May 2014, No. 113

Be a speaker in Dubai or Frankfurt

   

Share your security expertise and experience by making a presentation at one or more of ASIS's global conferences:

In This Issue

  ASIS EUROPE

 

European Convergence Committee Goes for Gold 

 

Be a Speaker at ASIS Europe 2015   

 

ASIS INTERNATIONAL NEWS

  

Groundbreaking Metrics Study Completed   

  

Navy Rear Admiral Scott Moore Will Speak at Seminar and Exhibits

  

ASIS Foundation Scholarship Applications Open 

   

ASIS/IE Business School Executive Education Programme: Learn to Be a Strategic Business Leader

 

CHAPTER NEWS

 

Austria Chapter Meeting Highlights  

  

HEADLINES 

  

European Commission Reviews  Disaster Risk Reduction and  Resiliency Framework 

 

New EU Approach to Detection and Mitigation of CBRN-E Risks

 

Global Partnership for Enhanced Resilience to Flood Risk

      

EDUCATION AND EVENTS

 

IFSEC International - 17-19 June - London, United Kingdom

 

Contribute to EuroDynamics and Earn CPEs

  

 Global Agenda

 

Professional Development

Join Us on Facebook

ASIS International 14th European Security Conference & Exhibition, Frankfurt, Germany, 29-31 March, 2015

Like us on Facebook
 

Join Us on LinkedIn

Join the ASIS International Group

View our profile on LinkedIn 

 

Join the ASIS Europe Network

View our profile on LinkedIn 


Join the ASIS Asia-Pacific Network

View our profile on LinkedIn 

 

Join the ASIS Middle East Network

View our profile on LinkedIn 

President's Perspective

ASIS International's President Richard E. Widup, Jr., CPP, shares his unique insights on a range of membership and industry issues in his President's Perspective column. Read the latest here.

El Manual del Investigador Profesional ya est� disponible en espa�ol

 

La gu�­a explora temas necesarios para ser un exitoso investigador y prepararse para el examen Certificado de Investigador Profesional.

Did You Like This Issue?

The EMEA Bureau of ASIS International strives to increase the editorial benefit of this publication for members. We invite you to contact the editor to contribute feedback and make article submissions.

Updated Links and Resources

Take a look at our updated Links and Resources page. Please contact the EMEA Bureau if you have additional items to contribute.

ASIS International EMEA Bureau

For queries on ASIS European events, membership, benefits, resources, certification, or other topics, contact the EMEA Bureau at:


300 Avenue de Tervueren, 1150 Brussels, Belgium.


Tel: +32 2 645 26 74

Fax:+32 2 645 26 71 

[email protected] 

www.asisonline.eu
www.asisonline.org 

European Links

Not Yet a Member?

The top reasons you benefit from becoming an ASIS International member:

- Unrivalled networking opportunities with more than 38,000 of your industry peers.

- Up-to-date information, including industry best practices, new technologies, and emerging trends. 

- Complimentary subscriptions to Security Management magazine, the leading security industry publication, and ASIS Dynamics, the Society's award-winning member news publication. 

- Opportunities to build a professional reputation and credentials.

- Tailored professional development programs to fit your specific career goals. 
- Advocacy of the security industry to the government and business communities.
- Board-certified, professional designations. 

- Members-only access to new career opportunities in security management. 

- Access to more than 300 peer-reviewed, security-related publications. 

- Discounts on program and ASIS Seminar and Exhibits registration, merchandise, and certification programs. 


 More Information..

New Chapters: Call for Volunteers

ASIS International seeks volunteers to help form new chapters in Iceland, the Baltic States, the Western Balkans, and other European countries that currently lack them.

 

For more information, contact the EMEA Bureau or click here to download the procedures on forming a new chapter.

ASIS Published Titles Available for Amazon Kindle

Schedule Your Professional Development Now

A comprehensive calendar is available hereRegister early and save by taking advantage of early bird rates. Realise additional savings by booking your hotel room before the deadline. Plan ahead to get ahead  

The deadline for the next issue is 2 June.

Top stories: The European Convergence Committee discusses its work and relevance. Presentation abstracts can be submitted until 15 September for the ASIS International 14th European Security Conference & Exhibition. A groundbreaking metric study has been released. U.S. Navy Rear Admiral Scott Moore will address the closing luncheon at the ASIS International 60th Annual Seminar and Exhibits. The Austria Chapter shares its meeting highlights. The European Commission is reviewing the Disaster Risk Reduction and Resiliency Framework.

 

Please add [email protected] to your personal address book or safe sender list to ensure correct delivery of your monthly newsletter. 


 

Z2003ASIS Europe

  

Z1000European Convergence Committee Goes for Gold

From left: Volker Wagner, James Willison, Christoph Teuber, and Martin Smith.


By James Willison

 

On 2 April, at the ASIS International 13th European Security Conference & Exhibition in The Hague, The Netherlands, the Convergence and Enterprise Security Risk Management (ESRM) Committee of the ASIS European Advisory Council discussed their work and its increasing relevance to business and other organisations as they respond to a wide variety of security risks. Approximately 72 attendees sat in on an interactive session to consider how security professionals can best deal with the blended physical and cyber threats that could pose significant harm to companies and other institutions. 

 

Alessandro Lega, former chair, moderated the event and gave an overview of the committee's origins and its current work. Volker Wagner, committee chair, expressed his appreciation for Lega's vision and leadership then summarised the key messages currently being promoted at conferences and in publications by the committee's 11 members across Europe: 

  • Security convergence is the integration of physical and IT security.
  • It advocates a cross-discipline and cross-functional risk assessment and management framework that identifies, analyses, evaluates, and treats all security risks within a singular, managed process as is laid out in ANSI/ASIS PAP.1-2012.
  • Convergence eliminates thinking in silos and removes blind spots between physical and IT security areas. Risk mitigating measures reduce the highest risks --whether they originate from physical or IT security areas -- resulting in a high cost-efficiency.
  • Security practitioners within organisations must understand that outsiders, and even employees, do not see the separation between physical and IT security that has existed to date.
  • Physical risks and IT risks can be compared by determining the complete picture of an organization's risk landscape.
  • Communications of complex security topics to senior management should be made using a shared reporting process.
  • Reduction of the most serious identified risks should be made through efficient budget allocations.
  • Reduction of overhead will occur as duplicated efforts are eliminated.
  • Security should speak more collaboratively for the education and awareness of staff.

 

Wagner concluded by saying that adopting these strategies improves the protection of people, information, and property across the organization, leads to less damage to a company's reputation, and increases competitive advantage.

 

Next, the author, who is committee vice chair, spoke to the audience about its nomination for the Security Excellence Award 2013, which is bestowed by UBM. He said one reason that the committee had been nominated was because of the many different ways in which its members promote a unified approach to increasingly complex physical and cybersecurity risks. For example, each committee member has written an article for EuroDynamics and has spoken at various conferences to champion the convergence approach. The committee has also worked with other professional groups, notably the European Association of People Management, which has brought it wider recognition.

 

The author then posed the question, "Why are we relevant?", and answered by noting that the committee is composed of a range of senior physical and information security experts, as well as risk managers and thought leaders, who meet regularly to discuss security issues that affect businesses, then disseminate a unified response to their zones of influence. It is this blend of expert opinions that makes a real difference in addressing an ever-changing risk scenario. This has been most clearly expressed in the committee's contribution to and support for the ANSI ASIS PAP.1 2012 Standard, which the author said was the best strategy to adopt, together with the ISO 27001 & 2: 2013, as it advocates cross-disciplinary and cross-functional approaches.

 

Christoph Teuber, the Swiss member of the committee, then spoke. Teuber outlined a new convergence strategy being deployed by UBS for both physical and logical access. Teuber told the audience that at UBS one card will be used for both building and IT access. The technology that is being put in place will allow for future use of other technology, such as smartphones, instead of cards. The leadership of the company has given its commitment to this approach.

 

Volker asked Teuber about challenges he had faced and how he had overcome them. Teuber indicated that there had been various issues, mainly complexity, the availability of IT resources, and the expectations of senior management. 

 

Martin Smith, who has championed the cause of convergence for many years as the chair and founder of the Security Awareness Special Interest Group (SASIG), emphasised how important it is to promote the idea that everyone is responsible for security and that we should focus on security risk, rather than different and specialised areas of security that result in a silo mentality bereft of the bigger picture. He noted that the fastest cars have the largest breaks, thereby advocating that strong security enables businesses to achieve much higher degrees of success.   

 

Volker then invited Treasurer of the ASIS Foundation Board of Trustees Brian J. Allen, CPP, who is CSO of Time Warner Cable, to discuss the U.S. perspective on security risk. Allen said he was delighted to see the committee's emphasis on a holistic approach to security risk, which is now becoming widely recognised as the most effective strategy. He said that he has seen forward-thinking companies adopting enterprise security risk strategies. Allen has also been involved in the U.S. Cyber Security Framework for the Protection of Critical National Infrastructure. The emphasis of this framework is on risk management processes rather than technical security measures. This, he stated, is an excellent example of how security practitioners can demonstrate leadership in a business context.

 

The session concluded with a general discussion and a consensus that significant progress has been made, but that much ground is still to be gained. The committee looks forward to making even more of a difference to risk management in the future. 

 

 

James Willison is vice chair of the European Convergence/ESRM Committee of the ASIS International European Advisory Council and founder of Unified Security, Ltd., of South Darenth, United Kingdom.

Z2004Be a Speaker at ASIS Europe 2015 

 

There are many reasons to submit a presentation proposal for the ASIS 14th European Security Conference & Exhibition (ASIS Europe 2015):

  • Share your expertise and knowledge with your security-industry peers.
  • Give something back to the security management profession.
  • Help shape the programme of the main educational event for security professionals in Europe.
  • Enhance your profile as a thought leader in your area of expertise.

The deadline for submission for ASIS Europe 2015 is 15 September.

ASIS Europe 2015 will take place on 29-31 March in Frankfurt, Germany.  


 

Jason Brown, national security director of Thales, speaks at ASIS Europe 2014.

 

At the conference, the educational sessions will focus on current and emerging issues, best practices, and the challenges facing security practitioners and those responsible for security. Presentations are designed for those of all levels of experience -- from fundamental to intermediate and advanced topics.

 

Proposals on all security-related topics are welcome. Issues of particular interest are:

  • Critical infrastructure protection
  • Physical security
  • Cyber security
  • Supply chain security
  • Intellectual property
  • Loss prevention
  • Hotel security and soft targets protection
  • Maritime piracy
  • Terrorism
  • Executive protection
  • Internal theft and fraud
  • Competitive intelligence
  • Brand protection
  • Investigations
  • Due diligence
  • Global business issues
  • Oil and gas security
  • Offshore security
  • Port security 

General submission guidelines:

  • Commercial presentations will not be selected. (Twenty-minute speaking slots in the exhibition area are available as part of the exhibitor package.) 
  • ASIS does not pay per diems, honoraria, or expenses.
  • Presentation slots are 50 minutes including time for Q&A.
  • Proposals must be in English only.
  • Proposals should describe original work.
  • All submissions must be received no later than Monday, 15 September 11.

Please click here to submit an abstract.

 

Like us on Facebook  View our profile on LinkedIn

 

c3ASIS International News

  

Z2000Groundbreaking Metrics Study Completed

The ASIS International Foundation Research Committee and the ASIS Defence and Intelligence Council have completed a comprehensive study on the development and implementation of psychometrically-based measurement focused on the security industry.

 

The security industry relies on measuring performance and efficiency in every aspect of the profession. What is measured and how it is measured, however, remain debatable issues. Security metrics are quantifiable measurements of an aspect of a system or enterprise, collected and analysed to help an organization protect its people, property, and information. Using various metrics, security can measure results that correlate with investment and speak to leadership in familiar business language.

 

Metrics drive business decisions and behaviour. They influence process assessment and controls, business policies, collaboration for enterprise-wide benefits, business investment decisions, and strategic and profit-centre alignment. With proper design and implementation, both security professionals and corporate management can develop security metrics into a readily accessible dashboard. If poorly designed, security metrics may be perceived as unnecessary and a drain to corporate profits.

 

After a review of existing metrics used in the industry, the Foundation study found that:

  • Existing security metrics are generally vague and adoption of these would likely not be straightforward; the focus is more on counting events rather than meaningful, risk-based metrics.
  • Strategies for communicating metrics are general and may be hard to implement.
  • Evaluation criteria are only presented at a conceptual level within the security literature; explicit definitions do not exist.
  • Examples of empirically sound metrics (with statistical justification and evidence) are not present within the security literature.
  • The development of the Security Metrics Evaluation Tool (Security MET) would address these limitations.

 

Developing a useful tool required support from the ASIS community using surveys, interviews, and expert and advisory panels. The completed design is straightforward and can be used by security professionals to improve and evaluate existing metrics or to create new measures.

 

The Security MET is divided into three parts, each containing three subsections. The first category "Technical," considers the measurement principles of reliability, validity, and generalizability. A reliable metric captures data not affected by outside effects such as time or weather. Validity simply means that the metric measures what you want to measure. A good metric should be able to be used across the organization to measure similar events.

 

The second category focuses on developing a metric that supports the operational aspects of the security function. Practitioners must consider the relative cost of collecting the data. Can the data be collected in a timely fashion to be of practical use by the organization? The data collected must also minimize the possibility of manipulation and the provision of biased information.

 

The last category considers the strategic value to the organization. Any metric should show support for a Return on Investment in security and demonstrate organizational relevance. The security professional must also be able to clearly communicate the value of the metric to senior executives.

 

The complete study and Security MET will be provided this fall to ASIS members. For more information, contact Barbara Buzzell at [email protected]. 
Z20Moore to Speak at Closing Luncheon of Seminar and Exhibits

  

       

On 27 October, 1955, in Washington, D.C., 52 security professionals gathered for the first annual meeting of the newly founded American Society of Industrial Security. Fast forward to 29 September, 2014, to Atlanta, Georgia, where more than 20,000 security professionals will meet to participate in the 60th anniversary of the ASIS Annual Seminar and Exhibits (ASIS 2014).

 

 Just announced!     

Rear Admiral Scott Moore 

United States Navy SEAL (Ret.)

  

Closing Luncheon 

Thursday, 2 October 

12:00 - 13:30

A United States' hero, Moore will wrap-up the Seminar and Exhibits with a riveting presentation. As the commander of the Naval Special Warfare Development Group, he led the military's most elite forces during one of the most dangerous times in U.S. history. Throughout his 30 years in the military, Moore directed more than 2,000 missions and saw on the frontlines what most commanders only hear about in reports. He has been deployed across the globe, and his experience runs the gamut from leading small groups to large-scale tactical planning. Larger than life, Moore has commanded at every level, and from the mountains of Afghanistan to briefings in the Oval Office, he is the man the nation's leaders trust when failure is not an option.

 

In Atlanta this autumn, ASIS 2014 will offer a full programme of high-quality educational sessions, an exhibit floor packed with the latest solutions, and insights from world-renowned thought leaders.

The colocation of the (ISC)2 Security Congress provides IT security professionals with a full complement of cyber-related education programming as well as valuable networking opportunities. Access to the Security Congress is included with your ASIS 2014 registration.

  

REGISTER TODAY. Choose from full and single-day packages for access to sessions, events, and the exhibits, or free exhibits-only registration that includes admission to the keynote presentations (fees apply to nonmembers who register after 26 September). Team discounts, reduced government fees, and early-bird savings are available.  
Z2005ASIS Foundation Scholarship Applications Open

Applications are currently being accepted for the Matt Simeone ASIS International Award for P3 Excellence. 

 

Showcase your organization's law enforcement/private security partnership and share your success in addressing crime prevention, antiterrorism, public safety issues, and other difficult challenges. A representative from the winning organization and the partnering agency will win travel expenses to attend the ASIS International 60th Annual Seminar and Exhibits in Atlanta. Applications from all nations are welcome. Deadline: 20 May.

 

Applications for the ASIS Military Liaison Council Certification Scholarship are also being accepted. This scholarship provides an opportunity for ASIS members who actively serve in the military of any nation to pursue ASIS board certification. Scholarships cover the expenses of application, preparation (online review), and testing for the Certified Protection Professional� (CPP), Professional Certified Investigator� (PCI), or Physical Security Professional� (PSP) certifications. Deadline: 24 June.
z110ASIS/IE Business School Executive Education Programme: Learn to Be a Strategic Business Leader

 

IE Business School, Madrid 

 

ASIS International will once again partner with Madrid-based IE Business School, one of Europe's leading business schools to deliver "Effective Management for Security Professionals." This four-day executive education programme has been customised to introduce mid-to-senior level security practitioners to the dynamics of business fundamentals.

"The understanding of the bigger corporate picture, and hence the business's security and risk management requirements, is key to implementing and managing an effective corporate security strategy, as well as ensuring long-term support from senior management," states programme graduate Michael Otto, corporate security officer, Novartis International AG. "The programme and attendees' discussions provide guidance, as well as suggestions as to how best to achieve this objective."

Programme participants will develop a strategic understanding of the role of security management as an enabler of business success and acquire the knowledge and skills required to present a sound business case for their security initiatives.


The programme will take place 3-6 June on the IE Business School campus. Preview the programme and register to attend at 
www.asisonline.org.


Fees:

  • €3.600 for ASIS members
  • €4.500 for nonmembers
Registration:
Visit the IE Business School Programme Web site to sign up.

 

z100Chapter News

  

z102ASIS Austria Chapter Meeting Highlights

By Werner Preining, CPP

 

Attendees listen to a presentation by Erik Maragoni.
 

On 10 April, the Austria Chapter met at the premises of Securitas. The invitation came from member Johann Laub of Securitas Austria. The meeting gathered ten members and three guests.

 

Laub and Werner Preining, CPP, ASIS Austria chapter chair, welcomed attendees and invited DI Gerhard Kreutzer to the podium. Kreutzer retired last month from the local utility provider Wiener Netze, where he was part of the crisis management team, as well as having been involved in governmental crisis planning. Kreutzer explained changes in the energy sector since Austria joined the European Union (EU). Afterward, Kruetzer gave a presentation titled "Blackout in Vienna."

 

The last blackout in that city took place in 1986. Vienna has two power-supply conduits -- one from the North and one from the South. Additionally, Vienna has three power plants with state-of-the-art gas turbines. These installations are on stand-by most of the time, but can be connected to the network within two hours. Caloric power plants need to run for about 48 hours to supply electricity. The Austrian ring circuit with 220 KV/380 KV is still under construction. In case of a real blackout it would take about 24 hours until all consumers are again supplied with electricity.

 

Nevertheless, Vienna is unlikely to face a blackout due to diligently placed safety-features and dedicated people closely monitoring any deviation from the established standard.

 

Werner Preining, CPP, is ASIS Austria Chapter chair and chair of the ASIS European Council Activities Subcommittee.

 

c5Headlines

  

d7European Commission Reviewing Disaster Risk Reduction and Resiliency Framework

On 8 April, the European Commission published a communication titled The Post-2015 Hyogo Framework for Action: Managing Risks to Achieve Resilience. The Hyogo Framework for action (HFA) is a ten-year plan adopted by 168 United Nations (UN) Member States that voluntarily committed to building disaster resilience. The HFA is due to expire in 2015 and a wide consultation process is being conducted by the UN's Office for Disaster Risk Reduction to facilitate the development of a post-2015 framework.

 

The European Commission intends to take stock of the policies developed and the progress made in building disaster risk management and resiliency through EU policies. As stated in the communication, the purpose is to "set out the Commission's initial views on the shaping of the post-2015 Hyogo Framework for Action, building on the achievements of a range of EU policies including civil protection, environmental protection, internal security, climate change adaptation, health, research and innovation, as well as the resilience agenda promoted through the EU external action."

 

Source: European Commission Directorate-General for Humanitarian Aid and Civil Protection

 

For more information, click here

Z2001New EU Approach to the Detection and Mitigation of CBRN-E Risks

The European Commission published a communication on 5 May in which it proposed to facilitate work and practical cooperation at the EU-level on detection and mitigation of threats posed by terrorists using chemical, biological, radiological, nuclear materials, and explosives (CBRN-E) risks.

 

This communication intends to implement the new CBRN-E agenda resulting from the public consultation taken following the progress reports on EU CBRN action plan and on the Action Plan on Enhancing the Security of Explosives in 2012. The main purpose is to move forward in the detection of CBRN-E threats, and "put effective measures in place for detecting and mitigating these threats and risks at EU level," the communication stated.

 

Source: European Commission Directorate-General for Home Affairs

 

The communication is available here.

Z2002Global Partnership for Enhanced Resilience to Flood Risk

On 28 April, the European Commission opened its first EU Resilience Forum, which gathers experts from EU member states, partner organisations such as the United Nations, the Red Cross, the World Bank, nongovernmental organisations, and civil society. This forum is an initiative created to promote the resilience of individuals and communities to empower them to face the increasing number of natural and man-made disasters.

 

The event was organised by Commission Directorates for Development and Cooperation and Humanitarian Aid and Civil Protection. Their purpose was to converge all the efforts that are being made to support people in areas facing recurrent disasters or conflicts.

 

Source: European Commission Directorate-General for Humanitarian Aid and Civil Protection

 

For more information, click here. 

 

 

c6Education and Events

  

Z3000IFSEC International - 17-19 June - London, United Kingdom

 

ASIS International is a key association partner for IFSEC International, giving its members added VIP benefits when booking their badge through the ASIS link.

 

The 14th of May is the final date you can book your badge to receive your Official IFSEC International Preview, posted to you before the event.


Please register here if you would like to receive your IFSEC International badge and preview.

 

What we'll have in store for you at IFSEC International on 17 - 19 June 2014 in London:

  • 7 Educational Streams providing the latest insight, including the Risk & Management Theatre with speaking sessions organised by Mike Hurst, vice chair of the ASIS UK Chapter, plus a further keynote theatre and the Safe Cities Academy.
  • More of your peers than ever before to network with, so you can exchange ideas and business cards with the key practioners in security.
  • Futuristic security technology in the Innovation Trail.
  • Global Meetings Programme, connecting you with potential contacts pre-event.
  • Over 650 global suppliers, allowing you to source all you need across CCTV, Biometrics & Access Control, IT & Cyber Security, Smart Buildings, Integrated Security and many more.

Remember, you have just 1 day left to redeem your badge, or you will miss out on receiving your IFSEC International Official Preview.
a2Contribute to EuroDynamics and Earn CPEs 

 

ASIS International invites members to submit articles to be published in future editions of EuroDynamics.

 

Whether the topic is a case study about a facility, an analysis of new legislation in your nation, an article about mitigating threats a look at fresh opportunities for the security profession, or other items that spread practitioner knowledge and best practices with other ASIS members, we would be happy to receive it.


Board certified professionals are entitled to claim up to 9 CPE credits per published article.

General writing guidelines: 

  • Articles must be in English only.
  • Articles should not exceed 500 words.
  • If you would like to submit longer articles, please send a 500-word summary that will be published in the newsletter and on the ASIS European Web site with a link to the full article.
  • Sales or marketing submissions will not be accepted. 
Please contact the editor with questions or for more information.
a22Global Agenda

15-16 May -- ASIS Nordic DaysMalm�, Sweden


3-6 June --  Effective Management for Security Professionals, Madrid, Spain

 
29 September - October -- ASIS 60th Annual Seminar and Exhibits, Atlanta, GA, USA 
 
 
15-17 February, 2015 -- ASIS 6th Middle East Security Conference & Exhibition, Dubai, UAE
 
 29-31 March, 2015 -- ASIS 14th European Security Conference & Exhibition, Frankfurt, Germany
a23Professional Development

Webinars

Subscribe today and get all webinars FREE between now and 31 December, 2014!  

 

Upcoming webinars.

 

Webinar Archive  

 

This month highlighting: Hiring Practices in the Security Industry

 

Full list of archived titles

  

e-Learning 

  

Full list of programmes

 

Classroom Programmes and Webinars

 

2014 at a glance.

a24Chapter and Certification Events
Please click here to access the European agenda.

ASIS EUROPE. ADVANCING SECURITY WORLDWIDE. � 2014
To unsubscribe please contact the editor
.