RiskUKSeptember2017

jantan

September 2017

www.risk-uk.com

Security and Fire Management

On Terrorism Watch

From ‘Run, Hide, Tell’ to ‘Spot, Sweep, Secure’

ISO 22316: Security and Organisational Resilience

Fighting Financial Crime: Why Culture is Key in UK plc

Total Recall: Best Practice in Crisis Management

Fire Safety Planning: Emergency Evacuation Procedures


Manufacturing X-ray Machines

in the UK since 1950

Call or Email to claim your

FREE THREAT ASSESSMENT

and advice on your direct and associated risks by the UK’s

leading manufacturer of high end security x-ray machines

01480 832202

www.toddresearch.co.uk

xray@toddresearch.co.uk


September 2017

Contents

42 Meet The Security Company

In association with the NSI, Risk UK continues its ‘Meet The

Security Company’ series by asking Doyle Security’s managing

director Andrew Nicholson the major questions of the day

BS 8593 for Body-Worn Video (pp9-10)

5 Editorial Comment

6 News Update

Corporate governance reforms. Cifas study on ID fraud. EU GDPR

compliance risks survey by Bluesource. All change at HMIC

9 News Analysis: BS 8593 for Body-Worn Video

Brian Sims reports on the launch of BS 8593:2017 Code of

Practice for the Deployment and Use of Body-Worn Video

12 News Special: Cortech Open Innovation Events

Brian Sims previews this month’s COIE taking place in Glasgow

and looks back on the success of the Bristol event held in July

14 Opinion: ISO 22316 Security and Resilience

ISO 22316:2017 on Security and Organisational Resilience has

arrived. John Robinson appraises the content in relation to Brexit

16 Opinion: Apprenticeships in the Security Sector

Apprenticeship programmes should be employer-led, but what

does this actually mean? Peter Sherry delves into the fine detail

19 BSIA Briefing

Will Murray on the current state of play in lone worker security

22 Security for the Enterprise

Damien Pezza takes a different slant on risk management with a

detailed overview of combined ESRM-ERM frameworks

45 Evacuation Planning in the Premier League

The re-development of Stoke City FC’s bet365 Stadium takes full

account of planning for fire safety and emergency evacuation

48 The Security Institute’s View

Will the lines dividing risk and resilience management continue

to blur and lead to new thinking? Dr Risto Talas believes so

50 In The Spotlight: ASIS International UK Chapter

Rupert Reid states why, when it comes to counter-terrorism

training, we must now shift the emphasis towards detection

52 FIA Technical Briefing

Alan Elder and Robert Thilthorpe target the all-important points

to note in relation to gaseous fixed firefighting systems

54 Security Services: Best Practice Casebook

As Paul Harvey observes, by focusing on the enablers of

effective collaboration it’s possible to deliver an outcome that

shares Best Practice and enhances existing capabilities

56 Cyber Security: Defending the Digital World

58 Training and Career Development

Richard Diston on career progression for security managers

60 Risk in Action

62 Technology in Focus

65 Appointments

The latest people moves in the security and fire business sectors

24 Fighting Financial Crime: Culture is Key

In the ongoing fight against financial crime, argues Tim

Parkman, fostering a strong internal business culture is vital

27 Total Recall

Does your business have a product recall team in place? If not,

there’s no time to spare. Jennifer Sillars outlines why

30 The Future of Lone Worker Solutions

Employers must provide a safe operational environment for lone

workers. Craig Swallow focuses on today’s available solutions

33 The Changing Face of Security Services

Risk UK’s Guarding Supplement with contributions from Cardinal

Security, Axis Security, CIS Security and Magenta Security

68 The Risk UK Directory

ISSN 1740-3480

Risk UK is published monthly by Pro-Activ Publications

Ltd and specifically aimed at security and risk

management, loss prevention, business continuity and

fire safety professionals operating within the UK’s largest

commercial organisations

© Pro-Activ Publications Ltd 2017

All rights reserved. No part of this publication may be

reproduced or transmitted in any form or by any means

electronic or mechanical (including photocopying, recording

or any information storage and retrieval system) without the

prior written permission of the publisher

The views expressed in Risk UK are not necessarily those of

the publisher

Risk UK is currently available for an annual subscription rate of

£78.00 (UK only)

www.risk-uk.com

Risk UK

PO Box 332

Dartford DA1 9FF

Editor Brian Sims BA (Hons) Hon FSyI

Tel: 0208 295 8304 Mob: 07500 606013

e-mail: brian.sims@risk-uk.com

Design and Production Matt Jarvis

Tel: 0208 295 8310 Fax: 0870 429 2015

e-mail: matt.jarvis@proactivpubs.co.uk

Advertisement Director Paul Amura

Tel: 0208 295 8307 Fax: 01322 292295

e-mail: paul.amura@proactivpubs.co.uk

Administration Tracey Beale

Tel: 0208 295 8306 Fax: 01322 292295

e-mail: tracey.beale@proactivpubs.co.uk

Managing Director Mark Quittenton

Chairman Larry O’Leary

Editorial: 0208 295 8304

Advertising: 0208 295 8307

3

www.risk-uk.com


Premier Elite 64-W/64-W LIVE

EXPANDABLE TO

W

I R E L E S S

Z O N E S

Wireless control panels expandable to 64 wireless zones

Texecom has upgraded its flagship range of wireless control panels by adding two new high zone capacity models to replace

previous, smaller zone capacity, wireless panels.

In today’s connected world, there is no place for systems that inhibit upgrades or restrict additional devices. Security systems can

offer so much more than basic security; increased security, monitoring, safety, perimeter protection and building automation all

require systems that can support a large number and a wide range of devices. With the introduction of the Premier Elite 64-W

and 64-W LIVE, Texecom is removing these limitations and allowing end users and installers to benefit from increased system

capabilities.

Product highlights include:

• Increased zone capacity on Texecom’s Ricochet® enabled

wireless panels

• Replaces and consolidates Texecom’s wireless panel

range to two models

• Facilitates more devices per system to support increased

security, safety and automation device requirements

• 32 on-board wireless zones; expandable to 64 wireless zones

• Available with or without built-in keypad

• Contains Texecom Connect ‘ready’ V4.00 Premier Elite

firmware

• EN50131-1, EN50131-3, PD6662 Grade 2 Class II

Texecom products are designed

and manufactured in the UK


Editorial Comment

More zones, more devices:

Safety devices

Increased security

Building automation

Perimeter protection

Monitoring

Shared Approach

The Government’s Department for Exiting the European Union

(EU) has set out its bold plans for arrangements that could

ensure personal data would continue to move back and forth

between the UK and the EU in the future in a safe and properly

regulated manner. In the latest of a series of papers examining

the UK’s future partnership with the EU post-Brexit, the

Government has considered the case for a “unique” approach

that could allow data to continue to be exchanged in order to

ensure ongoing competitiveness, innovation and job creation.

The document outlines in detail how the UK is considering an

ambitious model for the protection and exchange of personal

data with the EU that reflects the unprecedented alignment

between British and European law and recognises the high data

protection standards that will be in place at the point of exit.

This would allow the UK to work more closely with the EU,

providing continuity and certainty for the business community,

allowing public authorities – including law enforcement

authorities – to continue their close co-operation, protecting

people’s data and privacy and providing for ongoing regulatory

co-operation between UK and EU data protection authorities.

These proposals are said to “provide a stable base” for the

Government to deliver on its commitment to turn Britain into the

“best and safest place” to be online.

Matthew Hancock, the Minister for Digital, explained: “In the

modern world, data flows increasingly underpin trade, business

and all relationships. We want the secure flow of data to be

unhindered in the future as we leave the EU. A strong future data

relationship between the UK and the EU, based on aligned data

protection rules, is in our mutual interest. The UK is leading the

way on modern data protection laws and we’ve worked closely

with our EU partners to develop world-leading data protection

standards. This new position paper sets out how we think our

data relationship should continue. Our goal is to combine strong

privacy rules with a relationship that allows flexibility in order to

give consumers and businesses certainty in their use of data.”

Stewart Room (PwC’s global data protection legal services

leader) responded: “The Government’s position paper makes it

crystal clear that data protection is now a priority issue for the

UK and its economy and in the ongoing fight against serious

crime and terrorism. Successful delivery of the General Data

Protection Regulation (GDPR) will be a critical part of the UK’s

success after Brexit. With this in mind, the paper sends a clear

message to all data controllers and data processors in the UK

that they must embrace the requirements of the GDPR.”

As the position paper has pointed out, it’s vital that the UK’s

data regulator, namely the Information Commissioner’s Office

(ICO), maintains an influential role post-Brexit. To this end, the

ICO will require proper levels of investment if it’s going to be

able to fulfil its vital resource-sharing requirements.

One area that the position paper doesn’t tackle is the concern

in parts of the EU that the UK’s domestic surveillance laws are

challenging to EU data protection principles. The possibility of

partial adequacy decisions could help overcome such concerns.

Brian Sims BA (Hons) Hon FSyI

Editor

www.texe.com

Sales: +44 (0)1706 220460

December 2012

5

www.risk-uk.com


Corporate governance reforms announced

to increase Boardroom accountability

Business Secretary Greg Clark has set out the

Government’s corporate governance reforms

designed to enhance the public’s trust in

business. Under these new Government reforms

to Boardroom accountability, for the first time

all listed companies will have to publish pay

ratios between CEOs and their average UK

workers. This move is aimed at enhancing the

transparency of big business to shareholders,

employees and the public alike.

The Government’s bold package of corporate

governance reforms includes the world’s first

public register of listed companies where a fifth

of investors have objected to executive annual

pay packages. This new scheme will be set up

in the Autumn and overseen by the Investment

Association, a trade body that represents UK

investment managers.

In the coming months, the Government will

introduce new laws to require:

• around 900 listed companies to annually

publish and justify the pay ratio between CEOs

and their average UK workers

• all companies of a significant size to publicly

explain how their directors take employees’ and

shareholders’ interests into account

• all large companies to make their responsible

business arrangements public

Last year, the Prime Minister made it clear

that the behaviour of a small number of

companies had damaged the public’s trust in

big business. Theresa May duly set out

proposals designed to improve transparency

and accountability and afford employees a voice

in the Boardroom.

Commenting on the reforms, Greg Clark said:

“One of Britain’s biggest assets when it comes

to competing in the global economy is our

deserved reputation for being a dependable

and confident place in which to do business.

Our legal system, our framework of company

law and our standards of corporate governance

have long been admired around the world. We

have maintained such a reputation by keeping

our corporate governance framework under

review. These latest reforms will build on our

strong reputation and ensure that our largest

companies are more transparent and

accountable to employees and shareholders.”

The Business Secretary will now seek to

ensure employees’ interests are better

represented at the Boardroom level of listed

companies. Clark will ask the Financial

Reporting Council – which sets high standards

of governance through the UK’s Corporate

Governance Code – to introduce a new

requirement in the Code to achieve this.

Under the Code’s ‘comply or explain’ regime,

firms would have to either assign a nonexecutive

director to represent employees,

create an Employee Advisory Council or

nominate a director from the workforce.

Episodes of identity fraud soar to record levels in latest study by Cifas

Cifas, the UK’s leading fraud prevention service, has released new figures showing that identity

fraud has continued to rise at unprecedented levels during the first six months of 2017.

A record 89,000 identity frauds were recorded, which is up by 5% from last year. Representing

over half of all fraud recorded by the UK’s not-for-profit fraud data sharing organisation, 83% of

identity frauds were perpetrated online.

The latest figures from Cifas show that there has been a sharp rise in identity fraudsters applying

for loans while also involving themselves in online retail, telecoms and insurance products.

Although the number of identity fraud attempts against bank accounts and plastic cards has fallen,

those episodes still account for more than half of all identity fraud cases.

To carry out this kind of fraud successfully, fraudsters need access to their victim’s personal

information such as name, date of birth, address, their bank details and with whom they hold

accounts. Fraudsters access such detail in a variety of ways, from stealing mail through to hacking,

obtaining data on The Dark Web, exploiting personal information on social media or through ‘social

engineering’ (whereupon innocent parties are persuaded to give up their sensitive details to

someone pretending to be from their bank, the police service or a trusted retailer).

Simon Dukes, CEO of Cifas, explained to Risk UK: “We’ve seen identity fraud attempts increase

year on year such that they’re now reaching epidemic proportions, with identities being stolen at a

rate of almost 500 every day. These frauds are taking place almost exclusively online. The vast

amount of personal data that’s now available either online or through data breaches is only making

it easier for the fraudsters.”

6

www.risk-uk.com


News Update

“Employees pose greatest EU GDPR

compliance risk” highlights latest

Bluesource study

Six-in-ten organisations view their employees

as the biggest threat to successful EU General

Data Protection Regulation (GDPR) adherence,

while four-in-ten believe that their current IT

systems could also pose compliance risks.

That’s according to a GDPR awareness survey

conducted by Bluesource.

The study also highlights that, even though

half (50%) are taking steps to prepare for

GDPR compliance, nearly a third (30%) still

believe that the new rules will not affect them.

One fifth (20%) are not sure what to do next.

Over 80% of respondents stated that, with

the deadline for EU GDPR compliance rapidly

approaching, they’re facing a major challenge,

including increased security and governance

around cloud environments such as Office 365

and shadow IT. 80% of those surveyed feel

that ‘Big Tech’ vendors have a responsibility to

ensure that their own systems will meet the

GDPR’s requirements, as well as those of their

customers, but are unsure as to how this will

be achieved in practice.

The increased financial impact of fines and

the expected frequency of their enforcement is

a major concern for most of those surveyed.

An overwhelming 90% indicated that a noncompliance

fine would result in reputational

damage for their organisation and a loss of

trust among customers, suppliers and staff.

Data breaches are already the second

greatest cause of concern for business

continuity professionals and, once this new

legislation comes into force, bringing with it

higher penalties than already exist, this level

of concern is only likely to increase.

Organisations need to make sure they’re

completely aware of the requirements of the

GDPR, and also make certain that their data

protection processes are robust enough to

meet these requirements.

On a more positive note, 45% of those

surveyed have already nominated a member of

a specific departmental function – including

legal, compliance and IT security – to be solely

dedicated to privacy and GDPR initiatives.

However, 20% haven’t considered selecting a

nominated individual as yet, while 35%

suggest that finding a suitably qualified and

experienced individual will be a challenge.

Sean Hanford, information governance

consultant at Bluesource, commented: “Our

research across UK organisations indicates

that a gap remains between EU GDPR

awareness and action. There must be a swift

attitude change towards data protection. Staff

clearly require better skills such that they can

become more data savvy.”

Her Majesty’s Inspectorate of

Constabulary’s remit extended by

Home Office to encompass Fire and

Rescue Services

Building on the experience of Her Majesty’s

Inspectorate of Constabulary (HMIC) in

inspecting and reporting on the efficiency and

effectiveness of all police forces in England

and Wales, Nick Hurd (Minister for Policing

and the Fire Service) has announced that it

will now extend its responsibility and also

inspect Fire and Rescue Services in England.

In order to reflect this new programme of

inspections, HMIC will change its name to Her

Majesty’s Inspectorate of Constabulary and

Fire and Rescue Services (HMICFRS) and

expand to become a fully-integrated

inspectorate for the police and Fire and

Rescue Services. HMICFRS will have a new

logo to reflect its new identity.

Her Majesty’s Chief Inspector of

Constabulary, Sir Thomas Winsor (pictured),

said: “This marks a momentous chapter in the

160-year history of HMIC. We will draw on our

experience of inspecting and reporting on

police forces to develop a framework to assess

the efficiency and effectiveness of the 45 Fire

and Rescue Services in England. In the same

way that police officers run towards situations

that others would instinctively avoid, the

events of recent times remind us all about

exactly how much we rely upon the bravery

and professionalism of our firefighters. I pay

tribute to their courage.”

Sir Thomas will be appointed Her Majesty’s

Chief Inspector of Fire and Rescue Services, in

addition to continuing in his role as Her

Majesty’s Chief Inspector of Constabulary. Her

Majesty’s Inspector Zoë Billingham will act as

the lead for the inspection programme. Each

HMI will have responsibility for a number of

Fire and Rescue Services.

Nick Hurd explained: “Creating an

inspectorate for Fire and Rescue Services in

England will support the continuous

improvement of this critical public service to

make sure that it’s as professional, effective

and efficient as possible. It will also ensure

that, where problems are identified, actions

can be taken by the Fire and Rescue Services

to overcome them. I’m confident that HMIC

will hold Fire and Rescue Services to the

highest standards possible.”

HMICFRS inspections will be specifically

designed to promote improvements.

7

www.risk-uk.com


Protect what’s most valuable

Avigilon Appearance Search video analytics technology is a sophisticated

deep learning artificial intelligence (AI) search engine for video data. It sorts

through hours of footage with ease, to quickly locate a specific person or

vehicle of interest across an entire site.

Avigilon Appearance Search technology can dramatically improve incident

response time and enhance forensic investigations by allowing operators to

build robust video evidence and create a powerful narrative of events.

• Improves incident response time

• Enhances forensic investigations

• Accurately provides search results

• Easy to learn and use

Learn more at avigilon.com/Appearance-Search

© 2016-2017, Avigilon Corporation. All rights reserved. AVIGILON, the AVIGILON logo, AVIGILON APPEARANCE SEARCH and TRUSTED SECURITY SOLUTIONS are trademarks of Avigilon Corporation.

Other names or logos mentioned herein may be the trademarks of their respective owners.


News Analysis: British Standard 8593 for Body-Worn Video

British Standard 8593:2017 focusing on body-worn

video cameras backed by industry

British Standard 8593 delivers a common

framework to boost public trust in the

understanding of where and when bodyworn

video can be employed, with the

document providing technical and operational

recommendations for its appropriate and

proportionate deployment and use.

The new British Standard was drawn up to

address a gap in guidance due to the

differences between the use of CCTV and bodyworn

video, and also with a view to avoiding

any repeat of the privacy concerns associated

with the widespread roll-out of the former. The

UK is widely believed to be the most surveilled

state in the world.

BS 8593:2017 covers planning and

operational recommendations, outlining the

need for body-worn video’s deployment to be

based on legitimate reasons, and particularly

so in terms of undertaking those all-important

privacy impact assessments.

Anne Hayes, head of market development for

governance and resilience at the BSI,

explained: “During the development of BS

8593, it was agreed that public confidence in

the operation and management of body-worn

video was and is critical. Balancing safety,

security and privacy matters is a central

concern. The involvement of both security and

privacy groups shows that British Standards

can deliver industry consensus by aligning

agendas to the public benefit. Body-worn video

has an advantage as a security device in terms

of providing the end user with a sense of

protection. It’s a second pair of ‘eyes and ears’

should something go wrong.”

Tony Porter QPM LLB, the Surveillance

Camera Commissioner, added: “I’m absolutely

delighted to support the new British Standard

and acknowledge the excellent work which has

been undertaken to deliver it in such short

timescales. As the use of body-worn cameras

proliferates, so they become more and more

ingrained as an intrusive capability in the daily

lives of citizens. The important and

fundamental balance of preserving the rights of

citizens while keeping our communities safe

and secure is at the heart of the Home

Secretary’s Surveillance Camera Code of

Practice which, of course, I regulate. The

principles within that Code are resident at the

very heart of the new British Standard and I

commend its introduction.”

With body-worn video cameras now widely adopted by

councils and police services across the UK, and in direct

response to concerns over data security and privacy, a new

British Standard (BS 8593:2017 Code of Practice for the

Deployment and Use of Body-Worn Video) has been

developed in conjunction with security and privacy groups

including the Home Office, the Metropolitan Police Service

and Big Brother Watch*. Brian Sims reports

Legitimate deployment

Examples of the legitimate deployment of bodyworn

video cameras can include:

• Safeguarding employee safety and security

where a given end user of body-worn video may

be at risk of physical or verbal attack or is

otherwise working in a hazardous environment

• As a deterrent if the device wearer is involved

in policing or controlling an environment which

people could try to disrupt

• Evidence capture if the body-worn video user

is involved in a role where they might witness

or investigate criminal activity, and where

capturing visual or audio evidence could assist

with future legal proceedings

• Promoting transparency where device wearers

(such as bailiffs or parking wardens, for

example) regularly encounter complaints

• Capturing data to use in process improvement

or training (identifying learning opportunities)

Device recommendations such as

functionality, weight, image quality and

Tony Porter QPM LLB:

Surveillance Camera

Commissioner

9

www.risk-uk.com


News Analysis: British Standard 8593 for Body-Worn Video

*Organisations involved in

the development of BS 8593:

Association of Security

Consultants, Big Brother

Watch, the British Security

Industry Association, the

Home Office, the Information

Commissioner’s Office, the

Metropolitan Police Service,

the National Police Chiefs’

Council, the National Security

Inspectorate, the Security

Industry Authority, the

Security Systems and Alarms

Inspection Board and

Transport for London.

In an individual capacity,

IndigoVision, Edesix and

SoloProtect were also

involved in BS 8593

encryption are all covered in BS 8593. A

separate clause focuses on data management

and security including data integrity, audit

trails, storage and sharing redaction.

Training for device wearers and data handlers

as well as general operator guidance is

provided in the British Standard, along with a

dedicated clause covering monitoring,

escalation and response as agreed with the

system owners.

The British Standard is applicable to bodyworn

video users and system owners as well as

the suppliers and procurers of solutions.

Examples of where body-worn video systems

might be used include by the Emergency

Services and for taxi marshalling, warden

schemes, security guarding, parking

enforcement and door supervision.

Empowerment for police officers

New research has revealed widespread support

among front line police officers for body-worn

video cameras, with officers finding their use

“empowering”. The independent study,

conducted by criminologists at London

Metropolitan University, looked at officers’

attitudes towards the technology during trials

with the City of London Police. The police

officers involved in the study were interviewed

both before and after the trial to identify any

shifts in attitude towards the technology.

The research discovered that 83% of police

officers feel body-worn cameras should be

adopted, with one adding that such cameras

are “the best piece of kit” they’ve used. The

report, entitled ‘Trialling Body-Worn Video

Cameras for the City of London Police:

Perceptions and Justice Outcomes’, also states

that more than 90% of officers believe such

cameras will assist with evidence gathering.

Lead author Dr James Morgan from London

Metropolitan University said: “Contrary to many

assumptions regarding ‘cop culture’, the

officers surveyed and interviewed for this study

were very progressive in their approaches to

this new technology. They want greater

accountability and oversight. They believe in

their own policing practice and wish this to be

recorded. The findings also point to a particular

context in policing where officers’ actions are

often scrutinised by members of the public who

are armed with their own recording equipment.

The participants in this study wanted their own

footage to counter negative portrayals of the

police which might be found on social media, in

turn having their perspectives and experiences

better understood by the wider public.”

Morgan added: “Police officers are mainly

positive about this technology, and most

notably so in the hope it will reduce spurious

complaints and give the police the opportunity

to show the pressures under which they work.”

Reducing assaults

Another interesting finding is that officers

believe the presence of a camera has a positive

and calming effect on confrontational

situations. Morgan commented: “As well as

reducing complaints, it’s hoped that this

technology will reduce the time officers spend

preparing evidence for court, increase guilty

pleas and contribute towards a reduction of

assaults perpetrated on police officers.”

Second author Dr Dan Silverstone, who now

works at Liverpool John Moores University,

added: “The findings are particularly important

because they address the stereotype that

police officers often face. Body-worn video

cameras will play a significant role in improving

police legitimacy and enhancing public safety.

At the time of the study, there were issues to be

addressed in terms of ensuring that the

evidence from the cameras was compatible

with the Crown Prosecution Service’s own

systems. When these issues are resolved,

evidence from the cameras will increase the

speed and success of prosecutions.”

The idea of body-worn cameras in policing is

relatively new, with the first cameras being

tested back in 2005.

Increasing confidence

Chief Superintendent David Lawes from the City

of London Police observed: “We’re confident

that the continued use of body-worn video

cameras will help us to build on our efforts to

bring policing in the Square Mile into the 21st

Century, while also increasing confidence in our

officers and the difficult job they do.”

Lawes went on to comment: “These cameras

already play an important role in our policing

regime as the mere presence of this type of

solution can often prevent potentially volatile

situations from escalating.”

**See also this month’s

dedicated feature on Lone

Worker Security and Safety

authored by SoloProtect’s

managing director Craig

Swallow (pp30-31)

“Device recommendations such as functionality, weight, image

quality and encryption are all covered in the new British Standard. A

separate clause focuses on data management and security including

data integrity, audit trails, storage and sharing redaction”

10

www.risk-uk.com


They see a well secured airport.

You see smart data to

optimize traveler flow.

Bosch empowers you to build a safer and more secure

world. And with built-in video analytics as of the IP 4000

cameras, we allow you to use video data for more than

security alone. Like identifying interruptions and

patterns in airport traffic.

Find out more at boschsecurity.com

+1

People counting

Queuing alarm

Enforcing safety

regulations


COIE Bristol 2017: Focusing on Smart

Integration and Cyber Security Solutions

The most recent

Cortech Open

Innovation Event,

hosted at the Bristol

Science Centre in July,

afforded professionals

from the building, fire

and security sectors

an educational insight

into the latest smart

integration

techniques,

technological

advancements and

cyber security threats.

Brian Sims reports on

the events of the day

and also looks ahead

to the COIE taking

place in Glasgow later

this month

Reflecting on the COIE held in Bristol on

Tuesday 18 July, Jason Blundell (head of

sales at Cortech Developments) informed

Official Media Partner Risk UK: “COIE Bristol

once again afforded an opportunity for us to

engage with a number of organisations and

individuals at different levels to gain their

perspectives on the challenges they face and

also those confronted by the wider industry.”

Blundell added: “In collaboration with our

technology partners Bosch Security Systems,

Harper Chalice, Paxton and Stentofon-Zenitel

UK, we were able to address some of these

challenges as part of the main demonstration

and interactive technology groups. We were

able to impart our combined knowledge to

deliver value and advice on how to mitigate

current and future security risks. The event also

provided education and discussion around the

threats posed to cyber security and how this

can be addressed through a combination of

people, processes and technology.”

Among the gathering of building and security

professionals, which included myriad

consultants and end users, there was a positive

perspective as to why the COIE events educate

and add value in equal measure.

“This Continuing Professional Development

event provided an excellent opportunity to

learn about the security industry,” explained

Hasani Ade, electrical engineer at AECOM. “The

expertise coupled with the live demonstration

of market-leading technology enabled me to

gain a deep understanding of the latest security

products and advancements. I learned about

monitoring systems, cyber security, data

protection and threat mitigation through virtual

environment modelling. From an engineer’s

perspective, I can now better understand the

intricacies of security systems and what’s

required for the best protection of both

property and assets.”

Such views were shared by another COIE

Bristol delegate, namely Ian Griffiths (associate

at Hydrock). “The event was particularly

engaging and beneficial with an excellent

representation of the latest building and

security technology,” enthused Griffiths. “The

day’s content was complemented by a

demonstration of integration techniques and

the remote monitoring and control capabilities

of software and hardware in combination.”

Griffiths added: “We’re currently in the

process of specifying security systems and their

integration to satisfy user requirements for a

large industrial facility in the UK. The COIE was

particularly useful for meeting technology

specialists from discrete fields who were able

to explain the integration process and

contribute towards our solutions. This was a

very worthwhile experience that I would

recommend to professionals within the building

and security worlds.”

Meanwhile, Mark Harris (senior electrical

engineer at Capita) also found the experience

to be beneficial. “The COIE featured excellent

and enjoyable presentations which afforded

new insights on current multiple technologies.

As a building services engineer, it was

interesting to understand the full capability and

possibilities an integrated security solution can

offer through live demonstrations.”

Technology partners

Attending technology partners at COIE Bristol

have also offered their thoughts on the event.

“The COIE provides educational value for

security professionals and realises an open

platform to discuss industry challenges,”

explained Russell Baker, business development

manager at Stentofon-Zenitel UK. “We’re able

to come together as a group of technology

providers and integration partners in order to

impart our knowledge, both individually and

collectively, on the discipline of risk mitigation,

promoting discussion and engagement on

many key topics.”

12

www.risk-uk.com


News Special: Cortech Open Innovation Events 2017

The event experience was also well received

by access control solutions developer Paxton.

Anthony Searle (commercial manager at

Paxton) observed: “This was the first time that

Paxton had participated in a COIE. We were

impressed by the organisation and professional

approach of Cortech Developments. It was a

unique event that brought together

manufacturers, system end users and specifiers

to discuss risk mitigation through innovation,

integration and collaboration. The day

showcased the latest market-leading solutions

with an emphasis on simple integration,

providing useful real world solutions for the

everyday issues faced by the system user.”

Cyber risk management

As part of Cortech’s cyber security education

agenda, COIE Bristol hosted a Keynote

presentation from Steve Pilkington, technical

director at IT security consultancy Italik. The

presentation centred on the ten steps to cyber

security management, which included advice on

information risk management, secure

configuration, network security, managing user

privileges, user education and awareness,

incident management, malware prevention,

monitoring, removable media controls and

home and mobile working.

Pilkington, who boasts over 20 years’

experience as an infrastructure and network

security consultant, told Risk UK: “It was great

to be part of, and be able to present at, such a

respected industry event attended by many

high-profile organisations. The COIE provided

the perfect platform for education around cyber

security and how this should be factored in as

part of an organisation’s business and security

strategies. The threat is real and the risk needs

to be mitigated through strategic planning and

a particular focus on staff training, vulnerability

management and, importantly, being prepared

and having an incident plan in place.”

Returning to Glasgow

The COIE Series returns to The Lighthouse in

Glasgow (which proved to be an excellent

venue last year) on Tuesday 26 September.

Paul Spence, marketing and communications

manager at Cortech Developments (the

specialist risk mitigation company that provides

integrated software solutions for high security

environments and Critical National

Infrastructure) explained: “The Lighthouse is

Scotland’s Centre for Design and Architecture

and lends itself perfectly to an event of this

nature. It provides first class facilities for our

live demonstrations, technology partner areas

and interactive sessions. The feedback

regarding the event and venue from visitors last

year was extremely positive, so it made perfect

sense to return this year.”

Offering his thoughts on last year’s event at

The Lighthouse, Eric Brunger (senior innovation

analyst for SP Energy Networks) remarked:

“The COIE was different to any events that I

had attended in the past, providing a focus

around the presentation of live events and

actual scenarios that are highly relevant to our

market. The speakers also provided added

value in respect of education and learning. It’s

this format that makes these events work.”

The technology groups and live

demonstration provided added value for

another COIE Glasgow 2016 attendee, namely

Stephen Fleming (physical security manager at

The State Hospital). “The event in Glasgow was

expertly organised with quality partners. These

events are a great networking opportunity

where you have the chance to discuss the

different challenges present across the security

sector. I thought the presentation focused on

the mitigation of risk associated with the

operation and management of multiple CCTV

systems was extremely impressive.”

Looking ahead to COIE Glasgow 2017, Jason

Blundell provided an insight into a new topic

that will be covered at the event. “We’ll be

bringing into focus integrated workflow and

emergency response. Response to critical

events and different threat levels should follow

clearly-defined processes irrespective of

operator experience and have to be managed

effectively to prevent escalation.”

Delegates will also be afforded an insight

into the EU’s General Data Protection

Regulation (GDPR) compliance process and the

management of a cyber security resilience

roadmap thanks to a Keynote presentation from

Scott Simpson, CEO of The Security Circle. As a

certified GDPR and cyber security consultant,

Simpson advises organisations on all aspects of

GDPR compliance and cyber resilience.

Cortech will be joined in Glasgow by four

collaborating technology partners: Avigilon,

Commend, Harper Chalice and Paxton.

COIE Glasgow itinerary

9.45 am: Arrival and Registration

10.30 am: Welcome from Cortech Developments

10.35 am: Industry Challenges in Focus

10.50 am: Guest Speaker – Scott Simpson (CEO

of The Security Circle) on the EU’s GDPR

11.10 am: Live Software/Hardware

Demonstration

11.50 am: Luncheon

12.15 pm: ‘Meet The Manufacturers’

2.20 pm: Closing Statements

Jason Blundell: Head of Sales

at Cortech Developments

If you’re an end user, security

consultant or main contractor,

join Cortech Developments

and its partners at one of this

year’s remaining events:

• COIE Glasgow: 26

September 2017

• COIE Knutsford: 7

November 2017

Note that places are limited

and will be allocated on a

first come, first served basis.

For more information visit

www.coie.uk.com

13

www.risk-uk.com


ISO 22316: Preparing for Brexit

With ISO 22316:2017

Security and

Resilience –

Organisational

Resilience – Principles

and Attributes now

upon us, John

Robinson decided to

apply his own test –

focused on Brexit – in

a bid to ascertain

what’s of value in this

document for security,

risk and resilience

professionals.

Following on from last

month’s initial

discourse, the focus

now turns towards

areas including shared

information and

knowledge and

support for continual

improvement

John Robinson MSc CEng FBCI:

Managing Director of INONI

14

www.risk-uk.com

Every day we’re faced with a barrage of

Brexit-related news items of varying

substance and credibility, many with the

potential to influence or directly affect us and

our relationship partners. Somehow we must

process this media flow, deciding what’s real

and what isn’t, but also second-guess how

interested parties such as customers, suppliers,

regulators and competitors may respond. The

influence of fake news is an illustration of this.

ISO suggests an organisation’s resilience will

be enhanced when all available related

knowledge is appropriately shared, analysed

and applied. Maximising this for Brexit means

that we might harness a wide, varied and

credible range of relevant data and knowledge

sources, define criteria to identify, validate and

value what we collect, assign specialists to

manage, analyse, add value and distribute it as

information, use the information to update the

context model for Brexit, use the model to

trigger and fuel decisions and improve the

Brexit strategy and share results across the

business (and externally if/where applicable).

Where Brexit’s concerned, and perhaps

generally speaking, intelligence drives

resilience. Clearly, we need to respond

acceptably quickly to all kinds of change such

that we’re not disadvantaged. This in turn relies

on high-grade information, analysis, judgement

and executive decision-making. It makes shared

information an important attribute.

ISO 22316 implies that resilience will be

enhanced if the resources required to align with

the organisation’s own resilience objectives are

made available, including an allowance for

adaptation. Aspects relating to people,

premises, technology, finance and information

will inevitably be part of the overall mix.

For those who perceive little or no Brexitrelated

threat, no specific action will be

planned or dedicated resources required.

However, for others, and particularly so in the

UK and the EU, Brexit may be a headline item: a

threat demanding a planned response.

Where this is the case, it becomes a matter of

ensuring the strategy is sufficiently resourced

to be implemented as intended. Some checks

you might wish to make are as follows:

• does the strategy clearly define acceptable

levels of business during Brexit?

• do we know how Brexit changes will affect

resourcing and how we’ll deal with it?

• do we face Brexit-induced failures of supply

and/or demand?

• do we need to increase or reduce our capacity

and can we do this acceptably?

• do we need to diversify or replicate resources

or build-in redundancy?

• do we have the skills and abilities we need to

respond acceptably?

• do we have the inherent flexibility to redeploy

and adjust in time?

• do we look ahead, take account of change

and anticipate what might happen?

It’s tempting to put off resilience resourcing

decisions for the obvious reason that they

consume investment, but will yield no return if

the planned-for situation fails to materialise. As

a discipline, business continuity faces this

dilemma on a frequent basis.

Management disciplines

Attribute 7 is all about the development and coordination

of management disciplines. At first

glance, this seems to be a classic catch-all

statement of the obvious that says your

resilience will be enhanced if you’re good at

every management discipline. However, this is

reasonable if you accept that any deviation

from Best Practice or omission does indeed

potentially leave a hole in your defences,

implying a reduction in resilience. It’s clearly a

valid and relevant indicator.

Moreover, if you did this just as part of your

response to Brexit, the benefits would be felt in

(potentially) many other ways, improving

resilience generally and making management

more effective, efficient and communicative.

With this in mind, and specifically for Brexit,

you might consider engaging the 20 disciplines

with a common purpose of enabling the Brexit

strategy, adapting existing processes, roles and

responsibilities so they interact efficiently,

searching for and plugging any material gaps

between disciplines (thus removing

duplication), keeping the web of disciplines

elastic (such that it can flex and adapt as Brexit

demands change) and establishing

communications and reporting such that all

parties are kept informed and co-ordinated.

Note that the 20 include disciplines such as

asset management, crisis management,

governance, fraud control and so on. Not all

organisations will implement or recognise all of

these disciplines. However, they will generally

be present in some shape or form.

The clause seems to sum up what BS 65000

called ‘coherence’: the joining-up of related key

disciplines into a collaborative resilient whole


Opinion: ISO 22316 Security and Organisational Resilience (Part Two)

with no gaps or overlaps, rather than in

relatively closed silos, creating an environment

for Brexit and other major programmes.

Continual improvement

No organisation has faced Brexit before and it’s

fair to assume that, while some larger firms’

management systems architecture will

accommodate it as just another major change,

the experience will be very new for others. Most

who decide to act in a structured way will

establish a project whose remit and execution

will evolve sporadically, improving only when

driven to do so or when an idea emerges.

Continual improvement is a mindset that

accepts we can always do things better and this

applies particularly to resilience. It means we

systematically and intentionally keep improving

the context model, quality of information and

each of the other attributes listed.

A simplified framework applying this for

Brexit might include making innovation and

improvement part of the strategy and habitual,

regularly scanning for changes and

accommodating them by adapting the strategy,

planning improvements, assigning resources

and making them happen and carrying out

regular reviews while also monitoring what has

been achieved against goals set.

Change drives risk and resilience. If things

didn’t change, equipment would never wear

out, rainfall would be standard and Brexit

wouldn’t happen. Some changes we can

anticipate and plan for, others come out of the

blue or must be imagined because they’re

outside of our experience. In any case,

anticipation and readiness is preferable. The

degree to which we develop and systematise

this will influence our adaptive resilience.

As we’ve seen, Brexit is far from a

straightforward change. It means we need a

mechanism that ensures we’re not surprised or

shocked by what it brings, leaving us wellplaced

to respond and continue with business.

Steps that we can take to build this adaptive

capability might include regularly updating the

context model and using it to look ahead while

scanning for change, modelling change

scenarios and developing response tactics for

those that seem likely, exploring alternatives as

well as ways to deliver on commitments, dual

suppliers and diversifying, planning to respond

and absorb the shock of unexpected

announcements, influencing changes before

and after they materialise and being ready to

adapt without impacting delivery or

compromising vision or core values.

At the headline level, Brexit now seems a

certainty. At almost every other level, though,

the potential remains for surprise. No-one can

be certain how it will unravel, either globally,

nationally or at the organisation level. Our

choices are to either move with the herd and

hope to arrive intact or seize the initiative by

becoming proactive, adaptive and influential.

Contributory factors

The nine attributes focused upon in Part One

and in this month’s article tell us what we

should expect of a resilient organisation. Part 6

of ISO 22316 explains how we can evaluate

these capabilities for ourselves and offers a

governance framework with which to do this.

Again, there’s little if any practical guidance

here to help you decide on acceptable levels of

attainment for each attribute, or a detailed

explanation of how to bring about

improvements in each as this must be

determined by the host organisation.

Apply this framework for Brexit and you

derive a management system that converges on

targets set by top management for each of the

resilience attributes. It – ie the system – needs

to be delivered by a programme or an existing

compatible process that’s kept running for the

duration of Brexit. Delivered as described, it

should continually evolve to track Brexit’s

changing shape and improve such that it aligns

with the organisation’s Brexit-specific and

general resilience objectives or success criteria.

To make it work, you need to set your own

attribute targets and thresholds and monitor

and measure your performance against them.

“Where Brexit’s concerned, and perhaps generally

speaking, intelligence drives resilience. Clearly, we need to

respond acceptably quickly to all kinds of change”

15

www.risk-uk.com


Apprenticeships: Striking The Balance

Between Employers and Educationalists

One of the key

recommendations of

the Richard Review of

Apprenticeships

(published in

November 2012 during

the 2010-2015

Conservative and

Liberal Democrat

Coalition

Government’s time in

Parliamentary office)

was that

apprenticeship

programmes should

be employer-led, but

what does this

actually mean in the

real world and why is

it so important? Peter

Sherry examines a key

issue for the security

business sector

16

www.risk-uk.com

The Apprenticeship Levy funding scheme

went ‘live’ on Monday 1 May and means

that employers can draw down funds in

order to pay for apprenticeship training. In

order to qualify, though, employers have to

agree to a number of rules, one of which states

that they must provide ‘off-the-job’ training.

This isn’t unusual, of course, but there remains

some confusion in terms of how organisations

will address this issue.

That same month, the Association of

Employment and Learning Providers (AELP)

called upon the the Government to review its

rules on apprenticeships’ ‘off-the-job’ training

requirements. According to the Government’s

guidance, employers must provide ‘off-the-job’

training that makes up “20% of the apprentice’s

contracted employment hours across the

apprenticeship”. This effectively means that

trainees must be allowed training time – to the

equivalent of one day per week – within their

normal working hours.

Defending its position, the Government has

stated that ‘off-the-job’ training doesn’t mean

trainees have to receive instruction elsewhere

(at a local college, for example), provided the

training isn’t transacted as part of a trainee’s

normal duties. For example, apprentices might

spend time completing online training,

attending role-play workshops or shadowing a

colleague. Careful recording of such activity is

necessary if employers are to evidence their

ongoing commitment to the Apprenticeship

Levy scheme.

In its research findings, the AELP suggests

that, in reality, more than one third of ‘off-thejob’

training occurs at the trainee’s workstation,

with only 13% taking place away from the

workplace. As the 20% rule is currently nonnegotiable,

some commentators feel there’s a

genuine risk that employers will treat it as a

‘tick-box’ requirement and the quality of

training will subsequently decline.

Still employer-led?

Given the introduction of the 20% ‘off-the-job’

training rule, then, is it the case that

apprenticeships are still employer-led?

Interestingly, the Education & Skills Funding

Agency has published guidance on the 20%

‘off-the-job’ training rule for new

apprenticeships. Aimed at employers and

providers, it clarifies the policy and provides

some Best Practice guidance in terms of how

this requirement should be met.

Back in the day – and by that I mean in the

Middle Ages through to the industrial era – the

apprenticeship was pretty much always

employer-led. To break into a decent trade

meant the learner needed to sacrifice time. In

essence, training was provided in exchange for

effort. The learner studied under someone

highly experienced (a ‘journeyman’) until he – it

was typically a ‘he’ in those days, of course –

became a ‘journeyman’ himself.

For clarity, the word ‘journeyman’ has nothing

to do with being able to travel as a worker. It

emanates from the French word ‘journée’,

meaning a period of one day and suggesting

that work could be charged at a day rate.

As the learner was working directly for the

employer, the employer directly delivered the

training. Indeed, there was often no curriculum.

Individuals simply learned ‘on the job’. That

being the case, the learning always supported

the stated needs and aims of the employer.

In more recent times, there has been a move

away from this model, with outside suppliers

being the ones who create and lead the

learning process. This isn’t without benefit.

Hopefully, the learning is being led by people

who are specialists. Teaching is a skill in itself.

Nine-time Olympic swimming champion and


Opinion: Apprenticeships in the Security Business Sector

former world record holder Mark Spitz’s trainer,

Sherman Chavoor, couldn’t swim and didn’t

need to be able to do so in order to be one of

the greatest swimming coaches of all time.

Of course, the traditional apprenticeship did

have its drawbacks. Learning wasn’t consistent.

It differed from person to person. It took a lot

longer to learn something than was often

strictly necessary. The person teaching may

have been a subject matter expert, but was

unlikely to be an expert in teaching itself. The

learner could end up being a ‘dogsbody’.

Transfer of ownership

As we witnessed a rise in formal education, so

we saw a transfer of ownership of things like

apprenticeships to local colleges and

Government. This did bring positives.

Principally, it created consistency and structure

around learning. It also provided a good

learning environment when not in the

workplace itself, and duly allowed for the

teaching of a wider range of supporting skills.

However, this approach also had its

drawbacks. It’s difficult for an outside

institution – no matter how skilled – to remain

connected with the ever-changing needs of the

employer. Alterations in the business could

take at least one curriculum cycle to integrate

into the training. Learning can become too

theoretical and less focused on delivering

benefits to the business.

Learning can also be too generic – ‘one-sizefits-all’

rather than training someone to be

exactly what’s needed. The NHS could use

apprenticeships to help ‘bridge’ the skills gap,

but can an already overstretched public service

commit to 20% ‘off-the-job’ training?

While offering greater ‘educational purity’,

this was seen by many as being ‘two steps

forward, one step back’.

What the Richard Review of Apprenticeships

firmly recommended was placing the employer

back into the centre of the process. There are

several benefits to be gained from this. The

most obvious is that, whichever way you look at

it, the employer is the key stakeholder. If

employers want apprentices who have a deeper

understanding of the business, then they’re the

ones best placed to make that happen.

This way of doing things also ensures that

the curriculum is grounded in the reality of

what the business needs (ie the stuff that

matters). It also means simplifying what’s

learned. There are fewer qualifications and

everything’s focused on real world activities.

This isn’t to say that learning bodies should

be cut out of the process. There’s a real job to

be done to ensure that sectors operate within

common skills frameworks. Otherwise, it’s very

much the case that individuals cannot move

from job to job with ease.

It’s also important that other skills are taken

on board such that the individual isn’t just an

automaton, but rather someone who can grow

and develop a professional career. The entity in

charge is the employer. Government should

only be directing with a light touch.

Best of both worlds

This approach should deliver the best of both

worlds, with the input of the employer and the

educationalist more in balance to benefit both

the employer and the learner. We’re seeing this

happen in the security sector with the new

Apprenticeship Standard for Fire, Emergency

and Security Systems. This is driven directly by

organisations within the sector working

together with the backing of Government and

the support of partners in education. By the

very way in which this operates, it’s fully

employer-led from the outset.

During the early years of a previous

Conservative Government I really did welcome

(then) Prime Minister David Cameron’s speech

when he visited a Training Academy in

Buckinghamshire. Perhaps more than ever

before, the strength of the Government’s

commitment to apprenticeships was

abundantly in evidence. The Prime Minister

outlined in some degree of detail that he

wanted apprenticeships to be ‘the new norm’

and not just a valid alternative to studying for a

degree, as well as being a route that could

preface degree education.

The Prime Minister’s speech outlined the two

critical aspects of apprenticeships and preemployment

training in which I’ve always

believed. The first is the benefit to the country.

As David Cameron stated at the time: “Britain’s

in a global race. If we want to succeed in this

global race, we have to invest in our Number

One resource which is our people.”

That’s absolutely spot on. We simply have to

have the best skills in every UK sector.

The second benefit is more personal and is

that individuals benefit materially from

learning. That’s equally spot on. Education is

the key to unlocking not just one door, but

potentially hundreds of them. Without training

and skills, individuals can be marginalised and

their options limited.

Peter Sherry: Interim Director

General of Skills for Security

“There’s a real job to be done to ensure that sectors

operate within common skills frameworks. Otherwise,

individuals cannot move from job to job with ease”

17

www.risk-uk.com


The New Camera Line Mx6 Creates More Possibilities.

More Images, in All Light Conditions, in Every Standard

More Intelligence Is on the Way

The new Mx6 6MP camera system from MOBOTIX offers increased performance.

A frame rate that is up to twice as fast than that of other cameras allows it to capture

quick movements even better and simultaneously deliver sharp images in MxPEG,

MJPEG and, for the first time in H.264, the industry standard. The innovative Mx6

camera line is faster, more flexible and higher-performing, opening up new application

and integration opportunities for to you to meet all requirements.

MOBOTIX AG • Langmeil, Germany • www.mobotix.com


BSIA Briefing

With an estimated eight million lone

workers operating in the UK – that is,

people who work in isolation or without

direct supervision, either on a regular basis or

occasionally – and increasing awareness among

employers of their Health and Safety and Duty

of Care obligations towards such employees,

the lone worker safety market is a growing one.

The growth of that market here in the UK has

largely been driven by two key factors: more

and more robust Health and Safety legislation

combined with the development of a high

quality industry standard in the form of BS

8484 Provision of Lone Worker Services – Code

of Practice (more of which anon).

The introduction of the Corporate

Manslaughter and Corporate Homicide Act 2007

into law on 6 April 2008 meant that, for the first

time, organisations could be prosecuted for the

death of a staff member as a result of

management failures in relation to Duty of Care.

Since that Act came into force, the number of

cases and successful convictions has been

steadily rising.

Last year, the Sentencing Council released

new guidelines relating to the sentencing for

Health and Safety, food and corporate

manslaughter offences. The previous starting

threshold recommended for all corporate

manslaughter convictions was £500,000, but

under the new guidelines, a Category A (ie high

culpability) offence committed by a large

organisation begins at £7.5 million with a

category range of between £4.8 million and

£20 million. Smaller organisations with a

turnover of between £2 million and £10 million

can face up to £2.8 million worth of fines if

found guilty of a Category A offence.

As the lone worker safety market developed,

leading suppliers were keen to introduce Best

Practice guidelines and duly engaged with the

police service and other key stakeholders to

create BS 8484. First published in 2009, the

British Standard dovetails with the National

Police Chiefs’ Council’s (NPCC) own Security

Systems Policy, enabling accredited suppliers

to apply for Unique Reference Numbers with

each police force, bypassing the 999 system to

provide a faster level of police response for

their clients’ emergency alarms.

The British Standard was revised in 2011 and

again last year, which saw major alterations

such as the inclusion of lone worker Apps and a

section dedicated to training. In its current

iteration, BS 8484 represents the most allencompassing

lone worker standard available

in the world today.

In the present day, employers and their staff

are becoming more aware of lone worker safety

Lone Worker Security:

An Evolving Landscape

Over the past few years, the lone worker safety industry has

benefited from a huge number of technical advances,

subsequently enabling more and more organisations in a

wide range of industry sectors to better protect their

employees. Here, Will Murray discusses some of the key

developments in the market and outlines how UK companies

are now very much at the forefront of lone worker safety

services, the technology underpinning them

and, indeed, lone working Best Practice. As a

result, they have come to expect more

sophisticated products and higher quality

service levels.

Benefits of lone worker solutions

There are several reasons for this. First,

suppliers and industry stakeholders – such as

the British Security Industry Association (BSIA)

– have worked hard to educate the wider

market and publicise the benefits of

implementing lone worker safety solutions.

Second, successive UK Governments and the

EU have implemented tougher Health and

Safety and HR legislation/policies. This is

against a backdrop of increasing terrorist

events across Europe and some highly

publicised violent attacks on employees by

members of the public, as well as horrific, but

preventable accidents in many sectors, all of

which have exerted pressure on management

to re-evaluate their security arrangements and

place greater focus on staff safety.

Will Murray: Chairman of the

British Security Industry

Association’s Lone Worker

Section and Marketing Director

at the Send For Help Group

(encompassing Skyguard,

Peoplesafe and Guardian24)

19

www.risk-uk.com


BSIA Briefing

Finally, economic pressure on organisations

has led to longer opening hours for businesses

and more employees working on their own.

With greater economic uncertainty ahead, and

organisations under increasing financial

pressure, it’s likely that even more individuals

will be involved in lone working – either in fulltime

roles, or at least during parts of their

normal working day.

While some organisations may view lone

worker systems as an additional and potentially

unnecessary expense, more and more are

coming to realise that the consequences of not

providing adequate safety systems for their

members of staff can be disastrous.

Additionally, more organisations are

becoming aware of the other benefits that

these systems can bring, among them improved

staff morale, happier workforces which feel

more valued by their employers and more

efficient lone working methods thanks to the

use of the latest technology which saves time

for staff and management. Businesses are

becoming more responsible and want to be

perceived as such by their employees,

customers, shareholders and the wider public

as part of their brand values.

Technology developments

When looking at how lone worker safety and

security technology might advance in the

future, it’s important to examine how it has

developed to date.

There has already been a huge number of

technical advances in this industry in the space

of only a few years. There’s now a wide range of

specialist devices boasting different features

that make them suited to particular

environments and job roles.

As is the case with most technology

products, devices have become more powerful

but shrunk in size, making them more

convenient to carry and, importantly for this

market, far more discreet. Additionally, the

proliferation of (and advances in) smart

phones, Apps and accessories has enabled

suppliers to offer end user customers a

convenient alternative to carrying a separate

device by building upon these platforms.

There have also been improvements in terms

of the central systems and server-side

technology provided by suppliers. Bearing this

“While some organisations may view lone worker systems

as an additional and potentially unnecessary expense, more

and more are coming to realise that the consequences of not

providing adequate safety systems can be disastrous”

in mind, we can expect that there will be more

choice in the form and type of product that

customers choose to carry with them, more

convenient products, increased customisation

and flexibility in services and the enhanced use

of smart phone and tablet-based Apps.

As is evident in any industry sector that’s still

developing and evolving, there are challenges

to be confronted both now and into the future.

Organisations are gaining a greater

understanding of the benefits of lone worker

systems, but many still see them as

unnecessary, only realising their true worth

when a serious incident befalls a member of

staff (by which point it’s often too late).

Staff can also react negatively to the

implementation of a lone worker system,

seeing it as a way for management to ‘spy’ on

them, or they can simply be resistant to

changing their daily working habits.

Some industry stakeholders have fully

supported solution suppliers when it comes to

educating the market and developing a British

Standard, but there are a few key organisations

who have been disinterested in terms of

playing an active role.

Many serious accidents and deaths could be

prevented each year with robust lone worker

procedures and systems in place, so every

organisation from central Government right the

way through to sole traders should be

assessing what lone worker safety and security

measures they have in place and, where

appropriate, championing the cause.

Issue of data security

Another challenge facing all organisations, and

particularly so those dealing with sensitive and

personal information, is the issue of data

security. With the enacting of the EU’s General

Data Protection Regulation (GDPR) in May next

year, the Government is clearly – and quite

rightly – focused on this subject at present.

Any reputable solution supplier that’s

certified to BS 8484 will already have a series

of safeguards in place to protect the data that

they manage. This places our industry in a

strong position for that point when the GDPR’s

rules come into force.

The BSIA’s Lone Worker Section has achieved

a great deal since inception, using its expertise

to collaborate with key stakeholders such as

the NPCC and the British Standards Institution

to develop a world-leading industry standard

and raise awareness in the marketplace. As a

result, lone worker safety solutions have gone

from what were once regarded as being niche

products and services to what are now viewed

as essential pieces of safety equipment.

20

www.risk-uk.com



MY PASSION IS

PERFECTION IN EVERY

FENCE I BUILD


Jacek Mierzwa, Welder, 12 years with Jacksons

OUR PASSION

IS YOUR SECURITY

Whether designed to meet the

specific needs of your project or

chosen from our extensive range, all

our perimeter security solutions are

supported by seventy years of design

and manufacturing expertise.

www.jacksons-fencing.co.uk

0800 953 3730

Jacksons

Fencing


Following on from Dr

Philip Strand’s

excellent article (‘ERM

and ESRM: Can They

Continue to Exist

Independently?’, Risk

UK, April 2017, pp20-

21), Damien Pezza

takes a different slant

on the subject of risk

management

philosophies and

delineates why a

combined ESRM-ERM

framework would

allow the former to

benefit from the

latter’s internal

control and risk

measurement

mechanisms

Damien Pezza MSc FIHEDN

FINHESJ: Security Consultant

at CornerStone GRG

Security for the Enterprise

Since its inception back in the mid-1950s,

the risk management industry has

undergone several major paradigmatic

changes. It has witnessed a progressive

distinction between security management and

risk management, as well as an increasing

emphasis on the convergence of physical and

information security.

Innovations have included risk management

approaches and frameworks such as Enterprise

Security Risk Management (ESRM), a process

that was developed in 2005 (with help from the

Alliance for Enterprise Security Risk

Management) by ASIS International, the

Information Systems Auditing and Control

Association (ISACA) and the Information

Systems Security Association (ISSA).

ESRM is a risk management “philosophy”

that ASIS defines as a “process used to

effectively manage security risks, both

proactively and reactively, across an

enterprise”. Not only does it encourage security

practitioners to assess all types of security

risks holistically (ie information, cyber,

physical, asset management or business

continuity), but also to engage directly with risk

owners and corporate level decision-makers.

Employees, departments, facilities, assets

and their associated risks are increasingly

connected. For this reason, ESRM asserts that

only an integrated and cross-organisational

approach to security has the potential to

comprehend and deal with what the future

holds. However, ESRM has met with its fair

share of issues. It fails to properly emphasise

how security risks can impact business risks

and how assets facilitate the attainment of

organisations’ overall objectives.

Beyond the traditional

First, let’s take a look at ESRM’s comparative

advantages over Enterprise Risk Management

(ERM) and then analyse its own shortcomings.

Subsequently, the importance of bringing ESRM

and ERM together in order to remedy the

failings of both approaches will become clear.

ESRM is distinguishable from traditional

security approaches and previous risk

management frameworks, namely ERM. ESRM

argues that risk management is not only about

securing assets and preventing losses, but also

about bringing concrete and competitive value

to an organisation and furthering its business

objectives. Risks are not only a liability, but

also an opportunity.

Unlike ERM, which tends to focus on financial

and economic components, ESRM places the

emphasis on traditional physical security and

risks to operational assets.

ERM focuses on four ‘risk quadrants’,

including strategic risks (ie reputation,

macroeconomic and societal trends or

competition risks), hazard risks (eg personnel,

liability, property exposure or theft),

operational risks (ie failures in processes,

systems or controls) and financial risks (eg loss

in capital, liquidity risk or market risk). ERM,

though, has been criticised for its heavy focus

on financial risks and for failing to properly

comprehend the importance of physical

security in risk management.

Although physical risks might seem to relate

to the ‘hazard risks’ quadrant of ERM, their

effects extend far beyond this simple category.

Offences committed by employees or outsiders

(such as theft, assault or criminal damage)

could have a serious impact on asset

protection, not to mention the host company’s

financial activities and its reputation in the

outside world.

ESRM differs from ERM and from more

traditional task-based interpretations of

security by viewing physical security as an

aspect of an organisation’s overall risk profile.

Back in 2010, ASIS International’s CSO Round

Table published a White Paper on ESRM,

showing that “traditional security issues are

rarely the ones that are keeping security

professionals awake at night”. Non-security

risks such as database theft and economic

concerns were the top worries. Security

conceptualised as ‘guards, gates and guns’ has

since become obsolete, making room for more

holistic understandings of security and risk.

Change in mentalities

The emergence of ESRM and its adoption by a

number of organisations and associations

stands as proof of a change in mentalities, not

only within the risk management industry itself,

but also across industries in general.

Security professionals, line managers and C-

Suite leaders are now far more conscious of the

necessity to go beyond the silo mentality and

enhance lines of communication between risk

managers and risk owners. Without pretending

to supersede other risk management

frameworks, ESRM strives to go beyond

security convergence and stands ready to

provide a direct link to ERM.

22

www.risk-uk.com


Enterprise Security Risk Management

Despite its usefulness as a much-needed

addition to the risk management industry, as

stated ESRM isn’t without its flaws and its

practical application has proven to be difficult.

First, due to its deliberately holistic and

universal character, ESRM fails to take into

account the effects of organisations’ preexisting

structures and cultures on risk and

asset management. Each organisation is

different, and taking these factors into

consideration could help businesses avoid

easily-predictable obstacles when

implementing risk management strategies.

It’s not uncommon for risk managers to

encounter difficulties related to employee and

managerial resistances to change, losses of

motivation and involvement after the first

stages and confusion about the relationships

between risks and controls. ASIS’ 2010 White

Paper also indicated that, when attempting to

implement an ESRM strategy, CSOs and non-

CSOs alike frequently run into a lack of funding,

personnel, support from fellow staff members

and the persistence of a ‘silo mentality’.

Second, ESRM fails to fully address how

physical security risks and business risks

interact. It was designed to apply to all types of

organisations, but non-profit and for-profit

organisations are inherently different in terms

of their outputs and approaches to ‘costeffective’

products, services and, indeed, those

outputs themselves.

In the Harvard Business Review (2012),

Kaplan and Mikes stated that “one size doesn’t

fit all”. Contrary to the efforts of regulatory

bodies and professional associations – such as

ASIS International or the Committee of

Sponsoring Organisations of the Treadway

Commission (COSO) – ‘standardising’ the risk

management function remains highly difficult.

Consistent framework

Finally, ESRM still lacks a consistent and

codified framework, not to mention effective

oversight, evaluation and performance

measurement mechanisms.

As has been mentioned in previous editions

of Risk UK, ASIS designated ESRM as a global

strategic priority at the end of last year, thus

integrating its principles and philosophy into its

professional certifications (ie the Certified

Protection Professional, the Physical Security

Professional and the Professional Certified

Investigator). At present, it’s impossible to be

officially ‘ESRM-certified’. On the other hand,

certificates and courses exist for other risk

management frameworks (for example, courses

or post-graduate degrees in ERM are offered by

several institutes and universities).

The ‘proper’ implementation of ESRM still

appears to depend somewhat heavily upon

individuals’ initiatives and opinions. Despite its

inception nearly a decade ago, many

commentators still feel that ESRM has yet to be

developed into a clearly-defined tool for

organisational improvement.

Given ESRM’s limitations, it would be entirely

fair to question whether it deserves the

attention it has received from CSOs and

organisations such as ASIS International, ISACA

and ISSA. It seems that it does, although not

necessarily as an independent discipline. To

survive as an independent model and bring

greater value to organisations, ESRM might first

have to shed its uniquely strategic and

universal approach and then merge with ERM.

ERM has demonstrated its applicability at the

strategic, tactical and operational levels, as

well as its ability to cope with change and

evolve accordingly. In June last year, COSO

released a draft update of its ERM integrated

framework. This insists on the importance of

strategic decision-making and the oversight of

risk management by corporate management, as

well as on the importance of organisational

cultures. The draft also highlights the role that

cultures, behaviours and attitudes towards risk

play in the execution of risk management

strategies themselves. It’s complimentary to

ESRM, then, which lacks these emphases.

“Given ESRM’s limitations, it would be entirely fair to

question whether it deserves the attention it has received

from CSOs and organisations such as ASIS International”

23

www.risk-uk.com


During the past few

years, the UK has

been enhancing its

anti-money laundering

and counter-terrorism

and proliferation

financing regimes. At

the same time, casting

the net beyond the

financial community to

encompass the entire

private and public

sectors, there have

also been updates to

the anti-corruption

laws, with a new

Bribery Act coming

into force back in

2011. In the ongoing

fight against financial

crime, argues Tim

Parkman, fostering a

strong internal

business culture is

absolutely vital

Fighting Financial Crime:

Culture is Key in UK plc

The nexus between corruption and money

laundering is becoming ever-more

important. Since the World Bank estimates

that US$1 trillion is paid in bribes each year to

corrupt officials around the world – the

International Monetary Fund suggests that

figure is nearer to the US$2 trillion mark – and

most, if not all, of that needs to be laundered

through the financial and commercial system,

the confluence of the two events is a timely

reminder of the growing need for vigilance

against financial crime generally within the

UK’s business community.

The laws in place today carry severe criminal

penalties for proven wrongdoing, including

heavy fines and, potentially at least, terms of

imprisonment for executives. That being so,

organisations need to establish robust internal

mechanisms designed to detect and deal with

wrongdoing. They must readily identify the

training of staff as a core requirement.

A number of high-profile money laundering,

corruption and fraud cases over the years

indicate that, while good systems and controls

can go so far in avoiding legal and reputational

catastrophes, they don’t usually lead you all

the way there. To really succeed in up-front

prevention, something else is required. This

could be management determination, corporate

culture, staff buy-in: a certain something or a

combination of things hardly ever written down

or handed out, but which means that the rules

are applied de facto, day in and day out, in the

business operations of the company.

Looking back into the mists of time, Enron

had a Code of Conduct in place. So, too, did

Siemens, but that didn’t prevent the bankruptcy

of the former and the public despoilation of the

latter. Deutsche Bank and HSBC – both more

recently the subject of huge financial penalties

for weaknesses in their Anti-Money Laundering

(AML) control frameworks – had AML policies

and procedures in place. Either something went

missing on the way to the front line or

otherwise it was never there in the first place.

How, then, can this ‘missing link’ be created?

Focus on awareness

Focusing on awareness on a continual basis is a

key first stage in building the right corporate

atmosphere. Awareness isn’t the same as

training, although the two are often mentioned

in the same breath. Awareness exists when

everyone’s mind turns intuitively to a particular

issue without the necessity for prompting.

It doesn’t come about through an annual

training session. Rather, it needs constant

reminders and repetition of the same point

made in different ways, generating interest and

engagement until people automatically think

“This is important, I need to be careful here…”

Videos, e-mails, posters, hand-outs, special

instruction days – all can be used to good

effect. Only with awareness can whistleblowing

(more of which anon) be truly effective.

It’s important not to reward rule-breaking

behaviour. Any organisation that’s serious

about observing the laws on financial crime

should devote attention to stamping out

practices which put people in doubt about what

the company’s ‘real’ policy is on this matter.

Organisations have various options open to

them as to how they might handle different

combinations of outcomes from an employee’s

performance in which he or she either meets or

exceeds their targets and either ignores or

observes organisational values in the process.

If employees miss targets and ignore company

values then you fire them, right? The opposite

is true for those who hit their targets and abide

by the rules. You reward or promote them.

Perhaps underperformers could be coached

and encouraged, but then exited from the

24

www.risk-uk.com


Bribery, Fraud and Corruption: Risk Mitigation Procedures

business if they still cannot improve? After all,

you have to hit your targets, don’t you? The

acid test really centres on how your company

treats employees who meet or exceed their

targets, but who ignore the company’s values

and break its rules on a selective basis. If you

reward them, everybody is aware of the

message that the rules don’t really matter.

Rule-breaking must be punished, not rewarded.

Coded encouragement

Aware that stiff business targets may be more

easily met if a few corners are cut here and

there, some managers have been known to use

phrases and terminology as forms of coded

encouragement to subordinates to ignore the

rules, without actually stating that it’s

permissible to do so.

“Who here has what it takes to meet these

targets?”… “Are you brave enough to go out

and grab these figures?”… “How many people

in this room will do whatever it takes to get us

over the line?”… These are all real examples

related to me by people who were there. I once

knew a Board director of a large UK company

whose favourite phrase was: “Don’t bring me

problems... Bring me solutions!” Depending on

the context, when you say something like that,

you should know that it can mean different

things to different people.

It’s unrealistic – as well as being totalitarian

and unproductive – to try to control how people

speak day-to-day, but it’s sensible to

continuously remind managers of the need to

communicate the requirement for integrity

clearly and unambiguously and to back that up

with firm action.

Always track decision-making. This refers to

ensuring that day-to-day business decisions are

made properly and that everyone who’s

supposed to have expressed a view, or who

might be expected to express one, has that

view – or their unwillingness to express one –

recorded in reliable ways.

While working in compliance, I learned never

to be surprised by the lengths to which a few

individuals would go to avoid giving ‘sign-off’

on projects that were enticingly lucrative, but

also worryingly risky. The implication was clear:

by encouraging, but not formally endorsing

them, they hoped to enjoy the benefits of

success if things went well, but without any

flecks of blood on their tunics if there were

adverse legal or compliance issues at some

point down the line.

AML and anti-bribery rules and Best Practice

require senior management to be involved in

decisions about taking on and servicing high

risk customers and markets. Companies need

transparent, auditable decision-making

procedures and protocols in place coupled with

regular checks on the way in which they’re

being operated to ensure that this happens.

Encourage whistleblowers

Encouragement for whistleblowers is absolutely

vital. Whatever ‘it’ is, somebody in the

organisation who’s not involved probably

knows about it, or at least suspects something

that could provide a crucial lead. How much

money, time, pain, reputation and general good

standing could have been saved in the world if

all the people who knew about ‘it’ had come

forward – and been dealt with appropriately -

rather than keeping quiet, or being verbally

abused and sacked as troublemakers?

We’ll never know, but what we do know is

that an effective whistleblowing hotline is three

times better at exposing fraud and corruption

inside an organisation than the next best form

of ‘detective control’.

Nobody wants to give priority to perpetual

moaners about car parking spaces and alleged

Human Resources shortcomings, but when it

comes to the big stuff, this is something to

which you must devote your attentions.

The entire approach of senior management,

and especially the Board, should be geared

towards something which may seem counterintuitive

at their stratospheric level: seeking out

problems as much as they seek out

opportunities. A common feature of corporate

catastrophes is a failure to escalate in time.

“Why weren’t we told about this sooner?” is a

common enough refrain, but we already know

the answer in lots of cases.

Not enough senior individuals are

uncomplicatedly accessible for the receipt of

bad news and, because of that, not enough

junior people are prepared to deliver it. The

Board – and individual Board members in their

specific areas – should actively look for the ‘red

flags’ associated with corruption, fraud or

money laundering with the same zeal as they

would examine in fine detail a strategic

acquisition or a major new market.

Sharp increases in revenue, sudden changes

of personnel or the swift – and profitable –

removal of a Government ‘blockage’ in a key

overseas market should be challenged and

explained. Specialist training is merited here.

Tim Parkman MA: Managing

Director of Lessons Learned

“Any organisation that’s serious about observing the laws

on financial crime should devote attention to stamping out

practices which put people in doubt about what the

company’s ‘real’ policy is on this matter”

25

www.risk-uk.com


The premier fire safety show

in the North of England

Fire Safety North debuts at EventCity Manchester on 10-11 October and will help fire and safety

professionals to achieve and maintain the very highest standards of fire safety management.

Fire Safety North offers visitors the opportunity to:

• Hear talks from an unparalleled line-up of key industry figures at our free to

attend seminar theatres

• Be the judge and jury in a mock trial on breaches under the Fire Safety Order

• Enjoy breakfast on us at our breakfast briefings on passive fire protection and tall

buildings

• See the latest fire safety products and services from our range of exhibitors

Fire Safety North is uniquely co-located with the well-established and widely respected Health &

Safety North and will see more than 2,000 delegates in attendance.

Get your FREE visitor ticket online today at www.firesafetyevents.com

Co-located with

Sponsored by

Supported by


Crisis Management: Leadership in Product Recall Events

During times of stress, a plan to turn

towards is a comfort. The assumption is

that the plan is created with clear heads

and the luxury of informed decision-making

from all relevant parties. The purpose of a

defined product recall plan is to guide action.

However, companies often find their recall plan

to be too general and amounting to little more

than a sample product recall plan that could be

applicable to any business.

There’s no point in having a plan if it’s not

specific and actionable. A safety recall can have

dangerous consequences if not dealt with

swiftly. Ensure that valuable time isn’t wasted

by defining the recall process beyond common

sense headings. Set specific points of action by

product or type of recall. Pre-determine

priorities and timescales and make

accountability of tasks clear. List all external

stakeholders and what they need to be told and

include important external stakeholders in

planning such that they understand their role.

Once the recall procedure is defined, the

comprehensiveness of the plan can then be

tested by training your recall team against it.

Managing risk can be an endless task. Part of

the planning process typically includes an

exploration and documentation of all possible

failures in the design, process, product or

service. A cross-functional team is necessary

for this exploration to be successful.

Risks are live and sneaky. The likelihood and

potential impact of a risk may be set at the

start of the project, but you must keep a live

and dynamic view of risks, their related risks

and the domino effect of changing

circumstances. The people involved in the

original risk assessment are not likely to be the

same as those who will spot the critical change

in circumstance so it’s important to make it

easy for people to report their concerns.

At various points, reassess risks with fresh

eyes and record the risk score against the

original. Remain alert to emerging risk.

Continually think about likely causes of recall

and focus training around high risk aspects of

your operations. Regularly reassess and update

your risk registers and take product recall into

account in change control. Make it easy for

people to report their concerns and use risk

severity and likelihood to prioritise both

mitigation actions and training.

The recall team

Training your product recall team against the

recall plan not only validates its usefulness, but

also helps everyone involved to act decisively

when time is of the essence. A product recall

should be a rare occurrence so staff shouldn’t

Total Recall

We can all agree that exploding or fire-prone mobile phones,

potentially life-threatening vehicle airbags and poisoned or

otherwise contaminated food are best avoided. However, it’s

sometimes the case that products do malfunction. What the

manufacturers involved do about such situations determines

how they’ll be judged by consumers. Does your business

have a product recall team primed for action? If not, there’s

no time to spare. Jennifer Sillars outlines precisely why

be expected to know what to do without

training and support.

A product recall team must be set up prior to

the need for a recall. From the plan you will see

the stakeholders who must be involved, their

priorities, the interdependencies and timelines

for action. If relevant personnel – including

external parties – are aware of what’s expected

of them there will be no crossed wires or

avoidance of responsibility. All parties will be

focused on what’s most important (ie

minimising harm to consumers).

Front line staff dealing with complaints are an

important early warning indicator of problems.

The processes that front line staff work to are

far removed from those around product or

service creation and maintenance. If front line

staff have a good understanding of the product

and the risks for which those closer to the

product are on high alert, they could diagnose

and escalate emerging issues before any real

damage is done.

Regardless of the link between front line and

behind the scenes operations, logging of

Jennifer Sillars:

Product Marketing Executive

at Ideagen

27

www.risk-uk.com


Crisis Management: Leadership in Product Recall Events

complaints so they can be profiled is a

worthwhile task. By profiling complaints,

patterns emerge that inform product

improvement decisions and the true scale of

low-level defects.

For serious incidents, an investigation must

begin into the actual cause. A fine balance of

maintaining a positive relationship with the

customer while assessing the culpability of

complaints is a delicate task for which front line

staff need to be prepared. Although well

meaning, it helps no-one to assume that the

customer’s story is the full story. What’s most

important is ensuring that the incident doesn’t

affect anyone else.

Decisive response

A swift and decisive response is required for

any product recall, but it’s important not to

panic or make the situation worse. Regardless

of fault, it’s your company’s responsibility to its

customers to show leadership in product recall.

The response must be in line with the severity

of the situation, demonstrate care and concern

for consumers and be consistent throughout

the incident.

Safety concerns may instil panic in

consumers, regardless of the actual level of risk

posed. Communications must provide all the

information required for consumers to

understand the risk to them and guide them in

how they should respond to the incident. Just

as you cannot expect staff to know how to

react, don’t expect consumers to understand

how concerned they should be.

If the risk is high, make this clear. On the

other hand, if consumers are being agitated by

media sources beyond the level of recall, keep

your response measured. As long as it’s clear

that your actions are in the interests of

consumers, and not just profits, you can begin

to build back any trust that has been lost.

The recall response doesn’t just affect

external parties. It’s easy to neglect normal

operations during a product recall.

Unfortunately, such short-sightedness only

increases the risk of more going wrong as the

focus is deflected from ongoing quality control

of products currently being produced.

After the recall is complete, audit the

effectiveness of that recall. Capture Best

Practice and lessons learned while the

“A mixture of objective observers and those closest to the

fault need to be involved in improvement discussions. The

process owner has to be engaged and listened to if

meaningful change is going to occur”

experience is still fresh. This is common sense

and widely adopted Best Practice. Reinforcing

the need in product recall workflows is worth

doing as the utter relief of the episode being

over can make it difficult to motivate individuals

to look back at what didn’t work so well.

The problem often lies in actioning

recommendations. A mixture of objective

observers and those closest to the fault need to

be involved in improvement discussions. The

process owner has to be engaged and listened

to if meaningful change is going to occur. Using

their expertise, they’re able to assess feasibility

of changes and the knock-on effect of those

changes. Process owners also provide valuable

insight into the background of recall reasons,

and particularly where resourcing is an issue.

Process owners should be built up into

champions of improvement projects, rather

than taking an accusatory approach. An audit

alone will not stop reassurance. At the end of

the day it’s people who drive change.

Exerting control

Product recalls are costly, damage reputations

and make customers wary. The risk of product

recall is often missed because manufacturers

are earnestly focused on producing the best

product they can. Quality and safety are built

into the design so, when unexpected causes of

recall slip in, they can be missed.

Innocent mistakes can be hard to avoid, but

when the mistake is due to a lack of training it’s

avoidable. Any change in the process increases

the likelihood of mistakes. Full training with

easily accessible reference documentation is

necessary to prevent staff from guessing the

right course of action when they’re under

pressure to keep to a production deadline.

Internal staff are not the only unknown

quantity. Most supply chains are becoming

longer and more complex. Much trust is placed

in suppliers. Once production is in motion

there’s little control left to exert. A robust

supplier approval process and setting clear

expectations at the outset of the relationship

are where you have the best chance of avoiding

causes of recall.

Product recall is a high stress situation that

needs structure and teamwork in equal

measure if it’s going to be tackled effectively.

As a company, you must take ownership of the

situation, regardless of the exact reason behind

the need for the recall.

During a product recall you’ll be under an

unprecedented amount of scrutiny that requires

a leader. Your internal team, suppliers and

customers all need this leader to carefully

guide them through the situation.

28

www.risk-uk.com


www.coie.uk.com

Cortech Open

Innovation Event

The Lighthouse, 11 Mitchell Lane, Glasgow, Scotland, G1 3NU

26 September 2017

The Mitigation of Risk for Workplace Safety, High Security

and Building Efficiency

An event with a difference for end users, consultants and main contractors:

Be educated, informed and better equipped to manage evolving building needs

Keep abreast of the latest advances in security, fire and building control technology

See technology in action as part of the live demonstration

Discover the latest smart integration techniques

Discuss industry challenges with fellow security professionals and technology experts

Learn about GDPR compliance and cyber security resilience

Attending Partners

Cortech

Developments

Media Partner


The Future of Lone Worker Solutions

It’s always important

for any individual to

consider their

personal safety and

remain vigilant at all

times when working

alone. Difficult

situations can arise,

with such unforeseen

circumstances

potentially having

serious consequences.

As Craig Swallow

outlines, considering

personal safety

becomes particularly

important when

you’re in charge of a

workforce and you

have a moral and legal

obligation towards

your employees’

safety and well-being

30

www.risk-uk.com

It’s the responsibility of all employers to

provide a safe working environment for their

workforce, including those members of the

business who work alone. Put plainly, this

means that employers should do everything

within their power to ensure all employees have

the necessary tools in place that allow them to

respond correctly to emergency situations.

Currently, this involves appropriate training,

thorough risk assessments, a comprehensive

lone worker policy and a dedicated lone worker

safety/security solution. There are a great

number and variety of lone worker solutions

available, ranging from dedicated lone worker

devices to mobile phone applications. As in all

walks of life, advances in technology – and

adjustments to legislation – mean that these

solutions must adapt and improve with time.

Body-worn video systems are one of those

technologies which has seemingly been

deployed in volume within a very short time

frame and without much fuss. In fact, to date

around 600,000 body-worn video devices have

been deployed, the majority of them in the

USA, approximately 75,000 here in the UK and

many tens of thousands throughout European

markets. Over the course of the next five years,

market analysts predict that deployed volumes

will rise to almost three million devices.

While many lone worker devices currently

capture live audio which can be used for future

use (such as admissible evidence in court

proceedings, etc), it’s clear that a live video

stream or the capture of visuals will – quite

literally – offer a clearer picture of events. Live

video allows for a faster emergency response if

necessary and can prove more helpful should

captured footage be used as part of a

prosecution case. Therefore, body-worn video

and the inclusion of video seems like the

logical next step for lone worker devices.

Video recording and storage

As I’m sure you’re aware, there are many

implications when it comes to the recording

and storage of video data. Protecting and

appropriately using this data is very important.

With the European Union’s General Data

Protection Regulation (GDPR) coming into effect

in May 2018, such considerations take on an

even greater importance.

It has been widely publicised that the GDPR

will generate a significant rise in the cost of

poor data protection practices, with fines of up

to 4% of domestic gross revenue being applied

in the European courts. Therefore, how any

business is using and storing data will come

under intense scrutiny.

Such is the degree of concern expressed by

high-ranking individuals at the Home Office, the

Information Commissioner’s Office and the

Metropolitan Police Service about poor data

protection procedures that a new British

Standard – namely BS 8593: Code of Practice

for the Deployment and Use of Body-Worn

Video – has just been launched.

For my part, I was fortunate enough to be

asked to sit on the drafting committee for this

important British Standard and have learned

first-hand how serious the UK authorities are

about making sure that all employers seeking

to deploy body-worn video follow the guidance

as laid out.

The voluntary British Standard delivers a

common framework designed to boost public

trust in the understanding of where and when

body-worn video can be used. It provides

technical and operational recommendations for

the appropriate and proportionate deployment

and use of such video.

The new British Standard was drawn up to

address a gap in guidance due to the

differences between the use of CCTV and bodyworn

video, and also with a view to avoiding

any repeat of the privacy concerns associated

with the widespread roll-out of CCTV. BS

8593:2017 covers planning and operational

recommendations, outlining the need for body-


Lone Worker Security and Safety

worn video’s deployment to be based on

legitimate reasons, particularly in terms of

undertaking a privacy impact assessment.

Deployment scenarios

At the core of BS 8593 is an implicit

understanding that there are four different

deployment scenarios, any one of which might

be appropriate to an organisation seeking to

deploy body-worn video. Each scenario

considers how a body-worn video device shares

and stores its data.

Capturing evidence from body-worn video

devices deployed on members of staff, and

notably those working alone and/or out in the

community, brings with it many other unique

challenges. What if audio is recorded? What if

other, non-incident related individuals are

captured in the video? Is a recording allowed if

it happens in someone’s home or on private

property? These and many other questions will

start to arise – and demand answers – as more

and more deployment scenarios occur.

Current body-worn video solutions tend to

record video and store footage locally to the

body-worn device. That data is then extracted

from the device at a later point in time, typically

to a docking station, by way of the removal of

an SD card or by using a secure Wi-Fi

connection to the employer’s network.

In this current scenario, it’s evident that while

useful visual evidence has been captured, its

use can only occur at a later point in time and

after any actual risk incident has passed. That

being so, to deploy a current body-worn style

device for a lone worker simply wouldn’t help

with ensuring an immediate escalation in the

event of an incident.

Moving to a scenario where the video’s

streamed in real-time via an appropriate

cellular connection clearly provides an

advantage in that it can be used immediately

during an incident. It also helps benefit the

operator based in an Alarm Receiving Centre

(ARC) or Control Room in that they’re far more

likely to be able to ascertain on a swifter basis

the nature and severity of the episode, all of

which further helps with the speed of incident

management and ensures that low level or false

alarm incidents are not passed to the police.

Data protection issues

The current scenario of recording locally to the

body-worn video device brings with it some

significant data protection challenges if, for

example, the lone worker has an ability to view

or replay the recordings made on the device,

and specifically if non-incident related

personal data is captured on that recording.

To date, the majority of deployments of bodyworn

video devices have involved police

officers: individual workers who are honest,

upstanding and able to follow instruction,

process and rules. Even then there have been

incidents whereby body-worn devices have

been removed and stolen by assailants, thus

introducing the potential for data breaches.

If body-worn video devices are to become

commonplace for other lone workers (ie those

who are not police officers), then ensuring that

those devices and their retained video data

remain intact and are used correctly becomes a

challenge for the employer. Moving to a model

whereby the video is streamed live and not

stored locally on the device will help in

ensuring that all employers stick to the GDPR.

One final observation for those employers of

lone workers hoping to use video for when risks

occur during engagement with clients, patients

or service users in their own homes. The

employer will need to make absolutely sure

that there are very clear policy guidelines in

place for those workers if and when they need

to use video to record an incident. Recording

needs to be warranted and the owner/occupier

of the property pre-notified that recording

could occur and under what scenarios.

There must be an open book approach with

clients/patients/service users that such

technology is being used to ensure the safety

of staff members entering personal property. If

a recording occurs which is warranted then it

must be clear to the recorded party that such

recordings will be deleted and details given in

terms of the timeframe for this procedure.

Equally, if recordings are warranted –

because an incident has occurred that causes

concern for the safety of the worker – then it

should be clearly noted that recording is taking

place. Any non-incident related personal data

captured as an aside must be redacted before

that video is used or shared by the employer.

Companies wishing to supply body-worn

video systems need to be investing now in their

ARCs, processes and personnel in order to

ensure they’re better placed to assist their end

user customers in making certain that video

data is perfectly safe. They also need to be

working to ensure that, if a body-worn video

user’s personal safety is at risk, escalation of

the incident in terms of summoning assistance

is the fastest and most effective route possible.

Craig Swallow: Managing

Director of SoloProtect

“The new British Standard 8593 was drawn up to address a

gap in guidance due to the differences between the use of

CCTV and body-worn video”

31

www.risk-uk.com


What plans do you have for

emergency evacuation?

As detailed in the Equality Act (2010) places of employment,




So in the event of an emergency

can you evacuate the mobility

impaired safely?





H

The Evac+Chair is the World’s No.1

Emergency Stairway Evacuation Chair

0121 796 1427 FREE evacuation

assessment www.evacchair.co.uk


The Changing Face of Security Services: Procurement

Human Resources:

The Finance Factor

When procuring security guarding services, organisations need to ensure

that the solution they choose is cost-effective, proportionate to the risks

assessed and meets the needs of all parties. For the benefit of Risk UK’s

readers, Cardinal Security’s sales and marketing director Kerinda Trigg

recently chatted with leading procurement consultant Neil Birkbeck about

the key considerations involved and how to arrive at the best outcome

The Regulator for contracted guarding

services in the UK is, of course, the

Security Industry Authority (SIA). Security

officers are required by law to hold an SIA

licence. When focusing on procurement, end

users must ensure that the company providing

security solutions only uses licensed officers.

The SIA also manages the voluntary Approved

Contractor Scheme (ACS) for security guarding

companies. ACS is a relevant factor in choosing

your security guarding solutions provider.

Member guarding companies of the British

Security Industry Association are required to be

inspected by an inspectorate that is itself

United Kingdom Accreditation Services (UKAS)-

accredited. Inspections of security businesses

will focus on ISO 9001 and relevant British

Standards. Ensure that the guarding company

you choose for your security provision is

inspected by a UKAS-accredited inspectorate.

Where applicable, your selected guarding

company should be working towards – or

already have – the following British Standards

embedded in its third party inspection regime:

BS 7499, BS 7858 and BS 7984-1.

In terms of financial probity, does your

security guarding company have three years’

worth of audited accounts under its belt,

evidence of a PAYE scheme and VAT

registration? When it comes to insurance,

buying end users should look for evidence of,

for example, employers, efficacy, public,

wrongful arrest and loss of keys insurance.

For his part, Neil Birkbeck is a procurement

specialist boasting a proven track record in

purchasing excellence through working with

leading private sector companies including

B&Q, Care UK, Johnson Controls, EMCOR, HCA

International and BMI Hospitals.

In essence, Birkbeck’s extensive expertise –

gained over many years of operating in the

procurement arena – helps clients when it

comes to structuring the best possible options

for indirect purchases.

Kerinda Trigg: In helping us to understand

the world of procurement, what do you

believe to be the customers’ pain points?

Neil Birkbeck: Procurement involves more than

just the purchasing of products and services.

Selecting vendors, establishing payment terms,

strategic vetting, selection and the negotiation

of contracts are all facets that can enable the

best solution to be implemented.

It’s no surprise that individuals at executive

and Board level are more likely to identify cost

reductions as a top challenge. This is in

contrast to those charged with procurement,

who will need to look at other factors such as

matching capabilities with requirements and

finding cost-effective suppliers who offer speed

of response, good communication and ‘added

value’. Buyers shouldn’t create a situation

where there’s only short-term advantage to be

gained rather than a long-term relationship.

With security guarding, establishing a ‘like

for like’ comparison between service suppliers

can prove difficult. The industry is incredibly

price competitive, so it’s important to work out

a way in which to strip things back and

establish the monetary figure a supplier keeps

as profit. Then look at issues such as, for

example, shift fulfilment. Is your chosen

solution provider going to be able to ensure

that adequately trained, knowledgeable and

skilled people are on the ground at all times

and not rely on agencies to fill positions?

Kerinda Trigg: Focusing on procurement,

what’s the best strategy to adopt for any

security company selling its services?

Neil Birkbeck: As a procurement consultant, I

want an easy life. On that basis, my advice

would be to make the whole process as simple

as possible and keep it clear.

Service providers should take the time to

understand a potential client’s business, offer

to make a site visit, talk to relevant parties and

then make recommendations based on their

Neil Birkbeck:

Procurement Consultant

33

www.risk-uk.com


The Changing Face of Security Services: Procurement

particular needs. This will assist with the tender

submission and help explain credentials, while

also ensuring that there’s no over-specification

and, importantly, that people with the correct

skills are deployed.

It’s also vital to focus on the ability to deliver

staff and have clarity of price.

Furthermore, it’s a good idea to provide

testimonials and Case Studies, while also not

being afraid to offer references. This will

highlight a security company’s confidence in its

ability to deliver services, achieve objectives

and meet any set Key Performance Indicators.

Kerinda Trigg: What would your advice be to

procurement managers purchasing security

services? For example, is there a case for not

compromising on service and quality for the

sake of a cost-saving exercise?

Neil Birkbeck: It’s worth bearing in mind

there’s a great deal of truth in the old adage

that suggests ‘if you buy cheap, you buy twice’.

The key to an effective security solution is to

develop a robust profile that considers the

impact of all risks and threats on each and

every aspect of a business, ensuring that

there’s an appropriate balance between

technology and Human Resources.

Clearly, security services need to be costeffective

and proportionate to the risks that

have been assessed following the standard site

survey procedures.

As described earlier, there are a range of

issues to consider before making a

procurement decision and the skills, experience

and ability of a service provider to offer high

levels of contract fulfilment should be a

prominent part of the buying criteria. The

provider’s price should reflect what’s on offer.

Kerinda Trigg: Do you think security services

providers are doing enough to meet the

various needs of customers in, for example,

the retail sector?

Neil Birkbeck: Some are, but others most

certainly are not. There has been a distinct

reluctance, or an inability, to move on from the

‘cops and robbers’ mindset that has prevailed

for decades, but some forward-thinking security

services companies are reacting positively by

providing operatives with more diverse skill

sets – ones that better represent the changes in

the retail sector.

An ‘intelligent guarding’ approach combines

technology, and the data produced by it, with

those people who can deal with the outputs of

these systems. Knowledge of counter-terrorism,

loss prevention, report writing, behavioural

analysis and profiling, Health and Safety, data

and intelligence gathering, First Aid and an

excellent understanding of customer service

delivery is vital for the modern day security

officer, as is the ability to work as part of a

team with non-security personnel.

Kerinda Trigg: e-auctions have become a

popular way of procuring security services.

Do you think they’re fair and do they ensure

good value for the buyer?

Neil Birkbeck: Warren Buffett, the great

American entrepreneur, investor and

philanthropist, once declared: “Price is what

you pay. Value is what you receive.” When

Buffet uttered these wise words it would be fair

to assume that he didn’t have security guarding

in mind, yet when it comes to purchasing such

services, they’re perfectly apt.

e-auctions have received a lot of bad press,

with some of it perfectly justified. However, I

think that, when used as just one facet of an

overall tender process, they can be effective

and fair and ensure that the customer does

indeed receive good value for money.

Rather than starting with an e-auction, I

always carry out a tender along traditional lines

albeit using an online tool. I ask questions,

possibly visit the supplier on site, check the

quality of its goods and services and ask for

references. Eventually, we would reach the

point at which my client has reviewed the

results and is comfortable to use one of a

number of the suppliers suggested. At that

juncture, I discuss the benefits of an e-auction

and, if the client agreed, I would invite only

those potential suppliers to join in such a

procedure. Now, it’s all about cost.

To derive the best results, solution suppliers

are made aware of their place in the pecking

order, are aware as the process continues if

things change and have a short period of time

to improve their bid.

The process may run for 30 minutes with a

final sealed bid of five minutes where the

suppliers are unaware of their final position. In

practice, this means that the client can discount

any supplier whose price looks to be too low.

Kerinda Trigg:

Sales and Marketing Director

at Cardinal Security

“The key to an effective security solution is to develop a robust profile

that considers the impact of all risks and threats on each and every

aspect of a business”

34

www.risk-uk.com


Multi award winning security service provider

Supplying security services to Government Departments,

Local Authorities, Blue chip companies and Worldwide organisations

Services provided

Manned Guarding Service

Site Patrols

Reception Duties

Car Park Security Management

Front of House Service

Mobile Patrol Visits – Internal/External

Mail Room Service

Remote CCT Monitoring

Banks Men

Security Lodge/Gatehouse Duties

0800 772 3786

sales@magentasecurity.co.uk

www.magentasecurity.co.uk


The Future of the Security Services

Sector: Hanging in the Brexit Balance?

More than a year after

the UK voted to leave

the European Union

(EU), most of us in the

security services

industry are still

wondering what Brexit

will actually look like

in the real world.

David Mundell

discusses what impact

Brexit could have on

the security guarding

sector and how firms

can continue to deliver

high quality security

services despite the

challenges ahead

The mantra ‘Brexit means Brexit’, a favourite

of our Prime Minister Theresa May, actually

doesn’t appear to mean anything at all. For

those of us in the services sector, the impact of

Brexit is perhaps different than it is for firms

who manufacture ‘product’ or conduct

international trade. We don’t export our ‘goods’

and, therefore, don’t face the myriad questions

focused on being in or out of the Single Market.

We don’t have to wonder with whom we’ll be

trading in the future and under what terms. Our

‘product’ is, of course, people. That being so,

and as is the case for many other service-led

industries, the key concern around Brexit is

centred on its impact relating to the availability

of labour. Undoubtedly, this will be a significant

challenge for companies such as our own.

While we know there are plenty of challenges

in front of us, it will be some time before we

can ascertain the true cost of Brexit. The time is

fast approaching when Britain officially leaves

the EU. Government ministers are now agreed

that there will be a transitional period. This is a

sensible move that suggests the Government is

planning to continue with freedom of

movement rules for the interim months and

years ahead.

Hovering as we are on the edge of change,

we can use this time to take a good look at our

sector and its future needs, and attempt to

work out how we might collaboratively protect

it from any loss of inward migration.

Despite the ‘Leave’ result realised by the EU

Referendum vote and the uncertainty it has

created, for now EU workers are still coming to

Britain. Official figures released only last month

by the Office for National Statistics tell us that

the number of EU citizens working in the UK

has hit a new record. There were an estimated

2.37 million people from other EU Member

States in employment here between April and

June of this year. To put that into context, this is

the highest number since comparable records

began two decades ago. The figure is up by

126,000 on the same period in 2016, which

incidentally was at the time of the Brexit vote.

EU workers appear to remain attracted to the

UK, then – albeit that the strength of the pound

is no longer so attractive – with net migration

from the continent rising in the 12 months

immediately following the Referendum.

Interestingly, the Home Office has launched

an independent review into the impact of EU

migrants on the UK economy. The review, which

will be carried out by the Migration Advisory

Committee, will help the Government to plan

how immigration will be controlled when the

UK leaves the EU and is no longer bound by

freedom of movement rules.

Let’s hope that the Committee covers all

areas of the UK economy in depth and that the

Government listens to employers who are

adamant the UK still needs inward migration.

Recruitment difficulties

Unemployment is still sitting at a record low

figure and, when it comes to security services,

finding and recruiting high-calibre, customer

services-oriented officers is already a

somewhat difficult task.

The problem is partly of our own making. The

best Security Industry Authority (SIA)-licensed

officers are already employed and unlikely to

move from company to company since they

command a premium. Quality individuals are

always in demand, regardless of the sector in

which they operate. Quality employees in the

36

www.risk-uk.com


The Changing Face of Security Services: Brexit

security industry, in particular, can pick and

choose their next move.

That being so, this leaves a pool of – dare I

say this – poorer-qualified applicants with less

experience, or those individuals with no

experience at all.

For the latter, we need to bear in mind that

the security industry may not be an attractive

option when hours, shift patterns and salary

levels are all taken into account.

Historically, therefore, like many labourintensive

industries, security has always

welcomed a broad mix of individuals from

overseas, and if entry into the UK is to be made

more difficult for migrants, or the number of

immigrants is otherwise limited in some way,

then we will all have to recruit more homegrown

talent.

Future considerations

If this is the case, as an industry we will need to

consider two things. First, how do we go about

making security and security companies

themselves more attractive as a career for

potential employees? Second, but inextricably

linked with the first point, how do we go about

raising salary and benefit levels to attract the

right people in the first instance?

The answer to the second question poses a

real conundrum as it’s not something that’s

directly within our control. Site-based

remuneration is in the hands of our customers.

Unless we see a universal shift across the

industry, and stand together to drive positive

change, a low-price option will still be a choice

for end users in what some of them view as the

race for the bottom.

On that note, for years now many of us in the

guarding sector have bemoaned the increase in

skills and quality sought on some contracts

when viewed alongside an apparent – and, in

some instances, actual – unwillingness on the

part of customers to pay for that situation.

Our officers are constantly being asked to do

more with – or for – less. Their roles and

responsibilities have widened. Their remit often

extends beyond security into Front of House

services, Health and Safety and facilities

management. With the evolution of services

has come the need for greater training and

additional management support. Yet all the

while the fees being paid for such services have

been heading downwards and not up.

Perhaps Brexit will have a positive impact

here? We can certainly hope so.

Security’s attractiveness

With regards to making our industry more

attractive for potential new recruits, many of us

“It has been up to individual security companies to make

tough choices over pay levels and benefits for their nonsite

based staff and for customers who recognise the value

of their security to ‘up the ante’ in terms of contract rates”

felt that SIA licensing was the advent of a new

dawn. The promise from the Regulator and

those in power in Westminster at the time was

that it meant ‘cowboy’ operators would be

exposed and forced out of business.

Perhaps more importantly, licensing and

regulation also meant that standards would be

raised and officers given the credit for the

difficult tasks they perform. It signalled a

positive move towards the highly successful

Scandinavian model wherein security is viewed

as a respected career of choice.

Unfortunately, this hasn’t turned out to be

the case. In the real world, it has been up to

individual security companies to make tough

choices over pay levels and benefits for their

non-site based staff (with one eye on everdecreasing

margin levels) and for customers

who recognise the value of their security to ‘up

the ante’ in terms of contract rates.

If the price of security to end users were to

increase, there would undoubtedly be a

concerted movement towards ever-smarter

solutions incorporating the latest technology

and reduced manpower. Here, we’re talking

about solutions that many companies would

welcome due to the increased margins often

produced from such outcomes.

Closer to home

In reality, at this present moment nobody really

knows the true impact that Brexit will have on

our industry, or indeed any other industry for

that matter. What we do know, however, is that

if we reduce the pool from which we can recruit

then a difficult situation will be made even

more difficult still. If security businesses can no

longer rely on a steady flow of talent influx from

across Europe then we may have to look closer

to home for a solution.

During the lead-up to the EU Referendum, we

were all inundated with truths, half-truths and

what have subsequently been shown to be

falsehoods to try and win our vote. This

scenario doesn’t appear to have changed.

We all have our opinions of what might

happen post-Brexit and we all want to remain

optimistic about our future prospects. One

thing’s for sure, though. If we are to realise a

positive outcome for the security business

sector, we must put company interests aside

and all work together for the greater good.

David Mundell: Managing

Director of Axis Security

37

www.risk-uk.com


We go to greater lengths.

Axis Security – setting new standards in customer service.

• Our employees – are highly trained, valued and rewarded

• Our proactive management approach – ensures service is continually improving

• Our intelligent technology – ensures open lines of communication and transparency

• Our prestigious industry recognition – includes 3 Security Guarding Company of the Year awards

T. 020 7520 2100 | E. info@axis-security.co.uk | axis-security.co.uk


The Changing Face of Security Services: Robotic Technology

Robotics in Security: A Sustainable Model?

When contemplating a workplace wherein

humans are increasingly being replaced

by technology, it seems, investment in

real and talented individuals will surely be

more important than ever to ensure that an

element of human common sense and the

personal touch is delivered for end user

customers and for supervising, ‘educating’ and

maintaining a robotic workforce.

There may in fact be an opportunity here for

the security sector to boost its profile and add

value through robotics if the technology’s

integrated in the right way. We cannot ignore

the fact that autonomous robotic technology is

developing extremely quickly, with ‘futurists’

already predicting that as many as one third of

all UK jobs could be automated by 2030.

While I’ve always maintained that empathy is

a key characteristic required of any security

professional, I also believe we cannot gloss

over the innovation in robotics and the cost

saving incentive that may well tempt our clients

into trialling such solutions on their sites.

Noel Sharkey, a recognised expert in robotics

at the University of Sheffield’s ‘Sheffield

Robotics’ Centre, reminds us that even the most

advanced robots don’t have the capability to

reason, while their lack of ‘moral agency’

means it cannot be appropriate for them to

simply work autonomously.

In addition to the recent incident where a

security robot fatally drove itself into a

decorative water fountain (needing at least four

humans to rescue it), last year it was also

reported that a four year-old boy was injured in

a Californian shopping mall by one of the most

popular models of security robot currently

patrolling the likes of Microsoft and Uber’s

corporate offices, not to mention the car parks

of Silicon Valley.

“Robots need a human supervisor

somewhere in the loop,” noted Sharkey, who

has issued particularly strong warnings about

the potentially catastrophic impact of the

development of so-called military ‘killing

robots’, which he states raise serious questions

about accountability for fatalities in a world

where mechanical and software failures are not

uncommon, not to mention the vulnerability of

robots to determined cyber hacking.

Potential tasks

From a Front of House point of view, robots are

also being tested for roles with a welcoming

function. They have the potential to recognise

faces and movement, adjust temperatures,

deliver room service and even make small talk.

While some human co-workers have been

known to become quite fond of their robot

colleagues, I don’t doubt that the genuine

human connection with all of its subtle nuances

will be very much missed in most professional

welcoming scenarios.

Looking at the ‘pros’ of robotics, there’s no

denying that security robots are sophisticated,

with their ability to see 360-degree views, hear,

record and accurately document evidence.

Additionally, they can crunch data and produce

predictive analytics, which is very powerful in

anticipating problematic incidents or

apprehending criminals.

Commanding presence

The makers also argue that robots have a

commanding presence, which provides a

significant perceptive deterrent.

However, even with the highest spec of

security robot available in Silicon Valley, it’s

recommended that a suite of seven security

robots is maintained by three “highly-trained”

human officers. If this is indeed the case, the

client may find that it’s even more important to

attract talented tech-savvy human security

professionals who will be complemented –

rather than replaced – by robots.

There’s a powerful inherent value in the

deployment of a human. We all know we would

rather speak to a real person when we call the

bank, or have a retail assistant smile and gently

ask us if we can manage without a bag instead

of being ordered to ‘Place Your Item in the

Bagging Area’. I see significant benefits in

investing in people in the front line and,

through better customer service training,

enabling them to engage and connect on a

personal level. Indeed, it could well be a step

backwards to disregard this approach in the

quest for robotics-related cost savings.

Solution providers

operate in a security

marketplace wherein

their clients are

continually seeking

added value and cost

savings. Robotics has

the potential to deliver

in both of these areas

and, for some

commentators, is

already beginning to

command their

attentions. What could

this mean, though, for

the current HR-heavy

guarding business

model? Neill Catton

investigates

Neill Catton: Managing

Director at CIS Security

39

www.risk-uk.com


The Changing Face of Security Services: Business Licensing

The private security

industry is growing

and constantly

adapting to changes

in the many sectors

which it serves so

diligently. However,

the industry continues

to face the ongoing

challenge presented

by rogue traders.

Unlicensed companies

are a threat to the

credibility of bona fide

operators and clients

alike. What’s the

answer? Abbey Petkar

focuses on the need

for business licensing

Business Licensing: A ‘Must’

for the Security Guarding Sector

The Security Industry Authority (SIA) may

have gone a long way towards improving

the reputation of security companies and

ensuring that we’re respected and heard in the

corridors of power, but more needs to be done

and soon. However, a Government swamped in

Brexit negotiations is unlikely to make the right

changes in a reasonable time frame.

One of the latest high-profile challenges to

the reputation of security companies was the

news of a security firm allegedly supplying

cloned badges to unlicensed stewards at

festivals over the summer. If proven to be true

post-investigation, such a blatant disregard for

clients must be stamped out.

Once again, this is a telling signal that

business licensing is a ‘must’ if we’re to be seen

as a professional and credible industry willing

to manage its own profile and do what’s best

for all concerned.

Cut-throat pricing and poor standards are the

hallmarks of many security companies. They

send out unlicensed officers to protect

members of the public with little or no thought

for the consequences beyond their growing

bank balances. Far too often, I hear clients

complain of such a situation, but with no idea

as to how to combat this behaviour. For them,

it’s a lottery. How do they ascertain the

legitimate professionals from the rogue

traders? The simple solution would be a

business-wide security licence.

Business licences are not a new idea, nor one

that has yet to gain much traction. The concept

was first mooted in 2014, but here we are, three

years on, and we’re no closer to a formalised

legal system to establish the credibility and

professionalism of security companies.

Such regulation would ensure that all

legitimate security service providers are

licensed at a company level in tandem with

their individual officers. It would benefit

legitimate companies in terms of quality

assurance and subsequent sales, but – and

most importantly – it would also benefit the

clients, who would then be safer and somewhat

more trusting of their security partners.

To succeed, business licensing needs

ministerial and parliamentary approval, both of

which are a challenge at the best of times. A

minority Government seemingly embroiled in

in-fighting with both eyes firmly fixed on Brexit

isn’t likely to be interested in the complaints of

an industry that, on the whole, manages itself.

It should be. Terror threats are a part of modern

life and security companies are at the forefront

when it comes to protecting the public.

Considering alternatives

In the meantime, there are alternatives worthy

of consideration. The current (voluntary)

Approved Contractor Scheme (ACS) could be

made compulsory. It would provide an easy

platform for security companies to demonstrate

they’re reputable within a framework that

already exists. More importantly, that solution

could be swiftly introduced.

This is just one idea, though, and something

that would need to be discussed at length, but

at a time when the Government’s priorities lie

elsewhere, a mandatory ACS could indeed be a

viable alternative.

Compulsory business licensing is a necessity

for our industry. At some point in the future it

needs to become a reality. We must all work

together to make that happen. Far too many

security companies, who’ve worked hard to

promote their professionalism, risk being

tarnished by the failures of the rouge

operators. Introducing an enhanced regulatory

regime would afford greater credibility for

genuine companies and encourage the industry

to constantly deliver high-level services that

benefit clients and serving security officers

alike, while ultimately improving the reputation

of the industry as a whole.

Given security’s large workforce, regulation of

our sector must be improved if the legitimacy,

standards and reputation of companies and

individuals within who provide a quality service

are to be maintained. Only time will tell if

business licensing arrives, let alone does its

job. Hopefully, it will duly arrive and rid us of

disreputable organisations once and for all.

Abbey Petkar: Managing

Director of Magenta Security

“Compulsory business licensing is a necessity for our industry. At some

point in the future it needs to become a reality. We must all work

together to make that happen”

40

www.risk-uk.com


Tel: 08707 508070 Fax: 08707 508066

Risk UK Offer

Uniforms@PeterDrew would like to offer

all Risk UK readers, SIA licensed companies,

FM companies and end users of security

services the following -

• Free samples on a sale or return basis

• Free artwork and design setup

• Free dedicated buying portal

• Discounted contract prices

• Committed customer sales support

• Same day dispatch, next day delivery

• Branded stock holding available


To take advantage of this offer or for more

information contact uniforms@peterdrew.com

or call 08707 508070

Website: www.peterdrew.com

Twitter: @UniformSecurity

Facebook: facebook.com/

PeterDrewCorporateClothing


Meet The

Security Company

Being able to offer a full range of security

solutions also helps greatly as clients like the

fact they only have to make one phone call and

they know that, whatever their individual issue

might be, we can bespoke a solution that’s both

affordable and, more importantly, goes a long

way towards resolving their security issues.

This is the third

instalment in a new

series of articles for

the readers of Risk UK

where we shine the

spotlight on NSIapproved

businesses

for the benefit of risk

and security managers

who purchase security

guarding as well as

systems-focused

solutions. Answering

our questions this

month is Andrew

Nicholson, managing

director of Barnsleybased

Doyle Security

About the National Security Inspectorate

Risk UK: Can you briefly describe your

business’ activities and what you consider to

be your USP as an organisation?

Andrew Nicholson: Doyle Security is a supplier

of total security solutions. What this means in

essence is that we address almost all of the

security disciplines that our clients require,

from supplying fully-trained and licensed

security officers and providing key holding and

alarm response solutions through to the

installation of commercial grade CCTV, intruder

and fire alarm systems.

We’re very proud of the fact that we’re a

family-run company and have been for over 30

years. Any potential client can be sure that not

only will they receive a first class service from

us, but they’ll also have complete peace of

mind knowing that we, as a company, can

demonstrate longevity of service as a bespoke

security solutions provider.

Risk UK: What do your clients value most

about the services you deliver?

Andrew Nicholson: The level of experience and

honesty we bring for each and every client with

whom we interact is, I firmly believe, one of our

biggest assets as a company.

The National Security Inspectorate (NSI) is a wholly-independent, not-for-profit

company limited by guarantee and operates as a UKAS-accredited certification

body specialising in the security and fire safety sectors.

For over 40 years, the NSI has served to protect businesses, homeowners

and the general public alike, raising standards by providing robust and high

quality audits of both security and fire safety service providers.

Risk UK: How do you feel accreditations have

assisted your company?

Andrew Nicholson: Accreditations have been a

great assistance to the business. For well over a

decade now, we’ve embraced both the National

Security Inspectorate’s (NSI) Guarding Gold

scheme and the Security Industry Authority’s

Approved Contractor Scheme (ACS). We

wholeheartedly believe they set the standard.

Those security companies receiving

accreditation and continually working to the

benchmarks outlined within are operating at

the highest levels. It sets them apart from other

security companies.

More and more of the tenders and contract

requests we receive stipulate either one or both

of these accreditations. We’re extremely proud

that we hold both NSI Guarding Gold and ACS

registration and will continue to do so.

Risk UK: Specifically, what value does ACS

registration and NSI Guarding Gold approval

bring to your business and its clients?

Andrew Nicholson: ACS registration and NSI

Guarding Gold approval set the standard not

only for the quality of services we bring to our

clients, but also in terms of how we run our

business on a daily basis.

All of our staff members believe passionately

in working to the set standards in every aspect

of Doyle Security’s day-to-day operations. Only

by them doing so will our clients benefit from

engagement with Doyle Security as a company.

Risk UK: In practice, what are the main

differences between ACS registration and NSI

Guarding Gold approval?

Andrew Nicholson: ACS registration is all

about helping security solution providers to

raise the standard of service they offer for their

clients. Many of the ACS criteria are directly

linked to improving the working experience of

42

www.risk-uk.com


Meet The Security Company: Doyle Security

In association with the

employees which, in turn, hopefully increases

the standard of the services we offer as a

business right across the board.

The new ACS workbook and scoring criteria

allow security companies to demonstrate Best

Practice which brings added value for clients.

NSI Guarding Gold approval is more

concerned with security companies

demonstrating adherence to ISO 9001:2015 and

all of the individual British Standards relating

specifically to the security business sector.

Risk UK: How do you think technology has

changed the industry over the last couple of

years and what do you feel will be the

direction of travel in the future?

Andrew Nicholson: Across the past few years,

the myriad innovations in IT have been the

biggest game-changer for us from an

operational point of view. Innovations in

software have enabled us to introduce new

systems of working designed to improve the

way in which we rota our staff and how we

communicate this to them, how we monitor

their performance and also how we can interact

with clients when it comes to informing them of

issues and for incident reporting.

Although improvements in technology have

driven down the prices for high quality

technical systems, the emphasis will always be

on how we use this technology. Often, there’s

simply no substitute for human interaction in

delivering a high quality security service.

Risk UK: When it comes to negotiating

contracts and responding to tender requests,

what aspects are of most value to customers

and how are these changing?

Andrew Nicholson: A few years ago, it was the

norm for a client to ask for an hourly rate. Many

afforded little thought as to what they were

receiving for their money. Now, when we receive

genuine contract and tender requests, it’s clear

that the emphasis is no longer solely on cost.

Potential clients want to know what added

value can be realised by their prospective

security solutions provider.

At Doyle Security, we spend much time and

effort in explaining to clients that securing their

site is a team effort involving all parties. Only

when we work as a team and gather feedback

from all concerned can we do our utmost to

ensure the client’s premises, people and

property are as secure as possible.

As history tells us, there’s no such thing as a

completely fail-safe security system. We believe

it’s a case of placing as many barriers as

possible in front of would-be criminals so as to

deter them enough that they think twice and

move on. With regular meetings and good client

feedback, we can accomplish a very high level

of customer service.

Risk UK: How has Government legislation (eg

the National Minimum Wage, the National

Living Wage and holiday pay) affected your

business? Do you believe such legislation is

a good thing?

Andrew Nicholson: The introduction of both

the National Minimum Wage and, more recently,

the National Living Wage are two of the best

things to have happened for the security sector.

In an industry that has been renowned for its

long working hours, security officers can now

work a more reasonable shift pattern and still

earn a decent salary.

That said, we believe the industry can do

more. With the increase in the National

Minimum Wage and the recent introduction of

the Living Wage, we’ve seen the rise of the socalled

‘self-employed’ security officer. Often,

these individuals are paid less than the

National Minimum Wage in an attempt – by

unscrupulous security companies – to keep

hourly rates low in order to win business. These

unfortunate individuals don’t receive sick pay,

holiday pay or any of the benefits to which

they’re entitled.

Risk UK: What are the most important

attributes you look for in your security

officers and staff members in general?

Andrew Nicholson: The answer here is quite a

simple one: professionalism. Professionalism

encompasses honesty, integrity and the ability

to give 100% to all tasks. These must be a

‘given’ on the characteristics measure.

High on the list of what we look for – and

what clients like – are a smart appearance and

solid communication skills. The ability to

communicate clearly with clients and any other

third party often leads to positive results.

Risk UK: How can the SIA, the NSI and

industry standards best serve the sector in

addition to the needs of your company’s

clients and the wider public interest? Will

the introduction of business licensing be a

positive step?

Andrew Nicholson: Ever since 2007, we’ve

been championing the introduction of business

licensing for the private security industry.

Licensing individuals has been a fantastic

initiative and a giant leap forward for regulating

the private security sector, but only by

regulating each individual business can we

hope to have a fully-level playing field. It would

allow greater flexibility and better outcomes.

Name

Andrew Nicholson

Job title

Managing Director

Time in the security sector

I’ve been in the security

sector for over 16 years. I

joined Doyle Security in early

2001. Prior to this, I worked

within the sales and

marketing industry

Location of the business

Doyle Security is strategically

located in Barnsley just off

Junction 37 of the M1

motorway which affords great

transport links to the M1,

M62, A1 and M18 network

Areas of expertise

Security guarding, alarm

response, mobile patrol and

key holding services, CCTV

monitoring, CCTV, intruder

and fire alarm system

installation, access control

solutions and security

provision for major events

Accreditations

SIA ACS (Security Guarding),

NSI Guarding Gold Scheme,

SafeContractor Scheme,

CHAS Accredited Contractor,

ISO 9001:2015, BS

7499:2013, BS 7984-1: 2016,

BS 7958:2015, BS 7858:2012

Andrew Nicholson: Managing

Director of Doyle Security

43

www.risk-uk.com


Genesys – Beyond PSIM

Genesys is more than ‘just’ a PSIM

technology. It takes PSIM to another

level. Genesys is an Integrated Security

Management System (ISMS) that integrates

multiple systems from multiple

manufacturers – presenting it as one holistic

technology with unparalleled ease of use.

As demands on security managers and

the systems they specify increases and

further integration is needed, Genesys



that is revolutionising the industry.

• Patented unique system architecture

• Migrating 3+ driver for power

and redundancy

• Fully scalable

• Exceptional ease of use

• Low life cycle cost

Please see next month’s edition to see

why ISM’s Genesys should always be the

number one choice for your integrated

security management solution.

Intergrated Security Manufacturing Limited

T: +44(0) 1293 529990

F: +44(0) 1293 528023

E: info@ism-uk.com

ism-uk.com


Fire Safety Planning: Emergency Evacuation Case Study

Elevated life expectancies and financial

pressures are shifting the age profile of

today’s workforce. Published in December

last year, the British Social Attitudes Survey for

2015 states that, while nearly two-thirds of

employees still expect to retire in their 60s,

17% expect to be in their 70s before they down

tools. In fact, according to a report in The

Economist, between 1995 and 2015, the number

of working individuals aged over 65 more than

doubled to break through the one million

barrier. It’s estimated that, by 2020, one third

of the workforce will be aged over 50.

A major contributory factor behind such

statistics is Government policy which is keeping

more people in work. Since 2006, it has been

possible to continue working while drawing a

state pension. The age at which that pension

can be drawn is due to rise to 66 by 2020 and

to 67 by 2028, with many commentators

expecting this figure to be nudged closer to 70.

Lots of people want to carry on working and,

for financial reasons, many need to do so. As a

result, companies are now actively courting

older workers. Older workers are praised for

their reliability, experience and loyalty and for

their ‘soft skills’ in areas like customer services.

While we can expect a growth in the desire

for paid employment among the upper age

group in our society, more people with physical

impairments are now seeking employment

opportunities. This is driven by the Government

encouraging both employers and employees

alike to find roles where disabilities may no

longer be a barrier to earning.

There are nearly seven million people with

disabilities of working age in the UK.

Government figures have reported a steady rise

in the numbers employed. In 2016, the UK

employment rate among those with permanent

disability and of working age was 46.5% (ie 4.1

million). According to The Papworth Trust, only

17% of people with disabilities were born with

their impairment, with the majority acquiring

their disability during their working lives. It’s

estimated that five out of six people retain their

job after their first year.

For people with disabilities – and, to a

greater or lesser degree, older workers –

accessibility within the workplace is a key

issue, as indeed it is when they’re out and

about during their leisure time. When

considering this, we tend to think in terms of

ensuring that people can access and then move

safely around inside the workplace. Building

design is adapted to incorporate ramp access,

wider doorways for wheelchair access and

passenger lifts – all of which provide valid

solutions for accessibility. However, designs

Taking Evacuation Planning

into the Premier League

Costing £14.7 million to construct, the bet365 Stadium –

formerly the Britannia Stadium – is the home of Stoke City FC.

Following the recent completion of expansion works, the

ground’s capacity now tops 30,000. Importantly, the redevelopment

project has taken full account of planning for

fire safety and emergency evacuation, as Risk UK reports

don’t necessarily look at how people can exit a

building or a stadium in an emergency scenario.

The Taylor Report

The bet365 Stadium is the home of Stoke City

Football Club and has been so since the

summer of 1997. The all-seater stadium cost

nearly £15,000,000 to build and brought the

club up to standards set out in the Taylor

Report following 119 years spent at the old

Victoria Ground.

By early 1997, the skeletal steel

superstructure was in place and the stadium

began to take shape. Later that year, it opened

its doors for the first time as the Britannia

Stadium thanks to a £1 million, ten-year

sponsorship deal with the Britannia Building

Society which was instrumental in the overall

funding of the project. A further £3 million was

given as a grant by The Football Trust.

Rochdale were the visitors for the historic

first-ever competitive match on 27 August 1997:

a 1-1 draw in the Worthington Cup watched by

15,439 fans. Just four days later, the first-ever

league game took place against Swindon Town

45

www.risk-uk.com


Fire Safety Planning: Emergency Evacuation Case Study

before a crowd of 23,859. Ten years on, the club

obtained full ownership of the stadium in a deal

worth £6 million following the previous joint

partnership with Stoke-on-Trent City Council

and Stoke-on-Trent Regeneration Ltd.

As one of the Premier League clubs fully

committed to complying with the requirements

for disabled access as set out in the Accessible

Stadia document, Stoke City FC has chosen

stairway evacuation chairs to provide safe

means of exit for those supporters unable to

use stairways in an emergency.

The evacuation chairs are among the new

facilities introduced at the bet365 Stadium

thanks to its first major re-development since

1997. That re-development adds 1,800 seats to

the impressive ground’s capacity and duly

enables this established Premier League club to

provide additional and improved viewing for

wheelchair users.

Filling the gap

Increased provision for disabled supporters

was added to permission gained in 2013 for the

club to ‘fill the gap’ in the South East corner of

the stadium and lift capacity to over 30,000. It

was decided to carry out the new development

in tandem with improved provision for disabled

supporters – and particularly wheelchair users

– when the Premier League clubs agreed to

comply with the requirements of the

aforementioned Sports Grounds and Safety

Authority Accessible Stadia document by the

deadline of August 2017.

In terms of accessibility, one of the criticisms

that had been levelled at a number of Premier

League clubs was that wheelchair users’ places

suffered poor sight lines because of seats being

at pitch level. As well as introducing two new

high-level disabled bays in the North East and

South East corners of the stadium, Stoke City

FC is creating pitch-side disabled bays in its

North, South and West Stands and providing

super-risers to the existing mid-terrace bays.

Access provision also includes ensuring a safe

means of evacuation in an emergency or in

those situations where lifts cannot be used.

This is an issue which Stoke City’s Health and

Safety manager Rob Killingworth had already

addressed when reviewing emergency

evacuation procedures under the club’s fire

strategy. “Our chosen emergency evacuation

method was the use of evacuation chairs so, a

couple of years ago, we visited The Facilities

Show to see what was on the market,”

explained Killingworth.

The Evac+Chair model eventually selected by

Killingworth is the 300H which boasts a 182 kg

carrying capacity and is designed for oneperson

operation, avoiding the need for heavy

lifting or manual handling.

As well as having the right equipment in

place, a key requirement is having sufficient

personnel trained in the use of evacuation

chairs in an emergency scenario. As

Killingworth pointed out, this isn’t confined to

the need for evacuating areas specifically

designated for wheelchair users.

“Evacuation procedures underpin our fire

safety strategy, but we also need to have

provision in place for any circumstance where

someone may need assistance and is unable to

use the lifts,” said Killingworth. “People with

disabilities using the hospitality areas might be

taken ill or have a medical condition that means

they need help. As you can imagine, we have a

lot of people working here on match days, so

we needed to develop a policy that enables us

to train as many of them as possible.”

Bespoke training

Although all Evac+Chair equipment is designed

for ease of use, the company always

recommends evacuation chair training and

offers two levels. Stoke City FC opted for the

Key Trainer Masterclass. This is a full-day,

certificated, ‘train the trainer’-style course

enabling key members of staff to achieve the

required level of expertise for formal

certification which qualifies them to provide inhouse

training for other staff members.

With a large rota of match day stewards, plus

catering and other on-site staff, training is

being rolled-out to as many staff as possible to

ensure that there are always sufficient numbers

of trained individuals on site on a match day.

The club is also in the process of recruiting a

large team of access stewards as part of its

Stoke City Safety Operation. Their role includes

helping with ingress and egress at the stadium

to ensure spectator safety at all times.

Evacuation chair training will also be included

for all access stewards alongside standard

disability instruction.

“Evacuation procedures underpin our fire safety strategy, but we also

need to have provision in place for any circumstance where someone

may need assistance and is unable to use the lifts. People with

disabilities using the hospitality areas may be taken ill, for example”

46

www.risk-uk.com


National Association for

Healthcare Security

Annual Conference and Exhibition

November 9th, Birmingham

PLATINUM SPONSOR B-CAM

Organisers AllSecurityEvents.com

“Protecting the Million”

This year, the National Association for Healthcare

Security Annual Conference moves to Birmingham

at a cool, contemporary venue, minutes from New

Street Station.

The Conference, supported by our Platinum

Sponsor, body-worn camera specialists, B-CAM

will include a leading security speakers and subject

matter experts, including

• Philip Ingram MBE – ex senior British

Intelligence officer, media commentator and

writer

• Tony Porter – the Surveillance Camera

Commissioner

NAHS Awards

#NAHS17 will also feature our new awards,

recognising those who have made a significant

contribution to healthcare security - for details on

how to enter contact hello@allsecurityevents.com

We thank our sponsors and exhibitors for their

support, helping NAHS provide a safe and secure

environment for staff and patients in the healthcare

sector.

Exhibitors include

B-Cam

Carlisle Support

Services

Corps Security

Deister

Gunnebo

Paxton

SkyGuard

Volunteering Values

Book for #NAHS17 here

https://goo.gl/EH9SHM

Media Partners


Reflections on Risk and Resilience

Risk and resilience as

fields of research have

engaged academics

for several years now.

That research has

spanned many fields,

including – but by no

means limited to –

finance, sport, supply

chain management,

social work, security

and terrorism.

Nonetheless, there

remains something

mystical about the

concept of risk. Will

the lines dividing risk

and resilience

management continue

to blur and pave the

way for a new form of

thinking? Dr Risto

Talas believes so

There exists a settled consensus that risk

consists of three elements: threat,

vulnerability and consequence. Consider

the English language student who sat his finals

at Cambridge University in 1953. The questions

set included one that read: ‘What is a risk?’ The

student’s answer was simply: ‘This is a risk.’ By

answering as he did, the student demonstrated

a clear understanding of risk.

What represented the threat in the answer?

The threat was a failed examination if the

examiner viewed his answer as an arrogant

attempt to be clever. Or might the examiner see

that the answer was really quite insightful?

Either way, the threat level could be considered

to be quite high.

In terms of vulnerability, the student could resit

the examination towards the end of the year.

What would be the consequences of doing so?

A delayed graduation and the inability to begin

the teaching job for which he had successfully

interviewed only the previous week.

The student showed quite elegantly that he

understood risk very well. He also highlighted

the distinction between individuals who are risk

averse (ie those students who laboured for the

full three hours) and those who, much like

himself, are risk-seeking.

Academics often consider risk and resilience

together, as a quick search on Google Scholar

will reveal. Resilience is often described as the

ability to ‘bounce back’ after a crisis or an

adverse event, to be able to return to normal

working conditions or to absorb the impact of

an adverse effect. Many academics see risk and

resilience not necessarily as two opposing

sides of the same coin, but also not as related

as I believe them to be in the real world.

Risk management may be viewed as the

constant assessment of whether to treat,

tolerate, terminate or transfer the risks an

organisation faces. Why constant? Put simply,

because risks are dynamic and change

constantly. A risk assessment conducted on

paper and left on a shelf is a dead end exercise.

Ultimately, organisations should have their

latest risk assessment digitally available to

them at all times.

Remember Ericsson’s supply chain crisis back

in 2000? A lightning strike affected a

semiconductor factory in Albuquerque owned

by Philips that was the single source of supply

for all of Ericsson’s chips for its mobile phones.

The lightning strike caused a fire which meant

that all of the chips in the factory were

rendered useless. Nokia also ordered some of

its chips from the same factory. Within hours of

the fire, Nokia’s supply chain management

team in Finland was alerted to the disruption

and ordered more chips from Philips’ other

plants while beginning to reconfigure its (then)

current factory line mobiles to accept the chips

from the different sites.

What of Ericsson in the intervening period? It

took the business a full two weeks to wake up

to the scale of the disaster, by which time it

was Finland 1 Sweden 0.

Resilience management

What, then, is resilience management? My

definition is the constant assessment,

implementation and monitoring of efficient

active and passive systems which address an

organisation’s threats, vulnerabilities and

consequences in the face of an extraordinary

event. This definition links the two dimensions

of resilience: resilience to organisational

interruption and resilience for organisational

response and recovery.

Resilience to organisational interruption

comprises the active measures that are focused

on reducing an organisation’s vulnerability to

an extraordinary event, while resilience for

organisational response and recovery

encompasses the passive (but which can

become immediately active) measures that are

focused on reducing the consequences to the

organisation from an extraordinary event.

Essentially, this is how risk and resilience –

48

www.risk-uk.com


The Security Institute’s View

and, in turn, risk and resilience management –

are related.

It’s not enough for C-level directors of risk to

consider risks in isolation. They should be

focused just as much on resilience measures.

Furthermore, resilience to organisational

interruption and resilience for organisational

response and recovery must be proportional.

Resilience measures are not cheap. Rather,

they’re investments which need justification as

well as suitable resourcing. By linking risk and

resilience management, it’s then possible to

create a single mindset in the organisation that

focuses on both as one.

Port security risk

In my joint study with Professor David

Menachof 1 , and drawing on my experience of

working as a leading Lloyd’s underwriter of

marine war, terrorism and political violence

risks, we presented a model of port security

risk. Here, threat is defined as the probability

that an attack occurs, vulnerability is defined as

the probability that an attack results in damage

given that an attack occurs and consequence is

defined as the expected damage given that an

attack occurs and results in damage. Thus Risk

= P (attack occurs) * P (attack results in

damage | attack occurs) * E (damage | attack

occurs and results in damage).

We go on to show how port security risk can

be quantified and, when combined with

performance data for security systems obtained

from a series of interviews with port security

experts, the resultant residual risk of each port

facility can be calculated. This data was used as

the basis for assessments of the performance

of each of the security systems as a whole.

Developing the model, which is now the

focus of my research with Dr Alison Wakefield

at the University of Portsmouth, if we were to

substitute ‘event’ for ‘attack’ and ‘consequence’

for ‘damage’ in the above equation and further

model the impacts of both resilience to

organisational interruption and resilience for

organisational response, we arrive at the

following model for residual risk: Residual Risk

= P (event occurs) * P (event results in

consequences | event occurs) * f (resilience to

organisational interruption) * E (consequences |

event occurs and results in consequences) * f

(resilience for organisational response).

Here, f (resilience to organisational

interruption) and f (resilience for organisational

response) are functions of resilience to

organisational interruption and resilience for

organisational response respectively which

reduce organisational vulnerability and

consequence. The way in which these are

calculated isn’t elementary and reflects the

complex landscape of the relationship between

risk and resilience.

To further inform the model, I’ve identified in

excess of 400 individual elements that can

contribute to an organisation’s resilience. They

stem from Health and Safety, security,

environment, quality management, training,

business continuity planning, redundancy

capability, crisis management capability, cyber

security and media management.

Within each of these elements there’s the

potential for a non-conformance or near miss to

be manifested without warning. Risk managers

and directors will recognise the importance of

identifying an appropriate methodology for the

collection and analysis of non-conformances

and near misses, given their clear potential for

impacting a firm’s vulnerability.

An organisation’s vulnerability can be

modelled in a two-dimensional matrix assigning

an individual score for the significance of each

performance indicator of resilience to

organisational interruption in tackling a

potential hazard, both man-made and natural.

The modelling of non-conformances is thus

significant because they will affect the

individual vulnerability scores in the matrix.

As this matrix is then used to calculate the

organisation’s overall residual risk and the

resilience to organisational interruption has a

direct bearing on vulnerability, it’s possible to

link the performance of resilience to

organisational interruption and the presence of

non-conformances to residual risk.

Similarly, the resilience for organisational

response consists of performance indicators

that have a direct bearing on the consequences

of an extraordinary event affecting an

organisation. In turn, these may be modelled in

their capability to reduce consequences and

thus reduce residual risk overall. This is the

methodology that links resilience to

organisational interruption and resilience for

organisational response and, therefore, overall

resilience to organisational risk.

In only a few years from now, the lines

dividing risk management and resilience

management will be sufficiently blurred, not

only through a better understanding of their

impact on residual risk, but also through the

necessity of allocating efficient resources to

tackle organisational risk and resilience.

Reference

1 Talas R and Menachof D

(2014): ‘Using Portfolio

Optimisation to Calculate the

Efficient Relationship

Between Maritime Port

Security Residual Risk and

Security Investment’,

International Journal of

Shipping and Transport

Logistics, Volume 6:3,

pp46-59

Dr Risto Talas BA (Hons) MBA

PhD: Lecturer in Security Risk

Management at the University

of Portsmouth’s Institute of

Criminal Justice Studies

“It’s not good enough for C-level directors of risk to

consider risk in isolation. They should be focused just as

much on resilience measures”

49

www.risk-uk.com


The UK Domestic Terrorism Threat:

A Shift in Emphasis for Security Training

As the recent tragic

events in London,

Manchester and

Barcelona have

confirmed, we’re now

dealing with an

emerging terrorist

modus operandi:

individuals working

alone or in small

groups using homemade

explosives,

small arms, knives and

vehicles to cause harm

to their targets, with

the perpetrators

themselves

unconcerned for their

own fate. Rupert Reid

explains why, when it

comes to counterterrorism

training, we

now need to shift the

emphasis towards one

focused on detection

Rupert Reid: Managing Director

of The Security Management

Academy (TheSMA)

50

www.risk-uk.com

Any debate about whether these people are,

in fact, trained and organised ‘terrorists’ in

the true sense of the word should

probably be parked for another day. However,

it’s clear that there are a number of unbalanced

fanatics who, no matter what their persuasion

or affiliation, are showing themselves to be

perfectly capable of causing serious harm to

people and damage to property by using the

most basic of tools or equipment.

Moreover, because these individuals are

often disenfranchised ‘lone actors’ whose craft

and motivation have been developed online,

the chances of early intervention are remote.

The UK Government’s exhortation to ‘Run,

Hide, Tell’ in the face of a terror threat is

soundly based and has been well thought

through in that it’s simple, logical and intuitive,

although we still need to work on the British

tendency not to cause a fuss (thinking ‘the

driver must be feeling unwell’ as the van

careers towards the Shopping Centre).

While ‘Run, Hide, Tell’ may work for the

individual, it doesn’t, I would suggest, meet the

Duty of Care criteria of companies when

contemplating how best to protect their staff,

clients and other visitors from such attacks. I’m

sure it would be considered poor form if

members of staff were to be seen ‘legging it’

from a retail store, leaving customers to deal

with the fanatic brandishing a knife.

Influx of information

Let us be clear on the terms of reference here.

It’s nigh on impossible to prevent an attack of

the kind we’re witnessing of late, such is the

spontaneous nature of the acts involved. As the

Security and Intelligence Services struggle to

cope with the influx of information being

offered up by a well-meaning public in

response to their appeals and make sense of

the raft of intelligence being shared by the

various agencies, we may need to rethink our

concept of ‘prevention’.

If any one of a number of unhinged social

outcasts with little or no history of wrongdoing

decides to rent a transit van and drive it into a

crowded street market, there’s nothing we can

do to prevent such an attack. However, we can

do much to minimise the harm which such an

episode might cause by subtly shifting the

emphasis from prevention to response. Not

completely, of course, but by putting much

more emphasis on the early detection of

abnormal activity than ever before.

Early identification

Consider, for example, the security officer

watching the CCTV screen or checking

credentials and searching handbags at the

door. What if they were to be specially trained

to profile and identify suspicious activity and

abnormal behaviour when the perpetrator was

at a distance from the premises, supported by

extra sets of ‘eyes and ears’ at Front of House,

and had the necessary complementary

technology to alert those whom they’re

protecting in the event of an incident?

Imagine the scenario: the security officer

outside the premises witnesses a van turning

into the street at high speed and, because he

has been trained to recognise abnormal

behaviour and react immediately, the officer

hits the panic button on his belt, triggering an

audible alarm in the building.

The entire workforce will have been trained

to recognise the significance of the alarm and

the importance of moving swiftly to a

predetermined safe area, with any visitors

being similarly marshalled. With as many

members of staff and visitors as possible now

safely housed in a secure zone somewhere

beyond the ready reach of the attacker(s), the

security team is able to alert the Emergency

Services from a controlled position.

Minimising the effects of an attack

Now, I’m not suggesting for one moment that

this will offer comprehensive protection for all,

but it will minimise the effects of the attack

and, importantly, demonstrate that the

company has done all it can to mitigate the risk

and exercise its Duty of Care.

We’re not talking about significant capital

expenditure here, apart from a few handheld

panic alarms and a very loud siren. This is

primarily an awareness and training issue

designed to improve the early detection of

abnormal activity and engender an

understanding of the need to move quickly

when instructed.

As far as the training itself is concerned,

we’re confident that we have the right blend of

the technical and the behavioural in place. The


In the Spotlight: ASIS International UK Chapter

Security Management Academy’s parent

company, the Chelsea Group, runs a number of

very large projects in some very dangerous

areas, primarily in the Middle East and Africa,

and we’ve seen the principles work in practice.

Believe me, if your life depends on the early

detection of abnormal behaviour exhibited by a

driver approaching a road block in Iraq or

Afghanistan, then you do find yourself looking

very closely indeed.

We’ve adapted these detection techniques for

the current UK threat environment and are

delivering short and focused training to

companies using similar risk containment

principles based on behavioural profiling and

early alert. There’s reassurance that the

necessary measures will not be difficult to

implement, nor the associated training too

onerous for security staff to assimilate.

Ability to observe

While the technique can be taught, the aptitude

of security staff not only to assimilate the

training, but also to apply the technique is

wholly and importantly dependent upon their

ability to observe.

For those of us former police or servicemen

who have worked on surveillance or

reconnaissance patrols, the ability of an

individual officer to truly ‘read the street’ is a

relatively rare art. Typically, it’s very much the

case that only certain officers have this innate

skill. There are those who can scan a busy

street or a railway station and intuitively detect

different body types or unusual activity and

there are those who cannot, no matter how

long they ight diligently stare into the space.

Therefore, there will only be certain security

personnel who possess this ability and they will

need to be identified through training and

assessment, rather than trial and error, if their

function is to be truly effective.

We’re often asked how best to identify these

key individuals such that companies can put

them forward for training. It’s a perfectly

reasonable question to pose, you might think.

However, the only really effective means of

selection is through practical role-play. To avoid

a classic ‘chicken and egg’ situation, companies

will need to put a number of their security staff

through the process in order to find out who’s

good at ‘reading the street’ and, just as

importantly, who isn’t.

Make no mistake, the job involves full-on

surveillance which will challenge even the most

diligent of operators, with long spells of

boredom interspersed by false alarms and

frequent interruptions, so these individuals will

need to be carefully chosen if they’re to be

effective. Once the ‘gifted’ individuals are

identified, they can then be taken to the next

stage of learning before eventually being

deployed as part of the security team.

Composition of the team

The ideal structure of an effective commercial

security operation will include a specialist

detection and response team with observers

and responders clearly identified, properly

trained and working in close unison for best

effect. They will rehearse regularly and ensure

that the gap between the identification of

abnormal behaviour in the street and the

sounding of an alert is as small as possible,

enabling the response team to sweep up their

staff and customers and move them, at a brisk

jog, to a previously identified safe haven.

Rather than ‘Run, Hide, Tell’ I would suggest

that ‘Spot, Sweep, Secure’ would be a worthy

commercial equivalent. You read it here first. I

would hope that, even if they don’t necessarily

appreciate this strapline, security companies

might take on board the subtle shift in

emphasis from prevention to detection, putting

into action the necessary selection and training

required to establish effective countermeasures

in the light of the current – and very

real – threats posed by today’s terrorists.

*TheSMA is one of ASIS UK’s

recognised training partners

for the Certified Protection

Professional (CPP), Physical

Security Professional (PSP)

and Professional Certified

Investigator (PCI)

qualifications

“If any one of a number of unhinged social outcasts with

little or no history of wrongdoing decides to rent a transit

van and drive it into a crowded street market, there’s

nothing we can do to prevent such an attack”

51

www.risk-uk.com


Gaseous Fixed Firefighting Systems:

Design, Selection and Installation

The whole process has

taken six months and

significant input from

a range of experts, but

the Fire Industry

Association has now

published a new

guidance document

designed to demystify

the standards

surrounding the

design, selection and

installation of gaseous

fixed firefighting

system pipework. Alan

Elder and Robert

Thilthorpe address the

all-important points to

note for fire safety

professionals

Alan Elder: Chairman of the Fire

Industry Association’s Working

Group on Gases

52

www.risk-uk.com

For those readers of Risk UK not familiar

with the technology, a gaseous fixed

firefighting system is one that does what it

says on the tin. In short, it uses a gas-based

agent to put out a fire either by displacing

some of the oxygen in the room to suffocate the

blaze or by removing heat. The method is

dependent on the type of agent used.

A fire protection system like this is commonly

employed in facilities such as Data Centres,

where delicate and high-risk computer

equipment could suffer damage from other

extinguishing media, such as water, foam or

powder. The solution design itself ensures that

the gas system extinguishes the fire both

quickly and cleanly and without damaging any

sensitive and expensive equipment.

After all, in a space such as a Data Centre,

the loss of valuable data would come at a

tremendous cost to a business, while the

knock-on effect to other systems and

businesses reliant on that data further down

the line would be hugely detrimental. Not to

mention the actual physical cost of losing the

hardware itself and having to replace it.

Therefore, protection of that facility from fire is

imperative when it comes to reducing the risk

of costly business interruption.

In almost all gaseous firefighting

installations, the agent is delivered to the

protected hazard through a network of

pipework. Installing the pipework presents a

number of challenges. Ensuring that the

pipework is correctly designed and specified is

important to avoid issues that could affect the

safety and effectiveness of the system. Pipe

threads that don’t match, improper seals

between pipework carrying the gas, corrosion

and using pipes of the wrong size or wall

thickness could all lead to the overall detriment

of the system.

Ultimately, the key points to observe here are

knowing what problems there could be and

also how to avoid these common pitfalls.

Skills and experience

The supply of gaseous fixed firefighting

systems requires a number of skills, experience

and specific knowledge of the equipment,

design codes and the hazards associated with

handling high pressure gases. Incorrect

handling of gas containers can be particularly

hazardous as they hold gases stored under

pressure, as do the pipes that allow the flow of

the gas to the hazard area. Individuals need to

understand how to install gaseous systems

such that the system is not only operational,

but also safe.

In a previous document, the FIA addressed

the issue of the safe handling of pressurised

container assemblies used in fixed firefighting

systems. The new guidance document covers in

some detail the pipework used in gaseous fixed

firefighting systems, duly identifying the

possibility that ‘should there be a major failure

of any pipe and/or fitting, a number of hazards

may arise, including projectiles, the release of

toxic agents (for example CO 2 ) or asphyxiants

in confined spaces, pressure effects/structural

damage and the consequential compromise of

extinguishing capability’.

Safety is the major issue that has inspired

the Fire Industry Association’s (FIA) Working

Group on Gases to create a series of useful,

freely downloadable documents, each designed

to explain the key safety concerns for those

working with, handling and/or installing these

systems. The latest in this series of documents,

the FIA’s Guidance Note on ‘Pipework for

Gaseous Fixed Firefighting Systems’, contains

an expanse of information based on the

technical knowhow of the experts who

prepared it and includes handy referral charts

and formulas for working out which pipes

should be selected.

There are a number of concerns in the

industry, especially when it comes to pipework.

One of the foremost of those concerns is that

people can mix up British and American

Standards. It can happen accidentally as there

are standards for pipes in the UK that are

different to the ones in the States.

People don’t necessarily realise that pipe

fittings manufactured to British Standards may

not be compatible with fittings manufactured to

American Standards. It’s entirely possible that

one installer may be familiar with American

Standards and another with British Standards.

If components are mixed on the same system,

then there could be some compatibility issues

between the different types of fittings which

may then lead to a decrease in the integrity of

the system as a whole.

Pipe selection is one of the guidance areas

covered by the new FIA document. Choosing the

wrong pipe or making a mistake in calculating


FIA Technical Briefing: Gaseous Fixed Firefighting Systems

the strength of the pipes could lead to leaking

at the joints between each pipe, meaning that

the gas may not reach its intended destination.

On a more extreme scale, the pipe could

completely separate due to the pressure and

forces in the pipework that might well occur

during a system discharge, subsequently

turning that pipe into a projectile which would

then present a safety hazard.

Pipework and fittings may be suitable for one

type of gas system, but might not be suitable

for another. Fortunately, with the new

guidelines that we’ve created, it’s our intention

to assist in educating the industry and reduce

any confusion surrounding the pipework.

To be frank, we really need people to

understand that working with gas requires a

highly specialised set of skills coupled with an

understanding of how gas reacts and moves

within a pressurised environment.

The FIA’s guidance document goes on to

state that it’s ‘important that the pipework from

the container storage location to the protected

space is professionally installed by trained

personnel who have experience with the

installation of gaseous fixed firefighting

systems. They should also be fully conversant

with the manufacturer’s requirements to ensure

the integrity and stability of piping during

discharge and also aware of the forces

generated. Where agent storage containers are

located outside of the protected space, then

the pipe routing should be the shortest route

possible to the protected space.’

Building structure

Another factor to bear in mind with pipework is

the way in which the pipes are secured to the

building structure, which can cause further

issues if inappropriate pipe fixings are used

due to the high forces present when a system

discharges. As such, the pipework requires

supports that are fit for purpose.

The FIA’s guide duly notes that: ‘Pipe support

saddles or straps normally used for supporting

sprinkler system pipework may not be suitable,

as such supports might not be able to

withstand the forces generated by gaseous

fixed firefighting systems. The piping should be

securely supported to prevent any movement

under the reaction forces at pipe fittings during

the rapid filling of the pipework upon the point

of system actuation.’

The worse case scenario here is that the

piping could in fact come away from the wall of

the building. There have been instances where

this has occurred. The other Health and Safety

issue is simply that these pipes can be

extremely heavy and, if they were to fall down,

the consequences could be severe for anyone

unfortunate enough to be directly beneath the

pipework at the time.

All bases covered

Thankfully, the document contains a handy

chart for installers and designers of gaseous

fixed firefighting systems which gives the

measurements for the maximum spacing

between the supporting hangers, depending on

the nominal pipe size, which – with the correct

selection of the support – should prevent any

pipes from coming away from the wall and

causing any damage.

The guidance document covers everything

the designer or installer of gaseous fixed

fighting systems needs to know – the pipe

specification for both the actuation lines and

the pipework installation, methodologies for

connecting the pipes, how to join and seal the

pipes, what type of support to use to fix the

pipes to the structure, how to avoid corrosion,

marking, earth bonding and testing of the

completed pipework installation.

Robert Thilthorpe:

Technical Manager at the Fire

Industry Association

“Pipe threads that don’t match, improper seals between

pipework carrying the gas, corrosion and using pipes of

the wrong size or wall thickness could all lead to the

overall detriment of the system”

53

www.risk-uk.com


Effective Collaboration in a Changing

Security Landscape

The security landscape

remains complex,

featuring as it does

multiple stakeholders,

service providers,

brands, philosophies,

buyers, sectors,

standards and

accreditations. This

can lead to barriers to

effective collaboration.

However, within this

complexity, simple

measures can deliver

significant outcomes.

As Paul Harvey

observes, by focusing

on the enablers of

effective collaboration

it’s possible to deliver

an outcome that

shares Best Practice

and also enhances

existing capabilities

54

www.risk-uk.com

Risk management isn’t just about security

operations, but rather a bottom-up

approach that drives ‘actionability’ against

threats, vulnerabilities and incidents and serves

to reassure business leaders. However, it can

result in overlapping processes and higher

costs. Some of the barriers to effective risk

management include fear, lack of awareness, an

unwillingness to be open about risks, outdated

or non-existent plans, lack of engagement and

a failure to truly understand capabilities.

By learning and adopting Best Practice, we

can drive dynamic, proportionate and

appropriate solutions for risk management. We

can also deliver professionals who are working

diligently every day at protecting people,

premises, profits, assets and image and

creating a fantastic journey and experience for

clients and their customers.

In recent times we’ve witnessed a number of

significant terrorism incidents involving Paris,

Brussels, Manchester, London and, most

recently, Barcelona. Such episodes present a

challenge for everyone. Increasingly, good

security providers are working collaboratively

with a ‘One Team’ approach and service lines

not traditionally associated with security, such

as FM teams, M&E engineers and cleaners.

Cleaners can access the ‘nooks and crannies’

that security officers may not be patrolling.

The point to note here is that every member

of the team can be aware and vigilant. It’s a

collective responsibility, with the effective coordination

of personnel ensuring efficient

collaboration across multiple stakeholders.

Tangible benefits

By delivering a comprehensive understanding

of risk strategies over the long-term, targeted

plans can be implemented. One of the tangible

benefits is strategic direction. There’s a clear

plan with clear outcomes. Another is proactive

risk management, with those threats mitigated

that could otherwise disrupt critical business

activity and engaged frontline personnel who

understand their pivotal role and functions.

Further benefits include improved resilience

thanks to the establishment, improvement and

refinement of business continuity models and

major incident programmes. In terms of

responsiveness, this will be enhanced through

economies of scale and the availability of more

resources. When it comes to increased capacity,

more can be achieved for less. Wastage may be

reduced thanks to better decision-making and a

broader understanding of the bigger picture.

There are efficiency benefits to be realised.

Investments can be made once such that the

wheel isn’t reinvented over and over again.

Increased participation leads to enhanced

community awareness. By involving a number

of organisations, your issue or message can be

transmitted to a great many more individuals

and groups. Also, those obstacles faced by one

group may be overcome by another.

It’s possible to avoid duplication, too. You

can ensure efforts and services are not being

unnecessarily duplicated by way of an

appropriate distribution of resources. Another

consideration is access to knowledge. There’s

an opportunity to mitigate risk and reduce

potential mistakes by dint of a greater

understanding of the operational context.

Collaboration in practice

Launched back in December 2014, the Police

and Security (PaS) Group is a business-led

initiative specifically designed to serve as a

‘critical friend’ to the Metropolitan Police

Service in developing mutually effective

collaboration with the private sector in support

of the Government’s Prevent, Prepare, Protect

and Pursue counter-terrorism strands.

The PaS Group is designed to simplify and

improve collaboration, co-ordination,


Security Services: Best Practice Casebook

communication, trust and feedback between

the Metropolitan Police Service and the wide

range of private sector capabilities and

initiatives that have the common goal of

reducing risk and crime in support of the

London Mayor’s Office for Policing and Crime’s

Business Crime Strategy. There are full

expectations that this initiative will gain further

traction over the next 12 months.

Furthering the collaboration theme, back in

July the City of London Police, Land Securities

Group plc and ourselves launched a new

scheme that introduces Emergency Trauma

Packs (ETPs) for prominent buildings and

business premises in the Square Mile. The aim

of this initiative is simple: to augment the

ability of first responders and members of the

public to treat casualties in the event of a major

incident. The concept works in line with recent

recommendations from the London Resilience

Board that focus squarely on equipping

members of the public with the necessary tools

to help them save lives.

Each ETP is stocked with a collection of

specialist medical equipment to treat

casualties, with the location of the kits plotted

on a map such that operators in the City of

London Police’s Control Room are able to

instruct individuals on site in use of the packs

in the event of a major incident. By having fullystocked

ETPs on their premises, first

responders, businesses and members of the

public will have the tools readily available to

respond in the event of an emergency.

Application of knowledge

Superintendent William Duffy from the City of

London Police said: “First Aid that’s

administered within the first few moments

following an attack can be life-saving. Due to

the nature of major incidents, the public will

inevitably be at the scene. If businesses and

other premises in the vicinity have enhanced

medical equipment on site, we can give people

access to the tools needed to help them save

lives. The availability of these kits is a natural

accompaniment to the CitizenAid App that

launched at the beginning of this year. The

application of knowledge and simple skills in

the critical period immediately after injury can

mean the difference between life and death.”

The City of London Police isn’t paying for the

ETPs, but has given advice – alongside the

London Ambulance Service – on what should be

included. In the very short time the scheme has

been launched, over 300 ETPs have been

deployed across the City of London, while the

Met is rolling-out a similar scheme. It’s felt that

the initiative will grow right across the UK.

The cost of an ETP (which is estimated at

around £450) and its upkeep are the

responsibility of the purchasing business. Each

kit will be stored in a secure location within the

business premises. The host organisation will

appoint a designated key holder who can be

contacted on a 24/7 basis should the kit be

needed. ETPs will contain around 40 items

including face masks, batteries, ice packs,

goggles, adhesive dressings and eye pads.

Business continuity

ISO 22301 Business Continuity Management

Systems is a framework and roadmap designed

to help organisations understand the risks to

their business and prioritise threats such that

they can be mitigated and factored into

business planning. This document specifies the

requirements of a management system that will

enable an organisation to identify – and,

therefore, reduce – the impact of events that

would disrupt its normal operation.

Events such as fires, floods, natural disasters,

thefts or criminal acts, IT disruptions, staff

shortages or terrorist attacks can be identified

before instigating a recovery plan to minimise

disruption in the running of the host business.

By its very nature, a continuity planning and

management system such as ISO 22301 means

that specific problems can often be identified

before they happen. This allows the host

organisation to put plans in place that serve to

ensure the smooth running of all critical

business functions during times of crisis.

Certification to ISO 22301 affords firms the

ability to identify and mitigate current threats

and potential crisis episodes within the

organisation. It also helps to minimise the loss

and disruption caused by the impact of these

incidents, while at the same time ensuring the

smooth running of critical business systems. It

can assist in making sure that unavoidable

downtime is minimised and that recovery can

be as quick as possible. Importantly, it instils

confidence among customers and stakeholders

that you can deliver products and services to

them despite unexpected interruptions.

“The whole is greater than the sum of its

parts” is a phrase credited to philosopher

Aristotle. Never has this pronouncement been

more apt than in the context of security. We are

all the genesis of effective collaboration.

Paul Harvey MSyI:

Commercial Director of

Ultimate Security Services

“There are efficiency benefits to be realised. Investments

can be made once such that the wheel isn’t reinvented

over and over again. Increased participation leads to

enhanced community awareness”

55

www.risk-uk.com


Defending The Digital World

The world has always

been unfortunate

enough to harbour

thieves, spies and

vandals, but digital

technology has

changed how those

individuals operate as

well as the

environment in which

they work. This is

undoing assumptions

that have been the

basis for our approach

to security for decades

and forcing us to

develop a new way of

thinking when it

comes to protecting

ourselves and our

businesses. Here,

James Hatch

elaborates on the fine

points of detail

Discussion of digital technology has tended

to focus largely on the Internet, but the

new world we’re building is based on the

much broader application of such technology.

Miniaturisation of electronics continues to drive

adoption as new applications become more

cost-effective. Through this increase, we’re

adding instrumentation capable of producing

digital data for many aspects of our lives, from

smart meters in our homes through to the GPSequipped

smart phones in our pockets.

At the same time, the reusability of software

is adding intelligence and decision-making

through automation and machine learning –

technologies that have been well understood

since the 1990s, but are now being set loose by

the availability of increased computer

processing power.

Cloud technology and mega-scale Data

Centres are enabling the collection and analysis

of massive amounts of data to provide services,

operate businesses and Government, conduct

research and tackle crime.

The direct impact on our economy has long

been recognised, and particularly so in the

areas of e-commerce and online retail. A higher

proportion of the UK’s economy is online than

is the case in other major nations. Now, digital

technology is allowing firms like Uber and

Airbnb to transform the taxi and hotel

industries even though they operate in

fundamentally physical markets. Gartner is

predicting this process of digitisation will

spread through every part of the economy.

The impact on social and political discourse

has become more apparent over the last year or

two. Digital technology allows people to meet

and maintain contact independently of physical

location, meaning that we spend more time

engaging with people who are like us rather

than near us. Also, we increasingly rely on

digital media for our information in place of TV

and the printed word. Facebook is now the

world’s largest distributor of news.

Of late, we’ve seen the impact of these trends

on politics. As both data-targeted campaigning

and ‘grass roots’ online organisation have

increased and political debate has been

fragmented among social media echo

chambers, it has become ever-more difficult to

understand and forecast the intentions of

voters. The potential for hacking, leaking and

other information operations to influence

elections has now become clear to the public.

We can also see big changes coming in the

physical world. Connected devices allow us to

create smart homes. Driverless cars are just

around the corner. Industrial companies are

seeking productivity improvements with

initiatives such as digital oilfields and the

digital railway. As consumer technology

becomes more and more personal to us and our

bodies, so it will merge with digital medicine

coming out of hospitals.

Thinking about security

For most people and many institutions, their

mental model of security hasn’t kept pace with

the changes in our world brought about by

digital technology. The established models of

security have worked on a clear division of

responsibility that’s best understood in

physical terms. As organisations and

individuals, we protect our property using risk

management and, often, do so informally. We

decide how much to spend based on the value

of assets and the threat we perceive in terms of

where they’re sited. A jewellers shop in a big

city will spend more on security than a bakery

in the country, for example.

When criminals break through protection

mechanisms and we’re burgled or robbed, we

seek help from law enforcement to defend

ourselves. The division of responsibility is clear.

We expect Government to help when something

goes wrong, but we accept that it’s our job to

56

www.risk-uk.com


Cyber Security: Risk Management in the Digital World

ensure that our property is properly and

adequately protected in the first place.

This is the world we live in and understand,

but it’s only a part of security. There’s another

world of security: national security. We expect

Governments to maintain the intelligence and

surveillance capability to know what’s going on

in the wider world and the military capability to

deter or deal with any aggression that comes

from beyond our borders. There are places

where these two worlds overlap, such as in

foreign-inspired domestic terrorism, but the

challenge involved merely illustrates how

separately we can maintain the distinction.

As businesses and private individuals, we

rely on physical distance to keep these two

worlds apart and on Governments to manage

global threats. We expect the national security

apparatus to maintain a physical barrier

between threats in the Middle East and a

domestic business in an English town.

Individuals and businesses have concentrated

on local protection. This form of thinking

persists in approaches towards cyber security.

Now, the increasing prevalence of digital

technology is making physical distance

irrelevant. As more of our world is connected,

geography becomes less relevant and distance

is almost useless at insulating us from far-off

threats. Security officials believe that hackers

in North Korea were behind the attack that

crippled parts of the NHS earlier this year.

Security is still reliant upon protection,

enforcement, intelligence and military domains,

but the barriers between these domains are

dissolving while the domains themselves now

increasingly overlap.

Assessing the implications

The blurring of the boundaries of these

domains means that we need to revise the

established model of security and the

responsibilities of individuals, organisations

and Governments.

Changes to the traditional security model

have three implications. First, it changes the

division of responsibility between businesses

and Government. Protecting a business’ assets

would traditionally have been something that

was entirely the responsibility of that business,

but there’s increasing willingness by

Government to undertake protection activities,

particularly so where it can do this most

effectively by working on core infrastructure.

In the UK, for example, we’ve seen the

creation of the National Cyber Security Centre, a

bold step taking part of GCHQ out of the

intelligence world and giving it a broad public

role in cyber protection for the whole country.

“Security is still reliant upon protection, enforcement,

intelligence and military domains, but the barriers between

these domains are dissolving”

Meanwhile, the Chinese Government has just

brought in its first cyber security law with the

stated aim of shielding domestic Chinese data

from foreign espionage.

Conversely, financial services organisations

and technology platforms are sometimes better

placed than police forces to help the victims of

online criminality. Someone who falls prey to a

fraudster on a website such as Amazon is less

likely to report it to the police and more likely

simply to seek a refund through Amazon or, as

an alternative, their credit card company.

Second, we need a way in which to defend

global business networks and technology

platforms that doesn’t trip over the national

focus of Government agencies. Governments

understandably prioritise their own countries

when it comes to security, whereas technology,

infrastructure and financial systems are all

fundamentally international with big

businesses and social networks typically

running across countries.

Law enforcement organisations in particular

have evolved from a primarily territorial remit.

This is challenging for collaboration even within

countries, but leads to real problems

internationally where enforcement activity

needs to work across jurisdictions and

investigators have to navigate differences in

legal structures and approaches, never mind

the nuances of language and culture.

Businesses cannot rely on distance and

Governments to insulate them from risk. We

need active business defence to protect our

organisations. This involves very different

capabilities from those traditionally in place

within IT and risk teams in business.

Business defence uses intelligence on

adversaries, technical vulnerabilities and the

organisation itself to build a full understanding

of the situation and prioritise resources to deal

with those risks of most significance. This

needs to include an understanding of the

relevant activities and implications of all four

domains of security globally rather than the

traditional local perspective.

Importantly, business defence engineers

organisations to be robust such that their

systems, processes and people are difficult to

compromise. Business defence maintains the

vigilance to identify problems early as well as

the readiness to deal with them before they can

cause serious damage.

James Hatch:

Director of Cyber Services at

BAE Systems Applied

Intelligence

57

www.risk-uk.com


Breaking The Silo: Advancing Careers

in the Security Business Sector

Given that there are so

many different

specialisms within the

profession of security

management, it’s

easy to find ourselves

in too tight a ‘niche’

which then requires us

to educate our clients

before they can hire

us. This is nothing if

not an unsustainable

business model. What,

then, is the answer to

the problem? Richard

Diston calls for the

silo walls of the

Security Department

to be torn down in

favour of security

becoming part of the

wider business culture

Over the last few years, there has been a

rapid expansion in the market for higher

level security management training

programmes and accreditations, positively

reflecting the desire in the sector for

recognition as a profession. This is

unquestionably a great leap forward, although

the end result has arguably been the creation

of a traditional security management workforce

that’s more highly qualified than the market

can either support or understand, in turn

leading to the potential for limited

opportunities, frustration and, in some cases,

the loss of talent from the sector.

There are hundreds of applicants for each

senior security management vacancy, with little

to distinguish one from another. This situation

has led to some heated debates in online

forums and on various social media platforms

about whether qualifications or experience are

most desirable for those seeking career

advancement in the sector.

An impasse appears to have been reached.

Whether a security practitioner is highly

qualified, highly experienced or both, suitable

senior-level security management opportunities

are somewhat difficult to find.

Several years ago, much was made of the

trend in organisations for appointing Chief

Security Officers (CSOs). However, there’s no

clear path to attaining such a senior post.

Further, there’s little clarity on whether many of

the posts that were created went to traditional

security practitioners or were bestowed upon

existing Board-level professionals such as

those with a background in finance or IT.

Certainly, the CSO roles that are advertised

often require a high level of technical

competence that most traditional security

practitioners simply don’t possess, creating an

almost insurmountable barrier to general entry.

There’s an undeniable lack of senior security

management positions available to traditional

security practitioners, many of whom have

committed to higher education or accreditation

and are now finding themselves ‘over-qualified’

at best and sidelined as ‘academics’ at worst.

This results in even fewer employment

opportunities, the response to which is often

despondency and a feeling – for certain

practitioners, at least – that the sector has ‘led

us up the garden path’ with its talk of

rewarding careers and a professional status.

For some, it seems that after attaining a highlevel

qualification or accreditation in security

management, the only option is the ‘feast or

famine’ existence of self-employment as a

security consultant.

Stalling professionalisation

There’s a risk that the lack of obvious senior

opportunities in security management may

even stall the professionalisation process for

the sector. Younger practitioners who engage in

industry networking online cannot avoid seeing

their seniors struggling to find work, and this

may well undermine attempts to engage them

in the aforementioned process.

Without clear direction for career planning

alongside some public ‘cautionary tales’ about

committing to a security career on social media,

the next generation of security managers may

disengage with the idea of a career in security.

It can be suggested that ‘career planning’

isn’t something that security practitioners have

ever really been able to do effectively. Many

practitioners move from opportunity to

opportunity, which works well until those

opportunities begin to dry up.

The security industry is undergoing a

significant period of change, the pace of which

is so fast that it has become difficult to keep up

with what it means to be a security practitioner.

With no widely agreed lexicon, the term

58

www.risk-uk.com


Training and Career Development

‘security manager’ might refer to a traditional

physical security role, an information security

systems role or perhaps even a job in software

development. With the concept of security

diversifying in response to an ever-broadening

threat landscape, this confusion can be a

further challenge for traditional security

practitioners when it comes to career planning.

The question is: ‘What can we do about this?’

Part of the wider problem might be that

security still exists within a number of different

silos. At the organisational level, whether

fuelled by pessimism or paranoia, we’ve built

walls around our departments to keep our

‘security stuff’ secret without realising that

what we really need to be doing is sharing it.

Whether we’re helping staff in other

departments to spot fraud, detect suspicious

behaviour, be more aware online or respond

more confidently to conflict, we’re empowering

the organisation to be more secure on a ‘one

person at a time’ basis. Such activity may help

to raise our profile organisationally and could

even trigger conversations that might reveal

hidden risks or opportunities for the business,

not to mention illuminate new career pathways

for ourselves as practitioners.

Weak at building bridges

Beyond the organisational silo, the sector

seems to exist in a professional one. The sector

is weak when it comes to building bridges with

other professions, both in terms of sharing

expertise and opening further career pathways.

Security people tend to network with other

security people, which may say somewhat more

about our ‘comfort zone’ than it does any

deliberate attempt to avoid other professions.

An alternative to this might be to seek

speaking slots at events for other sectors, or

writing security-related articles that are

relevant for trade journals outside of the

security domain. Security is a ‘people problem’

and, as such, we have insights that other

professions may duly appreciate.

The final silo is the one that we build

ourselves. If we only see ourselves as

‘traditional security people’ then this is all that

others will see us as, and their lack of

understanding of the importance and scale of

what it is we do will mean that they only call

upon us when they think there’s a problem (at

which point it’s often too late). Certainly,

security practitioners have been undertaking

Health and Safety accreditations for a number

of years to enhance their employability, but this

is perhaps an obvious step.

Another potential consideration is the

apparent shortfall of cyber security

“Whether a security practitioner is highly qualified, highly

experienced or both, suitable senior-level security

management opportunities are somewhat difficult to find”

professionals, with some reports suggesting

the number is going to be as high as 1.8 million

globally in the next five years. Considering the

shift in the asset base from physical to

information, this demand is foreseeable.

We as traditional security practitioners need

to overcome our fear of technology to take

advantage of this situation. If we accept three

principles – that security is a ‘people problem’,

that technology only allows people to commit

old crimes in new ways and that (using the

CISSP certification programme as an example)

nearly half of the knowledge required to work

in cyber security is within our existing

knowledge base – then there’s a chance to

forge a different career pathway.

There are also other avenues to consider. A

highly competent security practitioner might

add value in a range of corporate roles

including FM (for physical security), HR (for

people-based risks), logistics (supply chain

risks) and many others. Some of these

departments even have a direct career

trajectory into the C-Suite (including that

coveted CSO role). That being so, requalifying

to move departments might provide security

practitioners with longer term advantages.

If we accept that security is a business

enabler, we can begin to see which other areas

of the organisation we can enable through

sharing our knowledge and experience. Doing

so will require us to broaden our horizons and

open our minds. The best way to do that might

be to leave the Security Department behind us

forever and seek work in other teams.

Banish outdated thinking

Ultimately, it could be argued that we need to

break our ‘death grip’ on the concept of security

as a ‘department’. Such thinking is undeniably

outdated. For security to be truly effective it

must be part of the wider organisational culture

and is therefore not a department, but instead

a shared responsibility.

Perhaps security should be an element in a

wider management skills set instead of being a

discipline on its own, similar in nature to

project management accreditations?

While all of this is very much open to debate,

what is not is that, if we continue to do what

we’ve always done, we will always derive the

same end results (or perhaps worse, given the

ever-changing nature of today’s world).

Richard Diston MSc MSyI:

Director of Ark-Services

59

www.risk-uk.com


Risk in Action

Axis Security wins

new three-year

services contract at

Stockley Park

Axis Security, one of the UK’s

fastest-growing security

guarding businesses, has

been awarded a further

three-year contract term by

commercial property and

asset management concern

MJ Mapp at Stockley Park,

the 155-acre commercial

park that was transformed in the mid-1980s and is now widely regarded as the

foremost development on the ‘West London Corridor’.

Located at Harlington between Hayes and West Drayton in the London

Borough of Hillingdon and close to Heathrow Airport, Stockley Park continues

to be a visionary out-of-town business development that has since been

replicated not only here in the UK, but also throughout mainland Europe.

Tenants on the site include many household names such as Marks & Spencer,

Apple (UK), Canon, Gilead Sciences Europe, GlaxoSmithKline, IMG, Lucozade

Suntory, MSC Cruise Management and the Sharp Corporation. Also present are

Alexion Pharma UK, Cargo Logic Management, Hasbro, the surveillance

specialist Hikvision, IBM UK, Mitsubishi Industries, Regus, Toshiba, Verifone

and World Vision International.

The security contract comprises a team of 19 security personnel patrolling

the park by vehicle, golf buggy, bicycle and on foot. Patrols are designed to

assure the safety and security of all tenants within and visitors to the park. The

Axis team members are supported by a dedicated management structure to

consistently drive standards through training, development and innovation.

“Axis Security was clearly ahead of its competitors during the tender process

in terms of innovation, added value and the professional approach that the

business committed to address during the new contract term,” said Pieter

Borchardt, director at Stockley Park.

Client portal introduced by Officer

Connect as part of ‘virtual’

engagement solution for guarding

Officer Connect has launched a client portal as

an integral part of its ‘virtual’ engagement

solution for the security guarding industry. The

portal enables clients to have total visibility of

their entire security portfolio and the men and

women for whom they’re responsible.

Recorded interviews between employees and

the Officer Connect team can be reviewed

alongside a transcript of the conversation that

has taken place, with any key areas of concern

or issues appropriately ‘red-flagged’.

The portal also enables users to view and

amend schedules for every site and every

officer, as well as quickly and easily create

‘new’ officer profiles to add to those uploaded

at the start of mobilisation. Summary reports

can be automatically sent as a PDF. The new

portal also supports basic administration.

Officer Connect is designed to improve

security officer well-being and support security

providers in their contractual and moral

obligations to customers and staff. The

company provides ‘Virtual Visits’ as an

enhancement to the ‘traditional’ approach of

visits by mobile supervisors out of hours.

Using state-of-the-art video and audio

technology, Officer Connect is able to engage

with security officers at numerous levels.

Securitas forges GreenRoad

technology partnership to improve

driver safety for staff members

Securitas has partnered with GreenRoad – the

driver safety and behaviour technology

specialist – to improve driver safety among its

11,000 employees. With vehicle collisions the

foremost cause of work-related deaths in the

UK, Securitas wants to reduce risks associated

with driver behaviour for the welfare of its own

employees and that of other road users.

GreenRoad technology will allow Securitas

to track the movements of its fleet, monitoring

driver behaviour such as harsh braking,

cornering, lane handling, acceleration and

speeding. Each vehicle will be fitted with

technology providing real-time data, cascaded

to an online reporting and analytics platform.

This will enable Securitas to track its entire

fleet, while also monitoring driver behaviour.

Improvements in driver behaviour enhance

the safety of the company’s many mobile

employees, in turn exerting a significantly

positive impact on the environmental footprint

of Securitas by reducing CO2 emissions,

helping the company to achieve its targets for

the reduction of greenhouse gases while also

growing this valuable sector of the business.

This latest initiative demonstrates how

Securitas is investing in technology to provide

a superior service for its customer base.

“Our dedication to safety extends beyond

protecting clients through our specialist

services,” said Yvonne Hinckley, mobile

operations manager at Securitas.

60

www.risk-uk.com


Risk in Action

Cambridgeshire Fire and Rescue

Service deploys Panasonic tablets

to assist front line firefighters

Cambridgeshire Fire and Rescue Service is

“transforming” working life for its

firefighters on the front line by equipping

them with Panasonic’s rugged Toughpad

tablets such that they can access vital

information during emergency episodes.

The Fire and Rescue Service is deploying

13-inch Panasonic Toughbook CF-D1 tablets

in the front cabs of its fire appliances. These

Mobile Data Terminals (MDTs) are

permanently mounted in the front of the

vehicle and connected to the existing Tetra

Network. They will be used for providing vital

information on the way to a call-out, such as

sending status updates to Command and

Control, outlining risk assessment

requirements, vehicle safety data, safety

data on any chemicals stored on site and

details about the occupancy of premises and

nearby hydrant locations.

Smaller and lighter 10-inch Panasonic FZ-

G1 Toughpad tablets are being installed in

the back of the appliances for use by

firefighters inside and outside of the vehicle

when at the scene of an emergency. These

devices will be used day-to-day for the asset

management of equipment and inventory

and, in the future, for providing valuable

emergency information on site, such as

vehicle crash rescue data, as well as for

regular community duties (ie home fire

safety surveys and hydrant inspections).

John Barlow is responsible for

modernising Cambridgeshire Fire and Rescue

Service’s front line communications devices.

“We’re investing to change all the existing

MDTs to a more agile device so as to allow

the crews to work more efficiently and

smartly,” explained Barlow. “The Panasonic

devices are ideal for all of the conditions in

which we work. We can read the devices in

bright sunlight and they’re built to be used

outside and in wet conditions without any

problems for our personnel.”

University of Dundee’s management

calls for assistance from Aiphone

Highly visible emergency Call Point pedestals are

being installed throughout the University of

Dundee’s campus as part of a comprehensive

range of measures configued to ensure a rapid

response to any emergency incidents.

The bespoke-designed pedestals have been

manufactured specifically for the University of

Dundee by Aiphone. They incorporate the

company’s IX IP intercom stations which enable

students and staff to instantly communicate with

security personnel within the University of

Dundee’s Control Room if they see any suspicious

activity or feel unsafe.

Aiphone’s IX intercom system features Power

over Ethernet which has minimised installation time and costs as there was no

need to provide separate power supplies for each pedestal.

Scottish Communication, one of the UK’s leading independent

communication equipment specialists, was awarded the contract to install the

emergency Call Points. The intercom stations were commissioned by

connecting them to the University of Dundee’s network infrastructure.

Each of the 1600 mm x 200 mm x 200 mm custom-built pedestals

incorporates a flush-mounted IX intercom station equipped with a large red call

button. This has two outputs to simultaneously trigger an emergency call and

to activate an external video surveillance camera.

The first phase of the project sees five emergency Call Point pedestals

deployed at carefully selected central and remote campus locations.

Managers at the University of Dundee are currently evaluating in some detail

the potential benefits of using the emergency Call Points at additional

locations (such as car parks, for example).

WPS’ ParkAdvance helps ease

the customer journey at major

Heathrow Airport hotel

WPS, the parking systems and

management specialist, has installed its

ParkAdvance Pay-on-Foot parking

technology at a major Heathrow Airport

hotel near Terminal 4 to help in delivering

the ultimate guest security experience.

The system is being used to control

access at the hotel’s guest car park (comprising more than 200 parking spaces)

and its two staff car parks. It accommodates ‘traditional’ payments (by visitors

at a pay station), web-enabled validation (at the hotel’s reception, concierge

desk, restaurant and gym) and employee ID cards.

ParkAdvance terminals employ contactless payment technology, while the

barriers are used in conjunction with ANPR to enable employees to quickly

enter the main car park before reaching the staff car park.

The hotel attracts both leisure and corporate guests, who stay from 30

minutes up to any number of weeks, and the hotel wanted the parking

experience to be positive. “We sought an intuitive, self-service payment system

combined with automatic barriers that would provide guests with a modern,

hassle-free experience,” stated a hotel spokesperson. “In what was a

competitive tender, ParkAdvance was chosen on the basis of the system’s

renowned reliability, the extensive expertise of the WPS engineering and

installation team members and the company’s after-sales proposition.”

61

www.risk-uk.com


Technology in Focus

360 Vision Technology and Visual

Management Systems guard against

cyber attacks

As more and more security systems and devices

become IP networked, it’s important for security

installers and end users alike to consider how

their systems will be protected against the

possibility of cyber attacks.

Providing a solution to the concerns around

cyber security and hacking, 360 Vision

Technology has partnered with software control

provider Visual Management Systems to offer security operators an effective

solution designed to guard against IP surveillance system cyber threats.

Without the right level of network security measures in place, system users

can be left vulnerable, resulting in exposure to the type of hacking and malware

episodes that have recently hit the news headlines.

When used together, both 360 Vision Technology cameras and Visual

Management Systems’ TITAN SECURE Physical Security Information

Management system can exceed 802.1x authentication protocols and

encryption to provide “the ultimate protection” for surveillance networks.

www.360visiontechnology.com

Qognify enhances situation

management with new cloudbased

mobile solution suite

Qognify, the specialist in Big Data solutions

for physical security and operations, has just

launched a new suite of integrated mobile

solutions – designated Qognify Extend –

empowering organisations to leverage field

resources and responders to increase

situational awareness.

Powered by CloudScann, the cloud-based

solution extends the reach, coverage and

effectiveness of a given enterprise’s Control

Room and operations by enabling training

personnel — and their smart phones — to

become powerful sensors.

The Qognify Extend suite includes several

modules. SeeItSendIt is geared to enable

field personnel to report into the Control

Room using their smart phones.

www.qognify.com

Bureau Veritas leads the way with

launch of mobile inspection service

In an industry first, leading testing, inspection

and certification provider Bureau Veritas has

launched a Mobile Plant Unit to deliver on-hire

inspections for all mobile plants and assets.

The Mobile Plant Unit has been created in

response to the issue of regulations for

mobile assets, specifically the Provision and

Use of Work Equipment Regulations (PUWER)

and the Lifting Operations and Lifting

Equipment Regulations (LOLER) inspections,

which are required of all mobile plant and assets including mobile platforms,

lifting and crane equipment, excavators and bulldozers.

The new unit boasts an expert team of qualified engineer surveyors able to

undertake thorough examinations and inspections of equipment as the

‘competent person’, to ascertain it’s safe to use and enable clients to meet

their statutory obligations – wherever that equipment may be located.

Shaezar Karim, divisional director for mechanical at Bureau Veritas, said:

“Our new Mobile Plant Unit allows us to provide a much-needed solution to a

problem faced by contractors across the country. For mobile assets, which are

often hired out to contractors and moved around the UK, meeting statutory

obligations can be a challenge. In some cases, people are unaware of their

obligations, mistakenly believing it’s the sole duty of the hire company to

undertake PUWER and LOLER inspections. However, it’s also the responsibility

of the user to make sure that the periodic thorough examinations and

inspections are undertaken at the correct frequencies.”

Karim added: “Crucially, our dedicated Mobile Plant Unit understands the

issues faced when working with mobile plant. As such, our experienced

engineers are able to react when assets change location.”

In addition to the launch of the Mobile Plant Unit, Bureau Veritas offers tools

and systems specifically designed to support the company’s myriad clients.

www.bureauveritas.co.uk

Wavestore unveils Version 6.8 of

Video Management Software

Wavestore, the British developer of innovative

open-platform and highly secure Linux-based

Video Management Software (VMS), has

launched Version 6.8 of its VMS to deliver

performance and functionality improvements

for system integrators and end users alike.

Among many enhancements and additional

features, Version 6.8 includes support for

VMWare ESXi, in turn introducing virtualisation

to the Wavestore VMS platform.

End users

employing Virtual

Machines (VM)

as part of their IT

infrastructure are

now able to take

full advantage of

the technology

which can help

when it comes to reducing energy, software and

IT administration costs.

Wavestore’s VMS can be licensed in two ways

when in a VM environment: either via the

Internet or Wavestore’s dedicated VM dongle.

www.wavestore.com

62

www.risk-uk.com


Technology in Focus

SPC Connect’s latest developments

demonstrate Vanderbilt’s agility

Vanderbilt has announced the release of SPC

Connect 2.4 to add to the company’s SPC

product portfolio. SPC Connect is a hosted

cloud-based solution designed specifically for

installers to monitor, manage and maintain SPC

panels remotely from any location.

The release indicates a significant

development pace by the company as it comes

just four months after the last feature set of

SPC Connect updates in April. The latest

features include push notifications, local user

management and alarm verification.

“SPC Connect is developed to enhance the

security installer’s ability to configure their

systems remotely and, with user management

enhancements, the solution speeds up the

process of adding and configuring users,”

explained John O’Donnell, product manager at

Vanderbilt. “It means that the system

administrator can now configure users to have

access to their SPC system very quickly, saving

them both time and money.”

The push notifications for iOS devices ensure

SPC Connect users are always informed of new

information related to their SPC system.

www.vanderbiltindustries.com

Bosch introduces in-store analytics

solution for use in retail sector

Bosch Security Systems has introduced In-

Store Analytics, a solution designed to provide

today’s retailers with valuable insights on

store traffic such that they can improve

operations, customer engagement and sales.

As part of the solution, Bosch IP panoramic

cameras are installed to provide high visibility

of the retail floor. The cameras use on-board

Intelligent Video Analytics to create position

data of shoppers’ movements. This data is

then sent direct to the cloud where it’s further

processed without video streams ever leaving

the retailer’s premises, thus maintaining

shoppers’ privacy.

Unlike many systems that require on-site

PCs to pre-process the video streams,

subsequently limiting their performance to a

few cameras per site, Bosch’s solution easily

ONVIF publishes Release

Candidate for Profile T

ONVIF – the global standardisation

initiative for IP-based physical security

products – has announced the Release

Candidate for Profile T, a draft

specification with advanced streaming

capabilities that includes support for

H.265 video compression and an

expanded feature set that extends the

capabilities of ONVIF video Profiles for

both system integrators and end users.

ONVIF Profile T for advanced streaming

deliberately employs a new media service

that enables the support of High Efficiency

Video Coding based on the international

H.265 video compression standard that

specifies how to decode data into

displayable video. Profile T-conformant

clients support both H.264 and H.265 video

compression. Profile T-conformant devices

support at least one of these formats.

The new Profile encompasses Transport

Layer Security-enabled communications and

new functionalities such as bi-directional

audio streaming, standardisation of events

and on-screen display configuration.

“Profile T broadens the scope of the ONVIF

video profile to include both the H.264 video

compression standard and H.265 video

compression, which is set to become the de

facto video compression standard in the very

near future,” explained Fredrik Svensson,

chairman of ONVIF’s Profile T Working Group.

www.onvif.org

scales to cover even the largest of retail

stores with a high camera count in addition

to large multi-store chains.

In the cloud, position data is mined into

performance results and visualisations that

are shared with the retailer through

customised web interfaces for merchandisers

and operations managers alike.

For operations managers, In-Store

Analytics provides insights into department

and store-level traffic. Practising operations

managers can use these insight tools to

ensure sufficient staff are on-site to serve

shoppers during peak times.

Traffic data also enables retailers to track

customer service quality over time.

Retailers will benefit from actionable

insights delivered by this new solution, as the

shopper data rendered by In-Store Analytics

boasts a particularly high accuracy rate.

www.boschsecurity.com

63

www.risk-uk.com


BENCHMARK

Smart Solutions

BENCHMARK

Innovative and smart solutions can add value and benefits to

modern systems for customers. With the technological landscape

rapidly evolving, the Benchmark Smart Solutions project assesses

the potential on offer from system integration, advanced

connectivity and intelligent technology. Bringing together field trials

and assessments, proof of concept and real-world experience of

implementing smart solutions, it represents an essential resource

for all involved in innovative system design.

Launching in 2017, Benchmark Smart Solutions will be the industry’s only real-world resource for

security professionals who are intent on offering added value through the delivery of smarter solutions.

@Benchmark_Smart

Partner Companies

www.benchmarksmart.com


Appointments

Magnus Ahlqvist

The Board of Directors of

Securitas AB has appointed

Magnus Ahlqvist as the new

president and CEO of the

business with effect from

March 2018. Ahlqvist will

replace Alf Göransson, who

has asked to leave his

position with the company

after having led Securitas successfully for the

last 11 years.

Since 1 September 2015, Ahlqvist has served

as divisional president of Securitas’ Security

Services Europe operation and been a member

of Securitas’ Group Management. He joined the

business from Motorola Mobility (a Google

company before it was taken over by Lenovo),

where he was corporate vice-president (EMEA

and India) at Motorola.

Before that, Ahlqvist worked at Sony Ericsson

and Sony Mobile Communications for 12 years.

Among other roles, he served as president of

Sony Mobile Communications in China for three

years and as vice-president and general

manager for Spain and Portugal at Telefónica.

43 year-old Ahlqvist holds an MSc in

Economics and Business Administration gained

through study at the Stockholm School of

Economics as well as a leadership qualification

from the Harvard Business School.

“Securitas is a wonderful company with very

competent and engaged people in its ranks,”

explained Ahlqvist in conversation with Risk UK.

“I believe Securitas is the leading security

services company in the world. We have a

winning strategy and we’re heading up the

transformation of the security industry from

traditional on-site guarding to encompass a

broader spectrum of advanced security

solutions and electronic security for end users.”

Jane Farrell

Jane Farrell, head of security at Sodexo for the

UK and Ireland, was elected chairman of the

International Professional Security Association

(IPSA), the longest-established security Trade

Association in the UK’s security business

sector, at the recent meeting of IPSA’s

International Council in London.

Farrell, who has the honour of becoming the

first female chairman in IPSA’s illustrious 59-

year history, has been serving as the

organisation’s deputy chairman since 2014.

Justin Bentley, CEO at IPSA, said: “I’m

delighted that Jane has been elected as

chairman of the Association. She has been

steadily increasing her involvement in IPSA

Appointments

Risk UK keeps you up-to-date with all the latest people

moves in the security, fire, IT and Government sectors

Daniel Hardy

The National Business Crime Solution (NBCS) –

a not-for-profit initiative that enables the

sharing of data between law enforcement

agencies and the business community to reduce

crime – has announced Daniel Hardy’s

appointment as managing director.

A well-known and respected figure with over

20 years of crime prevention experience, Hardy

is tasked with taking the NBCS to the next stage

of its development and fulfilling its role in

supporting businesses and the police service in

the ongoing fight against offenders.

Hardy explained: “I want to cement the

position of the NBCS as a critical friend of the

business community, the police service and all

business crime reduction partnerships by

furthering the use of the national business

model for all those affected by crime.”

Hardy served five years in the Grenadier

Guards before gaining experience in the private

security industry. He then spent 13 years with

the Metropolitan Police Service, rising to the

position of Acting Detective Inspector on the

Specialist Crime Directorate and running

Operation Vanguard. Hardy subsequently

became head of risk at G4S.

Prior to his current role with the NBCS, Hardy

served as corporate crime and security lead at

Sainsbury’s where his myriad responsibilities

for the High Street retailer included all of the

company’s stores, corporate locations and

distribution facilities around the world.

since joining, and her familiarity with both the

Association and the security industry make her

the ideal person to keep us moving forward.

Her vast experience in training and quality fit

perfectly with the ethos of the Association.”

Farrell has been leading exciting new

changes within IPSA along with the elected

members of the Management Board and the

International Council since March of this year

when the organisation’s former chairman,

Stuart Naisbett, resigned due to personal

commitments. Most of these changes will be

revealed at the 2017 AGM on 11 September.

Speaking to Risk UK, Farrell enthused:

“Following two years as deputy chairman of

IPSA, I’m absolutely delighted to accept the

post of chairman of the Association.”

65

www.risk-uk.com


Appointments

Simon Chapman

Cardinal Security, the provider of “dynamic and

innovative” security solutions, has announced the

appointment of Simon Chapman as its new CEO. The

move follows the introduction of a new ownership

structure designed to take the business on to the next

stage in its development.

Harbouring an illustrious career in the sector spanning

over three decades, Chapman joins Cardinal Security from

Lodge Service, where he was sales director and,

subsequently, managing director responsible for doubling the growth of the

company in less than eight years.

Chapman has also served as sales director for G4S Secure Solutions and as

sales and marketing director at Checkpoint Systems, where he worked for

almost 17 years both here in the UK and abroad.

“Thanks to company founder and former CEO Jason Trigg’s hard work and

vision over many years, Cardinal Security has gained an enviable reputation for

its intelligence-led security guarding and loss prevention services across the

retail and logistics industries,” commented Chapman. “By building on this

success, my primary objective is to ensure that the company is the security

solutions provider of choice for these vertical sectors and beyond.”

James Min

IDIS, the surveillance

solutions manufacturer,

has appointed James Min

to the role of managing

director for IDIS Europe.

Min will be based out of

IDIS’ UK office in

Brentford, London, where

he will head up the

growing external and internal sales force and

technical team as well as playing a key part in

driving marketing and PR initiatives across

Europe, and particularly so here in the UK.

Joining IDIS back in 2004 as a key account

manager, Min was promoted to leader of EMEA

sales and marketing in 2010, whereupon he

was responsible for developing existing original

design manufacturer (ODM) partnerships as

well as opening many new business channels

right across Europe.

Min also played a strategic role in launching

the IDIS brand business and DirectIP next

generation surveillance solution throughout the

region. In 2014, Min was promoted to general

manager and assumed responsibility for

developing EMEA sales, directing marketing

strategy and supporting product development

for IDIS’ Total Solution line-up.

Min stated: “I’m looking forward to

developing our strategy and building on our

success since we launched our own brand

business back in 2013 and opened our first UK

office, which has expanded greatly this year.”

Min’s remit will also be to support the

opening of new business channels with both

distributors and strategic integrators.

Duaine Taylor

The Axis Academy has

confirmed the

appointment of its senior

team following the

launch of the new

learning and

development business.

Duaine Taylor is the head

of learning and

development, while Peter Morris has been

appointed as The Axis Academy’s lead trainer.

Both come to their new roles with a wealth of

training and industry-related experience.

Taylor, who was previously the training

manager for Axis Cleaning and Support

Services, is now responsible for the learning

and development of employees across the

entire Axis Group and reports to Naomi Austen,

Group HR and learning director. Looking after

the day-to-day management of the business,

Taylor is also tasked with establishing new

training regimes and working with expert

trainers to devise bespoke courses.

The Axis Academy has been set up to improve

the skills and professionalism of all those

employed by Axis Group companies and to

drive up professional standards.

Steve Evans

Amberstone Technology,

the provider of

“dynamic and

innovative” security and

loss prevention

technology, has

announced a new highprofile

appointment to

its senior management

team in the form of Steve Evans.

Evans will serve as Amberstone

Technology’s commercial director with a view

to developing the company’s position as one

of the foremost suppliers of intelligent

protection and analytics solutions in the UK

and Europe. Evans has been resident within

the security industry for over 30 years now

and joins the business from Kings Security,

where he spent 14 years as head of national

accounts and, most recently, occupied the

role of Chief Operating Officer.

Prior to that, Evans was head of national

accounts at Protection One Security

Solutions. He brings extensive knowledge of

integrated security solutions to his new role.

Evans will now focus on the development

of new opportunities in line with the

company’s strategic growth plan, which

includes expansion into mainland Europe.

66

www.risk-uk.com


thepaper

Business News for Security Professionals

Pro-Activ Publications is embarking on a revolutionary

launch: a FORTNIGHTLY NEWSPAPER dedicated to the

latest financial and business information for

professionals operating in the security sector

The Paper will bring subscribers (including CEOs,

managing directors and finance directors within the

UK’s major security businesses) all the latest company

and sector financials, details of business re-brands,

market research and trends and M&A activity

FOR FURTHER INFORMATION

ON THE PAPER CONTACT:

Brian Sims BA (Hons) Hon FSyI

(Editor, The Paper and Risk UK)

Telephone: 020 8295 8304

e-mail: brian.sims@risk-uk.com

www.thepaper.uk.com


Best Value Security Products from Insight Security

www.insight-security.com Tel: +44 (0)1273 475500

...and

lots

more

Computer

Security

Anti-Climb Paints

& Barriers

Metal Detectors

(inc. Walkthru)

Security, Search

& Safety Mirrors

Security Screws &

Fastenings

Padlocks, Hasps

& Security Chains

Key Safes & Key

Control Products

Traffic Flow &

Management

see our

website

ACCESS CONTROL

KERI SYSTEMS UK LTD

Tel: + 44 (0) 1763 273 243

Fax: + 44 (0) 1763 274 106

Email: sales@kerisystems.co.uk

www.kerisystems.co.uk

ACCESS CONTROL

ACCESS CONTROL

ACT

ACT – Ireland, Unit C1, South City Business Park,

Tallaght, Dublin, D24 PN28.Ireland. Tel: +353 1 960 1100

ACT - United Kingdom, 601 Birchwood One, Dewhurst Road,

Warrington, WA3 7GB. Tel: +44 161 236 9488

sales@act.eu www.act.eu

ACCESS CONTROL – BARRIERS, GATES, CCTV

ABSOLUTE ACCESS

Aberford Road, Leeds, LS15 4EF

Tel: 01132 813511

E: richard.samwell@absoluteaccess.co.uk

www.absoluteaccess.co.uk

Access Control, Automatic Gates, Barriers, Blockers, CCTV

ACCESS CONTROL

COVA SECURITY GATES LTD

Bi-Folding Speed Gates, Sliding Cantilevered Gates, Road Blockers & Bollards

Consultancy, Design, Installation & Maintenance - UK Manufacturer - PAS 68

Tel: 01293 553888 Fax: 01293 611007

Email: sales@covasecuritygates.com

Web: www.covasecuritygates.com

ACCESS CONTROL & DOOR HARDWARE

ALPRO ARCHITECTURAL HARDWARE

Products include Electric Strikes, Deadlocking Bolts, Compact Shearlocks,

Waterproof Keypads, Door Closers, Deadlocks plus many more

T: 01202 676262 Fax: 01202 680101

E: info@alpro.co.uk

Web: www.alpro.co.uk

ACCESS CONTROL – SPEED GATES, BI-FOLD GATES

HTC PARKING AND SECURITY LIMITED

St. James’ Bus. Centre, Wilderspool Causeway,

Warrington Cheshire WA4 6PS

Tel 01925 552740 M: 07969 650 394

info@htcparkingandsecurity.co.uk

www.htcparkingandsecurity.co.uk

ACCESS CONTROL

INTEGRATED DESIGN LIMITED

Integrated Design Limited, Feltham Point,

Air Park Way, Feltham, Middlesex. TW13 7EQ

Tel: +44 (0) 208 890 5550

sales@idl.co.uk

www.fastlane-turnstiles.com

ACCESS CONTROL

SECURE ACCESS TECHNOLOGY LIMITED

Authorised Dealer

Tel: 0845 1 300 855 Fax: 0845 1 300 866

Email: info@secure-access.co.uk

Website: www.secure-access.co.uk

ACCESS CONTROL MANUFACTURER

NORTECH CONTROL SYSTEMS LTD.

Nortech House, William Brown Close

Llantarnam Park, Cwmbran NP44 3AB

Tel: 01633 485533

Email: sales@nortechcontrol.com

www.nortechcontrol.com

Custom Designed Equipment

• Indicator Panels

• Complex Door Interlocking

• Sequence Control

• Door Status Systems

• Panic Alarms


• Bespoke Products

www.hoyles.com

sales@hoyles.com

Tel: +44 (0)1744 886600

ACCESS CONTROL – BIOMETRICS, BARRIERS, CCTV, TURNSTILES

UKB INTERNATIONAL LTD

Planet Place, Newcastle upon Tyne

Tyne and Wear NE12 6RD

Tel: 0845 643 2122

Email: sales@ukbinternational.com

Web: www.ukbinternational.com

Hoyles are the UK’s leading supplier of

custom designed equipment for the

security and access control industry.

From simple indicator panels to

complex door interlock systems.

BUSINESS CONTINUITY

ACCESS CONTROL, INTRUSION DETECTION AND VIDEO MANAGEMENT

VANDERBILT INTERNATIONAL (UK) LTD

Suite 7, Castlegate Business Park

Caldicot, South Wales NP26 5AD UK

Main: +44 (0) 2036 300 670

email: info.uk@vanderbiltindustries.com

web: www.vanderbiltindustries.com

BUSINESS CONTINUITY MANAGEMENT

CONTINUITY FORUM

Creating Continuity ....... Building Resilience

A not-for-profit organisation providing help and support

Tel: +44(0)208 993 1599 Fax: +44(0)1886 833845

Email: membership@continuityforum.org

Web: www.continuityforum.org

www.insight-security.com Tel: +44 (0)1273 475500


CCTV

CCTV

Rapid Deployment Digital IP High Resolution CCTV

40 hour battery, Solar, Wind Turbine and Thermal Imaging

Wired or wireless communication fixed IP

CE Certified

Modicam Europe, 5 Station Road, Shepreth,

Cambridgeshire SG8 6PZ

www.modicam.com sales@modicameurope.com

CCTV SPECIALISTS

PLETTAC SECURITY LTD

Unit 39 Sir Frank Whittle Business Centre,

Great Central Way, Rugby, Warwickshire CV21 3XH

Tel: 01788 567811 Fax: 01788 544 549

Email: jackie@plettac.co.uk

www.plettac.co.uk

CONTROL ROOM & MONITORING SERVICES

CCTV POLES, COLUMNS, TOWERS AND MOUNTING PRODUCTS

ALTRON COMMUNICATIONS EQUIPMENT LTD

Tower House, Parc Hendre, Capel Hendre, Carms. SA18 3SJ

Tel: +44 (0) 1269 831431

Email: cctvsales@altron.co.uk

Web: www.altron.co.uk

CCTV

G-TEC

Gtec House, 35-37 Whitton Dene

Hounslow, Middlesex TW3 2JN

Tel: 0208 898 9500

www.gtecsecurity.co.uk

sales@gtecsecurity.co.uk

ADVANCED MONITORING SERVICES

EUROTECH MONITORING SERVICES LTD.

Specialist in:- Outsourced Control Room Facilities • Lone Worker Monitoring

• Vehicle Tracking • Message Handling

• Help Desk Facilities • Keyholding/Alarm Response

Tel: 0208 889 0475 Fax: 0208 889 6679

E-MAIL eurotech@eurotechmonitoring.net

Web: www.eurotechmonitoring.net

DISTRIBUTORS

CCTV/IP SOLUTIONS

DALLMEIER UK LTD

3 Beaufort Trade Park, Pucklechurch, Bristol BS16 9QH

Tel: +44 (0) 117 303 9 303

Fax: +44 (0) 117 303 9 302

Email: dallmeieruk@dallmeier.com

SPECIALISTS IN HD CCTV

MaxxOne

Unit A10 Pear Mill, Lower Bredbury, Stockport. SK6 2BP

Tel +44 (0)161 430 3849

www.maxxone.com

sales@onlinesecurityproducts.co.uk

www.onlinesecurityproducts.co.uk

CCTV & IP SECURITY SOLUTIONS

PANASONIC SYSTEM COMMUNICATIONS COMPANY

EUROPE

Panasonic House, Willoughby Road

Bracknell, Berkshire RG12 8FP UK

Tel: 0207 0226530

Email: info@business.panasonic.co.uk

AWARD-WINNING, LEADING GLOBAL WHOLESALE

DISTRIBUTOR OF SECURITY AND LOW VOLTAGE PRODUCTS.

ADI GLOBAL DISTRIBUTION

Distributor of electronic security systems and solutions for over 250 leading manufacturers, the company

also offers an internal technical support team, dedicated field support engineers along with a suite of

training courses and services. ADI also offers a variety of fast, reliable delivery options, including specified

time delivery, next day or collection from any one of 28 branches nationwide. Plus, with an ADI online

account, installers can order up to 7pm for next day delivery.

Tel: 0161 767 2990 Fax: 0161 767 2999 Email: sales.uk@adiglobal.com www.adiglobal.com/uk

COMMUNICATIONS & TRANSMISSION EQUIPMENT

KBC NETWORKS LTD.

Barham Court, Teston, Maidstone, Kent ME18 5BZ

www.kbcnetworks.com

Phone: 01622 618787

Fax: 020 7100 8147

Email: emeasales@kbcnetworks.com

WHY MAYFLEX? ALL TOGETHER. PRODUCTS, PARTNERS,

PEOPLE, SERVICE – MAYFLEX BRINGS IT ALL TOGETHER.

MAYFLEX

Excel House, Junction Six Industrial Park, Electric Avenue, Birmingham B6 7JJ

Tel: 0800 881 5199

Email: securitysales@mayflex.com

Web: www.mayflex.com

DIGITAL IP CCTV

SESYS LTD

High resolution ATEX certified cameras, rapid deployment

cameras and fixed IP CCTV surveillance solutions available with

wired or wireless communications.

1 Rotherbrook Court, Bedford Road, Petersfield, Hampshire, GU32 3QG

Tel +44 (0) 1730 230530 Fax +44 (0) 1730 262333

Email: info@sesys.co.uk www.sesys.co.uk

www.insight-security.com Tel: +44 (0)1273 475500


THE UK’S MOST SUCCESSFUL DISTRIBUTOR OF IP, CCTV, ACCESS

CONTROL AND INTRUDER DETECTION SOLUTIONS

NORBAIN SD LTD

210 Wharfedale Road, IQ Winnersh, Wokingham, Berkshire, RG41 5TP

Tel: 0118 912 5000 Fax: 0118 912 5001

www.norbain.com

Email: info@norbain.com

INTEGRATED SECURITY SOLUTIONS

INNER RANGE EUROPE LTD

Units 10 - 11, Theale Lakes Business Park, Moulden Way, Sulhampstead,

Reading, Berkshire RG74GB, United Kingdom

Tel: +44(0) 845 470 5000 Fax: +44(0) 845 470 5001

Email: ireurope@innerrange.co.uk

www.innerrange.com

UK LEADERS IN BIG BRAND CCTV DISTRIBUTION

SATSECURE

Hikivision & MaxxOne (logos) Authorised Dealer

Unit A10 Pear Mill, Lower Bredbury,

Stockport. SK6 2BP

Tel +44 (0)161 430 3849

www.satsecure.uk

IDENTIFICATION

PERIMETER PROTECTION

ADVANCED PRESENCE DETECTION AND SECURITY LIGHTING SYSTEMS

GJD MANUFACTURING LTD

Unit 2 Birch Business Park, Whittle Lane, Heywood, OL10 2SX

Tel: + 44 (0) 1706 363998

Fax: + 44 (0) 1706 363991

Email: info@gjd.co.uk

www.gjd.co.uk

PERIMETER PROTECTION

GPS PERIMETER SYSTEMS LTD

14 Low Farm Place, Moulton Park

Northampton, NN3 6HY UK

Tel: +44(0)1604 648344 Fax: +44(0)1604 646097

E-mail: info@gpsperimeter.co.uk

Web site: www.gpsperimeter.co.uk

COMPLETE SOLUTIONS FOR IDENTIFICATION

DATABAC GROUP LIMITED

1 The Ashway Centre, Elm Crescent,

Kingston upon Thames, Surrey KT2 6HH

Tel: +44 (0)20 8546 9826

Fax:+44 (0)20 8547 1026

enquiries@databac.com

INDUSTRY ORGANISATIONS

POWER

POWER SUPPLIES – DC SWITCH MODE AND AC

DYCON LTD

Unit A, Cwm Cynon Business Park, Mountain Ash, CF45 4ER

Tel: 01443 471900 Fax: 01443 479 374

Email: sales@dyconpower.com

www.dyconpower.com

TRADE ASSOCIATION FOR THE PRIVATE SECURITY INDUSTRY

BRITISH SECURITY INDUSTRY ASSOCIATION

Tel: 0845 389 3889

Email: info@bsia.co.uk

Website: www.bsia.co.uk

Twitter: @thebsia

THE LEADING CERTIFICATION BODY FOR THE SECURITY INDUSTRY

SSAIB

7-11 Earsdon Road, West Monkseaton

Whitley Bay, Tyne & Wear

NE25 9SX

Tel: 0191 2963242

Web: www.ssaib.org

INTEGRATED SECURITY SOLUTIONS

STANDBY POWER

UPS SYSTEMS PLC

Herongate, Hungerford, Berkshire RG17 0YU

Tel: 01488 680500

sales@upssystems.co.uk

www.upssystems.co.uk

UPS - UNINTERRUPTIBLE POWER SUPPLIES

ADEPT POWER SOLUTIONS LTD

Adept House, 65 South Way, Walworth Business Park

Andover, Hants SP10 5AF

Tel: 01264 351415 Fax: 01264 351217

Web: www.adeptpower.co.uk

E-mail: sales@adeptpower.co.uk

SECURITY PRODUCTS AND INTEGRATED SOLUTIONS

HONEYWELL SECURITY AND FIRE

Tel: +44 (0) 844 8000 235

E-mail: securitysales@honeywell.com

UPS - UNINTERRUPTIBLE POWER SUPPLIES

UNINTERRUPTIBLE POWER SUPPLIES LTD

Woodgate, Bartley Wood Business Park

Hook, Hampshire RG27 9XA

Tel: 01256 386700 5152 e-mail:

sales@upspower.co.uk

www.upspower.co.uk

www.insight-security.com Tel: +44 (0)1273 475500


SECURITY

ANTI-CLIMB SOLUTIONS & SECURITY PRODUCT SPECIALISTS

INSIGHT SECURITY

Units 1 & 2 Cliffe Industrial Estate

Lewes, East Sussex BN8 6JL

Tel: 01273 475500

Email:info@insight-security.com

www.insight-security.com

CASH & VALUABLES IN TRANSIT

CONTRACT SECURITY SERVICES LTD

Challenger House, 125 Gunnersbury Lane, London W3 8LH

Tel: 020 8752 0160 Fax: 020 8992 9536

E: info@contractsecurity.co.uk

E: sales@contractsecurity.co.uk

Web: www.contractsecurity.co.uk

QUALITY SECURITY AND SUPPORT SERVICES

CONSTANT SECURITY SERVICES

Cliff Street, Rotherham, South Yorkshire S64 9HU

Tel: 0845 330 4400

Email: contact@constant-services.com

www.constant-services.com

ONLINE SECURITY SUPERMARKET

EBUYELECTRICAL.COM

Lincoln House,

Malcolm Street

Derby DE23 8LT

Tel: 0871 208 1187

www.ebuyelectrical.com

LIFE SAFETY EQUIPMENT

C-TEC

Challenge Way, Martland Park,

Wigan WN5 OLD United Kingdom

Tel: +44 (0) 1942 322744

Fax: +44 (0) 1942 829867

Website: www.c-tec.com

PERIMETER SECURITY

TAKEX EUROPE LTD

Aviary Court, Wade Road, Basingstoke

Hampshire RG24 8PE

Tel: +44 (0) 1256 475555

Fax: +44 (0) 1256 466268

Email: sales@takex.com

Web: www.takex.com

FENCING SPECIALISTS

J B CORRIE & CO LTD

Frenchmans Road

Petersfield, Hampshire GU32 3AP

Tel: 01730 237100

Fax: 01730 264915

email: fencing@jbcorrie.co.uk

INTRUSION DETECTION AND PERIMETER PROTECTION

OPTEX (EUROPE) LTD

Redwall® infrared and laser detectors for CCTV applications and Fiber SenSys® fibre

optic perimeter security solutions are owned by Optex. Platinum House, Unit 32B

Clivemont Road, Cordwallis Industrial Estate, Maidenhead, Berkshire, SL6 7BZ

Tel: +44 (0) 1628 631000 Fax: +44 (0) 1628 636311

Email: sales@optex-europe.com

www.optex-europe.com

SECURITY EQUIPMENT

PYRONIX LIMITED

Secure House, Braithwell Way, Hellaby,

Rotherham, South Yorkshire, S66 8QY.

Tel: +44 (0) 1709 700 100 Fax: +44 (0) 1709 701 042

www.facebook.com/Pyronix

www.linkedin.com/company/pyronix www.twitter.com/pyronix

SECURITY SYSTEMS

BOSCH SECURITY SYSTEMS LTD

PO Box 750, Uxbridge, Middlesex UB9 5ZJ

Tel: 0330 1239979

E-mail: uk.securitysystems@bosch.com

Web: uk.boschsecurity.com

INTRUDER AND FIRE PRODUCTS

CQR SECURITY

125 Pasture road, Moreton, Wirral UK CH46 4 TH

Tel: 0151 606 1000

Fax: 0151 606 1122

Email: andyw@cqr.co.uk

www.cqr.co.uk

SECURITY EQUIPMENT

CASTLE

Secure House, Braithwell Way, Hellaby,

Rotherham, South Yorkshire, S66 8QY

TEL +44 (0) 1709 700 100 FAX +44 (0) 1709 701 042

www.facebook.com/castlesecurity www.linkedin.com/company/castlesecurity

www.twitter.com/castlesecurity

SECURE CONNECTIVITY PROVIDERS

CSL

T: +44 (0)1895 474 474

sales@csldual.com

@CSLDualCom

www.csldual.com

SECURITY PRODUCTS

EATON

Eaton is one of the world’s leading manufacturers of security equipment

its Scantronic and Menvier product lines are suitable for all types of

commercial and residential installations.

Tel: 01594 545 400 Email: securitysales@eaton.com

Web: www.uk.eaton.com Twitter: @securityTP

INTRUDER ALARMS AND SECURITY MANAGEMENT SOLUTIONS

RISCO GROUP

Commerce House, Whitbrook Way, Stakehill Distribution Park, Middleton,

Manchester, M24 2SS

Tel: 0161 655 5500 Fax: 0161 655 5501

Email: sales@riscogroup.co.uk

Web: www.riscogroup.com/uk

SECURITY SYSTEMS

VICON INDUSTRIES LTD.

Brunel Way, Fareham

Hampshire, PO15 5TX

United Kingdom

www.vicon.com

www.insight-security.com Tel: +44 (0)1273 475500


Powerful web based

controller, powered

by smart devices.

DESIGNED

IN

A U ST R A

R

LIA

Inception is an integrated access control and security

alarm system with a design edge that sets it apart

from the pack. Featuring built in web based software,

the Inception system is simple to access using a web

browser on a Computer, Tablet or Smartphone.

With a step by step commissioning guide and

outstanding user interface, Inception is easy to

install and very easy to operate.

For more information simply scan the QR code

or visit innerrange.com.

Security

Alarm

Access

Control

Automation

No Software

Required

Multiple

Devices

Easy Setup

with Checklist

Prompting

Send IP Alarms via

the Multipath-IP

Network

T: +44 845 470 5000

E: ireurope@innerrange.co.uk

W: innerrange.com

More magazines by this user
Similar magazines