https://sm.asisonline.org/Pages/Vehicle-Access-at-Stadiums.aspxGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Vehicle Access at Stadiums0

 

 

https://sm.asisonline.org/Pages/Seminar-Sneak-Peek---Bringing-Metrics-to-the-C-Suite.aspxGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Seminar Sneak Peek: Bringing Metrics to the C-Suite

 

 

https://sm.asisonline.org/Pages/How-to-Practice-Ethics.aspxGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465How to Practice Ethics

 

 

https://sm.asisonline.org/Pages/Sounding-the-Alarm-at-Lone-Star.aspxGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Sounding the Alarm at Lone Star

 

 

https://sm.asisonline.org/Pages/New-Data-Rules.aspxGP0|#91bd5d60-260d-42ec-a815-5fd358f1796d;L0|#091bd5d60-260d-42ec-a815-5fd358f1796d|Cybersecurity;GTSet|#8accba12-4830-47cd-9299-2b34a4344465New Data Rules

 

 

https://sm.asisonline.org/Pages/In-the-Public-Interest.aspxGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465In the Public Interest2016-05-01T04:00:00Z
https://sm.asisonline.org/Pages/Cannabis-Cash.aspxGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Q&A: Cannabis Cash2016-07-01T04:00:00Z
https://sm.asisonline.org/Pages/Wagering-on-Preparation.aspxGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Wagering on Preparation2014-09-01T04:00:00Z
https://sm.asisonline.org/Pages/It-Takes-a-Team.aspxGP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465It Takes a Team2014-01-01T05:00:00Z
https://sm.asisonline.org/Pages/Beyond-the-Active-Shooter.aspxGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Beyond the Active Shooter2015-01-01T05:00:00Z

Security Management

 Morning Security Brief

View RSS feed

 SM Weekly

Retrieving Data

 SM Daily

Retrieving Data
Not a Member? Join Now

 

 

https://sm.asisonline.org/Pages/Scholastic-Surveillance.aspxScholastic SurveillanceGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>There’s a growing consensus on the issue of placing security cameras in schools—a recent study found that 72 percent of adults favor the practice. That percentage of support is up 7 percent from a year ago, when 65 percent were in favor of school cameras in a similar survey. </p><p>“This number has risen in recent years, with increased attention on preparedness in handling potential threats,” wrote Dean Drako, president and CEO of Eagle Eye Networks, which commissioned the study. The report compiled surveys from 1,500 respondents from all regions of the United States taken earlier this year. The survey defined schools as preschool/daycare, K-12, and college.  </p><p>Asked to cite why respondents saw security cameras as valuable, the most popular reason (cited by 64 percent of respondents) was to “identify criminals and facts after events.” This reason was followed by “real-time insights during emergencies,” at 59 percent, and “deterring crimes,” at 57 percent.   </p><p>In addition, 78 percent of respondents said they thought it was important for first responders to be able to access school video during an emergency. “This result signals the high value the community places on ensuring immediate situational awareness during a crisis on campus,” Drako wrote.  </p><p>In the report, the top five camera location priorities were at entrances and exits (76 percent), hallways (62 percent), and lunchrooms, playgrounds, and gyms (53 percent). Only a minority of respondents wanted cameras in classrooms (36 percent) and locker rooms and bathrooms (18 percent). </p><p>However, Kenneth Trump, president of National School Safety and Security Services, who has worked and consulted on school safety projects across the country, says he now sees a few complicating factors regarding the use of surveillance cameras in schools, based on the many assessments his consulting firm has done for schools from preschool through 12th grade. </p><p>“We often see that schools put cameras in based on a one-time shot in the arm funding—often due to state grants, or a one-time allocation in a capital improvement program,” Trump says. The launch of these new cameras is often featured in press conferences or public announcements. </p><p>But then, when the cameras need to be fixed or replaced three or four years down the road, the school district has no budget allocation at either the individual building or district level for repair or replacement. The cameras can then sit dormant for months, or even longer, while “parents, students, and staff are under the impression that cameras are functioning when they are not,” he explains.  </p><p>  Trump himself believes that cameras can be a useful tool in overall school security. “Cameras deter those who can be deterred,” he says.  And their footage can serve as evidence in some cases. “They serve a role, but there are limitations,” he adds.   </p><p>  Trump also says that, in his assessments, he has found an overall trend that some schools are putting disproportionately more emphasis on hardware and products, and less “on the people side” of school security. “School leaders are well-intended, but there is a lot of political pressure to do this,” he says. “And certainly there are a lot of opportunistic vendors.” </p><p>“Many school administrators will throw up some cameras to fortify their front entrance,” he continues. “But the reality is, it is what is behind those fortified walls that really makes up the heart of your school security program—which is your people.” </p><p>Of course, investing in “the people side” of school security takes time and money, he says. It often means professional development training not just for teachers and administrators, but for support staff: the bus drivers, who are the first and last ones to see students every day. Secretaries who might take a call from someone making a bomb threat. Custodians and food service staff, who may be the first ones to notice any strangers on campus. “They are on the front lines,” he says. “They should be included in tabletop exercises, along with the first responders.”  </p><p>However, training and development for all staff takes a funding investment, and some districts find it cheaper to buy more hardware instead. In addition, Trump says that he has been seeing another trend—hardware and product vendors in some states lobbying state legislators to put school security and emergency planning into the hands of homeland security officials, and out of hands of the school administrators, which could thwart training and development. </p><p>In the Eagle Eye survey, a majority of the respondents (56 percent) said they believe that visible security cameras would reduce bullying in schools. Again, however, Trump says that while cameras can be an effective component of an antibullying program, “the first and best line of defense is a well-trained and highly alert staff and student body.” Unlike a camera, staff can “see things that are invisible,” such as dynamics between students, which indicate potential or possible bullying. Technology can be a supplement, but not a substitute, for this. </p><p>Strong security programs continue to be sorely needed, as violent fatalities continue to be a problem in schools. Another recent report, which looked at the 2012-13 school year (the latest data available), found that nearly 3 percent of violent deaths among American school age youth took place at school or school-related environments. </p><p>The report, Indicators of School Crime and Safety: 2015, is a joint effort from the National Center for Education Statistics, U.S. Department of Education, and the Bureau of Justice Statistics at the U.S. Department of Justice. It found that, in the period from July 1, 2012, through June 30, 2013, there were a total of 41 school-associated homicides in U.S. elementary and secondary schools, slightly less than 3 percent of the total number of school-age homicides in America.   </p><p>The 3 percent figure has stayed consistent since annual statistics were first compiled for the 1992-93 school year. Authors of the study indicated that the percentage, although low, was still unacceptable. “Our nation’s schools should be safe havens for teaching and learning, free of crime and violence,” the authors wrote. </p>
https://sm.asisonline.org/Pages/The-Usual-Suspects.aspxThe Usual SuspectsGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>Whether large or small, from two to 431,000 employees, companies were similarly victimized, according to data patterns revealed in a new study. </p><p>As part of a larger study that focused on the creation of typologies and criminological perspectives related to trade secret theft, the authors of this article analyzed all 102 successful U.S. trade secret theft prosecutions from 1996 to 2014 using FBI and U.S. Department of Justice press releases, indictments, docket information, and other data related to the types of organizations that were victimized. </p><p>Trade secrets discussed in these cases are not public or published like copyrighted and patented materials. Instead, they are protected by the organization through the privilege of nondisclosure. This designation leaves the trade secrets protected in perpetuity—unlike patents and copyrights, which have limitations on the number of years they are safeguarded from use by competitors. </p><p>The theft of this type of protected information is illegal under the Economic Espionage Act (EEA) of 1996. It is considered a form of economic espionage or “larcenous learning,” because secrets are targeted and stolen from the rightful owner by individuals, rival companies, and even foreign countries through economic-espionage related activities.  </p><p>And trade secret theft is not a rare occurrence. American businesses owned an estimated $5 trillion worth of trade secrets in 2014, and approximately $300 billion was stolen per year, according to a statement made by Randall C. Coleman, assistant director of the FBI’s Counterintelligence Division, in a hearing before Congress.  </p><p>The authors’ analysis of these cases provides insight into the most common types of trade secret and economic espionage activities, as well as the prevalent characteristics of offenders. ​</p><h4>Who is Vulnerable? </h4><p>All companies, regardless of size and type, are vulnerable to trade secret theft. The majority of companies that were victimized were large (employing more than 1,000 employees), and many were easily recognized Fortune 500 companies.  </p><p>Organizations in the manufacturing sector were most likely to be victimized (64.6 percent), followed by service industries (19.2 percent), when examining sectors using their Standard Industrial Classification Codes. ​</p><h4>What is Stolen and How? </h4><p>The authors’ review of EEA cases showed that anything of actual or potential value—including current, future, or intrinsic—can be stolen or compromised when it comes to trade secret theft.  </p><p>This includes source code, photographs and images of machinery, proprietary software programs, sales order forecasts, customer and client lists, billing information, subscription lists, research data, and project data, to name a few examples. </p><p>While a common assumption may be that trade secret theft involves some degree of sophistication, the study suggests otherwise.  </p><p>For instance, a bartender who worked in the corporate dining room of MasterCard’s headquarters in Purchase, New York, stole reams of confidential material from the dining room and surrounding areas—including CD-ROMS and binders—that he offered to sell to Visa.  </p><p>Visa, however, reported him to the FBI, which set up a sting operation to negotiate the purchase of the materials. </p><p>In another case, Chinese nationals simply walked into corn production fields owned by Monsanto, DuPont, Pioneer, and LG Seeds, and stole bioengineered seeds after claiming they worked for the University of Iowa. </p><p>Trade secret theft episodes are not always long-term events. In fact, some  <span style="line-height:1.5em;">are short-term, opportunistic, one-</span><span style="line-height:1.5em;">time events.  </span></p><p>One example of this is when two engineers for Wyko Tire Technology—a company that supplied Goodyear parts for its tire assembly machines—were left unescorted in a Goodyear factory. They used the opportunity to take cell phone photos of proprietary machinery at the factory, despite being told not to. A Wyko IT manager later discovered the photos on one of the engineer’s e-mails and forwarded the message to Goodyear. ​</p><h4>Who’s the Thief? </h4><p>There is no one-size-fits-all profile for those who commit trade secret theft, according to the authors’ study. Even though the majority of cases involved insider threats, advanced analysis found no discernable offender profile.  </p><p>Additionally, the authors’ review showed that offenders were not distinguished by citizenship, age, gender, or employment status.  </p><p>However, some generalizations can be made about trade secret thefts and offenders. Any type of trade secret can be stolen, most thefts are simple, males commit trade secret theft more than females, and most thefts are committed by lone offenders. Citizens—not foreigners—commit most trade secret theft. </p><p>Insider threats. The majority of suspects in EEA cases were insider threats (83.3 percent). In most cases, the insider had legitimate access to trade secrets through the course of his or her daily work.  </p><p>These insiders were often in a position of trust, such as network administrators, executive secretaries, computer programmers, engineers, computer specialists, vice presidents, former owners, and IT directors. </p><p>Among these insider threats, most were still employees of the company (71.8 percent) when they were indicted. Next most prevalent were former employees, who committed the theft while still employed but who were detected post-employment (22.4 percent).  </p><p>The least likely insider threat was an invitee of the company (5.9 percent). This group included contract employees or subcontractors who had legitimate access to the company.  </p><p>The study also found that most insider threats are citizens and lone offenders. The majority of offenders were U.S. citizens (64.6 percent) and were U.S. born (53 percent), males (56 percent), and in their 40s. The majority of the internal threats were also lone assailants (67.5 percent). </p><p>This could be because in many trade secret theft cases, the employee leaving the organization used stolen trade secret–related information for professional gain. </p><p>In 2013, Ketankumar Maniar quit his job at a company that made disposable syringes. Prior to his resignation, however, he downloaded trade secret files onto his work laptop.  </p><p>Through an internal investigation, the company discovered that Maniar had downloaded these files. It contacted the authorities, and FBI agents later caught Maniar in a hotel room as he was preparing to leave for India. While FBI agents searched the room, Maniar admitted that he planned to use the trade secrets for future employment opportunities in India. </p><p>In another case, Xiang Dong Yu—an employee of 10 years with Ford Motor Company—quit to take a new position with Beijing Automotive. He was arrested by the FBI when he flew back to the United States and agents found at least 41 Ford design specifications on his Beijing Automotive–issued laptop. </p><p>If not seeking new employment opportunities, however, internal threats often created their own consulting or start-up companies, the study found. Such was the case with Yu Qin, a vice president of engineering and research and development at Controlled Power Company (CPC) who also had his own company for five years, unbeknownst to his employer. </p><p>In this case, Qin and his wife (a former employee of CPC and General Motors) were stealing trade secrets from both CPC and General Motors. Their thefts were discovered when CPC employees found a hard drive, which contained 16,000 confidential files <span style="line-height:1.5em;">that belonged to General Motors. </span></p><p>CPC management then sent the files to General Motors, which determined that Qin’s wife had stolen the electronic documents before her voluntary resignation. CPC then realized that Qin had also used trade secrets from CPC for his own consulting company. </p><p>While trade secret theft can help individuals achieve professional gain, personal financial gain should not be discounted. Trade secret theft is also committed by current or existing employees, who in most cases are motivated by financial gain or revenge.  </p><p>For instance, Yuan Li—who was employed by Sanofi—held a 50 percent partnership in Abby Pharmaceuticals. Sanofi was unaware of this fact.  </p><p>Li accessed an internal Sanofi database and downloaded information about Sanofi chemical compounds onto her Sanofi-issued laptop computer. She then transferred the information to her personal home computer by either e-mailing it to her personal e-mail address or by using a USB thumb drive. Li later made the Sanofi trade secrets available for sale on Abby’s website. </p><p>External threats. While the majority of trade secret theft cases involved internal threats, security professionals should not discount the external threat. External threats, those individuals who have no legitimate access to the company or to secret information, accounted for 16 of the prosecutions analyzed in the study. </p><p>The review of cases showed that these external threats included persons who were classified as true spies (38.9 percent) or employees from a rival company (23.5 percent). Other external threats included friends or relatives of current or former employees (29.4 percent) who exploited their friend or relative’s status as an employee to access and steal trade secrets. </p><p>The majority of these external offenders were also U.S. citizens (52.9 percent), U.S. born (100 percent), and males who were in their 40s. In cases where the number of suspects could be determined, lone assailants were the most common (48.7 percent), followed by pairs of suspects (31.3 percent). However, a few crimes included groups of conspirators. </p><p>For example, former Business Engine Software Corporation (BES) Chief Technology Officer Robert McKimmey from Business Engine Software Corporation conspired with other executives to illegally access competitor Niku’s computer network. McKimmey gained system administrator privileges at Niku and used the passwords from 15 different employees to download more than 1,000 files over a 10-month period ending in 2002. </p><p>The FBI investigated the intrusion, and McKimmey and the other executives later pleaded guilty to conspiracy to misappropriate trade secrets and interstate transportation of stolen property. ​</p><h4>How Were They Caught? </h4><p>The actual means of detection was difficult to determine because a majority of cases did not disclose the specific measures used, the authors’ study found. The information that does exist, however, shows that many incidents were discovered by monitoring the computer use of employees. More interestingly, companies and their employees reported trade secret thefts perpetrated on rivals and competitors. </p><p>For instance, a former Lockheed Martin employee was hired by Boeing. Later, a Boeing employee discovered that the former Lockheed Martin employee had classified Lockheed Martin documents in his workstation and immediately notified his supervisor.  </p><p>This led to an internal investigation, and Lockheed Martin and the U.S. Air Force were notified. A subsequent investigation by the FBI revealed that the employee had stolen 25,000 pages of documents from Boeing. </p><p>In another case, a former DuPont employee was seeking technical assistance from current and retired company employees. Several of these solicited employees contacted DuPont’s management because the information the former employee sought was proprietary. DuPont officials then relayed their concerns to the FBI. </p><p>The authors’ study confirmed that, due to the limited number of trade secret indictments and prosecutions, many thefts go undetected by organizations and law enforcement entities. Based on this finding, organizations should develop proactive means to deter and detect such crimes.  </p><p>Security professionals must be prepared to protect their trade secrets from individuals who have no identifiable profit. They should adopt a comprehensive and strategic approach toward protecting trade secrets because all companies—large and small—are vulnerable to trade secret theft.   </p><p>-- </p><p><em>Brian R. Johnson, Ph.D., is a professor in the School of Criminal Justice at Grand Valley State University in Allendale, Michigan, and specializes in private security and law enforcement. Christopher A. Kierkus, Ph.D., is an associate professor in the School of Criminal Justice at Grand Valley State University and specializes in research methods and criminology. Patrick M. Gerkin, Ph.D., is an associate professor in the School of Criminal Justice at Grand Valley State University and specializes in criminology, ethics, and restorative justice.  </em></p>
https://sm.asisonline.org/Pages/To-Arm-or-Not-to-Arm.aspxTo Arm or Not to Arm?GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>Steve Baker, CPP, PCI, PSP, is president of VTI Associates, a security consulting firm that provides use-of-force training and litigation services. He is also a certified instructor for security officer firearms training in the states of Nevada and Arizona. Baker talks with <em>Security Management</em> about the subject of arming guards and how companies can evaluate what options are best for them. </p><p> </p><p><strong>Q. What are some of the considerations businesses should weigh when deciding whether or not to arm guards?  </strong></p><p><strong>A. </strong>Companies should first ask whether there is a business need. What is the business trying to protect? What’s the threat for the facility, the nature of the business, assets that need protecting, hours of operation? Some places at different times of day may have different issues. For example, a gas station located near a busy highway may want an armed guard at night.  </p><p>Then they have to consider, will it be 100 percent arming, or is there going to be a mix of armed and unarmed personnel? And then, to break that down even further, what level of arming are we going to do—are we going to have it restricted to supervisors and managers only, or all officers?  </p><p>We also have to talk about the financial impact of screening, hiring, and retaining the employees; also training and equipping them. There’s the factor of law enforcement response time. All of these issues should play into that initial needs assessment. </p><p><strong>Q. What types of businesses typically arm their guards?  </strong></p><p><strong>A. </strong>The gaming industry historically has a lot of armed people, but it’s not universal. Sometimes you’ll get convenience stores and other properties where there’s a lot of public traffic coming through. Some of the utilities, depending on what they are and what they are protecting, have armed guards. </p><p><strong>Q. How about hospitals?  </strong></p><p><strong>A.</strong> A lot of them don’t want to have firearms. They really don’t want to be in the shooting business, if you will. However, nobody goes to the hospital happy. There’s a lot of anxiety no matter what. So if you’re going there as a patient you have anxiety, if you’re there because a loved one or a friend is ill or injured you have some anxiety, and then you have people with various maladies and mental disorders—all of which can make any property challenging.  </p><p>On top of that, there’s also the availability of drugs. And [thieves] know that the drugs are locked and secured, but they also know if they stick a weapon in somebody’s face, that person is more likely to comply with a request to open that cabinet.  </p><p><strong>Q: Besides firearms, what are the common types of force used by security guards? What are the potential drawbacks? </strong></p><p><strong>A. </strong>One of the things we look at is what options do you have on the continuum of force? Pepper spray is pretty widely used, though there can be some insurance issues because—while the use of it isn’t as severe as a firearm—it’s used more frequently. And it’s messy. It does subject people in the area to cross contamination and overspray, so other people may get a whiff of it, and that can result in some insurance claims. So you have that frequency versus severity calculation that the insurance companies all run, and that can sometimes impact your premiums. </p><p>Batons are actually difficult. They require a higher level of training, and what happens is people tend to go “medieval” with the stick. And the minute something happens, guards can forget all of their training, and it just becomes a club. And that’s problematic—the probability of injury is great with the baton. </p><p><strong>Q. Are handcuffs considered “force”? </strong></p><p><strong>A. </strong>Handcuffs are another option. They are not truly a weapon, and there’s a large training issue with using them. The adage of “slap on the cuffs” is a really bad way to put it. If you don’t place them on properly, and you were to come from a distance and slap them on someone, it’s like taking a steel rod and hitting yourself on the bones of your wrists. Your reaction is going to be to pull away, which we generally call resisting. So just by the method that we’re using to apply the handcuffs, a compliant person can suddenly appear noncompliant.  </p><p>In my classes, I have all the students handcuff each other after lunch. I leave them all handcuffed, and then I have them sit down and I lecture for about half an hour, so that they can understand what happens as they are sitting there handcuffed.  </p><p>And what happens is that, as you move around just a little bit, sometimes the handcuffs’ oval shape and the wrist’s oval shape don’t match up anymore, and it hurts badly. They say, “it’s too tight,” and you just take <span style="line-height:1.5em;">a couple of fingers and readjust the cuffs around the wrist. So cuffs are a little bit more complicated in their minor nuisances, but training makes </span><span style="line-height:1.5em;">a huge difference.  </span></p><p><strong>Q: Tasers seem to also be a popular choice for nonlethal force, though they come with their own set of challenges as well. What are the pros and cons of these devices? </strong></p><p><strong>A. </strong>When Taser first came out it was an alternative to deadly force. If you were in a situation where you were justified in using deadly force, you could use this nondeadly device and hopefully rectify the situation with that.  </p><p>I was actually on Taser’s initial advisory board when the company started branching out more into the security industry. Tasers are a wonderful device, and again you’ve got a higher training level. It’s not the fix-all that many people would like to believe it is. In law enforcement generally you have multiple officers available when deploying the Taser, at least in a perfect world. And usually those other officers have higher levels of force, like a firearm, for backup. So if a Taser doesn’t work and they have to escalate force, they can do so.  </p><p>But what I’ve found is that the use of Tasers [with guards] were tenfold to that of firearms, because there’s the perception that it’s “okay” to tase people. So there has to be a lot of training and judgment in use of force and appropriateness so that we don’t overuse these devices just because they are nonlethal. </p><p><strong>Q. What other topics do you cover in your training?  </strong></p><p><strong>A. </strong>We have to go through the basics of criminal and civil law, as well as criminal procedure. We have to touch on some risk management concepts. Security officers need to understand certain things–they are not the police. For law enforcement, their goal is to make arrests and address crime. Security’s responsibility is to keep their property reasonably safe. If a threat actor has departed the property, unlike law enforcement, guards don’t give chase, they need to turn that over to the police. And a lot of them don’t understand that. They have that mentality of, “well something happened and I have to chase them down and get them.”  </p><p>I always ask, are there any misdemeanor crimes where you’d be justified in shooting somebody? I can spend up to an hour on that question. The answer is no. That’s the reason they are misdemeanors, they are lesser crimes. So a punch in the nose is a misdemeanor. Are you going to shoot someone because they punched you in the nose? You shouldn’t—and if you do, you’re going to have problems. Now if they are beating you to death, that changes the situation. You’re now in justified fear of your life.  </p><p>It’s a split-second decision with a firearm, and if you’re wrong, it can be catastrophic to the officer, whoever the other person is, and to the organization.   </p>
https://sm.asisonline.org/Pages/How-to-Practice-Ethics.aspxHow to Practice EthicsGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>“I am incredibly nervous that we will implode in a wave of accounting scandals…the business world will consider [our] past successes as nothing but an elaborate accounting hoax,” Sherron Watkins of Enron Corporation wrote in a six-page letter dated August 15, 2001. Watkins, Enron’s vice president of corporate development, sensed that the end was near for her firm, but even she did not know the extent of it. Enron Chief Executive Kenneth Lay, and his top lieutenants, had engineered one of the world’s largest fraudulent corporate accounting schemes in history. </p><p>Enron’s ultimate collapse resulted in the loss of $61 billion in shareholder value and the elimination of more than 5,000 jobs. Sixteen employees pleaded guilty for crimes committed at the company. Several top executives, including ex-CEO Jeffrey Skilling, landed in prison for their roles in the scheme and for lying to employees and investors about Enron’s financial health. Skilling was sentenced to 24 years in prison and fined $45 million. </p><p>As detailed in his seminal book Conspiracy of Fools, author Kurt Eichenwald revealed that greed and ambition were not the only reasons for Enron’s failure. Another crucial factor was the absence of an ethical culture, which ultimately enabled the wrongdoing.  </p><p>In the 15 years since Enron’s epic failure, the importance of maintaining an ethical culture continues to grow. As the world of security changes, corporations change, management approaches change, and technologies change. To remain ethically sound, organizations need more than a fixed set of specific rules contained within their codes of conduct. Security managers should take the lead in actively managing their department’s culture so that sound ethics are firmly embedded in all operations, which are in turn aligned with the organization’s values and mission.   </p><p>Ethics is the sum of the moral principles that help govern our behavior. Ethics allow us to distinguish between good and evil, between right and wrong. Ethics allow us to recognize virtue in ourselves, and in others. </p><p>On the organizational level, the ethical guardrails designed to keep employees within the lanes of proper behavior can usually be found in the organization’s code of conduct. Moreover, properly crafted mission, vision, and values statements may also serve as ethical flashcards, reminding employees of conduct expectations and cultural goals. All told, many organizations demand rigid compliance to an array of rules, policies, and behavioral guidelines. </p><p>At the same time, modern organizations of all types and sizes, in both the private and the public sectors, are embracing diversity. Employers are increasingly relying on a management philosophy that considers no two staffers alike. Each employee possesses their own unique truth, with distinctive background experiences, motivations, and values.   </p><p>This leads to a potential paradox. Employers are welcoming the wide range of backgrounds, opinions, and perspectives that their staff members provide, but at the same time they are demanding universal ethical conformity and compliance. Can this paradox be reconciled? Does it suggest that it is time to rethink ethical expectations and how organizations pursue them? </p><p>Some forward-thinking security leaders have found the answer. They have begun to understand ethical behavior not as a commodity, nor a goal to be fulfilled at some point in the future, but as a sustainable organizational condition. As such, it is dynamic. The pursuit of ethics is never-ending, because the organization that embraces it is continually evolving. The organization may downsize, expand operations, take on new markets, or change focus, but because sound ethics are embedded in its culture, it and its employees act ethically, regardless of circumstances.  </p><p>And so, the paradox of prized individualism versus universal rules compliance can be resolved by the careful management—or nurturing—of the organizational culture. Thus, as Enron and its investors so painfully discovered, active culture management is essential for an ethical organization. As Eichenwald revealed, when an organization fails to manage its own culture and push ethical considerations to the fore, it becomes ripe for ethical lapses, sometimes catastrophically so.   </p><p>Below are two real-world examples of security managers who encountered ethically challenging situations in their organizations. These leaders were able to manage the culture of their firms by taking actions that had positive ethical ripple effects through the organization.  ​</p><h4>mission creep </h4><p>To illustrate the importance of culture management to ethics, here’s how one hospital security manager—we will call her Rachel—changed her organization’s culture. </p><p>Rachel knew she faced challenges before she accepted her position. The hospital that had hired her, which mostly served the inner-city poor, had an aging infrastructure; many of the buildings that housed the institution’s staff of more than 4,000 employees were in disrepair. The administration’s approach to selecting and using its security officer force was similarly outdated.  </p><p>As the hospital’s first new director of security services in more than 20 years, the first thing Rachel addressed was the complacency that she found in the organization’s culture. To communicate her expectations and set a new tone, she privately met with each of her 85 full-time team members. In each meeting, she asked three questions: Who is your customer? What are their needs? What have you done to meet them? </p><p>The results were startling. Many on the team did not know whom they were serving. And many of the services that team members were offering were outside the department’s stated mission. For example, on occasion “volunteer” off-duty uniformed officers were provided for security purposes at hospital fund-raisers. The officers were expected to donate their time and work such events. Officers resented such treatment and complained, but executive management responded by questioning their loyalty to the community. </p><p>Moreover, some of the services and practices that were being offered appeared potentially unethical. One such service was the screening of domestic help for hospital executives, several prominent doctors, and the doctors’ friends. Not only were such services a distraction, and potentially unlawful—possibly noncompliant with the Fair Credit Reporting Act—they were in conflict with the hospital’s code of conduct. It was also clear to Rachel that the delivery of these services squandered resources, adversely impacted morale, and set a poor example.  </p><p>She decided to address the matter in her first meeting with the board of directors. She opened by emphasizing the importance of culture and ethics. “Setting the tone at the top by demonstrating our ethical behavior ought to be a priority if we desire to derive the most value from our hospital’s security function,” she told the board.   </p><p>Rachel then provided the board with a new mission statement she had prepared for her department. The mission statement was crisp and on point. It included four fundamental expectations: </p><ul><li><span style="line-height:1.5em;"> Treating all people with respect and dignity. </span><br></li><li><span style="line-height:1.5em;"> Performing and delivering all security services ethically and lawfully. </span><br></li><li><span style="line-height:1.5em;"> Demonstrating loyalty to the hospital and its mission to serve the community.  </span><br></li><li><span style="line-height:1.5em;">Embracing flexibility, innovation, and teamwork. <br><br></span></li></ul><p>She closed by identifying her team’s current activities. When she mentioned the employment screening of nonhospital applicants, she made it clear that she intended to discontinue that practice. She then discussed more beneficial current activities that she intended to renew and focus on. These activities included training for those officers responsible for the security and safety of emergency room staff; special training relative to the handling and management of violent patients and visitors; and a review of all officer benefits and compensation plans. </p><p>Not long after the meeting, the hospital’s administrator announced her intention to undertake a top-to-bottom examination of all nonhealthcare activities at the hospital, with a focus on ethical practices and code-of-conduct compliance. Thus, without making accusations or pointing fingers, Rachel successfully altered her organization’s culture by changing its perception of ethical conduct from the top down.  ​</p><h4>vendor management </h4><p>A regional security manager—we will call him Jose—worked for a global energy company and was based in a country in which the flow of petroleum dollars provided thousands of good paying jobs and a considerable amount of political stability. Jose’s predecessor enjoyed years of cozy relationships with both local authorities and contractors, and this inherited situation often made Jose’s job difficult.  </p><p> One of the most obvious challenges involved no-bid contracts. Technically, the organization had policies against such practices, but in actuality, long- </p><p>entrenched relationships and favored vendors sometimes won out over the rules.  In addition, these cozy relationships sometimes resulted in unapproved add-on change orders to contracts, which meant cost overruns for Jose’s company. Privately, Jose sometimes wondered how high up the corruption went. </p><p>Jose decided to meet the challenge head-on. He devised a five-step approach that was simple and effective. First, he met with his internal customers, such as site managers, project managers, and those responsible for operations. Together they identified needs, pain points, and priorities. </p><p>Second, he compiled a list of action items and activities to meet those needs and priorities. He refined and affirmed the lists with his constituents. Third, he met with his suppliers and vendors, and requested information regarding their service and delivery capabilities. </p><p>Fourth, he used all this collected information to carefully craft bid packages for the projects his customers identified as priorities, and formally presented them to each qualified vendor. Each package contained not only scoping and technical information, but regulatory compliance requirements, change order policies, and a new vendor code of ethics. Fifth, when the contracts were awarded, he held vendor orientation and safety meetings, and required sign-offs on the new vendor code of ethics.  </p><p>In the end, Jose’s professional and thoughtful approach to vendor selection and management proved rewarding. Many of the entrenched, poor performing vendors were replaced or left. Those that remained gained new respect for their customer, its business practices, and its ethical expectations.  ​</p><h4>shades of gray </h4><p>From these examples, it is easy to see that an ethical culture is a values-based one that often evolves incrementally. Small steps and straightforward actions by a single individual or group can ripple through an organization and ultimately produce seismic cultural changes.  </p><p>In these cases, Rachel and Jose were in organizations in which ethically questionable practices were apparent. But sometimes, ethical issues play out in a more oblique way. Take for example, a CSO we’ll call Robert, who worked for an international logistics organization spanning three continents. As a retired law enforcement officer from a U.S. federal agency, he had many well-placed friends both in and outside government. When needed, those friends, in addition to many former colleagues around the globe, served as both a reliable source of assistance and as fertile ground for recruiting. Robert also knew that the tactics sometimes used by his external resources did not always square with organizational policies and expectations. He ignored such exceptions and rationalized that they were merely the occasional cost of success. </p><p>Nevertheless, over several years Robert recruited and groomed one of the finest teams of security managers in the industry. Like Robert, all team members had law enforcement experience. As a group, they shared the same values, level of professionalism, and sense of duty. In terms of the latter, they all agreed that they had a duty to bring criminal offenders—whether they be employees, contractors, or vendors—to justice.  </p><p>One day, the company’s CEO addressed the group while participating in a management budget meeting. The CEO began by reading aloud the organization’s mission statement. He then asked each manager to reflect and identify one activity that they were routinely engaged in that was inconsistent with the mission statement. </p><p>Some chuckled or squirmed. Robert sat silent. He knew instantly that the impulse to pursue criminal offenders served neither his organization’s needs nor its mission. Instead, it was driven by his team’s sense of duty to enforce public law. While based on a clear ethi­cal impulse, the effort was not an effective deterrent, nor did it add value to the company.   </p><p>For several days, Robert considered his dilemma. He knew his team consisted of first-rate ethical professionals. However, his leadership had created a culture that put achievement of his personal ideals ahead of the ideals of the organization. Seeking a solution, he recalled what author Jim Collins wrote in his best-selling book, Good to Great: “You can’t start off by asking which direction you’re headed.…First you figure out if you’ve got all the right people on the bus.” </p><p> Collins suggested that making a clear-eyed assessment of key staff within an organization is one of the “brutal facts” leaders need to be willing to address as they look to set their team on the right path. “Sometimes more people need to be brought on board—and sometimes a longtime traveling companion needs to step off the bus before it can move forward,” Collins wrote. Robert realized that what his team lacked wasn’t ethical character or ability, it was diversity; every member came from a law enforcement background. What was needed was team members from different professional backgrounds, with a different base of experience and ideas.</p><p><span style="line-height:1.5em;">Over the course of the next 12 months, Robert committed himself to changing his team’s culture. He embraced the idea of putting the right people on the bus; in this particular case, that meant diversifying his team and recruiting outside the law enforcement community.  </span></p><p>The outcome was remarkable. After two years, the culture had been transformed. Prosecutions were pursued only when they furthered the organization’s mission. In cases where they did not, other approaches were used. The most fruitful of these was restitution, where the investigation was tailored toward recovering loss, rather than prosecuting or simply firing the offender. This proved very successful; often, not only were losses recovered, but so were the costs of the underlying investigation. </p><p>High ethical standards were still maintained in all operations; the team clearly communicated that the reduced number of prosecutions did not mean that the violations were less serious, or somehow excusable. Instead, the new approach communicated the concept that crimes of theft and embezzlement affect all members of an organization, not just the owners and shareholders, so restitution is the best course of redress for all concerned, and a sound ethical option.  </p><p>Soon, Robert’s division became nearly self-funded. Robert inverted the mindset of his team and turned his division into a profit center instead of a cost center. The transition was not painless, but it ultimately paid great dividends. Given the success of the new and more diverse hires, Robert worked with hu­­man resources to establish a new simple and effective recruiting strategy. The new strategy included recruiting constantly and deliberately; implement­ing a preemployment screening process that is ethical and has purpose; selling the organization, not the job; involving the team’s stakeholders and process-owners in the program; and focusing on the applicant’s character and values and not just his or her skills and experience. ​</p><h4>ethical attributes </h4><p>In all three of the real-world examples above, the security manager made positive and ethical culture changes that in turn changed the organization as a whole. That process began with the belief that cultural change is achievable, and that the organization is capable of the change necessary to sustain a more ethical environment.  </p><p>Ethical security managers know that good results are in part the product of good planning. But culture management isn’t just about planning and resource deployment. Nor is it just about policies and codes of conduct. It is rooted in our individual behavior—how do we as security professionals behave and manage our responsibilities?  </p><p>-- </p><p><em><strong>Eugene F. Ferraro, CPP, PCI,</strong> is a member of ASIS International and an ASIS Standards and Guidelines Commissioner. He is the former Chief Ethics Officer of Convercent, Inc., and has been in­volved in the study of organiza­tional culture, governance, and compliance as it relates to asset protection and loss prevention for more than 30 years. His most recent book, Virtues & the Virtuous: Inspir­ing Lessons and Insights about Virtue, Virtuosity, and the Essence of the Human Spirit is available on Amazon. </em></p>
https://sm.asisonline.org/Pages/Sounding-the-Alarm-at-Lone-Star.aspxSounding the Alarm at Lone StarGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>In our interconnected world, the vast majority of people within a college campus community think little of an emergency and how the institution will communicate with them—until it happens. Then, they want timely information on what is occurring, what to do, and where they can learn more.  </p><p>There is an assumption that if anything happens, everyone will receive a text message instantly, the faculty and staff will know what to do, and there will be an announcement over a public address system. Expectations are set. </p><p>Recent events, like the shooting at Oregon’s Umpqua Community College in October 2015, have students, faculty, parents, and guests inquiring about the notification equipment and procedures in place on their campus. They want assurances that the emergency systems will work when needed. </p><p>Many institutions have opt-in text messaging solutions and public address systems used for a broad range of services, including special events. In an emergency, speakers, sirens, and horns are often the first warnings received that danger is present or imminent.  </p><p>To meet the expectation of the campus community, schools must understand what emergency communications are necessary, what the law requires, and what the school can afford.  </p><p>This was the challenge facing Lone Star College (LSC) in 2010. The largest higher education institution in the Houston area, with six colleges, eight centers, two university centers, and LSC-Online, LSC provides high-quality academic transfer, workforce education, and career training programs to more than 83,000 credit students each semester, and a total enrollment of 95,000 students. It would need a robust emergency communication system to support its diverse campus community. ​</p><h4>Crafting a Solution </h4><p>When LSC decided to create its notification system, LoneStarAlert, in 2010, it used a team approach, crafting a selection committee and choosing a sponsor who could move the project forward. An LSC vice chancellor responsible for safety and security was chosen as the sponsor—an indicator of the project’s importance within LSC. </p><p>LSC then began selecting its committee members, including a cross section of the organization: administrative, college relations, compliance, emergency management, facilities, IT, law enforcement, procurement, student services, and tenants. </p><p>The committee also included individuals who preferred the status quo system at LSC, which had six colleges and six alert systems with their own name, workflow, vendor, and contracts. Having individuals on the committee who represented each of these systems made them realize that one solution with one name was a better overall system for LSC. Because of this, these individuals felt they had a voice and were being heard, making them great ambassadors for the new system. </p><p>Once the committee was assembled, LSC began assessing its environment. It knew it had different systems and various levels of sophistication because the campus had buildings that ranged from 40 to less than five years old. The buildings were also geographically dispersed among the city of Houston and Harris and Montgomery Counties in Texas, each of which has its own building and fire codes.  </p><p>To tackle this service area—approximately the size of Rhode Island—LSC first targeted the LSC-Greenspoint Center, a mid-rise atrium building with the most stringent fire ordinances of all the buildings on LSC campuses.  </p><p>LSC also targeted buildings within two colleges: LSC-North Harris and LSC-Kingwood. LSC-North Harris was chosen because it is close to a major airport and runway. LSC-Kingwood was chosen because it falls under three jur­isdictions—half the campus sits in Montgomery County, the remaining half is in Harris County, and the entire campus is annexed by the City of Houston.  </p><p>Then, over a five-year period, LSC created a mass notification system (MNS) with multiple levels of redundancy. ​</p><h4>the lone star system </h4><p>LSC implemented LoneStarAlert in 2011, consolidating its various emergency campus text messaging services under one solution. LoneStarAlert is a Web-based warning system that can send voice and text alerts to registered individuals when an emergency occurs. </p><p>The system works by issuing an alert over speakers, via a prerecorded or live message, and through e-mail messages in English and Spanish. For example, for a lockdown the prerecorded message says: “Attention. Lockdown now. There is an emergency on campus. Go into the nearest room or closet and lock the door.” Messages also instruct the campus community to wait for further instructions while they remain in a safe place. </p><p>LoneStarAlert also uses text messages of 90 characters or less—in English and Spanish. For an active shooter situation, messages say “Lockdown now. Emergency on campus. Go to nearest safe place, stay calm, and wait for further instructions.”  </p><p>More than 100,000 users are registered for the alert system, and it is only used for emergency messaging and testing of the system. Users are added through an automated system at the beginning of the semester, and users also have the option to self-register.  </p><p>This information is collected in compliance with the State of Texas Education Code Section 51.218 Emergency Alert System. The code requires institutions of higher education to gather a student’s personal e-mail, cell phone, or telephone number to deliver emergency communiques; using only LSC’s e-mail and voice mail system does not satisfy the requirement. </p><p>This information must be added to LSC’s LoneStarAlert system once provided, typically during registration. This process is repeated at the start of each semester.  </p><p>The system is also designed as an opt-out system, rather than an opt-in (choosing to participate) system, in compliance with the code. LSC does not allow this data to be used for any other purpose.  </p><p>Some users are still reluctant to regist­er for LoneStarAlert for fear that their information will be sold to third-party marketers. Ensuring this personal information is only used for emergency use not only keeps LSC in compliance with state regulations, it also shows that the institution is committed to protecting users’ privacy.  </p><p>LSC has made a commitment to closely manage this information and grant access to it only on a need-to-know basis and as authorized.  ​</p><h4>targeting the lsc population </h4><p>For an MNS to work, the institution has to think of the recipients it wants to target and ensure the system is capable of sending alert messages to those target groups. </p><p>LSC identified its target groups as employees, distribution lists (internal and external response teams), dynamic groups (created as needed), geographical locations, networked equipment, students, contractors, tenants, and guests. </p><p>LSC also needed to consider its unique status as a commuter college without campus housing. Some students, employees, and guests visit different campus locations more than once throughout the semester. Sending an emergency communication to just one given area would limit the reach of the MNS, and might miss some individuals who are en route and others who want to know what is occurring on any LSC campus.  </p><p>Instead, the system would need to be structured to send emergency messages to all registered users, regardless of their location. This system would be easier for LSC to administer and more desirable for the LSC community. </p><p>LSC also knew that accessibility and inclusion would be key to the success of its MNS. The system would need to be accessible to individuals with physical, sensory, mental health, and cognitive or intellectual disabilities that affect their ability to function independently. </p><p>The system would also need to be inclusive of seniors, those with limited English proficiency, and unaccompanied minors on campus. LSC has dual education programs for high-school students, Discovery College for children during the summer, full- and part-time day care centers, high schools, and public libraries that all provide opportunities for underage guests on campus.  </p><p>To reach these individuals, LSC would need to design its MNS to provide information online and to enroll them through LoneStarAlert. Because minors cannot be asked directly for personal contact information, LSC would have to work with leaders of these various groups to contact parents and guardians—who would then provide the information that then allowed their child to be enrolled in the system. </p><p>LSC also knew that its system would need to reach the public libraries, four-year educational partners, school systems, executive conference centers, and commercial tenants that are a part of its campus. To reach these stakeholders, LSC would have to provide instructions and a means for individuals to self-register in LoneStarAlert. ​</p><h4>choosing the right integrator </h4><p>LSC awarded its initial MNS contract to a local system integrator, Convergint Technologies. They worked together to create LSC’s wide-area MNS, which is used for any hazard or threat that poses an imminent or present danger and requires immediate action. This includes an evacuation, shelter-in-place, or lockdown scenario. Advisories and alerts that do not pose an imminent or present danger are sent out via LSC e-mail. </p><p>LSC’s MNS is deployed using Windows and Microsoft SQL Servers in a secured and high availability environment. The servers are clustered into a shared pool of monitored resources, so if a host fails, the system immediately responds by restarting each affected host from a different host. </p><p>The MNS encodes and decodes audible signals and live-voice messages transmitted across a TCP/IP local area network using voice over Internet protocol (VoIP). LoneStarAlert text, voice mail, and e-mail are delivered using a Web-based application hosted by the provider. </p><p>LSC’s wide-area MNS command system is located at the main administrative offices and is interconnected with each campus’ central control station, comprising the total system.  </p><p>Each campus is classified as a zone, and each building within a zone is considered a sub-zone. Most campuses have sub-zones that are interconnected. This configuration enables activation of prerecorded, live voice, or tone signals that can be sent to a sub-zone, zones, or the total system, providing redundancy throughout the system. </p><p>LSC police dispatch is responsible for immediately distributing voice messages or alert signals. It is authorized—and empowered—to send emergency messages to the affected populations using either prerecorded messages or live messaging via the wide-area MNS and LoneStarAlert.  </p><p>Dispatchers will send an alert when requested by an officer on the scene, or when requested by senior leadership. They will also issue an alert if there is credible information coming to the dispatch center that warrants sending a message. </p><p>As part of its initial installation, LSC included speakers for common areas with signals adjusted so the message could be heard through a closed door. However, the level of noise in the area impacts the level of intelligible voice or tone that can be heard.  </p><p>Additionally, LSC has video displays at all of its campuses where emergency messages are displayed using a digital management system. This ensures that individuals who cannot hear the emergency alerts do not miss them. </p><p>LSC also uses a buddy system where a buddy will help ensure a person with functional needs is supported, and first responders are aware of their last known positions and conditions. This information is then captured—when provided—in each campus fire safety plan. </p><p>As an additional measure, most LSC campus community members have cell phones. This enables those who are deaf or have other hearing impairments to receive emergency text messages and, where available, two-way communications using the Telecommunications Relay Service (TRS).  </p><p>The TRS bridges the communication gap between voice telephone users and people with hearing impairments by allowing users anywhere in the United States to dial 711 to be connected to a TRS operator. The operator then serves as a link for the call, relaying the text of the calling party in voice to the called party, and converting to text what the called party voices back to the calling party. </p><p>Following the initial setup, in-house resources assumed most of the responsibility for supporting the system over a five-year period. However, the system integrator supplements LSC resources.  </p><p>Additional system integrators are also used to provide support for the MNS. Sharing the service responsibilities among multiple vendors provides redundancy in the event a vendor is unable to provide services to one or more of LSC’s locations. ​</p><h4>testing </h4><p>Whether a fire exit drill or a lockdown drill, testing of emergency communications processes and systems is a base requirement. LSC has a rolling three-year sustainability and exercise program that’s part of the LSC Emergency Management Plan, which tests the LoneStarAlert and its MNS. </p><p>In the beginning, some questioned the approach and anticipated backlash from disrupting operations by testing the systems. However, LSC quickly learned that the process built confidence within the community that the school is doing its part to keep its campus safe. </p><p>Testing also gave users who were registered incorrectly and did not receive text message alerts a chance to inform LSC. Users who did receive texts and e-mail alerts could also report how long it took to receive them. </p><p>This helped LSC determine that, on average, more than 95 percent of regis­tered users received text and e-mail alerts within two to three minutes of activation. </p><p>On one occasion when LoneStarAlert was not tested during a larger emergency management drill, LSC received negative feedback, debunking the myth that testing the system during normal operations is viewed negatively. This approach has helped LSC align its MNS with its brand.   </p><p>-- </p><p><em>Denise Walker is chief emergency management officer at Lone Star College System, responsible for policy and direction on emergency management; safety and security audits; fire safety; environment, public health, and safety; and victim advocacy. She serves as the chair of the Greater Houston Local Emergency Planning Committee and is executive member of the Texas Emergency Management Advisory Committee. She is the author of several books, including Mass Notification and Crisis Communications: Planning, Preparedness, and Systems.   ​</em></p>
https://sm.asisonline.org/Pages/A-Strategic-Response.aspxA Strategic ResponseGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>There’s a disconnect when it comes to emergency disaster response, experts say. On one hand, factors such as society’s increasing reliance on technology, the effect of environmental changes like rising sea levels, and the way globalization connects disparate regions of the world have made dealing with 21st century disasters and their widening effects a more complicated task. </p><p>“What this all adds up to is complexity,” says Admiral Thad Allen, a former commandant of the U.S. Coast Guard who directed the federal response to Hurricane Katrina in 2005.    </p><p>On the other hand, the U.S. government’s response to this increasing complexity is mired in an outdated paradigm. The approach implicit in the country’s primary federal disaster response law, the Stafford Disaster Relief and Emergency Assistance Act, is to restore affected sites to preloss condition. But in many cases, such as in coastal areas where advancing water table levels indicate that future floods are likely, this approach is shortsighted. </p><p>“We put it back the way it was, not the way it should be,” says Brad Kieserman, vice president of disaster operations and logistics with the American Red Cross and a former official with the Federal Emergency Management Agency (FEMA). </p><p>The government’s approach to the funding component of recovery is also problematic, Kieserman adds. In general, funding is not capped, and this leads to a kind of feeding frenzy when disaster hits. Kieserman recalls his days at FEMA when fiscally conservative members of Congress, who were often critical of how much money was being spent through the Stafford Act, would do an ideological about-face when their area was hit with a disaster. “They were absolutely appalled we weren’t spending more money in their state,” he says. “It is sporadic self-interest.”  </p><p>What might resolve this disconnect in the future, and make disaster response more suited to the complexity of disasters and their effects? That was the subject of a recent seminar, Expert Voices III: Improving Disaster Recovery Services, held at the National Press Club in Washington, D.C. Participants like Allen, Kieserman, and other experts offered best practices for improving emergency management and disaster response.    </p><p>Taking the broad view, Kieserman said that government needs to shift away from its current process of managing disaster response in a “highly prescriptive, high-risk-averse, high-transaction-cost” fashion. “We need to change the law, and the funding stream, to recognize that recovery is the future, not the past,” he said.  </p><p>That will require rethinking emergency funding so that it becomes less a method for restoring preloss condition, and more a way to strategically protect assets from future emergencies, he added. “Fundamentally, I think we need to look at federal disaster dollars in particular as investments as opposed to the way we look at it right now—as this revolving door funding stream,” Kieserman explained.   </p><p>And funding is the not the only thing that needs to be changed, Allen said. Emergency response in general needs to be more strategic, so that complicated disaster events can be better managed. “We’re going to have to learn how to confront complexity as a risk aggregator. Start breaking it down into component parts, and learning how to deal with it in an operational and tactical sense. That’s going to require us to think differently,” he said.  </p><p>A more strategic approach will also require more thoughtful preparation before events happen, according to Mike Isman, vice president of strategic consulting and analytics for Booz Allen Hamilton. Too often, emergency response drills become exercises in which complacent participants go through the motions and carry out rote procedures, he said. </p><p>“There’s this attitude of, ‘We ran a successful exercise, because nothing went wrong.’ But that’s not a successful exercise. A successful exercise is, ‘We hit a snag, and we’ve now figured something out from that snag on how to do something different,’” Isman says. “…You need to fail in benevolent environments, where you’re doing your exercise, so you can actually learn from it. So when the real things happen, you’re actually much smoother in what you’re doing.” </p><p>Once an exercise does identify snags, follow-through is crucial, said Mark Misczak, recovery director with Hagerty Consulting. For example, a year before Hurricane Katrina hit, officials conducted a weeklong hurricane response simulation for a fictional “Hurricane Pam.” The exercise gave officials an idea of the scale of response capability needed in case of a catastrophic storm. “Unfortunately, there was little or no follow-up after the exercise to see if the capabilities existed,” Misczak said.  </p><p>And strategic preparation also includes better damage assessments—a process that should start before events occur, experts say. A jurisdiction’s annual budgeting process can include valuations of assets that may be vulnerable to disasters, so planners have a better idea of the range of potential losses. “We need a prescriptive assessment of damage, and the consequences of damage, not a windshield drive-by after an event occurs,” Kieserman said. This prescriptive method would enforce the link between disaster relief funding and a jurisdiction’s annual budget process, which would make for more efficient relief allocations. “We need a unified budgeting and funding approach to disaster operations,” he said. “And folks, it’s not that hard. It really isn’t.”  </p><p>Finally, better practice of the predictive sciences is a key component of the strategic preparation process—and that is something that the government is actively trying to improve, Allen said. Besides the existing federal hurricane center in Florida, tornado center in Oklahoma, and space weather center in Colorado, the government recently opened a national water center in Alabama. “They will try to become as good at predicting river rises as they are with hurricane landfalls,” Allen said.  </p><p>To illustrate predictive importance, Allen cited the responses to the flooding in South Carolina in 2015 and Missouri earlier this year. Both responses would have been stronger with better flood forecasts, he said. “Those were near misses in our ability to understand what was going on and to be able to react in time,” he explained.  </p><p>Technology can also be used more strategically, in innovative ways, to improve  emergency response. Misczak offered the example of Lidar surveying technology that measures distances by illuminating targets with radar. In damage assessments, that technology can be used in a flyover to measure damage such as sand erosion from beaches, or tree and canopy loss, instead of manually going beach to beach or tree to tree. This saves money and manpower, he said.  </p><p>And damage is not the only thing that needs to be measured—the economic recovery of the community itself needs better measurement after a disaster, Kieserman said. “The speed of the restoration of the tax base is directly proportional to the speed of the recovery. Few people pay attention to that data point, but it is ‘the’ data point,” he explained. But that data point is often hard to measure in an easily understood way, without getting lost in a sea of statistics. “Most of us are visual people, so that big data kind of paralyzes us,” he added.  </p><p>And the economic recovery process itself also takes strategic planning, even in the smaller details. Allen illustrated with a story from the Katrina response he called the “Waffle House Conundrum.” In the wake of the storm, officials were pleased to see that a Waffle House had reopened. But when they visited the restaurant, the owner told them that no one was coming, because everyone was eating at the feeding stations that were set up by the responders for local residents.   </p><p>“So we had to wean the people off the feeding stations–the food was really good there, by the way; I was eating there too—and say ‘OK, now you have to go to the Waffle House,’” Allen said. “And then all of a sudden this starts to regenerate [the economy].” </p>

 UPCOMING EVENTS AND EDUCATION