CS - November - December 2017 by annexbusinessmedia

THE PUBLICATION FOR PROFESSIONAL SECURITY MANAGEMENT

Active shooter awareness

How are Canadians reacting to targeted gun violence? Security experts, analysts and consultants assess the impact

GardaWorld protects your employees and assets in any situation

Risk management and consulting services to help protect your people and assets Our team draws from GardaWorld’s in-house and unique expertise to determine the best service offering to plan for recovery efforts. We are able to collaborate with both your teams and public forces to ensure that your people and business are taken care of in the event of a disaster.

GardaWorld’s national control centre operates 24 hours a day, 7 days a week, all year round and is supported by four additional control centres. Our operators constantly monitor clients’ sites and employees on the ﬁeld to assist and coordinate rapid emergency responses. Our disaster recovery and safety services include:

■ Fast deployment of mobile patrol units

■ Audits and security risk assessments

■ Evacuation procedures

■ Rescue in high altitude and conﬁned spaces

■ Industrial firemen and first responders

■ Access control and crowd control services

■ Consulting and operational support

1 855 GO GARDA (464 2732) garda.com/patrols

By Neil Sutton

By Dave Demos

By Neil Sutton

LTHE UNWITTING ENEMY

How employees became the biggest threat to corporate networks

ooking back on a busy year in security, there are a number of major trends and events that leap to mind. But a phrase I seem to hear over and over again, at conferences, in conversation, at seminars, etc., is insider threat.

The words immediately conjure mental images of some pretty nasty stuff: employees who substantially pad their income by stealing then selling trade secrets; or worse still, disgruntled employees who seek to do harm to their employers or even their co-workers. These are both legitimate concerns, and, while rare, are worth planning for and mitigating against. But the “real” threat, or at least one that’s much more likely, is also much more banal: employees who unwittingly put their companies in harm’s way because they don’t, or don’t know how to, follow security procedures. This type of insider threat is ripe for discussion lately and the solution seems to be a mix of: train your employees properly and fortify your systems such that they can withstand, or even prevent, these types of foul-ups. John Chen, BlackBerry’s CEO, suggested something along these lines at the company’s recent security summit and he’s not alone (see p.8 for more on BlackBerry).

Group Publisher Paul Grossinger pgrossinger@annexweb.com

Publisher Peter Young pyoung@annexweb.com

Editor Neil Sutton nsutton@annexweb.com

Assistant Editor Ellen Cools ecools@annexweb.com

National Account Manager Jennifer Dyer jdyer@annexweb.com

“We’ve been building to this type of mass threat for a long time.”

I would argue that we’ve been building to this type of mass threat for a long time. The rise of file-sharing programs, which are convenient and easy to use, has all but eliminated the need to load up memory sticks with large files and walk them across the office. But in so doing, this has replaced one big problem (losing valuable data on misplaced USB keys) with potentially an even larger one (transferring information over unsecured or unauthorized personal accounts).

Training seems to be the most likely and effective solution — education that not only teaches people to recognize phishing attempts, but explains what happens if you fall for one. There is certainly a technology piece to be implemented as well, and there are many software makers and service providers who can step up and offer solutions. But to me, the most important piece of the puzzle is the organizational culture. Are people blithely connecting their work laptops to unsecured public networks? Probably. But have you provided them with a VPN and showed them how to use it? If corporate data is leaving the network, then offer alternatives that not only protect that data but are easy to use. Again, this is something that Chen spoke about during BlackBerry’s conference (the push and pull of security and productivity), but I’m afraid it’s not repeated often enough.

There are endless studies about the threats organizations face, but it’s the discussions that evolve from them that are really going to make the difference.

In closing, I would like to thank Mel Gedruj for his written contributions over the past two years. His Municipal Matters column has highlighted the security challenges faced not only by municipalities but many organizations, large and small. Moreover, he has provided guidance and offered solutions. Really, you can’t ask for much more than that.

Art Director

Graham Jeffrey gjeffrey@annexweb.com

Account Coordinator

Trish Ramsay

tramsay@annexweb.com

COO Ted Markle

tmarkle@annexweb.com

President & CEO

Mike Fredericks

Editorial and Sales Office

80 Valleybrook Dr., Toronto, Ontario M3B 2S9 (416) 442-5600 • Fax (416) 442-2230

Web Site: www.canadiansecuritymag.com

Canadian Security is the key publication for professional security management in Canada, providing balanced editorial on issues relevant to end users across all industry sectors. Editorial content may, at times, be viewed as controversial but at all times serves to inform and educate readers on topics relevant to their individual and collective growth and interests.

Canadian Security is published six times per year by Annex Business Media.

Publication Mail Agreement #40065710

Printed in Canada I.S.S.N. 0709-3403

Subscription Rates Canada: 1 Year $40.95 + HST; U.S.A. (payable in US dollars): 1 Year $70.00; International (payable in US dollars): 1 Year $80.00

Circulation Tel: (416) 510-5189 Fax: (416) 510-5170 asingh@annexbizmedia.com 80 Valleybrook Drive, Toronto, ON M3B 2S9

The contents of Canadian Security are copyright by ©2017 Annex Publishing & Printing Inc. and may not be reproduced in whole or part without written consent. Annex Business Media disclaims any warranty as to the accuracy, completeness or currency of the contents of this publication and disclaims all liability in respect of the results of any action taken or not taken in reliance upon information in this publication.

Jason Caissie

CALENDAR

Jan. 31 – Feb. 1, 2018

Border Security Expo San Antonio, Tex. www.bordersecurityexpo.com

March 7, 2018

Security Career Expo Toronto, Ont. www.securitycareerexpo.ca

April 11-13, 2018 ISC West Las Vegas, Nev. www.iscwest.com

April 15-18, 2018

IAHSS Annual Conference & Expo Chicago, Il. www.iahss.org

April 18, 2018

Focus On Manufacturing Security Mississauga, Ont. www.focusonseries.ca

April 24-25, 2018

Canadian Technical Security Conference Cornwall, Ont. www.ctsc-canada.com

April 25, 2018

Security Canada East Laval, Que. www.securitycanadaexpo.com

May 9, 2018

Security Canada Ottawa Ottawa, Ont. www.securitycanadaexpo.com

May 30, 2018

Security Canada Alberta Edmonton, Alta. www.securitycanadaexpo.com

June 13, 2018

Security Canada West Vancouver, B.C. www.securitycanadaexpo.com

September 12, 2018

Security Canada Atlantic Moncton, N.B. www.securitycanadaexpo.com

September 23-27, 2018

ASIS Seminar and Exhibits Las Vegas, Nev. www.asisonline.org

Robots and the future of cyber regulation

“We’re

creating a world where everything is a computer,” said Bruce Schneier, author of the “Schneier on Security” blog, special advisor to IBM Security and CTO for IBM Resilient, during his keynote speech at the recent SecTor conference in Toronto.

Schneier discussed the security implications and vulnerabilities in an era of Cloud computing, autonomy and the Internet of Things (IoT).

He specifically highlighted IoT, which he broke down into three elements.

threats according to the CIA triad — confidentiality, integrity and availability. With this new smart technology, the availability and integrity threats become worse, Schneier explained. For instance, a hacker could hack into a car’s GPS system to learn the car’s location, which is a traditional threat. But as cars become more integrated with computers, hackers could also hack the car and disable the brakes remotely.

The first part is the sensors, such as iPhones, smart lightbulbs and smart thermostats, that collect data about us and our environment. The second part is the processing, memory and networking. The final part is the actuators that affect our environment.

“You can think of the sensors as the eyes and ears of the Internet. You could think of the actuators as the hands and feet of the Internet. It gives the Internet sensing capabilities and the capability to do things. And [the second part] as the brain,” Schneier explained. “So we’re creating an Internet that senses, thinks and acts.”

“That is the classical definition of a robot,” Schneier continued, “and I think the way to think of this Internet today is that we’re building a robot the size of the world and don’t even realize it.”

This smart technology has some profound implications on security, as it can affect the world in a direct, physical manner. This means that “Internet security becomes everything security.”

As everyday objects in our lives become more interconnected, security technologists’ expertise becomes more valuable in different industries.

But this also means that threats are becoming more diverse and difficult to address.

There are three basic types of

According to Schneier, there are two basic paradigms of security: security by design, where devices and software are designed to be secure the first time around via testing and certifications; and agile security, where software is made more secure through prototypes, patching and updates.

“These two paradigms are colliding,” said Schneier. “In our cars, medical devices, traffic control systems, voting machines. And we need to figure out how to make these paradigms work together.”

To do so, Schneier believes regulations are needed and the government will become increasingly involved. “I actually think that’s a good thing and something we need to embrace,” he said.

For Schneier, the choice isn’t between government involvement or not, but between “smart government involvement and stupid government involvement.”

In an interview with Canadian Security, Schneier said, “policy is coming to our industry because of IoT vulnerabilities, because of critical infrastructure, because of all of these threats that are not going away. And that’s going to bring with it regulations.”

Schneier called on technologists to work with policymakers, government agencies and lawyers to help create regulations. “Either we’re involved in making sure those regulations make sense and are technically feasible, or it’s going to be imposed upon us,” he said.

— Ellen Cools

Bruce Schneier

Security Director of the Year 2017 AWARD GALA

JamesArmstrong, VP of security for Ottawa International Airport, was named Security Director of the Year by Canadian Security’s editorial advisory board. Armstrong received his award on Oct. 18 at a gala event sponsored by Anixter Canada. Armstrong thanked his wife and family in his acceptance speech and acknowledged the strong support of his CEO Mark Laroche along with the entire airport security team.

Denis Perez, Axis Communications; Ken Close; Trillium Health Partners; Martin Green, Baycrest Health Sciences

Alan Nielsen, Anixter; Peter Wong, Paladin Security

Dylan Doran, Anixter Canada; Paul Swan, Tri-Ed Distribution Lisa Downing; Peter Levoy; Bill Burley, Anixter Canada

Gary Mistak, Anixter Canada; Iain Morton, Paladin Security; SSgt Kirk Miller, Ottawa Police Service; Dave Thomas, Ottawa International Airport; Tina Armstrong; James Armstrong, Ottawa International Airport; Don Rolland, Paladin Security; Robert Bento, Paladin Security; Paul Swan, Tri-Ed Distribution

Security Director of the Year, James Armstrong

Images: Paul Wright

ASIS and CANASA sign MOU

The Canadian Security Association (CANASA) and ASIS International recently signed a memorandum of understanding, announcing an intent to work together to pursue mutual goals.

According to a brief statement posted on the CANASA website, “CANASA is looking forward to the future of our alliance and believe strongly that this relationship will be of benefit to both associations and in turn the security industry.”

Patrick Straw, CANASA’s executive director, described the relationship as

“warm and friendly” and said he hopes both organizations will benefit by leveraging each other’s strengths.

ASIS Toronto award winners

The Toronto chapter of ASIS International recently awarded its annual security and law enforcement awards, as well as scholarships for security professionals in training who are seeking to further their education and expand their credentials.

The awards were held on Oct. 19 at the Toronto Congress Centre in conjunction with this year’s Security Canada Central show, organized and hosted by the Canadian Security Association (CANASA).

The winners for 2017 are:

• Security Guard of the Year: Alex Macleod, site supervisor, Commissionaires Great Lakes

• Security Professional of the Year: Meagan Brylikowski, security supervisor, Russell Security, North Bay Regional Health Centre

• Police Officer(s) of the Year: Detective Chris Ludlow and Staff Sergeant Kevin Yamada, Durham Regional Police Service

• Security Studies Scholarship: Jacob K. Goodier

• Friends and Family Scholarship: Crystal Dudgeon

Mark Folmer, SRVP, ASIS International Group 6 (Canada), added that the organization is “very happy” an agreement was reached. He credited his predecessor Bill Bradshaw as well as ASIS Toronto Chapter Chair Jason Caissie for spearheading the initiative on behalf of ASIS.

“The idea of aligning and cooperating just makes sense,” said Folmer. “Synching two groups that have mutual interests means that we can jointly keep advancing the security industry. This is a win-win for both of our memberships.”

Patrick Straw, CANASA Mark Folmer, ASIS Canada

2017 award winners and ASIS Toronto Chapter executive

Ben Tabesh, Condor Security; Meagan Brylikowski, Russell Security; Jason Caissie, Chair, ASIS Toronto Chapter

Brine Hamilton; Crystal Dudgeon

Jacob K. Goodier

Ben Tabesh; Chris Ludlow, Durham Regional Police Service; Brine Hamilton, Trillium Health Partners

GETTING THE THREAT

Encouraging

co-operation between security and emergency management departments is mutually beneficial

Canadians are surrounded by complex safety and security apparatuses that now touch almost every aspect of our lives. We operate within and engage with security structures that are nearly ubiquitous, from security officers at our workplaces and schools, to omnipresent surveillance in our public spaces. With the overwhelming propagation of public safety and security measures within our society, why are we not more cognizant of the threats that could impact us?

While we interact with complex security structures on a daily basis, we are largely kept both personally and professionally segregated from the individuals and systems that they comprise. There are numerous reasons for this, ranging from the belief that avoiding familiarity is required to ensure professionalism, to a simple lack of understanding of these disciplines on the part of decision makers. Regardless, I would argue that this is ultimately ineffective, and integrating security and emergency management methodologies into an effective and unified framework requires an inclusive approach that many institutions fail to understand. While this approach requires a thoughtful design, it offers tangible benefits, ultimately allowing organizations to cope with a range of threats and hazards that may require the involvement of stakeholders beyond frontline responders.

While this approach may meet regulatory requirements, it fails to take into account the inherent differences between regular business operations and emergencies. After all, an emergency is far from “business as usual.”

“A unifed security and EM framework is something that can be accomplished.”

While security and emergency management both focus on preventing and coping with disruptions, they go about this task in very different ways. Where security practitioners often take the role of tactical responders, emergency managers by contrast tend to view themselves as facilitators. The goal of the facilitator is not to single-handedly respond to an emergency, but rather to establish connections between parts of a system, ultimately allowing for the system as a whole to respond more effectively to disruptions. This approach is often most effective when it focuses on ensuring that decision makers take system-level views of disruptions rather than addressing problems through a single lens of experience. As such, emergency management processes should not be made to focus on taking response duties away from security professionals, but rather on building and integrating relationships into a cohesive system that can be implemented during an emergency. This allows an organization to leverage the resources, skills and expertise of diverse stakeholders during disruptions, ultimately increasing its capabilities dramatically.

I would suggest that this process should begin by recognizing and avoiding the tendencies that inhibit the effectiveness of security and emergency management practitioners, specifically isolation and focusing on arbitrary performance metrics. It can be tempting for managers to place security and emergency management resources within a structure that aligns with routine business, rather than one which accommodates the unique focus of these professionals. This often results in a simplistic org-chart where security focuses on human threats and emergency management focuses on fires, floods, and other natural and technological hazards, ideally without distracting anyone from engaging in core business operations.

Ultimately, implementing a unified security and emergency management framework is something that can be accomplished, but it requires a recognition that security and emergency management practitioners do not easily conform to routine business practices, and a willingness to listen to the needs of these professionals. By taking an inclusive approach that collaborates with subject matter experts, organizations can establish a level of resilience that cannot be achieved by dictating the terms under which these professionals operate.

Douglas Grant is an emergency management consultant with Calian (www.calian.com). A longer version of this column originally appeared during Canadian Security’s Emergency Management Week.

By Mel Gedruj

SECURITY FOR THE MASSES

Large gatherings, such as concerts and sporting events, can be especially tough to protect

Stadiums, concert halls and other large popular venues have experienced their own share of security events.

Recall the soccer stadium and concert hall terror attacks in Paris, November 2015 resulting in hundreds of casualties. How about, more recently, the tragic Las Vegas open air music concert massacre with its toll of 58 dead and more than 500 injured — it was deemed the largest mass shooting in U.S. history.

“A risk-free life would require drastic measures.”

In Europe, they have contended with soccer problems for decades. The 1985 European Cup final played by Juventus of Italy and Liverpool of England at the Heysel stadium in Brussels, ended with a stampede caused by hooligans. It resulted in 39 fatalities and 600 injured, the majority of whom were visiting Italian fans. It took a long time for police investigators to understand that all of this hooligan activity was in fact organized and not random at all. They began segregating opposing teams when entering the stadium and alcohol sales were not allowed. Hooligans drank copiously and over many hours prior to a given soccer game. The problem lingered for years and still does, as witnessed in France in the summer of 2016 where the beautiful city of Marseille’s “Old Port” area was turned into a battlefield. British Police intelligence was able to identify leaders and developed a database of pictures and information updated on a regular basis which they shared with their European colleagues, but to no avail. What happened next was that the disturbances migrated from stadiums to city streets.

Aside from the wave of urban terrorist attacks reported frequently in the news, soccer riots are the second headache for security and law enforcement personnel across the pond. While we may consider ourselves lucky that alcohol is served in our sports venues with seldom any nasty consequences, I am reminded of the riots after Vancouver‘s Stanley Cup games (1994 and 2011) and Montreal’s (2010).

Whether it’s a mass shooting or a terrorist attack, every undesirable event causes

us to ask the same question again and again: could it have been prevented? As I have stated in previous columns, we are constantly reacting to the latest tragedy and attempting to bring controls that we surmise will reduce the likelihood of the next one, yet they keep on happening, even in the most unlikely places. Consider the recent Texas church shooting in a town of 600 people! What can we do? It seems that private security alone cannot deal with these threats on its own.

I don’t have an answer and I don’t see too many who do. Maybe it is time to raise awareness among citizens that they should be more attentive to their surroundings? A risk-free life would require drastic measures involving establishing total dictatorial control over society. This is an unthinkable solution in democracies. What else then? For terrorism, intelligence must be the main focus along with the available legal tools. As with organized crime, infiltration (recall the famous FBI agent Joe Pistone aka Donnie Brasco), disruption and going after the “big fish.”

In the U.S., it meant using the RICO statute to bring down the heads of criminal organizations. In Italy, finances provided the tools to bring down entire networks.

As for mass shootings and the European soccer hooliganism scourge, the solutions are less obvious. They may require vast multidisciplinary involvement from mental health to law enforcement, but clearly prevention seems elusive. Maybe improving response time to reduce the casualty count? We saw that in a recent attack on public transit in the U.K. where first responders were on the scene in record time. The long and short of it all is there is much work to be done.

This is my last column for Canadian Security magazine. I take this opportunity to thank both Neil Sutton and Paul Grossinger for having given me valuable space in their premier publication and allowed me the editorial freedom to explore a few municipal security matters.

Mel Gedruj, OAA, CSPM is the president of V2PM Inc., specialized in municipal security management planning.

By Tim McCreight

NECESSARY NEXT STEPS

Security as a profession is entering into its next stage of evolution

Over the past 10 months, we’ve had a chance to explore the concepts of Enterprise Security Risk Management (ESRM) in this column, and at the annual ASIS Seminar held in Dallas this year. It’s been an interesting journey, and we’ve learned so much, but we’ve also seen how far we have to go.

What this year has shown me is that we’re at the cusp of change in the security industry. From sessions with clients, to discussions with other security professionals and meetings with executives of organizations, I’ve seen a desire for change. Our old ways of “doing security” need to change, but we’ve only just started on this path.

information to all levels of an organization. We are no different — we need to ensure that security professionals at all stages of their career, and in all levels of organizations, receive relevant, timely information regarding ESRM and how their role supports the philosophy of ESRM within their organization.

“Our old ways of ‘doing security’ need to change.”

The focus at ASIS 2017 highlighted a chance to move our industry to a profession, and to begin addressing the overall security posture of our organizations through the philosophy of Enterprise Security Risk Management. We heard from Scott Klososky, one of the keynote speakers, that very soon we will be identified as simply “security,” and the distinctions we have created between the physical and IT realms will disappear.

We’re still in the nascent stages of this change of the security industry, but the changes appear promising. I had the honour of participating in some of these sessions, and the professionals I talked to after each session appreciated the goals of ESRM and how this framework can help an organization achieve its objectives. I heard first hand how professionals in the field thought about this change in our direction, and I really appreciated those comments.

What we need to do now, though, is ensure we have a consistent framework and taxonomy for ESRM. Any successful change requires strong communication, and supporting

As a security professional, you can also learn more about ESRM and how this framework and philosophy can bring value to your organization and help us develop our profession. There are resources available that describe ESRM, what this framework really looks like, and how you can incorporate ESRM into your existing security program. Search “Enterprise Security Risk Management” and “Brian Allen Rachelle Loyear” to find their book on this topic. It’s a great resource, and their new book (due out very soon!) will have even more practical information for security professionals.

ASIS is working on standardizing ESRM training material throughout 2018 for its members, and the ESRM initiative, sponsored by the ASIS Board of Directors, will provide a structured approach to incorporating ESRM into the DNA of ASIS over the next few years. As material becomes available, take the time to review the information and learn more about ESRM.

I’m excited about the changes I’m seeing, about the direction we’re taking as a profession, and within ASIS. I have a vested interest — I sit on the Board of Directors, and I’m involved with the ESRM initiative. But my excitement comes from seeing where we can go down this path, and where we can be in five to 10 years. I see a time where we are accepted as a profession by our executives, and in the eyes of new graduates from post secondary institutions. I envision a time when young professionals choose security as their career path because they can see how they can become a Chief Security Officer or Chief Risk Officer. And that gives me hope.

Tim McCreight is the director of strategic alliances at Hitachi Systems Security (www.hitachi-systems-security.com).

CONFRONTING ACTIVE SHOOTER

Never too far from the headlines recently, the phenomenon has been a catalyst for security response, training and discussion

By Neil Sutton

In the recent months and years, there have been some shocking displays of violence as gunmen kill and injure large numbers of innocent people — often bystanders — for reasons that are sometimes frustratingly unclear.

Motives aside, the death tolls are real and the impacts long-lasting. On June 12, 2016, 49 people were killed in an Orlando nightclub; on Oct. 1 this year, 58 people were killed while attending a county music festival in Las Vegas; and on Nov. 5, 26 people died in a Texas church — an event so fresh it occurred after most of the interviews for this story were conducted.

These incidents all occurred in the U.S., but Canadians are by no means exempt from their impact or from the phenomenon of active shooter itself.

Understanding Perception

Measures for what constitutes an active shooter event are not universally agreed upon. “But if you use the definition of mass shooting, the FBI defines it as four or more casualties,” says Satyamoorthy Kabilan, Director, National Security and Strategic Foresight, for the Conference Board of Canada. The Conference Board conducted a study in 2015 and issued a briefing paper (currently available as a free, downloadable pdf on their website) highlighting some of the major conclusions that can be drawn from active shooter events.

One of the major takeaways from that report is “the psychological toll taken by active shooter incidents extends far beyond the victims and first responders who are directly involved.”

Even incidents that are resolved without any loss of life “will still have significant economic and psychological impacts.”

Kabilan points out that, based on a criteria of four or more casualties, recent events in Canada include the Quebec City mosque shooting of Jan. 29, 2017, when a gunman killed six people and injured 19 others.

Overall, however, there is no discernable upward trend in the number of active shooter incidents in Canada.

“When you look at the overall pattern over the last 20 or 30 years, what you’ll find is, these are little blips. There is no actual trend line to say that it’s increasing in Canada in comparison with the U.S.,” says Kabilan. “When we think about active shooter incidents in Canada, the first thing we need to realize is, we

are very, very different from the U.S. We don’t have any form of sharp trend that says it is rising.”

The Conference Board of Canada’s recent white paper includes major discussion points and recommendations drawn from international active shooter incidents of note and contextualized for Canadians. Despite the recent number of high-profile incidents, particularly in the U.S., Kabilan doesn’t expect those recommendations to really change.

But what might change for Canadians is the perception of active shooter incidents, and this may be the biggest adjustment for security professionals north of the border. “These incidents are splashed all over the media,” says Kabilan, “so of course they come into our consciousness. In terms of

perceptions, although I do not have the evidence, I would suspect that is higher up on people’s minds.”

Brian Claman, Director, National Security & Life Safety Services, GWL Realty Advisors Inc. is aware that the possibility of an active shooter threat is still very remote in Canada, and elsewhere for that matter, but the spectre of such an event can still have enormous consequences for security leaders.

Claman agrees with Kabilan that “the extensive news coverage gets people thinking. If people are scared, that’s enough to cause us to react.”

both sides of the border. Actual active shooter events may be more frequent and deadly in the U.S. than Canada, but again, perception is driving increased interest everywhere.

“The problem maybe rears its ugly head more frequently in the news in the U.S., but I don’t think that the Canadian security professional or Canadian businesses have turned a blind eye to it,” he says.

“We in Canada are not exempt and we have to raise our game.”

— Brian Claman, GWLRA

“Active attacker has been on the radar screen for quite some time now,” he adds. “We notice that the threat environment is evolving at a very rapid pace and we have been paying particular attention to things such as active attacker and trying to learn from the findings from the incidents that have happened in Europe and the U.S.” Claman said he’s heard more questions in the last few years than in previous about active shooter attacks and how they should or would be handled. “We in Canada are not exempt and we have to raise our game.”

That said, he’s cognizant of the fact that there are other potential emergencies that are far more likely to occur than active shooter events, like power failures or situations caused by extreme weather conditions. It becomes a careful balancing act to acknowledge and prepare for the unlikely, dire circumstances that would arise from an active shooter incident — i.e. those types of incidents that might prey on the minds of people — while still ensuring proper preparation for the less scary, yet more likely events.

Training and Preparation

Rob Shuster, vice-president of protective services and training for AFIMAC, works out of a U.S. office and offers active shooter consultation and training on

“I’m getting an increasing number of folks in Canada interested in me doing presentations, public speaking, as well as coming to their facilities to either train or do a vulnerability assessment and a subsequent response plan, or both.”

Similarly, the style of training doesn’t differ significantly between U.S. and Canadian clients, he says. “Frankly, I’ve done the same structure, the same type of program in both the U.S. and Canada. The frequency of the events does not have anything to do with the dynamics when the events happen. The same human dynamics are in play when you have an active shooter incident in Canada as when you have it in the States.”

Actual response plans will change depending on the type of environment, says Shuster: schools with young children will be treated very differently than college campuses, hospitals or manufacturing environments, but all will share common elements such as the involvement of local law enforcement.

At the University of British Columbia (UBC), training and awareness has been part of campus life for years. In 2013, the campus staged a “boots on the ground” active shooter exercise in co-ordination with the Vancouver Police Department and the RCMP. UBC also provides detailed information about active shooter events on its website, including a quiz, FAQ page and eight-minute video. “The likelihood you will ever encounter this type of situation is extremely remote,” states the video’s host, “so why, then, are we asking you to view this video? First,

we think it could benefit you, no matter what risks you may face, because it encourages you to think through various emergency scenarios and ask yourself, what would I do in that situation?’

Danny Smutylo, Manager, Emergency Management at UBC, says the university has increased its focus on emergency training in recent years.

He says the university’s president and executive body were keen to promote awareness and training around active shooter.

Students, staff and faculty are encouraged to use the online training

tools available to them. Smutylo and the school’s emergency management department will also provide in-person training sessions as well, often leading to a discussion. “For the most part, the response has been really good,” he says. What he doesn’t want to do is traumatize people. UBC is a Canadian institution, but its inhabitants and students come from all over the world. As such, their understanding of potential violent attacks may be very different. “That’s one thing that we really try to take to heart when we do the training,” he says. “We try to preface what we do

with some sensitivity.”

The school has engaged in other mass exercises — most recently a simulated vehicle attack and mass casualty drill with more than 200 people participating. “There’s an appetite to better understand these things,” says Smutylo.

The typical reaction to active shooter training is gratitude, says Shuster, and it can actually be a useful tool in overcoming fear.

When he hears that an employer is hesitant to pursue such training,“my response to that is this: Your people are watching the same news reports on

NEW VIEWS OF HIGH-RISE SECURITY

After the shooting in Las Vegas on Oct. 1 this year, when a gunman shot at concertgoers from his room on the 32nd floor of the Mandalay Bay Hotel and Casino, high-rise building security has moved to the forefront of the security industry.

Geoff Craighead, vice-president, Allied Universal, spoke about the current state of high-rise security at a recentToronto lunch event, exploring the impact of the Las Vegas mass shooting, the Grenfell Tower fire and 9/11.

In reference to the Las Vegas shooting — particularly how the gunman was able to bring so many weapons into his room — Craighead highlighted the impact of hotels’ open environments.

No one would think it unusual if a man came into the hotel lobby, pulling a suitcase, and went up the elevator.

“You can do that over a period of time and it’s not going to look abnormal at all,” said Craighead.

While active shooter guidelines are increasingly included in emergency plans, the shooting has also led to public concern about the proximity of outdoor events to a vertical structure, particularly hotels, since most don’t have strict security measures.

While the Marriott Hotel in

Islamabad, following the 2008 bombing, now has a perimeter wall guarding its entrance and x-ray machines and metal detectors at the entrance, such measures depend upon the frequency of incidents and costs.

“There’s only so much that people can bear as regards to adding cost, because obviously if you’re going to involve security personnel implementing these programs and using these devices, it’s extremely costly to society,” Craighead elaborated.

However, Craighead explained how emergency plans and risk management programs have improved high-rise security over the years.

Higher-end condominiums, he added, will often have controlled access to the building and parking garages. He highlighted the importance of training security staff and implementing resident fire life safety programs so people know what to do in emergencies.

After the Grenfell Tower fire in the U.K., resident life safety programs have gained prominence, particularly in highrises. The fire resulted in more than 70 deaths and 70 people injured.

The building had a single stairwell in the centre of the building, which is a U.K. common practice, explained Craighead. But two stairwells should ideally be the minimum, since the

average high-rise building is at least 20,000 square feet.

In Canada and the U.S., most fire codes limit the use of combustible exterior cladding material and require automatic sprinklers and at least two escape routes on every floor. These regulations decrease the chance of a fire spreading while giving people the time to evacuate.

The ability to evacuate potentially thousands of people is not only vital if a fire breaks out, but also in hostile situations such as 9/11.

While the three stairwells in World Trade Center 1 were knocked out upon impact, and two out of three collapsed at World Trade Center 2 15 minutes after impact, a study found that 99 per cent of the occupants that could have evacuated did so.

Craighead said the both towers had very good emergency plans in place and the inclusion of three stairwells — not just two — played a key role.

In the years following 9/11, discussion has focused on the vulnerability of tall buildings to hostile acts, such as bombings and vehicular attacks, improving their design and construction to withstand explosions and the capacity for occupants to evacuate.

— Ellen Cools

television as everyone else is. I would imagine more than one of them have sat back and said, ‘I wonder what would happen if that happened at my office? What should I do?’ … I think it’s the employer’s responsibility to give them answers to those questions by talking about it.”

Run Hide Fight

In terms of the recommended response to an actual event, Run-Hide-Fight is still high on the list.

Shuster says it’s essentially a “conventional wisdom” view of active shooter response, but an effective one. AFIMAC training refers to it as “Get Out-Hide Out-Take Out” but it’s essentially the same methodology and one that “the scenarios have proven to be the most successful way of surviving.”

UBC has adopted “Run Hide Fight,” describing it on the UBC emergency management website as “your best

strategy for responding to an active shooter situation,” and also offers online training that provides advice on everything from evacuation procedures to what to do when law enforcement arrives on the scene. Smutylo says that training module has been in place for about a year and a half.

Claman says that GWLRA revisited its active attacker protocols recently. “We wanted to make sure they were still relevant and properly communicated to all the stakeholders,” he says.

“The same human dynamics are in play when you have an active shooter incident in Canada as when you have it in the States.”

align with Public Safety Canada’s recent campaign and documentation on the subject. A poster, co-branded by Public Safety Canada and the U.S. Department of Homeland Security, and available in both English and French, refers to a strategy of 1. Evacuate; 2. Hide Out; 3. Take Action.

As such, GWLRA has similarly adopted Run-Hide-Fight as a recommended best practice, partly to

— Rob Shuster, AFIMAC

As indicated by Shuster and others, there is no one-size-fits all approach to active shooter preparation and best practices may vary slightly from building to building and situation to situation. But by talking about the issue and offering training, professionals are more likely to equip people with knowledge that could help save lives.

DISASTER RECOVERY A YEAR IN

Reviewing 2017, there were numerous challenges for disaster management specialists and plenty of lessons to apply to future preparation and response

By Dave Demos

Disaster response teams faced huge challenges in 2017 with massive efforts across North America fighting and recovering from wildfires, and preparing for and mitigating hurricane damage. All disaster-management specialists, including first responders, search and rescue crews, security teams and relief workers have had their hands full.

Forest fires devastated both remote areas in British Columbia and residential areas in California. The extreme Atlantic hurricanes hit businesses and homeowners alike, some of whom will require years to recover. Meanwhile, as past floods still haunted regions across this country, 2017’s high-water warnings kept Canadian communities on alert for months.

Following catastrophic events, disaster restoration companies are regularly at the forefront, oftentimes providing resources and support to first responders directly. Through this

last year, FirstOnSite had first-hand perspective from inside disaster zones, both protecting and restoring critical infrastructure. Here are some key observations from the past year.

Hurricanes

Our team members have been involved with hurricane response for more than 20 years in both the U.S., and Canada. On average Canada is impacted by a hurricane at least once a year. When these systems make landfall here in Canada they are usually no longer hurricanes, but can remain powerful storm systems.

While this year’s onslaught of Irma, Harvey and Jose seemed almost unprecedented, one thing that we are finding is that our commercial customers are better prepared than ever. The events themselves are no less devastating, but our customers approach their disaster recovery planning with greater education and preparedness than they did years ago. Those in Texas (especially Houston) and all over Florida have been extremely

busy, and this more sophisticated understanding is especially helpful for both us as a service provider, and for our customers themselves.

A second observation from our perspective has to do with insurance. In terms of hurricane insurance, across North America the landscape has changed, and businesses are seeing higher and higher deductibles, sometimes as high as five to six per cent of property value. Our customers also are having to factor these costs into their recovery planning.

Flooding

The Insurance Bureau of Canada estimates that the industry pays $1.7 billion each year in claims due to water damage. but also consider that the combined losses for the 2013 Calgary and Toronto floods alone were $3 billion. Add to that the fact that 1.8 million Canadians (five per cent of the population) live in elevated risk flood zones. Last spring, rains and rising waters in Quebec affected 286 municipalities

in 15 regions, and saw flooding in more than 5,300 homes and businesses.

We are seeing ever heightened awareness and contribution not only by businesses and relevant service professionals in those regions, but also by a much broader community. For example, in October, scientists and experts from around the world gathered in Montreal for a flood resiliency forum to discuss how to prepare or avoid a repeat of this past spring’s floods.

and as such response providers were able to work within a relatively clear communication channel and plan.

The B.C. fires, on the other hand, took place across many smaller towns and settlements, each experiencing different degrees of fire and smoke damage.

“[Security] can be a driver of business value and a company’s biggest selling point.”

Additionally, the after-effects of flooding can include not only property damage, but mould. Mould can have severe long-term negative health effects on the occupants of a facility. Curiously, mould regulation exists in some regions in the U.S., but not in Canada.

One outcome we are seeing as a result of flooding events is an increased availability of overland flooding insurance for Canadian businesses and homeowners. Also, our customers are seeing loss prevention and additional security measures as increasingly important to address potential looting incidents in the aftermath of an event.

Wildfires

Over a year has passed since the devastating fires that ripped through Fort McMurray, Alberta and as that community returns to normal, B.C. was hit with the largest series of wildfires in provincial history. The B.C. fires displaced 65,000 people, destroyed more than 1.2 million hectares of forest and are having a significant impact on the tourism businesses.

As an early responder at both fire events, we have an opportunity to reflect on how two of Canada’s most impactful natural disasters played out and recognize observations we can learn from.

Significant difference in the events were twofold:

• Ft. McMurray disaster response services focused on the one community

Response services faced a different challenge, responding across a broad geography and varied needs from town to town.

FirstOnSite, for example, set up a staging area in Kamloops and worked on 130 different projects, managed by a variety of different authorities.

• The smoke itself generated by the Ft. McMurray fire was largely made up of urban ash (the result of burning plastics, metals, chemicals etc.), and could potentially have been very hazardous. The smoke produced by the B.C. fires was a result of burning forests. While still causing significant air quality issues, the smoke produced was less toxic. In B.C., our work primarily focused on assisting in air quality management and restoration.

One key evolution we are witnessing at every event is an ever-increasing use of drone technology to help assess damage and plan response requirements early on.

Earthquakes

There is a minor earthquake in B.C.’s Lower Mainland almost every day, and research predicts a one-in-three chance that a massive quake will hit the Pacific Northwest within the next 50 years.

We see that jurisdictions on the west coast are increasing their preparedness for these events. In fact, in October, the B.C. Earthquake Alliance, Insurance Bureau of Canada (IBC) and Science World presented Canada’s largest earthquake preparedness drill for businesses and residents province wide.

Our work is property restoration, and we are required to restore and rebuild “to code.” From this perspective it is interesting to note that The Building Act of 2015 has been modernized in

western Canada to address these risks, but many other areas in Canada have yet to update building codes.

Building and ensuring disaster resilient communities

There is plenty of discussion around disaster resilience. How can we protect, prepare and build communities to be more resilient? Here are some of the strategies we see being employed:

• New building technology with paperless materials, mould resistant materials, and more sustainable materials such as steel-shake roofing are being utilized.

• Wood chips in the garden and flammable shrubbery are some of the first things to ignite in an urban interface wildfire situation. Fire resistant external building materials such as wood-free landscaping are being used. In fact, Fort McMurray is banning flammable exterior building finishes such as vinyl siding and asphalt shingles.

• After decades of low water levels in the Great Lakes Basin many officials and property owners had found less and less relevance for flood maps. In 2017, we saw a historic rise in water levels and a resulting resurrection of many of these maps and related response plans.

How can Canadian businesses be prepared?

If there is one main theme that we are witnessing, it is the increasing importance of planning. In fact, we are also seeing that business continuity and disaster recovery plans are increasingly becoming mandatory. Companies must demonstrate that they have those plans in place and that they’re being updated and tested regularly.

Planning, identifying risks, building in your partners and an annual review is required to ensure the next level of risk management and mitigation. Our customers who undertake planning in a systematic way, and build disaster service requirements into their planning always fare better.

Dave Demos is the CEO of FirstOnSite (www.firstonsite.ca).

THE VALUE OF FAST ACTION

EDarren Yablonski is the National Director of Systems Engineering for Commvault Canada (www.commvault.com)

nterprises are able to collect more data than ever before, but without an efficient way to manage and secure that data across the enterprise, whether it resides on physical and virtual servers, multiple Cloud providers, applications or endpoints, they will never be able to realize the full benefits of a truly datadriven and secure business. Security needs to be built into the data management platform from an end user’s computer to backup storage, regardless of whether it

resides on-premise or in a private, public or hybrid Cloud.

In today’s digital economy, the definition of disaster recovery has expanded to include the Cloud, endpoints and recovery speed, along with the technology businesses need to meet these new challenges. Disasters can include a CEO’s laptop data being held for ransom by a cybercriminal or a failure to find data needed for an eDiscovery motion.

Key disaster recovery capabilities have evolved to include Cloud backup, archive, eDiscovery and search. Businesses need an automated data protection solution that provides a single, complete view of all stored data so they can rapidly recover data whenever they need to resume business — even in the face of a ransomware threat.

A recent Forrester Research report,

“The Forrester Wave: Data Resiliency Solutions, Q3 2017,” identified four key data resiliency tools. These include dev-test teams to ensure accurate test environments, business reporting and analytics teams to process data in real time, legal and compliance teams to protect the business with immediate insights, and security and risk teams to safeguard customers and other stakeholders.

The key to protecting Cloud-based data from a ransomware attack is speed. In the digital economy, enterprises demand 24/7/365 access to the web, mobile and other applications. Any delay in being able to access these applications will not only result in potential immediate financial loss but also damage to an organization’s reputation, which can linger for years.

Smart searching tool

Avigilon

Avigilon Appearance Search technology is now available with Avigilon Control Center (ACC) 6.0. Avigilon Appearance Search is a deep learning artificial intelligence (AI) search engine that sorts through hours of footage, allowing users to quickly locate a specific person of interest across all cameras on an entire site. It intelligently analyzes video data, helping to track a person’s route and identify previous and last-known locations. Avigilon Appearance Search technology is integrated with ACC 6.0 Enterprise edition software, Avigilon cameras with self-learning video analytics and select Network Video Recorders. www.avigilon.com

LPR camera

Digital Watchdog

The MEGApix 4 Megapixel License Plate Recognition (LPR) camera (DWCMB44iALPR) offers a specialty solution for applications looking to capture licence plates on moving vehicles at up to 80 kph (50 mph). The camera is integrated with DW Spectrum IPVMS. These MEGApix IP cameras deliver clear images at 4MP resolution and real-time 30fps performance. The new 4MP IP LPR camera delivers consistent plate capture both day and night with a 6-50mm P-Iris lens and Smart IR up to 60 feet, capturing images from a range of 13 to 100 feet in moving vehicles at up to 80kph. The LPR camera comes in a no fog or condensation under any conditions bullet housing. All MEGApix cameras are ONVIF conformant, assuring their integration with any open platform solution on the market. www.digital-watchdog.com

Video searching and bookmarking

Johnson Controls

exacqVision video management system (v8.6) offers improved video searching and video bookmarking, as well as a host of enhancements that improve the user experience and overall system protection. The latest version of exacqVision allows users to create a case directly from “Live” view, which includes all cameras that are being actively monitored. When the user exports the case, it will contain a chronological collection of clips from different cameras showing the suspect. www.exacq.com

Hard drive for AI-enabled video

Seagate Technology

The SkyHawk AI hard disk drive (HDD) was created specifically for artificial intelligence (AI) enabled video surveillance solutions. SkyHawk AI provides bandwidth and processing power to manage always-on, data-intensive workloads, while simultaneously analyzing and recording footage from multiple HD cameras. SkyHawk AI is suitable for intensive computational workloads that typically accompany AI work streams, as its high throughput and enhanced caching deliver low latency and random read performance to quickly locate and deliver video images and footage analysis. This enables onthe-edge decision making, eliminating the latency of exchanging cloud-based data and processing. Equipped with Seagate ImagePerfect AI firmware, the drive records high quality video footage. www.seagate.com/internal-hard-drives

4K cameras

IndigoVision

With 12MP (4000 x 3000 pixels) each of the new 4K cameras provides ultrahigh definition video imagery. They are available in three form factors: Bullet, Fixed and Minidome. Suitable for a wide range of installations, these three cameras join the existing BX range, which offers features, including HD to 4K resolutions; a variety of form factors and mounts; an extensive temperature range (-40˚C to +60˚C); advanced analytics, including Motion Detection, Hooded, Tripwire and Intrusion; and connectivity with Control Center, IndigoVision’s Security Management Solution, or any other third party system, using ONVIF’s Profile S standard. www.indigovision.com

Outdoor bullet camera LILIN Americas

The MR832 outdoor bullet camera features a 4mm fixed lens with an IP66 environment rating, an operating range of -40° to 122°F, along with 30M IR LED illumination and Day/Night imaging. LILIN MR832 IP cameras feature 2D wide dynamic range, which provides accurate video capture in high-contrast lighting, and use 3D Noise Reduction for maximum clarity in low light conditions. Energy-efficient IR LEDs automatically illuminate scenes in complete darkness for discovering subjects at a range of up to 30 meters. The camera supports ONVIF Profile S and is powered by either PoE or DC12V. www.LILIN.us

Incorporating SALTO’s proven reliability and stability in cloudbased access control, SALTO KS - Keys as a Service - offers a solution that every business is looking for with vastly better functionality and performance than is possible with a traditional solution.

SALTO SYSTEMS INC.

950 Rue Valois, Suite 104

Vaudreuil-Dorion, QC, J7V 8P2

Phone: 514-616-2586

Email: info.canada@saltosystems.com

www.saltosystems.com

SALTO KS provides a flexible access control management system that requires no software installation or the added expense of a fully-wired electronic product. All that is needed is an online device with an Internet connection.

www.saltoks.com

CS - November - December 2017

THE PUBLICATION FOR PROFESSIONAL SECURITY MANAGEMENT

Active shooter awareness

GardaWorld protects your employees and assets in any situation

LTHE UNWITTING ENEMY

CALENDAR

Robots and the future of cyber regulation

Top stories of 2017

Security

Enterprise-level intrusion detection begins with smart technology choices

Security Director of the Year 2017 AWARD GALA

ASIS and CANASA sign MOU

ASIS Toronto award winners

GETTING THE THREAT

Encouraging

SECURITY FOR THE MASSES

NECESSARY NEXT STEPS

CONFRONTING ACTIVE SHOOTER

Training and Preparation

NEW VIEWS OF HIGH-RISE SECURITY

Run Hide Fight

DISASTER RECOVERY A YEAR IN

Hurricanes

Flooding

Wildfires

Earthquakes

THE VALUE OF FAST ACTION

Smart searching tool

Hard drive for AI-enabled video

Seagate Technology

4K cameras

Outdoor bullet camera LILIN Americas