Counter Terror Business 52

Since our last issue a few months ago, the UK has seen two new prime ministers and two new home secretaries, as well as one new security minister. With another new government now in place, it is hoped Protect Duty can progress.

Last month saw the biggest policing operation the UK has ever had, with the death, mourning period and funeral of Her Majesty the Queen. Operation London Bridge saw the largest ever single deployment of armed officers across the UK and the largest ever deployment of HVM assets. The successful operation meant the period passed without serious incident.

Next month marks the start of the FIFA World Cup in Qatar. This one-of-a-kind event poses potential challenges for security forces and local authorities with the stadiums so close together in a country that has not hosted this kind of event before.

This issue includes an article by 19-year-old Alicia Taylor on the incredibly important Bee The Difference campaign, which advocates for improved support for young survivors of terrorism. There are also features on HVM, emergency planning and cybersecurity, as well of a review of the successful International Security Expo.

REGISTER

MSC IN COUNTER TERRORISM

“Figen’s dissertation is well structured and well researched. She has challenged the validity of her own thinking about Martyn’s Law, publicly and critically. How many of us are brave enough to do that to the things we are passionate about? She has taken her campaign for Martyn’s Law to the next level by exploring what will be needed to make it a success. When I read her dissertation, I couldn’t help but think that if every great idea we had was supported by good quality research, our battle against terrorism would enjoy more success and would be more cost-effective.” - Nick Aldworth

07 NEWS

Tom Tugendhat retains minister for security position in Sunak’s government; Teenager becomes first person in US to be convicted of terrorism charges for a school shooting; and Government publishes Prevent Duty training guidance

13 PROTECT DUTY

Though it is not known when any form of Protect Duty will come into effect, early 2023 is the date that has been mentioned. And with the current situation in government, this may be pushed back. However, there are several things you can do now to prepare

15 PROTECT DUTY

In light of Protect Duty, Lee Doddridge, director at Covenant, looks at the possibility of a Competent Persons Scheme

18 PROTECT DUTY

On 18th October, CTB 365’s webinar on the Protect Duty, Building resilience for PALs took place, chaired by Philip Ingram, with a keynote speech by Figen Murray, followed by two panel discussions

20 BEE THE DIFFERENCE

Alicia Taylor, 19, from Leyland, Lancashire talks about her recent trip to talk at the UN Global Congress of Victims of Terrorism

URBAN SECURITY

Christian Schneider, Hostile Vehicle Mitigation advisor gives a brief introduction and summary of the HVM measures applied in Berlin following HVM attacks in 2016 and 2022

27 STADIUM SECURITY

With the Men’s Football World Cup coming up in less than a month, David Stewart takes a look at some of the security challenges faced by the organisers and those responsible for making sure it is a success

Lina Kolesnikova, security and

how organisations

Randall, CEO of Pimloc

looks at both sides of

42 DRONE TECHNOLOGIES

On 19th July, CTB365 held a Drones and Counter Drone Technology webinar, one of the panellists, Jackson White, business development director, RF Datalinks and Marketing (SPX Comtech) answers some of the questions that it wasn’t possible to answer during the webinar

CYBER SECURITY

IASME Cyber Assurance standard offers SMEs a comprehensive risk-based framework to demonstrate their security and compete for business. They are also

with Secured by Design, the

police security initiative, on their new Secure Connected Device accreditation

ISE returned to London on 27 and 28 of September, CTB shares a review including some insightful pieces from some of the speakers

Tom Tugendhat remains in his position as security minister in the Home Office, in new PM Rishi Sunak’s government.

Tugendhat was previously appointed to the role by Liz Truss.

QUEEN’S DEATH

Counter Terrorism Policing thanks public for support during Operation London Bridge

Matt Jukes, head of Counter Terrorism Policing has thanked the public for their support following the death of Her Majesty the Queen and the events that followed.

Operation London Bridge resulted in unprecedented policing activity, with Counter Terrorism Policing at the centre of it, providing protective security and monitoring the terrorist threat.

The period saw the largest ever single deployment of specialist armed officers from across the UK, as well as the largest ever deployment of Hostile Vehicle Mitigation assets.

During the mourning period following the Queen’s death, reports from the public about suspicious activity to Counter Terrorism Policing were double average reporting levels.

Jukes said: “It is difficult to put into words the scale of the policing operation over the last ten days, it has been nothing short of incredible.

“Some of our activity will have brought our officers and the public shoulder to shoulder, other elements they won’t have seen, but hopefully they have been reassured by what they have witnessed.” .

He also reached the final five in the leadership race to replace Boris Johnson and has been chairman of the Foreign Affairs Select Committee since 2017.

Tugendhat is a former Territorial Army officer who served in Iraq and Afghanistan and was critical of the withdrawal from Afghanistan in 2021.

Suella Braverman has also been reappointed as home secretary less than a week after her resignation following a data breach. In her resignation letter she said: “I have made a mistake; I accept responsibility; I resign.”

Ben Wallace also retains his role as defence secretary, a position which he has held since 2019. Wallace previously served in the Army in Germany, Cyprus, Belize and Northern Ireland.

Lafarge, a French cement maker, has pleaded guilty in America to supporting Islamic State and other terror groups.

The company will pay a $777.8m (£687.2m) penalty for making payments to keep a factory running in Syria after the war broke out in 2011.

This is the first time a company has pleaded guilty to aiding terrorists in the US.

Lafarge opened a plant in Jalabiya near the Turkish border in 2010. In 2011, they paid Islamic State and al Nusra Front to protect staff at the plant during the war.

TERRORISM TRIALS

Prosecutors said the company paid the equivalent of $5.92 million. The plant was evacuated in 2014, when Islamic State took control of the factory and the town. According to prosecutors, the deals helped the company make $70.3 million in sales.

Ethan Crumbley has pleaded guilty to 24 charges including terrorism, murder, attempted murder and weapons violations, following a shooting at a high school in Michigan last year that killed four students.

Seven others were injured in the shooting in November.

He is the first person in the US to be convicted of terrorism on state charges in the circumstances of a school shooting.

His parents, James and Jennifer Crumbley are also facing charges of involuntary manslaughter.

During the hearing, Ethan Crumbley said that he had asked his father to buy the gun for him. It had previously been described as an early Christmas present, but Ethan Crumbley claimed that he had given his father money for the gun, which was purchased four days before the shooting.

Crumbley admitted murdering Tate Myre, 16; Justin Shilling, 17; Madisyn Baldwin, 17; and Hana St. Juliana, 14, and injuring six other students and a teacher.

His parents were not in court, they are being held in Oakland County Jail.

During the hearing, it was revealed that he brought the gun and 50 rounds of ammunition into the school in his backpack. At around lunchtime, he loaded the gun in a restroom.

Sentencing will take place next year.

US Deputy Attorney General Lisa Monaco said on Tuesday that the company’s actions “reflect corporate crime that has reached a new low and a very dark place.”

“Business with terrorists cannot be business as usual.”

According to reports, Lafarge executives tried to make sure Islamic State did not use the name Lafarge on documents and personal emails were used instead of corporate ones.

Documents were also backdated to imply that negotiations with Islamic State had taken place before a UN resolution calling on member states to prohibit doing business with Islamic State.

Teenager becomes first person in US to be convicted of terrorism charges for a school shooting

TO READ MORE

Tom Tugendhat retains minister for security position in Sunak’s government French cement company pleads guilty in US to aiding terrorists

Government publishes Prevent Duty training guidance

The training courses are aimed at staff working in sectors covered by the Prevent Duty, including education, health, local authorities, police, prisons, probation and youth justice - though others are also able to take the training.

Learners should refer to their organisation’s training requirements to establish the appropriate courses.

The Home Office has published guidance on Prevent Duty training.

This includes training courses on the Prevent Duty, the threat from terrorism and extremism in the UK and how to support people vulnerable to radicalisation.

The training courses include

BALI BOMBING Ceremony marks 20th anniversary of Bali bombing

learning on the Prevent Duty, different forms of extremism and terrorism, the risk around radicalisation and your supportive role, making a Prevent referral that is informed and made with good intention and the interventions and support available.

EMERGENCY RESPONSE

Prevent is part of CONTEST, the government’s overall counterterrorism strategy. Prevent aims to tackle the causes of radicalisation and respond to the ideological challenge of terrorism, safeguard and support those most at risk of radicalisation through early intervention and enable those who have already engaged in terrorism to disengage and rehabilitate.

A ceremony has been held to mark the 20th anniversary of the Bali bombing, which happened on 12 October 2002.

Survivors and families and friends of the victims laid wreaths to mark the occasion.

202 people were killed when a car bomb exploded outside the Sari Club in the Kuta Beach area, alongside another attack at the Paddy’s Bar across the road.

The ceremony included peace prayers and the release of 20 birds.

Memorials also took place in Australia, where 88 of the victims came from. Prime minister Anthony Albanese said: “What they struck they could not defeat because what they struck at was the idea of us, the great fabric of dreams and ideals and compassion and fairness that make us who we are as Australians.”

Emergency services stage emergency response exercise at Sheffield Arena

Emergency services have held an exercise at Sheffield Arena to test their response to a large-scale emergency.

Those taking part in the exercise included South Yorkshire Police, the fire service, paramedics and Counter Terrorism Police.

Assistant Chief Constable David Hartley said: “We regularly test our plans for responding to a major incident or large scale emergency. This allows us to ensure we are as prepared as possible should such an incident occur.

“We have also been able to invite some national specialist resources along so they can test their plans to the different threats we may face. We take these exercises very seriously as this is as close as we can get to real life experience. They take months of planning and the support of more than 300 volunteers on this occasion, along with those working within the emergency services.

“The element of surprise for those involved is essential as it helps test their knowledge, training and experience so we can work out areas which we might need to improve. The learning which comes from such an exercise is shared across policing and our partner agencies with a view to continuous improvement of our approach.

“I know those in the area or passing through may be concerned about some of the noises they hear or the increased

presence of emergency services so I’m keen to reassure everyone that this is a pre-planned exercise. It is not in response to any specific threat and the UK terrorism threat level remains at substantial which means an attack is likely.”

Detective Superintendent Matt Davison, Regional Counter Terrorism Policing Lead for Protect and Prepare, added: “The threat from terrorism unfortunately remains very real. Whilst we work around the clock to deter, detect and disrupt terrorist activity, it is also vital that we continually develop our emergency response.

“Exercises such as this at Sheffield Arena are absolutely essential in helping us test our tactics and methods and to prepare officers and staff for the realities of major incidents that could happen in our communities. Today, specialist counter terrorism resources have worked alongside South Yorkshire Police, as well as other local agencies and organisations.

“By testing the full spectrum of the emergency response, there is greater opportunity for learning and ultimately improvement. This type of exercising - often with our blue light partners, local and national governmenthappens regularly, not just in South Yorkshire, but right across the UK.”

New teacher resources tackle subject of radicalisation

young people about extremism in different educational settings.

Session One features Micheal, who lost his older brother to religious extremism after he joined a terrorist group. It explores vulnerability and encourages young people to recognise how extremists exploit issues around identity for their own agenda, through group-led discussion and reflection.

content online is touching more and more of our students’ lives, and we can all play an important role in helping them build some resilience to the dangerous narratives they may come across.

“Our simple, ready to use resources will help you tackle these difficult issues head-on, and will give your pupils the skills and confidence to make decisions which will protect them from potential harm.”

A series of free educational activities and lessons for schools and youth centres designed to raise awareness of extremism, spark discussion, and promote critical thinking in young people, has been launched by Counter Terrorism Policing and charity LGfL - The National Grid for Learning.

LGfL’s Act Early Stories complement CTP’s ACTEarly campaign launched after worrying trends showed that record numbers of young people began showing up in their casework, indicating a clear need for teachers, parents, friends and family to do more to protect the young people in their care from extremism.

Based on three real-life stories of young people whose lives have been affected by radicalisation, the Act Early Stories resource includes powerful videos, ready to use session slides and guidance notes so that they can be used by experienced practitioners as well as those who may not have much knowledge of the issues raised.

The aim is to empower teachers and other practitioners to speak to

CYBER SECURITY

Session Two focuses on John, who was radicalised by the extreme right wing and includes a letter to his younger self. Students are encouraged to unpick the building blocks of extremism, to recognise the consequences of not challenging extremist behaviour and where to seek support and help.

Session Three features a dramabased video and literacy activity about the indicators of exploitation, to help students understand peer pressure and the grooming process. This provokes discussions around what extreme views are, the implications these can have, why some people are more likely to be influenced than others, why it may not always be easy to leave and how to seek support.

Commenting on the partnership and new resources, Mubina Asaria, Online Safeguarding Consultant, DigiSafe Team, LGfL - The National Grid for Learning, said, “Steering young people away from extremism is all about safeguarding. As educators we are all aware of the dangers that young people face from the online space in which they spend so much of their lives. The growth of extremist

UK to open cyber security centre

Superintendent Heather Wilson, Deputy National Coordinator for Prevent at Counter Terrorism Policing said, “Teachers, youth workers, and educational practitioners are absolutely vital when it comes to speaking to young people about radicalisation, and through this fantastic partnership we hope they will feel empowered to tackle these difficult conversations in the classroom.

“At Counter Terrorism Policing we are, sadly, continuing to see growing numbers of children and young people featuring in our casework - which makes innovative projects like this even more important.

“By sharing the stories of those directly affected by radicalisation we hope that young people learn that this can happen to anyone, and that there is help out there for people who need it.

“Working with partners such as LGfLThe National Grid for Learning creates opportunities to reach audiences who are most at risk, and hopefully helps us change lives for the better.”

Defence secretary Ben Wallace has announced a £50 million centre to support the training of cyber experts domestically and internationally.

The news came as British and American defence chiefs attended the Atlantic Future Forum in New York. The forum aims to advance defence, security, trading and economic

partnerships between the UK and US and look into boosting innovation, economic growth and resilience.

The Defence Cyber Academy will develop sovereign and international courses and develop the national cyber profession. The Academy will train defence personnel in cyber technology, strategy and operational preparedness.

As part of the National Cyber Strategy, the Academy will support the development of the national cyber profession. The Academy will increase the scope and volume of training and education and collaborate with global allies to adopt best-practice and provide international products and services.

Defence Secretary Ben Wallace said: “Defence co-operation between the United Kingdom and the United States is the broadest and deepest of any two countries in the world, and will continue to expand in the coming decades.

“The Defence Cyber Academy builds on that collaboration, defining closer integration and shared capability, helping us and our allies counter global cyber security threats, staying one step ahead and at the forefront of this cutting-edge military domain.”

Though it is not known when any form of Protect Duty will come into effect, early 2023 is the date that has been mentioned. And with the current situation in government, this may be pushed back. However, there are several things you can do now to prepare

PREPARING FOR PROTECT DUTY

In anticipation of Protect Duty, the Association of Event Venues (AEV) has provided some helpful information on how to prepare. The guidance points out that any Publicly Accessible Location (PAL), is a potential target. Therefore, it is important that owners and operators understand the risks and consider appropriate measures to mitigate the risks.

The AEV recommends that owners and operators work to understand the terrorist threat and recognise that this threat may vary over time, for example in regards to motivation or method of attack. It is also important to understand how the threat relates to your specific venue or organisation – this could be directly or indirectly due to proximity to a neighbouring site.

The AEV website is regularly updated with new information. The AEV Security Working group meets every month to review security issues and has shared thoughts and submitted a collective view in collaboration with the National Arenas Association (NAA) on the consultation. The group also runs Protect Duty Awareness Sessions.

Though Protect Duty has not yet been finalised, there are some things we can be likely to expect. It is likely that the Protect Duty will apply to three main areas. These include public venues with a capacity of 100 people or more, such as entertainment and sports venues, tourist attractions and shopping centres; large organisations such as retail chains that employ 250 or more staff and operate in PALs; and public spaces. Public spaces may include parks, beaches, town squares and pedestrianised areas. Therefore it is likely that your venue or location will be covered by Protect Duty and it is important to be prepared.

The first way to do this is to read up on Protect Duty and learn about it in advance. However, be careful to get this information from reliable sources. As Protect Duty hasn’t been finalised yet, no one knows what the finished product will look like. Be wary of those who claim to be experts. Also be cautious of anyone offering Protect Duty training courses or accreditations, as you cannot be sure they will be Protect Duty compliant when the legislation comes into force.

There are several places where information is already available. Action Counters Terrorism (ACT) E-Learning provides information on

how to respond to suspicious activity. The ProtectUK app has lots of guidance and is regularly updated. It provides advice on how to protect your organisation or venue and how to respond to an attack. It also sends real-time news and counterterrorism incident updates from UK Protect. The CPNI also provides guidance on Hostile Vehicle Mitigation (HVM) awareness and countering threats from Unmanned Aerial Systems (UAS)

As part of the Protect Duty, it is anticipated that owners and operators of public venues and large organisations will be expected to use information and guidance from the government and the police to consider terrorist threats and assess the potential impact of these risks.

It is important that staff are aware of and trained in threats, likely attack methods and how to respond, as well as how to identify hostile reconnaissance and what to do should they become aware of it. Information will be available on the links listed above, as well as likely on the official Protect Duty website, when available.

AEV recommends that you consider what can be done to make it harder for a terrorist to carry out an attack. This could include being aware of suspicious behaviour in the area such as loitering, taking photos or asking lots of questions. You should be securityminded in your communications, for example in event planning and on social media, do not share information that could be useful to a terrorist. In the workplace, encourage and enable a security culture, where the topic is commonly discussed and ensure that any concerns can be easily reported and staff know that they will be acted on.

Though it is not yet clear when Protect Duty will come into effect, there is lots you can do now to prepare. Lots of information is already available, though do check the reliability of the source. It is never too early to prepare and indeed, the sooner the better, as your venue and its visitors will benefit anyway. L

INFORMATION www.aev.org.uk/protect-duty

A COMPETENT PERSONS SCHEME FOR PROTECT DUTY

On 22nd May 2017, Salman Abedi entered a crowded place and detonated an improvised explosive device, killing himself and 22 others. The subsequent public inquiry has identified several errors, both in the emergency response, but also the processes and procedures surrounding the protection of crowded places.

In 2005, Admiral Lord West of Spithead led the review of Crowded Places within the UK to better understand the number of Crowded Places and also identify proportionate security measures to reduce the risk and improve upon existing emergency response plans. Through the Office for Security and Counter Terrorism (OSCT) within the Home Office, the National Counter Terrorism Office (NaCTSO) were tasked to lead the work. NaCTSO created a Crowded Places Risk Matrix which consisted of many filters to identify our most significant Crowded Places. Through the network of 276 Counter Terrorism

Security Advisers (CTSA), some 27,000 sites were assessed, with less than 2 per cent eventually being placed on the Home Office Crowded Places Risk Register. In total it took just over two years to complete the risk assessments and security reviews of these 500 sites using the CTSA network.

The Manchester Arena inquiry has redefined Crowded Places as Publicly Accessible Locations (PALs). Whilst the inquiry has been running, Figen Murray OBE, mother of Martyn Hett, who was killed in the Manchester attack, has tirelessly campaigned for improved security and driven what was referred to as Martyn’s Law. Martyn’s Law is now, in effect, Protect Duty. This new security duty is due to be enacted in spring/summer 2023 before the end of the parliamentary session.

As a result of Protect Duty, the Home Office estimates that some 650,000 venues will fall under the new duty. Whilst we do not know for sure what the Duty will entail, it is highly likely to include a comprehensive E



Counter Terrorism Risk Assessment, Emergency Response Plans, Security Reviews, and staff training. Also, the responsibility for security and liability will sit at senior levels within organisations that fall under the Duty.

There are no longer 276 CTSAs across the UK and even if more were recruited, it’s a two-year training program. Furthermore, if it took two years to complete 500 sites, how long would it take them to complete 650,000? The CTSAs cannot deliver Protect Duty on their own.

So, who can deliver the requirements of the new Protect Duty. A CT Risk Assessment requires the assessor to not only understand and determine the risk but also to identify the proportionate security measures that will reduce the risk and protect people. It should also follow the international ISO31000 standard. The threat level in the UK is Substantial, and that applies to the UK as a whole, it is not site specific. So you also must know the types of threats, the capabilities and the intentions of the attacker/s. Are you competent enough to complete the assessment and protect your colleagues and/or customers?

A Competent Persons Scheme is currently being drafted by the Home Office along with NaCTSO with a time frame of two years to define and roll out the scheme. There have been many rumours within the security industry as to what qualifies someone to be deemed ‘Competent’, a five-day SIA Security Consultants course has been looked at, as has a three-week course led by the Security Service, identifying someone within the organisation and utilising the private security industry. All options are open at the moment.

To date, we simply do not know what the scheme will look like. NaCTSO are pulling together a working group, which includes the security industry, but even this group has not yet been established or confirmed. But is that enough? Some insurers have stated that they will determine if the person who completed the risk assessment is indeed a Competent Person during any subsequent claim.

The Competent Person will also be legally liable for the advice and work they deliver. As a qualified and experienced security consultant, I am required by clients to have liability cover in excess of £10 million. Who would volunteer to be the Competent Person in your business? CTSAs have already been told they will no longer be covered by their police force’s insurance and will personally be liable for the advice they give.

One key deliverable that will be very difficult to achieve is that of consistency with regards to the risk assessments completed by the

Competent Person. 72 per cent of respondents to the inquiry requested a Risk Assessment template, NaCTSO issued a one-page form and guidance on their website. But if the Competent Persons Scheme states that someone within the organisation can be deemed ‘Competent’, do they have the knowledge to undertake the risk assessment? Would a vicar know how to reduce the risk from a Vehicle as a Weapon attack, would he even know all the forms of threats and how attacks could manifest? Would a head teacher know what Hostile Vehicle Mitigation is, let alone what the standard for installation is? Would a supermarket manager know how to write a Dynamic Lockdown procedure?

If you are a supermarket chain with 600 stores, how do you ensure consistency across all risk assessments?

A fear for many is that the Competent Persons Scheme will be watered down and lose the impact it could have by allowing non-qualified people to be

deemed as competent. Would you let a non-Corgi registered gas engineer service your boiler? Of course not. Why would you then allow a non-qualified person to advise you on security that protects you, your colleagues, and customers from a terrorist attack?

The Competent Persons Scheme will be decisive that’s for sure, the security industry is not trying to upsell and profiteer from the Protect Duty, no, but we are passionate about our industry and keeping people safe. Let’s not forget that whilst 22 people died at Manchester Arena, some 1,017 were injured, many with life changing injuries and long-term mental health issues from surviving the trauma of a terrorist attack. Are you competent to reduce the impact of the next attack on a Publicly Accessible Location? L

COMPETENT PERSONS SCHEME IS CURRENTLY BEING DRAFTED BY THE HOME OFFICE ALONG WITH NACTSO

On 18th October, CTB365’s webinar on the Protect Duty, Building resilience for PALs took place, chaired by Philip Ingram, with a keynote speech by Figen Murray, followed by two panel discussions

BUILDING RESILIENCE FOR PALS

With the key appointments of Suella Braverman as Home Secretary and Tom Tugendhat as Minister for Security, in Liz Truss’s government, it was hoped that the conversations about getting the Protect Duty enshrined into UK Law would resume expeditiously. Indeed, the new security minister took the opportunity to demonstrate his support at the International Security Expo at Olympia London, at the end of September, where he also met with

Figen Murray. There’s been a bit of political turmoil since then and we do now have a new prime minister, though both Braverman and Tugendhat are back in their roles. In the background, both public and private sector organisations are gearing up their preparations for when the Protect Duty comes into being. One of the key aspects for organisations in this, is the capacity classification of Publicly Accessible Locations (PALs) - “A Publicly Accessible Location

is defined as any place to which the public or any section of the public has access, on payment or otherwise, as of right or by virtue of express or implied permission.” – and alongside that the understanding of the associated risks, threat mitigation and most effective responses available in order to build resilience and to protect the public from the threat of a terrorist attack.

Risk assessment needs to be as dynamic as possible, to deal with the complexity and variety of risks for each specific location/situation/event. Among the multitude of tools available, what role does AI have in being able to augment our understanding of possible scenarios, by providing us with more sophisticated information and modelling scenarios to best protect people, places and assets?

KEYNOTE

The webinar began with a keynote address by Figen Murray who explained her reasons for campaigning for a Protect Duty.

This was followed by a short talk by David James-Roll, director at Dataminr, a sponsor of the event. He talked about the value of real-time alerting.

EXPERT PANELS

The first expert panel featured Figen Murray and David JamesRoll, as well as Nick Aldworth from Risk2Resolution and Travis Frain from UK Counter Terrorism Youth Advisory Group. One of the key themes of this discussion was the importance

of awareness and education and it was stressed that this needs to and can be lost-cost and/or free.

They answered questions on topics such as how to educate young people, how to get the right information to the right people, whether the security industry has enough information to prepare for Protect Duty and reputational damage. They also discussed the importance of intelligence, being wary of those who claim to be Protect Duty experts and how to manage and oversee security professionals responsible for the implementation of the Protect Duty.

Mark Susca, senior risk consultant at Pool Re, another of the webinar’s sponsors then delivered another short talk.

This was then followed by a second expert panel featuring

Mark Susca, Karin Castro, security advisor at the Danish Institute for Fire and Security Technology, Barry Palmer, head of safety and security at Tate Galleries and Chris Stevens, director of SIDOS UK.

This was another engaging session covering the rail industry, how terrorism risk management can be integrated into day-to-day working and the idea that “the carrot is better than the stick”.

Throughout the whole webinar, there was a lively and engaged discussion in the chat box with viewers and panellists sharing ideas and asking and answering questions. L

FURTHER INFORMATION https://365.counterterrorbusiness.com/

BEE THE DIFFERENCE

Afew years ago, I would never have been able to picture myself speaking to thousands of people at the UN Headquarters in New York. It’s not the sort of thing young people from a small town in Lancashire are given the opportunity to do. At 13, my entire life changed when I survived the Manchester Arena attack and this is what I spoke about at the UN. Back in August this year, myself and eight other young survivors of the 2017 Manchester Arena Terror attack launched a research project called Bee The Difference, which advocates for an improved support system for future young survivors of terrorism. It’s a survey we designed with help from Dr Cath Hill, a lecturer in social work at Lancaster University, and the team at the National Emergencies Trust. It’s open to all young people affected by the Arena Attack who were under 18 at the time and aims to find out what support young people have received since the attack and how helpful (or not!) this has been.

It’s a very unique project so its launch in August attracted a lot of media attention, which has been brilliant for raising awareness of the survey among young Manchester survivors. It also caught the eye of those planning the UN Global Congress of Victims of Terrorism in September - and before we knew it, we were on a plane bound for New York.

I was invited to speak on a panel representing the views and needs of young people affected by terror. I was pretty nervous about what I was going to say or how this might come across to an international audience. But I decided to tell my personal story because I think this best brings to life why a project like Bee The Difference is needed - and how all different parts of society can play a role in ensuring that young people affected by terrorism in the future get the best care possible.

I was just 13 years old when the attack happened. It was my first time going to a concert with my friend without the

supervision of our parents, who were waiting for us that night in the foyer where the bomb went off. Before the attack I was an innocent child, like so many others that night. I was sheltered and naive. I would never have believed that something on such an unprecedented scale would happen to me and my family. The attack ripped away that veil of childish naivety. It was like my childhood essentially ended on that night.

I think it’s important to understand that a child’s response to trauma is different from an adult’s. A child doesn’t have the emotional maturity of an adult and may have a very difficult time comprehending what has happened to them. In my case, I was suddenly face to face with the kind of evil that I vaguely knew existed on the news and in films. I never thought it would become my reality. I didn’t fully understand it - and I needed support from the people and institutions around me to help me to process what had happened and move forward.

School is a really important place for this processing. But my experience after the attack was not a very positive one. I felt very invalidated by my high school as they did not recognise what had happened to me and several other victims in my school, who were aged around 12 or 13 at the time. They did not listen to us or give us any beneficial immediate mental health support. As a child, I didn’t realise how wrong this was. Only nine months after the bombing, the school carried out an unannounced bomb drill, which set many of us months and months back in our recovery. I remember seeing school as an antagonistic force and feeling that they didn’t really care what had happened to us.

A child needs emotional support that is stable, secure and consistent. In my opinion, the school needs to be on the child’s side, and they need to safeguard the child, and acknowledge what has happened to them. The last thing a young person needs after experiencing major trauma is feeling as if their wellbeing and needs don’t matter. For me, school support was even more important because my mother was also caught up in the attack and experienced shock. She was standing in the foyer, but she was lucky; the only physical injury she came away with was deafness in one ear. Nevertheless, her mental injuries meant she couldn’t support me until she got support herself.

School should be a safe space, external to home life, where children aren’t judged by their experience or alienated by it. It is where their emotions should be listened to and supported. It should be a kind place that can educate children affected by terror that life isn’t all evil and

reassure them that they have the ability to be reintroduced back into “real” life. For example, I think there should be counsellors, maybe therapists, teaching children how to access the safe space in their minds as well as in real life. And importantly, educating the child that what has happened to them isn’t their fault.

I have personally found support from other survivors incredibly helpful. It’s where I have felt most validated and least alone. As part of the Manchester Survivors Choir, I went to an Ed Sheeran concert which was the first concert I attended since the attack. The experience taught me normality and I think it is important to teach a child what it should have been like; what a concert should have felt like. Although the memory of the attack will always be permanently tattooed in my mind, that positive new experience meant I could reimagine the past and transform it into a good memory, knowing what it’s like to leave a concert feeling safe. It provided us all with hope. I got this same warm feeling again on our trip to New York when we attended the 9/11 memorial event and met survivors of that attack. We had never met each other before - but somehow, we feel like family. We can help each other through.

I feel hope too when I think about the Bee The Difference survey and what it might help to achieve for other young people like me. Those of us helping to lead it want to make sure that other

young survivors have a voice to share their experiences. As I said at the UN, we are advocating for a holistic support system, without disparities, so that no other child in the future will feel the invalidation that I once felt and many others did - and will get the best care at every step. Whoever they are. It’s a really short survey to fill in, but it could make a huge difference to others, so we hope that as many young people as possible will take part.

Next to my name in the UN congress outline, I was described as a ‘survivor of terrorism’ but that is what and not who I am. Children and young people like me are still learning about the world and where they belong in it. When something devastating happens to them they need to be offered a helpful road to recovery. Therapy, having access to a safe space and crucially being listened to by institutions. Through Bee The Difference we are listening to young survivors’ needs today - and in the future we will make sure that they are listened to, and supported, when it really matters. L

FURTHER INFORMATION

To find out more about the survey and to take part, please visit the National Emergencies Trust’s website: https://national emergenciestrust.org.uk/ beethedifference/

I THINK IT’S IMPORTANT TO UNDERSTAND THAT A CHILD’S RESPONSE TO TRAUMA IS DIFFERENT FROM AN ADULT’S

PROTECTING THE BERLIN CHRISTMAS MARKET ATTACK SITE

Barely five years after the despicable attack on the Berlin Christmas market in 2016, another rampage occurred in June 2022, only a few metres away from the first attack site. This makes the German capital, after London, the second Western city to have suffered two vehicle ram attacks at almost the same location. This article is intended to give a brief summary of the two incidents and to show what measures have been taken in the meantime to protect the public there from further attacks.

A golden zigzag line made of brass is embedded in the pavement of the busy Breitscheidplatz. This line was created as a memorial in remembrance of the terrorist Vehicle as Weapon (VAW) attack that took place here on 19 December 2016, killing 13 people and seriously injuring another 67. At the time, an Islamist rammed a stolen 40-tonne articulated lorry into the packed Christmas market. The gold-coloured monument that is now embedded in the ground of Breitscheidplatz

not only commemorates the victims of the attack, but also stands for the mental rift that has been running through German society since the attack. It symbolises a turning point in the threat of terrorism in Germany. Unlike in the UK, the US and France, a terrorist attack on soft targets carried out by a heavy lorry had not been seen in Germany until December 2016. It was only afterwards, however, that attacks using this modus operandi began to accumulate on a significant scale.

The latest Vehicle Ram attack took place on 8 June 2022, in the immediate vicinity of the symbolic Breitscheidplatz. Here, the perpetrator drove his car onto the pavement of the neighbouring Tauentzien Street in order to deliberately drive into the pupils of a school class and then ran over passers-by. In doing so, the perpetrator even manoeuvred in reverse gear in order to hit even more people. At the end of his drive, he tried to run over tourists sitting in a street café and finally drove into a E

 perfumery, where his vehicle then got stuck. The perpetrator killed a teacher and injured 32 other people. However, the second crime scene was not yet part of the Breitscheidplatz Hostile Vehicle Mitigation (HVM) Scheme, which is why the protective measures set up at Breitscheidplatz could not have any effect here.

Both attacks have in common that they killed and injured unprotected pedestrians in Publicly Accessible Locations (PAL).

However, they differ significantly in the way they were carried out, because while the Islamist attacker of 2016 drove his lorry at high speed

and in a straight line into a densely packed group of people enjoying themselves at the Christmas market, the perpetrator of 2022, however, first drove slowly onto the pavement of the attack site and then zigzagged in a very targeted manner to run over his victims.

But why are more and more perpetrators using vehicles as weapons? Terrorist organisations have answered this question themselves by calling ramming vehicles the “ultimate mowing machine” (The Ultimate Mowing Machine. (2010, 10). Inspire Magazine (02), pp. 53-54.).

The reasons for this are both obvious and pragmatic from the perpetrators’

point of view, because the use of a vehicle as a weapon unfortunately causes a large number of victims, but requires neither special planning nor competence, nor does it carry the risk of being discovered early by the security authorities. Added to this is the incredible momentum and penetrating power of vehicles. Truly effective measures against VAWattacks are therefore reliable, physical barriers serving as the “last line of defence” against the immense force of the approaching vehicle. It should be noted, however, that the approach to protecting soft targets/PALs from ram attacks differs significantly from that of protecting hard targets/buildings and infrastructure. This is because while penetration of the vehicles is in the foreground for hard target protection in order to bring Vehicle Born Improvised Explosive Devices into the target, the consideration of lethal dispersion, however, is the

THE USE OF A VEHICLE AS A WEAPON UNFORTUNATELY CAUSES A LARGE NUMBER OF VICTIMS, BUT REQUIRES NEITHER SPECIAL PLANNING NOR COMPETENCE

main parameter for the protection of people at soft targets on PALs. My task as Hostile Vehicle Mitigation Advisor (HVMA) and planner of the security measures at Berlin’s Breitscheidplatz was therefore to develop, together with the Berlin police, several standard-compliant HVM Schemes in accordance with the relevant ISO IWA 14, which not only protect the people there from intruding vehicles, but in particular also keep out deadly dispersion that is being caused when a vehicle crashes into a vehicle security barrier (VSB). This task was not easy to accomplish, especially considering that the location of Breidscheidplatz allows heavy goods vehicles to approach at a tremendous impact energy of up to 7,400kJ (Equals a PAS68 or ISO IWA 14 Performance Rating of V/30000[N3G]/80/90).

Furthermore, the special architecture of Breitscheidplatz had to be taken into account, which should not be

disturbed by the appearance of the VSBs later on. In addition, the existing underground tunnels and diverse underground facilities had to be taken into account in the planning.

Furthermore, future issues of climate change, urbanisation and the traffic turnaround also played a decisive role in the conceptual design of the HVM-Scheme.

Here follows a brief summary of the project parameters for “Berlin Breitscheidplatz”; the task was to lockout the hostiles without locking-in the public; the location is a memorial of national importance and a worldrenowned symbol for Germany; the location is insular in between two sixlane main roads, with two particular attack boosting approach routes and a large number of stakeholders are involved. Furthermore, there are 4 HVM schemes (temporary, semi-permanent, permanent), more than 40 potential trajectories and more than 1,200 vehicle dynamics assessments (VDA). The potential kinetic impact energy is up to 7,400 kJ. Finally, the HVM scheme and subsequent application shall be fully compliant with ISO IWA 14 and all VSBs used shall be ISO IWA 14-1 / PAS68 crash test approved.

IMPLEMENTATION

With a timespan of several years and implementation in different construction phases, we have developed a total of four special schemes to protect the Breitscheidplatz site against Vehicle Ram Attacks by means of portable and stationary barriers. Each of these schemes has a slightly different task. The first scheme uses portable high-performance barriers to protect different areas of Breitscheidplatz quickly and flexibly. Later, these will be gradually replaced by stationary barriers. Finally, a concept of stationary perimeter barriers and upstream portable barriers provides the highest level of protection for very special situations and occasions.

LEARNINGS

Several learnings resulted from the process. The application of ISO IWA 14-2 was an excellent guide to lead through the HVM planning and application process (ISO IWA 14-2 will soon be superseded by its successor norm ISO 22343-2.) The CPNI’s “Catalogue of Impact Tested

Vehicle Security Barriers” provided the decisive and impartial overview of suitable VSBs. It was found that early focus on certain types of barriers without having carried out the appropriate VDAs beforehand will lead to poor decisions, and impartial project management is essential to facilitate interdependent HVM tasks. It was also learnt that dispersion is most important when protecting PALs but is often underestimated and that portable barriers and deflecting measures significantly reduce dispersion. Finally, early PR for temporary measures is important to gain positive public opinion and visible HVM measures have a positive impact on public perception of security (SchipperKruse, D. (2020). Wahrnehmung von Zufahrtsschutzmaßnahmen und erkennbare Effekte auf das Sicherheitsempfinden. Berlin: Berlin School of Economics and Law.).

Summing up the Berlin Breitscheidplatz HVM, one can say the project has generated positive feedback and great public interest not only in Berlin itself but in other German-speaking countries too. Since then, many other projects have benefited from the learnings gained and thus have contributed to the public security. L

ABOUT THE AUTHOR Driven by the terrible Vehicle Ram Attacks of Nice and Berlin, Christian Schneider founded the INIBSP “Initiative Breitscheidplatz” in 2017 as a non-profit expert forum aiming to provide relevant HVM know-how to decision makers in Germany. Since then, his enterprise has developed into the leading consultancy on the topic in German-speaking countries. Together with international experts and local authorities, he developed and implemented numerous HVM schemes for the protection of entire city centres, airports, critical infrastructures, stadiums and public spaces. Schneider also is member of HVM standards and norms committees, and author of multiple articles on the topic of HVM.

https://inibsp.de/

IT WAS FOUND THAT EARLY FOCUS ON CERTAIN TYPES OF BARRIERS WITHOUT HAVING CARRIED OUT THE APPROPRIATE VDAS BEFOREHAND WILL LEAD TO POOR DECISIONS, AND IMPARTIAL PROJECT MANAGEMENT IS ESSENTIAL TO FACILITATE INTERDEPENDENT HVM TASKS

With the Men’s Football World Cup coming up in less than a month, David Stewart takes a look at some of the security challenges faced by the organisers and those responsible for making sure it is a success

SECURITY AT A UNIQUE WORLD CUP

Next month will see what is undoubtedly the most controversial FIFA World Cup ever. Back in 2010 when the announcement was made that the 2022 event would be held in the tiny Gulf State of Qatar, there was uproar from sections of the English press and media.

Undoubtedly, the decision from FIFA was unusual as Qatar is not a country with a football pedigree, either internationally or domestically. At that time it had only a single suitable stadium, meaning that at least seven new stadia would need to be constructed.

And then there was the timing of the event. World Cups are always held in June/July to avoid clashes with domestic (and other UEFA/FIFA) competitions but, because of the climate in Qatar this would not be possible and so we have the first ever World Cup to be played in the winter, resulting in the rescheduling of football fixtures worldwide.

From a Qatari perspective, they have the kudos of becoming the first Arab country to ever host the World Cup – a

significant achievement for a county with an indigenous population of only 300,000 with the remainder of the resident population being foreign workers. There has also been much focus in the press about the welfare of those workers with repeated suggestions of poor treatment and human rights abuses – all of which have been countered strongly by the Qatari government. In addition, the fact that homosexuality is against the law in Qatar, has brought calls from LGBTQ activists for the tournament to be held elsewhere.

LOW CRIMINALITY AND TERRORISM

Notwithstanding debate around individual rights, there is no debate about the fact that Qatar is a nation that enjoys low levels of criminality and terrorism. The Global Peace Index, which considers such criteria as the level of Societal Safety and Security, the extent of Ongoing Domestic and International Conflict and the degree of Militarisation, and the Global E



Terrorism Index see Qatar scoring significantly better than western nations, including the UK and USA.

In fact, the last recorded terror attack on Qatari soil was 2005 when a car bomb exploded outside a theatre in Doha killing a British citizen and wounding 12 other people. The culprit was identified as an Egyptian citizen who had lived in Qatar for 15 years with the motive being the 2003 invasion of Iraq by western forces. Since then, there have been no terror attacks in Qatar and the country has actually played a pivotal role in supporting allied forces in hosting negotiations between the USA and the Taliban in Doha.

SECURITY PLANNING

However, all of this is in the context of ‘normal’ day-to-day life in Qatar and with the eyes of the world truly upon it next month, there is no doubt that the threat level will be significantly increased. Security planning for each of the competition venues, including stadia, training venues, team hotels etc. will all be based on the usual security principles and therefore really should only change with any increased threat. The biggest challenge will likely be outside of the individual venues and in the public domain of Doha itself. Usually a World Cup event would be spread over geographically remote cities within a country (or countries) and so there would be a limit placed on the number of fans from different teams being co-located. This would normally mean the security operation would need to plan for there being

perhaps two, three or four (at most) different nationalities of supporters in any one city. Qatar 2022 however will see fans of no fewer than 32 teams all in relatively close proximity. The furthest distance between the eight stadia is only 55km (34 miles) about the same distance as between Sunderland and Middlesbrough.

1.5 MILLION VISITORS

Organisers estimate that Qatar will see over 1.5 million visitors during the period of the tournament. Accommodation will include hotels, short-term lets of private homes, tented villages (desert camps are a traditional Qatari custom during their winter months) and cruise ships berthed along the coast. In addition, neighbouring countries, such as the UAE, are now selling hotel and flight packages with plans to fly spectators in and out on a daily basis, greatly increasing pressure on air travel and Hamad International Airport. All of these factors place significant demands on security providers and present their own challenges. Plans are in place to try and encourage fans to remain within fan zones that will be established for them, with entertainment and refreshments available. However, the close proximity of stadia, fan zones and accommodation to each other, and to Doha will undoubtedly lead to the mingling of a multiplicity of nationalities of football fans in Doha itself. While private security will be heavily involved at venue level, the public

domain element will all fall on the authorities, and this will result in challenges for policing and intelligence services. Despite numerous test events over recent years (albeit adversely affected by Covid), added to significant investment in training of police officers, there is little experience in Qatar of the operational policing of such events (and such a fan profile). As with all these international events, there will be an international policing ‘Fusion Centre’ allowing coordination from a public order/fan policing perspective, as well as an Event Intelligence Centre where information will be shared from the international intelligence community regarding more heinous potential crimes.

OUTSIDE HELP

However, even police forces with significant experience in major event policing can be challenged during such events (as evidenced by the Metropolitan Police at the 2021 European Football Championship final at Wembley Stadium) and therefore, it comes as no surprise to see that Qatar has agreed to receive operational support from other countries with significant experience.

It has been reported that Turkey will provide some 3000 ‘riot police’, 40 ‘security advisors’ and search dogs to support their Qatari colleagues. This will obviously need to be managed carefully by Qatar – they will need to overcome language differences (Arabic is only spoken by 1 per cent of the population of Turkey) as well as cultural differences and, more importantly, operational policing differences.

In addition to this, open-source research (all of the following points have been reported in the Doha News – over the past 12 months) also highlights the following headlines; “Morocco to deploy cyber

security experts to Doha, as well as ‘thousands’ of police officers”; France providing a BASSALT anti-drone system that helps detect and identify incoming drones and one of its Air Force’s four E-3F Airborne Warning and Control System (AWACS), which can track hundreds of targets; The UK support will include maritime security from the Royal Navy, and advanced venue search training. The RAF will join forces with the Qatari Emiri Air Force and a joint squadron of Typhoon fighter jets will be used to secure air space; The US Department of Homeland Security (DHS) signed collaborative partnership with the Ministry of Interior of the State of Qatar (MOI) to identify air passengers linked to terrorism, trafficking, detecting watch-listed travellers, and monitoring potential security risks at Hamad International Airport. The US Transportation and Security Administration (TSA) will also provide support for screening, baggage inspection, insider risk management, and other security-related priorities; NATO confirmed it will help Qatar with security measures including training against threats posed by Chemical, Biological, Radiological and Nuclear (CBRN) materials, which will be delivered by Slovakia and NATO’s Joint CBRN Defence Centre of Excellence in the Czech Republic. Turkey subsequently announced that it would also be providing CBRN support to Qatar; Jordan is recruiting former military security experts to be deployed in security roles at the tournament; Switzerland has provided air defence systems, purchased at a cost of $162 million to Qatar; South Korea are providing a number of counter-terrorism police resources; Pakistan is in discussion with Qatar about making troops available to support the security operation.

Most of the threats facing the organisers will be exactly the same as for any major sporting event held anywhere in the world; fan violence, terrorism and criminality (including ticket-touting, fake merchandise, pickpocketing, people trafficking etc.). However, the laws and culture in Qatar, particularly around LGBTQ and human rights issues will also bring the potential for challenges, demonstrations and protests from visiting fans.

ALCOHOL Alcohol consumption will undoubtedly present a challenge. It has already been announced (despite the fact that main tournament sponsors include those producing alcoholic products) that no alcohol will be permitted inside the stadium bowl, which is a significant departure from normal World Cup and FIFA protocols. Alcohol will be

available at the various Fan Zones that are being established, including those inside the stadia cartilage, but those fans partaking will still need to be aware of the fact that being drunk in public remains technically illegal. This fact has recently been reinforced by the UK Foreign Commonwealth and Development Office (FCDO) in guidance aimed at fans of the English and Welsh teams. The Qatari government has announced a more liberal approach, with the suggestion of training and guidance for police to deal with such issues in a more western context however, there is no doubt that that will be a challenge for the officers of the MOI and we will undoubtedly see any adverse reaction being widely publicised (and criticised) internationally.

The hosts remain hopeful for a trouble-free event with the Foreign Minister of Qatar quoted as saying that the fan experience being delivered in Qatar would ensure that visiting fans focussed on the positives and would act peacefully (Channel News Asia).

There is every possibility that the World Cup will run without a hitch, without violence or disorder and the last thing that Qatar would want to see is any adverse event that affects its reputation. There has certainly been significant investment in the security operation, which is probably more complex and comprehensive than any other World Cup has seen and time will tell whether the optimism of the Qatari government is well-founded. L

PREVIEW

ANTICIPATION FOR PERIMETER PROTECTION 2023

Anticipation is already strong for the next Perimeter Protection, scheduled for 17-19 January 2023.

In 2022, the decision was taken, on account of the pandemic, and in close consultation with exhibitors and partner entities Gütegemeinschaft Metallzauntechnik (Metal Fence Technology Association), Verband für Sicherheitstechnik (German Association for Security Technology, VfS) and UAV DACH (German-speaking Association for Unmanned Aircraft), to defer Perimeter Protection for a year. Plans are now in full swing for the event in January 2023, and 90 per cent of the exhibition area is already booked.

The mood in the sector is excellent, says Hanna Schneider, manager of Perimeter Protection at NürnbergMesse.

“Everyone is looking forward to Perimeter Protection in January 2023. It’s a pity we had to postpone the exhibition in 2022, but the anticipation and the focus on next January are so much greater now. We’re right in the middle of the planning process and are busy arranging the last stand areas. Currently we have almost 130 exhibitors, with a strong international contingent. In addition, nine exhibitors have already registered for the special U.T.SEC exhibition area.”

Trade visitors can look forward to an event that reflects the entire range of products

and services for mechanical, electric and electronic security solutions. Rounding out the exhibition is the integration of the U.T.SEC platform, which focuses on the technical, legal and practical opportunities available for the use of drones and other unmanned technologies, and for defence against such systems.

Perimeter Protection 2023 will once again offer an accompanying Trade Forum with high-calibre speakers, presenting practical solutions and offering participants plenty of opportunities for professional knowledge-sharing and discussions with experts for the three days of the event. The themes of perimeter protection, fencing and building security and unmanned technologies are a firm part of the programme, which is being organized in partnership with the VfS (German Association for Security Technology), UAV DACH (German-speaking Association for Unmanned Aircraft) and CURPAS (Civil Use of Remotely Piloted Aircraft Systems). The presentations will focus on innovative approaches and novel solutions, and will tackle topics of current interest. The Trade Forum will also offer businesses and institutions an opportunity to present their subject-area expertise and products and services to the exhibition and lecture visitors.

The following forum highlights have already been confirmed: The smart gate as part of your security concept; the latest on the standards for doors and gates; status and outlook; drones: Improve your security concept with dynamic systems; and drone detection: Key outcomes from a field test.

Because Perimeter Protection will move to the new Halls 1 and 2 in 2023, the supporting programme will also relocate to NCC Mitte.

COLLABORATION ONCE AGAIN WITH NUREMBERG SECURITY CONFERENCE

Perimeter Protection in 2023 will once again include collaboration with the Nuremberg Security Conference. This event, organized by the private security industry, is aimed at business operators and all others with an interest in the theme of security who would like to achieve something either privately or for the industry as a whole. Numerous presentations will cover security topics of current interest. A number of interesting exhibitors from the security sector will round out the event.

REASONS TO VISIT

Perimeter Protection is the only exhibition that presents the latest technologies and developments in electronic and mechanical products and systems for site protection and building security in compact form at one place. Here are 5 good reasons why it pays to visit this highly specialized exhibition in Nuremberg from 17-19 January 2023.

1. Concentration on the growing Perimeter Protection market Perimeter Protection is the only exhibition that concentrates on the segments of site protection, fencing systems and building security.

Architects, security officers and buyers from industry, official agencies, local authorities, building services planners and installers of building security systems meet here for a highly professional exchange of ideas in a friendly atmosphere. You too should update on the new products in 2023 in one of the security sector’s most important growth segments.

2. Practice-orientated exhibition concept

Perimeter Protection was designed in cooperation with leading security associations, such as the Verband für Sicherheitstechnik and the Gütegemeinschaft Metallzauntechnik e.V. This means the product spectrum and supporting programme are tailored 100 per cent to the needs of the security sector. Make sure you don’t miss this important gathering of the sector!

3. Trend exhibition with a fantastic start

The figures for the last event show that the sector has been

waiting for an exhibition devoted exclusively to “active and passive site protection”. The sixth edition of Perimeter Protection in 2020 closed with above-average figures. 97 per cent of the visitors were satisfied with the event. So enter the date of your visit in your diary now!

4. Focus on integrated solutions The need for security and thus investment in alarm systems, video surveillance, access controls, locking systems and fencing systems is growing all over the world. At Perimeter Protection in Nuremberg, architects, buyers, security officers, installers and building services planners obtain a uniquely concentrated market overview of integrated solutions for building security, especially solutions that intelligently combine fencing systems and electronics. Visit Perimeter Protection – the compact trade fair for information in one place!

5. The perfect stage for dialogue and new contacts You can be sure of making interesting new contacts at Perimeter Protection, because it is the perfect place for intensive communication inside and outside the exhibition areas. The specialist forum offers ample opportunities for exchanging views and the open and friendly atmosphere is ideal for preparing the ground for valuable new business relationships. L

If you want to stay up to date before, during and after the trade fair and network with the NürnbergMesse team, you’ll find the event on social media: #perimeterprotection

THE TRUSTED PARTNER IN ANTI-TERRORISM SOLUTIONS

Ensuring sites and areas are impassable to intruders through effective physical security is a cornerstone of counter-terrorism strategy.

As the UK’s largest manufacturer and supplier of rigid mesh fencing and security gates, CLD Physical Security Systems provides innovative and trusted solutions that deliver best-in-class anti-terrorism perimeter protection for both temporary and permanent use.

Products are available for every situation, including high security fencing and access control, as well as hostile vehicle mitigation, together with innovative temporary solutions for protecting sensitive construction sites and crowded spaces at public events.

CLD Physical Security Systems is widely regarded in the security community as providing the gold standard for high security sites - with systems accredited in the Secured By Design Recognised Products for Counter Terrorism list and approved for use in Critical Infrastructure by the CPNI.

With an extensive track record operating in some of the most demanding environments, the business has the knowledge and insight to help security personnel and procurement professionals navigate complex, rapidly changing situations, which can present a variety of challenges to the protection of personnel and facilities.

The company’s expertise in temporary solutions is also called upon to help organisations manage the requirements of Protecting Crowded Places, where those responsible for publicly accessible locations should take appropriate and proportionate measures to protect the public from attacks.

THE ANTI-TERRORISM EXPERTS

With a reputation largely based on word-of-mouth recommendations, CLD Physical Security Systems’ experts offer guidance to the best possible security fencing and gate systems, bringing international experience, backed up by local level intelligence and service delivery on the ground that is second to none.

CLD’s dedicated, in-house team includes security experts, research and development specialists, CAD Designers, Structural Engineers, technical representatives and manufacturing professionals, with the vision and insight to constantly deliver the innovative solutions clients need.

With many decades of combined experience, this dynamic team offers a 360-degree view of clients’ requirements, combined with defined processes, procedures and efficiencies in place to deliver a world-leading offer that ensures the company retains its position at the forefront of industry.

CLD Physical Security Systems’ customers value the company’s discreet, confidential and considered advice.

And, as trusted advisors, CLD’s expert team know a project has to be right first time.

A REPUTATION BUILT ON HERITAGE

Established almost 50 years ago, CLD Physical Security Systems is now the UK’s largest manufacturer

CLD Physical Security Systems talks about their anti-terrorism solutions including fencing and gate systems for areas such as construction sites and crowded spaces at public events

and supplier of rigid mesh fencing systems and security gates.

Decades later its values still remain the same, namely to provide the very best in quality products, backed-up with outstanding customer service.

The company is proud of its British heritage and its worldrenowned, globally recognised position in the world of security. Since its formation the business has been run by the Wells family, with its headquarters in Cheshire in the north of England.

Its first security project started in Crewe, in Cheshire, home to one of the UK’s largest rail networks, where it was tasked with offering a protective solution for the rail service.

Today, that fencing remains intact – and the high levels of service delivery, knowledge on the ground and exceptional products used in the project remain at the heart of the business philosophy.

This approach that has led to sustained growth across the business. Over the years, CLD Physical Security Systems has gained recognition internationally for its pioneering approach, with its first works abroad in South Africa, where the company was tasked with protecting precious stone mines and other sites where security was paramount, Its heritage and future are built on innovation and a bespoke approach to meeting the needs of clients. Over the decades it has consistently blended British ingenuity, engineering prowess and a creative approach to deliver exactly the type of solutions customers want.

CLD has also expanded to include offices in London, Sydney, Washington, Dubai, and most recently Buenos Aires, as well as distributors in more than 10 countries. This international footprint enables clients to have the same tried and tested solution on all their sites globally.

CLD Physical Security Systems also demonstrated its suite of physical security systems at the event, independently third party tested by the Loss Prevention Certification Board, (LPCB), which offer the ultimate in protection against attack.

This included showcasing Securus S4, the latest addition to the Securus fencing range.

Well-received at the show by members of the security industry, the new system is right at the cutting edge of perimeter protection and seen as a great addition to CLD Physical Security System’s portfolio.

It joins the existing Securus range as a highly responsive solution, which keeps intruders out in even the most demanding circumstances, bringing maximum security and protection in a fast installation format.

Tested and certified to LPS 1175 Issue 8, Securus S4 has achieved a D10 (SR4) Rating, ensuring that assets have a guaranteed delay against an attack of 10 minutes minimum, using tools such as bolt cutters, hacksaws, jigsaws, drills and sledgehammers.

Of significance is the minimal amount of assembly required on site, which means it is faster to install with less risk of downtime on site due to lost components.

Russell Wells, Sales Director of CLD Physical Security Systems, said: “Securus 4 is our latest offer to meet the critical demands of today’s security sector.

“Our focus is to deter, detect and delay perpetrators from gaining access, with a CLD Physical Security System solution for every site and project.

“Together, we make safe. To achieve this involves working to understand our clients’ needs, the threats they face, their challenges and pain points, then assess and evaluate on-site requirements before producing a gold standard system for their estate.

“The nature of our clients ensures our business is about much more than providing perimeter security products. Our catalogue of project references reflects our industry-leading position as a valueadded, trusted partner in this sector.

“Key to that is our vision. We see what the security sector needs now, and in the future, and constantly look at how we can best support that.

“We are focused on innovation –introducing the very best means to deliver the ultimate in security.

“That includes the emergence of 3D renders and 3D printing in our work to drive forward our operations.

CLD showcased the scope and scale of its operations recently, at the International Security Expo 2022.

The company also unveiled its new look branding and revealed its new name of CLD Physical Security Systems.

The move away from the previous company title of CLD Fencing Systems represents the more inclusive nature of the business in providing complete security solutions. It reflects the company’s emergence over the years, which has seen it transform from the UK’s largest supplier of rigid mesh fencing, to being at the forefront as a trusted provider of physical security solutions - with a truly consultative way of working, rather than the offer of an “off-the-shelf” product.

Securus fencing also includes the ability to swap out panels to achieve a different security rating, ensuring the perimeter security fencing adapts to changing operational needs, while specific zones can be selected to deliver targeted protection too.

And with both permanent and temporary options, Securus can be introduced from the construction stage through to permanent operations, with matching access control available to ensure a seamless security process.

All this is achieved whilst maintaining excellent visibility to support security operations on site, with no visible fixings in place, no sharp edges that could cause injury and small apertures to keep objects out. Securus is also virtually impossible to climb over.

Wireless connectivity is another key area under development, as well as the use of renewables in our fencing and access solutions.

“We are also committed to introducing more environmentally focused products, to reduce our carbon footprint and to help our clients achieve their own sustainability goals.

“There are more opportunities than ever for security to be breached, but we have the experience and foresight to anticipate these challenges and put appropriate deterrents in place.

“The end result is that those tasked with protecting environments against terror attack can be certain that their reputation is safe with us.” L

INFORMATION www.cld-systems.com

A SHOW OF STRENGTH – AND A NEW LOOK – UNVEILED AT INTERNATIONAL SECURITY EXPO 2022

Lina Kolesnikova, security and crisis management expert discusses emergency planning and how organisations can prepare for the unexpected

ORGANISATIONAL RESILIENCE AND EMERGENCY PLANNING

Modern systems (in a broad sense of the word ‘system’) and their complexity provoke a huge number of systemic risks. Interdependencies between systems and their components have become so complex that disruption of one of the elements in the chain of businesses and services might easily create cascading effects. This consideration goes beyond pure theoretical, as we witness problems across multiple countries and industries. The assumption in modern society that complex systems will work reliably and smoothly at any time was challenged in 2020 by the Covid pandemic with its disruption of established supply chains. Some organisations were challenged by sky-rocketing demands for their products and services, however others found themselves facing a threat to their survival or were simply ruined within months of lockdown. Many organisations and even entire industries continue to suffer from the consequences of Covid disruption even now, in 2022. This includes transportation, tourism, travel, events, and entertainment (including supporting services like security staffing at large venues), etc.

TRANSBOUNDARY NATURE OF MODERN CRISES

Complexity and interdependencies bring about significant changes to the way we experience crises. We see that more and more crises have become creeping. Slow-moving for significant periods of time (prior to bursting out in the open), problems develop hiddenly within components of one system prior to exploding as a full-blown crisis in another, often seemingly unrelated, system. Due to interconnections and interdependencies, crises are more and more transboundary in their nature. They have also now become higher scale, spanning across multiple organisations, industries, countries, and, even, in their worst case, continents.

“MYCELIUM” PROBLEMS

Decision-makers are confronted with an acceleration of high impact events and exponential growth of public data in a physical and digital world. But complexity

and interdependencies don’t play on their own. Geopolitics plays an important role, many previous agreements, rules, and practices are abandoned. As a proper analysis of the decisions by politicians making them is more and more unfeasible, and is coupled with limited available expert capacity and shrinking timeframes, we observe impacts every day and we gradually discover problems arising from these impacts.

“Silently” developing hidden “mycelium”like problems make it difficult to identify and to assess them correctly, to analyse and to plan for a response to the needed extent. Consequently, the response most often comes late and usually does not address the cause of the crisis until rather late.

Identification and other difficulties are further exacerbated by the twilight zone between crisis and risk management. For as long as the “mycelium” problems are not identified and not assessed in the sense of possible consequences they may lead to, they might be perceived as notyet-realising threats and therefore, stay in the scope of risk management, rather than the crisis management. However, if and when there are some, but only first and low-scale signs of problems, they arrive to the twilight zone – they are no longer risks, per se, but they are not yet a crisis.

WHAT DO ORGANISATIONS NEED IN TOUGH TIMES?

To cope with the challenges outlined above, there are two main attributes which the organisations should achieve. On the one side, while maintaining their efficiency overall, they should be preparing for the unexpected, on the key assumption that “things will happen” and without knowing or preparing precisely for one or many specific types of crises. Resilience is the key here.

On another note, organisations should be able to quickly identify problems popping up here or there (like “mushrooms”), while performing a quick assessment and, as feasible, analysis in an attempt to catch the extent and the characteristics of a likely underground “mycelium” where problems are brewing prior to becoming apparent on the surface at “random” places. E



Quick changes and unpredictability are a reality in organisations and organisations do not have the possibility to control all the factors that affect their functioning. The readiness (ability) of the organisation to manage in a crisis must develop within the unique context of the organisation. Situational awareness plays a key role here, being responsible for promptly identifying events and highlighting those which might be problems, as well as connecting dots – events, identified problems and factors of their own organisational functioning so that the planners and decision makers are able to grasp the concerns within their (problems’) real context and degree of potential influence through interdependencies.

RESILIENCE AND SITUATIONAL AWARENESS

Resilience is the ability of a system to perform functions with respect to adverse events such as: planning and preparation, absorption, recovery and adaptation (OECD).

Resilience is concerned with how a system behaves after the event occurring or in other words it is “threat agnostic” (OECD), not identifying exact threats but assuming that, at some stage, threats of various kinds will materialise and could disrupt the system. Resilience is very much about sustainability of ecosystems or organisation(s), including under duress. Meanwhile, the important characteristic of resilience is that there should be anticipative actions that were taken while keeping in mind possible adverse events without them yet happening. So, anticipation is a very important part of the resiliencefocused approach of organisations’ development. It all starts with “threats”. According to the Cambridge Dictionary, “threat is a suggestion that something unpleasant or violent might happen”. For better anticipation, we need to identify the main categories of threats, list them, and map the threats to the organisation’s abilities and dependencies, monitor threats and provide a real-time alert system in case they come to fruition.

Information is a key asset to management in a crisis. Effective information management is critical.

If horizon scanning and internal vulnerability analysis are effective, it will be possible to detect early and subtle signs of impending or potential crises that might otherwise be missed or lost in the general “noise” of normal business fluctuations. Whether

the signs were detected in time or not, the information must still be presented in a form that reflects its significance to the organisation and so that it can be used as a consistent base for decision making. This is called creating situational awareness (SA).

Situational awareness means more than knowing what is happening; it means the ability to model the consequences of what happens (or does not happen) and predict current and further events to determine what might be happening next. In the context of an organisation, this is the need to collect the detailed contributions of each department to an overall balanced score.

Situational awareness is “knowing what is going on around you” and, subsequently, being able to act faster and more appropriately within the actual context of the organisation and the identified event. SA is about knowing what was going on in the past, is going on in the present and could be happening in the future, especially suggesting possible consequences of individual and cascading events.

Situational awareness is a mindset, beyond a mere set of systems, data, and information flows.

Situational awareness is a central concept for complex systems, ecosystems, and digital infrastructures, especially, when humans are in the loop. Therefore, it is important to plant situational awareness needs into the development of complex systems, to understand what it is, what dimensions it has, and how to manage those insights through the development. However, as resources are always limited, there is a dilemma and the hard choice of prioritisation - is it more vital to see and to react to what is more likely or what is more dangerous? Mitigation processes may work at reducing the likelihood of an event, while faster alerting, on the other hand works to counter the impact.

In the organisational environment, it means knowing and accounting for multiple domains such as social, physical, cyber and cognitive. Situation awareness therefore is an important element in supporting the decision-making process, which often can make a difference between a response being a success or a failure.

Situational awareness is needed by the individual along or as a member of a team in order to perform the needed tasks. The individual needs to have an adequate level of awareness of the processes and information requirements and after these, the needed level of awareness of the

devises. The degree of thoroughness is paramount. It emphasises that creating situational awareness is a deliberate, active, and disciplined process that requires practice. To benefit from “quality” situational awareness, it is necessary to actively search for information and monitor channels, encourage cross-function communication, and ensure information management and record keeping so that the situation awareness has sufficient “food” to process.

The use of tools helps people achieving efficiency. It is useful to consciously apply and encourage specific tools for creating situational awareness, rather than leaving it to a chance or individual characteristics of involved people. Tools assist people working under pressure in extreme

environments with a basic structure that prevents information overload, scope creep and unattended gaps, and helps create team coherence and unity.

If reasonably achieved, this allows decision makers to rely on the knowledge and to use coherent discipline in interpreting the information they must use to support and base their decisions upon.

Situational awareness contributes further to the anticipative actions and preparation (where resilience largely belongs). The latter makes a clear focus on assessing and preparing internal resources, as well as establishing links and possible paths to get access to resources which might be available outside of the organisation. This is furthered by setting the information exchange on

threats and alerts across certain types of organisations, industries and/or geographical areas. Such exchange provides for two main benefits – improved threat identification and monitoring, and ability to better and more timely prepare and invoke necessary mitigation, deterrence, and response actions.

Modern organisations need to know how to build up the resilience and the situational awareness that is necessary, sufficient, effective and, ideally, efficient in meeting varying physical, economic, social, and environmental challenges. With limited resources, it is a continuous challenge. To deal with it, is a requirement for any organisation in the modern interconnected world, if the organisation wants to be able to recover and to adapt to the New Normal.

There are a lot of discussions on which way is more effective – threat-based thinking or capabilitybased thinking. Well, it can’t be just one. If not threat-based, it should at least be threat-informed and may employ threat-based planning as well (you can’t plan for everything, but you can prioritise your efforts and resources) and fungibility of skills. If you lean to “most dangerous” items, that will, in most cases, give you a view on potentially more appropriate capabilities, the training reach and the chance for general performance. L

Find suspects in minutes

Reduce

times for suspects in video footage from days, hours . . . to minutes!

Cognitec’s face recognition technology imports still images and video material, finds all faces, and clusters the appearances of the same person, even across multiple media files.

Meet

at

Most experienced. Highly trusted. Cognitec is the only company that has worked exclusively on face recognition technology since its inception in 2002.

in London!

VIDEO SURVEILLANCE VS CIVIL LIBERTIES

When new government policy created in the aftermath of the Manchester Bombing comes into force in early 2023, publicly accessible locations (PALs) companies will have a legal duty to implement security measures that protect the public from potential terror attacks.

The “Protect Duty” legislation contains a raft of new demands and measures, including making a “watch list” of known terrorists which will be made available to businesses such as banks, airlines and hotels. The list will contain the names, dates of birth, and last known addresses of known terrorists plus, importantly, pictures of their faces.

The government hasn’t stipulated how businesses should use the watch list, but it’s likely that many PAL organisations will use Live Visual Facial Recognition (LVFR) surveillance technologies.

USAGE EXAMPLES

Many English cities, and their respective police services, already make significant use of LVFR, as do PALs such as railway stations and airports, as well as other commercial and public sector organisations. However, when the Protect Duty comes into force, we can expect to see a further proliferation of video surveillance use. And, as more CCTV and other surveillance cameras are installed on business premises, more issues about personal privacy, ownership, and the right to use visual information will come under scrutiny. Arguably, few people, if any, would disagree with measures designed to keep them, their family, and friends safe. Conversely, many, and particularly those involved in ensuring civil liberties, have raised legitimate concerns about the consequences of using live facial recognition technologies and describe them as “Orwellian surveillance” tools. E

 PROTECT DUTY

It is important to remember that the Protect Duty legislation was drafted after consultation with a variety of organisations, sectors and campaigners from all sectors of the British public. As such, the new regulations and recommendations provide a response to the demandsand feelings of a population who’ve experienced a significant rise in terrorist incidents in recent years.

The fact is that video surveillance is here to stay, the technologies work and have been of immense value in monitoring known terrorists and criminals as well as locating, people wanted for the most serious and violent offences.

PRIVACY

However, the debate about privacy, safety and personal rights will continue, and rightfully so.

There are many key questions that must still be debated, answered, and most importantly, addressed by all parties concerned, from government and technology suppliers to law enforcement agencies, PALs and, increasingly, commercial user organisations.

Until now, the focus – and challenge – has been on policing and the public sector. But as new government

legislation prompts commercial organisations to make more use of video, their practices will, and should, come under greater scrutiny.

CCTV and video surveillance have undoubted appeal for the commercial sector, especially for PALs which, particularly in the aftermath of the Manchester Bombing inquiry, the public sees as responsible for ensuring the safety of visitors, guests and concert goers. Having more video coverage means PALs, such as venues, can monitor events and, if they’re using the watch list, identify potential bad actors in real time.

Should there be even the possibility of an incident, video provides useful evidence, proves the PAL was taking every possible precaution, and can go a long way to ensuring the organisation’s reputation doesn’t take a massive public hit.

Unlike the police, government bodies and the military, most commercial companies will have neither the experience nor the in-depth understanding of the law, which is written to ensure proportionality, to make managing the delicate balance between public safety, civil and individual liberties and the organisation’s own rights, responsibilities and reputation less than tortuous!

THE BASICS

All too often, the debate has been centred on the ethics of surveillance, civil liberties and other big issues. That’s not going to get us anywhere. We need to take a step back and have a nuanced discussion about the basics, the factors that will improve management and effectiveness, at the same time as building in checks and balances that mitigate any potential risks to personal privacy risks posed by LFVR technologies.

What do I mean by the basics?

I’d start by comparing the benefits of using CCTV for safety purposes against the degree to which it intrudes on individual privacy. Remember, the law dictates proportionality.

Then, a step-by-step assessment of every aspect of the way in which the organisation uses, stores, manages and secures data contained on both video footage – that is faces – and the watch list database.

THE FACT IS THAT VIDEO SURVEILLANCE IS HERE TO STAY

One of the ways in which organisations can protect the privacy of people captured on video is by facial blurring. Facial blurring technologies have been used by security and law enforcement agencies for some time because it protects people’s privacy while still allowing them to be identified. For many organisations in these sectors, anonymising faces is already an integral part of the storage process. The technology is becoming more sophisticated, with some software now capable of automatically detecting and blurring faces in images and video.

FACIAL BLURRING

The government has said that it is working with businesses and public sector organisations to implement software that can automatically blur facial images captured from CCTV, LFVR and other sources. This would mean that police, public sector services and businesses would still be able to identify individuals on their

watch lists, but their identities would be protected from public view.

Using automated facial blurring allows police and security forces to focus their efforts on tracking and apprehending individuals, without having to worry about redacting video manually before it is shared which is a slow, cumbersome and expensive process.

The introduction of mechanisms such as the watch list, combined with the use of facial blurring, are just two of the ways in which the government is trying to strike a balance between security and privacy. There’s still a long way to go, and a lot of talking to be

done before concerns about privacy and equality will be addressed.

Whatever differences there may be on either side of the debate, we can all agree that public safety, especially that of our children, is our paramount concern. Compromise is essential and, with technologies like facial blurring at our disposal, it is possible to find a balance between protecting an individual’s safety and their privacy. L

USING AUTOMATED FACIAL BLURRING ALLOWS POLICE AND SECURITY FORCES TO FOCUS THEIR EFFORTS ON TRACKING AND APPREHENDING INDIVIDUALS, WITHOUT HAVING TO WORRY ABOUT REDACTING VIDEO MANUALLY BEFORE IT IS SHARED

On 19th July, CTB365 held a Drones and Counter Drone Technology webinar, one of the panellists, Jackson White, Business Development Director, RF Datalinks and Marketing (SPX Comtech) answers some of the questions that it wasn’t possible to answer during the webinar

DRONES & COUNTER DRONE TECHNOLOGY

Jackson joined the British Army at 16 into the Royal Corps of Signals in 1990. After serving during the Cold War in Germany, Jackson specialised in tactical and strategic communications, deploying domestically and globally in the war on terror, serving in several roles. Jackson has served operationally on the UK Mainland, America, The Balkans, Africa, and the Middle East.

Since leaving the Army, Jackson has completed a degree in Cyber Security and has combined this with his operational experience during his 15 years in Industry as a business development Manager at Enterprise Control Systems Ltd. and Esterline (Racal Acoustics). Then as a sales and marketing director for getac before returning to Enterprise Control Systems as business development director.

DRONES ARE LIKELY TO BECOME MUCH MORE UTILISED AS WEAPONS IN WARFARE, AS THEY ARE CURRENTLY IN UKRAINE. HOW CAN WE RESPOND TO DRONES BEING USED AS A METHOD OF ATTACK IN WAR?

We’re currently witnessing the Ukrainian Armed Forces being faced with military UAS threats. Both military and commercial UAS present their own challenges to defeat from repurposed commercial UAS, through to weaponised military UAS. It’s therefore fair to assume that all military forces will use drones regardless of their budget. The question is how do we then defend and counter that threat within a security and military construct. The Counter-UAS challenge is at a tactical level, which often lacks doctrine and a concept of employment. Mission success

depends on entry capabilities being scaled and field-upgraded in line with developing doctrine, and tactics in response to the threat evolutionary cycle, ensuring total lifecycle costs are minimised and the flexible CounterUAS solutions remain fit for purpose in the future. Solution manufacturers must focus on staying one step ahead by combining advancements in radars, radio frequency (RF) detection, electro-optical/Infra-Red imagery and jammers in a multi-sensory approach.

WHAT IS BEING DONE AT NATIONAL AND INTERNATIONAL LEVEL TO REGULARISE THE STATUS OF UAS AND COUNTER UAS TECHNOLOGY IN COMBAT ZONES?

seeing a huge variation both internationally and within our national borders, mainly to do with the operation and the operational commander. For instance, if someone is involved in security and policing operations and wants to carry out a defeat of a drone to remove it from the airspace, the approach will be different to a military user on the battlefield wanting to take out a state actor or state-sponsored drone. In one place there will be significant legislation and rules about the use of

RF defeat, whilst in the other – such as full-on warfare – there is actually no regulation. So one of the things we always have to do is talk with these users to understand their own legislative framework. However, those frameworks have been changing and it’s remarkable how quickly some of these have evolved in countries across the world in the space of seven years. To effectively assist in dealing with the threat, national and international legislation is going to have to keep changing to enable the true defeat, rather than just the detection of a threat. But equally, the technology has to change which will in turn make it easier for the legislators to agree to the use of the defeat. Ultimately, it works and must be considered from both ends, the moving goalpost of legislation and the practical changes in techniques.

WHAT IS THE EFFECT OF USING AN SDR-BASED DEVICE ON A UAS – DOES THE OPERATOR THEN CONTROL THE UAS?

Given the challenges presented by highly complex UAS waveforms, and the challenges given by the limitations of older DDS-based jamming solutions, the most effective

Counter-UAS RF Defeat systems have had to undergo radical technology changes. This is the change to a software-defined radio, or SDR Source generation technique. The key elements of the SDR technique had already been developed as a next generation countermeasure waveform, but it wasn’t needed or implemented until the complex waveforms in the UAS domain appeared. The SDR-based source generation technique was of course triggered by the identification of this new threat, and then further refined to achieve maximum effectiveness in the inhibition and jamming of these complex signals. There is no doubt that the proliferation of this new threat initiated the introduction of SDR-based jamming techniques. So, if we take a high-level look as an SDR waveform, there are a number of key aspects to consider. Most importantly the SDR waveforms can be developed to disrupt the command and control links of UAS platforms in response to the ConOps of the operational user. L

Rugged devices offer resistance to the shocks, drops, vibrations and temperature changes consistent with field, workshop and construction site conditions. DURABOOK, the global rugged mobile solutions brand owned by Twinhead International Corporation, has launched its latest fanless rugged laptop and tablet models, the R8, U11I and Z14I, which proactively reduce dust transference. Fred Kao, CEO of Durabook answered some questions on their company and their products.

FANLESS RUGGED DEVICES: THE NEXT STEP IN MAXIMISING EFFICIENCY AND BOOSTING PRODUCTIVITY

PLEASE BRIEFLY EXPLAIN THE HISTORY OF TWINHEAD/ DURABOOK AND ITS FIRST USES (BOTH IN THE MILITARY AND WITHIN THE PUBLIC SECTOR/ EMERGENCY SERVICES).

DURABOOK is the core brand of Twinhead International Corporation in Taiwan, a world-renowned manufacturer of rugged mobile solutions. For many years, Twinhead was also the ODM partner for General Dynamics Itronics. In 2000,

the company manufactured its first military-grade rugged laptop, followed by the introduction of the DURABOOK brand in 2002. After Itronics left the rugged industry, the DURABOOK line quickly expanded to meet the growing demands of customers across a broad range of markets that require rugged mobile solutions. Today, Durabook devices have a loyal global customer base, including the U.S. Armed Forces, public safety agencies, numerous field service organizations, and companies that specialise in oil and gas, logistics, healthcare, utilities and automotive industries.

Since its founding in 1984, Twinhead International Corporation, now a publicly listed Taiwan company, has gained an enviable reputation as a major supplier of rugged computing devices with a commitment to developing cutting-edge products and solutions to meet the demands of a growing customer base.

The products have been used in the US in the military, and the public sector in Arizona, Texas and West Virginia

WHICH EMERGENCY SERVICES ARE CURRENTLY USING DURABOOK PRODUCTS, AND DO YOU HAVE ANY EXAMPLES/CASE STUDIES OF THEIR UK USE? Emergency services are the government’s frontline, safeguarding the security and the protection of all citizens in everyday and emergency

situations. The deployment of cuttingedge mobile computer devices for remote communication has become a strategic asset through which public safety users can coordinate emergency responses, improve collaboration, and facilitate instant action – in real-time.

More challenging working environments and economic increases pose an increasing threat for emergency services providers. Arming these teams with advanced mobile devices equipped with the latest software is vital for increasing efficiency, boosting security, reducing downtimes and instilling trust, so today’s emergency crews can confidently fulfil their day-to-day duties.

Durabook U11I comes with 2 smart card readers and is specifically designed for the EMS sector.

U11I helps ambulance crews quickly access electronic patient records; transfer patient-specific information to the hospital before arrival; and make critical decisions. It includes an embedded smart card reader, and is the only rugged tablet available today with the option of adding a second smart card and RFID reader. This allows for secure user authentication and the safe collection and transfer of sensitive data. This feature has proven essential for quickly accessing historical patient information, recording diagnoses and securely sending data to the hospital or other health organisations before arrival so care and treatment can continue without delay.

ARE THERE CUSTOMISED VERSIONS OF OPERATING SYSTEMS FOR DURABOOK PRODUCTS, AND HOW DO THEY DIFFER FROM THE STANDARD? CAN ANY OS OPERATE ON DURABOOKS?

Durabook mobile devices are equipped with Windows operating systems as standard. However, we occasionally receive requests from our global customer base for other OS besides Microsoft Windows, especially Linux OS. Durabook products support Linux OS, including, for example, recent Kernel builds from Red Hat Enterprise Linux (RHEL), Ubuntu or Astra Linux. If customers require OS other than Windows and Linux OS, Durabook can customize the system according to their needs. With more than 35 years’ experience

From a hardware perspective, we believe we offer unlimited customization possibilities for all sectors and industries; for example, our rugged laptops offer the unique setup of two LAN ports (RJ-45) and two RS-232 serial ports. In addition, our tablets’ unique module expansion design can offer specific upgrades, such as an additional RFID reader, smart card reader and legacy ports, providing a unique design with a particular sector focus .

ASIDE FROM ITS RUGGEDNESS AND PORTABILITY, WHAT ARE THE PARTICULAR ADVANTAGES A DURABOOK DEVICE CAN BRING TO FIELD OPERATIVES? HOW DOES THE HARDWARE DIFFER? Durabook always used the latest cutting-edge technology for its core

Additionally, Durabook is the only rugged manufacturer offering fanless mobile devices – R8, U11I and Z14I. These fanless laptops and tablets deliver multiple benefits, ensuring that users can operate in the most dusty or contaminated environments without risk to their computer or performance loss that can drastically impact productivity.

WHAT FUTURE PLANS DOES DURABOOK HAVE TO ENHANCE ITS PRODUCTS? IS THERE ANYTHING THE COMPANY IS CURRENTLY WORKING ON THAT YOU CAN TELL US/ GIVE A SNEAK PREVIEW TO CTB READERS ABOUT?

Digitisation is booming everywhere – and companies are becoming increasingly aware of this. In a very short time, many had to change to accommodate remote access, video conferencing, collaborative tools, decentralized IT and cloud solutions. Meanwhile, employees needed to learn to work together no longer in person but virtually and flexibly. This brought the digital infrastructures into focus and required rapid changes. In recent years, this trend has brought us more and more inquiries in specific, unique sectors for specialist applications. Therefore, Durabook focuses on niche markets, offering an even more compact and powerful solution. L

INFORMATION ww.durabook.com

The refreshed IASME Cyber Assurance standard offers SMEs a comprehensive risk-based framework to demonstrate their security and compete for business

SECURING THE SUPPLY CHAIN

The Government’s Procurement Bill 2022 is passing through the parliamentary process and is due to come into law next year. It seeks to reform the UK’s public procurement regime to create a fairer and more transparent system. It also aims to support businesses by making public procurement more accessible to small businesses, and voluntary, charitable and social enterprises, by enabling them to compete for public contracts.

Over 95 per cent of all organisations in the UK are SMEs, many of whom are the most innovative organisations in their sector. The new procurement bill is a positive sign that SMEs are being welcomed and encouraged into supply chains and allowed to compete with larger organisations for business.

SUPPLY CHAIN

Most organisations rely on suppliers to deliver products, systems, and services. In the context of cybersecurity, a supply chain includes hardware and software, cloud or local storage and distribution mechanisms.

Even if an organisation has strong cyber security basics in place, cyber criminals will try and find their way into a system by using the weakest link in the chain. This could be via a third party such as a contractor, or any supplier with security vulnerabilities.

Oversights can include failing to fully or correctly configure cloud service accounts or key staff members being inadequately trained on their responsibilities. Most companies have remote workers using BYOD and interacting with company data,

yet may not have consistent and strict security controls and policies in place. Any business that has weaknesses in their cyber security can present a cyber risk not only to themselves and their customers, but to the whole supply chain that does business with them.

Unaddressed risks can become supply chain threats such as ransomware attacks, security breaches, malware infection, process disruptions, intellectual property theft, and non-compliance with regulatory security standards.

A series of high profile, very damaging attacks on companies has demonstrated that attackers have both the intent and ability to exploit vulnerabilities in supply chain security. Business to business assurance is now vital to winning new business within a supply chain, and more and more contracts are mandating cyber security.

SECURITY STANDARDS

UK businesses are increasingly setting minimum security standards for their suppliers. A security review process is not uncommon when bidding for new business where a prospective supplier will be asked if they hold an accreditation through a recognised scheme, or to fill out a security questionnaire so that potential risks can be understood.

To simplify this process, many contracts simply mandate a recognised security certification such as the international standard, ISO 27001. Yet for small businesses, ISO 27001 can be difficult to achieve, not because they don’t have the governance in place, but because of the cost and extra staffing requirements. A flexible and more affordable alternative is gaining prominence and recognition.

The IASME Governance standard was compiled back in 2010, originally with the support of the Technology Strategy Board (now Innovate UK) and was the basis for the creation of the IASME Consortium organisation founded in 2012. It was designed by SMEs for SMEs to provide a comprehensive, flexible and affordable cyber security standard that was neither too prescriptive nor too simple. The IASME Governance certification provided assurance that an organisation had put in place a range of important cyber security, privacy and data protection measures and offered smaller companies within a supply chain a ‘right sized’ approach to show their level of information security for a realistic cost.

This year, the standard has been refreshed and rebranded and is now called the IASME Cyber Assurance Standard. The new version (6) of the IASME Cyber Assurance Standard has been updated to build upon the solid foundations of the original IASME Governance standard. It includes

relevant changes to reflect the move that many businesses have made from on-premise infrastructure to the cloud as well changes to business practices such as working from home and the increased use of mobile and personally owned devices.

CERTIFICATION

The IASME Cyber Assurance certification is available in two levels – verified assessment and audited.

For Level 1 – verified assessment, organisations access a secure portal to answer around 160 questions about their security. The assessment is marked by a Certification Body and a pass or fail is returned to the organisation.

For Level 2 – audited, an independent Assessor conducts an on-site audit of the controls, processes and procedures covered in the IASME Cyber Assurance standard. The audited version gives a higher level of assurance and is pass or fail. A wide range of industry sectors now accept the audited IASME Cyber Assurance certification as an alternative to ISO 27001 for small companies. Examples are the Ministry of Justice and the Government of Jersey. This is a significant step towards reducing barriers to entry for smaller organisations in a supply chain as IASME Cyber Assurance gives SMEs a legitimate way to prove their compliance. Certification manager, Samantha Alexander heads up the Cyber Assurance scheme at IASME. Sam brings a wealth of experience in leading and developing information

assurance schemes and has worked closely with membership organisations. She says, “IASME Cyber Assurance is a well-established and unique certification scheme starting to play a key role in securing supply chains in the UK and abroad”.

The IASME Cyber Assurance standard covers all the important cyber and information security measures, key resilience strategies and data protection methods. As far as we know, the IASME Cyber Assurance standard is still the only cyber security certification scheme which has been specifically designed to be affordable and achievable for small organisations.

Going through a recognised scheme is an easy way to benchmark the security posture of your organisation and reassure other businesses as well as customers. IASME Cyber Assurance gives SMEs a legitimate way to prove their compliance when responding to contracts carrying out due diligence. By providing an up-to-date IASME Cyber Assurance certificate, an organisation can give assurance that they have been audited by security experts using a detailed and relevant framework. L

FURTHER INFORMATION You can view the IASME Cyber Assurance Standard and Question Set on the IASME website

If you would like any more information or to discuss the standard, please email us info@iasme.co.uk

PROCESS IS NOT UNCOMMON WHEN

FOR NEW

Cyber and Information Security experts IASME are collaborating with Secured by Design, the official police security initiative, on their new Secure Connected Device accreditation

SECURE CONNECTED DEVICE ACCREDITATION

SMART BUT NOT NECESSARILY SECURE

Besides computers, tablets and mobile phones, many other objects connect to the internet. Bike locks, storage cupboards, security cameras and lights are examples of ‘connected’ or ‘smart’ devices, which are collectively known as the ‘Internet of Things’ (IoT). They enable the user to control their functions remotely, usually using a mobile phone app.

If a smart device can be accessed by the user online, there is also the possibility that other people may be able to access it, which raises both security and privacy concerns. Insecure devices can provide an access point for criminals on the internet to steal personal data, access microphones or cameras or hijack a device for ulterior motives. It is therefore important to ensure that all IoT products have the right security in place to protect consumers from becoming victims of cyber crime.

POLICE CRIME PREVENTION INITIATIVES

Secured by Design is the most well-known of the Police Crime Prevention Initiatives (Police CPI) portfolio. Secured by Design (SBD) operates an accreditation scheme on behalf of the UK Police Service to show that products or services have met recognised security standards. These products or services – which must be capable of deterring or preventing crime – are described as having achieved ‘Police Preferred Specification’. There are currently many hundreds of companies who produce thousands of individual attack-resistant crime-prevention products that have met the exacting Police Preferred Specification. This includes doors, windows, external storage, bicycle and motorcycle security, locks and hardware, asset marking, alarms, CCTV, safes, perimeter security products and many others. SBD is the only way for companies

to obtain police recognition for security-related products in the UK.

This year, SBD launched a Secure Connected Device accreditation for companies providing internet connected products. Working closely with certifying bodies, who assess IoT products and services against the worldwide standard, ETSI EN 303 645, SBD’s IoT Device assessment framework identifies the level of risk associated with an IoT device and its ecosystem. They are then able to provide recommendations on the appropriate certification routes.

CYBER SECURITY FOR IOT

IASME helps businesses improve their cyber security, counter fraud and risk management through an effective and accessible range of certifications. The IASME IoT Cyber Assurance certification scheme gives manufacturers and people responsible for purchasing connected products a way to show due diligence in the selection of secure products.

IASME have been working in partnership with SBD to contribute to the Secure Connected Device accreditation. IASME’s IoT Cyber Assurance level 2 scheme certifies internet connected devices against the most important cyber security controls and makes up an essential part of the framework for the accreditation.

The IASME IoT Cyber Assurance scheme aligns with all 13 provisions of the worldwide standard in IoT cyber security, ETSI EN 303 645 and with the imminent UK IoT security legislation and guidance. It is also mapped to the IoTSF Security Compliance Framework. The Level 2 scheme includes a hands-on audit of the device and provides the assurance of third-party testing and independent certification. The audit is managed by an Assessor, skilled in IoT cyber security, from one of IASME’s network of Certification Bodies. The scope of the certification includes the IoT device and any associated hub, app and cloud service the device relies upon to operate, the scheme is accessible to micro and small manufacturers, as well as to larger organisations.

RAISING THE BAR IN THE INDUSTRY

While certifying connected devices through the IoT Cyber Assurance scheme, IASME has worked with numerous manufacturers, many of whom are innovators in their field. They often express a desire to work together to raise the bar in the industry and hope that increased security will raise confidence in the market that it is safe to work with wireless systems. They say they found it useful to share the feedback given to them from the scheme Assessors with their customers as it helped demonstrate what they

were doing. Many commenting that external certification served to reassure clients that they had a secure system that has been audited by a third party.

Once a product has been certified to IASME IoT Cyber Assurance level 2 and has met the physical security requirements of SBD, the company can apply to become SBD members. The product will receive the SBD Secure Connected Device accreditation, a unique and recognisable accreditation that will highlight products as having achieved the relevant IoT standards and certifications.

SBD’s IoT Technical Officer, Michelle Kradolfer emphasised the importance of proving the security of IoT devices, “with the rise in IoT and smart devices being sold in the UK market, it’s important for companies to ensure that their IoT products are built as securely as possible and an integral part of doing so is getting their IoT products appropriately assessed and accredited”.

She goes on to say, “By obtaining our Secure Connected Device accreditation and undergoing a testing and certification process, companies are sending a clear

message on the importance of IoT security for their products, which will make them stand out from the crowd and inspire confidence from their consumers.”

Dr Emma Philpott MBE, CEO of IASME, welcomes the partnership with SBD and the integration of the scheme as part of widespread and comprehensive accreditation. She says “IASME has developed the IoT Cyber Assurance scheme to provide an opportunity for manufacturers to improve the security of their internetconnected devices and to show they are compliant with best-practice security. The technical controls required for certification guard against the exploitation of common IoT cyber security vulnerabilities. Certification is a vital tool in enabling organisations to verify the security of connected devices in their own supply chain.” L

FURTHER INFORMATION

If you would like more information regarding the IASME IoT Cyber Assurance certification, please contact info@iasme.co.uk.

THE SCOPE OF THE CERTIFICATION INCLUDES THE IOT DEVICE AND ANY ASSOCIATED HUB, APP AND CLOUD SERVICE THE DEVICE RELIES UPON TO OPERATE

ISE returned to London on 27 and 28 of September, CTB shares a review including some insightful pieces from some of the speakers

ANOTHER SUCCESSFUL INTERNATIONAL SECURITY EXPO

Thousands of security professionals, representing more than 70 countries, descended on London from 27-28 September as International Security Expo returned to showcase the very latest technological innovations to protect people, businesses, critical national infrastructure and nations.

With more than 300 companies demonstrating thousands of the most cuttingedge products and solutions, attendees were provided with an unmissable opportunity to gain in-person demonstrations and insights, helping them understand how technology can meet current and future challenges.

While the show floor played host to the latest product innovations, this year’s hotly anticipated conference programme saw record crowds gather to hear from industry leaders. Three streams ran over the course of the two days including the Global Counter Terror & Serious and Organised Crime Summit, International Security Conference, and International Risk & Resilience Conference.

In the Global Counter Terror & Serious and Organised Crime Summit, Tom Tugendhat MP, newly appointed minister of state for security, joined attendees to deliver a short address. He recognised the importance of transparency and freedom for long-lasting democracy and reflected on the success of Operation London Bridge and the seamless delivery of Her Majesty Queen Elizabeth II’s funeral. He acknowledged the remarkable example it set for global collaboration and how continued collaboration would be key for success.

Sharing unique insights into the collective efforts behind Operation London Bridge, Matt Twist, assistant commissioner, Counter Terror Police UK spoke about the breadth of the operation from the integrated counter-terror package to the ‘biggest ever deployment’ of law enforcement and supporting government agencies. He also revealed the Counter UAV response investigated 80 flights – four of which subsequently face prosecution for their intended actions.

Among the other topics to take the spotlight in the Summit, the ‘chronic and corrosive threat’ of serious and organised crime (SOC) was addressed by Matt Horne, deputy director of investigations at the National Crime Agency. He detailed the alarming scale

and complexity of the evolving threat, costing more than £37 billion every year. He revealed that SOC rates were climbing, exceeding pre-pandemic levels with many offenders increasingly taking advantage of technology, which saw a huge uprise in adoption over the course of the pandemic. Describing it as a ‘technological arms race with criminals’, he stressed the importance of updating legislation, collaborating with industry and academia, and adopting ‘innovative protection and protective measures’.

One of the other topics dominating the agenda was the pending Protect Duty legislation. Among the speakers joining to discuss this monumental legislation was Shaun Hipgrave director Protect and Prepare – Homeland Security Group (HSG), UK Government Home Office. He reminded attendees that terrorism doesn’t abide by conventional boundaries and stressed the importance of an adaptable, whole community approach. He reflected on the progress made to date on the Protect Duty legislation, citing it as a “once in a generation opportunity” and suggested that a change of culture was required for security precautions to be normalised.

Speaking about the 2022 International Security Expo, Rachael Shattock, Event Director, said: “It has been a monumental two days at Olympia, London welcoming a host of leading security professionals as they do business, network and source the products and solutions to keep people and businesses safe. We were delighted to welcome Tom Tugendhat MP in his first UK trade appearance to meet attendees and gain insights into this wonderfully diverse and innovative industry. Our thanks go to all the participating government departments and agencies, exhibiting companies, Advisory Council members and of course, our visitors. It’s wonderful to see the industry come together to network, source the latest technologies, and learn from such inspiring minds. We can’t wait to return in 2023 to do it all again.”

International Security Expo returns to Olympia, London from 26-27 September 2023.

RESILIENCE AND INNOVATION THROUGH AN INCLUSIVE APPROACH TO SECURITY

How does inclusion impact resilience and support innovation within the security sector, a vital industry providing fundamental services to protect societies in an ever-changing risk landscape?

To understand the dynamic threats of tomorrow, diversity and inclusion are crucial factors to consider when designing risk management strategies, as well as building the capacity to adapt, grow and innovate.

To truly understand the risks and threats of modern societies, the talent pool should reflect the society it serves. Diversity of thought is essential to equip the security sector to face the challenges of the future.

BEYOND THE BUSINESS CASE FOR DIVERSITY AND INCLUSION

In the past decade, there has been increased understanding of the business case for diversity, recognising how diversity and inclusion are enhancing business operations and driving growth. An article “How Diversity Can Drive Innovation” published in the Harvard Business Review, highlights research that provides evidence on how diversity unlocks innovation and drives market growth.

Diversity is a concept that can be understood in various ways. Interestingly,

the article makes a distinction between two kinds of diversity: “Inherent diversity involves traits you are born with, such as gender, ethnicity, and sexual orientation. Acquired diversity involves traits you gain from experience”.

It would be interesting to consider whether staff who remain within an organisation (or even a single sector) for an extended period of time, find their acquired diversity traits come together creating a more homogenous group than originally formed?

However, diversity, in itself, is not enough. To drive change we need to create a psychologically and physically safe working environment that fosters equity and inclusion. There are many examples of companies that push for diversity hires who are then surprised when these staff do not stay. Hiring is only the first step, an inspirational leader is one who creates a team that thrives, whatever the inherent and acquired traits of the individuals.

BUILDING RESILIENCEWHO IS INCLUSION FOR?

And as the voice for greater diversity is raised so is the backlash. This is disappointing as we do need everybody in the discussion. We do not want to sideline those already in the sector – there is so much we can and must learn from past experience and current solutions.

White men, if you are feeling excluded – restructure your frame of reference – everyone is part of the inclusive sector that is sought. When you look at someone you don’t know their religion, do they have a neurodiversity, perhaps a medical condition or dependents for whom they are the primary carer. What experience do they have? Maybe they spend their free time deep-sea diving or grew up in Africa? These traits, as much as someone’s ethnicity and gender, define who they are and what they can bring to a diverse and inclusive team.

As a sector we often talk about the importance of resilience, but what does this mean for individuals and teams as well as the organisation? Do we have the psychological safe space needed for staff to bring their ‘whole self’ to work? It is recognized that mental health issues are so often ignored, the British Culture is one where speaking out about problems is seen as an unacceptable weakness, particularly for men; and, in our sector which is dominated by men, the traditional culture of ‘be strong’ does not encourage mental well-being and resilience.

So, don’t be afraid of the conversation on diversity, inclusion and equity – embrace it, it is for everyone.

HOW DOES DIVERSITY AND INCLUSION CONNECT TO RISK?

When considering diversity and inclusion, the conversation does not often involve looking at diversity through the risk lens (For example GISF. (2018) Managing the Security of Aid Workers with Diverse Profiles. European Interagency Security Forum (EISF)). However, the security industry needs to recognise that inclusion and diversity have a vital role to play in risk mitigation and resilience.

The Deloitte Review “The diversity and inclusion revolution: Eight powerful truths” highlights that diversity of thinking enables groups to spot risks, reducing these by up to 30 per cent, E

IN A SECTOR THAT IS PREDOMINANTLY MALE, IT IS NOTEWORTHY THAT EVENTS ON INCLUSION TEND TO BE ATTENDED BY MORE WOMEN THAN MEN

 as well as being a source for creativity, enhancing innovation by about 20 per cent.

It adds that diversity of thinking smooths the implementation of decisions by creating trust and buy-in.

The article emphasises that highperforming teams are both cognitively and demographically diverse.

The Review argues that “By cognitive diversity, we are referring to educational and functional diversity, as well as diversity in the mental framework that people use to solve problems. A complex problem typically requires input from six different mental frameworks or “approaches”; evidence, options, outcomes, people, process, and risk.”

The authors reason that no one is equally good at all six and that is why complementary team members are required. The article refers to Bourke’s “Which Two Heads Are Better Than One”, giving an example of how cognitive diversity has an impact: “For example, racial diversity stimulates curiosity, and gender balance facilitates conversational turn-taking”.

The security sector deals with risks and threats on a daily basis. The societies it serves are diverse and ever-changing, demanding a response that requires a cognitively diverse team that can address complex problems and build inclusive risk mitigation strategies on the best possible foundation. This foundation needs to be capable and flexible, made up of diverse and inclusive teams that can spot the risks that future threat actors will present. The sector needs to be mindful of groupthink and homogeneity of thought if it wants to stay ahead of developing threats.

DIVERSITY AND INCLUSION SURVEYS AND GROWTH OF DE&I FOCUSED INITIATIVES

The security sector has been seeing a growing number of DE&I focused initiatives, however without baseline data it can be difficult to present compelling arguments for change.

In 2021, the Security Institute’s Inclusive Security Special Interest Group (IS SIG) launched an Inclusion and Diversity survey, aiming to gather data to understand the security sector’s workforce in greater detail.

The survey received a total of 760 respondents, with 72 per cent members of the Security Institute (SI). Unsurprisingly, with the majority of respondents coming from within the SI, the majority were older and in more senior positions. This highlights the need to bring more junior and younger staff in the sector into the ‘professional space’, encouraging career development and staff retention. It may also be possible that a younger cadre of respondents would demonstrate greater diversity than found in this survey.

While anecdotally it is known that the number of women in the security sector is below the national average, the actual figures were quite shocking. With only 22 per cent of respondents identifying as women in comparison with the 2021 UK census figure of 51 per cent in the general population. The sector scored better on other traits such as ethnicity, 83 per cent identifying as white in the sector vs 85 per cent in the general population and for those identifying as LGBTQ+ 9 per cent vs 4 per cent. Disability was another area where the security sector scored badly, with only

12 per cent of respondents identifying as having a disability in comparison to 19 per cent in the broader community. 36 per cent of all respondents identified some form of barrier or disadvantage during their career, by far the most significant cause identified was gender.

There were a minority of white men who felt discriminated against because of their traits. The survey analysis highlights the difference between positive discrimination, which is mostly illegal under the Equalities Act 2010 and fosters the idea of unfair ‘diversity hires’, and the importance of developing more inclusive hiring approaches to encourage non-traditional applicants. For example, in our modern virtual based context, do working hours need to be 9.00-5.00 in an office? A requirement which effectively excludes many women with young children.

TOWARDS RESILIENT, INCLUSIVE AND INNOVATIVE SECURITY How can the sector build resilience from within as well as attract and retain talent to foster innovation? A good first step is understanding that having

WHILE ANECDOTALLY IT IS KNOWN THAT THE NUMBER OF WOMEN IN THE SECURITY SECTOR IS BELOW THE NATIONAL AVERAGE, THE ACTUAL FIGURES WERE QUITE SHOCKING

cognitive diversity, and teams with different inherent and acquired diversity traits, supports building resilience and reducing risk. The diversity of viewpoints and backgrounds can help the sector tackle the ever-evolving threats.

There is also no meaningful merit in diversity without inclusion and equity. Providing a psychologically and physically safe space for all individuals creates an environment where people are not scared to present their ideas, are free from prejudice and discrimination, feel listened to and safe to step out of their comfort zone. Inclusion must start with inclusive leadership and management. In

the book “Great Ted Talks: Innovation” (Hughes, N., C. (2021) Great TED Talks: Innovation. London: Portico), Kristian Ribberstrom is highlighted: “Ribberstorm believes that we have an opportunity for groundbreaking innovation when we tear down silos, cross boundaries, and purposefully learn from the unfamiliar, unknown and unexpected.”

Inclusive security is for everyone to create and benefit from, and there are steps that we can take individually, as organisations and collectively within the industry. We can have courage to ask questions, practice active listening, be allies to our colleagues,

nurture the talent of tomorrow and share best practices and new ideas within the industry. We must work collectively to ensure that diversity and inclusion initiatives are not just for minority groups to champion and guard against these conversations staying in separate silos. Collaborations between different organisations should become force multipliers working towards a common goal.

Change takes time. However, if we contribute to building an inclusive sector that values the diversity of ideas and backgrounds, we also build resilience from within and strengthen the services to protect the society the sector serves. Moreover, in an environment where new ideas have a safe space to be nurtured, innovation will follow. As highlighted earlier, there is evidence that teams which are cognitively diverse, bring dynamic problem-solving skills that are essential for effective risk management. Inclusive security will equip the security sector with innovative tools and services to face the new challenges of the future with confidence. L

PROVIDING A PSYCHOLOGICALLY AND PHYSICALLY SAFE SPACE FOR ALL INDIVIDUALS CREATES AN ENVIRONMENT WHERE PEOPLE ARE NOT SCARED TO PRESENT THEIR IDEAS, ARE FREE FROM PREJUDICE AND DISCRIMINATION, FEEL LISTENED TO AND SAFE TO STEP OUT OF THEIR COMFORT ZONE

Ellie Rice, security lead at the Defence and Security Accelerator, details why innovation should be at the forefront of national security for the UK and the importance of reaching out to a broad range of innovators to achieve this

INNOVATION TO KEEP THE NATION SAFE

The first duty of government is to keep citizens safe and the country secure. The evolving nature of the terrorist threat means that those working in the security services, law enforcement and wider government to deliver this duty need to embrace innovation to stay ahead of those wishing to do us harm.

The opportunities presented by science and technology are broad and growing but our adversaries are taking the same opportunities to fulfil their aims. The increasing accessibility of advanced technologies, such as cloudenabled artificial intelligence and machine learning, and end-to-end encryption, lowers the barrier to entry for those who seek to infringe upon our democracy and way of life. Layered on top of this is the potential future impact of next generation technologies, such as synthetic biology.

Beyond terrorism, the return of great power competition and the race to develop vaccines against COVID-19 demonstrate

the need for innovation as critical to the UK’s national security. So it is only by embracing innovation and leveraging new technology and novel ways of doing things that the UK can continue to keep citizens safe and the country secure. But while it is one thing to embrace this mind-set and understand that innovation can help the UK stay ahead of security threats, it is another to find and access the ideas and the innovators that will help us achieve this.

The Defence and Security Accelerator (DASA) was set up to help address this need and is a key pillar of the UK’s effort to tackle security challenges by helping government stakeholders identify and access innovative technology and approaches. DASA’s role is to find and fund exploitable innovation projects, working with those in the security services and across wider government to support the generation of new capabilities.

The Integrated Review, published in March 2021, not only states innovation

is important – it says it is essential to success for national security and that government agencies need to work collaboratively in order to avoid duplication of effort. When it comes to innovation, DASA is an enabler for this, sharing the fruits of security innovation across government and its agencies.

In 2021, DASA developed the Security Rapid Impact Innovations Open Call with the Home Office, Department for Transport and other government security stakeholders, specifically to find ideas that enhance our understanding of threats to UK security and safety, enable threat prevention, or enhance the threat response. This £20m initiative runs until March 2024 and enables government to work in partnership with the private sector and academia to find novel ideas that meet a security sector challenge, and offers competitive funding to support the development of the best ideas.

DIVERSITY

Innovation by its very nature requires diversity of thought, so it is only by accessing a wide range of innovators that security agencies can find the best solutions and gain access to new ideas. DASA understands that diversity and inclusion is a capability multiplier for innovation – we need to be able to draw upon the talents of as wide a pool of individuals as possible to help keep the UK secure – and we have the capability to do this.

DASA has an Outreach Team of Innovation Partners, who are located across the economic regions of the UK, enabling us to interact with and tap into local ecosystems. This ensures that innovators – including those who may have not worked with government or the security sector before – are aware of how to access

INNOVATIVE IDEAS ARE ALL AROUND US, BUT WE NEED TO FIND AND HARNESS THE BEST OF THESE AND REALISE THEIR BENEFITS

UK innovation support, can understand national security challenges and identify which innovation projects might align with security requirements. For established suppliers and those new to government, working with DASA represents an attractive opportunity. DASA provides full funding of innovation projects and straightforward contracting mechanisms and innovators retain full ownership of background and foreground IP.

DASA’s security team works closely with both innovators and security stakeholders across the public and private sector to help inform innovation projects – ensuring that end-user needs are considered early in the product development lifecycle. This co-creation approach supports the delivery of results that are fit-forpurpose and able to integrate with other government-operated systems - enabling the best innovations to protect our people and prosperity and future-proof the supply chain.

This is all backed up by a range of post-contract services to support commercialisation, scale-up and routes to market. We believe that building the business behind the innovation is also critical to ensuring a sustainable security innovation ecosystem. Many small businesses lack follow-on funding and require guidance on the commercial aspects of their ambitions, not just technical guidance and operational insight from users.

MENTORING DASA’s Access to Mentoring and Finance team help innovators who wish to grow their businesses through mentorship, links to business networks and access to investors, such as venture capitalists and angel investors, to help raise capital. Many innovators funded through DASA are small or micro enterprises, so the business mentoring programme offered by the DASA Access to Mentoring and Finance team is invaluable in helping small organisations think about how they can scale up.

Innovative ideas are all around us, but we need to find and harness the best of these and realise their benefits. Innovation is critical to tackling threats to the defence and security of the UK and ensuring a safer future for us all. DASA is a key route to achieving this. L

FURTHER INFORMATION

Contact DASA if you have an innovative idea for an inconfidence discussion with your local Innovation Partner. If you are in government, please get in touch to work with DASA to identify relevant innovation projects and help us to assess proposals, ensuring that we choose the most impactful innovation projects.

Following his appearance at ISE, Philip Grindell, threat intelligence specialist, CEO and founder, Defuse® talks about tackling the threat from lone actors

TACKLING LONE ACTORS WITH BEHAVIOURAL THREAT INDICATORS

In 2007, research suggested that people who pursue public figures pose a greater risk of death or serious injury to their targets than do terrorist groups or criminals.

Much has changed since then. Whilst the threat from terrorism is as prominent as ever, it is less focused on ‘terrorist groups’ such as the IRA and even AQ, with the primary focus now on lone actors.

When I was tasked with setting up and running the investigative unit to protect UK MPs after the assassination of Jo Cox MP, one of my key tasks was to prevent the next attack. To do so, I researched how public figures were targeted and attacked. Much of the research base that I introduced into our processes emanated from the US Secret Service’s Exceptional Case Study Research Project (ECSP) and

was subsequently advanced by some of the most well-recognised thought leaders. That research was based on various behavioural and linguistic warning behaviours that may be associated with a physical threat. The indicators were prevalent in cases of people fixated on public figures. It is unlikely that all of these indicators will be seen in a single case, with some being more commonly observed than others.

I assessed these indicators against the attacks on UK MPs attacked since 2000, identifying a clear pattern. What was clear was that ‘Lone Actors’ could also be considered fixated individuals and mirrored many of the behaviours of stalkers and those researched by the ECSP when targeting the prominent, powerful or wealthy.

This is witnessed as a ‘pathological fixation’ which effectively means that these people are focussed on a person or issue from the minute they wake up to when they go to bed. This fixation can be evidenced by any behaviour that indicates an increasing preoccupation with the target individual or issue, such as talking of nothing else and a deteriorating social or occupational functioning.

One evening in 2017 I was passed a note with five lines on it. It recorded a third-hand threat directed at Rosie Cooper MP. Based on the behavioural and linguistic indicators I was now familiar with, I assessed that threat to be genuine, which I then communicated to the head of national CT. Their investigation successfully prevented the attack on Ms. Cooper resulting in a life sentence for the National Action member Jack Renshaw.

One of the key elements of this methodology is that such individuals don’t snap, they plan and prepare and often follow a process, referred to as ‘The Pathway of Targeted or Intended Violence’.

This process is initiated by a grievance which may be personal or ideological. Once they decide that the grievance cannot be resolved, they develop violent ideation, which means that they believe that the only way to solve their grievance is through violence. This is where they form the intent necessary for any threat to be genuine.

Research tells us that those who make directly communicated threats, such as death threats, rarely pose a genuine threat. Dr Reid Meloy, one of the world’s preeminent experts stated on Defuse’s podcast, The Online Bodyguard, that a directly communicated threat resulted in violence in less that five per cent of cases.

However, ‘last resort’ or ‘end of tether’ language may be an

indication that a person of concern was escalating along ‘The Pathway’. This may be evidenced by such phrases as “You leave me no other choice” or “I have no other option”. This may be a sign of distress or desperation and can be an indicator of time imperative of an impending attack. In the case of Renshaw’s threat, it was evidenced when his plan included him describing his desire to martyr himself by ‘suicide by cop’.

Another example concerns Khalid Masood who attacked Parliament and murdered my colleague, Keith Palmer. A few days before the attack and after many years of being estranged from his family, Masood visited his parents one last time. He left that last meeting, telling his mother, “They will say I am a terrorist – but I am not.”

Another commonly witnessed indicator is termed ‘identification’. A common factor witnessed in lone actors is their associating themselves with a terrorist group, such as ISIS. Very often there is no evidence of any such association, however the group will often corroborate this as it supports their cause. This is to identify oneself as an agent to advance a particular cause or belief. It has also been described as pseudo commando or warrior mentality. This is evidenced by the person identifying with the military or law enforcement or studying and copying previous assassins. A good example of this is Anders Breivik who dressed up in uniforms.

Another example is the possession of the book, Catcher in the Rye.

After Chapman murdered John Lennon, he remained at the scene reading The Catcher in the Rye until he was arrested by the police. Hinckley also had a copy when he attempted to assassinate Reagan, as did Robert Bardo who stalked and murdered Rebecca Schaeffer.

Very often when law enforcement is researching a potential person of concern, they look at their previous convictions or arrests.

Often dismissed are unrelated or random acts that don’t immediately appear to be relevant. This can be an indicator of novel aggression. This is best described an act of violence or aggressive behaviour via which the subject is testing their ability to act in such a way. It is usually not directly related to the ‘pathway’ on which they are travelling and can be totally out of character.

On October 22, 2014, Michael Zehaf-Bibeau murdered a Canadian soldier and injured three others. He then attacked the Canadian Parliament and was killed by law enforcement. In December 2011, he walked into the Police Station and confessed to an armed robbery he committed a decade earlier; no such recorded crime existed.

The next night, he attempted to rob a McDonald’s restaurant with a pencil, then waited for the police to arrive, possibly testing their response and to gain an understanding of the processes.

Any surveillance or research may also identify a sudden burst of activity, known as energy burst.

This is a key indicator that the intention is escalating and can occur in the hours, days or weeks before the actual event. It is characterised by an increase in pre-attack activity and can be signs of final preparations, purchasing equipment or conducting hostile reconnaissance or internet activity. A decrease in their usual social media activity may also be an indicator, a sign of them further preparing.

Prior to Choudhary attacking Stephen Timms MP, she demonstrated such behaviour by taking a bus to the bank. She paid off her student loan and closed her account and sorted her financial affairs. She also purchased knives for her attack. Her rationale was because she didn’t want the state to have any hold over her family after her attack. She was preparing for the end.

As has been described, some of the indicators may be contrary to common sense and all too often direct threats are seen as a sign of a genuine threat resulting is assets being wasted such as additional security measures or close protection being deployed. They will always need to be taken seriously, but with the recognition that they are a low probability indicator.

The lesson is that fixated people, stalkers and lone actors follow a process and they can be identified by behavioural and linguistic indicators. Without knowledge of these indicators, the best researchers will either miss or misinterpret them. L

FURTHER INFORMATION

For further details email Defuse® at enqs@defuseglobal.com

THEIR ASSOCIATING

WITH

GROUP, SUCH AS ISIS

UNDERSTANDING TERRORIST FINANCING

There is one inexorable circumstance which relates to terrorism, the prerequisite for financing and the proviso of a continuous stream of substantial funds (Yousif, 2009). From a structural viewpoint, terrorist organisations ought to be contrasted to major corporations. Therefore, in this context, it is useful to deliberate a terrorist organisation as a business and evaluate the success, or otherwise, of the approaches adopted to secure funding (investment). Further, against this backdrop, terrorist groups require a paradigm to plan how revenue can be generated and sustained (Byrne, 2012). Consequently, terrorist organisations must continuously generate funds to cover expenses in order to sustain their operations. From an organisational perspective, terrorist organizations should be likened to major corporations and cash inflow is the lifeblood (Bush, 2001) of any terrorist or establishment, to survive and develop (Schneider, 2017). In this context, how an organisation makes revenue and how it incurs cost, is central to the organisation’s efficiency and effectiveness and is influenced by many factors. Consequently, these units must continuously generate funds and distribute sufficient money in order to sustain operations (Jamwal, 2007). Vittori, (2011, p.15) describes these as “Life’s necessities”. Therefore, a terrorist organisation requires extensive capital, and a balanced revenue of funds from the point of origin to the point of distribution. Deprived of cash, terrorists are confronted with risk that could result in the demise of the group.

DIVERSE STRATEGIES

To begin, terrorists utilise diverse strategies to acquire funds and there are innumerable often untraceable variations (Neumann, 2018). To complicate matters, there are clear

links between terrorist groups and organised crime, the connection between these entities is primarily driven by financial profit and gain (Stanojoska, 2011). Much like a corporation, a terrorist organisation must establish reliable funding streams that adequately meet and ideally surpass fixed and variable costs. Therefore, in general, terrorist organisations must expedite the acquisition of aforesaid funds at a relentless pace and central to this are sources of reliable funds. Hence, terrorists use extensive methods to move money within and between organisations, including the financial sector and the transfer of cash by carriers, and goods through commerce (Lormel, 2018). Charitable trusts and payment systems have been used to conceal the terrorist movement of funds. The flexibility and resourcefulness exhibited by terrorist organisations means global finance and processes are at risk to illegal activities (Financial Action Task Force, 2018). Some terrorist organisations have started using organised crime conduits, therefore the links between transnational (Sedgwick, 2007), organised crime (TOC) and foreign terrorist organisations (FTO), are tangible, as are the escalating alliances between them. The need for finance of the terrorist goals means terrorist organisations continue to involve criminal business. Theorists like Makarenko, have referred to this phenomenon as “the crime-terror nexus.” (Makarenko, 2000 p. 259). Further, the imperative to raise finance has given birth to many hybrid funding strategies, on a local, national or global scale. Capital and the terrorist mission and support can be expensive and the variety of money-making schemes have become essential elements of the terrorist fund-raising repertoire (Abuza, 2003). Each component of the terrorist funding sequence (raise, move, store and spend) avails a means to strive

to understand the complicated and elaborate process of terrorist financing.

TRACING FUNDS

In an ideal world, it should be uncomplicated to trace funds from origin to the end user. Unfortunately, the myriad of financial sources, methods of movement and access points make identifying and tracing terrorist financing extremely difficult (Tavares, 2004; Indridason, 2008; Gross et.al. 2016) and laborious, given the seemingly infinite funding variations (Von Lampe, 2014). In general, it is problematic to ascertain trends in money laundering and terrorist financing (FATF-GAFI, 2005). Moreover, corrupt money is netted through various criminal activities, like drug, weapon and human trafficking. Baker (2005) estimates the illegal money to range between US$ 1.0 and 1.6 trillion a year. Further, the IMF calculates that the total sum of corrupt finance through the fiscal system is between 500 billion USD and 1,500 billion USD a year, which amounts to 3 per cent and 5 per cent of the aggregate world product, however this is an estimate. A broad sweep reveals that organisational revenue streams include, however are not confined to, revenue from business activity; locally raised revenue; and revenue from conventional terrorist financing. In general, funds are either generated through internal sources, taxation of people, enterprises and transport routes; income from kidnap and ransom; and profits from trade. Also, external funding is given by donors supportive to the cause (zakat) (as cited in Benda-Beckmann, Franz von, 2007), often affluent followers, Gulf state countries called the Golden Chain (1989) or affiliates of the movement. Each terrorist organisation accesses finance using unique methods, often there are similarities, however significant differences are present. In reviewing the aforesaid, it is sensible to understand the philosophy which motivates these violent organisations, this provides a lens to examine the innumerable sources of funding in respect of terrorist organisations.

Hezbollah, as an example, receives money from Emdad committee for Islamic Charity, Hezbollah Central Press Office, Al Jarha Association, and Jihad Al Binaa Developmental Association, while a second exemplar, Boko Haram accepts funds from foreign Islamic charities (UK and Saudi Arabia) (Agbiboa, 2013). Although it is difficult to identify the main characteristics in Boko Haram’s funding and the group has a decidedly differentiated financing strategy, often opportunistic and impromptu micro fundraising operations (Appendix 3) support many of its operations by lawless activity, including bank theft, abductions

INTERCONNECTIONS

There appear to be interconnections between transnational organised crime and transnational terrorism, ‘legitimate’ businesses, levying taxes, trafficking (drugs, goods and humans), flora and fauna poaching, forced donations, counterfeit, and misappropriation of humanitarian subsidises and commercial profits (Rose, 2018). A significant difference between the groups can be found when they have the ability to “live off the land” (Zenn and Cristiani, 2016).

These “shell states” (Napoleoni, 2005, p. 65) are exploited allowing a capitalizing on the impoverished and fragile areas like the north of Nigeria in order to extract money from civilians.

Money laundering is a source of funding employed by many terrorist organisations. Non-conventional money transferring systems like Hawala system/transactions allow funds to be transferred without actual currency movement (Razavy, 2005; Perkel, 2004), defined as ‘underground banking’ (Bunt, 2007). Levitt and Jacobson (2008) illuminate bankrolling as a product of glocalisation, globalisation and scientific developments, which have permitted terrorist groups to solicit, deposit, reassign, and disseminate funds for operations.

Trilateral drug trafficking in Latin America, Africa and Europe accounts for over 2 billion US dollars annually. The channels include, mass cash running operations and Lebanese exchange firms. Originating in South Asia, access to the system is worldwide, this makes it popular with groups like Hezbollah, who launder narcotics proceeds via the Halawi Exchange Co. (Halawi) (FAFT Report, 2013).

Actions including re-routing benevolent donations, the manipulation of non-governmental establishments (NGOs), participation in illegitimate activities and smuggled goods bring about large dividends. Finally, terrorist groups operate in a complicated global arena and data discloses the intricate and international trade and finance routes, illegal and legal. Astute sponsors are adept at using a variety of processes to perform transactions, regardless of location, so as to hide the source of the funds received. This highlights the reliance of these groups on not only criminal proceeds, but also revenue from proxy sources and funding campaigns. Finally, the fundraising apparatus of both organisations is intricate and obscure, as are the elusive militants themselves. L

FURTHER INFORMATION

For a full list of sources, please see here

Keeping in touch Your support makes a life-changing difference to people in crisis. We write to our supporters to update you about the work of the British Red Cross, and how you can help and donate in other ways. You can change the way we contact you at any time by visiting redcross.org.uk/keepingintouch or calling Freephone 0800 2800 491.

Privacy statement The British Red Cross is committed to privacy and will use personal data for the purpose it was collected or other legitimate purposes we tell you about: for example, to provide goods, services or information you have requested or to administer donations or services we provide. We may also analyse data we collect to better understand the people who support us or those who use or deliver our services. Sometimes this means us combining that data with information from reliable public sources. Our research allows us to tailor communications and services in a more focused and cost-effective way, as well as better meeting your needs and the needs of others like you. However, we will never do this in a way that intrudes on personal privacy and will not use your data for a purpose that conflicts with previously expressed privacy preferences. For full details about how we use personal data, our legal basis for doing so and your privacy rights, please see our privacy notice online at redcross.org.uk/privacy.

The DEC Ukraine Humanitarian Appeal will support people in areas currently affected and those potentially affected in the future by the crisis. In the unlikely event that we raise more money than can be reasonably and efficiently spent, any surplus funds will be used to help us prepare for and respond to other humanitarian disasters anywhere in the world. For more information visit https://donate. redcross.org.uk/appeal/disaster-fund

*Texts cost £10 +1 standard message (we receive 100%). For full T&Cs visit redcross.org.uk/mobile, must be 16+.

The British Red Cross Society, incorporated by Royal Charter 1908, is a charity registered in England and Wales (220949), Scotland (SC037738), Isle

(0752)

Jersey (430).