Experts offer insights on current security issues

Layne Consultants International, argued that the recent shooting at the U.S. Holocaust Museum could have been “a lot worse” if two security guards present did not have the appropriate training to take down the alleged suspect. Layne argued further that no amount of technology can replace live humans in certain security positions, and that a human being must be present at certain locations in a facility, especially the main entrance. Another smart business decision security managers should make second nature is monitoring their guards, especially when it comes to incident reports. Security managers, finally, should educate their entire organization about the value of security and how their awareness can make security personnel’s jobs easier and the organization safer as a whole, Layne said.

Critical Infrastructure: John Walsh, CPP, supervisory protective security adviser (SPA) for the Great Lakes Region with DHS’s Office of Infrastructure Protection (OIP), was one of several expert speakers at the preseminar intensive session titled “Critical Infrastructure Protection: An Educational Forum.” At least one SPA is assigned to each U.S. state, and they work closely with state and private sector authorities to analyze vulnerabilities at sites that one former DHS official called “the crown jewels” of national CI/KR. During OIP site assistance visits, experts in red teaming spot potential vulnerabilities and provide owner operators a set of options for shoring them up. Implementation by owner operators, however, is entirely voluntary. Post-Katrina, the federal government decided that the solution for large-scale disasters was to develop law enforcement deployment teams, which would activate after a disaster and deploy to work under the designated incident commander. The method, however, has proven prohibitively expensive, and states and localities should be looking for alternatives. Under a current FEMA plan, “strike teams” of 12-70 volunteer state and local law enforcement officers would deploy to affected areas, with 75 percent of personnel costs covered by the federal government in national-level disasters.

Facility security: How to develop effective security security programs? This was the focus of “Facility Security Assessment and Initial Conceptual Design,” presented by the ASIS Security Architecture and Engineering Council. The intensive was led by Hunter Burkall, PSP, security consultant with Aegis Security Design, Inc.; W. Douglas Fitzgerald, CPP, director of security and technology at Vitetta/Fitzgerald; and Richard Grassie, CPP, managing principal of Good Harbor Consulting, LLC. The speakers said that some of the common problems with security programs are a lack of planning and resources and a poor design concept. One of the integral components to a successful security program is to differentiate security threat from risk, said Grassie. A threat is any event or circumstance that can cause harm to the organization, while a risk is the likelihood that a threat agent will successfully mount an attack. The speakers emphasized the following points:

A successful building design project consists of a core team of architects, engineers, and security consultants. It’s integral that security be consulted at the start of the project.

It is important to gather information from a variety of stakeholders when conducting security assessments.

A successful security assessment can deter attackers.

Securing  houses of worship: High-profile attacks on churches, mosques, and synagogues in recent years have slightly increased public awareness of security issues in houses of worship, but ASIS security professionals are striving to improve security programs in faith-based organizations through awareness and education. One challenge for those hoping to protect religious organizations, however, is building a case for security. Convincing churches that they need to put a security program in place is a problem. Often, pastors would say that they entrust their security to their God. Scott Watson, CPP, CFE, security manager at IDEXX Laboratories, emphasized that faith-based organizations experience the same kinds of security concerns as elsewhere. “If it happens in every other aspect of society, it can happen in a house of worship,” he said.

Convergence: Converging physical and information technology (IT) security can be a way to boost security and cut costs. An increasing number of organizations are implementing Internet Protocol-enabled video or adding devices, such as printers, to employee access systems. By better understanding physical security’s polices and business objectives, IT managers are more likely to gain backing for a convergence project, said James Connor, a principal at Santa Clara, California-based N2N Secure, a security consulting firm that specializes in convergence. Such knowledge can also make it easier to build a business case for a project, said Connor, speaking at the preseminar intensive “Safely Putting Your Security Systems onto the Corporate Network.”