Issuu

THE PUBLICATION FOR PROFESSIONAL SECURITY MANAGEMENT

Security Director of the Year 2021

Lina Tsakiris takes security research to the next level in partnership with Carleton University

By Neil Sutton

Neil Sutton

Andrew Snook

By Neil Sutton

WSECURITY MEETS CUSTOMER SERVICE

Internalizing some of those values can elevate the profession

hen I think about great customer service, it’s the willingness to listen that immediately springs to mind.

We’ve all had that terrible experience, where the person on the other end of the counter or phone call is immediately disinterested, desperate to end the exchange as quickly as possible. On the other hand, you can tell in seconds, based on a person’s posture, facial expression or tone of voice, how willing they are to help you. A good listener is worth their weight in gold — it’s almost a bonus at that point if they successfully answer your question or remedy your situation.

“Today, there is a more nuanced approach to security.”

When I hosted a roundtable about a month ago on customer service in security featuring GardaWorld executives and Edmonton International Airport’s security director, we explored the value of customer service, particularly when it’s linked to the tenets of Enterprise Security Risk Management (ESRM).

A security professional with a great attitude and the right training not only makes their environment a more pleasant place to be, but they can also have a demonstrable impact on its risk profile. Those same skills that can effectively address a customer complaint are also of tremendous practical value to deescalate a more difficult situation.

To me, this is all part of the evolution of the security profession. Today, there is a more nuanced approach to security that goes beyond enforcement and protection.

At our recent Canadian Security Honours virtual event, keynote speaker Todd Milne, director of security operations at Toronto’s University Health Network, spoke about quality of service, and three of its main attributes: speed, convenience and friendliness.

“Quality of service means working above and beyond one’s job description,” he said, “and taking extra steps to demonstrate genuine care for the well-being of everyone.”

Milne also spoke about rising above adversity — an apt topic these days, particularly in the health-care sector. Adversity might immediately feel like a “punch to the gut… nevertheless, overcoming hard times is what builds resiliency in us,” he said.

Milne also urged CS Honours attendees to find opportunities for growth and focus on the positive. “Make sure the picture you paint is a good one,” he said, “and comes from a real place within yourself.”

You can view Milne’s entire keynote on the Canadian Security website, along with a panel of Top 10 Under 40 winners and award acceptance speeches from Lina Tsakiris, Ron Wells, Suzanna Alsayed and Rita Estwick. You can also read more about our award winners in this issue.

There are many qualities that lead to success in the security profession, but a willingness to listen and an ability to help are definitely two of them.

Reader Service

Print and digital subscription inquires or changes, please contact

Barb Adelt, Audience Development Manager

Tel: (416) 510-5184

Fax: (416) 510-6875

Email: badelt@annexbusinessmedia.com

Mail: 111 Gordon Baker Rd., Suite 400, Toronto, ON M2H 3R1

Group Publisher Paul Grossinger pgrossinger@annexbusinessmedia.com

Associate Publisher Jason Hill jhill@annexbusinessmedia.com

Editor Neil Sutton nsutton@annexbusinessmedia.com

Media Designer Graham Jeffrey gjeffrey@annexbusinessmedia.com

Account Coordinator

Kim Rossiter krossiter@annexbusinessmedia.com

COO Scott Jamieson sjamieson@annexbusinessmedia.com

Editorial and Sales Office 111 Gordon Baker Rd, Suite 400, Toronto, ON M2H 3R1 (416) 442-5600 • Fax (416) 442-2230 Web Site: www.canadiansecuritymag.com

Canadian Security is the key publication for professional security management in Canada, providing balanced editorial on issues relevant to end users across all industry sectors. Editorial content may, at times, be

as controversial but at all times serves to inform and educate readers on topics relevant to their individual and collective growth and interests. Canadian Security is published four times per year by Annex Business Media.

Publication Mail Agreement #40065710

ASIS: GSX attendance exceeded projections

According to ASIS International, the Global Security Exchange conference, which was held Sept. 27-29 in Orlando, Fla., exceeded attendance expectations, drawing 300 exhibitors and 8,600 registrants from 80 nations.

The conference was presented as a hybrid event — a mix of in-person and virtual engagement opportunities — with the majority of attendees (more than 7,200) participating on site.

“I’m proud of my friends and colleagues for arranging what is by all metrics a fantastic GSX,” said John A. Petruzzi,

2021 president of ASIS International, in a statement issued by the association.

“We’ve received an overwhelming response from exhibitors and attendees commenting on the high quality of this year’s show. We’re pleased that the new event footprint — placing learning theatres in the exhibit hall — was well received, allowing for ease of access between our event’s bestin-class education and the solutions offered by our exhibiting companies. I’m incredibly thankful to our show’s international contingent for the lengths that they went to in order to gather here in person. The dedication of these individuals just proves the commitment of our profession to make GSX the industry’s premier event.”

This year marked ASIS’s return to an in-person GSX. In 2020, the event, dubbed GSX+, moved to an all-virtual platform in light of the evolving COVID-19 pandemic situation.

On-demand sessions from this year’s event will be available to attendees with all-access passes until the end of 2021 via the GSX digital platform. According to ASIS, encore presentations of the show’s best attended sessions will be broadcast on Oct. 20 and Nov. 10, with the original presenters available for Q&A in real time.

GSX 2022 is scheduled to take place Sept. 12-14 in Atlanta, Ga.

Kaspersky survey: data breaches are stressful

According to a recent survey report, “Dealing with a new normal in our digital reality,” released by cybersecurity and digital privacy company Kaspersky, roughly seven out of 10 people (69 per cent) find the news of a data breach stressful.

Ransomware in particular is a source of stress, especially given the number of major public ransomware breaches that have been reported recently — 64 per cent of respondents said it was their top concern.

The survey included results from 2,500 consumers, including 1,200 Canadians and 1,200 Americans. Kaspersky conducted “stress” surveys in 2018 (“The State of Cyber-Stress”) and 2019 (“Cyber-Stress, Refreshed”) in addition to this most recent one. Breachrelated stress levels, based on survey data, have not changed significantly over those three surveys, however the amount

of time respondents are spending online has. During the pandemic months, time online has gone up, with 57 per cent reporting an increase in their use of online services — and 27 per cent of respondents said their usage has “significantly increased.”

That overall trend is modified by age group: 64 per cent of Millennials increased use of online services compared to 45 per cent of Baby Boomers. (In all age groups, only seven per cent said their use of online services has decreased.)

In terms of personal cybersecurity expertise, almost half (46 per cent) of respondents self-assessed as having a basic or beginner level of knowledge; 17 per cent considered themselves to be experts.

“It is important to gain control of your digital life to have peace of mind in knowing your data is protected,”

said Marina Alekseeva, chief human resources officer, Kaspersky, in a statement from the cybersecurity company. “You can do this by protecting your devices, following proper security hygiene, going to online resources to relax, and staying up-todate and educated about cybersecurity issues.”

Kaspersky recommends the following tips for cyber-safety:

• Use strong passwords that are unique for every account

• Secure your device with a PIN or password

• Use a VPN when connecting to public Wi-Fi

• Use a security solution that can protect your personal data

• Find tools to navigate your digital life mindfully

• Learn about cybersecurity and online privacy

The show floor at the Orange County Convention Center, host venue for GSX 2021 (image courtesy ASIS International)

Nunavut IT department modernizes infrastructure to improve security posture

After a system outage was discovered one morning in November 2019, the Government of Nunavut’s (GN) IT team confirmed a terrible suspicion — their network had been successfully penetrated by a ransomware attack.

Files were encrypted at the desktop and server level, and operating systems were also compromised. As critical parts of the OS started to fail, some of the servers shut down.

“In order to prevent further spread, we did a full shutdown,” recalls Nathaniel Alexander, manager of network operations.

conducted an early investigation and root cause analysis of the attack. A DART team of four arrived in Nunavut several days later and set to work.

Nunavut’s IT infrastructure, headquartered in Iqaluit, comprises a series of data centres supporting 25 communities across the territory. The shutdown prevented the malware from spreading further, but then came the task of how to safely start the restoration process using data back-ups.

Martin Joy, director of information and communications technology, says he was aware of previously attempted ransomware attacks, but they were localized to a workstation. “This was something we hadn’t seen before with the lateral movement and attack methods. This was a little more comprehensive than what we’ve seen in the past.”

Rather than rebuild using their existing infrastructure, the GN IT department took the opportunity to start over with something more robust.

They contacted Microsoft, one of their existing vendors, and called in the company’s Detection and Response Team (DART) for support. The GN IT department was already working with cybersecurity firm Mandiant, who

“We had to have a discussion around pain points,” says Joy. “We worked directly with the DART team and looked at all aspects of our infrastructure.”

During the days of downtime, the IT team relied on phone and fax to communicate. The first priority was getting communications up and running.

“By the end of the fifth day, we had email communications flowing again and every employee that was in the GN had access to email,” says Alexander.

The GN IT team worked with Microsoft to move from Windows 8 to 10, upgrade to a cloud-based infrastructure, and adopt solutions including Azure Sentinel, Azure Active Directory and Microsoft Cloud App Security.

“We were able to modernize all of our infrastructure, all of our servers in the span of that week and a half engagement,” says Joy. “It’s a single pane of glass, but it’s more than that, because now we’re getting threat intelligence.”

There have been no major attacks against GN’s IT infrastructure since 2019, says Joy, and the IT department has maintained its vigilance.

“Defence in depth is something that our teams are very aware of now — there are multiple layers of defensive tactics put in place. We have full visibility in our infrastructure,” he says. “Our goal is to be modern and up-to-date. There can be no compromises on how we secure the environment.”

— Neil Sutton

CALENDAR

October 28, 2021

Securing New Ground Online sng.securityindustry.org

November 3-4, 2021

Sector Toronto, Ont. www.sector.ca

November 8-10, 2021

IAHSS Annual Conference and Exhibition Myrtle Beach, S.C. www.iahss.org

November 17-18, 2021

ISC East New York City, N.Y. www.isceast.com

December 1-3, 2021 The Buildings Show Toronto, Ont. www.pmexpo.com

December 2, 2021 Focus On Healthcare Security Online www.canadiansecuritymag.com

March 22-25, 2022

ISC West Las Vegas, Nev. www.iscwest.com

April 20, 2022

Security Canada East Laval, Que. www.securitycanada.com

June 2022

Security Canada West Richmond, B.C. www.securitycanada.com

June 27-30, 2022

IACLEA Conference and Exposition Las Vegas, Nev. www.iaclea.org

September 12-14, 2022

GSX Atlanta, Ga. www.gsx.org

October 19-20, 2022

Security Canada Central Toronto, Ont. www.securitycanada.com

Nathaniel Alexander

Martin Joy

By Kevin Magee

HARMONY IN CONVERGENCE

We need to redefine how physical and logical security can work together more effectively

In 2017, an unknown attacker broke into and robbed a casino through a fish tank. Bypassing all the extensive and expensive physical and cybersecurity defences, the attackers allegedly exploited an internetconnected thermometer which was used to remotely monitor and automatically adjust the water temperature in the tank.

After gaining access to the network, they moved undetected for some time before virtually walking out the front door with 10GB of highly valuable customer data, including a database with details on the organization’s most important revenue stream, its high rollers.

According to a 2016 U.S. Department of Justice indictment, the attackers obtained access to a computer control system that would have allowed them to “operate and manipulate” a gate on the dam and release the flow of water if it had not been manually disconnected at the time for maintenance.

“In the cybersecurity field, we have essentially reached the conclusion that the conventional concept of a logical security perimeter is no longer valid.”

In 2021, a United Airlines flight from San Francisco to Orlando was evacuated before take-off because several passengers simultaneously received a threatening picture of what appeared to be a gun on their smartphones.

The picture was sent using AirDrop which only works within roughly 30 feet of the person sending the file and it was this digital threat with immediate physical proximity to passengers that prompted the evacuation. Fortunately, the photo turned out to be of a toy gun that was sent by a teenager as a prank.

In 2013, Iranian hackers took control of the Bowman Avenue Dam in New York.

In the cybersecurity field, we have essentially reached the conclusion that the conventional concept of a logical security perimeter is no longer valid. What these security incident examples begin to demonstrate is that as the digital transformation of the physical world accelerate, we are also beginning to see the concept of a “physical security perimeter,” not becoming obsolete, but being completely redefined.

Transformation

Like every other industry, the physical security industry itself is undergoing digital transformation. In fact, it has progressed to the point that, at the technical level, the convergence of physical and cybersecurity has essentially already occurred.

The cloud has been a key enabler of this, vastly improving overall capabilities such as video surveillance augmented by artificial intelligence and Open Source Intelligence (OSINT) techniques leveraging social media and other online services which are now used to identify early threats and investigate criminal activity in the physical world.

So, if the lines have blurred between logical and physical risk and physical security has enthusiastically embraced digital transformation already, why are we not seeing more evidence of actual convergence between cybersecurity and physical security teams in terms of coordination, integration, orchestration, and automation in managing enterprise risk?

The answer is not an unwillingness to do so but, in most cases, it is simply legacy budgeting and cost centre structures, outdated hierarchically-based org charts, and good, oldfashioned organizational inertia that are the most common impediments.

Common ground

While the world is changing and external enterprise risks are converging, much of how organizations operate, budget for, procure and measure the success of security teams has not.

Most organizations have multiple distinct cost centres for procurement of consumables and equipment managed separately by business function.

they integrate with and depend upon.

Think about how this works in your own organization:

Are the key performance indicators that apply to your security guards aligned or in any way related to those of the security operations centre analysts?

“Like every other industry, the physical security industry itself is undergoing digital transformation.”

Physical security is likely allocated a budget for equipment such as cameras and access control devices — all of which are evaluated, procured, implemented and managed separately from the firewalls, endpoint detection and multifactor authentication solutions

Did the team who selected and manages your physical surveillance system have any input into which firewalls were purchased and implemented? Likely not.

While these organizational structures may be disadvantageous for aligning and converging security to address enterprise risk, they likely persist because — real or perceived — they are the most effective means of supporting business operations

and are therefore unlikely to change.

Consequently, the practical aspects of convergence — which can be as simply defined as getting everyone working together towards proactively managing enterprise level risk rather than in silos — is not going to be achieved by advocating for immense corporate restructuring or merging culturally incompatible organizations.

The commonality between all aspects of an organization’s security posture and where convergence can best occur lies in rethinking and redefining where accountability sits, creating enterprise-level (not simply domainbased) risk policies, and in aligning key performance indicators that measure success of the overall mission, not the individual department.

Kevin Magee is chief security and compliance officer at Microsoft Canada (www.microsoft.ca).

By Tim McCreight

TESTING OUR RESILIENCE

Renewed focus is needed as the pandemic continues to challenge us

We’re heading into a second year of dealing with a global pandemic, and our ability to change and pivot is being severely tested.

The stress of shutdowns, vaccine passports and restrictions are beginning to show in more protests, unruly crowds at election rallies, and increased physical and cyber threats to organizations.

opened by a user or someone trying to break into a facility. But now we have to turn our attention to protesters blocking access to hospitals, or ransomware holding companies’ hostage for millions of dollars.

“The difficulty is in the distractions.”

How do we help our organizations persevere as we deal with an ever-changing threat landscape? How can we stay engaged when we’re dealing with pandemic fatigue, job burnout and a higher-than-average number of folks leaving jobs and trying to find balance?

For me, I’m trying to stay focused on risk and data. I’m always reminding myself to search for the data to understand the risk. I know I need to present that objective information to my leaders so they can make good business decisions. It sure sounds easy when you’re typing it for an article, but it’s been pretty damn tough to follow these past many months.

The difficulty is in the distractions. As security professionals, we’ve witnessed so many distractions throughout this pandemic: the very fluid response by government and organizations for lock downs, mask mandates and vaccine passports; the opening and shutting down of businesses across so many sectors; and the movement back and forth between working at an office and operating from home.

All of these activities, and many more, have made it difficult to assess the risks our organizations face. We know we have to deal with what we longingly refer to as “normal risks,” like malware being

The risks are more complex, I think, caused by the pandemic, its lasting effects on the economy and its direct impact on our social interactions. I didn’t think I’d be writing this but we now have to take into account supply chain impacts for items ranging from computer chips to Christmas toys!

Through all of this turmoil and turbulence, I’ve found some peace by relying on the principles of ESRM. Whether it’s trying to figure out what assets we need to launch a new product, or giving myself the licence to follow Design Thinking principles, the philosophy of ESRM has really helped! I know this sounds like an infomercial, but being able to look at risks collaboratively and coming up with options that make sense has been something I’ve relied on more these past months.

We can’t deal with all the security risks we’re facing by ourselves. We need to really engage our business stakeholders and other departments to get their perspectives on risk. We need to make sure our executives know what we’re doing and how our work can positively impact our organizations. And we need to spend more time educating employees and making project teams aware of our role, how we can help, and the role they play in our security program.

I’m looking forward to the changes I’m going to make with my security family. This coming year I’m going to share my ESRM journey at ASIS International and within my organization. I may not be able to give specifics for either role, but the lessons I know I’m going to learn are really what I want to share. I’m pretty sure I’ll make mistakes and fall down along the way. But that’s OK — it’s how often I get up that’s more important.

Stay tuned for the journey ahead!

Tim McCreight is managing director, enterprise security, CP Rail (www.cpr.ca).

By Winston Stewart

SET GUARDS UP FOR SUCCESS

Pre-deployment

training helps security teams reach or exceed their goals

One of the first business lessons most of us are taught is to always show up for work on time and prepared.

That rule applies whether we’re working a high school job at a fast food restaurant or in a career role later in life. It’s a basic, universal expectation. So, why is it overlooked by some security providers?

The reason is because security guards are often assigned to roles reactively and on little notice. Security firms that have less robust training processes and management systems will try to cover hours without ensuring their guards are up to the task. While they may think they’re helping clients, they’re actually setting the stage for a host of other challenges. Ill-trained and unprepared guards can be a source of unnecessary legal liability and poor service

high-end resident experience means taking it a step beyond.

It’s about assigning condo concierge teams that are trained in effective resident relations and customer service. Simply seating a guard at a desk, asking them to check that doors are locked and to monitor who enters the building, won’t be sufficient in situations where service expectations are far higher.

“Really, it all starts by asking the right questions. Security firms should work with property owners and managers to understand their specific needs.”

Effective pre-deployment training of security teams not only alleviates many of these issues, but sets the stage for more successful outcomes and greater client satisfaction. That means ensuring that guards are fully briefed on unique technical features and the layout of a client’s facility. They also need a complete brief on the clientele, residents, or employees they’ve been assigned to protect, among a host of other

Really, it all starts by asking the right questions. Security firms should work with property owners and managers to understand their specific needs. If the property is a luxury condo, for example, what kind of resident experience do they aspire to maintain? Because delivering a

If it’s a retail environment or an industrial facility, what sort of unique logistical hurdles could guards face and how should they be ready to handle them? Are there any complex operating systems that might create barriers to handling an emergency situation in a timely and effective manner? It’s only with that level of detailed information — and hopefully much more — that security firms can develop a comprehensive security plan that addresses a range of potential scenarios and outlines procedures detailing how their guards will handle them.

But no matter how robust the strategy, it’s only as good as a guard’s ability to deliver on it. That’s where pre-deployment training comes into play. Having a structured process to train guards is crucial to ensuring success in the field — and it needs to be based on those aforementioned discovery questions posed by the security firm’s supervisory team. Those answers must be communicated to guards in a fulsome briefing about the property and people they’ll be protecting. Guards need to understand the client’s operational expectations and various day-to-day performance requirements — from the frequency of patrols to important security or mechanical features.

Because systems can vary significantly, it’s important to provide detailed training on specific control or alarm system panels. Reputable security firms typically have their own mock fire control panels to train

staff, or will do what’s necessary to ensure they have adequate on-site training prior to shifts. The same goes for HVAC and other mechanical systems. While guards won’t need to be experts in the function of a building’s elevators, for example, they should understand their basic operation and unique features in case of an emergency situation. An equivalent level of training is required for other systems, such as surveillance.

“No matter the situation, a guard’s training isn’t the client’s problem, but the responsibility of the security provider.“

a supervisor or the property owner/ manager is aware of the issue. They also need to understand how to respond in the event of an emergency. If a building evacuation is required due to the sounding of a fire alarm, for example, guards must be able to immediately identify mustering points and be able to implement evacuation protocols, among other important considerations. Even

Beyond the technical considerations, guards must be trained in basics such as report-writing skills and proactive observation and reporting. That means that if they spot a problem once onsite, they’ll speak up and make sure

simple emergencies, such as a leaking pipe or a slip-and-fall incident, will require an immediate and engaged response. If guards aren’t properly trained, common and preventable issues can result in legislative non-compliance, costly fines or legal challenges.

This may seem obvious, but the unfortunate reality is that these rudimentary skills have been lost across some firms as the need for security services has exploded in recent years.

Of course, even the best-trained guards require oversight. That’s why it’s crucial for a security firm’s supervisors to make regular onsite visits, seek feedback from key stakeholders such as property managers or tenants and conduct regular performance reviews. If guards aren’t working out, they should be reassigned to a different site.

No matter the situation, a guard’s training isn’t the client’s problem, but the responsibility of the security provider. And if their guards aren’t fully prepared, those employees should never set foot on a client’s property.

Winston Stewart is the president and CEO of Wincon Security (www.wincon-security.com).

By Kenrick Bagnall

THE FUTURE OF CYBERCRIME

Advanced technologies like AI and quantum computing are changing the stakes

So here we are, in the fourth quarter of 2021, and cybersecurity issues continue to grow in terms of scope, complexity and cost.

We can count the number of breaches, or at least the publicly disclosed ones, in an attempt to gauge the relative impact. We can also count the number of customer records exfiltrated in a cyberattack, or the petabytes of data that have been encrypted as a result of ransomware. The one thing we can all relate to is cost. The financial impact always paints a clear picture: The Gartner Group predicts that the global spend on cybersecurity will exceed US$170 billion in 2022.

computing and blockchain are strategically combined and leveraged against unsuspecting data repositories?

“Open dialogue can be a huge catalyst for progress in this space.”

We know some of the good these technologies can bring, and in many cases we are still learning what they can really do for humankind. But let’s take what we do know and look at things from an adversarial perspective for a moment.

From a cybercrime point of view, the standard method of operation has come to be known as the “Kill Chain.” It is the series of steps the adversary would take in completing a successful attack. The steps are as follows:

• Reconnaissance

• Intrusion

When examining cyber risk, the three elements often discussed are: system susceptibility, system accessibility and threat capability.

Let’s take some time to consider number three from a technology perspective. Cyber adversaries are often highly motivated, well funded, and very adept in the use of advanced technologies. Often it isn’t the use of any one specific technology that gives a cybercriminal the advantage, but the strategic combination of technology, social engineering, timing and patience.

If that’s not enough, then what will the future hold for cybercrime when technologies like Artificial Intelligence (AI), quantum

• Exploitation

• Privilege Escalation

• Lateral Movement

• Obfuscation / Anti-forensics

• Denial of Service

• Exfiltration

Now consider an AI-leveraged Kill Chain. A cyber advisory could have a highly optimized attack model that would not only run itself, but it would get better at it each time. Remember how good “Deep Blue” got at playing chess?

Quantum Computing is predicated on the ability for a computer to leverage the laws of quantum physics to be computationally much, much faster than a traditional computer. Traditional computing is based on Binary with each “place holder” (a bit) being a one (1) or a zero (0). With a Quantum Computer, the place holder is a Qubit and can theoretically be a one, a zero, or both.

Because of the raw computing power of Quantum, the impact on computationally intensive tasks like cryptography, financial modeling, logistics optimization and yes, AI and machine learning is tremendous.

Now consider a cybercriminal taking advantage of this type of computing power for nefarious gain. The potential impact could be devastating and far-reaching.

Blockchain technology was first introduced to most of us as the system or public ledger that unpins the popular

crypto currency known as Bitcoin. There are several other Blockchains that exist in support of other popular digital currencies. Blockchains are also used as a separate technology to enhance security and provide speed and efficiency for things like smart contracts and other data management applications.

An organized network of cybercriminals leveraging Blockchain technology to improve the efficiency of their attacks and the security and confidentiality of their techniques is highly problematic. Not to mention the challenges that this could cause for law enforcement in the

face of the high threshold for burden of proof in criminal court and the absence of case law for accessing evidence in such a space.

“Public and private sector partnerships, especially with law enforcement, allow for the sharing of intelligence.”

Any of the aforementioned three in isolation is potentially daunting to think about. But it would be irresponsible of us to not think of all three working in concert against our collective efforts to keep data secure.

At this point if you feel like throwing in the digital towel, all is not lost.

The first thing to remember is that we, as security professionals, have access to these same technologies. It’s what we do with them that will ultimately make the difference.

Open dialogue can be a huge catalyst for progress in this space. Working groups, such as the Canadian Cyber Threat Exchange (CCTX), provide a forum for businesses to discuss trends and possible solutions.

Public and private sector partnerships, especially with law enforcement, allow for the sharing of intelligence and access to tools that can be used in the investigative process.

But cybersecurity and the prevention of cybercrime is not just a technology problem — it is a human condition that will force all of us to work together at the pace of the adversary just to stay in the game.

If you are the victim of a cybercrime, contact your local law enforcement agency and report it.

Kenrick Bagnall is a Detective Constable with the Toronto Police Service Computer Cybercrime Unit (C3). Twitter: @KenrickBagnall

Q Q A & A

ASTEVE JONES

CEO, Allied Universal

llied Universal celebrated a major milestone in the company’s growth when its acquisition of G4S closed in April of this year.

Canadian Security recently spoke with Allied Universal’s CEO Steve Jones for an update on the integration process post-acquisition and to check in on other developments, including its systems and technology businesses, and how the company stepped up to deliver service during the global pandemic. This conversation has been edited for concision and clarity.

Canadian Security: How is the G4S integration process going?

Steve Jones: It’s going very, very well. It will be concluded by the end of the year. The management teams and the leadership have all been selected; they’re working together as a cohesive group. The integration that’s left is on the part of finalizing the branding aspects, changing them to Allied Universal and then putting the two back office systems together. We’ve got tremendous experience in doing that — we’ve done it many, many times.

As always, the most difficult and challenging aspect is the people part. People drive culture and people are really who manage this business. We are really excited that we were able to keep the senior level executives of the G4S Canada business as well as the senior level executives of the Allied Universal business and blend them together in a structure that works for everybody.

CS: How is the transition being handled from the customer perspective?

SJ: The goal is always for this to be as invisible as possible for the customers Besides the name on the invoice or the name on the patch changing — the people who are with them day-to-day,

the security officers that protect them and their assets, and their employees and customers and visitors — that doesn’t change. Any structural changes that we make, we make them way in advance and they’re communicated to all the customers. We were able to work through what the organizational structure is going to look like and we got that finished squarely by the end of the second quarter.

For the customers, there should really be no surprises. And that’s what we take pride in — there will be no surprises and a smooth transition for them.

CS: Does integrating a brand like G4S, of significant size and stature in the industry, present any unique challenges or opportunities?

SJ: To quantify it, G4S is absolutely the largest acquisition we’ve ever done. But ... you have to bifurcate it in that you

have G4S in North America and G4S in the rest of the world.

The reason why that is important is, the integration within Canada and the United States is a very large acquisition, but it fits nicely within our organizational footprint. It adds about 25 per cent to our revenues in North America.

The biggest part of the G4S business was outside of North America. That’s the biggest change for Allied Universal. What we’ve done there strategically is we’ve kept the entire G4S international group in place, to include all the presidents in each of the countries, the infrastructure, the international headquarters in the U.K.

CS: How does G4S’s previous ambitions to grow the integration and technology side of its business fit with Allied Universal’s own goals in that department?

SJ: We were about US$200 million [revenue] in systems and technology in North America. It was a big push of ours — we were growing both organically and through M&A. With G4S, we added about a billion dollars on a global basis, so our total revenues for systems and technology now are just over US$1.2B. We’re super excited

about that, because it absolutely expanded our capabilities and our scale and resources. This really enhanced the area that we want to focus on.

CS: How is Allied Universal evolving overall in terms of its guarding and technology businesses?

SJ: [Our goal] is to be an integrated security services provider and be able to offer a variety of services that really help our customers manage their day-today needs. That’s everything from our manned guarding business, which we expect to keep growing, and the security and technology solutions part of our business, which will also continue to grow on a global scale. We expect that to grow significantly faster.

Then we have other really important services for our customers that really round out our capabilities, so we can sit in front of our customers and be that one-stop-shop — everything from executive protection to risk and consulting services to investigations. For us, it’s an integrated solution that absolutely is the future of our organization on a global scale. Given our size and scale, in the local markets we can be part of the community… and on a more global scale, work with our enterprise customers.

CS: What are your thoughts on how the security market has changed during the pandemic?

SJ: I am very proud of what security has done through the pandemic. In every country that we operate in, security was deemed an essential service. I think that’s important.

We saw, all around the world, that there’s an increasing level of evolving risk, whether it’s through the pandemic, hurricanes, fires, floods, social unrest, civil unrest, the threat of terrorism… there’s just an increasing level of risk in the world and I think the world recognizes the need and the importance of security.

With our company specifically, I think we weathered the storm very well because we were able to be there for our customers in all those different times of need. Whether it’s protests,

pandemic-related services — healthcare, distribution facilities, retail, grocery, COVID screening, COVID testing centres, hotels [for pandemic quarantining] — within our customer base in North America and around the world, our team, during the pandemic, has had to stand tall. [They have been] on the forefront of many challenges,

disasters and security threats and I’m really, really proud of what they’ve done. They are heroes amongst us all.

I know, around the world, a lot of different professions were being recognized [like] nurses and doctors, and rightfully so, but I certainly think security officers fit that category and deserve that same recognition.

Increase Safety & Security

With the ANNT Hostile Vehicle Mitigation (HVM) K12 bollard a full-size, speeding vehicle is brought to a dead stop.*

• Versatile Operation: choose from fixed, removable, semi-automatic or automatic bollards.

• A Reliable Sentry: a single 275 K-rated bollard is certified to K/M standards.

• Easy to Use: operated by key fob, RFID card, keypad or smart phone.

• Blend in: with your urban landscape with brushed stainless steel or powder coated in any RAL colour.

* Just one ANNT K12 rated bollard will stop a 6,800 kg vehicle moving at 80km/h.

Perimeter Protection Products

BUILDING THE KNOWLEDGE BASE

Lina

Tsakiris

champions a partnership with academia to develop a better understanding of one of the major risks facing Canadian organizations

By Neil Sutton

The classic model of a successful security department is one that recognizes and anticipates potential threats to an organization and mitigates them in the name of protecting people, property and assets.

But those potential threats can occur both inside and outside of that organization.

Lina Tsakiris is one of the leading experts in a growing field of professional security that recognizes risks can arise from within. But how and why those risks flare up are questions not easily answered.

front line role for a national Canadian contract security firm. At the time, she was earning money towards her postsecondary education — the criminal justice program at Toronto’s Centennial College.

She says she sometimes found herself working in high-risk environments — placed there due to her self-defence training and a background in competitive martial arts (see sidebar, p.20).

2021 SECURITY

DIRECTOR OF THE YEAR

Tsakiris has spearheaded additional study, working with corporate and academic partners in an effort to create more knowledge and understanding around the phenomenon, particularly its impact on Canadian enterprises.

For her contributions to the study of insider risk and in recognition of an impressive security career built over decades, Tsakiris was named Security Director of the Year 2021 by Canadian Security’s editorial advisory board.

Tsakiris began her career in a

Upon graduation, Tsakiris attended McGill University in Montreal, majoring in sociology. She had planned to move on to law school, but her education ambitions were cut short due to an unanticipated illness.

When she recovered, she rejoined the workforce — again in contract security but this time in a more senior role.

After a few years in that environment she says she sought “a different kind of challenge” and was intrigued by the prospect of a role in the financial sector. “I found that corporate security offered different attributes I was interested in and opportunities that might be a better fit.”

Tsakiris took the opportunity to

redefine herself as a security professional and “to really build my brand, step out into the industry and start doing some volunteering.”

She joined the ASIS International Toronto chapter and earned her Certified Protection Professional (CPP) designation “at the earliest opportunity that I could qualify. Those two things gave me the tools to really compete for a role within the financial services industry.”

Tsakiris joined Royal Bank of Canada’s (RBC) corporate security

Photo: Sandra Strangemore

department in 2005, working with one of her earliest mentors Ric Handren. (Handren is also a Security Director of the Year recipient, recognized in 2009 while he was RBC’s director of protection services. Tsakiris submitted his award nomination.)

“We had an incredible journey as a team. We operated as a close-knit unit,” says Tsakiris. “That was really the first time I was able to see how the security sector worked on a global platform. My role there took me to several different countries. That, for me, was really an

education.”

Tsakiris left RBC to join TD Bank in 2011 as senior manager, global physical operations. In 2014, she accepted a role with her current employer, CIBC.

Her initial role with CIBC was rooted in physical security operations, where she was responsible for the creation and management of several global security risk management programs including threat risk assessment, physical security technology, robbery prevention and major event management, such as the 2015 Pan

Am Games, for which CIBC was a title sponsor.

Six months into the role, she accepted a secondment with a Canadian public sector organization for a year, related to risk management and relationship enhancement of private and public sector engagement.

Tsakiris moved into a new position at the bank two years ago as director of strategic security partnerships.

“It’s really about actively engaging with a spectrum of information-sharing communities that are active in the risk mitigation space,” she says, describing a wide group that includes the intelligence community, law enforcement, academia, and professional organizations as well as business partners, such as the other Canadian charter banks and financial institutions globally.

“What we aim to do as a collective is lead and collaborate on key security issues, topical security matters, and develop good guidance practices and exchange that information. The idea is to remain proactive — not wait for a tangible threat event to occur and simply respond to it, but actually have these conversations,” explains Tsakiris. “What I do in my current mandate is connect all these dots.”

Tsakiris underlined one of those connections by championing a partnership with Ottawa’s Carleton University to develop a focused research project on insider risk and insider threats through the Norman Paterson School of International Affairs (NPSIA). The partnership was formed in an effort to provide more research, guidance and understanding of insider risk in all its forms — including physical and cyber risks.

While there is an established body of knowledge on the subject, little of it is focused on Canada. Tsakiris engaged with NPSIA’s graduate students, working with professor Alex Wilner and his Canadian National Security Policy course, to develop a homegrown understanding of insider risk.

This research has examined known instances of insider threat, breaking down factors that contributed to each case, including political, economic,

social, technological and environmental variables. The research was undertaken within the context of the Canadian landscape, and a methodology developed that could help identify insider threats for a decade to come.

In a testimonial that was included in her Security Director of the Year nomination, Wilner describes Tsakiris as “a superbly insightful security practitioner, more than willing to spend the time needed to help academics and students alike wrap their hands around evolving security considerations. Her involvement should be considered a gold standard for private-academic partnerships… the unique opportunities she provided to my students — including invitations to brief high level personnel and managers on their research findings — will help prepare and motivate Canada’s emerging generation to take up the mantle of security preparedness and decision making.”

Tsakiris says the partnership with the Norman Paterson School has been an incredible opportunity to tap into a rich vein of new research on insider risk and work with a talented and inquisitive group of academics.

“The results were exceptionally successful and illuminating. It really captured what we were looking for,” she says.

According to Tsakiris, insider risk is one of the top three security threats faced by Canadian organizations today.

She says the number of known insider threat events has tripled in the last few years, resulting in the creation of more corporate security programs designed to recognize and counter them.

The research indicates that there is no single best method to mitigate insider threats and a comprehensive approach is required, taking numerous factors into account such as employee training, mental health and organizational culture.

“We

risk panel discussion that was made available as part of ASIS International’s Global Security Exchange (GSX) conference, held in September.

intend on continuing our journey to bring more of this topical research to light for all organizations.”

There is also a very strong correlation between employee disgruntlement and potential threats, says Tsakiris.

“We find this discovery to be exceptionally helpful because it punctuates the importance of ensuring organizations continue to build a positive and supportive work culture.”

Tsakiris describes the research as “groundbreaking for Canadian organizations … we intend on continuing our journey to bring more of this topical research to light for all organizations.”

Some of the research has already been shared through professional security associations. Tsakiris also recently participated in an insider

In terms of her future career goals, Tsakiris plans to keep pushing the envelope on security research and continue collaborating with her professional network, including her executive volunteer roles with ASIS International. As the recipient of mentorship early in her career, she has made it a priority to mentor young security professionals as they build their own careers.

“It’s important to pay that forward but also build for tomorrow’s leaders,” she says.

Tsakiris urges young professionals to be mindful of their own well-being as they strive for career development and approach every role, large or small, with integrity.

“What I encourage young professionals to do is really be clear about what matters to them and then find a role that reflects that value system,” she says. “I always say to my mentees, how you do anything is how you do everything. It’s about bringing your worlds together, developing that value system and sticking to it.”

PEDAL POWER

Lina Tsakiris can converse quite happily for hours on a range of topics related to professional security, but she’s equally at home when she’s hiking trails or long-distance cycling.

A natural athlete, Tsakiris joined a Ju-Jitsu club run by a Toronto Police constable at age 15 — her first real experience of security and law enforcement, she says — and trained to a competitive level.

In 2015, Tsakiris participated in a CIBC-sponsored Charity Challenge — a 400 km off-road cycling trek across Tanzania. Their collective efforts (another CIBC team climbed Mt. Kilimanjaro) raised $114,000 for the Canadian Cancer Society.

Tsakiris says she’s looking forward to more adventure travel as soon as pandemic restrictions begin to lift and it’s safe to do so.

TRITA ESTWICK SUZANNA ALSAYED

RONALD WELLS

he fourth annual Canadian Security Honours event was held on Oct. 7 this year, celebrating the achievements of security professionals from across the industry.

Canadian Security celebrates the accomplishments of security leaders who are helping to transform the industry

Canadian Security Honours was founded in 2018 on the occasion of the publication’s 40th anniversary to recognize security in all its dimensions and security professionals at different stages of their journey.

The live celebration was held virtually this year

Our 2021 winners are: Rita Estwick (Lifetime Achievement); Ronald Wells (Community Leader); Suzanna Alsayed (Emerging Leader); and Lina Tsakiris (Security Director of the Year).

(similar to last) and featured a keynote address from former Security Director of Year Todd Milne, Director of Security Operations, Fire & Life Safety and Connect at Toronto’s University Health Network; a panel focused on career engagement and growth from a group of our Top 10 Under 40 winners; and remarks from each of our Canadian Security Honours award recipients. The event was supported by sponsors Genetec, March Networks, Panasonic, Osgoode Professional Development and GardaWorld.

If you missed the live event, please visit www. canadiansecurity.com/virtual-events to view the sessions on-demand. — Award profiles by Neil Sutton

LIFETIME ACHIEVEMENT AWARD:

RITA ESTWICK

ACanada Post veteran of more than 25 years, Rita Estwick is both the “institutional memory” of her organization and the risk advisor helping to chart its course into tomorrow and beyond.

Estwick joined Canada Post in 1996 on a six-month contract to fill a maternity leave and was originally tasked with working in the organization’s security call centre. “The idea behind this was to start to collect and collate information with the idea of identifying trends and actionable insights,” she says.

with the Retail Council of Canada (RCC) as an active member of its loss prevention committee, including a one-year secondment to spearhead an organized retail crime initiative.

“We bring an insight, we bring an intelligence, we bring a perspective.”

When the employee on maternity leave returned to Canada Post, there was more than enough work to manage and Estwick was hired on full time.

Estwick remembers that when she first started, Canada Post was delivering goods that were bought over the phone by consumers responding to TV infomercials. But by the early 2000s, the dot-com boom was underway and e-commerce was beginning to reshape the retail landscape.

Estwick’s position at Canada Post began to change too. Her security role grew to include data analytics and customer risk management. She began working more closely with retailers’ security teams to help address their new needs. The position also led to a collaboration with the United States Postal Service, which was engaged in a similar outreach program.

A bridge-builder throughout her career, Estwick has worked with a number of different organizations, including businesses and law enforcement, as well as security associations like ASIS International, the Association of Certified Fraud Examiners and the International Association of Financial Crimes Examiners. She has enjoyed an especially fruitful relationship

The project was designed to provide education and best practices, “and raise the level of awareness for large, mid-size and small retailers around some of the risks and what we, the RCC, could do to help,” says Estwick. (For her service to the retail community, Estwick was awarded the RCC’s loss prevention lifetime achievement award in 2015.)

When Estwick returned to Canada Post full time, she was promoted to director of security. Since then, she has held a number of titles, including director of security strategy and director of enterprise security development.

In 2015, she led a five-year security plan called Postal Security 2020, which took into account known and potential threat vectors in order to prepare the organization for the future. “It’s all about resilience,” Estwick told Canadian Security in a 2015 interview. “It’s not a question of if these threats will hit us, it’s a question of when. It’s about our ability

to deal with them and resume. That’s what resilience is about.”

Today, Estwick refers to 2020 as “the most unusual year in my career.” Typically, Canada Post expects to see its capacity scale up for holiday deliveries beginning in September. When the pandemic hit, that surge started in the spring due to an unprecedented spike in e-commerce. “From a security perspective, we were ready,” says Estwick. “We’ve always been ready.”

Estwick is currently director of the Security Fusion Centre at Canada Post. Her mandate is to continue to develop strategies to respond to emerging threats and strengthen Canada Post’s culture of trust.

An advocate of constant learning, Estwick volunteers with Humber College, serving on the advisory committee for the Protection, Security and Investigations program. She also recently graduated from the Schulich School of Business at Toronto’s York University with a certificate in professional services.

She says the experience opened her eyes to the role that the security department can play in the C-suite. “And I think that’s where security needs to sit, in any organization, whether you’re a small business owner…right up to a very large organization, because we bring an insight, we bring an intelligence, we bring a perspective,” she says.

Estwick says she’s sometimes asked why she has remained with Canada Post throughout her career. “I’m not done yet,” she replies. “I see myself growing.”

COMMUNITY LEADER AWARD: RONALD WELLS

If you ask Ron Wells about security, he’ll tell you he was born to do it. Wells is a member of the Wiikwemikoong First Nation located on Manitoulin Island, Ont. He spent a few years of his childhood there, until his parents moved the family to the Toronto area. Going back several generations, many of his family members have served in uniform or in the armed forces.

“Everyone has served in our family,

going back to World War I. Growing up as a kid, there was always a fascination with military or uniformed types of organizations,” explains Wells.

His first security job came in 1994 at Toronto-based Intercon Security, while he was still in his teens. In 1999, he joined the Military Police Army Reserve, where he spent three years. He then joined the Metropolitan Toronto Housing Authority (now known as Toronto Community

Housing) as a special constable, before moving on to the City of Vaughan, working in a bylaw special enforcement unit.

In 2008, he struck out on his own and founded Cancom Security, a Toronto-based company that offers a variety of services including security guards, close protection, private investigations, loss prevention and installation services.

professionals. Some have moved on to policing. I’m very proud of that. One individual started his own security company as a result.”

Cancom Security was particularly active in First Nations communities during the pandemic, helping to train residents to become new guards and providing Torontobased guards in the interim.

“It’s true community-based security.”

He can trace his security ambitions back to those formative years at Intercon, a company he says led the way in terms of a high level of customer service and a positive approach to the profession. (Intercon changed owners several times in the 2000s and was ultimately acquired by GardaWorld in 2013.)

“It left such an impression on me and what a professional organization it was. Men and women in suits and ties — it was very prestigious,” says Wells. “I thought, I really want to be part of something like this. I actually said, I would love to own and operate something like this.”

Wells has grown his company several times in recent years, opening additional offices in Ottawa and Kelowna, B.C., and recently expanding into the U.S.

He continues to follow his philosophy of promoting security as a profession, noting the hard, and sometimes difficult, work that front line security guards are required to do — but also the positive presence they can bring to an organization or community.

Wells actively promotes Cancom Security as a First Nations company, and reaches out to First Nations communities to offer training and ultimately employment in a sector with future job prospects and career development.

“We work with police at the community level, hire within the community, train within the community and put a security program together based on that model,” explains Wells. “It’s been very successful. It’s been about 10 years now that we’ve been training and developing First Nations security

Having a local presence with community members in uniforms and vehicles can have a tremendous impact, says Wells, and has also led to a positive relationship with police.

“In a lot of ways, we become that positive link between police and communities at large,” says Wells. “It’s true community-based security.”

Earlier this year, Wells started the Cancom Foundation, a charity organization created to support two major contributors to Wells’ own success: youth-centred sport and education. Wells says he credits his own involvement in team sports, as well as his parents’ insistence that he pursue an education, with helping him to develop a positive attitude and professional acumen.

The Cancom Foundation held its first annual golf tournament in August of this year at the Rainbow Ridge Golf Course on Manitoulin Island, raising $30,000 for Wiikwemikoong Hawks Minor Hockey, the Wikwemikong Board of Education and the Angel Project, which provides assistance and support to patients in complex care hospital units.

“A thousand dollars buys jerseys for a whole hockey team. For me, it’s very important. I’m a strong believer in sport and education,” says Wells. “That’s really what the foundation is all about — providing them the tools that they need.”

Wells aims to support other First Nations communities with similar initiatives as the tournament grows in future years.

Wells is also developing another community-based initiative, providing free alarm systems and panic buttons to homes at risk of domestic abuse. Cancom has supplied GSM-based portable alarm systems through the Saugeen First Nations Domestic Violence Program. One life has already been saved, when a child alerted responders that her mother had overdosed. Security responded and were able to revive her. “The kid saved her mom,” says Wells.

EMERGING LEADER AWARD: SUZANNA ALSAYED

For those who follow Suzanna Alsayed on social media, it quickly becomes clear where her interests lie: security, branding and linguistics. She has brought all of these into her professional orbit and created two companies that reflect not only her expertise but her vision for the future.

Alsayed was born in Russia and moved to Canada with her family at the age of two, settling in Quebec. She spoke Russian and Arabic at home and French at school. The family moved to Ontario four years later. Alsayed continued to speak French at a Francophone school for several more years, learning English as a teenager after she switched schools.

One of her earliest interests in life was rhythmic gymnastics. She trained as a child in Quebec and temporarily moved back to Russia for a few years to sharpen her skills. When she returned to Canada, she competed in the sport at a provincial then national level and was eventually pre-selected to represent Canada in rhythmic gymnastics at the 2012 Summer Olympics in London. Unfortunately, an injury side-lined those ambitions and Alsayed was forced to retire from competition. She says her initial reaction was to view the experience as her “first major failure” in life, “but now that I’m older, I see it as my first major redirection.”

The seeds of Alsayed’s interest in security and emergency management were planted early. She was drawn to police procedural TV shows at a young age, intrigued by the mysteries and human drama. Her family also nurtured her curiosity in international politics. Alsayed was only seven when the 9/11 terror attacks occurred, but her parents didn’t shield her from the tragedy. Alsayed got into trouble at school the next day for scaring other children with a detailed account. “I was always aware, from a young age,” she says.

linguistic expertise. He also suggested she join ASIS International. Alsayed duly applied to the York program and was accepted on a full scholarship. She also found the time to volunteer with ASIS.

“Social media gave me a platform and gave me a voice.”

In 2018, she joined a committee that helped to develop ASIS’s new Associate Protection Professional certification and also attended the organization’s GSX conference in Las Vegas that year where she won a GSX Young Professionals Experience award. That experience cemented her interest in security, she says.

some additional expertise in branding and marketing. “I like expressing myself through story-telling and providing my two cents to the industry as a young professional,” she says. “Social media gave me a platform and gave me a voice.”

Friends and colleagues urged her to start charging for marketing advice and she founded her second company in less than a year. Evolutz, based on the Russian word for evolution, was born in July 2020. A brand and business development company, Evolutz works with security clients.

She followed her geo-political interests throughout her schooling and eventually into university first with a political science degree, then a second degree in international relations, both at Toronto’s York University. At the time, she also worked as a flight attendant, managing some of her schooling remotely.

Her transition into the security world was the result of a chance meeting in 2016 when she shared a table in a crowded Starbucks with a risk management banking consultant. Chatting with Alsayed, he recommended she pursue a master’s degree in disaster and emergency management also at York University, based on her background and

She also took advantage of the show as a networking opportunity and landed her first job in security working in a operations manager role at GardaWorld — a position she accepted the day she graduated from York.

Alsayed says she left GardaWorld after about a year to mull her professional prospects, and founded her first company while she was between jobs (she currently works for Bell Canada as an emergency management specialist). She created Hilt International Security as a consulting firm, principally, she says, to bridge the gap between security and emergency management.

At the time, Alsayed was also applying her gregarious nature to social media posts, while developing

“The security industry is a very powerful industry. We are really good at what we do, but we are really bad at promoting ourselves,” says Alsayed. “I want to rebrand the industry one project at a time, one client at a time.”

Alsayed says she is committed to telling the world that security is more than just “buzzing people into condos.” She also aims to branch into other industries with her sights set on real estate, construction and legal firms.

Alsayed has crafted an online following, using social media as a communications and promotional tool for her companies. She also leverages her web presence to draw more attention to two other topics that are key to her success story: immigration and women in business. Alsayed is currently writing a book that focuses on her entrepreneurial journey and life experience.

“I have something to say,” she says.

Silvia Fraser City of Toronto

Denis Lachaine Gordie Howe International Bridge

Marti Katsiaras ADP

Lorne Lipkus Kestenberg, Siegal, Lipkus LLP

The role of customer service

The panel was asked what they believe the role of customer service is today in

the professional security market, and how it can improve performance and results.

“When we talk about having customer service as part of the crime prevention program, it’s essential. It’s a foundation of what our guards and our employees should be doing at every single level,” Sportun said. “Building it into your program, having our guards go through it, is very important and key to a very productive customer experience on the client end.”

Having trained security personnel that can offer strong customer service is especially vital in places like international airports. Edmonton International Airport’s Sangster said about 90 per cent of incidents and issues at the airport can be related to customer service.

and various programs help those folks deal with the various incidents they get involved in,” Sangster said. “That enhanced training allows them to work with those people, whatever those issues are.”

Plaisance said the role of security presence in a retail environment is key.

“Our airport security guards are front stage and centre when it comes to dealing with passengers, the public and our airport employees.”

— Jason Sangster, Edmonton International Airport

This can include dealing with customer disputes at check-in counters, alcohol-related issues, situations involving airport employees, and mental illness issues at the airport, all while meeting its regulatory and corporate compliance.

“Our airport security guards are front stage and centre when it comes to dealing with passengers, the public and our airport employees. Having that high standard of customer service and awareness in our security training

“When a customer enters a store and is greeted by a security guard, that customer will immediately feel a presence acknowledging them. So, for a regular customer, it will be a sign of great customer service. It will elevate the experience that they will get in that store,” he said.

“And if the goal was to commit a robbery or a theft, the customer will most likely decide to go somewhere else where there will be less presence. [That] will have an immediate impact on a store’s shrink at the end of the year, reducing criminal activity in that store compared to one with no security presence.”

Evolution of the role

The panel commented on how the role of security guards has evolved in recent years as it pertains to crime prevention programs and customer service programs.

Sportun said the role of the security

Scott Young, GardaWorld

Marc-André Plaisance, GardaWorld

Sean Sportun, GardaWorld

Jason Sangster, Edmonton International Airport

guard is moving from one that is closely related to enforcement to more of a customer service role.

“For the average customer coming into the store, or client coming onto a property, you’re going to see a professional security officer and you’re going to have a professional encounter or engagement with that individual because of that customer service aspect,” he said. “But if there is an enforcement component that is needed, then the security officer is going to be able to transition into that, but also keeping in mind the customer service aspect — deescalating through verbal means rather than going hands on. I think that, in my view, is a huge difference in what we used to see to what we do now.”

Impact of COVID-19

At the Edmonton International Airport, not unlike other airports that have been financially impacted by the global pandemic, management had to become very strategic in how they utilized resources, including security personnel.

“From a security perspective, they ended up taking over access to our central pre-board screening checkpoint. We had a concierge there before doing that piece, working with the passengers, but security

took it over. We had to be strategic, save on costs. At airports, if you don’t have anybody flying through, there’s no money being made,” Sangster said.

In addition to adding the concierge role to security personnel, they had to perform more strategic patrols of the airport with less assistance.

“Pre-pandemic, we were looking at 10,000 people departing and 10,000 arriving a day, plus all the guests. You had all these eyes out there, which are really security partners for you,” Sangster said.

Now that traffic at the airport is starting to increase, the customer side of the role of security professionals is even more important for things like ensuring face masks are worn by anyone entering the airport.

“The customer service side is important, so we don’t have incidents inside the terminal. We want people to fly. We’re seeing some increases right now and we want that to continue,” Sangster said.

Throughout the pandemic, Sportun said guards have been enforcing policies and regulations they never had to in the past, so education, training and customer service are vital. “If the guard is able to articulate in a way that the customer and the client is going to understand,

then you’re going to have a reduction in conflict. You’re going to have a reduction in [disputes],” he said.

“Mind you, there is going to be that small population that is going to be out there just looking for trouble, and no matter what that encounter is, they’re coming with an ‘anti-vax’ tone to them. But again, that guard is going to be able to de-escalate that. They’re going to be able to understand what they’re about to get into and what this individual’s intent is, and know how to react.”

Technology implications

Sportun said there are always new types of technology coming that can assist security personnel with a wide variety of their duties, such as security cameras for heat-mapping and detecting elevated body temperature, to support staff during the COVID-19 pandemic.

“I think it’s great. But tying it back into customer service, no matter what technology you push out there, it’s how do you explain it to your end users, from a customer-client perspective … when you identify something. How do you approach that? That’s all going to be customer-service driven. It’s going to be that messaging,” he said.

Ask the experts

In the audience Q&A portion of the panel discussion, one attendee asked, “How do you conduct quality control on your customer service program with your employees?”

Young said you can’t manage what you don’t measure.

“I think it comes down to surveys. Such as in an office tower, you need tenant satisfaction surveys. What is the satisfaction? What is the awareness? How engaged do they find the security team before and after you implement a customer service training program? Are they more aware of the security team in a more positive way six months after the training has happened?

“I think tenant surveys are a good way to gauge the customer service appreciation of the security team but also of the overall experience of being a visitor, a guest, a passenger or a patient in a hospital,” he said.

2022

New Orleans, LA, USA

A Homeland Security Event

Let’s get back to the business of securing national infrastructure

After a long year of restrictions and lost opportunities due to the pandemic, highlighting new challenges and threats to our critical infrastructure, we need to get back to the business of building better resilience for future continuity and sustainability for economic prosperity.

Join us in New Orleans on February 1st-3rd, 2022 for the next Critical Infrastructure Protection & Resilience North America Conference and understand the latest threats, challenges and solutions, from both physical and cyber perspectives, against your CI.

Let’s get back to business, back to better understandings and back to networking!

Registration Open

For further details visit www.ciprna-expo.com/registration

SPECIAL DEAL FOR GOVERNMENT AND OWNER/OPERATORS

The 3rd Critical Infrastructure Protection and Resilience North America brings together leading stakeholders from industry, operator/owners, agencies and governments to debate and collaborate on securing America’s critical infrastructure.

As we come out of one of the most challenging times in recent history, it has stressed how important collaboration in protrection of critical infrastructure is for a country’s national security.

Join us in New Orleans, LA, USA for the premier event for operator/owners and government establishments tasked with the region’s Critical Infrastructure Protection and Resilience.

For further details visit www.ciprna-expo.com

Confirmed speakers include:

- Jacob Anderson, Strategy Branch Chief, CISA/ISD

- Brian Harrell, VP & Chief Security Officer, AVANGRID

- Ruth Christensen, Analyst, NCTC, FBI

- Lester Millet, Safety Agency Risk Manager / FSO Workgroup Chairman, Port of South Louisiana & Infragard Louisiana President

- Deron T. McElroy, Chief of Cybersecurity Services, CISA

- Todd Klessman, Deputy Associate Director, DHS/CISA

- Chris Rodriguez, Director, District Of Columbia Homeland Security And Emergency Management Agency

- Deborah Kobza, President, IACI

- Douglas Delancey, Branch Chief, Counter IED Strategy, Integration & Comms, Office For Bombing Prevention, CISA

- Stephanie Murphy, Vice President, Resiliency and Critical Infrastructure Programs, Tidal Basin Government Consulting

- Minna LeVine, Founder, SMART Community Exchange

- Ron Fisher, Director Of The Infrastructure Assurance & Analysis Division, Idaho National Laboratory

- George Rey, Aviation Sector Chief, InfraGard Louisiana BoD

- Steve Povolny, Head of Advanced Threat Research, McAfee

- Ron Martin, Professor Of Practice, Critical Infrastructure, Capitol Technology University

For speaker line-up visit www.ciprna-expo.com

Swing door operators

dormakaba

dormakaba’s ED50LE and ED100LE low energy swing door operators can automate new or existing manual swing doors with a push plate, wave plate, or other knowing act actuator device. The ED100LE is tested beyond traditional standards, using a larger door with greater weight and testing to over one million cycles. This product is suited for interior or exterior use in medium to heavy duty (600 lbs. door) settings. www.dormakaba.us

Anti-passback feature

ProdataKey

ProdataKey has added Anti-Passback to the programmable features of its pdk io cloud access control platform. Anti-Passback requires individuals who have scanned through an entry reader to scan out through a corresponding exit reader before their credentials can be used to re-enter the premises. AntiPassback rules are defined through the pdk.io software. They may be applied to locations where users pass through designated entrances and exits, like parking garages, and secure areas such as data centres and laboratories that regulate both entry and exit of workers. The feature may also be applied at turnstiles. Should someone swipe a credential in a sequence inconsistent with the Anti-Passback rule, a violation is logged, reported, and depending on how the system is programmed, the second entry is denied. Administrators can set violation time frames for any length. Anti-Passback is compatible with any pdk hardware, including pdk, touch and red readers. www.prodatakey.com

Cloud application

Abloy Oy

ABLOY OS INCEDO connects the management of all mechanical, electromechanical and digital ABLOY solutions into one cloud-based application. By providing tracking and intelligent key management for many different types of keys, including mechanical, customers can prevent unauthorized key access, improve operational efficiency and reduce running costs. The range of solutions that can be connected to ABLOY OS INCEDO includes, for example, PROTEC2 CLIQ key-based digital cylinders, a variety of digital access devices and a wide selection of mechanical key management features. ABLOY OS INCEDO is licensed and delivered to customers on a SaaS software as a service) basis. www.abloy.com

AD INDEX

Allied Universal 2 www.ausecurity.ca

CIPRNA 29 www.ciprna-expo.com

Commissionaires Canada 32 www.commissionaires.ca

FutureShield 13 www.futureshield.com/securitymag

Garda 11 www.garda.com

Two door controller

Camden Door Controls

Camden Door Controls has launched its CV-603 2 Door Bluetooth Access Control System. This app-based system is designed to provide ‘best in class’ security of doors and gates, with up to 2,000 users. The intuitive programming app is Apple and Android compatible, with easy to use system set-up, user administration, downloadable audit trail and data backup. The CV-603 two door controller includes inputs for readers, door position switch, and REX device, and two outputs for electrified locking or alarm signal devices. A built-in 433Mhz. receiver supports two button wireless key fobs. It is 26, 30 & 37 bit Wiegand reader compatible and features anti-pass back, schedules, first person-in delay, and operator security levels. www.camdencontrols.com

Electronic padlock

SALTO Systems

The SALTO Neoxx Padlock enables users to benefit from the advantages of electronic access control where previously it was only possible to use a mechanical locking solution (i.e., perimeter or fire access gates, industrial equipment yards and residential storage areas). The SALTO Neoxx Padlock offers a solution for utility providers – electric power stations, telecom network services, industry applications, and more – and property services that need an additional level of security to control specific doors, like gates or storages. SALTO Neoxx G4 electronic padlock is a highsecurity padlock made of hardened steel with a removable shackle model option, which can be completely detached from the padlock body. www.saltosystems.com

Intelligent terminal Suprema

X-Station 2 is a versatile intelligent terminal with credential options of mobile access, QR and barcodes as well as RFID cards and PIN. X-Station 2 enables flexible access control system design by supporting multiple credential options. The terminal is compatible with most types of existing RFID cards including EM, MIFARE, iCLASS, DESFire and FeliCa, but also lets users go card-less by offering mobile credential options including QR codes and barcodes. The terminal can read QR codes and barcodes composed of up to 32 ASCII code strings issued on Suprema BioStar 2 or 3rd party systems. X-Station 2 can also communicate with NFC and BLE signals, allowing both Android and iOS device owners to use mobile access. www.supremainc.com

Ontario Bollards 17 www.ontariobollards.com

Paragon Security 31 www.ppieducation.com

Salto Systems Inc. 9 www.saltosystems.ca

Securitas Aviation Canada 5 https://aviation.securitas.ca

The Buildings Show 21 www.thebuildingsshow.com

University-approved education driving security guard success

CASP - Certi ed Advanced Security Practitioner

PPI has collaborated with educators from the Wilfrid Laurier University Centre for Public Safety and Well-Being and security industry experts to develop a series of micro-credential courses for advanced security training certi cation. These advanced courses are designed for security personnel who wish to unlock their career potential in the industry.

Fast Tracking Security Careers

The CASP 75-hour self-paced online program is the fastest way for security professionals to earn their quali cations. Our courses cover the most fundamental security training programs required for all market sectors. Bypass the obstacles of multiple training programs and timelines. With CASP, you get the best education in the shortest period of time.

Commissionaires offers a complete suite of services including threat-risk assessments, monitoring and response, mobile patrol, guarding and digital fingerprinting.