Does the Private Security Industry need a Standard to improve their security service performance and demonstrate good management practices? If you, like us, think that the security industry should become more professional then who or what organization would develop such a Standard and how far would its tentacles reach? For the last several years ASIS International and ANSI (American National Standard Institute) have been debating this issue with subject matter experts from all over the world based on numerous difficulties and complaints in the private security industry related to costs, poor management, and human rights and freedom violations. The result – ANSI / ASIS PSC.1-2012 “Management System for Quality of Private Security Operations – Requirements with Guidance” was developed and approved by the American National Standard. Our Senior Associate, Peter Stewart, has combed through the draft standard documents for your benefit. A feature article in the September 2013 issue of "Passenger Terminal World" is dedicated to the coverage of Behaviour Detection as one of the risk-based screening methods applied in modern mass transit (e.g. airports) settings. CHI Security's Michael Berk was interviewed by this leading industry magazine to provide insights into this highly specialized trade. Read the feature article here on-line or in the digital format here (see page 18). Note: the authors have incorrectly associated the Passenger Behaviour Observation pilot program with Transport Canada, as oppose to the Canadian Air Transport Security Authority. We asked them to update this (as well as the full name of our company) but the issue went to print already... We live in exciting times. Those who can see or feel subtle changes in the matrix of our socio-economic system will understand what we mean. While some of these changes may be positive or negative, depending on where one stands, paradigm shifts take place everywhere. When observed in the ossified system that is Security -- a slow, legacy-based, mostly reactive and heavily tech-equipped giant -- the signs of changes coming present new and interesting opportunities. One of the fundamental changes we observe is the shifting of focus towards 'Intent' in security operations. Focusing on those who have the motivation, intent and capabilities to execute an attack makes security more proactive, risk-based and agile.
According to CBC and other sources, VIA Rail is considering to beef up its security procedures in light of the alleged terrorist plot to derail a train on New York to Toronto route. Among the possible security measures under consideration are greater scrutiny of checked luggage, use of sniffer dogs, mandatory ID checks and luggage reconciliation. Among other measures already in place, VIA Rail spokesperson mentioned that VIA employees have been trained in observing suspicious body language. Some pundits were quick to describe these measures as 'aviation security style' screening which will render traveling by train in Canada a lot less pleasant. We believe this won't be the case.
In our opinion, the addition of more serious security measures to Canadian rail cargo and passenger transportation has been long overdue. Rail infrastructure and communications constitute an integral part of the national critical infrastructure. A recent event at Lac-Megantic, QC has provided vivid images of what could occur in an urban area if an attack involving a heavy load of explosives is executed. In the current evolving threat environment the addition of sensible and scalable risk-based security measures makes a lot of sense. Today's news are filled with articles citing another GAO report issued yesterday and entitled "TSA Could Strengthen Oversight of Allegations of Employee Misconduct".
Apparently the rate of complaints against TSA screening officers have increased by 26% in the past three years. The report said 3,408 misconduct allegations were filed against TSA workers last year, up from 2,691 in 2010. Many of the charges for screening and security-related incidents pertain to violating standard operating procedures, including not conducting security or equipment checks, and allowing patrons or baggage to bypass screening. While the increase in allegations (if they're based on true foundations) is lamentable, with over 1.6 million of screened passengers per day and over 56,000 Transportation Security Officers involved, the numbers cited must be taken in a proper context. In our practice, we often encounter situations when clients ask questions about measuring 'security value' or whether this or that security solution works. How does one evaluate the effectiveness and efficiency of security operations? How does one determine which solutions to choose from? In our answers, or when we design and implement security solutions, we base our approach on the Outcome-Based model -- almost everything can be supported by data or evidence if you know what questions to ask and how to engineer performance measurements. In a rapidly changing operational environment when new threats emerge on a regular basis, the existing prescriptive models can no longer provide the expected security answers. In an outcome-based approach to security, while the established objectives remain the same a security program has enough flexibility and adaptability to deal with most of emerging challenges. CHI Security Senior Associate, Peter Stewart, has prepared a short overview of what an Outcome-Based Approach is all about (see pdf below). Feel free to contact us if you have more questions.
One of the biggest challenges facing any organization with a security department is: How to Explain (read: Justify) Utility of Security Operations? What Value do these operations bring to the overall bottom line?
While senior managers, board members and general public accept the notional need for having security procedures and personnel in place since 9/11, most of those who run these operations have difficulty with providing answers beyond the mere "That's just it, we need it!" The situation is prevalent in many countries, but in Canada it is compounded by a simple fact that we have not (thankfully) experienced serious security incidents. Bad things just do not happen here. Generally speaking, security operations are human/technology systems designed to protect installations or people from natural or man-engineered threats. The real concerns, of course, are always with people who possess malicious intent and means/skills allowing them to execute an attack.
High-risk assets in transportation industry, such as air/ports and public transit hubs, present a particular problem for security operatives often due to larger territories to protect, multiple entry points, high passenger/cargo traffic and more. After conducting regular TRAs and identifying vulnerabilities, target hardening often ensues through the addition of infrastructure and/or technological 'barriers' and training of personnel to follow strict protocols. Apart from serious budget expenditures which continue to build-up as threats evolve and tech solutions are added (space allocation!), such typical responses often create a very rigid operational environment. Over time this vicious cycle leads to several outcomes: |
Details
AuthorCHI Security team includes professionals with diverse backgrounds and experiences. In this blog we share our musings on how to build a resilient security force. Hardware comes later... Archives
December 2013
Categories
All
|