Security by Industry 2018 ASIS NewsGP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a43444652018-10-01T04:00:00ZPeggy O'Connor<h4>​CPP Prep At Your Fingertips</h4><p>You spoke. ASIS listened. This month, ASIS launches a completely revitalized version of the on-demand CPP Online Review course. The modernized review course not only employs a new, more user-friendly interface that can be accessed across all devices; it’s also jam-packed with enhanced study tools to help aspirants tackle all seven domains in the CPP body of knowledge.</p><p>From interactive and downloadable flashcards to quizzes that help you keep track of your learning progress, the course provides valuable resources to help master best practices for security management. </p><p>Reviewed by certified professionals, the course condenses material into bite-sized pieces, while still maintaining comprehensive coverage of the exam’s body of knowledge.</p><p>The streamlined, self-paced CPP Online Review is a must for security professionals ready to take that next step in their career. It reflects ASIS’s continued commitment to developing the profession with globally accessible education.</p><p>Learn more at​</p><h4>Celebrating 10 Years of Standards & Guidelines</h4><p>ASIS International didn’t have a standard to its name in 2008. Fast forward to 2018, and ASIS has published 12 standards and eight guidelines on topics ranging from investigations to physical asset protection, from risk assessment to workplace violence. And more are in the works.</p><p>How did the Society get here? </p><p>The ASIS Commission on Guidelines was formed in 2001 to address the growing demand for formal processes to address mounting security threats. The commission hit the ground running, producing guidelines in the areas of general security risk assessment, business continuity, facilities physical security measures, and workplace violence prevention and response.</p><p>In 2007, the ASIS Board of Directors decided to expand the Society’s work and enter the standards arena. The Commission on Guidelines changed its name to the ASIS Commission on Standards and Guidelines, and, in 2008, ASIS became an American National Standards Institute (ANSI) Accredited Standards Developer. </p><p>Since then, ASIS has made significant advances in its standards and guidelines development. From the first standard, Chief Security Officer—An Organizational Model (CSO), to the most recent, Security and Resilience in Organizations and their Supply Chains (ORM.1), these industry best practices advance the professionalism of the security industry.</p><p>As the security landscape continues to evolve, so do the needs of practitioners, and ASIS understands the importance of a global perspective when facing the challenges that lie ahead. </p><p>“This past year, the Commission on Standards and Guidelines took purposeful steps to broaden its membership composition with the goal of ensuring that our efforts are truly representative of industry needs and address the concerns of security professionals worldwide,” says Sue Carioti, vice president, ASIS International Certifications, Standards, and Guidelines. “This is an essential move for us in expanding our global standards footprint. To that end, diverse perspectives, fresh ideas, and a wealth of global experience will be key to success moving forward.” </p><p>The commission continues to evolve its standards program to maximize the Society’s impact on security standards worldwide. ASIS currently serves key liaison roles on two International Organization for Standardization (ISO) technical committees that cover risk management and security and resilience.</p><p>Work is underway on new market driven standards dealing with private security officer selection and training, as well as security awareness. In addition, a new revision of workplace violence prevention and interventions (including an annex on active assailants) and a revision of the PSC.2 Standard—Conformity Assessment and Auditing Management Systems for Quality of Private Security Company Operations—are also in the works. </p><p>“Moving ahead, members and stakeholders can expect continued advances in the future of standards and guidelines development from a global perspective,” says Bernard Greenawalt, CPP, chair, ASIS Commission on Standards and Guidelines. “ASIS is pushing in earnest to utilize the knowledge, experience, and expertise of its members and the industry at large as it continues to advance the practice of security management worldwide.”</p><p>Interested in learning more about the new direction or in getting involved? Contact​</p><h4>ESRM in Action</h4><p>In 2016, ASIS made enterprise security risk management (ESRM) an organizational priority and has begun infusing this management philosophy into all the Society’s programs and services. In the months ahead, we will provide updates, as well as showcase how members are implementing ESRM in their organizations.</p><p>By David Bilson, CPP</p><p>Since 2012, the British Museum has adopted an enterprise approach to security risk management and embedded the core principles into its security strategy framework and plans. </p><p>The museum had already operated a robust and comprehensive corporate risk approach—essential in such a major organization—including meeting requirements for risk management within the Government Security Policy Framework. While the broadest organizational risks were clearly identified and prioritized, the strategic program to address security risk was not. </p><p>I attended the 2012 ASIS Europe Conference in London where ESRM was a central discussion in conference presentations. Combined with my CPP study and Protection of Assets knowledge, ESRM provided a foundation for building a risk management strategy.</p><p>The benefits of such a strategy for the museum were immediately obvious. While guarding the entrance and responding to alarms is important, security services for any major organization must always be about more. I worked to develop a security strategy centered on an ESRM approach, prioritizing key themes to reduce security risk across the wider enterprise, whether on the museum site or in our operations around the globe. </p><p>Deliberately taking a broader view of security risks and engaging colleagues from outside the security department raised the levels of security awareness across the organization, contributed to delivery of risk reduction, and paid great security dividends. </p><p>Now, whenever the threat context changes substantially, the museum is in a stronger position to respond, whether the risk comes from terrorism, travel, or employee background screening.</p><p>The ESRM approach supports key decision making around resources and agreeing on priorities. More and more, I realize that the work of the CSO is never complete and ever evolving. </p><p>An enterprise approach to security risk management has provided a clear understanding of the criticality and priority of security risks and identified a strategic approach to addressing and mitigating against them.​</p><h4>Promoting Safe Cyber Practices This October</h4><p>ASIS joins the U.S. Department of Homeland Security and the European Union Agency for Network and Information Security in recognizing October as Cyber Security Awareness Month.</p><p>Tune in to ASIS social media accounts all month long for updated best practices for staying safe online. Join us in helping to spread the word about the ever-present risks associated with Internet use, and ways people can protect themselves against these risks. </p><p>Find a collection of ASIS IT Security Council and other cybersecurity resources at​</p><h4>ASIS LIFE MEMBER</h4><p>ASIS congratulates Lawrence J. Fennelly on becoming a Life Member. He has been an ASIS member for more than 41 years, during which he has served as a council chair for various councils. </p><p>He currently sits on the School Safety and Security Council and the Active Assailant Initiative. He was instrumental in the creation of the ASIS Security Industry Book of the Year Award, and he has written and contributed to many books published by ASIS.</p> Recovery Century Security and CPTED: Designing for Critical Infrastructure Protection and Crime Prevention, Second Edition. by Design in Abu Dhabi 911 and Low Frequency Alarms Over FireÓN.aspx2018-03-14T04:00:00Z​ESTRATEGIAS DE CONTENCIÓN​ Integrity Through the Cracks Holidays from Security Management Entries Spotlight Innovation Online February 2016 2018 Industry News 2017 Industry News a Security Transition Trends License to Operate Facilities Tackle an Explosive Problem Review: First Responders Handbook 2018 Industry News 2018 Product Showcase the Way IV Tests The North American Power Grid Water Risk Transformative Tuesday for Education Cares Focuses on School Safety in the Academies Review: Financial Investigations Security Credit Fraudians Slip In Ways to Improve Healthcare Security Five Challenges in Healthcare Control for Healthcare and Nursing Facilities on the High Life 2018 Industry News to Learn from Las Vegas 2018 Industry News,-Secure-Spaces.aspx2018-09-01T04:00:00ZOpen Doors, Secure Spaces 2017 Industry News Fight Against Fake Pharmaceuticals Smart Solutions Online Pharmacies Port Problems Charleston International Airport Modernizes Security with Pivot3ÍOS-PARA-LA-SEGURIDAD-DE-LA-AVIACIÓN.aspx2018-06-12T04:00:00ZCuatro Desafíos Para La Seguridad de La Aviación Port Problems for Higher Standards the Bar: Food Defense

 You May Also Like... Insights on ESRM<p>​There are five overall concepts that provide guidance about the nature of enterprise security risk management (ESRM). These concepts describe what ESRM is, what it can do for security managers, how security can gain C-suite approval for it, and how to implement a vibrant ESRM program for the enterprise. </p><h4>ESRM Is a Philosophy</h4><p>ESRM is not a standard, nor is it a rigid set of rules to follow. ESRM is a philosophy of managing security. It is based on standard risk management practices, the same ones that guide most of the other business decisions made by the enterprise. It requires partnership with the business leaders in the organization.</p><p>This philosophy gives the security leader the ability to manage security risks. This ability is not based on the latest incident or scare in the news, nor is it based simply on the manager’s own ideas of what is most important to protect. Instead, it is based on a shared understanding of what the business deems critical for risk mitigation, and what level of risk the business is willing to accept in different areas. This ability also requires that the business fully understand why the security risk mitigation tactics have been put in place, and what the impact of not having those mitigations might be. </p><p>The emphasis here is on business. ESRM philosophy recognizes that security risk does not belong to security. It is a business risk, like any other financial, operational, or regulatory risk, and final decisions on managing that risk must belong to the business leaders. That shift in understanding sets a security program up for a greater level of success because security leaders are delivering only what the business needs, and, more important, what the C-suite understands that it needs.​</p><h4>ESRM Is a Process </h4><p>ESRM is not merely an academic philosophy. A general approach for setting up and running a security program can be derived from it. Under that approach, ESRM in action is a cyclical program, and the cycle of risk management is ongoing:</p><p>1. Identify and prioritize the assets of an organization that need to be protected.</p><p>2. Identify and prioritize the security threats that the enterprise and its assets face—both existing and emerging—and the risks associated with those threats.</p><p>3. Take the necessary, appropriate, and realistic steps to protect and mitigate the most serious security threats and risks.</p><p>4. Conduct incident monitoring, incident response, and post–incident review, and apply the lessons learned to advance the program. ​</p><h4>ESRM Aligns with the Business</h4><p>Aligning the security program with business requirements is the most critical component of the ESRM philosophy. This means that the security program must receive governance and guidance from the business. We recommend the formation of a security council to ensure this alignment. </p><p>There are several ways to implement a council. It could be a loose, informal group that provides input as needed, or it could be a board-level initiative that has formal roles, meetings, charters, and documented responsibilities for ensuring security compliance. The council can be a venue for discussing security topics and risk management strategies, and it can host resolution attempts for conflicts in the process. </p><h4>ESRM Covers All Security </h4><p>There is no aspect of security that cannot be managed in alignment with the ESRM philosophy.  Many security professionals already practice much of the ESRM philosophy without thinking of it that way. For example, performing a physical security risk assessment on a facility is equivalent to the ESRM steps of identifying and prioritizing assets and risk. And setting up a crisis management plan can be considered an aspect of ESRM risk mitigation, as well as incident response.</p><p>The critical difference between programs that do these activities as part of a traditional security program versus an ESRM program is the consistency of approach in ESRM. In ESRM, these activities are not performed on an ad hoc basis but consistently across all areas of security risk. They are not applied to one area of the organization and not to another. And, vitally, they are not performed in a vacuum by security and for security, but in full partnership with the business leaders driving the decision making process for all risk mitigation.​</p><h4>ESRM Is Possible</h4><p>Implementing ESRM cannot be done overnight.  It’s an iterative process that allows your security program to evolve over time into a pure risk management approach. For the security manager, the first step to fully understanding the ESRM philosophy is to communicate it to the executives and business leaders in the enterprise.  </p><p>When implemented thoughtfully and practiced consistently, ESRM can completely change the view of the security function in any organization. The old view of security as “the department of no” will shift when business leaders understand that security is a partner in ensuring that the assets and functions of the enterprise most critical to the business are protected in accordance with exactly how much risk the business is willing to tolerate.  </p><p><strong><em>Rachelle Loyear i</em></strong><em>s ESRM Program Manager for G4S and chair of the ASIS Crime Management and Business Continuity Council. </em><strong><em>Brian J. Allen, Esq., CPP,</em></strong><em> is a member of the ASIS ESRM Commission. Allen and Loyear are coauthors of </em>The Manager's Guide to Enterprise Security Risk Management <em>and the forthcoming book </em>Enterprise Security Risk Management: Concepts and Applications.</p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465 Review: Hospital and Healthcare Security, Sixth Edition<p>Earlier editions of <i>Hospital and Healthcare Security</i> have long been a staple in the library of hospital security professionals, and this sixth edition will be no exception. Practitioners who are looking for proven solutions to old or new security problems should start with this reference.  </p><p>The authors continue to focus on the issues that are at the core of the healthcare market, and they have stayed abreast of the changes in the industry and the required changes in facility security programs. New developments such as the use of body cameras for security officers and trends in arming security personnel are addressed in this updated edition.  </p><p>Best practices from throughout North America and the United Kingdom are highlighted in this book. The authors have done a wonderful job with the presentation of security program management and program delivery, identifying best practices and areas of concern and providing real-world examples, procedures, and policies. They have addressed staffing, operations, tools, and equipment.</p><p>The authors have even touched on the needs of healthcare facilities beyond the traditional hospital setting and in off-campus facilities. They have addressed security design philosophies and practices as well as systems and equipment and how they are best employed at a healthcare facility.  </p><p>The material is well organized and written and will be an invaluable resource to hospital and healthcare security professionals, to consultants, and even to facility administrators.  </p><p><em><strong>Reviewer: Michael Preece</strong>, PE (Professional Engineer), PSP, CxA (Certified Commissioning Authority), is a principal with Smith Seckman Reid and runs the company’s Washington, D.C. office. Preece has been providing planning, design, start-up, consultation, and commissioning services for security systems over the last 15 years, much of it concentrated on hospitals and healthcare facilities. He is a member of the ASIS International Healthcare Security Council. </em></p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465 Activism 101: How To Survive a Demonstration<p>​<span style="line-height:1.5em;">Twenty-thousand strong marched in protest in Bogotá in 2011 at the Colombian government’s plans to cut university spending. The protestors retained a student-led atmosphere of goodwill and the only simmering of potential aggression was due to the presence of the Colombian Police’s Riot Control Unit (ESMAD) parked on strategic side streets.</span></p><p> I was in downtown Bogotá on the second floor café above the throngs with a tourist from Seattle, watching students from all over Colombia protesting the bill pushed through by President Juan Manuel Santos’ government to reform higher education by introducing a profit motive. </p><p> “I wish my daughter could be here to witness this,” the Seattle visitor told me. “It’s a healthy display of the young airing their grievances with a government decision. We don’t see this anymore in the United States.”</p><p> Protest participants were handing out carnations to members of the ESMAD, placards were held aloft announcing the arrival of different student bodies. With several years of experience as a foreign correspondent in Colombia, I knew better than to drop my guard despite the festive mood as if these students had somehow lost their way in route to a humanities class.</p><p> And my instincts were right, as the carnival atmosphere was threatened by an undercurrent of disobedience as masked agitators—armed with spray paint canisters—left shop windows and walls emblazoned with slogans: “Pensar diferente no es un crimen.” Translation: “Thinking differently isn’t a crime.”</p><p> From our present vantage point we were safe, unless the protest turned violent, as it has been proven time and again that an emotionally charged crowd of people can be swayed from grief or merriment to sadistic dementia in a second.</p><p> After all, if the ESMAD fired off tear gas, where would we go? The only exit from the café would be down a narrow flight of stairs and out onto the Carrerra Septima, the principal thoroughfare for all demonstrations in Bogota as it leads directly to the Plaza de Bolivar and the Palicio Narino seat of power—hardly an ideal route.</p><p> Strikes, marches, and demonstrations are a routine occurrence in Colombia, set against the backdrop of the Colombian armed conflict—currently the longest-running in the hemisphere. And in 2016, in the lead up to and after the signing of a final peace accord with the Revolutionary Armed Forces of Colombia (FARC rebels), these may increase as disgruntled sectors of the country’s society feel their needs and complaints are not being heard.</p><p> If President Santos makes good on his promise to bring the final accords to a referendum, so people can vote in favor or against it, there will be many opportunities for people to make their cases heard by pounding the streets.</p><p> As a Bogotá-based journalist, the possibility of being caught up in some kind of social unrest during the course of my work in 2016 is high. To help plan for the worst, I picked the brain of a trusted security expert—Ben Hockman, senior consultant at Control Risks, a global risk management consultancy specializing in assisting clients operate in complex and hostile environments.</p><p><span style="line-height:1.5em;"><strong>Planning<br></strong></span><span style="line-height:1.5em;">Even with experience witnessing challenging demonstrations across South America from Bolivian miners threatening to hang themselves by the neck from a bridge to facing off with police and throwing sticks of dynamite along each avenue leading up to La Paz’s Plaza Murillo to politically charged May Day lawlessness, I know better than to stay too close to the action.</span></p><p> This experience with the issues of violence and potential lawlessness in demonstrations in Latin America has helped me in the past. But before hitting the streets, Hockman suggests I take the following into account when I’m planning to cover an event. <br></p><ol><li style="line-height:1.5em;"><span style="line-height:1.5em;">Gather intelligence. Know the immediate area, the wider area, and all evacuation options. Determine what the political and economic situations are.</span><br></li><li><span style="line-height:1.5em;">S</span><span style="line-height:1.5em;">tudy the basics of the local political and economic situation. A well prepared traveler to Venezuela might avoid wearing red t-shirts in and around Caracas, for instance, in the current climate of social unrest.</span><br></li><li><span style="line-height:1.5em;">Have a Go Bag. Collect identification documents, copies, snacks, cash for emergencies, water, basic first aid kit, and put them into a bag to take with you.</span><br></li><li><span style="line-height:1.5em;">Print physical copies of maps from apps. Don’t rely on applications, such as Waze, Google Street View, as Internet access may go down in the midst of unrest.</span><br></li><li><span style="line-height:1.5em;">Know in advance where help points are located and how to get to them.</span><br></li><li><span style="line-height:1.5em;">Have a back-up communication plan and prepare for network infrastructure failure. Have a replacement cell phone, a radio, or a walk-talkie.</span><br></li><li><span style="line-height:1.5em;">Be conscious of your wardrobe. Are you able to change your look quickly? What happens if you are in olive drab and resemble the military? </span><br></li></ol><p></p><p><span style="line-height:1.5em;">​As Hockman advises, before even approaching a demonstration, I should know the lay of the land—or at least have in my possession a map of the area where I will be engaging with the event. </span><br></p><p> I also need to keep myself abreast of the type of demonstration that is taking place: is it political, is violence likely? I should check for security forces and know the general current of feeling in the city and country at that precise moment, in addition to having investigated the outcomes and reactions to past demonstrations. </p><p> Additionally, as a 6-foot-tall Caucasian male, I know I’m going to stand out in a melee of rioting Bolivian miners. The question is if that makes me more—or less—of a target.</p><p> And in extreme situations where a demonstration may lead to military deployment and a challenge of the political regime, it’s crucial to have my passport and tickets out of the country on hand.</p><p><span style="line-height:1.5em;"><strong>Responding<br></strong></span><span style="line-height:1.5em;">As the tourist from Seattle and I watched the main cadre of students pass by during their protest, I was right to be concerned. Things were heating up, and paint bombs were being hurled at government buildings.</span></p><p> Our exit option was limited and there would be precious little space for movement on the street because of the numerous protestors. To get out of the café, the tourist and I would need to keep close, head to the edges of the protest, and move with the crowd as if negotiating a strong ocean current, before slipping away down a side street. </p><p> The aim would be to get out, avoid a possibly trigger-happy police front line spraying pepper spray or tear gas, and escape injury in the process.</p><p> To help think through our escape plan—if it became necessary—I ran through Hockman’s checklist on what to do if caught in the midst of a violent protest.</p><ol><li><span style="line-height:1.5em;">Remember your principal objective is to put as much distance as possible between you and the unrest. If you fail, plan b will be to seek appropriate cover—alleyways, buildings, or vehicles.</span><br></li><li><span style="line-height:1.5em;">Control your emotions. Try to remain as calm as possible.</span><br></li><li><span style="line-height:1.5em;">Keep anyone in your party close—<span style="line-height:19.5px;background-color:#ffffff;">maintain</span> a distance within reach or physical contact, and agree on safe meting points ahead of time in the event that you are separated.</span><br></li><li><span style="line-height:1.5em;">Keep moving, but don’t run.</span><br></li><li><span style="line-height:1.5em;">Move with the crowd and don’t draw attention to yourself. Look for exit options to side streets and your help points—alleys, safe zones, or alternative cover.</span><br></li><li><span style="line-height:1.5em;">Make yourself compact while moving. Protect your head, neck, face, and vital organs. Do not get pushed against or blocked by solid objects.</span><br></li><li><span style="line-height:1.5em;">Watch your footing and obstacles on the ground.</span><br></li><li><span style="line-height:1.5em;">Move between “waves of crowd movements.”</span><br></li><li><span style="line-height:1.5em;">Avoid major roads and sites.</span><br></li><li><span style="line-height:1.5em;">If gas or pepper spray is released, cover your airways with clothing but try to keep your hands free. </span><br></li><li><span style="line-height:1.5em;">Do not approach the front line of police.</span><br></li><li><span style="line-height:1.5em;">Avoid interaction with demonstrators or security forces.</span><br></li><li><span style="line-height:1.5em;">Avoid confrontation with any party.</span><br></li><li><span style="line-height:1.5em;">If you find yourself on the ground, try to stand as quickly as possible. If you can’t stand up, curl yourself into a ball to protect vital organs and try to regain your footing as soon as possible.</span><br></li><li><span style="line-height:1.5em;">If you’re in a vehicle, stay in the vehicle. If gun shots sound, determine their origin and the target before driving away or running away. Sudden movements can draw attention from both protestors and the security forces, particularly during exchanges of fire, so have a plan before you move.</span><br></li></ol><p><span style="line-height:1.5em;">Luckily, the worst of the violence was d</span><span style="line-height:1.5em;">efacement of property and a couple of skirmishes during the student protest in 2011, and we were able to safely leave the café.</span><br></p><div><span style="line-height:1.5em;"><strong>The Aftermath</strong></span></div><p>Fast forward four years, however, and I was again in the midst of some social unrest in the form of the Colombian Farmers’ Protests of 2015. Thousands of farmers were protesting to demand that the government comply with reforms it agreed to in 2014, accusing it of failing to implement measures to reduce debt and control the price of fertilizer. It was clear that the Colombian people were largely in favor of the protests, and on key dates 45,000 people had taken to the streets to demonstrate.</p><p> This time the feeling was different and the carnival atmosphere of the student-led demonstration was replaced with a more sinister and aggressive sentiment. And, as was to be expected, pandemonium ensued.</p><p> At the height of the turmoil, there was a period of four hours when police used tear gas on rioters throwing petardos (flash-bombs) that injured the police and the public. None of the injuries appeared serious, however, in what was Bogota’s worst street violence since protesters in March 2012 against the city’s municipal bus system were attacked by young vandals.</p><p> This was clearly a demonstration to avoid, and Hockman gave me the following tips to manage the immediate aftermath of violent social unrest.</p><ol><li><span style="line-height:1.5em;">Avoid public transportation.</span><br></li><li><span style="line-height:1.5em;">Check for injuries and, if necessary, seek medical help. The immediate adrenaline rush experienced during violent unrest might mask injuries.</span><br></li><li><span style="line-height:1.5em;">Report in to your office or family as frequently as you can.</span><br></li><li><span style="line-height:1.5em;">Consider the possibility of mild-Post Traumatic Stress Disorder and seek medical attention where necessary.</span><br></li></ol><p><span style="line-height:1.5em;">Colo</span><span style="line-height:1.5em;">mbia will face a new wave of emotionally and politically fueled demonstrations in 2106 and beyond as the government seeks to sign off on a peace accord with the FARC and entice the country’s second guerrilla group—the National Liberation Army—to the negotiating table, demonstrations will be the norm.</span><br></p><p> It pays to be prepared, and to fully consider the advice provided by experts in the field. </p><p><em>Richard McColl is a foreign correspondent and conflict resolution specialist based in Colombia. Ben Hockman contributed to this article and is a senior consultant at Control Risks based in Colombia and a member of ASIS International.</em></p><p><br></p>GP0|#21788f65-8908-49e8-9957-45375db8bd4f;L0|#021788f65-8908-49e8-9957-45375db8bd4f|National Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465