A U S T R A L A S I A’ S L E A D I N G S E C U R I T Y R E S O U R C E F O R B U S I N E S S A N D G O V E R N M E N T
ISSUE #103 SEP/OCT 2016
ISSN 1833 0215
$9.95 inc GST / $10.95 NZ
Welcome to the NEW Normal
NEED SERIOUS SECURITY? THE ANSWER IS EZI!
Ezi Security designs, manufactures and installs a premium range of electronic perimeter security products designed for both vehicle and pedestrian control. These consisting of a wide range of security products suitable for low to high-risk applications. Ezi Security Systems has been manufacturing quality security products for over twenty-one years with equipment is installed in some of the very harshest of environments the planet has to offer. And all with outstanding results. While Ezi has a commitment to innovative design and quality products we also fully understand the importance of easy and efficient after sales service. Ezi Security Systems services and maintain the products we sell to ensure that your critical infrastructure and personnel are protected at all times. “ALL EZI SECURITY SYSTEM PRODUCTS ARE BUILT TO LAST A RELIABLE THIRTY YEAR (PLUS) PRODUCT LIFE SPAN WHEN MAINTAINED”
Ezi Security Systems has the most extensive offering of Hostile vehicle barrier products (HVB’s) and has the expertise to design and secure any critical infrastructure or site of national importance. Ezi has an extensive range AVB and HVB Crash Certified products such as the world famous TruckStopper, the renowned K12 Wedge, crash boom beams and crash rated static and automatic bollards. Ezi Security Systems has all the realistic solutions to meet your high security requirements while maintaining an aesthetically pleasing solution for your site. All Ezi Security System AVB & HVB have been vigorously crash tested and certified to meet all ASTM, IWA and PAS 68 stipulations. Ezi Security and its partners continue to the push boundaries on all crash products with our in-house R&D security experts providing market leading products designs. This specialist ability also involves our renowned installation expertise and advice with the all important civil work design & engineering. Ezi Security believes in pushing design frontiers for its products to keep pace with marketplace and security priorities. This year alone Ezi and PPG have successfully worked with CTS and crash tested to Pas 68 in 2016 the following products:
•
M30 Bollard Performance rating V/7500[N2]/48/90:0.0/0.0
•
M50 Bollard Performance rating V/7200[N3C]/80/90:5.5
•
Wedge II Performance rating V/7500[N3]/80/90:0.0/20.7 (tested with 4 m blocking width)
With our highly chosen business partners being the best in their field and coupled with our own Ezi Security R&D in house design team Ezi Security continue to push boundaries on market leading and state of the art crash rated designed products. Our ability also involves installation expertise and advice with all important civil work design & engineering.
Ezi also takes pride to provide our clients with more than just perimeter security solutions. We also offer a quality range of internal pedestrian control products from Werra Entrance Control. The Werra Entrance Control range compliments perfectly the already strong offering of pedestrian security control that Ezi Security currently offers to the market. The range includes a wide variety of systems suitable for pedestrian access management that includes the ability to hold and isolate persons of interest and/or concern. Ezi Security again has a quality product for every threat and contingency for building personnel security. All products offer quick access for authorised persons and reliable protection against unauthorised access. With a flow rate of up to 35/min even large flows of people can be monitored and controlled effectively. Werra Entrance Control not only stands for innovative for the individual’s passage of person, but also is an extension for our philosophy of being a professional fullservice provider of all components within perimeter security and access control. Ezi Security Systems, and their business partners, are privileged to be protecting some of the most prestige and iconic man made marvels of the modern era from the Burj Khalifa Tower in Dubai to Australia’s very own Parliament House in Canberra.
IF SERIOUS SECURITY IS YOU REQUIREMENT, LOOK NO FURTHER THAN EZI! FIND OUT MORE ABOUT US!
AUSTRALIA NATIONAL
1300 558 304 11 Cooper Street Smithfield NSW 2164 www.ezisecurity.com.au sales@ezisecurity.com
CUSTOMISABLE ELECTRIC HEIGHT ADJUSTABLE SIT STAND CONSOLES
Does your control room meet
Australian Ergonomic Standards?
www.activconsole.com
Clayton VIC 3168
Safe Work Australia, Nov 2015
“...in 2012-13 the cost impact of work-related injuries and illnesses was estimated to be just over $61 billion...�
State-of-the-art ergonomic lifting technology Lifetime Australia phone support AS/NZS 4443:1997 & ISO 11064
+61 3 9574 8044
sales@activconsole.com
CONTENTS103
COVER STORY: WELCOME TO THE NEW NORMAL
052
032
With global terror alerts on the rise all across the Western world, one could be forgiven for feeling groups like ISIS seem to grow in reach every day. Has this heightened state of alert become the new normal for the Western world? Or are there genuinely effective strategies for combating radicalisation and terrorism that have not yet been tried and, if so, what are they?
HOW SECURE ARE SECURITY GUARDS? The tragic nightclub shooting in Orlando, Florida, raised scores of questions for politicians, community leaders, managers and law enforcement. But one challenging issue is: How was the Islamic extremist shooter employed as a gun-carrying security guard?
060
CYBERFRAUD TRENDS Cyberfraud and cybertheft tend to be underdetected and underpunished in most countries, including Australia, but it is estimated that the amount being stolen from corporations worldwide at present totals approximately $4.9 trillion a year – or close to five percent of global gross domestic product. What can be done to stem the tide?
068
COUNTERING NEW-STYLE TERRORISM How can we leverage rehabilitation, along with local and international cooperation, to help reduce terrorism?
084
TEN LEADERSHIP PRINCIPLES FOR SECURITY OPERATIONS What makes a successful security leader in the field?
004 SECURITY SOLUTIONS
THE ALL-NEWTXF-125E BATTERY OPERATED QUAD BEAM Introducing the eagerly anticipated TXF-125E; a high performance Quad Beam sensor designed for battery operation - perfectly suited for rapid deployment in creating temporary or permanent secure perimeter intruder systems. With 4 selectable frequencies, multiple beam sets can be used without crosstalk, whilst adjustable detection distance allows a single beam set to be re-deployed in a variety of installations throughout its operational life. Two 3.6V (17Ah) batteries power each unit for up to 5 years of service.
NEW!
ACTIVE IR BEAMS The ultimate in trouble free perimeter detection for distances up to 200m outdoor / 400m indoor.
+61 (3) 9544 2477
email: oz_sales@takex.com
HIGH-MOUNT PIR Triple mirror optics for maximum detection performance at 2 to 6m.
BEAM TOWERS Rugged floor and wall mounted enclosures in 1/1.5/2/3m heights.
INDOOR PIR Spot, 360°, wide angle, and curtain detection from 2 to 4.9m height.
OUTDOOR PIR Hard-wired or battery operated outdoor PIR up to 180° x 12m .
1300 319 499 csd.com.au www.takex.com
TAKEX AMERICA SECURITY SOLUTIONS 005
VIC: Mulgrave, Tullamarine NSW: Northmead, Waterloo ACT: Fyshwick QLD: Loganholme SA: Marleston WA: Balcatta
CONTENTS103 010
LETTER FROM THE EDITOR
012 LEADERSHIP What is the difference between good and bad leadership?
028 EVENTS A look at upcoming industry events. 036 ALARMS We look at the potential growth of IP-enabled equipment in the Asia-Pacific region.
014
CYBER SECURITY Whose responsibility is security in a connected
world?
040
016 RESILIENCE How can planning assumptions undermine resilience? 018
HUMAN RESOURCES How well do you understand your tax obligations for your staff?
020 RISK MANAGEMENT How relevant are crime statistics in risk management?
022 COMMUNICATIONS Rod Cowan looks at the importance of succession planning in security.
024 LEGAL What is a negligent misstatement and how does it affect
OPERATIONS Richard Kay looks at the practical applications of open versus close fist use of force in public safety.
044 CCTV What is the future of video analytics? 048
BUSINESS What is the key to effective communication in a crisis?
058
JUST LAW What are powers of attorney and why, as a security
business owner, do you need one?
072 AVIATION How can the past help improve aviation security? 076 ACCESS CONTROL We look at some of the myths around IP access control.
your business?
026
THINKING ABOUT SECURITY What is the role of security in emergencies?
032
080
PROFESSIONAL DEVELOPMENT Part two in our special series on detecting deceptive behaviour.
060
068
088
SECURITY STUFF
106
PRODUCT SHOWCASES
090
SPOTLIGHTS
110
SHOPTALK Company announcements from within the industry.
096
PROFILES
006 SECURITY SOLUTIONS
SECURITY SOLUTIONS 007
www.securitysolutionsmagazine.com
Editorial Editor: John Bigelow john@interactivemediasolutions.com.au Sub-Editing: Helen Sist, Ged McMahon
Contributors: Bob Ansett, Gary Barnes, Rita Parker, Greg Byrn, Kevin Foster, Rod Cowan, Tony Zalewski, Don Williams, Tony Jaques, Alexander Derricott, Richard Kay, Ryan Talbot, Michael Omeros, Alexei Sidorenko, Anne Speckard, Anna Richards, Clive WIlliams, Darren Egan, Chris Nunn Marcus Toh, Lizz Corbett, Steve Lawson, Ami Tobin.
Advertising keith@interactivemediasolutions.com.au Phone: 1300 300 552
Marketing & Subscriptions admin@interactivemediasolutions.com.au $62.00 AUD inside Aust. (6 Issues) $124.00 AUD outside Aust. (6 Issues)
Design & Production Graphic Design: Jamieson Gross graphics@interactivemediasolutions.com.au Phone: 1300 300 552
Accounts accounts@interactivemediasolutions.com.au Phone: 1300 300 552
Publisher
Interactive Media Solutions ABN 56 606 919 463 Level 1, 34 Joseph St, Blackburn, Victoria 3130 Phone: 1300 300 552 Email: enquiries@interactivemediasolutions.com.au Disclaimer The publisher takes due care in the preparation of this magazine and takes all reasonable precautions and makes all reasonable effort to ensure the accuracy of material contained in this publication, but is not liable for any mistake, misprint or omission. The publisher does not assume any responsibility or liability for any loss or damage which may result from any inaccuracy or omission in this publication, or from the use of information contained herein. The publisher makes no warranty, express or implied with respect to any of the material contained herein. The contents of this magazine may not be reproduced in ANY form in whole OR in part without WRITTEN permission from the publisher. Reproduction includes copying, photocopying, translation or reduced to any electronic medium or machine-readable form.
RS A DE VI
SSOCIATI
ON
ABN 56 606 919 463 Level 1, 34 Joseph St, Blackburn, Victoria 3130 Phone: 1300 300 552 Email: enquiries@interactivemediasolutions.com.au
O
SECURIT Y
PR
RALIA LTD UST FA
O
Written Correspondence to:
Or i g i n a l Si z e
O C I AT I
ON
Y P R OVI D
RIT
CU
D LT
SE
PR O
ASS
SPAAL
AU S T R A L I A
STRALIA LTD AU
SECURITY
RS
OF
E
Official partners with:
SSOCIAT IO N
OF
RS A DE VI
blue colour changed to this colour green.
COPY/ARTWORK/TYPESETTING APPROVAL Please proof read carefully ALL of this copy/artwork/typesetting material BEFORE signing your approval to print. Please pay special attention to spelling, punctuation, dates, times, telephone numbers, addresses etc, as well as layout.It is your responsibility to bring to our attention any corrections. Minuteman Press assumes no responsibility for errors after a proof has been authorised to print and print re-runs will be at your cost. Signed.................................................................. Date........................
008 SECURITY SOLUTIONS
GAIN CONTROL WITH ONEVIEW Defuse situations quicker with a truly unified security control room solution Saab’s OneView is a next-generation physical security information management integration platform that provides unprecedented levels of subsystem integration in mission-critical infrastructure environments. OneView empowers operators to respond effectively and efficiently to the most stressful situations. Offering accurate intuitive situation awareness, a simple operator interface, fast detection-response and comprehensive support for post action analysis, OneView is the ultimate choice for modern surveillance and security operations. You can rely on Saab’s thinking edge to bring your control room under real control. saab.com/australia
SECURITY SOLUTIONS 009
LETTER FROM THE EDITOR
It seems there is not a day that goes by anymore when we do not hear news of a terrorist bombing or attack taking place somewhere in the world. And while many of these attacks still seem to occur in countries like Iraq, Pakistan, Afghanistan and so on, an increasing number are taking place in areas like Europe, the United States and England – places the Western world for many years considered to be largely beyond such attacks. Australia’s relative isolation has provided its population a degree of protection from the kinds of tragedies witnessed in other countries over the last few years, but for how long can we continue to be lucky? Some might consider the word ‘lucky’ somewhat unfair, as our intelligence agencies and police have played no small part in uncovering, preventing and dismantling more plots and attempts at terrorist attacks in this country than any average Australian might care to know about. So ‘lucky’ could be considered a somewhat pejorative term in this context. However, to paraphrase the Hon. Philip Ruddock MP, Australia’s former Attorney General, “We (meaning Australia’s government, intelligence and policing apparatus) have to get it right 100 percent of the time. Terrorists only need to get it right once.” In this context, we have been lucky to date in that, while we have experienced some smaller incidents, Australia is yet to experience a mass casualty event in the vein of a 9/11-style attack. With the growing global unrest, the increased activity by groups like ISIS on the back of years of activity from al-Qaida, and an impending sense of something larger to come in Australia, it is not uncommon to hear average Australians (people outside of the security industry) asking when we might see a diminishing of terrorist activity and a return to pre-9/11 conditions. Television commentators, news anchors, columnists and radio presenters all seem to express the same exasperation and fear with every new attack, as if it is something new or unexpected. The concern, however, is that businesses express the same shock and surprise. We might expect a level of sensationalism from the broader media, as that is what sells newspapers and airtime. But the business leaders really need to take a more realistic approach to what is happening globally if we are to have any hope of preventing a mass casualty terrorist attack. We cannot keep acting as if each attack is an unexpected and isolated shock. The reality is, the world has changed. As sad as it is to say, the current state of global unrest and increased threat is the new normal and it would behoove the business sector to plan and act accordingly. In the context of a terrorist attack, the idea that one should not put resources into planning for and mitigating something that might never happen is a mindset that is about five to seven years out of date. To wait for a major incident before committing resources is akin to planting saplings when you need shade – by then it is just too late.
John Bigelow Editor
010 SECURITY SOLUTIONS
REGULAR
LEADERSHIP Leadership By Example By Bob Ansett
Although I didn’t think so at the time being drafted into the US Army while living in America was the best thing that could have happened to me. I was 19 years old and had just finished high school with the intention of going on to university in California when Uncle Sam called. During my three-month Basic Training course I quickly learned self-discipline, self-reliance and developed a grudging admiration for the leadership skills exhibited by the sergeant preparing us for military service. His leadership competencies were founded on army principals of Integrity, Respect and Discipline. He had a clear vision of what we needed to learn and conveyed it passionately. From start to finish his focus was on teamwork and the need to look after one another, as there was a very strong likelihood we would see combat in Korea at the conclusion of basic training. Throughout, he led from the front through every aspect of the three-month campaign designed to ensure we were prepared both mentally and physically for the task ahead. As a by product of this training, I came to better understand and appreciate the historic role played by the military as an incubator for the development of future leaders. Co-incidentally, the President of the United States during this period was Dwight Eisenhower, formerly a five star general and Supreme Allied Commander Europe during World War 2. Likewise, General Douglas McArthur was Commander US Forces Far East and was ultimately given the task of rebuilding Japan after the War. This included crafting a new constitution that would move the country from centuries of
012 SECURITY SOLUTIONS
feudal military dictatorship to a constitutional monarchy with an elected legislature. In doing so, McArthur drew on all of his leadership skills in changing an imbedded culture while persuading the Japanese it was in their interests to do so. Both displayed extraordinary leadership skills in bringing to a close a world war and then going on to govern from the highest offices of the victor and vanquished countries. In doing so, both demonstrated leadership of the highest level developed from their early days at the West Point Military Academy. Their most obvious skill was an ability to clearly define a vision of what they wanted to achieve and to passionately inspire their followers to work together to achieve the vision. Both were good listeners drawing on what they heard to help them make decisive decisions. They led from the front at all times and reflected a ‘can do’ persona. Interestingly, good leaders seem to have a natural sense of humour, are incredibly energetic and display moral and effective courage. However, not one size fits all, as leadership styles can vary considerably. There are Autocratic, Democratic and Charismatic leaders and all can be effective in varying circumstances. Eisenhower would probably fit into the democratic category of leadership. His definition of leadership was, “Leadership is the art of getting someone to do something you want done because he wants to”. McArthur on the other hand was more autocratic with a certain charisma that he used to good effect in rebuilding Japan. His view of leadership was, “A General is just as good or just as bad as the troops under his command make him”.
We witnessed an outstanding example of leadership by the Australian Chief of Army, Lieutenant General David Morrison, responding to a sexual assault and bullying scandal within the military. He produced a three-minute YouTube video that went viral with over 1.5 million hits, that conveyed a refreshing message to the troops displaying leadership at its finest. His message was delivered in plain English and clearly wasn’t filtered through a focus group or edited by HR bureaucrats and everyone who watched it knew he meant every word of it. He told the army in no uncertain terms exactly what he expected from it. Military leadership is not confined to the generals but permeates through every command level. Our most recent Victoria Cross recipients exemplify this culture. Corporal Ben RobertsSmith, Trooper Mark Donaldson and Corporal Daniel Keighran were all Non Commissioned Officers who displayed incredible individual leadership under fire in Afghanistan. Likewise, businesses can benefit greatly by encouraging leadership development throughout their organisations. Empowering employees at all levels to take responsibility and exert leadership as required. This frequently leads to increased productivity and a much happier workforce.
Bob Ansett is the founder of Bob Ansett Marketing, a consulting firm in the field of customer service. Bob is also a familiar name in Australian business, synonymous with Budget Rent a Car, which he established in 1965. Bob can be contacted at bob@bobansett.com.au
PR N O EW D U C T!
For over 30 years Perimeter Systems Australia has been delivering Perimeter Intrusion Detection Systems (PIDS) to Critical Infrastructure, Government, Industrial and large Commercial customers.
The latest threat to security, just got [detected]
Features • • • • •
360° Asymmetrical Detection 1,000 metre detection Radius Radio Frequency Detection Drone and Operator GPS Coordinates Integrates with existing systems
Palmgrove Business Park, D413-15 Forrester St. Kingsgrove NSW info@perimetersystems.com.au | www.perimetersystems.com.au
In the wrong hands drones literally add a new dimension to eavesdropping and spying on facilities, individuals and infrastructures in a wide variety of environments and industries. They have the power to shrink the realm of public safety, privacy and physical security. Few other technologies have this much power.
Call us on (02) 9150 0651 or visit www.perimetersystems.com.au SECURITY SOLUTIONS 013
REGULAR
CYBER SECURITY Secure By Design By Garry Barnes With the security of connected devices continuing to be an ongoing concern for manufacturers and consumer alike, where does the responsibility lie? The Internet of Things (IoT) continues to grow as consumers, businesses and governments recognise the benefit of connecting devices to the Internet, be it smartphones, wearable devices or smart homes. What once was the plot of creative Hollywood blockbuster movies is now becoming a reality. It is estimated that the number of connected devices in use by 2020 will be 30 billion, one in five cars will be connected vehicles in the next five years and, by 2025, the IoT is predicted to have a global economic impact of US $11 trillion. (McKinsey, 2015) The growing presence of connected devices is increasing efficiency in homes, workplaces and other areas of life that have seen the introduction of the IoT. Despite the expansion of connected devices, there remains a number of consumers who are reluctant to adopt the IoT due to security concerns. One of the reasons for this is that security often remains an afterthought when developing a device that, once in the hands of the consumer, may contain vulnerable software, making the consumer an easy target for being hacked. Considering that security and data privacy continue to have an impact on the way consumers engage with a device (to buy or not to buy), one argument is that manufacturers should be increasingly migrating towards the early installation of necessary security measures. According to ISACA’s 2015 IT Risk/ Reward Barometer study, 72 percent of IT and cybersecurity professionals say manufacturers are not implementing sufficient security in IoT devices. The allocation of security testing often sits further down the development chain, meaning security vulnerabilities can be overlooked or ignored when a product launches to market. This is especially true if the testing could delay the product hitting the market. But
014 SECURITY SOLUTIONS
security and data privacy concerns are critical issues for manufacturers to consider before commencing development. Some manufacturers argue about the costly and untimely setbacks caused by having to address security requirements early in the development cycle and, while this may be a valid argument from a marketing perspective, building security controls into systems from the get-go is far more cost effective than adding them later in the development cycle, or worse, after deployment, when the vulnerability becomes public. A recent US study identifies that almost 50 percent of consumers say that a company is unable to win back their confidence after it had lost personal data. (Humphries, 2014) Consumers are generally under the impression that a device is manufactured with their security and privacy expectations in mind. The 2015 IT Risk/Reward Barometer study also showed 65 percent of Australian consumers are confident they understand and can control the security on the IoT devices they own. But should that trust be eroded, not surprisingly, more than two-thirds of consumers in the US, UK and Germany revealed that they would drop a company after it had been subjected to a hack. (Centrify Consumer Trust Survey) According to ISACA’s Australian cybersecurity and IT professionals surveyed for the study, device manufacturers are falling short. More than seven in 10 do not think current security standards sufficiently address the IoT and believe that updates and/or new standards are needed. Privacy also is an issue; 90 percent believe that device makers do not make consumers sufficiently aware of the type of information the devices can collect. So the argument at play contests whether consumers should be more wary of their security and privacy when dealing with connected devices, or whether the manufacturers should be increasing their standards and developing connected devices that do not have any security flaws.
Despite this conjecture of the onus being placed on the manufacturer, consumers also have a part to play in ensuring a device is secure enough for their needs. Would anyone buy a bag with a broken zipper or a car with no locks? No. The same can be said for connected devices. If secure code is not installed in the first instance, a device may not function as can be expected. Security is everyone’s responsibility – from the developer to the manufacturer and right through to the consumer. While there is a need for developers to be competent in secure coding, or work with security experts to go through testing procedures as the development occurs, consumers also need to take responsibility for their security by using a device in a secure manner, such as applying adequate password protection, ensuring secure Wi-Fi connections and encrypting all sensitive information. Consumers also can vote with their wallets and only buy devices that can be automatically updated with security upgrades and that enable social media sharing to be opt-in. For example, currently, most smart home devices are fixed function devices, meaning once they are shipped and installed they cannot be upgraded to add security. This leaves home owners vulnerable to hacks if there are holes in the security design and software. As mentioned, software security is often overlooked as a business imperative. However, there are a number of manufacturers that are aware of the need to build secure products before they are launched to market – thus limiting the potential for data breaches. And what sets these manufacturers apart from those that do not look to build secure devices from the get-go? They understand the need to be secure by design. It is not just about patching up vulnerabilities after the system is created, but building software from the start with the right security components to ensure that security is intrinsically embedded and not left as an afterthought.
Series 280 is an IP66 rated industrial 19” cabinet for harsh and unforgiving environments – air conditioning available.
The last thing on your mind is the first thing on ours.
DESIGNERS & MANUFACTURERS OF 19” RACK SYSTEMS
Whether it’s ready-made, pre-configured or custom racking solutions, MFB’s short turnaround capabilities speed your product from the warehouse to where they should be – fast. Our unwavering commitment to timely delivery ensures your projects run on time, every time, reducing deadline pressures while maximising results. With a solid history of over 45 years supplying innovative, off-the-shelf and custom built racking systems, you can rely on MFB for consistent delivery, on time, every time.
AUSTRALIAN MADE MAKES AUSTRALIA
www.mfb.com.au
VIC NSW -
P (03) 9801 1044 P (02) 9749 1922
F (03) 9801 1176 F (02) 9749 1987
E sales@mfb.com.au E sydney@mfb.com.au
SECURITY SOLUTIONS 015
REGULAR
RESILIENCE Planning Assumptions Can Undermine Resilience By Dr Rita Parker
In the previous article about resilience, I highlighted the importance of testing existing corporate and organisational plans, which include all forms of crisis, emergency, security, risk and continuity plans. It was emphasised that the plans are only useful if they are relevant and effective. A critical issue in both the development of plans and testing them is the underlying assumptions. These need to be accurate and objective, because this goes to the heart of the resilience of each organisation. The assumptions around pandemic response plans provide a good example to consider, particularly as such plans have security as well as other implications. Organisations around the globe developed pandemic response plans following the outbreak of a series of global infectious diseases including H5N1 (bird flu) and Severe Acute Respiratory Syndrome (SARS) in 2003, and H1N1 (swine flu) in 2009. Some organisational response plans were very simple and were limited to telling people to wash their hands, cough into their elbow and limit physical contact, such as not shaking hands with colleagues. Others developed elaborate plans about projected employee attrition rates, potential negative impacts on production levels or service delivery and supply chains and so on, while other organisations were more concerned about the optics of the potential crisis and issued face masks to employees emblazoned with company logos and handed out pamphlets. As is known from the World Health Organization, estimating the actual number of individual cases of an infectious disease and associated deaths is difficult because many people do not seek medical care and only a small number of those
016 SECURITY SOLUTIONS
who seek care are tested. This has implications for planners and any assumption about who will turn up to work and whether they might be a carrier of an infectious disease needs to be considered objectively. Further complicating the issue is the extent to which public information is reliable. This is not because of deliberate misinformation, but because laboratories stop testing when overwhelmed and underreporting of hospitalisations and deaths occurs because they are not always accurately attributed to the infectious disease. Basing planning assumptions on previous or similar situations can also be flawed. For example, planning for the H5N1 pandemic in 2003 on the basis of the 1918–1919 influenza pandemic, which had a mortality rate of 2.5 percent of those infected, would have been grossly inaccurate. At its peak, H5N1 had a laboratory confirmed mortality rate of 60 percent in those infected with the disease. Another consideration in planning which will affect the resilience of many organisations relates to assumptions about what resources will be available as part of response strategies. Again drawing on pandemic planning as an example, consideration needs to be given to a range of factors. Depending on the severity and rate of spread of the infectious disease, state authorities may introduce stringent public health measures, such as strict infection control, compulsory isolation, enforced quarantine, social distancing, limited in-country travel, restrictive international border control measures for arrivals and departures, mass vaccinations and prioritised distribution of antivirals – if they are available in time. All of these issues are factors that may affect
the overall resilience level of any organisation. This means that any planning assumptions need to be rigorously objective. A final aspect about assumptions as they relate to testing plans is to be clear about why the exercise is being conducted, because this will influence what assumptions are made. For example, it could be assumed that all participants have the same level of training, or that certain facilities and resources will be available. However, it is worth keeping in mind that these assumptions may be false or inaccurate. The key message is to examine critically all assumptions to ensure they are accurate and objective. Doing this will save a lot of time and effort, and may also save lives Dr Rita Parker is a consultant advisor to organisations seeking to increase their corporate and organisational resilience and crisis management ability. She is an adjunct lecturer at the University of New South Wales at the Australian Defence Force Academy campus where she lectures on resilience and non-traditional challenges to security from non-state actors and arising from non-human sources. Dr Parker is also a Distinguished Fellow at the Center for Infrastructure Protection at George Mason University Law School, Virginia, USA. She is a former senior advisor to Australian federal and state governments in the area of resilience and security. Dr Parker’s work and research has been published in peer reviewed journals and as chapters in books in Australia, Malaysia, the United States, Singapore and Germany, and presented at national and international conferences. Rita holds a PhD, MBA, Grad. Dip., BA, and a Security Risk Management Diploma.
SECURITY SOLUTIONS 017
REGULAR
HUMAN RESOURSES
Tax Obligations For Security Personnel
An important role of human resource management is to manage compliance with internal human resource policy and external human resource legislation, including compliance with employee and employer tax obligations. Considering it is tax season, it is timely to devote this edition’s column to advice on the tax obligations of security industry employees. Any legitimate expenditure made in the course of your employment is deductible. Like law enforcement and the military, security industry employees have unique tax employment circumstances that entitle them to legitimate tax deductions. All employees receiving fortnightly pay should be aware that, for the 2015–16 tax year, you should have paid more tax per fortnight than normal. The reason is that for this year only there are 27 tax periods, but you have only paid tax on 26, which means that if you paid ‘normal’ tax per fortnight, you would not have paid enough tax. The result of this is that you will either owe the Australian Taxation Office (ATO) a small amount when your return is submitted or your tax return will be smaller than expected. If you started with a new employer this year, ensure you have provided them with your Tax File Number. Further, ensure you and your employer keep that number secure to avoid the potential for identity theft. If you do not supply your employer with your Tax File Number, you will be taxed at the highest marginal tax rate.
018 SECURITY SOLUTIONS
If you have a higher education (HELP) debt, ensure your employer takes out additional tax to cover the ATO rule. If you do not, you will owe the ATO money which will be either taken out of your return or sent to you as a tax liability. If you forgot to tell your employer of the debt last year, ensure you tell them this year. Your payment summaries should have been given to you in the first week of July. If not, you need to see the human resources department or, in smaller businesses, your boss. If you do not have a tax agent acting for you, you have until the 31st of October this year to submit your tax return. If you have a tax agent, you have until the 15th of May next year (2017). The tax-free threshold is $18,000. This means that if you earned less than $18,000 last financial year, you will not pay any tax. However, it is to your advantage to submit a tax return so you can receive a refund for the tax you have paid this year. To assist you in compiling your tax return, the ATO produces and makes available a ‘Prefill’ form. This form provides information to assist you in accurately declaring dividends and interest earned. The form is readily available from your MyGov site. As previously stated, the security industry is in a unique position in so far as the list of allowable deductions is concerned. In relation to your motor vehicle, if you use the motor vehicle in the course of your employment, then any associated
expenses could be deductible. These include travel to and from courses or places of education. You are entitled to claim up to $150.00 for laundry and an unlimited amount for dry cleaning of uniforms, uniform maintenance and purchase of protective clothing. You are also entitled to claim: • union fees • the cost of applying for and renewing your security licence • the purchase cost of a pistol and ammunition if you are licensed to possess one and need it for your occupation • gun safe if you are entitled to store your weapon at home • repair and maintenance costs for your pistol • tools such as leatherman, knives and pouches • the cost of your mobile phone, provided you use it for your employment • any stationary you use for your occupation • any industry and union journals. I hope this assists you in compiling your tax return. Please be advised that this is general advice only and you should refer to a tax professional for any issues you have regarding your personal tax situation.
Note: Advice from a professional tax agent was sought to assist in compiling the information in this column.
Contact us on 1300 364 864 Follow us on
Delivering Proven Solutions for Security & Safety We Protect People & Assets SECURITY SOLUTIONS 019 www.magneticautomation.com.au
REGULAR
RISK MANAGEMENT Crime Statistics And Risk Management By Dr Kevin J. Foster When I started my research in the late 1980s, I quickly came to the view that risk management is a simple idea that is implemented easily in most routine circumstances. However, there are some situations when there are many complicating factors that can result in poor decisions and risk management failure. The authors of standards like AS/NZS 4360, ISO 31000 and ANSI/ASIS/ RIMS RA.1-2015 cannot provide a standard risk management solution for every operational environment and, therefore, the best they can do is define a common terminology and suggest auditable processes for making and implementing decisions about risk. Security professionals were quite adept at assessing and managing risk before the publication of AS/NZS 4360. However, some specialised risk analysis processes were abandoned in Australia in favour of using those recommended in the 1995 version of AS/NZS 4360; for example, some simple risk matrices. Those generalised risk matrices were not part of the standard as such; they were in an appendix giving information intended to provide examples of what a risk analysis tool might look like. However, there is much anecdotal evidence that many security professionals (or their bosses) believed they had to use the matrices in AS/NZS 4360:1995 instead of the specialised security risk analysis methodologies that had been formerly in use. The result, in some cases, was a drop in the quality of security risk analysis. The authors of AS/NZS 4360 deleted the examples of risk matrices in a later version, but by that time the matrices were embedded in many corporate risk management plans and in software that organisations were using for their enterprise risk management programs. Standards are important to set minimum requirements, but it is vitally important that security professionals implement security risk assessments and management to a degree
020 SECURITY SOLUTIONS
that gives some control over the operational environment. This would normally involve providing security that meets the goals (and policies) of the key stakeholders. If comparing the security industry with the building industry, some stark differences might be seen. Professional engineers and architects regularly produce building designs with features that are in addition to those prescribed in Australian or international standards. How often do security designers include features that are non-standard or truly innovative? Recently I had the privilege of attending a forum hosted by the Australian Security Research Centre in Canberra. The theme of the forum was about challenging security paradigms by bursting assumptions commonly made in the profession. The papers presented and subsequent discussions were meant to be thought provoking, and certainly were. Some offered innovations and others were more critical. At the forum, I heard an argument from an Australian security professional that security risk management has had no measurable impact on crime reduction statistics at licensed premises, service stations or ‘cash-in-transit’ operations. Indeed, he believed that crime had increased at these facilities since the introduction of security risk management systems. Licensed premises and service stations are not facilities that are easily hardened with security measures. However, measures can be put in place to protect staff and most of the cash collected. It is important to define the goals of a risk management system in order to determine its effectiveness. For example, if a risk management goal at a service station is to protect the staff that work there, then comparing crime statistics with this goal is only valid if the statistics relate to harm to the staff at this type of facility. The same principle would apply to the majority of the cash collected at a service station; preventing
people from driving off without paying for petrol is a different problem altogether. To give another example: in a hotel, preventing one patron from punching another is also difficult to address with security measures. The argument that security risk management is a contributing factor to an increase in crime at the facility being protected is self-contradictory. Perhaps the security risk management goals in these cases were not clearly defined or were simply not achieved? Alternatively, the statistics used in the analysis might have included drive-offs at petrol stations or assaults at licensed premises. The detail was not provided in the argument given by the speaker at the forum. It is very important when using statistics in risk analysis to show those statistics in the analysis to ensure they are relevant and to allow others to verify the analysis. It may be possible that security has been successful in providing the protection for which it was designed in service stations and licensed premises. However, the security design goals need to be stated in the risk assessment and the crime statistics need to be relevant to the risk management goal. The security profession’s assumptions need to be constantly challenged, but it also needs to use a scientific or valid epistemological approach to its research. The papers presented in the forum were collated in the publication Challenging Security Paradigms: Bursting the Assumptions Bubble and were published by the Australian Security Research Centre.
Dr Kevin J. Foster is the managing director of Foster Risk Management Pty Ltd, an Australian company that provides independent research aimed at finding better ways to manage risk for security and public safety, and improving our understanding of emerging threats from ‘intelligent’ technologies.
SPEND LESS ON VIDEO SURVEILLANCE STORAGE
SO YOUR CLIENTS CAN SPEND MORE ON OTHER TOOLS
Quantum’s multi-tier storage solution provides total usable capacity for less of the overall budget, allowing your clients to invest more in cameras, retention times, and analytics.
See us at Security Expo Melbourne 20-22 July, Booth F36 Find out more from Quantum ANZ: ANZsales@quantum.com or 1 800 999 285 (Aus) or 0800 105 999 (NZ) www.quantum.com/video-surveillance © 2016 Quantum Corporation. All rights reserved.
SECURITY SOLUTIONS 021
REGULAR
COMMUNICATIONS
Who Is Next In Line? By Rod Cowan Two conversations recently brought home the need for succession planning. The first, a friend’s remark regarding an industry meeting he had attended, “I looked around the room and realised we were all old men.” Second, a call from another friend to tell me that he had cancer. If those in the industry are indeed engaged in the art of security, the industry should be able to look ahead, plan for the future and mitigate risks. According to the Federal Government, over the next 40 years, as a result of smaller families and people living longer, the proportion of the population over 65 years will almost double to around 25 percent, while growth in the population of traditional workforce age is expected to slow to almost zero. The Treasury says, “This is a permanent change. Barring an unprecedented change in fertility rates, the age structure of the population is likely to stabilise with a far higher proportion of older Australians… Between now and 2040, every state and territory is expected to experience a significant ageing of its population. Ageing is an issue in which everybody has an interest.” The security industry will not be exempt and is, in many ways, already there. The nature and structure of business, however, has not been managed to accommodate succession. The gap between line supervisors and senior managers is enormous, to say the least, mostly due to management gurus and consultants touting new business structures for the so-called ‘information age’.
022 SECURITY SOLUTIONS
For years businesses have been told to avoid hierarchies. In his article In Praise of Hierarchy (Harvard Business Review, Jan/Feb 1990), Elliott Jaques writes, “Theorists tell us it ought to look more like a symphony orchestra or a hospital or perhaps the British Raj. It ought to function by means of primus groups or semi-autonomous work teams or matrix overlap groups. It should be organic or entrepreneurial or tight-loose. It should hinge on skunk works or on management by walking around or perhaps on our old friend, management by objective.” Pointing out “all their proposals are based on an inadequate understanding of not only hierarchy but also human nature”. Jacques adds, “Hierarchy is not to blame for our problems. Encouraged by gimmicks and fads masquerading as insights, we have burdened our managerial systems with a makeshift scaffolding of inept structures and attitudes. What we need is not simply a new, flatter organisation, but an understanding of how managerial hierarchy functions – how it relates to the complexity of work and how we can use it to achieve a more effective deployment of talent and energy.” Campfires and group hugs are fine in customer service settings, but do people ever die as a result of rude staff? In place of inept structures and attitudes, security demands discipline and a clear hierarchy to hold individuals accountable for their work. It may well be cheaper to have fewer layers and sounds grand to be managing risk at a local level through audits, reviews and reporting, but the reality is, who is responsible, do they know
“all their proposals are based on an inadequate understanding of not only hierarchy but also human nature”. what they are doing and, more importantly, do they have any real experience? The latter comes about through the intelligent use of hierarchies and a clear chain of command through which subordinates can take on increasing amounts of responsibility and move to the next level. Next time you are at an industry meeting or conference, look around the room at who is in charge now. If age does not weary them, cancer will affect one in two men and one in three women. So ask, “In five years’ time, who will be responsible for security at the airlines, financial institutions, shopping malls, service providers and places of mass gathering?” Feel comfortable with your answer? I do not. Rod Cowan is editor-at-large for Security Solutions Magazine and director of SecurityIsYourBusiness. com He can be contacted via email: ssm@securityisyourbusiness.com
S K Y H AW K FOR VIGILANT SURVEILL ANCE
L E A R N M O R E AT S E A G AT E . C O M / A U
SECURITY SOLUTIONS 023
REGULAR
LEGAL Negligent Misstatements: An Employment Reference Risk By Dr Tony Zalewski
Security professionals are generally familiar with the law of negligence and actions that may arise from a breach of the duty of care. These cases typically involve injury where a plaintiff seeks compensation for physical damage and/or nervous shock. However, what occurs when there has been pure economic loss based upon advice, such as an employment reference for a former employee? An economic or monetary loss may arise because a statement including an opinion, whether reckless or negligent, from another has been significantly relied upon. These types of cases involving former employees are common in the US and UK, albeit there has been some recent activity in Australia. To prove a negligent misstatement, one must show reliance; a connection between the statement and a person’s area of expertise such as former employer or supervisor; and economic loss. Any reliance on advice will potentially depend on the following factors: • the nature of the relationship between the parties, such as whether one has assumed the responsibility of providing advice to the other; • whether there was any reliance or dependency on the advice given by the other; • whether the party giving the advice made any representation (actual or implied) as to the quality or reliability of the advice; • whether the party giving the advice should have expected the other party to rely on it; and • the circumstances under which the advice was given, such as in the course of business. It should be noted that advice given in a social setting is treated very differently by the courts to
024 SECURITY SOLUTIONS
that given in the course of business. Therefore, advice given about a former employee must be carefully and accurately provided. Security leaders are often approached for advice about former employees as part of reference or background checking for future employment. Care must be taken and preventative measures adopted to protect individuals and organisations providing advice if the organisation allows staff to participate in reference or background checks. These preventative measures must include consideration of the following: • Any reference supplied must be in writing and dated. This means there can be no doubt about the advice provided and the organisation’s position. • Does the former employee consent for a reference to be provided? • Are there any potential statements that might be considered defamatory, thus resulting in an adverse opinion? • If there was a disciplinary issue during the term of employment, has the former employee been able to refute or respond appropriately? • Consider if the reference provides a reasonable and fair description of the former employee’s work and conduct. • Has the organisation’s human resources department checked and authorised the reference? and • Consider when providing any reference whether the organisation would employ that former employee again. This is probably the best test of whether any advice should be provided. To minimise the risk of a future claim, the reference should contain a statement indicating
the reference is given in confidence and good faith. It should also contain a disclaimer indicating no responsibility or liability can be accepted for any errors, omissions or inaccuracies in the information or for any loss or damage that may result from any reliance placed upon the reference. It should be noted that employers do not have a duty to provide an employment reference on behalf of a former employee unless there is a contractual term to that effect. If an organisation or an individual within the organisation offers or provides a reference about a former employee, they adopt a duty of care to both the former employee and to the prospective employer. Many organisations avoid providing references based upon risks associated with negligent misstatements, in particular where there may have been internal disciplinary issues that resulted in the cessation of employment by the former employee. It would appear the current trend is not to provide anything more than a certificate of service that indicates position and duration of employment.
Dr Tony Zalewski is a Director of Global Public Safety and a forensic security specialist with qualifications in law, criminology and the social sciences. He provides advice and training to governments and the private sector in Australia and abroad on matters relating to operational risk, security and safety. He is also an expert with practical experience in some of Australia’s leading civil actions involving security and safety.
Recognize and Analyze How often was he here this month?
Is he a known suspect?
How old is she?
Are they employees?
When, where did she enter?
Is this valued customer Mia Clark?
How many people are here? Is it too crowded in this area? See it in action at Security Essen, Hall 4, stand A20: FaceVACS-VideoScan C5: The face recognition camera combining face detection/tracking and camera technology in a single device
FaceVACS-VideoScan uses premier face recognition technology to detect and identify persons of interest while computing demographic and behavioral data, supporting security staff, marketing teams and operations management.
SECURITY SOLUTIONS 025
REGULAR
THINKING ABOUT
SECURITY
Security In Emergencies By Don Williams There is, or there should be, a strong bond between security and emergency management. Security is predominantly about prevention and emergency management about the response, but they overlap in that both need prior planning, training, procedures and interoperability and both should be concerned with the before and after aspects of an incident. Unfortunately, there is often a significant disconnect, particularly where templated, off-theshelf, ‘insert client’s name here’ emergency and security plans are purchased. This disconnect can be exacerbated when the responsibilities for security, emergency management and facility management are all outsourced and the in-house responsibility for the security and safety of the business rests with a contract manager. Even in situations where the organisation may have a dedicated security manager and a dedicated and committed emergency manager/ chief warden, there may still be cases where security and emergency management are unaligned or even in conflict. Assuming that both disciplines are about protecting the business by preventing the loss of people and other assets, there are a number of considerations that are worth reviewing: • How is the site to be secured during and after an evacuation and during re-occupation? If the site is not on fire or subject to some other hazard, what stops people, innocently or with evil intent, from entering the site? How confident is the security manager that all important information, drawings, contract documents and so on have been secured during an emergency, as it is
026 SECURITY SOLUTIONS
possible, if not probable, that staff will not be the first people to re-enter the building? How will re-occupation of the building be managed to ensure that security of the site is maintained? • In addition, there are issues relating to how the site can be evacuated, and the implications of closing down production facilities and processes without causing more damage than the initial emergency event. Hopefully, the process managers have been involved in the emergency planning, but the security manager may consider how these processes will be secured. • The protection of evacuated staff from weather events, protests, crowd crushes and acts of violence should be part of an emergency plan. If staff or visitors are unable to access their cars, medicines and other personal belongings during the incident, how will these assets be protected once the incident is over, particularly if the site is not released until the middle of the night? Another area of concern is the concept of ‘shelter in place’ which receives only two small mentions in the relevant standard (AS3745). The application of the basic concept often appears confused. The principle is simple: if the hazard is external, people are kept in place until the security manager knows what is happening and
has identified a safe method of egress. If an active shooter is outside, then the plan should be to lock down and keep people in until the police advise of a safe egress route to get away from the incident site. If the active shooter is inside, then the aim should be to get people away from the hazard by getting them out of the building, if safe to do so. Sometimes, a lack of thought suggests that in all cases people should evacuate or for some emergencies, such as an active shooter, they always stay and hide. Neither is right; each incident must be decided on a recognition of the hazard, its location and the safest and most secure response. Security and emergency response are closely related and must work together to protect the business; they are part of the same safety and security continuum.
Security and emergency response are closely related and must work together to protect the business...
Don Williams CPP RSecP ASecM is a recognised thought leader in the field of security management. He is a member of relevant security and engineering professional associations and often sits on their committees. Don can be contacted via email donwilliams@dswconsulting.com.au
MULTIPLE CAPABILITIES SUPERIOR SOLUTION
Volvo Group Governmental Sales Oceania
IN HOSTILE ENVIRONMENTS, IT’S IMPORTANT THE SYSTEMS THAT YOU DEPEND ON CAN
STAND THE TEST OF TIME.
At Volvo Group Governmental Sales Oceania, our core business is the manufacturing, delivery and the support of an unparalleled range of military and security vehicle platforms; a range of platforms that are backed by an experienced, reliable and global network with over one hundred years of experience
superior solutions, providing exceptional protected mobility SECURITY SOLUTIONS 027 www.governmentalsalesoceania.com
REGULAR
EVENTS The Australian Security Medals 26 August 2016 Australian War Memorial, Canberra The Australian Security Medals Foundation (ASMF) will once again celebrate the achievements of outstanding personnel in the security industry at its annual gala dinner and awards night to be held at the Australian War Memorial in Canberra on Friday 26 August. Launched in 2010, ASMF was established to publicly recognise outstanding security operatives, security professionals and their achievements and contributions to our community. The Foundation, through these awards, aims to promote security as a profession by: • raising awareness of the outstanding service(s) the medal recipients have provided • promoting awareness of what the security industry really ‘looks like’ – beyond the ‘guns, guards and gates’ image • raising funds for beyondblue in an effort to help tackle the issue of depression in Australia. Money raised from the event helps to provide material support for the families and loved ones of security personnel killed or seriously injured in the line of duty. If you would like to help celebrate the outstanding achievements of
028 SECURITY SOLUTIONS
the men and women of the security profession and network with some of the industry’s leading luminaries, then be sure to book your tickets for this amazing event now. Visit www.inspiringsecurity.com for more information.
ASIAL Awards For Excellence 20 October 2016 The Westin, Martin Place, Sydney Hundreds are expected to attend the prestigious awards ceremony and dinner to celebrate winners of the 2016 Security Industry Awards for Excellence and Outstanding Security Performance Awards (OSPAs). Media personality James O’Loghlin (from Good News Week, Rove Live, Sunrise, Lateline, The Evening Show and more than 300 episodes of The New Investors) is back by popular demand and will once again emcee the awards. The OSPAs is a worldwide scheme for recognising outstanding performers in the security sector. They have also been launched in Norway and Germany and other countries are about to follow. Australia is at the forefront. The OSPAs are supported by ASIAL, ASIS
Australia and the Security Professionals Registry (although the OSPAs is independent of all groups) in an initiative that is designed to unite the security sector in celebrating the success of its outstanding performers. They are set to bring new life to security excellence. In this first year of the OSPAs, there are nine categories open to enter in Australia. They are: • Outstanding In-House Security Team • Outstanding In-House Security Manager • Outstanding Guarding Company • Outstanding Security Consultant • Outstanding Customer Service Initiative • Outstanding Security Training Initiative • Outstanding Security Installer • Outstanding Security Partnership • Outstanding Investigator Awards will be presented to winners between courses and James will provide light comedic entertainment. There will also be an opportunity to pose in front of the photo wall, have your happy snap taken by a professional photographer and network with other security professionals. Visit www.asial.com.au for more information.
Stand 156 8-10 November 2016 Crown Ballroom, Perth
SECURITY SOLUTIONS 029
REGULAR
EVENTS Total Facilities 29–30 March 2017 International Convention Centre Sydney
ISC West 5–7 April 2017 Sands Expo Centre, Las Vegas
Returning to Sydney with an exciting new proposition, Total Facilities now unites both facilities and workplace professionals in the ultimate industry destination for the built and work environment. Held annually between Sydney and Melbourne, TFX is Australia’s largest learning and networking event for facilities and workplace management professions seeking solutions for creating more efficient, sustainable and productive facilities and workplaces. Total Facilities is comprehensive and efficient in its delivery and provides real solutions to every day operational challenges by connecting buyers and sellers to source innovation, debate current issues, share insights and create opportunities for an invaluable community of professionals.
ISC WEST is THE largest security industry trade show in the U.S. At ISC West you will have the chance to meet with technical reps from 1,000+ exhibitors and brands in the security industry and network with over 28,000 security professionals. Find out about new and future products and stay ahead of the competition. Encompassing everything from access control to Facial Recognition software you are sure to find products and services that will benefit your company and clients. This year don’t miss our new IT Pavilion featuring the latest cyber security solutions. Working with SIA, ISC also features world class education to learn about every facet of the security industry.
Our vision We champion professionals who support the built and work environment with a sense of belonging and advocacy – the unsung heroes and behind the scenes forces. We will evolve and grow our offer year on year to: • Bring new and leading solutions in operational efficiency to the market. • Deliver forefront trends for running more sustainable facilities and workplaces. • Foster a community of multidisciplinary professions to have a voice and achieve recognition. • Redefine the future of the industry and challenge traditional perceptions of facility management. For more information visit: www.totalfacilities.com.au
030 SECURITY SOLUTIONS
For more info on SIA Education@ISC visit www. iscwest.com
IFSEC International 20–22 June 2017 Excel London The global stage for security innovation and expertise IFSEC International is the biggest security exhibition in Europe taking place over three days between 20 to 22 June 2017 at London ExCeL. IFSEC welcomes over 27,000 global security professionals to experience the latest technological innovations and hear from industry leaders – all under one roof, over three days. The event caters to everyone within the security buying chain from manufacturers, distributors, installers, integrators, consultants to end users. With over 600 exhibitors
showcasing over 10,000 products, you will be able to find the perfect security solution your business is looking for. There’s more to it than just security. IFSEC International is co-located with FIREX International, Facilities Show, Safety & Health Expo and Service Management Expo, catered for those working across many platforms in building management and protection of people and information. For more information or to register please visit www.ifsec.co.uk
Security Exhibition & Conference 2017 26–28 July 2017 International Convention Centre Sydney We’re excited to be heading back to Sydney from July 26–28, 2017 to the brand new International Convention Centre in Darling Harbour and the anticipation is palpable. Early bird registrations will get access to one off exclusive VIP Early Bird rates for the ASIAL Conference 2017. Get in early to take advantage of this special discount and avoid disappointment as the 2016 program SOLD OUT. By visiting the site and registering early, you will also be entered into the VIP Early Bird prize draw for your chance to WIN 2 tickets to the annual Security Gala Dinner PLUS one night accommodation INCLUDING breakfast at the Novotel Darling Harbour. The Security Gala Dinner is the annual celebration of the industry’s successes and with this prize you can really make a night of it with overnight accommodation at the Novotel Darling Harbour in a Loft Suite with Harbour views. To register now visit securityexpo.com.au
Smart access means security
Dorma and Kaba become dorma+kaba – a smart step for your security. People want to feel protected. To know that their safe. And that valuable assets are secure. We put everything into developing networked access solutions to give you that feeling of protection. Because your trust in us is our most valuable asset.
T: 1800 675 411 www.dormakaba.com.au
032
How Secure Are Security Guards?
033
By Tony Jaques
The tragic nightclub shooting in Orlando, Florida, raised scores of questions for politicians, community leaders, managers and law enforcement. But one challenging issue is: How was the Islamic extremist shooter employed as a gun-carrying security guard? Global security giant G4S emphasised that its employee, Omar Mateen, was off-duty at the time of the massacre, but that did not prevent the news causing an eight percent drop in the company’s share price on the London exchange, which slashed about £200 million pounds off its market value. Most importantly, it exposed a critical issue in the security industry, namely the vetting of employees and the impact when they do wrong. Rogue employees are a risk in every industry, but for security companies, frontline employees are in a position of special trust, sometimes with life or death control over others, with many carrying firearms in the course of their work. The full facts of the Orlando shooting will probably not be known for a long time. Yet there are already important lessons from the crisis facing the security company and the way it responded to the inevitable intense scrutiny which followed. Within hours of the shooting, G4S issued a statement expressing shock at the event and confirming that Mateen was an employee. But it was the next statement, eight hours later, which set the tone for the company’s response. “We are deeply shocked by this tragic event. We can confirm that Omar Mateen had been employed by G4S since September 10, 2007. Mateen was off-duty at the time of the incident. He was employed at a gated retirement community in South Florida. “Mateen underwent company screening and background checks when he was recruited in 2007 and the check revealed nothing of concern. His screening was repeated in 2013 with no findings. “We are cooperating fully with all law enforcement authorities, including the FBI, as they conduct their investigations. In 2013, we learned that Mateen had been questioned by the FBI but that the inquiries were subsequently closed. We were not made aware
034
of any alleged connections between Mateen and terrorist activities, and were unaware of any further FBI investigations. “Our thoughts and prayers remain with the victims of this unspeakable tragedy, and their friends and families.” As a crisis statement it ticked a few boxes – expressed shock and sympathy and coldly stated the facts. But it failed to express any regret at the company’s own actions, avoided admitting any fault, failed to say they would review their own processes and failed to concede any responsibility to the client where they had placed their security guard. Moreover, it suggested the company was completely unprepared for what was to follow. After every crisis, four things almost always happen: 1. There is a hunt for someone to blame. 2. Someone steps forward and says they saw the warning signs. 3. Every past fault and failure is dug up and re-examined. 4. Every action related to the crisis is subject to extreme scrutiny. It is in these areas that other companies can learn important lessons from what happened after Orlando. Every crisis produces more than enough blame to share around and G4S appeared determined to divert responsibility. Its original statement and subsequent comments repeatedly emphasised that the 29-year-old man had been cleared by the FBI and that the company was not advised he had been on a terrorism watch list. GS4 also emphasised that 15 percent of its US-based employees are rescreened each year. However, the company failed to comment on the fact that Mateen had been hired a few months after being dismissed from the training program of the Florida Department of Corrections after talking about bringing a gun to school. Predictably, a former co-worker, Daniel Gilroy, came forward and told reporters that Mateen was racist, sexist, homophobic and frighteningly aggressive. “This guy was unhinged and unstable. He talked of killing people. Everything he said was toxic, and the company wouldn’t do anything.” G4S said it
had no record of any such complaint and took the unusual step of publishing Gilroy’s positive statements about his colleagues made at the time he left the company.
Most importantly, it exposed a critical issue in the security industry, namely the vetting of employees and the impact when they do wrong. G4S is no stranger to controversy and the incident invariably led to the media resurrecting a host of past problems to highlight the issue of vetting employees, not least the notorious case in 2009 when a G4S security guard stationed in Iraq shot dead two colleagues in Baghdad after displaying signs of psychological imbalance. According to the Guardian, a BBC investigation found that G4S had been warned on multiple occasions that the man was not fit for duty, but continued to employ him. A coroner’s inquiry in the UK found that G4S had not adequately vetted the British national. While some parts of the media focused on the company’s historical misdeeds, others turned a laser focus onto every aspect of the employment of the Orlando gunman, Mateen. For example, one enterprising newspaper uncovered the fact that the psychological evaluation form supporting the company’s application for Mateen to get a state licence to carry a firearm as a security guard was not signed by the psychologist listed on the form. The company put it down to a clerical error. The newspaper pointed out that no one claims the employment licence played any role
in helping Mateen commit the murders, but the story highlights that, in the aftermath of a crisis, every possible aspect will be subjected to extreme scrutiny; that actions taken long ago, or in the heat of a crisis, can be forensically examined months or even years later in the cold hard light of an inquiry or courtroom. Look no further than the investigation into the Black Saturday bushfires in Victoria, or the Lindt Café siege in Sydney. What is important here is that none of this should have come as a surprise to G4S. And none of the lessons should be a surprise to other companies. In any crisis, the basic steps are simple: state the facts to the extent they are known, be willing to apologise, express empathy and explain what will be done to prevent it happening again. The key failing for G4S was not giving any explanation or assurance about what it could do to improve vetting of its staff (or to admit that there was in fact any shortcoming). G4S is one of the world’s largest employers, with over 600,000 staff. But no matter how large or small the organisation, the lessons are the same: • to recognise that a single employee can bring high-profile reputational risk • to have robust systems in place to weed out rogue individuals • to be able to demonstrate that every effort is made to ensure compliance • to listen to and respond to warning signs • to admit mistakes and be willing to address them. For any company which tries to argue “we have so many people, how can we be sure about every one”, the final word should go to Warren Buffet, one of the world’s richest men and CEO of the immensely successful company Berkshire Hathaway. In one of his famous blogs to managers he wrote: “Somebody is doing something today at Berkshire that you and I would be unhappy about if we knew of it. That’s inevitable. We now employ more than 250,000 people and the chances of that number getting through the day without any bad behavior occurring is nil. But we can have a huge effect in minimizing such activities by jumping on anything
In any crisis, the basic steps are simple: state the facts to the extent they are known, be willing to apologise, express empathy and explain what will be done to prevent it happening again.
immediately when there is the slightest odor of impropriety. Your attitude on such matters, expressed by behavior as well as words, will be the most important factor in how the culture of your business develops. Culture, more than rule books, determines how an organization behaves.” G4S and every other security company would do well to heed his wisdom.
Dr Tony Jaques is an internationally recognised authority on issue and crisis management and author of Issue and Crisis Management: Exploring issues, crises, risk and reputation (2014) and Crisisproofing; How to save your company from disaster (due October 2016). He is the Principal at Melbourne-based Issue Outcomes Pty Ltd and can be contacted at tjaques@issueoutcomes.com.au
SECURITY SOLUTIONS 035
ALARMS
IP-Enabled Equipment Continues To Grow In The South-East Asia Region 036 SECURITY SOLUTIONS
By Alexander Derricott
During the course of recent IHS research on the access control market, the AsiaPacific region was the fastest growing area globally. The region is forecast to grow at a compound annual growth rate (CAGR) of 7.3 percent, reaching $1.6 billion revenue in 2020. One particular trend that started to develop last year was the adoption of panels and other Internet Protocol (IP) based equipment. The use of IP-enabled equipment ramped up significantly in 2015 as improvements in internet infrastructure are expected to accelerate from 2016 through 2020. In fact, revenue from IPenabled panels will grow at a CAGR of 11.8 percent, reaching $499.3 million in 2020, and comprising 58.2 percent of the market. One of the interesting emerging nuances is that demand for IP-based products has been primarily supported by their ease of installation. In most regions around the globe, uptake of IP-enabled panels has been supported by cost reductions, especially in regard to maintenance; however, in the Asia-Pacific region, ease-of-installation benefits are having a profound impact on both the panel market and the overall access control industry. Easier installation is actually encouraging greater penetration of access control products within markets in Malaysia, Thailand and other countries. The very low labour costs in South-East Asia, however, mean that cost reductions associated with ease of installation that normally spur IP-enabled installations in North America and Europe, barely cover the increased cost associated with the panel. The small realised gains in terms of cost reduction demonstrate easier installation plays a larger role than first imagined when encouraging the shift. The focus on ease of installation, rather than cost, is definitely an outlier in a region that is notoriously price sensitive, but end users seem to be resisting price pressures and are opting for more advanced – and more expensive – IP panels. The commercial sector has been one of the biggest markets for IP-enabled access control equipment, due in large part to new wiring techniques now used
SECURITY SOLUTIONS 037
ALARMS
in the construction market. New offices tend to have an IP connection point every 20 metres along interior walls, meaning that the use of IP-enabled equipment is now viable for a much larger portion of the commercial market. Commercial and residential customers are also demanding single-door IP controllers, which have allowed local companies to take advantage of a segment that has not been as fully covered by multinational suppliers. Singapore leading the market in terms of adoption is unsurprising, as the country has good internet infrastructure, is a hub of financial and commercial trade, and already represents $38.5 million in revenue for a population of only 5.5 million. The two markets that offer more interest are Malaysia and Thailand – while less developed than Singapore, uptake of IP-enabled panels is growing in these two countries. Vietnam, Indonesia and other countries in the region have been slower to shift. The price sensitivity over IP-enabled panels in the region has been overcome for the moment, but the declining fortunes of many South-East Asia economies could ramp up short-term pressure. The slowdown of the Chinese economy in late 2015 and early 2016 has hurt many regional economies, because China was a big purchaser of natural resources and other exports. The decline in oil prices has also hit Malaysia and other countries particularly hard, causing IHS to lower by nearly half the short-term growth profile for this market. While there is some gloom associated with the region, there are some very positive developments surrounding internet infrastructure that should boost the market. The Asia-Pacific region has comparatively poor internet infrastructure, but investment in better systems bodes well for future uptake of IP-enabled equipment. Capital expenditure investment in cable telecommunications in Malaysia, Indonesia, Thailand and Singapore rose by $400 million after 2014, reaching $9 billion for the first time in 2015.
038 SECURITY SOLUTIONS
The use of IP-enabled panels is growing, but the increase in web-based products is not as large in South-East Asia as it is in Europe or the Americas. The SouthEast Asia market for web-based panels is expected to grow at a CAGR of 11.6 percent from 2015 to 2020, while PC-based panels are forecast to grow 11.8 percent. This more balanced growth between web-based panels and PC panels contrasts with the Americas and Europe, where web-based panels far outstrip PC panels in terms of growth. The pace of growth for web-based panels in South-East Asia is expected to increase between 2018 and 2020 as better product knowledge and increased internet infrastructure boosts demand. Currently, however, the shift to systems similar to those used in Western Europe and the United States is still further away. The competitive environment currently favours many local suppliers of these products for two major reasons: first, the demand for single-door controllers in Malaysia and other countries has been poorly supplied by multinational suppliers, which has allowed a gap in the market to be exploited by local players; and second, currency exchange rates have effectively priced out many international panel
offerings. For example, the Malaysian Ringgit depreciated 19.3 percent against the dollar between 2014 and 2015, the Indonesian Rupiah depreciated 12.8 percent, and the Thai Baht depreciated 5.4 percent. Although the overall Asia-Pacific market is still led by Siemens and other companies, there is a growing presence of MicroEngine, HIK Vision, Solus and other local players. The use of IP-enabled panels in Asia-Pacific countries bodes well for other developing markets, as it can alleviate concerns around infrastructure development holding back the uptake of these devices. The region also proves that cost is not the only criteria that can increase sales of IP-enabled equipment, as ease of installation also makes a strong use case. The South-East Asia market has also developed a niche demand for singledoor controllers, so traditional multinational players have had to take the time to adapt their products, which has left a gap for local companies to exploit. While various slowing economies in the region still pose a threat to the continued growth of IPenabled panels, so far the market still seems content to continue to invest in the technology.
SECURITY SOLUTIONS 039
040
Precision Versus Combat Shooting Train For Operational Reality
041
By Richard Kay Traditional firearms training is organised around precision shooting techniques under conditions of known times and distances. Training developed to enhance precision skills, such as bulls-eye and practical firearms courses, were developed to test these skills and play a role in training. The fundamentals emphasised by precision shooting are: • Stance facilitates a balanced assertive shooting platform for a natural point of aim, rapid target engagement and effective movement. • Grip facilitates the initial set-up of the firearm on target and proper recoil control. • Aiming facilitates two aspects – sight alignment (alignment of the front and rear sights and the target) and sight picture (the relationship between the front sight and the target or, more specifically, the point of aim to the centre of what is seen). • Trigger control facilitates accuracy through the smooth press and release of the trigger along the axis of the barrel. • Breathing is natural and controls stress by regulating physiology, specifically heart rate. The correct use of these fundamentals ensures accurate shots, but often too much emphasis is placed on precision shooting skills for the operational environment. Statistics show that most shootings take place at close distances (three to five metres) and are over in a few seconds. A review of operational shootings shows the average officer fires less than six rounds during an armed encounter, and the entire conflict is over in less than three seconds. These are facts that should dispel a great number of misconceptions about violent confrontations involving firearms. It becomes immediately apparent that the physical and time constraints of such situations do not allow for the finer nuances of marksmanship. Combine the above circumstances with a heavy dose of survival stress and this situation calls for a very specialised set of skills for survival. For these situations, combat shooting techniques are preferable. The emphasis of combat shooting is not on precision ‘groupings’, but rather putting combat effective shots on target. Combat shooting emphasises grip and trigger control as the key ‘fixed’ fundamental
042
principles, with the others being variable depending on the operational circumstance. Whilst accuracy is everything (aim small, miss small), the focus is on getting rounds anywhere within the centre of seen mass. Unlike the ‘ideal’ circumstances of precision shooting (static target shooting with no stress), in combat shooting (real, dynamic stressful encounter) a spread of rounds over the centre mass is acceptable, and in fact goes a long way to causing effective stopping trauma by causing damage to more body systems. To further promote operational reality under actual conditions, officers should endeavour to keep both eyes open when shooting, as this reduces tunnel vision, increases peripheral vision and situational awareness, and increases the ability to see multiple threats, innocent bystanders and other officers. Post-shooting analysis shows that in most scenarios, the situation develops under circumstances that are less than ideal and not in a way the officer typically expected. Most violent confrontations are spontaneous and will likely take an officer by surprise and, as such, the officer is in a reactionary state. The best way to prepare for such an encounter is to condition the mind and body in a manner that is consistent with the way one needs to perform in the field. Training is critical to minimise the response time necessary to successfully react in spontaneous attacks. In addition, most shootings take place at very close range, in poor lighting and may include multiple subjects. Another issue regarding operational firearms competency is frequency of training. Many officers only train with their duty weapons once a year, to qualify. However, firearms training needs to be relevant and realistic and it must also be conducted regularly, occurring closely enough to incidents to assist officers in making proper tactical decisions. The main shortcoming of current firearms training is that it is incomplete. The focus is often on basic knowledge and skill acquisition, training officers to pass a theory test and shoot a passing score on clinical shooting serials, rather than understanding knowledge and applying it operationally. There is generally no skill development or operational preparation through tactical drills and reality-based scenarios.
Whilst there is no restriction on instructors and companies training students properly, financial considerations usually outweigh operational considerations. Time and cost concerns are so restrictive that they significantly compromise the suitability and sufficiency of current operational safety training. An unintended consequence is that current training may leave officers more vulnerable, despite the best attempts by trainers and agencies to deliver an effective training package. The average officer, within months of leaving initial training, can usually describe how a given technique is used, but often will have little ability to actually apply it effectively in a dynamic encounter with a resistant subject. Many training programs do not employ modern, research-based methods of successfully teaching psychomotor
A review of operational shootings shows the average officer fires less than six rounds during an armed encounter and the entire conflict is over in less than three seconds… It becomes immediately apparent that the physical and time constraints of such situations do not allow for the finer nuances of marksmanship.
Training is critical to minimise the response time necessary to successfully react in spontaneous attacks. skills, a shortcoming compounded by the fact that current recordkeeping fails to capture even the most elementary relevant information about the dynamic nature of real-world attacks on officers. Wherever they are based, if officers are unprepared to meet the various threats they face, it can impair their ability to make good judgments, to affect control, and to avoid injury or death to themselves and to innocent civilians. Officers should train at least four to six times a year with their firearms. The reason for this frequency is that the psychomotor skills needed for firearm manipulation are such that, without constant and frequent reinforcement, those skills will deteriorate. Many authorities suggest that annual, or even semi-annual, firearms training is insufficient for the purposes of avoiding liability. The content of the training also needs to evolve. In addition to classroom instruction of force response policy and procedure, most instructors suggest the range work should include: • clearing stoppages with either hand • drills that simulate malfunctions • emergency tactical reloading with either hand • manipulation of safeties and de-cocking levers with either hand. As well as the usual and customary range topics like: • low-light and judgmental (decision-making) shooting • shooting while moving to cover • one-handed firing • giving verbal challenges • firing and clearing malfunctions from various ‘officer down’ positions • engaging multiple targets.
In the US, the message from the courts is that training should cover ‘whatever officers can reasonably be expected to confront’, and therefore include at minimum: • frequent training • moving targets • reduced light • judgmental training • use of cover • realistic environments • policy reinforcement • force level integration and transitions • relevance to assignments. Most officers go through their entire career without having to use their firearm. Since an armed confrontation may never occur, it is difficult to remain vigilant day in and day out. However, there may come a time when they need to discharge their weapon in defense of their life or the life of another. If officers find themselves in a violent confrontation, they must be prepared. Ideally, operational firearms training should be geared toward combat shooting. Although officers must show proficiency on the firearms range, they must also prepare themselves for real encounters. Winning a critical incident begins long before officers fire a shot.
Time and cost concerns are so restrictive that they significantly compromise the suitability and sufficiency of current operational safety training. Richard Kay is an internationally certified tactical instructor-trainer, Director and Senior Trainer of Modern Combatives, a provider of operational safety training for the public safety sector. For more information, please visit www.moderncombatives.com.au
SECURITY SOLUTIONS 043
CCTV
044 SECURITY SOLUTIONS
The Future Of Video Analytics
SECURITY SOLUTIONS 045
CCTV
By Ryan Talbot and Michael Omeros
Genesis of Video Analytics Since the introduction of video over an Internet Protocol (IP) network was first established in 1997, CCTV has, up until recently, been fundamentally known as a ‘dumb system’, providing just live, prerecorded video playback and export capabilities with very little or no ‘smarts’ behind it. More recently, however, some CCTV systems have been described as IP video surveillance systems due to the fact that such systems now incorporate the use of computer-based intelligence to monitor video streams using analytics. This evolution in technology has changed the nature of CCTV, providing capabilities to end-users far above and beyond what was available only a few short years ago. With such rapid development occurring in only the last few years, one might reasonably ask, what next? Growth of Video Analytics According to a recent report from Transparency Market Research, the IP video solutions industry is now one of the fastest growing areas of security, with an annual compound growth rate (ACGR) of 19.1 percent from 2013 to 2019, with new technologies opening up many opportunities for IP camera manufacturers, software companies, distributors and valueadded resellers. Due to the increased growth rate and market expectations, there is a surge of manufacturers etching their way into the market to secure their own corner. This increase in market competition is spurring companies to action, providing new and unique ways of managing a customer’s expectations through smart technologies. This is made evident by recent technology changes that have provided the industry with higher definition images, improved compression methods, higher frame rates and better low-light performance, combined with improved flexibility as a result of each device being IP addressable. There are now almost infinite opportunities with what can be done with video captured via IP video, essentially turning each image into
046 SECURITY SOLUTIONS
measurable and sometimes critical data for a customer. The surface has only just been scratched with regard to what information and data can be gathered by the use of video-based analysis and it is expected that in the near future, multiple systems will be able to communicate and make decisions between devices. That said, such capabilities are still some way off. So, how can video analytics be more effectively applied on IP video today? What problems might this technology solve for a customer and what could it deliver in the future? To gain insight into these big questions, consider why video analytics has become a growing trend. CCTV has traditionally been about surveillance; using humans to visually process video. Analytics were first introduced in the CCTV field as a means of augmenting a person’s visual processing with pockets of additional digital information. This came in the form of basic motion detection and human tracking. As it became possible to increase the number of transistors on micro-processors (see Moore’s Law), more leeway was given to the amount of CPU cycles the analytic algorithms could consume. Basically, as computers have increased in processing power, they have been able to execute more challenging tasks more accurately and more quickly. As a result, video analytics is no longer supplementing human observation but is fully automating some aspects of surveillance, giving rise to a plethora of new surveillance possibilities. Facial Recognition The most obvious and widely used analytic that is now fully automating parts of surveillance is facial recognition. There is an increasing demand for more efficient and effective security capabilities as intelligence agencies are overwhelmed trying to provide the resources to manage surveillance effectively. Recently, some companies have provided analytics capable of biometric detection of faces with up to 99 percent accuracy and many of these software solutions have direct integration into some
of the major video management system (VMS) platforms. This allows authorities to be alerted with video verification in realtime with push-notifications when a suspect is detected. According to John McGiffen, managing director of Intelliscape, there is also the ability to tap into the Internet and social media platforms to link people together with a who-knows-who engine, providing critical data to authorities. Facial recognition is no longer an ‘after the fact’ analytic; if deployed correctly, it could play a significant role in preventing terrorist attacks or other such catastrophes before offenders have the opportunity to strike. That said, highly accurate facial recognition is just one of many forms of video analytics that have been on the rise over the past few years. Some of the more recent video-based analytics that are being used successfully today include licence plate recognition, object left and object removed from an area, line crossing, direction of travel, people and vehicle counting, intruder detection and forensicbased searching. Audio analytics have also recently come into play, with volume detection and even scream detection built into some manufacturer’s cameras. Video Analytics and Retail The future of analytics in CCTV is very bright. One area currently experiencing significant growth is the retail and marketing sector. The use of retail analytics such as heat mapping, people counting and dwell times are assisting retailers with demographic information and usable business data that has never been accessed before using camera technology. Marketing departments are benefiting from this information, allowing them to better understand trends and allowing them to significantly improve business processes. The ability to create specific aggregate reports on various entrance ways to determine traffic flows and strategically place vendors in these locations is all made possible through video analytic technologies. Queue management and queue abandonment is another analytic that is becoming more prevalent,
Facial recognition is no longer an ‘after the fact’ analytic; if deployed correctly, it could play a significant role in preventing terrorist attacks or other such catastrophes before offenders have the opportunity to strike. with businesses utilising this technology to further improve customer wait times while helping to provide the correct staffing resources at the right times. Caveats in Video Surveillance While there has been significant year-onyear growth in the video analytics market, there are still many areas where analytic technology and software can be enhanced. It is important to understand the pros and cons of where the technology can be applied. For example, alert-style analytics, which are usually contrast based, can still be adversely affected in some instances by scene changes and changes in light. Many manufactures are constantly improving their technologies, but there is a very specific skill set required to set up analytics effectively to reduce the amount of nuisance alarms. However, with this in mind, the solution needs to be built around conditions such as good lighting in these areas to allow analytics to work to their full potential, although there is an abundance of low-light camera technology coming into the market. As this technology improves, the effects of lighting and scene changes will become redundant, with some manufacturers already able to produce colour images in light as low as 0.0045 lux. Big Data In today’s society, people generate data around everything they do; from using credit cards to surfing the Internet, interacting and sharing with each other via social media and so on. People’s day-to-day interactions with security systems are no exception. This abundance of data is often referred to as Big Data. Analytics provide the ability to drill down into and analyse sets of related data in a simplified manner. One can only begin to guess at the kinds of information that might be uncovered when it becomes possible to link and mine data relating to potential security issues from across multiple systems.
Video analytics is not just providing bigger and better ways of extracting information from video feed, it has also become a catalyst for the way in which providers think about IP video solutions. The increasing sophistication of systems and the minimisation of costs from endusers are naturally moving analytics toward the edge, as opposed to a centralised approach. What this means in simple terms is that some of the intelligence in the system has moved out of the VMS to reside within the cameras themselves, relieving some of the pressure on the VMS and allowing it to do more, at a faster pace. Edge-based and server-based analytics over an IP network are now becoming a necessity and a growing number of consultants are specifying these solutions as end-users begin demanding more than a simple ‘video feed into a box’. Edge-based analytics have a distinct advantage in terms of intelligence and metadata. As the hardware capabilities of cameras and encoders increases, so too does the sophistication of the analytics programs they run and the quality of metadata produced. This means metadata can be accessed directly, and quickly, as opposed to having a server transcode information. This has the added benefit of dramatically reducing cost as there is no need for third party software and additional hardware, as many camera manufacturers have this functionality built directly into the camera. Like edge-based analytics, many cameras now utilise edge-based memory storage where the memory is local to the camera. Although this has been around for several years in cameras, it has changed from SDHC, which is a high capacity format with 32GB limitation, to the latest SDXC format which supports up to 2TB onboard the camera. Although the SD cards are not quite there yet, some manufacturers can handle up to 256GB at the edge, which will eventually allow for storage of much more than just video.
The Future of Analytics So what does the future hold and how might video-based analytics evolve over the next five years? There are countless opportunities and problems waiting to be solved by video analytics. As the computing power of IP cameras continues to improve, video analytics will continue to solve more complex problems. Benefits will continue to be seen across multiple sectors, from aiding intelligence agencies to local retail outlets. There are some non-trivial hurdles to overcome in the world of computer vision with regard to lighting changes, but these pale in comparison to the greater picture – the work that is being done with edge devices and integration with the Internet of Things (IoT). Interconnected smart surveillance systems and increasingly autonomous IP solutions will become the norm in the near future. And who knows, perhaps in the distant future there may be fully predictive surveillance systems. Most have heard about the IoT, which is the network of physical devices embedded with software, electronics or sensors which allows these objects to collect and change data between IP addressable devices. There is a new term in the world of video analytics known as the Internet of Recognition (IoR), meaning computer image processing can recognise, through a single frame to many frames of video, capture and analyse any object or thing and intelligently analyse what it is and what it is doing. For example, is the object a skateboard, bike, car or truck? How fast is it going? What other data can be collected? Does it have words, phone numbers or logos and what else is in the scene? Is it a person or a crowd of people? Are they walking, running, climbing, sitting and so on. IoR will really start to bring everything together in the future and, as technology and computer processing evolves, there will be some exciting benefits. Without doubt, video analytics will be one of the most exciting areas to watch and one of the most explosive areas of growth in the security field in the next five to ten years.
SECURITY SOLUTIONS 047
BUSINESS
048 SECURITY SOLUTIONS
Three Fatal Mistakes Most Risk Consultants Make By Alexei Sidorenko
conservative risk Warning: this article may upset some
managers.
Risk management in modern non-financial companies is very different compared to five years ago. The level of risk management maturity, for lack of a better word, has grown significantly. As more and more companies across the globe are looking to implement robust risk management, the demand for risk management consultants is also growing. Unfortunately, not all risk consultants are able to generate long-term value for their clients. Here are three reasons why.
1
Selling the wrong product Non-financial companies want to buy, and many risk consultants continue to sell, risk assessments, risk management frameworks, risk appetite statements and risk profiles. What do all these products have in common? Being intentionally provocative, all these products are missing the point completely. One thing they have in common – they are designed to measure, capture or document risks, making everyone believe that risks and their mitigation are the ultimate goals of the exercise. Over the years, this tendency to treat risk management as a separate, standalone (some go as far as say independent) process with its own inputs (data, interviews, experts) and outputs (risk reports, risk matrices, risk registers) created a whole community of risk consultants who seem to be missing the plot completely. Risk management is not really about dealing with risks; risk management is about helping companies achieve their objectives and make better decisions. Okay, sometimes it may be useful to capture risks for the sake of risks and discuss them with the management team, but this should be more an exception than a norm. So, if risk management is not about risk assessments or risks, then what? Risk management is ultimately about changing how companies make decisions and operate with risks in mind.
SECURITY SOLUTIONS 049
BUSINESS
The two modern trends in risk management by far are integration into business processes / decision making and human and cultural factors. Yet it seems most of the modern risk consultants completely ignore both of them. For example: • It is fundamentally wrong measuring risk level when instead the impact risks have on key objectives or business decisions could be measured using budget@risk, schedule@risk, profit@risk or KPI@risk. • Qualitative risk analysis based on expert opinions is evil. More on this here: www.linkedin.com/pulse/risk-management- used-science-became-art-now-its-just- sidorenko-crmp • It is wrong to have a risk management framework document, when instead risk management principles and procedures can be integrated into operational policies and procedures, like budgeting, planning, procurement and so on. • It is a mistake to try to use a single, enterprise- wide approach (sometimes referred to as ERM) to measure different risks. Different risks, different types of decisions and different business processes deserve unique risk methodologies, risk criteria and risk analysis tools. Join the discussion in the G31000 group dedicated to ISO31000:2009 (www.linkedin.com/ groups/1834592) to find out more about the latest trends in risk management. As strange as it may sound, many risk consultants still have not read ISO31000:2009 or are unaware of the changes happening to the most popular risk management standard in the world (officially translated and adopted in over 65 countries in the world and currently being updated by over 200 experts from around the world). The reality is most risk management consultants sell completely wrong products. Management does not care about risks, they care about making decisions that will hold in court, making money and meeting key performance indicators. No wonder modern risk management is mainly lip service. The funny thing is that corporate risk managers make exactly the same mistakes. They too need to show value from risk management and fail to do so by focusing on risks (their domain) instead of business processes or decisions (business domain).
050 SECURITY SOLUTIONS
2
Confusing risk management with compliance Unlike many other ISO standards, ISO31000:2009 is not intended for the purpose of certification. This was a conscious decision made by the people working on the standard at the time. It is a guidance document. Risk management is just not black and white. For example, risk management is about integrating into decision making and business processes, but every organisation will find its unique way of doing so. Many consultants make a huge mistake on insisting on a single version of the truth. Nonfinancial regulators or government agencies make even bigger mistakes by taking guidelines and making them compulsory, such as COSO:ERM in the US, a bad document made obligatory for listed companies. (Read more about the new COSO:ERM at https://www.linkedin.com/pulse/cosoerm-2017review-alex-sidorenko-alexei-sidorenko-crmp) By far the best way to assess risk management effectiveness is by applying a risk management maturity model. Just keep in mind that most existing maturity models were created by consultants who miss the big picture.
Risk management in every company is unique; it is a risk consultant’s job to figure out how it all comes together to build a better risk-based organisation.
3
Failing to see the intimate details A few years ago, a friend said an interesting thing – “Risk management is a very intimate affair.” Risk management truly is intimate and unique. I have been working in risk management for over 13 years in four different countries and have seen close to 300 risk management implementations and yet every single one was unique in some way. Unfortunately, many consultants fail to dig deep enough to see how risk management is really implemented into organisational processes and into the overall culture of the organisation. Risk management goes against human nature (see research by D. Kahnemann and A. Tversky), so most of the time risk managers use techniques that are borderline neuro-linguistic programming or building an internal intelligence network. Here are just two examples: • I personally created a table tennis tournament in the company where I used to work to get an opportunity to meet all business units in informal settings and build rapport. This had a bigger positive impact than monthly executive risk committee meetings where all the same department heads were present. • A colleague created the whole operational planning procedure within the company to reinforce the need to discuss risks on a daily basis. The key takeaway is, unless specifically asked, most risk managers will never disclose how they really build risk management culture within the organisation or how they integrate risk analysis into the business. According to ISO31000:2009, risk management is coordinated activities to direct and control an organisation with regard to risk. It consists of about a 1,000 small things that risk managers do on a daily basis, most of which may not directly relate to risk. Yet it is those small things that build risk management culture within the organisation. Unfortunately, most risk consultants are quick to jump to conclusions and do not bother to dig deep enough to see all the nuances. Risk management in every company is unique; it is a risk consultant’s job to figure out how it all comes together to build a better risk-based organisation.
ZKTecoZKTeco Biometric Biometric technology, technology, the nextthe next generation generation of access of access control is control at your is at your finger tips. finger tips. Make your life sparkle with biometric innovations
M s b i
EDUCATION | HEALTH EDUCATION | GOVERNMENT | HEALTH | FINANCE | GOVERNMENT | HOSPITALITY | FINANCE | OFFICE | HOSPITALITY SUPPLY | |CHAIN OFFICERETAIL SUPPLY | CHAIN RESIDENTIAL | CONSTRUCTION RESIDENTIAL| |PROPERTY CONSTRUCTION MANAGEMENT | PROPERTY | REALMANAGEMENT ESTATE | PUBLIC | REAL-FACILITIES ESTATE | PUBLIC FAC Standalone Bio
Standalone Bio
Finger
Finger
RDF
RDF
Backlit Keypad
Backlit Keypad
Face Recognition Finger and Vein
Face Recognition Finger and Vein
IP based Door Access Control IP based Door Access Control Management C3 – 100/200/400 Management C3 – 100/200/400 TCP/IP and RS-485 communication Built -in auxiliary inputs and outputs Advance access control functions 1 door, 2 door, 4 door models Lift controls and Expansion boards
TCP/IP and RS-485 communication Built -in auxiliary inputs and outputs Advance access control functions 1 door, 2 door, 4 door models Lift controls and Expansion boards
mainline.com.au mainline.com.au VICTORIA 221 Nepean Hwy Gardenvale, VIC 3185 +61 3 9596 6688
VICTORIA QUEENSLAND 221 Nepean Hwy St. 54 Caswell Gardenvale, VIC 3185 QLD 4164 East Brisbane, +61 3 9596 +61 76688 3891 2222
QUEENSLAND WESTERN AUSTRALIA 54 CaswellUnit St. 8/14 Halley Rd East Brisbane, Balcatta, QLD WA 4164 +61 7 3891+61 2222 8 9344 2555
WESTERN AUSTRALIA Unit 8/14 Halley Rd Balcatta, WA FIND US +61 8 9344 2555
IN BOOTH FIND K28 US IN B
SECURITY SOLUTIONS 051
COVER STORY
052 SECURITY SOLUTIONS
Homegrown ISIS Inspired and Directed Terror Attacks:
Are They The New Normal? SECURITY SOLUTIONS 053
COVER STORY
By Anne Speckhard, Ph.D. and Ahmet Yayla, Ph.D. As the Syrian and Iraqi battlefields come under heavy siege and ISIS continues to sustain substantial losses, it leaders are calling for and even directing, via encrypted social media apps, homegrown terrorism in the West. As a result, we have seen airports attacked in Brussels and Istanbul; pedestrians mowndown in Nice; an attempted IED explosion in Canada; a massacre in Bangladesh - the list goes on. And it begs the question: Is this the new normal? The United States and its allies continue to achieve significant military victories against ISIS, assassinating top leaders and degrading their territory and the ability of ISIS leaders’ to finance terrorist operations through taxation and the illicit sale of oil, antiquities and sex slaves. As of May 2016, ISIS lost approximately forty-five percent of its territory in Iraq and ten percent in Syria.1 Successful military campaigns can thus be credited with diminishing the group’s ability to exercise full control over large swaths of territories and its member base, and also help stem the flow of new foreign fighter recruits to ISIS-held territories, who now take pause before traveling to Syria and Iraq. 2 However, as ISIS defectors told the authors of this article - losing their territory will not stop ISIS. The ISIS plan, if defeated on the military battlefield, is to shave their beards, blend into normal society in Syria and Iraq and elsewhere, and mount terrorist operations including guerilla style attacks. The ISIS fight is also clearly not limited to a military battlefield - the fight also needs to be taken to the Internet and social media where the digital “Caliphate” is currently winning. ISIS uses the Internet, around the clock and on a daily basis, with deadly precision, to radicalize and recruit terrorists in multiple languages having over the past few years successfully recruited an unprecedented 38,000 foreign fighters from over one hundred different countries, as well as inspiring dozens of homegrown terror attacks with their polished and prolific online campaign. In this regard, ISIS is the highest volume terrorist recruiting group to date, having attracted foreign fighters from all over the globe - including from such unlikely and far-flung places as Trinidad and Tobago, Australia and the United States.
054 SECURITY SOLUTIONS
In its online recruiting campaign, ISIS more than any previous terrorist group, has also learned to leverage social media as it produces a steady stream of Internet messaging, including carefully crafted videos and Internetbased posters, that promote their Islamic “Caliphate” as a utopian vision that falsely promises dignity, purpose, belonging and prosperity to the disenchanted, disillusioned, discriminated against and yes-even the mentally ill - who mistakenly buy into the ISIS brand. ISIS is adept at attracting the curious, then “swarming” those expressing interest (evidenced by their reTweets, Follows, and Likes) to seduce them into the group. As with all cults, when ISIS recruiters make contact, they at first cleverly meet the needs of their vulnerable recruits, providing them with a sense of belonging, mission, adventure, excitement and visions of justice, dignity and purpose as they simultaneously seduce them along the terrorist trajectory to the point where ISIS ultimately overtake the recruit’s life, using him or her as a weapon to destroy others. The ISIS narrative and plans for the West are outgrowths of al-Qaeda’s strategic messaging and plans, building into those plans the added idea of a tangible Caliphate that all can join. The ISIS narrative (as well as the al-Qaeda one that proceeded it) argues that all Muslims have an individual duty to militant jihad and are obligated to join a mythical battle that is cast as defensive, because according to ISIS Muslims, Muslim lands and even Islam itself, is under attack by the West. This view, popularized in English by Anwar al-Awlaki, the hallowed hero of both al-Qaeda and ISIS, is almost always a part of the ISIS mix for homegrown terrorism among English speaking populations in Australia, Canada, the U.S. and the UK. Anwar al-Awlaki, a charismatic imam and excellent English speaker - despite being long dead as a result of a drone strike by the United States in 2011- still manages to inspire new recruits from beyond the grave, convincing vulnerable individuals, Muslims and new converts alike, that their Islamic duty is to come to the battlefield to fight jihad and if they for some reason cannot, their duty is to bring the battle to where they live to mount homegrown terror attacks. In nearly
all homegrown terrorist attacks in English speaking countries, al-Awlaki videos have played a part including such attacks as the Toronto 18 in Canada and the recent Orlando shootings in the United States. In June 2016, Omar Mateen, the infamous Orlando shooter, claimed to act on behalf of ISIS and was found to have been viewing alAwlaki videos prior to his attack. According to the FBI, he even told a friend that he wanted to be a “martyr”. Mateen, a second generation immigrant from Afghanistan, born in America, was apparently dating gay men and frequenting gay bars but was stymied from openly coming out as gay by his highly conservative Islamic background - his parents were first generation Afghans. Mateen apparently fell for alAwlaki’s promise that by killing and dying in a “martyrdom” attack, killing the gay “enemies of Islam” he could cleanse his “sins’ and go immediately to Paradise. Believing al-Awlaki’s lies that in a homicidal death he would win the rewards of “martyrdom” and cleanse his “sins” Mateen apparently felt he had found a solution to his problem - resolving what, to him, may have seemed an irresolvable conflict between his condemned sexuality and cultural/religious beliefs. Likewise, in 2014, Shannon Conley, the American, Catholic convert to Islam attempting to join ISIS, was also found to be in possession of al-Awlaki videos as she boarded a plane in Denver. Convinced of their ideology, Conley was not dissuaded from believing ISIS lies, despite multiple visits from the FBI. She even showed FBI agents al-Qaeda guerilla training manuals she had downloaded and admitted to considering carrying out a homegrown, VIP attack inside the United States as well as naming U.S. military and police as legitimate terrorist targets. As she deepened her relationships to ISIS via the Internet, watching al-Awlaki videos, in chat rooms, and ultimately in Skype sessions with a Tunisian ISIS fighter who proposed marriage to her, Conley decided instead to travel to Syria to join the terrorist group. Thanks to a phone call by her father to the FBI, she was thwarted in that desire. The list of those convinced by al-Awlaki, ISIS and al-Qaeda recruiters of this extremist version of Islam (that most Muslims would not
ELVOX PIXEL Video Door Entry Systems Stylish and ultra-thin, the Pixel and Pixel Heavy is the latest innovation in Video Door Entry Panels from Elvox. Pixel is available in Module panels or a Digital panel. Ideal for large apartment blocks, with capacity of up to 6,400 units. Its elegant, versatile yet tough. Intuitive functionality and easy to install.
SECURITY SOLUTIONS 055
COVER STORY
recognize as their Islam) is long and continues to lengthen as we see increasing bursts of ISIS inspired and directed terrorist attacks taking place in the West. The ISIS and al-Qaeda narrative that thrives on the perceived, and real, victimhood and grievances of Muslims worldwide has become widely disseminated at this point, and is tragically, firmly entrenched in many sectors of society. The fact that a substantial number of Muslims do in fact, live under despotic dictators, live under under occupation, do not enjoy normal human rights, and are often the innocent victims of Western bombs and missiles - including women and children – while also facing discrimination and marginalization, even in Western countries, all act as powerful fuel for the ISIS narrative and need to be addressed to ultimately put an end to terrorist groups like ISIS. In the meantime, however; these perceptions and realities make it easier for ISIS, when it reaches someone who already sees the West militarily active in Islamic lands and believes that the West is at war with Islam and Islamic peoples, to take the vulnerable recruit further down the terrorist trajectory to believe in revolution, violent overthrow of the existing world order and adherence to a utopian dream of social justice, inclusion, prosperity and dignity for Muslims worldwide. Tragically, however, the ISIS “Caliphate” will never deliver any real solutions to the pressing global problems it purports to address. Nevertheless, the ISIS dream is a potent poison that many continue to consume. While luring male fighters and female wives to the so-called ISIS “Caliphate” was the priority for ISIS over the past few years as they attempted to build an actual state, they have now shifted to calling for retaliatory attacks in the West as revenge for Coalition airstrikes and to further the militant jihadi narrative and strategic global plan shared by both ISIS and al-Qaeda, which is to drive a real and enduring wedge between Muslims living in the West and their non-Islamic neighbors. With each homegrown attack in the West - from attacks using machetes, knives and improvised explsive devices to cars and trucks - like those called for by ISIS spokesman
056 SECURITY SOLUTIONS
Adnani in his June Ramadan address as well as recently circulated ISIS videos - divisions in Western society potentially deepen as fear and anger fuel growing rifts based on distrust and outright rejection on both sides. And when terror attacks carried out in the name of ISIS increases discrimination and marginalization of Muslim minorities in Western countries, when unemployment, despair and ennui increase in these sectors, this in turn fuels ISIS recruitment for even more attacks - as those carrying out those attacks believe from their own personal experiences in the West, as well as by what they see going on globally viewed through the ISIS lens, that indeed Islam, Islamic lands and Muslims everywhere are under attack and a defensive jihad is indeed a necessity. In addition to luring foreign fighters to its ranks, ISIS has also been working over the last years to recruit and quickly weapons train, ideologically indoctrinate and then turn Westerners who come to Syria and Iraq back to attacking in their home countries. Recently, a jailed German ISIS defector admitted to journalists that he was invited by ISIS to join an elite group to train for and return home to carry out attacks on German soil. He refused, but chillingly told his interlocutor that there was no shortage of ISIS volunteers to do so in France. In our ISIS Defectors Interviews Project, our defectors also told us that European members were being sent home to attack. All evidence points towards ISIS continuing its global recruiting success and we have seen that the longer ISIS goes unchallenged on the digital battlefield, the more dangerous it becomes. In the United States, Deputy Director of the FBI Michael Steinbach, states that the flood of ISIS adherents is almost impossible to keep up with and that predicting who, among the thousands of ISIS followers, is moving to violent intent is extremely difficult. Likewise the FBI reports that the time between “flash to bang” is increasingly becoming shorter, making law enforcement’s job even more challenging. And recent revelations in the Garland, Texas attacks make clear that ISIS inspired and so-called lone wolf attacks are not always what they seem. ISIS is able to communicate with and direct attacks among
The ISIS narrative (as well as the al-Qaeda one that proceeded it) argues that all Muslims have an individual duty to militant jihad and are obligated to join a mythical battle that is cast as defensive, because according to ISIS - Muslims, Muslim lands and even Islam itself, is under attack by the West. its followers through encrypted online apps such as Telegram. Indeed a Daily Mail reporter recently disclosed the undercover work of one of their reporters who was admitted into an encrypted ISIS chat room where he was coached into constructing a bomb and picking a populated London target to attack in a socalled “martyrdom” mission. Thankfully, the reporter was not a genuine ISIS adherent. The fight against ISIS is thus not only a military one—it is also a battle in the digital space, where ISIS is currently winning. The battle with ISIS must be fought through a combination of “hard” and “soft” power measures, specifically through security and preventative measures designed to diminish the flow of foreign fighters to Iraq and Syria and by targeting the ISIS Internet and social-mediabased narratives that argue that Islam, Islamic lands and peoples, and even Islam itself is under attack and that fighting to establish and uphold the ISIS “Caliphate” via terrorism and extreme brutality is the answer.
To effectively fight ISIS, we must also understand that ISIS is not just a terrorist organization. It is a brand that sells its vision of a utopian Islamic “Caliphate” and a path to justice for those who feel marginalized and discriminated against, fearful of their governments, and under attack by the others. We at the International Center for the Study of Violent Extremism (ICSVE) are working to creatively and effectively fight the digital “Caliphate” and break the ISIS brand. Over the past year we have conducted in-depth interviews with 38 ISIS defectors—Syrian, European and Balkan former ISIS fighters – men, women, teens and parents of fighters – who have shared personal horror stories of ISIS brutality and hypocrisy. They’ve born witness to Muslim children as young as six manipulated into suicide bombings; systemic rape of Muslim women as sex slaves; massacres of Muslim dissenters; and the complete perversion of their faith. As insiders to one of the most lethal global terrorist organizations to date, these defectors who joined ISIS, and then risked their lives to escape, are uniquely qualified and are the most credible voices to speak up against ISIS. They are the real and disillusioned ISIS. Using the voices of ISIS defectors denouncing the group, we are editing these indepth video interviews into short, compelling counter-narrative clips, that named with pro-ISIS names and openings similar to ISIS videos, can seduce those who are consuming ISIS products into consuming ours. But the message these vulnerable individuals and ISIS wannabes will get in our videos, is one of a disenchanted ISIS defector denouncing the group as well as the ISIS brand as corrupt, morally bankrupt, and totally un-Islamic. In this way, along with others, we are beginning to compete with the prolific online ISIS campaign, attempting to break the ISIS brand. Our products - videos and Internet memes of ISIS defectors speaking out, subtitled and produced in the languages that ISIS recruits in, can be used for education, intervention, prevention and remediation. As cult expert, Steve Hassan states, there is nothing like a former cult member to shake someone out of joining, or disengaging, with a cult once partway or all the way inside.
Our ISIS Defectors online campaign however, is not enough. Along with breaking the ISIS brand, we also need to develop professional helplines, and de-radicalization interventions to intervene with those already moving along the terrorist trajectory. We also need to acknowledge real and perceived grievances and to find creative and genuine means of meeting the needs of the individuals ISIS is able to recruit, as well as means to redirect their passion for justice, dignity, purpose and significance into meaningful and nonviolent solutions to these very real and pressing issues. Unless we take the fight to the online battlefield in the same creative and emotionally engaging manner that ISIS does, more global citizens will buy into what ISIS is selling, and as long ISIS operates online with impunity, we will continue to see attacks in the places we all routinely frequent: airports, restaurants, nightclubs, concerts, parks, trains, sporting events. ISIS attacks will tragically become our new normal. Anne Speckhard, Ph.D. is Adjunct Associate Professor of Psychiatry at Georgetown University in the School of Medicine and Director of the International Center for the Study of Violent Extremism (ICSVE). She is co-author, with Ahmet Yayla, of ISIS Defectors: Inside Stories of the Terrorist Caliphate, author of Talking to Terrorists, Bride of ISIS and coauthor of Undercover Jihadi and Warrior Princess.
Dr. Speckhard has interviewed nearly 500 terrorists, their family members and supporters in various parts of the world including Gaza, West Bank, Chechnya, Iraq, Jordan, Turkey and many countries in Europe. In 2007, she was responsible for designing the psychological and Islamic challenge aspects of the Detainee Rehabilitation Program in Iraq to be applied to 20,000 + detainees and 800 juveniles. Ahmet S. Yayla, Ph.D. is the Deputy Director of the International Center for the Study of Violent Extremism (ICSVE) and Adjunct Professor at the Department of Criminology, Law and Society at George Mason University. Dr. Yayla is co-author, with Anne Speckhard, of ISIS Defectors: Inside Stories of the Terrorist Caliphate. He formerly served as Professor and Chair of the Sociology Department at Harran University in Turkey and as the Chief of Counterterrorism and Operations Division for the Turkish National Police. Dr. Yayla earned both his Master’s and Ph.D. degrees in Criminal Justice and Information Science from the University of North Texas in the United States. Both authors are sought after counterterrorism experts and have consulted to NATO, OSCE, foreign governments and to the U.S. Senate & House, Departments of State, Defense, Justice, Homeland Security, Health & Human Services, CIA and FBI and CNN, BBC, NPR, Fox News, MSNBC, CTV, and in Time, The New York Times, The Washington Post, London Times and many other publications.
A full list of references are available upon request from admin@interactivemediasolutions.com.au
SECURITY SOLUTIONS 057
LEGAL
Q&A Anna Richards
Powers Of Attorney – What Are They And Are They Needed In Business And In Personal Life? No one ever likes to think about things like significant illness, injury or death, but the sad fact is, everyone will eventually pass on and many people become ill or injured beforehand. However, for those who own a business or are in a partnership with others in a business, then becoming seriously ill, injured or deceased is something that really should be planned for. They have an obligation to not only their family (if they have one) but also their business partners. That said, many people find planning for such possibilities difficult as it can be very technical. This article talks about an important tool called a ‘power of attorney’. A power of attorney (POA) is a legal document which allows someone to appoint a person (called an agent) to make decisions for him or to support him in coming to decisions. There are a number of different types of POAs, namely: • Specific POAs – which authorise an agent to make particular decisions. For example, in a business scenario, it may permit an agent only to make all decisions relating to selling a particular business asset at a particular point in time. • General POAs – which can authorise an agent to make quite broad-ranging decisions. • Enduring personal and financial POAs – which can authorise an agent to make decisions about financial and personal matters. • Enduring medical treatment POAs – which can authorise an agent to make decisions about medical and health matters, but also about withdrawal or refusal of medical and health treatment.
or continuing in nature. A POA that is not expressed to be enduring ceases to have effect when the person who made it loses capacity. That is, it cannot be validly used, for example, when the person who made it: • is anaesthetised during an operation and hence lacks capacity (usually temporarily); or • lacks capacity due to dementia or a similar illness (usually permanently). On the other hand, an enduring POA operates even after the person who made it loses capacity, whether temporarily or permanently.
The Difference Between a Non-Enduring and an Enduring POA There is another important difference between POAs; that is, whether or not they are enduring
injured or deceased is
058 SECURITY SOLUTIONS
Does a POA Operate After the Death of the Creator? Many people mistakenly think that a POA is similar to a will in that it gives the agent power to make decisions (for the person who made it) after his or her death. This is not correct. A POA ceases to operate after the person who made it dies. So, for example, it is not lawful for an agent under a POA to start transferring money out of the bank account of the person who made it once that person has died. Similarly, in a business setting, it is not lawful for an agent who is a business partner to transfer funds out of the business accounts and elsewhere after the business partner who made the POA has passed away.
For those who own a business or are in a partnership with others in a business, then becoming seriously ill, something that really should be planned for.
There are enormous differences between the powers that a POA provides to an agent and those which are bestowed on an agent (referred to as an executor under the very different type of legal document called a will). Hence, it is very important to understand that an agent under a POA is not the same thing as being an executor under a will. The roles are very different and what each is empowered to do and when are very different. The Different Types of POAs This article focuses on enduring POAs; that is, POAs which continue to operate after the person who made it loses capacity. Enduring Personal and Financial POA In summary, an enduring personal and financial POA permits the agent to make decisions about matters such as: • where the person who made the POA lives • who is permitted to associate with the person who made the POA • general medical and health care decisions about the person who made the POA (but not about refusal or withdrawal of medical treatment) • when the person who made the POA should move from his former home to higher level care accommodation (such as a nursing home) • what doctors and other professionals the person who made the POA should consult. Obviously, there is an enormous amount of power given to an agent under this type of POA. For that reason, the person making it should be very careful when deciding on who he wants to be his agent. It may be that the person making the POA wishes to appoint different agents to make decisions about personal matters (lifestyle matters) as opposed to financial matters. Further, he or she may wish to appoint only a
LEGAL
Q&A
single agent at a time to make such decisions or may wish to appoint two or more agents to make the decision jointly. Enduring Medical Treatment POA While the ‘personal’ aspect of the personal and financial POA also deals with medical and health-related decisions, an enduring medical treatment POA is also needed. There are two main reasons: • The first is that a medical treatment POA trumps the power provided to an agent under an enduring personal and financial POA. That is, a person given power as an agent under an enduring medical treatment POA can override the decision of a person or persons with power about medical and health matters under a personal and financial POA; and • The second and important reason is that an enduring medical treatment POA only allows a single agent to be appointed to make decisions at a particular time. This fact means that there can be no dispute between multiple agents about potentially life-altering decisions. Imagine that the person who made the POA has suffered a stroke and the surgeons request the agent to make a decision as to whether they should operate and potentially save his life, but there is a great likelihood of him suffering severe brain damage and never recovering normal functioning. If there were several agents who were required to make the decision jointly, there is clearly a high risk of a dispute arising between them as to what decision to make. Obviously, this cannot occur in the case of a medical treatment POA where only a single agent has power at a particular point in time. The Difference between a Will and a POA The difference between a power of attorney and a will is absolutely vast. The real confusion about them arises from the fact that most
Anyone who has firm views about not wanting to be revived in the case of suffering a major illness or accident needs to have an enduring medical treatment power of attorney as well as a personal and financial one in place.
clients make the two types of documents (usually through a lawyer) at the same time, but that is where the similarity ends. A will is a document which expresses how the person who made it (known as the testator) wishes to dispose of his or her property and liabilities upon his or her death. It does not have any effect until the maker passes away. In stark contrast, a POA is designed to only have effect during the lifetime of the person who made it. It ceases to have effect once that person passes away. Points to Take Away If one or more business partners have to authorise certain business decisions jointly, such as signing cheques jointly, all such partners should make a specific POA so that the business does not come to a halt if something happens to one or other of them. Anyone who has firm views about not wanting to be revived in the case of suffering a major illness or accident needs to have an enduring medical treatment POA as well as a personal and financial one in place. Care should be taken in deciding who to appoint as a particular agent. A partner
might be fabulous in financial matters but go to pieces when it comes to life-threatening decision making. Consider carefully whether a separate person can make decisions about certain issues or whether it is preferable for that agent to also have to come to a decision with others. Remember that, in relation to a medical treatment POA, only one agent can be appointed at a time.
Anna Richards is the Legal Director and a lawyer from Victorian Legal Solutions Pty Ltd and practices in the areas of Commercial Law including Commercial litigation and other areas. Anna Richards and Victorian Legal Solutions can be contacted on: (03) 9872 4381 or 0419 229 142.
Whilst every effort has been taken to ensure its accuracy, the information contained in this article is intended to be used as a general guide only and should not be interpreted to take as being specific advice, legal or otherwise. The reader should seek professional advice from a suitably qualified practitioner before relying upon any of the information contained herein. This article and the opinions contained in it represent the opinions of the author and do not necessarily represent the views or opinions of Interactive Media Solutions Pty Ltd or any advertiser or other contributor to Security Solutions Magazine.
SECURITY SOLUTIONS 059
FEATURE ARTICLE
060 SECURITY SOLUTIONS
Cyberfr aud Trends
SECURITY SOLUTIONS 061
FEATURE ARTICLE
By Clive Williams
Cyberfraud and cybertheft tend to be underdetected and underpunished in most countries, including Australia, but it is estimated the amount being stolen from corporations worldwide at present totals approximately $4.9 trillion a year – or close to five percent of global gross domestic product (GDP). Australia’s GDP in 2015 was $1.62 trillion. Most fraud and financial crime today is conducted over the Internet, which has made it much easier to conduct, is cost-free for phishing, less risky for perpetrators and far more lucrative. While most people are familiar with the daily fraud threat in the form of ‘419’ emails from scammers saying ‘Your Account Payout $2,815.48 is Pending’ or asking them to click on a link so they can unknowingly download malware, the big money is in targeting corporations. Financial institutions are a prime target, but they often do not publicly acknowledge losses unless they are too large to hide. Larger scale corporate cyberfraud is a group activity – the average successful fraud by an individual is $106,000; for fraud by a group it is $664,000. At present, the most sophisticated criminal hacker groups are located in Eastern Europe. The best Asian hackers are currently working for Asian governments, but it seems only a matter of time before they start to freelance against the Australian corporations they hacked as government employees. One of the biggest cyber heists in the past year was the attempt in February 2016 to steal $1.26 billion from Bangladesh Bank by subverting the inter-bank transfer system. The thieves managed to steal $107 million before a sharp-eyed employee at Deutsche Bank noticed a typo in one of the fraudulent messages and raised the alarm. Thanks to human intervention, most of the money was saved. Even so, two-thirds of businesses have no analytical capability to detect potentially suspicious transactions. Cyberfraud by insiders within the banking industry can generate enormous losses for
062 SECURITY SOLUTIONS
Most fraud and financial crime today is conducted over the Internet, which has made it much easier to conduct, is cost-free for phishing, less risky for perpetrators and far more lucrative.
the banks, but usually attracts relatively light penalties for the offenders. In 1995, derivatives broker Nick Leeson caused the collapse of Barings Bank with the loss of $1.4 billion. Leeson was sentenced in Singapore to six and a half years’ jail, but served less than four. In November 2012, Kweku Adoboli, a UBS bank trader, was convicted of causing the biggest unauthorised trading loss in UK history, costing the bank $2.2 billion. He was sentenced to seven years’ jail but was released in June 2015. The US is less lenient with corporate fraudsters. The aptly named Bernie Madoff, who made off with $24 billion of his clients’ money, received 150 years in 2009 and is unlikely ever to be released. In the UK, the Annual Fraud Indicator Report 2016 estimates that the annual loss there through fraud could be as high as $332 billion – nearly quadrupling the government’s estimate. There is no comparable data for Australia, but identified trends would probably be similar, with the greatest corporate losses being suffered through procurement fraud. This includes false invoicing and gaining contracts through bribes. Payroll fraud was another significant growth area, along with
charity-related fraud. In the mortgage lending area, 84 out of every 10,000 applications was suspected of being fraudulent. Insurance sector fraud was another concern. Most of the fraud was conducted electronically. While the main target was corporations rather than individuals, increased corporate costs were soon passed on to consumers in the form of higher costs for goods and services. Meanwhile, UK fraud against individuals was estimated at $16.7 billion a year, with identity fraud being the largest single contributor. Most of those who had their identity stolen were members of Generation Y who put too much information about themselves on Facebook, Twitter, Google+, LinkedIn, Instagram and Pinterest, or were careless in their communications using Gmail, Outlook, Yahoo, Skype, WhatsApp and Snapchat. There is no reliable data for global taxation fraud, but it is known that some $1.46 trillion leaves developing countries illicitly for tax havens each year. In addition, many multinationals are still juggling their books to evade (they say avoid) paying tax in higher taxing jurisdictions. Taxation fraud by wealthy individuals from developed countries is now under greater scrutiny as a result of tax haven
leaks. Another valuable source of intelligence has been information sold to tax offices by those on the inside of the tax evasion industry. However, a problem faced by tax offices is the sheer volume of electronic data that now has to be investigated. For example, the Panama Papers leak in 2016 of 11.5 million records comprised 2.6TB (2,600GB) of data. This compares with WikiLeaks in 2010 at 1.7GB, Offshore secrets in 2013 at 260GB, the Luxembourg tax files in 2014 at 4.4GB and the HSBC files in 2015 at 3.3GB. Electronic data can, of course, be searched more quickly than hard copy, but investigators still need to know what they are looking for and analysis is manpower intensive. To make matters worse, the data may be in a foreign language or encrypted. Just to give readers an idea of the scale of the task for taxation offices – 1GB of data equates to 900,000 A4 printed pages. (An average book is 350 pages.) This is no doubt why the Australian Taxation Office has an amnesty for so far unidentified tax evaders to come forward and pay up without suffering a penalty, other than being red-flagged for future tax submissions.
Four cyber trends will inevitably make cybercrime easier and losses greater: • the exponential growth in digital channels and data sources such as web analytics and social media • the growth in mobile banking and electronic transactions with capable smartphones • the commercial fusion of personal and corporate data • exploitable grey areas related to personal data sharing and protection of customer information. Potential cyberdefence measures for corporations include: • layered defences • increased staff awareness • advanced counter-fraud strategies • intelligence sharing on emerging cyberthreats • improved customer and invoice verification • paying bounties to ethical hackers (who report system vulnerabilities) • fast computer-led reaction to transaction anomalies • becoming familiar with cybercriminal groups and their capabilities.
For those who like it simple, the cyber trends can be summed up from a risk-management perspective as: increased consumer convenience = higher corporate profits = increased cybercrime opportunities! It will be many years before the white hats are likely to have the upper hand. According to Cisco and ISC Squared (a security certification body), there is a global shortfall today of one million cybersecurity professionals and this will rise to 1.5 million by 2019 because very few universities worldwide are providing courses for the new profession of cybersecurity. To help British industry, the UK’s signals intelligence (SIGINT) organisation, GCHQ, now runs cybersecurity summer camps, sponsors academic bursaries and holds cybersecurity training days and competitions. GCHQ has also created a cyber excellence accreditation for British universities and master’s programs addressing the education shortfall. Clive Williams is an adjunct professor at the Australian Defence Force Academy and an honorary professor at the Australian National University’s Centre for Military and Security Law. He is currently working in the UK.
SECURITY SOLUTIONS 063
LOSS PREVENTION
Team Defence –
The New Weapon In Preventing External Retail Theft 064
By Darren Egan As a bricks and mortar retailer, how is the ever present risk of external theft combated, how can the risk of external theft be dramatically reduced without blowing the budget on the latest expensive loss prevention gadgetry and/or employing additional staff resources and, last but not least, how can external theft be stopped, or at least slowed, in its tracks? To answer the above questions, it is necessary to first look at what external theft is, while exploring its effect on a retail business. External theft by definition is shoplifting/shop theft/stealing. It is a criminal offence which is punishable by law. In its base form, external theft robs retailers of their valuable product, which has a flow-on effect to the retailer’s ability to generate sales and, ultimately, make a profit. Worse, much of what is actually stolen from a retail business is not recorded. This non-recorded merchandise becomes unknown wastage. Unknown wastage is a double negative in that, aside from being financially lost to the company, the unrecorded stolen merchandise remains on a retailer’s
inventory – thus the product will not be restocked until the company’s next stocktake cycle. Given that external theft is bad news for retailers, how can it be stopped in its tracks? Answer = Team Defence Team Defence uses existing company resources to mitigate and ultimately control external theft. As a concept, it can be used across ALL areas where a retail business experiences loss/wastage. In this article, Team Defence will be discussed within the boundaries of positively impacting external theft and, by extension, its unwanted side effect – unknown wastage. At its core, Team Defence deals in the enabling of a retailer’s most abundant resource – its staff – towards controlling external theft. Adopting a six step Team Defence strategy is relatively simple, costs virtually nothing to roll out and in return gives a retailer the ability to reduce external theft to a potentially large degree (for results see the practical example on the next page).
065
LOSS PREVENTION
The six step Team Defence strategy is as follows: 1. Aware: Staff to always be aware of any suspicious customer behaviour/activity. 2. Alert: Raise the alarm via a store bell/ intercom for team response. Security and/or police to be notified if required. 3. Approach: Staff to approach customer/ suspect and offer customer service. 4. Defend: Staff to fall back to store entrance and begin customer service and/or bag checks. 5. Report: Staff to report on any stolen or recovered merchandise. Police and/or security to be notified if required. 6. Assess: Assessment of incident to correct any operating deficiencies going forward. The success of Team Defence can be measured by the following three parameters: 1. Known (store recorded) wastage going up. 2. Unknown (non-recorded) wastage going down. 3. Overall wastage (known and unknown) going down. To achieve success, Team Defence requires: 1. a six-step Team Defence strategy poster made available to all front-line sales staff 2. a strong vision backed up by equally strong leadership 3. a positive mindset 4. a focus not on stopping shoplifters, but empowering company staff to prevent shoplifting 5. everyone (from the lowest pay grade to the highest) being an automatic member of Team Defence 6. up-skilling of staff to report suspected shoplifters to security and/or police 7. measurement of key result parameters going forward. For larger retailers to achieve substantial external theft reductions, a Team Defence strategy requires several additional support structures. These structures should come in the form of an incident report form and a weekly loss prevention newsletter. Incident reporting encourages staff to widen their focus within their respective store or sales department environment. A weekly newsletter publishes results gained from the incident reporting process. The newsletter should focus on topical issues and not strictly company policy and procedure (which most staff will not read), while reporting on positive anti-theft measures taken
066
At its core, Team Defence deals in the enabling of a retailer’s most abundant resource – its staff – towards controlling external theft. by staff (which most staff will read). To maximise staff investment, it is fundamentally important that reporting staff are given published feedback (using first names) and that the nature of the feedback is universally positive. For regional managers, incident reporting should become a key performance indicator, the key measurement being geared towards store participation as opposed to the volume of incident reports being generated. Practical Example An external theft Team Defence strategy as described above was rolled out to a 50-store, multi-site retail company employing 500 sales staff. Two financial years after implementation, the following key result data was recorded. Year 1: • store (monthly) incident reporting participation: 53 percent against 44.5 percent previous financial year • company total unknown wastage reduction against previous financial year: +10.1 percent • company total known wastage increase against previous financial year: +12.0 percent • total reported stock recovered/stolen: $51,736 against $34,014 previous financial year Year 2: • store (monthly) incident reporting participation: 63 percent against 53 percent previous financial year • company total unknown wastage reduction against previous financial year: +23.0 percent • company total known wastage increase against previous financial year: +6.5 percent • total reported stock recovered/stolen: $62,419 against $51,736 previous financial year General feedback of Team Defence In line with the recorded results, the feedback from staff is universally positive. This is because front-line sales staff are empowered to prevent shoplifting in a way which is simple, effective and supportive. Line managers recognise the value of
Team Defence through positive wastage results and not having to commit additional resources to tackle an age-old problem. Regional and senior managers see positive outcomes in key waste areas, including the most important key area of all – the company bottom line. How far can Team Defence Go? With regards to external theft, a Team Defence approach can be employed not only to tackle shoplifting but also counterfeit and change scams, activities that should also be routinely recorded and published via the incident reporting and weekly newsletter process. Counterfeiting in particular has experienced a rapid rise across the general retailing sector. To deter this scourge by as much as 90 percent and upwards, adopting a simple scrunch testing of notes (typically $50 and $100 denominations) is imperative. In terms of where Team Defence starts and ends, the answer is limited by a retailer’s ability to get to the root cause of business loss. Ultimately, Team Defence is a concept that ties company policy and procedure together; it is about building a retail environment conducive to process. Team Defence can be extended to the following areas of business risk: • cash handling and cash discrepancy • internal theft • register errors • store security • staff safety. Finally, in a volatile and hugely competitive retail sales environment, any advantage in generating bottom line savings can be vital in not only meeting but also enhancing a retailer’s profit expectation. As a concept, a Team Defence approach to company risk has the potential to transform the face of traditional loss prevention practice, in the process making the role of business risk a truly integrated and seamless function. Darren Egan has 15 years of experience in the loss prevention field and is the Loss Prevention Manager for the Star Retail Group.
MORE REACH
than ever before
Security Solutions Magazine digital version is now available via ISSUU on every platform, everywhere! Download it now and enjoy your favourite security magazine when you like, where you like, however you like. PC, MAC, Linux, Apple, Android, Google and more...
issuu.com/interactivemediasolutions
SECURITY SOLUTIONS 067
FEATURE ARTICLE
068 SECURITY SOLUTIONS
Countering NewStyle Terrorism: Leveraging On Rehabilitation, Local And International Cooperation
SECURITY SOLUTIONS 069
FEATURE ARTICLE
By Marcus Toh Terrorist attacks such as September 2011 in the United States (9/11) and the attacks in Spain (11th March 2004) and Britain (7th July 2005) have marked the dawn of global terrorism (Martin, 2004). In this new era, terrorism is increasingly seen in a different dimension than traditionalists’ objectives, as it knows no bounds and no boundaries (Netanyāhû,1981). Newstyle terrorism is attributed to the effects of globalisation (Giddens, 2005). In contrast to the old-style terrorism, with its localised objectives within traditional nationalist ideology (Pojman, 2006), new-style terrorism represents a network of actors stretching across many countries with ideological-based geopolitical drivers, rather than mere national ambitions, using the mass media and willing to cause greater damage in the pursuit of its cause (Sanchez, 2009). While acknowledging that terrorism is not a new phenomenon, new-style terrorism is very much international in nature (Netanyāhû,1981). Increasingly, the repeated use of ideopolitical driven violence by non-state actors affecting multiple states is being witnessed around the world (Ozeren et al, 2007). The purported objective of this current wave of ideopolitical terrorism is the restructuring of the new world society; that is, recreating an Islamic society stretching from the Indian subcontinent into Europe (Giddens & Griffiths, 2006). Consequently, instead of immediate, localised political objectives, newstyle terrorism is more associated with long-term fundamentalist goals in the name of a hijacked religion, drawing its support and sponsorship from countries and organisations not necessarily focused on competitive national or alliance power politics. Furthermore, new-style terrorism is far more ruthless in its targeting of innocent parties towards achieving and advertising its goals (Aubrey, 2004). Through international violence, new-style terrorists believe they can finally attract world-wide attention and support to themselves and their cause (Hoffman, 2006). While the central theme of new-style terrorism lies in an ideological driver to create an Islamic state (Helsloot et al, 2012), such terrorism is not based on the Islamic religion, as stating
070 SECURITY SOLUTIONS
such implies that all Muslims are terrorists (Salhani, 2011), which is far from the case. Instead, the Islamic State (ISIS), which has been increasingly seen as the face of new-style terrorism (Ubeysekera, 2016), has conveniently and cleverly used it as an ideology with radical interpretations to reach its political objectives (Ozeren et al, 2007).
Instead of immediate, localised political objectives, newstyle terrorism is more associated with long-term fundamentalist goals in the name of a hijacked religion… Further cementing changes in new-style terrorism are technological shifts in society, amplifying both the causal message and recruitment strategies through advancements in internet communications, especially social media, along with the volumes of available open source information, which combined have changed the very nature of terrorism (Akhgar et al, 2015). The internet facilitates connections and also affords a degree of anonymity, while sharing information on weapons and recruiting tactics, arranging surreptitious cross border fund transfers and attack planning (Mentan, 2004). Consequently, the same aspects that make cyberspace attractive for individuals, businesses and governments also makes such connectivity attractive for terrorist groups (Silke, 2003).
Through the use of technological advancements, ideological framed messages of oppression and revolution have been the key drivers of radicalisation, acknowledging that individuals are more likely to become terrorists if they agree that any form of violence is legitimate (Committee, 2012) in the furtherance of their cause. Rapid technological changes have provided the contemporary settings and avenues for such radical messages to flourish. Previously, individuals may have thought twice before sharing extremists’ views. However, the advent of the internet, and in particular social media platforms, has provided individuals the confidence through collaboration, sharing of ideas and files with like-minded extremists, ultimately leading to violent acts (Torok, 2016). Increasingly, through various forms of social media and isolated chat rooms, terrorists are able to target and exploit the vulnerabilities of those disaffected and marginalised individuals in society, recruiting and radicalising pliable persons. This has led to an increasing trend in individuals leaving their country to fight in Syria, or at home, engaging in lone-wolf plots and attacks across the world, such as Ottawa’s Michael Zehaf-Bibeau and Sydney’s Farhad Khalil Mohammad Jabar. Due to structural and technical shifts in terrorism, there have been substantial changes to the global security landscape. In the name of security, new laws and legislation to counter terrorism have been enacted, such as the USA’s Patriot Act and cybersecurity legislation. While this has led to controversies, with critics arguing that such laws are overly broad and may erode fundamental freedoms along with the role of the independent judiciary (Fu et al, 2005), heinous events like 9/11 have created significant social and political pressures to use all available tools to identify, locate and interdict terrorists before they repeat such actions in the future (Nunn, 2003), termed pre-emptive security. Nevertheless, such anti-terrorism laws, while controversial, have seen successful cases. For example, Singapore’s Internal Security Act (ISA), legislation originating from British colonial days to counter violence by pro-Malayan communists, empowers the
Increasingly, through various forms of social media and isolated chat rooms, terrorists are able to target and exploit the vulnerabilities of those disaffected and marginalised individuals in society, recruiting and radicalising pliable persons.
government to detain and suspend a person of his normal right of a court trial with possible extensions of a two-year detention order. The Singapore government has used the ISA for the preventive detention, but with a rehabilitation focus, of alleged terrorists. Under Singapore’s comprehensive rehabilitation program, consisting of religious counselling by volunteer Islamic scholars, psychological counselling to cope with stress, community involvement and family support (Rabasa et al, 2010), this approach has seen 80 percent of the 72 people detained under the ISA for terrorism-related activities since 2002 released and re-integrated back into society (Channel NewsAsia, 2016), indicating a degree of effectiveness in the strategy. Given the unknown and evolving threats posed by new-style terrorism, the counterterrorism narrative has provided new impetus for effective local, regional and international cooperation (Van den Herik & Schrijver, 2013). For instance, in Singapore at the local level, businesses and private individuals have also been more willing to cooperate and collaborate with the security agencies. This can be seen where non-security staff such as check-in staff, taxi handlers and cleaners were roped in and trained to identify anyone or anything amiss at Singapore Changi Airport (Heng, 2015). Moreover, the limited capabilities of an individual country to fight this new-style terrorism has heightened the importance of international cooperation and intelligence sharing (Orttung & Makarychev, 2006). While countries have been previously reluctant to volunteer and share information or intelligence due to the need to preserve counter-technologies or political rivalry (Centre of Excellence Defence Against Terrorism, 2007), the adoption of the UN Global Counter-Terrorism Strategy (UNGCTS) in September 2006 by the UN General Assembly paved the way for increased cooperation among member countries. Increasingly, agreements on international cooperation have been signed, such as the agreements between the Association of Southeast Asian Nations (ASEAN) and the USA, Japan and Australia on the sharing of information to fight
against terrorism (Beyer, 2010). In Singapore, the International Centre for Political Violence and Terrorism Research was formed to facilitate this sharing and capacity building where it aims to reduce the threat of violent extremism using a three-pronged approach: conducting research for current and emerging terrorist threats through a global pathfinder database; specialist training for law enforcement officers; and performing strategic counterterrorism projects, including ideological, legislative and development initiatives (Combs, 2015). The asymmetric nature of new-style terrorism has presented new and difficult challenges for countries and security agencies. The challenge has been compounded given the advent of information technology brought about by increased globalisation. Hence, terrorists’ extremist ideologies have spread easily among individuals and communities and this has resulted in more self-radicalised individuals and terrorist cell groups sprouting in different geographical locations. Nevertheless, given the success exemplified by Singapore to date, perhaps the answer to combat this new-style terrorism lies in a comprehensive rehabilitation program and leveraging on local and international cooperation. Consequently, it could be argued that to counter the radical messages amplified through the mass media and internet, an extension of the approaches globally could help counter the threat of online radicalisation.
For a full list of references, email admin@ interactivemediasolutions.com.au Marcus Toh holds a Bachelor of Science (Hons) in Business and Management Studies from University of Bradford and has over 10 years of experience in the security industry. He is currently completing his Master of Security Management program at Edith Cowan University in Western Australia.
SECURITY SOLUTIONS 071
AVIATION ALARMSSECURITY
Lesson From A Recent Contract
072 SECURITY SOLUTIONS
By Steve Lawson Last month, AvSec Consulting was contracted to look at the aviation security arrangements of one of our neighbours. It is not well off economically and has a low threat environment. The people from the head of the regulatory authority to the newest person in the aviation security unit were genuinely trying to do the right thing, not simply for their country but for aviation. How is that interesting to the general security industry? Following the project, we took a moment to consider a number of questions raised by the contract. To be fair, most were ethical rather than practical issues, but they were worth taking the time to consider. In this article, the following three will be considered: 1. Over servicing. 2. Client knowledge. 3. Transfer of risk. Over Servicing This client knew that there were many issues; in fact, they were overwhelmed by the number they thought existed and, like many, did not know where to start. We looked at their issues and could see how easily someone could become swamped; however, with the appropriate approaches, the problems were manageable. That is the job of the security consultant – to use his knowledge and experience, take what seems an overwhelming problem, simplify and break it down into manageable chunks and provide the client with a clear solution. By now many readers may be saying, “Yeah, yeah…101 Basic for security consultants”, but here is the question. How many consultants over service the client and forget that their first loyalty should be to the client and not ‘how can I spin this to make money or recommend a particular product’? As mentioned, this client is not well off economically and a few years ago they accepted the assistance of a European nation. The Europeans contracted a consultant who implemented a two-year project and probably made a reasonable amount of money – fortunately from the European nation and not from our client. To be fair to the consultant, the work they did was of a high quality, but it addressed high-level issues rather than the reasonably obvious basic issues that plagued our client. Their solutions did not directly address
the roots of the problem and, consequently, not much changed over the two years, as highlighted in a subsequent International Civil Aviation Organisation (ICAO) audit where over 100 corrective actions were found. Following the two-year project, some reasonably expensive security equipment was installed, but they failed to remedy many reasonably basic issues, such as putting locks on airside departure doors that were only secured by a drop bolt that passengers could and did open! The client did not say anything about being disappointed by the European consultant; rather, they were grateful for any assistance, but we did note that following that project they were given an offer of further assistance by a rather large non-government organisation (NGO) to rewrite legislation (that the Europeans had already re-written). The draft legislation developed by the NGO was very, very well written and any first-world nation would be happy, but as our client tried to explain to the NGO, they needed simple legislation that addressed their needs, not the needs of a major nation, so in the end they declined the assistance. We have come across this before, where a consultant is hired by a government that is providing assistance to a poorer country and the consultant produces recommendations that are beyond the client’s needs or even their ability to implement the recommendations. Is that over servicing? It could be argued that the consultants did exactly what their client wanted. However, was there value for money and were the needs of the end client achieved? I would suggest no and that this is over servicing. I am not suggesting that we do not want to make money, but we presented a report that was to the point, we noted the issues facing our client, but focused on broader themes and we did not overwhelm them with recommendations – we did not recommend a single product. More importantly, we focused on what was achievable and gave them a roadmap to lead them to having an effective and secure operation that was appropriate to their threat level and expertise. Client Knowledge We were again reminded to never assume the level of the client’s knowledge. After all, one of the reasons they hire a consultant is for their
SECURITY SOLUTIONS 073
AVIATION ALARMSSECURITY
That is the job of the security consultant – to use his knowledge and experience, take what seems an overwhelming problem, simplify and break it down into manageable chunks and provide the client with a clear solution. knowledge. When we went into this project, we expected a reasonable level of knowledge and, in one meeting, of the seven people in the room five had degrees from Australian universities. There were also people who had worked in airports and/or security for a number of years, but in many cases, their only aviation training was whatever they could pick up on the job or from co-workers. We were quickly reminded that sometimes people do not know the most basic thing. Regularly, we would ask a question just to be told that they complied with ICAO Annex 17 – Security – Safeguarding International Civil Aviation, which is the foundation of international civil aviation. As an example, we asked about the X-ray screening equipment and were told by a person in a management role that it complied with ICAO Annex 17. Annex 17 does not set standards for screening equipment or its use. In fact, it only deals with screening and equipment in broad terms: • “Each contracting state shall establish measures to ensure that originating passengers of commercial air transport operations and their cabin baggage are screened prior to boarding an aircraft departing from a security restricted area.” • Screening simply means “The application of technical or other means which are intended to identify and/or detect weapons, explosives or other dangerous devices, articles or substances which may be used to commit an act of unlawful interference.” The screening of passengers and cabin baggage is dealt with in four standards and contains no operational detail. These standards are so wide that they allow each contracting state to decide what is adequate screening equipment and methods. For instance, the ADE 651 is a device used at an airport within the Asian region and allowed by at least one contracting state as an aviation security measure. The device is little more than a
074 SECURITY SOLUTIONS
glorified dowsing rod. If that equipment was used for last point of departure (LPOD) flights into first-world contracting states or onto their aircraft, it is likely that those contracting states would require additional screening measures. Even what is meant by weapons is not defined by Annex 17 or the ICAO Security Manual (Doc8973/9) – the definition of weapons and other prohibited items is left to the contracting state. Consequently, what is defined as a weapon by one contracting state may not be defined as a weapon by others. An example is the Swiss Army Knife, which is not considered a weapon in Switzerland, but it is in a number of other countries. Transfer of Risk Aviation security must be appropriate to the assessed risk for the airport – what is a reasonable security solution for Israel’s Ben Gurion Airport is not necessarily an appropriate response in lower threat environments. As part of our report, we did a threat assessment (a full risk assessment was not part of the brief) and assessed the threat to this particular nation as low. That does not mean that they should abrogate all security responsibilities but, for example, they do not need to invest in a large number of computed tomography X-ray machines at check-in as there are much more appropriate ways of ensuring security. However, they were concerned that as they were an LPOD to ports that were under a much higher threat, terrorists could use them as a gateway to those other ports. We also think that those other nations may have applied pressure on them to increase security. This seems to be becoming a concern to a number of first-world and more affluent regulators as they try to, understandably, push the threat away from their borders. The result is that they not only move the threat response, but they also push a large portion of their security costs and responsibilities onto their neighbours, forgetting that many do not have the financial
resources, training, equipment or expertise to comply. More worrying is that it seems that many of these larger players are trying to make the response to their threat the aviation security standard for the world. So, here is an ethical question: how much of the cost of responding to a threat to country A should be put onto an LPOD in country B? There is no simple answer. Countries that impose strict LPOD rules tend to take a one-size-fits-all approach, which sometimes is not reasonable and in many cases is not fair to the weaker and poorer countries. The ethical answer is that if the threat is aimed at a particular country, that country should pay; however, that is not the real world and people like our client will continue to try their best. Conclusion At the end of any project it is worth sitting down and not just reviewing the report and what could have been done better, but to also look at what lessons were learned from the project and maybe just remind yourself of your role in the overall scheme of things.
Steve Lawson has over 20 years of experience in aviation security. As a Security Executive with Qantas Airways, Steve held a number of senior management roles covering all aspects of aviation security from policy development to airport operations. He was sent to New York immediately following the 9/11 attacks to manage the Qantas response and undertook a similar role following the 2002 Bali Bombings. On his return to Australia, he was appointed Security Manager Freight for the Qantas Group. Since 2007 he has been a Director of AvSec Consulting in partnership with Bill Dent, a fellow former Qantas Security Exec. Today Avsec Consulting provides consultants from the US, NZ, ME, Israel and Europe. Steve can be contacted on: 0404 685 103 or slawson@avsecconsulting.com
the peak body for security professionals. 075 SECURITY SOLUTIONS
076
The Myths About IP Versus Traditional Access Control By Christopher Nunn
As the popularity of IP (Internet protocol) CCTV continues to grow, manufacturers, integrators, consultants and, most importantly, clients are increasingly looking at IP for their other security system solutions. The IP electronic access control technology, while not as mature as its CCTV counterpart, is becoming more common as manufacturers try to emulate the successes of IP CCTV. As with the initial introduction of IP CCTV, a number of myths regarding the capabilities of IP access control are regularly being encountered within the industry. Below, some of these myths are examined and the advantages and disadvantages of IP access control over traditional RS485 systems are explored. Myth: there is no real difference between IP and traditional RS485 access control systems: IP electronic access control, as opposed to the traditional RS485 systems, uses Cat 6 cables and utilises PoE (power over ethernet) instead of copper RS485 transmission cables and a dedicated low-voltage power cable. In RS485 systems, copper cables are run between access control panels and door controllers and from door controllers to the readers, locks and other devices at the door. The control panels and door controllers are usually installed in a dedicated security/IT (information technology) room or communications riser. In IP systems, however, Cat 6 cables are run from PoE switches installed in the security/IT room or communications riser (in lieu of control panels and door controllers) directly to the readers at the door.
IP access control systems provide a number of benefits over the traditional RS485 access control systems. As mentioned, there is no need for control panels as the intelligence is direct to the door. In IP systems there is no longer a need for power supply units (PSUs), as IP utilises PoE. An IP system allows remote diagnostics, as each door is networked. IP systems require less cabling, as IP electronic access control utilises Cat 6 cables which provide transmission and can utilise PoE. RS485 systems, on the other hand, require separate transmission and power cables. There are, however, some disadvantages of IP over RS485 access control systems; the main one being that, even though the readers are IP, the locks and reed switches are often not. This means that RS485 copper cables and dedicated low-voltage power cables still need to be provided to these devices. Another disadvantage of an IP system is that cable runs between switch and reader are normally limited to 100m.
SECURITY SOLUTIONS 077
Myth: IP access control is relatively untested compared to traditional access control: While IP might be newer in terms of its rival, RS485 copper, with regard to electronic access control systems, the IP technology itself is a mature, well-tested and proven technology. IP access control can also draw on the vast experience and knowledge of the IT industry. Depending on what topology is used, IP access control systems can, in fact, be more reliable than the traditional RS485 systems that they are replacing. In RS485 systems with access control panels and multi-door controllers, a single point of network failure can render multiple doors inoperable. IP systems negate this risk since each door is independently connected straight into the network. A single point of failure in this case will result in just the one door being inoperable. Myth: IP access control is more prone to failure: Networks have become such a critical asset to organisations that any downtime has significant ramifications financially, operationally and from a security perspective. Since organisations these days are so reliant on their networks, a significant amount of redundancy is usually factored in. The security vulnerabilities encountered by a network failure on IP access control systems is no different to the vulnerabilities encountered by a power failure on RS485 systems. For both network failure and power failure, doors will be either fail safe or fail secure, resulting in doors being either insecure or inoperable. In IP systems, the intelligence is at ‘the edge’, meaning the systems intelligence, copy of database and ability to make access granted or denied decisions is located in the readers at the door. In RS485 systems, the intelligence is centrally located in the access control panels. What this difference means for IP systems is that, in the event of network failure, the readers can continue to operate and grant or deny access as per usual. Once the network is back online the readers can then upload the access history that occurred during the network outage to the operator workstation. This functionality further ensures the resilience of IP access control systems.
078
While IP is relatively new in electronic access control systems, the IP technology itself is a mature, well-tested and proven technology. Myth: IP access control is vulnerable to hackers and is a less secure option than traditional access control: The IT security vulnerabilities facing IP access control are no different to the vulnerabilities faced by IP CCTV, and any other system residing on an organisation’s network. The IP access control system is no more at risk to hacking than an organisation’s financial information or intellectual property. It is important not to forget that RS485 access control systems are vulnerable to being breached as well, especially systems using unsecured 125kHz proximity technology, which is the most prevalent electronic access control technology in the marketplace. The network security industry is a multi-billion dollar industry in which organisations can engage to help ensure the protection and integrity of their IP access control systems, as well as any other systems residing on their networks. Standard network security practices, such as setting up LANs (local area networks), VPNs (virtual private networks), using encryption, firewalls, proxy servers and DMZ sub-networks can be utilised to help ensure the integrity of IP access control systems. Myth: Integrated systems (IP access control, alarms, CCTV) are less secure than running separate systems for each: Most commercial security systems these days are fully integrated systems utilising an overarching ISMS (integrated security management system), with dedicated ISMS software and hardware (servers). Integration between separate security subsystems and the use of ISMS software provides a holistic and more secure environment for organisations than the use of individual standalone security
systems. The integration of CCTV and alarm systems for instance can provide immediate footage of alarm events, providing the security operator the ability to perform instant alarm verification. Without this level of integration, the security operator would have to identify the location of the alarm event and then manually bring up the footage of that area on the CCTV workstation. This process is both inefficient and time consuming, and there is no guarantee that the alarm event was captured in the field of view of the PTZ (pan, tilt, zoom) cameras. The integration between the two systems (with the use of PTZ cameras) would ensure instant footage of an alarm event with the cameras programmed to ‘snap’ to the alarm event location. Following the successful evolution from analogue CCTV to IP CCTV systems, IP access control is gaining wider industry acceptance and is slowly but surely increasing its market share. Even though it is still relatively new and not currently supported by all manufacturers, IP is clearly the future for electronic access control. As more manufacturers begin to embrace and offer IP access control systems, and integrators and consultants become more familiar and experienced in these systems, IP access control can emulate the successful migration to IP as experienced in the CCTV industry.
Chris Nunn has a Bachelor of Science (Security) degree from Edith Cowan University in Perth and is a security consultant at Aurecon, which provides engineering, management and specialist technical services for public and private clients around the world. Chris can be contacted on 02 8197 4615.
WE’RE VIDEO HEADS
In a digital and fast paced world, video is an ever advancing asset to your arsenal. Whether you’re in need of a promotional, corporate or explainer video, a motion graphic or animation, IMS has you covered. Show the world what you can do, harness the power of video today.
www.interactivemediasolutions.com.au
Interactive Media 079 SECURITY SOLUTIONS Solutions
PROFESSIONAL DEVELOPMENT
080 SECURITY SOLUTIONS
d n A s e i L g Definin h t u r T g n i g Encoura By Lizz Corbett In part one of this series of three articles, I opened discussion to ignite thinking about your skills in reading people, encouraging truth and spotting deception. I reflected on career lessons that jolted me to a place where I actively sought out skills and knowledge to be able to more effectively elicit accurate information and move closer to the truth, resulting in better, more informed decisions. There are hundreds of jobs and situations in life where knowing the truth matters and there are also situations where the truth is better left unsaid. In our training courses, we often ask students to write down their own definitions of truth and lies. If there are 20 people in the room, I may get 20 slightly different definitions. They all mean something similar, but it is always interesting hearing the different wording, perspective and justifications that people use to define these two words. Even different dictionaries have a slightly different spin on it. The fact is there is no universally accepted definition of lying to others. Below are some definitions of truth given to me by students in a recently conducted course, Evaluating Truthfulness and Credibility: • something believed or perceived to be factual • that which is • a statement of belief that something is the case or accurate which may or may not be supported by facts • a factual statement • one person’s perception of a fact • honest belief of facts. And here are some of the definitions of a lie from the same group: • the intent to deceive or mislead
• a conscious decision to be deceptive • an attempt to mislead or misinform • providing deliberately incorrect information for the purpose of misleading • an intentional altering of the known truth to create another case that may or may not be supported by facts • that which is not and that challenges the state of truth. All of these definitions are right, as is your own definition, because that is how your mind interprets those words and the behaviours associated with it. The definitions I work with have been developed by someone who knows truth and lies better than almost anyone else in the world. Dr Paul Ekman is a professor and researcher who is well known for his work in furthering our understanding of nonverbal behaviour, encompassing facial expressions and gestures. In 1967, Dr Ekman began to study deception, starting with clinical cases in which patients falsely claimed not to be depressed in order to commit suicide when not under supervision. He offers the following definitions: • Truth: A sincere attempt to provide accurate information. • Lie: Deliberately choosing to mislead someone without giving prior notification. Let us dissect these definitions further and consider how they apply in the human interactions, interviews or situations you are involved in. The distinction with the definition of the truth is that the person is genuinely endeavouring to give you information or answers that to them are true. Under this definition, the information may be factually incorrect or flawed, but that would not make the person a liar if he genuinely believed it to be true.
Now the lie definition – this one can get a bit interesting. The first time I saw this I wondered why it needed to have the part on the end ‘without giving prior notification’. I thought the definition seemed complete at deliberately choosing to mislead someone. But once I understood it further, it made complete sense. What Ekman seeks to do with this definition is to rule out the times we are aware we are likely to be lied to; therefore, prior notification is given to us. A simple example of that is if you play a game of poker. Do you really expect everyone at the table to be truthful and open about the cards they have in their hands? The rules of the game sanction and notify the players that deception will occur. Also, an actor is not a liar, but an imposter is. So if you go to the theatre to see a play, you have prior notification that the people on the stage are not really who they say they are. Therefore, those sorts of things do not fit into this particular definition of telling lies. So in relation to the people you are meeting, I will assume you want them to be providing responses with a sincere attempt to provide accurate information. In that setting, you are not giving permission for them to mislead you. If you are told information that the giver knows to be untrue and deliberately chooses to tell you with the intent to have you believe it, then we will call that person a liar or deceptive. If a person ‘gets something wrong’ or ‘makes a mistake’ or says something that is not ‘factually true’, but he believes it to be so, then we cannot call him deceptive or a liar. With a deeper understanding of what constitutes truth and a lie, think about how much power you personally have to influence another person in their choice to either be truthful, withhold information or completely
SECURITY SOLUTIONS 081
PROFESSIONAL DEVELOPMENT
mislead you. Short of dosing someone up with magical truth serum, there is no one way that you can ‘make’ someone tell you the complete truth always. But in certain settings, when getting to the truth is critical to your decisions, it is important to recognise that you do have power to influence the outcome. Many people miss the opportunity to create the best environment to encourage the truth and instead, often unwittingly, encourage a lie. Depending on the setting and situation, there are at least 16 things that you can actively do to increase the likelihood that you will move someone away from the option to lie and toward the option to tell the truth. I call this ‘Paving the Truth Pathway’. The remainder of this article briefly outlines five of the Truth Pathway methods and touches on why they can work from a human psychology perspective. As they are outlined, think about how they might fit with the interviews, meetings or interactions you are involved with. Each of the methods is applied slightly differently, depending on the context. In some settings, you can be quite bold and upfront with the technique and others more subtle or creative. Remember, what you are trying to do is increase the likelihood that someone will make the choice to provide truthful information over inaccurate or misleading information.
1
Explore Motivations One of the first things you need to do in the planning stages is explore someone’s motivations to lie. There is always a reason that people make the choice not to be completely forthcoming and truthful. Understanding key motivations from the start can make it easier for you to use the right techniques to encourage the truth from the beginning. Many interviewers do not spend enough time in the planning stages of an interview and consequently cut short the planning process required to create the best environment to encourage the truth.
2
Choose the Interviewer Wisely This method applies across any type of formal interview where you do have an ability to select the best interviewer for the task. Although this is a luxury that is not always
082 SECURITY SOLUTIONS
possible, being able to think through the right match between interviewer and interviewee can make a positive difference to the outcome. Factors that can be considered are: gender, age, background, career history, rank or status, level of difficulty of interview, personalities and experience with similar interview types. When a person is being interviewed by someone that he feels more connected to and feels he can trust, that person is more likely to open up and offer truthful information. People like people who are like them and the right interviewer, with the right level of confidence and competence, can make a huge difference to the level of truth and honesty that is provided in an interview or interaction.
3
Be Open to Honesty This is important from the start of an interview and throughout the process. If you want someone to open up to you about something that may be against his own selfinterest in some way or that of another person he is protecting, then you have to make it ‘safe’ for the person to provide that information. Your words, face and body language quickly give a person a clue as to whether you are open to honest responses. By displaying negative, disapproving or judgmental behaviour or emotions, a person can quickly read that you may not be open or accepting of what he is saying. This may cause him to rethink, change direction or maintain hidden information.
4
Create a Knowledge Belief If a person you are interviewing has the belief that you already know a great deal about him, or you can get access to factual information through other means, he is less likely to give you false information. Be careful not to bluff or mislead, but you can indicate at the early stages of any interview process that you can and will gather information from various sources and your goal is to build an accurate picture of the situation or the person. If creating a knowledge belief is done in the right way, it is like ‘planting a seed’ in a person’s mind and, without him realising, can make him feel that you already know things that you actually may not know.
5
Ask for an Honesty Commitment This technique is in line with an influencing tool that is often used in sales and marketing. It works on the principle that people are more likely to behave in a way that is consistent with their commitment after they have agreed to something. When a person gives his word that he will act in a certain way, it is more difficult to go against it when the opportunity is presented. Knowing how to ask people to commit to giving honest responses can require further insight and training, as the way you go about it can differ depending on the situation you are in. There is another benefit of this technique if someone gives a commitment to being honest and then acts against that commitment. Because of the added conflict in his mind between his word (commitment) and the action, there will likely be a greater emotional or cognitive response, causing an increase in the tell-tale signs that something is not right at that point. We would all like to believe that the people we are interviewing or interacting with are open and honest and we are not being misled. Research tells us otherwise. Being equipped with a better awareness of truth and lies can help you better understand how and why people lie. By broadening your knowledge on this topic, you can develop the skills to encourage more truth and create a stronger truth-telling environment. You can also increase your ability to notice verbal and non-verbal behaviours associated with the emotional and cognitive stress caused by deception. Equipped with these skills, you are better placed to reduce lies in your life or spot them if they occur. Article three in this series will focus on the science of truth and lies and how you can improve your skills in spotting behaviour associated with deception. Lizz Corbett is managing director of Training Group International. If you are interested in building skills and awareness, connecting with people, encouraging truth, spotting lies and asking better questions, then register your interest in classroom-based or new online training programs being launched in late 2016. Visit traininggroup.com.au for more information.
A R T EX A R T EX
eNews
! t i t u o b a Read all
your email address here
SUBSCRIBE
Security Solutions Magazine eNewsletter Sign up to our eNewsletter and receive up-to-date valuable information regarding all things Security.
www.SecuritySolutionsMagazine.com
SECURITY SOLUTIONS 083
FEATURE ARTICLE
10
Leadership Principles For Security Operations 084 SECURITY SOLUTIONS
By Ami Toben The following are 10 hands-on, field leadership principles that I have personally found to be very useful for private sector security operations. Not only have I successfully applied these leadership principles myself, I have also taught them to other field leaders and watched how they too have had success with them. Though these principles come from over 15 years of my own leadership experience, I am not setting myself up here as an exemplar. In fact, the pitfalls and mistakes discussed here have all been made by me as well. This is very much a lessons-learned type article.
1
Plan to adapt One of the most important, and often neglected, points about operational planning is that it should provide a platform from which to adapt and change when things do not pan out the way you thought they would. Put together the best plan you can, but try to avoid falling in love with it and then rigidly forcing it onto a situation that has already changed. A good plan should fit the situation, not the other way around. When the facts on the ground start changing, your plan should adjust accordingly. This does not mean you should immediately abandon your plan as soon as things change, just that a plan should be more of a platform to operate off, rather than a scripting of future events. The realities in the field have a funny way of toying with prior expectations. The celebrated quote by Helmuth von Moltke (‘Moltke the Elder’) that “No plan survives contact with the enemy” holds very true, as his nephew, ‘Moltke the Younger’, painfully found out in 1914 (WWI history buffs will know what I am talking about). If you prefer an updated version of this, Mike Tyson captured it perfectly with, “Everyone has a plan till they get punched in the mouth.” I am not saying you will get punched every time you go out into the field, but the likelihood of it is very high and your plan should reflect that. Good security leaders have a flexible mindset, and the best leaders not only know how to roll with the punches, but actually enjoy rolling with them.
2
Simple! As soon as you take into account that the reality in the field will almost always differ from expectations and that original plans will often have to be modified, you should realise that plans must be simple. If a plan is too complex, it will be very difficult to tweak and adjust it on the fly. You personally might be okay with it, but the plan is not just for you – you have a whole security team to lead. If they already have to deal with a complex plan, it is very likely you will lose them as soon as you start making adjustments to it. A good plan is more of a platform than a script. Keep it simple!
3
How to deliver a good pre-operational briefing Many field security leaders tend to struggle when it comes to pre-operational briefs. They understand exactly what needs to be done, and why, but get all twisted up when they try to convey it to their subordinates. A concise and effective brief should cover: 1. The strategic mission – what the client needs. 2. The tactical mission – what you are here to do and how it serves the larger strategic mission. 3. Methods and tools of achieving the tactical mission. 4. Parameters, boundaries and limits to the tactical mission. 5. Methods of communication. These five points should be generally applied to the mission as a whole and specifically applied to each individual post. Very importantly, be sure to cover the why factor. Beyond the methods of achieving the mission, do you (the operator) understand why the mission is important and why your specific role is important for accomplishing this mission? If possible, test your team members by asking them to brief you back on the abovementioned. This will show you if they are able take ownership of their individual missions and perform well even without constant supervision.
4
Work for your subordinates Many people miss the point that leadership is a type of relationship and, just like
any other relationship, it is a two-way street. Yes, team members work for their leader, but a leader also works for their team members. In many ways, a leader needs his/her subordinates more than they need him/her. Leadership is a strange kind of business where the quality of your performance is evaluated on the basis of what other people (your subordinates) do. You could be a fantastic security operator, but your leadership skills are not judged by how well you operate; they are judged by how well your team members operate. In a weird kind of way, your reputation as a leader is held hostage by your subordinates. This does not mean your relationship with your subordinates should be like some hostage negotiation, just that beyond the warm camaraderie you should develop with them, you should also keep in mind how much you need them. Take good care of your team and treat them well. An interesting thing that happens when you take good care of your team is that it gets noticed by clients – and they tend to really like and respect it. Most people think that service providers only need to take care of their clients, but I have received many compliments over the years for how well I take care of my teams, and how well the teams tend to perform because of this. So, once again, take very good care of your team.
5
All-or-nothing type leadership A common security leadership mistake is the ‘you are in or out’, ‘my way or the highway’ style of management. On the face of it, this might look like a solid, no-nonsense type of leadership, but I beg to differ. While there are situations where things simply must be done a certain way, if you are in it for the long haul, this type of leadership is not really sustainable – or good. All or nothing is just too simple – too simplistic actually – and leaders who try to tell you that this is just their style, that they do not babysit or hold hands, are actually telling you that they do not really know how to properly lead. Anyone can set rules and then kick out subordinates who deviate – a machine could do that. Leadership is about motivating people and
SECURITY SOLUTIONS 085
FEATURE ARTICLE
getting them to willingly sign on to the mission. No, it is not always simple, and no, it is not hand-holding either; it is just good leadership.
6
How to handle weak team members Almost any security leader has to face the fact that you are not always going to have an A-Team under you, and that you cannot always just get rid of weaker team members. From my experience, the best way to handle underperforming security operators is to pull them aside, tell them how important they are to the mission and how you personally need them to deploy the top-notch skill set you know they have. Is there a bit of mental Jiu-Jitsu going on here? You bet. It does not matter if you do not necessarily feel the operator has a good skill set; this kind of encouragement tends to put some wind behind people’s sails. They might still be weak, but at least they will try harder and make it easier for you to accomplish the mission. Now, does this type of motivation always work? Of course not. And there might eventually be a need to take stricter measures with a weaker team member, but reserve those unfortunate options for later after you have tried the positive approach. Remember, leadership is mostly about guiding and motivating, not reprimanding and firing. One common mistake you will want to avoid is sending weak or untrustworthy team members out of sight to man some quiet back entrance. It is probably a good idea to give them a less critical job, but keep in mind that the seemingly appealing idea of posting them out of sight might do more harm than good. You usually need solid operators for the slow, boring corners where operators are not closely observed and managed. Keep your friends close and your enemies closer. If you are stuck with an untrustworthy operator, post them where you can keep an eye on them.
7
Leading up the chain I have talked about leading down the chain of command – motivating your subordinates – but you should also try to lead up the chain of command, all the way up to the clients who hired you. You obviously have to be very tactful here, but it is very important to instil calm, control and a feeling of security
086 SECURITY SOLUTIONS
in your client. After all, that is what the client hired you for. Many people tend to forget that at its core, under all the layers of physical operations, systems and protocols, security is a feeling we are hired to provide – not for us, for our clients. And good security leaders know how to instil this feeling in their clients.
8
Self-control Simply put, if you cannot control yourself, how will you control or lead others? Think of it from their perspective – why would a subordinate want to follow someone who cannot control themselves? It is not that they cannot follow you, it is that they probably will not want to – and getting people to want to follow you is what leadership is about. The biggest problem in maintaining selfcontrol is that you often do not realise when and how you tend to lose it. The key to fixing this is to develop good self-awareness and empathy. Try to look at yourself from the outside. How do you appear to others? How are you coming across? How is your tone of voice affecting the people you are addressing? How would you be affected by it if you were being addressed in that manner? Try to notice how fast and loud you are talking. Try to notice what expression you have on your face. The key to self-control is self-awareness.
9
Calm down. Slow down Now that you have the self-control thing going, use it to calm down and slow down. Many people tend to forget how important this is, especially during stressful crunch times. A calmer disposition has two important functions. First, it will help you make better decisions. It is like being a quarterback – even when everything is erupting around you and you are about to get tackled, calm down, look around and make a decision. The second function has to do with the above-mentioned self-reflection thing. Regardless of whether you personally can handle a frenzied pace of running and yelling orders, how do you think you come across to your subordinates and clients when you do this? You want to set a good example, lead from the front and create a good tempo, but the line between that and coming across as confused and frantic is quite thin and easily crossed. It is usually more important for a
leader to instil calm and control, and it starts with calming and controlling yourself first. Slow down. Take a few deep breaths. Do you need to go to the bathroom? When was the last time you had a drink of water or grabbed something to eat? Run your index finger over that little area between your eyebrows. Is it creased up in a frown? Calm down. Slow down. Look around and make better decisions.
10
Know thyself! Leadership is all about people and understanding people starts with understanding yourself. Beyond understanding how leadership works in principle, if you want to learn how you can be a good leader, you will have to figure out what kind of leader you are. Leadership comes in many forms and from many types of people. Try not to emulate too closely leaders who are very different from you. You will probably just have a bad time struggling with it and then come across as phony. Know who you are and be you. Some people have a permanent leadership disposition that comes across both on and off the job, while others have to switch it on when the need arises. Some leaders are older and more distinguished, while others are younger and more energetic. Some lead with lots of gusto, while others have more of a quiet intensity to them. Whatever the case may be, know who you are and figure out your personal style of leadership.
An experienced security director, consultant, trainer, operator and business developer, Ami Toben has over 15 years of military and private sector security experience, and a successful record of providing full-spectrum, high-end services to Fortune 500 corporations, foreign governments, foundations, non-profit organisations and wealthy individuals. Ami Toben is currently director of consulting, training and special operations at HighCom Security Services, and the owner of the Protection Circle blog.
MASTER LOCKSMITHS Master Locksmith Association members are highly trained, fully qualified security professionals with access to the very latest in restricted key systems, from mechanical keys and locks to the world-leading electronic master key systems.
Find your nearest locksmith and MLA member at
THE MLA ADVANTAGE
DOMESTIC
COMMERCIAL
AUTOMOTIVE
SAFES
RESTRICTED KEY SYSTEMS
ELECTRONIC SECURITY
CCTV
FOLLOW US ON
FAST. SI L E N T. ST Y L I SH. Our award winning speedgates keep your building secure with style. Find out which speedgate is right for you.
1300 858 840 www.entrancecontrol.com.au
SECURITY SOLUTIONS 087
SECURITY STUFF C O N T E N T S
SPOTLIGHT
PROFILE
PRODUCT SHOWCASES
SHOP TALK
BQT
090
Stentofon 096
Canon VB-M50B
106
SAAB
092
STid
098
Infiniti Class 5
107
Security Exhibition & Conference Next Gen Products 110
SRD Vision
107
SecuSafe DigiGuard
IEC 094
Dorma/Kaba 100 Seagate
102
ActivConsole 104
88 SECURITY SOLUTIONS
Biocam300 108 Aperio AUV3 Escutcheon
109
Hikvision PanoVu
109
111
SECURITY SOLUTIONS 89
IGH T SPO TL
Reader and Card Security Considerations It should come as no surprise that not all access control systems are created equal. An Access Control System is made up of many elements, beginning with a panel which incorporates a feature set designed to facilitate proper verification and enrolment procedures. The panel should also enable continued credential maintenance procedures for the maintenance of both the approved credential lists and unauthorised credential lists. Perhaps the most important component of any access control system is the selection of smart reader and card technology. With so many different types of smart readers and card technologies available, it is often difficult to know what to choose. Which combination smart reader and card technology will minimise the chances of someone successfully presenting false credentials with a view to gaining access, or the ability to compromise communications within the system through hacking and cloning of authorised credentials and reader data? Choosing the right technology, one which has a level of security commensurate with your level of security risk, is vitally important. Proper risk analysis is the key to ensuring that the right Smart Reader choice is made. For example, some Smart Reader products, such as 125Khz prox or CSN/UID readers, offer no protection against hacking and cloning cards. Others readers are based on technology platforms that have, at some point, been compromised. However, the level of sophistication required to compromise the technology is sufficiently high enough that it does represent a threat to medium level security applications. Alternatively, new counter measures many have
090 SECURITY SOLUTIONS
been incorporated into the existing platform to insure that it once again provides sufficient protection for medium security applications. Then there are the high security smart reader and card systems which are designed using technology platforms that support higher encryption standards which are considered safe for protecting sensitive and classified data. As is the case with any security design, a balance must be struck between ease of maintenance and use and the degree of security provided based on the perceived level of risk. In the case of access control systems, the decision to implement a more user friendly, easier to maintain system often comes at a cost to the integrity of the system’s security, especially where reader technology is an ‘offthe-shelf’ solution chosen primarily because of factors such as how easily components can be purchased, maintained, replaced. The cheaper and more readily available the components of a system are, the lower the level of security they are likely to provide. Furthermore, it is often the case that ‘off-the-shelf’ access control systems are much easier to administer because such systems offer little or no encryption, hence minimal security. BQT Solutions are uniquely different in that their miPASS card and reader systems offer economical “off the shelf” convenience with the right level of encryption and security for both medium and high risk security applications. They can also provide tailored Smart Reader and Card systems with custom “secret” keysets and/or encoders and configuration software for larger organisations or classified installations.
Encryption Card Readers communicate between the access Credential and the Reader through radio frequency and also to the Access Control Panel via a protocol such as Wiegand. For a security risk analysis to be considered complete, an examination of both of these methods of communication is required in order to assess the how easily data in the system could be compromised. This risk assessment then determines the appropriate technology platform and encryption standard. BQT Solutions advise that medium security products such as their miPASS 2 secure card and reader system, which include modern MIFARE® Crypto1® encryption, may be implemented at a similar budget to non-encrypted technology such as such as 125Khz prox or CSN/UID readers, eliminating the need to expose an organisation to the kinds of hacking and cloning security risk associated with cheaper systems. The standard of card and smart reader encryption for high security applications requires a higher level of encryption such as Triple DES (3DES) and AES which have been approved by organisations such as the US Department of Commerce, National Institute of Standards and Technology (NIST) for the protection of sensitive and confidential data. BQT Solutions miPASS 3 secure card and reader system provides a suitable “off the shelf” solution which implements Triple DES (3DES) encryption between the card and the reader to protect against hacking and cloning of these communications. BQT Solutions also offer a smart reader range that has custom keys and output formats, as
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
BQT
well as a choice of platform, encryption standard (as available for the platform) and output protocol. These readers offer MIFARE® Classic with Crypto1® encryption, MIFARE® DESFire® EV1 with DES, 3DES or AES encryption and/ or MIFARE Plus® with AES encryption. Output protocols offered as standard include Wiegand and both plain and AES encrypted RS485 with plain or encrypted OSDP as a further option.
Smart Reader Output (Communication With The Access Control Panel) Most access control panels on the market today communicate data from the smart reader as Wiegand protocol. This communication is unencrypted, plain text and may be hacked and replicated to allow unauthorised access. Many models in the range of BQT Solutions readers include the option of RS485 protocol communications encrypted with AES. Data from the reader is then sent to a High Security Module (HSM) installed next to the Access Control Panel in a secure area and decrypted back to Wiegand data for use in the Access Control Panel.
Diversified keys and Random UID enhance a Smart Reader and Card System’s security and integrity, making hacking and cloning of systems more difficult. Many BQT Solutions products include Diversified Keys and Random UID techniques within feature sets, providing additional peace of mind.
not the back-end, which grants access based on a string of data that it receives, but on the authentication and verification of the individual seeking access. Essentially, this means that the security risk is mitigated at the Smart Reader. As there are cost implications to each additional factor of authentication, most organisations determine the authentication and verification processes based on the constraints of time and of money and take a zonal approach to increasing factor authentication as the security risk or value of property being protected increases. The Multifactor approach to security is strongest at three factor authentication and verification providing three key ingredients:What you ARE - (Biometric Information e.g. a fingerprint) What you HAVE - (A credential such as a Smart Card) What you KNOW - (A PIN, kept secret)
Other Authentication
Backend Security Procedures and Controls
It has often been noted among security experts that the strength of an access control system is
An Access Control System is only as strong as its weakest component or procedure. Just
Other Security Features
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
as important as the technology selection are the procedures that are implemented around enrolment, and suspension of system users and custody of credentials. System lists of authorised and unauthorized issued credentials should be strictly maintained on an on-going basis, strong policies should be adopted with regard to lost/ stolen cards and practices such as tailgating and card sharing should be prohibited.
BQT Solutions BQT Solutions has a range of smart reader products that cover all applications and risk levels from low to high and critical risk applications and multiple factor authentication readers are available. Their technology is installed at over 3,500 sites globally and is trusted for some of the most high risk security applications in the world. They offer both “off the shelf” secure smart reader and card systems and tailored solutions which can be specified for any security application. For more information visit www.bqtsolutions.com or call +61 (0)2 8817 2800
SECURITY SOLUTIONS 091
IGH T SPO TL
Is There A Better Way? Critical infrastructure operators are quickly discovering that to adequately protect their premises, more electronic systems are required. The traditional security systems such as intruder alarm and access control systems, CCTV, perimeter intrusion detection, pedestrian, vehicle and car park barriers and systems, duress systems and intercom systems are not the be-all and end-all. An effective onsite security control room must also monitor the visitor/contractor management system, building management system, fire and EWIS (Emergency Warning Intercommunications System), UPS and generators, lighting and Ethernet network for any changes that may impact the site. Security managers must also concern themselves with general asset tracking and social media activities that relate to the facilities and organisation. Of course security personnel need to communicate with each other and all other parties on site so use telephones, two-way radios, intercom and public address systems too. Then there are add-on systems like biometrics and video analytics for greater facility protection and site specific systems such as key safes, RFID systems, mobile phone detection systems, etc. These are simply the most obvious ones for critical infrastructure sites, but depending on site specifics, even more can be used. This is a large number of systems for security operators to manage and monitor, raising several issues and complications that must be addressed. For example:
092 SECURITY SOLUTIONS
• How easy is it to learn all these systems and operate them? • How many monitors must the operators keep their eye on to make sure they don’t miss anything? • When an event occurs, how stressed does the operator become and therefore how many mistakes could be made under pressure? • How many policies and procedures relate to all these systems and how confused are the operators? • Most importantly, what is the speed and precision of the current security staff to action alarms and events? • How difficult is it to conduct an investigation? Is there an efficient method of gathering the information from all these systems and collating them into time order so as to create a clear picture of the event? Basic high and low level system integration improves the speed and precision of some alarms and events but certainly not all. Integration also decreases the number of viewing screens and tasks performed by operators. Integration however, does not assist with training, stress, policies & procedures and investigations. Alternative methods must be used to solve these issues and this is where the global security industry is turning to Physical Security Information Management (PSIM) systems. Over the past 10 years PSIM has become an accepted term within the security industry and this acronym is starting to pop up everywhere, even in technical specifications. Originally PSIM’s were purpose built, however
as the technology advanced, PSIM’s have become a commercial off the shelf solution that fit many industries. A true PSIM has the ability to integrate with any system or device and is therefore non-proprietary. PSIM’s add tremendous value to organisations as they are a single human machine interface for all the security systems. Essentially PSIM’s are a single Graphical User Interface (GUI) for the multitude of disparate security sub-systems that are managed by security operators providing tremendous situational awareness. Understanding if the client needs a PSIM can be determined in a number of ways however generally the answer lies within a few requirements. First, the speed and precision required for responding to events and second, the number of sub-systems. The major benefit of a PSIM is that it integrates ALL security systems regardless of make, model or class. Be wary though, not all systems marketed as PSIMs are actually PSIMs. A true PSIM will allow multiple security systems such as access control systems and/or multiple video management systems to be integrated. If the PSIM manufacturer will not easily and openly integrate competing products, then the system is not a PSIM, therefore possibly not provide all the desired features and benefits and possibly lock you into proprietary solutions. For many reasons a security operation can have multiple security sub-systems such as video management systems forming part of the overall solution. A PSIM seamlessly integrates all disparate systems so the organisation can meet its key operational business needs. Control room
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
support for post action analysis, OneView is the ultimate choice for modern surveillance and security operations.
SAAB
You can rely on Saab’s thinking edge to bring your control room under real control. saab.com/australia
personnel can simply learn and control a single system, the PSIM. A PSIM delivers a security ecosystem that provides complete situational awareness. Personnel can apply an adaptive workflow including clearly defined procedures to follow, for each event. Best practice is applied with real time information presented, whether the subsystem is old or new. There are many functions of a PSIM and as a minimum the solution should collect and analyse the data gathered from all the sub-systems. As all the systems are present in the single GUI, the operator typically receives data from these sub-systems as text or by way of icon changes on a map. When the operator chooses to action the event, the operator will click on the text or icon and they will automatically be provided all the information associated with the event and realise the benefit of the PSIM. The information from various systems is presented at the same time providing the operator a complete picture. The PSIM should provide the operator the ability to respond to any situation more efficiently with additional information, which is presented in a clean and well-laid-out display.
The PSIM should include all the Security Operating Procedures (SOP’s) and present only the relevant SOP’s for each event – ie. when a duress alarm is activated the SOP’s for this event are automatically presented so the operator can perform the task as efficiently as possible. The PSIM must retain a complete audit trail in chronological order of everything that happens on the PSIM and every sub-system in a single repository. In this day and age geo-mapping should be provided as a standard feature. This mapping feature should essentially operate like Google Earth or Google Maps, however the load times should be virtually instant. There should not be any delay waiting for pages or maps to load. The PSIM should update the status of the points from each sub-system every second or faster. Systems update delays, such as map loads shouldn’t be tolerated. The PSIM should facilitate alarm and event searching as all recordable movements from each sub-system are stored within the PSIM’s audit trail. Investigations are easier, more accurate and conducted in a more speedily fashion.
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
Often an overlooked benefit of a quality PSIM is that it will eliminate desk top clutter within the control room. As all the systems are integrated and operated from a single system, the result is that an operator simply uses a few monitors, keyboard, mouse, joystick, intercom and/or telephone. All other devices such as multiple two way radios, paper based SOP’s, intercoms, keypads, switches, little sticky notes, etc. are all eliminated to reveal a clean and efficient control room. De-cluttering the control room always results in well-organised, capable and happy control room operators and a safe and secure premise. Saab Australia is a major system integrator of Physical Security Information Management systems within Australia. The company has developed and installed several systems in prisons, defence bases and critical infrastructure facilities across the Asia Pacific region.
SECURITY SOLUTIONS 093
IGH T SPO TL
The Creating of Standards By Vlado Damjanovski and John Fleming
Stockholm, 1 July 2016 Four hard working days in Stockholm’s Silicon Valley suburb called Kista are now behind us. In the Swedish Electrum (the Electrotechnical University), in the offices of the Svensk Elstandard (Swedish Standards), from 27th to 30th of June 2016, a number of meetings of the International Electrotechnical Commission (IEC) Technical Committee 79 (TC-79) were held. For the first time in our security industry history, Australia had two representatives participating in this combined work of TC-79. Vlado Damjanovski, as an expert in the CCTV section of WG-12 and John Fleming as an expert in the Alarms section WG-13. Just for the record, CCTV has been renamed by the IEC to VSS (Video Surveillance Systems) due to the Chinese delegation noting that CCTV (Closed Circuit Television) in China bears the same acronym for China Central Television. IEC is an international standards organisation which sits under the umbrella of the United Nations and is head quartered in Geneva, Switzerland. IEC is a non-profit, nongovernmental organisation that prepares and publishes International Standards for all electrical, electronic and related technologies. These technologies cover a vast range, from power generation, transmission and distribution to home appliances and office equipment, semiconductors, fibre optics, batteries, solar energy, nanotechnology and marine energy.
094 SECURITY SOLUTIONS
The Swedish Standards building (Svensk Elstandard) where the IEC meetings were held
The IEC name is probably better known among electrical and electronic engineers because all specifications of hardware, like the so-called IEC plug for electronic devices, are specified by these standards. The IEC’s Technical Committee TC-79 started working in around 2010 on a set of standards on new technologies that covers Alarm and Electronic Security Systems technologies.
A number of Work Groups were created, to include IP CCTV, Access Control, Alarms and Video Intercoms. Australia did not have opportunity to participate in making of these standards due to the fact that it had the status of an Observing member, until recently. With some internal work of the El-051 committee members who recognised the need
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
IEC
The Australian delegation of John Fleming and Vlado Damjanovski
for involvement, in 2014 Australia became a Participating member. With the change of the status we earned the right to vote and contribute to all new IEC TC-79 works. Working Group 11 deals with Access Control, WG-12 with IP Video Surveillance Systems (VSS), and WG-13 deals with Alarm Systems. Working Group 12 has created a number of VSS standards. Unfortunately Australia does not have any experts participating in the WG-11, hopefully something that will change in the near future. For the last couple of years the EL-051 committee at Standards Australia, dealing with Non- Broadcast Video, has managed to take a noted participation in the creating of the 62676 standards, through Working Group 12, where Vlado Damjanovski, Les Simmonds, Ryan Talbot and Jason Prince have represented Australia. Standards Australia also recognised the need to have a delegate on the Working Group 13 under the same TC-79 committee, working on the Alarm Systems standards set, under the name of 60839. This was undertaken by John Fleming, ASIAL’s General Manager. Since the creation of the SA standards series 4806 on analogue CCTV, back in 2006, there has been a huge switch in technology from analogue standard definition (SD) to digital high
IEC-TC79 Stockholm meeting attendees
definition (HD). The same applies to Access Control and Alarm industries, who also switched from analogue to digital communications. These changes called for upgrading of many old standards. Working on creating standard documents is not an easy job, as Vlado Damjanovski, Les Simmonds and Olly De Souza can testify during their work on AS4806 standard ten years ago. Needless to say, this was, and still is, a voluntary work. Not many people are prepared
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
to sacrifice their own time for a non-profit work, something that should be acknowledged by the industry. With the current SA involvement in the IEC work as a P-member, Australia has a good chance of adopting these new standards, without re-inventing the wheel, as they say. In addition, we have the opportunity to host the next IEC meeting in June 2017, during which further discussion will occur regarding ongoing standardisation.
SECURITY SOLUTIONS 095
PRO FILE
ADVERTORIAL
STENTOFON is a leading provider of critical communication solutions. STENTOFON Communications Australia (SCA) supply high quality Intercom and PA solutions using HD audio for virtually any environment. By using IP technology, STENTOFON’s products are platform independent and can be used with basically any system that supports the open SIP protocol. Depending on the client’s needs integrators can build a small-scale PA system using STENTOFON’s own SIP based stand-alone system called PULSE. As the PA system grows the same hardware can form part of a larger SIP platform and by using SCA’s own AlphaCom XE platform even more advanced integration features are possible. Finally, STENTOFON have their own dedicated native IP PA solution called EXIGO which facilitates high-end IP PA for the most demanding environments. Melbourne's Yarra Trams uses the AlphaCom XE platform on a wireless network to keep their passengers informed on over 40 Super Stops throughout Melbourne's CBD Yarra Trams broadcast their service delivery interruption messages via the STENTOFON private 4G data network, these can be pre recorded in the studio or live broadcasts from the platforms keeping the travelling public informed and up-todate. The benefits of using STENTOFON for Public Address Crystal Clear Audio. SCA uses the G722 wideband audio codec to offer high quality audio. In addition STENTOFON products support Active Noise Cancellation and Dynamic Volume Control. SCA’s products are platform independent and scalable. Meaning clients can use their standalone PULSE solution for smaller systems or connect them directly to most IPBX telephony systems. For more advanced security systems STENTOFON’s
096 SECURITY SOLUTIONS
dedicated AlphaCom XE platform is the platform of choice. Native IP PA – EXIGO. SCA’s dedicated IP PA platform is called EXIGO. It is designed to meet the most stringent requirements for Oil & Gas and Marine projects. EXIGO is a distributed PA system supporting A+B systems, Full Redundancy, 10W Class D IP PA amplifier and numerous call panel configurations. Using STENTOFON’s TKIS-2 VoIP module integrators can build their own IP Speakers or use the kit as an OEM module to build customized PA call panels. Extending the life cycle of a legacy analogue PA system. SCA’s VoIP kit and IP-ARIO interface allow sites to utilize their existing analogue amplifiers in an IP based PA platform. IP-ARIO has additional features such as Speaker Loop Monitoring and error reporting. Reducing investment costs by extending life cycles.
Talkback included. STENTOFON use the same technology for IP PA as for IP Intercom. This means Intercom stations or SIP telephones can easily create a hybrid IP PA and Intercom solution. Integration with the Overall Security System. SCA’s dedicated AlphaCom XE platform integrates with most security systems. Meaning security guards will be able to work more efficiently using fewer man-hours. Networking. IP technology brings endless possibilities for networking, remote management and monitoring. Ask SCA about managing remote sites from one central point using networking solutions such as VPN, Fiber, Wi-Fi bridges or Microwave Networking. For a demonstration visit STENTOFON at 670 Mountain Highway, Bayswater VIC or go to stentofon.com.au
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
IT’S HERE! THE FIRST EVER TRUE NATIVE IP PUBLIC ADDRESS SYSTEM! EXIGO
ADVERTORIAL
FILE PRO
Does not require any specialised network hardware and can co-exist with other network systems
Supports all infrastructure - Buildings, Industrial, Remote Areas Extremely energy efficient with low power consumption and low heat dissipation Effortless scalability to any sized systems Excellent system management with advanced system maintenance and monitoring
Oceania Inquiries Phone: +61 3 9729 6600
www.stentofon.com.au sales@stentofon.com.au
SECURITY SOLUTIONS 97
PRO FILE
ADVERTORIAL
STid Technologies Set New Standards In Mobile Access Control Data and information have become a priority in our smart, mobile and connected society. Beyond the economic realities, human authentication through the securing of people's identity and access is essential. Are you ready to face the change mobile technologies have brought to access control? To respond to these new challenges, STid anticipates market trends and introduces new access control concepts, offering contactless Radio Frequency IDentification technologies (RFID, NFC & Bluetooth® Smart). The French company with a worldwide reach invents, designs and provides solutions in the security and industrial asset track and trace markets for the most demanding industries and governments. As French market leader, STid develops innovative products and solutions for high security access control and automatic vehicle identification (AVI). STid offers awarded innovative solutions STid Mobile ID® access control solution and Architect® Blue upgradable readers were awarded the “Think outside the box” award and the Innovation Trophy at the latest security trade fairs. The reasons for this success is evident… STid Mobile ID® allows you to secure your access and to protect your sensitive data with your smartphone. The mobile access control solution, combined with Architect® Blue secure upgradable readers, merges the best security levels of the market, rewarding human experience and open technologies to keep control of your security. Improve the human experience The user-friendly solution allows 5 identification modes of intuitive, smooth and unhindered management of your access points: • Badge mode by placing your smartphone in front of the reader.
098 SECURITY SOLUTIONS
• Tap Tap mode by tapping your phone twice in your pocket for Prox or remote opening. • Slide mode by placing your hand close to the reader. • Remote mode by controlling your access points using a smartphone app. • Hands-free mode by entering while carrying a smartphone loaded with a valid credential. These 5 modes are possible thanks to STid's exclusive, patented technology that can differentiate between access points depending on their distance. This means that multiple Bluetooth® readers can be installed in the same area. Easy access to High Security STid is the first RFID manufacturer to have received First Level Security Certification (CSPN). This French government certification is a recognition of their unique know-how, the technological and security expertise that are implemented in your access architecture, whether new or existing. Managing digital keys on a smartphone requires expert control of the security chain: phone, reader and system. STid offers unprecedented security levels while protecting and encrypting all data and communications between the mobile phone and the access reader. Architect® Blue readers use the latest MIFARE® DESFIRE EV1 / EV2, Bluetooth® Smart and NFC
technologies with new data security mechanisms. The innovative tamper protection system is the best way to protect sensitive data while making it possible to delete the authentication keys (patent pending). Create your own scalable configuration The concept can be tailored to your needs, offering the optimum solution for any situation and ensuring that all functionalities and security levels can be upgraded across all your readers. Architect® Blue is the first modular range of secure RFID, Bluetooth® Smart and NFC readers offering both flexibility and simplicity. The awarded readers are based on a common smart RFID core to which various interchangeable modules can be connected, such as card reader, keypad, touch screen, biometric device... Tailor your own access control readers The design of Architect® Blue readers is immediately recognizable, with a dynamic and elegant style, featuring clear pure lines. STid offers a wide range of customization options to tailor your reader to your corporate image and integrate it fully in its installation environment: logo printing, casing color and material-effect, multi-colored LEDs… For more information visit www.stid.com
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
ADVERTORIAL
FILE PRO SECURITY SOLUTIONS 99
PRO FILE
ADVERTORIAL
Smart access solutions for your satisfaction
Dorma and Kaba become dorma+kaba. A merger that offers you a wide range of added value in every phase. Together we stand for more than 150 years of security and reliability. With this merger we will multiply our strengths. Our companies complement one another very well, ensuring that in the future we will be able to offer a comprehensive port¬folio of products, solutions and services related to doors as well as to secure access to buildings and rooms from a single supplier.
Our Merger Offers An Array Of Benefits For Your Buildings And Building Projects Global presence – just around the corner from you Our merger means an increase in locations. We are now there for you in over 130 countries. This allows us to understand and meet your individual requirements even better. Comprehensive product portfolio – for your individual requirements We can now offer you an expanded portfolio of services in the fields of security and access to buildings and rooms. Our comprehensive product portfolios encompass door technology solutions, automatic door systems, a wide variety of fittings, door closers and stoppers, and locking systems – from cylinders, keys and locks all the way up to fully networked electronic access solutions for
100 SECURITY SOLUTIONS
companies, public facilities, hotels and many other applications. The range also includes physical access systems, high security locks, glass fittings, solutions for workforce management, as well as services. We remain committed to better supporting all of our customer groups with the best quality and best value product range, and the best service. We are now there for you through every development phase of your building project, enabling the best solutions for your requirements. We aim at developing products, solutions and services that make life for our customers and endusers more simple and secure.
Driving innovation – for your future challenges For both Dorma and Kaba, quality and innovation were important success factors for the way we did business. dorma+kaba continues to strive for innovation leadership in our industry. We always do this with the goal of creating smart and reliable access and security solutions with long-term added value for our customers, partners and users. No matter where you are, if you need innovative, reliable access and security solutions, we are there for you with our high-quality offering – in hotels, shops, sporting venues, airports, hospitals, at home or in the office. All over the world.
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
ADVERTORIAL
FILE PRO SECURITY SOLUTIONS 101
L E A R N M O R E AT S E A G AT E . C O M / A U
ADVERTORIAL
PRO FILE
FOR VIGILANT SURVEILL ANCE
10 Years, 10TB
Smart, Safe, Secure Surveillance Storage In 2016 the surveillance market is expected to generate more than US$16B in revenue,1 but the market is not yet saturated. The growth of camera installations, high-definition recordings and longer data retention periods all point to one, often overlooked factor—the need for reliable storage to back it all up. No matter your installation, Seagate offers the most comprehensive line of surveillance-optimized storage with our SkyHawk series of surveillance drives. With a 10-year legacy of surveillance support, SkyHawk delivers on features that ensure performance and reliability not only in the traditional surveillance DVR market but also NVRs. Application In 2016, Surveillance NVRs (network video recorders) will out-ship DVRs. NVRs take advantage of larger camera counts, IP cameras, multi-drive systems and RAID for data duplication, putting larger, more strenuous recording requirements on the HDD. Seagate drives come with an elevated workload rating, supported camera count and drive count to grow with this application. WD charges a premium on their Purple NV line for similar features.
102 SECURITY SOLUTIONS
Capacities By 2019, video surveillance cameras are expected to record 2500PB1 (2.5 million terabytes) every day. Leveraging higher-capacity drives, Seagate helps system integrators get the most out of their systems without having to upgrade hardware. Number of Drive Bays Seagate drives come standard with Rotational Vibration (R/V) sensors to help maintain performance in multi-drive systems. As NVR and servers become more common in surveillance, this feature is critical to preserve system performance. Number of Camera Supported In 2016, 66 million network cameras will be shipped globally. In fact, IHS predicts there is roughly one surveillance camera installed for every 29 people in the world.3 Support and storage for more cameras is critical as the number of cameras
installed continues to skyrocket. Seagate supports twice the number of HD camera streams of our competitor, who charges a premium on their Purple NV to match our spec. Workload Rating As the number of cameras shipped increases, so does the amount of data recorded to the system’s hard drive. Seagate surveillance drives support up to 180TB/year of recordings, 3x that of WD, who specs the same workload rating of a desktop-class drive. In order to get a 180TB/year drive workload rating from the competition, customers need to pay a premium for their Purple NV. • 1 IHS, 2015 • 2 Available on drives >4TB • 3 IHS, February 2016 For more information visit seagate.com.
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
ADVERTORIAL
FILE PRO
Do You Know This Person?
This person has made a difference to someone’s life. It may be that he or she, through an act of courage or valour, has stepped in harm’s way so that someone else may be safe. It may be that he or she has put in tireless hours, made great personal sacrifices and dedicated a career to making the security industry a better place. Please, help us find and reward this person. Nominations are now open for the 2016 Australian Security Medals. Whether you are nominating a medal recipient, making a donation to the Foundation or booking seat (or table) at the industry’s premier charitable event, you will be helping to create a more professional security industry of which we can all be proud. For more information about making a nomination or providing sponsorship, please visit the Australian Security Medals Foundation website today!
www.inspiringsecurity.com SECURITY SOLUTIONS 103
PRO FILE
ADVERTORIAL
ActivConsole
A true investment in your control room operation ActivConsole, AME System flagship product, has been revolutionising surveillance control rooms throughout Australia and internationally for the past 20 years. A strong push towards ergonomics within many surveillance room environments has shifted the role of consoles over the last 10-15 years. Consoles are no longer an outdated, inconspicuous piece of furniture offering no ergonomic benefit for its operator. Today’s consoles are custom designed, ergonomically beneficial and tailored towards each single operator and task. Height adjustable consoles are not just the future, they are the very much the present and they are very much a trend that needs to be embraced. Not only do they increase operator comfort and safety, productivity and alertness of each operator remains higher for longer. Australian made and owned, all ActivConsole models are designed and manufactured from their engineering facility and design studio in Melbourne, Australia. Utilising Australian suppliers whenever possible, the ActivConsole ensures that up-to-date technologies, services and ongoing support remain local and readily accessible for their customers. Over the last 12 months, ActivConsole models have been implemented in & associated with a variety of large scale, state-of-the-art projects throughout many of Australia’s top industries. Spanning across the various sectors of road and rail, mining, military, casino gaming, oil and gas and air traffic control, the ActivConsole models are as diverse as ever and proving to be the backbone behind many every day critical applications
104 SECURITY SOLUTIONS
required to ensure the security of Australia’s future. Internationally, ActivConsole models have recently been commissioned and installed within several major projects in casino gaming, audiovisual and education industries located within South East Asia, New Zealand and the United States. Each new console produced, whether incorporating specialised high-tech hardware, advanced touch screen technology or simply just a retrofit to an existing application, is meticulously designed and tailored to suit its application – ensuring the highest levels of practicality, comfort and ergonomic benefit have been identified and utilised. ActivConsole’s trained in-house design team ensure that all consoles created recognise all relevant control room standards and meet all applicable requirements from Australian and New Zealand Standard 4443:1997 and ISO 11064-4. All height adjustable consoles created under the ActivConsole brand utilise proven, internationallyrecognised electric lifting actuator technology to ensure the functionality and safety of its height adjustable operation are never compromised. At the touch of a button, each operator can set and save their desired working height to ensure an ergonomically beneficial position is met, without having to compromise between sitting and standing. The pivotal element of every ActivConsole is ergonomics. Technically speaking, this is the optimum way an operator interacts with every aspect of the console in order to achieve their
performance objectives, whether seated or standing. All ActivConsole models are designed with ergonomics at the forefront, taking an active approach to ensure the operators and the tasks they perform are accounted for first, prior to any design work being undertaken. It is this approach that ensures all consoles are designed specifically for a certain task or role, all the while creating an innovative 24/7 working environment and increasing workflow and productivity. The success of ActivConsole is embedded in its long lasting quality and repeat interactions with existing customers. Aligning itself heavily within growing companies, industries and technologies, the ActivConsole has continued to diversify into a wide variety of thriving sectors, ensuring it remains a benchmark in the console industry and a mainstay for years to come. Despite its already expansive customer base, the ActivConsole continues to expand rapidly into a variety of different markets internationally and throughout Australia. As customers continue to ebb and flow with this ever changing marketplace, new sites are constantly being fitted out with new, state-of-the-art ActivConsole models and old sites are being retrofitted to compete with the dynamic requirements of large-scale automation synonymous with the 21st century. Whether it’s a new project, a refurbishment or simply a retrofit, the ActivConsole is the proven first step towards a healthier and more effective workplace. For more details on AME System and their ActivConsole range, visit their website at: www.activconsole.com
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
ADVERTORIAL
FILE PRO
AME System produces its customisable ActivConsole range of electric height adjustable and fixed height control room consoles from their local design studio and manufacturing facility in southeast Melbourne, Australia. The ActivConsole range has revolutionised control rooms throughout Australia and worldwide, introducing state-of-the-art ergonomic technology into a 24/7 monitoring environment. Able to be customised to suit any application, the ActivConsole plays
a vital part in keeping your workplace and employees healthy and productive. By utilising new modern production methods and combining them with high quality materials and finishes, the ActivConsole range continues to adapt to new technologies and trends, ensuring unparalleled versitility and flexibility in every design. Customising ergonomic solutions for over 20 years, we continually ensure safety and quality for a whole new generation of operators. Contact us now for a tailored solution.
SECURITY SOLUTIONS 105
PRO DU CT
S E S A C W O H S CANON VB-M50B With its highly sensitive 1/3” CMOS sensor and advanced image processing, the new VB-M50B large aperture pan-tilt-zoom (PTZ) surveillance camera from Canon captures footage in sharp, high-quality 1.3MP resolution. Offering exceptional low-light performance, it is well-suited to crime prevention applications in urban surveillance and monitoring important infrastructure facilities. The large aperture f/1.8–2.4 Canon 5x optical zoom lens captures outstanding levels of detail, even with full telephoto applied. The aspherical and UD-distortion suppression lens design helps prevent chromatic aberrations and achieves clear, high-resolution images from any distance. Enhanced Clear IR Mode offers monochrome images of greater definition and detail, day or night, while Motion-Adaptive Noise Reduction dynamically controls noise levels to improve performance in low-light conditions. The VB-M50B’s innovative Clear IR View Mode combines an IR Band Pass Filter (IRBPF) and new image processing capabilities to capture monochrome images that have superb definition and detail, day and night. The IRBPF gathers greater volumes of infrared (IR) light to reveal hidden details in distant views, while dedicated image processing techniques correct image blur – so you enjoy consistently clear monochrome images. The VB-M50B’s Enhanced Digital Zoom improves image quality and extends the camera’s zoom capabilities. Once the camera’s optical zoom limit has been reached, Enhanced Digital Zoom substitutes images within lowresolution streams with cropped images from higher resolutions, extending the camera’s magnification to enable powerful long-range monitoring while maximising image quality. The VB-M50B extends your surveillance options by offering viewing and configuration from a wide range of browsers and mobile devices. The camera’s new firmware architecture is compatible with all popular web browsers and mobile devices, so you can set up your camera and view live images entirely within a mobile environment. Visit www.canon.com.au for more information.
106 SECURITY SOLUTIONS
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the Editor or relevant editorial staff member assigned to this publication and do not represent the views or opinions of Interactive Media Solutions or the advertisers or other contributors to this publication.
CT DU PRO
SHO WC ASE S INFINITI CLASS 5 Inner Range recently announced the release of their Infiniti Class 5 platform. Winner of the 2016 Security Expo Best New Product award, the Class 5 platform is the first and currently only system with independent certification as Class 5 by the Australian Security Industry Association Limited (ASIAL). What is Class 5? Class 5 relates to the AS/NZS 2201.1:2007 standard – the Australian and New Zealand standard for the design, installation, commissioning and maintenance of intruder alarm systems. Class 5 is the highest risk-profile classification defined within this standard and Class 5 sites are typically found in government, military, financial and other high-security environments. To achieve this standard, a derivative model of the Inner Range Infiniti system was enhanced to provide AES 128-bit encryption across the entire system topography, from the zone input through to the controller, and applies to all local area network and wide area network (LAN/WAN) communications, alarm reporting paths and card to reader communications. In this standard, the risk profile of an intruder alarm system is determined by conducting a risk assessment based on the likelihood, and consequences, of an attack. A Class 5 risk profile is proposed when: a) the consequences of the attack may be ‘catastrophic’ regardless of the likelihood of an attack, and b) the likelihood of an attack is ‘likely’ or ‘very likely’ and the consequences are ‘major’ or ‘catastrophic’. The Infiniti Class 5 hardware is certified for use in Class 5 compliant installations when installed, commissioned and maintained in accordance with this standard and the Infiniti Class 5 documentation. Contact the Inner Range Infiniti sales team at infiniti@innerrange.com or 03 9780 4300 for more information.
SRD VISION – THE WATCHFUL EYE Say goodbye to piggybacking through secure revolving doors thanks to SRD Vision from Dorma Kaba. SRD Vision is a security option that features an optical sensor integrated in the ceiling of a revolving door, along with a sensor control box. The system was designed to reliably detect the presence of either no one, one person or multiple individuals in the passage segment of the security revolving door by way of a measuring sensor system which interprets motion patterns of the people in the door segment. This enables the door to provide secure access in combination with the security and locking drive by Kaba. This drive effectively locks the passage against unauthorised access while at the same time preventing people from being locked in the revolving door. This also applies during times of power failure. Even with the SRD Vision installed, passage rate within the revolving doors remains at a high level. Furthermore, there is no risk of people becoming trapped during power failure (automatic, self-monitored setup of the unit after power is restored). The recommended passage height is 2300 to 2900mm and the recommended width is 1800 to 2500mm of the security revolving door for installation. Thus low construction heights and comfortable passage widths can be realised, together with secure separation. Depending on the structural conditions within a building, even smaller diameters or lower passage heights may be possible. SRD Vision is suitable for retrofit into many existing revolving doors without modification of the floor structure. The system is designed to work with both 3-leaf and 4-leaf models (rotary cycles 120 degrees and 180 degrees respectively) and can be retrofitted for all security revolving doors with corresponding dimensions (except for Geryon SRD-S01 with glass ceiling) with a passage height of 2300mm or higher. Given that many revolving doors are often found at the entry to buildings, it is important to note that the SRD Vision is unaffected by extraneous light. The SRD Vision system is suitable for use in areas such as: • staff access for security-relevant areas in administrative buildings and industrial premises, public authorities, government departments and airports • access to sensitive areas in banks, financial institutions, power plants and military installations. Visit www.kaba.com for more information.
SECURITY SOLUTIONS 107
PRO DU CT
S E S A C W O H S BIOCAM300 Biocam300 is the world’s first high definition (HD) Internet Protocol (IP) camera with embedded facial recognition and display in a single unit. Using ZK’s facial recognition algorithm, it can identify users from a database of 400 faces in less than one second, making access control and time and attendance a non-intrusive breeze. Simply install the Biocam300 above the intended access point and enrol authorised personnel and the system takes care of everything else for you. Featuring four powerful infrared (IR) LEDs, the Biocam300 can be used in both day-time and night-time applications for real-time monitoring of access points. Featuring a ZK embedded, high-speed, integrated facial recognition module and their patented ‘relatively’ long-distance face recognition algorithm, the Biocam300 can support facial recognition at between 2.5m and 4m across users of varying heights. Biocam300 also comes with a full colour HD display screen mounted just below the camera to show face registering information, face recognition results and real-time video monitoring. This not only helps to ensure the system is operating properly at a glance, but can also act as a significant deterrent to anyone attempting to gain unauthorised access to restricted areas. The Biocam300 features a user-friendly interface, making the system extremely simple to operate. Furthermore, by utilising a proprietary, dual central processing unit (CPU) framework, the camera can accomplish stand-alone registration, recognition, and high-speed data transmission storage in real-time. In fact, the system can support up to 400 face registrations and recognitions while simultaneously monitoring controlled areas. Biocam300 is a three-in-one solution incorporating video surveillance, time and attendance monitoring, and single channel access control management. The system is ideally suited to high-security applications such as customs and immigration checkpoints, airports, commercial buildings, banks, sports facilities, hotels, casinos, VIP clubs, turnstiles, parking areas and so on. Visit www.zktecoaustralia.com.au for more information.
108 SECURITY SOLUTIONS
Unless otherwise expressly stated, the review of the product or products appearing in this section represent the opinions of the Editor or relevant editorial staff member assigned to this publication and do not represent the views or opinions of Interactive Media Solutions or the advertisers or other contributors to this publication.
CT DU PRO
SHO WC ASE S
APERIO AUV3 ESCUTCHEON – WIRELESS ACCESS CONTROL LOCK Not only is the AUV3 Escutcheon the latest release in the Aperio line of products from global locking solutions provider Assa Abloy, it is also the first Australiandesigned wireless access control lock. For those readers not familiar with the Aperio line, it is a new technology developed to complement new and existing electronic access control systems, providing end-users with a simple, intelligent way to upgrade the controllability and security level of their premises. The heart of Aperio is a shortdistance wireless communication protocol, designed to link an online electronic access control system with an Aperio-enabled mechanical lock. Key benefits of the system include affordable online door control of internal doors and the ability to extend an existing access control system while enhancing security for internal doors. The E100 V3 Series Escutcheon is designed to fit the Lockwood mechanical 3570 series mortice locks and provide a cost-effective migration to an online electronic access control door. In addition to multi-format card access, the external side of the door (which is always locked) provides for key override entry,
whilst the inside lever is designed for emergency egress. With wireless locks running the V3 platform, even high-frequency entrance doors still operate for two years on a standard battery, maintaining remote opening functions of typically five seconds communication time between the Aperio lock and the access control system throughout the battery life. With the faster response time and more powerful electronics, Aperio enables standard online access control functionality at significantly reduced costs to that of a hard wired door. Key Features: • supports multiple RFID credentials and Seos mobile access • heartbeat communication: 5–10 seconds • remote door opening/locking functions • powerful new electronics with USB interface • audit trails and time zones managed through existing system • compatible with Lockwood 3570 series mechanical mortice locks • additional key override • emergency egress • lock can store up to 10 override credentials/proximity cards • stores last 200 events and audit trails locally in the lock • increased battery performance – to 40,000 operations • LED status • battery low warning sent to electronic access control system. Visit www.assaabloy.com.au or call 1300 562 587 for more information.
HIKVISION PANOVU SERIES Hikvision, a leading supplier of innovative video surveillance products and solutions, recently launched its new PanoVu Series panoramic cameras. The cameras provide 180- and 360-degree, distortion-free, ultra-high-definition video, seamlessly integrating video from multiple sensors in one unit. Add to this the PanoVu’s powerful smart tracking capabilities, linkage to pan-tilt-zoom (PTZ) and zooming into images at up to 36x optical and 16x digital, its user-friendly installation and configuration, and its ultra-low-light performance, and the result is the best equipped, high-end panoramic solution on the market. Designed for large-scale security monitoring applications such as stadiums, city centres, airports and parking lots, the PanoVu Series allows users to replace multiple cameras with one multi-sensor unit – curtailing costs and reducing technical complexity. The traditional surveillance solution for this type of large 180- or 360-degree scene would require several cameras and server-level video stitching software to blend the images and create a single panoramic picture. Hikvision’s PanoVu Series is an all-in-one solution which integrates multiple sensors into the one unit, eliminating the need for video stitching software. The all-in-one design allows only one Ethernet and one power supply cable, providing for easy installation and simple configuration. The cameras have also been designed to offer easy preview images to further aid in set-up and to dramatically reduce maintenance times and costs. Hikvision’s low-light colour imaging leads the industry in performance, and the PanoVu Series cameras are no exception. The units all incorporate Hikvision’s DarkEye super-large aperture lens, sharing the same ultra-low-light performance with Hikvision’s DarkFighter Series. They are able to capture highly detailed, high-resolution colour images in as little light as 0.002 Lux, meaning around-the-clock, 360-degree monitoring is available – critical for high-risk locations like open public spaces in city centres. Smart tracking means the PanoVu cameras support a link to an additional PTZ tracking camera, enabling PanoVu’s powerful zoom capabilities to magnify tiny details in the panoramic image. Smart tracking allows the simultaneous tracking of multiple targets, in both auto and manual tracking modes. The cameras also feature a wide range of smart functions, including intrusion detection, line crossing detection, and region entrance and exit detection. The PanoVu Series cameras are available in 8MP, 180-degree and 16MP, 360-degree variants, allowing users to select the ideal model for their specific surveillance application. The 16MP 360-degree models use 8 x 1/1.9” progressive scan CMOS sensors to create their panoramic images, while the 8MP models incorporate four sensors to generate their 180-degree images. All of the PanoVu Series cameras are IP66-rated for use in a wide variety of weather conditions and applications. Hikvision PanoVu has won the Golden Excellence Award at the 15th China Public Security Expo and iF’s 2016 Design Award. Visit www.hikvision.com.au for more information.
SECURITY SOLUTIONS 109
LK
SHO PTA
Unless otherwise expressly stated, the review of the product or services appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
Next-generation security products steal the show at 31st annual Security Exhibition & Conference
Leading security product and service suppliers, including Gallagher, Hikvision and Sony, used this year’s Security Exhibition & Conference as a platform to launch or preview new products to a captive audience of around 4,500 industry professionals. Held at Melbourne Convention & Exhibition Centre from Wednesday July 20 to Friday July 22, the 31st annual edition of the event hosted 1000s of new solutions and latest product versions showcased in one complete destination. The “Security Best New Products Awards”, sponsored by Veracity, are a celebration of the most innovative products to hit the Australian market in the last 12 months. Products were judged on originality, impact of innovation, measurability of the benefits, and applicability to the Australian market by a panel of leading security experts including ANZ’s Global Head of Group Security, Damian McMeekin and General Manager of ASIAL, John Fleming, among others. Inner Range, an Australian based company and world leader in the manufacture of state of the art access control and security solutions, took out this year’s Best New Product Award from over 40 entries. The Infiniti Class 5, launched in July 2016, relates to the AS/NZS 2201.1:2007 standard and is the highest risk profile classification defined within this standard. AS/NZS 2201.1 is the Australian and New Zealand standard for the design, installation, commissioning and maintenance of intruder alarm systems. 1st Runner Up was awarded to FSH Fire & Security Hardware – SS1. The High Security Door Monitoring Sensor is designed to replace traditional magnetic balanced reed sensors, using a smart combination of Hall Effect sensors and unique magnetic-array-plates allowing the unit to be re-calibrated. 2nd Runner Up was awarded to Mobotix for their M15 Thermal TR. Mobotix has launched a new series of thermal radiometry (TR) models to generate automatic alarms, defined by temperature limits or temperature ranges, which is vital to detect potential fire or heat sources. Up to 20 different temperature triggers can be easily defined within the new TR window or the whole sensor image can be used with a typical accuracy of ±10 °C. This year the standard was particularly high, making the judging decision ever harder and, therefore, there were three honorary mentions. • Add-On APAC Innovative Solutions’ IMID ACCESS – the ultimate fusion of biometrics identification technology to provide seamless, non- invasive and accurate identification for secure access. • Digital Matter’s G52 SOLAR – providing effective, easy-to-deploy-and-use solutions for remote mobile asset monitoring, tracking and management under a broad range of environmental conditions with no need for external power supply. • Canon’s VB-H761LIVE – the all-in-one answer to live, interactive imaging. Thanks to a built-in network server, they can be connected to the internet or your LAN in an instant.
110 SECURITY SOLUTIONS
PTA SHO
Unless otherwise expressly stated, the review of the product or services appearing in this section represent the opinions of the relevant advertiser and do not represent the views or opinions of Interactive Media Solutions or the other advertisers or contributors to this publication.
LK This year’s ‘SELL OUT’ ASIAL Conference designed for security end-users also hosted an enviable line-up of local and international thought leaders who discussed strategies and presented case studies on combating the fast evolving security threats and challenges faced by Security Managers in business, government and the broader community. Among the speakers were Duncan Lewis AO, Director-General, ASIO; Caroline Sapriel, Managing Director, CS&A International Risk & Crisis Management (USA); Professor Keith Still, Director, Crowd Risk Analysis (UK); and Kelly Sundberg, Associate Professor, Mount Royal University (Canada). Security 2016 Event Manager, Alanna Phillips, said the event was a resounding success with more than 85 per cent of exhibitors already committing to the 2017 Sydney event held at the new International Convention Centre at Darling Harbour. “Security presents a yearly opportunity to reunite with the best in the industry while discovering and experiencing the latest, cutting edge products and innovations to hit the Australian marketplace from video surveillance, access control, networking and integration, alarm systems, perimeter security and much more,” Ms Phillips said. “The calibre of the brands participating and professionalism of visitors through the door in 2016 are no doubt key reasons why we’ve had so many exhibitors already resign for 2017.” Ms Phillips is excited to announce the Security Exhibition & Conference will return to Sydney at the new International Convention Centre in Darling Harbour, from Wednesday July 26 to Friday July 28, 2017. For more information about next year’s event, please visit www.securityexpo.com.au
SecuSafe Launches New DigiGuard 4MP IP Turret Network POE Camera August 03, 2016 — SecuSafe Pty Ltd, an Australian importer and distributor of electronic security products located in Sydney, introduces their new 4MP IP Turret Network POE Camera for SME surveillance industry. The attractive DigiGuard Matrix IR Turret Network Surveillance IP Camera, is fitted with a 2.8mm security lens available in white colour, this can achieve an impressive wide angle view at 4MP (2688 x 1520) resolution. With the Matrix IR Illuminator you have auto switched night vision, up to 30m in zero lux conditions. One of the key features is in the 3D Digital Noise Reduction, and a Digital WDR. It is rated IP66 suitable for outdoor installations. Power for this DigiGuard Camera, can be either 12Volt DC or PoE (802.3af). With dedicated people, warehouses in Sydney, Perth and Brisbane, they can support customers locally and nationally. For more information about our full range of IP and TVI series, please contact SecuSafe Pty Ltd at (02) 9649 4477 or email: sales@secusafe.com.au or visit www.secusafe.com.au
SECURITY SOLUTIONS 111
SUBSCRIBE Security Solutions Magazine, Level 1, 34 Joseph St, Blackburn, Victoria 3130 | Tel: 1300 300 552
I wish to subscribe for:
oONLY $62 per annum!
Name: ............................................................................Company: ....................................................................................... Position: .........................................................................Address: ......................................................................................... Suburb:...........................................................................State: ................................. Postcode:............................................. Tel:..................................................................................Email: ................................................................. ........................... TERMS AND CONDITIONS For more information on subscriptions, or to contact Interactive Media Solutions, please phone 1300 300 552 or email to admin@interactivemediasolutions.com.au. Deductions will be made from your nominated credit card every year in advance of delivery. The direct debit request and subscription price may be changed by Interactive Media Solutions from time to time, however you will always be given at least 28 days notice. The authority to debit your account every year remains valid until you notify Interactive Media Solutions to cancel your subscription by contacting Interactive Media Solutions Customer Service. No refund is given after a payment is made. In the event of a cancellation of your subscription, the subscription will simply expire twelve months from when the last subscription payment was made. Information on how we handle your personal information is explained in our Privacy Policy Statement.
Credit Card oBankcard
oVisa
oMastercard
oAmex
oDiners
Card Number: ........................................................................................................................................................................ Exp: _ _ / _ _ Card Name: .................................................................................................................................................................................................................... Signature: ....................................................................................................................................................................................................................... When payment has been received and funds cleared, this document serves as a Tax Invoice. Interactive Media Solutions ABN 56 606 919 463. If this document is to be used for tax purposes, please retain a copy for your records.
Security Solutions Magazine digital version is now available via ISSUU on every platform, everywhere! Download it now and enjoy your favourite security magazine when you like, where you like, however you like. PC, MAC, Linux, Apple, Android, Google and more...
Subscribe to Security Solutions Magazine for
ONLY $62 per annum!
Simply fill in the form or call 1300 300 552
112 SECURITY SOLUTIONS