RiskUKApril2017

More documents

Recommendations

Info

Examining The Changing Face of The Private Security Industry in 2017 The security landscape is still in transition, but there are clear trends developing, the origins of which date back to two significant incidents in 2001 and 2008. Paul Harvey recounts those events and what has happened since, subsequently outlining today’s security model and where it could – and should – be heading in 2017 and beyond 54 www.risk-uk.com The terrorist attacks in New York on September 11 2001 and the resulting responses had a significant impact across the globe. That’s still true today. The world has also recently witnessed a concerning increase in global terrorism with horrific episodes in Nice, Paris, Brussels and Germany. Second, the Lehman Brothers bankruptcy in 2008, predominantly due to its involvement in the subprime mortgage crisis, is considered to have played a major role in the unfolding of the global financial crisis during the late-2000s. The UK security market wasn’t (and isn’t) immune from the effects of global financial instability. As a predominantly labour-based business, the guarding sector in particular requires large amounts of working capital. As payments to the supply chain slowed, with – in the more extreme cases – clients becoming insolvent and leaving significant debt, the financial pressure increased for many companies. Banks were unable or sometimes unwilling to support businesses of varying sizes and some security companies failed. This wasn’t necessarily related to profitability. It was often purely as a result of cashflow. Clients experienced downturns and, inevitably, expenditure was reviewed. Often an expensive purchase with no clear way of demonstrating its value, security was analysed with the intention of reducing or eliminating cost. With pay rates largely set and the TUPE Regulations protecting employees’ Terms and Conditions, indirect overheads and margin became the battleground for reducing charges. Companies fighting for survival didn’t have the luxury of considering the longer term. The need to retain or secure new business became critical. If you cannot differentiate on service, then service-buying clients predominantly select on price. Thus the environment was created that impacts us today. We hear of complaints about low margins, but many businesses continue to compete on price, often with unsustainably low margins. The industry must hold itself to account. The sector – and individual companies within it – hasn’t been bold enough to stand up and say ‘enough is enough’ and follow this through with determined courses of action. Legislative framework The legislative framework for operation hasn’t changed. There appears little appetite from the Government to push forward with the proposed agenda of compulsory business licensing. Nor does there seem to be significant progression in the Security Industry Authority’s Approved Contractor Scheme. To be frank, then, it’s incumbent upon service providers themselves to be the agents of change. Aside from the ongoing increase in statutory areas such as pensions, the big agenda item for 2017 is the incoming Apprenticeship Levy. Although companies will be required to contribute to the scheme, at present there’s no security guarding-specific apprenticeship. Furthermore, there’s currently no provision for a replacement to the City and Guilds scheme that has been in place previously. There are discussions around which organisation will be the provider moving forwards, but as yet there have been no takers. This means that there’s no course – or training – in place for the money to be spent which, given the amount of funding this relates to, is quite simply staggering. Apprenticeships have existed for a long time in other sectors such as CCTV engineering. Another case of a reactive sector, then? According to the Infologue.com listings, the Top 20 security companies (based on turnover) control 71% of the UK market. Forward-thinking companies are taking the opportunity to be disruptive or find a niche that offers greater success and, potentially, profitability. As a result, 2017 will be a year in which the UK
Security Services: Best Practice Casebook security market begins to benefit from the platform created as it moves into the next logical phase of the industry’s future. The demand for change is being fuelled by increasing levels of expectation and a requirement for flexibility in service provision called for by today’s discerning clients. Key transformations are beginning to emerge, namely specialism and expertise. Specialism and expertise First, there are the large-scale, national and/or multinational businesses. They offer a wide range of security and facility services, and are predominantly (although not exclusively) focused on high value and potentially multiservice contracts. There’s a clear demand for this capability. Competitors simply don’t have the capability or scalability to compete, and nor should they attempt to do so. Second, there are organisations that will continue to focus on specialist services, skills, clients, contract sizes and geographies, etc. These businesses truly understand their core role and continue to be selective in how they target growth and assess their value proposition. Our own organisation falls into this category. We’re focused on the central London market. We know full well that our model doesn’t fit everyone and we fully understand our capability. We’re aware, for example, that we don’t have the infrastructure to deliver national accounts with multiple low value contracts, so we don’t try to do so. Third, the area where it’s possible to see accelerated development in 2017, and which to some degree is the most interesting, is that of collaborative business partnerships incorporating convergence and the alignment of operational and security strategies. Security suppliers with specific expertise will be working collaboratively to deliver highperforming, flexible and complimentary solutions. The convergence of physical and cyber security delivers improved information sharing on risks and can result in synergies and more effective leveraging of resources. Convergence can provide the benefit of comprehensive capability, but with no dilution in expertise. Individual solution providers will heighten their knowledge and competencies. In most cases, there’s a clear lead on provision. To position this, security is – and should only ever be – a supporting functionality that’s there to enable a client’s core business. Many business operations typically work in separate silos and use different information and tools. This can lead to overlapping processes and higher costs. To alleviate inefficiencies, there will be a move towards integrating operational and security risk management. Integrating disciplines Often, organisations manage operational risk and security risk separately. This incorporates areas such as threat and vulnerability management and continuous monitoring as well as incident management. Security risk management isn’t just about security operations, but rather a bottom-up approach that drives ‘actionability’ against threats, vulnerabilities and incidents in order to provide assurances for businesses. While separating both operational and security risk management has been a common practice, dynamic changes in the threat landscape are forcing organisations to integrate the two disciplines and therefore gain a more holistic view of risk. The unfortunate truth is that one can schedule an audit, but one cannot schedule an attack, in any of its various forms. In light of this, an integrated approach to risk that takes compliance, threats and vulnerabilities as well as business impact into account will become Best Practice. Without a clear understanding of the business criticality that an asset represents, an organisation is unable to prioritise its efforts. A risk-driven approach addresses both security and business impact to increase operational efficiencies, improve assessment accuracy, reduce attacks and enhance investment decision-making. The transition from the traditional client/contractor relationship into genuine partner and trusted advisor, and a compliancedriven approach to a risk-based model, enables businesses to evaluate the ongoing definition, remediation and analysis of their risk. Remote access is an increasing risk, and indeed for many organisations has become their key security focus. Furthermore, the insider threat remains a concern given the deluge of interconnected devices available. Looking ahead, the industry will continue to be subject to evolution rather than revolution in the short term, but the pace and appetite for change is increasing. If you look closely enough, business models are becoming more specific, technically competent and sophisticated. This is a critical factor for success when it comes to corporate stability. Paul Harvey: Commercial Director of Ultimate Security Services “There appears little appetite from the Government to push forward with the proposed agenda of compulsory business licensing. Nor does there seem to be significant progression in the SIA’s Approved Contractor Scheme” 55 www.risk-uk.com
Page 1 and 2:
April 2017 www.risk-uk.com Security
Page 3 and 4: April 2017 Contents 35 Smart About
Page 5 and 6: Editorial Comment Don’t just stop
Page 7 and 8: News Update National Security Inspe
Page 9 and 10: News Analysis: National Surveillanc
Page 11 and 12: Opinion: Physical Security as a Ser
Page 13 and 14: Always a suitable solution with the
Page 15 and 16: Opinion: Security’s VERTEX Voice
Page 17 and 18: BSIA Briefing Last year, the Nation
Page 20 and 21: ERM and ESRM: Can They Continue to
Page 22 and 23: Status Symbol: The Chartered Securi
Page 24 and 25: Physical Security Information Manag
Page 27 and 28: The Insider Threat: Technical Surve
Page 29 and 30: Institute of Risk Management Are yo
Page 31 and 32: Education Sector Safety and Securit
Page 33 and 34: Education Sector Safety and Securit
Page 35 and 36: Access Control: Integrated Business
Page 37 and 38: 4 July 2017 Hilton London Canary Wh
Page 39 and 40: Risk Management in the Construction
Page 41 and 42: CCTV and Surveillance: HD Technolog
Page 43 and 44: Power Supply Continuity and Managem
Page 45 and 46: Insurance Rewards for Managing Secu
Page 47 and 48: Because one size The most compreh
Page 49 and 50: The Security Institute’s View cla
Page 51 and 52: In the Spotlight: ASIS Internationa
Page 53: FIA Technical Briefing: Fire Detect
Page 57 and 58: Cyber Security: Mitigating Risks Po
Page 59 and 60: Training and Career Development str
Page 61 and 62: Risk in Action Porthcawl’s RNLI:
Page 63 and 64: Technology in Focus Disruptive tech
Page 65 and 66: Appointments Joey Hambidge Skills f
Page 67 and 68: 20 - 22 JUNE 2017 EXCEL LONDON, UK
Page 69 and 70: CCTV CONTROL ROOM & MONITORING SERV
Page 71 and 72: SECURITY CASH & VALUABLES IN TRANSI
show all

RiskUKApril2017

Create successful ePaper yourself

Delete template?

Save as template?