CS - May - June 2018

CUSTOMIZED VIDEO MONITORING

By Ellen Cools

Senior leaders from major firms operating in Canada sit down for an in-depth discussion on wage increases, customer relationships, evolving skillsets and the role of front-line personnel as crisis responders

EDITOR’S NOTEBOOK

By Neil Sutton

WCONFRONTING CRISIS

Security departments are helping to meet the dual challenges of prevention and response

hen I first heard about the Toronto van attack, I was at home with my son, who was taking a sick day from school.

The initial report I read referenced a hit and run incident and little else. I didn’t think that much about it until the details started to roll in half an hour later and I knew we were dealing with a tragedy of epic proportions.

Like most people, my reaction to these details was that this was potentially a terrorist attack. I also knew that it would be wrong to jump to any conclusions before the facts were in evidence. Based on what we now know, the attack does not seem to meet the litmus test for terrorism, but that doesn’t change the terrible outcome, nor the manner in which it was carried out.

“Security personnel are often first responders to crisis situations.”

In speaking to several security professionals about this, there was a sense that this type of attack wasn’t entirely unexpected. There have been a series of high profile vehicular attacks around the world — even a number of targeted attacks that occurred in Canada — creating an awareness that this could ultimately happen anywhere, at any time.

I discussed this topic at some length with the panelists from this issue’s roundtable (read the highlights on p. 22). The panelists didn’t agree on everything, but there was a consensus that the security industry has a vital role to play.

Security personnel are often first responders to crisis situations, particularly if they occur in or near buildings where guards are present. Crisis training, including emergency health-care response and effective communications with police, fire or paramedics who arrive on the scene, can make a world of difference when it comes to managing outcomes.

Physical security measures, including bollards and barriers, strategically placed at potentially vulnerable locations, could help to deter potential attackers. There will never be a perfect solution or 100 per cent safety guarantees, but effective threat risk assessments can help make those determinations and optimize the use of these resources.

There are myriad ways security personnel can help reduce the impact of tragic events, even if they may not always be able to outright prevent them. Over time, I believe, that role is becoming better defined.

More technology is coming to bear that would help identify threats before they can be acted upon (to a degree, both of our feature articles in this issue address the role of social media monitoring). Techniques and methodologies are also improving. We’ve extensively covered the topic of “risk-based” approaches rather than traditional “security” in this magazine, and that transition will continue over time. Whether security personnel are called upon to help predict disasters or deal effectively with their aftermath, there are professionals who are rising to that challenge and will continue to rise higher.

Group Publisher Paul Grossinger pgrossinger@annexbusinessmedia.com

Publisher Peter Young pyoung@annexbusinessmedia.com

Editor Neil Sutton nsutton@annexbusinessmedia.com

Assistant Editor Ellen Cools ecools@annexbusinessmedia.com

Art Director

Graham Jeffrey gjeffrey@annexbusinessmedia.com

Account Coordinator

Kim Rossiter

krossiter@annexbusinessmedia.com

Circulation Manager

Aashish Sharma

asharma@annexbusinessmedia.com Tel: 416-442-5600 ext. 5206

President &

Editorial and Sales Office 111 Gordon Baker Rd, Suite 400, Toronto, ON M2H 3R1

(416) 442-5600 • Fax (416) 442-2230 Web Site: www.canadiansecuritymag.com

Canadian Security is the key publication for professional security management in Canada, providing balanced editorial on issues relevant to end users across all industry sectors. Editorial content may, at times, be viewed as controversial but at all times serves to inform and educate readers on topics relevant to their individual and collective growth and interests.

Canadian Security is published six times per year by Annex Business Media.

Publication Mail Agreement #40065710

Printed in Canada I.S.S.N. 0709-3403

Subscription Rates

Circulation Anita Singh asingh@annexbusinessmedia.com Tel: 416-510-5189 Fax: 416-510-6875 or 416-442-2191 111 Gordon Baker Rd, Suite 400, Toronto, ON M2H 3R1

Annex Privacy Officer Privacy@annexbusinessmedia.com Tel: 800-668-2384

The contents of Canadian Security are copyright by ©2018 Annex Publishing & Printing Inc. and may not be reproduced in whole or part without written consent. Annex Business Media disclaims any warranty as to the accuracy, completeness or currency of the contents of this publication and disclaims all liability in respect of the results of any action taken

Alert Ready is almost ready

The Alert Ready system, a mass notification system operated in partnership by Pelmorex, the federal and provincial governments, TV and radio broadcasters and wireless providers, was tested across Canada during the week of May 7.

This was the first time the system was tested on cell phones, although only compatible LTE cell phones with updated software can receive alerts.

But the test did not go as smoothly as planned for Quebec and Ontario, the first two provinces to receive the test alerts.

The system uses the National Alert Aggregation Dissemination system (NAADs) from Pelmorex.

Government authorities access the system to issue an alert, which Pelmorex then processes to make available in real-time to the TV and radio broadcasters, and now wireless providers. The broadcasters and providers then distribute the alert to the public.

However, in Quebec, “there was an issue where the test alert was not sent to the compatible cell phones in the province,” says Martin Belanger, director of public alerting, Pelmorex. “That was caused by an extra character in one of the configuration files in the Alert Ready system.”

Meanwhile, in Ontario, a number of people reported that they did not receive the alert.

According to a spokesperson for Public Safety Canada, “this could be due to a number of factors including device compatibility, the software version on the device, or whether they were connected to an LTE network.”

A step in the right direction

Despite the glitches during testing, the system is largely seen as a step in the right direction for emergency management in Canada.

Suzanne Bernier, a crisis management consultant, speaker and author who has been in the emergency management field for more than 20 years, says the system is “a great step in showing how much

more capability we have to be able to communicate with the public during an emergency and notify them when something is occurring or about to occur.”

Bernier admits that there will be challenges with the system, as in the case with Ontario and Quebec. However, testing is done to work out such difficulties, she says.

“That’s the whole purpose of running these drills and these exercises, so that we can catch these kinds of things and fix them, so that if and when they’re really needed … then we know we’ve got everybody.”

Alain Normand, manager of the Emergency Management Office, in Brampton, Ont., agrees that the system is a watershed moment for emergency management.

Getting to this point took years of work, he explains.

According to Normand, mass notification systems in Canada have historically been behind the technology and “missed the boat.”

Getting the Alert Ready system for TV and radio took years of lobbying, he says, because the media “thought we were taking control away from them.”

By the time it was rolled out, the public had largely stopped watching TV and moved to computers.

Additionally, the emergency management industry worked for years to implement the “Reverse 911” system, whereby police use a database to find the phone numbers for a series of addresses, and send an emergency message through those phone lines.

Yet once again, “when it finally got approved, it was too late because now most people don’t have landlines anymore, they’ve got cell phones,” he says.

Consequently, the recent launch of the Alert Ready system via cell phones is a major victory for emergency management.

False alarms ‘unlikely’

But with any mass notification system, there are concerns about false alarms, particularly in light of the false missile alert in Hawaii in January of this year.

Both Belanger and Normand believe that false alarms are unlikely.

Since the system is run through the provinces, “it’s very well-supported,” says Normand and a missile alert would be sent out through the federal

government, through Public Safety Canada.

Belanger adds that there are a number of safeguards in place.

“It’s the responsibility of the authorized government agencies to issue the alert when needed. So they … manage who can access the system, who can issue what kind of alert and for what reason,” he explains.

Additionally, Pelmorex has built a number of steps into the system to validate the issuer’s intent, and ensure it’s a “conscious decision that they’re sending that alert out.”

Furthermore, unlike the system in Hawaii, Pelmorex provides a separate training platform for issuers to create and test alerts that do not reach the public.

Finally, if a false alert does go out, “the issuer can quickly go into the system and issue a cancel, and that will be sent out automatically in real time.”

Fine-tuning necessary

Despite the progress this system represents, Normand believes it still needs to be “fine-tuned.”

In his opinion, there should have been a localized pilot test before testing the system nationally. “Now the whole country knows it doesn’t really work very well,” he explains.

“I’m afraid that a lot of people are going to be suspicious of it or are going to be wondering, ‘Is it really going to work or am I going to start getting messages when I don’t need to?’” he adds.

In fact, on Monday, May 14, the Alert Ready system sent an Amber Alert to the province of Ontario about a missing boy in Thunder Bay, Ont.

“This Amber Alert that came out... didn’t help,” Normand says. “That Amber Alert should have been for Thunder Bay, in that area only, and yet the whole province got it.”

Consequently, he says the technology

needs to be upgraded to “make sure that they do get what we’re trying to reach, which is this localized alerting aspect.”

Next steps

Belanger says Pelmorex and its partners will continue to look at the system and work towards improvements, although he could not provide any specifics.

Bernier also believes more needs to be done — not necessarily to the system itself, but to reinforce the message that the public should be prepared for an emergency at home as well.

Compared to 20 years ago, the number of people prepared at home has not grown, she says.

“Yes, we all are working on plans together as government, as communities, to make sure that we can notify people,” she continues. “However, we all as individuals…also have a responsibility to make sure that we’re prepared.”

— Ellen Cools

The best range of security services in Canada

Security guards

Mobile patrol and alarm response teams

Event security

Executive protection

Investigations and consulting

Loss prevention

Concierge services

Travel security

By Neil Sutton

ASIS Toronto celebrates 25 years of best practices seminars

AASISToronto held its 25th annual Best Practices event on April 19, showcasing a broad variety of topics from Canada’s cannabis industry to the role of security professionals in sexual harassment investigations. The event, which was attended by approximately 200 people, was held at the historic One King West facility in Toronto.

School Safety & Security

Protect What Matters Most

Avigilon provides a complete set of security solutions that help you provide a safe and secure environment and protect what is most valuable: your students, staff and faculty.

Secured Entry

Avigilon’s H4 Video Intercom will help you communicate with school visitors and approve or deny site access to secure main entry points.

Immediate Lockdown

Quickly lock down an entire school with the push of a button with the Avigilon Access Control Manager™ system.

Powerful Search

Quickly identify a specific person and track their route throughout the school with Avigilon Appearance Search™ technology.

Preventative Protection

Use Avigilon cameras with self-learning video analytics to receive alerts of critical events on school grounds.

By Tim McCreight

BE A RISK MANAGER

You have a unique relationship to risk in your enterprise, but you don’t own it

One of the tasks we must master as we enter into an Enterprise Security Risk Management (ESRM) program is the idea that we will now “manage” risks.

We don’t “own” the risks — that’s the role of executives and business leaders. Our task, in the ESRM philosophy, is to manage the activities required to reduce the risks to the organization.

This doesn’t mean we’re going to hire 10 more staff members, and work weekends to finish all the tasks!

As security professionals, we need to be practical and pragmatic in our approach to “manage” the risk reduction program. In most cases, we’re going to be collaborating with other departments to help us identify the best path to take for reducing risks, and then identifying what team is going to do what task. Collaboration is key to success. We can’t do the work ourselves, and we don’t have the expertise that we’ll find in other business areas.

“Relationships you’ve established from coffee meetings become key to successfully managing your risk program.”

or updated in one of the many software applications that focus on risk. The key components for risk management will remain the same — you need to identify what the risk is, what the proposed mitigation strategy is, and what activities your organization must take to reduce the risk. I’ve used spreadsheets and software programs, and both can help you achieve your end goal. It depends on your needs and your budget.

Executives will want to know your progress and you will need to report regularly on the activities you have underway. Reporting on the progress of risk reduction activities is different than simply presenting statistics on the number of blocked emails you have every month, or how many employees have attended an online security awareness program.

You must name the risks you have identified, and what activities you’ve taken (and plan to take) to reduce the risk from its initial state to its target state.

Remember the discussions from past articles where you’ve gone out to make new friends in all the other business departments? Those relationships you’ve established from coffee meetings become key to successfully managing your risk program. You’ll rely on these individuals, and others you’ll get a chance to meet, to help execute the tasks you’ve documented in your risk mitigation strategies.

It seems like we’re reducing our role in ESRM, but that’s not true. Our organizations are relying on us to bring subject matter expertise to the executive table, and to demonstrate our ability to see what activities need to be completed to reduce the risks to the level that’s acceptable to our organizations. Collaborating with different business areas also demonstrates our commitment to the organization and our role as a trusted advisor and business enabler.

Managing the risks can take different forms in different organizations. The process can be documented in spreadsheets,

In past lives, I’ve been able to demonstrate the reduction of risks by creating an iterative risk assessment process.

As changes are put into the organization, or tasks are executed, a “mini” risk assessment was conducted against the targeted asset to see if the risk rating has changed from its initial state. It takes more time and work, but being able to assess a new risk posture after making changes to an asset is worthwhile.

The process of managing risks on behalf of the organization gives the security professional an opportunity to really show our value to the organization.

The skills we have in identifying risks, documenting steps to reduce the risk, and executing on these tasks can bring us closer to the role we need to attain — trusted business advisor.

Not bad.

Tim McCreight is the owner of Risk Rebels Consulting Ltd. (www.riskrebels.com).

By Mark LaLonde

THE NEW NORMAL

Expectations both by and of security departments have shifted over time

When I look back at the most significant changes in the security industry over the past several decades, two trends stand out: the rise in public and corporate awareness of security as a retail service to be consumed, and the growing sophistication of some institutional consumers of security services.

Forty years ago, few had a home security system and crime prevention was not a common topic of discussion in the corporate world. Now both are ubiquitous.

guard hours per week, they want to see the demonstrable impact and outcomes of those hours. Efficiencies, automation and the use of bots are becoming the new norm. Some vendors are unprepared for this new reality, have a hard time adapting or now find themselves shut out of some opportunities. Others see the opportunity and have shifted their team, internal systems and culture to focus on innovation, metrics and value-added service.

“Some staff will be replaced by security systems, algorithm and bots.”

Public and corporate perceptions of safety, crime and victimization have resulted in a larger and more specialized security industry, even though reported crime has been declining in Canada for quite some time. Now we expect to see uniformed security personnel and CCTV in public and private spaces and access control in corporate and government offices.

Also driving the demand for services are medium and large entities that are now more aware of risk, liability and the negative impacts to their brand so are more likely now to hire security consultants and private investigators to nip emerging problems in the bud before they get out of hand or create a real threat in the workplace. These demands for service mean there is a growing need for specialist security, risk and investigation firms to step in to fill evolving needs in the market.

More recently there has been a shift in the nature of the demand for services as some consumers have more sophisticated expectations of security services and vendors. It is more common now to see organizations create senior administration positions such as Chief Security Officer and the person behind the desk is more likely now to have a related graduate degree and a depth and breadth of experience and knowledge that makes them a demanding and well informed client of their security vendor.

These clients now expect vendors to arrive with complex, integrated solutions, sophisticated KPI’s and be able to demonstrate ROI. Rather than talk about

Security systems are now “smart,” personnel are better trained and services not seen twenty years ago are the new norm. While some of these changes are driven by vendors and the regulatory environment, others are driven by a rising number of well informed and discerning consumers who are no longer content with the old way of doing business. What remains to be seen is how the industry will continue to evolve and what aspects of the industry will slowly disappear. While “basic” security services will always exist, some staff will be replaced by security systems, algorithms and bots. Vendors slow to adapt or lacking vision will lose ground or be absorbed by more agile, forwardthinking firms.

At the same time, some vendors realize that they now need a very different group of client-facing managers and leaders with credentials, complex knowledge and competencies in problem solving and enterprise security risk management to meet new and sophisticated client needs.

I hope that more security firms rise to this level. It will lead to higher pay, better credentials and greater professionalization of the larger industry. I believe that while many in the industry think they can meet these evolving client needs, in fact they lack the complexity to compete on a level that is becoming the new norm. By virtue of vision, resources and sheer will to thrive, I fear only a few will rise to meet the challenge. I hope I am proven wrong.

Mark LaLonde is the Chief Safety Officer at Simon Fraser University (www.sfu.ca).

UNANSWERED QUESTIONS TORONTO ATTACK LEAVES

Security professionals weigh the limited options available to mitigate future vehicular tragedies

By Ellen Cools

In the wake of the Toronto van attack on April 23, which killed 10 people and injured 16 others, Phil Gurski, president and CEO of Borealis Threat and Risk Consulting, and former senior strategic analyst at CSIS, maintains that “there’s nothing to suggest it is a terrorist attack.”

Canadian law defines an act of terrorism as violence that is carried out for political, ideological or religious motivation, he explains, and nothing

suggests those motivations apply here.

The suspect, identified as Alek Minassian, 25, of Richmond Hill, Ont., has been charged with 10 counts of first-degree murder and 16 of attempted murder.

“The police haven’t laid terrorist charges because they have nothing to suggest terrorism, so we can’t go down that pathway,” Gurski notes.

In the weeks following the attack, the City of Toronto has come together in support of the victims. But in retrospect, a number of questions have arisen —

most notably, what can be done to prevent a similar attack in the future?

“A double-edged sword”

Unfortunately, Gurski says, “nothing” can be done to mitigate such vehicular attacks.

Although cities can install barricades outside public areas such as sports stadiums, parks and city hall, the question then becomes where do you draw the line.

“If you want to say, okay, Yonge Street was hit, we’ll just barricade Yonge

Street. Well, good luck with that, because Yonge Street’s pretty big. So first of all, you couldn’t do it. Second of all, you could try, but it would be incredibly expensive. Thirdly … if you did it, you’d basically be building ‘Fortress Toronto,’ which nobody wants. And fourthly, the bad guys just move onto the next block,” he explains.

Satyamoorthy Kabilan, director of national security and strategic foresight at the Conference Board of Canada, agrees that bollards and barriers can pose difficulties.

to avoid generating such a heightened perception.

Vehicular attacks are “stupid simple”

But despite these potential mitigation measures, Gurski says the attacks are “stupid simple.”

“The challenge with barriers and bollards is, one, it costs money [and] two, you also have to be careful with what restrictions they then create.”

— Satyamoorthy Kabilan, Conference Board of Canada

“The challenge with barriers and bollards is, one, it costs money [and] two, you also have to be careful with what restrictions they then create,” Kabilan explains. “For example … what if you needed to park an emergency vehicle on the sidewalk, or the sidewalk was part of your access to get through to another major area?”

Bollards can thereby restrict access for first responders in specific situations, making them “a little bit of a doubleedged sword.”

Nevertheless, Kabilan finds bollards and barriers can be beneficial, as long as the benefits outweigh the risks. He advises cities to take a risk-based approach when determining whether to implement these measures.

“If you’re going to put these barriers in, given the cost, given the potential restrictions, are they creating more problems than they solve? I think that’s a question that everyone needs to ask,” he says.

Additionally, Kabilan says choosing the right type of barrier is paramount, so as not to “give the perception that everyone is in danger and the entire area is somehow locked down, because that then heightens the perception that this is a high-risk area.”

Many cities, he adds, try to make such barriers blend in with the area,

“Who’s going to stop you from driving into a crowd? The answer is nobody, unless you’re already under surveillance [or] under investigation, and even then it’s problematic,” he adds.

Yet he cautions against treating vehicular attacks as a trend in Canada.

While an attack occurred in Edmonton, Alta. last year and in SaintJean-sur-Richelieu, Que. in 2014, that’s “less than one [attack] a year. So do we really want to start [saying], ‘Oh, this is a trend?’” he says.

Kabilan agrees, noting, “We should keep an eye on it as a threat,” but

that these attacks remain very rare in Canada.

In many cases, as in the attacks in Edmonton and Saint-Jean-sur-Richelieu, “[the attackers] were going after very specific targets, they had very specific motivations. There are some insights around dealing with this,” he adds.

“So certainly we should keep an eye on global developments in this space and we should then understand what this might mean for Canada,” he elaborates.

“That does not mean jumping up and saying, ‘Okay, we’re going to protect everything.’ We do have to look at the risk to Canada and we have to, again, going back to what I said earlier, make a risk-based judgement.”

Security awareness is key

Despite the challenges of preventing such an attack, there are still several security implications, particularly in terms of public safety.

“This type of attack is alarming, as is … the potential that every street corner in the country is … a ‘soft target,’” Mark Folmer, TrackTik’s vice president, security industry, and SRVP of ASIS Canada, wrote in an email to Canadian Security.

The attack “shakes the foundation of what we value as Canadians — safety and the sense of safety.

“[It] reminds us that regardless of [the] attacker’s motivation, we as security professionals, as people, need to be aware of this as a possibility,” he adds.

Therefore, situational awareness is critical, although Folmer qualifies that “even the most situationally aware person can be at the wrong place at the wrong time due to the actions of one.”

“This type of attack is alarming ... as is the potential that every street corner in the country is a soft target.”

and security awareness training, he says. Although prevention is not a 100 per cent achievable target, Folmer believes private security entities must collaborate with each other, as well as with public security agencies.

there’s not much that people can do to prepare for a vehicular attack.

As a result, situational awareness should go hand in hand with prevention

— Mark Folmer, ASIS International

Additionally, following an event like this, security directors must be able to determine the safety of their staff as quickly as possible, he adds. Preparing and training for these types of events should tie in with a Threat Risk Assessment (TRA) process.

Kabilan agrees that situational awareness is very important, but finds

TRAINING FOR HEALTHCARE EMERGENCIES

Mass casualty attacks such as the one in Toronto not only impact public safety, but also test the security of the hospitals receiving the victims.

Security training and protocols are important for hospitals in general, but in a large-scale incident, preparation and training is instrumental to ensuring the safety of patients, staff and visitors.

“All hospitals have an emergency disaster plan, or emergency manual, that deals with a variety of different emergencies, and one of those is the Code Orange, for an external disaster,” explains Martin Green, past-president of the International Association of Health Security Services (IAHSS) and manager of security, telecommunications and emergency preparedness for Baycrest Health Sciences in Toronto.

“A hospital should always make sure that their disaster plan is reviewed at least on an annual basis, that it’s

tested on an annual basis and that staff are familiar with their roles and responsibilities for that type of event,” he adds.

In this case, the main receiving hospital, Sunnybrook Health Sciences Centre had practiced a table top exercise just two weeks prior to the attack, says Bruna Mariano, Sunnybrook’s manager, security services. The hospital also ran a mock exercise last fall to test its Code Orange readiness. This training helped ensure all operations ran smoothly that day.

“When we get notified, it’s a mass communication through our emails and through a text,” she explains. “[Then] everyone reports to their department.”

On April 23, Mariano met with her security team, which then assessed the emergency department. By the time the hospital began receiving victims, her team had put the emergency department on lockdown.

“That might make people feel very nervous, but the risk of something like that happening is still actually pretty low,” he says. “It’s the same thing if you are crossing the street. Are you guaranteed that every vehicle is going to stop at a red light or stop at that pedestrian crossing when you go? You’re not.”

Given that these types of attacks are “quite random,” and “incredibly rare,” he continues, “you should not let the fear of these types of incidents stop you from…doing what you would normally be doing in the city.”

Understanding radicalization

Although, at press time, the police have not officially announced the suspect’s potential motive for the attacks, they did reveal that he posted a reference to the

Locking down the emergency department is “for the safety of our staff and patients and visitors, because we had overwhelming visitors coming in,” Mariano elaborates. “All of our doors in emerg can be locked down…After that, everyone [is] put on a hold and gets screened going anywhere.”

Green says that the ability to go on lockdown is a key aspect in a hospital’s disaster planning and training.

“In some cases, [there’s a]

‘Incel [involuntarily celibate] Rebellion’ on Facebook just before the attack, and reports have surfaced that he may have been radicalized by online incel groups.

In Gurski’s opinion, incel seems more like “misogynist hate” than ideology. But he cautions that “we still don’t know enough about Mr. Minassian to state he was influenced by either [Facebook] or Reddit. We need to await the results of the police investigation.”

“Radicalization is an inherently social phenomenon and can take place anywhere, including online and via social media,” Gurski explains.

“All my work on radicalization when I worked for [CSIS] indicates quite categorically that there are always signs.”

— Phil Gurski, BorealisThreat and Risk Consulting

But how does radicalization spread over the internet and, in particular, social media?

“It is important to remember that radicalization is not a passive process whereby an individual absorbs material but rather an interactive one with questions, doubts, challenges, etc. Any platform can be used and those that are encrypted (e.g., Whatsapp) create major problems for those (spies and police) trying to keep track of those radicalizing.”

Yet “the field of stopping radicalization is still in its infancy.”

Social media companies can remove material, but agencies like CSIS and the RCMP need that material to stay online for investigative and prosecutorial reasons, he says.

Regardless of the motive or means of radicalization, Gurski says that in the future, reporting potential signs of an attack is paramount.

In this case, he believes someone likely noticed signs but did not say anything, out of fear, uncertainty, or any number of reasons.

“All my work on radicalization when I worked for the service [CSIS] indicates quite categorically that there are always signs and that the challenge is not that there aren’t signs, but …what do you do about them?” he asks. “You’ve got to call somebody.”

continuation of a crime scene, but in other cases, it’s just to make sure that you don’t have unnecessary people getting into the area,” Green explains.

“Unnecessary people” could include the media, family members and curious onlookers.

During a lockdown, the security officers may be assigned to stand at a door, check IDs and only allow access to authorized people.

The most important aspect is to secure the perimeter and ensure that “all access points to the emergency department [are] staffed by a security person.”

Security staff should be positioned at doors that are not automatically locked, Green clarifies, since locking all doors would require too much manpower.

This is key not just on the day of a mass casualty incident, but also in the days and weeks following, as victims may stay in the hospital for a prolonged period of time.

At Sunnybrook, Mariano says, six security officers were working that day, and another five came to work within 20 to 30 minutes after activating their “disaster fan out list.”

“We redeployed our staff in the

emerg and we had two of our officers in the waiting room to control the crowd that was in there because we were already working at 111 per cent occupancy,” she says. “We had our officers ready by the trauma bay doors as the victims were coming in.”

The hospital also activated its family information centre and hospital emergency operations centre, where the security team, other hospital departments and Toronto Police Services met throughout the day. Officers were redeployed to the hospital’s main entrance with Sunnybrook’s family information team.

“From there we basically worked as a team with all the support services, the physicians, the senior leadership and clinical staff. It was great support; it was a team effort and it went really smoothly,” Mariano adds.

Dealing with the aftermath

“One of the challenging situations we’re having now are reporters sneaking in and trying to interview families,” Mariano explains.

A key security protocol to follow in the aftermath is debriefing all departments “as soon as is practical,”

Green says.

At the time of this article, written the week of the attack, Sunnybrook was in the process of debriefing staff through their “employee assistance program.”

“The employee assistance program is going to go on for quite a while here at Sunnybrook because everyone is starting to come out now and starting to grieve,” Mariano shares.

“When we were all involved in the crisis, everybody was doing their job and reacting to the crisis. Now, as the aftermath is taking place, it’s actually coming to reality to everybody that this happened in our city of Toronto, and I think a lot of people are grieving right now.”

Ultimately, “we always assume it can never happen to us, but we always have to be prepared for the possibility that it can,” Green says.

“Quite often these events happen when there’s no one around, and then it’s a scramble to get the appropriate resources. But if anything was fortunate in this, it was that it happened on a Monday afternoon and there were lots of staff at the hospital able to respond and assist.”

— Ellen Cools

Sponsored by:

MEETING THE CHALLENGES

Leaders from some of the largest and most influential guard companies operating in Canada discuss the major issues of the day, including wages, training, customer focus, technology and more

Canadian Security magazine held a guarding roundtable on April 26, inviting representatives from some of the leading companies in the security business to discuss and debate some of the major issues of the day. The major impetus for the discussion was recent changes to Ontario legislation (Bill 148), as well as similar legislation in other provinces, that are having a major effect on employment conditions, chief among them an increase in minimum wage (rising to $14 an hour in Ontario on Jan. 1 this year and $15 an hour next year). Other factors that prompted this discussion include technology innovations such as drones

and robots, and how they might change the landscape of the security industry. Unexpected was the topic of vehicular attacks. Days earlier, the van attack occurred in Toronto — the panel felt it was appropriate to introduce this as a discussion topic and talk about the implications for the security industry. Panelists include Scott Young, Senior Director, Business Development, GardaWorld; Han Koren, President, ASAP Secured; Steve Danelon, Regional Vice President, Canada, Allied Universal Security Services; Floria Chiu, Director of Customer Care, G4S Canada; and Iain Morton, Executive Vice President, Paladin Security and Paladin Technologies. Canadian Security editor

Neil Sutton moderated the roundtable which was sponsored by GardaWorld. An edited version of that discussion follows.

Canadian Security: How is the change in minimum wage affecting guarding operations and relationships with clients?

Scott Young: Certainly we had some open discussions with our clients in the second half of 2017. The [Ontario] increase was introduced fairly rapidly. Some of our more blue chip clients couldn’t justify the substantial increase and we have seen some margin compression as a result of that. Where you used to have to pay $6 an hour more than minimum wage to get, say, the top 25 per cent of officers in the market — now you need to only pay $2 an hour more than minimum wage. There’s been a bit of a flattening of the labour market in Ontario. Clients who are willing and able to pay that little bit

extra will see more reward than they would have in the past.

Han Koren: We dealt with increases in the past and they were generally limited to 20 cents ... which you can easily absorb in your margins. This was a bit of a hike. I remember when we started talking to customers and they said, “It’s not even legal yet… so why are we discussing it now?” We were a little bit behind in getting all those conversations going. On top of that, a lot of the discussions were mid-contract, so they didn’t necessarily have a reason to break the contract open although we had language in the contract [to renegotiate] the rate. It made it pretty challenging. It was not only the wage increase. It was also new legislation about sick days, new calculations for stat days and things like that. All in all, it was a pretty expensive move.

Steve Danelon: I think we’re still looking at the impact of the minimum wage and how it will impact our business. It has made some of our employees minimum wage employees — they were three or four dollars higher than minimum wage before. We’re seeing some movement in the workforce. It’s really challenging the thinking of the customers on the type of security professionals they want in their facility: Do they now want a minimum wage individual or do they now want someone who is above minimum wage and has the skillset to [meet] their challenges?

CS: Has that created a domino effect where somebody who was making $15 an hour before the legislation is now looking for $18 or $19 an hour?

SD: Absolutely. We’ve had some customers who have raised their pay rates from $14 to $18. We have other ones that will not budge from $14.50. Some employees are saying, “I should get a 32 per cent wage increase because I was at $14.” Trying to educate our workforce and how it’s impacting ... the customers’ budgetary restraints has been a challenge.

Iain Morton: It’s been very challenging on our entire industry, especially since it came into law [in Ontario] on Nov. 27 with 33-34 days to implement. I think we did as good a job as anybody could, but nobody’s business was going to be in perfect harmony with their clients as [we work] through this. Our clients adopted the stance that they would be collegial and work with us, for the most part. Many of them have restored the gap that they used to have above minimum wage but some have not. Some didn’t have the budget and had limited maneuvering ability to really work their way over. It’s been difficult for them. We’ve continued to work with those clients and overall the business is coming out in very good shape, but it’s led to a very volatile marketplace right now. Mostly, I think, those clients struggle to get over the line. That volatility is going to take some time for the dust to settle and the market to reset.

“Do [customers] want a minimum wage individual or do they now want someone who is above minimum wage and has the skillset to [meet] their challenges?”

out a way to do more with less. We are asking for increases in order to stabilize the program. To avoid turning it into a minimum wage program, we have to come back with ideas… and solutions to make up for that.

CS: How are skillsets changing in the security industry?

— Steve Danelon, Allied Universal Security Services

FC: I’m really seeing a shift to the soft skills as opposed to the hard skills. I think the uniform that was once able to effect action and change now  has to be coupled with soft skills like emotional intelligence, awareness around mental illness, being able to understand cultural differences — I think those are all key components of a security guard’s job now.

Floria Chiu: We have the same challenges. If we were to talk about the impact of ESA (Employment Standards Act) changes and minimum wage on our business directly, I would say we really have to change the conversations that we’re having. Scott and Iain talked about the difficult conversations that we have to have with our customers and then to finally figure out what the legislation actually means to us from a cost perspective, then having to go back to [customers] and have that conversation again… We’ve had to take a step back to say, “OK, the budgets are the budgets. Those have been approved and are limited to your current fiscal year.” So what is the creativity we need to apply to that program? It may be about helping our customers figure

IM: I think fundamentally with many of the clients being posed a 20-25 per cent wage uplift and cost uplift, the expectations have to be higher from the customer standpoint. We need to provide high calibre security officers. We are, to Floria’s point, really focused on customer service engagement, but still with that intervention capability, especially in the health-care market. We have to go in and be aware of mental health, be aware of our Code White responses [the code assigned to potentially violent patient situations]. In many hospitals, our staff are the entire Code White response team. In most cases, it’s a combined effort with clinical [staff]. The skillsets required for somebody who was being paid $12.50 a few months ago was inordinately high. The only reason we’ve succeeded well in that environment is we’re trying to attract people whose career arc takes them out to corrections and border services and policing. That balance worked quite well. The good thing

is, those police forces are looking for the similar soft skills and intervention skills that we’re looking for as we bring people in. The level of training and expectation of how they perform in the field is continuing to rise. I think collectively the industry has to continue to push for wage uplift and pay escalation that allows people with tenure and experience and performance to stretch out their career a little bit longer in security before they move on and take the next opportunity.

SY: As labour costs increase, I think customers are looking to complement their manpower with technology solutions. So whether its incident management, whether its virtual concierge or guard tour systems, the employees need to have that technical skillset in order to work in today’s environment. I think with more millennials entering the workforce, we’re all trying to find ways to motivate them in different ways than maybe they’re used to. Back in the more militaristic days of security guards, they would show up at 08:00 and they would be there till 17:00 because they were told to do it. Nowadays, I think millennials are asking, “Why do I need to do it that way?” They’re using social media more often as well and seeing other options that are available to them. As minimum wage goes up, guards have more options [for jobs] in less stressful situations than what they’re facing in

security. We’re having to adapt, our supervisors are having to adapt in order to keep this new generation motivated.

HK: More and more, I think customer service is key. The guard who is [only] good at the security side is not good enough anymore. He needs to be able to greet and say hello and have the right composure. We spend a lot of effort and time training people for that. Generally they have a good security background but now we ask a little bit more of them. Maybe to some of the points made earlier, tech savviness is key. We see, especially the older guards, sometimes struggle. I find, being from the older generation, we need to change the way we do things and maybe find one another [older generations and millennials] somewhere in the middle. With the old ways, we grew up hearing, “This is what you need to do,” and we did it without asking [questions]. That’s long gone, we need to show the bigger goal: Where is the company going? What is your part in it? Why is it important to us?

SD: I truly think we’re undergoing the biggest technology revolution in our industry and we’re underestimating how important the technology will be and how well our employees will have to adapt to it. We’re just in the infancy of what the technology will do to our industry in the next few years. Having the technology savvy will probably be

one of the most important functions of a security professional, along with soft skills and everything else. I also think, as an industry, we have to expand where we get our employees from and try to get new individuals to come into our field. As an industry, we do a poor job of educating others. There’s a misconception that you have to be [physically] strong, you have to be tough… we don’t do a good job of getting people from the customer service industry and other segments and educate them on the career you can have — that you’re not in precarious employment, that you’re working full time with full time benefits.

FC: I totally agree with you. We try to look into our guard pool to find individuals to put into a succession plan or a growth plan to help build the next generation of managers. I didn’t [come up] on the front lines, but everyone on my team is a front line individual who has found their way or found their place within the industry. I think it’s so important for all of us to work together to bring in that next generation.

SY: And we need to be creative. We’re competing with so many more industries now.

CS: Are we seeing new technology actually being deployed?

SD: I think we’re just starting. If you look at the unmanned ground vehicles, they’ve been in the industry for about two years. It’s early adopters that are giving the industry an opportunity to adjust [the technology] to what we need in the security industry — working with engineer teams to address what it can do and what it can’t do. I think, in the next few years, as more and more of these units are put into place and the camera analytics get stronger, and GSOCs (global security operations centres) get smarter… In my opinion, every account will have a hybrid technology piece and a security professional piece. It will be one customized solution for the client that will be multi-faceted. As the labour pool shrinks for security professionals, you’re going to have more technology to offset the shortage of labour that we’re all facing. That will also help customers with their budgetary constraints as well. It’s just starting and I think it will be more commonplace in the next five years. We’ll see RFPs (request for proposals) that will have specific technology components along with the traditional guarding portion.

FC: I think with all innovative ideas and new technologies, there’s always someone focused on looking at what that technology represents, investigating how it fits in and understanding the actual technology. But I think all of us have to take a step back from that and understand what it means for the customer. Does it fit in as a solution to a potential pain point that a customer has? Drones is a popular topic. Customers ask about drones all the time. However, there’s also limitations from a legislative perspective, from a privacy perspective. Those are areas in the technology space where we have to have intelligence around that. We can’t just look

at a product and say, “This is a really cool thing that we can implement into the program,” without understanding the implications to privacy and whatever limiting legislation there may be.

To have the knowhow and have the technology is one thing; to spend the time to understand the legislative piece of it is equally important.

CS: Are these types of questions regarding drones and robots coming up more frequently with customers?

HK: They’re coming up more frequently. [You hear] that it would be nice to have this, this and this. Generally what I’ve seen [with drones] is they’re great for assessments — a flyover, acknowledging what’s on the ground and working with those images. I’ve not seen the [technology] taking away from patrolling. There’s all sorts of limiting factors: the payload, problems with battery life, [the weather]. I think we’re in the early stages with drones as well. They will definitely have a role, but I don’t think it will be [one of replacement].

IM: We have a substantial technology business… It’s going to be a very slow curve, I think to combine the two [guarding and technology]. We’re actually spending more time on antidrone technology than drone technology in Canada — looking

at ways we can prevent privately operated drones from interfering with airports or interfering with the privacy of our customers. Or even smuggling types of issues — getting things into prisons. Technology and the crossover with guarding is really happening in the security operations centres. It used to be that alarms, dispatching, video surveillance was the norm. You keep a dispatch log. Now we’re seeing it operate in a more sophisticated way where intelligence is coming in, real-time news is coming in, social media monitoring whenever your business or client’s name is mentioned, apps for the tenants so they can communicate with security. These are all the things that our customers are starting to talk about in a more general way than just the odd, isolated [conversation] in the past. I think that ties back to the fact that SOC operators have to be trained and supported to a much higher level.

CS: The van attack happened in Toronto just a few days ago. It was a shocking and terrible event, but perhaps not a total surprise to security professionals who follow these trends.

“This isn’t about ‘doom and gloom,’ I think it’s about preparedness, it’s about prevention, it’s about having honest conversations about what the potential risk is.”

— Floria Chiu, G4S Canada

IM: It’s so disturbing to all of us. And yes, I think it was expected, unfortunately. Sooner or later, no city of any size will remain immune. One of the things that I believe the entire security industry has lost focus on, and the architectural industry and the people who are building buildings, is crime prevention through environmental design (CPTED). You see the buildings that are on the unfortunate stretch that was under attack bristling with cameras, with great reactive video, but where were all the bollards? Where were all the planters that could have allowed people refuge to duck behind?

so by their nature there are more bollards, more barriers. So I agree with you, the planning stages [of cities] is probably the way to go. We’ll probably never prevent this type of attack, but you can limit the areas where they can happen.

SY: Great points by both of you. Speaking more to the prevention side of it, hostile environment awareness training, terrorism threat training, situational awareness training for our officers to recognize signs of a possible threat before it happens is also a role they can play. Back to the social media piece, it always seems like when attacks like this happen, there was a Facebook post the day before that was so prophetic after the fact. What can we as an industry do to see those coming so we can be more prepared?

SY: As opposed to training the security person on the technology, you hire the technology person and train them on the security. It’s kind of flipped on its head a bit. That’s the core skillset that is becoming more and more desirable. The social media monitoring piece is really interesting too, as artificial intelligence comes into play as well. We’re seeing real-time incident notification in social media. Take the Las Vegas shooting as an example. We were speaking to a group that had their artificial intelligence engine put out an incident report while the shooting was still happening based on Tweets. For special events or threats against government buildings, hospitals, airports, critical infrastructure — we need to be on the cutting edge of that to augment our clients’ overall security management program.

I think the entire planning system that we have for developing our cityscapes has to change and be proactive. I know European cities are well ahead, portions of New York City are well ahead because they learned reactively. I think it’s a shame that we as a society aren’t a little bit more proactive. Secondly, I really appreciate the politicians that are thanking the first responders, but also mentioned the public that responded first as well. The security working in those facilities along that stretch that was attacked ... I’d like to think that they came out en masse, and I’d like to think that they were trained and they supported. I think that’s what our society wants and that’s what our company would want, without sacrificing the safety and security of the tenants. That’s where our industry can help.

HK: I think Europe is ahead, and not just because of attacks or potential attacks. They’ve always had this [view] that “we’ll protect our pedestrians and our cyclists,”

FC: Seeing those threats that we consistently see in the media outside of Canada, what is the probability of that happening on Canadian soil? Being in [security] and being exposed to information like this all the time, it’s about absolutely making it OK to put that on an agenda for discussion. I think, as Canadians, we generally shy away from conversations that are “doom and gloom.” This isn’t about “doom and gloom,” I think it’s about preparedness, it’s about prevention, it’s about having honest conversations about what the potential risk is.

SD: It’s a tough topic. I think what Iain said about using environmental design is interesting, but you don’t want to do it to the extent that it changes the landscape of our city. These incidents will happen. They’ll happen again in the future. It’s part of reality. Some may [occur] through terrorism, some through mental health issues. I think you can do certain things to mitigate the risks of vehicles on sidewalks without turning it into a fortress and having a city where you become afraid of walking around.

It would be a shame if this incident or future incidents changes the whole landscape of the city of Toronto and the great city that it is and everything that it has to offer.

Thermal security camera

FLIR

The F-Series ID, a high-resolution thermal security camera with onboard analytics, features a 640x480 FLIR thermal sensor with up to 300 per cent greater thermal sensitivity than previous F-Series models to provide detailed imagery in low-contrast conditions. The F-Series ID detects potential intruders in both low or zero light conditions, and its built-in analytics classify human and vehicular targets that pose a risk. It also ignores innocuous targets that might otherwise trigger nuisance alarms. With five lens options, including 44, 25, 17, 12 and 86-degree field of views, the camera provides wide-to-narrow coverage that reduces the number of cameras needed to monitor fence lines, perimeters, etc. The F-Series ID is certified for integration with most major third-party VMS and FLIR’s United VMS. www.flir.com

Video management system

Johnson Controls

The latest version of exacqVision video management system (9.2) includes features that enable users to individually configure and customize their system while providing security to help protect against cyberattacks. exacqVision 9.2 allows users to create a customized video wall layout with custom icons to deliver information. VideoPush lets operators send video search results to another user’s screen or spot monitor to aid in investigations for user collaboration. Users can now receive email notifications if a camera has stopped recording for a certain amount of time to ensure all video is recorded. Video can now continuously play from mobile devices. To save bandwidth, video panels can be configured to time out when interaction with the mobile app or web client stops. www.exacq.com

PTZ camera

Vicon

HD surveillance camera

Arecont Vision

The new MegaDome and MegaVideo UltraHD series cameras offer users the choice of 12MP at 20fps for maximum resolution and image clarity, 4K at 30fps with BMP high definition image quality for high speed requirements, or 1080p at 60fps for maximum frame rate. The MegaDome UltraHD dome camera includes a motorized remote focus/zoom 4.4-10 mm P-Iris lens mounted in a 3-axis gimbal for rapid installation and setup. The IP66 environmentalrated and IK-10 impact-resistant housing of the MegaDome UltraHD encloses integrated IR LEDs with adjustable beam angle and LED intensity. Wide dynamic range, NightView low-light technology, SNAPstream technology for reduced bandwidth and dual encoder H.264/MJPEG capabilities are built in. Features also include a privacy mask, motion detection, flexible cropping, bit rate control, multi-streaming, multicasting, forensic viewing and non-integer scaling.

www.arecontvision.com

Thermal cameras

Hanwha Techwin America

The new IP-based Wisenet thermal cameras (TNO-4051T, TNO-4050T, TNO-4041T, TNO4040T and TNO-4030T) require no ambient light and provide high-quality images in darkness or challenging environments. Capable of long range detection, the cameras feature selectable 13/19/35mm lenses and are available in bullet and PT mounts. With a VGA resolution of 640 x 480 at 30fps, the new thermal cameras use the Wisenet 5 chip to provide advanced analytics including tampering and shock detection, loitering, directional detection, plus audio detection and classification for gunshots, glass breaks and screams. Motion detection with handover enables the cameras to inform standard PTZ cameras where to target their lenses to gather additional information.

www.hanwhasecurity.com

The Cruiser SN673V-C outdoor PTZ dome combines a 1080p day/night H.265 camera with 23X optical zoom. Featuring 360° continuous rotation and full -5° to 90° tilt range, this dome can provide coverage in all directions. This latest Cruiser model offers synchronized IR illuminators that support distances of up to 196 feet. In-camera video content analysis can alert system operators to camera tampering, video motion and intrusion detection. Quad streaming capabilities include H.265 compression technology, reducing file sizes and bandwidths. he camera accommodates 256 programmable presets and eight tours, and provides four alarm inputs and one alarm output. www.vicon-security.com

LCD monitor TRU-Vu Monitors

The SRMW-24 Series monitors feature 1920 x 1080 full HD resolution and 1,000 nits of brightness, producing clear images even in direct sunlight or other high ambient light conditions. The NEMA 4X fully waterproof stainless steel enclosure ensures the monitor will withstand rain, snow, etc. Capable of operating between -4°F to +158°F (-20°C to 70°C), the series also features anti-reflective glass to improve image quality. An ambient light sensor also automatically adjusts screen brightness, depending on lighting conditions, and the Auto Re-Start after power loss function ensures the monitor automatically resumes operation after power is restored. www.tru-vumonitors.com