Cash Crop
#1 Home Security Company in Canada
125 years of security expertise
Monitoring Centres across Canada
Bilingual Service
Growth market
The ‘green rush’ of
By Ellen Cools
An integrated approach
Buying and installing security systems can be an ad hoc process, but it doesn’t have to be. Consider your future needs and plan accordingly
By Karen Evans
By Neil Sutton
TWRITING ON THE WALL
A CPTED project with community values proves to be long-lasting
he advantage of working at a magazine for several years is you develop relationships with people over the long haul. You follow their careers, their stories. You see projects develop and mature.
I can’t remember exactly when I first met Sean Sportun, but I definitely got to know him better in 2013 — the year he received our Security Director of the Year award.
When I was reviewing the nominations that year, I had a good feeling about Sean. His work spoke for itself, so I wasn’t at all surprised when our judging committee selected him for the award. Sean, manager of security and loss prevention at Mac’s Convenience Stores (now known as Circle K following a Canada-wide rebranding), took a different approach to loss prevention: one that brought his organization, the communities they serve, local graffiti artists and even the local police together. Sean organized a mural program whereby some of Mac’s properties were painted with iconic local imagery. That had a two-fold impact: it tied Mac’s locations more closely to their communities and reduced the incidence of crime in stores. The relationship between those two outcomes is not a simple one, but clearly one feeds the other and together they account for the project’s success.
Group Publisher Paul Grossinger pgrossinger@annexbusinessmedia.com
Publisher Peter Young pyoung@annexbusinessmedia.com
Editor Neil Sutton nsutton@annexbusinessmedia.com
Assistant Editor Ellen Cools ecools@annexbusinessmedia.com
Art Director Graham Jeffrey gjeffrey@annexbusinessmedia.com
“The security industry is always on the move... but it pays to look back as well.”
Fast-forward about four years. I bump into Sean at an industry golf tournament and he tells me that the project has grown. More murals have been painted and empirical research is being conducted by a University of Toronto professor who’s also working at Harvard University. OK, I’m definitely intrigued.
It’s not often I revisit older stories. The security industry is always on the move, whether the focus is technology or technique, so I try to keep my eyes toward the horizon. But it sometimes pays to look back as well, particularly when it comes to projects that may have long-term results and lasting outcomes.
This is something we’ll be doing more of as the year progresses — taking stock of Canadian Security’s 40 years of industry coverage and how the industry itself has changed massively in that time frame.
Jason Caissie got us started in the last issue by examining what’s changed and where we still need improvements — his wish list for the next 40 years. This issue, Roger Miller, president of Halifax-based Northeastern Protection, examines how the dynamics of security have changed in the last few decades, particularly the relationships between different stakeholders. Roger might be better known to SP&T News readers. He serves on the SP&T editorial advisory board and has written articles for that publication several times. His deep knowledge of the industry from almost every angle is a welcome addition to these pages as well.
You can also read more about Sean and the ongoing Mac’s (now Circle K) mural project on p. 6 of this issue. I wouldn’t be surprised to find myself writing about this project again in another few years. In fact, I look forward to it.
Account Coordinator
Kim Rossiter
krossiter@annexbusinessmedia.com
Circulation Manager
Aashish Sharma
asharma@annexbusinessmedia.com
Tel: 416-442-5600 ext. 5206
COO Ted Markle
tmarkle@annexbusinessmedia.com
President & CEO Mike Fredericks
Editorial and Sales Office
111 Gordon Baker Rd, Suite 400, Toronto, ON M2H 3R1 (416) 442-5600 • Fax (416) 442-2230 Web Site: www.canadiansecuritymag.com
Canadian Security is the key publication for professional security management in Canada, providing balanced editorial on issues relevant to end users across all industry sectors. Editorial content may, at times, be viewed as controversial but at all times serves to inform and educate readers on topics relevant to their individual and collective growth and interests.
Canadian Security is published six times per year by Annex Business Media.
Publication Mail Agreement #40065710
Printed in Canada I.S.S.N. 0709-3403
Subscription Rates
+ HST;
Circulation Anita Singh asingh@annexbusinessmedia.com Tel: 416-510-5189 Fax: 416-510-6875 or 416-442-2191
111 Gordon Baker Rd, Suite 400, Toronto, ON M2H 3R1
Annex Privacy Officer Privacy@annexbusinessmedia.com Tel: 800-668-2384
The contents of Canadian Security are copyright by ©2018 Annex Publishing & Printing Inc. and may not be reproduced in whole or part without written consent. Annex Business Media disclaims any warranty as to the accuracy, completeness or currency of the contents of this publication and disclaims all liability in respect of the results of any action taken or not taken in reliance upon information in this publication.
CALENDAR
April 11-13, 2018
ISC West
Las Vegas, Nev. www.iscwest.com
April 15-18, 2018
IAHSS Annual Conference & Expo Chicago, Il. www.iahss.org
April 18, 2018
Focus On Manufacturing Security Mississauga, Ont. www.focusonseries.ca
April 19, 2018
25th Annual ASIS Toronto Chapter Best Practices Seminar Toronto, Ont. www.asistoronto.org
April 24-25, 2018
Canadian Technical Security Conference Cornwall, Ont. www.ctsc-canada.com
April 25, 2018
Security Canada East Laval, Que. www.securitycanadaexpo.com
May 9, 2018
Security Canada Ottawa Ottawa, Ont. www.securitycanadaexpo.com
May 30, 2018
Security Canada Alberta Edmonton, Alta. www.securitycanadaexpo.com
June 13, 2018
Security Canada West Vancouver, B.C. www.securitycanadaexpo.com
September 12, 2018
Security Canada Atlantic Moncton, N.B. www.securitycanadaexpo.com
September 23-27, 2018
Global Security Exchange Las Vegas, Nev. www.gsx.org
Ottawa-based Calian adds expertise
Calian Group recently announced three executive leadership appointments: Jerry Johnston as Chief Information Officer, Lynn Stevens as Chief Human Resources Officer and Donald Whitty as Vice President, Training.
Jerry Johnston
“I am very pleased to announce these appointments. Calian continues to review our corporate structure to ensure we maintain and develop a strong foundation,” said Kevin Ford, President and CEO of Calian, in a statement. “Jerry’s role as CIO is to embrace risk management, process management and technology as growth enablers. We are very excited to have Lynn as our new Chief Human Resources Officer, whose appointment comes as we execute a critical talent management strategy supporting our
Donald Whitty
long-term objectives. I am also thrilled to bring aboard Don, our new Vice President, Training, who joins Calian with broad experience as well as a real passion for the evolution and innovation currently taking place in training.”
Ottawa-based Calian employs over 2,800 people with offices across Canada, the U.S. and international markets. The company’s divisions include Business and Technology Services and a Systems Engineering Division. Calian has provided emergency management services and solutions since 1996.
(ISC)² study: cyberworkers are holding the cards
Arecent
study published by cybersecurity association (ISC)² indicates that professionals who work in that industry are in the driver’s seat when it comes to career choices.
A survey, conducted for (ISC)² by Market Cube, suggests as many as 84 per cent of cybersecurity workers (based on a sample size of 250 American and Canadian cyberworkers) are open to switching jobs this year. Only 15 per cent said they have “no plans” to leave their current roles — 14 per cent intend to look for a new job and 70 per cent “are open to new opportunities.”
In a statement, (ISC)² said the data “suggests unmet expectations between organizations and their cybersecurity workforce.” The rift is more apparent due to the high demand for their skills, resulting in multiple job opportunities.
“The cybersecurity workforce gap is growing rapidly, and turnover within cybersecurity teams makes filling those roles even more challenging,” said (ISC)² COO Wesley Simpson. “It is more critical than ever for organizations to ensure their recruitment and employment retention strategies are aligned with what cybersecurity professionals want most from an employer.”
The key motivator may not be money. According to the (ISC)² study, just under half of respondents valued salary as a top priority.
Scoring higher were: working in an organization where their “opinions are taken seriously” (68 per cent); working where they can “protect people and their data” (62 per cent); and working for an employer “that adheres to a strong code of ethics” (59 per cent).
Lynn Stevens
Paint it forward
Agrassroots CPTED (crime prevention through environmental design) initiative to help reduce crime in convenience stores is in growth mode, thanks in part to interest from some major academic institutions.
Sean Sportun, manager of security and loss prevention, started a project to paint murals on Mac’s convenience stores more than five years ago to help spur community support and reduce the incidence of violent crime in stores. With the blessing of his parent organization, Couche Tard, Sportun sought local graffiti artists to create murals on some of the most troubled store locations in Thunder Bay, Ont. The murals were hugely successful; Sportun was recognized for his creative approach by his employers and also by Canadian Security magazine, which awarded him Security Director of the Year in 2013.
The project drew interest from a University of Toronto Rotman School of Management associate professor, Katy DeCelles. “I’ve always been interested in criminology in organizations,” she explains, adding that her research has included prison workers and aggressive behaviour on airplanes.
DeCelles reached out to Sportun about five years ago and was gratified to find he was interested in participating in further research.
What developed through their partnership was a research project, partially funded by a Harvard University grant, and a case study published by Harvard Business School with a detailed background on the Mac’s organization (now known as Circle K after a rebranding exercise) and a focus on the mural project. The study — written by DeCelles with Harvard faculty collaborators Francesca Gino and Olivia Hull — is now available to other academic institutions as a teaching aid.
“Here we have somebody who really revamped an organization’s strategy and implementation of loss prevention,” says DeCelles of Sportun’s unique spin.
The case study can be examined or
taught from a variety of perspectives, she adds, including CPTED, loss prevention or business culture.
“Even if you don’t care necessarily about the criminology component of it, from a business perspective, somebody who’s able to change an entrenched perspective in an organization and have such good outcomes — that’s also a nice way to use the materials.”
When Sportun was first approached by DeCelles, he estimates Mac’s had completed three or four murals. The project needed to be scaled up to increase its impact and create more data points that could be used for further research. It wasn’t a tough sell to Mac’s management. Not only was crime going down but sales were going up $65,000 a year in the stores that had murals painted on their exterior walls.
“I started leveraging that with my management, saying, ‘Wait a minute, we’re not just an expense centre, we’re not just going to ask you for cameras and spend your money, we’re … making the store safer,’” says Sportun.
DeCelles also contributed in unexpected ways. Sportun provided DeCelles with surveillance footage of 350 robbery incidents that had occurred in Mac’s stores across the country. “My team is coding them to see what are the things
that robbers do, what are the things that clerks do that might, in that high stakes interaction, result in more likelihood [of injury]. And then can we take what we learned from that and import it back into Mac’s training,” says DeCelles.
One conclusion the research team reached was that violence was more likely to occur during a robbery if a store employee is mopping the floor when the perpetrator enters. “What they had suggested was, the bad guy, seeing the employee with a mop in his hand, sees it as a weapon and introduces violence immediately to neutralize the threat,” says Sportun. “I looked at it and I thought, I never connected that.”
Employee training techniques have been updated as a result.
The number of store murals now stands at 22. Sportun is hoping to do 50 more and DeCelles aims to continue her research.
A large increase in murals will allow the researchers to draw more statistically significant conclusions, she says — particularly when compared to stores that haven’t benefited from the murals yet. It’s a long-term project, she says, with more analysis coming in a year or so. It’s too soon to tell but “the trends are encouraging.”
— Neil Sutton
A Mac’s store (since rebranded Circle K) is one of almost two dozen to feature a community mural
By Neil Sutton
ASIS will be GSX in Las Vegas
ASIS International has officially launched the new name for its annual seminar: Global Security Exchange (GSX).
Previously known as the ASIS International 64th Annual Seminar and the Exhibits, the new name, according to a statement issued by ASIS, “reflects the society’s commitment to unite the full spectrum of security — cyber and operational security professionals from all verticals across the private and public sector, allied organizations and partners, and the industry’s leading service and solution providers — for the most
comprehensive security event in the world.”
GSX is scheduled to take place in Las Vegas, Nev., Sept. 23-27. The last time Las Vegas was the host city for the annual ASIS event was in 2007.
There are currently no plans to change the names of any of ASIS’s other events. As to the possibility for further rebranding within the organization, stay tuned, says Ron Rosenbaum, chief global marketing and business development officer, ASIS International. “While we don’t currently plan to change the names of our other offerings, it’s also not out of the question,” he says. “Our board-identified strategic priorities
Ron Rosenbaum, ASIS International
this year include fully globalizing the society, infusing ESRM into all our offerings, and strengthening our brand. These big initiatives will undoubtedly bring about changes to our organizational structure to reflect our global approach and strategic planning priorities, as well as how we think about and deliver our education, research, and learning products and services. And, this could include renaming and reevaluating how we do business and the core programs and services we deliver.”
ASIS first announced its intent to change the name of its flagship conference last year. Since then, it has launched a new website, www.gsx.org.
Power for
“YOU’RE PART OF SOMETHING BIG.”
The fifth annual Security Career Expo, held March 7 in Mississauga, Ont., welcomed students enrolled in Protection, Security and Investigations college programs across Ontario. Students were able to network with security mentors — professionals across a variety of fields, including financial, loss prevention, municipal, property management, health care and more — as well as vendor and association partners.
The day began with a keynote address from Silvia Fraser, head of
security for the City of Mississauga, who offered words of advice from her own security career, beginning with her first role as a security guard to her present position managing security for a large municipality. Fraser told assembled students that “you’re part of something big,” joining an industry with a growing number of career options.
Fraser was also one of the mentors of the day, a list that included a dozen other security professionals who generously donated their time to offer
tips and advice on career development. The event was supported by sponsors Allied Universal, ASP Security Services, CN Tower, Paladin Security, the Canadian Armed Forces, GardaWorld, Ontario Ministry of Community Safety and Correctional Services, University of Guelph-Humber, Securitas, and G4S Canada, who also sponsored the lunch break. Special thanks also to association partners, CANASA, ASIS International - Toronto Chapter, and IAHSS. For video and more photos, visit www.canadiansecuritymag.com
Sponsors, including Ontario Correctional Services, were visited by students throughout the day.
Patrick Straw (yellow tie), Executive Director, Canadian Security Association, was one of the association partners who supported the event.
Security mentor Ken Close, Manager, Security & Parking Services, Trillium Health Partners (far left) speaks with students.
Scott Young (yellow tie) represented both GardaWorld and ASIS International’s young professionals group at Security Career Expo.
Patrick Ogilvie (centre) shared expertise with students. Ogilvie runs a security consulting business, working with clients including the Ontario Provincial Police.
Silvia Fraser, head of security, City of Mississauga, advised attendees to learn constantly and value integrity.
STEPS TO PROFESSIONALISM
Business skills and better communicaton are just some of the changes in security
Looking back on our industry I can speak to more than 30 of the 40 years since the first issue of Canadian Security hit our desks. Granted, I may not have held up as well as the publication, but we’re both still around!
As a snapshot, security guards, managers, systems technicians (previously called alarm installers) and our clients all lived in distinctly different worlds, they didn’t communicate outside their silo. Training in each of the disciplines was minimal if at all.
in our region was still working as it should. It was a time when clients really looked to our industry to support their operations in a sincere way, and we were eager to do it.
“Training, while still lacking in many areas, is at an all-time high.”
Security managers were almost always exlaw enforcement members.
Guarding and technology rarely coexisted on any formal level. Guard level interaction with technology was limited to watching cameras or responding to alarms then calling the police.
Skip forward just a few years and the industry had started to evolve, slowly. In the late 80’s and into the early 90’s the lines of communication started to open. Clients using guard service and security technology were sharing their objectives so we could help their planning process.
Along with this, developing industry governments were opening up legislation from the 1960’s for discussion on how the industry could be improved to enhance public safety. Oh, and we started talking about public safety!
As we neared the end of the last millennium, the Y2K worries focused attention on security systems vulnerabilities. People became engaged in all things electronic: What are the risks? Where is the redundancy? Who has the skills? It was an interesting time that I believe unintentionally stimulated activity in our industry throughout all disciplines. It taught us that technology must be supported by manpower and vice versa.
On New Year’s Eve, as we entered 2000, I was the Atlantic VP of an international firm. Being the first time zone in Canada to reach the stroke of midnight, we were all “on call” until the passing of midnight when we had to call into the national communications centre (on a landline) and let them know everything
In recent times, the Canadian Security Association (CANASA) has taken over as a leading Canadian voice for our industry. While the focus of the association has traditionally been on electronic security, there is change happening where members’ job titles are more diverse, which ultimately benefits all stakeholders. Only a few years ago, when the RCMP in Nova Scotia was drafting an alarm response policy they turned to our association for stewardship. The RCMP, the central monitoring stations, the installing companies, private responders and the end users were all finally on the same page. Maybe not everyone was equally pleased with the outcome, but the opportunity for engaged dialogue existed.
In 2018 we have a fully integrated industry where we work with clients to develop a product or service that is tailored to their needs.
Guards are using the technology that their counterparts are installing on networks managed by the IT department; sometimes they are all working for the same company. Managers are business and security industry savvy. Training, while still lacking in many areas, is at an all-time high. Justice and Public Safety officials are providing professional oversight to ensure there is regulatory compliance where applicable. Security planning is talked about in the corporate boardrooms. Accountability exists!
Today we still have bridges we need to build, then cross. Professional standards for guards, service and installation technicians, managers and consultants have a lot of room for improvement.
We are better and stronger than ever — this evolutionary process means we will always be a work in progress.
Roger Miller is the president of Northeastern Protection Service (www.protectionpartner.ca) and an advisory board member on Canadian Security’s sister magazine, SP&T News.
By Tim McCreight
CONTINUING EDUCATION
Learning about your company and its processes should be an ongoing endeavour
We learn from our mistakes. In our personal lives, we have made (and will make) mistakes. But we can learn and grow from these life lessons, take this newfound knowledge, and use it to our advantage.
As security professionals, we all know that stuff happens. Sometimes we respond to incidents quickly, and then simply carry on with our jobs. Other times, it may take weeks or even months to recover from a breach or disaster. Once our organizations are back to business as usual, we forget the events that led up to the problem.
“It doesn’t take a lot to learn from incidents, but the benefits far outweigh the effort.”
Every security event is unique, which means every post incident assessment is unique. It seems like so much effort, but deconstructing a security event is worthwhile for a couple of reasons. First, as security professionals we need to understand how a certain control failed, or how an event could unfold and impact our assets and our organization. Assessing how an incident exploited a vulnerability gives us valuable information — information we can include in our next risk assessment against the asset.
The Enterprise Security Risk Management (ESRM) philosophy takes a different approach. What if we took the time to review the lessons we’ve learned from the incidents we experience, and use this newfound knowledge to our advantage? The same way we can learn from our personal experiences, we can learn from our professional ones as well.
The ESRM model requires that we are continually learning about our organizations, learning how the assets support the business objectives, the risks facing these assets, and when an incident occurs, reconstructing it to document how we can reduce the impact of a similar event in the future.
Following the ESRM approach, we take the time to explore the event, objectively identify what went well, and document what can be improved in the future. Sometimes it is as simple as changing a procedure for patching desktops to avoid the latest computer virus. In more complex reviews, we may determine a physical location should be upgraded with new security cameras or access control systems, or we determine a software application must be rewritten to support a new operating system.
Second, we have a chance to reassess the risk appetite of our organization, and determine if the asset(s) impacted by the incident are still critical to the success of the organization. This may seem simple — of course the asset is critical, it was involved in an incident! But a careful review of the asset, the role it played in the incident, and its past and present ranking against the business objectives can be an eye-opening experience.
During one post incident review, I was quite pleased with the response time to recover a website for a business owner. The site was affected by an incident and I was satisfied with the time taken to recover the website. What I didn’t consider was the impact this server had on other applications, and these impacted programs took longer than expected to recover. Those business owners expressed their concerns that we were more concerned about bringing up a little used website, while more critical applications remained impacted by the outage. We thought we were doing the right thing, but realized we hadn’t done our homework. The post mortem review helped identify the assets we should have been worried about - a lesson we documented and used in future assessments.
It doesn’t take a lot to learn from incidents, but the benefits far outweigh the effort. And we should never stop learning, not in our world.
Tim McCreight is the owner of Risk Rebels Consulting Ltd. (www.riskrebels.com).
Laval, Quebec
April 25, 2018
Richmond, British Columbia
June 13, 2018
Ottawa, Ontario
May 9, 2018
Moncton, New Brunswick
September 12, 2018
Edmonton, Alberta
May 30, 2018
Toronto, Ontario
October 24 - 25, 2018
GROWTH MARKET
Marijuana, both medical and soon-to-be legal recreational versions of the substance, has created a groundswell of opportunity for security providers
By Ellen Cools
T“his is a huge business opportunity,” says David Hyde, when asked how the upcoming legalization of recreational cannabis under The Cannabis Act will impact the security business.
Hyde, owner and principal consultant at David Hyde and Associates, a risk management and security services consultancy based in Toronto, is not alone in this belief. Even prior to legalization, companies and consultants have seen opportunities to expand their business under the ACMPR, or the Access to Cannabis for Medical Purposes Regulation.
Toronto-based INKAS Security Services, an armoured messenger and courier services company, for example, recently announced a preferred vendor relationship with Canopy Growth Corporation whereby INKAS will provide secure transportation services for medical cannabis across all Canopy Growth locations and subsidiaries. Canopy, based in Smiths Falls, Ont., operates brands including Tweed, Spectrum Cannabis and Bedrocan Canada.
INKAS is also planning to expand
its services with the pending legalization of recreational cannabis, says the company’s CEO Victor Goodman.
The Cannabis Act is expected to take effect by mid-summer, and will include new security provisions and regulations for licensed producers (LPs) and retail stores to follow.
So what should security directors, consultants and other security service providers be aware of when trying to enter this new market?
New market, new challenges
saying that service providers “should be in research mode.”
In fact, Health Canada recently announced two changes to the physical security requirements for cannabis facilities under the ACMPR.
LPs are no longer required to maintain a highsecurity vault for the storage of cannabis products; instead, they are only required to store cannabis within a secure area of their facility.
“You’re not going to deal with the kinds of business structures that you’re used to — you need to learn the idiosyncrasies.”
— David Hyde, David Hyde andAssociates
Hyde’s advice to those looking to enter the industry is to be well-prepared. Before legalization, he says that security service providers have to understand the federal and provincial laws, and how those laws will change over time.
The industry is a “very, very fastpaced and evolving industry,” Hyde says, “so what makes sense in one month, may change a little the next month or the month after that.”
Jeff Hannah, owner and principal consultant, JH & Associates, agrees,
Additionally, LPs are no longer required to maintain 24/7 video surveillance inside the rooms where cannabis is being cultivated, propagated or harvested. However, all access points to these rooms must be under 24/7 surveillance and recording.
Since then, “the way in which the cannabis industry is moving forward in terms of security is in continuous flux and development,” says Thomas Gerstenecker, CEO and founder, 3Sixty Secure Corp., based in Ottawa.
As a rather “unconventional” industry, Hyde says, “it doesn’t have business maturity, to a certain extent.”
Consequently, “you’re not going to deal with the kinds of business structures that you’re used to, so you need to learn the idiosyncrasies and … the nature of the industry — how it works, how it functions, what the criticalities are [and] what the industry norms are.”
Currently, says Hannah, the focus is on the licensed producers.
As such, with the Cannabis Act, there will be a need for additional production, distribution, retail and secure transportation.
He suggests that those hoping to capitalize on this new market look at companies who have been awarded request for proposals (RFPs) from provinces regarding retail cannabis security.
Additionally, “you really need to understand where that change [the Cannabis Act] is going and how that’s going to reshape the industry, and how the industry is going to be expanding and evolving under new laws,” Hyde says.
Expanding growth opportunities
Despite the difficulties of entering a new, somewhat “unconventional” industry, there is plenty of evidence to indicate the cannabis market will provide opportunities for growth.
Gerstenecker says 3Sixty Secure’s growth has been “significant, to say the least,” as a result of the legalization of medical cannabis.
“Within a six-month span, we have grown from just under 20 staff to more than 100 Canada-wide, and we project that we will exceed 200 by the fall of this year,” he elaborates.
Gerstenecker’s background includes a senior security position at the United Nations (for which he received Canadian Security magazine’s Security Director of the Year award in 2011) and, more recently, a security consulting role for the Women’s World Cup when it was held in Canada in 2015. Today, he says 80 per cent of his overall business focuses on cannabis, and believes it will be 90 per cent within a few months.
However, this does not mean 3Sixty Secure has stopped providing different aspects of security. Within the cannabisspecific area, he says, there is still a
site security assessment component, a security guarding component and secure transport.
Likewise, Hyde has seen massive growth.
“Five years ago, I was operating a three-person security consultancy,” he says. Now he has 13 employees, and 90 per cent of his work focuses on the cannabis industry.
In addition, Goodman says the legalization of recreational cannabis presents another growth opportunity for INKAS — not just for their core services in transportation, but also for their truck manufacturing business and in-house technology development firm. Currently, INKAS provides secure transportation of live and dried cannabis between grower facilities and processing centres in B.C., P.E.I., Ontario and Quebec.
Once the Cannabis Act is in effect, the company “will see secure transportation of live and packaged medical and recreational marijuana between processing facilities and growers, but also required between legal producers to government controlled distribution centres right across Canada
— so all provinces,” says Goodman. Technology-wise, there will be a “need for enhanced traceability, track and traceability measures put in place to ensure that there is transparent shipping and distribution as volumes increase and increase further over time,” he explains.
Finally, their truck manufacturing business is expanding because of the requirements specific to transporting cannabis, particularly the ambient temperatures that keep the cannabis in good shape for long transportation runs.
“This has opened up a real niche opportunity for INKAS to manufacture these customized vehicles and build them from the ground up, and make sure they’re compliant with the law and the legal producers themselves,” Goodman explains.
Retail = revenue
For security service providers looking to enter the market, Hyde says he believes there are plenty of new opportunities. Today, there are 90 cultivation sites that are federally regulated, he says, and this will grow to 150 by mid-summer. Each of these sites will need security
3Sixty’s armed security agents, Nick Gott and Osama Halawah, ready to transport a shipment of cannabis.
systems and guards.
Additionally, “once recreational use is legalized, the role of security service providers (i.e., consulting, monitoring, guarding and transporting) will be expanded from within licensed facilities to applying these services to the retail market. This means major security service needs within the country,” says Gerstenecker.
Retail stores will need cameras and intrusion alarms at the very least, Hyde adds.
Gerstenecker says that the stores will “need a level of security, from the design, to monitoring, and in some cases perhaps even a level of static security [guarding].”
With regards to transportation, “the secure transport footprint will see significant growth in this space as it pertains to bulk shipment, and go-tomarket shipments, which is in addition to the already high demands within licensed facilities,” he says.
Ultimately, “while there are trusted security providers well entrenched within the cannabis sector… this space has room for more — although newcomers into this space had best do their homework on knowing the market and associated regulations before entering.”
Regulatory gaps
As a result, the industry, particularly providers of secure transportation services, are setting their own security standards.
“We work closely with the licensed producers and Health Canada to ensure cannabis is secured to the extent possible during transportation,” explains Gerstenecker.
“We are in new territory — and will be over the next couple of years until the ‘green-rush’ settles.”
— Thomas Gerstenecker, 3Sixty Secure Corp.
Part of doing your homework includes being aware of regulatory gaps that impact security, particularly transportation security.
“While we continue to see the evolution of robust and defined applications of physical security directives and measures for licensed cannabis facilities,” explains Gerstenecker, “the area within the transport/shipment of cannabis, whether it be genetics or dried product, remains less than clear.”
In fact, under the ACMPR, there are no regulations regarding the transportation of medical cannabis.
Likewise, INKAS has been “working very closely with legal producers to create standard operating procedures that have never been in place in the market before,” says Goodman.
The company is treating cannabis as “another valuable in transit,” and has “customized built armoured vehicles with temperature-controlled trucks for the transportation of live and dried cannabis.”
However, Goodman points out that it is unclear whether the LPs should be “providing transportation for these products and taking on the risk of the transportation of medical and recreational marijuana.”
He believes if LPs transport cannabis themselves, “this will leave companies taking unnecessary transport risks and risks in general.”
There are also some concerns about the probability of stolen cannabis and proliferation into the black market.
Gerstenecker says one of the most common questions his company is asked by LPs is, “Why do we need to have secure transport given they don’t use it for alcohol?”
“If you transport 1500kgs of dried cannabis or alcohol, the difference is about $12,000,000,” he says in response. The weight to value ratio is drastically different when comparing alcohol to cannabis.
Additionally, Gerstenecker believes market-ready cannabis can easily be proliferated into the black market.
“A vanload of cannabis can easily be moved because it’s not that heavy… and there’s no distinguishable markings on it,” he explains. “So once it’s out of the packaging, it’s like any other dried cannabis product, so it would be untraceable and unrecognizable from any type of branding.”
“The impact of Canada’s first cannabis robbery whilst in transit will have significant consequences both politically, and [in] other areas such as stakeholder consequences,” he says. “It’s not a question of if, but when.”
However, Hannah believes that, once the cannabis industry has matured, armoured cars and guards won’t be required.
“I think people believe that… cannabis is going to be rampant, that it’s going to fuel a black market…and I really don’t think that’s going to be the case,” he says. “I think that when the market for legal recreational cannabis stabilizes, it’s going to end up looking very similar to alcohol.”
Medium-payload vehicle based on Mercedes Sprinter — part of INKAS’ vehicle fleet.
Incorporating SALTO’s proven reliability and stability in cloudbased access control, SALTO KS - Keys as a Service - offers a solution that every business is looking for with vastly better functionality and performance than is possible with a traditional solution.
SALTO SYSTEMS INC.
950 Rue Valois, Suite 104
Vaudreuil-Dorion, QC, J7V 8P2
Phone: 514-616-2586
Email: info.canada@saltosystems.com www.saltosystems.com
SALTO KS provides a flexible access control management system that requires no software installation or the added expense of a fully-wired electronic product. All that is needed is an online device with an Internet connection.
www.saltoks.com
Conquer the dark
The H4 IR PTZ camera
The Avigilon H4 IR PTZ camera line combines patented Avigilon self-learning video analytics with zoomable infrared (IR) technology to provide broad coverage and exceptional image quality in a range of lighting conditions and environments.
With a powerful zoom lens and IR technology, the H4 IR PTZ allows users to see up to 250 meters (820 feet) in complete darkness. The camera’s IR projection angle and distance automatically adjust based on camera zoom lens movement, ensuring the scene is illuminated consistently across the field of view for high-quality, detailed images.
• Exceptional image quality with 1.3 MP and 2 MP resolutions
• Avigilon self-learning video analytics
• Powerful 45x and 30x zoom lens technology
• Fast and precise pan-tilt-zoom capabilities
• Zoomable infrared (IR) technology up to a 250-meter (820-foot) range
• Rugged housing design and built-in wiper for tough environments
Regulations regarding transportation are expected to be included in the Cannabis Act, says Hyde, but the details of those rules are not yet known.
“We are in new territory, and will be over the next couple of years until the ‘green-rush’ settles,” adds Gerstenecker. “Until then, we will continue to push for baseline standards when it comes to the secure transport of cannabis.”
Holistic security
To capitalize on the cannabis market, not only is it important to be aware of regulatory gaps, but also of the strict physical security regulations under the ACMPR.
The ACMPR focuses on barriers, doors, gates, ceilings and other aspects of the physical security of cannabis facilities. It is also focused on technological security and systems, including cameras, access control, intrusion, and more, explains Hyde.
“But it’s not at all focused on procedural security, on security protocols … emergency response protocols, business continuity, IT and cybersecurity,” he says.
Hyde does not believe the regulations should cover every aspect of security or be a “cure all.” However, his concern arises from the fact that there are strict physical security regulations, “but the rest is left at the discretion of the business.... People are so focused on those specialized and fairly intricate, detailed requirements that … they’re not really focused on a much wider range of more traditional risk management and business protocols,” he elaborates.
These traditional risk management protocols are “square pegs to go into round holes right now,” says Hyde, “because companies are so slavishly focused on adhering to these difficult and detailed and challenging regulations.”
Hannah agrees that a more holistic approach is necessary. However, “when you don’t have the evidence…you need to analyze and come up with that more holistic approach, there’s a tendency to need to lean on regulation.”
“We need to be able to pivot and move towards these more traditional business disciplines,” Hyde adds.
This pivot has begun, he says, particularly as more traditional security providers enter the industry.
As such, businesses may have an advantage when entering the new market: their experience with traditional risk management.
“I don’t think a regulation is what we need,” Hannah concludes. “Security has some core methodologies in terms of analyzing risk and coming up with counter-measures that are appropriate, and we’re going to apply those methodologies here, and I think eventually we’re going to end up with a great industry.”
Thomas Gerstenecker
integratedapproach An
A solutions focus is always going to be more effective than buying and installing security systems piecemeal
By Karen Evans
Security systems in a typical enterprise environment often include video surveillance cameras, access control, alarms, ID badges, entrance and exit gates, security officers, and more.
Depending upon business needs and budget, an enterprise might add a mass notification system, duress buttons, intrusion sensors, biometrics and analytics. On the horizon are drones, artificial intelligence, robots, and more. That’s a lot of security and system technologies to manage!
consideration of initial purchase price, operating cost and system management, in addition to finding a solution that is scalable to accommodate a facility’s future needs.
“When tough choices need to be made, a layered management system provides a ‘better’ solution.”
That’s often how enterprise security is purchased and installed — as disparate pieces of equipment and systems, each serving its own specific purpose.
Yet, that also means that enterprise security solutions can be challenging to research, evaluate and purchase. Adding to the dilemma is the major
There is no single solution that will provide the comprehensive security coverage that’s needed to mitigate all security risks. By implementing security technology as individual tools, and not integrated solutions, many facility security managers are missing out on the opportunity to provide even more control, convenience, cost savings, and efficiency to their organization. In reality, all components should be viewed and function as one integrated layered security system, especially for emergency management.
Each layered solution will vary from one facility and location to the next based upon a security management’s specific requirements such as size and location(s), number of employees and
visitors, and other factors such as the type of business and services that it provides and the level of desired security. However, there are foundational elements that should always be included when configuring a layered security system, such as securing the perimeter, access control, emergency communications, lockdown capability, and video surveillance.
Perimeter Security
Secured entrances and exits, no matter their location, are necessary to track the many visitors, employees and contractors that can enter and exit a building each day. In many cases, door locks are connected to a centralized access control system that is monitored by security personnel and can be quickly opened during an emergency or incident. Entry control points can be easily established to only allow authorized individuals initial access to a facility or to specific areas within it, while also restricting access to high-profile areas. Additional safeguards to control entry points may include the integration of turnstiles or security doors, mantraps, video surveillance with analytics, visitor
management systems, intercoms and intrusion detection devices, and more.
Access Control
Controlling access is critical to keep a facility secure, especially in areas that handle cash receipts, house expensive equipment, or have high-profile executives, guests or other valuable assets to protect and secure. An access control system records all access activity so that security management has a complete record of who has entered or exited all entry points, when they did so, which areas they accessed (or attempted to access), and how long they stayed. This is valuable information to help mitigate current and future security risks. Assigning different access permissions for employees, visitors, vendors, and first responders provides even greater levels of protection and tracking.
Access control systems can easily be integrated with visitor management solutions to check the background of each visitor, automatically post watch lists, and provide specific access privileges that are based on time, date and location.
Video Surveillance
A video surveillance system is a useful security tool for any facility, big or small. The use of video surveillance can resolve many security incidents that arise and help document liability issues. Organizations that choose to install IP-based video surveillance systems can take advantage of the benefits of digital storage, remote monitoring, and analytics capabilities that may deter crimes or security incidents.
Emergency Communications and Lockdowns
According to a 2016 estimate from the Office Of The Parliamentary Budget Officer (PBO), in the fiscal year 20122013, the Disaster Financial Assistance Arrangements (DFAA) program transferred $280 million to the provinces. By 2013-2014, this had increased to $1.02 billion and $305 million in 20142015. DFAA estimates its transfers resulting from previous events will be higher in subsequent years ($848 million in 2015-2016, $590 million in 20162017, and $580 million in 2017-2018). The unpredictability of any severe weather event can force a facility to temporarily lockdown and restrict access. In these types of situations, system-wide communication is a critical asset to help security staff and first responders evaluate a situation and determine the most appropriate course of action. Accurate information provided via internal communications delivers realtime situational awareness that enhances overall physical security.
An Integrated Solution
When combined, perimeter management, access control, video surveillance and emergency communications are the foundation for a safer facility. This foundation can be vastly enhanced when integrated into a single emergency notification platform, which provides an effective resource to issue alerts and manage a variety of situations such as inclement weather, natural disasters, workplace violence, and more.
These specially engineered emergency notification solutions provide vital emergency status details to first responders
so they can best help enterprise security manage events. A security team can issue an alert to notify responders of conditions in real time while communicating details based on the level of the alert. Employees and staff can report their specific location, enabling first responders to view detailed facility maps with roomby-room, colour-coded conditions that are updated in real time as the situation evolves. Staff members who are logged in can use a chat feature to enable two-way communications, issue messages with response instructions specific to each alert level via email or text and override any computer on a facility’s network to ensure the highest visibility of alert status.
A solution that is browser-based can function across LAN, Wi-Fi, WAN, or high-speed cellular service to offer maximum accessibility. Audit trails can be provided with chronological event sequences that can capture who/ what/when/where an incident occurred, providing security staff with valuable forensic details for investigation purposes. Perhaps one of the most comprehensive safeguards of an emergency notification solution is the ability for a facility’s security team to create a lockdown alert level and push that notification out to employees in seconds while simultaneously locking all doors and blocking credential readers to everyone except authorized responders.
Security management faces tremendous pressure to protect the people and assets they oversee, especially in the case of an emergency. And most often they are supposed to do so with tight security budgets. That’s even more reason to remove the security component mentality and purchasing practices and instead, implement a complete and layered security solution. Simply put, layered security solutions offer superior protection and risk mitigation. When tough choices need to be made, a layered management system provides a “better” solution while being cost-effective, powerful and scalable. It’s the key to making an enterprise safer and more secure.
Karen Evans is the CEO of Sielox LLC (www.sielox.com).
By Derek Knights
NEWSMAKERS AND FAKERS
I’m Right and You’re an Idiot: The Toxic State of Public Discourse and How to Clean it Up
By James Hoggan, with Grania Litwin New Society
Publishers ISBN: 9780865718173
WhenI first saw James Hoggan’s book, “I’m Right and You’re an Idiot,” I sadly thought, Well, there goes my autobiography title.
But then I noted the subtitle, “The Toxic State of Public Discourse and How To Clean It Up,” and I realized this would be a more important read than anything about me. Author Hoggan runs a PR firm in Canada, chairs the David Suzuki Foundation board, and has spent a great deal of time working through the morass of opinions and “toxic discourse” in climate change controversies.
This book is not expressly about climate change but it’s a topic used for examples. Facetious title aside, it’s about the widening gap between knowledge and expertise, and opinion and feelings — which plays right into today’s concerns about “fake news.” It’s both fascinating and maddening.
conflict over dialogue and deliberation.” Another said that when someone confronts us aggressively, we react much the same way, because we “commonly allow our stance to be determined by other people’s behaviour” instead of our own.
before. In the security and investigations world, we can learn much about conflict and respect, both of which will become more poignant as we face more directed challenges about hostile attackers/active shooters, sexual harassment and other issues in the workplace.
“The easy way out is to attack your opponent rather than present your argument intelligently.”
The book comprises two parts and several sections with chapters detailing the author’s interviews with experts and laypeople from varied sources, such as academia, business, science and theology. Each speaks to the world’s inability to adequately face challenges because humans have lost the ability to communicate effectively.
One interviewee lamented, “Our culture favours debate, advocacy and
Yet another discusses how we hold on to discredited concepts for unreasonably long times because of a stubborn denial that we might be wrong. There are some specific discussions in here for security professionals such as when Hoggan speaks of oil pipeline protests. These protests are currently a concern for the security departments of many industries, even banks, which provide financing for the projects. But both sides of any debate these days tend to mire themselves in a difficult position simply because neither believes they can be completely right unless they prove the other side is completely wrong. The easy way out is to use any means to attack your opponent, rather than present your argument intelligently.
Wise readers can bring the concepts this book explores into the workplace and learn to deal with conflict and opposition in very different and likely much better ways than they have used
Hoggan’s book can also help managers deal with thoughts and opinions brought into the workplace by staff — otherwise intelligent staff! — who have picked up beliefs from “toxic discourse” in social media and fake news. The vitriol in myriad ad hoc news websites, publishing “truths” they claim the “mainstream media” is hiding is creating a surprisingly large cohort of those the author calls idiots! When this nonsense starts to permeate the way staff — up to and including, in some instances, CEOs — deals with customers or the public at large, any organization could find themselves with reputational or security risks in addition to credibility loss.
It’s a new responsibility for everyone to debunk fake news and promote rational discussions. HR and business managers need to consider this during recruiting, training and day-to-day business interactions. Techniques in this book will help you do that.
Derek Knights, CPP, CISSP, CFE CIPP/C, PCI, is the senior manager, strategic initiatives, global security and investigations, at the TD Bank Group (www.tdbank.com).
QUICKER COUNTERMEASURES
Eric Schlesinger is the Chief Information Security Officer for Polaris Alpha (www.polarisalpha.com).
Adirect relationship exists between how quickly a business can identify and contain a security incident and the financial consequences. On average, the time to identify and the time to contain a threat are 229 and 82 days, respectively — alarmingly lengthy spans of time. The following emerging technologies provide countermeasures for quick identification, containment, isolation and elimination of security threats that can significantly minimize the destructive effects of a cyber-attack.
User Behaviour Analytics is a technique that captures the way users interact with systems and devices. Activity such as the amount of pressure exerted on a keyboard, swipe patterns on a touchscreen, and applications typically opened can be identifiers as unique and personal as physical biometrics. Security analysts can leverage these analytics to monitor and identify suspicious behaviour.
Machine learning is a technique that observes the daily operation of a network to create a baseline of what is considered “normal” and compares that baseline against activities, processes and network traffic in real time. When behaviour deviates from legitimate or acceptable performance it is flagged as anomalous and potentially malicious. Security analysts can leverage this knowledge.
Deception technology is a technique that considers the cyber-attacker’s point of view and methodology for exploiting and navigating networks. Attractive traps consisting of systems, users or data are covertly mixed among existing network resources attempting to lure a potential cyber-attack. Security analysts can leverage the alerts generated by these decoys to take the appropriate actions required to stop the threat or perform forensic activities while collecting data for legal or intelligence purposes.
Visual Intelligence is a technique to change abstract data into pictures to visualize patterns and more easily identify key changes. Security analysts can leverage the visualization to contain cyber-attacks by utilizing the patterns of interest to determine if an unwanted threat is moving laterally through the network.
Thermal-visible smart camera
SightLogix
SightLogix introduces SightSensor HD, a high performance, thermal-visible smart camera for securing outdoor areas. The dual-stream SightSensor HD combines a thermal sensor for intruder detection, a high-definition colour imager for detection verification, integrated video analytics and NIR illumination. The thermal SightSensor HD combines SightLogix’s video analytics with HD colour video into a single solution for shorter ranges at critical sights and commercial applications, says the company. The product is available in three models that detect inbound targets at 42m, 74m and 80m, offering narrow and wide-area fields of view. Integrated with NIR illumination, both thermal and colour video streams are viewable through third-party VMS systems. www.sightlogix.com
Panoramic security camera FLIR
The Quasar 4x2K panoramic camera, featuring four, high-definition visible sensors, produces 4K resolution for highly detailed scenes. The mini-dome camera offers wide area surveillance and interchangeable field-ofview options of 180- and 360-degrees. Consequently, the 4x2K can replace multiple individual cameras. With automatic stitching that combines the four sensors into a 180-degree view, the camera generates an image that eliminates blind spots and scene duplication. Built-in infrared illumination automatically adjusts to the 180- or 360-degree viewing mode. The Quasar 4x2K integrates with FLIR’s VMS and major third-party VMS. With an IP67 environmentally rated dome enclosure, the camera provides 24/7 video surveillance in- or outdoors.
www.flir.com
Drone detection
SpotterRF
The C1050 radar is a textbook sized, solid state radar that tracks ground, sea and air targets, including drones. The C1050 provides drone detection and tracking for even a small hobby drone. The radar protects an aerial perimeter area greater than 70 football fields or an area greater than 200 football fields for a human ground target. Because each radar is about the size and weight of a small textbook, takes less than 20 Watts of power, and mounts on existing infrastructure, these radar sensors can be distributed through a complex urban environment, while still providing complete coverage above and below the horizon. www.spotterrf.com
Security management solution Honeywell
The new iteration of the Pro-Watch security management solution for enterprise and critical infrastructure markets, Pro-Watch 4.3.5, is a connected buildings enterprise management platform. It equips organizations with the tools to protect their people and assets by combining access control, video surveillance, intrusion detection and other business critical functions. Pro-Watch 4.3.5 now features support for both iOS and Android and improves operator efficiency by allowing facility managers to control badging, badging verification and manage door controls via smartphones and devices. The solution uses an encrypted open standard communications protocol — the Security Industry Association’s OSDP — in its reader communications and integrates with third-party solutions, including CASI/iSTAR controller replacements, biometric readers and mobile credentials.
www.security.honeywell.com
Mobile situation management solution
Qognify
Powered by CloudScann, Qognify Extend is a suite of integrated mobile solutions designed to extend the reach, coverage and effectiveness of an enterprise’s control room and operations. The Extend suite includes several modules: SeeItSendIt geared to enable field personnel to report into the control room using their smartphones; Live Video Broadcast is a special module allowing field personnel to broadcast live video directly to the control room. Dispatch provides operators with simple Computer Aided Dispatch (CAD) functionality; Personal Safety Module gives users basic personal security features, including the ability to monitor an individual’s progress along a route, immediate report of distress situations via a “panic button,” and alerting to any failure to arrive safely; and Qognify VICC (Visual Intelligence Command Center) is a desktop application that collects and aggregates the information from the various mobile applications, presenting it on a map. www.qognify.com
Wireless security solution DSC
This next generation wireless security and automation solution is designed to provide smarter and safer living for homes and small businesses. With built-in PowerG wireless technology, iotega provides a fully encrypted security system. Discrete in design, iotega includes a vanishing touch keypad, as well as an optional 7” Wi-Fi enabled touchscreen, wireless keypad arming station and flexible software app compatibility. www.dsc.com
COMMISSIONAIRES IS YOUR PROVEN SECURITY PARTNER
Canada’s only national not-for-profit security solutions provider.
ASSESS DELIVER DESIGN OPTIMIZE
Everything you need to stay secure. We will assess, design, deliver and optimize an end-toend solution to secure your people, property and assets. Utilizing the results of our risk assessment process, we collaborate with you to deliver resolutions for identified risks. We help you meet standards and exceed compliance regulations, from development through installation and ongoing maintenance.
For more information on G4S’s security solutions, please visit www.g4s.ca or call 1-888-717-4447.