RiskUKSeptember2017

September 2017
www.risk-uk.com
Security and Fire Management
On Terrorism Watch
From ‘Run, Hide, Tell’ to ‘Spot, Sweep, Secure’
ISO 22316: Security and Organisational Resilience
Fighting Financial Crime: Why Culture is Key in UK plc
Total Recall: Best Practice in Crisis Management
Fire Safety Planning: Emergency Evacuation Procedures

Manufacturing X-ray Machines
in the UK since 1950
Call or Email to claim your
FREE THREAT ASSESSMENT
and advice on your direct and associated risks by the UK’s
leading manufacturer of high end security x-ray machines
01480 832202
www.toddresearch.co.uk
xray@toddresearch.co.uk

September 2017
Contents
42 Meet The Security Company
In association with the NSI, Risk UK continues its ‘Meet The
Security Company’ series by asking Doyle Security’s managing
director Andrew Nicholson the major questions of the day
BS 8593 for Body-Worn Video (pp9-10)
5 Editorial Comment
6 News Update
Corporate governance reforms. Cifas study on ID fraud. EU GDPR
compliance risks survey by Bluesource. All change at HMIC
9 News Analysis: BS 8593 for Body-Worn Video
Brian Sims reports on the launch of BS 8593:2017 Code of
Practice for the Deployment and Use of Body-Worn Video
12 News Special: Cortech Open Innovation Events
Brian Sims previews this month’s COIE taking place in Glasgow
and looks back on the success of the Bristol event held in July
14 Opinion: ISO 22316 Security and Resilience
ISO 22316:2017 on Security and Organisational Resilience has
arrived. John Robinson appraises the content in relation to Brexit
16 Opinion: Apprenticeships in the Security Sector
Apprenticeship programmes should be employer-led, but what
does this actually mean? Peter Sherry delves into the fine detail
19 BSIA Briefing
Will Murray on the current state of play in lone worker security
22 Security for the Enterprise
Damien Pezza takes a different slant on risk management with a
detailed overview of combined ESRM-ERM frameworks
45 Evacuation Planning in the Premier League
The re-development of Stoke City FC’s bet365 Stadium takes full
account of planning for fire safety and emergency evacuation
48 The Security Institute’s View
Will the lines dividing risk and resilience management continue
to blur and lead to new thinking? Dr Risto Talas believes so
50 In The Spotlight: ASIS International UK Chapter
Rupert Reid states why, when it comes to counter-terrorism
training, we must now shift the emphasis towards detection
52 FIA Technical Briefing
Alan Elder and Robert Thilthorpe target the all-important points
to note in relation to gaseous fixed firefighting systems
54 Security Services: Best Practice Casebook
As Paul Harvey observes, by focusing on the enablers of
effective collaboration it’s possible to deliver an outcome that
shares Best Practice and enhances existing capabilities
56 Cyber Security: Defending the Digital World
58 Training and Career Development
Richard Diston on career progression for security managers
60 Risk in Action
62 Technology in Focus
65 Appointments
The latest people moves in the security and fire business sectors
24 Fighting Financial Crime: Culture is Key
In the ongoing fight against financial crime, argues Tim
Parkman, fostering a strong internal business culture is vital
27 Total Recall
Does your business have a product recall team in place? If not,
there’s no time to spare. Jennifer Sillars outlines why
30 The Future of Lone Worker Solutions
Employers must provide a safe operational environment for lone
workers. Craig Swallow focuses on today’s available solutions
33 The Changing Face of Security Services
Risk UK’s Guarding Supplement with contributions from Cardinal
Security, Axis Security, CIS Security and Magenta Security
68 The Risk UK Directory
ISSN 1740-3480
Risk UK is published monthly by Pro-Activ Publications
Ltd and specifically aimed at security and risk
management, loss prevention, business continuity and
fire safety professionals operating within the UK’s largest
commercial organisations
© Pro-Activ Publications Ltd 2017
All rights reserved. No part of this publication may be
reproduced or transmitted in any form or by any means
electronic or mechanical (including photocopying, recording
or any information storage and retrieval system) without the
prior written permission of the publisher
The views expressed in Risk UK are not necessarily those of
the publisher
Risk UK is currently available for an annual subscription rate of
£78.00 (UK only)
www.risk-uk.com
Risk UK
PO Box 332
Dartford DA1 9FF
Editor Brian Sims BA (Hons) Hon FSyI
Tel: 0208 295 8304 Mob: 07500 606013
e-mail: brian.sims@risk-uk.com
Design and Production Matt Jarvis
Tel: 0208 295 8310 Fax: 0870 429 2015
e-mail: matt.jarvis@proactivpubs.co.uk
Advertisement Director Paul Amura
Tel: 0208 295 8307 Fax: 01322 292295
e-mail: paul.amura@proactivpubs.co.uk
Administration Tracey Beale
Tel: 0208 295 8306 Fax: 01322 292295
e-mail: tracey.beale@proactivpubs.co.uk
Managing Director Mark Quittenton
Chairman Larry O’Leary
Editorial: 0208 295 8304
Advertising: 0208 295 8307
3
www.risk-uk.com

Premier Elite 64-W/64-W LIVE
EXPANDABLE TO
W
I R E L E S S
Z O N E S
Wireless control panels expandable to 64 wireless zones
Texecom has upgraded its flagship range of wireless control panels by adding two new high zone capacity models to replace
previous, smaller zone capacity, wireless panels.
In today’s connected world, there is no place for systems that inhibit upgrades or restrict additional devices. Security systems can
offer so much more than basic security; increased security, monitoring, safety, perimeter protection and building automation all
require systems that can support a large number and a wide range of devices. With the introduction of the Premier Elite 64-W
and 64-W LIVE, Texecom is removing these limitations and allowing end users and installers to benefit from increased system
capabilities.
Product highlights include:
• Increased zone capacity on Texecom’s Ricochet® enabled
wireless panels
• Replaces and consolidates Texecom’s wireless panel
range to two models
• Facilitates more devices per system to support increased
security, safety and automation device requirements
• 32 on-board wireless zones; expandable to 64 wireless zones
• Available with or without built-in keypad
• Contains Texecom Connect ‘ready’ V4.00 Premier Elite
firmware
• EN50131-1, EN50131-3, PD6662 Grade 2 Class II
Texecom products are designed
and manufactured in the UK

Editorial Comment
More zones, more devices:
Safety devices
Increased security
Building automation
Perimeter protection
Monitoring
Shared Approach
The Government’s Department for Exiting the European Union
(EU) has set out its bold plans for arrangements that could
ensure personal data would continue to move back and forth
between the UK and the EU in the future in a safe and properly
regulated manner. In the latest of a series of papers examining
the UK’s future partnership with the EU post-Brexit, the
Government has considered the case for a “unique” approach
that could allow data to continue to be exchanged in order to
ensure ongoing competitiveness, innovation and job creation.
The document outlines in detail how the UK is considering an
ambitious model for the protection and exchange of personal
data with the EU that reflects the unprecedented alignment
between British and European law and recognises the high data
protection standards that will be in place at the point of exit.
This would allow the UK to work more closely with the EU,
providing continuity and certainty for the business community,
allowing public authorities – including law enforcement
authorities – to continue their close co-operation, protecting
people’s data and privacy and providing for ongoing regulatory
co-operation between UK and EU data protection authorities.
These proposals are said to “provide a stable base” for the
Government to deliver on its commitment to turn Britain into the
“best and safest place” to be online.
Matthew Hancock, the Minister for Digital, explained: “In the
modern world, data flows increasingly underpin trade, business
and all relationships. We want the secure flow of data to be
unhindered in the future as we leave the EU. A strong future data
relationship between the UK and the EU, based on aligned data
protection rules, is in our mutual interest. The UK is leading the
way on modern data protection laws and we’ve worked closely
with our EU partners to develop world-leading data protection
standards. This new position paper sets out how we think our
data relationship should continue. Our goal is to combine strong
privacy rules with a relationship that allows flexibility in order to
give consumers and businesses certainty in their use of data.”
Stewart Room (PwC’s global data protection legal services
leader) responded: “The Government’s position paper makes it
crystal clear that data protection is now a priority issue for the
UK and its economy and in the ongoing fight against serious
crime and terrorism. Successful delivery of the General Data
Protection Regulation (GDPR) will be a critical part of the UK’s
success after Brexit. With this in mind, the paper sends a clear
message to all data controllers and data processors in the UK
that they must embrace the requirements of the GDPR.”
As the position paper has pointed out, it’s vital that the UK’s
data regulator, namely the Information Commissioner’s Office
(ICO), maintains an influential role post-Brexit. To this end, the
ICO will require proper levels of investment if it’s going to be
able to fulfil its vital resource-sharing requirements.
One area that the position paper doesn’t tackle is the concern
in parts of the EU that the UK’s domestic surveillance laws are
challenging to EU data protection principles. The possibility of
partial adequacy decisions could help overcome such concerns.
Brian Sims BA (Hons) Hon FSyI
Editor
www.texe.com
Sales: +44 (0)1706 220460
December 2012
5
www.risk-uk.com

Corporate governance reforms announced
to increase Boardroom accountability
Business Secretary Greg Clark has set out the
Government’s corporate governance reforms
designed to enhance the public’s trust in
business. Under these new Government reforms
to Boardroom accountability, for the first time
all listed companies will have to publish pay
ratios between CEOs and their average UK
workers. This move is aimed at enhancing the
transparency of big business to shareholders,
employees and the public alike.
The Government’s bold package of corporate
governance reforms includes the world’s first
public register of listed companies where a fifth
of investors have objected to executive annual
pay packages. This new scheme will be set up
in the Autumn and overseen by the Investment
Association, a trade body that represents UK
investment managers.
In the coming months, the Government will
introduce new laws to require:
• around 900 listed companies to annually
publish and justify the pay ratio between CEOs
and their average UK workers
• all companies of a significant size to publicly
explain how their directors take employees’ and
shareholders’ interests into account
• all large companies to make their responsible
business arrangements public
Last year, the Prime Minister made it clear
that the behaviour of a small number of
companies had damaged the public’s trust in
big business. Theresa May duly set out
proposals designed to improve transparency
and accountability and afford employees a voice
in the Boardroom.
Commenting on the reforms, Greg Clark said:
“One of Britain’s biggest assets when it comes
to competing in the global economy is our
deserved reputation for being a dependable
and confident place in which to do business.
Our legal system, our framework of company
law and our standards of corporate governance
have long been admired around the world. We
have maintained such a reputation by keeping
our corporate governance framework under
review. These latest reforms will build on our
strong reputation and ensure that our largest
companies are more transparent and
accountable to employees and shareholders.”
The Business Secretary will now seek to
ensure employees’ interests are better
represented at the Boardroom level of listed
companies. Clark will ask the Financial
Reporting Council – which sets high standards
of governance through the UK’s Corporate
Governance Code – to introduce a new
requirement in the Code to achieve this.
Under the Code’s ‘comply or explain’ regime,
firms would have to either assign a nonexecutive
director to represent employees,
create an Employee Advisory Council or
nominate a director from the workforce.
Episodes of identity fraud soar to record levels in latest study by Cifas
Cifas, the UK’s leading fraud prevention service, has released new figures showing that identity
fraud has continued to rise at unprecedented levels during the first six months of 2017.
A record 89,000 identity frauds were recorded, which is up by 5% from last year. Representing
over half of all fraud recorded by the UK’s not-for-profit fraud data sharing organisation, 83% of
identity frauds were perpetrated online.
The latest figures from Cifas show that there has been a sharp rise in identity fraudsters applying
for loans while also involving themselves in online retail, telecoms and insurance products.
Although the number of identity fraud attempts against bank accounts and plastic cards has fallen,
those episodes still account for more than half of all identity fraud cases.
To carry out this kind of fraud successfully, fraudsters need access to their victim’s personal
information such as name, date of birth, address, their bank details and with whom they hold
accounts. Fraudsters access such detail in a variety of ways, from stealing mail through to hacking,
obtaining data on The Dark Web, exploiting personal information on social media or through ‘social
engineering’ (whereupon innocent parties are persuaded to give up their sensitive details to
someone pretending to be from their bank, the police service or a trusted retailer).
Simon Dukes, CEO of Cifas, explained to Risk UK: “We’ve seen identity fraud attempts increase
year on year such that they’re now reaching epidemic proportions, with identities being stolen at a
rate of almost 500 every day. These frauds are taking place almost exclusively online. The vast
amount of personal data that’s now available either online or through data breaches is only making
it easier for the fraudsters.”
6
www.risk-uk.com

News Update
“Employees pose greatest EU GDPR
compliance risk” highlights latest
Bluesource study
Six-in-ten organisations view their employees
as the biggest threat to successful EU General
Data Protection Regulation (GDPR) adherence,
while four-in-ten believe that their current IT
systems could also pose compliance risks.
That’s according to a GDPR awareness survey
conducted by Bluesource.
The study also highlights that, even though
half (50%) are taking steps to prepare for
GDPR compliance, nearly a third (30%) still
believe that the new rules will not affect them.
One fifth (20%) are not sure what to do next.
Over 80% of respondents stated that, with
the deadline for EU GDPR compliance rapidly
approaching, they’re facing a major challenge,
including increased security and governance
around cloud environments such as Office 365
and shadow IT. 80% of those surveyed feel
that ‘Big Tech’ vendors have a responsibility to
ensure that their own systems will meet the
GDPR’s requirements, as well as those of their
customers, but are unsure as to how this will
be achieved in practice.
The increased financial impact of fines and
the expected frequency of their enforcement is
a major concern for most of those surveyed.
An overwhelming 90% indicated that a noncompliance
fine would result in reputational
damage for their organisation and a loss of
trust among customers, suppliers and staff.
Data breaches are already the second
greatest cause of concern for business
continuity professionals and, once this new
legislation comes into force, bringing with it
higher penalties than already exist, this level
of concern is only likely to increase.
Organisations need to make sure they’re
completely aware of the requirements of the
GDPR, and also make certain that their data
protection processes are robust enough to
meet these requirements.
On a more positive note, 45% of those
surveyed have already nominated a member of
a specific departmental function – including
legal, compliance and IT security – to be solely
dedicated to privacy and GDPR initiatives.
However, 20% haven’t considered selecting a
nominated individual as yet, while 35%
suggest that finding a suitably qualified and
experienced individual will be a challenge.
Sean Hanford, information governance
consultant at Bluesource, commented: “Our
research across UK organisations indicates
that a gap remains between EU GDPR
awareness and action. There must be a swift
attitude change towards data protection. Staff
clearly require better skills such that they can
become more data savvy.”
Her Majesty’s Inspectorate of
Constabulary’s remit extended by
Home Office to encompass Fire and
Rescue Services
Building on the experience of Her Majesty’s
Inspectorate of Constabulary (HMIC) in
inspecting and reporting on the efficiency and
effectiveness of all police forces in England
and Wales, Nick Hurd (Minister for Policing
and the Fire Service) has announced that it
will now extend its responsibility and also
inspect Fire and Rescue Services in England.
In order to reflect this new programme of
inspections, HMIC will change its name to Her
Majesty’s Inspectorate of Constabulary and
Fire and Rescue Services (HMICFRS) and
expand to become a fully-integrated
inspectorate for the police and Fire and
Rescue Services. HMICFRS will have a new
logo to reflect its new identity.
Her Majesty’s Chief Inspector of
Constabulary, Sir Thomas Winsor (pictured),
said: “This marks a momentous chapter in the
160-year history of HMIC. We will draw on our
experience of inspecting and reporting on
police forces to develop a framework to assess
the efficiency and effectiveness of the 45 Fire
and Rescue Services in England. In the same
way that police officers run towards situations
that others would instinctively avoid, the
events of recent times remind us all about
exactly how much we rely upon the bravery
and professionalism of our firefighters. I pay
tribute to their courage.”
Sir Thomas will be appointed Her Majesty’s
Chief Inspector of Fire and Rescue Services, in
addition to continuing in his role as Her
Majesty’s Chief Inspector of Constabulary. Her
Majesty’s Inspector Zoë Billingham will act as
the lead for the inspection programme. Each
HMI will have responsibility for a number of
Fire and Rescue Services.
Nick Hurd explained: “Creating an
inspectorate for Fire and Rescue Services in
England will support the continuous
improvement of this critical public service to
make sure that it’s as professional, effective
and efficient as possible. It will also ensure
that, where problems are identified, actions
can be taken by the Fire and Rescue Services
to overcome them. I’m confident that HMIC
will hold Fire and Rescue Services to the
highest standards possible.”
HMICFRS inspections will be specifically
designed to promote improvements.
7
www.risk-uk.com

Protect what’s most valuable
Avigilon Appearance Search video analytics technology is a sophisticated
deep learning artificial intelligence (AI) search engine for video data. It sorts
through hours of footage with ease, to quickly locate a specific person or
vehicle of interest across an entire site.
Avigilon Appearance Search technology can dramatically improve incident
response time and enhance forensic investigations by allowing operators to
build robust video evidence and create a powerful narrative of events.
• Improves incident response time
• Enhances forensic investigations
• Accurately provides search results
• Easy to learn and use
Learn more at avigilon.com/Appearance-Search
© 2016-2017, Avigilon Corporation. All rights reserved. AVIGILON, the AVIGILON logo, AVIGILON APPEARANCE SEARCH and TRUSTED SECURITY SOLUTIONS are trademarks of Avigilon Corporation.
Other names or logos mentioned herein may be the trademarks of their respective owners.

News Analysis: British Standard 8593 for Body-Worn Video
British Standard 8593:2017 focusing on body-worn
video cameras backed by industry
British Standard 8593 delivers a common
framework to boost public trust in the
understanding of where and when bodyworn
video can be employed, with the
document providing technical and operational
recommendations for its appropriate and
proportionate deployment and use.
The new British Standard was drawn up to
address a gap in guidance due to the
differences between the use of CCTV and bodyworn
video, and also with a view to avoiding
any repeat of the privacy concerns associated
with the widespread roll-out of the former. The
UK is widely believed to be the most surveilled
state in the world.
BS 8593:2017 covers planning and
operational recommendations, outlining the
need for body-worn video’s deployment to be
based on legitimate reasons, and particularly
so in terms of undertaking those all-important
privacy impact assessments.
Anne Hayes, head of market development for
governance and resilience at the BSI,
explained: “During the development of BS
8593, it was agreed that public confidence in
the operation and management of body-worn
video was and is critical. Balancing safety,
security and privacy matters is a central
concern. The involvement of both security and
privacy groups shows that British Standards
can deliver industry consensus by aligning
agendas to the public benefit. Body-worn video
has an advantage as a security device in terms
of providing the end user with a sense of
protection. It’s a second pair of ‘eyes and ears’
should something go wrong.”
Tony Porter QPM LLB, the Surveillance
Camera Commissioner, added: “I’m absolutely
delighted to support the new British Standard
and acknowledge the excellent work which has
been undertaken to deliver it in such short
timescales. As the use of body-worn cameras
proliferates, so they become more and more
ingrained as an intrusive capability in the daily
lives of citizens. The important and
fundamental balance of preserving the rights of
citizens while keeping our communities safe
and secure is at the heart of the Home
Secretary’s Surveillance Camera Code of
Practice which, of course, I regulate. The
principles within that Code are resident at the
very heart of the new British Standard and I
commend its introduction.”
With body-worn video cameras now widely adopted by
councils and police services across the UK, and in direct
response to concerns over data security and privacy, a new
British Standard (BS 8593:2017 Code of Practice for the
Deployment and Use of Body-Worn Video) has been
developed in conjunction with security and privacy groups
including the Home Office, the Metropolitan Police Service
and Big Brother Watch*. Brian Sims reports
Legitimate deployment
Examples of the legitimate deployment of bodyworn
video cameras can include:
• Safeguarding employee safety and security
where a given end user of body-worn video may
be at risk of physical or verbal attack or is
otherwise working in a hazardous environment
• As a deterrent if the device wearer is involved
in policing or controlling an environment which
people could try to disrupt
• Evidence capture if the body-worn video user
is involved in a role where they might witness
or investigate criminal activity, and where
capturing visual or audio evidence could assist
with future legal proceedings
• Promoting transparency where device wearers
(such as bailiffs or parking wardens, for
example) regularly encounter complaints
• Capturing data to use in process improvement
or training (identifying learning opportunities)
Device recommendations such as
functionality, weight, image quality and
Tony Porter QPM LLB:
Surveillance Camera
Commissioner
9
www.risk-uk.com

News Analysis: British Standard 8593 for Body-Worn Video
*Organisations involved in
the development of BS 8593:
Association of Security
Consultants, Big Brother
Watch, the British Security
Industry Association, the
Home Office, the Information
Commissioner’s Office, the
Metropolitan Police Service,
the National Police Chiefs’
Council, the National Security
Inspectorate, the Security
Industry Authority, the
Security Systems and Alarms
Inspection Board and
Transport for London.
In an individual capacity,
IndigoVision, Edesix and
SoloProtect were also
involved in BS 8593
encryption are all covered in BS 8593. A
separate clause focuses on data management
and security including data integrity, audit
trails, storage and sharing redaction.
Training for device wearers and data handlers
as well as general operator guidance is
provided in the British Standard, along with a
dedicated clause covering monitoring,
escalation and response as agreed with the
system owners.
The British Standard is applicable to bodyworn
video users and system owners as well as
the suppliers and procurers of solutions.
Examples of where body-worn video systems
might be used include by the Emergency
Services and for taxi marshalling, warden
schemes, security guarding, parking
enforcement and door supervision.
Empowerment for police officers
New research has revealed widespread support
among front line police officers for body-worn
video cameras, with officers finding their use
“empowering”. The independent study,
conducted by criminologists at London
Metropolitan University, looked at officers’
attitudes towards the technology during trials
with the City of London Police. The police
officers involved in the study were interviewed
both before and after the trial to identify any
shifts in attitude towards the technology.
The research discovered that 83% of police
officers feel body-worn cameras should be
adopted, with one adding that such cameras
are “the best piece of kit” they’ve used. The
report, entitled ‘Trialling Body-Worn Video
Cameras for the City of London Police:
Perceptions and Justice Outcomes’, also states
that more than 90% of officers believe such
cameras will assist with evidence gathering.
Lead author Dr James Morgan from London
Metropolitan University said: “Contrary to many
assumptions regarding ‘cop culture’, the
officers surveyed and interviewed for this study
were very progressive in their approaches to
this new technology. They want greater
accountability and oversight. They believe in
their own policing practice and wish this to be
recorded. The findings also point to a particular
context in policing where officers’ actions are
often scrutinised by members of the public who
are armed with their own recording equipment.
The participants in this study wanted their own
footage to counter negative portrayals of the
police which might be found on social media, in
turn having their perspectives and experiences
better understood by the wider public.”
Morgan added: “Police officers are mainly
positive about this technology, and most
notably so in the hope it will reduce spurious
complaints and give the police the opportunity
to show the pressures under which they work.”
Reducing assaults
Another interesting finding is that officers
believe the presence of a camera has a positive
and calming effect on confrontational
situations. Morgan commented: “As well as
reducing complaints, it’s hoped that this
technology will reduce the time officers spend
preparing evidence for court, increase guilty
pleas and contribute towards a reduction of
assaults perpetrated on police officers.”
Second author Dr Dan Silverstone, who now
works at Liverpool John Moores University,
added: “The findings are particularly important
because they address the stereotype that
police officers often face. Body-worn video
cameras will play a significant role in improving
police legitimacy and enhancing public safety.
At the time of the study, there were issues to be
addressed in terms of ensuring that the
evidence from the cameras was compatible
with the Crown Prosecution Service’s own
systems. When these issues are resolved,
evidence from the cameras will increase the
speed and success of prosecutions.”
The idea of body-worn cameras in policing is
relatively new, with the first cameras being
tested back in 2005.
Increasing confidence
Chief Superintendent David Lawes from the City
of London Police observed: “We’re confident
that the continued use of body-worn video
cameras will help us to build on our efforts to
bring policing in the Square Mile into the 21st
Century, while also increasing confidence in our
officers and the difficult job they do.”
Lawes went on to comment: “These cameras
already play an important role in our policing
regime as the mere presence of this type of
solution can often prevent potentially volatile
situations from escalating.”
**See also this month’s
dedicated feature on Lone
Worker Security and Safety
authored by SoloProtect’s
managing director Craig
Swallow (pp30-31)
“Device recommendations such as functionality, weight, image
quality and encryption are all covered in the new British Standard. A
separate clause focuses on data management and security including
data integrity, audit trails, storage and sharing redaction”
10
www.risk-uk.com

They see a well secured airport.
You see smart data to
optimize traveler flow.
Bosch empowers you to build a safer and more secure
world. And with built-in video analytics as of the IP 4000
cameras, we allow you to use video data for more than
security alone. Like identifying interruptions and
patterns in airport traffic.
Find out more at boschsecurity.com
+1
People counting
Queuing alarm
Enforcing safety
regulations

COIE Bristol 2017: Focusing on Smart
Integration and Cyber Security Solutions
The most recent
Cortech Open
Innovation Event,
hosted at the Bristol
Science Centre in July,
afforded professionals
from the building, fire
and security sectors
an educational insight
into the latest smart
integration
techniques,
technological
advancements and
cyber security threats.
Brian Sims reports on
the events of the day
and also looks ahead
to the COIE taking
place in Glasgow later
this month
Reflecting on the COIE held in Bristol on
Tuesday 18 July, Jason Blundell (head of
sales at Cortech Developments) informed
Official Media Partner Risk UK: “COIE Bristol
once again afforded an opportunity for us to
engage with a number of organisations and
individuals at different levels to gain their
perspectives on the challenges they face and
also those confronted by the wider industry.”
Blundell added: “In collaboration with our
technology partners Bosch Security Systems,
Harper Chalice, Paxton and Stentofon-Zenitel
UK, we were able to address some of these
challenges as part of the main demonstration
and interactive technology groups. We were
able to impart our combined knowledge to
deliver value and advice on how to mitigate
current and future security risks. The event also
provided education and discussion around the
threats posed to cyber security and how this
can be addressed through a combination of
people, processes and technology.”
Among the gathering of building and security
professionals, which included myriad
consultants and end users, there was a positive
perspective as to why the COIE events educate
and add value in equal measure.
“This Continuing Professional Development
event provided an excellent opportunity to
learn about the security industry,” explained
Hasani Ade, electrical engineer at AECOM. “The
expertise coupled with the live demonstration
of market-leading technology enabled me to
gain a deep understanding of the latest security
products and advancements. I learned about
monitoring systems, cyber security, data
protection and threat mitigation through virtual
environment modelling. From an engineer’s
perspective, I can now better understand the
intricacies of security systems and what’s
required for the best protection of both
property and assets.”
Such views were shared by another COIE
Bristol delegate, namely Ian Griffiths (associate
at Hydrock). “The event was particularly
engaging and beneficial with an excellent
representation of the latest building and
security technology,” enthused Griffiths. “The
day’s content was complemented by a
demonstration of integration techniques and
the remote monitoring and control capabilities
of software and hardware in combination.”
Griffiths added: “We’re currently in the
process of specifying security systems and their
integration to satisfy user requirements for a
large industrial facility in the UK. The COIE was
particularly useful for meeting technology
specialists from discrete fields who were able
to explain the integration process and
contribute towards our solutions. This was a
very worthwhile experience that I would
recommend to professionals within the building
and security worlds.”
Meanwhile, Mark Harris (senior electrical
engineer at Capita) also found the experience
to be beneficial. “The COIE featured excellent
and enjoyable presentations which afforded
new insights on current multiple technologies.
As a building services engineer, it was
interesting to understand the full capability and
possibilities an integrated security solution can
offer through live demonstrations.”
Technology partners
Attending technology partners at COIE Bristol
have also offered their thoughts on the event.
“The COIE provides educational value for
security professionals and realises an open
platform to discuss industry challenges,”
explained Russell Baker, business development
manager at Stentofon-Zenitel UK. “We’re able
to come together as a group of technology
providers and integration partners in order to
impart our knowledge, both individually and
collectively, on the discipline of risk mitigation,
promoting discussion and engagement on
many key topics.”
12
www.risk-uk.com

News Special: Cortech Open Innovation Events 2017
The event experience was also well received
by access control solutions developer Paxton.
Anthony Searle (commercial manager at
Paxton) observed: “This was the first time that
Paxton had participated in a COIE. We were
impressed by the organisation and professional
approach of Cortech Developments. It was a
unique event that brought together
manufacturers, system end users and specifiers
to discuss risk mitigation through innovation,
integration and collaboration. The day
showcased the latest market-leading solutions
with an emphasis on simple integration,
providing useful real world solutions for the
everyday issues faced by the system user.”
Cyber risk management
As part of Cortech’s cyber security education
agenda, COIE Bristol hosted a Keynote
presentation from Steve Pilkington, technical
director at IT security consultancy Italik. The
presentation centred on the ten steps to cyber
security management, which included advice on
information risk management, secure
configuration, network security, managing user
privileges, user education and awareness,
incident management, malware prevention,
monitoring, removable media controls and
home and mobile working.
Pilkington, who boasts over 20 years’
experience as an infrastructure and network
security consultant, told Risk UK: “It was great
to be part of, and be able to present at, such a
respected industry event attended by many
high-profile organisations. The COIE provided
the perfect platform for education around cyber
security and how this should be factored in as
part of an organisation’s business and security
strategies. The threat is real and the risk needs
to be mitigated through strategic planning and
a particular focus on staff training, vulnerability
management and, importantly, being prepared
and having an incident plan in place.”
Returning to Glasgow
The COIE Series returns to The Lighthouse in
Glasgow (which proved to be an excellent
venue last year) on Tuesday 26 September.
Paul Spence, marketing and communications
manager at Cortech Developments (the
specialist risk mitigation company that provides
integrated software solutions for high security
environments and Critical National
Infrastructure) explained: “The Lighthouse is
Scotland’s Centre for Design and Architecture
and lends itself perfectly to an event of this
nature. It provides first class facilities for our
live demonstrations, technology partner areas
and interactive sessions. The feedback
regarding the event and venue from visitors last
year was extremely positive, so it made perfect
sense to return this year.”
Offering his thoughts on last year’s event at
The Lighthouse, Eric Brunger (senior innovation
analyst for SP Energy Networks) remarked:
“The COIE was different to any events that I
had attended in the past, providing a focus
around the presentation of live events and
actual scenarios that are highly relevant to our
market. The speakers also provided added
value in respect of education and learning. It’s
this format that makes these events work.”
The technology groups and live
demonstration provided added value for
another COIE Glasgow 2016 attendee, namely
Stephen Fleming (physical security manager at
The State Hospital). “The event in Glasgow was
expertly organised with quality partners. These
events are a great networking opportunity
where you have the chance to discuss the
different challenges present across the security
sector. I thought the presentation focused on
the mitigation of risk associated with the
operation and management of multiple CCTV
systems was extremely impressive.”
Looking ahead to COIE Glasgow 2017, Jason
Blundell provided an insight into a new topic
that will be covered at the event. “We’ll be
bringing into focus integrated workflow and
emergency response. Response to critical
events and different threat levels should follow
clearly-defined processes irrespective of
operator experience and have to be managed
effectively to prevent escalation.”
Delegates will also be afforded an insight
into the EU’s General Data Protection
Regulation (GDPR) compliance process and the
management of a cyber security resilience
roadmap thanks to a Keynote presentation from
Scott Simpson, CEO of The Security Circle. As a
certified GDPR and cyber security consultant,
Simpson advises organisations on all aspects of
GDPR compliance and cyber resilience.
Cortech will be joined in Glasgow by four
collaborating technology partners: Avigilon,
Commend, Harper Chalice and Paxton.
COIE Glasgow itinerary
9.45 am: Arrival and Registration
10.30 am: Welcome from Cortech Developments
10.35 am: Industry Challenges in Focus
10.50 am: Guest Speaker – Scott Simpson (CEO
of The Security Circle) on the EU’s GDPR
11.10 am: Live Software/Hardware
Demonstration
11.50 am: Luncheon
12.15 pm: ‘Meet The Manufacturers’
2.20 pm: Closing Statements
Jason Blundell: Head of Sales
at Cortech Developments
If you’re an end user, security
consultant or main contractor,
join Cortech Developments
and its partners at one of this
year’s remaining events:
• COIE Glasgow: 26
September 2017
• COIE Knutsford: 7
November 2017
Note that places are limited
and will be allocated on a
first come, first served basis.
For more information visit
www.coie.uk.com
13
www.risk-uk.com

ISO 22316: Preparing for Brexit
With ISO 22316:2017
Security and
Resilience –
Organisational
Resilience – Principles
and Attributes now
upon us, John
Robinson decided to
apply his own test –
focused on Brexit – in
a bid to ascertain
what’s of value in this
document for security,
risk and resilience
professionals.
Following on from last
month’s initial
discourse, the focus
now turns towards
areas including shared
information and
knowledge and
support for continual
improvement
John Robinson MSc CEng FBCI:
Managing Director of INONI
14
www.risk-uk.com
Every day we’re faced with a barrage of
Brexit-related news items of varying
substance and credibility, many with the
potential to influence or directly affect us and
our relationship partners. Somehow we must
process this media flow, deciding what’s real
and what isn’t, but also second-guess how
interested parties such as customers, suppliers,
regulators and competitors may respond. The
influence of fake news is an illustration of this.
ISO suggests an organisation’s resilience will
be enhanced when all available related
knowledge is appropriately shared, analysed
and applied. Maximising this for Brexit means
that we might harness a wide, varied and
credible range of relevant data and knowledge
sources, define criteria to identify, validate and
value what we collect, assign specialists to
manage, analyse, add value and distribute it as
information, use the information to update the
context model for Brexit, use the model to
trigger and fuel decisions and improve the
Brexit strategy and share results across the
business (and externally if/where applicable).
Where Brexit’s concerned, and perhaps
generally speaking, intelligence drives
resilience. Clearly, we need to respond
acceptably quickly to all kinds of change such
that we’re not disadvantaged. This in turn relies
on high-grade information, analysis, judgement
and executive decision-making. It makes shared
information an important attribute.
ISO 22316 implies that resilience will be
enhanced if the resources required to align with
the organisation’s own resilience objectives are
made available, including an allowance for
adaptation. Aspects relating to people,
premises, technology, finance and information
will inevitably be part of the overall mix.
For those who perceive little or no Brexitrelated
threat, no specific action will be
planned or dedicated resources required.
However, for others, and particularly so in the
UK and the EU, Brexit may be a headline item: a
threat demanding a planned response.
Where this is the case, it becomes a matter of
ensuring the strategy is sufficiently resourced
to be implemented as intended. Some checks
you might wish to make are as follows:
• does the strategy clearly define acceptable
levels of business during Brexit?
• do we know how Brexit changes will affect
resourcing and how we’ll deal with it?
• do we face Brexit-induced failures of supply
and/or demand?
• do we need to increase or reduce our capacity
and can we do this acceptably?
• do we need to diversify or replicate resources
or build-in redundancy?
• do we have the skills and abilities we need to
respond acceptably?
• do we have the inherent flexibility to redeploy
and adjust in time?
• do we look ahead, take account of change
and anticipate what might happen?
It’s tempting to put off resilience resourcing
decisions for the obvious reason that they
consume investment, but will yield no return if
the planned-for situation fails to materialise. As
a discipline, business continuity faces this
dilemma on a frequent basis.
Management disciplines
Attribute 7 is all about the development and coordination
of management disciplines. At first
glance, this seems to be a classic catch-all
statement of the obvious that says your
resilience will be enhanced if you’re good at
every management discipline. However, this is
reasonable if you accept that any deviation
from Best Practice or omission does indeed
potentially leave a hole in your defences,
implying a reduction in resilience. It’s clearly a
valid and relevant indicator.
Moreover, if you did this just as part of your
response to Brexit, the benefits would be felt in
(potentially) many other ways, improving
resilience generally and making management
more effective, efficient and communicative.
With this in mind, and specifically for Brexit,
you might consider engaging the 20 disciplines
with a common purpose of enabling the Brexit
strategy, adapting existing processes, roles and
responsibilities so they interact efficiently,
searching for and plugging any material gaps
between disciplines (thus removing
duplication), keeping the web of disciplines
elastic (such that it can flex and adapt as Brexit
demands change) and establishing
communications and reporting such that all
parties are kept informed and co-ordinated.
Note that the 20 include disciplines such as
asset management, crisis management,
governance, fraud control and so on. Not all
organisations will implement or recognise all of
these disciplines. However, they will generally
be present in some shape or form.
The clause seems to sum up what BS 65000
called ‘coherence’: the joining-up of related key
disciplines into a collaborative resilient whole

Opinion: ISO 22316 Security and Organisational Resilience (Part Two)
with no gaps or overlaps, rather than in
relatively closed silos, creating an environment
for Brexit and other major programmes.
Continual improvement
No organisation has faced Brexit before and it’s
fair to assume that, while some larger firms’
management systems architecture will
accommodate it as just another major change,
the experience will be very new for others. Most
who decide to act in a structured way will
establish a project whose remit and execution
will evolve sporadically, improving only when
driven to do so or when an idea emerges.
Continual improvement is a mindset that
accepts we can always do things better and this
applies particularly to resilience. It means we
systematically and intentionally keep improving
the context model, quality of information and
each of the other attributes listed.
A simplified framework applying this for
Brexit might include making innovation and
improvement part of the strategy and habitual,
regularly scanning for changes and
accommodating them by adapting the strategy,
planning improvements, assigning resources
and making them happen and carrying out
regular reviews while also monitoring what has
been achieved against goals set.
Change drives risk and resilience. If things
didn’t change, equipment would never wear
out, rainfall would be standard and Brexit
wouldn’t happen. Some changes we can
anticipate and plan for, others come out of the
blue or must be imagined because they’re
outside of our experience. In any case,
anticipation and readiness is preferable. The
degree to which we develop and systematise
this will influence our adaptive resilience.
As we’ve seen, Brexit is far from a
straightforward change. It means we need a
mechanism that ensures we’re not surprised or
shocked by what it brings, leaving us wellplaced
to respond and continue with business.
Steps that we can take to build this adaptive
capability might include regularly updating the
context model and using it to look ahead while
scanning for change, modelling change
scenarios and developing response tactics for
those that seem likely, exploring alternatives as
well as ways to deliver on commitments, dual
suppliers and diversifying, planning to respond
and absorb the shock of unexpected
announcements, influencing changes before
and after they materialise and being ready to
adapt without impacting delivery or
compromising vision or core values.
At the headline level, Brexit now seems a
certainty. At almost every other level, though,
the potential remains for surprise. No-one can
be certain how it will unravel, either globally,
nationally or at the organisation level. Our
choices are to either move with the herd and
hope to arrive intact or seize the initiative by
becoming proactive, adaptive and influential.
Contributory factors
The nine attributes focused upon in Part One
and in this month’s article tell us what we
should expect of a resilient organisation. Part 6
of ISO 22316 explains how we can evaluate
these capabilities for ourselves and offers a
governance framework with which to do this.
Again, there’s little if any practical guidance
here to help you decide on acceptable levels of
attainment for each attribute, or a detailed
explanation of how to bring about
improvements in each as this must be
determined by the host organisation.
Apply this framework for Brexit and you
derive a management system that converges on
targets set by top management for each of the
resilience attributes. It – ie the system – needs
to be delivered by a programme or an existing
compatible process that’s kept running for the
duration of Brexit. Delivered as described, it
should continually evolve to track Brexit’s
changing shape and improve such that it aligns
with the organisation’s Brexit-specific and
general resilience objectives or success criteria.
To make it work, you need to set your own
attribute targets and thresholds and monitor
and measure your performance against them.
“Where Brexit’s concerned, and perhaps generally
speaking, intelligence drives resilience. Clearly, we need to
respond acceptably quickly to all kinds of change”
15
www.risk-uk.com

Apprenticeships: Striking The Balance
Between Employers and Educationalists
One of the key
recommendations of
the Richard Review of
Apprenticeships
(published in
November 2012 during
the 2010-2015
Conservative and
Liberal Democrat
Coalition
Government’s time in
Parliamentary office)
was that
apprenticeship
programmes should
be employer-led, but
what does this
actually mean in the
real world and why is
it so important? Peter
Sherry examines a key
issue for the security
business sector
16
www.risk-uk.com
The Apprenticeship Levy funding scheme
went ‘live’ on Monday 1 May and means
that employers can draw down funds in
order to pay for apprenticeship training. In
order to qualify, though, employers have to
agree to a number of rules, one of which states
that they must provide ‘off-the-job’ training.
This isn’t unusual, of course, but there remains
some confusion in terms of how organisations
will address this issue.
That same month, the Association of
Employment and Learning Providers (AELP)
called upon the the Government to review its
rules on apprenticeships’ ‘off-the-job’ training
requirements. According to the Government’s
guidance, employers must provide ‘off-the-job’
training that makes up “20% of the apprentice’s
contracted employment hours across the
apprenticeship”. This effectively means that
trainees must be allowed training time – to the
equivalent of one day per week – within their
normal working hours.
Defending its position, the Government has
stated that ‘off-the-job’ training doesn’t mean
trainees have to receive instruction elsewhere
(at a local college, for example), provided the
training isn’t transacted as part of a trainee’s
normal duties. For example, apprentices might
spend time completing online training,
attending role-play workshops or shadowing a
colleague. Careful recording of such activity is
necessary if employers are to evidence their
ongoing commitment to the Apprenticeship
Levy scheme.
In its research findings, the AELP suggests
that, in reality, more than one third of ‘off-thejob’
training occurs at the trainee’s workstation,
with only 13% taking place away from the
workplace. As the 20% rule is currently nonnegotiable,
some commentators feel there’s a
genuine risk that employers will treat it as a
‘tick-box’ requirement and the quality of
training will subsequently decline.
Still employer-led?
Given the introduction of the 20% ‘off-the-job’
training rule, then, is it the case that
apprenticeships are still employer-led?
Interestingly, the Education & Skills Funding
Agency has published guidance on the 20%
‘off-the-job’ training rule for new
apprenticeships. Aimed at employers and
providers, it clarifies the policy and provides
some Best Practice guidance in terms of how
this requirement should be met.
Back in the day – and by that I mean in the
Middle Ages through to the industrial era – the
apprenticeship was pretty much always
employer-led. To break into a decent trade
meant the learner needed to sacrifice time. In
essence, training was provided in exchange for
effort. The learner studied under someone
highly experienced (a ‘journeyman’) until he – it
was typically a ‘he’ in those days, of course –
became a ‘journeyman’ himself.
For clarity, the word ‘journeyman’ has nothing
to do with being able to travel as a worker. It
emanates from the French word ‘journée’,
meaning a period of one day and suggesting
that work could be charged at a day rate.
As the learner was working directly for the
employer, the employer directly delivered the
training. Indeed, there was often no curriculum.
Individuals simply learned ‘on the job’. That
being the case, the learning always supported
the stated needs and aims of the employer.
In more recent times, there has been a move
away from this model, with outside suppliers
being the ones who create and lead the
learning process. This isn’t without benefit.
Hopefully, the learning is being led by people
who are specialists. Teaching is a skill in itself.
Nine-time Olympic swimming champion and

Opinion: Apprenticeships in the Security Business Sector
former world record holder Mark Spitz’s trainer,
Sherman Chavoor, couldn’t swim and didn’t
need to be able to do so in order to be one of
the greatest swimming coaches of all time.
Of course, the traditional apprenticeship did
have its drawbacks. Learning wasn’t consistent.
It differed from person to person. It took a lot
longer to learn something than was often
strictly necessary. The person teaching may
have been a subject matter expert, but was
unlikely to be an expert in teaching itself. The
learner could end up being a ‘dogsbody’.
Transfer of ownership
As we witnessed a rise in formal education, so
we saw a transfer of ownership of things like
apprenticeships to local colleges and
Government. This did bring positives.
Principally, it created consistency and structure
around learning. It also provided a good
learning environment when not in the
workplace itself, and duly allowed for the
teaching of a wider range of supporting skills.
However, this approach also had its
drawbacks. It’s difficult for an outside
institution – no matter how skilled – to remain
connected with the ever-changing needs of the
employer. Alterations in the business could
take at least one curriculum cycle to integrate
into the training. Learning can become too
theoretical and less focused on delivering
benefits to the business.
Learning can also be too generic – ‘one-sizefits-all’
rather than training someone to be
exactly what’s needed. The NHS could use
apprenticeships to help ‘bridge’ the skills gap,
but can an already overstretched public service
commit to 20% ‘off-the-job’ training?
While offering greater ‘educational purity’,
this was seen by many as being ‘two steps
forward, one step back’.
What the Richard Review of Apprenticeships
firmly recommended was placing the employer
back into the centre of the process. There are
several benefits to be gained from this. The
most obvious is that, whichever way you look at
it, the employer is the key stakeholder. If
employers want apprentices who have a deeper
understanding of the business, then they’re the
ones best placed to make that happen.
This way of doing things also ensures that
the curriculum is grounded in the reality of
what the business needs (ie the stuff that
matters). It also means simplifying what’s
learned. There are fewer qualifications and
everything’s focused on real world activities.
This isn’t to say that learning bodies should
be cut out of the process. There’s a real job to
be done to ensure that sectors operate within
common skills frameworks. Otherwise, it’s very
much the case that individuals cannot move
from job to job with ease.
It’s also important that other skills are taken
on board such that the individual isn’t just an
automaton, but rather someone who can grow
and develop a professional career. The entity in
charge is the employer. Government should
only be directing with a light touch.
Best of both worlds
This approach should deliver the best of both
worlds, with the input of the employer and the
educationalist more in balance to benefit both
the employer and the learner. We’re seeing this
happen in the security sector with the new
Apprenticeship Standard for Fire, Emergency
and Security Systems. This is driven directly by
organisations within the sector working
together with the backing of Government and
the support of partners in education. By the
very way in which this operates, it’s fully
employer-led from the outset.
During the early years of a previous
Conservative Government I really did welcome
(then) Prime Minister David Cameron’s speech
when he visited a Training Academy in
Buckinghamshire. Perhaps more than ever
before, the strength of the Government’s
commitment to apprenticeships was
abundantly in evidence. The Prime Minister
outlined in some degree of detail that he
wanted apprenticeships to be ‘the new norm’
and not just a valid alternative to studying for a
degree, as well as being a route that could
preface degree education.
The Prime Minister’s speech outlined the two
critical aspects of apprenticeships and preemployment
training in which I’ve always
believed. The first is the benefit to the country.
As David Cameron stated at the time: “Britain’s
in a global race. If we want to succeed in this
global race, we have to invest in our Number
One resource which is our people.”
That’s absolutely spot on. We simply have to
have the best skills in every UK sector.
The second benefit is more personal and is
that individuals benefit materially from
learning. That’s equally spot on. Education is
the key to unlocking not just one door, but
potentially hundreds of them. Without training
and skills, individuals can be marginalised and
their options limited.
Peter Sherry: Interim Director
General of Skills for Security
“There’s a real job to be done to ensure that sectors
operate within common skills frameworks. Otherwise,
individuals cannot move from job to job with ease”
17
www.risk-uk.com

The New Camera Line Mx6 Creates More Possibilities.
More Images, in All Light Conditions, in Every Standard
More Intelligence Is on the Way
The new Mx6 6MP camera system from MOBOTIX offers increased performance.
A frame rate that is up to twice as fast than that of other cameras allows it to capture
quick movements even better and simultaneously deliver sharp images in MxPEG,
MJPEG and, for the first time in H.264, the industry standard. The innovative Mx6
camera line is faster, more flexible and higher-performing, opening up new application
and integration opportunities for to you to meet all requirements.
MOBOTIX AG • Langmeil, Germany • www.mobotix.com

BSIA Briefing
With an estimated eight million lone
workers operating in the UK – that is,
people who work in isolation or without
direct supervision, either on a regular basis or
occasionally – and increasing awareness among
employers of their Health and Safety and Duty
of Care obligations towards such employees,
the lone worker safety market is a growing one.
The growth of that market here in the UK has
largely been driven by two key factors: more
and more robust Health and Safety legislation
combined with the development of a high
quality industry standard in the form of BS
8484 Provision of Lone Worker Services – Code
of Practice (more of which anon).
The introduction of the Corporate
Manslaughter and Corporate Homicide Act 2007
into law on 6 April 2008 meant that, for the first
time, organisations could be prosecuted for the
death of a staff member as a result of
management failures in relation to Duty of Care.
Since that Act came into force, the number of
cases and successful convictions has been
steadily rising.
Last year, the Sentencing Council released
new guidelines relating to the sentencing for
Health and Safety, food and corporate
manslaughter offences. The previous starting
threshold recommended for all corporate
manslaughter convictions was £500,000, but
under the new guidelines, a Category A (ie high
culpability) offence committed by a large
organisation begins at £7.5 million with a
category range of between £4.8 million and
£20 million. Smaller organisations with a
turnover of between £2 million and £10 million
can face up to £2.8 million worth of fines if
found guilty of a Category A offence.
As the lone worker safety market developed,
leading suppliers were keen to introduce Best
Practice guidelines and duly engaged with the
police service and other key stakeholders to
create BS 8484. First published in 2009, the
British Standard dovetails with the National
Police Chiefs’ Council’s (NPCC) own Security
Systems Policy, enabling accredited suppliers
to apply for Unique Reference Numbers with
each police force, bypassing the 999 system to
provide a faster level of police response for
their clients’ emergency alarms.
The British Standard was revised in 2011 and
again last year, which saw major alterations
such as the inclusion of lone worker Apps and a
section dedicated to training. In its current
iteration, BS 8484 represents the most allencompassing
lone worker standard available
in the world today.
In the present day, employers and their staff
are becoming more aware of lone worker safety
Lone Worker Security:
An Evolving Landscape
Over the past few years, the lone worker safety industry has
benefited from a huge number of technical advances,
subsequently enabling more and more organisations in a
wide range of industry sectors to better protect their
employees. Here, Will Murray discusses some of the key
developments in the market and outlines how UK companies
are now very much at the forefront of lone worker safety
services, the technology underpinning them
and, indeed, lone working Best Practice. As a
result, they have come to expect more
sophisticated products and higher quality
service levels.
Benefits of lone worker solutions
There are several reasons for this. First,
suppliers and industry stakeholders – such as
the British Security Industry Association (BSIA)
– have worked hard to educate the wider
market and publicise the benefits of
implementing lone worker safety solutions.
Second, successive UK Governments and the
EU have implemented tougher Health and
Safety and HR legislation/policies. This is
against a backdrop of increasing terrorist
events across Europe and some highly
publicised violent attacks on employees by
members of the public, as well as horrific, but
preventable accidents in many sectors, all of
which have exerted pressure on management
to re-evaluate their security arrangements and
place greater focus on staff safety.
Will Murray: Chairman of the
British Security Industry
Association’s Lone Worker
Section and Marketing Director
at the Send For Help Group
(encompassing Skyguard,
Peoplesafe and Guardian24)
19
www.risk-uk.com

BSIA Briefing
Finally, economic pressure on organisations
has led to longer opening hours for businesses
and more employees working on their own.
With greater economic uncertainty ahead, and
organisations under increasing financial
pressure, it’s likely that even more individuals
will be involved in lone working – either in fulltime
roles, or at least during parts of their
normal working day.
While some organisations may view lone
worker systems as an additional and potentially
unnecessary expense, more and more are
coming to realise that the consequences of not
providing adequate safety systems for their
members of staff can be disastrous.
Additionally, more organisations are
becoming aware of the other benefits that
these systems can bring, among them improved
staff morale, happier workforces which feel
more valued by their employers and more
efficient lone working methods thanks to the
use of the latest technology which saves time
for staff and management. Businesses are
becoming more responsible and want to be
perceived as such by their employees,
customers, shareholders and the wider public
as part of their brand values.
Technology developments
When looking at how lone worker safety and
security technology might advance in the
future, it’s important to examine how it has
developed to date.
There has already been a huge number of
technical advances in this industry in the space
of only a few years. There’s now a wide range of
specialist devices boasting different features
that make them suited to particular
environments and job roles.
As is the case with most technology
products, devices have become more powerful
but shrunk in size, making them more
convenient to carry and, importantly for this
market, far more discreet. Additionally, the
proliferation of (and advances in) smart
phones, Apps and accessories has enabled
suppliers to offer end user customers a
convenient alternative to carrying a separate
device by building upon these platforms.
There have also been improvements in terms
of the central systems and server-side
technology provided by suppliers. Bearing this
“While some organisations may view lone worker systems
as an additional and potentially unnecessary expense, more
and more are coming to realise that the consequences of not
providing adequate safety systems can be disastrous”
in mind, we can expect that there will be more
choice in the form and type of product that
customers choose to carry with them, more
convenient products, increased customisation
and flexibility in services and the enhanced use
of smart phone and tablet-based Apps.
As is evident in any industry sector that’s still
developing and evolving, there are challenges
to be confronted both now and into the future.
Organisations are gaining a greater
understanding of the benefits of lone worker
systems, but many still see them as
unnecessary, only realising their true worth
when a serious incident befalls a member of
staff (by which point it’s often too late).
Staff can also react negatively to the
implementation of a lone worker system,
seeing it as a way for management to ‘spy’ on
them, or they can simply be resistant to
changing their daily working habits.
Some industry stakeholders have fully
supported solution suppliers when it comes to
educating the market and developing a British
Standard, but there are a few key organisations
who have been disinterested in terms of
playing an active role.
Many serious accidents and deaths could be
prevented each year with robust lone worker
procedures and systems in place, so every
organisation from central Government right the
way through to sole traders should be
assessing what lone worker safety and security
measures they have in place and, where
appropriate, championing the cause.
Issue of data security
Another challenge facing all organisations, and
particularly so those dealing with sensitive and
personal information, is the issue of data
security. With the enacting of the EU’s General
Data Protection Regulation (GDPR) in May next
year, the Government is clearly – and quite
rightly – focused on this subject at present.
Any reputable solution supplier that’s
certified to BS 8484 will already have a series
of safeguards in place to protect the data that
they manage. This places our industry in a
strong position for that point when the GDPR’s
rules come into force.
The BSIA’s Lone Worker Section has achieved
a great deal since inception, using its expertise
to collaborate with key stakeholders such as
the NPCC and the British Standards Institution
to develop a world-leading industry standard
and raise awareness in the marketplace. As a
result, lone worker safety solutions have gone
from what were once regarded as being niche
products and services to what are now viewed
as essential pieces of safety equipment.
20
www.risk-uk.com

“
MY PASSION IS
PERFECTION IN EVERY
FENCE I BUILD
”
Jacek Mierzwa, Welder, 12 years with Jacksons
OUR PASSION
IS YOUR SECURITY
Whether designed to meet the
specific needs of your project or
chosen from our extensive range, all
our perimeter security solutions are
supported by seventy years of design
and manufacturing expertise.
www.jacksons-fencing.co.uk
0800 953 3730
Jacksons
Fencing

Following on from Dr
Philip Strand’s
excellent article (‘ERM
and ESRM: Can They
Continue to Exist
Independently?’, Risk
UK, April 2017, pp20-
21), Damien Pezza
takes a different slant
on the subject of risk
management
philosophies and
delineates why a
combined ESRM-ERM
framework would
allow the former to
benefit from the
latter’s internal
control and risk
measurement
mechanisms
Damien Pezza MSc FIHEDN
FINHESJ: Security Consultant
at CornerStone GRG
Security for the Enterprise
Since its inception back in the mid-1950s,
the risk management industry has
undergone several major paradigmatic
changes. It has witnessed a progressive
distinction between security management and
risk management, as well as an increasing
emphasis on the convergence of physical and
information security.
Innovations have included risk management
approaches and frameworks such as Enterprise
Security Risk Management (ESRM), a process
that was developed in 2005 (with help from the
Alliance for Enterprise Security Risk
Management) by ASIS International, the
Information Systems Auditing and Control
Association (ISACA) and the Information
Systems Security Association (ISSA).
ESRM is a risk management “philosophy”
that ASIS defines as a “process used to
effectively manage security risks, both
proactively and reactively, across an
enterprise”. Not only does it encourage security
practitioners to assess all types of security
risks holistically (ie information, cyber,
physical, asset management or business
continuity), but also to engage directly with risk
owners and corporate level decision-makers.
Employees, departments, facilities, assets
and their associated risks are increasingly
connected. For this reason, ESRM asserts that
only an integrated and cross-organisational
approach to security has the potential to
comprehend and deal with what the future
holds. However, ESRM has met with its fair
share of issues. It fails to properly emphasise
how security risks can impact business risks
and how assets facilitate the attainment of
organisations’ overall objectives.
Beyond the traditional
First, let’s take a look at ESRM’s comparative
advantages over Enterprise Risk Management
(ERM) and then analyse its own shortcomings.
Subsequently, the importance of bringing ESRM
and ERM together in order to remedy the
failings of both approaches will become clear.
ESRM is distinguishable from traditional
security approaches and previous risk
management frameworks, namely ERM. ESRM
argues that risk management is not only about
securing assets and preventing losses, but also
about bringing concrete and competitive value
to an organisation and furthering its business
objectives. Risks are not only a liability, but
also an opportunity.
Unlike ERM, which tends to focus on financial
and economic components, ESRM places the
emphasis on traditional physical security and
risks to operational assets.
ERM focuses on four ‘risk quadrants’,
including strategic risks (ie reputation,
macroeconomic and societal trends or
competition risks), hazard risks (eg personnel,
liability, property exposure or theft),
operational risks (ie failures in processes,
systems or controls) and financial risks (eg loss
in capital, liquidity risk or market risk). ERM,
though, has been criticised for its heavy focus
on financial risks and for failing to properly
comprehend the importance of physical
security in risk management.
Although physical risks might seem to relate
to the ‘hazard risks’ quadrant of ERM, their
effects extend far beyond this simple category.
Offences committed by employees or outsiders
(such as theft, assault or criminal damage)
could have a serious impact on asset
protection, not to mention the host company’s
financial activities and its reputation in the
outside world.
ESRM differs from ERM and from more
traditional task-based interpretations of
security by viewing physical security as an
aspect of an organisation’s overall risk profile.
Back in 2010, ASIS International’s CSO Round
Table published a White Paper on ESRM,
showing that “traditional security issues are
rarely the ones that are keeping security
professionals awake at night”. Non-security
risks such as database theft and economic
concerns were the top worries. Security
conceptualised as ‘guards, gates and guns’ has
since become obsolete, making room for more
holistic understandings of security and risk.
Change in mentalities
The emergence of ESRM and its adoption by a
number of organisations and associations
stands as proof of a change in mentalities, not
only within the risk management industry itself,
but also across industries in general.
Security professionals, line managers and C-
Suite leaders are now far more conscious of the
necessity to go beyond the silo mentality and
enhance lines of communication between risk
managers and risk owners. Without pretending
to supersede other risk management
frameworks, ESRM strives to go beyond
security convergence and stands ready to
provide a direct link to ERM.
22
www.risk-uk.com

Enterprise Security Risk Management
Despite its usefulness as a much-needed
addition to the risk management industry, as
stated ESRM isn’t without its flaws and its
practical application has proven to be difficult.
First, due to its deliberately holistic and
universal character, ESRM fails to take into
account the effects of organisations’ preexisting
structures and cultures on risk and
asset management. Each organisation is
different, and taking these factors into
consideration could help businesses avoid
easily-predictable obstacles when
implementing risk management strategies.
It’s not uncommon for risk managers to
encounter difficulties related to employee and
managerial resistances to change, losses of
motivation and involvement after the first
stages and confusion about the relationships
between risks and controls. ASIS’ 2010 White
Paper also indicated that, when attempting to
implement an ESRM strategy, CSOs and non-
CSOs alike frequently run into a lack of funding,
personnel, support from fellow staff members
and the persistence of a ‘silo mentality’.
Second, ESRM fails to fully address how
physical security risks and business risks
interact. It was designed to apply to all types of
organisations, but non-profit and for-profit
organisations are inherently different in terms
of their outputs and approaches to ‘costeffective’
products, services and, indeed, those
outputs themselves.
In the Harvard Business Review (2012),
Kaplan and Mikes stated that “one size doesn’t
fit all”. Contrary to the efforts of regulatory
bodies and professional associations – such as
ASIS International or the Committee of
Sponsoring Organisations of the Treadway
Commission (COSO) – ‘standardising’ the risk
management function remains highly difficult.
Consistent framework
Finally, ESRM still lacks a consistent and
codified framework, not to mention effective
oversight, evaluation and performance
measurement mechanisms.
As has been mentioned in previous editions
of Risk UK, ASIS designated ESRM as a global
strategic priority at the end of last year, thus
integrating its principles and philosophy into its
professional certifications (ie the Certified
Protection Professional, the Physical Security
Professional and the Professional Certified
Investigator). At present, it’s impossible to be
officially ‘ESRM-certified’. On the other hand,
certificates and courses exist for other risk
management frameworks (for example, courses
or post-graduate degrees in ERM are offered by
several institutes and universities).
The ‘proper’ implementation of ESRM still
appears to depend somewhat heavily upon
individuals’ initiatives and opinions. Despite its
inception nearly a decade ago, many
commentators still feel that ESRM has yet to be
developed into a clearly-defined tool for
organisational improvement.
Given ESRM’s limitations, it would be entirely
fair to question whether it deserves the
attention it has received from CSOs and
organisations such as ASIS International, ISACA
and ISSA. It seems that it does, although not
necessarily as an independent discipline. To
survive as an independent model and bring
greater value to organisations, ESRM might first
have to shed its uniquely strategic and
universal approach and then merge with ERM.
ERM has demonstrated its applicability at the
strategic, tactical and operational levels, as
well as its ability to cope with change and
evolve accordingly. In June last year, COSO
released a draft update of its ERM integrated
framework. This insists on the importance of
strategic decision-making and the oversight of
risk management by corporate management, as
well as on the importance of organisational
cultures. The draft also highlights the role that
cultures, behaviours and attitudes towards risk
play in the execution of risk management
strategies themselves. It’s complimentary to
ESRM, then, which lacks these emphases.
“Given ESRM’s limitations, it would be entirely fair to
question whether it deserves the attention it has received
from CSOs and organisations such as ASIS International”
23
www.risk-uk.com

During the past few
years, the UK has
been enhancing its
anti-money laundering
and counter-terrorism
and proliferation
financing regimes. At
the same time, casting
the net beyond the
financial community to
encompass the entire
private and public
sectors, there have
also been updates to
the anti-corruption
laws, with a new
Bribery Act coming
into force back in
2011. In the ongoing
fight against financial
crime, argues Tim
Parkman, fostering a
strong internal
business culture is
absolutely vital
Fighting Financial Crime:
Culture is Key in UK plc
The nexus between corruption and money
laundering is becoming ever-more
important. Since the World Bank estimates
that US$1 trillion is paid in bribes each year to
corrupt officials around the world – the
International Monetary Fund suggests that
figure is nearer to the US$2 trillion mark – and
most, if not all, of that needs to be laundered
through the financial and commercial system,
the confluence of the two events is a timely
reminder of the growing need for vigilance
against financial crime generally within the
UK’s business community.
The laws in place today carry severe criminal
penalties for proven wrongdoing, including
heavy fines and, potentially at least, terms of
imprisonment for executives. That being so,
organisations need to establish robust internal
mechanisms designed to detect and deal with
wrongdoing. They must readily identify the
training of staff as a core requirement.
A number of high-profile money laundering,
corruption and fraud cases over the years
indicate that, while good systems and controls
can go so far in avoiding legal and reputational
catastrophes, they don’t usually lead you all
the way there. To really succeed in up-front
prevention, something else is required. This
could be management determination, corporate
culture, staff buy-in: a certain something or a
combination of things hardly ever written down
or handed out, but which means that the rules
are applied de facto, day in and day out, in the
business operations of the company.
Looking back into the mists of time, Enron
had a Code of Conduct in place. So, too, did
Siemens, but that didn’t prevent the bankruptcy
of the former and the public despoilation of the
latter. Deutsche Bank and HSBC – both more
recently the subject of huge financial penalties
for weaknesses in their Anti-Money Laundering
(AML) control frameworks – had AML policies
and procedures in place. Either something went
missing on the way to the front line or
otherwise it was never there in the first place.
How, then, can this ‘missing link’ be created?
Focus on awareness
Focusing on awareness on a continual basis is a
key first stage in building the right corporate
atmosphere. Awareness isn’t the same as
training, although the two are often mentioned
in the same breath. Awareness exists when
everyone’s mind turns intuitively to a particular
issue without the necessity for prompting.
It doesn’t come about through an annual
training session. Rather, it needs constant
reminders and repetition of the same point
made in different ways, generating interest and
engagement until people automatically think
“This is important, I need to be careful here…”
Videos, e-mails, posters, hand-outs, special
instruction days – all can be used to good
effect. Only with awareness can whistleblowing
(more of which anon) be truly effective.
It’s important not to reward rule-breaking
behaviour. Any organisation that’s serious
about observing the laws on financial crime
should devote attention to stamping out
practices which put people in doubt about what
the company’s ‘real’ policy is on this matter.
Organisations have various options open to
them as to how they might handle different
combinations of outcomes from an employee’s
performance in which he or she either meets or
exceeds their targets and either ignores or
observes organisational values in the process.
If employees miss targets and ignore company
values then you fire them, right? The opposite
is true for those who hit their targets and abide
by the rules. You reward or promote them.
Perhaps underperformers could be coached
and encouraged, but then exited from the
24
www.risk-uk.com

Bribery, Fraud and Corruption: Risk Mitigation Procedures
business if they still cannot improve? After all,
you have to hit your targets, don’t you? The
acid test really centres on how your company
treats employees who meet or exceed their
targets, but who ignore the company’s values
and break its rules on a selective basis. If you
reward them, everybody is aware of the
message that the rules don’t really matter.
Rule-breaking must be punished, not rewarded.
Coded encouragement
Aware that stiff business targets may be more
easily met if a few corners are cut here and
there, some managers have been known to use
phrases and terminology as forms of coded
encouragement to subordinates to ignore the
rules, without actually stating that it’s
permissible to do so.
“Who here has what it takes to meet these
targets?”… “Are you brave enough to go out
and grab these figures?”… “How many people
in this room will do whatever it takes to get us
over the line?”… These are all real examples
related to me by people who were there. I once
knew a Board director of a large UK company
whose favourite phrase was: “Don’t bring me
problems... Bring me solutions!” Depending on
the context, when you say something like that,
you should know that it can mean different
things to different people.
It’s unrealistic – as well as being totalitarian
and unproductive – to try to control how people
speak day-to-day, but it’s sensible to
continuously remind managers of the need to
communicate the requirement for integrity
clearly and unambiguously and to back that up
with firm action.
Always track decision-making. This refers to
ensuring that day-to-day business decisions are
made properly and that everyone who’s
supposed to have expressed a view, or who
might be expected to express one, has that
view – or their unwillingness to express one –
recorded in reliable ways.
While working in compliance, I learned never
to be surprised by the lengths to which a few
individuals would go to avoid giving ‘sign-off’
on projects that were enticingly lucrative, but
also worryingly risky. The implication was clear:
by encouraging, but not formally endorsing
them, they hoped to enjoy the benefits of
success if things went well, but without any
flecks of blood on their tunics if there were
adverse legal or compliance issues at some
point down the line.
AML and anti-bribery rules and Best Practice
require senior management to be involved in
decisions about taking on and servicing high
risk customers and markets. Companies need
transparent, auditable decision-making
procedures and protocols in place coupled with
regular checks on the way in which they’re
being operated to ensure that this happens.
Encourage whistleblowers
Encouragement for whistleblowers is absolutely
vital. Whatever ‘it’ is, somebody in the
organisation who’s not involved probably
knows about it, or at least suspects something
that could provide a crucial lead. How much
money, time, pain, reputation and general good
standing could have been saved in the world if
all the people who knew about ‘it’ had come
forward – and been dealt with appropriately -
rather than keeping quiet, or being verbally
abused and sacked as troublemakers?
We’ll never know, but what we do know is
that an effective whistleblowing hotline is three
times better at exposing fraud and corruption
inside an organisation than the next best form
of ‘detective control’.
Nobody wants to give priority to perpetual
moaners about car parking spaces and alleged
Human Resources shortcomings, but when it
comes to the big stuff, this is something to
which you must devote your attentions.
The entire approach of senior management,
and especially the Board, should be geared
towards something which may seem counterintuitive
at their stratospheric level: seeking out
problems as much as they seek out
opportunities. A common feature of corporate
catastrophes is a failure to escalate in time.
“Why weren’t we told about this sooner?” is a
common enough refrain, but we already know
the answer in lots of cases.
Not enough senior individuals are
uncomplicatedly accessible for the receipt of
bad news and, because of that, not enough
junior people are prepared to deliver it. The
Board – and individual Board members in their
specific areas – should actively look for the ‘red
flags’ associated with corruption, fraud or
money laundering with the same zeal as they
would examine in fine detail a strategic
acquisition or a major new market.
Sharp increases in revenue, sudden changes
of personnel or the swift – and profitable –
removal of a Government ‘blockage’ in a key
overseas market should be challenged and
explained. Specialist training is merited here.
Tim Parkman MA: Managing
Director of Lessons Learned
“Any organisation that’s serious about observing the laws
on financial crime should devote attention to stamping out
practices which put people in doubt about what the
company’s ‘real’ policy is on this matter”
25
www.risk-uk.com

The premier fire safety show
in the North of England
Fire Safety North debuts at EventCity Manchester on 10-11 October and will help fire and safety
professionals to achieve and maintain the very highest standards of fire safety management.
Fire Safety North offers visitors the opportunity to:
• Hear talks from an unparalleled line-up of key industry figures at our free to
attend seminar theatres
• Be the judge and jury in a mock trial on breaches under the Fire Safety Order
• Enjoy breakfast on us at our breakfast briefings on passive fire protection and tall
buildings
• See the latest fire safety products and services from our range of exhibitors
Fire Safety North is uniquely co-located with the well-established and widely respected Health &
Safety North and will see more than 2,000 delegates in attendance.
Get your FREE visitor ticket online today at www.firesafetyevents.com
Co-located with
Sponsored by
Supported by

Crisis Management: Leadership in Product Recall Events
During times of stress, a plan to turn
towards is a comfort. The assumption is
that the plan is created with clear heads
and the luxury of informed decision-making
from all relevant parties. The purpose of a
defined product recall plan is to guide action.
However, companies often find their recall plan
to be too general and amounting to little more
than a sample product recall plan that could be
applicable to any business.
There’s no point in having a plan if it’s not
specific and actionable. A safety recall can have
dangerous consequences if not dealt with
swiftly. Ensure that valuable time isn’t wasted
by defining the recall process beyond common
sense headings. Set specific points of action by
product or type of recall. Pre-determine
priorities and timescales and make
accountability of tasks clear. List all external
stakeholders and what they need to be told and
include important external stakeholders in
planning such that they understand their role.
Once the recall procedure is defined, the
comprehensiveness of the plan can then be
tested by training your recall team against it.
Managing risk can be an endless task. Part of
the planning process typically includes an
exploration and documentation of all possible
failures in the design, process, product or
service. A cross-functional team is necessary
for this exploration to be successful.
Risks are live and sneaky. The likelihood and
potential impact of a risk may be set at the
start of the project, but you must keep a live
and dynamic view of risks, their related risks
and the domino effect of changing
circumstances. The people involved in the
original risk assessment are not likely to be the
same as those who will spot the critical change
in circumstance so it’s important to make it
easy for people to report their concerns.
At various points, reassess risks with fresh
eyes and record the risk score against the
original. Remain alert to emerging risk.
Continually think about likely causes of recall
and focus training around high risk aspects of
your operations. Regularly reassess and update
your risk registers and take product recall into
account in change control. Make it easy for
people to report their concerns and use risk
severity and likelihood to prioritise both
mitigation actions and training.
The recall team
Training your product recall team against the
recall plan not only validates its usefulness, but
also helps everyone involved to act decisively
when time is of the essence. A product recall
should be a rare occurrence so staff shouldn’t
Total Recall
We can all agree that exploding or fire-prone mobile phones,
potentially life-threatening vehicle airbags and poisoned or
otherwise contaminated food are best avoided. However, it’s
sometimes the case that products do malfunction. What the
manufacturers involved do about such situations determines
how they’ll be judged by consumers. Does your business
have a product recall team primed for action? If not, there’s
no time to spare. Jennifer Sillars outlines precisely why
be expected to know what to do without
training and support.
A product recall team must be set up prior to
the need for a recall. From the plan you will see
the stakeholders who must be involved, their
priorities, the interdependencies and timelines
for action. If relevant personnel – including
external parties – are aware of what’s expected
of them there will be no crossed wires or
avoidance of responsibility. All parties will be
focused on what’s most important (ie
minimising harm to consumers).
Front line staff dealing with complaints are an
important early warning indicator of problems.
The processes that front line staff work to are
far removed from those around product or
service creation and maintenance. If front line
staff have a good understanding of the product
and the risks for which those closer to the
product are on high alert, they could diagnose
and escalate emerging issues before any real
damage is done.
Regardless of the link between front line and
behind the scenes operations, logging of
Jennifer Sillars:
Product Marketing Executive
at Ideagen
27
www.risk-uk.com

Crisis Management: Leadership in Product Recall Events
complaints so they can be profiled is a
worthwhile task. By profiling complaints,
patterns emerge that inform product
improvement decisions and the true scale of
low-level defects.
For serious incidents, an investigation must
begin into the actual cause. A fine balance of
maintaining a positive relationship with the
customer while assessing the culpability of
complaints is a delicate task for which front line
staff need to be prepared. Although well
meaning, it helps no-one to assume that the
customer’s story is the full story. What’s most
important is ensuring that the incident doesn’t
affect anyone else.
Decisive response
A swift and decisive response is required for
any product recall, but it’s important not to
panic or make the situation worse. Regardless
of fault, it’s your company’s responsibility to its
customers to show leadership in product recall.
The response must be in line with the severity
of the situation, demonstrate care and concern
for consumers and be consistent throughout
the incident.
Safety concerns may instil panic in
consumers, regardless of the actual level of risk
posed. Communications must provide all the
information required for consumers to
understand the risk to them and guide them in
how they should respond to the incident. Just
as you cannot expect staff to know how to
react, don’t expect consumers to understand
how concerned they should be.
If the risk is high, make this clear. On the
other hand, if consumers are being agitated by
media sources beyond the level of recall, keep
your response measured. As long as it’s clear
that your actions are in the interests of
consumers, and not just profits, you can begin
to build back any trust that has been lost.
The recall response doesn’t just affect
external parties. It’s easy to neglect normal
operations during a product recall.
Unfortunately, such short-sightedness only
increases the risk of more going wrong as the
focus is deflected from ongoing quality control
of products currently being produced.
After the recall is complete, audit the
effectiveness of that recall. Capture Best
Practice and lessons learned while the
“A mixture of objective observers and those closest to the
fault need to be involved in improvement discussions. The
process owner has to be engaged and listened to if
meaningful change is going to occur”
experience is still fresh. This is common sense
and widely adopted Best Practice. Reinforcing
the need in product recall workflows is worth
doing as the utter relief of the episode being
over can make it difficult to motivate individuals
to look back at what didn’t work so well.
The problem often lies in actioning
recommendations. A mixture of objective
observers and those closest to the fault need to
be involved in improvement discussions. The
process owner has to be engaged and listened
to if meaningful change is going to occur. Using
their expertise, they’re able to assess feasibility
of changes and the knock-on effect of those
changes. Process owners also provide valuable
insight into the background of recall reasons,
and particularly where resourcing is an issue.
Process owners should be built up into
champions of improvement projects, rather
than taking an accusatory approach. An audit
alone will not stop reassurance. At the end of
the day it’s people who drive change.
Exerting control
Product recalls are costly, damage reputations
and make customers wary. The risk of product
recall is often missed because manufacturers
are earnestly focused on producing the best
product they can. Quality and safety are built
into the design so, when unexpected causes of
recall slip in, they can be missed.
Innocent mistakes can be hard to avoid, but
when the mistake is due to a lack of training it’s
avoidable. Any change in the process increases
the likelihood of mistakes. Full training with
easily accessible reference documentation is
necessary to prevent staff from guessing the
right course of action when they’re under
pressure to keep to a production deadline.
Internal staff are not the only unknown
quantity. Most supply chains are becoming
longer and more complex. Much trust is placed
in suppliers. Once production is in motion
there’s little control left to exert. A robust
supplier approval process and setting clear
expectations at the outset of the relationship
are where you have the best chance of avoiding
causes of recall.
Product recall is a high stress situation that
needs structure and teamwork in equal
measure if it’s going to be tackled effectively.
As a company, you must take ownership of the
situation, regardless of the exact reason behind
the need for the recall.
During a product recall you’ll be under an
unprecedented amount of scrutiny that requires
a leader. Your internal team, suppliers and
customers all need this leader to carefully
guide them through the situation.
28
www.risk-uk.com

www.coie.uk.com
Cortech Open
Innovation Event
The Lighthouse, 11 Mitchell Lane, Glasgow, Scotland, G1 3NU
26 September 2017
The Mitigation of Risk for Workplace Safety, High Security
and Building Efficiency
An event with a difference for end users, consultants and main contractors:
Be educated, informed and better equipped to manage evolving building needs
Keep abreast of the latest advances in security, fire and building control technology
See technology in action as part of the live demonstration
Discover the latest smart integration techniques
Discuss industry challenges with fellow security professionals and technology experts
Learn about GDPR compliance and cyber security resilience
Attending Partners
Cortech
Developments
Media Partner

The Future of Lone Worker Solutions
It’s always important
for any individual to
consider their
personal safety and
remain vigilant at all
times when working
alone. Difficult
situations can arise,
with such unforeseen
circumstances
potentially having
serious consequences.
As Craig Swallow
outlines, considering
personal safety
becomes particularly
important when
you’re in charge of a
workforce and you
have a moral and legal
obligation towards
your employees’
safety and well-being
30
www.risk-uk.com
It’s the responsibility of all employers to
provide a safe working environment for their
workforce, including those members of the
business who work alone. Put plainly, this
means that employers should do everything
within their power to ensure all employees have
the necessary tools in place that allow them to
respond correctly to emergency situations.
Currently, this involves appropriate training,
thorough risk assessments, a comprehensive
lone worker policy and a dedicated lone worker
safety/security solution. There are a great
number and variety of lone worker solutions
available, ranging from dedicated lone worker
devices to mobile phone applications. As in all
walks of life, advances in technology – and
adjustments to legislation – mean that these
solutions must adapt and improve with time.
Body-worn video systems are one of those
technologies which has seemingly been
deployed in volume within a very short time
frame and without much fuss. In fact, to date
around 600,000 body-worn video devices have
been deployed, the majority of them in the
USA, approximately 75,000 here in the UK and
many tens of thousands throughout European
markets. Over the course of the next five years,
market analysts predict that deployed volumes
will rise to almost three million devices.
While many lone worker devices currently
capture live audio which can be used for future
use (such as admissible evidence in court
proceedings, etc), it’s clear that a live video
stream or the capture of visuals will – quite
literally – offer a clearer picture of events. Live
video allows for a faster emergency response if
necessary and can prove more helpful should
captured footage be used as part of a
prosecution case. Therefore, body-worn video
and the inclusion of video seems like the
logical next step for lone worker devices.
Video recording and storage
As I’m sure you’re aware, there are many
implications when it comes to the recording
and storage of video data. Protecting and
appropriately using this data is very important.
With the European Union’s General Data
Protection Regulation (GDPR) coming into effect
in May 2018, such considerations take on an
even greater importance.
It has been widely publicised that the GDPR
will generate a significant rise in the cost of
poor data protection practices, with fines of up
to 4% of domestic gross revenue being applied
in the European courts. Therefore, how any
business is using and storing data will come
under intense scrutiny.
Such is the degree of concern expressed by
high-ranking individuals at the Home Office, the
Information Commissioner’s Office and the
Metropolitan Police Service about poor data
protection procedures that a new British
Standard – namely BS 8593: Code of Practice
for the Deployment and Use of Body-Worn
Video – has just been launched.
For my part, I was fortunate enough to be
asked to sit on the drafting committee for this
important British Standard and have learned
first-hand how serious the UK authorities are
about making sure that all employers seeking
to deploy body-worn video follow the guidance
as laid out.
The voluntary British Standard delivers a
common framework designed to boost public
trust in the understanding of where and when
body-worn video can be used. It provides
technical and operational recommendations for
the appropriate and proportionate deployment
and use of such video.
The new British Standard was drawn up to
address a gap in guidance due to the
differences between the use of CCTV and bodyworn
video, and also with a view to avoiding
any repeat of the privacy concerns associated
with the widespread roll-out of CCTV. BS
8593:2017 covers planning and operational
recommendations, outlining the need for body-

Lone Worker Security and Safety
worn video’s deployment to be based on
legitimate reasons, particularly in terms of
undertaking a privacy impact assessment.
Deployment scenarios
At the core of BS 8593 is an implicit
understanding that there are four different
deployment scenarios, any one of which might
be appropriate to an organisation seeking to
deploy body-worn video. Each scenario
considers how a body-worn video device shares
and stores its data.
Capturing evidence from body-worn video
devices deployed on members of staff, and
notably those working alone and/or out in the
community, brings with it many other unique
challenges. What if audio is recorded? What if
other, non-incident related individuals are
captured in the video? Is a recording allowed if
it happens in someone’s home or on private
property? These and many other questions will
start to arise – and demand answers – as more
and more deployment scenarios occur.
Current body-worn video solutions tend to
record video and store footage locally to the
body-worn device. That data is then extracted
from the device at a later point in time, typically
to a docking station, by way of the removal of
an SD card or by using a secure Wi-Fi
connection to the employer’s network.
In this current scenario, it’s evident that while
useful visual evidence has been captured, its
use can only occur at a later point in time and
after any actual risk incident has passed. That
being so, to deploy a current body-worn style
device for a lone worker simply wouldn’t help
with ensuring an immediate escalation in the
event of an incident.
Moving to a scenario where the video’s
streamed in real-time via an appropriate
cellular connection clearly provides an
advantage in that it can be used immediately
during an incident. It also helps benefit the
operator based in an Alarm Receiving Centre
(ARC) or Control Room in that they’re far more
likely to be able to ascertain on a swifter basis
the nature and severity of the episode, all of
which further helps with the speed of incident
management and ensures that low level or false
alarm incidents are not passed to the police.
Data protection issues
The current scenario of recording locally to the
body-worn video device brings with it some
significant data protection challenges if, for
example, the lone worker has an ability to view
or replay the recordings made on the device,
and specifically if non-incident related
personal data is captured on that recording.
To date, the majority of deployments of bodyworn
video devices have involved police
officers: individual workers who are honest,
upstanding and able to follow instruction,
process and rules. Even then there have been
incidents whereby body-worn devices have
been removed and stolen by assailants, thus
introducing the potential for data breaches.
If body-worn video devices are to become
commonplace for other lone workers (ie those
who are not police officers), then ensuring that
those devices and their retained video data
remain intact and are used correctly becomes a
challenge for the employer. Moving to a model
whereby the video is streamed live and not
stored locally on the device will help in
ensuring that all employers stick to the GDPR.
One final observation for those employers of
lone workers hoping to use video for when risks
occur during engagement with clients, patients
or service users in their own homes. The
employer will need to make absolutely sure
that there are very clear policy guidelines in
place for those workers if and when they need
to use video to record an incident. Recording
needs to be warranted and the owner/occupier
of the property pre-notified that recording
could occur and under what scenarios.
There must be an open book approach with
clients/patients/service users that such
technology is being used to ensure the safety
of staff members entering personal property. If
a recording occurs which is warranted then it
must be clear to the recorded party that such
recordings will be deleted and details given in
terms of the timeframe for this procedure.
Equally, if recordings are warranted –
because an incident has occurred that causes
concern for the safety of the worker – then it
should be clearly noted that recording is taking
place. Any non-incident related personal data
captured as an aside must be redacted before
that video is used or shared by the employer.
Companies wishing to supply body-worn
video systems need to be investing now in their
ARCs, processes and personnel in order to
ensure they’re better placed to assist their end
user customers in making certain that video
data is perfectly safe. They also need to be
working to ensure that, if a body-worn video
user’s personal safety is at risk, escalation of
the incident in terms of summoning assistance
is the fastest and most effective route possible.
Craig Swallow: Managing
Director of SoloProtect
“The new British Standard 8593 was drawn up to address a
gap in guidance due to the differences between the use of
CCTV and body-worn video”
31
www.risk-uk.com

What plans do you have for
emergency evacuation?
As detailed in the Equality Act (2010) places of employment,
So in the event of an emergency
can you evacuate the mobility
impaired safely?
H
The Evac+Chair is the World’s No.1
Emergency Stairway Evacuation Chair
0121 796 1427 FREE evacuation
assessment www.evacchair.co.uk

The Changing Face of Security Services: Procurement
Human Resources:
The Finance Factor
When procuring security guarding services, organisations need to ensure
that the solution they choose is cost-effective, proportionate to the risks
assessed and meets the needs of all parties. For the benefit of Risk UK’s
readers, Cardinal Security’s sales and marketing director Kerinda Trigg
recently chatted with leading procurement consultant Neil Birkbeck about
the key considerations involved and how to arrive at the best outcome
The Regulator for contracted guarding
services in the UK is, of course, the
Security Industry Authority (SIA). Security
officers are required by law to hold an SIA
licence. When focusing on procurement, end
users must ensure that the company providing
security solutions only uses licensed officers.
The SIA also manages the voluntary Approved
Contractor Scheme (ACS) for security guarding
companies. ACS is a relevant factor in choosing
your security guarding solutions provider.
Member guarding companies of the British
Security Industry Association are required to be
inspected by an inspectorate that is itself
United Kingdom Accreditation Services (UKAS)-
accredited. Inspections of security businesses
will focus on ISO 9001 and relevant British
Standards. Ensure that the guarding company
you choose for your security provision is
inspected by a UKAS-accredited inspectorate.
Where applicable, your selected guarding
company should be working towards – or
already have – the following British Standards
embedded in its third party inspection regime:
BS 7499, BS 7858 and BS 7984-1.
In terms of financial probity, does your
security guarding company have three years’
worth of audited accounts under its belt,
evidence of a PAYE scheme and VAT
registration? When it comes to insurance,
buying end users should look for evidence of,
for example, employers, efficacy, public,
wrongful arrest and loss of keys insurance.
For his part, Neil Birkbeck is a procurement
specialist boasting a proven track record in
purchasing excellence through working with
leading private sector companies including
B&Q, Care UK, Johnson Controls, EMCOR, HCA
International and BMI Hospitals.
In essence, Birkbeck’s extensive expertise –
gained over many years of operating in the
procurement arena – helps clients when it
comes to structuring the best possible options
for indirect purchases.
Kerinda Trigg: In helping us to understand
the world of procurement, what do you
believe to be the customers’ pain points?
Neil Birkbeck: Procurement involves more than
just the purchasing of products and services.
Selecting vendors, establishing payment terms,
strategic vetting, selection and the negotiation
of contracts are all facets that can enable the
best solution to be implemented.
It’s no surprise that individuals at executive
and Board level are more likely to identify cost
reductions as a top challenge. This is in
contrast to those charged with procurement,
who will need to look at other factors such as
matching capabilities with requirements and
finding cost-effective suppliers who offer speed
of response, good communication and ‘added
value’. Buyers shouldn’t create a situation
where there’s only short-term advantage to be
gained rather than a long-term relationship.
With security guarding, establishing a ‘like
for like’ comparison between service suppliers
can prove difficult. The industry is incredibly
price competitive, so it’s important to work out
a way in which to strip things back and
establish the monetary figure a supplier keeps
as profit. Then look at issues such as, for
example, shift fulfilment. Is your chosen
solution provider going to be able to ensure
that adequately trained, knowledgeable and
skilled people are on the ground at all times
and not rely on agencies to fill positions?
Kerinda Trigg: Focusing on procurement,
what’s the best strategy to adopt for any
security company selling its services?
Neil Birkbeck: As a procurement consultant, I
want an easy life. On that basis, my advice
would be to make the whole process as simple
as possible and keep it clear.
Service providers should take the time to
understand a potential client’s business, offer
to make a site visit, talk to relevant parties and
then make recommendations based on their
Neil Birkbeck:
Procurement Consultant
33
www.risk-uk.com

The Changing Face of Security Services: Procurement
particular needs. This will assist with the tender
submission and help explain credentials, while
also ensuring that there’s no over-specification
and, importantly, that people with the correct
skills are deployed.
It’s also vital to focus on the ability to deliver
staff and have clarity of price.
Furthermore, it’s a good idea to provide
testimonials and Case Studies, while also not
being afraid to offer references. This will
highlight a security company’s confidence in its
ability to deliver services, achieve objectives
and meet any set Key Performance Indicators.
Kerinda Trigg: What would your advice be to
procurement managers purchasing security
services? For example, is there a case for not
compromising on service and quality for the
sake of a cost-saving exercise?
Neil Birkbeck: It’s worth bearing in mind
there’s a great deal of truth in the old adage
that suggests ‘if you buy cheap, you buy twice’.
The key to an effective security solution is to
develop a robust profile that considers the
impact of all risks and threats on each and
every aspect of a business, ensuring that
there’s an appropriate balance between
technology and Human Resources.
Clearly, security services need to be costeffective
and proportionate to the risks that
have been assessed following the standard site
survey procedures.
As described earlier, there are a range of
issues to consider before making a
procurement decision and the skills, experience
and ability of a service provider to offer high
levels of contract fulfilment should be a
prominent part of the buying criteria. The
provider’s price should reflect what’s on offer.
Kerinda Trigg: Do you think security services
providers are doing enough to meet the
various needs of customers in, for example,
the retail sector?
Neil Birkbeck: Some are, but others most
certainly are not. There has been a distinct
reluctance, or an inability, to move on from the
‘cops and robbers’ mindset that has prevailed
for decades, but some forward-thinking security
services companies are reacting positively by
providing operatives with more diverse skill
sets – ones that better represent the changes in
the retail sector.
An ‘intelligent guarding’ approach combines
technology, and the data produced by it, with
those people who can deal with the outputs of
these systems. Knowledge of counter-terrorism,
loss prevention, report writing, behavioural
analysis and profiling, Health and Safety, data
and intelligence gathering, First Aid and an
excellent understanding of customer service
delivery is vital for the modern day security
officer, as is the ability to work as part of a
team with non-security personnel.
Kerinda Trigg: e-auctions have become a
popular way of procuring security services.
Do you think they’re fair and do they ensure
good value for the buyer?
Neil Birkbeck: Warren Buffett, the great
American entrepreneur, investor and
philanthropist, once declared: “Price is what
you pay. Value is what you receive.” When
Buffet uttered these wise words it would be fair
to assume that he didn’t have security guarding
in mind, yet when it comes to purchasing such
services, they’re perfectly apt.
e-auctions have received a lot of bad press,
with some of it perfectly justified. However, I
think that, when used as just one facet of an
overall tender process, they can be effective
and fair and ensure that the customer does
indeed receive good value for money.
Rather than starting with an e-auction, I
always carry out a tender along traditional lines
albeit using an online tool. I ask questions,
possibly visit the supplier on site, check the
quality of its goods and services and ask for
references. Eventually, we would reach the
point at which my client has reviewed the
results and is comfortable to use one of a
number of the suppliers suggested. At that
juncture, I discuss the benefits of an e-auction
and, if the client agreed, I would invite only
those potential suppliers to join in such a
procedure. Now, it’s all about cost.
To derive the best results, solution suppliers
are made aware of their place in the pecking
order, are aware as the process continues if
things change and have a short period of time
to improve their bid.
The process may run for 30 minutes with a
final sealed bid of five minutes where the
suppliers are unaware of their final position. In
practice, this means that the client can discount
any supplier whose price looks to be too low.
Kerinda Trigg:
Sales and Marketing Director
at Cardinal Security
“The key to an effective security solution is to develop a robust profile
that considers the impact of all risks and threats on each and every
aspect of a business”
34
www.risk-uk.com

Multi award winning security service provider
Supplying security services to Government Departments,
Local Authorities, Blue chip companies and Worldwide organisations
Services provided
Manned Guarding Service
Site Patrols
Reception Duties
Car Park Security Management
Front of House Service
Mobile Patrol Visits – Internal/External
Mail Room Service
Remote CCT Monitoring
Banks Men
Security Lodge/Gatehouse Duties
0800 772 3786
sales@magentasecurity.co.uk
www.magentasecurity.co.uk

The Future of the Security Services
Sector: Hanging in the Brexit Balance?
More than a year after
the UK voted to leave
the European Union
(EU), most of us in the
security services
industry are still
wondering what Brexit
will actually look like
in the real world.
David Mundell
discusses what impact
Brexit could have on
the security guarding
sector and how firms
can continue to deliver
high quality security
services despite the
challenges ahead
The mantra ‘Brexit means Brexit’, a favourite
of our Prime Minister Theresa May, actually
doesn’t appear to mean anything at all. For
those of us in the services sector, the impact of
Brexit is perhaps different than it is for firms
who manufacture ‘product’ or conduct
international trade. We don’t export our ‘goods’
and, therefore, don’t face the myriad questions
focused on being in or out of the Single Market.
We don’t have to wonder with whom we’ll be
trading in the future and under what terms. Our
‘product’ is, of course, people. That being so,
and as is the case for many other service-led
industries, the key concern around Brexit is
centred on its impact relating to the availability
of labour. Undoubtedly, this will be a significant
challenge for companies such as our own.
While we know there are plenty of challenges
in front of us, it will be some time before we
can ascertain the true cost of Brexit. The time is
fast approaching when Britain officially leaves
the EU. Government ministers are now agreed
that there will be a transitional period. This is a
sensible move that suggests the Government is
planning to continue with freedom of
movement rules for the interim months and
years ahead.
Hovering as we are on the edge of change,
we can use this time to take a good look at our
sector and its future needs, and attempt to
work out how we might collaboratively protect
it from any loss of inward migration.
Despite the ‘Leave’ result realised by the EU
Referendum vote and the uncertainty it has
created, for now EU workers are still coming to
Britain. Official figures released only last month
by the Office for National Statistics tell us that
the number of EU citizens working in the UK
has hit a new record. There were an estimated
2.37 million people from other EU Member
States in employment here between April and
June of this year. To put that into context, this is
the highest number since comparable records
began two decades ago. The figure is up by
126,000 on the same period in 2016, which
incidentally was at the time of the Brexit vote.
EU workers appear to remain attracted to the
UK, then – albeit that the strength of the pound
is no longer so attractive – with net migration
from the continent rising in the 12 months
immediately following the Referendum.
Interestingly, the Home Office has launched
an independent review into the impact of EU
migrants on the UK economy. The review, which
will be carried out by the Migration Advisory
Committee, will help the Government to plan
how immigration will be controlled when the
UK leaves the EU and is no longer bound by
freedom of movement rules.
Let’s hope that the Committee covers all
areas of the UK economy in depth and that the
Government listens to employers who are
adamant the UK still needs inward migration.
Recruitment difficulties
Unemployment is still sitting at a record low
figure and, when it comes to security services,
finding and recruiting high-calibre, customer
services-oriented officers is already a
somewhat difficult task.
The problem is partly of our own making. The
best Security Industry Authority (SIA)-licensed
officers are already employed and unlikely to
move from company to company since they
command a premium. Quality individuals are
always in demand, regardless of the sector in
which they operate. Quality employees in the
36
www.risk-uk.com

The Changing Face of Security Services: Brexit
security industry, in particular, can pick and
choose their next move.
That being so, this leaves a pool of – dare I
say this – poorer-qualified applicants with less
experience, or those individuals with no
experience at all.
For the latter, we need to bear in mind that
the security industry may not be an attractive
option when hours, shift patterns and salary
levels are all taken into account.
Historically, therefore, like many labourintensive
industries, security has always
welcomed a broad mix of individuals from
overseas, and if entry into the UK is to be made
more difficult for migrants, or the number of
immigrants is otherwise limited in some way,
then we will all have to recruit more homegrown
talent.
Future considerations
If this is the case, as an industry we will need to
consider two things. First, how do we go about
making security and security companies
themselves more attractive as a career for
potential employees? Second, but inextricably
linked with the first point, how do we go about
raising salary and benefit levels to attract the
right people in the first instance?
The answer to the second question poses a
real conundrum as it’s not something that’s
directly within our control. Site-based
remuneration is in the hands of our customers.
Unless we see a universal shift across the
industry, and stand together to drive positive
change, a low-price option will still be a choice
for end users in what some of them view as the
race for the bottom.
On that note, for years now many of us in the
guarding sector have bemoaned the increase in
skills and quality sought on some contracts
when viewed alongside an apparent – and, in
some instances, actual – unwillingness on the
part of customers to pay for that situation.
Our officers are constantly being asked to do
more with – or for – less. Their roles and
responsibilities have widened. Their remit often
extends beyond security into Front of House
services, Health and Safety and facilities
management. With the evolution of services
has come the need for greater training and
additional management support. Yet all the
while the fees being paid for such services have
been heading downwards and not up.
Perhaps Brexit will have a positive impact
here? We can certainly hope so.
Security’s attractiveness
With regards to making our industry more
attractive for potential new recruits, many of us
“It has been up to individual security companies to make
tough choices over pay levels and benefits for their nonsite
based staff and for customers who recognise the value
of their security to ‘up the ante’ in terms of contract rates”
felt that SIA licensing was the advent of a new
dawn. The promise from the Regulator and
those in power in Westminster at the time was
that it meant ‘cowboy’ operators would be
exposed and forced out of business.
Perhaps more importantly, licensing and
regulation also meant that standards would be
raised and officers given the credit for the
difficult tasks they perform. It signalled a
positive move towards the highly successful
Scandinavian model wherein security is viewed
as a respected career of choice.
Unfortunately, this hasn’t turned out to be
the case. In the real world, it has been up to
individual security companies to make tough
choices over pay levels and benefits for their
non-site based staff (with one eye on everdecreasing
margin levels) and for customers
who recognise the value of their security to ‘up
the ante’ in terms of contract rates.
If the price of security to end users were to
increase, there would undoubtedly be a
concerted movement towards ever-smarter
solutions incorporating the latest technology
and reduced manpower. Here, we’re talking
about solutions that many companies would
welcome due to the increased margins often
produced from such outcomes.
Closer to home
In reality, at this present moment nobody really
knows the true impact that Brexit will have on
our industry, or indeed any other industry for
that matter. What we do know, however, is that
if we reduce the pool from which we can recruit
then a difficult situation will be made even
more difficult still. If security businesses can no
longer rely on a steady flow of talent influx from
across Europe then we may have to look closer
to home for a solution.
During the lead-up to the EU Referendum, we
were all inundated with truths, half-truths and
what have subsequently been shown to be
falsehoods to try and win our vote. This
scenario doesn’t appear to have changed.
We all have our opinions of what might
happen post-Brexit and we all want to remain
optimistic about our future prospects. One
thing’s for sure, though. If we are to realise a
positive outcome for the security business
sector, we must put company interests aside
and all work together for the greater good.
David Mundell: Managing
Director of Axis Security
37
www.risk-uk.com

We go to greater lengths.
Axis Security – setting new standards in customer service.
• Our employees – are highly trained, valued and rewarded
• Our proactive management approach – ensures service is continually improving
• Our intelligent technology – ensures open lines of communication and transparency
• Our prestigious industry recognition – includes 3 Security Guarding Company of the Year awards
T. 020 7520 2100 | E. info@axis-security.co.uk | axis-security.co.uk

The Changing Face of Security Services: Robotic Technology
Robotics in Security: A Sustainable Model?
When contemplating a workplace wherein
humans are increasingly being replaced
by technology, it seems, investment in
real and talented individuals will surely be
more important than ever to ensure that an
element of human common sense and the
personal touch is delivered for end user
customers and for supervising, ‘educating’ and
maintaining a robotic workforce.
There may in fact be an opportunity here for
the security sector to boost its profile and add
value through robotics if the technology’s
integrated in the right way. We cannot ignore
the fact that autonomous robotic technology is
developing extremely quickly, with ‘futurists’
already predicting that as many as one third of
all UK jobs could be automated by 2030.
While I’ve always maintained that empathy is
a key characteristic required of any security
professional, I also believe we cannot gloss
over the innovation in robotics and the cost
saving incentive that may well tempt our clients
into trialling such solutions on their sites.
Noel Sharkey, a recognised expert in robotics
at the University of Sheffield’s ‘Sheffield
Robotics’ Centre, reminds us that even the most
advanced robots don’t have the capability to
reason, while their lack of ‘moral agency’
means it cannot be appropriate for them to
simply work autonomously.
In addition to the recent incident where a
security robot fatally drove itself into a
decorative water fountain (needing at least four
humans to rescue it), last year it was also
reported that a four year-old boy was injured in
a Californian shopping mall by one of the most
popular models of security robot currently
patrolling the likes of Microsoft and Uber’s
corporate offices, not to mention the car parks
of Silicon Valley.
“Robots need a human supervisor
somewhere in the loop,” noted Sharkey, who
has issued particularly strong warnings about
the potentially catastrophic impact of the
development of so-called military ‘killing
robots’, which he states raise serious questions
about accountability for fatalities in a world
where mechanical and software failures are not
uncommon, not to mention the vulnerability of
robots to determined cyber hacking.
Potential tasks
From a Front of House point of view, robots are
also being tested for roles with a welcoming
function. They have the potential to recognise
faces and movement, adjust temperatures,
deliver room service and even make small talk.
While some human co-workers have been
known to become quite fond of their robot
colleagues, I don’t doubt that the genuine
human connection with all of its subtle nuances
will be very much missed in most professional
welcoming scenarios.
Looking at the ‘pros’ of robotics, there’s no
denying that security robots are sophisticated,
with their ability to see 360-degree views, hear,
record and accurately document evidence.
Additionally, they can crunch data and produce
predictive analytics, which is very powerful in
anticipating problematic incidents or
apprehending criminals.
Commanding presence
The makers also argue that robots have a
commanding presence, which provides a
significant perceptive deterrent.
However, even with the highest spec of
security robot available in Silicon Valley, it’s
recommended that a suite of seven security
robots is maintained by three “highly-trained”
human officers. If this is indeed the case, the
client may find that it’s even more important to
attract talented tech-savvy human security
professionals who will be complemented –
rather than replaced – by robots.
There’s a powerful inherent value in the
deployment of a human. We all know we would
rather speak to a real person when we call the
bank, or have a retail assistant smile and gently
ask us if we can manage without a bag instead
of being ordered to ‘Place Your Item in the
Bagging Area’. I see significant benefits in
investing in people in the front line and,
through better customer service training,
enabling them to engage and connect on a
personal level. Indeed, it could well be a step
backwards to disregard this approach in the
quest for robotics-related cost savings.
Solution providers
operate in a security
marketplace wherein
their clients are
continually seeking
added value and cost
savings. Robotics has
the potential to deliver
in both of these areas
and, for some
commentators, is
already beginning to
command their
attentions. What could
this mean, though, for
the current HR-heavy
guarding business
model? Neill Catton
investigates
Neill Catton: Managing
Director at CIS Security
39
www.risk-uk.com

The Changing Face of Security Services: Business Licensing
The private security
industry is growing
and constantly
adapting to changes
in the many sectors
which it serves so
diligently. However,
the industry continues
to face the ongoing
challenge presented
by rogue traders.
Unlicensed companies
are a threat to the
credibility of bona fide
operators and clients
alike. What’s the
answer? Abbey Petkar
focuses on the need
for business licensing
Business Licensing: A ‘Must’
for the Security Guarding Sector
The Security Industry Authority (SIA) may
have gone a long way towards improving
the reputation of security companies and
ensuring that we’re respected and heard in the
corridors of power, but more needs to be done
and soon. However, a Government swamped in
Brexit negotiations is unlikely to make the right
changes in a reasonable time frame.
One of the latest high-profile challenges to
the reputation of security companies was the
news of a security firm allegedly supplying
cloned badges to unlicensed stewards at
festivals over the summer. If proven to be true
post-investigation, such a blatant disregard for
clients must be stamped out.
Once again, this is a telling signal that
business licensing is a ‘must’ if we’re to be seen
as a professional and credible industry willing
to manage its own profile and do what’s best
for all concerned.
Cut-throat pricing and poor standards are the
hallmarks of many security companies. They
send out unlicensed officers to protect
members of the public with little or no thought
for the consequences beyond their growing
bank balances. Far too often, I hear clients
complain of such a situation, but with no idea
as to how to combat this behaviour. For them,
it’s a lottery. How do they ascertain the
legitimate professionals from the rogue
traders? The simple solution would be a
business-wide security licence.
Business licences are not a new idea, nor one
that has yet to gain much traction. The concept
was first mooted in 2014, but here we are, three
years on, and we’re no closer to a formalised
legal system to establish the credibility and
professionalism of security companies.
Such regulation would ensure that all
legitimate security service providers are
licensed at a company level in tandem with
their individual officers. It would benefit
legitimate companies in terms of quality
assurance and subsequent sales, but – and
most importantly – it would also benefit the
clients, who would then be safer and somewhat
more trusting of their security partners.
To succeed, business licensing needs
ministerial and parliamentary approval, both of
which are a challenge at the best of times. A
minority Government seemingly embroiled in
in-fighting with both eyes firmly fixed on Brexit
isn’t likely to be interested in the complaints of
an industry that, on the whole, manages itself.
It should be. Terror threats are a part of modern
life and security companies are at the forefront
when it comes to protecting the public.
Considering alternatives
In the meantime, there are alternatives worthy
of consideration. The current (voluntary)
Approved Contractor Scheme (ACS) could be
made compulsory. It would provide an easy
platform for security companies to demonstrate
they’re reputable within a framework that
already exists. More importantly, that solution
could be swiftly introduced.
This is just one idea, though, and something
that would need to be discussed at length, but
at a time when the Government’s priorities lie
elsewhere, a mandatory ACS could indeed be a
viable alternative.
Compulsory business licensing is a necessity
for our industry. At some point in the future it
needs to become a reality. We must all work
together to make that happen. Far too many
security companies, who’ve worked hard to
promote their professionalism, risk being
tarnished by the failures of the rouge
operators. Introducing an enhanced regulatory
regime would afford greater credibility for
genuine companies and encourage the industry
to constantly deliver high-level services that
benefit clients and serving security officers
alike, while ultimately improving the reputation
of the industry as a whole.
Given security’s large workforce, regulation of
our sector must be improved if the legitimacy,
standards and reputation of companies and
individuals within who provide a quality service
are to be maintained. Only time will tell if
business licensing arrives, let alone does its
job. Hopefully, it will duly arrive and rid us of
disreputable organisations once and for all.
Abbey Petkar: Managing
Director of Magenta Security
“Compulsory business licensing is a necessity for our industry. At some
point in the future it needs to become a reality. We must all work
together to make that happen”
40
www.risk-uk.com

Tel: 08707 508070 Fax: 08707 508066
Risk UK Offer
Uniforms@PeterDrew would like to offer
all Risk UK readers, SIA licensed companies,
FM companies and end users of security
services the following -
• Free samples on a sale or return basis
• Free artwork and design setup
• Free dedicated buying portal
• Discounted contract prices
• Committed customer sales support
• Same day dispatch, next day delivery
• Branded stock holding available
•
To take advantage of this offer or for more
information contact uniforms@peterdrew.com
or call 08707 508070
Website: www.peterdrew.com
Twitter: @UniformSecurity
Facebook: facebook.com/
PeterDrewCorporateClothing

Meet The
Security Company
Being able to offer a full range of security
solutions also helps greatly as clients like the
fact they only have to make one phone call and
they know that, whatever their individual issue
might be, we can bespoke a solution that’s both
affordable and, more importantly, goes a long
way towards resolving their security issues.
This is the third
instalment in a new
series of articles for
the readers of Risk UK
where we shine the
spotlight on NSIapproved
businesses
for the benefit of risk
and security managers
who purchase security
guarding as well as
systems-focused
solutions. Answering
our questions this
month is Andrew
Nicholson, managing
director of Barnsleybased
Doyle Security
About the National Security Inspectorate
Risk UK: Can you briefly describe your
business’ activities and what you consider to
be your USP as an organisation?
Andrew Nicholson: Doyle Security is a supplier
of total security solutions. What this means in
essence is that we address almost all of the
security disciplines that our clients require,
from supplying fully-trained and licensed
security officers and providing key holding and
alarm response solutions through to the
installation of commercial grade CCTV, intruder
and fire alarm systems.
We’re very proud of the fact that we’re a
family-run company and have been for over 30
years. Any potential client can be sure that not
only will they receive a first class service from
us, but they’ll also have complete peace of
mind knowing that we, as a company, can
demonstrate longevity of service as a bespoke
security solutions provider.
Risk UK: What do your clients value most
about the services you deliver?
Andrew Nicholson: The level of experience and
honesty we bring for each and every client with
whom we interact is, I firmly believe, one of our
biggest assets as a company.
The National Security Inspectorate (NSI) is a wholly-independent, not-for-profit
company limited by guarantee and operates as a UKAS-accredited certification
body specialising in the security and fire safety sectors.
For over 40 years, the NSI has served to protect businesses, homeowners
and the general public alike, raising standards by providing robust and high
quality audits of both security and fire safety service providers.
Risk UK: How do you feel accreditations have
assisted your company?
Andrew Nicholson: Accreditations have been a
great assistance to the business. For well over a
decade now, we’ve embraced both the National
Security Inspectorate’s (NSI) Guarding Gold
scheme and the Security Industry Authority’s
Approved Contractor Scheme (ACS). We
wholeheartedly believe they set the standard.
Those security companies receiving
accreditation and continually working to the
benchmarks outlined within are operating at
the highest levels. It sets them apart from other
security companies.
More and more of the tenders and contract
requests we receive stipulate either one or both
of these accreditations. We’re extremely proud
that we hold both NSI Guarding Gold and ACS
registration and will continue to do so.
Risk UK: Specifically, what value does ACS
registration and NSI Guarding Gold approval
bring to your business and its clients?
Andrew Nicholson: ACS registration and NSI
Guarding Gold approval set the standard not
only for the quality of services we bring to our
clients, but also in terms of how we run our
business on a daily basis.
All of our staff members believe passionately
in working to the set standards in every aspect
of Doyle Security’s day-to-day operations. Only
by them doing so will our clients benefit from
engagement with Doyle Security as a company.
Risk UK: In practice, what are the main
differences between ACS registration and NSI
Guarding Gold approval?
Andrew Nicholson: ACS registration is all
about helping security solution providers to
raise the standard of service they offer for their
clients. Many of the ACS criteria are directly
linked to improving the working experience of
42
www.risk-uk.com

Meet The Security Company: Doyle Security
In association with the
employees which, in turn, hopefully increases
the standard of the services we offer as a
business right across the board.
The new ACS workbook and scoring criteria
allow security companies to demonstrate Best
Practice which brings added value for clients.
NSI Guarding Gold approval is more
concerned with security companies
demonstrating adherence to ISO 9001:2015 and
all of the individual British Standards relating
specifically to the security business sector.
Risk UK: How do you think technology has
changed the industry over the last couple of
years and what do you feel will be the
direction of travel in the future?
Andrew Nicholson: Across the past few years,
the myriad innovations in IT have been the
biggest game-changer for us from an
operational point of view. Innovations in
software have enabled us to introduce new
systems of working designed to improve the
way in which we rota our staff and how we
communicate this to them, how we monitor
their performance and also how we can interact
with clients when it comes to informing them of
issues and for incident reporting.
Although improvements in technology have
driven down the prices for high quality
technical systems, the emphasis will always be
on how we use this technology. Often, there’s
simply no substitute for human interaction in
delivering a high quality security service.
Risk UK: When it comes to negotiating
contracts and responding to tender requests,
what aspects are of most value to customers
and how are these changing?
Andrew Nicholson: A few years ago, it was the
norm for a client to ask for an hourly rate. Many
afforded little thought as to what they were
receiving for their money. Now, when we receive
genuine contract and tender requests, it’s clear
that the emphasis is no longer solely on cost.
Potential clients want to know what added
value can be realised by their prospective
security solutions provider.
At Doyle Security, we spend much time and
effort in explaining to clients that securing their
site is a team effort involving all parties. Only
when we work as a team and gather feedback
from all concerned can we do our utmost to
ensure the client’s premises, people and
property are as secure as possible.
As history tells us, there’s no such thing as a
completely fail-safe security system. We believe
it’s a case of placing as many barriers as
possible in front of would-be criminals so as to
deter them enough that they think twice and
move on. With regular meetings and good client
feedback, we can accomplish a very high level
of customer service.
Risk UK: How has Government legislation (eg
the National Minimum Wage, the National
Living Wage and holiday pay) affected your
business? Do you believe such legislation is
a good thing?
Andrew Nicholson: The introduction of both
the National Minimum Wage and, more recently,
the National Living Wage are two of the best
things to have happened for the security sector.
In an industry that has been renowned for its
long working hours, security officers can now
work a more reasonable shift pattern and still
earn a decent salary.
That said, we believe the industry can do
more. With the increase in the National
Minimum Wage and the recent introduction of
the Living Wage, we’ve seen the rise of the socalled
‘self-employed’ security officer. Often,
these individuals are paid less than the
National Minimum Wage in an attempt – by
unscrupulous security companies – to keep
hourly rates low in order to win business. These
unfortunate individuals don’t receive sick pay,
holiday pay or any of the benefits to which
they’re entitled.
Risk UK: What are the most important
attributes you look for in your security
officers and staff members in general?
Andrew Nicholson: The answer here is quite a
simple one: professionalism. Professionalism
encompasses honesty, integrity and the ability
to give 100% to all tasks. These must be a
‘given’ on the characteristics measure.
High on the list of what we look for – and
what clients like – are a smart appearance and
solid communication skills. The ability to
communicate clearly with clients and any other
third party often leads to positive results.
Risk UK: How can the SIA, the NSI and
industry standards best serve the sector in
addition to the needs of your company’s
clients and the wider public interest? Will
the introduction of business licensing be a
positive step?
Andrew Nicholson: Ever since 2007, we’ve
been championing the introduction of business
licensing for the private security industry.
Licensing individuals has been a fantastic
initiative and a giant leap forward for regulating
the private security sector, but only by
regulating each individual business can we
hope to have a fully-level playing field. It would
allow greater flexibility and better outcomes.
Name
Andrew Nicholson
Job title
Managing Director
Time in the security sector
I’ve been in the security
sector for over 16 years. I
joined Doyle Security in early
2001. Prior to this, I worked
within the sales and
marketing industry
Location of the business
Doyle Security is strategically
located in Barnsley just off
Junction 37 of the M1
motorway which affords great
transport links to the M1,
M62, A1 and M18 network
Areas of expertise
Security guarding, alarm
response, mobile patrol and
key holding services, CCTV
monitoring, CCTV, intruder
and fire alarm system
installation, access control
solutions and security
provision for major events
Accreditations
SIA ACS (Security Guarding),
NSI Guarding Gold Scheme,
SafeContractor Scheme,
CHAS Accredited Contractor,
ISO 9001:2015, BS
7499:2013, BS 7984-1: 2016,
BS 7958:2015, BS 7858:2012
Andrew Nicholson: Managing
Director of Doyle Security
43
www.risk-uk.com

Genesys – Beyond PSIM
Genesys is more than ‘just’ a PSIM
technology. It takes PSIM to another
level. Genesys is an Integrated Security
Management System (ISMS) that integrates
multiple systems from multiple
manufacturers – presenting it as one holistic
technology with unparalleled ease of use.
As demands on security managers and
the systems they specify increases and
further integration is needed, Genesys
that is revolutionising the industry.
• Patented unique system architecture
• Migrating 3+ driver for power
and redundancy
• Fully scalable
• Exceptional ease of use
• Low life cycle cost
Please see next month’s edition to see
why ISM’s Genesys should always be the
number one choice for your integrated
security management solution.
Intergrated Security Manufacturing Limited
T: +44(0) 1293 529990
F: +44(0) 1293 528023
E: info@ism-uk.com
ism-uk.com

Fire Safety Planning: Emergency Evacuation Case Study
Elevated life expectancies and financial
pressures are shifting the age profile of
today’s workforce. Published in December
last year, the British Social Attitudes Survey for
2015 states that, while nearly two-thirds of
employees still expect to retire in their 60s,
17% expect to be in their 70s before they down
tools. In fact, according to a report in The
Economist, between 1995 and 2015, the number
of working individuals aged over 65 more than
doubled to break through the one million
barrier. It’s estimated that, by 2020, one third
of the workforce will be aged over 50.
A major contributory factor behind such
statistics is Government policy which is keeping
more people in work. Since 2006, it has been
possible to continue working while drawing a
state pension. The age at which that pension
can be drawn is due to rise to 66 by 2020 and
to 67 by 2028, with many commentators
expecting this figure to be nudged closer to 70.
Lots of people want to carry on working and,
for financial reasons, many need to do so. As a
result, companies are now actively courting
older workers. Older workers are praised for
their reliability, experience and loyalty and for
their ‘soft skills’ in areas like customer services.
While we can expect a growth in the desire
for paid employment among the upper age
group in our society, more people with physical
impairments are now seeking employment
opportunities. This is driven by the Government
encouraging both employers and employees
alike to find roles where disabilities may no
longer be a barrier to earning.
There are nearly seven million people with
disabilities of working age in the UK.
Government figures have reported a steady rise
in the numbers employed. In 2016, the UK
employment rate among those with permanent
disability and of working age was 46.5% (ie 4.1
million). According to The Papworth Trust, only
17% of people with disabilities were born with
their impairment, with the majority acquiring
their disability during their working lives. It’s
estimated that five out of six people retain their
job after their first year.
For people with disabilities – and, to a
greater or lesser degree, older workers –
accessibility within the workplace is a key
issue, as indeed it is when they’re out and
about during their leisure time. When
considering this, we tend to think in terms of
ensuring that people can access and then move
safely around inside the workplace. Building
design is adapted to incorporate ramp access,
wider doorways for wheelchair access and
passenger lifts – all of which provide valid
solutions for accessibility. However, designs
Taking Evacuation Planning
into the Premier League
Costing £14.7 million to construct, the bet365 Stadium –
formerly the Britannia Stadium – is the home of Stoke City FC.
Following the recent completion of expansion works, the
ground’s capacity now tops 30,000. Importantly, the redevelopment
project has taken full account of planning for
fire safety and emergency evacuation, as Risk UK reports
don’t necessarily look at how people can exit a
building or a stadium in an emergency scenario.
The Taylor Report
The bet365 Stadium is the home of Stoke City
Football Club and has been so since the
summer of 1997. The all-seater stadium cost
nearly £15,000,000 to build and brought the
club up to standards set out in the Taylor
Report following 119 years spent at the old
Victoria Ground.
By early 1997, the skeletal steel
superstructure was in place and the stadium
began to take shape. Later that year, it opened
its doors for the first time as the Britannia
Stadium thanks to a £1 million, ten-year
sponsorship deal with the Britannia Building
Society which was instrumental in the overall
funding of the project. A further £3 million was
given as a grant by The Football Trust.
Rochdale were the visitors for the historic
first-ever competitive match on 27 August 1997:
a 1-1 draw in the Worthington Cup watched by
15,439 fans. Just four days later, the first-ever
league game took place against Swindon Town
45
www.risk-uk.com

Fire Safety Planning: Emergency Evacuation Case Study
before a crowd of 23,859. Ten years on, the club
obtained full ownership of the stadium in a deal
worth £6 million following the previous joint
partnership with Stoke-on-Trent City Council
and Stoke-on-Trent Regeneration Ltd.
As one of the Premier League clubs fully
committed to complying with the requirements
for disabled access as set out in the Accessible
Stadia document, Stoke City FC has chosen
stairway evacuation chairs to provide safe
means of exit for those supporters unable to
use stairways in an emergency.
The evacuation chairs are among the new
facilities introduced at the bet365 Stadium
thanks to its first major re-development since
1997. That re-development adds 1,800 seats to
the impressive ground’s capacity and duly
enables this established Premier League club to
provide additional and improved viewing for
wheelchair users.
Filling the gap
Increased provision for disabled supporters
was added to permission gained in 2013 for the
club to ‘fill the gap’ in the South East corner of
the stadium and lift capacity to over 30,000. It
was decided to carry out the new development
in tandem with improved provision for disabled
supporters – and particularly wheelchair users
– when the Premier League clubs agreed to
comply with the requirements of the
aforementioned Sports Grounds and Safety
Authority Accessible Stadia document by the
deadline of August 2017.
In terms of accessibility, one of the criticisms
that had been levelled at a number of Premier
League clubs was that wheelchair users’ places
suffered poor sight lines because of seats being
at pitch level. As well as introducing two new
high-level disabled bays in the North East and
South East corners of the stadium, Stoke City
FC is creating pitch-side disabled bays in its
North, South and West Stands and providing
super-risers to the existing mid-terrace bays.
Access provision also includes ensuring a safe
means of evacuation in an emergency or in
those situations where lifts cannot be used.
This is an issue which Stoke City’s Health and
Safety manager Rob Killingworth had already
addressed when reviewing emergency
evacuation procedures under the club’s fire
strategy. “Our chosen emergency evacuation
method was the use of evacuation chairs so, a
couple of years ago, we visited The Facilities
Show to see what was on the market,”
explained Killingworth.
The Evac+Chair model eventually selected by
Killingworth is the 300H which boasts a 182 kg
carrying capacity and is designed for oneperson
operation, avoiding the need for heavy
lifting or manual handling.
As well as having the right equipment in
place, a key requirement is having sufficient
personnel trained in the use of evacuation
chairs in an emergency scenario. As
Killingworth pointed out, this isn’t confined to
the need for evacuating areas specifically
designated for wheelchair users.
“Evacuation procedures underpin our fire
safety strategy, but we also need to have
provision in place for any circumstance where
someone may need assistance and is unable to
use the lifts,” said Killingworth. “People with
disabilities using the hospitality areas might be
taken ill or have a medical condition that means
they need help. As you can imagine, we have a
lot of people working here on match days, so
we needed to develop a policy that enables us
to train as many of them as possible.”
Bespoke training
Although all Evac+Chair equipment is designed
for ease of use, the company always
recommends evacuation chair training and
offers two levels. Stoke City FC opted for the
Key Trainer Masterclass. This is a full-day,
certificated, ‘train the trainer’-style course
enabling key members of staff to achieve the
required level of expertise for formal
certification which qualifies them to provide inhouse
training for other staff members.
With a large rota of match day stewards, plus
catering and other on-site staff, training is
being rolled-out to as many staff as possible to
ensure that there are always sufficient numbers
of trained individuals on site on a match day.
The club is also in the process of recruiting a
large team of access stewards as part of its
Stoke City Safety Operation. Their role includes
helping with ingress and egress at the stadium
to ensure spectator safety at all times.
Evacuation chair training will also be included
for all access stewards alongside standard
disability instruction.
“Evacuation procedures underpin our fire safety strategy, but we also
need to have provision in place for any circumstance where someone
may need assistance and is unable to use the lifts. People with
disabilities using the hospitality areas may be taken ill, for example”
46
www.risk-uk.com

National Association for
Healthcare Security
Annual Conference and Exhibition
November 9th, Birmingham
PLATINUM SPONSOR B-CAM
Organisers AllSecurityEvents.com
“Protecting the Million”
This year, the National Association for Healthcare
Security Annual Conference moves to Birmingham
at a cool, contemporary venue, minutes from New
Street Station.
The Conference, supported by our Platinum
Sponsor, body-worn camera specialists, B-CAM
will include a leading security speakers and subject
matter experts, including
• Philip Ingram MBE – ex senior British
Intelligence officer, media commentator and
writer
• Tony Porter – the Surveillance Camera
Commissioner
NAHS Awards
#NAHS17 will also feature our new awards,
recognising those who have made a significant
contribution to healthcare security - for details on
how to enter contact hello@allsecurityevents.com
We thank our sponsors and exhibitors for their
support, helping NAHS provide a safe and secure
environment for staff and patients in the healthcare
sector.
Exhibitors include
B-Cam
Carlisle Support
Services
Corps Security
Deister
Gunnebo
Paxton
SkyGuard
Volunteering Values
Book for #NAHS17 here
https://goo.gl/EH9SHM
Media Partners

Reflections on Risk and Resilience
Risk and resilience as
fields of research have
engaged academics
for several years now.
That research has
spanned many fields,
including – but by no
means limited to –
finance, sport, supply
chain management,
social work, security
and terrorism.
Nonetheless, there
remains something
mystical about the
concept of risk. Will
the lines dividing risk
and resilience
management continue
to blur and pave the
way for a new form of
thinking? Dr Risto
Talas believes so
There exists a settled consensus that risk
consists of three elements: threat,
vulnerability and consequence. Consider
the English language student who sat his finals
at Cambridge University in 1953. The questions
set included one that read: ‘What is a risk?’ The
student’s answer was simply: ‘This is a risk.’ By
answering as he did, the student demonstrated
a clear understanding of risk.
What represented the threat in the answer?
The threat was a failed examination if the
examiner viewed his answer as an arrogant
attempt to be clever. Or might the examiner see
that the answer was really quite insightful?
Either way, the threat level could be considered
to be quite high.
In terms of vulnerability, the student could resit
the examination towards the end of the year.
What would be the consequences of doing so?
A delayed graduation and the inability to begin
the teaching job for which he had successfully
interviewed only the previous week.
The student showed quite elegantly that he
understood risk very well. He also highlighted
the distinction between individuals who are risk
averse (ie those students who laboured for the
full three hours) and those who, much like
himself, are risk-seeking.
Academics often consider risk and resilience
together, as a quick search on Google Scholar
will reveal. Resilience is often described as the
ability to ‘bounce back’ after a crisis or an
adverse event, to be able to return to normal
working conditions or to absorb the impact of
an adverse effect. Many academics see risk and
resilience not necessarily as two opposing
sides of the same coin, but also not as related
as I believe them to be in the real world.
Risk management may be viewed as the
constant assessment of whether to treat,
tolerate, terminate or transfer the risks an
organisation faces. Why constant? Put simply,
because risks are dynamic and change
constantly. A risk assessment conducted on
paper and left on a shelf is a dead end exercise.
Ultimately, organisations should have their
latest risk assessment digitally available to
them at all times.
Remember Ericsson’s supply chain crisis back
in 2000? A lightning strike affected a
semiconductor factory in Albuquerque owned
by Philips that was the single source of supply
for all of Ericsson’s chips for its mobile phones.
The lightning strike caused a fire which meant
that all of the chips in the factory were
rendered useless. Nokia also ordered some of
its chips from the same factory. Within hours of
the fire, Nokia’s supply chain management
team in Finland was alerted to the disruption
and ordered more chips from Philips’ other
plants while beginning to reconfigure its (then)
current factory line mobiles to accept the chips
from the different sites.
What of Ericsson in the intervening period? It
took the business a full two weeks to wake up
to the scale of the disaster, by which time it
was Finland 1 Sweden 0.
Resilience management
What, then, is resilience management? My
definition is the constant assessment,
implementation and monitoring of efficient
active and passive systems which address an
organisation’s threats, vulnerabilities and
consequences in the face of an extraordinary
event. This definition links the two dimensions
of resilience: resilience to organisational
interruption and resilience for organisational
response and recovery.
Resilience to organisational interruption
comprises the active measures that are focused
on reducing an organisation’s vulnerability to
an extraordinary event, while resilience for
organisational response and recovery
encompasses the passive (but which can
become immediately active) measures that are
focused on reducing the consequences to the
organisation from an extraordinary event.
Essentially, this is how risk and resilience –
48
www.risk-uk.com

The Security Institute’s View
and, in turn, risk and resilience management –
are related.
It’s not enough for C-level directors of risk to
consider risks in isolation. They should be
focused just as much on resilience measures.
Furthermore, resilience to organisational
interruption and resilience for organisational
response and recovery must be proportional.
Resilience measures are not cheap. Rather,
they’re investments which need justification as
well as suitable resourcing. By linking risk and
resilience management, it’s then possible to
create a single mindset in the organisation that
focuses on both as one.
Port security risk
In my joint study with Professor David
Menachof 1 , and drawing on my experience of
working as a leading Lloyd’s underwriter of
marine war, terrorism and political violence
risks, we presented a model of port security
risk. Here, threat is defined as the probability
that an attack occurs, vulnerability is defined as
the probability that an attack results in damage
given that an attack occurs and consequence is
defined as the expected damage given that an
attack occurs and results in damage. Thus Risk
= P (attack occurs) * P (attack results in
damage | attack occurs) * E (damage | attack
occurs and results in damage).
We go on to show how port security risk can
be quantified and, when combined with
performance data for security systems obtained
from a series of interviews with port security
experts, the resultant residual risk of each port
facility can be calculated. This data was used as
the basis for assessments of the performance
of each of the security systems as a whole.
Developing the model, which is now the
focus of my research with Dr Alison Wakefield
at the University of Portsmouth, if we were to
substitute ‘event’ for ‘attack’ and ‘consequence’
for ‘damage’ in the above equation and further
model the impacts of both resilience to
organisational interruption and resilience for
organisational response, we arrive at the
following model for residual risk: Residual Risk
= P (event occurs) * P (event results in
consequences | event occurs) * f (resilience to
organisational interruption) * E (consequences |
event occurs and results in consequences) * f
(resilience for organisational response).
Here, f (resilience to organisational
interruption) and f (resilience for organisational
response) are functions of resilience to
organisational interruption and resilience for
organisational response respectively which
reduce organisational vulnerability and
consequence. The way in which these are
calculated isn’t elementary and reflects the
complex landscape of the relationship between
risk and resilience.
To further inform the model, I’ve identified in
excess of 400 individual elements that can
contribute to an organisation’s resilience. They
stem from Health and Safety, security,
environment, quality management, training,
business continuity planning, redundancy
capability, crisis management capability, cyber
security and media management.
Within each of these elements there’s the
potential for a non-conformance or near miss to
be manifested without warning. Risk managers
and directors will recognise the importance of
identifying an appropriate methodology for the
collection and analysis of non-conformances
and near misses, given their clear potential for
impacting a firm’s vulnerability.
An organisation’s vulnerability can be
modelled in a two-dimensional matrix assigning
an individual score for the significance of each
performance indicator of resilience to
organisational interruption in tackling a
potential hazard, both man-made and natural.
The modelling of non-conformances is thus
significant because they will affect the
individual vulnerability scores in the matrix.
As this matrix is then used to calculate the
organisation’s overall residual risk and the
resilience to organisational interruption has a
direct bearing on vulnerability, it’s possible to
link the performance of resilience to
organisational interruption and the presence of
non-conformances to residual risk.
Similarly, the resilience for organisational
response consists of performance indicators
that have a direct bearing on the consequences
of an extraordinary event affecting an
organisation. In turn, these may be modelled in
their capability to reduce consequences and
thus reduce residual risk overall. This is the
methodology that links resilience to
organisational interruption and resilience for
organisational response and, therefore, overall
resilience to organisational risk.
In only a few years from now, the lines
dividing risk management and resilience
management will be sufficiently blurred, not
only through a better understanding of their
impact on residual risk, but also through the
necessity of allocating efficient resources to
tackle organisational risk and resilience.
Reference
1 Talas R and Menachof D
(2014): ‘Using Portfolio
Optimisation to Calculate the
Efficient Relationship
Between Maritime Port
Security Residual Risk and
Security Investment’,
International Journal of
Shipping and Transport
Logistics, Volume 6:3,
pp46-59
Dr Risto Talas BA (Hons) MBA
PhD: Lecturer in Security Risk
Management at the University
of Portsmouth’s Institute of
Criminal Justice Studies
“It’s not good enough for C-level directors of risk to
consider risk in isolation. They should be focused just as
much on resilience measures”
49
www.risk-uk.com

The UK Domestic Terrorism Threat:
A Shift in Emphasis for Security Training
As the recent tragic
events in London,
Manchester and
Barcelona have
confirmed, we’re now
dealing with an
emerging terrorist
modus operandi:
individuals working
alone or in small
groups using homemade
explosives,
small arms, knives and
vehicles to cause harm
to their targets, with
the perpetrators
themselves
unconcerned for their
own fate. Rupert Reid
explains why, when it
comes to counterterrorism
training, we
now need to shift the
emphasis towards one
focused on detection
Rupert Reid: Managing Director
of The Security Management
Academy (TheSMA)
50
www.risk-uk.com
Any debate about whether these people are,
in fact, trained and organised ‘terrorists’ in
the true sense of the word should
probably be parked for another day. However,
it’s clear that there are a number of unbalanced
fanatics who, no matter what their persuasion
or affiliation, are showing themselves to be
perfectly capable of causing serious harm to
people and damage to property by using the
most basic of tools or equipment.
Moreover, because these individuals are
often disenfranchised ‘lone actors’ whose craft
and motivation have been developed online,
the chances of early intervention are remote.
The UK Government’s exhortation to ‘Run,
Hide, Tell’ in the face of a terror threat is
soundly based and has been well thought
through in that it’s simple, logical and intuitive,
although we still need to work on the British
tendency not to cause a fuss (thinking ‘the
driver must be feeling unwell’ as the van
careers towards the Shopping Centre).
While ‘Run, Hide, Tell’ may work for the
individual, it doesn’t, I would suggest, meet the
Duty of Care criteria of companies when
contemplating how best to protect their staff,
clients and other visitors from such attacks. I’m
sure it would be considered poor form if
members of staff were to be seen ‘legging it’
from a retail store, leaving customers to deal
with the fanatic brandishing a knife.
Influx of information
Let us be clear on the terms of reference here.
It’s nigh on impossible to prevent an attack of
the kind we’re witnessing of late, such is the
spontaneous nature of the acts involved. As the
Security and Intelligence Services struggle to
cope with the influx of information being
offered up by a well-meaning public in
response to their appeals and make sense of
the raft of intelligence being shared by the
various agencies, we may need to rethink our
concept of ‘prevention’.
If any one of a number of unhinged social
outcasts with little or no history of wrongdoing
decides to rent a transit van and drive it into a
crowded street market, there’s nothing we can
do to prevent such an attack. However, we can
do much to minimise the harm which such an
episode might cause by subtly shifting the
emphasis from prevention to response. Not
completely, of course, but by putting much
more emphasis on the early detection of
abnormal activity than ever before.
Early identification
Consider, for example, the security officer
watching the CCTV screen or checking
credentials and searching handbags at the
door. What if they were to be specially trained
to profile and identify suspicious activity and
abnormal behaviour when the perpetrator was
at a distance from the premises, supported by
extra sets of ‘eyes and ears’ at Front of House,
and had the necessary complementary
technology to alert those whom they’re
protecting in the event of an incident?
Imagine the scenario: the security officer
outside the premises witnesses a van turning
into the street at high speed and, because he
has been trained to recognise abnormal
behaviour and react immediately, the officer
hits the panic button on his belt, triggering an
audible alarm in the building.
The entire workforce will have been trained
to recognise the significance of the alarm and
the importance of moving swiftly to a
predetermined safe area, with any visitors
being similarly marshalled. With as many
members of staff and visitors as possible now
safely housed in a secure zone somewhere
beyond the ready reach of the attacker(s), the
security team is able to alert the Emergency
Services from a controlled position.
Minimising the effects of an attack
Now, I’m not suggesting for one moment that
this will offer comprehensive protection for all,
but it will minimise the effects of the attack
and, importantly, demonstrate that the
company has done all it can to mitigate the risk
and exercise its Duty of Care.
We’re not talking about significant capital
expenditure here, apart from a few handheld
panic alarms and a very loud siren. This is
primarily an awareness and training issue
designed to improve the early detection of
abnormal activity and engender an
understanding of the need to move quickly
when instructed.
As far as the training itself is concerned,
we’re confident that we have the right blend of
the technical and the behavioural in place. The

In the Spotlight: ASIS International UK Chapter
Security Management Academy’s parent
company, the Chelsea Group, runs a number of
very large projects in some very dangerous
areas, primarily in the Middle East and Africa,
and we’ve seen the principles work in practice.
Believe me, if your life depends on the early
detection of abnormal behaviour exhibited by a
driver approaching a road block in Iraq or
Afghanistan, then you do find yourself looking
very closely indeed.
We’ve adapted these detection techniques for
the current UK threat environment and are
delivering short and focused training to
companies using similar risk containment
principles based on behavioural profiling and
early alert. There’s reassurance that the
necessary measures will not be difficult to
implement, nor the associated training too
onerous for security staff to assimilate.
Ability to observe
While the technique can be taught, the aptitude
of security staff not only to assimilate the
training, but also to apply the technique is
wholly and importantly dependent upon their
ability to observe.
For those of us former police or servicemen
who have worked on surveillance or
reconnaissance patrols, the ability of an
individual officer to truly ‘read the street’ is a
relatively rare art. Typically, it’s very much the
case that only certain officers have this innate
skill. There are those who can scan a busy
street or a railway station and intuitively detect
different body types or unusual activity and
there are those who cannot, no matter how
long they ight diligently stare into the space.
Therefore, there will only be certain security
personnel who possess this ability and they will
need to be identified through training and
assessment, rather than trial and error, if their
function is to be truly effective.
We’re often asked how best to identify these
key individuals such that companies can put
them forward for training. It’s a perfectly
reasonable question to pose, you might think.
However, the only really effective means of
selection is through practical role-play. To avoid
a classic ‘chicken and egg’ situation, companies
will need to put a number of their security staff
through the process in order to find out who’s
good at ‘reading the street’ and, just as
importantly, who isn’t.
Make no mistake, the job involves full-on
surveillance which will challenge even the most
diligent of operators, with long spells of
boredom interspersed by false alarms and
frequent interruptions, so these individuals will
need to be carefully chosen if they’re to be
effective. Once the ‘gifted’ individuals are
identified, they can then be taken to the next
stage of learning before eventually being
deployed as part of the security team.
Composition of the team
The ideal structure of an effective commercial
security operation will include a specialist
detection and response team with observers
and responders clearly identified, properly
trained and working in close unison for best
effect. They will rehearse regularly and ensure
that the gap between the identification of
abnormal behaviour in the street and the
sounding of an alert is as small as possible,
enabling the response team to sweep up their
staff and customers and move them, at a brisk
jog, to a previously identified safe haven.
Rather than ‘Run, Hide, Tell’ I would suggest
that ‘Spot, Sweep, Secure’ would be a worthy
commercial equivalent. You read it here first. I
would hope that, even if they don’t necessarily
appreciate this strapline, security companies
might take on board the subtle shift in
emphasis from prevention to detection, putting
into action the necessary selection and training
required to establish effective countermeasures
in the light of the current – and very
real – threats posed by today’s terrorists.
*TheSMA is one of ASIS UK’s
recognised training partners
for the Certified Protection
Professional (CPP), Physical
Security Professional (PSP)
and Professional Certified
Investigator (PCI)
qualifications
“If any one of a number of unhinged social outcasts with
little or no history of wrongdoing decides to rent a transit
van and drive it into a crowded street market, there’s
nothing we can do to prevent such an attack”
51
www.risk-uk.com

Gaseous Fixed Firefighting Systems:
Design, Selection and Installation
The whole process has
taken six months and
significant input from
a range of experts, but
the Fire Industry
Association has now
published a new
guidance document
designed to demystify
the standards
surrounding the
design, selection and
installation of gaseous
fixed firefighting
system pipework. Alan
Elder and Robert
Thilthorpe address the
all-important points to
note for fire safety
professionals
Alan Elder: Chairman of the Fire
Industry Association’s Working
Group on Gases
52
www.risk-uk.com
For those readers of Risk UK not familiar
with the technology, a gaseous fixed
firefighting system is one that does what it
says on the tin. In short, it uses a gas-based
agent to put out a fire either by displacing
some of the oxygen in the room to suffocate the
blaze or by removing heat. The method is
dependent on the type of agent used.
A fire protection system like this is commonly
employed in facilities such as Data Centres,
where delicate and high-risk computer
equipment could suffer damage from other
extinguishing media, such as water, foam or
powder. The solution design itself ensures that
the gas system extinguishes the fire both
quickly and cleanly and without damaging any
sensitive and expensive equipment.
After all, in a space such as a Data Centre,
the loss of valuable data would come at a
tremendous cost to a business, while the
knock-on effect to other systems and
businesses reliant on that data further down
the line would be hugely detrimental. Not to
mention the actual physical cost of losing the
hardware itself and having to replace it.
Therefore, protection of that facility from fire is
imperative when it comes to reducing the risk
of costly business interruption.
In almost all gaseous firefighting
installations, the agent is delivered to the
protected hazard through a network of
pipework. Installing the pipework presents a
number of challenges. Ensuring that the
pipework is correctly designed and specified is
important to avoid issues that could affect the
safety and effectiveness of the system. Pipe
threads that don’t match, improper seals
between pipework carrying the gas, corrosion
and using pipes of the wrong size or wall
thickness could all lead to the overall detriment
of the system.
Ultimately, the key points to observe here are
knowing what problems there could be and
also how to avoid these common pitfalls.
Skills and experience
The supply of gaseous fixed firefighting
systems requires a number of skills, experience
and specific knowledge of the equipment,
design codes and the hazards associated with
handling high pressure gases. Incorrect
handling of gas containers can be particularly
hazardous as they hold gases stored under
pressure, as do the pipes that allow the flow of
the gas to the hazard area. Individuals need to
understand how to install gaseous systems
such that the system is not only operational,
but also safe.
In a previous document, the FIA addressed
the issue of the safe handling of pressurised
container assemblies used in fixed firefighting
systems. The new guidance document covers in
some detail the pipework used in gaseous fixed
firefighting systems, duly identifying the
possibility that ‘should there be a major failure
of any pipe and/or fitting, a number of hazards
may arise, including projectiles, the release of
toxic agents (for example CO 2 ) or asphyxiants
in confined spaces, pressure effects/structural
damage and the consequential compromise of
extinguishing capability’.
Safety is the major issue that has inspired
the Fire Industry Association’s (FIA) Working
Group on Gases to create a series of useful,
freely downloadable documents, each designed
to explain the key safety concerns for those
working with, handling and/or installing these
systems. The latest in this series of documents,
the FIA’s Guidance Note on ‘Pipework for
Gaseous Fixed Firefighting Systems’, contains
an expanse of information based on the
technical knowhow of the experts who
prepared it and includes handy referral charts
and formulas for working out which pipes
should be selected.
There are a number of concerns in the
industry, especially when it comes to pipework.
One of the foremost of those concerns is that
people can mix up British and American
Standards. It can happen accidentally as there
are standards for pipes in the UK that are
different to the ones in the States.
People don’t necessarily realise that pipe
fittings manufactured to British Standards may
not be compatible with fittings manufactured to
American Standards. It’s entirely possible that
one installer may be familiar with American
Standards and another with British Standards.
If components are mixed on the same system,
then there could be some compatibility issues
between the different types of fittings which
may then lead to a decrease in the integrity of
the system as a whole.
Pipe selection is one of the guidance areas
covered by the new FIA document. Choosing the
wrong pipe or making a mistake in calculating

FIA Technical Briefing: Gaseous Fixed Firefighting Systems
the strength of the pipes could lead to leaking
at the joints between each pipe, meaning that
the gas may not reach its intended destination.
On a more extreme scale, the pipe could
completely separate due to the pressure and
forces in the pipework that might well occur
during a system discharge, subsequently
turning that pipe into a projectile which would
then present a safety hazard.
Pipework and fittings may be suitable for one
type of gas system, but might not be suitable
for another. Fortunately, with the new
guidelines that we’ve created, it’s our intention
to assist in educating the industry and reduce
any confusion surrounding the pipework.
To be frank, we really need people to
understand that working with gas requires a
highly specialised set of skills coupled with an
understanding of how gas reacts and moves
within a pressurised environment.
The FIA’s guidance document goes on to
state that it’s ‘important that the pipework from
the container storage location to the protected
space is professionally installed by trained
personnel who have experience with the
installation of gaseous fixed firefighting
systems. They should also be fully conversant
with the manufacturer’s requirements to ensure
the integrity and stability of piping during
discharge and also aware of the forces
generated. Where agent storage containers are
located outside of the protected space, then
the pipe routing should be the shortest route
possible to the protected space.’
Building structure
Another factor to bear in mind with pipework is
the way in which the pipes are secured to the
building structure, which can cause further
issues if inappropriate pipe fixings are used
due to the high forces present when a system
discharges. As such, the pipework requires
supports that are fit for purpose.
The FIA’s guide duly notes that: ‘Pipe support
saddles or straps normally used for supporting
sprinkler system pipework may not be suitable,
as such supports might not be able to
withstand the forces generated by gaseous
fixed firefighting systems. The piping should be
securely supported to prevent any movement
under the reaction forces at pipe fittings during
the rapid filling of the pipework upon the point
of system actuation.’
The worse case scenario here is that the
piping could in fact come away from the wall of
the building. There have been instances where
this has occurred. The other Health and Safety
issue is simply that these pipes can be
extremely heavy and, if they were to fall down,
the consequences could be severe for anyone
unfortunate enough to be directly beneath the
pipework at the time.
All bases covered
Thankfully, the document contains a handy
chart for installers and designers of gaseous
fixed firefighting systems which gives the
measurements for the maximum spacing
between the supporting hangers, depending on
the nominal pipe size, which – with the correct
selection of the support – should prevent any
pipes from coming away from the wall and
causing any damage.
The guidance document covers everything
the designer or installer of gaseous fixed
fighting systems needs to know – the pipe
specification for both the actuation lines and
the pipework installation, methodologies for
connecting the pipes, how to join and seal the
pipes, what type of support to use to fix the
pipes to the structure, how to avoid corrosion,
marking, earth bonding and testing of the
completed pipework installation.
Robert Thilthorpe:
Technical Manager at the Fire
Industry Association
“Pipe threads that don’t match, improper seals between
pipework carrying the gas, corrosion and using pipes of
the wrong size or wall thickness could all lead to the
overall detriment of the system”
53
www.risk-uk.com

Effective Collaboration in a Changing
Security Landscape
The security landscape
remains complex,
featuring as it does
multiple stakeholders,
service providers,
brands, philosophies,
buyers, sectors,
standards and
accreditations. This
can lead to barriers to
effective collaboration.
However, within this
complexity, simple
measures can deliver
significant outcomes.
As Paul Harvey
observes, by focusing
on the enablers of
effective collaboration
it’s possible to deliver
an outcome that
shares Best Practice
and also enhances
existing capabilities
54
www.risk-uk.com
Risk management isn’t just about security
operations, but rather a bottom-up
approach that drives ‘actionability’ against
threats, vulnerabilities and incidents and serves
to reassure business leaders. However, it can
result in overlapping processes and higher
costs. Some of the barriers to effective risk
management include fear, lack of awareness, an
unwillingness to be open about risks, outdated
or non-existent plans, lack of engagement and
a failure to truly understand capabilities.
By learning and adopting Best Practice, we
can drive dynamic, proportionate and
appropriate solutions for risk management. We
can also deliver professionals who are working
diligently every day at protecting people,
premises, profits, assets and image and
creating a fantastic journey and experience for
clients and their customers.
In recent times we’ve witnessed a number of
significant terrorism incidents involving Paris,
Brussels, Manchester, London and, most
recently, Barcelona. Such episodes present a
challenge for everyone. Increasingly, good
security providers are working collaboratively
with a ‘One Team’ approach and service lines
not traditionally associated with security, such
as FM teams, M&E engineers and cleaners.
Cleaners can access the ‘nooks and crannies’
that security officers may not be patrolling.
The point to note here is that every member
of the team can be aware and vigilant. It’s a
collective responsibility, with the effective coordination
of personnel ensuring efficient
collaboration across multiple stakeholders.
Tangible benefits
By delivering a comprehensive understanding
of risk strategies over the long-term, targeted
plans can be implemented. One of the tangible
benefits is strategic direction. There’s a clear
plan with clear outcomes. Another is proactive
risk management, with those threats mitigated
that could otherwise disrupt critical business
activity and engaged frontline personnel who
understand their pivotal role and functions.
Further benefits include improved resilience
thanks to the establishment, improvement and
refinement of business continuity models and
major incident programmes. In terms of
responsiveness, this will be enhanced through
economies of scale and the availability of more
resources. When it comes to increased capacity,
more can be achieved for less. Wastage may be
reduced thanks to better decision-making and a
broader understanding of the bigger picture.
There are efficiency benefits to be realised.
Investments can be made once such that the
wheel isn’t reinvented over and over again.
Increased participation leads to enhanced
community awareness. By involving a number
of organisations, your issue or message can be
transmitted to a great many more individuals
and groups. Also, those obstacles faced by one
group may be overcome by another.
It’s possible to avoid duplication, too. You
can ensure efforts and services are not being
unnecessarily duplicated by way of an
appropriate distribution of resources. Another
consideration is access to knowledge. There’s
an opportunity to mitigate risk and reduce
potential mistakes by dint of a greater
understanding of the operational context.
Collaboration in practice
Launched back in December 2014, the Police
and Security (PaS) Group is a business-led
initiative specifically designed to serve as a
‘critical friend’ to the Metropolitan Police
Service in developing mutually effective
collaboration with the private sector in support
of the Government’s Prevent, Prepare, Protect
and Pursue counter-terrorism strands.
The PaS Group is designed to simplify and
improve collaboration, co-ordination,

Security Services: Best Practice Casebook
communication, trust and feedback between
the Metropolitan Police Service and the wide
range of private sector capabilities and
initiatives that have the common goal of
reducing risk and crime in support of the
London Mayor’s Office for Policing and Crime’s
Business Crime Strategy. There are full
expectations that this initiative will gain further
traction over the next 12 months.
Furthering the collaboration theme, back in
July the City of London Police, Land Securities
Group plc and ourselves launched a new
scheme that introduces Emergency Trauma
Packs (ETPs) for prominent buildings and
business premises in the Square Mile. The aim
of this initiative is simple: to augment the
ability of first responders and members of the
public to treat casualties in the event of a major
incident. The concept works in line with recent
recommendations from the London Resilience
Board that focus squarely on equipping
members of the public with the necessary tools
to help them save lives.
Each ETP is stocked with a collection of
specialist medical equipment to treat
casualties, with the location of the kits plotted
on a map such that operators in the City of
London Police’s Control Room are able to
instruct individuals on site in use of the packs
in the event of a major incident. By having fullystocked
ETPs on their premises, first
responders, businesses and members of the
public will have the tools readily available to
respond in the event of an emergency.
Application of knowledge
Superintendent William Duffy from the City of
London Police said: “First Aid that’s
administered within the first few moments
following an attack can be life-saving. Due to
the nature of major incidents, the public will
inevitably be at the scene. If businesses and
other premises in the vicinity have enhanced
medical equipment on site, we can give people
access to the tools needed to help them save
lives. The availability of these kits is a natural
accompaniment to the CitizenAid App that
launched at the beginning of this year. The
application of knowledge and simple skills in
the critical period immediately after injury can
mean the difference between life and death.”
The City of London Police isn’t paying for the
ETPs, but has given advice – alongside the
London Ambulance Service – on what should be
included. In the very short time the scheme has
been launched, over 300 ETPs have been
deployed across the City of London, while the
Met is rolling-out a similar scheme. It’s felt that
the initiative will grow right across the UK.
The cost of an ETP (which is estimated at
around £450) and its upkeep are the
responsibility of the purchasing business. Each
kit will be stored in a secure location within the
business premises. The host organisation will
appoint a designated key holder who can be
contacted on a 24/7 basis should the kit be
needed. ETPs will contain around 40 items
including face masks, batteries, ice packs,
goggles, adhesive dressings and eye pads.
Business continuity
ISO 22301 Business Continuity Management
Systems is a framework and roadmap designed
to help organisations understand the risks to
their business and prioritise threats such that
they can be mitigated and factored into
business planning. This document specifies the
requirements of a management system that will
enable an organisation to identify – and,
therefore, reduce – the impact of events that
would disrupt its normal operation.
Events such as fires, floods, natural disasters,
thefts or criminal acts, IT disruptions, staff
shortages or terrorist attacks can be identified
before instigating a recovery plan to minimise
disruption in the running of the host business.
By its very nature, a continuity planning and
management system such as ISO 22301 means
that specific problems can often be identified
before they happen. This allows the host
organisation to put plans in place that serve to
ensure the smooth running of all critical
business functions during times of crisis.
Certification to ISO 22301 affords firms the
ability to identify and mitigate current threats
and potential crisis episodes within the
organisation. It also helps to minimise the loss
and disruption caused by the impact of these
incidents, while at the same time ensuring the
smooth running of critical business systems. It
can assist in making sure that unavoidable
downtime is minimised and that recovery can
be as quick as possible. Importantly, it instils
confidence among customers and stakeholders
that you can deliver products and services to
them despite unexpected interruptions.
“The whole is greater than the sum of its
parts” is a phrase credited to philosopher
Aristotle. Never has this pronouncement been
more apt than in the context of security. We are
all the genesis of effective collaboration.
Paul Harvey MSyI:
Commercial Director of
Ultimate Security Services
“There are efficiency benefits to be realised. Investments
can be made once such that the wheel isn’t reinvented
over and over again. Increased participation leads to
enhanced community awareness”
55
www.risk-uk.com

Defending The Digital World
The world has always
been unfortunate
enough to harbour
thieves, spies and
vandals, but digital
technology has
changed how those
individuals operate as
well as the
environment in which
they work. This is
undoing assumptions
that have been the
basis for our approach
to security for decades
and forcing us to
develop a new way of
thinking when it
comes to protecting
ourselves and our
businesses. Here,
James Hatch
elaborates on the fine
points of detail
Discussion of digital technology has tended
to focus largely on the Internet, but the
new world we’re building is based on the
much broader application of such technology.
Miniaturisation of electronics continues to drive
adoption as new applications become more
cost-effective. Through this increase, we’re
adding instrumentation capable of producing
digital data for many aspects of our lives, from
smart meters in our homes through to the GPSequipped
smart phones in our pockets.
At the same time, the reusability of software
is adding intelligence and decision-making
through automation and machine learning –
technologies that have been well understood
since the 1990s, but are now being set loose by
the availability of increased computer
processing power.
Cloud technology and mega-scale Data
Centres are enabling the collection and analysis
of massive amounts of data to provide services,
operate businesses and Government, conduct
research and tackle crime.
The direct impact on our economy has long
been recognised, and particularly so in the
areas of e-commerce and online retail. A higher
proportion of the UK’s economy is online than
is the case in other major nations. Now, digital
technology is allowing firms like Uber and
Airbnb to transform the taxi and hotel
industries even though they operate in
fundamentally physical markets. Gartner is
predicting this process of digitisation will
spread through every part of the economy.
The impact on social and political discourse
has become more apparent over the last year or
two. Digital technology allows people to meet
and maintain contact independently of physical
location, meaning that we spend more time
engaging with people who are like us rather
than near us. Also, we increasingly rely on
digital media for our information in place of TV
and the printed word. Facebook is now the
world’s largest distributor of news.
Of late, we’ve seen the impact of these trends
on politics. As both data-targeted campaigning
and ‘grass roots’ online organisation have
increased and political debate has been
fragmented among social media echo
chambers, it has become ever-more difficult to
understand and forecast the intentions of
voters. The potential for hacking, leaking and
other information operations to influence
elections has now become clear to the public.
We can also see big changes coming in the
physical world. Connected devices allow us to
create smart homes. Driverless cars are just
around the corner. Industrial companies are
seeking productivity improvements with
initiatives such as digital oilfields and the
digital railway. As consumer technology
becomes more and more personal to us and our
bodies, so it will merge with digital medicine
coming out of hospitals.
Thinking about security
For most people and many institutions, their
mental model of security hasn’t kept pace with
the changes in our world brought about by
digital technology. The established models of
security have worked on a clear division of
responsibility that’s best understood in
physical terms. As organisations and
individuals, we protect our property using risk
management and, often, do so informally. We
decide how much to spend based on the value
of assets and the threat we perceive in terms of
where they’re sited. A jewellers shop in a big
city will spend more on security than a bakery
in the country, for example.
When criminals break through protection
mechanisms and we’re burgled or robbed, we
seek help from law enforcement to defend
ourselves. The division of responsibility is clear.
We expect Government to help when something
goes wrong, but we accept that it’s our job to
56
www.risk-uk.com

Cyber Security: Risk Management in the Digital World
ensure that our property is properly and
adequately protected in the first place.
This is the world we live in and understand,
but it’s only a part of security. There’s another
world of security: national security. We expect
Governments to maintain the intelligence and
surveillance capability to know what’s going on
in the wider world and the military capability to
deter or deal with any aggression that comes
from beyond our borders. There are places
where these two worlds overlap, such as in
foreign-inspired domestic terrorism, but the
challenge involved merely illustrates how
separately we can maintain the distinction.
As businesses and private individuals, we
rely on physical distance to keep these two
worlds apart and on Governments to manage
global threats. We expect the national security
apparatus to maintain a physical barrier
between threats in the Middle East and a
domestic business in an English town.
Individuals and businesses have concentrated
on local protection. This form of thinking
persists in approaches towards cyber security.
Now, the increasing prevalence of digital
technology is making physical distance
irrelevant. As more of our world is connected,
geography becomes less relevant and distance
is almost useless at insulating us from far-off
threats. Security officials believe that hackers
in North Korea were behind the attack that
crippled parts of the NHS earlier this year.
Security is still reliant upon protection,
enforcement, intelligence and military domains,
but the barriers between these domains are
dissolving while the domains themselves now
increasingly overlap.
Assessing the implications
The blurring of the boundaries of these
domains means that we need to revise the
established model of security and the
responsibilities of individuals, organisations
and Governments.
Changes to the traditional security model
have three implications. First, it changes the
division of responsibility between businesses
and Government. Protecting a business’ assets
would traditionally have been something that
was entirely the responsibility of that business,
but there’s increasing willingness by
Government to undertake protection activities,
particularly so where it can do this most
effectively by working on core infrastructure.
In the UK, for example, we’ve seen the
creation of the National Cyber Security Centre, a
bold step taking part of GCHQ out of the
intelligence world and giving it a broad public
role in cyber protection for the whole country.
“Security is still reliant upon protection, enforcement,
intelligence and military domains, but the barriers between
these domains are dissolving”
Meanwhile, the Chinese Government has just
brought in its first cyber security law with the
stated aim of shielding domestic Chinese data
from foreign espionage.
Conversely, financial services organisations
and technology platforms are sometimes better
placed than police forces to help the victims of
online criminality. Someone who falls prey to a
fraudster on a website such as Amazon is less
likely to report it to the police and more likely
simply to seek a refund through Amazon or, as
an alternative, their credit card company.
Second, we need a way in which to defend
global business networks and technology
platforms that doesn’t trip over the national
focus of Government agencies. Governments
understandably prioritise their own countries
when it comes to security, whereas technology,
infrastructure and financial systems are all
fundamentally international with big
businesses and social networks typically
running across countries.
Law enforcement organisations in particular
have evolved from a primarily territorial remit.
This is challenging for collaboration even within
countries, but leads to real problems
internationally where enforcement activity
needs to work across jurisdictions and
investigators have to navigate differences in
legal structures and approaches, never mind
the nuances of language and culture.
Businesses cannot rely on distance and
Governments to insulate them from risk. We
need active business defence to protect our
organisations. This involves very different
capabilities from those traditionally in place
within IT and risk teams in business.
Business defence uses intelligence on
adversaries, technical vulnerabilities and the
organisation itself to build a full understanding
of the situation and prioritise resources to deal
with those risks of most significance. This
needs to include an understanding of the
relevant activities and implications of all four
domains of security globally rather than the
traditional local perspective.
Importantly, business defence engineers
organisations to be robust such that their
systems, processes and people are difficult to
compromise. Business defence maintains the
vigilance to identify problems early as well as
the readiness to deal with them before they can
cause serious damage.
James Hatch:
Director of Cyber Services at
BAE Systems Applied
Intelligence
57
www.risk-uk.com

Breaking The Silo: Advancing Careers
in the Security Business Sector
Given that there are so
many different
specialisms within the
profession of security
management, it’s
easy to find ourselves
in too tight a ‘niche’
which then requires us
to educate our clients
before they can hire
us. This is nothing if
not an unsustainable
business model. What,
then, is the answer to
the problem? Richard
Diston calls for the
silo walls of the
Security Department
to be torn down in
favour of security
becoming part of the
wider business culture
Over the last few years, there has been a
rapid expansion in the market for higher
level security management training
programmes and accreditations, positively
reflecting the desire in the sector for
recognition as a profession. This is
unquestionably a great leap forward, although
the end result has arguably been the creation
of a traditional security management workforce
that’s more highly qualified than the market
can either support or understand, in turn
leading to the potential for limited
opportunities, frustration and, in some cases,
the loss of talent from the sector.
There are hundreds of applicants for each
senior security management vacancy, with little
to distinguish one from another. This situation
has led to some heated debates in online
forums and on various social media platforms
about whether qualifications or experience are
most desirable for those seeking career
advancement in the sector.
An impasse appears to have been reached.
Whether a security practitioner is highly
qualified, highly experienced or both, suitable
senior-level security management opportunities
are somewhat difficult to find.
Several years ago, much was made of the
trend in organisations for appointing Chief
Security Officers (CSOs). However, there’s no
clear path to attaining such a senior post.
Further, there’s little clarity on whether many of
the posts that were created went to traditional
security practitioners or were bestowed upon
existing Board-level professionals such as
those with a background in finance or IT.
Certainly, the CSO roles that are advertised
often require a high level of technical
competence that most traditional security
practitioners simply don’t possess, creating an
almost insurmountable barrier to general entry.
There’s an undeniable lack of senior security
management positions available to traditional
security practitioners, many of whom have
committed to higher education or accreditation
and are now finding themselves ‘over-qualified’
at best and sidelined as ‘academics’ at worst.
This results in even fewer employment
opportunities, the response to which is often
despondency and a feeling – for certain
practitioners, at least – that the sector has ‘led
us up the garden path’ with its talk of
rewarding careers and a professional status.
For some, it seems that after attaining a highlevel
qualification or accreditation in security
management, the only option is the ‘feast or
famine’ existence of self-employment as a
security consultant.
Stalling professionalisation
There’s a risk that the lack of obvious senior
opportunities in security management may
even stall the professionalisation process for
the sector. Younger practitioners who engage in
industry networking online cannot avoid seeing
their seniors struggling to find work, and this
may well undermine attempts to engage them
in the aforementioned process.
Without clear direction for career planning
alongside some public ‘cautionary tales’ about
committing to a security career on social media,
the next generation of security managers may
disengage with the idea of a career in security.
It can be suggested that ‘career planning’
isn’t something that security practitioners have
ever really been able to do effectively. Many
practitioners move from opportunity to
opportunity, which works well until those
opportunities begin to dry up.
The security industry is undergoing a
significant period of change, the pace of which
is so fast that it has become difficult to keep up
with what it means to be a security practitioner.
With no widely agreed lexicon, the term
58
www.risk-uk.com

Training and Career Development
‘security manager’ might refer to a traditional
physical security role, an information security
systems role or perhaps even a job in software
development. With the concept of security
diversifying in response to an ever-broadening
threat landscape, this confusion can be a
further challenge for traditional security
practitioners when it comes to career planning.
The question is: ‘What can we do about this?’
Part of the wider problem might be that
security still exists within a number of different
silos. At the organisational level, whether
fuelled by pessimism or paranoia, we’ve built
walls around our departments to keep our
‘security stuff’ secret without realising that
what we really need to be doing is sharing it.
Whether we’re helping staff in other
departments to spot fraud, detect suspicious
behaviour, be more aware online or respond
more confidently to conflict, we’re empowering
the organisation to be more secure on a ‘one
person at a time’ basis. Such activity may help
to raise our profile organisationally and could
even trigger conversations that might reveal
hidden risks or opportunities for the business,
not to mention illuminate new career pathways
for ourselves as practitioners.
Weak at building bridges
Beyond the organisational silo, the sector
seems to exist in a professional one. The sector
is weak when it comes to building bridges with
other professions, both in terms of sharing
expertise and opening further career pathways.
Security people tend to network with other
security people, which may say somewhat more
about our ‘comfort zone’ than it does any
deliberate attempt to avoid other professions.
An alternative to this might be to seek
speaking slots at events for other sectors, or
writing security-related articles that are
relevant for trade journals outside of the
security domain. Security is a ‘people problem’
and, as such, we have insights that other
professions may duly appreciate.
The final silo is the one that we build
ourselves. If we only see ourselves as
‘traditional security people’ then this is all that
others will see us as, and their lack of
understanding of the importance and scale of
what it is we do will mean that they only call
upon us when they think there’s a problem (at
which point it’s often too late). Certainly,
security practitioners have been undertaking
Health and Safety accreditations for a number
of years to enhance their employability, but this
is perhaps an obvious step.
Another potential consideration is the
apparent shortfall of cyber security
“Whether a security practitioner is highly qualified, highly
experienced or both, suitable senior-level security
management opportunities are somewhat difficult to find”
professionals, with some reports suggesting
the number is going to be as high as 1.8 million
globally in the next five years. Considering the
shift in the asset base from physical to
information, this demand is foreseeable.
We as traditional security practitioners need
to overcome our fear of technology to take
advantage of this situation. If we accept three
principles – that security is a ‘people problem’,
that technology only allows people to commit
old crimes in new ways and that (using the
CISSP certification programme as an example)
nearly half of the knowledge required to work
in cyber security is within our existing
knowledge base – then there’s a chance to
forge a different career pathway.
There are also other avenues to consider. A
highly competent security practitioner might
add value in a range of corporate roles
including FM (for physical security), HR (for
people-based risks), logistics (supply chain
risks) and many others. Some of these
departments even have a direct career
trajectory into the C-Suite (including that
coveted CSO role). That being so, requalifying
to move departments might provide security
practitioners with longer term advantages.
If we accept that security is a business
enabler, we can begin to see which other areas
of the organisation we can enable through
sharing our knowledge and experience. Doing
so will require us to broaden our horizons and
open our minds. The best way to do that might
be to leave the Security Department behind us
forever and seek work in other teams.
Banish outdated thinking
Ultimately, it could be argued that we need to
break our ‘death grip’ on the concept of security
as a ‘department’. Such thinking is undeniably
outdated. For security to be truly effective it
must be part of the wider organisational culture
and is therefore not a department, but instead
a shared responsibility.
Perhaps security should be an element in a
wider management skills set instead of being a
discipline on its own, similar in nature to
project management accreditations?
While all of this is very much open to debate,
what is not is that, if we continue to do what
we’ve always done, we will always derive the
same end results (or perhaps worse, given the
ever-changing nature of today’s world).
Richard Diston MSc MSyI:
Director of Ark-Services
59
www.risk-uk.com

Risk in Action
Axis Security wins
new three-year
services contract at
Stockley Park
Axis Security, one of the UK’s
fastest-growing security
guarding businesses, has
been awarded a further
three-year contract term by
commercial property and
asset management concern
MJ Mapp at Stockley Park,
the 155-acre commercial
park that was transformed in the mid-1980s and is now widely regarded as the
foremost development on the ‘West London Corridor’.
Located at Harlington between Hayes and West Drayton in the London
Borough of Hillingdon and close to Heathrow Airport, Stockley Park continues
to be a visionary out-of-town business development that has since been
replicated not only here in the UK, but also throughout mainland Europe.
Tenants on the site include many household names such as Marks & Spencer,
Apple (UK), Canon, Gilead Sciences Europe, GlaxoSmithKline, IMG, Lucozade
Suntory, MSC Cruise Management and the Sharp Corporation. Also present are
Alexion Pharma UK, Cargo Logic Management, Hasbro, the surveillance
specialist Hikvision, IBM UK, Mitsubishi Industries, Regus, Toshiba, Verifone
and World Vision International.
The security contract comprises a team of 19 security personnel patrolling
the park by vehicle, golf buggy, bicycle and on foot. Patrols are designed to
assure the safety and security of all tenants within and visitors to the park. The
Axis team members are supported by a dedicated management structure to
consistently drive standards through training, development and innovation.
“Axis Security was clearly ahead of its competitors during the tender process
in terms of innovation, added value and the professional approach that the
business committed to address during the new contract term,” said Pieter
Borchardt, director at Stockley Park.
Client portal introduced by Officer
Connect as part of ‘virtual’
engagement solution for guarding
Officer Connect has launched a client portal as
an integral part of its ‘virtual’ engagement
solution for the security guarding industry. The
portal enables clients to have total visibility of
their entire security portfolio and the men and
women for whom they’re responsible.
Recorded interviews between employees and
the Officer Connect team can be reviewed
alongside a transcript of the conversation that
has taken place, with any key areas of concern
or issues appropriately ‘red-flagged’.
The portal also enables users to view and
amend schedules for every site and every
officer, as well as quickly and easily create
‘new’ officer profiles to add to those uploaded
at the start of mobilisation. Summary reports
can be automatically sent as a PDF. The new
portal also supports basic administration.
Officer Connect is designed to improve
security officer well-being and support security
providers in their contractual and moral
obligations to customers and staff. The
company provides ‘Virtual Visits’ as an
enhancement to the ‘traditional’ approach of
visits by mobile supervisors out of hours.
Using state-of-the-art video and audio
technology, Officer Connect is able to engage
with security officers at numerous levels.
Securitas forges GreenRoad
technology partnership to improve
driver safety for staff members
Securitas has partnered with GreenRoad – the
driver safety and behaviour technology
specialist – to improve driver safety among its
11,000 employees. With vehicle collisions the
foremost cause of work-related deaths in the
UK, Securitas wants to reduce risks associated
with driver behaviour for the welfare of its own
employees and that of other road users.
GreenRoad technology will allow Securitas
to track the movements of its fleet, monitoring
driver behaviour such as harsh braking,
cornering, lane handling, acceleration and
speeding. Each vehicle will be fitted with
technology providing real-time data, cascaded
to an online reporting and analytics platform.
This will enable Securitas to track its entire
fleet, while also monitoring driver behaviour.
Improvements in driver behaviour enhance
the safety of the company’s many mobile
employees, in turn exerting a significantly
positive impact on the environmental footprint
of Securitas by reducing CO2 emissions,
helping the company to achieve its targets for
the reduction of greenhouse gases while also
growing this valuable sector of the business.
This latest initiative demonstrates how
Securitas is investing in technology to provide
a superior service for its customer base.
“Our dedication to safety extends beyond
protecting clients through our specialist
services,” said Yvonne Hinckley, mobile
operations manager at Securitas.
60
www.risk-uk.com

Risk in Action
Cambridgeshire Fire and Rescue
Service deploys Panasonic tablets
to assist front line firefighters
Cambridgeshire Fire and Rescue Service is
“transforming” working life for its
firefighters on the front line by equipping
them with Panasonic’s rugged Toughpad
tablets such that they can access vital
information during emergency episodes.
The Fire and Rescue Service is deploying
13-inch Panasonic Toughbook CF-D1 tablets
in the front cabs of its fire appliances. These
Mobile Data Terminals (MDTs) are
permanently mounted in the front of the
vehicle and connected to the existing Tetra
Network. They will be used for providing vital
information on the way to a call-out, such as
sending status updates to Command and
Control, outlining risk assessment
requirements, vehicle safety data, safety
data on any chemicals stored on site and
details about the occupancy of premises and
nearby hydrant locations.
Smaller and lighter 10-inch Panasonic FZ-
G1 Toughpad tablets are being installed in
the back of the appliances for use by
firefighters inside and outside of the vehicle
when at the scene of an emergency. These
devices will be used day-to-day for the asset
management of equipment and inventory
and, in the future, for providing valuable
emergency information on site, such as
vehicle crash rescue data, as well as for
regular community duties (ie home fire
safety surveys and hydrant inspections).
John Barlow is responsible for
modernising Cambridgeshire Fire and Rescue
Service’s front line communications devices.
“We’re investing to change all the existing
MDTs to a more agile device so as to allow
the crews to work more efficiently and
smartly,” explained Barlow. “The Panasonic
devices are ideal for all of the conditions in
which we work. We can read the devices in
bright sunlight and they’re built to be used
outside and in wet conditions without any
problems for our personnel.”
University of Dundee’s management
calls for assistance from Aiphone
Highly visible emergency Call Point pedestals are
being installed throughout the University of
Dundee’s campus as part of a comprehensive
range of measures configued to ensure a rapid
response to any emergency incidents.
The bespoke-designed pedestals have been
manufactured specifically for the University of
Dundee by Aiphone. They incorporate the
company’s IX IP intercom stations which enable
students and staff to instantly communicate with
security personnel within the University of
Dundee’s Control Room if they see any suspicious
activity or feel unsafe.
Aiphone’s IX intercom system features Power
over Ethernet which has minimised installation time and costs as there was no
need to provide separate power supplies for each pedestal.
Scottish Communication, one of the UK’s leading independent
communication equipment specialists, was awarded the contract to install the
emergency Call Points. The intercom stations were commissioned by
connecting them to the University of Dundee’s network infrastructure.
Each of the 1600 mm x 200 mm x 200 mm custom-built pedestals
incorporates a flush-mounted IX intercom station equipped with a large red call
button. This has two outputs to simultaneously trigger an emergency call and
to activate an external video surveillance camera.
The first phase of the project sees five emergency Call Point pedestals
deployed at carefully selected central and remote campus locations.
Managers at the University of Dundee are currently evaluating in some detail
the potential benefits of using the emergency Call Points at additional
locations (such as car parks, for example).
WPS’ ParkAdvance helps ease
the customer journey at major
Heathrow Airport hotel
WPS, the parking systems and
management specialist, has installed its
ParkAdvance Pay-on-Foot parking
technology at a major Heathrow Airport
hotel near Terminal 4 to help in delivering
the ultimate guest security experience.
The system is being used to control
access at the hotel’s guest car park (comprising more than 200 parking spaces)
and its two staff car parks. It accommodates ‘traditional’ payments (by visitors
at a pay station), web-enabled validation (at the hotel’s reception, concierge
desk, restaurant and gym) and employee ID cards.
ParkAdvance terminals employ contactless payment technology, while the
barriers are used in conjunction with ANPR to enable employees to quickly
enter the main car park before reaching the staff car park.
The hotel attracts both leisure and corporate guests, who stay from 30
minutes up to any number of weeks, and the hotel wanted the parking
experience to be positive. “We sought an intuitive, self-service payment system
combined with automatic barriers that would provide guests with a modern,
hassle-free experience,” stated a hotel spokesperson. “In what was a
competitive tender, ParkAdvance was chosen on the basis of the system’s
renowned reliability, the extensive expertise of the WPS engineering and
installation team members and the company’s after-sales proposition.”
61
www.risk-uk.com

Technology in Focus
360 Vision Technology and Visual
Management Systems guard against
cyber attacks
As more and more security systems and devices
become IP networked, it’s important for security
installers and end users alike to consider how
their systems will be protected against the
possibility of cyber attacks.
Providing a solution to the concerns around
cyber security and hacking, 360 Vision
Technology has partnered with software control
provider Visual Management Systems to offer security operators an effective
solution designed to guard against IP surveillance system cyber threats.
Without the right level of network security measures in place, system users
can be left vulnerable, resulting in exposure to the type of hacking and malware
episodes that have recently hit the news headlines.
When used together, both 360 Vision Technology cameras and Visual
Management Systems’ TITAN SECURE Physical Security Information
Management system can exceed 802.1x authentication protocols and
encryption to provide “the ultimate protection” for surveillance networks.
www.360visiontechnology.com
Qognify enhances situation
management with new cloudbased
mobile solution suite
Qognify, the specialist in Big Data solutions
for physical security and operations, has just
launched a new suite of integrated mobile
solutions – designated Qognify Extend –
empowering organisations to leverage field
resources and responders to increase
situational awareness.
Powered by CloudScann, the cloud-based
solution extends the reach, coverage and
effectiveness of a given enterprise’s Control
Room and operations by enabling training
personnel — and their smart phones — to
become powerful sensors.
The Qognify Extend suite includes several
modules. SeeItSendIt is geared to enable
field personnel to report into the Control
Room using their smart phones.
www.qognify.com
Bureau Veritas leads the way with
launch of mobile inspection service
In an industry first, leading testing, inspection
and certification provider Bureau Veritas has
launched a Mobile Plant Unit to deliver on-hire
inspections for all mobile plants and assets.
The Mobile Plant Unit has been created in
response to the issue of regulations for
mobile assets, specifically the Provision and
Use of Work Equipment Regulations (PUWER)
and the Lifting Operations and Lifting
Equipment Regulations (LOLER) inspections,
which are required of all mobile plant and assets including mobile platforms,
lifting and crane equipment, excavators and bulldozers.
The new unit boasts an expert team of qualified engineer surveyors able to
undertake thorough examinations and inspections of equipment as the
‘competent person’, to ascertain it’s safe to use and enable clients to meet
their statutory obligations – wherever that equipment may be located.
Shaezar Karim, divisional director for mechanical at Bureau Veritas, said:
“Our new Mobile Plant Unit allows us to provide a much-needed solution to a
problem faced by contractors across the country. For mobile assets, which are
often hired out to contractors and moved around the UK, meeting statutory
obligations can be a challenge. In some cases, people are unaware of their
obligations, mistakenly believing it’s the sole duty of the hire company to
undertake PUWER and LOLER inspections. However, it’s also the responsibility
of the user to make sure that the periodic thorough examinations and
inspections are undertaken at the correct frequencies.”
Karim added: “Crucially, our dedicated Mobile Plant Unit understands the
issues faced when working with mobile plant. As such, our experienced
engineers are able to react when assets change location.”
In addition to the launch of the Mobile Plant Unit, Bureau Veritas offers tools
and systems specifically designed to support the company’s myriad clients.
www.bureauveritas.co.uk
Wavestore unveils Version 6.8 of
Video Management Software
Wavestore, the British developer of innovative
open-platform and highly secure Linux-based
Video Management Software (VMS), has
launched Version 6.8 of its VMS to deliver
performance and functionality improvements
for system integrators and end users alike.
Among many enhancements and additional
features, Version 6.8 includes support for
VMWare ESXi, in turn introducing virtualisation
to the Wavestore VMS platform.
End users
employing Virtual
Machines (VM)
as part of their IT
infrastructure are
now able to take
full advantage of
the technology
which can help
when it comes to reducing energy, software and
IT administration costs.
Wavestore’s VMS can be licensed in two ways
when in a VM environment: either via the
Internet or Wavestore’s dedicated VM dongle.
www.wavestore.com
62
www.risk-uk.com

Technology in Focus
SPC Connect’s latest developments
demonstrate Vanderbilt’s agility
Vanderbilt has announced the release of SPC
Connect 2.4 to add to the company’s SPC
product portfolio. SPC Connect is a hosted
cloud-based solution designed specifically for
installers to monitor, manage and maintain SPC
panels remotely from any location.
The release indicates a significant
development pace by the company as it comes
just four months after the last feature set of
SPC Connect updates in April. The latest
features include push notifications, local user
management and alarm verification.
“SPC Connect is developed to enhance the
security installer’s ability to configure their
systems remotely and, with user management
enhancements, the solution speeds up the
process of adding and configuring users,”
explained John O’Donnell, product manager at
Vanderbilt. “It means that the system
administrator can now configure users to have
access to their SPC system very quickly, saving
them both time and money.”
The push notifications for iOS devices ensure
SPC Connect users are always informed of new
information related to their SPC system.
www.vanderbiltindustries.com
Bosch introduces in-store analytics
solution for use in retail sector
Bosch Security Systems has introduced In-
Store Analytics, a solution designed to provide
today’s retailers with valuable insights on
store traffic such that they can improve
operations, customer engagement and sales.
As part of the solution, Bosch IP panoramic
cameras are installed to provide high visibility
of the retail floor. The cameras use on-board
Intelligent Video Analytics to create position
data of shoppers’ movements. This data is
then sent direct to the cloud where it’s further
processed without video streams ever leaving
the retailer’s premises, thus maintaining
shoppers’ privacy.
Unlike many systems that require on-site
PCs to pre-process the video streams,
subsequently limiting their performance to a
few cameras per site, Bosch’s solution easily
ONVIF publishes Release
Candidate for Profile T
ONVIF – the global standardisation
initiative for IP-based physical security
products – has announced the Release
Candidate for Profile T, a draft
specification with advanced streaming
capabilities that includes support for
H.265 video compression and an
expanded feature set that extends the
capabilities of ONVIF video Profiles for
both system integrators and end users.
ONVIF Profile T for advanced streaming
deliberately employs a new media service
that enables the support of High Efficiency
Video Coding based on the international
H.265 video compression standard that
specifies how to decode data into
displayable video. Profile T-conformant
clients support both H.264 and H.265 video
compression. Profile T-conformant devices
support at least one of these formats.
The new Profile encompasses Transport
Layer Security-enabled communications and
new functionalities such as bi-directional
audio streaming, standardisation of events
and on-screen display configuration.
“Profile T broadens the scope of the ONVIF
video profile to include both the H.264 video
compression standard and H.265 video
compression, which is set to become the de
facto video compression standard in the very
near future,” explained Fredrik Svensson,
chairman of ONVIF’s Profile T Working Group.
www.onvif.org
scales to cover even the largest of retail
stores with a high camera count in addition
to large multi-store chains.
In the cloud, position data is mined into
performance results and visualisations that
are shared with the retailer through
customised web interfaces for merchandisers
and operations managers alike.
For operations managers, In-Store
Analytics provides insights into department
and store-level traffic. Practising operations
managers can use these insight tools to
ensure sufficient staff are on-site to serve
shoppers during peak times.
Traffic data also enables retailers to track
customer service quality over time.
Retailers will benefit from actionable
insights delivered by this new solution, as the
shopper data rendered by In-Store Analytics
boasts a particularly high accuracy rate.
www.boschsecurity.com
63
www.risk-uk.com

BENCHMARK
Smart Solutions
BENCHMARK
Innovative and smart solutions can add value and benefits to
modern systems for customers. With the technological landscape
rapidly evolving, the Benchmark Smart Solutions project assesses
the potential on offer from system integration, advanced
connectivity and intelligent technology. Bringing together field trials
and assessments, proof of concept and real-world experience of
implementing smart solutions, it represents an essential resource
for all involved in innovative system design.
Launching in 2017, Benchmark Smart Solutions will be the industry’s only real-world resource for
security professionals who are intent on offering added value through the delivery of smarter solutions.
@Benchmark_Smart
Partner Companies
www.benchmarksmart.com

Appointments
Magnus Ahlqvist
The Board of Directors of
Securitas AB has appointed
Magnus Ahlqvist as the new
president and CEO of the
business with effect from
March 2018. Ahlqvist will
replace Alf Göransson, who
has asked to leave his
position with the company
after having led Securitas successfully for the
last 11 years.
Since 1 September 2015, Ahlqvist has served
as divisional president of Securitas’ Security
Services Europe operation and been a member
of Securitas’ Group Management. He joined the
business from Motorola Mobility (a Google
company before it was taken over by Lenovo),
where he was corporate vice-president (EMEA
and India) at Motorola.
Before that, Ahlqvist worked at Sony Ericsson
and Sony Mobile Communications for 12 years.
Among other roles, he served as president of
Sony Mobile Communications in China for three
years and as vice-president and general
manager for Spain and Portugal at Telefónica.
43 year-old Ahlqvist holds an MSc in
Economics and Business Administration gained
through study at the Stockholm School of
Economics as well as a leadership qualification
from the Harvard Business School.
“Securitas is a wonderful company with very
competent and engaged people in its ranks,”
explained Ahlqvist in conversation with Risk UK.
“I believe Securitas is the leading security
services company in the world. We have a
winning strategy and we’re heading up the
transformation of the security industry from
traditional on-site guarding to encompass a
broader spectrum of advanced security
solutions and electronic security for end users.”
Jane Farrell
Jane Farrell, head of security at Sodexo for the
UK and Ireland, was elected chairman of the
International Professional Security Association
(IPSA), the longest-established security Trade
Association in the UK’s security business
sector, at the recent meeting of IPSA’s
International Council in London.
Farrell, who has the honour of becoming the
first female chairman in IPSA’s illustrious 59-
year history, has been serving as the
organisation’s deputy chairman since 2014.
Justin Bentley, CEO at IPSA, said: “I’m
delighted that Jane has been elected as
chairman of the Association. She has been
steadily increasing her involvement in IPSA
Appointments
Risk UK keeps you up-to-date with all the latest people
moves in the security, fire, IT and Government sectors
Daniel Hardy
The National Business Crime Solution (NBCS) –
a not-for-profit initiative that enables the
sharing of data between law enforcement
agencies and the business community to reduce
crime – has announced Daniel Hardy’s
appointment as managing director.
A well-known and respected figure with over
20 years of crime prevention experience, Hardy
is tasked with taking the NBCS to the next stage
of its development and fulfilling its role in
supporting businesses and the police service in
the ongoing fight against offenders.
Hardy explained: “I want to cement the
position of the NBCS as a critical friend of the
business community, the police service and all
business crime reduction partnerships by
furthering the use of the national business
model for all those affected by crime.”
Hardy served five years in the Grenadier
Guards before gaining experience in the private
security industry. He then spent 13 years with
the Metropolitan Police Service, rising to the
position of Acting Detective Inspector on the
Specialist Crime Directorate and running
Operation Vanguard. Hardy subsequently
became head of risk at G4S.
Prior to his current role with the NBCS, Hardy
served as corporate crime and security lead at
Sainsbury’s where his myriad responsibilities
for the High Street retailer included all of the
company’s stores, corporate locations and
distribution facilities around the world.
since joining, and her familiarity with both the
Association and the security industry make her
the ideal person to keep us moving forward.
Her vast experience in training and quality fit
perfectly with the ethos of the Association.”
Farrell has been leading exciting new
changes within IPSA along with the elected
members of the Management Board and the
International Council since March of this year
when the organisation’s former chairman,
Stuart Naisbett, resigned due to personal
commitments. Most of these changes will be
revealed at the 2017 AGM on 11 September.
Speaking to Risk UK, Farrell enthused:
“Following two years as deputy chairman of
IPSA, I’m absolutely delighted to accept the
post of chairman of the Association.”
65
www.risk-uk.com

Appointments
Simon Chapman
Cardinal Security, the provider of “dynamic and
innovative” security solutions, has announced the
appointment of Simon Chapman as its new CEO. The
move follows the introduction of a new ownership
structure designed to take the business on to the next
stage in its development.
Harbouring an illustrious career in the sector spanning
over three decades, Chapman joins Cardinal Security from
Lodge Service, where he was sales director and,
subsequently, managing director responsible for doubling the growth of the
company in less than eight years.
Chapman has also served as sales director for G4S Secure Solutions and as
sales and marketing director at Checkpoint Systems, where he worked for
almost 17 years both here in the UK and abroad.
“Thanks to company founder and former CEO Jason Trigg’s hard work and
vision over many years, Cardinal Security has gained an enviable reputation for
its intelligence-led security guarding and loss prevention services across the
retail and logistics industries,” commented Chapman. “By building on this
success, my primary objective is to ensure that the company is the security
solutions provider of choice for these vertical sectors and beyond.”
James Min
IDIS, the surveillance
solutions manufacturer,
has appointed James Min
to the role of managing
director for IDIS Europe.
Min will be based out of
IDIS’ UK office in
Brentford, London, where
he will head up the
growing external and internal sales force and
technical team as well as playing a key part in
driving marketing and PR initiatives across
Europe, and particularly so here in the UK.
Joining IDIS back in 2004 as a key account
manager, Min was promoted to leader of EMEA
sales and marketing in 2010, whereupon he
was responsible for developing existing original
design manufacturer (ODM) partnerships as
well as opening many new business channels
right across Europe.
Min also played a strategic role in launching
the IDIS brand business and DirectIP next
generation surveillance solution throughout the
region. In 2014, Min was promoted to general
manager and assumed responsibility for
developing EMEA sales, directing marketing
strategy and supporting product development
for IDIS’ Total Solution line-up.
Min stated: “I’m looking forward to
developing our strategy and building on our
success since we launched our own brand
business back in 2013 and opened our first UK
office, which has expanded greatly this year.”
Min’s remit will also be to support the
opening of new business channels with both
distributors and strategic integrators.
Duaine Taylor
The Axis Academy has
confirmed the
appointment of its senior
team following the
launch of the new
learning and
development business.
Duaine Taylor is the head
of learning and
development, while Peter Morris has been
appointed as The Axis Academy’s lead trainer.
Both come to their new roles with a wealth of
training and industry-related experience.
Taylor, who was previously the training
manager for Axis Cleaning and Support
Services, is now responsible for the learning
and development of employees across the
entire Axis Group and reports to Naomi Austen,
Group HR and learning director. Looking after
the day-to-day management of the business,
Taylor is also tasked with establishing new
training regimes and working with expert
trainers to devise bespoke courses.
The Axis Academy has been set up to improve
the skills and professionalism of all those
employed by Axis Group companies and to
drive up professional standards.
Steve Evans
Amberstone Technology,
the provider of
“dynamic and
innovative” security and
loss prevention
technology, has
announced a new highprofile
appointment to
its senior management
team in the form of Steve Evans.
Evans will serve as Amberstone
Technology’s commercial director with a view
to developing the company’s position as one
of the foremost suppliers of intelligent
protection and analytics solutions in the UK
and Europe. Evans has been resident within
the security industry for over 30 years now
and joins the business from Kings Security,
where he spent 14 years as head of national
accounts and, most recently, occupied the
role of Chief Operating Officer.
Prior to that, Evans was head of national
accounts at Protection One Security
Solutions. He brings extensive knowledge of
integrated security solutions to his new role.
Evans will now focus on the development
of new opportunities in line with the
company’s strategic growth plan, which
includes expansion into mainland Europe.
66
www.risk-uk.com

thepaper
Business News for Security Professionals
Pro-Activ Publications is embarking on a revolutionary
launch: a FORTNIGHTLY NEWSPAPER dedicated to the
latest financial and business information for
professionals operating in the security sector
The Paper will bring subscribers (including CEOs,
managing directors and finance directors within the
UK’s major security businesses) all the latest company
and sector financials, details of business re-brands,
market research and trends and M&A activity
FOR FURTHER INFORMATION
ON THE PAPER CONTACT:
Brian Sims BA (Hons) Hon FSyI
(Editor, The Paper and Risk UK)
Telephone: 020 8295 8304
e-mail: brian.sims@risk-uk.com
www.thepaper.uk.com

Best Value Security Products from Insight Security
www.insight-security.com Tel: +44 (0)1273 475500
...and
lots
more
Computer
Security
Anti-Climb Paints
& Barriers
Metal Detectors
(inc. Walkthru)
Security, Search
& Safety Mirrors
Security Screws &
Fastenings
Padlocks, Hasps
& Security Chains
Key Safes & Key
Control Products
Traffic Flow &
Management
see our
website
ACCESS CONTROL
KERI SYSTEMS UK LTD
Tel: + 44 (0) 1763 273 243
Fax: + 44 (0) 1763 274 106
Email: sales@kerisystems.co.uk
www.kerisystems.co.uk
ACCESS CONTROL
ACCESS CONTROL
ACT
ACT – Ireland, Unit C1, South City Business Park,
Tallaght, Dublin, D24 PN28.Ireland. Tel: +353 1 960 1100
ACT - United Kingdom, 601 Birchwood One, Dewhurst Road,
Warrington, WA3 7GB. Tel: +44 161 236 9488
sales@act.eu www.act.eu
ACCESS CONTROL – BARRIERS, GATES, CCTV
ABSOLUTE ACCESS
Aberford Road, Leeds, LS15 4EF
Tel: 01132 813511
E: richard.samwell@absoluteaccess.co.uk
www.absoluteaccess.co.uk
Access Control, Automatic Gates, Barriers, Blockers, CCTV
ACCESS CONTROL
COVA SECURITY GATES LTD
Bi-Folding Speed Gates, Sliding Cantilevered Gates, Road Blockers & Bollards
Consultancy, Design, Installation & Maintenance - UK Manufacturer - PAS 68
Tel: 01293 553888 Fax: 01293 611007
Email: sales@covasecuritygates.com
Web: www.covasecuritygates.com
ACCESS CONTROL & DOOR HARDWARE
ALPRO ARCHITECTURAL HARDWARE
Products include Electric Strikes, Deadlocking Bolts, Compact Shearlocks,
Waterproof Keypads, Door Closers, Deadlocks plus many more
T: 01202 676262 Fax: 01202 680101
E: info@alpro.co.uk
Web: www.alpro.co.uk
ACCESS CONTROL – SPEED GATES, BI-FOLD GATES
HTC PARKING AND SECURITY LIMITED
St. James’ Bus. Centre, Wilderspool Causeway,
Warrington Cheshire WA4 6PS
Tel 01925 552740 M: 07969 650 394
info@htcparkingandsecurity.co.uk
www.htcparkingandsecurity.co.uk
ACCESS CONTROL
INTEGRATED DESIGN LIMITED
Integrated Design Limited, Feltham Point,
Air Park Way, Feltham, Middlesex. TW13 7EQ
Tel: +44 (0) 208 890 5550
sales@idl.co.uk
www.fastlane-turnstiles.com
ACCESS CONTROL
SECURE ACCESS TECHNOLOGY LIMITED
Authorised Dealer
Tel: 0845 1 300 855 Fax: 0845 1 300 866
Email: info@secure-access.co.uk
Website: www.secure-access.co.uk
ACCESS CONTROL MANUFACTURER
NORTECH CONTROL SYSTEMS LTD.
Nortech House, William Brown Close
Llantarnam Park, Cwmbran NP44 3AB
Tel: 01633 485533
Email: sales@nortechcontrol.com
www.nortechcontrol.com
Custom Designed Equipment
• Indicator Panels
• Complex Door Interlocking
• Sequence Control
• Door Status Systems
• Panic Alarms
• Bespoke Products
www.hoyles.com
sales@hoyles.com
Tel: +44 (0)1744 886600
ACCESS CONTROL – BIOMETRICS, BARRIERS, CCTV, TURNSTILES
UKB INTERNATIONAL LTD
Planet Place, Newcastle upon Tyne
Tyne and Wear NE12 6RD
Tel: 0845 643 2122
Email: sales@ukbinternational.com
Web: www.ukbinternational.com
Hoyles are the UK’s leading supplier of
custom designed equipment for the
security and access control industry.
From simple indicator panels to
complex door interlock systems.
BUSINESS CONTINUITY
ACCESS CONTROL, INTRUSION DETECTION AND VIDEO MANAGEMENT
VANDERBILT INTERNATIONAL (UK) LTD
Suite 7, Castlegate Business Park
Caldicot, South Wales NP26 5AD UK
Main: +44 (0) 2036 300 670
email: info.uk@vanderbiltindustries.com
web: www.vanderbiltindustries.com
BUSINESS CONTINUITY MANAGEMENT
CONTINUITY FORUM
Creating Continuity ....... Building Resilience
A not-for-profit organisation providing help and support
Tel: +44(0)208 993 1599 Fax: +44(0)1886 833845
Email: membership@continuityforum.org
Web: www.continuityforum.org
www.insight-security.com Tel: +44 (0)1273 475500

CCTV
CCTV
Rapid Deployment Digital IP High Resolution CCTV
40 hour battery, Solar, Wind Turbine and Thermal Imaging
Wired or wireless communication fixed IP
CE Certified
Modicam Europe, 5 Station Road, Shepreth,
Cambridgeshire SG8 6PZ
www.modicam.com sales@modicameurope.com
CCTV SPECIALISTS
PLETTAC SECURITY LTD
Unit 39 Sir Frank Whittle Business Centre,
Great Central Way, Rugby, Warwickshire CV21 3XH
Tel: 01788 567811 Fax: 01788 544 549
Email: jackie@plettac.co.uk
www.plettac.co.uk
CONTROL ROOM & MONITORING SERVICES
CCTV POLES, COLUMNS, TOWERS AND MOUNTING PRODUCTS
ALTRON COMMUNICATIONS EQUIPMENT LTD
Tower House, Parc Hendre, Capel Hendre, Carms. SA18 3SJ
Tel: +44 (0) 1269 831431
Email: cctvsales@altron.co.uk
Web: www.altron.co.uk
CCTV
G-TEC
Gtec House, 35-37 Whitton Dene
Hounslow, Middlesex TW3 2JN
Tel: 0208 898 9500
www.gtecsecurity.co.uk
sales@gtecsecurity.co.uk
ADVANCED MONITORING SERVICES
EUROTECH MONITORING SERVICES LTD.
Specialist in:- Outsourced Control Room Facilities • Lone Worker Monitoring
• Vehicle Tracking • Message Handling
• Help Desk Facilities • Keyholding/Alarm Response
Tel: 0208 889 0475 Fax: 0208 889 6679
E-MAIL eurotech@eurotechmonitoring.net
Web: www.eurotechmonitoring.net
DISTRIBUTORS
CCTV/IP SOLUTIONS
DALLMEIER UK LTD
3 Beaufort Trade Park, Pucklechurch, Bristol BS16 9QH
Tel: +44 (0) 117 303 9 303
Fax: +44 (0) 117 303 9 302
Email: dallmeieruk@dallmeier.com
SPECIALISTS IN HD CCTV
MaxxOne
Unit A10 Pear Mill, Lower Bredbury, Stockport. SK6 2BP
Tel +44 (0)161 430 3849
www.maxxone.com
sales@onlinesecurityproducts.co.uk
www.onlinesecurityproducts.co.uk
CCTV & IP SECURITY SOLUTIONS
PANASONIC SYSTEM COMMUNICATIONS COMPANY
EUROPE
Panasonic House, Willoughby Road
Bracknell, Berkshire RG12 8FP UK
Tel: 0207 0226530
Email: info@business.panasonic.co.uk
AWARD-WINNING, LEADING GLOBAL WHOLESALE
DISTRIBUTOR OF SECURITY AND LOW VOLTAGE PRODUCTS.
ADI GLOBAL DISTRIBUTION
Distributor of electronic security systems and solutions for over 250 leading manufacturers, the company
also offers an internal technical support team, dedicated field support engineers along with a suite of
training courses and services. ADI also offers a variety of fast, reliable delivery options, including specified
time delivery, next day or collection from any one of 28 branches nationwide. Plus, with an ADI online
account, installers can order up to 7pm for next day delivery.
Tel: 0161 767 2990 Fax: 0161 767 2999 Email: sales.uk@adiglobal.com www.adiglobal.com/uk
COMMUNICATIONS & TRANSMISSION EQUIPMENT
KBC NETWORKS LTD.
Barham Court, Teston, Maidstone, Kent ME18 5BZ
www.kbcnetworks.com
Phone: 01622 618787
Fax: 020 7100 8147
Email: emeasales@kbcnetworks.com
WHY MAYFLEX? ALL TOGETHER. PRODUCTS, PARTNERS,
PEOPLE, SERVICE – MAYFLEX BRINGS IT ALL TOGETHER.
MAYFLEX
Excel House, Junction Six Industrial Park, Electric Avenue, Birmingham B6 7JJ
Tel: 0800 881 5199
Email: securitysales@mayflex.com
Web: www.mayflex.com
DIGITAL IP CCTV
SESYS LTD
High resolution ATEX certified cameras, rapid deployment
cameras and fixed IP CCTV surveillance solutions available with
wired or wireless communications.
1 Rotherbrook Court, Bedford Road, Petersfield, Hampshire, GU32 3QG
Tel +44 (0) 1730 230530 Fax +44 (0) 1730 262333
Email: info@sesys.co.uk www.sesys.co.uk
www.insight-security.com Tel: +44 (0)1273 475500

THE UK’S MOST SUCCESSFUL DISTRIBUTOR OF IP, CCTV, ACCESS
CONTROL AND INTRUDER DETECTION SOLUTIONS
NORBAIN SD LTD
210 Wharfedale Road, IQ Winnersh, Wokingham, Berkshire, RG41 5TP
Tel: 0118 912 5000 Fax: 0118 912 5001
www.norbain.com
Email: info@norbain.com
INTEGRATED SECURITY SOLUTIONS
INNER RANGE EUROPE LTD
Units 10 - 11, Theale Lakes Business Park, Moulden Way, Sulhampstead,
Reading, Berkshire RG74GB, United Kingdom
Tel: +44(0) 845 470 5000 Fax: +44(0) 845 470 5001
Email: ireurope@innerrange.co.uk
www.innerrange.com
UK LEADERS IN BIG BRAND CCTV DISTRIBUTION
SATSECURE
Hikivision & MaxxOne (logos) Authorised Dealer
Unit A10 Pear Mill, Lower Bredbury,
Stockport. SK6 2BP
Tel +44 (0)161 430 3849
www.satsecure.uk
IDENTIFICATION
PERIMETER PROTECTION
ADVANCED PRESENCE DETECTION AND SECURITY LIGHTING SYSTEMS
GJD MANUFACTURING LTD
Unit 2 Birch Business Park, Whittle Lane, Heywood, OL10 2SX
Tel: + 44 (0) 1706 363998
Fax: + 44 (0) 1706 363991
Email: info@gjd.co.uk
www.gjd.co.uk
PERIMETER PROTECTION
GPS PERIMETER SYSTEMS LTD
14 Low Farm Place, Moulton Park
Northampton, NN3 6HY UK
Tel: +44(0)1604 648344 Fax: +44(0)1604 646097
E-mail: info@gpsperimeter.co.uk
Web site: www.gpsperimeter.co.uk
COMPLETE SOLUTIONS FOR IDENTIFICATION
DATABAC GROUP LIMITED
1 The Ashway Centre, Elm Crescent,
Kingston upon Thames, Surrey KT2 6HH
Tel: +44 (0)20 8546 9826
Fax:+44 (0)20 8547 1026
enquiries@databac.com
INDUSTRY ORGANISATIONS
POWER
POWER SUPPLIES – DC SWITCH MODE AND AC
DYCON LTD
Unit A, Cwm Cynon Business Park, Mountain Ash, CF45 4ER
Tel: 01443 471900 Fax: 01443 479 374
Email: sales@dyconpower.com
www.dyconpower.com
TRADE ASSOCIATION FOR THE PRIVATE SECURITY INDUSTRY
BRITISH SECURITY INDUSTRY ASSOCIATION
Tel: 0845 389 3889
Email: info@bsia.co.uk
Website: www.bsia.co.uk
Twitter: @thebsia
THE LEADING CERTIFICATION BODY FOR THE SECURITY INDUSTRY
SSAIB
7-11 Earsdon Road, West Monkseaton
Whitley Bay, Tyne & Wear
NE25 9SX
Tel: 0191 2963242
Web: www.ssaib.org
INTEGRATED SECURITY SOLUTIONS
STANDBY POWER
UPS SYSTEMS PLC
Herongate, Hungerford, Berkshire RG17 0YU
Tel: 01488 680500
sales@upssystems.co.uk
www.upssystems.co.uk
UPS - UNINTERRUPTIBLE POWER SUPPLIES
ADEPT POWER SOLUTIONS LTD
Adept House, 65 South Way, Walworth Business Park
Andover, Hants SP10 5AF
Tel: 01264 351415 Fax: 01264 351217
Web: www.adeptpower.co.uk
E-mail: sales@adeptpower.co.uk
SECURITY PRODUCTS AND INTEGRATED SOLUTIONS
HONEYWELL SECURITY AND FIRE
Tel: +44 (0) 844 8000 235
E-mail: securitysales@honeywell.com
UPS - UNINTERRUPTIBLE POWER SUPPLIES
UNINTERRUPTIBLE POWER SUPPLIES LTD
Woodgate, Bartley Wood Business Park
Hook, Hampshire RG27 9XA
Tel: 01256 386700 5152 e-mail:
sales@upspower.co.uk
www.upspower.co.uk
www.insight-security.com Tel: +44 (0)1273 475500

SECURITY
ANTI-CLIMB SOLUTIONS & SECURITY PRODUCT SPECIALISTS
INSIGHT SECURITY
Units 1 & 2 Cliffe Industrial Estate
Lewes, East Sussex BN8 6JL
Tel: 01273 475500
Email:info@insight-security.com
www.insight-security.com
CASH & VALUABLES IN TRANSIT
CONTRACT SECURITY SERVICES LTD
Challenger House, 125 Gunnersbury Lane, London W3 8LH
Tel: 020 8752 0160 Fax: 020 8992 9536
E: info@contractsecurity.co.uk
E: sales@contractsecurity.co.uk
Web: www.contractsecurity.co.uk
QUALITY SECURITY AND SUPPORT SERVICES
CONSTANT SECURITY SERVICES
Cliff Street, Rotherham, South Yorkshire S64 9HU
Tel: 0845 330 4400
Email: contact@constant-services.com
www.constant-services.com
ONLINE SECURITY SUPERMARKET
EBUYELECTRICAL.COM
Lincoln House,
Malcolm Street
Derby DE23 8LT
Tel: 0871 208 1187
www.ebuyelectrical.com
LIFE SAFETY EQUIPMENT
C-TEC
Challenge Way, Martland Park,
Wigan WN5 OLD United Kingdom
Tel: +44 (0) 1942 322744
Fax: +44 (0) 1942 829867
Website: www.c-tec.com
PERIMETER SECURITY
TAKEX EUROPE LTD
Aviary Court, Wade Road, Basingstoke
Hampshire RG24 8PE
Tel: +44 (0) 1256 475555
Fax: +44 (0) 1256 466268
Email: sales@takex.com
Web: www.takex.com
FENCING SPECIALISTS
J B CORRIE & CO LTD
Frenchmans Road
Petersfield, Hampshire GU32 3AP
Tel: 01730 237100
Fax: 01730 264915
email: fencing@jbcorrie.co.uk
INTRUSION DETECTION AND PERIMETER PROTECTION
OPTEX (EUROPE) LTD
Redwall® infrared and laser detectors for CCTV applications and Fiber SenSys® fibre
optic perimeter security solutions are owned by Optex. Platinum House, Unit 32B
Clivemont Road, Cordwallis Industrial Estate, Maidenhead, Berkshire, SL6 7BZ
Tel: +44 (0) 1628 631000 Fax: +44 (0) 1628 636311
Email: sales@optex-europe.com
www.optex-europe.com
SECURITY EQUIPMENT
PYRONIX LIMITED
Secure House, Braithwell Way, Hellaby,
Rotherham, South Yorkshire, S66 8QY.
Tel: +44 (0) 1709 700 100 Fax: +44 (0) 1709 701 042
www.facebook.com/Pyronix
www.linkedin.com/company/pyronix www.twitter.com/pyronix
SECURITY SYSTEMS
BOSCH SECURITY SYSTEMS LTD
PO Box 750, Uxbridge, Middlesex UB9 5ZJ
Tel: 0330 1239979
E-mail: uk.securitysystems@bosch.com
Web: uk.boschsecurity.com
INTRUDER AND FIRE PRODUCTS
CQR SECURITY
125 Pasture road, Moreton, Wirral UK CH46 4 TH
Tel: 0151 606 1000
Fax: 0151 606 1122
Email: andyw@cqr.co.uk
www.cqr.co.uk
SECURITY EQUIPMENT
CASTLE
Secure House, Braithwell Way, Hellaby,
Rotherham, South Yorkshire, S66 8QY
TEL +44 (0) 1709 700 100 FAX +44 (0) 1709 701 042
www.facebook.com/castlesecurity www.linkedin.com/company/castlesecurity
www.twitter.com/castlesecurity
SECURE CONNECTIVITY PROVIDERS
CSL
T: +44 (0)1895 474 474
sales@csldual.com
@CSLDualCom
www.csldual.com
SECURITY PRODUCTS
EATON
Eaton is one of the world’s leading manufacturers of security equipment
its Scantronic and Menvier product lines are suitable for all types of
commercial and residential installations.
Tel: 01594 545 400 Email: securitysales@eaton.com
Web: www.uk.eaton.com Twitter: @securityTP
INTRUDER ALARMS AND SECURITY MANAGEMENT SOLUTIONS
RISCO GROUP
Commerce House, Whitbrook Way, Stakehill Distribution Park, Middleton,
Manchester, M24 2SS
Tel: 0161 655 5500 Fax: 0161 655 5501
Email: sales@riscogroup.co.uk
Web: www.riscogroup.com/uk
SECURITY SYSTEMS
VICON INDUSTRIES LTD.
Brunel Way, Fareham
Hampshire, PO15 5TX
United Kingdom
www.vicon.com
www.insight-security.com Tel: +44 (0)1273 475500

Powerful web based
controller, powered
by smart devices.
DESIGNED
IN
A U ST R A
R
LIA
Inception is an integrated access control and security
alarm system with a design edge that sets it apart
from the pack. Featuring built in web based software,
the Inception system is simple to access using a web
browser on a Computer, Tablet or Smartphone.
With a step by step commissioning guide and
outstanding user interface, Inception is easy to
install and very easy to operate.
For more information simply scan the QR code
or visit innerrange.com.
Security
Alarm
Access
Control
Automation
No Software
Required
Multiple
Devices
Easy Setup
with Checklist
Prompting
Send IP Alarms via
the Multipath-IP
Network
T: +44 845 470 5000
E: ireurope@innerrange.co.uk
W: innerrange.com