DYN Jul-Aug 06 LO.qxd
Transcription
DYN Jul-Aug 06 LO.qxd
J U LY/AU G U S T 2 0 1 1 INSIDE 5 7 9 11 12 14 16 17 18 20 25 Member News In Brief NYC Expo Foundation Preseminar CSO Roundtable Certification Wounded Warriors Standards and Guidelines Women in Security Chapter News Dynamics Terrorism Conference Covers Threats and Crimes T he ASIS International Global Terrorism, Political Instability, and International Crime Council held its annual conference in Alexandria, Virginia, in April. The title, “International Threats and Transnational Crime Conference” highlighted the global focus. Conference Cochair Dr. Robin McFee, a member of the ASIS Global Terrorism Council, and medical director of Threat Science, a security consultancy, said one of the objectives was to replace the old security construct based upon an artificial Illustration by Christopher Zacharow/Getty Images divide between “foreign” and “domestic” threats, with a new paradigm that considers threats from a transnational perspective, viewing security in terms of issues that cross boundaries and are interconnected across the globe. “We brought in experts with international experience based in the U.S., Middle East, Canada, and Mexico, to share their experiences with worldwide threats that have far reaching impact, including affecting the U.S.,” said McFee. Another goal was to delve into issues that have not received the attention they deserve but that are critically important and threaten virtually all phases of security. Topics covered included how to run a business in dangerous environments, such as Mexico, and how to work with Interpol. John Clark of Pfizer, who shortly before the conference was interviewed on CBS’s 60 Minutes, discussed the global impact of, and challenges associated with, clamping down on pharmaceutical counterfeiting operations. He noted that 21 medicines are being counterfeited in 50 countries, with Viagra being the most counterfeited drug. “It’s the reason Pfizer really stepped up and pushed global security to the forefront,” he said. Free trade zones are a huge problem, noted Clark, as is the lack of laws against counterfeiting. Another problem is that counterfeiters continued on page 4 The Time for U U nfathomable even a decade ago, our reliance on the Internet for everything from communication to banking to running a large business has created a whole new category of dangerously unseen vulnerabilities. Cybercrime — which includes theft, sabotage, intrusions, unauthorized surveillance, fraud and cyberterrorism — offers a low-cost, low risk, and nonviolent way for thieves and enemies to quietly gather privileged intelligence, drain our assets and dismantle our defenses — sometimes weeks and even months before we are aware a crime has been committed. Due to its rapid technological advances, anonymity and potential for causing theft and destruction on a massive scale through the simple stroke of a key, cybercrime is emerging as one of the most daunting threats we face today. Computers and servers in the United States are the most aggressively targeted information systems in the world, and the attacks are intensifying in frequency and severity. These attacks can threaten our nation’s economy, public works, communication systems and computer networks — and a computer and an Internet connection are all that is needed to wreak havoc. As our nation grows more and more reliant on information technologies, it also becomes more exposed to attackers, both foreign and domestic. Terrorists and adversarial nations are probing for ways to launch cyber attacks on our critical infrastructure. We as a country must remain vigilant to the threat. The future cyber landscape appears even more ominous. Experts project that if technology continues to develop at this rate, greater technological change will occur in the next 20 years than occurred in all of the 20th century. The cyber domain is rapidly expanding the ability to create and share knowledge, but it is also enabling those who aim to steal, corrupt, harm or destroy public or private assets vital to national interests. The same technological advances that are benefitting us are — unfortunately — giving our opponents the same cyber muscle. Online criminal organizations are growing in strength and diversity and operate somewhat brazenly within certain nations — such as Russia — in which stealing American assets is not considered a legitimate offense. From 2009 to 2010 alone, it is estimated that the number of malicious web pages jumped 111 percent, of which 80 percent were legitimate sites hacked to serve up malware — software designed to secretly access a computer system without the owner’s informed consent. Malware can include such categories as viruses, worms, Trojan horses — malicious software that looks legitimate but when downloaded allows the attacker remote access to a computer — spyware, scareware, crimeware and other infecting software or programs, terms which are working their way more and more into the common vernacular. Our society today, in an overwhelming majority of its facets, is dangerously dependent on cyberspace — a dependency that is now necessary and has grown rapidly over the past decade. We must be fully aware of these mounting cyber vulnerabilities so that we can protect against them. Daily perils notwithstanding, however, cybercrime is not the only cyber threat. What is known as cyberterrorism is defined as the premeditated use of disruptive activities against computers or networks, with the intention to intimidate, cause harm, or further social, ideological, religious or political objectives. A cyber attack can result in violence against persons or property, shut down needed systems or simply generate fear — the currency of choice for terrorist operators. Through seasoned computer manipulation, cyber terrorist attacks can cause explosions, plane crashes, water contamination or severe economic loss through theft or bank and credit card fraud. Perpetrators using cyber means for terrorist aims have an alarming variety of options at their disposal. They can use computers to shut down a power grid, create a blackout, send a wireless virus out to computers and phones to disrupt communication, shut off water, heat and telephone service, or alter air traffic data and controls to create a midair collision. They can steal money to fund their activities, pollute the water supply, cause a train or subway crash or shut down electricity at hospitals. They can also launch what is known as a denial-ofservice (DOS) attack that floods a computer resource — banks, credit card companies, communication networks, power grids or others — with requests, making it unavailable to users and disrupting operations. Targets can range from communication systems, regional power grids and the stock exchange to cable, satellite or Internet providers — anything that relies on a computer network for its day-to-day operations. Cyber attacks can also be used in the support of physical ones by disabling critical defenses and also interfering with emergency response. Terrorists plan to coordinate physical attacks with cyber attacks to maximize damage and fear. Critical infrastructure sectors — including power, oil, gas, water Peter F. Brust and sewer — are all Federal Bureau tempting cyber targets of Investigation, that would aid in a physical attack. Special Agent in Charge, Retired rgency Is Now Such is the raw potential to attack individuals, organizations, infrastructures and key economic sectors in a modern digital world — with a few keystrokes aiding physical aggression. Al Qaeda has publicly proclaimed its aim to devastate the United States economy — which is computer dependent — while Osama bin Laden has spoken of “bleeding America to the point of bankruptcy.” Along the same lines, al Qaeda in the Arabian Peninsula (AQAP) is currently promoting “Operation Hemorrhage,” a multilayered attack on America’s financial well-being through a steady campaign of numerous and diverse operations intended to drain our economy. Al Qaeda uses the Internet to recruit, radicalize and incite terrorism — posting videos on how to build backpack bombs and bioweapons and even using social networking to link terrorist plotters and plans. Terrorists are using cyber means to target financial institutions, utility companies and Internet service providers. Unfortunately, even our most sophisticated systems continue to have vulnerabilities, even as potential attackers hone and develop their skills. Adversarial nations worldwide have adopted cyber espionage and cyber attacks as staples of modern warfare, and American defense officials estimate that more than 100 countries are currently attempting to penetrate United States networks, with the greatest concentration of attacks emanating from China and Russia. If unauthorized individuals — whether criminals or terrorists — have access to your computer, there are relatively easy methods for extracting information. A myriad of software programs are easily available that can crack common passwords that we believe are protecting e-mails, bank accounts, and other information, while some easyto-install software and hardware can log every keystroke. David W. Szady Federal Bureau of Investigation, Assistant Director, Retired ® Cyber criminals may also rely on a popular technique known as “phishing.” Phishing is the criminally fraudulent process of attempting to acquire sensitive information by masquerading as a trustworthy entity in an electronic communication. It is typically carried out by e-mail or instant messaging, and it often directs users to enter details — such as passwords, bank routing numbers and credit cards — at a fake website whose look and feel are virtually identical to the real one. While anti-virus software helps to a degree, it cannot keep up with the pace of malware evolution. As our technology grows, so does that of cybercrime perpetrators. Moreover, when it comes to updating malware definitions, you cannot defend against a malicious code that you have never seen before. Cybercrime attacks are becoming more sophisticated every day in hopes of gaining access to confidential intellectual property. All corporations — no matter what their products — are vulnerable to the theft of their intellectual and proprietary information through cyber attacks. In addition, corporate employees’ and executives’ personal e-mail accounts also may be targeted, especially if they are involved with academics, sensitive research and development, national defense or government agencies. The Time for Urgency Is Now® Clearly, we can no longer afford to ignore the threat from these increasingly sophisticated cyber enemies — from technologically advanced governments or terrorist groups aiming to disarm us or fund their activities, to individual hackers looking for money, information and even fame in the hacker community. The digital age brings with it many benefits, but also many challenges for law enforcement and our institutions, and a secure cyberspace must be maintained to ensure that the nation’s economy continues to grow and our way of life is protected. Knowing our systems and the data they contain is essential for constructing a risk management framework that will guard your organization against potential cyber attacks. Arming ourselves with the most sophisticated cyber shields available, along with efficient reporting systems that allow for a quick response when something seems amiss, are critical aspects of risk management. We should also be continually aware of the latest consumer alerts and tips for protecting against attacks. A successful coordinated cyber attack could cripple power, financial or military systems — or corporations — with devastating results. Our adversaries are staying informed of the most current trends in cyber warfare and vulnerabilities in our protective mechanisms, and we need to do the same. abc 10 Rockefeller Plaza, New York, New York 10020 212 765-8226 or 800 238-5878 www.guardsmark.com ©2011 Guardsmark, LLC For product information, #1 at http://securitymgmt.hotims.com Terrorism Conference continued from page 1 are pretty good at what they do, making it hard to spot fakes. Additionally, the public and the media often don’t appreciate the harm done. And then there’s the fact that it’s a hugely lucrative crime. One study in Germany estimated that for every $1,000 invested by the counterfeiters, they earn $500,000. Timothy Williams, Interpol U.S. director, spoke about the types of crimes Interpol deals with and tried to dispel myths about what the agency does. “Interpol is not about agents traveling around,” he said. “It is a worldwide police communications network...[and a] huge criminal investigative resource.” Interpol does not compete for cases; it works with the agency handling the case, he said. He noted how computerization and the Internet have helped facilitate information sharing and made it possible for the organization to be much more relevant. For example, in 2007, Interpol set up a database of stolen documents, such as passports. There are now 31 million records in the database. Border agents can check documents they are being shown against the database. The database also includes stolen works of art and fingerprints. Interpol sometimes issues alerts to law enforcement authorities in its 188 member countries. It may issue a red notice, which Williams calls the closest thing to an international arrest warrant, or a blue notice, which is put out when information is sought on a known individual. That type of alert helped authorities nab a child molester who had committed offenses in southeast Asia and then returned to the United States. Priority crimes include drugs, trafficking, terrorism, hi-tech crime, and corruption. Piracy is also receiving increased attention. Interpol is expanding. It has plans to open an office in Singapore in recognition of the increasing importance of Asia, noted Williams. It also plans to create a private sector 4 liaison position to facilitate publicprivate cooperation. Nancy L. Rivard, the only nonsecurity professional who presented at the conference, spoke about the problem of trafficking young children. Rivard is president of Airline Ambassadors, a group she started in 1996 to provide medical aid and other services to children in need. In 2009, she explained, she became aware of the problem of child trafficking and has since made fighting this scourge a growing focus of her organization. One problem, she said, is that airlines don’t know what to look for. She is working to get airlines to sign ethical codes of conduct and agree to protect children from sexual tourism by training staff to look for suspicious signs, such as an adult with a child when the adult doesn’t know the child’s name or age or doesn’t like answering questions about where they are going. She noted that airlines do terrorism training anyway and this additional topic could be incorporated at no cost. In March, Delta was the first airline in the United States to sign the code. Rivard hopes to work with Delta to develop a four-hour training module that might become a model for the industry. She will also be working with the Center for Missing and Exploited Children. Rivard is personally funding much of the public relations effort to get the word out. To learn more, go to her Web site: www. airlineamb.org. Among the other speakers, Lieu tenant Colonel Gaona Rosete, head of security for Mexico’s second largest retailer, Soriana, spoke on business challenges (see Security Management June “International” department for more on his talk) and provided practical and insightful solutions to multiple critical vulnerabilities across the security spectrum; Attorney Sam McCahon spoke on international business challenges and continued on page 30 ASIS Board of Directors President Raymond T. O’Hara, CPP Andrews International Palm Desert, California President-Elect Eduard J. Emde, CPP Interseco Wassenaar, The Netherlands Treasurer Geoffrey T. Craighead, CPP Universal Protection Service Santa Ana, California Secretary Richard E. Widup, Jr., CPP Purdue Pharma LP Stamford, Connecticut Chairman of the Board Joseph R. Granger, CPP United Space Alliance Cape Canaveral, Florida DIRECTORS Brian J. Allen, CPP Time Warner Cable New York, New York Marene N. Allison Johnson & Johnson New Brunswick, New Jersey Chad Callaghan, CPP Marriott International Washington, D.C. David C. Davis, CPP Northrop Grumman San Bernardino, California Edward G. Hallen, CPP Occidental Petroleum Corporation Los Angeles, California Joseph H. McDonald, CPP, PSP Switch Communications Group Las Vegas, Nevada Stephen Scharf Experian Costa Mesa, California Dave N. Tyson, CPP PG&E San Francisco, California Richard Y. Yamamoto, CPP Fannie Mae Washington, D.C. ASIS DY NAMICS MemberNEWS D iebold, Incorporated, has promoted Scott M. Angelo to vice president and chief information officer. He will be responsible for helping the company identify and create successful cor- Angelo Collett porate growth strategies and investments with an emphasis on acquisitions and partnerships. Before joining Diebold in 2006, Angelo held security management positions with Ernst & Young LLP, the Defense Advanced Research Projects Agency, NASA, and McDonnell Douglas Corporation. He also served as a military intelligence officer in the U.S. Army Reserve for 15 years, and he completed the Security Vellek Executive Development Program at the University of Pennsylvania’s Wharton School of Business. Lauren Innovations has appointed Russell Collett as director of strategic business development. He will be responsible for cultivating new business for the NaviGate product in multiple verticals, including the healthcare, higher education, public, financial, and manufacturing segments. Collett is retired from the U.S. Secret Service and has more than 25 years of experience planning security for U.S. J U LY /A U G U S T 2 0 1 1 presidents, world leaders, and critical infrastructure. Collett also served as chief operating officer of an international security firm, where he gained experience in developing new security programs, human resources and training, enterprise risk, compliance, and business expansion. Ross Johnson, CPP, senior manager of security and contingency planning at Capital Power CorpoR. Johnson ration, is serving as vice chair of the Canadian Electricity Association’s Security and Infrastructure Protection Committee. The group works closely with federal law enforcement and intelligence agencies on electric infrastructure protection issues. He is also a member of the executive Noriz Sheehan committee of the North American Electric Reliability Corporation’s Critical Infrastructure Protection Committee, a group that surveys physical and cybersecurity issues related to the protection of the North American interconnected grid. Johnson recently chaired a provincial review group on crisis management policy for the government of Alberta, Canada, to determine the direction for antiterrorism policy in the province. AMAG Technology has appointed Matt Vellek as its new central north regional sales manager. He will support Symmetry Authorized Resellers with sales initiatives in 11 states from Minnesota to Kentucky. He previously worked as a regional account manager for Dakota Security Systems, where he fostered excellent growth in his territory. AMAG Technology has hired Bernice Noriz as its new business development manager. She will work closely with security engineers, architects, and consultants in the western half of the United States to cultivate relationships and identify, create, and manage new business opportunities. Noriz worked at Hirsch Electronics for more than 25 years, moving up from administrative assistant to manager of strategic accounts. She successfully managed multisite coordination and delivery of services to assure customer satisfaction. Joel Johnson is the new business development manager for J. Johnson Marshall Boon Edam Inc.’s northeast region, which includes eastern Pennsylvania, New Jersey, New York, New England, and parts of Canada. He will be based in New Providence, New Jersey. Simon Sheehan has been hired as business development manager for Boon Edam’s mid-Atlantic region, which comprises Maryland, Virginia, West Virginia, and Delaware. He will operate from Washington, D.C. Brian Marshall is the new territory sales manager for Boon Edam’s 5 MemberNEWS southern Midwest region, which includes eastern Missouri, Illinois, Indiana, Ohio, Kentucky, and western Pennsylvania. He will work from an office in Indianapolis. Lastly, Boon Edam has appointed J. C. Powell its territory sales manager for the southwest region, including New Mexico, Colorado, Texas, Oklahoma, Kansas, and western Missouri. His home base will be Dallas, Texas. Rich Cordivari, vice president of learning and development for AlliedBarton Security Services, presented a talk on workplace and domestic violence at the Community Associations Institute Annual Conference and Exposition. “Putting Predictive Analytics to Work” was the topic of a presentation at the Retail Industry Leaders Association’s Loss Prevention, Auditing and Safety Conference. Read Hayes, Ph.D., director of the Loss Prevention Research Council; Kevin Wolfe, vice president of loss prevention for Big Lots Stores Inc.; and Dennis Wamsley, director of loss prevention for Publix Super Markets Inc., shared perspectives regarding the role of emerging data analytics in asset protection strategies. In Memoriam ASIS INTERNATIONAL has learned of the death of Indianapolis Chapter member Kerry R. Baker. He first joined the Society in 2002. Baker, a U.S. Army veteran, was the security operations manager at the Indianapolis Children’s Museum. ASIS has also received word that Harry Bonatama Siregar, a member of the Indonesia Chapter who joined the Society in 2010, was the victim of a shooting in Jakarta, Indonesia. Siregar was general supervisor of security for PT Freeport Indonesia, one of the world’s largest gold mines. He and another member of the PT Freeport security staff were driving in a car that was fired upon by an unknown assailant. The vehicle then crashed and caught fire. 6 Sal D’Agostino, CEO of IDmachines and vice chair of the Security Industry Association’s Personal Identity Verification Working Group, gave a presentation on standards and testing at the National Institute of Standards and Technology’s public workshop on the draft of Federal Information Processing Standards 201-2. Roland Cloutier, vice president and chief security officer for ADP, is serving on the board of directors of the National Cyber Security Alliance. Sharon Counterman has joined L. R. Kimball as delivery manager for Texas. She will provide tactical oversight and leadership to project delivery teams in Texas and surrounding states, and she will develop and supervise the quality assurance and quality control process, the project delivery process, and the project review process. She will also be involved in business development activities. Counterman brings more than 35 years of emergency communications experience to her new position, most recently as deputy director/chief operations officer of the Greater Harris County 9-1-1 Emergency Network. She previously worked at the Houston Emergency Center and the Las Vegas Police Department. Scott Jenkins has been appointed managing director of i-fact@nalysis’s San Francisco office. He has extensive experience in corporate safety and security, system design and engineering, antiterrorism, cross-border investigation, protective services, and emergency preparedness planning. He lived and worked in Europe for 22 years and has worked throughout the United States and in more than 38 countries. He also served in the U.S. Marine Corps. Mike O’Neill of Greymans Ltd. and Professor Martin Gill of Perpetuity Consultancy have joined to form Optimal Risk Group. The merger allows each group to offer its clients a broader range of risk Dynamics / J U LY A U G U S T 2 0 1 1 , N O . 2 1 3 Chief Executive Officer Michael J. Stack Vice President, Publishing Denny White Editor Ann Longmore-Etheridge Art Director Elizabeth Lankes Contributing Editors Teresa Anderson John Wagley Matthew Harwood Laura Spadanuta Joseph Straw Editorial Assistant/Staff Writer Flora Szatkowski Publisher Sandra Wade Production Manager Nello Caramat Senior Advertising and Production Associate Keith Schilling Copyright © 2011 ASIS International, Inc. This information is protected by copyright and trade mark laws under U.S. and International law. No part of this work may be reproduced without the written permission of ASIS International. Note: Statements of fact and opinion are made on the responsibility of authors alone and do not imply an opinion on the part of the editors, officers, or members of ASIS. The editors of ASIS Dynamics reserve the right to accept or reject any article or advertisement submitted for publication. management consultancy services and capabilities. It will offer consulting in risk and security, information security, business intelligence and compliance, investigations and litigation support, and protective services. O’Neill will serve as managing director. ◆ Do You Have Career News? Send details of promotions, new jobs, publications, accomplishments, awards, and other member news to [email protected]; fax: 703/518-1518. ASIS DY NAMICS In Brief European Security Conference a Hit A Photo by Joe Klamar/Getty Images SIS International 10th European Security Conference was held April 3-6 in Vienna, Austria. The event gathered approximately 360 senior security managers from 44 countries. The conference was opened by keynoter Michal Moroz, deputy minister of the interior of the Czech Republic, who outlined the Czech government’s plans to combat corruption. On the second day, the keynote came from Hugh McLeod, MBE, chief operating officer of Stirling Assynt, who explained the geopolitics of the recent Arab uprisings. The third day’s keynote speaker was Brigadier Ian Abbott, OBE, independent member of the Thames Valley Police Authority, who elaborated on the need for public-private partnerships in protecting critical infrastructure. The conference featured 36 highlevel educational sessions provided by speakers that included Rolf Rosenvinge, CSO of GE Global Banking Nordics, who spoke on industrial espionage; Dr. Christoph Rojahn, senior manager of forensic and dispute services for Deloitte AG, who discussed organized crime; and Dr. Henriette Haas, associate professor of forensic psychology at the University of Zurich, who spoke on de-escalation skills. In addition, sessions designed especially for Chief Security Officers (CSOs) were organized by the ASIS CSO Roundtable, which is the ASIS forum for the most senior security professionals from the largest and most influential enterprises in the world. The conference also featured an exhibition hall of security product and service providers. Next year, the ASIS 11th Annual European Security Conference will take place in London, April 15-17. The event will kick off on April 15 with a President’s Reception. During the following two days, delegates will be able to attend three keynote presentations, as well as 33 high-level educational sessions divided over three parallel tracks. Among these will be sessions on certification, convergence and standards; sessions for CSOs organized by the CSO Roundtable; an en- larged exhibition featuring the latest in security technology and services; and unrivalled networking opportunities at the President’s Reception, business lunches, and networking breaks. For more information, visit www.asisonline.org. More for the Mind T he following six new titles are available from the Society’s Web site, www.asisonline.org, in the ASIS International online bookstore. A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance by Julia Graham and David Kaye is a practical guide to integrating risk management, business continuity management (BCM), and corporate governance. Published by Rothstein Associates, Inc., and written by two veteran practitioners who bring extensive international experience in all aspects of risk management and business continuity, the book stresses that risk management has evolved beyond its initial concerns with insurance and that business continuity is evolving beyond just the recovery of disrupted IT operations or facilities. Risk management has become a strategic tool in managing all risk across an organization, and business continuity management forms just one more important tool in a much wider and coordinated risk manThe Messe Wien Exhibition and Congress Center hosted the ASIS 10th European Security Conference. agement program. J U LY /A U G U S T 2 0 1 1 7 In Brief Topics covered in the book include stakeholder and supplier management, outsourcing, the people factor, technology recovery, and internal and external communications. These topics cover a wide range of challenges, including supply chain disruptions, media and brand attack, product contamination and recalls, and bomb and chemical and biological threats. Included are numerous case studies drawn from enterprises around the globe and instructions for designing and executing team exercises with role playing to rehearse scenarios. Contemporary Security Management, Third Edition, by John J. Fay, published by Elsevier/ButterworthHeinemann, teaches security professionals to operate an efficient security department and to collaborate smoothly with other groups inside and outside their own organizations. Fay demonstrates the specifics of security management— how to organize, plan, develop, and manage a security operation, as well as how to identify vulnerabilities and determine the protective resources required to offset threats. Security professionals share the responsibility for mitigating damage, serving as a resource to an emergency tactical center, assisting the return of business continuity, and liaising with local response agencies such as police and fire departments, emergency medical responders, and emergency warning centers. At the organizational level, the book addresses budgeting, employee performance, counseling, hiring and termination, employee 8 President’s Page T he ASIS International Web site now features a President’s Page by Raymond T. O’Hara, CPP. The monthly column focuses on a range of membership issues—from grooming young professionals to growing a professional network. These communications draw on O’Hara’s experience as a volunteer leader, as well as his travels and conversations with fellow ASIS members. To read the column, visit www. asisonline.org. theft and other misconduct, and offers sound advice on building constructive relationships with organizational peers and company management. Introduction to International Disaster Management, Second Edition, by Damon P. Coppola continues to serve as the sole comprehensive overview of global emergency management. This new edition contains updated information on disaster trends as well as on management structures and advancements around the world. Published by Elsevier/ Butterworth-Heinemann, this edition includes changes to the universal principles of global emergency management practice and advances in the field worldwide in light of the disasters that have occurred in the years since the first edition was published. All chapters include new case studies; new disaster, risk, and vulnerability data; insightful discussions of recent national and international initiatives; and a review of progress made towards improving nongovernmental organization cooperation and profes- sionalism. This text gives the global perspective, making it the only introductory book that is not slanted toward the emergency management system or history of a single country or region. Aldert Vril’s Detecting Lies and Deceit: Pitfalls and Opportunities, Second Edition, published by Wiley, provides a comprehensive review of deception. This revised edition provides an up-to-date account of deception research and discusses the working and efficacy of the most commonly used lie detection tools, including behavior analysis interviews, statement validity assessment, reality monitoring, scientific content analysis, voice stress analysis, thermal imaging, and more. All three aspects of deception are covered: nonverbal cues, speech and written statement analysis, and neurological and physiological responses. The most common errors in lie detection are discussed and practical guidelines are provided to help professionals improve their lie detection skills. Kindle Ready A SIS International-published books can be purchased to read on Kindle, Amazon’s electronic reader, from the Kindle Store at Amazon. com. The books may be downloaded wirelessly, allowing buyers to choose, purchase, and start reading within a minute. A Kindle holds hundreds of titles and every book purchased is backed up online in a media library for downloading again, should the need arise. The Kindle Store currently offers these ASIS titles: Career Opportunities in Security; ASIS Disaster Preparation Guide; Casino Surveillance and Security; Emergency Planning Handbook; Protecting Schools and Universities from Terrorism; Implementing Physical Protection Systems; Detecting Forgery in Fraud Investigations; Crime Prevention for Houses of Worship; Personal Identification; and the Professional Investigator’s Manual. ASIS DY NAMICS In Brief Due Diligence for the Financial Professional, 2nd Edition, by L. Burke Files, published by Aegis Journal, is a refreshingly comprehensive guide explaining the process of financial due diligence. Due diligence, properly done, is about knowing how to ask the right questions, getting truthful and complete answers, and being cognizant of the knowledge filters and manipulators that can be barriers to making informed decisions. This book explains how to filter information and discern the noise from the substance of due diligence. It covers the traditional concepts such as background checks, financial investigations, and money laundering and includes seven comprehensive lists and questionnaires. Charles A. Sennewald, CPP’s Effective Security Management, Fifth Edition, published by Elsevier/ButterworthHeinemann, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Sennewald brings a timetested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. Working with a team of sterling contributors endowed with cutting-edge technological expertise, the book presents an accurately balanced picture of a security manager’s duties. The book includes cartoons that wittily illustrate the array of pitfalls a new manager must avoid to lead effectively. In short, this timely revision of Sennewald’s classic text retains all the strengths that have helped the book endure over the decades and adds the latest resources to support current professional development. ◆ J U LY /A U G U S T 2 0 1 1 First Responders Honored at ASIS NYC Security Expo O N THURSDAY, MAY 12, approximately 1,900 security professionals gathered at the Jacob K. Javits Convention Center to attend the ASIS International 21st Annual New York City Security (NYC) Expo. The event combines education, networking, and exhibits. “Security practitioners from all aspects of private security and law enforcement attend this event each year. It’s a powerful forum where peers and experts engage in thought-provoking discussions on challenges, solutions, and future strategies,” says ASIS NYC Chapter Chair Kevin O’Brien, CPP. “Being in the city allows us to draw upon the knowledge and experience of the industry’s leading authorities from the Fortune 500, as well as foremost security experts working in the public sector.” ACCORDING TO NYC Security Expo Chair Raymond L. Dean, CPP, attendance reached a 10-year high for this year’s event. In observance of the tenth anniversary of 9-11, the NYC Chapter recognized the sacrifice and heroism of the members of the New York City Police Department (NYPD), the New York City Fire Department (FDNY), and the Port Authority Police Department (PAPD) at its Person of the Year Luncheon, themed “Remembrance and Thanks.” Each year, in conjunction with the expo, the ASIS NYC Chapter’s Person of the Year Award is presented to an individual or group that has contributed to the safety and security of the city. In remembrance of the police officers and firefighters who lost their lives on 9-11 and in recognition of the continuing efforts of each of these three departments to maintain the safety and security of the city, the chapter presented this year’s award to NYPD Commissioner Raymond W. Kelly, FDNY Commissioner Salvatore J. Cassano, and PAPD Superintendent Michael A. Fedorko. “There is no greater sacrifice Kevin O’Brien, CPP, New York City chapter chair, cuts the ribbon to open the Expo. Left to right: Bernie Jacobs, Expo Committee; Lynn Brown, chapter secretary; Ray Dean, CPP, Expo chair; O’Brien; Craig Schwab, CPP, chapter treasurer; and Mark Berger, Expo Committee. 9 FDNY Commissioner Salvatore J. Cassano accepting the Person of the Year Award. than to lose one’s life in the service of others. With this award, we honor the memory of those who fell and the dedication of those who live today with illnesses and disabilities resulting from their acts of heroism on that history-changing day,” stated Dean at the event. “We also commend the innovative men and women of the NYPD, FDNY, and PAPD for their tireless efforts to mitigate potential risks that threaten our communities each and every day.” The chapter remembered the 343 members of the FDNY, 37 members of the PAPD, and 23 members of the NYPD who were killed. The 24 private security officers who gave their lives on 9-11 while performing their duties were also recognized in the chapter chair’s remarks. “These groups and what they have done and continue to do highlight the nexus between public and private security and life safety professionals. The ASIS NYC Chapter continues to nurture its relationships with the NYPD, FDNY, and PAPD at any opportunity,” stated O’Brien. Seminar. In addition to honoring the heroes of 9-11, the event offered plenty of educational sessions. This year’s early-bird education session, held before the expo’s opening, was “Consultative/Collaborative Design: Your End-User’s Best Physical Security Solution.” The session explored key trends in the traditional security industry, including image quality standards, video to meet compliance, the security mas- 10 ter plan of the future, and selling managed and cloud-based services. Additionally, attendees were provided tools and information on a process combining consultative and collaborative sales that addresses customers’ unique challenges. The opening seminar session examined the tough economic environment faced by security professionals and some lessons learned. Titled “What Now?,” the session featured a panel of experts made up of security directors and solution providers who have successfully adapted to the new economic landscape. They offered attendees personal insights into business practices that can be adapted to grow their companies, divisions, or work portfolios. CSO. The CSO Roundtable of ASIS and the InfraGard Partnership for Critical Infrastructure Protection hosted two concurrent afternoon sessions. ASIS Board of Directors and CSO Roundtable Member Brian Allen, CPP, of Time Warner Cable, led “Climbing the Corporate Security Ladder,” an open panel discussion on issues relevant to personal branding, executive-level communication, certifications, networking, and the importance of a business background. Allen was joined by CSO Roundtable cochairs Kevin Donovan of Johnson & Johnson and Richard Gunthner of MasterCard, as well as CSO Roundtable members Bryan J. Fort, CPP, of McCormick & Company, and Kathy Lavinder of Security & In- vestigative Placement Consultants. “Focus on business skills,” advised Richard Gunthner, “and find a special or unique area of expertise such as international business to complement your security experience and knowledge.” This sentiment was echoed by each of the panelists. Donovan urged those in the audience to “be part of the solution—not an obstacle” by understanding the relationship between security and business. During “Defending Against Cyber Weapons of Mass Destruction,” speakers Chuck Manto, CEO of Instant Access Networks, LLC, and Zach Tudor, program director of Computer Science Laboratory, SRI International, provided insights into the potential effects of electromagnetic pulses and other possible weapons of the next generation of cyber attacks. Session organizer Rob Pate, vice president for Cybersecurity at SAIC commented, “We are pleased that the continued partnership between InfraGard and ASIS can leverage the expertise of both organizations’ members and result in excellent programs like the ASIS NYC Security Expo. We are happy that we could bring worldwide experts to this year’s event to build awareness of such critical cyber issues.” The exhibit floor was a hub of activity for professionals from all sectors of the industry who work within and outside of the region. Attendees visited the exhibit floor throughout the day, connecting with colleagues, making new contacts, and meeting with representatives from more than 100 security product and service exhibitors. The 22nd ASIS NYC Security Expo will be held April 25-26, 2012. Look for details in the months ahead on an expanded education program, which will include Certified Protection Professional® and Physical Security Professional® certification reviews and a CSO Roundtable special forum. ◆ By Leigh McGuire, ASIS public relations manager. ASIS DY NAMICS Foundation Northern Nevada Wins Physical Security Award T he 2011 Roy N. Bordes Physical Security Award was presented by the ASIS International Foundation, Inc., to ASIS’s Northern Nevada Chapter. The award, given annually, provides up to $5,000 to cover the fees, travel, accommodations, and expenses for two instructors to lead a physical security education program in the chapter’s locality. “Our goals for this year were to increase membership and participation,” says Northern Nevada Chapter Chair Darrell Clifton, CPP. “To reach this strategic goal, we are working to improve our educational offerings.” Clifton believes this award will go a long way to support the chapter in reaching these goals and credits the win to the hard work and CRISP Report Proposals Sought T he ASIS International Foundation, Inc., is seeking research proposals for its Connecting Research in Security to Practice (CRISP) report series. In 2008, the Foundation launched the series to provide practical, researched-based techniques, present concise summaries of available research, deliver expert analysis, and offer proven approaches and best practices. Authors link existing scientific security research to real-world, on-the-ground practices that help security professionals tackle a wide range of security issues. Interested professionals with expertise in specialist aspects of security are asked to submit proposals on a specific security concern or to suggest authors and topics. For more information, visit www.asisfoundation.org. J U LY /A U G U S T 2 0 1 0 Lines of Hope T he ASIS International Foundation, Inc., will launch Lines of Hope, an annual campaign dedicated to raising funds for calling cards for injured U.S. soldiers and their families. The campaign builds upon the successful program established by ASIS member Kevin Doss, CPP, PSP. Look for details on the Foundation’s Web site, www.asisfoundation.org. dedication of Jay Martin, CPP, and Mark Crosby, CPP—both of whom were instrumental in putting together the winning application. Martin says that he is extremely pleased with the win, noting that this year marks the chapter’s 25th Anniversary. “We will leverage our extensive network in the Reno area, as well as the Northwestern United States, to deliver a first-class physical security program applicable to a wide range of security professionals,” he states. Martin and others within the chapter will begin developing the curriculum, which is planned to be a highly interactive program presented in a case study format. The Roy N. Bordes Physical Security Award is named in honor of the late Roy Bordes, a respected ASIS volunteer leader who was a Society member for more than 30 years. Chapter Giving Campaign Underway B ritish statesman Winston Churchill once said, “We make a living by what we get. We make a life by what we give.” The ASIS International Foundation, Inc., Annual Chapter Giving Campaign is now underway, providing members with a unique opportunity to promote the security profession and to prepare its practitioners to meet the challenges that lie ahead. Member contributions make it possible for the Foundation to advance its mission of providing relevant research and vital education opportunities that serve to enhance the security profession. Please support the important work of the ASIS Foundation with a gift of any amount. As a 501(c)(3) nonprofit organization, all gifts are tax deductible and 100 percent of every contribution goes directly to the work of the Foundation. To donate on line, visit www.asisfoundation.org, or make a donation through a local ASIS chapter. The support of individual, chapter, and corporate donors will be recognized at a luncheon during the ASIS 57th Annual Seminar and Exhibits in Orlando, September 19-22. ◆ Leadership in Security Management Wharton/ASIS Program for Security Executives October 31-November 4, 2011 and January 23-27, 2012* Philadelphia, PA USA *Both non-consecutive weeks are required Learn more at www.whartonasisprogram.com 11 Extra Opportunities for Education in Orlando All Preseminar Sessions will be held in the Peabody Hotel. W HILE THE ASIS International 57th Annual Seminar and Exhibits, to be held September 19-22 in Orlando, Florida, promises a banquet of educational sessions, the two days before the Seminar and Exhibits begins will also feature programs to build up the brains of security professionals and whet their appetites for the feast to come. For more information on any of these programs or to register, visit the Society’s Web site, www.asisonline.org. Cargo Theft 12 transportation statutes and necessary cargo-carriage liability coverage will be presented with a focus on appropriate law enforcement policy and related governmental coordination. The creation of a secure environment for people and cargo will be examined comprehensively from a supply-chain standpoint, and in specific detail from a terminal perspective, including the latest in security technology advancements and human factor integration. International trends in supplychain governance and the uncertainty of global political resolve will be analyzed as key factors requiring substantial change for the improvement of supply chain security integrity in the face of the ever present threat of criminal activity. The fee for this program is $595 for ASIS members and $695 for nonmembers. Detecting Deception On Saturday and Sunday, September 17 and 18, John Dietz and Associates will present “Detecting Deception in Verbal and Written Statements.” This is an intensive, hands-on introduction to statement analysis. Attendees will learn how to detect deception in verbal and written statements, allowing them to identify suspects and eliminate truthful persons. The technique allows investigators to save time and resources as well as to be more successful in investigations. The session uses actual cases that were solved using the technique. The program fee is $595 for ASIS members and $695 for nonmembers. Guard Force Management On Sunday, September 18, “Advanced Guard Force Management: Improving Performance/Reducing Turnover” will be presented by Stevan P. Layne, CPP, and William J. Powers III of the International Foundation for Cultural Property Protection. The program starts with the premise that the basic element in private security today is still the security officer. Improper preemployment screening of officers, weak training programs, and outdated policies and practices that result in even one bad performer can derail an entire protection program. This program, conducted by leading security managers with ASIS DY NAMICS Photo by Leonard J. DeFrancisci On Saturday and Sunday, September 17 and 18, the Global Maritime and Transportation School (GMATS) at the U.S. Merchant Marine Academy will present “The Impact of Cargo Theft on the Global Supply Chain.” The program will examine supply-chain criminal activity in the global logistics and transportation industry sectors. Beginning with the identification and assessment of existing threats and related vulnerabilities that significantly impact the supply chain, transportation and logistics industry security specialists will present and examine all aspects of effective mitigation pro cesses that are recommended as successfully demonstrated industry best practices. The critical role of actionable intelligence analysis in the strategic security planning process will be emphasized and detailed and specific supply-chain security countermeasures will be presented, including special methods of protection for intermodal cargo in a storage, shipping, or receiving status; thirdand fourth-party logistics functions; and other current supplychain end-to-end distribution elements and processes. The importance of existing over 75 years of cumulative experience, outlines cases where training came too late and offers practical advice on how to avoid the pitfalls of a less than optimum program. Topics will also include defining the security officer role, performing an objective evaluation, contract security, managing security in an organized labor environment, avoiding litigation, use of force, and building morale. The program fee is $395 for ASIS members; $495 for nonmembers. Bank Security Sponsored by the ASIS Banking and Financial Services Security Council, this full-day program on Sunday, September 18, will cover the major topics and concerns faced by corporate security managers in the banking and financial institutions sector. “Bank Security Risk Mitigation” will include a panel of security directors and other bank security specialists who will address the Bank Protection Act, risk assessment process, CPTED principles for banking, bank robbery training, effects of global financial crime, Internet banking account takeovers, preparing for court testimony, and creating added value in bank security programs. The fee is $395 for ASIS members; $495 for nonmembers. Looking Forward Sponsored by the ASIS Council on Business Practices, the program “Not a Moment to Lose: Facing the Security Challenges of the New Decade” will take place on Sunday, September 18. After a decade of disappointment that included both 9-11 and the near collapse of the global financial system, today’s security leaders are faced with issues that require the knowledge and leadership skills to influence management. This program examines all-hazards global risk and its economic consequences as well as evolving compliance trends. A diverse group of expert practitioners will share their cross-functional methodologies, J U LY /A U G U S T 2 0 1 1 measures, and best practices for enterprise risk management, cost containment, and revenue influence within the framework of the company environment. The fee for this program is $395 for ASIS members; $495 for nonmembers. risks, response, the value of publicprivate partnerships, and liability exposure associated with major events in soft target environments. The fee for this program is $395 for ASIS members; $495 for nonmembers. Securing Houses of Worship Preparing for the Worst Every business has its own critical processes and functions, making resiliency to incidents vital. In this Sunday, September 18, program, “Preparing for the Worst: Security Readiness and Response for Your Critical Business Functions,” attendees will learn readiness, response, and recovery practices using standards related to the preservation of assets. Information on resiliency, current practices, and training to ensure that exercises conform to established best practices will be provided. Topics will also include the U.S. Department of Homeland Security PS Prep Program, cyber security risks to critical infrastructure, liability and insurance issues resulting from a catastrophic event, an update on terrorism issues, and the Homeland Security Exercise and Evaluation Program. The fee for this program, which is sponsored by the ASIS Critical Infrastructure Working Group, is $395 for ASIS members; $495 for nonmembers. Soft Target Protection On Sunday, September 18, the ASIS Hospitality, Entertainment, and Tourism Security Council will sponsor “Soft Target Protection: Is Your Open Access Business Environment Safe?” The challenging task of protecting soft targets including hotels, arenas, and other entertainment and hospitality venues requires more than a basic security plan. This intensive, full-day program, presented by industry professionals and government officials, will provide an array of resources and information on staff training, current threat trends and mitigation, evaluating The Sunday, September 18, program, “Securing Houses of Worship Now and in the Future,” is sponsored by the ASIS Cultural Properties Council and the Houses of Worship Security Committee. International polls on terrorism list houses of worship in the top five at-risk sectors for terrorist attacks. This program addresses the risks, threats, and vulnerabilities to houses of worship and faith-based organizations from various crossdenominational religions in the U.S. and abroad. Attendees will learn how to develop risk management strategies that will help organizations implement solid safety and security plans, as well as aid in deploying detailed operational protection procedures. The fee for this program is $395 for ASIS members; $495 for nonmembers. Security Design To be held on Sunday, September 18, and based on the first part of Facility Security Design, ASIS’s popular three-day program, this one-day intensive workshop titled “The Basis of Security Design: Functionally Integrated Systems” will delineate a step-by-step process to identify assets and assess value, identify threats and vulnerabilities of those assets, and use that information in a risk assessment process. The latter will help attendees to develop functional design requirements for solutions to the vulnerabilities. New hands-on exercises will help participants place this approach into a realistic scenario. The program will conclude with discussion on how to take the functional requirements and prepare the preliminary design package. continued on page 30 13 CSO Roundtable Key Topics Debated in Vienna A re threats endemic to the United States creeping onto European shores? How do European companies get security teams from individual countries to work with counterparts across European borders? Is it effective to discuss threats to the organization in new-employee orientations? And how has the nuclear fallout in Japan influenced environmental activists in Europe? These were just a few of the questions raised and debated during the four panel sessions held by the ASIS International CSO Roundtable at the ASIS European Conference in Vienna, Austria, in early April. Springboarding from opening comments made by panelists, session attendees frequently drove the discussions on topics such as whether formerly U.S.-exclusive threats were migrating to Europe, how to work with global teams, how to deal with corporate espionage, and how to address extremist threats to soft targets. The four CSO Roundtable sessions ran concurrent with ASIS sessions on Monday and Tuesday. In previous years, the CSO program occurred the day before the ASIS conference began. At the opening CSO session on Monday, Former ASIS President and Securitas USA Chairman Don Walker, CPP, presented the results of his company’s survey of the top threats and concerns of U.S. organizations. In the latest version of this annual exercise, cyberthreats dislodged workplace violence from its long-held top position. But attendees challenged the applicability of this data to Europe, observing that workplace violence falls way down on the list of threats while, for example, unethical business conduct is much more of a concern on the continent than it is in 14 Steve Davis of the U.K. National Trust spoke on protecting soft targets. the United States. Other CSOs pointed out that today’s risks are so dynamic that they can change week to week or day by day, as is evidenced by the surge in concerns about mitigating travel risk after the Middle East “revolutions” and the earthquake, tsunami, and nuclear meltdown in Japan. (As a result of this discussion, following the conference, the CSO Roundtable conducted a much briefer survey on threats to European companies and assets.) Leading the discussion on global teams, security chiefs Tyson Johnson, CPP, of Celestica, Georg Freundorfer of Oracle EMEA, and Erik Marangoni of Bank Austria (part of UniCredit) offered overviews of how their departments function and how they cull best practices from particular security teams. Local teams can help companies thrive in local markets but can be difficult to manage centrally, they said. Audience members talked about their own programs, which included regular webinars to keep regional security teams on the same page or apprise them of a new standard. Lively interaction engaged the audience at the CSO sessions. Tuesday’s CSO fare was just as lively, with Rolf Rosenvinge, CSO of GE Global Banking Nordics, and Jelle Niemantsverdriet, a forensics and investigative expert for Verizon Business Security Solutions, discussing whether economic espionage has actually increased as a result of the economic downturn. Whether it has or not, Rosenvinge stressed the importance of mapping an organization’s data, then implementing controls commensurate with the value of the data and the level of risk. Attendees offered their own best practices, such as showing employees photographs of clean desks to demonstrate a clean-desk policy, on the theory that pictorial representation trumps verbiage. Another CSO mentioned his company’s communal approach to preventing insider crime via staff looking out for each other’s welfare, as personal problems or changes in a worker’s demeanor or routine often indicate a security risk. Steve Davis of the U.K. National Trust and Aodh Mac Fhionnbhairr of utility giant E.ON initiated the give-and-take on protecting soft targets from extremism. As Davis explained, the U.K. National Trust, a charitable organization, protects a vast number of far-flung British treasures, including natural wonders ASIS DY NAMICS CSO Roundtable such as the White Cliffs of Dover; hundreds of historic houses, castles, and pubs; 6,000 prehistoric sites; and 76 nature reserves. It relies on 60,000 volunteers to serve as its security eyes and ears. Protest groups that pose a threat include those who oppose sports such as fox hunting, divorced fathers seeking access to their children, and ardent nationalists. Threats to utilities are often more frequent and prominent than those posed to cultural sites, and Mac Fhionnbhairr discussed the environmental activism movement in Europe and the legal framework that sets the limits on their activities. Other participants discussed the move from physical to virtual attacks by extremists, as well as the effect of activists on an organization’s reputation. By Michael Gips, ASIS vice president of Strategic Operations. Roundtable Track in Orlando T he ASIS CSO Roundtable will present a CSO track at the ASIS 57th Annual Seminar and Exhibits in Orlando, Florida, September 19-22. The program will feature private sessions with keynote speakers Jeb Bush and Vicente Fox. Sessions, led by senior security executives from some of the world’s largest companies, will look at public-private collaborations during a crisis, social media risks and rewards, becoming a trusted advisor to the CSO, how global changes in corporate liability put companies and executives at risk, and what the revolutions in the Middle East will mean to multinationals in the near and long terms. This program is available for free for CSO Roundtable members and for an additional charge for attendees who are eligible to join the Roundtable. Latin American Summit Announced T he ASIS CSO Roundtable will host its 2nd Annual CSO Roundtable Latin America Summit in São Paulo, Brazil, November 7-8. The summit will cover critical business and security issues such as public-private collaboration, dealing with cultural differences in global organizations, corporate security’s role in pre- venting internal fraud, and preparations for the World Cup and the Olympic Games. Last year’s summit drew more than 100 security executives from around the world to discuss security challenges to business opportunities in Brazil. For more information and sponsorship opportunities, contact ASIS Assistant Director of Strategic Operations Peter Piazza at 703/518-1497; e-mail [email protected]. ◆ REGISTER FOR ASIS FOUNDATION EVENTS AT ASIS 2011 There’s nothing better than mixing a touch of business and a bit of pleasure with friends, colleagues, and clients. Make the most of your ASIS 2011 experience by attending the ASIS Foundation events in Orlando this September. ASIS Foundation 15th Annual Golf Tournament Foundation Night at B.B. King’s Blues Club Sunday, September 18, 2011 Shingle Creek Golf Course | Orlando, FL Wednesday, September 21, 2011 Sponsorships are available for both events. Visit www.asisfoundation.org for details. J U LY /A U G U S T 2 0 1 1 15 Certification They Did It A SIS International would like to congratulate the following individuals who successfully passed the Certified Protection Professional® (CPP), Physical Security Professional® (PSP), and Professional Certified Investigator® (PCI) examinations in March and April. CPPs John L. Ahlert Alvaro E. Alvarez Joe P. Anderson Colin Ashburn Scott T. Baylor Bruce W. Barnes Michael L. Blair John Burks, Jr. Charles L. Butler Donald S. Cohen Mark D. Crosby Bart den Ouden Christopher Deringer Emidio DiVirgilio Karen M. Dickey William J. Doherty Michael Edgerton Dexter Ferdinand Simon A. Francis Tim Grime George M. Harman Douglas R. Head Alexander J. Hilton Scott A. Jackson Earl R. John Scott R. Johnson Jason Kukreja Rick M. Lattanzio Nicole M. Laughlin Michael Lescault David Lieberman Richard F. Massey William McLane William E. McLaughlin III Monica N. Mellas Bruce T. Mills Timothy K. Morrissey Curtis D. Noffsinger Richard J. Novia, Sr. Girish Panwar 16 William H. Pepler, Jr. John M. Petersen Allen L. Phelps Michael J. Quigley Arturo D. Rivera William Roddy Roberto Romo Michael A. Runyan Christopher Scott Grant Serbousek Thomas Shaver Ronald A. Smith Colin E. Vick Thomas Vonier Michael A. Wassermann Shane Weis Gareth Williams Raymond R. Youngs PCIs Ken Bennett Gerard F. Buchleitner Paul E. Dank Scott J. Irving Imre W. T. Juurlink Byron A. Kizas Kenneth M. Laursen Anthony D. Nelson Francis W. Pascoe, Jr. Roger L. Reese Bethany A. Reynolds Geri Wutz Jacob Steig Gerald L. Webb John F. Yocum II New PSP Eligibility Requirements T he ASIS International Professional Certification Board (PCB) has updated the professional eligibility requirements and examination for the Physical Security Professional® (PSP) credential. The changes being instituted are the direct result of a PSP job analysis that revealed that examination modifications were required to more accurately reflect the qualifications of people working in the profession. All updates will become effective on November 7. Visit www.asisonline.org/certification for details. Michael J. Owczarzak Jack P. Paul Jere I. Peltonen Michel E. Perrin Darryl Polowaniuk F. Douglass Reynolds Kenneth Tau Josa-Joram Shali Tauya James Southern Scott Starkey James J Webster Ting-Jin Wee ◆ Candidates at the PSP Review last year in Dallas. PSPs Geoffrey A. Bauer Michael Brzozowski Eric Davidson Robert M. Davidson Baitshupi Ditamara James T. Dutkowski John D. Ferranti Cory Forer Anthony Frassetta Les Huggins Dhruv Kapur Scott Koehler Robert J. Lomb, Jr. Neil J. Mathews Denise Martin Kebatshabile Ntema ASIS DY NAMICS Wounded Warriors to Work A Photo by Lauren G. Randall SIS INTERNATIONAL is increasing its efforts to assist the Wounded Warriors Project and is asking chapter and regional volunteer leaders to lend a hand with the Wounded Warrior’s initiative, the Warriors to Work Program. “This is a good investment of our time and energy…helping those who have served our country to reenter the work force,” says ASIS President Raymond T. O’Hara, CPP, who sent a message to the leadership in April, explaining the three-fold mission of Wounded Warriors: to raise awareness and enlist public aid for the needs of injured service members; to help injured service members to assist each other; and to provide programs and services to meet the needs of injured service members. O’HARA’S MESSAGE urged volunteer leaders to “encourage your chapter members to post employment opportunities [at the Warriors to Work Web site] that may be appropriate and to take an active interest in this effort.” Previously, O’Hara states, ASIS worked with Wounded Warriors to provide complimentary attendance to the Society’s Annual Seminar and Exhibits, had the Wounded Warriors executive director speak at one of the Seminar and Exhibits luncheons, and held fundraising events. “I think it’s time to dig down a little deeper and engage our members who have employment opportunities. We need to alert them to the availability of wounded warriors as job candidates—and not only in the United States. We’ve fought [the war on terrorism] with a coalition of allies, so there are wounded warriors in many countries where we have chapters and members as well.” Getting back to work can be a daunting challenge for wounded service members. Warriors to Work helps clients to find civilian employment, and provides individual counseling, résumé building, and other services. The Web site www.woundedwarriorproject.org, notes, “Many warriors find it difficult to explain the skills and experience acquired through military service to a civilian employer. Employers frequently do not understand the qualifications veterans J U LY /A U G U S T 2 0 1 1 offer, and it’s often a challenge to effectively translate military skills into civilian terms.” The Warriors to Work Program educates employers on the benefits of hiring warriors and dispels some of the common misconceptions. The Web site also provides employers with a special login for job posting and résumé searching. The security industry is a perfect fit for some of the wounded warriors, O’Hara believes. “As many of our ASIS members are from a military background, I see great value in assisting the Warriors to Work Program to help find viable employment for those in the process of transitioning into the civilian work force,” he wrote to ASIS volunteer leaders. ASIS has also delivered an e-mail to participants of Warriors to Work to urge them to visit the Society’s Web site, www.asisonline.org, to learn more about the security profession. The e-mail also explained that “our organization has chapters in nearly every state…. You can reach out to these groups and take advantage of the education and networking opportunities available.” Webinar. Warriors to Work participants were also invited to virtually attend a free webinar by ASIS, “From Here to There—Advancing in the Security Field.” Held on June 1 with more than 200 participants, the webinar was taught by Jeff Hawkins of the American Military University and focused on how to succeed in the security field. Seminar. Warriors to Work participants have been invited to Law Enforcement and Military Appreciation Day at the Seminar and Exhibits in Orlando in September. O’Hara says the hope is that attending wounded warriors will become “more engaged and more understanding of what it is that we do and see if they have an interest in the security management field.” ASIS is also establishing a closer relationship with the board of directors of Wounded Warriors. “We’ve had some meetings already and we will continue to do that,” O’Hara says. “I think our chapters and members can really get behind this and do something for the good of all countries,” he states. ◆ Wounded Warrior Rides, such as this one in Norfolk, Virginia, help vets regain confidence and strength. 17 Standards and Guidelines Private Security Service Standard in Development A SIS INTERNATIONAL has conducted the first Technical Committee meeting for the development of an American National Standard to support the International Code of Conduct for Private Security Service Providers (ICoC). The ANSI/ASIS.PSC 1: Management System for Quality of Private Security Company Operations—Requirements with Guidance Standard will provide a mechanism for private security companies and their clients to show demonstrable commitment, conformance, and accountability to the principles outlined in the ICoC. COMPOSED OF more than 200 members from 24 countries, the Technical Committee includes a balance of clients, service provid- ers, government and nongovernmental, and rights groups from the public and private sectors. “This remarkable international effort demonstrates the importance of this industry sector around the globe. It brings together disparate interested parties to assure quality of services provided by private security companies while maintaining the safety and security of their operations within a framework that ensures respect for human rights and fundamental freedoms,” says Dr. Marc Siegel, commissioner of the ASIS International Global Standards Initiative and chair of the Technical Committee. Private security companies and other private security service providers have become critical elements for supporting peace and stability efforts in regions where the capacity of societal institutions has become overwhelmed by manmade and natural disruptive events. Private security companies operating in areas of weakened governance need to provide essential A S I S S TA N D A R D S A N D G U I D E L I N E S U P D AT E ASIS INTERNATIONAL regularly provides the status of standards and guidelines so that members and others can be apprised of progress. Visit www.asisonline.org/guidelines/ guidelines.htm to access and learn the latest status of each standard or guideline. STANDARDS UNDER DEVELOPMENT Auditing Management Systems for Security, Preparedness, and Continuity Management with Guidance for Application: This standard refers to the systematic, objective activities undertaken to evaluate or audit management system performance for security, preparedness, and continuity management. Community Resilience: Guidance on Capacity Building and Public-Private Partnerships Standard: Provides guidance to address the interfaces between individual, organizational, and community resilience to enhance public-private partnerships and resilience planning. Using the PDCA model, it addresses risk and capacity identification, assessment, control, and sharing to better prevent, prepare for, respond to, and recover from disruptions to help communities and public-private partnering. This standard builds on the ASIS SPC.12009, Organizational Resilience Standard. 18 Conformity Assessment and Auditing Management Systems for Quality of Private Security Company Operations: This standard provides requirements and guidance for conducting conformity assessment of the management system for quality of the Private Security Company Operations (PSC) Standard. This standard sets out requirements for bodies providing auditing and third-party certification of private security company operations (private security providers working for any client). It gives requirements and guidance on the management of audit programs, the conduct of internal or external audits of the management system and PSC operations, and the competence and evaluation of auditors. Organizational Resilience Maturity Model: Phased Implementation: This standard describes a phased implementation of the Organizational Resilience Standard as a series of steps designed to help organizations evaluate where they stand with regard to resilience management and preparedness, to set goals, to benchmark where they are relative to those goals, and to plot a business-sensible path to get there. Physical Asset Protection: This standard identifies, applies, and manages physical security measures to safeguard an organiza- tion’s facilities-based assets. Resilience in the Supply Chain: This standard expands on the scope of the ASIS Organizational Resilience Standard to include resilience in the supply chain by providing a framework for evaluating the internal and external context of the organization with regard to its supply chain. Risk Assessment: This standard provides a basis for a generic process for risk assessment, enabling objective analysis of the efficacy of risk management controls that protect an organization’s assets. Workplace Violence Prevention and Intervention: This standard provides an overview of general security policies, processes, and protocols that organizations can adopt to help prevent threatening behavior and violence affecting the workplace so that better responses to security incidents involving threats and episodes of actual violence can occur. PUBLISHED ANSI/ASIS STANDARDS Business Continuity Management (2010): This standard includes auditable criteria for preparedness, crisis management, business and operational continuity, and disaster management. ASIS DY NAMICS services and to conduct their business with due diligence to prevent incidents, mitigate the consequences of incidents, report them when they occur, and take both preven- The standard will provide auditable requirements based on the “plan-do-check-act” model for third-party certification. tive and corrective actions. The ASIS PSC.1 Standard will provide the principles and requirements for a management system for private sector security organizations to abide by and demonstrate accountability to internationally recognized norms of civil and human rights while providing quality assurance in the provision of their products and services. It will provide auditable requirements based on the “plan-do-check-act” Chief Security Officer (CSO) Organizational Standard (2008): This standard is a model for developing a leadership function and a comprehensive, integrated security risk strategy to contribute to the viability and success of the organization. Organizational Resilience: Security Preparedness and Continuity Management Systems—Requirements with Guidance for Use (2009): This standard is based on the ISO PDCA model. The model provides steps to prevent, prepare for, and respond to a disruptive incident; to manage and survive the event; and to take actions to ensure the organization’s resilience. PUBLISHED ASIS GUIDELINES Business Continuity (2005): This guideline outlines a series of interrelated processes and activities that assist in creating, assessing, and sustaining a comprehensive plan for use during a crisis that threatens the viability and continuity of an organization. Chief Security Officer (2008): This guideline addresses key responsibilities and accountabilities, skills and competencies, and qualifications for an organization’s senior security executive. Facilities Physical Security Measures (2009): This guideline assists the selection of J U LY /A U G U S T 2 0 1 1 model for third-party certification. By following the proven ISO model for management system standards, private security companies can integrate this standard with their current management system approaches and focus efforts to better manage their risk. “The standard will raise the bar for industry best practices consistent with the goal of simultaneously promoting stability and respect for human and civil rights,” says Sie gel. “The standard will provide clear benchmarks for assuring accountability and improvement of performance and will serve as a differentiator for companies that provide quality services and products. A growing use of contract services by governments and companies around the globe needs an international initiative like this to set the standards of quality and ethical services.” ◆ appropriate physical security measures and includes defining risk levels, implementing an integrated set of physical security measures, and devising policies and procedures related to security incidents, access control, monitoring systems, lighting, security personnel, audits, and inspections. General Security Risk Assessment (2003): This guideline presents a process by which security risks at a specific location can be identified and communicated, along with appropriate solutions. Information Asset Protection (2007): A guideline to offer general protection advice for information assets. Preemployment Background Screening (2009): This revised guideline aids employers in understanding and implementing the fundamental concepts, methodologies, and issues associated with the preemployment screening of job applicants. Private Security Officer Selection and Training (2010): This revised guideline sets forth minimum criteria for the selection and training of private security officers. Threat Advisory System Response (2008): This guideline provides private businesses and industry with possible actions based on the alert levels of the U.S. Department of Homeland Security. 2 DTABLE CSO ROUN ERICA M A IN T A L IT ND S U M M São Paulo BRAZIL r S /PWFNCF Join senior security executives from around the globe for the 2nd CSO Roundtable Latin America Summit. Expand your knowledge of critical issues facing organizations conducting business in the region and strengthen your professional network. Gain risk mitigation practices and strategies from security leaders relevant to: s3ECURITYISSUESINTHE Southern Cone s(ARDENINGTHESUPPLYCHAININ Latin America s#ULTURALDIFFERENCESINA global organization s)NTERNALFRAUDPREVENTION corporate security’s role s7ORLD#UPANDTHE/LYMPIC Games preparation For complete event details, including sponsorship opportunities, visit www.csoroundtable.org. 19 ASIS Women in Security Spotlight R EBEKAH WELLS, CPP, is the manager-in-charge for the Santa Monica and Long Beach branches of Guardsmark in California, where she started her career in 1988 as a branch secretary. Wells obtained her Certified Protection Professional® (CPP) certification in November 2001 and served for two years as a regional vice president (RVP) for ASIS International’s Region 3. She has also held leadership positions with Greater Los Angeles Chapter including sergeant at arms, treasurer, secretary, vice chair, and chair. Rebekah is currently serving her second year as a member of the ASIS Awards Committee and as the senior RVP for Regions 2 and 3. Q: Can you describe a day in your professional life? A: No two days are ever the same. I manage two offices in the Los Angeles basin. The smaller office has 150 employees and the larger office has 200 employees. I oversee a group of managers and the overall service delivery to our clients. Many times my calendar is not set until that day. The security industry works around the clock and my work is often impacted by the latest threat or security breach. Flexibility and multitasking define every day. Q: What do you believe has made you excel in your position? A: Success is in the details, especially in the security field. I am very detail-oriented and I take the time to notice and correct even the tiniest error. I think this is especially important in the fast-paced, abbreviated world we live in. I work in the people business, and I know that people will always make mistakes. I see these as opportunities to improve. This has helped me to develop my problem-solving skills as well as my management and leadership skills. Each mistake is an opportunity to do better. I also strongly believe in maintaining a professional image. I think 20 how people see you really impacts how and if they accept your message. The world has become very business casual, which has its place, but it is often not the best way to be perceived. If you are meeting with clients or executives, you should have a crisp, sharp image and look like a professional. I believe it enhances your credibility. Q: Which of your strengths have proven most beneficial to you? A: I think it’s my sincerity and my passion. I truly care about what I do and the excellence of my work product. My passion for my job shows—so much so that I can put a positive spin on any negative work situation. Q: What is the best advice you have ever received? A: It was to acknowledge a mistake and not be defensive. Early in my career, if a client voiced a concern or complaint to me about one of my staff, the first thing I would say is “no, they would never do that.” I was very defensive and protective of my people. Eventually, a client called my boss and complained. I learned that it is important to listen to the client or stakeholder, acknowledge that a mistake might have been made, investigate the situation, and then Rebekah Wells respond. I now teach this skill to all of my managers. Q: What do you know now that you wish you had known at the start of your security career? A: The importance of networking—I tend to forget that I don’t know it all or have all the answers. There is great value in tapping into the resources around you. Also, I wish I had learned earlier of the importance of ASIS—I know that sounds corny and predictable, but it is true. There is so much value in membership, and I never realized it until I got involved at the leadership level. When I first started with Guardsmark, I attended an ASIS luncheon. It wasn’t until [much later when] a client asked if I was interested in getting involved at the committee level that I actually became active. At first, I found the prospect of attending these meetings intimidating. But, as I became more involved and learned the value of ASIS, I found it was easier to find common ground with others in the industry. At the regional leadership level, my mission is to make each chapter aware of what opportunities exist in ASIS that they may not have thought of—in particular, the value of the support and participaASIS DY NAMICS tion in the ASIS Foundation, Inc., and its programs. Q: What guidance would you like to impart to the next generation of security leaders? A: This is a great industry with so much potential, but it requires commitment. Security does not happen Monday through Friday from 8:00 a.m. to 5:00 p.m. It is 24/7. Also, don’t lose your ability to connect with people one on one. Stop texting and pick up the phone. The human element is so important in our industry. Electronic communication does not convey the tone of a voice. Whenever possible, meet people in person. You can see their body language, and they can see yours. In security, so much of our information comes from between the lines and in nuances. When communication becomes all electronic, I think it loses its effectiveness to be understood. Q: What has been your biggest obstacle and how did you overcome it? A: My biggest obstacle has been to be taken seriously. I don’t have a background in law enforcement or the military, and I work in a male-dominated industry. I worked my way up from the bottom with my current employer and have learned as I have moved up. I overcame it by doing two things: First, I persevered. I never gave up, and I never apologized for the perceived weaknesses in my background. Second, I earned my CPP designation. I attended a local 12week review class and then spent a few weeks studying with a business associate, and I passed on the first attempt. This alone has given me so much credibility. Q: What is your best tip for a positive work/life balance? A: I saw a cartoon once that depicted two people having a conversation about work/life balance, and one person asked the other how many children they had. The J U LY /A U G U S T 2 0 1 1 response was “three-ish.” That was me. I spent my early years completely out of balance because I felt I had to work twice as hard to get half the recognition. But it paid off. Now, I make sure I start and end every day putting my needs first. In the past, I gave out my cell phone number and was available day and night to everyone. I would check my e-mail constantly. Now, I screen all my calls after hours and only check e-mail at the office. I let my clients know that if I do not answer my phone, they can call our emergency call center, which knows how to reach me on my home line. I used to think it was a sign of weakness to set boundaries in your personal life but now I realize it is essential to your sanity and necessary for good mental and physical health to separate your personal and professional lives. ◆ Will yyou ou succeed or fall behind in toda today’s y’s security envir environment? onment? Business as usual is no longer the key to car career eer advancement. With With the state of our economy, economy, the security job market is even mor more e competitive—and certification of competence even more more important. Your Your ability to differentiate differentiate yourself from from the crowd crowd is critical. Raise your profile profile and broaden broaden your exposure exposure in the profession profession with ASIS board board certification. Compete and succeed with ASIS board board certification. Apply today today.. Learn Learn more. more. Go to www www.asisonline.org www.asisonline.org. .asisonline.org. .asisonline.org. Accepted as the standard. Worldwide. 21 Security Education your Way Embellish your ASIS 2011 experience by arriving early! Pre-Seminar programs offer the ideal opportunity to earn additional CPEs, prepare for your certification exam, take an industry tour, or network with like-minded professionals. These optional events are scheduled prior to the official opening of the Annual Seminar and Exhibits and are priced individually. Go behind the scenes September 18 Virtual and Immersive Training Systems Experience Kennedy Space Center Prepare for ASIS board certification September 16-17 CPP Review PCI Review Pre-Seminar Intensives PSP Review September 17-18 The Impact of Cargo Theft on the Global Supply Chain Detecting Deception in Verbal and Written Statements September 18 Not a Moment to Lose: Facing the Security Challenges of the New Decade Preparing for the Worst: Security Readiness and Response for Your Critical Business Functions Raising the Heat on Soft Target Protection: Is Your Open Access Business Environment Safe? Securing Houses of Worship Now and in the Future The Basis of Security Design: Functionally Integrated Systems Bank Security Risk Mitigation Advanced Guard Force Management: Improving Performance/Reducing Turnover The Successful Security Consultant Five new e-learning programs Nonviolent Confrontation Management Truck Hijacking Response Executive Protection: A Practitioner’s Overview Strike Preparation and Contingency Planning: A Complete Management Guide Post Strike Employee Return to Work Upcoming Education Programs Each 50-min of inst utes ru is wor ction th one CPE. Let us come to you ASIS is pleased to offer your organization the convenience and benefits of hosting your own professional development programs at a location and date of your choice. Select from an extensive offering of existing programs or customize classroom training to meet the requirements or interest of your target audience. Reward your employees and recognize the value of your customers by bringing contract professional development programs to your location. Get all your questions answered: call Ursula Uszynski, CMP at +1.703.518.1425 or John Lechner +1.703.518.1429. JULY SEPTEMBER DECEMBER 4-8 16-17 CPP, PCI, and PSP Classroom Reviews Orlando, FL 5-6 Security Force Management Alexandria, VA 5-6 Executive Protection Alexandria, VA 5-7 5th Asia-Pacific Conference and Exhibition Kuala Lumpur, Malaysia Resilience Management Systems Lead Auditor Course Oegstgeest, Netherlands 11-12 Executive Protection San Diego, CA 11-13 Organizational Resilience: A Holistic Approach to Security, Preparedness, and Continuity Management San Diego, CA 11-14 Physical Security: Advanced Applications and Technology Denver, CO 13-14 Corporate Investigations: How to Conduct Proper and Effective Internal Investigations San Diego, CA 20 Putting Your Program to the Test Webinar 27 Is Your Video Smarter than a Fifth Grader? Webinar AUGUST 10 Security Surveillance: Protecting Pool Day Clubs and Night Clubs Webinar 17-18 Pre-Seminar Industry Tours and Intensives Orlando, FL 19-22 57th Annual Seminar and Exhibits Orlando, FL OCTOBER 4-6 Education sessions produced by the ASIS Gaming and Wagering Protection Council for Global Gaming Expo Las Vegas, NV 12 Googlemania: Utilizing Google Earth® to Communicate to a Geographically Diverse Organization Webinar 19 K9s and Their Applications in Transportation Security Webinar 24-27 Video Surveillance: Applications and Advances Seattle, WA Oct. 31-Nov. 4 Wharton/ASIS Program for Security Executives Save $100 by registering early!* In partnership with Wharton School of the University of Pennsylvania (week one of two-week program) Philadelphia, PA e-Learning ASIS Certification Reviews Online and on CD Professional Development Access Control Active Shooter Basic Electricity Biometric Technology CCTV/Digital Video Executive Protection Fiber Optics IP Networking Nonviolent Confrontation Management Pandemic Influenza Post Strike Employee Return to Work Situational Awareness Strike Preparation and Contingency Planning Truck Hijacking Response Wireless Technology Webinars * Excludes executive education programs NOVEMBER 14-17 Assets Protection Course I: Concepts and Methods Boston, MA Live and on CD ASIS Seminar Recordings Anticipate the unexpected Experience the security tools, techniques, and talent that will shape tomorrow. Game-changing ideas and future-focused insight are the cornerstones of ASIS 2011, the world’s most influential—and trusted—security gathering. And, with an exhibit hall totaling more than 230,000 square feet, ASIS 2011 will deliver the new products, services, and advancements that can affect your profitability immediately, and well into the future. While unexpected threats will always challenge the security industry, ASIS 2011 promises the know-how to stay one step ahead of change. Register today! A S I S I N T E R N AT I O N A L 2 011 57TH ANNUAL SEMINAR AND EXHIBITS SEPTEMBER 19–22, 2011 | ORLANDO, FL For more information and to register, visit www.asis2011.org or call +1.703.519.6200. DISCOVER D DI SCOV SCOVER SC T THE HE HOT HOT TT TEST INNOVATIONS ONS THAT T ARE CHANGING THE FAC FACE OF SECURITY. 700+ + top manufacturers and service ervice pro providers rs New p New prod roduc oduct u t introductions • Ac Accolades oladess competition tion showcase Solu Soluti So uti tion onss Theater presentationss on the o he show sh floor floo Free e exh exhib hibits bit bits-only its-only s-only only admission admissi when w n you re register in advance ChapterNEWS Regions 1-4 J gave a presentation titled “Inadequate Security Prevention” at a meeting of the Northern Nevada Chapter. Special Investigator Richard Sullivan, CPP, talked about background investigations when he spoke to the New Mexico Chapter. held a Private Security/Criminal Justice Professional Forum, where members and students from local schools could meet and network. Schools invited included Blackhawk Technical College, Edgewood College, Global University, Herzing University, ITT Technical Institute, Madison Area Technical College, North Central Technical College, University of Phoenix, University Of Wisconsin, Upper Iowa University, Western Wisconsin Technical College, and others. Members of the Omaha Chapter gathered at Project Harmony Omaha to learn about the nonprofit agency and tour its facility. The agency’s mission is to respond to the abuse of children, and the group works closely with the Omaha Police Department. Another meeting featured a talk by Joe Gudenrath, executive director of the Omaha Downtown Improvement District Association. He discussed the association and how it is helping downtown Omaha. Tim Nestor, manager of global ames Howe, operations chief for Honolulu’s Ocean Safety Division, discussed ocean safety and lifeguard services at a Hawaii Chapter meeting. The Puget Sound Chapter learned about improving security by maximizing physical security Regions 5-12 systems and leveraging public/private partnerships when Robert rofessor Burk Foster of SagiMetscher, CPP, PCI, loss prevennaw Valley State University tion manager for Tacoma Goodvisited a meeting of the Sagiwill, addressed the group. naw Valley Chapter to talk about The California Inland Empire the school‘s internship program. Severe weather preparedness Chapter hosted the ASIS Region 3 was the topic at a meeting of the Annual Seminar in Highland California. The seminar included sesWestern Michigan Chapter. Ernie sions on active shooters, security Ostuno, a meteorologist with the technology, Mexican cartels, leadNational Weather Service Forecast ership, video surveillance technolOffice, was the guest speaker. ogy, and information security. In Dave Reid, assistant director of addition, attendees could visit a operations and maintenance for the weapons exhibition, play golf, or Kalamazoo/Grand Rapids Internatour the Redlands Police Video tional Airport, talked about airport Command Center. operations when he visited the Cesar Ruiz, who is the security Southwestern Michigan Chapter. operations manager at the ZoologiThe Central Wisconsin Chapter cal Society of San Diego, addressed the San Diego Chapter with a presentation titled “Keeping You Secure and Safe at The World Famous San Diego Zoo.” Members of the Northern Colorado/Southern Wyoming Chapter took a special tour of Warren Air Force Base. Lewis Koski of the Colorado Medical Marijuana Enforcement Division brought members of the Denver Mile-Hi Chapter up to date on current enforcement of Colorado’s medical marijuana laws. Another meeting featured a talk by Mark Kolar of Kolar Consulting. He described the The Toronto Chapter hosted its 18th Annual Best Practices Seminar, which was attended by 140 evolution of IP video managepeople, including ASIS President Raymond T. O’Hara, CPP (center). He presented one of the chapment systems. ter’s newest CPPs with a commemorative pin. Here, Christina Duffey, CPP, president of the ASIS ProKen Braunstein, president of fessional Certification Board, pins it on Monica Mellas, CPP, security manager for Johnson Matthey. Forensic Science Consultants, P J U LY /A U G U S T 2 0 1 1 25 ChapterNews At a recent meeting, David security operations for Deere Milsap of the Springfield Poand Company, gave a talk on lice Department and memtravel safety at a meeting of bers of the Ozarks Chapter the Eastern Iowa Chapter. Security training was the considered ways to improve topic when Bob Ronkoski, communications between the director of public safety for private sector and the police St. Charles Community Coland other security agencies. lege, addressed the St. Louis Derk Boss, CPP, director of surveillance at Casino AzChapter. tar, offered a presentation on James Schultz, information ASIS certification when he security manager for the FBI, The Jeddah Chapter participated in the First Jeddah spoke to the Evansville gave a talk on risk manageInternational Exhibition for Security, Safety, and Fire Proment in information security tection. The four-day event focused on aviation, IT, and Chapter. commercial security, as well as homeland security and to the Arkansas Chapter. Lieutenant Curtis Flaherty policing, fire and rescue, and health and safety. More of the Louisville Metro Police Lee Porter spoke to the than 300 visitors stopped by the Jeddah Chapter’s booth Department (LMPD) disArk-La-Tex Chapter about his promoting ASIS. In this photo, Major General Adel Y. Zacussed the Thunder over former role as a U.S. Secret mzami, director general of Makkah Region’s Civil DeLouisville event—part of the Service agent and his new fense Directorate (center), opens the exhibition. Kentucky Derby Festival—at role as a special agent with a meeting of the Louisville the U.S. Postal Service Office of Inspector General. manager for Brookshire Grocery Chapter. Another meeting focused on Company, described the magniAnother meeting featured a talk organized retail crime. Kenneth tude of the threat in the Ark-Laby Detective Melissa Mottley of Reynolds, regional asset protection Tex region. LMPD’s fraud squad. She discussed Take a certification review your way Select from classroom, online, or CD programs. Perform your best on the CPP, PCI, or PSP exam by taking an ASIS certification review. Reinforce your understanding in key areas of security tested on the exam and identify areas that may require additional study. Classroom Program Interact with knowledgeable, certified instructors and network with peers face-to-face in a 1 ½-day classroom certification review. CPP, PCI, and PSP Certification Classroom Reviews September 16-17, 2011 | Orlando, Florida (Just prior to ASIS 2011) Online and CD Programs Study virtually anywhere at your own pace with a CPP, PCI, or PSP computer-based review—available online and on CD. Go to www.asisonline.org for details and registration. 26 ASIS DY NAMICS ChapterNews of nextPression. They talked about leveraging social media for intelligence gathering and internal communications. Another meeting featured a talk by Kenny Shaw of the Dallas Emergency Response Team. He discussed emergency preparedness planning and the city’s partnership with area businesses. Chapter leadership continued its “town hall meetings” at coffee shops throughout Diane Gallatin, CPP, PSP (left), of the Austin Chapter the area to foster inforScholarship Committee, presented a chapter scholarship mal interactions with award to Sarah McDaniel at a recent meeting. members. Mark Chadwick of the San Anrity manager at the Lower Colotonio Office of Emergency Manrado River Authority, warned agement gave a talk on emergency members of the Austin Chapter operations preparedness to the San about the hidden dangers of USB drives. He offered a virtual demonAntonio Chapter. stration of how easily a computer Drew Bonser, information secucan be compromised with a USB drive, and what kind of information could be retrieved. Sheriff Adrian Garcia of the Harris County Sheriff ’s Office told members of the Houston Chapter that security is everyone’s responsibility. He talked about sharing information and working together to prevent terrorism and crime. Another meeting featured a talk on risk by Russell J. Cancilla, vice president and chief security officer, environmental health, safety, and security for Baker Hughes. The chapter is also working with the Houston Police Department to develop crime prevention classes for police officers. Members of the Texas Gulf Coast Chapter learned about forenThe Long Island Chapter hosted its Annual Person of the Year Dinner with more than sic science as applied to crime 200 security and law enforcement professionals in attendance. Honored as the Person of scene investigations when Associate the Year was Edward P. Mangano, Nassau County executive. Dominick Varrone, chief of Professor John Graham of Del Mar detectives for the Suffolk County Police Department, received the Law Enforcement/Security College was the guest speaker. Liaison Award. Mario J. Doyle, CPP, ASIS regional vice president, was named the Matthew Executive protection was the J. Simeone, Jr., Memorial Chapter Member of the Year. James Cariddi and Kevin Donohue topic when George Kennedy, presiof Dowling College’s Department of Campus Safety received the Arthur B. Colwin, Jr., dent of Center of Professional Memorial Security Officers of the Year Award. Pictured here from left are Cariddi, DonoStudies, spoke to the Tulsa Chaphue, Mangano, Chapter Chair Frank Catalano, CPP, Varrone, and Doyle. ter. Another meeting featured a business fraud investigations. Social media was the topic at a meeting of the Greater Lexington Chapter. Tim Dimoff, CPP, CEO and president of SACS Consulting and Investigation Services, discussed policies and procedures to protect companies and individuals who use social media. Allan McVey, vice president of BB&T-Carson Insurance Services, spoke to the Central West Virginia Chapter about liabilities and risk in the security department. Another meeting featured a talk by Thomas Kirk, director of West Virginia’s intelligence fusion center. The North Texas Chapter convened a panel to discuss “Social Media, Social Unrest, and the Security Professional.” Participating in the discussion were Dallas Police Deputy Chief Brian Harvey; Andrew Fortunato, former chief marketing officer of the U.S. Marine Corps; and Chris Feola, CEO J U LY /A U G U S T 2 0 1 1 27 ChapterNews Chemical Facility Anti-Terrorism Standards, or CFATS, for members of the Maine Chapter. The Boston Chapter held a joint meeting with the local International Association for Healthcare Security and Safety. At the meeting, Boston Police Department Commissioner Edward F. Davis described the positive impact private security has had on his The new Bahrain Chapter held a kick-off meeting where members elected officers and made plans career. for the future. Here, newly elected Chapter Chair Jean Perois, CPP, PSP, receives the chapter charter The chapter hosted its from Khalid A. Buali, CPP, chair of the Middle East Chapter, who was representing ASIS Regional Vice annual Security Expo, President Turki al-Turki. which featured talks on nanotechnology and security by advice when he spoke at a Clevetalk on cybercrime by Detective Theodore Lyszczarz of MIT’s LinThomas Bell of the Tulsa Police land Chapter meeting. coln Laboratory at Hanscom Air Department. Lieutenant Steve Kramer of the Force Base; school shootings and Jim Letten, U.S. Attorney for Cincinnati Police Department and workplace violence by James the Eastern District of Louisiana, Curator Richard Gross of the McGee, a noted psychologist and visited a Greater New Orleans Greater Cincinnati Police Historiformer director of law enforcecal Museum gave a presentation Chapter meeting, where he talked ment and forensic services at on the museum to the Cincinnati about district office functions and Sheppard Pratt Hospital; performupdated attendees on recent cases. Tri-State Chapter. ing at one’s peak by Lieutenant Another meeting focused on the Colonel Rob Walderman, a popunew wave of psychotropic drugs. Regions 13-19 lar motivational speaker; and how Harold Patin, chairman and CEO to get the most out of employees of Global Safety & Security Inc., .S. Department of Homeby Greg Blake of PepWorks. was the speaker. land Security personnel Members of the Connecticut Members of the Jackson ChapFran Patno, Ryan Hix, and Andrew Balter, reviewed the ter learned about CCTV’s evoluChapter learned about cloud comtion when Scott Black of Siemens gave a talk on the subject. Another meeting featured a presentation by Larry Rowlett, president and CEO of Presidential Security and Training Services LLC. The retired Secret Service agent discussed his company’s workplace violence training. Leadership was a recent theme for the Northern Alabama Chapter. Guest speaker Sarah H. Savage, president and CEO of Leadership Huntsville/Madison County, discussed educating and inspiring leaders to serve the community. The chapter also ran an ASIS booth at ASIS President Raymond T. O’Hara, CPP, attended a National Capital Chapter meeting, the Classification Management and where he shared highlights of his professional career, his mission as president of ASIS, and Information Security Mid-South his perspectives on the security profession. He presented a certificate of appreciation to Chapter’s Annual Training Seminar. Stephen G. Gottrich, Jr., CPP (left), for his chapter leadership and service. Chapter Chair Jim Ed Luttner, president of Edward Saulnier, CPP (right), congratulates Gottrich, while O’Hara looks on. Luttner Associates, dispensed career U 28 ASIS DY NAMICS ChapterNews The Fox Valley Chapter learned about emergency planning when David Duecker of the Wisconsin Office of Justice Assistance, Homeland Security, spoke to the group. Chapter Chair Gene Hermanny, CPP (left), presented Duecker with a certificate of appreciation. puting when Gerry Johansen, manager of information assurance for SSC, discussed the topic. The Southern Connecticut Chapter learned about best practices in electronic media evidence from Brian Hankard, supervisor of investigations at Pinkerton Consulting and Investigations. Lieutenant Dave Gebhardt of the Rochester Police Department discussed the state of the city when he spoke to the Rochester Chapter. The Schuylkill Valley Chapter presented its Security Officer of the Year award to Angel Nieves of the St. Joseph’s Hospital and Medical Center security team. Brian Martin, founder of Digital Trust, visited the Lehigh Valley Chapter to talk about security risks. Cynthia L. Hetherington of the Hetherington Group addressed the Central New Jersey Chapter on Internet and social media investigations. Another meeting featured a talk by Steve Molinelli, CPP, PSP, emergency management specialist with Rutgers University. He discussed organizational resilience. Rick Maltz, president of the Maltz Group, offered an overview J U LY /A U G U S T 2 0 1 1 of the Association of Certified Fraud Examiners when he spoke to the Baltimore Chapter. Railroad security was the topic when Bill Pitard, PSP, security specialist for PB Americas Inc., spoke to the Tidewater Chapter. Bill Alford, president of International Lighthouse Group, gave a talk on managing community disasters at a breakfast meeting of the Greater Charlotte Chapter. Captain Chad Smith, commander of the Fort Bragg Special Reaction Unit, described the roles and responsibilities of his unit to the Greater Fayetteville Chapter. He explained that the team approaches each situation differently and how it works with other local law enforcement agencies. Hospitality safety and security was the topic at a meeting of the Greater Orlando Chapter when Kelly Klatt, CPP, director of safety and security for Loews Hotels, addressed the group. A Miami Chapter meeting featured a joint presentation by Gregg Feldman and Mark Trower, who work with ChildNet, an organization that deals with runaway kids, child abuse, parental kidnappings, and human trafficking. Regions 19-50 M aurice Cusson of the School of Criminology at the University of Montreal discussed the “Art of Security” at a Montreal Chapter meeting. He talked about private security and its effect on the crime rate, as well as best practices. Ryan Petersen, CPP, operations technical specialist with Canada’s National Energy Board, gave a talk on his agency and the CSA Z246.1 (Security Management for Petroleum and Natural Gas Industry Systems) Standard at a meeting of the Calgary/Southern Alberta Chapter. Another meeting featured a talk on workplace violence by John Ratcliff, who is the program director for domestic violence and the workplace for the Alberta Council of Women’s Shelters. Randolph R. Brooks, president and director of First Premier Security Inc., offered a presentation on nonlethal crowd control devices when he spoke at a meeting of the Jamaica Chapter. Brooks is a licensed TASER instructor. The chapter also hosted a presentation on workplace violence in association with the Jamaica Employers The Maine Chapter represented ASIS at the 3rd Annual Maine Partners in Emergency Preparedness Conference. Shown here, Vice Chair Jim Caldwell (left) and Program Chair Bruce Lewis, CPP, tend the chapter’s booth. 29 ChapterNews Preseminar continued from page 13 Federation. Another meeting focused on border protection when Major Stanley Ford of Jamaica’s Customs and Border Protection visited the group. The guest speaker at a Mexico City Chapter meeting was the political analyst Alfonso Zarate Flores. He addressed issues such as public safety, structural tensions, and social and economic conditions. Supply chain security was the topic when Eduardo Jiménez Granados addressed the chapter. He discussed threats to the supply chain, risk assessment, dealing with a crisis, and learning from each incident. He reminded attendees that the supply chain starts with suppliers and distributors and ends with customers. Samuel Yecutieli of Segured.com spoke at a meeting of the Caracas Chapter about public monitoring. The United Kingdom Chapter awarded the Mervyn David Award to David Hines for his work at the National Victims Association, a charity he founded following the murder of his daughter. At the chapter’s spring meeting, Nigel Stanley of Bloor Research highlighted the threats arising from the new generation of smartphones. Malware can cause texts and messages to be forwarded to third parties, and 20 percent of the phones are lost or stolen, he said. Lord Toby Harris looked at recent history and predicted how the world would stand in 30 years in the arenas of weather, agriculture, population, politics, and more. The chapter also organized a tour of the World War II RAF Fighter Command headquarters, which included a guided tour, a film, and a visit to the museum. The Benelux Chapter met in conjunction with the Amsterdam Safety and Security Expo. The chapter meeting focused on CCTV with three guest speakers: Sander Flight of DPS Group, Jeroen Cleijne of Panasonic, and Jeroen Evraets of KPN Retail. The Norway Chapter learned about security measures that are in place at PricewaterhouseCoopers when Tore Maaø, chief security officer at the company, was the featured speaker. Paul Conneally, media and communications manager for the International Federation of Red Cross and Red Crescent societies, was the guest speaker at a meeting of the Switzerland Chapter. He talked about digital disasters and how new technologies are helping connect people involved in providing humanitarian aid. Jolene Harris of Ashersons discussed the Consumer Protection Act at a meeting of the Cape Town Chapter. At another meeting, Tinus Diedericks of Timeless Technologies updated members on thermal imaging technology. ◆ The ASIS CAREER CENTER Your source for security management jobs. www.asisonline.org/careercenter 30 Sponsored by ASIS Security Architecture and Engineering Council, the fee for this program is $395 for ASIS members; $495 for nonmembers. Security Consulting “The Successful Security Consultant” will be held on Sunday, September 18. Sponsored by International Association of Professional Security Consultants, the program will help attendees launch a new security consultant practice or jump-start an existing one. Participants will learn from seasoned consultants how to avoid the expensive mistakes that sabotage success. The program presents practical information to save security consultants time, money, and frustration. Attendees will take home a workbook of sample proposals and reports that present a clear advantage when competing for a security consulting assignment. The fee is $395 for ASIS members; $495 for nonmembers. ◆ Terrorism continued from page 4 compliance with the Foreign Corrupt Practices Act (FCPA); he also discussed problems with human trafficking. Glenn Ware and Sulaksh Shah of consulting giant PricewaterhouseCoopers LLP also discussed FCPA compliance. Mario Possamai, CPP, of RBC, a member of the Global Terrorism Council, addressed corruption as well. Tammy Hurst of Bank of America discussed cybersecurity, as did Andy Purdy of CSC. Conference cochairs Marcy Forman and Deena Disraelly, both members of the Global Terrorism Council, along with Council Chair Britt Mallow, discussed money laundering, cybersecurity, and supply chain issues. ◆ By Sherry Harowitz, editor-in-chief of Security Management. ASIS DY NAMICS