputable firesystem manufacturers to help them assesswhat products are best suited to their planneddesign and how the use of these solutionsmight be maximised well into the future.

Fire Safety Engineering Solutions at The Kia OvalThe Kia Oval in South London is home toSurrey County Cricket Club and, traditionally,plays host to England’s final Test Match ofthe season in front of a 23,000 capacitycrowd, writes Brian Sims.

Having previously designed and installedfire detection systems – among themDiscovery call points and detectors – in bothThe Lock and Laker Stands at the PavilionEnd (which also houses the exclusiveKennington Club Committee Rooms andMuseum) some 18 months earlier, TVF (UK)now required an open protocol system thatcould protect the famous Vauxhall End – oneof the most distinctive stands in internationalcricket – in the wake of its redevelopment.TVF (UK) duly selected Apollo as itsmanufacturer of choice.

The installation comprises a hybrid of theDiscovery hard-wired and XPander radio

ranges working in conjunction with an Advanced control panel in each stand.With 20 zones for each stand, over 200 optical detectors have been installedalong with 30 call points and over 30 loop interfaces/XPander radio devices.

John Baker – systems director at TVF (UK) – outlined some of the challengesbehind the installation. “Any venue hosting a variety of large-scale eventsneeds a robust and accurate fire detection system. As such, we installed asystem with double-knock detectors – in other words the alarms are onlysounded if two detectors are activated, helping to minimise false alarms – andone that links to other gates in the ground. In addition, there are lamp buzzersin key areas allowing for operational match day crowd management to ensure acontrolled evacuation should one ever be needed.”

The view of the fire safety engineer is, of course, all-important. NicoleHoffmann is director of Kingfell and an independent Chartered Fire Engineer.“Safety is integral to the planning and management of any stadium event,”explained Hoffman, “as outlined within the Guide to Safety at Sports Grounds.”

Also known as the ‘Green Guide’, this document has been revised down theyears and is now required reading for anyone involved in the initial design ofstadiums through to their day-to-day operation. Within the document, there’sdifferentiation between normal egress of a stadium at the end of an event andduring an emergency evacuation. For both, there’s guidance on the time takenfor spectators to leave the viewing accommodation and – under normalconditions – enter the free-flowing exit system or, in an emergency scenario, toreach a place of safety.

“Considering the potentially large number of people involved who may begenerally unfamiliar with the venue they’re attending,” continued Hoffmann,“the fire safety strategy design challenge is that the evacuation time to a placeof safety has to be two-and-a-half, six or eight minutes. That timing isdependent on the fire risk associated with, for example, stand construction,routing of escape routes or the provision of fire suppression systems.”

This indicates that fire safety is a system of components, their design andtheir interaction with each other. It also highlights that there’s more than oneway to achieve the level of safety required by the ‘Green Guide’. Underlying thisis that all the components are known, managed and maintained.

“The ‘Green Guide’ recommends the zoning of a stadium and its activities,”said Hoffmann, “whereby the core is the activity area that spectators havecome to see while the viewing area is the secondary zone. This concept alsoassists in the development of the emergency evacuation strategy.”



When it comes to effective security there’slittle doubt that CCTV has a fundamentalrole to play across both the private and

public sectors, yet there’s still a concerningnumber of UK businesses not using modernsurveillance systems to their best effect.

Many organisations will only invest in CCTV ifthey’ve experienced a crime on site – anunfortunate but common situation. In addition,many end users remain sceptical about thetechnology, believing that cameras will onlyproduce blurred images and not actuallycapture the right data for their purposes.

Surveillance technology has advanced at aparticularly rapid pace, and more and morebusinesses are beginning to wake up to thenumerous benefits afforded by today’s HighDefinition (HD) CCTV solutions.

The days of watching grainy, distortedimages should now be a thing of the past.Within the last few years there has been asignificant improvement in image quality and,it’s fair to say, the capabilities of CCTV are nowgreater than ever.

At ADT, we created a demonstration videoallowing customers to view the same recordedscene in both analogue and HD technologyformats. The difference in the picture quality(as shown, right) is striking. Customers areimmediately able to see the benefits.

If businesses adopt HD CCTV technology, thiscould have a positive impact on crime figures asthe pictures produced and the level of detailcaptured is so superior that it makes the job ofidentification much easier.

In addition, CCTV cameras allow businessowners to monitor and identify high risk areasand help protect any members of staffattributed to lone worker assignments. Higherresolution megapixel cameras mean that largerareas can be covered without compromisingpicture quality. Business owners are able tomonitor and pinpoint specific areas (such as carparks and secluded entrances and/or exits)where capturing significant detail is crucial.

Upgrading for greater functionalityOne of the main differences between analoguetechnology and HD is the type of cabling andnetwork that’s adopted. Instead of runningcameras on an analogue coaxial cable, anInternet Protocol (IP) network is created for HDcameras. This provides greater functionality, inturn enabling PCs, mobile phones and tabletsto be connected to the network. In addition,

23www.risk-uk.com

Surveillance: The Commercial ImperativeDespite research showing that such systems can act as adeterrent to would-be thieves and reduce crime by as muchas 28%, it’s apparent that businesses are still not usingCCTV to its greatest effect. Jeremy Simpson considers howthe latest High Definition surveillance solutions can offer thegreatest degree of protection for both people and property

CCTV: Protecting Businesses, People and Reputation

The same scenein a retail outletwhen viewed byan analoguecamera (above)and (below)using today’s HDsurveillance

CCTVProtectingBusinesses December2014_riskuk_dec14 09/12/2014 11:45 Page 23

24www.risk-uk.com

CCTV: Protecting Businesses, People and Reputation

such a set-up ensures that when a businessowner is off-site remote viewing is possible foradditional peace of mind.

CCTV using HD technology begets a fastertransition time between the image being takenand the image appearing on screen, thusallowing for real-time footage. That assists inreducing the time taken to act upon a potentialincident. Furthermore, given that only one cableis required to power an HD camera and video(unlike an analogue camera which requires twocables), costs are reduced and the installationprocess is made that much faster.

It’s also possible to easily upgrade anexisting analogue CCTV system with the moreefficient HD technology. In some cases, existingcabling may be re-used so as to reduce costs,although new transmission devices, thecameras and recorder must be installed.

HD cameras: compact and durableThe latest HD cameras are smaller, more robustand more aesthetically pleasing than theiranalogue predecessors.

There are two main types: the mini dome andthe increasingly popular bullet camera. Thelatter is about half the size of the traditionalanalogue camera with no requirement to addan additional external camera housing. Thelens, method of illumination and bracket areintegrated as one complete end user solution.

New cameras can also run a variety ofinnovative software applications. An example ofthis would be if paint were to be sprayed overthe lens by a vandal. An algorithm built into thesoftware detects the lens has been covered andsends a message to the user indicating pictureloss, allowing the issue to be swiftly rectified.

Cameras are also becoming standalonedevices employing valuable additional features.For example, a standard SD card can beinserted into an HD camera allowing it to recorddirectly onto the card without the need for aseparate recorder. The key advantage of the SDcard is that the camera can still record vitalinformation in the event of the main recorderfailing or malfunctioning.

Another key development featured in thenewer HD cameras is that the aspect ratio ismuch wider. The aspect ratio refers to theheight and width of the picture generated. Putsimply, a wider ratio enables the camera tocapture more of an image. Instead of two carparking spaces that may be captured on astandard analogue CCTV image, the modern HDCCTV camera can pick up four. The mainadvantage of this innovation is that larger areascan be covered by fewer cameras.

Night-time security requirementsAn important consideration that manybusinesses often overlook when specifyingCCTV cameras and surveillance equipment isillumination. Although CCTV cameras work verywell during the day, when light levels drop thecameras might become less sensitive and theimage quality may deteriorate.

Again, this is an issue that can be addressedby HD CCTV cameras which may be specifiedwith infrared illuminators built into them. Whenevening approaches the infrared illuminatorswitches on, producing a clearer picture.

However, the cameras are only sensitive toinfrared illumination and will only producemonochrome pictures. If colour is important foridentification purposes then end users ought toemploy additional lighting which produceswhite light illumination.

The lighting element uses energy-efficientLEDs. Motion sensors can be fitted to thecameras and lights so that the latter onlyswitch on when there’s movement. This is animportant energy-saving consideration for thehost business.

An increase in orders for HD CCTV systemsemanating notably from small and medium-sized businesses demonstrates that confidencein the technology has greatly improved. As HDtechnology continues to embed itself withinbusinesses, so the detection level of criminalitywill also continue to rise.

Ultimately, though, it’s the security industry’sresponsibility to educate today’s businessowners when it comes to their perceptions ofCCTV and HD cameras.

At the end of the day it’s this community thatwill benefit markedly from the technology.

“Surveillance technology has advanced at a rapid pace, andmore and more businesses are beginning to wake up to thenumerous benefits afforded by today’s HD CCTV solutions”

Jeremy Simpson:Head of Channel Marketing atADT Fire & Security

CCTVProtectingBusinesses December2014_riskuk_dec14 09/12/2014 11:46 Page 24

Radio Signal Analysers

POWER SOLUTIONS

• Find the optimum antenna/device installation location

• Detect and measure local 3G and GSM base stations

• Lock to any network by inserting their SIM card

• Detect all available networks by not inserting a SIM card

• Detect and notify the operator of the presence of white noisejamming when it occurs (subject to signal strength)

• D2386-r model is a Quad-band GSM analyser, including the EU-wideGSM-r frequency band for railway applications

For more information call:+44 (0) 1443 471 [email protected]

Dycon

Designed andmanufacturedin the UK

D23X6 SERIES

NEW4G Version

NOW Available

dycon psi november_Layout 1 27/10/2014 16:28 Page 1

From my own perspective I’ve been carryingout security surveys and teaching on thatsame subject for more years than I’m keen

to remember. Generally speaking, at the kick-off meeting with the client – or Day One of thetraining course – there’s a need for me toexplain what a security survey is all about. It’snot a risk assessment and it’s not an audit. It’sa survey, but what’s the difference?

One of the first lessons to be taught to myaspiring security surveyors is to ensure thatthey totally understand the scope of the workin which they’re about to participate. However –and worryingly so – on too many occasionswhen it has been asked of the client to explainthe scope of the work needed, you’re left with ablank stare normally followed by: “I don’t know.You’re the security expert” (whatever that is).

Despite Home Office statistics attemptingalchemy – that’s to say there’s an apparentbelief in Westminster we can cut spending onthe police service and somehow reduce crime –commerce and industry on home shores stillfaces a growing threat from organised criminals

and, perhaps more importantly, terroristorganisations such as Islamic State.

The private security sectorencompassing

guarding and systems has grown exponentially,with security officers taking on more and moreduties once carried out by the police servicewhile electronic security systems are becomingcommonplace in most industrial andcommercial environments.

It’s still taken for granted that the primaryrole of the in-house security manager is toprotect the assets of the organisation while atthe same time reducing crime against thebusiness, but more is now expected from thatmanager. He or she has to understand the risksposed to the host business, what systems arein place to prevent or otherwise mitigate theserisks and to what levels of conformance thosesame systems must operate.

The Security Risk AssessmentThe security risk assessment is arguably themost difficult process within the overallprogramme. Not only is risk at timesmisunderstood in the security industry, butthose with a working knowledge of the subjecthave their own views on risk and how it is – orshould be – measured. Risk assessments are,of course, very subjective.

In practical terms, it’s generally agreed thatthe security risk assessment has a number ofcomponents attached to it that, onceconsidered and examined, will allow for a riskvaluation. Those components are assets,threats, vulnerabilities, impact, controlmeasures and likelihood (or probability).

Assets are best defined as anything of valuethat requires protection (for instance people,property and business or brand reputation,etc). Threats to the organisation can derivefrom a number of sources and may be naturalor man-made, internal or external.Vulnerabilities are seen as a weakness in thesystem that allows the criminal or terrorist toexploit what may be ineffective defencemeasures. The impact is a measurement of thedamage caused by a successful attack againstan asset (for example the 4,000 or so peoplekilled as a result of the attacks on 9/11).

Control measures are designed to eitherprevent or mitigate an attack, and likelihood iswhen a decision is made about whether theattack will take place or not. The final processis by far the most difficult to carry out. Here,the analyst is expected to foresee the future.The one thing that’s certain about risk is that

Security Risk Assessments, Surveys and Audits: What’s the difference?

Today’s in-house security manager must understand the risksposed to the host business, what systems are in place to prevent

(or otherwise mitigate) these risks and to what levels ofconformance those same systems must operate. With this in

mind, Charlie Swanson looks to define security risk assessments,surveys and audits and how they differ in nature and scope

26www.risk-uk.com

SecurityRiskAssessments December2014_riskuk_dec14 09/12/2014 12:36 Page 26

Charlie Swanson MSc CSyPFSyI SIRM: Security and RiskManagement Consultant

it’s uncertain. We simply do not know.Referencing 9/11 once again, given all of theadvanced defensive systems in place in the USAwho could have foreseen such an atrocity?

The Security SurveyAre the systems in place fit for purpose? Priorto carrying out any form of site examination,the security surveyor needs to arm him orherself with sufficient information and dataabout the location under scrutiny. Defence orprotection in depth is a method which is quitecommon, and this requires an examination ofthe layered defences identified in and aroundthe survey location.

During the risk assessment, the surveyor willhave identified those critical assets that requireprotection. The defence in depth process willallow him or her to understand – throughrobust research – what defensive mechanismsare in place, from the environment surroundingthe survey location through to the perimeterand building fabric and on again to the area(s)where the critical assets are to be found. It’s atthis juncture, readers of Risk UK, when thefashionable description ‘Boots on the Ground’really comes into its own.

This part of the process is not an audit. Thesurveyor should not be looking for conformities.Rather, he or she is examining the systems inplace in order to decide if they’re sufficientlyrobust and effective enough to either prevent ormitigate the impact of an attack.

The surveyor needs to be able to think like acriminal, physically examining systems andprocesses on site to decide whether thosesystems can be circumvented or defeated. Theymust ask themselves questions. How effective isthe CCTV system? Might the access-controlledmain door be tailgated? Are there any ‘blackspots’ in the lighting system? Can the securityofficers on duty be evaded in any way?

It’s imperative that, at the earliest possibleopportunity, the surveyor strikes an accord withthe person who commissioned the surveybecause co-operation on site during the courseof the survey is critical. The recipient of thesurvey must be comfortable with the fact thatthe surveyor is there to help and not achievesome form of professional conviction whereblame is the end product.

There should also be a de-brief at the end ofthe survey because the client will naturally beanxious. This is the ideal opportunity to discuss

any ‘quick fixes’ that may havebeen observedduring thesurvey. Itshould beexplained thatthe surveyreport willinclude anumber ofobservations andrecommendations inaccordance with eitherthe organisation’s ownstandards, perhaps BritishStandards or ISO equivalents.The next time the site is visited,the surveyor will be auditingthose systems to see if they’re inconformance with the standardsagreed during the survey.

The Security AuditThe proof of the pudding, as they say, is in theeating. The effectiveness of the security surveycan be measured during a follow-up audit. Thisis the time to examine the robustness of thesurvey and to ascertain whether the client hasconsidered and bought into therecommendations made during the survey.

If the security survey report is examined, andit’s clear that the customer has taken thenecessary actions advised in the surveydocument (and, further, thoserecommendations were correct in terms ofprevention and mitigation) then the securityauditor should be content.

However, if the client has declined to acceptand apply the recommendations made duringthe survey it’s only right that questions must beasked – beginning with: ‘Why?’

It may be the case that, on consideration ofthe recommendations made, there just aren’tsufficient funds available to pay for the workrequired or the systems that need to beprocured. The client could be waiting for a high-level decision from, say, the Executive Board. Orit may be the case that the client harbours anagenda the detail of which is not to be sharedwith those external to the organisation.

Unless the recommendations are related tosome form of legislative or regulativerequirement, the auditor has to accept thedecision of the client.

Security Risk Assessments, Security Surveys and Security Audits

“Not only is risk at times misunderstood in the security industry, but those with a workingknowledge of the subject have their own views on risk and how it is – or should be – measured”

27www.risk-uk.com

SecurityRiskAssessments December2014_riskuk_dec14 09/12/2014 12:36 Page 27

Jamie Longmuir: SoftwareMonetisation Expert at SafeNet

Research at SafeNet has shown that justover 40% of software producers believelost revenue due to software piracy has

wrought a major impact on their business. Notonly can piracy stunt revenue potential, but itcan also negatively impact on paying customerswho bear the cost of illegal product use as itlimits the software community’s ability to becompetitive, in turn leading to more expensivebut less advanced products.

The problem can affect a wide range ofindustries, from software vendors and retailcompanies through to the online gaming crowd.Earlier this year, for example, popular onlinegame Grand Theft Auto fell victim to a softwarehack that caused a huge disruption to RockstarGames and its customer base.

Software piracy is facilitated by theabundance of reverse-engineering informationnow found online which provides easilyavailable tools and knowledge to anyone whowants to find it. In today’s computingenvironment, software publishers must learnhow to prevent theunauthorised use oftheir software withoutcreating unnecessaryobstacles forcustomers who wish

to legitimately purchase and use it for theirown purposes.

It’s a well-known fact that most countrieshave copyright laws in place directly applicableto software. However, the degree ofenforcement and compliance varies whichmakes some countries more ‘fertile’ in terms ofinfringement practices.

Software vendors who proactively protecttheir software are on the right track, of course,but may not be fully protected against the ever-growing hacking attempts that can compromisetheir given application’s security.

Misconceptions about piracyThough software piracy is a well-discussedtopic, there are some misconceptions aroundwho it affects and how the issue should betreated. For example, some practitionersbelieve that software piracy is a ‘victimless’crime. That assertion couldn’t be further fromthe truth. According to industry statistics,illegal software use costs developers worldwideover $50 billion every year in lost revenues. InEurope, an average of 66% of the software inuse is illegal. In some Asia Pacific and EasternEuropean markets, meanwhile, over 90% ofsoftware remains unlicensed.

Other commentators on this subject are alsounder the false impression that inexpensivesoftware isn’t copied. There’s an argument tosuggest that software protection isn’tnecessary because making software cheaperwould reduce the chance of it being copied andpirated. Like life, it’s not that simple.Developing a software product requires a hugeinvestment of time and money which must becontinuous. To succeed in tomorrow’s market,developers must invest today.

The argument that people don’t activelycopy inexpensive software is evidently false.

If you were to check some computersaround you today, you’d probably find thatmost copied programmes are actually the

cheaper ones.When it comes to software

protection, there’s a school ofthought that this somehow ‘gets inthe way’ of the legitimate user. Inreality, the new and moresophisticated types of softwarecopy protection actually benefitlegitimate end users. Protectionworks to safeguard the integrity of

the software, reassuring the end userthat the software cannot be tampered

with in any way. Often, it’s the end users themselves who

request the software to be protected so as to

Rewriting The ScriptCopyright infringement of software – also known as software

piracy – is an ever-increasing problem for the UK’s softwarecommunity. As Jamie Longmuir states, this form of criminality is

difficult to trace, can be even harder to prevent and, if truth betold, is almost impossible to negate

28www.risk-uk.com

SoftwarePiracy December2014_riskuk_dec14 09/12/2014 12:38 Page 28

ensure that it will not be used illegally in aworking environment (an occurrence whichcould harm their organisation).

One final myth to clear up is that anyprotection system can be cracked and, as such,software copy protection is useless. Indeed, thefirst part of that belief is true: any softwareprotection system may be cracked, just as anylock can be picked or any door might besmashed. However, the aim of software copyprotection is to provide protection for areasonable period of time.

Software cannot be protected forever, but itcan be protected long enough (ie until a newversion of the product is released). This newversion should be protected again with asystem that was also improved in parallel, thusassuring a long and profitable sales life for thesafeguarded application.

Challenge for software vendorsAs software pirates continue their attacks,companies are forced to spend additional timecycles and effort patching and plugging theirproducts to defend against those that mightsteal them. With every cycle that passes,software pirates become more sophisticatedand their vectors of attack harder to spot anddefend against, especially with the skillsrequired to do so becoming ever-morespecialised and scarce.

Software vendors are feeling the pressurefrom all sides. Customers demand ever-increasing levels of capability from the productsthey deliver. As budgets strain, they rightlydemand more compelling reasons to upgradeor switch from platforms they’re already using.

At the same time, the advent of Software-as-a-Service (SaaS) and the drive towardsdelivering software in a ‘Pay as you Consume’format demands that vendors re-evaluate theirdelivery mechanisms and business models.

For many vendors, this means expanding thetime it takes to re-engineer their code in orderto enable the provision of the product. This hasto happen not only in a reliable and scalablemanner in the cloud, but also in a fashion whichfully enables them to monetise the capabilitiesthat the software product offers. As you canimagine, this is no small task.

As packaged and downloadable softwaremakes way for cloud-based software delivery,what will the counterfeiters do? In what is anunderground industry now estimated to be

worth around $63 billion (in terms of the valueof commercial software), it seems unlikely theywill pack up and move on. Rather, thecounterfeiters’ pirating techniques will simplykeep on evolving.

Can we prevent software piracy?In order to stop software piracy, we need tolook towards software licensing. The problem ismany software vendors shy away from softwarecopy protection due to fears that it makes thatsoftware more expensive. In truth, this cost isnegligible when compared to the lossesincurred by developers through software piracy.

By protecting their software – and therebyincreasing their revenues – developers canafford to supply better software at competitiveprices. For those software vendors who doproactively protect their software, this doesn’tmean they are fully protected against the ever-growing hacking attempts that can compromisetheir application’s security.

A common misconception is that once acertain application is protected and distributed,it’s then completely ‘bullet-proof’ againstsoftware piracy and Intellectual Property (IP)theft. It’s crucial that software vendors workwith the licensing vendor and/or a copyprotection vendor to constantly update andimprove levels of security.

Simply incorporating innovative protectionand security measures as part of the productlifecycle can greatly contribute towards vendorsbeing steps ahead of potential threats.

Software Piracy: Removing the Risk

“As software pirates continue their attacks, companies are forced to spend additional time cyclesand effort patching and plugging their products to defend against those who might steal them”

29www.risk-uk.com

SoftwarePiracy December2014_riskuk_dec14 09/12/2014 12:38 Page 29

Nicholas Banks: Vice-Presidentof Sales (EMEA and APAC) forImation Security’s IronKeySolutions

For many of us, working away from the officeisn’t a new phenomenon. However, recentlypublished research into mobile working

shows that companies are still struggling toequip employees with the flexibility needed totake their work away from the office withoutjeopardising data security.

New and disruptive technology developmentsas well as the evolving and sophisticatednature of cyber attacks mean that newvulnerabilities are ever present. As employeestake more and more data outside of theenterprise, it’s fair to say these risks are onlyset to escalate.

That being the case, the challenge ofproviding secure and remote access tocorporate networks and data is becoming a fartougher process for companies to manage.

Indeed, the results of our cross-industryresearch1 highlight the alarming extent towhich employees are taking unsecuredbusiness data away from the office, oftenwithout their employer’s knowledge, and thenlosing that data in public places.

Data not adequately protectedIt seems that there are still not enough hours inthe day, with over one third of respondentsworking remotely in order to manage theirheavy workload. The majority of theseindividuals are using their own personaldevices, such as laptops (46%) and smartphones (34%) rather than company deviceswhen working on confidential business filesand e-mails away from the office.

Even though employees are using their owndevices for work purposes, with one-in-fiveproviding their own security measures, only arelatively small proportion (19%) seethemselves as ultimately being responsible forkeeping work data secure. Organisations reallyneed to be in the driving seat when it comes toprotecting their networks from the additionalrisks brought about by an increasing use ofpersonal devices in the workplace.

Although as many as three quarters ofrespondents to the survey take digital files outof the office, a large proportion of this data isn’tprotected from unauthorised access usingstandard security measures such as encryption,password protection or remote wiping. Almosthalf of the interviewees suggested that datataken outside of the office is never encryptedand three out of ten don’t use passwordprotection. This leaves organisations as sittingtargets for cyber criminals and potentiallyvulnerable to security breaches.

So strong is the need – or desire – to takework away from the office environment thatsome employees find themselves breakingremote working policies in the process, withover a quarter of respondents admitting tobreaching corporate policy at some point.Having said this, the majority do sounknowingly, suggesting that employers aresimply not doing enough to explain thesecritical policies to their employees.

It’s perhaps unsurprising that so manycompanies are blind to data loss, andtherefore aren’t taking the necessary steps tominimise the damage that could result from apotential data breach.

This apparent lack of focus on security couldexplain why such a significant proportion (onethird) of respondents have lost or had a devicestolen in a public place. Thankfully, mostrespondents (61%) would tell their boss if thishappens. However, a significant number ofemployees would do nothing, suggesting theycould be worried about disciplinary action orfeel that losing company data isn’t really thatimportant. Either way, this group poses a

Remote controlThe challenge of providing secure remote access to corporate

networks and data is becoming a far tougher process forcompanies to manage. In reviewing the results of research into

mobile working practices, Nicholas Banks also focuses on thekey areas to be addressed by IT and Security Departments if

fines and reputational damage are to be avoided

30www.risk-uk.com

SecuringTheMobileWorkforce December2014_riskuk_dec14 09/12/2014 12:11 Page 30

significant risk and needs urgent training, aswell as being provisioned with the necessarysecurity tools.

Working in public spacesAlthough the most popular place for workingremotely is at home, public areas such as pubs,cafes and restaurants (22%) and on publictransport (29%) have also become commonplaceenvironments for working on company e-mailsand electronic documents. Where employeeswork in these shared spaces, they’re far morelikely to be vulnerable to data and device losswhen compared to those occasions when they’represent on company premises.

The survey shows that three quarters of lost orstolen devices – such as laptops, mobile phonesand USB sticks – contain confidential e-mails(37%), files (34%) and customer data (21%),with a significant number of employees alsolosing financial data or login and passwordinformation (potentially exposing even moreintellectual property to the risk of a data breach).

However, many employees seem unconcernedabout losing this confidential business data,with only one-in-16 worrying about it.

An issue of responsibilityAlthough employees acknowledge they’reaccountable for keeping company data securewhen working remotely (with one-in-fiveproviding their own security), few respondentsto the survey seem fully mindful of the risksand implications when they don’t. This lack ofawareness and responsibility highlights anurgent need for company IT Departments totake better control of the situation byequipping employees with the right tools andprocesses to work away from the office.

A significant number (18%) of respondentsplace the burden of responsibility entirely ontheir employer, but most (around half ofrespondents) feel that securing companyinformation has to be a shared responsibilitybetween employees and their employer.

As many as 41% of employees claim theyeither don’t have the right tools to workremotely or feel that those available could beimproved. Only a relatively small proportion(less than six out of ten) reported that theircompany even has a remote working policy inplace, which is concerning when so manyemployees are working on company e-mails

and documents in cafes, at the park, onaeroplanes or at the gym. Even when a policyexists, it seems these aren’t being effectivelycommunicated or enforced.

From the moment employees join theorganisation, the IT Department should ensurethat they are given ongoing and comprehensivetraining about working procedures while awayfrom the office.

IT Departments need to provide fully-encrypted and password-protected devices thatcan be used outside of the office. Whetherdata’s in transit or at rest, encryption is vital interms of safeguarding that all-importantconfidential company information.

Encrypted devices need to be closelymanaged and tracked to ensure that, if dataintegrity has been compromised in any way,this compromise can be identified and thedevice remotely wiped.

With so many personal devices being used totake company files out of the office, thedividing line between work and personalenvironments is becoming increasingly blurred,leaving employees more susceptible to asecurity breach and also increasing the risk ofthem losing their own private files and data.

For their part, employees must be given ameans of separating work and personal data tominimise the risks involved.

Securing the Mobile Workforce

“Organisations must be providing a comprehensive framework for employees to work securelyaway from the office, with the right tools, security policies and training in place to ensure thatdata cannot be compromised if it should ever fall into the wrong hands”

31www.risk-uk.com

Reference

11,000 online interviews werecarried out during summer2014 by Vanson Bourne (anindependent specialist inmarket research for thetechnology sector) involvingoffice workers in businessesplaying host to at least 250employees. 500 of therespondents work in the UKand 500 in Germany. 80% ofinterviewees had to beworking remotely for at leastpart of their working week.Respondents to this researchsurvey came from a range ofindustry sectors

SecuringTheMobileWorkforce December2014_riskuk_dec14 09/12/2014 12:12 Page 31

Innovative Intelligent DetectionApollo Fire Detectors Discovery range, offers total reassurance each time, every time.

• Five approved levels of detection sensitivity

• Approved to EN54 standards

• Ideally suited to large public premises

innovation through

experience

For more information visit www.apollo-fi re.co.uk/discovery


Security and Fire Management

Sectorisation: Understanding and Confronting Risk Business Licensing and the Next Steps for RegulationAdded Value: What Can Security Realise for the Customer?Responding to Today’s Threats: Smarter Use of Technology

December 2014

Security Guarding SolutionsBusiness Sector Focus sponsored by

SecurityGuardingSolutionsFrontCover December2014_001 09/12/2014 12:35 Page 33


One of the underlying reasons managers orbusinesses fail to embrace Best Practicein sector segmentation is their inability to

manage the transition from how target marketsin an organisation are currently categorised tohow they might look when based on customercharacteristics, needs, purchasing behaviourand decision-making.

Essentially, there has to be a target marketstrategy that’s integral to developing aneffective business strategy and delivery model.

Now I might be stating the obvious here buttrue sectorisation is easier said than done. Youneed to mirror structures, have the right subjectmatter expertise and deliver a tailored solutionbased on risk as a minimum. In attempting thisyou have to know where to start.

Risk is an interesting area. In addition to theobvious day-to-day challenges we face in ourindustry, the term ‘Risk’ could be seen assomewhat different to five years ago and willlikely be different again in another five years.

Today, reputational risk sits high on theagenda for the C-Suite. A reputation crisis onlytruly occurs when stakeholders change theirexpectations and behaviours: customers stopbuying, employees leave, vendors lose interestin servicing and regulators/litigators pile intothe fray. Adding insult to injury, culpability andpublic opprobrium land on directors and chiefofficers. For them, the stain of a reputationalcrisis can be both personal and permanent.

Understanding how to help manageexpectations is all about governance, theapproach to operations and risk managementdemonstrating that employing sector expertsresults in higher quality service delivery andstronger relationships with individuals taking agreater ownership.

All of this results in a more professionalindustry which will attract and retain a moreappropriate and skilled talent benefiting us allin the longer term while also cultivating abetter-regarded career path.

Convergence: IT and PhysicalAnother major risk topic is convergence – IT andphysical. At Mitie Total Security Managementwe’ve remained vocal around the future andhow data capture should be used in identifyingtrends which will help shape security strategyand resilience measures.

Without a trusted sector specialist close tothe organisation understanding the intricaciesand idiosyncrasies and having gained the trustof more than one stakeholder in that company,

it’s fair to say that physical and cyber securitycannot be integrated.

Similarly with counter-terrorism intelligence,communicating this effectively so it’s fedthrough to the right people and threat andimpact is understood needs a specialist to bethe conduit towards providing a meaningfulinference to the mass of information available.

Sectorisation means an investment inspecialists who understand the specificenvironments of our clients and theirconsumers. This comes back to having theflexibility of service offering that meets clients’risks – all identified through data driven bytechnology and which allows for integration.This will establish the UK’s security industry asa sustainable and forward-thinking sector.

A straightforward process can be derived andapplied, enabling organisations to practicemarket segmentation in an evolutionarymanner and facilitate the transition towardscustomer-led requirements.

This process also ensures commitment fromthe managers responsible for implementing theeventual bespoke delivery model.

35www.risk-uk.com

Sectorisation: Confronting clients’ risks head on

Sectorisation is a commonly used term in the security industry,but is it just a badge of convenience for some or an absolutebelief? As Jason Towse outlines, understanding sectors is allabout understanding different facets of risk as well as thevarious stakeholders, structures and languages in play

Jason Towse: Managing Directorof People Services at Mitie TotalSecurity Management

Security Guarding: Sectorisation

SecurityGuardingSectorisation December2014_riskuk_dec14 09/12/2014 12:30 Page 35

Peter Webster:CEO of Corps Security

On 30 June 2014, Lord Taylor of Holbeachstated that the Government expects theintroduction of the statutory licensing of

private security businesses to come into forcein 2015. With a number of industryprofessionals sceptical about the benefits ofthis move, the pro-business licensing brigade –including the Security Industry Authority (SIA) –has been economical with the facts about whyit’s necessary and what it will really cost.

It’s claimed that business licensing andregulation will support those organisations thathave been through relevant checks and duediligence, and can demonstrate that they are‘fit and proper’ to supply security industryservices. To qualify for an SIA business licence,an organisation must comply with issuessurrounding identity, criminality, financialprobity, integrity and conformance with relevantBritish Standards.

The Regulator states that this licensing willgive businesses more responsibility for theindividuals they employ while achieving areduction in the regulatory cost and burden onthe private security industry as a whole.

Having crunched the numbers, we estimatethat business licensing will cost Corps Securityaround £50,000 a year. We’ve had no indicationof the corresponding reduction in the individuallicensing costs.

Corps Security currently pays around£150,000 a year in licensing fees, so theindividual licence reduction must be at least33% in order for us to be cost neutral.

For those companies, unlike us, that don'tcurrently pay their employees’ SIA licence fees,the costs will come as a huge shock.

Furthermore, the additional bureaucracy,time, inconvenience and uncertainty businesslicensing will cause realises a cost that, likeother organisations in our industry, we mayhave to try and pass on to our customers. Not

surprisingly, they will be highly resistant toincreased charges for security services, so itcould mean that those who demonstratecontinual improvement via the ApprovedContractor Scheme (ACS) might decide towithdraw from it in order to save money.

Motives behind the moveIt’s important to carefully examine the motivesof the bodies helping to push this legislationthrough and who claim to be doing so in thebest interests of the security industry.

Up until now, the SIA has been good atmaking sure that only those who should workin the security sector do so, yet its StrategicConsultation Group which has worked tointroduce business licensing only has 31members – less than 20% of whom actuallyoperate security companies – while 26% areSIA officials. Therefore, that Group cannotreally be considered representative of theindustry and those working on the ‘front line’.

Even so, the new SIA chairman ElizabethFrance CBE has vowed to be ‘audacious’ and isdetermined to push regulation as far aspossible. This means the SIA will do everythingit can within the statute to move forwards in thedirection that it believes the industry andministers wish it to travel.

How, though, does the SIA chairman know inwhich direction the industry wants to travel?From the Strategic Consultation Group alone?

At a recent event, Elizabeth France said: “TheSIA should be working with you to ensure that,between us, we take responsibility for raisingstandards, but maybe the balance between us,as the industry becomes more mature and weunderstand our role as a Regulator better, isthat more of it is done by the industry with theregulator helping and supporting.”

This provides a clear indication of anintention to increase the administrative andcompliance burden on the industry.

What we need are hard facts and until wehave them our industry representatives shouldnot be giving any support to these poorlycommunicated proposals. The needlessintroduction of two layers of licensing willsimply mean the loss of the ACS scheme thatadds value on purely cost grounds for one thathas no impact on improving security serviceswhatsoever. As a result the industry will suffer.

It’s time for the industry to make its voiceheard about keeping the existing licensingscheme. Who’s with me on this matter?

Security Guarding: Business Licensing and Regulation

Business licensing: “We need the facts”Peter Webster believesthere’s a lack of hardfacts regarding thesupposed need forbusiness licensing andthat widespreadignorance about itsfinancial implicationscould be disastrous forsecurity companies

36www.risk-uk.com

SecurityGuardingBusinessLicensing December2014_riskuk_dec14 09/12/2014 12:14 Page 36


Andrew Melvin: BusinessDevelopment Director (UK) atPilgrims Group

We’re living in a period of increasingthreats to our security and safety, with aclearly identified move in the UK threat

level from ‘Substantial’ to ‘Severe’ meaning thata terrorist attack is now highly likely.

The stance adopted by the Government isfurther supported in briefings by the HomeSecretary, Theresa May, who states that whilemany attacks have been prevented, the threatis still clear and extremely serious.

Indeed, Prime Minister David Cameron hassaid that we now face the “greatest anddeepest threat” in the nation’s history.

With decreasing numbers of police officersand enhanced levels of fraud and cyber crime –which is ranked as a major threat to ourNational Security Strategy – businesses andindividuals face uncertain dangers.

Many simply ‘bury their heads in the sand’,perhaps through a lack of knowledge. Forothers, it’s simply a case of not having the timeto deal with all of the potential risks.

Most people should have an expectation ofliving a normal life and are rarely exposed tothe horrors of terrorism, fraud and cyber crime.However, with the daily media concentration onbad news, members of the public face ever-increasing anxieties about these threatsregardless of their own personal experiences.

Over the last decade, our industry haswitnessed eroding margins, seeminglyaccelerated since the financial crisis of 2008.The unintended consequence of this can beseen in the general reluctance towards – andreduced opportunities for – investment insecurity personnel or client partnerships. Thereducing margins that suppliers are having to

contend with in highly competitive tenderingprocedures coupled with the limitedprofitability of many security businessesensures a ‘perfect storm’ of very low profits,minimal investment and, in the case of somecompanies over the last few years, a struggle toeven continue trading.

The really damaging effect of low margins isa lack of investment in personnel, little or notraining, reduced morale and, ultimately, areduction in performance – and, therefore, anincrease in risks.

Other than for client-specific trainingrequirements, it’s extremely difficult to provideongoing security-related instruction andeducation as removing personnel from theirwork environment is prohibitively expensiveunless paid for by the client.

Given the downward spiral of margins incontract procurement, this latter scenarioseems unlikely in most instances.

Responding to margin erosionIn the best case situation, margins within thesecurity industry will stabilise but furthermargin erosion is the more likely outcome. Howshould the private security industry react?

Achievements could be realised throughreducing overheads, the smarter use oftechnology and/or working more efficientlyalong with specialisation in a wider range ofsecurity services.

This broader range of security services couldprovide a platform for continued securityspecialisation with the advantages that stemfrom a co-ordinated protection of assets andpeople derived by a single source of securityexpertise working closely in support of thepolice service and offering a complete packageof risk management with a variety of highlyspecialised employees operating at aninternational level.

For other security companies, the wayforward may involve offering a wider range ofFM services, either through taking on additionalnon-security related services or being acquiredby larger organisations, be they FM or security-focused in nature.

Looking to the future, it’s inevitable that theprivate security industry is likely to witness thegrowing use of technology, including theminiaturisation of drone and surveillanceequipment along with the smarter use ofincreasingly capable software which is likely tosee the numbers of security personnel reducedor, at the very least, not increasing.

Security Guarding: Responding to Margin Erosion

What does society want from the security industry?At a time whenpolicing numbers arefalling, threats posedto our safety areincreasing andmargins for securitycompanies remain low,how should solutionsproviders react?Andrew Melvinbelieves it’s time forthe smarter use oftechnology and agreater focus onspecialisation

38www.risk-uk.com

SecurityGuardingSocietyandSecurity December2014_riskuk_dec14 09/12/2014 12:32 Page 38

For over 150 years, Corps has been a byword for discipline, integrity and reliability. Today, Corps Security helps ensure the safety and well-being of many of the City of London’s leading businesses and the people who work in and visit them.

Clients value the dedication that Corps Security’s officers bring to the job.

They also rely on its state-of-the-art remote monitoring service, and appreciate the hands-on approach of its managers.

Above all, clients prize the expertise that comes only through specialisation.

Leaving them free to concentrate on their business - knowing that their people and property are safe.

Tel: 0800 0286 303 www.corpssecurity.co.uk 85 Cowcross Street, London, EC1M 6PF

What security feels like.

Tel: 0800 0286 303www.corpssecurity.co.uk

85 Cowcross Street, London, EC1M 6PF

Corps |kôr|

noun ( pl. corps |kôrz|)


David Ward: Managing Directorof Ward Security

In all things, an holistic approach is thecorrect one to adopt when addressing achallenge or project. Having a complete view

on a situation and making planning decisionsaccordingly will ensure the final outcome is ‘fitfor purpose’ and future-proofed. There’sanother big benefit to an holistic approach –value. Only through a complete view of asituation or challenge can you truly plan forefficiencies and extract the maximum valuefrom your investments and assets.

This way of thinking applies as much tosecurity as it does to anything else. The historicshortfall of security is that it has traditionallybeen applied in a ‘piecemeal’ fashion. For toolong it has been a ‘bolt-on’, employed whereand when necessary and often fitting aroundthe premises, organisation or situation.

The exact same can be said of other areassuch as energy efficiency, whereby energyefficient measures have been retrospectivelyapplied. In all honesty it’s not a failure ofsecurity, but more a failure of previousgenerations to understand the importance offuture-proofing and holistic planning.

Modern buildings and estates are beingdesigned and built to incorporate key functionssuch as energy efficiency, IT, communicationsand security. Today, architects are designingstructures with these functions in mind, sowhile the necessary infrastructure is discreet,it’s also easy to access and effective.

For instance, wiring is where it needs to bewhile communal areas are designed with clearlines of sight for monitoring – and all the whilewithout impacting negatively on aesthetics or

other functions. For older buildings andestates, though, bolt-on will remain aninconvenient necessity.

Using assets to maximum effectThe security offer itself has broadened toencompass additional tasks and services.Through a more comprehensive andtechnologically advanced service, security hasbecome holistic in nature.

Technology itself has been a key enabler inthis security evolution. The latest securitymeasures have become so advanced that theycan overcome many, if not most of theobstacles presented by older and more complexestates. Again, planning is the key toeffectiveness. The correct technologies need tobe applied in the correct way and with a globalview towards the overall security stance.

People and service complete the picture.Today’s security companies deliver more thanmerely security. They become an integral partof the organisation and offer more than sitemonitoring or reaction to unforeseen situations.

The modern security service exhibits more ofa managerial approach to the disciplinewhereby security staff act as ambassadors forthe client company, welcoming visitors andtrades and helping to ensure that they knowwhere they’re going and are subtly ‘managed’during their visit. Here, security has a betterview of who’s going where and this, of course,helps to ensure fewer unexpected incidents.

Owners of property portfolios should bethinking of security as more of a broad serviceoffer instead of simply security. The days of aman in a peaked cap and uniform standing at aGate House are gone. Today’s securityprofessional is more of a complete packageand, importantly, an asset to the business orpremises he or she is attending.

Similarly, clients should be thinking abouthow security integrates in a fuller sense to theproperty or business. The aesthetic of abuilding, as well as the culture, is vitallyimportant, especially when that building isclient-facing. Security is no longer anunwelcome addition. It’s now the first thing thatvisitors experience. That being so, it needs tobe welcoming, accommodating and helpful.

Meanwhile, the physical assets of securitytechnology need to integrate and not spoil thelines or interrupt the aesthetic. By carefulplanning and the correct application oftechnologies this can be achieved with ease.

Security Guarding: The Concept of Added Value

What can ‘Security’ bring to the party?The modern approachto security provisionhas evolved to such adegree that, as DavidWard states, evenwhen security has notbeen built-in to anestate and is appliedretrospectively,specialist companiescan still help theirclients to better planand ensure that assetsare used to theirmaximum effect

40www.risk-uk.com

SecurityGuardingAddedValue December2014_riskuk_dec14 09/12/2014 12:14 Page 40

Christmas was different when I was a child”is a phrase we’ve been hearing from ourparents for years, but when it comes to

Christmas shopping, everyone agrees thatthings really have changed.

Take a look at the scenes in many retailstores on ‘Black Friday’ which saw retailsecurity staff outnumbered to an alarmingdegree by a frenzied swarm of shoppers, manyof whom displayed characteristics akin to thebehaviour of a herd of hungry animals.

With the evolution of online behaviours andsocial media, it has been possible for retailersto create and spread the word about more andmore shopping ‘events’ taking place bothonline and in stores.

Further, huge numbers of individuals havenow accepted a Christmas tradition of havingall of their festive shopping – including theirChristmas party wardrobe and contingencyoutfits – delivered to their places of work.

This change in behaviour means that securityand reception staff may see thousands morepackages come through the doors in the run-upto the Christmas holiday period, with many ofthose items being high value electronic gifts –

in turn making the officespace a heightened targetfor thieves.

Many building managersenforce a zero tolerancepolicy, refusing to acceptpersonal deliveries oraccepting them only in theevent that the recipient canimmediately collect themfrom the delivery area.

A number of office workerswill simply pile items undertheir desks until the coast isclear to bring them home for wrapping onChristmas Eve, making the packages a targetfor thieves and increasing opportunities for the‘planting’ of suspect packages.

It’s essential that security companies are‘season savvy’ and approach their clients wellin advance. Risks can then be fully assessed bysecurity providers, in turn allowing for robustcrisis management procedures to be realised.

Carl Palmer is Executive Chairman of CISSecurity

Festive Frenzies – Securing the Spirit of Christmas

‘Black Friday’ and‘Cyber Monday’ arejust two examples ofthe way in whichChristmas shopping ischanging and, asCarl Palmer states,placing new demandson security teams

Security Guarding: Risk Management and Forward Planning

Telephone : 0191 296 3242 www.ssaib.org

Appointed Security Industry Authority (SIA) Approved Contractor Scheme (ACS) Assessing Body. ISO 9001and Product Certification for Key Holding and Response Services, Door Supervisors, Static Site Guardingand Mobile Patrol Services, Event Stewarding, Crowd Safety, Security Wardens, Cash and Valuablesin Transit, Close Protection Services and Security Dogs. Contact us for a free no obligation quote.

The leading certification body for Guarding Services.

CERTIFYING SECURITY

SSAIB

SecurityGuardingRiskManagement December2014_riskuk_dec14 09/12/2014 12:20 Page 41

Security solutions for today’s challenging times

Global economic pressuresare forcing organisations toreview expenditure acrossthe board. But, the securityissues remain the same. So, do you cut your security?

Pilgrims offers a complete andcomplementary range of security,communications and support services,backed by an unmatched commitment to the highest level of quality, efficiency and client care, to reduce costs not cover.

Our expertise and global experience allowus to deliver robust, practical solutions fortoday’s challenging financial climate.

For more than ten years, Pilgrims has beensupporting clients across the globe, protectingand enabling their businesses to continue inspite of threats from terrorism, seriousorganised crime and natural disasters.

Our personnel are handpicked for theirexperience, skills, training and personality to match the requirements of our clients.This, combined with our continual exposureto the world’s hot spots and difficultregions, makes Pilgrims the ideal choice foradvice and support.

Pilgrims provides a global service, with localknowledge through our employment oflocal personnel, quality control, continualongoing training and our relationships withspecialists and local partners.

ConsultancyOperational ConsultancyManned GuardingTrainingInformation and IntelligenceCommunications SupportTechnical SystemsEquipment

We can help you find the right solution.Call Pilgrims on: +44 (0)1483 228 786

www.pilgrimsgroup.com


The consultation sets out the SecurityIndustry Authority’s (SIA) high-level draftplans and describes the Regulator’s

proposed mission, vision and strategic goals.At the SIA Stakeholder Conference held in

October, the Regulator’s chairman ElizabethFrance CBE set out progress that the SIA hadmade in working closely with stakeholders todevelop proposals for a new regulatory regimefocused on businesses. France emphasised thatthe SIA is ready to take forward mandatorybusiness licensing if and when the Governmentconfirms its intentions and that the Regulatorwill not allow that question to distract it fromusing its existing powers in an audacious wayto support continued progress towards a better,quicker and lower cost approach to regulationframed by greater business engagement.

“We want to ensure that the next phase ofour work reflects the views and priorities ofthose who buy, supply and rely on private

security,” explained France. “We shall considerany feedback you give us and take thatfeedback into account before publishing ourfinal plan early in 2015.”

Read the consultation document online at:www.sia.homeoffice.gov.uk/Pages/about-plan-consultation.aspx*The consultation period runs from 4 December2014 to 30 January 2015

New SIA-approved training coursesFrom 1 January 2015, new courses andqualifications will be introduced for SecurityIndustry Authority licence applicants.

The new training courses have been designedin association with the security industry andstem from an earlier public consultation.

Sectors covered are security guarding, doorsupervision, Public Space Surveillance, closeprotection, Cash-in-Transit and vehicleimmobilisation (Northern Ireland only).

Mission, Vision… and StrategyThe Security Industry Authority is holding a consultation to gauge theviews of stakeholders on its draft Business Plan for 2015-2016 and theCorporate Plan for 2015-2018. Brian Sims reports

Security Guarding: Security Industry Authority Consultation

The new SIA security guardingcourse will contain morecontent on patrolling andmaintaining contact and howto deal with commonlyencountered incidents. Therewill also be a requirement forthe practical delivery ofsearching and conflictmanagement and theinclusion of an awareness ofinitiatives to fight crime. Thequalification awarding bodiesare now working with trainingproviders to ensure standardpackages will be ready forJanuary 2015

SecurityGuardingSecurityIndustryAuthorityConsultation December2014_riskuk_dec14 09/12/2014 12:31 Page 43

Destination and corporate eventmanagement specialist Spectra DMCapproached ISC back in March regarding

its plans for a gala dinner at the Londonmeeting of the American College of TrialLawyers (ACTL). This was to be a highlyprestigious and unique event on a grand scale,with a giant marquee erected at Horse GuardsParade and plans for 1,000 covers.

Guests were to be welcomed by a choir andthe troopers and horses from the HouseholdCavalry would form a guard of honour.

Crucially, although the event was private, itwould be taking place in a highly sensitivearea, out in the open and right next to a majorcentral London public road. The right securitywas vital in order to keep the site safe duringthe build-up to and during the event, but alsoto enhance the guest experience and ensureeverything would run smoothly.

The event took place on 13 September, butchosen security provider Integrated SecurityConsultants (ISC) was on-site 24 hours a day

controlling access to the sitefrom four days prior for the buildphase until the site was clearand returned to its ‘blankcanvas’ state two days later.

“We had to work closely withthe many different partiesinvolved, all of whom had theirown needs and expectations,”said ISC’s business developmentmanager Paul Griffiths. “Theseparties included not just ourclient Spectra DMC but also theRoyal Parks, the MetropolitanPolice Service, the various eventcontractors and, of course,members of the public.”

As well as managing the security of the siteitself, ISC provided corporate security staff towelcome guests, manage public interest andhandle both traffic ingress and egress.

Planning and familiarisation process“This event was 18 months in the planning,”stated Griffiths, “and, naturally, both SpectraDMC and the ACTL had high expectations forthe day. Every aspect of the event had to beperfect, from the catering and entertainmentthrough to the security team. We spent sixmonths planning and familiarising ourselveswith the expectations of our client and ensuringfull risk assessments were carried out.”

Griffiths explained: “We attended planningmeetings with the Royal Parks so weunderstood how the site operated and what toexpect, advising on security requirements. TheMet Police and Royal Parks wanted to ensurethat all Health and Safety requirements were inplace and that the site was secure at all times.We liaised with them and brought securitycover forward by 24 hours to ensure that thevery earliest stages of the build were covered.”

On the evening itself, all access points weresecured and a large crowd of onlookers had tobe kept back so that all guests could beadmitted during a short 30-minute window,transferring from coaches within seconds.Everything went smoothly, but there were somechallenges to overcome.

“These were mostly logistical,” continuedGriffiths, “such as some contractor vehiclesturning up without pre-registration. Anotherchallenge was that the site is usually easilyaccessible to pedestrians from Horse GuardsRoad. Rather than just station officers along the160-metre perimeter, we were permitted theuse of crowd barriers for additional defence.”

Griffiths added: “Unsurprisingly, holdingsuch a glamorous event in a public placeattracted a great deal of attention from passers-by, in particular when the Band of theColdstream Guards arrived and played severalnumbers. The event also coincided with thenearby Proms in the Park, which resulted inlarge numbers milling around in the vicinity, butthis didn’t pose any problems for our team.”

ISC’s success in securing this event is theresult of a long history of working on other highprofile events, often in spectacular venues, anda culture of listening carefully to clients’requirements to build a bespoke service.

Mark Wareing, account director at SpectraDMC, concluded: “Everyone on the ISC teamwas really helpful and great to work with. Thesecurity manager was totally flexible and wecould just leave the team to their own devices.”

Security for Special Events

On Parade Managing security foran iconic centralLondon venue allowsno room for error.Integrated SecurityConsultants recentlyprovided support for alavish private eventheld at Horse GuardsParade. Brian Simstracks the servicedelivery as well as thelessons learned

44www.risk-uk.com

SecurityforSpecialEvents December2014_riskuk_dec14 09/12/2014 12:13 Page 44

Greater attention needs to be paid to thequality and performance of Power SupplyUnits for both security and fire systems.

That being so, we’ve decided to highlight fivekey elements that purchasers/end users shouldbe focused on to ensure the solutions theyadopt are actually fit-for-purpose.

While much attention is often lavished on thespecification of more visible solution elements– such as CCTV cameras, DVRs and intruder/firedetection and alarm systems – the same cannotalways be said for mission-critical PowerSupply Units (or PSUs).

In fact, PSUs are often left out in the cold asthe poor relations, thrown into the mix at thevery end of the installation process. This makeslittle sense given that security and fire systemsare only as good as their weakest link.

Combating brownoutsLeading the way in our five-point ‘Best PracticeGuide’ as part of a push-back againstsubstandard PSU specifications is that endusers ought to check the solution chosen istolerant of mains input voltage fluctuationswhich, if left unchecked, can result inproblematic ‘brownouts’. You really want powersupply units that can handle variable inputsand still maintain a standard output. Solutionsare now available that can work comfortablyanywhere between 90 V and 260 V.

Optimising efficienciesThe efficiency of PSUs is becoming anincreasingly pivotal consideration as many oftoday’s businesses have set themselves powerreduction targets.

To achieve better operational efficiencies,switch-mode technology is in a different leaguefrom the more traditional linear PSUs.

Switch-mode units offer a significantly higherlevel of efficiency (typically 80%-87%) and,correspondingly, lower energy bills and areduced carbon footprint for the end user.

Smaller footprintWhere the end user is seeking to place a PSUunit into a confined area, they should befocusing on the type of PSU that’s morecompact. Switch-mode models also scorehighly here as the latest versions are, typically,significantly smaller and a tenth of the weightof the older linear-style (copper-based) units.

Healthy temperatureAnother factor on the PSU front around whichit’s worth quizzing potential solutions providerscentres on the temperature at which the unit isgoing to operate. It should be remembered that

switch-mode power supplies run significantlycooler than established designs. This isunderlined by the reality that older linear unitsare hot to the touch and, as a result, moresusceptible to failure.

We estimate that end users can lose half ofthe power that goes into a linear PSU simplydue to the heat which is being radiated.

Standard of supportIt’s vital to confirm that any PSU selected iscompliant with recognised local codes. All unitsshould carry the CE mark and conform tostandards such as EN60950-1, EN50131-6 andEN6100-6-3 when appropriate.

In addition, it makes good sense for endusers to ask about the level of technicalsupport provided by the vendor and the qualityof the latter’s own internal processes. Are theyaccredited to BS EN 9001:2008 for their qualitymanagement systems, or ISO 14001:2004 forenvironmental management?

No power, no systemFor all prospective purchasers of PSUs it makesabsolute sense to take time out and completethorough checks on the suitability of a specificPower Supply Unit. Simply throwing somethingin, crossing your fingers and hoping it will workis nothing other than foolhardy.

There’s no doubt that the right solution canmake a concrete difference to the operationalefficiency and reliability of your security andfire safety solutions.

By the same token, the wrong choice canlead to the prospect of unexpected downtimewith no power for CCTV cameras or recordingdevices – and thus serious gaps in capability.

45www.risk-uk.com

Bridging The GapIan Moore recountssome essential tips forthose end userslooking to bridgesecurity and firesystem power supplyperformance gaps

Ian Moore: Managing Directorat Elmdene International

“It’s vital to confirm that any PSU selected is compliant withrecognised local codes. All units should carry the CE mark”

Power Supply Continuity: Bridging the Performance Gap

PowerSupplyContinuity December2014_riskuk_dec14 09/12/2014 13:15 Page 45

Simply defining what ‘Security’ is has neverbeen easy. Security often means differentthings to different people and companies.

Indeed, there’s often disagreement withinorganisations on this very subject. Traditionally,‘Security’ is viewed as physical security andinformation security, but even the latterdescription can be somewhat confusing.

Many organisations have Chief InformationSecurity Officers (CISO) in situ who are, in themain, in charge of information security, butwhat about ‘non-IT’ information such as thatheld in the form of paper records?

Yes, paper records do still exist – confidentialcontract information or intellectual property(which in itself is information) are but twoexamples. Is your CISO responsible for this typeof information?

Encouragement of convergenceFor a number of years now, securityprofessionals have been seeking to encourage

convergence between the varioussecurity disciplines.

Convergence ofsecurity risks

is a broad

concept which covers the many facets andinterrelationships of a variety of security risksconfronting today’s businesses.

In essence, convergence requires a ‘bringingtogether’ of all those with a securityresponsibility in an organisation to assesscollective corporate risks.

Proponents of security risk convergence havequite rightly identified the truism that, if youmanage risks in isolation, then the probabilityof those risks materialising increases. However,there can be an overlap between the traditionalsecurity disciplines (such as that withinformation security mentioned previously).

To date, this convergence agenda has tendedto focus primarily on physical and informationsecurity. In truth, there are other ‘security’ risksthat need to be considered. More of them anon.

The move towards convergence has alsorecognised that risks are continually evolving,all the while increasing interdependency onprocesses. This is well illustrated if we take alook at ‘Cyber’. The term ‘Cyber’ is used manytimes as a catch-all for the threat posed to ourcomputer and communication systems. In thereal world it’s about much more than this.

Cyber security addresses not just ‘things’ butalso processes. For example, ‘Cyber’ includespersonnel security to ensure that the wrongpeople do not have access to the essentialparts of a given business system. To preventsuch access we need employee screening to bein place. While the employee screening processis part of the cyber security function, thephysical process is normally the responsibilityof the Human Resources Department and yetcyber security is most likely under the remit ofyour CISO. Confusing, isn’t it?

Fraud risk managementThe situation becomes even more complexwhen you throw fraud risks into the mix. Fraudrisk management and counter-fraud activity inan organisation is frequently separate to other

security risk management procedures. In-house fraud teams are often part of the

Finance Department or sit within internal auditteams but are not part of a security team.Ultimately, it can be argued that thecommonality between fraud and security risksis such that any security risk convergenceagenda should also include fraud risks.

Let’s take one example – people. What arethe biggest risks posed by employees to abusiness in the overall security arena? Somewould say fraudulent activity and theft. The

Fraud and Security Risk: The Future of ConvergenceWho’s responsible for security risk management in your

organisation? Is there a relatively simple answer? The likelihood isprobably not. How do you then decide who’s actually responsible

for collective security risk management? Alan Day outlines thebusiness case for convergence

46www.risk-uk.com

TheSecurityInstitute'sView December2014_riskuk_dec14 09/12/2014 12:40 Page 46

Alan Day FSyI: Fellow of TheSecurity Institute and a Directorof AKD Services

world is littered with companies both large andsmall who’ve demonstrably failed due to fraudperpetrated directly or indirectly by employees.

Employees may also collude with suppliers,falsify financial records or submit fraudulentclaims. How, though, do you categorise this riskposed by members of staff? Is it just fraud?

Maybe that’s too simplistic. The risks actuallyemanate from people. Thus a company requiresrobust pre-employment screening andcontinuing due diligence procedures to beoperational on a constant basis. The situationmay also involve IT security. Frequently, insidersuse the IT system to carry out their fraudulentactivity alongside general information such ascontract documentation. Here, then, are twodistinct ‘Security’ disciplines – personnel andinformation security – that have a directrelationship to the risk of fraud.

As is the case with cyber, fraud riskmanagement tends to be more process driven.Fraud often takes place where there may be fewphysical barriers that can be used to preventsuch activity from occurring. For example,firewalls are essential if the fraudster is outsidebut tend to be ineffective if the personconducting the fraud is already on the inside ofthe company’s four walls.

Identifying the threats First, it’s about identifying the threats. Ofcourse, that process can be rendered all themore difficult if your fraud and security riskmanagement functions are conducted inisolation from each other.

Let’s stay with firewalls as an example. YourIT Security Department (under the leadership ofthe CISO) may have excellent and highlyeffective firewalls in place. Its constituents maybe able to report that there have been nobreaches and that all’s well, but can they tellyou how many attacks there have been andwhere these came from? Such detail is crucial.

What if there has been a succession ofattacks over recent weeks that then abruptlystop? Have the criminals simply given up orfound another way into or around your ITsystems? How would you know if you do notmonitor attacks?

In this example, the security of your systemis sound, but vital information and intelligenceis being lost and, subsequently, you may not befully aware of the risks. This could enhance therisk posed by fraudsters.

A converged approach to risk encompassingall aspects of security (and including fraud) canhelp in the overall assessment of risk in termsof actual and potential threats involving thephysical side of the equation, the people andthe processes. Such an approach may alsoassist in providing a more focused view of therisks facing your organisation.

In addition, this more focused approachhelps to better mitigate risks by dint of usingall-round knowledge of the organisation, itsprocesses and mitigations. Having a completeoverview of all security-related risks includingfraud – and how they relate to the company’soperations – is essential in a world wherein thecriminal makes no such distinction.

Single point of ownershipThose organisations that have implemented asingle point of ownership for every aspect ofthe business’ security have realised thebenefits very quickly.

That single point of ownership may well bethe CISO but, whomever it is, they must takeownership and full responsibility for thephysical elements and processes in anincreasingly complex environment.

This will help to build confidence amongsenior staff, employees and stakeholders thatall security risks are taken seriously andprovide the authority to empower management,ensuring that all security risks are identifiedand managed correctly.

It will also act as a deterrent to any potentialcriminal – be they inside or outside of thecompany’s walls – if they’re fully aware thatthere’s a joined-up approach to any risk theymight wish to pose to your organisation.

Importantly, the single point of ownershipmust have direct access to the CEO and theChief Operating Officer. They should have a‘Hotline’ through to the auditing function inorder that they might influence the company’sinternal audit plan, reviewing areas of concernand ensuring that risks are raised at thehighest level (ie with the Audit Committee andthe Board of Directors).

We’ve been too slow to recognise that there’san urgent need for re-thinking fraud andsecurity risks. They do need to be converged,but not simply in terms of ‘Security’. Rather,they must be converged in line with overallbusiness risk management and the hostorganisation’s overarching strategy.

The Security Institute’s View

“Ultimately, it can be argued that the commonality between fraud and security risksis such that any security risk convergence agenda should also include fraud risks”

47www.risk-uk.com

TheSecurityInstitute'sView December2014_riskuk_dec14 09/12/2014 12:40 Page 47

Due diligence may be defined as: ‘Thediligence reasonably expected from, andordinarily exercised by, a person who

seeks to satisfy a legal requirement or todischarge an obligation’ (also termed‘Reasonable diligence’). In terms ofCorporations and Securities, we might say: ‘Aprospective buyer’s (or broker’s) investigationand analysis of a target company’.

If you wanted a legal definition of the termthen look no further than that which resides inBlack’s Law Dictionary (Seventh Edition): ‘Afailure to exercise due diligence maysometimes result in liability, as when a brokerrecommends a security without firstinvestigating it adequately.’

Why a legal definition? The definitions thatI’ve recounted all reference checks to be madebefore entering into a contract. They alsoreference Duty of Care and, as a contractinvolves civil law, it’s not too great a step toconsider a Legal Duty of Care. If there’s abreach of this Legal Duty of Care involvingnegligence or recklessness then the individualsinvolved could find themselves in the criminaldomain. Hence the requirement for a legal

definition. In criminal law,

due diligence canbe a defence in

strict liability caseswhere the prosecution

only has to prove the‘Actus Reus’ (Guilty Act) and

not the ‘Mens Rea’ (Guilty Mind).If the accused can demonstrate that they

took all reasonable stepsto prevent criminal

activity then this is considered to be a defencein law. The reasonable steps are not necessarilythe standard of care of a particular industry,but I would suggest that standards promotedby the security industry – such as those devisedby the British Standards Institution and theCentre for the Protection of NationalInfrastructure (CPNI) – may go some waytowards convincing the Judge that reasonablesteps were taken.

In civil law there’s a responsibility on bothparties towards an action that reasonableenquiries have been made to establish the factsthat may be subject to dispute.

Running the rule over a business If dealing with a business, it seems sensible tocheck that it exists, resides at the address(es)provided and that you have the correct name.

If you’re about to do business with ABC youshould clearly establish if it is ABC Limited, ABC(London) Limited or ABC (Manchester) Limited.They are separate legal entities and notnecessarily legally responsible for one another.

You may want to know how long the businesshas been in existence and its financial details(if available). If the business is a registeredcompany then such information can beobtained directly from Companies House(www.companieshouse.gov.uk).

The process of conducting such checks isrendered a little more difficult if the targetbusiness isn’t a company. However, there arenumerous commercial databases availablewhich can provide you with information onbusinesses. Equifax (www.equifax.co.uk) andExperian (www.experian.co.uk) are but two ofthem. They can also offer details of anylitigation against a given company.

Other good sources for litigation are theRegistry Trust (www.trustonline.org.uk) and theMinistry of Justice (www.justice.gov.uk). TheBritish and Irish Legal Information Institute(www.bailli.org) is an excellent source for courtcases considered to be ‘in the public interest’and which may have set legal precedents.LexisNexis (www.lexisnexis.co.uk) not onlyprovides access to legal cases but alsonewspaper articles from sources that oftencannot be found on the Internet. These

databases are fee paying but your company islikely to already have accounts with them.

Unless you have the correct legal companyname before you, you could well beperforming your due diligence on the wrongconcern which could result in erroneousconclusions. You’ll garner the correct name

from Companies House and the legaldatabases mentioned.

48www.risk-uk.com

When Diligence Is DueWhether your company is looking to carry out backgroundchecks on prospective business partners or potential futureemployees, there are certain rules, regulations, standardsand procedures in place that must be strictly observed. ChrisBrogan plots a course through what can be a legal minefield

InTheSpotlightASISInternational December2014_riskuk_dec14 09/12/2014 12:04 Page 48

In the Spotlight: ASIS International UK Chapter

49www.risk-uk.com

Remember... When it comes to informationsourced from the Internet and/or newspaperarticles, you cannot be absolutely sure that thename has been accurately recorded.

Checks you may not have consideredAre you aware that businesses providing aninvestigation service for you are required by theInformation Commissioner, ChristopherGraham, to notify his office that they’reproviding such a service?

If they don’t notify then they’re likely to becommitting a criminal offence under Section 17of the Data Protection Act 1998. This rule wouldalso apply to that former colleague of yours towhom you may wish to sub-contract theoccasional investigation. Checking is an easyprocedure. Simply visit www.ico.gov.uk andclick on the Notification Register.

If you sub-contract any work that involves theprocessing of personal data it’s yourorganisation’s responsibility to ensure that thesub-contractor is appropriately qualified andtrained to do so. This requirement is containedwithin Principle 7 of the Data Protection Act.

Make no mistake here. You are liable for anybreaches committed by your sub-contractor.Your defence could be that you did carry outsufficient due diligence. Make sure that youinclude this procedure as a requirement in yourcontract in line with the seventh principle of theData Protection Act.

In May 2011, the Organisation for EconomicCo-operation and Development (OECD) issuedguidelines to the EU’s Member States thatcorporations in those countries shouldinvestigate any partners with whom they dobusiness to ensure that they don’t abusepeople’s Human Rights. Those guidelines maybe found at: www.oecd.org/datacoed/43/29/48004323.pdf

Guidelines for this type of due diligencechecking may be obtained from the Businessand Human Rights Resource Centre(www.business-humanrights.org).

It’s suggested that if you’ve not conductedsuch checks then you may be jointly liable forany breaches that might occur.

Pre-employment screeningThe sources listed can also be used for pre-employment screening of potential employees.However, where individuals are concerned youwill be processing personal data so compliancewith ‘The Privacy Laws’ (‘The Security Industryand The Privacy Laws’, Risk UK, September2014, pp26-27) is of paramount importance.

Although useful, BS 7858 2012 and the CPNIguidelines on pre-employment screening don’t

carry the same weight in an employmenttribunal or a Court of Law as the free guidelinesprovided by the Information Commissioner’sOffice entitled: ‘Use of Personnel’s PersonalData’. If you sub-contract this process you mustensure that your sub-contractor has more thana passing acquaintance with ‘The Privacy Laws’.Again, you’re going to be held responsible forany breaches that might occur.

Consider what’s required on a normal jobapplication form… ‘Please list any CCJs orbankruptcy events that you’ve had in the pastfive years’. Now what’s the relevance of thatinformation for my application as a securityofficer with your company? Is it an integritycheck? I can find no evidence – either legal oracademic in nature – indicating that a CountyCourt Judgement or bankruptcy event placesinto question a given person’s integrity.

As relevance is a major factor in ‘The PrivacyLaws’ (reference Article 8 of the Human RightsAct and the third principle of the DataProtection Act 1998), unless you candemonstrate the relevance of that question andany question in your application form to theposition applied for you could be in breach ofthe law and so face the subsequent penalties.

Be aware that ‘consent’ of the individualconcerned is not going to be your ‘Get Out ofJail’ card. Consent is a most unreliablecondition upon which to rely. This matter willbecome particularly relevant when the futureData Protection Regulations are passed inEurope. 2015 is the proposed date (‘Preparingto meet the EU’s Data Privacy Act’, Risk UK,September 2014, pp28-29).

Thoughts around relevanceLet me outline some thoughts aroundrelevance. Assume that I apply for a new job inyour Finance Department. You want to know myfinancial history because you consider that ifI’m experiencing personal financial problemsthen I may find your organisation’s financialissues simply too complex to deal with them.

It’s worth noting that just because you wantto know that certain something about me thisdoesn’t necessarily mean you’re entitled toknow that certain something about me. The factis your current or future employees’ rights donot suddenly stop when they enter the factorygates in the morning or push open the frontdoor of the corporate headquarters.

Make sure you don’t breach thoseemployees’ rights because, as many companieshave found to their cost, it can be an extremelyexpensive mistake to make – and that’s beforetaking into due consideration any corporategovernance implications.

Chris Brogan MA LLM MIBAFSyI: Partner at B&GAssociates

InTheSpotlightASISInternational December2014_riskuk_dec14 09/12/2014 12:04 Page 49

Live Video Verification Available Now!

r i s cogroup.com/uk

VUpoint

Live video upon event and on demand

Multiple triggers from detectors, events, safety, panic and more

Simple plug & play installation with no specialised training required

Utilising RISCO IP cameras and cloud connectivity, our highly cost effective VUpoint solution is designed for use with our award winning LightSYS™2 and Agility™3 intruder alarms.

riscogroup.com/ukRISCO Group UK | Tel: 0161 655 5555 | Fax: 0161 655 5501 | E-mail: [email protected]*Texts charged at standard network rate

To watch our short video about VUpoint

TEXT VUPOINT to 60777*

y,,

AS VOTED BY SECURITY INSTALLERS

LIGHTSYSTM2

@riscogroupuk riscouk

RISCO Group would like to wish our customers and colleagues a very...


Fire scenarios in healthcare facilities canprove to be varied and challengingsituations. Typically, they’ll involve

furnishings giving off quantities of heat and,particularly, smoke (which is the primary causeof death from fires).

Of course, fire detection systems are astandard requirement but, in terms ofhealthcare facilities, may be of somewhatlimited value. The patients/residents often havelittle or no ability to respond to such warningsystems. They may either be physically(through injury or infirmity) or mentally (by dintof age or dementia) incapacitated.

The problem is further compounded due tothe limited capacity of staff to be able toevacuate all those unable to do so themselves.Staffing levels are rarely high enough to carryout such arduous tasks.

For a full evacuation, healthcare workerswould have to rely on the arrival of the Fire andRescue Service. That said, the time taken for afire crew to arrive may vary as current andprojected cutbacks in resources begin to bite.

One of the most effective ways in which tosafeguard the vulnerable members of oursociety is to install an automatic fixed fireprotection system which would react toincipient fire and suppress it at source.

The solution may be in the form of awatermist fire protection system. As the nameimplies, watermist systems employ waterbroken up into very small droplets.

Although a common commodity, water holdsunique properties with regard to fire-fighting.First, it absorbs a relatively large amount ofheat to raise its temperature. Second, oncewater reaches a temperature of 100°C itconverts to steam and absorbs a very largeamount of heat. Third, in converting to steamwater expands to 1,620 times its volume.

Penetrating the fire plumeThe characteristics described can only beexploited if and when the water is delivered inthe form of small droplets with sufficientmomentum to penetrate the fire plume.

For example, an automatic sprinkler producesdroplets of around 1 mm in diameter, with onelitre of water boasting a surface area of 2 m2. Incontrast, a watermist nozzle delivering dropletsat around 100 microns produces a surface areaof 200 m2 from one litre of water.

This greatly increased surface area of thewater droplets means a similarly increasedability to absorb heat and cool thesurroundings, in turn significantly improvingthe survivability chances of those threatened byfire. This increased water droplet surface area

also enables the droplets to capture sootparticles in the ‘killer’ smoke, thus improvingvisibility into the bargain.

The small water droplets have relativelysmall mass and thus remain airborne for longer,enabling them to continue to absorb heat and,at the same time, flow with the thermal aircurrents such that water is drawn into the seatof the fire even when the outbreak of flamesmay be shielded from the direct discharge ofthe watermist nozzles.

As a result, watermist extracts heat, coolscombustion gases and blocks the radiant heattransfer, in turn preventing the spread of fire.

Exploiting the unique properties of water byway of its delivery via small droplets, firesuppression (and fire extinguishment whereflammable liquids are involved) can beachieved with significantly reduced quantitiesof water when compared with other water-based fire suppression systems.

The benefit is realised in reduced waterdamage and less time and effort to restore agiven premises for re-occupation when therehas been a fire event. It also follows that thewatermist system pipework is smaller and lessobtrusive while the size and space requirementfor general water supplies is similarly reduced.

System basics and benefitsFor healthcare facilities where ordinarycombustibles are present, installed watermistsystems use automatic nozzles fitted with quickresponse frangible elements. Each nozzle willrespond independently to the heat from a fire inits incipient stages. Watermist is onlydischarged to the seat of the fire. In practice,the flow of water activates the water suppliesand signals a ‘fire’ alarm.

Nozzles are fitted into small bore pipeworkwhich is hydraulically designed to ensure thereduced water flows are delivered at therequired flow and pressure to any given firearea. The pipework is connected – via a controlvalve – to dedicated water supplies usuallycomprising one or more small pumps and awater storage tank.

In essence, the benefits of a watermist firesuppression system are as follows:• Provides effective fire suppression• Discharges small quantities of water• Renders conditions in the vicinity of the fire

survivable for longer through cooling of thefire and the surrounding environment

51www.risk-uk.com

One of the mosteffective ways in whichto safeguard vulnerablemembers of our societyis to install anautomatic fixed fireprotection system whichwould react to incipientfire and suppress it atsource. Bob Whiteleyreviews the adoption ofwatermist fireprotection systems inhealthcare facilities

Watermist Fire Protection Systems: Contributing to Fire Safety

Bob Whiteley: Chairman ofthe Fire IndustryAssociation/British AutomaticFire Sprinkler AssociationWatermist Group

FIA Technical Briefing

FIATechnicalBriefing December2014_riskuk_dec14 09/12/2014 11:50 Page 51

52www.risk-uk.com

FIA Technical Briefing

• Soot particles from the smoke are entrained,thereby improving visibility

• Safe for people and the environment• Minimal contamination• No harmful residues

How easily can watermist be fitted?One of the key issues for protecting existingpremises is the practicality of installingwatermist (or, indeed, any other fire protectionsystem), including the feasibility of doing sowithout disruption or displacement of theresidents. This is critical for those healthcarefacilities where the elderly and/or infirm reside.

During the 2011-2012 retrofit of watermistsystems in the Katriina Hospital in Vantaa,Finland, eight patient wards – as well asdaytime operating theatres, the geriatricoutpatient facility and neighborhood HealthCentre – were well protected without affectingthe 24/7 operations of the hospital.

In 2008, the 15,000 m2 Pikonlinna Hospital(this time in Kangasala, Finland) wasrefurbished and fitted with automatic watermistfire protection covering four wings, each ofthem six stories high and providing senior careand a nursing home.

Mist systems are also recognised by majorinsurance companies. Factory Mutual, forexample, has dedicated a specific section of itsstandards to the engineering of watermistsystems as well as setting out representativefire test protocols to establish the design basisfor mist systems.

Other international bodies such as the LossPrevention Council here in the UK andGermany’s VdS have established test andapproval protocols.

Standards to be observedWhile the marine industry was first to the tablewith IMO design and test protocols, theNational Fire Protection Association (NFPA) inthe States then created NFPA750. For its part,Europe has a Technical Specification (TS14972).

The British Standards Institution has issuedthe DD8489 Series: ‘Guidance Documents forCommercial and Industrial Fixed Watermist Fire-fighting Systems’. These are now in their finalstages of being updated and converted to fullBritish Standards.

Once published, the standards will increasethe recognition and acceptance of fixed

watermist fire protection systems for theprotection of life and property.

All of these standards and approval bodieshave a common basis for the design ofwatermist systems – the need forrepresentative fire tests carried out byindependent laboratories. Each watermistmanufacturer must have both their nozzles andproposed design layout performance verified byway of fire testing before they can be translatedinto a validated project design manual for thatspecific application.

Prospective buyers and/or specifiers areentitled to view test reports in order tosubstantiate the viability of any watermistprotection proposal designed to cover theirfacilities. A typical case in point is the IsalaClinics in Zwolle, Holland. These comprise104,000 m2 of offices, research laboratories,treatment rooms and nursing wards spreadover four buildings. They’re all fully-fireprotected thanks to automatic watermistsystems that meet the Dutch regulations.

Finding companies with the necessaryexperience and expertise in engineeringwatermist fire-fighting systems is easy as theywill be members of major fire industry TradeAssociations such as the Fire IndustryAssociation and the British Automatic FireSprinkler Association. These associationsrequire their members to hold BS ISO 9000quality assurance schemes with independentthird party auditing of all design andinstallation procedures.

Valuable contribution to fire safetySuccessfully tested for the protection of variouszones within healthcare facilities, watermistsystems would operate automatically in theevent of a fire scenario with one or morenozzles in the immediate vicinity of the flamesoperating by means of a heat-sensitive, quickresponse bulb located in each nozzle.

While these bulbs are similar to those foundin automatic sprinklers, the water quantitiesdelivered and the fire suppression mechanismsdeployed are different.

Watermist systems are not sprinkler systems,then, but they do provide a valuable addition tothe ‘armoury’ of fire and safety professionalsserving the healthcare sector.

Fire risk assessments for healthcare facilitiesare likely to identify that staffing levels – mostnotably at night – may be too low to carry outevacuations of all those at risk in the event offire breakout. One of the most effective meansof ensuring the safety of staff, patients and theattending fire service personnel is to fit (orindeed retrofit) a fixed watermist system.

“Prospective buyers and/or specifiers are entitled to view testreports in order to substantiate the viability of any watermist

protection proposal designed to cover their facilities”

FIATechnicalBriefing December2014_riskuk_dec14 09/12/2014 11:50 Page 52

Available Now!! SA66 & DA66Two new revolutionary electric locks that solve all the issues with transom fittingand Side loading on both single and double action doors. Issues with shear locks,and solenoid bolts are problems of the past.

• Releases under side loads in excess of 100kg (PRen13637)• Holding force of 1000kg• 10mm thick solid stainless steel bolt• 13mm bolt projection• Pulls door closed if misaligned by up to +/- 8mm• Fail safe/fail secure • Bolt stays retracted until door is closed to eliminate bolt noise • Door and bolt position monitors• Surface housings available for both timber and glass mounting• Fire rated BS.476.Part 22-1987

www.secure-access.co.uk Tel: 0845 1 300 855 [email protected]


More than 20,000 skilled and experiencedindividuals exit the Armed Forces everyyear and, for many among this cohort,

leaving behind the unique structure of forceslife can be a challenge, particularly when itcomes to making the move towards a newcareer on Civvy Street.

The presently challenging job market andspecific requirements set out by employers andrecruitment agencies can make the transition tocivilian life both difficult and stressful.

While figures from the MoD show that 96% ofex-Armed Forces employees are re-employedwithin six months, some former servicespersonnel fail to land the job they wantbecause they find it difficult to demonstrate topotential employers exactly how their militaryexperience is relevant to a civilian role.

Careers within the private security industryhave long been a popular choice for ex-ArmedForces personnel, as many roles within theindustry enable service leavers to transferparticular skills they’ve gained in the military –among them responsibility, diligence, conflictmanagement and communication – into their

new career. Many leavers – such as trainedengineers and technicians – are highly capableindividuals with sound experience of cutting-edge technologies.

Suitability for securityIn 2013, the British Security IndustryAssociation (BSIA) conducted extensiveresearch into the private security industry’sperceptions of ex-Armed Forces personnel andtheir suitability for security roles. That studyrevealed some positive results.

In fact, 88% of respondents reported thatthey either currently employ ex-Armed Forcespersonnel or have done so in the past.

Our research showed that 92.6% of BSIAmembers considered ex-Armed Forcespersonnel to be suitable candidates for securityroles, with self-discipline, motivation, anawareness of security challenges and an abilityto deal with conflict situations cited among thekey reasons as to why. 100% of intervieweesalso felt that such candidates would transitionwell into a supervisory role, while 95.7%agreed that managerial roles would also suitindividuals with a military background.

The BSIA itself employs its fair share of ex-Armed Forces personnel who work in a range ofroles across both technical and manpowersides of the industry. From my own perspective,I served in the Scots Guards for a decade andsaw active service in the Falklands War.

When I left the Army in 1987 there was acareer choice to make. What did I want to do?Following a lot of soul searching, a career in thesecurity industry seemed like the logical choicefor me given the wide variety of opportunitiesavailable. Very quickly, it became obvious to methat, by working hard, approaching tasks in adisciplined manner and making sure that therewas a willingness to learn new skill sets, I wasable to progress and develop that successfulsecond career in Civvy Street.

For me, one of the main attractions of theindustry is the constantly evolving face ofsecurity. There’s always a buzz and a level ofanticipation which keeps me interested andlooking for the next challenge.

Supporting the transitionFor some, transitioning into a career in thesecurity industry can be a difficult adjustment.However, there are organisations available toprovide transitional support or training andensure that individuals are completely ready fortheir new roles.

Secure transition to civilian life With 2014 marking the centenary of the outbreak of World

War I, the long-term impact of war and conflict on thosefighting at the front line has once more become part of the

nation’s collective consciousness. Trevor Elliott discusses thecareer challenges often faced by those leaving the Armed

Forces and the opportunities presented to them by the UK’sprivate security industry

54www.risk-uk.com

SecurityServicesBestPracticeCasebook December2014_riskuk_dec14 09/12/2014 12:36 Page 54

Trevor Elliott: Director ofManpower and MembershipServices at the British SecurityIndustry Association

The Career Transition Partnership (CTP) is theofficial provider of resettlement support forArmed Forces leavers. Discussing opportunitieswithin the security industry, David Duffy(managing director at the CTP) explained:“Careers within the security industry aresuitable for service leavers who wish to buildon the experience gained throughout theirmilitary careers and move to a sector that offersopportunities matching their transferable skillsand employment aspirations.”

Duffy went on to state: “The CTP offers awide range of security courses at all levelswhile a number of accredited training providerson the CTP Preferred Supplier list run industry-related courses. Feedback from theorganisations within the security industry whouse the no-cost recruitment solution the CTPprovides suggests that the skills people gain inthe military, along with those personal qualitiesservice leavers have in abundance, make thema natural fit for the various career paths onoffer in the security sector.”

Expert guidance on trainingFor those about to leave the Armed Forces,members of the BSIA’s dedicated TrainingProviders Section can offer expert guidance onthe basic training requirements for thosewishing to work in security. Indeed, they can bea great source of advice for both securitycompanies and individuals who are looking toprocure training for their roles.

Courses can be taken in areas such as CCTV,intruder alarms, access control, doorsupervision, Control Room operations andmanagement training. There’s a comprehensiverange of state-of-the-art equipment on whichindividuals can learn, not to mention the sageadvice of professionally qualified tutors withreal world experience of the industry.

Counter-terrorism training is, of course,increasingly important within the securityindustry, and training providers are activelyinvolved in educating members of the BritishArmed Forces through a programme ofapprenticeships and various courses.

Apprenticeship in SecurityThis Apprenticeship in Security Programme hasenabled individual infantry soldiers to achieverecognised and relevant qualifications whichnot only meet the stringent requirements of the

National Qualifications and Credits Frameworkbut also the Security Industry Authority.

Due to the fact that certification is notrequired to perform counter-terrorist tasksduring operations, the British TechnologyEducation Council Certificate andcomplementary National VocationalQualification are designed, developed anddelivered by civilian trainers/assessorspossessing significant experience both from theperspective of military operations andcommercial security appointments.

As part of the programme, all infantryapprentices are required to demonstratemastery of the following core knowledge-basedunits: ‘Working in the Private Security Industry’,‘Working as a Private Security Officer’ and‘Communication and Conflict Management’, inturn ably demonstrating the relevance thatprivate security sector experience can have inthe much wider context of both defence andnational security roles.

Qualifications like these can help to ensurethat Armed Forces personnel are well-equippedand prepared for a career in the private securityworld once they’ve made the transition tocivilian life.

Individual learning plansMany companies operating within the securityindustry offer their own in-house support toassist ex-Armed Forces personnel make thetransition to a role in security. From tailoredinductions through to individual learning plansand mentoring, it’s clear to see that employersin the security sector are taking their roleseriously in terms of helping new employeescope with life in the corporate world.

Among the BSIA members questioned in theAssociation’s survey, employers cited the factthat ex-Armed Forces personnel can be effectivewhen employed in a number of roles, mostnotably in close protection or as securityofficers, but also in a range of technology-based roles such as security installers, CCTVoperators and in Research and Development.

Thankfully, those involved in conflict in themodern age have access to a wide range ofopportunities on leaving their active service.

We’re extremely pleased that the privatesecurity industry is playing its part infacilitating the transition to civilian life for manyof our country’s brave servicemen and women.

Security Services: Best Practice Casebook

“Our research showed that 92.6% of BSIA members considered ex-Armed Forces personnel to besuitable candidates for security roles, with self-discipline, motivation, an awareness of securitychallenges and an ability to deal with conflict situations cited among the key reasons as to why”

55www.risk-uk.com

*To find out more about thecourses offered by membersof the BSIA’s TrainingProviders Section visit:www.bsia.co.uk/training-providers

**Further informationconcerning the CareerTransition Partnership can befound at:https://www.ctp.org.uk/

SecurityServicesBestPracticeCasebook December2014_riskuk_dec14 09/12/2014 12:37 Page 7

When an individual stands beforemembers of the Jury in a Court of Law,the presiding Judge has only one chance

to determine the verdict. Double jeopardyprevents anyone from being tried twice for thesame crime and so, no matter what informationmay come to light at a later stage, there are nosecond chances. Even if that individual is guilty,if not deemed to be so by the Jury they’veescaped punishment.

‘Security Courts’ used to abide by the samerule, relying on a conviction paradigm thatprovided a single point in time to make sure aconviction was right. Blocking and preventiontechnologies and policy-based controls gavesecurity professionals just one opportunity topass judgment on files and identify them asbeing either safe or malicious.

During an era when threats were lesssophisticated and stealthy than is the casetoday, these defences were mostly acceptable.However, cyber attacks have evolved markedlyto the point where relying exclusively on point-in-time defences is now far from a good idea.

Modern cyber attackers have honed theirstrategies, frequently using tools developedspecifically to circumvent the target’s chosensecurity infrastructure. They go to great lengthsto remain undetected, using technologies andmethods that result in almost undetectableindicators of compromise. Once advancedmalware, zero-day attacks and advanced

persistent threatsenter a network,most securityprofessionals haveno way of continuingto monitor these filesand take action whenthe files later exhibitsome form ofmalicious behaviour.

In order to beeffective, our‘Security Courts’must evolve suchthat securityprofessionals can

continue to gather evidence and retry files afterthe initial acquittal. This requires a securitymodel that combines big data architecture witha continuous approach to provide protectionand visibility along the full attack continuum –from point of entry, through propagation and ontowards post-infection remediation.

One of the innovations this model enables iscalled retrospection and it provides the abilityto continuously monitor files, communicationand process activity against the latestintelligence and advanced algorithms over anextended period of time, not just at an initialpoint in time.

Retrospection offers significant advantagesover event-driven data collection or scheduledscans for new data. It captures attacks as theyhappen. Unknown, suspicious and oncedeemed ‘innocent’ files can be tried again.

How does retrospection work?After initial detection analysis, retrospectioncontinues to interrogate files over an extendedperiod of time with the latest detectioncapabilities and collective threat intelligence,allowing for an updated disposition to berendered and further analysis beyond the initialpoint-in-time the files were first seen.

Communication retrospection continuouslycaptures communication to and from anendpoint and the associated application andprocess that initiated or received thecommunication for added contextual data.

Similar to file retrospection, processretrospection continuously captures andanalyses system process input-output over anextended period of time.

File, communication and process data iscontinuously woven together to create alineage of activity and gain unprecedentedinsights into an attack as it happens. With thisinformation to hand, security professionals canquickly pivot from detection to a fullunderstanding of the scope of the outbreak andtake action to head off wider compromises.

Protections can be automatically updated sothat security professionals are able to make theright verdict up front and prevent similarattacks from occurring in the future.

Despite its long history in the criminal courts,double jeopardy has no place in the ‘SecurityCourts’. Technologies have presently advancedto the point where security professionals havenumerous opportunities before them to detectand stop attacks.

Put simply, retrospection is one of the latesttechniques designed to afford securityprofessionals a second chance when it comesto delivering the right verdict at the right time.

Security’s second chance Cyber attacks have evolved markedly to the point where it’s

now far from a good idea for security professionals to relyexclusively on point-in-time defences. Terry Greer-King

examines a security model that combines big dataarchitecture with a continuous approach to provide

protection and visibility along the full attack continuum

56www.risk-uk.com

RetrospectionFilesCommunicationProcess December2014_riskuk_dec14 09/12/2014 13:13 Page 56

Terry Greer-King: Director ofCyber Security at Cisco

Predictive analytics, hidden threatsFurther, the only thing that you can be certainof in life is that nothing is certain. Forthousands of years the human race has tried toprove otherwise. People have attempted topredict the future with tarot cards and bystaring into crystal balls. It’s highly unlikelythat we’ll ever be able to see exactly what liesahead but, thanks to significant technologicaladvances, what we can do is use our knowledgeof the past and the present in order to drive adesired future outcome.

In the field of IT security, today’s threatlandscape is not the same one that we facedwhen the first PCs were introduced, but newtechnology creates an exciting opportunity forthe security sector to strengthen its defences.This is absolutely vital in a world where cyberattacks are becoming increasinglysophisticated and targeted.

It’s no longer a case of ‘If’ a network will beattacked but ‘When’. The security industry usedto be able to build a specific response to aspecific cyber security threat. Now, though,attackers make it their job to stay one stepahead and find new ways of avoiding detection.

The lack of visibility organisations enjoy intoday’s ‘noisy’ networks means persistentthreats have plenty of places in which to hide.Fortunately, predictive analytics is an emergingdetection capability that can help securityprofessionals seek out any trespassers.

Predictive analytics doesn’t necessarily meanseeing an attack before it happens. Rather, it’sabout identifying and tracking unknownmalware, wherever it may be hiding.

Due to the fact that predictive technologiesare in their infancy, gaining a baselineunderstanding of the foundations upon whichthey’re being developed is a good first stepwhen exploring this new area.

The following key questions can help.

(1) How is the knowledge derived?An approach that’s grounded in knowing what‘normal’ activity looks like can spot unusualbehaviour on a network – the symptoms of aninfection – through behavioural analysis andanomaly detection combined with advancedsecurity intelligence.

A model – derived from many smaller modelsand a concise representation of past behaviour– is created and used to predict how entitiesshould behave in the future. Ideally, data is

correlated in the cloud to enhance the speed,agility and depth of threat detection. If there’s adiscrepancy in expected behaviour that’ssignificant it’s then flagged for investigation.

(2) How is the knowledge presented? For predictive analytics to be practical andusable, security professionals should look forsolutions that automatically present andexplain findings and recommend next steps inan easy-to-understand format.

These insights give existing security teamsthe confidence to act upon the analysis andimprove controls, protection and remediationwithout the need for highly-trained experts.

(3) How is the knowledge used?When integrated with existing securitytechniques, predictive analytics can help tomake defences more accurate and morecapable of detecting unknown or unusualbehaviour on the network.

Machine learning capabilities allow a givensystem to learn and adapt based on what itsees and pinpoint where dangers may reside.They seek evidence of an incident that hastaken place, is under way or may be imminent.

Although they don’t necessarily handlesecurity or policy enforcement, they can providecontinuous intelligence to other systems – suchas content-based security solutions, perimetermanagement or policy management solutions –so that they may find unexpected threatsleading to the prioritisation of controls,protection and remediation.

Retrospection: File, Communication and Process Monitoring

“Retrospection offers significant advantages over event-driven data collection or scheduled scansfor new data. It captures attacks as they happen. Once deemed ‘innocent’ files can be tried again”

57www.risk-uk.com

RetrospectionFilesCommunicationProcess December2014_riskuk_dec14 09/12/2014 13:14 Page 57

With the world becoming an increasinglymore volatile, uncertain and chaoticenvironment in which to live and work,

security and resilience – in its various guises –is an industry that’s expanding rapidly and onethat will continue to grow through the nextdecade and beyond. The security infrastructurebudget in the US alone, for example, is set toapproach $86 billion by 2016 and forecast togrow at a rate of 8.4% per year.

Maritime security aimed at countering Somalipiracy is another significant market. That’s notto mention the demand for combating agrowing asymmetric threat from internationaland domestic terrorism nor the dangers posedfrom natural disasters spurned by climatechange forces which are on the increase. All ofthese scenarios demand agile responsesprovided by visionary minds.

In the UK, the private and corporate securitysectors have grown and morphed significantlyover the past decade due to economicglobalisation and threats adopting aninternational dimension. On top of that, newtechnology is swiftly and continually changingthe very ways in which security systems areprovided at all levels.

Security is second nature to anyone whohas served – or is still serving – in the

Armed Forces, the police serviceor indeed the Security

Services andintelligence

agencies.

Further, security, resilience and dealing withdisaster is a way of life for those charged withmanaging highly sensitive documents and thecontrol of lethal weapons and ammunition.

Many will have served at the operational andtactical levels of command while some will haveworked as members of the strategic ‘Gold’command groups.

Many will have deployed overseas onoperational service and seen the devastatingresults of hurricanes and typhoons, the debrisof war and the effects of pandemic disease oncommunities like those of East Africa.

Others will have participated in majorincidents in the UK or assisted with civilcommunity-type operations, for example byhelping with the terrible and devastating floodsthat occurred back at the beginning of 2014.

Manifesto for Professional SecurityOne of the greatest challenges facing thesecurity sector over the next decade will be tomake security a career of first choice for youngmen and women leaving university and chartingtheir futures. Individuals who find themselvesat the very beginning of their career.

This need has been brilliantly recognised byThe Security Institute with the launch of itsambitious new plan entitled: ‘Recognised,Respected and Professional’ (‘A Manifesto forProfessional Security’: The Security Institute’sVision of The Future, pp12-14). The Manifestorecognises the need to heighten the profile ofthe sector. It seeks to encourage collaborationwith universities, education providers, schoolsand careers advisors. There’s full recognitionthat we must identify career paths forindividuals from the point that they join theindustry to the very top of the profession andshow that ‘Security’ can be a challenging,intellectually stimulating and exciting career.

Until this aim is achieved, though, thesecurity industry will continue to rely heavilyupon personnel from the police, the ArmedForces and the Security Services moving to asecond career in either the corporate or theprivate sectors.

This transition is, of course, a logical step forthose for whom security has been a part oftheir vocation from Day One of their careers.Such men and women have provided leadershipat major incidents, dealt with the news mediaand harbour deep experience of resilience anddisaster management at first hand.

In addition, they’ve been trained to workunder pressure and thrive in stressfulconditions. They provide a solid bedrock oftalent and experience upon which the industrydepends at what is a time of significantly

Corporate callingWorking in a uniformed environment is very different from

operating in the commercial world where every penny of theinvestment made in security and resilience has to be justified and

is often hard won against competing commercial priorities. JeffLittle examines a new training course designed for those making

the transition towards roles in the security sector

58www.risk-uk.com

TrainingandCareerDevelopment December2014_riskuk_dec14 09/12/2014 12:41 Page 58

Jeff Little OBE MBA FSyIFICPEM: Director ofForcesBridge Training

increased threats from terrorism, naturalhazards, climate change effects and, of course,potential epidemics.

Working in different worldsThat said, even they don’t know it all. Workingin a uniformed environment is different fromoperating in the commercial world where everypenny of the investment made in security andresilience has to be justified and is often hardwon against competing commercial priorities.

Many middle-ranking and senior officers andwarrant officers step straight into appointmentsof significant responsibility with internationalcommitments and the reputations of majorbrand names at stake. Others move to defendelements of the Critical National Infrastructurewhere there’s a need for more sophisticateddefences against a range of asymmetric,omnidirectional and multi-faceted threats.

Many more move into private securitycompanies (which used to be known as PrivateMilitary Security Companies until a change oftitle was deemed beneficial to their interests).Such companies have achieved great success indealing with pirate activities, for example offthe coast of Somalia.

With this canvass in mind, ForcesBridgeTraining has constructed an intensive, relevantand threat-driven two-week training course togive such leaders a head start as they make thetransition to the commercial sector. Thedynamic syllabus covers all aspects of thecontemporary security spectrum for theprotection of employees and seniormanagement who travel the globe. It looks atthe protection of intellectual property rights aswell as the physical demands of defending, forexample, a headquarters building by usingaccess control and electronic alarms.

Value of security investment Strategic thinking in their new role will becrucial for those transitioning to Civvy Street,and convincing the Board of Directors about thevalue of investment in security systems iscovered in detail.

The course will enable delegates to meetother members of their cohort beginning theirjourney in this growing and dynamic industryand mix with guest speakers who’ve beenpractising in the sector for many years. Regularupdate briefings will be held for those whoattend while password-controlled access to the

website (www.forcesbridgetraining.com) willkeep all delegates up-to-speed with newtechniques as and when they evolve.

In short, all delegates will become animmediate member of the ForcesBridge alumni– a group destined to become the driving forcein what’s now a rapidly growing threatmitigation industry.

360-degree vision is with usThe ‘Heads of Security’ or ‘Security andResilience Directors’ of today and tomorrow willbe expected – and required – to have a full 360-degree vision of the industry, its strengths andweaknesses and the technical systems andtools available to them in 2015 and beyond. Nomatter how broadly based a service career theywill have enjoyed to date, candidates cannot beexpected to have more than 180-degree visionat the point at which they make their transition.Indeed, many may only boast a 90-degreespecialist duty view or even less.

Therefore, ForcesBridge Training hasconstructed a course which will provide a fulland comprehensive overview of the completesecurity landscape. The course is dynamic,testing and up-to-date with current globaldevelopments such as the Jihadistfundamentalist threat emanating from theMesopotamian Basin, the dangers of cavitybomber attacks and the risks posed by organicexplosive devices.

Delivered in central London, the two week-long course will provide candidates withknowledge of risk management, an overview ofinvestigation techniques and electronic securitysystems. It explores the relevant British andinternational standards, introduces the lawsand responsibilities designed to prevent andreduce crime, deal with cyber attacks andcounter today’s terrorist threats.

The course also describes the needs of theresilient organisation that’s ready and preparedto deal with disruption to its supply chain athome and abroad, confident in its disastermanagement protocols and playing host to awell-practised contingency action team with asolid set of operating procedures configured tolead the company’s route back to normalityshould the worst case scenario ever transpire.

For those yet to enter the security industry,assistance with writing a relevant CV andpreparing for that all-important interview isalso provided.

Training and Career Development

“In the UK, the private and corporate security sectors have grown and morphed significantly overthe past decade due to economic globalisation and threats adopting an international dimension”

59www.risk-uk.com

*The next ‘Security Designand Management’ trainingcourse will be delivered byForcesBridge Training at theprestigious Royal UnitedServices Institute (RUSI) inLondon between 16-27February 2015. Further information isavailable online at:www.forcesbridgetraining.com

TrainingandCareerDevelopment December2014_riskuk_dec14 09/12/2014 12:42 Page 59

Risk in Action

60www.risk-uk.com

Axis Communicationshelps drive down lossesat TractamotorsAutomotive servicing businessTractamotors has realised a60% reduction in losses for theretail arm of its businessfollowing the installation ofnearly 50 Axis Communicationsnetwork cameras at its site inCavan, Ireland.

Initially, Tractamotors investigated an upgrade to its current analogue CCTVsystem but, after testing a hybrid digital video recording package, the companydecided to make the full switch from analogue to digital. Ciaran Murray, ITmanager at Tractamotors, explained: “We felt Encom’s proposal to use Axisnetwork cameras in tandem with Milestone XProtect was the perfect solution.”

Axis and partner organisation Encom have developed a feature-rich, state-of-the-art solution combining Axis network cameras and a Milestone XProtectvideo surveillance system, in turn enhancing surveillance coverage to protectmembers of staff, monitor Health and Safety and, importantly, reduce shrinkageacross the 2.5-acre site.

Over 40 Axis M32 Series fixed dome network cameras are installed in thehardware and retail areas of the business in order to minimise stock loss andreduce incidents of theft. Using Axis video encoders, Encom has been able tointegrate elements of the existing analogue system into the new IP solution.

Tractamotors’ shop floor has lots of aisles obscured by shelving, with noclear field of view. To address this, Axis’ Corridor Format is used in conjunctionwith the Axis M3204 network camera to rotate the video’s aspect ratio to aportrait view. Surveillance coverage in the store has been increased to 80%.

Camera count has also increased for other parts of the site to address theHealth and Safety concerns in the tyre and refitting areas of the business. Allentrances and exits are now closely monitored.

Corps Security applieswinning formula forGlasgow 2014Glasgow’s hosting of the 20thCommonwealth Games in late Julyand early August was considered aresounding success, with over4,500 athletes and around onemillion spectators converging onthe city. Featuring 17 differentsports over 11 days of competition,261 different medal events took

place across 14 individual venues on threecompact site clusters to the east, south andwest of the city centre.

In January of this year, Corps Security wasappointed to provide event security andrelated services for the Glasgow GreenPrecinct and nearby Holiday Inn. The formerserved as the venue for the finish of the

marathon as well as the ever-popular cyclingtime trials and road races.

Jason Taylor, Corps Security’s event salesand marketing manager, explained: “Our keyoperational objectives were to maintain safetyand security in the immediate environment,provide support to the venue managementteam throughout the deployment and ensurethat any live broadcasts were not disrupted. Atthe Holiday Inn, we were tasked withmaintaining a safe environment for membersof the International Boxing Federation.”

A vigorous and robust recruitment processwas initiated with the thorough assessmentand screening of 853 potential candidates.Approximately 60 appointments were madeand the selected individuals given additionalevent-specific training, with 23 coursescompleted across the UK by four trainers overa total of 1,344 hours.

High-tech monitoring rendersunmanned forecourts a viable optionRemote monitoring is helping to solve thebattle of manning petrol forecourts on a 24-hour basis. Over a three-year period, a 73%increase in the number of unmanned forecourtsmonitored by Farsight Security Servicesappears to signify a growth in popularity forremote monitoring over staffing these oftenhigh-risk environments.

Lone workers at petrol forecourts face anincreasing array of dangers including fire andtheft but remote monitoring can help eliminatethese risks. Malcolm O’Shea Barnes, senioroperations manager at Farsight SecurityServices, explained: “Working with technologypartners and Primary Authority Partners forPetroleum Legislation, Farsight has producedan affordable and environmentally-friendlysolution that can be retrofitted around existingequipment and respect national guidelines.”

In 2011, only 1% of petrol forecourtsmonitored by Farsight used video analytics. In2014, that number has rocketed to 69%. Theremaining 31% are expected to follow.

RiskinAction December2014_riskuk_dec14 09/12/2014 13:11 Page 60

61www.risk-uk.com

Risk in Action

Sawbridgeworth Town Councilimplements IDIS DirectIPsurveillanceDue to theft, vandalism and anti-socialbehaviour, managers at SawbridgeworthTown Council in Hertfordshire wanted toupgrade the local authority’ssurveillance capability to cover shoppingareas, main thoroughfares and newTown Council offices.

Following a technology evaluation,they selected Sunstone IP Systems tocomplete the necessary installation dueto the company’s “forward-thinking approach” encompassing IDIS DirectIP full-HD cameras, IDIS video management software and a digital wireless networkconfigured to keep infrastructure and installation costs to a minimum.

Sunstone has installed a digital point-to-multipoint wireless networkthroughout the town with link speeds in excess of 100 mbps per location. Thenetwork currently supports external DirectIP dome cameras installed onexisting Hertfordshire County Council-owned lampposts and linked back toDirectIP NVRs located in Sawbridgeworth Town Council’s offices.

The vandal-proof day and night cameras feature infrared, audio input andoutput as well as motorised varifocal lenses for ease of configuration. Thecameras provide coverage of the town centre, including a major road junctionand thoroughfare in and out of London, plus the new Town Council premises.

The Sunstone-designed system provides Sawbridgeworth Town Council staffwith a centralised monitoring capability while giving Hertfordshire Policeremote access to full-HD footage in order to detect and solve crime. To date,the DirectIP solution has provided vital evidence relating to three crimes sinceits implementation in the late summer of 2014.

Norfolk and Norwich UniversityHospital makes patient safety a top priority Norfolk and Norwich University Hospital(NNUH) is an NHS academic teaching hospitallocated on the southern outskirts of Norwich,and was the first new NHS teaching hospitalbuilt in England for more than 30 years. Itreplaced the former Norfolk and NorwichHospital (founded in 1771) and the WestNorwich Hospital.

NNUH was built under a PFI scheme andopened in late 2001. It has 987 acute beds andoffers a wide range of NHS acute healthservices plus private patient facilities. It’s also ateaching centre for nurses, midwives, doctorsand therapists and plays host to the NorwichGP specialist training scheme.

The hospital has always concentrated onleveraging the latest technologies. Now, NNUHhas deployed one of the most advanced accesscontrol solutions available to ensure the safetyand overall protection of its patients, visitorsand staff. The integrated TDSi system enablesNNUH managers to quickly identify all areas onsite and ensure security staff can respondappropriately to, for example, suspiciousindividuals or hazardous conditions.

Appraising the original access control systemthat encompassed old legacy door controllers,network and cabling infrastructure, Check YourSecurity used its Enterprise Audit Report tool togather and collate a healthcare securityinventory and produce a security asset registerhighlighting location, condition, value andsystem architecture design.

FM concern Serco Group plc had to augmentthe site-wide upgrade while not compromisingsecurity and services. To help manage thischallenge, Serco Group plc appointedengineering officer Steve Hewitt as projectmanager. Hewitt’s role was to oversee criticalpaths and ensure milestones were delivered ontime with the correct resources for Check YourSecurity to upgrade the TDSi hardware andsoftware with minimal disruption.

Simon Wardle, facilities and servicescontracts manager at NNUH, explained: “Thelatest TDSi EXgarde Security ManagementSoftware 4.2 and hardware offers the hospitalnew opportunities to explore current markettechnologies and third party integrations.”

High security for firstcombined Dental Hospital andSchool in four decadesSecurity Solutions – a division of AssaAbloy UK – has secured a contract tosupply products for Birmingham DentalHospital & School of Dentistry – theUK’s first new integrated dentalhospital and school for nearly 40 years.

Being a key element of the new Edgbaston Medical Quarter, the developmentis seen as highly strategic for the city and further enhances its reputation as ahub for medicine, learning and life sciences.

The new state-of-the-art facility will house a range of services for the publicincluding walk-in emergency dental care, oral surgery, oral medicine,orthodontics and paediatric dentistry delivered by Birmingham CommunityHealthcare NHS Trust.

The public will access all dental services in one wing of the building with asecond wing providing world class research facilities.

This landmark development was granted detailed planning permission inDecember 2012 for the site, which is the former home of BBC Pebble Millstudios. Security Solutions has scheduled 500 timber door sets andarchitectural ironmongery for the prestigious project, including laminate-faceddoors with painted frames complemented by Scanflex door furniture.

An array of Assa products will be supplied to the project, including its highsecurity P600 cylinders and modular rack and pinion door closers in addition tocam motion door closers that will fulfil the Equality Act 2010.

RiskinAction December2014_riskuk_dec14 09/12/2014 13:11 Page 61

62www.risk-uk.com

Technology in Focus

Tyco adds Compact IP Mini-Bulletcamera to Illustra portfolioTyco Security Products has introduced theIllustra 610 Compact IP Mini-Bullet camerawhich “provides exceptional video quality”within a small framework, making itappropriate for indoor or outdoor activesurveillance situations.

With 1080p resolution for crisp, clear HDvideo, the cameras provide various viewingangles (including a horizontal view) and acorridor mode designed to capture video innarrow hallways or other areas where thetraditional landscape format will not suffice.

Using a built-in IR LED, the cameras delivervideo surveillance in a variety of lightingconditions. Wide Dynamic Range on thesemodels further minimises the impact onsurveillance video caused by glare.

Multiple streams of H.264 and MJPEGcompression ensure “excellent image clarity”with controlled bandwidth usage. A built-in

micro SD/SDHC card slot enables severaldays of recording to be stored

on a memory card. Also,when triggered, theembedded motion

detection sensor in thecameras can send an alert to

the operator or an e-mail to anyhandheld device.

www.americandynamics.net

Simplifying and reducing the costof building security with VidexVidex has launched two products in itsaccess control range: a new standalonesingle door proximity access system(designated the MINI-SA2) and a low cost,multi-protocol proximity reader – the MINI-M– for Portal Plus and third party accesscontrol systems.

The MINI-SA2 offers an easy-to-install andprogram access control solution formanaging a single entrance using shadowand delete cards without the need for PC orsoftware components.

Neil Thomas, national sales manager atVidex, said: “Many buildings need accesscontrol to a single main entrance. However,currently available systems often havemultiple door capability and complicatedprogramming options using a PC. All of theMINI-SA2’s functions are contained within areader so no external controller is needed,just a suitable power supply.”

The MINI-M is a compact multi-protocolproximity reader for deployment with theVidex Portal Plus range or third party accesscontrol systems using Wiegand protocol.Typical applications for the MINI-M includeaccess control within commercial premises,schools, hospitals and studentaccommodation blocks.

Numerous access control systems areavailable with different requirements andlevels of complexity but, in many cases, thereaders only need to allow or deny access toproximity cards. As stated, the new MINI-Mreader uses Wiegand communicationsprotocol and is therefore compatible withmany different access control systems.www.videx-security.com

Hoyles develops Fire Door Checker for blocked fire exitsUnchecked, blocked fire exits are without doubt an accident waiting to happenand should be taken very seriously. Checking systems are an excellent idea, butmany routines of this nature can fall by the wayside.

With this in mind, Hoyles has developed a clever way in which to ensure fireexit doors are regularly checked and available to be fully opened in the event ofan emergency. The Exitguard fire exit door alarm is a time-served favourite ofsecurity installers and end users, and has now taken on an additional role. Thenew facility is called Fire Door Checker and is a standard feature available on allof the keypad-operated Exitguard solutions.

The Fire Door Checker can alert staff to ‘Open-Check-Close’ as soon as thebuilding is occupied. Here, each Exitguard emits an intermittent sound whilestrobing. Only when the fire doors have been verified will the Exitguard sounderand strobe stop. This ensures a given door is available for emergency use, afterwhich it resumes its normal security monitoring role.

The Fire Door Checker operates via a switched signal from the intruder alarm,clocking machine, a time switch or on an independent basis. If a more frequentcheck is required, the time switch option will allow the end user to introduce atighter regime of checking suitable to their exact requirements.

In addition to the Fire Door Checker function, Hoyles’ Exitguard door alarmrange provides a comprehensive solution for the security – and prevention ofmisuse – of fire exit doors. Different models provide options for battery, 12 V DCand mains power source as well as control by either keypad or key switch.www.hoyles.com

TechnologyinFocus December2014_riskuk_dec14 09/12/2014 12:39 Page 62

63www.risk-uk.com

Technology in Focus

Nedap reinvests in AEOS with nextgeneration controllersThe next generation AEOS Blue hardware linecontroller from Nedap builds on the company’ssuccessful AEOS Security Management Platform– the first software-based platform designedspecifically for security management.

Now on the sixth generation of controller,with AEOS Blue it’s fair to say Nedap has onceagain unlocked a new realm of software-drivenfunctionality. The AEOS Blue will deliver costsavings for both the installer and the customer.

AEOS Blue is an energy-efficient, powerfulhardware line consisting of door controller,door interface and power for a self-containedsolution that can handle both the simplest andthe most complex of security needs.

Another new feature of the AEOS Blue is thecompletely redesigned and simplified softwarelicensing model which makes the price of AEOSBlue more competitive than ever for its range offunctionalities (including the control of air locksand revolving gates). The new softwarelicensing model makes the calculation anddesign of security systems “perfect” every time.www.nedapsecurity.com

Norbain announcespartnership withDigital BarriersNorbain can now offer endusers the innovative SafeZone-edge videoanalytics app from Digital Barriers, thespecialist provider of advancedsurveillance technologies.

SafeZone-edge is the first productin its class to deliver performancecomparable to that of conventionalserver-based analytics. It features“exceptional” detection accuracy and minimalfalse alarms, yet can be installed quickly on tocompatible Axis Communications cameras.

SafeZone-edge is UK Government certified(under the i-LIDS scheme) and designed toprotect both secure facilities and vulnerablecommercial sites.

In addition to reliable performance,SafeZone-edge has been designed with a“relentless focus” on ease of deployment,affordability and scalability in mind. Theinnovative auto-calibration feature dispenseswith complex scene calibration tasks, allowingmultiple cameras to be installed both quicklyand without fuss.

Intelligent processing ensures reliableoperation, adapting automatically to seasonaland environmental conditions (variableillumination, shadows and weather, etc) thatcan otherwise cause nuisance alarms. In a real-life operational test conducted over the courseof a week, the replacement of a VMD solutionwith SafeZone-edge resulted in a nuisancealarm reduction of 10,000-plus to just one.www.norbain.com

New loop interface and survey kitintroduced for XPander rangeApollo Fire Detectors has launched a DiversityLoop Interface Unit and Survey Kit speciallydesigned for the XPander range.

Connecting up to 31 XPander devices to anApollo addressable loop, and reporting thestatus of each device to a control panel, theupgraded Diversity Loop Interface Unitprovides increased signal integrity.

Signals to and from the device aretransmitted through the internal orthogonalbi-directional aerials, which require noadjustment or maintenance, allowing foreasier set-up and no ongoing costs.

The device is backwards compatible withprevious versions, allowing for continuity ofsupport at existing sites using the XPanderrange. The Diversity Loop Interface Unit isapproved to EN54:17, EN54:18 and EN54:25.

The XPander DiversitySurvey Kit allows a moredetailed site survey to beundertaken to determine thesuitability for an XPanderinstallation and its integrityonce installed. Providingdetails such as dB andbackground noise levels, theupgraded kit is more user-friendly, allowing for quickerand easier use. The newSurvey Kit meets the requirements for BS5839 Part 1 for conducting a site survey.

Charles Smith, head of product managementat Apollo Fire Detectors, commented: “Thedevices will instil end user confidence in ourdetection equipment, from the initial sitesurvey through to the connection of XPanderdevices to the Apollo loop.” www.apollo-fire.co.uk

TechnologyinFocus December2014_riskuk_dec14 09/12/2014 12:39 Page 63

Store, manage and control keys, cards and small assets more securely and efficiently with

KeyWatcher® Touch. Access is limited to authorized users, and all transactions are recorded with

detailed reports available. The system will even automatically email transactional information to any

user – at any time. And KeyWatcher’s convenient touchscreen makes removing and returning keys

easier than ever. With our modular design and full scalability, it’s easy to see how we keep making

key management better. That’s Morse Watchmans’ outside the box thinking – right inside the box.

morsewatchmans.com • 0115-967-1567


Appointments

65www.risk-uk.com

AppointmentsRisk UK keeps you up-to-date with all the latest peoplemoves in the security, fire, IT and Government sectors

Robert HanniganRobert Hannigan succeedsSir Iain Lobban as directorof GCHQ. Hannigan hasbeen the Director General(Defence and Intelligence)at the Foreign andCommonwealth Office(FCO) since 2010.

First announced back inApril, Hannigan’s appointment was madefollowing a recruitment process chaired bynational security advisor Sir Kim Darroch thatwas open to both crown and civil servants.

Commenting on his new role, RobertHannigan said: “It’s a privilege to be asked tolead GCHQ. I have great respect for the integrityand professionalism of the staff and for whatthey’ve achieved under the outstandingleadership of Sir Iain Lobban.”

Hannigan joined the Civil Service from theprivate sector, initially becoming director ofcommunications for the Northern Ireland Office.He was then appointed to be principal advisorto (then) Prime Minister Tony Blair and variousSecretaries of State for Northern Ireland on thepeace process.

Hannigan was also the Prime Minister’ssecurity advisor and head of intelligence,security and resilience at the Cabinet Officefrom 2007 (with responsibility for the UK’sNational Security Strategy).

Chris WiselyChris Wisely has been promoted from head of operationsto the newly-created role of managing director at AxisSecurity (part of the Axis Group of security, receptionmanagement and support services companies).

Wisely has worked in the security industry for morethan 20 years and joined Axis Security in 2009 as financedirector before progressing to head of operations in 2012.

In the five years he has been with the business, Wiselyhas worked with the senior management team in furtherstrengthening the company’s operations, including the

launch of its bespoke online portal – Axis e-Connect – giving customers easyaccess to live reports, documentation and information about their portfolio.

Wisely has also overseen a significant investment in employee training andplayed a key role in creating specialist teams to manage recruitment, training,compliance, contract mobilisation and Health and Safety.

As managing director, a key focus for Wisely will be redefining the company’svision and the business strategy required to deliver that vision. “We want to beviewed as the leading provider of security services in key sectors andgeographies, so it’s important that we are known more widely,” urged Wisely.

“We also want to be known as the best employer in the industry and havemade great strides in developing a detailed training programme for our officersand management staff, allowing us to develop and retain the very best people.”

Lynn Watts-PlumpkinThe IQ Group – whichencompasses bothIndustry Qualificationsand the Institute ofAdministrativeManagement – hasappointed Lynn Watts-Plumpkin to lead its all-new IQ Verifycertification body.

IQ Verify will specialise in the certificationof management systems, products andservices, and is in the final stages of UKASaccreditation to ISO 17021 and ISO 17065.

Watts-Plumpkin, whose backgroundincludes significant roles at both the NSI andthe SSAIB, said: “I’m delighted to be joiningthe IQ Group at this time. IQ Verify will bedistinct in its offering. The focus will be onstandards associated with corporateresilience, the investigations sector and PSC-1 within the security industry. We will also bedeveloping inspection schemes for a numberof economic sectors and trade bodies.”

IQ Verify began operations on 1 December.

Kenneth Hune PetersenKenneth Hune Petersen is the new chief salesand marketing officer at IP video managementsoftware specialist Milestone Systems.

Petersen will be based out of the company’sglobal headquarters in Denmark and, as amember of the Executive Management Team,report directly to CEO Lars Thinggaard.

For the last 17 years, Petersen has workedwith SimCorp, his most recent role being that ofsenior vice-president, head of global sales.Petersen was responsible for sales leadership indeveloping business across the Nordic regionand also spent a decade in the States buildingup SimCorp’s Americas business unit.

Petersen holds an MSc in Economics fromCopenhagen University.

“Kenneth is inspiring and passionate aboutleadership and building business,” stated LarsThinggaard. “Our reputation has been derivedfrom constantly fostering innovative solutions tomeet our customers’ needs, and we’vecontinually raised the bar in our industry whenit comes to collaboration. Kenneth’s job is tohelp accelerate our growth and further thecompany’s reputation as a bridge-builderbetween our customers and technology.”

Appointments December2014_riskuk_dec14 09/12/2014 11:42 Page 65

Appointments

66www.risk-uk.com

Billy HopkinsIDIS has announced the appointment of BillyHopkins to the role of regional sales managerbased out of the company’s Europeanheadquarters in Brentford.

Hopkins will manage distribution sales inSouth East England to meet the demand fornext generation DirectIP HD surveillancesolutions. Assuming responsibility forleveraging and nurturing new and existingdistribution partnerships, Hopkins will alsotake an active role in developing bespokemarketing and sales initiatives to drive valuefor IDIS partners.

Hopkins brings with him over ten years’experience from across the security buying

chain, having served as an installationengineer and in various manufacturer anddistributor sales roles. His expertiseencompasses a deep understanding ofanalogue and IP surveillance and accesscontrol systems from some of the best knownbrands in the security industry.

Previous roles have included engineering atChubb Security, business development atNorbain SD, technical support at SamsungTechwin and his most recent post as technicalsales manager for Focus Security Distribution.

Hopkins commented: “I’m looking forwardto working with our channel partners ondeveloping the successful businessrelationships for which IDIS is well-known.”

Andrew Osborne and David TaylorThe Security Systems and Alarms InspectionBoard (SSAIB) – which is celebrating its 20thAnniversary as a fire, security and telecarecertification body – has recruited two newmanned services assessors to join the teamheaded by scheme manager Stephen Grieve.

The duo’s appointments come in the contextof future regulation through mandatorybusiness licensing – the most significant factoraffecting the security industry since theSecurity Industry Authority introducedindividual licensing under the Private SecurityIndustry Act 2001.

Andrew Osborne (pictured) joins the SSAIB tocover the south of England. He brings with himan extensive and wide-ranging 40-year trackrecord of business experience includingsecurity screening and training, Health andSafety management and risk assessments withcompanies including G4S.

Osbourne’s appointment to the team ismirrored by David Taylor’s recruitment to coverthe Midlands and the north of England. Taylorhas a similarly impressive industry CV datingback over 20 years and including roles as anoperations, training and quality and securitymanager for Sigma Security.

Taylor served as a project manager for WilsonJames covering British Airways’ Heathrowheadquarters, as well as being manager ofsecurity and safety services for both thePortman and Coventry Building Societies.

“Bringing on board professionals of Andrewand David’s calibre is a significant step for theSSAIB as we invest in our regional mannedservices assessment capability in the run-up tothe anticipated 2015 introduction of businesslicensing,” commented Stephen Grieve, “withall of the important implications involved inthat process.”

Andrew PigramAndrew Pigram joinsAMG Systems – theBritish manufacturer ofCCTV transmissionsolutions – in the role ofsales and marketingdirector. In addition,and as part of thecompany’s drive intonew industry sectors, Sara Bullock nowtakes up the newly-created position ofbusiness development director.

Speaking about Pigram joining thecompany, AMG Systems’ founder andmanaging director Alan Hayes commented:“Ethernet and IP are becoming thetechnology of choice in terms of systems.We’re designing and manufacturing highfunctionality managed switches specificallyfor the security industry. AMG can make surethese solutions are totally fit for purposeand include all the added features necessaryfor this market. Andrew’s depth ofknowledge will drive forward thissophisticated UK-based expertise such thatit reaches growing global markets.”

On his new appointment, Pigram stated:“I’ve known and worked with AMG Systems’solutions for many years. The challenge ofhelping to shape the future of the businessis irresistible.”

Pigram joins AMG after having worked fora decade at Norbain, one of the largestsecurity and surveillance solutionsdistributors in the UK. He boasts more than20 years’ experience in leading marketingand business development teams havingworked across international B2B companies.

Pigram holds a BEng (Hons) in Computerand Control Systems Engineering.

Appointments December2014_riskuk_dec14 09/12/2014 11:42 Page 66

ACCESS CONTROL - BARRIERS, BOLLARDS & ROADBLOCKERSHEALD LTDHVM High Security Solutions "Raptor" "Viper" "Matador", Shallow & Surface MountSolutions, Perimeter Security Solutions, Roadblockers, Automatic & Manual Bollards,Security Barriers, Traffic Flow Management, Access Control SystemsTel: 01964 535858 Email: [email protected]: www.heald.uk.com

ACCESS CONTROLKERI SYSTEMS UK LTDTel: + 44 (0) 1763 273 243Fax: + 44 (0) 1763 274 106Email: [email protected]

ACCESS CONTROL – BARRIERS GATES & ROAD BLOCKERSFRONTIER PITTSCrompton House, Crompton Way, Manor Royal Industrial Estate,Crawley, West Sussex RH10 9QZTel: 01293 548301 Fax: 01293 560650Email: [email protected]: www.frontierpitts.com

ACCESS CONTROL

ACCESS CONTROL – BIOMETRICS, BARRIERS, CCTV, TURNSTILESUKB INTERNATIONAL LTDPlanet Place, Newcastle upon TyneTyne and Wear NE12 6RDTel: 0845 643 2122Email: [email protected] Web: www.ukbinternational.com

ACCESS CONTROL MANUFACTURERNORTECH CONTROL SYSTEMS LTD.Nortech House, William Brown CloseLlantarnam Park, Cwmbran NP44 3ABTel: 01633 485533Email: [email protected]

ACCESS CONTROLAPT SECURITY SYSTEMSThe Power House, Chantry Place, Headstone Lane, Harrow, HA3 6NYTel: 020 8421 2411Email: [email protected]

B a r r i e r s , B l o c k e r s , B o l l a r d s , P A S 6 8

ACCESS CONTROLACTACT – Ireland, Unit C1, South City Business CentreTallaght, Dublin 24 Tel: +353 (0)1 4662570ACT - United Kingdom, 2C Beehive MillJersey Street, Manchester M4 6JG +44 (0)161 236 [email protected] www.act.eu

ACCESS CONTROL & DOOR HARDWAREALPRO ARCHITECTURAL HARDWAREProducts include Electric Strikes, Deadlocking Bolts, Compact Shearlocks,Waterproof Keypads, Door Closers, Deadlocks plus many more T: 01202 676262 Fax: 01202 680101E: [email protected] Web: www.alpro.co.uk

ACCESS CONTROLCOVA SECURITY GATES LTDBi-Folding Speed Gates, Sliding Cantilevered Gates, Road Blockers & BollardsConsultancy, Design, Installation & Maintenance - UK Manufacturer - PAS 68Tel: 01293 553888 Fax: 01293 611007Email: [email protected]: www.covasecuritygates.com

...andlots

more

ComputerSecurity

Anti-Climb Paints& Barriers

Metal Detectors(inc. Walkthru)

Security, Search& Safety Mirrors

Security Screws &Fastenings

Key ControlProducts

Empty Property &Lone Worker Alarms

Traffic Flow &Management

see ourwebsite

Best Value Security Products from Insight Securitywww.insight-security.com Tel: +44 (0)1273 475500

www.insight-security.com Tel: +44 (0)1273 475500

ACCESS CONTROL – SPEED GATES, BI-FOLD GATESHTC PARKING AND SECURITY LIMITED4th Floor, 33 Cavendish Square, London, W1G 0PWT: 0845 8622 080 M: 07969 650 394F: 0845 8622 090info@htcparkingandsecurity.co.ukwww.htcparkingandsecurity.co.uk

ACCESS CONTROLINTEGRATED DESIGN LIMITEDIntegrated Design Limited, Feltham Point, Air Park Way, Feltham, Middlesex. TW13 7EQTel: +44 (0) 208 890 5550 [email protected]

ACCESS CONTROL, CCTV & INTRUSION DETECTION SPECIALISTSSIEMENS SECURITY PRODUCTSSuite 7, Castlegate Business ParkCaldicot, South Wales NP26 5AD UKMain: +44 (0) 1291 437920 Fax: +44 (0) 1291 437943 email: [email protected]: www.siemens.co.uk/securityproducts

oct14 dir_000_RiskUK_jan14 07/11/2014 16:42 Page 1

BUSINESS CONTINUITY MANAGEMENTCONTINUITY FORUMCreating Continuity ....... Building ResilienceA not-for-profit organisation providing help and supportTel: +44(0)208 993 1599 Fax: +44(0)1886 833845Email: [email protected]: www.continuityforum.org

AUTOMATIC VEHICLE IDENTIFICATIONNEDAP AVIPO Box 103, 7140 AC Groenlo, The NetherlandsTel: +31 544 471 666Fax: +31 544 464 255E-mail: [email protected]

BUSINESS CONTINUITY

PHYSICAL IT SECURITYRITTAL LTD

Tel: 020 8344 4716Email: [email protected]

CCTV

CCTV & IP SECURITY SOLUTIONS PANASONIC SYSTEM NETWORKS EUROPEPanasonic House, Willoughby Road Bracknell, Berkshire RG12 8FP Tel: 0844 8443888 Fax: 01344 853221 Email: [email protected] Web: www.panasonic.co.uk/cctv

CCTVG-TECGtec House, 35-37 Whitton DeneHounslow, Middlesex TW3 2JNTel: 0208 898 [email protected]

DIGITAL IP CCTVSESYS LTDHigh resolution ATEX certified cameras, rapid deployment cameras and fixed IP CCTV surveillance solutions available withwired or wireless communications.1 Rotherbrook Court, Bedford Road, Petersfield, Hampshire, GU32 3QGTel +44 (0) 1730 230530 Fax +44 (0) 1730 262333Email: [email protected] www.sesys.co.uk

ACCESS CONTROLSECURE ACCESS TECHNOLOGY LIMITED

Authorised Dealer

Tel: 0845 1 300 855 Fax: 0845 1 300 866Email: [email protected]: www.secure-access.co.uk

COMMUNICATIONS & TRANSMISSION EQUIPMENTKBC NETWORKS LTD. Barham Court, Teston, Maidstone, Kent ME18 5BZwww.kbcnetworks.com Phone: 01622 618787Fax: 020 7100 8147Email: [email protected]

CCTV/IP SOLUTIONSDALLMEIER UK LTD3 Beaufort Trade Park, Pucklechurch, Bristol BS16 9QHTel: +44 (0) 117 303 9 303Fax: +44 (0) 117 303 9 302Email: [email protected]

MANUFACTURERS OF A COMPLETE RANGE OF INNOVATIVE INFRA RED AND WHITE LIGHT LED LIGHT-ING PRODUCTS FOR PROFESSIONAL APPLICATIONS INCLUDING CCTV SCENE ILLUMINATION, ARCHITECTURAL UP-LIGHTING AND COVERT SECURITY.

ADVANCED LED TECHNOLOGY LTDSales: +44 (0) 1706 363 998Technical: +44 (0) 191 270 5148Email: [email protected]

CCTV POLES, COLUMNS, TOWERS AND MOUNTING PRODUCTSALTRON COMMUNICATIONS EQUIPMENT LTDTower House, Parc Hendre, Capel Hendre, Carms. SA18 3SJTel: +44 (0) 1269 831431Email: [email protected]: www.altron.co.uk

ACCESS CONTROL – BARRIERS, GATES, CCTV ABSOLUTE ACCESSAberford Road, Leeds, LS15 4EFTel: 01132 813511E: richard.samwell@absoluteaccess.co.ukwww.absoluteaccess.co.ukAccess Control, Automatic Gates, Barriers, Blockers, CCTV


TO ADVERTISE HERE CONTACT:Paul Amura

Tel: 020 8295 8307Email: [email protected]


CONTROL ROOM & MONITORING SERVICES

DISTRIBUTORS

INFRA-RED, WHITE-LIGHT AND NETWORK CCTV LIGHTING RAYTECUnit 3 Wansbeck Business Park, Rotary Parkway,Ashington, Northumberland. NE638QWTel: 01670 520 055Email: [email protected] Web: www.rayteccctv.com

THE UK’S MOST SUCCESSFUL DISTRIBUTOR OF IP, CCTV, ACCESSCONTROL AND INTRUDER DETECTION SOLUTIONSNORBAIN SD LTD210 Wharfedale Road, IQ Winnersh, Wokingham, Berkshire, RG41 5TPTel: 0118 912 5000 Fax: 0118 912 5001www.norbain.comEmail: [email protected]

ADI ARE A LEADING GLOBAL DISTRIBUTOR OF SECURITY PROD-UCTS OFFERING COMPLETE SOLUTIONS FOR ANY INSTALLATION.ADI GLOBAL DISTRIBUTIONChatsworth House, Hollins Brook Park, Roach Bank Road, Bury BL9 8RNTel: 0161 767 2900 Fax: 0161 767 2909Email: [email protected]

TRADE ONLY CCTV MANUFACTURER AND DISTRIBUTOR

COP SECURITYLeading European Supplier of CCTV equipment all backed up by an industry leading service and supportpackage called Advantage Plus. COP Security, a division of Weststone Ltd, has been designing, manufac-turing and distributing CCTV products for over 17 years. COP Security is the sole UK distributor for IRLAB products and the highly successful Inspire DVR range.More than just a distributor.

COP Security, Delph New Road, Dobcross, OL3 5BGTel: +44 (0) 1457 874 999 Fax: +44 (0) 1457 829 [email protected] www.cop-eu.com

CCTV SPECIALISTSPLETTAC SECURITY LTDUnit 39 Sir Frank Whittle Business Centre, Great Central Way, Rugby, Warwickshire CV21 3XHTel: 0844 800 1725 Fax: 01788 544 549 Email: [email protected] www.plettac.co.uk

ADVANCED MONITORING SERVICES EUROTECH MONITORING SERVICES LTD.Specialist in:- Outsourced Control Room Facilities • Lone Worker Monitoring• Vehicle Tracking • Message Handling • Help Desk Facilities • Keyholding/Alarm ResponseTel: 0208 889 0475 Fax: 0208 889 6679E-MAIL [email protected]: www.eurotechmonitoring.com

CCTV & IP SOLUTIONS, POS & CASH REGISTER INTERFACE, EPOSFRAUD DETECTIONAMERICAN VIDEO EQUIPMENTEndeavour House, Coopers End Road, Stansted, Essex CM24 1SJTel : +44 (0)845 600 9323Fax : +44 (0)845 600 9363E-mail: [email protected]

WHY MAYFLEX? ALL TOGETHER. PRODUCTS, PARTNERS,PEOPLE, SERVICE – MAYFLEX BRINGS IT ALL TOGETHER.MAYFLEXExcel House, Junction Six Industrial Park, Electric Avenue, Birmingham B6 7JJTel: 0800 881 5199Email: [email protected]: www.mayflex.com

EMPLOYEE SCREENING SERVICESTHE SECURITY WATCHDOGCross and Pillory House, Cross and Pillory Lane, Alton,Hampshire, GU34 1HL, United Kingdom www.securitywatchdog.org.ukTelephone: 01420593830

sales@onlinesecurityproducts.co.ukwww.onlinesecurityproducts.co.uk

FIRE AND SECURITY INDUSTRY RECRUITMENTSECURITY VACANCIESwww.securityvacancies.comTelephone: 01420 525260

EMPLOYMENT

IDENTIFICATION



SECURITY PRODUCTS AND INTEGRATED SOLUTIONSHONEYWELL SECURITY GROUPHoneywell Security Group provides innovative intrusion detection, videosurveillance and access control products and solutions that monitor andprotect millions of facilities, offices and homes worldwide. Honeywell integrates the latest in IP and digital technology withtraditional analogue components enabling users to better controloperational costs and maximise existing investments in security andsurveillance equipment. Honeywell – your partner of choice in security.Tel: +44 (0) 844 8000 235E-mail: [email protected] Web: www.honeywell.com/security/uk

INTEGRATED SECURITY SOLUTIONS

THE LEADING CERTIFICATION BODY FOR THE SECURITY INDUSTRYSSAIB7-11 Earsdon Road, West MonkseatonWhitley Bay, Tyne & WearNE25 9SXTel: 0191 2963242Web: www.ssaib.org

INDUSTRY ORGANISATIONSPLANNED PREVENTATIVE MAINTENANCE

TRADE ASSOCIATION FOR THE PRIVATE SECURITY INDUSTRYBRITISH SECURITY INDUSTRY ASSOCIATIONTel: 0845 389 3889Email: [email protected]: www.bsia.co.uk

INTEGRATED SECURITY SOLUTIONSINNER RANGE EUROPE LTDUnits 10 - 11, Theale Lakes Business Park, Moulden Way, Sulhampstead,Reading, Berkshire RG74GB, United KingdomTel: +44(0) 845 470 5000 Fax: +44(0) 845 470 5001Email: [email protected]

PERIMETER PROTECTIONGPS PERIMETER SYSTEMS LTD14 Low Farm Place, Moulton ParkNorthampton, NN3 6HY UKTel: +44(0)1604 648344 Fax: +44(0)1604 646097E-mail: [email protected] site: www.gpsperimeter.co.uk

SECURITY MAINTENANCE CONSULTANTS• Planned Preventative Maintenance (PPM) Specialists • Price Comparison Service (achieving 20-70% savings)• FM Support / Instant Reporting / Remedial Work• System Take-Overs / Upgrades / Additions• Access, CCTV, Fire & Intruder, BMS, Networks & Automation• Free independent, impartial advice Tel: +44 (0)20 7097 8568 [email protected]

UPS - UNINTERRUPTIBLE POWER SUPPLIESADEPT POWER SOLUTIONS LTDAdept House, 65 South Way, Walworth Business ParkAndover, Hants SP10 5AFTel: 01264 351415 Fax: 01264 351217Web: www.adeptpower.co.ukE-mail: [email protected]

POWER SUPPLIES – DC SWITCH MODE AND ACDYCON LTDCwm Cynon Business Park, Mountain Ash, CF45 4ERTel: 01443 471 060 Fax: 01443 479 374Email: [email protected]

The Power to Control; the Power to Communicate

POWER

PERIMETER PROTECTION

STANDBY POWERUPS SYSTEMS PLCHerongate, Hungerford, Berkshire RG17 0YUTel: 01488 680500 [email protected]

INFRARED DETECTIONGJD MANUFACTURING LTDUnit 2 Birch Industrial Estate, Whittle Lane, Heywood, Lancashire, OL10 2SXTel: + 44 (0) 1706 363998Fax: + 44 (0) 1706 363991Email: [email protected]

UPS - UNINTERRUPTIBLE POWER SUPPLIESUNINTERRUPTIBLE POWER SUPPLIES LTDWoodgate, Bartley Wood Business ParkHook, Hampshire RG27 9XATel: 01256 386700 5152 e-mail:[email protected]

COMPLETE SOLUTIONS FOR IDENTIFICATIONDATABAC GROUP LIMITED1 The Ashway Centre, Elm Crescent, Kingston upon Thames, Surrey KT2 6HHTel: +44 (0)20 8546 9826 Fax:+44 (0)20 8547 [email protected]

STANDBY POWER SPECIALISTS; UPS, GENERATORS, SERVICE & MAINTENANCE

DALE POWER SOLUTIONS LTDSalter Road, Eastfield Industrial Estate, Scarborough, North Yorkshire YO113DU United KingdomPhone: +44 1723 583511 Fax: +44 1723 581231www.dalepowersolutions.com

SECURITY PRODUCTS AND INTEGRATED SOLUTIONSTYCO SECURITY PRODUCTSHeathrow Boulevard 3, 282 Bath Road, Sipson, West Drayton. UB7 0DQ / UKTel: +44 (0)20 8750 5660 www.tycosecurityproducts.com



SECURITY

CASH MANAGEMENT SOLUTIONS LOOMIS UK LIMITED 1 Alder Court, Rennie Hogg Road, Nottingham, NG2 1RX T - 0845 309 6419 E - [email protected] W - www.loomis.co.uk

CASH & VALUABLES IN TRANSITCONTRACT SECURITY SERVICES LTDChallenger House, 125 Gunnersbury Lane, London W3 8LHTel: 020 8752 0160 Fax: 020 8992 9536E: [email protected]: [email protected]: www.contractsecurity.co.uk

PHYSICAL CONTROL PRODUCTS, ESP. ANTI-CLIMB INSIGHT SECURITYUnit 2, Cliffe Industrial EstateLewes, East Sussex BN8 6JLTel: 01273 475500Email:[email protected]

FENCING SPECIALISTSJ B CORRIE & CO LTDFrenchmans RoadPetersfield, Hampshire GU32 3APTel: 01730 237100Fax: 01730 264915email: [email protected]

INTRUSION DETECTION AND PERIMETER PROTECTION

OPTEX (EUROPE) LTDRedwall® infrared and laser detectors for CCTV applications and Fiber SenSys® fibreoptic perimeter security solutions are owned by Optex. Platinum House, Unit 32BClivemont Road, Cordwallis Industrial Estate, Maidenhead, Berkshire, SL6 7BZTel: +44 (0) 1628 631000 Fax: +44 (0) 1628 636311Email: [email protected] www.optex-europe.com

V

INTRUDER AND FIRE PRODUCTSCQR SECURITY125 Pasture road, Moreton, Wirral UK CH46 4 THTel: 0151 606 1000Fax: 0151 606 1122Email: [email protected]

INTRUDER ALARMS – DUAL SIGNALLINGCSL DUALCOM LTDSalamander Quay West, Park LaneHarefield , Middlesex UB9 6NZT: +44 (0)1895 474 474F: +44 (0)1895 474 440www.csldual.com

INTRUDER ALARMS AND SECURITY MANAGEMENT SOLUTIONSRISCO GROUPCommerce House, Whitbrook Way, Stakehill Distribution Park, Middleton,Manchester, M24 2SSTel: 0161 655 5500 Fax: 0161 655 5501Email: [email protected]: www.riscogroup.com/uk

ONLINE SECURITY SUPERMARKET EBUYELECTRICAL.COMLincoln House,Malcolm StreetDerby DE23 8LTTel: 0871 208 1187www.ebuyelectrical.com

LIFE SAFETY EQUIPMENTC-TECChallenge Way, Martland Park, Wigan WN5 OLD United KingdomTel: +44 (0) 1942 322744Fax: +44 (0) 1942 829867Website: http://www.c-tec.co.uk

PERIMETER SECURITYTAKEX EUROPE LTDAviary Court, Wade Road, BasingstokeHampshire RG24 8PETel: +44 (0) 1256 475555Fax: +44 (0) 1256 466268Email: [email protected]: www.takexeurope.com

SECURITY EQUIPMENTPYRONIX LIMITED Secure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QY. Tel: +44 (0) 1709 700 100 Fax: +44 (0) 1709 701 042 www.facebook.com/Pyronixwww.linkedin.com/company/pyronix www.twitter.com/pyronix

SECURITY SYSTEMSBOSCH SECURITY SYSTEMS LTDPO Box 750, Uxbridge, Middlesex UB9 5ZJTel: 01895 878088Fax: 01895 878089E-mail: [email protected]: www.boschsecurity.co.uk

SECURITY SYSTEMSVICON INDUSTRIES LTD. Brunel Way, Fareham Hampshire, PO15 5TX United Kingdomwww.vicon.com

SECURITY EQUIPMENTCASTLESecure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QYTEL +44 (0) 1709 700 100 FAX +44 (0) 1709 701 042www.facebook.com/castlesecurity www.linkedin.com/company/castlesecuritywww.twitter.com/castlesecurity

INTRUDER ALARMS – DUAL SIGNALLINGWEBWAYONE LTD11 Kingfisher Court, Hambridge Road, NewburyBerkshire, RG14 5SJTel: 01635 231500Email: [email protected] www.webwayone.co.ukwww.twitter.com/webwayoneltd www.linkedin.com/company/webwayone



Maximize performance in low lightWouldn’t it be helpful if you could rely on clear and relevant images regardless of the lighting conditions? With the DINION IP starlight 8000 MP camera, Bosch off ers a new quality standard in round-the-clock video surveillance. Regardless of lighting conditions, time-of-day or object movement, the camera delivers relevant IP video 24/7. With its impressive technical specifi cations, this is the ultimate 24/7 camera. Learn more at uk.boschsecurity.com

Our focus is to make darkness totally visible
