New Zealand Security Magazine - April-May 2023

New Zealand Security Magazine

What, exactly, is the problem with Chinese CCTV cameras?

First recipients of NZSA Saved a Life Medal announced

Going above and beyond to support flood hit communities

www.defsec.net.nz

eCLIQ - Rethink the Key

Schools, museums, leisure centres, and commercial buildings all have the challenge of maintaining multiple security touchpoints. Now, with eCLIQ access management is so much easier.

eCLIQ is uncomplicated and reliable, without compromising on security. Each key is individually programmable, offering; password protection, authentication and audit trails – all with the peace of mind, that access rights can easily be revoked.

With its extensive range of different cylinder types, the eCLIQ system is designed for every kind of use, from the company entrance gate, to securing the alarm systems, lift doors and cabinets.

More durable, more secure and more efficient than conventional locking systems

www.assaabloy.com/nz

TOTAL BUSINESS SOFTWARE FOR THE TRADES.

Manage your business like you mean business with one software for job quoting, scheduling, inventory tracking, invoicing, workflow management and more. Plus, meet the hardest working crew you’ll ever hire - with expert long-term support and coaching to help you build, repair and grow your business. simprogroup.com

START HERE

READY TO GET TO WORK?

NZ S M

New Zealand Security Magazine

Kia ora and welcome to the April-May 2023 issue of New Zealand Security Magazine! In this issue we kick the new financial year off with an eclectic issue extending from cyberattacks to country risk, hotel security to all the recent hooha around Chinese CCTV brands, as well as all the latest industry news.

Firstly, a big thanks also to our wonderful advertisers (both print and online) who have already signed up for 2022. Quality journalism and expert commentary comes at a cost, and our advertisers play an important role by contributing to a vibrant and informed security sector through their sponsorship of the magazine.

Our gratitude for this second issue of NZSM for 2023 extends to our supporters and leading manufacturers and distributors Loktronic, ASSA ABLOY, simPRO, Provision-ISR (SWL), and Vivotek (Clear Digital). We’d also like to recognise our association partners for this issue, the New Zealand Security Association, the New Zealand Institute of Private Investigators, ASIS International, Risk NZ, the Outstanding Security Performance Awards (OSPAs) and the New Zealand Security Sector Network.

Inside this issue, I play devil’s advocate in relation to the demonising of Chinese branded CCTV cameras, picking holes in the hawkish narratives that are pushing our governments to curb their use of hitherto trusted brands. We’re being fed science fiction stories about Beijing backdoors, and it’s become apparent that we’re having difficulty sorting fact from fiction.

Times are tough, and inflation and interest rate hikes are making many of us more indebted than before. An article by three Auckland University of Technology academics explores the consequences of increasing indebtedness and how open conversations can help ease the practical and psychological burden of debt.

Also in this issue of NZSM we have the pleasure of reporting on the inaugural round of NZSA Saved a Life Medal recipients. A big congratulations to recipients Leitualamavae Vaa and Shelley Herbert of Armourguard Security and Lily Wilson of Alpha Protection Services, and to highly commended awardee Mike Fairbrother of Alarm Solutions.

Nick has written for NZSM since 2013. He writes on all things security, but is particularly fascinated with the fault lines between security and privacy, and between individual, enterprise and national security.

Prior to NZSM he clocked up over 20 years experience in various border security and military roles.

Disclaimer:

The information contained in this publication is given in good faith and has been derived from sources believed to be reliable and accurate. However, neither the publishers nor any person involved in the preparation of this publication accept any form of liability whatsoever for its contents including advertisements, editorials, opinions, advice or information or for any consequences from its use.

Copyright:

No article or part thereof may be reproduced without prior consent of the publisher.

According to a report by the Evidence Based Policing Centre, a recent evaluation of New Zealand Police’s Tactical Response Model fails to identify evidence that the just-launched Tactical Response Model will make communities safer despite the fact that safer communities are listed as one of TRM’s three intended outcomes. I explore this re-imagining of the ill-fated Armed Response Team concept.

All this, plus the latest industry and product news. Also, if you haven’t already, consider subscribing to our twice-weekly eNewsletter THE BRIEF. It’s a great way to keep up-to-date with the latest. Details on the Defsec website. Lastly, from the team here at NZSM all the best to the 2023 NZ OSPAs finalists, and we look forward to seeing you at the OSPAs and ASIS NZ Chapter Certification Dinner on 14 April!

DEFSEC

Contact Details:

Chief Editor, Nick Dynon

Phone: + 64 (0) 223 663 691

Email: nick@defsec.net.nz

Publisher, Craig Flint

Phone: + 64 (0)274 597 621

Email: craig@defsec.net.nz

Postal and delivery address: 27 West Crescent, Te Puru 3575, Thames, RD5, New Zealand

Upcoming Issue

June / July 23 Wholesalers and Manufacturers, Perimeter Protection, Alarms, CCTV

facebook.com/defsecmedia

twitter.com/DefsecNZ

linkedin.com/company/ defsec-media-limited

LEADING A REVOLUTION IN CCTV CYBER SECURITY

In a world where cyber threats are constantly evolving, you no longer need to compromise on the cyber security of your CCTV.

Provision-ISR and Check Point are leading a revolution in the CCTV industry with high-end CCTV systems featuring true embedded cyber security.

Discover more:

Simple & Secure IP Surveillance for Any Organisation

Greater Connectivity Leads To Greater Risk

IP Protocol is the most common for communication between computer networks and the Internet. Therefore, it is ideal for streaming high-quality video through networking infrastructures. IP surveillance technology offers a connected surveillance solution that does not compromise reliability or picture quality. However, any connected IoT device is extremely vulnerable to targeted attacks that can disrupt services and operations where the end goal is to yield financial gains (e.g. ransomware, crypto mining) or gain a foothold into sensitive networks.

A Secure IP Surveillance Solution

Check Point and Provision ISR are partnering to provide the industry’s most secure IP surveillance solution.

SOLUTION BENEFITS

• View and monitor physical assets: IP connected Closed Circuit Television (CCTV) enables organizations to view and protect their critical physical assets.

• Deploy CCTV with confidence: Tech savvy organizations who wish to close every security gap, can securely deploy CCTV with confidence.

• View and monitor cyber connected CCTV events: Rapidly investigate incidents and seamlessly trigger mitigation policies for CCTV devices.

• Hassle-free, secure CCTV deployment: ideal for any customer use case, from the largest enterprise to consumer applications.

Provision-ISR specialises in leading-edge CCTV solutions. Their wide range of products includes highquality IP and HD cameras, sophisticated recording machines and a complete set of reliable accessories specifically designed for the CCTV market. In addition, Provision-ISR engineers have unparalleled expertise in developing leading-edge software solutions, while keeping the user interface intuitive and straightforward.

Check Point Quantum IoT Protect Firmware provides embedded device manufacturers, such as Provision- ISR, with a complete end-to-end solution for all their firmware security needs. From uncovering firmware security risks, to hardening their device with runtime protection, to managing their devices with granular policies, IoT makers gain the visibility, security and controls they need to offer customers highly secure connected products.

SECURITY FEATURES

• Security that doesn’t impact CCTV operations: Runtime protection, that blocks even zero-day threats with no impact on device performance.

• Fend off the most sophisticated IoT device attacks: including shell injections, memory corruption, and control flow hijacking.

• Prevent malware campaigns: including ransomware, bot infections (Mirai), crypto mining and lateral movement as part of a larger more sophisticated nation-state attack. connector in JSON format for more insights.

With embedded security in CCTV devices, ProvisionISR stands apart from other similar CCTV offerings. This builds user confidence in an ever evolving and dangerous cyber physical world.

Check Point IoT Protect Nano Agent

Embedded Runtime Protection for IP Cameras

Revolutionary Check Point IoT Protect™ with Nano Agent® provides IP connected CCTV with runtime protection, enabling connected devices with built-in firmware security. Based on cutting edge control flow integrity (CFI) technology, the lightweight Check Point IoT Protect™ with Nano Agent® allows you to fend off the most sophisticated device attacks, including shell injections, memory corruption, control flow hijacking and even zero-day firmware vulnerabilities that have yet to be discovered. These attacks are associated with some notorious exploits such as EternalBlue, Heartbleed, Shellshock, Bluebourne, Ghost, Venom, and ImageTragick.

Summary

The Check Point Provision-ISR secure CTTV solution is for everyone, from consumers to large enterprises. Consumers will like the solution because they get secure, hassle-free video surveillance right out of the box. For larger enterprises who need even more protection and want to manage their CCTV security, the solution offers a holistic cyber security solution that spans all the way from the cloud to the IP camera, NVR (Network Video Recorder) and VMS (Video Management System).

With the Provision-ISR and Check Point secure IP surveillance solution, customers can now extend their enterprise security to include CCTV devices. Check Point products provide end-to-end security from the enterprise to the cloud, to mobile workers’ personal devices. Organisations frequently implement multiple cyber security solutions in pursuit of better protections. As a result, they are frequently left with a patchwork security architecture that results in a high TCO. By adopting a consolidated security approach, businesses realize preemptive protection against advanced fifth-generation attacks, while achieving a 50% increase in operational efficiency and 20% reduction in security costs.

Manage entire infrastructures from our distributed, cloud-managed, security framework for protecting a large, diverse set of networks of cloud, network, endpoint, mobile and IoT devices. Security is delivered to the edge in an assetcentric approach that maps an inventory of Nano Agent protected CCTV devices and their attributes, and applies specific security practices such as compliance, access control and threat prevention.

About Check Point

Check Point Software Technologies Ltd. (www.checkpoint. com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks.

Check Point offers a multilevel security architecture that defends enterprises’ cloud, network and mobile device held information, plus the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.

About Provision-ISR

PROVISION-ISR is an Israeli multinational company founded in 2007 to meet the demand for high quality products in the medium segment of the CCTV market. Since this foundation, Israel has come to excel in the homeland security arena: many Israeli security manufacturers hail from a variety of specialties including emergency management, cyber-security, intelligence, critical infrastructure protection, smart cities and, in case of Provision-ISR, leading-edge CCTV solutions. Today Provision-ISR serves more than 40 countries all over the world with branches and official exclusive distributors, who are working as partners to promote the brand in their countries.

Exclusive to Security Wholesale Ltd | Auckland | Wellington | Christchurch | www.swl.co.nz

Seeing Red: What, exactly, is the problem with Chinese CCTV cameras?

In a rush of hysteria and moral panic, Five Eyes governments are ripping out Chinese branded cameras. Five years ago, they couldn’t install them fast enough. What’s changed, asks chief editor Nicholas Dynon.

The realities of a changing geopolitical landscape have recently hit New Zealand’s security industry with all the force of a ram-raiding Mazda Demio. As great power rivalry between US superpower incumbency and an ascendant China becomes a growing source of international insecurity, Five-Eyes governments are curbing their use of Chinese-branded CCTV cameras citing national security concerns.

Australia’s Department of Defence and Department of Foreign Affairs and Trade are ripping out Hikvision and Dahua CCTV cameras over spyware fears after an audit found more than 900 of them at government sites.

This follows earlier bans on Chinesebranded cameras by Australia’s AUKUS partners the US and UK.

Last year, the US government banned the import of Hikvision and Dahua cameras through its borders, having already for several years prohibited their purchase by government agencies. Several months ago, the UK government also banned its departments from purchasing new Chinese-made cameras but left open the question of what to do with existing installs.

As for the remainder of the Five Eyes grouping, Canada has not yet banned cameras of Chinese manufacture despite heavy lobbying from pro-ban interests, including the US-based IPVM, an influential security tech news portal and selfstyled “world’s leading authority on physical security technology”.

Radio NZ reported last month that our own government’s main procurement unit said it had “not taken any decisions regarding specific companies”, leaving individual agencies responsible for vetting products and suppliers on security grounds.

In other parts of the Western world, Chinese branded cameras have been the subject of intense debate. In 2021 the EU Parliament voted to remove its Hikvision thermal cameras due to concerns over human rights abuses in China against the Uyghur ethnic minority, and in 2022 the Danish Capital Region banned Hikvision purchases over security concerns.

Outside of the Five Eyes and the EU, apart from an Indian government ban of Hikvision cameras from military and high-security areas, most of the rest of the world have not joined the prohibition push.

This has all been occuring within the context of the broader deterioration in relations between Xi Jinping’s China and the US. China is now viewed as a strategic competitor of the US and its allies, a rising and increasingly aggressive power, a threat to the rulesbased international order, a potential adversary.

As a consequence, US supply chains in ‘strategic’ goods and services are decoupling from China. “Ecosystems involving semiconductors, AI, supercomputing, biotech, and quantum science, among others, will continue to decouple as Washington and

Beijing engage in techno-nationalist competition and hybrid warfare,” wrote academic Alex Capri in a recent Forbes article.

The result, writes Capri, is a “bifurcation of the global tech sector” as both camps look to channel their strategic supply chains towards domestic production and ‘friendshoring’.

As trade in strategic goods becomes balkanised and we edge seemingly closer to a new Cold War, we are confronted with the inevitable shrill of hawkish political and media commentary on both sides. Tabloids talk of “Chinese spy cameras”, “Beijing’s bird’s eye”; the aforementioned IPVM posts that it is proud to impose upon itself a “not made in PRC China” policy.

The poor quality of media commentary has created no shortage of questions and confusion within the New Zealand CCTV market –for manufacturers to distributors, integrators, and end users alike. Can Chinese cameras be controlled by the Chinese government? Are they really able to “phone home”? Are they more cyber vulnerable than other camera brands? Are they complicit in human rights abuses in China?

Before offering perspectives on these questions, it would be prudent to clarify NZSM’s – and my own –position in terms of our objectivity. NZSM’s revenue is generated through advertising, and it is usually the case

that Chinese brands advertise in the magazine. We are grateful for their business, but we are not financially dependent on it, and nor are we editorially beholden to it.

As for my position, I trained as a sinologist at university, and lived in the cities of Shanghai and Beijing for a total of five years, most of which as an Australian diplomat. As an academic, my research on the Chinese state’s systems of internal propaganda and social control has been published in several international peer-reviewed journals, which in more sober times might be considered a fair indicator of objectivity.

Our claims to objectivity, however, are unlikely to fly with the likes of IPVM’s founder and publisher John Honovich, who, according to a fawning September 2022 feature in The Atlantic, holds trade publications in low regard. We have been “bought”, he believes, “by advertisers who hold sway over reviews and content.”

Cybersecurity

Hikvision has been infamously linked in recent years to several cyber vulnerabilities. Perhaps the most infamous of all, found by security researcher ‘Monte Crypto’ in 2017, is the ‘backdoor’ exploit that made it possible for a remote attacker to gain full admin access to an affected device.

Almost as infamous is the vulnerability found by ‘Watchfull_IP’ in 2021 and listed as CVE-2021-36260

in the Common Vulnerabilities and Exposures (CVE) database. It could allow an unauthenticated attacker to gain full access to a device and potentially perform lateral movement into internal networks.

It’s vulnerabilities such as these – combined with Hikvision’s part ownership by the Chinese government – that have fuelled claims that its cameras can be remotely controlled by authorities in Beijing or, in tabloid parlance, “phone home”.

In the meantime, firmware updates have been released, vulnerabilities resolved, and to date, writes SEN’s John Adams, “no Chinese-made video surveillance camera in Australia (or anywhere else in the world) has been found transmitting video streams to the Chinese Government.”

“It goes without saying that no pro-grade network intrusion detection system could fail to alert network engineers to the transmission of big band video signals from secure network ports to an external network location,” Adams states, rubbishing the pseudoscience behind the ‘phone home’ claim. “It would generate an immediate alert, remedial action and public condemnation.”

Vlado Damjanovski, one of the world’s foremost experts and authorities on CCTV, and author of the Australian Security Industry Association (ASIAL) published From Light to Intelligent Pixels, puts it plainly. Just because a camera happens to be of Chinese manufacture, he says, “it doesn’t automatically mean the Chinese can get into it.”

“The same could be feared for any other network product connected to the internet,” he continues. “MS Windows for example. Despite being US made, it can be interrogated by any spy agency if you don’t have policies in place. Would you ban Windows then?”

Despite tabloid news reports crying “Chinese backdoor”, and well-meaning (albeit hawkish) think tank publications doing the same with bigger words, there remains no evidence that Chinese-made CCTV cameras are technically any more vulnerable to intrusion by the Chinese state than any other camera.

The irony around some governments banning Hikvision from their premises is that government agencies are most unlikely to be hosting their CCTV cameras on networks that are open to the internet. They just don’t do that. Cameras not connected to the internet are immune – by virtue of their separation from the internet – to internet-borne exploits.

But perhaps the greatest irony of all is that Hikvision’s critical vulnerability track record is actually pretty good. In the aforementioned CVE database, which catalogues publicly disclosed cybersecurity vulnerabilities, many big-name non-Chinese security system manufacturers possess comparatively longer lists of vulnerabilities. Despite this, their cameras, video management systems and access control systems are keeping government sites secure from Wellington to Washington.

Perhaps that would be the greatest irony if it was’t for the fact that the maintenance of the CVE database is funded by the National Cyber Security Division of the US Department of Homeland Security, and that Hikvision is a CVE Numbering Authority (CNA) – which means that it is one of a limited number of CERTS, bug bounty providers,

researchers and vendors authorised by the CVE Program to publish CVE Records.

So, on the one hand, the US Federal Communications Commission (FCC) has banned the sale of Hikvision equipment due to it posing “unacceptable risks to national security”, yet on the other hand, the US Department of Homeland Security considers Hikvision a trusted cyber security partner.

It’s no wonder that the likes of Adams, Damjanovski, and other internationally respected security systems specialists have publicly rubbished the latest Australian government removal of Chinese-made cameras on “spyware fears”. In the rush to decouple from Chinese security tech, it’s become an area of policy in which politics, they fear, has overtaken logic.

Human rights

Apart from cybersecurity concerns, the most used justification for Western governments ghosting Chinese camera brands is human rights.

According to the MIT Technology Review, Hikvision was found to have received at least $275 million in Chinese government contracts to build

surveillance in the Xinjiang Uyghur autonomous region in China’s west, and that it had developed AI cameras capable of detecting Uyghur physical features.

In 2022, the US Treasury reportedly considered adding Hikvision to the Specially Designated Nationals (SDN) List due to its alleged role in enabling human rights violations against the Uyghurs. This unprecedented move would have outlawed the use of Hikvision by anyone anywhere, effectively confining the company to China’s domestic market.

The Carnegie Endowment for International Peace describes placement on the SDN list as “the harshest financial penalty in Washington’s tool kit, often used against terrorists, drug lords, and the worst human rights abusers.” It would, states the Washington-based think tank, “grievously (perhaps fatally) wound the company, depending on how sanctions are implemented,” and represent a major escalation in economic tensions between the US and China.

The US government is yet to push the SDN button on Hikvision – or any other Chinese tech company –

although Hikvision and many of its compatriots remain on lesser sanctions lists.

In March last year, New Zealand foreign minister Nanaia Mahuta released a statement voicing “grave concerns about the growing number of credible reports of severe human rights abuses against ethnic Uyghurs and other Muslim minorities in Xinjiang”. But in May, the New Zealand Parliament retreated from debating a motion that would have labelled human rights violations against the Uyghurs as acts of genocide.

This put Wellington out of step with the US government and UK parliament, which have both branded Beijing’s actions in Xinjiang as genocide, and the EU parliament, which has referred to Beijing’s actions as a “serious risk of genocide”.

However, in August, the Ministry of Business, Innovation and Employment (MBIE) announced that it would no longer accept Hikvision equipment. “MBIE takes matters of human rights very seriously,” stated its workplace general manger Adrian Regnault, “and under Rule 44 of the Government Procurement Rules, will exclude any suppliers that may be in violation of these rights.”

By citing the Government Procurement Rules, MBIE has effectively placed procurement teams across government agencies on notice.

It’s a prickly issue. There appears to be consensus among Western governments that Beijing has perpetrated significant human rights violations against its ethnically Uyghur citizens. On the flipside, Beijing points to its long-running struggle against what it calls the ‘three evils’ (terrorism, separatism, and religious extremism) to justify the range of actions it has taken to thwart the influence of Islamist and East Turkestan independence groups. Interestingly, allegations over human rights abuses in Xinjiang have been levelled at Beijing by human rights and Uyghur lobby groups for several decades, but it’s only in the last few years that Western governments have started listening… and acting on it.

Rewind 20 years to the aftermath of 9/11 and the early days of the Global War on Terrorism (GWOT) and Beijing had by 2002 successfully lobbied Washington – and then the UN – to have the secessionist Uyghur East Turkestan Islamic Movement (ETIM) listed as terrorist group. This was supported by claims by the US Embassy in Beijing that there was evidence the barely known ETIM was working with al Qaeda and planning a terrorist strike against the US Embassy in Kyrgyzstan.

Washington’s and Beijing’s security interests at that historical moment aligned. Henceforth, the crushing of restive elements within its own Uyghur population effectively became China’s keystone contribution to the US-led GWOT.

Fast-forward to November 2020, and the world had changed. Against the backdrop of a deteriorating US-China relationship, the Trump administration removed ETIM from its terrorist organisations list. Within the space of two decades, Washington’s rampant post-9/11 Islamophobia had been replaced by an emergent Sinophobia.

From GWOT partner to strategic competitor, one can’t help but ponder the possibility that the US’ view of

China’s treatment of the Uyghurs may be tied – at least in some measure – to Washington’s prevailing strategic view of China.

Along with the shifting geopolitical sands, political and media focus has clearly shifted to Hikvision’s role as a provider of surveillance technology complicit in the mistreatment of China’s Uyghurs. Unsurprisingly, it’s an accusation that Hikvision denies.

Commissioned by Hikvision in 2019 to investigate its Xinjiang human rights compliance, former US Ambassador-at-Large for War Crimes Issues Pierre-Richard Prosper found that Hikvision had not entered into projects in Xinjiang with the intent to knowingly engage in human rights abuses, or that it had knowingly or intentionally committed human rights abuses or acted in wilful disregard. So far, Western governments aren’t placing much weight on the former ambassador’s report.

With the spotlight pointed at Hikvision with such precision, it would appear prudent to ask: are Hikvision and its compatriot CCTV brands being disproportionately targeted?

Video surveillance – by its very nature – constitutes a range of technologies that are potentially vulnerable to being deployed in ways that may breach individuals’ rights. Are Chinese brands uniquely vulnerable in this regard? What are the potential associations of video surveillance vendors internationally with public surveillance programs known to have enabled human rights abuses?

A quick, non-exhaustive, google search provides some indication that Chinese brands are by no means the only brands alleged to have enabled human rights abuses:

• In 2014, the Business & Human Rights Resource Centre reported that Sony had provided the Israeli government with cameras that were mounted on missiles that were being fired into the Gaza Strip. At that time, at least 1,942 Palestinians, including 470 children, had been killed and nearly 10,000 injured in the offensive.

• In 2016, a report by Londonbased NGO Bahrain Watch found that Pelco was part of a consortium providing the Bahrain Interior Ministry with enhanced surveillance equipment that could be used to target pro-democracy campaigners.

• In 2019, it was reported by The Intercept that an IBM video surveillance project Davao City in the Philippines enabled police to carry out a campaign involving hundreds of extrajudicial killings a decade previously.

• In 2020, Axis Communications has come under criticism from human rights group Amnesty International for the alleged use of its CCTV technologies in large scale policeled surveillance projects in Chinese cities.

• In 2022, following reports of CCTV cameras being used by Iranian authorities to help identify women not adhering to the country’s mandatory hijab rule, Iran Wire reported that Axis CCTV cameras were being supplied to the Iranian government by a local distributor and “official representative”.

• In January, Reuters reported rights experts as saying that that a Honeywell smart city surveillance system in Egypt’s New Administrative Capital posed a

potential threat to basic rights amid a broader crackdown on dissent and free speech.

But reports of the type listed above don’t appear to find audiences too far beyond the memberships of rights groups. Unlike reports targeting the Chinese brands, they’re not tabloid fare, and they certainly don’t make for non-paywalled IPVM exposés.

With this article, I have not attempted to provide a comprehensive analysis of the issue of Chinese security tech and its discontents. Neither have I attempted to provide a view that is necessarily balanced. What I have attempted to do is play devil’s advocate, to call into question the narratives that have so far dominated discourse on this issue.

To this end, it appears to me that politics has indeed overtaken public discourse on Chinese branded video surveillance systems, and I fear that this does a potential disservice to us all.

In pursuing a decoupling from China and promoting the balkanisation of international CCTV supply chains, our governments not only cause the markets we are left with to become less efficient, more vulnerable to disruption, and more expensive, but ultimately, they hitch us to a bandwagon that edges us closer and lemming-like to a new and dangerous Cold War.

Power supply cabinets

• Mounts for our 5 most popular models of power supplies; 6 key-hole anchor points for easier mounting

• Lift off hinged doors for added convenience

• Louvre ventilation on doors

• Roller ball reed switch provides anti-tamper to front and rear of cabinet • 6 x 25mm knockouts, 2 each sides and bottom

• Medium cabinet holds 5 x 7 A/h batteries

• Large cabinet holds 14 x 7 A/h batteries

• Cam lock for security

• Front lip to retain batteries and for additional strength

• Removable shelf and removable back plate to facilitate easy bench mounting of equipment

• Lip return on door for greater rigidity

• Durable powder coated white finish

• Heavy gauge 1.2mm steel

Designed, tested and produced in New Zealand.

Loktronic for gate locks

For

key switches

Two functions are available

Momentary or maintained contact (specify when ordering)

Switch rated at 6A @ 28 VDC Supplied random keyed Re-key or master key at any locksmith Front or rear fixing

Applications

Access control, air-conditioning, lifts, lighting etc New options with this versatile product Key switch supplied loose Mounting bracket

Loktronic for power supplies

With 30 models in stock, make

Fortinet annual skills gap report: increase in breaches due to lack of cybersecurity skills

New Fortinet research reveals escalating cyber risks due to the ongoing talent shortage, while the number of organisations experiencing five or more breaches jumped by 53 percent.

Fortinet has released its 2023 Global Cybersecurity Skills Gap Report, which reveals ongoing challenges related to the cybersecurity skills shortage affecting organisations worldwide. Key findings from the global report include:

• The cybersecurity skills shortage has contributed to critical IT positions not being filled, which increases organisations’ cyber risks, such as breaches.

• Cybersecurity remains a priority for boards of directors and there is executive demand for increased IT security headcount.

• Technology-focused certifications are highly regarded by employers, serving as validation of skill sets.

• Organisations recognise the advantage of recruiting and retaining diverse talent to help address the skills shortage, but doing so has presented a challenge.

“The cybersecurity talent shortage is one of the top challenges putting organisations at risk, as clearly demonstrated by the results of the latest Global Cybersecurity Skills Gap Report,” said John Maddison, executive vice president of products and chief marketing officer at Fortinet. “In today’s climate, organisations must choose products that introduce automation to offload overworked

teams while continuing to focus on upskilling and cybersecurity training.”

The costly reality of the increasing cybersecurity skills gap

An estimated 3.4 million professionals are needed to fill the global cybersecurity workforce gap. At the same time, the 2023 Global Cybersecurity Skills Gap Report found that the number of organisations experiencing five or more breaches jumped by 53 percent from 2021 to 2022.

One repercussion of this is that many short-staffed cybersecurity teams

are burdened and strained as they try to keep up with thousands of daily threat alerts and attempt to manage disparate solutions to properly protect their organisation’s devices and data.

Additionally, as a result of unfilled IT positions due to the cyber skills shortage, the report also found that 68 percent of organisations indicate they face additional cyber risks. Other findings highlighting increased cyber risks that could be partially attributed to the talent shortage include:

• Security intrusions are increasing. One resulting cyber risk is increased breaches, with 84 percent of

organisations experiencing one or more cybersecurity intrusions in the past 12 months, up from 80 percent from last year.

• More organisations were impacted financially due to breaches. Nearly 50 percent of organisations suffered breaches in the past 12 months that cost more than US$1 million to remediate, which is up from 38 percent of organisations compared to last year’s report.

• Cyberattacks will continue to increase. At the same time, 65 percent of organisations expect the number of cyberattacks to increase over the next 12 months, further compounding the need to fill crucial cyber positions to help strengthen organisations’ security postures.

• The skills gap is a top concern for boards of directors. The report demonstrated that more than 90 percent of boards (93 percent) are asking how the organisation is protecting against cyberattacks. At the same time, 83 percent of boards are advocating for hiring more IT security staff, emphasising the demand for security talent.

Upskilling security professionals and developing more talent with training

The report also suggested that employers recognise how training

and certifications can benefit their organisation in addressing the skills gap, while also serving as an advantage for anyone looking to advance in their current security profession, as well as for individuals considering transitioning into the field. Additional highlights from the report around training include:

• Certifications are sought after by employers. Beyond experience, employers view certifications and training as reliable validation of an individual’s skill set with 90 percent of business leaders preferring to hire individuals with technology-focused certifications, up from 81 percent the year before. Additionally, 90 percent of respondents would pay for an employee to get a cybersecurity certification.

• Certifications benefit both organisations and individuals. More than 80 percent of report respondents (82 percent) indicated their organisation would benefit from cybersecurity certifications and 95 percent of business leaders have experienced positive results from either their team or themselves being certified.

• Not enough professionals are certified. While certifications are highly regarded, more than 70 percent of respondents said

it is difficult to find people with certifications.

Increasing opportunities for women, veterans and others can help solve the skills gap

While the report demonstrated that organisations are seeking ways to tap into new talent pools to fill cybersecurity roles, with eight out of ten organisations having diversity goals as part of their hiring practices, roughly 40 percent of organisations indicate they have difficulty finding qualified candidates who are women, military veterans, or from minority backgrounds.

The report suggested that there was a decrease in veterans being hired compared to last year, with the number of organisations indicating they hired military veterans dropping from 53 percent in 2021 to 47 percent in 2022.

At the same time, the report shows there was only a one per cent increase year-over-year in organisations hiring women (88 percent in 2021 and 89 percent in 2022) and minorities (67 percent in 2021 and 68 percent in 2022).

The Fortinet skills gap survey was conducted among more than 1,800 IT and/or cybersecurity decision-makers from 29 different locations. Survey respondents came from a range of industries, including technology (21 percent), manufacturing (16 percent), and financial services (13 percent).

Farmgate pledges free solarpowered security cameras for cyclone victims

Farmgate is donating free security cameras to victims of Cyclone Gabrielle in the Hawkes Bay region who have been feeling unsafe in their own homes.

The Waikato-based company’s Director Andrew Sing says the recent natural disaster events that have wrought devastation on the North Island provide an opportunity for his business to do the right thing and help some fellow Kiwis by donating free security cameras.

Partnering with Vero Insurance, Farmgate pledged twenty 4G solarpowered cameras to vulnerable rural properties in the Hawkes Bay region plus a high-tech road side license plate camera connected to the Police stolen vehicle database to a total value of $60,000.

“By providing some tools for increased visibility on those unseen or hard to see places around the home or business we hope it will help provide some peace of mind for rural property owners dealing with the aftermath of the devastation and loss,” Mr Sing said.

On 27 February, over 200 Hawkes Bay locals attended a community meeting with officials to voice their frustrations over excessive looting and crime. According to Radio New Zealand the overall message from the evening was articulated by the meeting organiser, Louise Parsons of Whirinaki; “we are all feeling unsafe.”

“Watching the events unfold following Cyclone Gabrielle has been quite unsettling for me and the

team and our hearts go out to those affected,” Mr Sing stated. “We felt a strong pull to do something on hearing stories of those in isolated Hawkes Bay communities feeling unsafe on their own properties be it day or night. It was then we knew we had to do something.”

The cameras on offer work anywhere with 4G reception and communicate directly with one’s phone to provide real time updates on any security needs around property and entrances.

“The license plate camera system to be supplied provides an essential extra layer of security for any isolated rural

community” said Mr Sing “as anyone in the community connected with the Farmgate APP will be notified of when a stolen vehicles arrives in the area”. Farmgate estimates that up to 60% of rural crime happens in a stolen vehicle.

“We hope the cameras will help provide some peace of mind for property owners dealing with the aftermath of the devastation and loss,” he said.

Farmgate supports authorities in their efforts to reduce crime and partners with communities to provide strong theft deterrents. They will be offering ongoing support where they can to the recipients of the cameras.

Safety and Security Risk Management be combined?

By combining health and safety risk management and security risk management at the business level, organisations can improve their overall performance and ensure the well-being of individuals, writes ICARAS Security Consultants.

Combining Health and Safety Risk Management and Security Risk Management

One major synergy between health and safety risk management and security risk management is the identification and assessment of risks. Both types of risk management involve identifying potential hazards (or threats) and evaluating their likelihood and impact. By combining these efforts, organisations can more effectively identify and assess risks that may have both health and safety and security implications.

For example, a fire in a building can have both health and safety implications for employees and security implications for the organisation’s assets. By combining the efforts of the health and safety and security teams, the organisation can ensure mitigations against the risk of fire address both the health and safety of employees and the security of assets.

Another synergy between health and safety risk management and security risk management is the development of response plans. Both types of risk management require organisations to have plans in place for responding to incidents. By integrating health and safety and security response plans, organisations can ensure that they are prepared to respond to a wide range of incidents, including those that may have both health and safety and security consequences.

For example, incident management coordination and communications after a natural disaster or significant security incident share many

similarities. By integrating the health and safety and security emergency management plans, the organisation can ensure that it is prepared to protect the safety of its staff during both health and safety and security related incidents.

Implementing Synergies

To implement these synergies at the business level, organisations can take several steps. First, they can establish a cross-functional team that includes representatives from the health and safety and security teams. This team can be responsible for identifying and assessing risks, developing response plans, and coordinating efforts to manage risks.

Second, organisations can integrate their health and safety and security management systems. This can involve developing a single system that addresses both health and safety and security risks or integrating existing systems to ensure that they are aligned and can share information.

Third, organisations can promote communication and collaboration between the health and safety and security teams. This can involve regular meetings, training, and exercises to

ensure that the teams are aware of each other’s roles and responsibilities and can work together effectively.

Conclusion

Health and safety risk management and security risk management have several synergies that can be leveraged to improve overall risk management. These include the identification and assessment of risks, the development of response plans, and the overall coordination of efforts to manage risks. By combining these efforts at the business level, organisations can improve their overall performance and ensure the well-being of individuals.

Through the establishment of crossfunctional teams, integration of management systems and promoting communication and collaboration, organisations can effectively combine health and safety risk management and security risk management.

Overall, combining health and safety risk management and security risk management can lead to more effective and efficient risk management, better overall organisational performance and a safer and secure environment for employees and assets.

2023 New Zealand Country Risk Report released by Global Risk Consulting Group

Risk consultancy Global Risk Consulting (GRC) Group has released its 2023 New Zealand Country Risk Report, an all-hazards analysis charting a challenging past year and uncertainties ahead.

Auckland-based GRC Group has released its inaugural country risk report for New Zealand, and according to Managing Director Chris Kumeroa, it marks the first edition of what will be an annual publication.

“We’re excited to announce today’s release of the 2023 Global Risk Consulting (GRC) Group New Zealand Country Risk Report,” he said at the report’s launch. “This new report presents GRC Group’s thinking around what’s driving risks to New Zealanders and what hazard-scape our nation can expect to be exposed to.”

The report can be purchased online, and also available online is a free-ofcharge excerpt of the first nine pages of the report, which covers its table of contents, foreword, and methodology sections.

The methodology section itself makes for engaging reading, featuring vignettes that illustrate GRC’s foresight analysis on the potential threat posed by foreign interference in 2025, and what climate change might look like in 2035.

“One of the elements of our methodology that we found to be particularly powerful is our unique Hazard Layer Model (HLM), which provides a framework through which we can see how often distant

macro sources of risk, such as climate change, geostrategic competition, and COVID-19, can manifest harmfully across our communities,” said Kumeroa.

Following an overview of New Zealand’s economic, demographic, defence and political situation, the report progresses to an analytical deep-dive across seven hazard categories, including natural disasters, transnational organised crime, COVID and biological threats, foreign interference, infrastructure failure, cyber threats, and terrorism and extremism.

“To our knowledge, this 52-page report is the most comprehensive New Zealand risk report on the market,” commented the report’s lead analyst Jackson Calder.

“Heading into the uncertain waters of 2023, the report provides insights into the cascading effects of natural disasters on our communities and our infrastructure, the groundlevel impacts of foreign interference in politics, the economy, and the disinformation space, the tactics and impacts of transnational organised crime groups, our vulnerability to biological threats, and more,” he said.

Futures visualised

“It has become almost cliché to mention the ‘uncertain times’ in which we are living,” stated Kumeroa. “Commentators and policy makers

have become accustomed to talking about our current risk landscape as being ‘unprecedented’, ‘unchartered’ and characterised by ‘black swans’, ‘extreme events’, and ‘wicked problems’. And while there is an almost unanimous perception that we face greater risks that what may have been the case, for example, prior to the outbreak of COVID-19, there is less understanding of what that means for our communities and the people who inhabit them.”

This lack of understanding is something the GRC team have an antidote for, going so far as to paint vivid illustrations of potential future risk scenarios for Aotearoa, describing in detail the world we may inhabit within our foreseeable futures:

In 2035, the effects of climate change are being felt acutely by New Zealanders. Between December and April each year the prices of fruit and vegetables rise sharply as regular storms and tropical cyclones decimate traditional agricultural land. The adoption of vertical farming technology is lagging behind other comparable countries due to the influence of powerful

agricultural lobbying, but industry experts predict a mood change over the next twelve months.

And of the state of foreign interference in 2025, the GRC team suggest:

Fuelling of fringe anti-authority and conspiracy groups by overseas agents has expanded from disinformation to funding and equipment to carry out disruptive activities designed to consume police, media, and political resources. Members of these groups receive this indirectly through proxies and remain unaware that they are targets of foreign interference.

These may paint rather dystopian pictures, but they nevertheless present as the result of a robust and multidisciplinary analysis of the swirling historical currents that characterise the uncertainties of the present.

If a major critique of pre-9/11 risk assessments was that their failure was due – in the words of Donald Rumsfeld – to a failure of imagination, then GRC’s approach is one that eschews traditional in-the-box thinking and that places the ability to imagine at its core.

“The report is unique because of its scope and how interdisciplinary it is,” Calder told Line of Defence. “A lot of expert analysis of New Zealand’s risk environment ends up being siloed but we have really strived to bring it together in one place and explore how the risk profiles are interconnected, then released it into the public domain to stimulate discussion.”

“We didn’t shy away from combining a range of methodologies to create a novel approach,” he said. “We leaned into the Hazard Layer Model, the ISO 31000, the concept of Macro Risk Drivers, and even futures modelling techniques like Horizon Scanning and Critical Uncertainties Matrixes.”

Although a broad range of subjectfocused professionals will likely find the report worthwhile, Calder says that the report is particularly useful for companies and agencies with a broad, complex scope. “Sectors like insurance, healthcare, national security, criminal justice, and even construction will get immense value out of exploring the interconnectivity of risk profiles, especially the way in which they may converge in the future,” he said.

Russia-backed hackers target government and IT organisations linked to Ukraine

Data presented by Atlas VPN reveals that Russian hackers have been targeting Ukraine’s and its allied countries’ government and IT organisations with everincreasing sophistication.

The Russian government is believed to be behind the cyberattacks, as they appear to be well-funded and wellorganised. The attacks have been aimed at stealing sensitive information, disrupting systems, and causing chaos in the targeted countries.

According to the recently published Microsoft Threat Intelligence report, the government sector was by far the most targeted sector by Russian stateaffiliated hackers between February 2022 and January 2023.

The team at Microsoft discovered 46 organised cyberattacks on various government bodies. Russian threat actors were also interested in IT & communications companies, launching 17 attacks within the last year. The energy sector was also among the industries most targeted, subject to 16 cyberattacks.

A suspected Russian threat actor named IRIDIUM initiated several phishing activities between 12 and 28 January 2023 to access accounts at Ukrainian businesses in the defence and energy sectors.

This aligns with the traditional targets of Russian cyberattacks in Ukraine since the energy sector provides a significant portion of Ukraine’s revenue, and the government and telecommunications industries are key components of national security.

Russian hackers have been using a variety of tactics to infiltrate

government and IT organisations. One of the methods used is spearphishing, which involves sending emails with malicious links or attachments that, when clicked, infect the targeted computer with malware.

The attacks have become increasingly complex over time, with hackers using advanced techniques such as zero-day exploits, which are vulnerabilities in software that are not yet known to the software vendor.

Attacks outside of Ukraine Ukrainian government and IT organisations are not the only targets of these attacks. Russia has also targeted companies in other countries, including NATO member states, to play havoc with their operations and gain access to classified information.

Between 07 and 23 February 2023, Microsoft observed Russian nation-state threat activity against organisations based in 74 countries, excluding Ukraine.

According to the amount of recorded threats, EU and NATO member countries—particularly those on the eastern flank—dominate the list of the top 10 most targeted states.

In the 74 countries they attacked, Russian threat actors were particularly interested in government and IT sector firms, much like in Ukraine. Government and IT & communications sectors suffered from 100 and 51 cyberattacks, respectively.

Hackers corrupt IT businesses to leverage trusted technical ties and gain access to those firms’ clients in government, policy, and other sensitive institutions. They also paid a lot of attention to the activities of various non-profit organizations and tried to disrupt their efforts by launching 31 cyber threats within the past year.

Sophisticated cyberattacks were launched on companies in the education and energy sectors, with 16 threats targeting each.

12 & 24 VDC selectable

FDH40S

unbreakable universal mounting

• Low power consumption - low operating temperature

• One product suits floor and wall mounting

• Universal armature - offsets to 55º to suit doors opening past 90º • Wall mount extensions available

• 12 & 24 VDC selectable • Push off button with no residual magnetism • Oversize armature for easy alignment • Emergency release button

• Electroless nickel plated armature and electromagnet

• Stainless fastenings • Full local support and back up

10 YEAR GUARANTEE*

Designed, tested and produced in New Zealand to AS4178

A) Wall mounted,126mm extn. tube (overall 202mm)

B) Wall mounted, 156mm extn. tube (overall 232mm)

C) Wall mounted, 355mm extn. tube (overall 431mm)

FDH40S/R

Surface and Recess mounting

This device enhances an outstanding range of unbreakable products which conveniently hold open fire doors. When a smoke/fire alarm is activated the magnet instantly releases the door to the closed position to prevent the spread of smoke and fire. These units feature a choice of 3 covers for optimum aesthetic appeal and durability. The installer can utilise one device for surface mounting or for recess mounting.

10 YEAR GUARANTEE*

Preventing Forest Fires with Digital Intelligence

A Dahua intelligence video surveillance solution locates fires in remote forest areas quickly, enabling firefighting crews to respond rapidly to minimise the loss of vegetation and fauna.

In 2020, forest areas in picturesque Dali Prefecture in China’s southern province of Yunnan were reported to have reached a coverage of 1.855 million hectares, ranking them among the largest in the country.

In addition to absorbing carbon dioxide, conserving water sources, and maintaining water and soil, these ancient forests also shelter a large number of rare wild animals and plants. If a forest fire were to break out, these natural wonders are at risk of being catastrophically damaged and having their inhabitants endangered.

Since 2020, Dahua has been assisting Dali Prefecture in building front-end systems and installing wireless transmission systems in key protected zones as well as areas prone to forest fires. This has led to the

detection of more than 500 cases of illegal use of fire in the wild and seven cases of forest fires.

24/7 real-time monitoring Dali Prefecture’s forest coverage rate reached 65.51% in 2020. 28 nature reserves of various types have been established throughout the prefecture,

totalling 181,000 hectares. The vast forest constitutes an ecological security barrier, but its massive area makes it difficult to monitor forest fires.

“Burning straw, cooking fires, etc., are all common [causes of] wild fires, but even seemingly insignificant areas can become the source of forest fires,” a local forest ranger said.

Multiple round-the-clock patrol points were set up to monitor and observe surrounding forest areas 24/7, with three personnel per shift. The mountains are high and the slopes are steep, many of which are covered with thorns. Nevertheless, with the help of modern technology, these diligent forest rangers maintain a high level of effectiveness.

Dual-spectrum thermal imaging cameras deployed in the forest enable the fire prevention video monitoring system to complete an automatic sweep of the area in just 15 minutes. Based on visible light and thermal imaging technology, it can detect a fire source of about two square meters within a range of 5-10 kilometres.

Accurate multidimensional positioning of fire source

Flammable coniferous trees such as various species of pine are widely spread across the forest areas of Dali Prefecture. Large-scale and highintensity forest fires could start in these areas in a short period of time. In the case of a sudden fire, quickly locating the source of the fire can add crucial time for firefighting responders. Technologies such as dual-spectrum

video monitoring, intelligent image analysis and recognition, and threedimensional positioning enable the smart system to detect a fire, quickly locate the fire source and automatically send alarm to on-duty personnel. In forests of hundreds of hectares (or even thousands of hectares), the source of the fire can be accurately located within 50 meters, allowing the firefighting team to quickly reach the location and providing more time to control the fire.

Efficient investigation, assessment and handling of fire scenarios

Extinguishing forest fires requires full cooperation of the frontline and the command center, with the command center quickly communicating with the frontline in relation to firefighting strategies based on the actual fire situation. But how can they understand the situation at the scene if they are far away?

This particular job is handled by the visual forest fire prevention video monitoring system. This smart security system synchronously displays realtime images in the monitoring center, combined with other corresponding data such as space, time, fire type, etc.

It enables operators to check and assess the situation in time, and quickly deal with the fire according to the corresponding plan.

Full network coverage in forest areas

Considering its vast areas, transmitting valuable information from the forest could be a daunting task. “The mountain area is large and widely spread. Sometimes, there’s even no mobile phone signal. In order to allow the command center to see the scene in time, we also built a wireless transmission with front-end equipment. The smart system covers all the video points in the forest and sends forest fire information back to the command center in real time,” a Dahua technical engineer explained.

The forest fire prevention video monitoring system that Dahua helped build in Dali Prefecture offers widecoverage, all-weather, high-precision, and intelligent 24/7 monitoring that can automatically detect fire and locate its source in time. Early detection, reporting, and handling of the fire situation using digital intelligence can effectively safeguard the safety of these local ecological barriers.

Going above and beyond to support flood hit communities

In a 22 February account of its team’s response to the flooding in the Hawkes Bay and Gisborne regions, Red Badge notes that the ability of its people to adapt to the changing situation made a significant impact.

It came as no surprise that the recent floods and power outages on the east coast caused major disruptions, leaving communities without access to power and the internet to pay for essential goods like food and water. On Friday afternoon we were contacted to provide relief and assistance for the Civil Defence and Police, and by Sunday we had a team from Christchurch on the ground, supporting all of the major banks in the Gisborne region.

Getting local and nearby staff to the affected areas was more challenging than usual, with roads closed and nearby Napier still without power. Communications were also limited, so touching base with the site Bank Managers, Civil Defence and the Police on the ground was crucial for our team in understanding what was needed of them.

Our CEO, Ben Wooding, understood how important it was to deploy an outside team to the region, after being contacted by two of our banking customers.

“The banking services in the area were in high demand as the community were operating entirely with cash due

to power, internet and phone outages,” he said.

“There were large queues at the ATMs, growing tensions in the community, and business customers needing to deposit cash. Looting was also a major concern for authorities, so we needed to ensure our team were equipped well and had undertaken thorough risk assessments.

Ultimately our staff were crucial in managing the crowds and queues at the ATMs and bank branches, keeping people aware of wait times to minimise disruption, monitoring suspicious behaviour, and de-escalating conflict to help the banking staff and customers feel safe.

Our Christchurch team didn’t know what to expect when stepping off the plane on Sunday, but they came prepared, stocking their suitcases with everything they needed to avoid being a burden on the local supplies.

“We knew that this community was doing it really tough, so we needed to

take a different approach to security and be there to support them and be as empathetic as possible,” said Christchurch Operations Manager Amy Roberts, who was part of the team. By us just being personable and positively engaging with them, it really helped with the anxiousness people were facing.”

“We were overwhelmed with how appreciative people were and how thankful they were that they could access their banking service. It really reminded us of our own team’s experience with the Christchurch Earthquakes, and how everyone came together to support each other with a great sense of community”. Today marks the 12th anniversary of the Christchurch earthquakes.

By Tuesday afternoon the Christchurch team were called upon again to provide further support to the retail banking sites in the Hawkes Bay after further reports of looting, and staff who were experiencing an increase

in verbal abuse. Within 24 hours the team were on a chartered helicopter on their way to the Hawkes Bay to help manage the situation.

“Our team’s willingness to assist wherever needed has been inspiring,” said Amy. “Whether that was shovelling silt or feeding those displaced, it makes me proud to work alongside them. Several of our team were even put on a Helicopter this morning to assist in Napier, not knowing when they would even get home”.

The fast-paced and unpredictable environment posed a challenge for our team, but their dedication to the community and our customers, and their ability to adapt to any situation has made a significant impact.

“I’m just incredibly proud of the support our team have shown to our customers and the community,” said Ben Wooding. “They have gone above and beyond, and their actions are a true testament to the remarkable people we have here at Red Badge.”

How to Measure Your Risk Monitoring Activities

Writing for ASIS International publication Security Management , Thomas Kopecky, chief strategy officer for Ontic, demonstrates the importance of a metrics-based approach to security management.

Ideally, businesses should use data to inform and contextualise their most important decisions, both inside and outside the security function. But obtaining accurate data to measure the value and effectiveness of security services such as risk monitoring or threat mitigation—which can be inherently less tangible—is often much more complex than a simple profit or loss calculation.

Well-designed and implemented security programs typically aim to be seamless and invisible, preventing and mitigating threats so well that many in the organisation don’t realise a risk was present. But when success means nothing happened, how can security teams better measure and articulate the effectiveness of their programs?

Even though most security programs can’t easily tie their contributions to a dollar value, that doesn’t mean those programs aren’t making direct and significant contributions to the business, or that metrics don’t exist to show that impact.

There are several ways to measure the effectiveness of your security programs, helping to demonstrate your team’s successes while also highlighting gaps that need to be filled in resources and personnel to ensure the security program can continue to support the organisation’s growth and contribute to its goals. Perhaps most importantly, defining and measuring these

benchmarks can provide a foundation to prepare the security team and the larger organisation for emerging risks and the future threat environment.

Understand the Most Important Metrics

There is no one-size-fits-all solution to choosing the correct metrics to monitor, especially within the security industry. When considering the most important security program metrics you should track, everything should be viewed through the lens of your specific organisation’s goals, strategy, and priorities.

The most important metrics to track are those that are clearly and directly relevant to your organisation’s most critical activities. Usually, there is a direct connection to activities that bring revenue, but that isn’t true in every organisation.

Start by thinking about the security programs that support your organisation’s most critical business processes and operations and consider how you define the success of those programs. You will likely find many interesting and useful data points that can be analysed and tracked—but just because a point of interest can be measured and tracked doesn’t mean it will be beneficial to your team. The most useful categories of metrics will be:

Relevant. The easiest metrics to track often turn out to be the least relevant. Ideally, the metrics you track should not only be useful and relevant within the security organisation, but also

followed as critical parts of the success of the larger organisation.

Actionable. The metrics you choose to track should be tied to actions the security team or your organisation can take. Don’t measure anything your team would not be expected to take action on or that your team’s actions would not impact. The more a metric can inform effective business decision making by the security team or the wider business, the more useful it is to monitor.

Cost effective. While it might be useful to measure and track many things, make sure the metrics you choose to track are worth the cost. The final cost will include monetary cost of the data, collection time, and analytical effort to evaluate the data.

If you’re starting the metrics monitoring process from scratch, it may be useful to start with only one to three metrics and re-evaluate their usefulness to your ultimate goals and the broader organisation.

Measure and Benchmark Program Effectiveness

Once you have a short list of the most critical items to monitor, think about the best ways to measure progress within each of those metrics. Then consider what decisions can be made based on the information you will collect—for example, whether specific metrics should trigger any actions within your programs. Where possible, financial measurements typically provide the most tangible demonstration of a program’s value, but in security programs, financial metrics may also be the least cost-effective

and most time-intensive to obtain and monitor.

Similar to the work identifying the most appropriate metrics to track, don’t be afraid to get creative to ensure that your measurement of these metrics is relevant to the program’s actual performance. The quality and relevance of the metric is almost always more important than the quantity of data you can collect. For example, counting the number of violent threats to the organisation may not be a particularly useful number if there is reason to believe the count is not accurate due lack of monitoring or lack of awareness of reporting mechanisms.

While it may be helpful to create quantitative measures of program performance—such as surveys of employee understanding of key security programs and objectives—it’s critical to ensure only the most relevant data is captured.

Also keep in mind that burning goodwill with others within the organisation is rarely worth the benefit of obtaining a metric.

In some cases, it may be useful to create categorisations within a metric to provide nuance and create more value in your evaluations. For example, for a program that conducts investigations, it may be useful to separate each investigation based on complexity to ensure the level of effort, speed, and performance can be reflected accurately. An honest cost–benefit analysis of the collection should drive your decision about whether further categorisation of metrics is a useful and effective step.

Ultimately, the metrics you collect and measure should be able to help your team prove the effectiveness of its programs in two key areas. First, demonstrating changes in performance or changes in program effectiveness in key time periods allows your organisation to understand changes over time.

Second, analysis of trends can establish patterns of activity and performance, correlating specific events or program changes with corresponding levels of performance. For example, the loss of a key person on the team may cause performance to decrease in a specific program’s effectiveness, while the acquisition of a new tool may drive increased program use or employee engagement in other programs.

Where possible, it may also be useful to articulate the benefits and cost savings of acting proactively within specific programs, identifying the costs associated with failing to mitigate specific risks before they become direct threats that require most costly interventions.

Moving the Needle

Even though security professionals are challenged with knowing the best ways to document their program accomplishments, identifying and tracking key metrics is critical to ensuring your team’s continued contributions and relevance to the organisation.

As with any other business function, presenting data that demonstrates the ways your team is working to promote growth, revenue, or productivity is a key way to demonstrate the value of your programs and get larger organisational buy-in to accomplish key goals and share the responsibility for mitigating risks across the business.

Security teams make daily decisions that keep employees, physical assets, and operations safe from a wide spectrum of risks. Using the right data to demonstrate the effectiveness of those efforts can help the security team to earn the confidence, trust, and support your programs deserve.

Hotel Security: Time for some security housekeeping?

According to FIRST Security’s GM Strategic Accounts, Brian Switalla, as the travel industry continues its emergence from COVID-19 and relative normality returns, now is an opportune time for hotel operators to tick a few security boxes.

As the world’s borders continue to reopen and passenger numbers continue their slow return to preCOVID levels, what are the security risks that you should be planning for and mitigating against?

Take stock of your security

The last few years have been a bit of a whirlwind. Faced with the unprecedented challenges thrown up by COVID, hospitality operators have had to adapt quickly to changing circumstances. The rush to more agile approaches to change and more flexible approaches to work have, however, introduced risks.

Having quickly onboarded new vendors, contractors, and point solutions to fill immediate needs, hotel operators have introduced a range of potential vulnerabilities into their organisations. Reviewing recent changes and conducting a vulnerability assessment is a worthwhile step to take in order to identify where the weaknesses are and put in place measures to strengthen them.

Hotels are ‘crowded places’

In 2020, New Zealand Police released Protecting Our Crowded Places from Attack: New Zealand’s Strategy. The strategy introduces a number of helpful guidelines and tools to assist owners and operators of crowded places reduce the chance of an attack occurring and lessen its consequences, and to better understand how to deter, detect, delay and respond to an attack.

A ‘crowded place’ is any location that large numbers of people access easily and predictably, such as schools, shopping centres, places of worship, entertainment venues, and hotels. These places can be particularly attractive to attackers because of their often-symbolic nature and because of the potential harm they can inflict.

Terrorist attacks aren’t generally what tourists to New Zealand are expecting, but at the same time we are never immune from it. The NZ Police’s crowded places strategy includes some very helpful self-assessment resources, and I recommend that you consider working through these or seeking professional security assistance to work through these with you.

The human touch

Along with CCTV, gates, doors, and alarm systems, security guards are among the myriad security measures

available to hotels. Security staff are a valuable part of an overall security solution.

A key feature that sets security staff apart from other security measures is that they are human. This means that they can carry out any number of roles, from patrolling to bag searches, VIP escorts to identity checks, CCTV monitoring to detecting behavioural red flags. Their role can also extend to reception, concierge, and wayfinding services, and just generally making visitors feel safe and looked after.

Faced with an unfolding security incident or a sudden threat, a well trained and experienced security officer will make the right decisions quickly. Faced with a distressed patron, an experienced officer will know how to engage and diffuse. Visible and well turned out security personnel provide reassurance to guests and deterrence against crime and antisocial behaviours.

NZSA CEO’s March newsletter

In his March update, NZSA CEO Gary Morrison discusses online training hub launch, a new short-term contract with MSD supporting employment of entry level technicians, commencement of school visit programme, and more.

A catastrophic life changing event. There is no other way to describe the devastating impact Cyclone Gabrielle has had on many people’s lives and livelihood.

Whilst the daily updates that we see through the media are shocking in their own right, talking to those who are on the ground provides a better understanding of what many are facing, with whole communities obliterated and the constants of thick mud, piled uncollected rubbish and the stench of rotting food, vegetation and often raw sewerage.

be forgotten in coming weeks and months.

NZSA Saved a Life Medal

As mentioned in our last newsletter, we launched this programme early this year whereby we recognise and celebrate those workers within our industry who have saved a life, or lives, through their actions.

Gary Morrison is CEO of the New Zealand Security Association (NZSA). A qualified accountant, Gary was GM of Armourguard Security for New Zealand and Fiji prior to establishing Icon Security Group.

Those I have been in touch with all talk in awe about the way communities have come together to assist each other (other than the small minority who have resorted to crime) and what has been achieved, however there is also a growing realisation and resignation that they are only scratching the surface and that the necessary rebuild of infrastructure and property will be a massive task over a considerable number of years.

The other issue at this time is that of mental trauma and stress and the longer-term impacts on residents.

We are pleased that we have been able to provide some support for our members in the impacted regions – helping to facilitate Emergency Licencing requirements through the PSPLA, coordinating offers of additional resources and forwarding 20,000 face masks to the Hawkes Bay region for use by staff, customers and community groups involved in clean up duties.

Our thoughts remain with all those who have been impacted and our commitment is that they will not

During February we received three qualifying nominations, and we will issue a profile of the individuals and their stories, including photos of them receiving their medals, in coming weeks.

The nomination process is very straight forward with qualification criteria outlined on our website. Nominations can be submitted on the NZSA website.

Launch of NZSA Online Training Hub

We are thrilled to advise that our online training hub is now live and can be accessed via the NZSA website.

The NZSA recognises the importance of continued professional

development and the training hub has been designed as a single repository for non NZQA training and learning programmes and materials, that can easily be accessed by our members, their employees and the wider industry.

The training hub currently comprises the following learning and training materials:

• Literacy and Numeracy Modules (free access)

• Electronic Security Good Practice (chargeable with preferential member rates)

• Entry Level Security Technician Foundation Training (chargeable with preferential member rates)

We will continue to add further training and learning programmes and materials, either developed in-house or by external parties, and would welcome feedback from our members with regards to what training resources they would like to be able to access.

Launch of new MSD contract

Over the last five years, the NZSA has provided our members with in excess of 550 employees through our SFI (Skills for Industry programme). Whilst our programme is non role specific, the focus has been targeted towards Security Officers and Monitoring Operators.

We are very pleased to announce that we have signed a new shortterm trial contract with MSD that specifically targets entry level (school leaver or limited work experience) candidates seeking employment in the electronic security sector.

The contract recognises the continued resource shortage for Security Technicians and the importance of developing apprentices locally rather than bringing in workers from off-shore.

Under the contract the NZSA will provide candidates successfully placed into work with a comprehensive tool kit, a laptop, safety boots and enrolment in the NZSA-developed Foundation Training Programme for Entry Level Security Technicians.

The contract also recognises the importance of the employer providing support and pastural

care and includes an obligation that they will enrol candidates into the NZCiES Apprenticeship on successful completion of the Foundation Training Programme.

Whilst the contract was signed mid-February and is only for a four and a half month trial, it is pleasing to note that our first candidate placement commenced employment in late February and we are very hopeful that with continued success, MSD will extend the contract for a further year on completion of the trial.

School Career Pathways Programme

Late last year we reported on our attendance at the CATE (Careers and Transition Education Association) Conference and how we would use that as a stepping-stone into developing a formalised program for 2023 where we could match school career advisors (and school career events) with our members.

We are pleased to advise that the initial engagement for this year has been confirmed and both Red Badge Group and Alarm Solutions 2002 will be attending a “speed dating careers event” at St Bede’s College in Christchurch mid-March. Hopefully we will have some photos to include in the next newsletter.

We will be confirming other engagements in coming months as the schools become more active with their students and will contact and arrange

representation from our members who have expressed interest in participating. As a separate project, we are also investigating the opportunity to develop a school Gateway Programme that we can introduce to the schools to promote the security industry as a career pathway.

MSD Security Awareness “Passport” Certificate

Traditionally MSD have hosted regular Job Expos around the country where those seeking employment can talk to a range of industry and employer representatives about career opportunities and potential job openings. Whilst the expos have been valuable in matching candidates with employers, they are “low touch” and provide the candidate with very limited information on what the jobs entail.

Late last year MSD introduced VR (Virtual Reality) Job Expos where the candidates have the opportunity to register interest in a range of industry roles and to then through the VR headset to actually experience what the roles entail. Where appropriate, candidates can also receive a “Passport” or certificate verifying their participation and completion of the industry experience.

Utilising materials from the NZSA CoA VR Training Platform, one of the industry experiences covers security officers and guarding roles. Participants are provided with an overview of the industry and an understanding of the

principles around managing conflict before they are placed into two real life work scenarios that include identifying risks and dealing with aggressive individuals. Participants are required to utilise appropriate skills, but the platform provides corrective guidance when necessary.

To date, Security has been the third most popular industry, closely behind Tourism and Kiwifruit picking.

Moving forward, those candidates who undertake and complete the Security VR experience will be provided with an NZSA Security Awareness Passport Certificate that confirms that they have an awareness of security roles and duties.

The Security Awareness Passport Certificate is not a NZQA qualification or evidence of competency, but it does provide potential employers with the knowledge that the candidate has shown the initiative to undertake the experience and has an awareness of what a role in security will entail.

NZSA website resources

It was pleasing to recently receive a LinkedIn communication from one of our members, complimenting us on the quality and breadth of resources available on the NZSA website.

In the words of our member “it is a fantastic resource for all who work in, or engage with, the security industry and provides comprehensive information on standards, guidelines,

training, licensing and much more. I’m happy to direct my colleagues to the site for any security related matter”.

The reason for mentioning this is that whilst our website statistics show the site is well utilised, it is evident from the number of the email and phone enquiries that we receive that many members are unaware of the information that they can access directly.

With recent updates to include the Saved a Life Medal programme and the Online Training Hub, it may be a good time to check that your member details are correct, ensure that you are utilising the range of member benefit programmes, review the information available and remind your teams that they can access the resources available.

PSPLA complaint process and outcomes

We regularly hear comments that the PSPLA complaint process is ineffective and has no teeth. Whilst those comments might have been valid some years ago, our current Registrar, Trish McConnell, has implemented a number of changes and improvements that have resulted in a far more effective and transparent complaint process. In conjunction with this, the CIPU (Complaints, Investigation and Prosecution Unit) team within the Department of Internal Affairs that is tasked with investigating complaints has had its resources strengthened and

is adopting a more proactive approach, including random checking of staff at venues and events.

For those who are interested, it is possible to see a record of all complaints received, and resulting outcomes, detailed on the PSPLA website under “Decisions”.

We would also like to pass our thanks onto Trish and her team at the PSPLA for their responsiveness in enacting emergency licensing procedures to assist with Covid, and more recently the flooding events in the North Island.

Increase in Membership fees

As an industry association we are very mindful of the difficult trading environment that many businesses are facing and the ongoing pressures of cost increases.

We have been able to avoid any increase in our membership fees for the last five years through a combination of cost controls and additional revenue generating activities, such as the MSD SFI Programme. However, we do need to advise our members that we will need to apply a 7% increase to the membership fees for the upcoming 2023/2024 subscription period.

We are confident that our members will view our contributions positively and recognise the importance of having a strong and effective peak body representing the industry. Should any member have concerns, we are happy to discuss those directly.

Genetec’s predicted physical security industry trends for 2023

In Genetec’s predictions for 2023, security system unification, access control modernisation, hybrid cloud advancement, and cybersecurity top the list. Three months in, how are the predictions holding up?

In December last year, security solutions provider Genetec shared its top predictions for the physical security industry in 2023. These included:

Labour shortages drive demand for unified security solutions

In the Genetec 2022 State of Physical Security Report, 50% of respondents said their physical security team experienced human resource challenges last year. For 2023, security leaders are re-evaluating their technology stack seeking solutions that help streamline tasks, automate processes, and enhance team efficiency.

Unifying video surveillance, access control, automatic license plate recognition, communications technology, and other valuable functions can make an operator’s job easier and reduce costs and training. Built-in analytics or decision support features can further streamline operations.

Modernising access control will be a top priority

The report also showed that 67% of organisations are planning to invest in access control system (ACS) modernisation in 2023, putting it at the top of the physical security tech investment list. Modern ACS include built-in cyber defences and health monitoring tools, and higher levels of automation.

Upgrading to a modern, open ACS will help organisations eliminate the weak points of legacy systems and

better defend against cybersecurity threats, as well as enable new capabilities like mobile credentials, biometrics, and cloud-connected controllers and services, to implement over time.

Hybrid-cloud deployments will drive demand for cloud-connected appliances

Hybrid-cloud deployments are gaining traction, with some organizations opting to conserve security devices and infrastructure investments that are not cloud-ready, and others having bandwidth limitations or the need to keep some data processing and storage on site.

As businesses rationalise costs, concerns, and approach to cloud migration, we can expect an increase in demand for ready-to-deploy hybridcloud appliances. This infrastructure will support edge-computing workloads and make existing devices cloud-compatible, and help centralise access to systems and data across many sites.

Improving cybersecurity continues to be a top concern

Research by Genetec shows that 36% of IT and security professionals are looking to invest in cybersecurityrelated tools to improve physical security in 2023. While a more holistic, automated approach to defending against threats will take precedence, so too will proactive security architecture planning and procurement. These measures may include:

• replacing legacy equipment before succumbing to end-point failures to better mitigate risks

• using intelligent maintenance tracking tools and metrics to improve forecasting

• relying on external expertise to adapt security architecture planning as supply chain lags

• standardising on solutions built with cybersecurity and privacy in mind to enhance resilience across the partner ecosystem

This take-charge mindset will help organisations better defend against cyberattacks and become an essential factor in preserving business resilience and continuity.

Other notable trends Genetec anticipated impacting the industry in 2023 are the extraction of physical security data pushing digital transformation forward, growing collaboration and convergence of IT and physical security teams, and the continuation of remote work driving increased need for space utilization data.

These predictions were informed by a Genetec report including insights from 3,700 security leaders worldwide.

For more information, read the full Genetec 2022 State of Physical Security Report.

First recipients of NZSA Saved a Life Medal announced

Two months after launching its new Saved a Life Medal, the New Zealand Security Association announces the first cohort of inspirational medal recipients.

Security personnel are often first responders to a diverse range of incidents and emergency situations and the actions that they take can directly lead to the saving of lives. And this has been amply demonstrated just two months after New Zealand’s peak security industry body launched its awards programme recognising the life-saving actions of security personnel.

“We are thrilled to announce the first recipients of the NZSA Saved a Life Medal,” stated the NZSA in a message to its members. “The calibre of the nominations has been outstanding”.

The first round of Saved a Life Medal recipients are:

NZSA Saved a Life Medal

• Leitualamavae Vaa and Shelley Herbert, Armourguard Security

• Lily Wilson, Alpha Protection Services

NZSA Saved a Life - Highly Commended

• Mike Fairbrother, Alarm Solutions

Leitualamavae Vaa and Shelley Herbert, Armourguard Security

On 10 December 2022 an altercation occurred between a couple at the Otahuhu Rail Station that resulted in the female being extremely upset and suicidal, threatening to jump over the rail bridge.

Leitualamavae and Shelley initially held the woman’s hands and provided reassurance, however after calming her down the woman became agitated again and ran to the rail bridge and started climbing over the rail, forcing Leitualamavae and Shelley to pull her back down and away from the rail. They continued to hold and gently restrain the woman pending attendance from emergency services.

Lily Wilson, Alpha Protection Services

On 28 October 2022 Lily Watson was working with a colleague doing her patrol route in the Christchurch CBD. They had finished their lockdown as scheduled and were completing their logbook entry for the customer when Lily heard a loud cracking sound coming from inside the premise, she felt uneasy and told her partner they should investigate, even though it would put them slightly behind on their patrol.

After re-entering the complex Lily could hear an odd buzzing sound and when she investigated she found the cleaner lying on the ground next to the still going floor polisher and with a large head wound and having a seizure.

Lily immediately had her partner call an ambulance whilst she placed the cleaner into the recovery position. She then retrieved a nearby defibrillator and followed the instructions of the 111 operator until the critical response team arrived with skilled paramedics. The gentleman was rushed to hospital in a critical condition and was later reported as being in a serious but stable condition with a potential brain bleed.

Mike Fairbrother, Alarm Solutions

Mike was recently commuting through the Christchurch city centre and was about to turn at a busy intersection when a very elderly lady wobbled on the footpath and then fell heavily, and face first, into the path of his vehicle.

Mike carefully manoeuvred around her, positioning his vehicle to create a protective barrier between her and oncoming traffic, and then went to her assistance. He sat with her and provided initial first aid until emergency services arrived and was commended by attending police for his actions in diverting traffic and providing immediate assistance and support.

SAV E D A L I F E M E DA

• Assisting or removing a person, or persons, from life threatening situations

• Providing care to a person, or persons, that has resulting in their surviving life-threatening injuries

• Preventing a person, or persons, from causing life threatening harm to others

• Preventing a person, or persons from causing life threatening harm to themselves

• Identifying and removing risks that if unmitigated, could have caused life threatening harm to others

All nominations will be assessed by the NZSA executive, and recipients of the Saved a Life Medal will be recognised and profiled in the bi-monthly NZSA newsletter and on the NZSA social media platforms, and will also receive an attractive inscribed award which they will retain.

Recipients of the Saved a Life Medal will be honoured with a role call at the annual New Zealand Security Awards event and will automatically be included as a nominee under the appropriate award category.

To make a nomination, see the NZSA website for details.

Nominations for the Saved a Life Medal

The Saved a Life Medal was introduced in January by the NZSA to recognise and celebrate those workers within the security industry who have saved a life, or lives, through their actions.

The NZSA welcomes nominations from employers, customers, work colleagues, emergency service providers and members of the public who can verify that the actions of a Security Officer, or a Security Team, directly contributed to the saving of a life.

Nominations must be received within four months of the incident and be supported by evidence such as media reporting, letters of acknowledgement or witness statements.

The actions of the security worker should fall within the following situations:

Trial suggests Tactical Response Model will make police safer, but what about the community?

According to a report by the Evidence Based Policing Centre, a recent evaluation of New Zealand Police’s Tactical Response Model fails to identify evidence that TRM will make communities safer, writes Nicholas Dynon.

In a 29 March media release, newly warranted police minister Ginny Andersen announced the launch of the Tactical Response Model, stating that “the Government is backing Police and making communities safer with the roll-out of state-of-the-art tools and training to frontline staff.”

“The Tactical Response Model being launched today will make it safer for Police on the job by applying smart Policing to anticipate dangerous and high-risk situations before they arise,” she said.

“The model uses Police intelligence to risk-assess situations early, builds decision-making and critical thinking skills while under pressure and backs that with Offender Prevention Teams and twoperson Tactical Dog Teams coming on board in each district.”

A palatable redux of ARTs

The TRM, states the minister aims to provide front-line Police a “higher level of protection without changing New Zealand’s community policing approach – which we strongly believe is effective and appropriate for our country.”

By mentioning the community policing approach and ‘appropriateness’ of TRM, it is probable that the minister was making implied reference to the Armed Response Team (ART) pilot that ran from October 2019 until it was halted by incoming Police Commissioner Andrew Coster in April 2020. The highly armed – and armoured – ARTs were seen as not in keeping with the aesthetics of New Zealand’s Peelian philosophy of policing by consent.

Of the ill-fated ART trial, New Zealand Police Association President Chris Cahill said at the time that the

Tactical Responce Model to be rolled out nationally

“initiative was hobbled from the start because of a lack of consultation on the concept of ARTs, and no clear communication on the aim of the trials.”

“If you don’t build solid foundations on issues as potentially volatile as armed police, you can’t possibly hope to take the community with you, and that is exactly what has happened in this case,” wrote Mr Cahill.

“In his remarks, the NZPA president pointed to mis-steps, including ART vehicles “that looked pretty sinister in comparison to the police vehicles we are familiar with,

despite the fact that those everyday police patrol cars have Glock pistols and Bushmaster rifles in them for officers to use when needed.”

Police interest in the ART model found renewed legitimacy after Constable Matthew Hunt was shot dead and his partner Constable David Goldfinch was shot and seriously injured following a vehicle stop in the Auckland suburb of Massey on 19 June 2020.

This, according to the November 2022 Tactical Response Model: Evaluation Report by the Evidence Based Policing Centre (a joint partnership between NZ Police, the University of Waikato, the Institute of Environmental Science and Research (ESR), and Vodafone New Zealand) resulted in feedback from hundreds of frontline police officers suggesting “that ART needed to be reinstated”.

This time, however, it appears that NZ Police has taken a more careful approach incorporating community consultation, including with Māori, Pacific and ethnic community leaders, and an evaluation of a four police district (Northland, Counties Manukau, Waikato, and Central) trial

of the TRM conducted by the Evidence Based Policing Centre with support from the University of Waikato and Victoria University Wellington. Among other things, in response to the lessons learned from the ART trial, the TRM envisages specialist tactical teams wearing blue uniforms and driving standard Police vehicles, and that these teams neither self-deploy nor are routinely armed in the course of their normal duties.

TRM objectives

According to the Evidence Based Policing Centre’s November 2022 Tactical Response Model: Evaluation Report, the Tactical Response Model (TRM) intends to achieve the following three outcomes:

1. Frontline staff [police officers] feel safer and more confident in their day-to-day duties;

2. Frontline staff are safer in their dayto-day duties; and

3. Communities are safer.

These outcomes, states the report, would be achieved through three ‘pillars’ of the model:

1. four days of additional tactical safety training

2. the creation of tactical dog teams (TDTs) and tactical prevention teams (TPTs), and

3. new risk-based deployment processes (Tactical Intelligence, Tasking and Coordination, 24/7 DCC, coverage and double crewing after 9pm).

The Evidence Based Policing Centre (EBPC) was tasked with providing an independent evaluation of the TRM trial, which ran from 01 January to 30 June 2022. The evaluation focused on quantifying the actual and perceived impact of the TRM on frontline safety and assessing the implementation of the TRM within the districts in which it was being trialed.

Included within the evaluation was an assessment of the trial against the above-listed three intended outcomes of TRM: (i) frontline staff feel safer and more confident in their day-today duties; (ii) frontline staff are safer in their day-to-day duties; and (iii) communities are safer.

According to Minister Andersen, the trial delivered “impressive results” and elicited “strong support from frontline staff.” So, how exactly did the trial perform against each of its three

intended outcomes?

(i) Officer feelings of safety

In terms of the outcome “frontline staff feel safer and more confident in their day-to-day duties”, the report found that increased feelings of safety were most clearly seen in qualitative data, “but that increases were not seen so strongly in quantitative data.”

Based on baseline survey responses of 2,158 frontline staff and follow-up survey responses of 2,035 frontline staff, positive effects were seen for some safety and confidence measures, however, most survey responses showed no observable effect of the TRM in the four police districts taking part in the trial.

Despite the lack of objective supporting evidence, however, the report stated that “there are indications the TRM will move staff to a greater sense of safety when the model is more widely embedded and its intent better understood.”

(ii) Officer safety

In terms of the outcome “frontline staff are safer in their day-to-day duties”, the report found green shoots of potential success, but no conclusive evidence of it.

Among the positive signs, it noted that there was not a single use of a firearm at police offence in any participating district during the TRM trial. It also found that TRM “through TPTs and risk deployment pathways, has likely reduced the rare but serious events of firearms use at police.”

“Despite there being some very positive impacts and outcomes attributable to the individual pillars, it is too early to interpret most system level outcome results regarding the safety of frontline,” stated the report.

(iii) Community safety

In terms of the outcome “communities are safer”, the report found “insufficient evidence to draw firm conclusions about the TRM’s effects on community safety and feelings of safety.”

In particular, it found:

In terms of community safety outcomes, firearms victimisation results were mixed, depending on victimisation type. Gang tensions and

violence escalated during the PoC period, resulting in a spike in firearms victimisations in Counties Manukau. Because the TRM is not aimed specifically at reducing gang conflict, a short-term spike in these does not imply the TRM is not working. Consistent with a lack of impacts with regard to methamphetamine seizure, there was no apparent effect of the TRM on methamphetamine consumption, based on wastewater results. However, this result is to be expected given the short time frame of the evaluation period. Effects of the TRM on these measures are likely to take considerable time to come to be seen in the data.

On the positive side, the report noted a lack of evidence of any unintended consequences, and several indicators of “potential emerging benefits to the community”, which included fewer complaints about use of force by Police; fewer AOS deployments (which may have a positive impact on community feelings of safety); and reductions in some firearms victimisations compared to what would be expected had the TRM not been implemented.

In the long run, states the report, “the TRM should more tangibly affect community safety and feelings of safety for the better as high-risk offenders, drugs and weapons are increasingly removed from the environment.” That’s a big call. Appropriately, the report states that ongoing monitoring of both TRM activity and community sentiment is required to see if this expectation proves correct.

In conclusion

Despite a six-month trial period (01 January to 30 June 2022) and a 129page evaluation report, the clearest conclusion of the TRM trial is that “it’s too early to tell.” Nevertheless, states the report, its “findings suggest that full implementation of the TRM—with all components working together—would lead to more complete safety outcomes than so far detected.”

And that’s the basis – it appears –upon which the four-district trial of TRM has been considered a success and has led to an official launch of the model across all police districts.

In terms of its objectives relating to improving the safety of frontline police officers, there are some indicators that the model’s mix of new training, processes, equipment and organisational design may deliver better safety outcomes for officers, but the metrics on this remain sketchy.

In terms of its objective of improving community safety, however, there is no clear indication that the model will have any real effect. From the structure of the Evidence Based Policing Centre’s evaluation report to the supporting narratives from the police minister’s office, this third TRM objective comes across as something of a ‘bolt on’, or perhaps a hoped for consequence that might cascade from success in the preceding officer safety objectives.

It is hard not to reflect on the irony of the Evidence Based Policing Centre finding “insufficient evidence to draw firm conclusions about the TRM’s effects on community safety and feelings of safety”.

This re-imagining of the ART concept is – by design – an exercise in making frontline police officers feel safer in their roles. That’s a good thing. But a model designed to improve community safety it is not. Only time will tell whether a model that delivers on the imperative of police officer safety will ultimately have a positive or negative effect on the safety of the communities they are deployed in the service of.

Don’t let financial shame be your ruin: open conversations can help ease the burden of personal debt

With over 300,000 New Zealanders owing more than they earn, debt is an issue affecting many New Zealanders, write Auckland University of Technology’s Matevz Raskovic, Aaron Gilbert and Smita Singh. Nearly two-thirds of New Zealanders are worried about the cost of living, and a quarter are worried about putting food on the table. But the shame that can come with financial stress is preventing some people from seeking help.

According to a recent survey, a third of New Zealanders were not completely truthful with their family or partners about the state of their finances, and 12% actively hid their debt. This shame and worry about money can spill over into addiction, violence and suicide.

Considering the effect of financial stress on our wellbeing, it is clear we need to overcome the financial stigma that prevents us from getting help. We also owe it to our kids to break the taboo around money by communicating our worries and educating them on how to manage finances better.

The burden of growing debt Ballooning mortgage repayments are compounding the financial distress of many New Zealanders. At the beginning of 2023, an estimated 11.9% of home owners were behind on loan payments, with more than 18,400 mortgagees in arrears.

Given the majority of household wealth in New Zealand is in property, our financial vulnerability is closely linked to the ebbs and flows of the second most overinflated property market in the world.

There are also cultural reasons for growing financial distress. Many households have taken on significant debt to “keep up with the Joneses” and to pursue the quintessential quarteracre dream. Social comparison and peer pressure act as powerful levers contributing to problem debt and overindebtedness.

The average household debt in New Zealand is more than 170% of gross household income. That is higher than the United Kingdom (133%), Australia (113%) or Ireland (96%).

The rise of problem debt

And we are digging a deeper hole. Over the past year, demand for credit cards increased by 21.7%. The use of personal debt such as personal loans and deferred payment schemes is also climbing. There is a real risk this debt could become problem debt.

Problem debt can have severe and wide-reaching consequences, including housing insecurity, financial exclusion (the inability to access debt at affordable interest rates), poor

food choices and a plethora of health problems.

Yet, the hidden psychological and social cost of financial distress remains often unspoken, overlooked and underestimated.

Even before the pandemic, 69% of New Zealanders were worried about money. The share of people worrying about their financial situation was higher for women (74%), and particularly women aged 18-34 (82%). It is no coincidence that the latter are particularly at risk of problem debt through so-called “buy now, pay later” schemes.

The stigma of financial distress extends beyond the vulnerable and the marginalised in our society. A growing number of middle-class New Zealanders are quietly suffering financial distress, isolated by financial stigma and the taboos around discussing money. When pressed, one in two New Zealanders would rather talk politics over money.

Time to talk about money

Navigating financial distress and stigma can feel overwhelming. Where money is a taboo subject, it may feel

safer to withdraw, maintain false appearances, be secretive or shun social support.

This tendency to avoid open discussions and suffer in silence can lead to feelings of isolation and contribute to poor mental health, such as depression, anxiety and emotional distress.

Sadly, the trauma of living in financial distress can also break up families. Losing the symbols of hardgained success and facing the prospect of a reduced lifestyle can be tough. It often triggers feelings of personal failure and self doubt that deter us from taking proactive steps to talk openly and seek help.

But what can families do to alleviate some of this distress?

Seek help

First, understand that you are not alone. Over 300,000 New Zealanders owe more than they earn.

Second, seek help. There are many services that help people work through their financial situation and formulate a plan. In the case of excessive debts, debt consolidation or debt solution loans may help reduce the overall

burden and simplify your financial situation.

For those struggling with increasing interest on their mortgages, reaching out to your bank early is critical. During the 2008 recession, banks in New Zealand worked with customers to avoid defaulting on mortgages, including reducing servicing costs, capitalising interest and moving households to interest-only loans. It is essential to understand that the banks do not want mortgagees to fail, and that options exist.

To help future generations avoid debt traps, we need open communication about money – also known as “financial socialisation”. This includes developing values, sharing knowledge and promoting behaviours that help build financial viability and contribute to financial wellbeing.

The lessons about handling money from family and friends are crucial for improving our children’s financial capability, helping them be more financially resilient and better able to survive the stresses we are experiencing now – and those yet to come.

This article was originally published in The Conversation on 28 March 2023.

Finalists for the 2023 New Zealand Outstanding Security Awards announced

The scores are in, judging is complete, and the OSPAs organisers are delighted to announce the finalists of the 2023 New Zealand OSPAs.

Commenting on the awards founder of the OSPAs, Professor Martin Gill said that this year has seen a rise in the number and quality of entries received.

“The OSPAs were introduced in New Zealand for this first-time last year, and it is humbling to see how the security sector has embraced these independent awards to recognise professionalism and excellence, and I am very much looking forward to celebrating with all the finalists in Auckland on the 14 April 2023,” he said.

The NZ OSPAs 2023 finalists are:

Outstanding Contract Security Manager/Director

Nathan Cray – Global Security Solutions

Su Kaur – FIRST Security

Dion Neill – The Neill Group

Allan Wharerau – Platform 4 Group

Outstanding Contract Security Company (Guarding)

FIRST Security

Global Security Solutions

Red Badge Group

Outstanding Security Consultant

Lee Ashton – Optic Security Group

Beca Applied Technologies Security and Risk Consultancy Team

Dion Neill – The Neill Group

P4G Events Security Consultants Team

Outstanding New Security Product SentinX – Crosbies Security

Responda – FIRST Security Command Centre Web – Gallagher

Outstanding Security Partnership

IAG, Repairhub and Aotea Security

P4G Security and Parnell Business Association

Red Badge Group and Workforce

Outstanding Security Officer

Rudi Botha – Tataki Auckland Unlimited

Tua Iro – Platform 4 Group

Simon Jamieson – Millenium Services Group NZ

Vea Tetevano – FIRST Security

Outstanding Female Security

Professional

Anna Barragan – Global Security Solutions

Ruby Mohuanga – Optic Security Group

Casma Moore – Red Badge Group

Natasha Pennell – FIRST Security

Joanne Ryan-Hotere – Millenium Services Group NZ

Outstanding Young Security

Professional

Miranda Cannon – Red Badge Security

Tipene Henare – Optic Security Group

Siva Kalolo – FIRST Security

Matt Maclean – Platform 4 Group

Lifetime Achievement

To be announced on the day

The New Zealand OSPAs will be presented on the evening of Friday 14 April at the Royal New Zealand Yacht Squadron in Auckland and will form part of the ASIS International New Zealand Chapter certification dinner.

The special celebratory dinner is open to everyone from across the industry and you can book your tickets via the OSPAs website at https:// nz.theospas.com/attend/.

The event organisers would like to thank all the supporting associations and judges; sponsors: TEAM Software (headline sponsor); Edith Cowan University (trophies and certificates); Beca (networking reception); Guardhouse and Optic Security Group (award categories).

REACH NEW HEIGHTS in Professional Excellence

ASIS accredited certifications can help you reach your career goals.

“PCI is an important element in the ASIS C ertification programme, dovetailing into both CPP a nd PSP for a comprehensive understanding of broader security industry objectives. An effective and reliable investigation depends on objectivity, thoroughness, relevance, accuracy and timeliness. PCI helps identify critical investigative outcomes, including evidence collection, case management, and the process of offender detection, iden tification, interview and prosecution. Good physic al security designs, together with robust policies and procedures are key elements in a successful investigation. The PCI certification p rov ides an insight into how these pieces interrelate."

- D avi d H orsburgh, MSc CPP PSP PCI

WH Y EARN THE PCI DESIGNATION?

• Provides independent confirmation of your specialized skills in security investigations

• Gain global recognition by your peers and industry

• Get a competitive edge in the marketplace

• Enhance your career and earnings potential

• Enjoy personal satisfaction and professional achievement

Be one of the many ASIS board certified practitioners who are leaders, mentors, and trusted strategic partners, serving both their organizations and the profession.

Validates your ability to conduct security investigations through the effective use of surveillance, interviews, and interrogations. Designed for those with 5 years of related experience. Visit

WHY SHOULD AN EMPLOYER HIRE ASIS CERTIFIED PROFESSIONALS?

• Build a strong, dedicated team committed to high standards and continuing professional development

• Promote ongoing education of critical job knowledge and skills

• Feel confident that your staff are using best practices

• Recruit the most qualified professionals

• Reinforce or elevate your organization’s reputation and credibility

Increase the competency level of your staff by supporting your security professionals in their certification journey.

Gallagher Security Showcase reveals future plans and product insights

Gallagher is celebrating the success of its inaugural Security Showcase hosted at Eden Park in Auckland on 16 March, which saw presentations, live demos, networking opportunities, and rare insights into the manufacturer’s future plans.

Over 200 security professionals converged on Auckland’s Eden Park to hear insights into Gallagher’s road map and future planning. Attendees also gained valuable insights from key presentations and live demonstrations from six Gallagher technology partners, as well as a range of networking opportunities.

“Our whole team is thrilled with the outcome of our inaugural Security Showcase event,” said Brad Small, Regional Manager - New Zealand, “and we’re happy to hear that so many of those who attended felt the value we worked hard to bring.”

A presentation from Chief Technology Officer Steve Bell shared the latest in Gallagher’s solutions, features and integrations, while Chief Architect, Andrew Scothern, offered attendees a sneak peak of the company’s five-year plan for the growth of Command Centre and increased cloud-based capabilities

Insights into solution development and innovation was provided by Chief Product Officer, Meredith Palmer, who was recently recognised in the Executive category of the 2022 Women in Security Awards Aotearoa. Marketing Partner Ellyse Bowen delivered a deep dive into the benefits of Gallagher’s Care Plan.

Sir William Gallagher was also in attendance along with the company’s New Zealand sales team and six of Gallagher’s technology partners, who were on site to provide product demonstrations, including ASSA ABLOY, Catalyst Cloud, Channel Ten, Parkable, Salto, and Traka.

“I think the biggest takeaway is that people are craving events like these,” reflected Brad Small.

“You don’t typically see end-users, Channel Partners, and Technology Partners all in one room, but bringing everyone together facilitated conversations that either wouldn’t have happened at all, or would have drawn out over days via email. There’s real value in sparking those kinds of connections across the industry and I’m so pleased that our goal was realised.”

“The feedback I’m hearing is that people walked away feeling like they gained something special from attending,” he said. “People were sticking around well after the event ended to keep talking - I’ve even had multiple people tell me this was the best event of its kind they’ve ever attended, which is incredibly rewarding to hear.”