University-Accredited Security Management Training in India: Just 4 Places Left on the 22 September – 3 October Course

David Cresswell is continuing his assignment in Delhi, India, where he is delivering a Security Management Stage 1 Course to security managers from Cairn India Ltd, the local subsidiary of the Scottish-based oil and gas company Cairn Energy plc.

After a week looking at some of the generic issues of security management best practice, next week looks at some of the tougher challenges that characterise the Indian security environment. India’s diverse ethnic, linguistic and religious character has created a complex security environment in which there are numerous multifaceted threats, not least of which is militancy and terrorism. Coupled to this, land acquisition for industry is fast emerging as one of the most burning issues of our times and there is fierce and often violent resistance from local communities who want to preserve their subsistence farming way of life.

Week 2 of the programme, therefore, will address in some detail the more complex issues of managing the risk of human rights violations, corporate social responsibility, community unrest and civil disturbances.

The course will be repeated during the period 22 September – 3 October, and there are a limited number of subsidised places available to participants from other companies, in India and beyond. Details of the programme content and the heavily discounted course fee can be obtained from Janet Ward.

Always Check to Ensure You Have Credit before Checking out of a Hotel - The Web Trade in Credit Card Details

Source: BBC News

Imagine a website where criminals buy and sell other people's credit card numbers.
A few clicks in Google and that site is a reality. Anyone can join. Anyone can attempt to use the card numbers posted there. And the authorities appear powerless to act.

A BBC investigation has uncovered growing levels of credit card crime committed on the internet. Typically hackers get into the databases of online retailers, stealing the card numbers held on their servers. The card details are then offered for sale to the highest bidder - either on web forums or via Internet Relay Chat.

Forthcoming Events from the International Academy for Security Management

Security Coordination and Management
1 – 5 September (UK)
“The training was superb and the materials very comprehensive and useful”

Security Surveying and Design
15 – 19 September (UK)
“A particularly good trainer with experience, easy style of delivery and obvious grasp of the subject”

Security Management Development Stage 1
22 September – 3 October (Delhi, India)
“The VP Security and the entire Corporate Security Function are very grateful to the trainer and ARC for the delivery of this programme. It was simply top class!”

Security Management Stage 3
22 September – 3 October (UK)
“Quite challenging and educative. I do encourage all security managers worldwide to attend this course.”

Maritime Security Management
6 – 10 October (UK)
“A very well designed and well presented course. I plan to implement what I have gathered for the benefit of my company and government.”

Security Management Stage 2
13 – 24 October (UK)
“I wish to express my satisfaction after a VERY rewarding course. The crisis management simulation was excellent.”

Contact Janet for more information or visit www.arc-tc.com

If You Want an Automatic Notification Each Time a New Story Is Posted….

Go to http://www.changedetection.com and sign up for their free service.

Security Professionals Gather in Delhi

For the first time ever, the ARC Security Management stage 1 Course is being conducted in India. The course is being held in Gurgaon, New Delhi, at the specific request of a client, but is open to anybody.

During Day 1 of the course delegates learned the principles of risk management and how to apply these to a security management context to determine security risk exposure. This was achieved by finding the “point of intersection” between probability of occurrence of an undesired event, its potential impact on the organisation’s operations, and the organisation’s vulnerability.

The second day of the course was spent studying 18 essential principles of security design, with practical examples in the application of each. This was a very interactive day in which delegates, working in syndicates, had to produce and present detailed security design concepts for no less than two complex scenarios. The results were very good indeed.

The course continues for another eight days, and is then repeated 22 September – 3 October. It is open to delegates both from India and overseas, and is of particular interest to oil and gas security managers as it includes special sessions on pipeline and oilfield security, offshore security, and community engagement and local community conflict management.

This is an opportunity to attend a university-accredited Security Management Stage 1 Course for considerably less cost than in the UK. For more information, click here http://www.arc-tc.com/pages/SecurityManagementDevelopment.asp or contact Janet and ask for the discounted rate.

2009 Training Schedule out Soon….Including Regional Training in Africa, Asia, the Far East and the Middle East

But if you can’t wait, contact any of the team for 2009 dates for any of our regular programmes.

Managing Change: The Security Implications of Laying off Your Employees

Source: Reliableplant.com

As the economic downturn forces more companies to lay off workers, a workplace aggression expert at the University of New Hampshire cautions employers about what to do and not do when breaking bad news to employees.

Paul Harvey, assistant professor of management at UNH, says although there really is no good way to tell someone they are being laid off, employers should tailor the bad news in a way that minimizes the likelihood of an extremely bad reaction.

For a wealth of advice on managing this sort of change click on:

http://www.reliableplant.com/Article.aspx?articleid=13045

Managing change is part of normal business life and something that security managers encounter frequently, and it is covered in detail during the university-accredited Security Management Stage 1 syllabus. The next course takes place in the UK during the period 17-28 November. For details click here. http://www.arc-tc.com/pages/university_acredited_sm.asp#sm1

ID Fraud Critical Alert: Are Your Credit Card Details - or those of Your Company Business Travellers - Now in the Hands of Criminals?

The answer is probably “yes” if you have stayed at a Best Western Hotel in the past 12 months and paid using credit card, according to the Scottish Sunday Herald, which alleges that the company’s computer systems have been hacked into by an international criminal gang. Pulling off one of the most audacious cyber-crimes ever, the gang has stolen the identities of an estimated eight million people in a hacking raid that could ultimately net more than £2.8billion in illegal funds. Amounting to a complete identity-theft kit, the stolen data includes a range of private information including home addresses, telephone numbers, credit card details and place of employment.

The consequences are alarming. Imagine a business traveller trying to check out of a hotel in the future, all ready to board a flight, and finding that his or her credit limit has been reached (by criminal misuse of his card) and left without the means to settle the bill.

Until more details of this story emerge and we see a statement by Best Western Hotels detailing the extent of the penetration, it may be advisable for travellers who think they have been exposed to ask their card issuer to cancel their credit card and issue a replacement card with a different number.

For more on this story, click on the link below:

http://www.ibls.com/internet_law_news_portal_view.aspx?s=sa&id=1369

Wi-Tricity – How Could It Benefit Security Systems?

Within five years it is estimated that we may have a viable way of drawing wireless power for devices such as laptops, using a technology known as magnetic induction. This could have interesting implications for technical security systems, such as IP CCTV cameras and access control card readers, which can already draw their power from Ethernet cables. By using magnetic induction such a device could be truly wireless in both communication and power supply contexts.

For more on magnetic induction click on:

http://news.bbc.co.uk/1/hi/technology/7575618.stm

ARC’s Security Management Training – Around the Clock – Around the World

Former fraud investigator with the police Terry Street JP will be leading a Fraud Risk Reduction and Detection course in Dubai this week. Terry has recently been appointed as a Justice of the Peace (magistrate).

ARC Training’s Deputy Director of Training Phil Wood MBE CPP PSP CBCI flies to Kenya today to conduct a Business Continuity and Crisis Management Workshop for a multinational client in sub-Saharan Africa. Phil has recently passed the Business Continuity’s certification examination.

David Cresswell CPP PSP is in India where today sees the beginning of an oil and gas focussed Security Management Stage 1 programme for Cairn India Limited, one of India’s most exciting energy companies, with onshore and offshore oil and gas assets which are destined to meet 20% of India’s oil and gas requirements by 2010.

Business Continuity Planning: The US Continues to Prepare for Worst-Case Terrorism Scenarios

A terrorist 10-kiloton nuclear bomb attack, an aerosol anthrax attack, food contamination, a nerve agent attack, a chlorine tank explosion and a radiological dispersal device detonation are among fifteen all-hazards planning scenarios for use in national, federal, state, and local homeland security preparedness activities, developed by The White House Homeland Security Council (HSC) – in partnership with the Department of Homeland Security (DHS), the federal interagency, and state and local homeland security agencies.

For more click below:

http://www.globalsecurity.org/security/ops/ter-scen.htm

ARC Training's next Business Continuity Management Workshop (which also forms part of the university-accredited Security Management Stage 2 Course) takes place on 21st October in the UK. For more information click here:

http://www.arc-tc.com/pages/one_day_workshops.asp#c5

Protect Your Mobile Computing and Communication Devices in Any Location

Many users and organisations have blatantly ignored recommendations for protecting mobile devices, thus exposing themselves, their businesses, their customers, and often employees to harm, alleges information security portal ZDNet.co.uk. In particular it cites the risk posed by hotel networks and unencrypted data on laptops.

ZDNet offers five useful pieces of advice:

1. Store only what you absolutely need

This is the first rule of data leakage protection. Why carry around customer spreadsheets, financial data, or plans for a new product/service if you don't need them while out of the office? Absent Information can't be compromised.

2. Protect data passing over public wired or wireless networks

The best way to prevent casual or directed packet snooping on public networks is packet or session encryption, even if encryption is limited to only traffic between the end-user device and a traffic encryption service provider on the internet. For ultimate protection, use only SSL connections to check email or access company information. When this isn't possible, online services, both free and for-fee, can fill the gap. Two examples are MegaProxy (fee-based) and AnchorFree (free).

3. Configure devices to block external snooping

The first step in establishing a security perimeter around a device is configuration of a firewall. Personal firewalls are free on laptops running Windows XP or Vista. These solutions provide minimal protection against intruder compromise of your mobile system. More complete protection is available in security suites, such as those from AVG, McAfee or Symantec. Firewalls are also available for many handheld devices, protecting contact lists, email, and other sensitive information commonly found on PDAs and smartphones.The second step is configuring Bluetooth, on laptops and handhelds, to block all unauthorised access. Bluetooth threats and secure configuration information is found in Secure your Bluetooth wireless networks and protect your data. No laptop should be unnecessarily exposed because it lacks anti-malware protection.

4. Encrypt sensitive information on the device

Laptop theft reports make it clear that many users and organisations haven't got this message yet. Laptop encryption doesn't have to drain your budget. Solutions such as TrueCrypt provide effective, free file and full-disk encryption. If you need a more centralised approach to key management, lost data destruction, or data recovery, online services such as Beachhead or more traditional systems such as PGP can help.

5. Back up critical information

All business critical information should be copied to an alternate location. Even mobile users, who might not connect to the company network every day, can be protected against data loss with online solutions such as Symantec's backup.com or with Amazon.com's S3 service, supported with client software such as Jungle Disk.

Source: http://resources.zdnet.co.uk/articles/features/0,1000002000,39457680,00.htm

Don't let the Data Commissioner name and shame your company because a mobile user loses data!!!

ARC Training's next Information Security Workshop (which also forms part of the university-accredited Security Management Stage 1 Course) takes place on 24th November in the UK. For more information click here: http://www.arc-tc.com/pages/one_day_workshops.asp#c8

Data Security Management: "Business Partners Greatest Security Threat"

Source: Information-age.com

External threats from partner organisations pose the greatest risk to corporate data security, according to a report detailing 500 forensic data investigations by Verizon Business. The Verizon report analysed hundreds of corporate data breaches, including three of the five largest ever reported, and found that while insider threats were the most devastating in terms of impact, the higher number of data breaches attributable to partners made them a greater risk factor.

Business Travel Safety: Kyrgiz Airline in Fatal Crash Subject of Existing EU Ban

The light aircraft crash while coming into land at Coventry airport ten days ago, the MD-82 plane crash on take-off at Madrid last week, and now a Boeing 737 crash on take-off at Bishkek Airport in Kirgizstan. Planes crashes really do come in threes.

EU or US-based multinational companies, at least, have a statutory and extraterritorial duty of care to protect travelling employees, but travelling within Kirgizstan poses a particular problem. For a start the capital Bishkek is not centrally located and the country is mountainous, making internal road travel difficult. Secondly, the EU has published safety concerns about all Kyrgiz airlines, including Itek Air, the one that has experienced last night’s catastrophe. So concerned is the EU that all of the country’s airlines are banned from EU airspace: http://ec.europa.eu/transport/air-ban/pdf/list_en.pdf. It is important that travel planners consult this list before booking travellers on any overseas airlines.

The blog published recently some interesting statistics about flight safety and seat choice. This can be found at:

http://www.popularmechanics.com/science/air_space/4219452.html

and

http://www.timesonline.co.uk/tol/news/uk/science/article4214998.ece

Above all, on settling into a plane travellers should familiarise themselves with the locations or the nearest emergency exit and always be prepared for an emergency on take off. Passport and wallet should be in pocket and shoes should be left on.

Hints on how to secure the seat you want can be found at:

http://www.independenttraveler.com/resources/article.cfm?AID=17&category=1

Happy Birthday!

Happy Birthday (15/08) to ARC alumnus Moses Adi!

London – Preparing for an Evacuation

Large scale evacuation of the capital would be used only as a last resort, with our aim being to save lives immediately following or before an emergency.

The London Mass Evacuation Plan is designed to be flexible enough to be used anywhere in the capital. The plan has been developed so that we can respond to any eventuality; be it terrorist related, natural disaster, industrial accident or any other emergency that might require the evacuation of part or part(s) of the capital.

For more information go to:

http://www.londonprepared.gov.uk/londonsplans/emergencyplans/evacuation.jsp

http://www.ukresilience.gov.uk/preparedness/ukgovernment/evacuation.aspx

IT SECURITY MANAGEMENT: How Secure is Your Computer? Could It Be Hacked into to Send a Bomb Threat?

Source: Wired.com

A California man currently renting a home in India is caught in the middle of an investigation into a series of bombs that exploded in India recently, according to the Associated Press.

The 48-year-old man hasn't been identified by police and is not currently a suspect.
An e-mail, which bore the subject line "Await 5 minutes for the revenge of Gujarat," was sent from the man's computer to several Indian television stations minutes before 16 bombs exploded in Ahmadabad, a city in the western Indian state of Gujarat. Police believe, however, that the message likely did not originate from the man's computer and that someone else -- presumably a hacker -- simply used his computer and Yahoo account to send it.

ARC Advice: Put a boot-sector password on all of your PCs and laptops. For details of information security awareness programmes contact Janet.

Knife Crime

An interesting debate on knife crime in the UK is taking place in private security circles . Click here to “plug in”.

http://www.info4security.com/story.asp?sectioncode=10&storycode=4120282&c=2

How Easy Is It to Get into a Locked Suitcase? – Video

Think your luggage is safe?

It’s not just enough to remove theft targets when travelling. What if a corrupt baggage handler or hotel employee inserts a pack of illegal drugs into your luggage to use you as a “mule”?

View two interesting YouTube clips here:

http://youtube.com/watch?v=nKgz4sPk818

http://www.youtube.com/watch?v=zUdUQO5QuWI

Then go out and buy a Samsonite hard body case!

One in Ten Websites Infected with Malware - Google

About one in ten websites is infected with malicious software that could result in a user’s personal information being stolen, according to Google.

Sensitive data such as banking passwords and e-mail addresses could unwittingly be handed over to criminals as a result of visiting infected pages, which work by exploiting a vulnerability in the user’s internet browser, a study by the search company suggests.

Google said that it had analysed approximately 4.5 million websites over a 12 month period and found that 450,000 had caused a test computer to make a ‘drive-by download’, a common example of which was a ‘keylogger’, which captures every keystroke a user makes.

http://technology.timesonline.co.uk/tol/news/tech_and_web/article1787714.ece

Get Trained as a Security Surveyor

The problem with carrying out security surveys and considering the design of physical protection systems is that often those security professionals who are charged with them have no qualification or training in their conduct. The result is often that surveys and designs are inherently flawed and do not provide the requisite levels of asset protection.

ARC’s Security Surveying and Design Course, taking place from 15 to 19 September, will take delegates through the principles of risk-based survey and design issues and allow them to carry out an actual survey, culminating in the production and presentation of a full and detailed report. This course will be led by Phil Wood CPP PSP and is essential preparation for those who are or who may become responsible for such activities. If you want to get involved, contact Janet.

Business Travel Security – Get the Latest News for Where You Are Going

The Worldtimeserver website offers more than just the local time at your destination. By entering your destination country or major city in the Current Times box, clicking Get Time, then scrolling down the resultant page to the More options on for Country you can call up the local news for that destination.

Click on http://www.worldtimeserver.com/

Free Security Management Resources from ARC

Delegates attending ARC Training Security Management Stages 1, 2 and 3 receive literally hundreds of background documents on a range of security management subjects to use as post-course reference aids.

Some of these documents are now available to you, on request, irrespective of whether you have attended an ARC course. To gain access all you need to do is to sign-up for a password at http://www.arc-tc.com/extranet/login.asp and await a confirmation email.

The collection will be constantly updated so be sure to check for new additions regularly.

Computer Crime Prevention

It is important to remember that no computer system can ever be completely secure. The only network, Web site, or computer system that’s 100% secure is one that can’t be accessed by anyone or anything, which makes it completely unusable. Natural disasters, malicious, users who make mistakes, or motivated criminals can compromise security and/or cause damage. The goal for securing your system should be to balance security with accessibility.

Read some basic principles of IT security and computer crime prevention on the ARC Resources page under the heading IT Security:

http://www.arc-tc.com/pages/resources_publications.asp#I

New UK National Risk Register Delivers Some Disturbing News

A flu pandemic is the gravest threat to UK security and could claim as many as 750,000 lives, according to the first ever publicly available UK Government National Risk Register.

The report delivers some interesting assessments including:

· The probability of a non-conventional terrorism attack (chemical, biological or radiological) attack is about the same as the probability of inland flooding. This would suggest that the government is expecting a CBR attack soon.

· A terrorist attack against transport infrastructure or a crowded place is seemingly imminent and is given a higher probability than an outbreak of severe weather.

· A terrorist attack against critical infrastructure is more likely than a major industrial accident.

That this has now been published openly puts great pressure on security managers of transport infrastructure, places of entertainment, shopping malls, and critical infrastructure to ensure that they carry out risk analysis at the micro level, taking into account the government assessment, and that they have correct risk-commensurate security measures in place, including, if appropriate, a CBR incident response plan.

The report mirrors recent risk predictions in the USA.

Click on the link below for the full report:

http://www.cabinetoffice.gov.uk/reports/national_risk_register.aspx

Data Insecurity Can Breach Human Rights, Rules ECHR

Source: Out-law.com

The European Court of Human Rights has ordered the Finnish government to pay out €34,000 because it failed to protect a citizen's personal data. One data protection expert said that the case creates a vital link between data security and human rights.

http://www.out-law.com/page-9287

If You Want an Automatic Notification Each Time a New Story Is Posted….

Go to http://www.changedetection.com and sign up for their free service.

ID Theft Prevention When Travelling – Useful Information for Business Travellers

There are certain travel security measures that business travellers can and must take during domestic or international, and long or short trips to ensure any personal information in their possession remains secured and safe in order to prevent identity theft. These can be found on the ARC Resources page by clicking on the following link:

http://www.arc-tc.com/pages/resources_publications.asp#B

and navigating down to the last hyperlink listed under the heading Business Travel Security.

If you are interested in organising a one-day Business Travel Security Seminar for your employees, contact the ARC Team. Alternatively, ARC will be conducting an open Business Travel Security Seminar on 20th October.

Happy Birthday!

Happy Birthday, 8 August, to Arc alumnus John Okelue!

Forthcoming Events

Security Management Stage 1, India (University Accredited)
25 August – 5 September
http://www.arc-tc.com/pages/SecurityManagementDevelopment.asp

Fraud Risk Reduction and Detection, Dubai
25 – 27 August
http://www.arc-tc.com/pages/reg_train.asp

Security Coordination and Management, UK
1 – 5 September
http://www.arc-tc.com/pages/other_accredited_sm.asp#s1

Retail and Supply Chain Security Management, UK
8 – 10 September
http://www.arc-tc.com/pages/other_accredited_sm.asp#s6

Security Surveying and Design (Practical Including Site Visit), UK
15 – 19 September
http://www.arc-tc.com/pages/other_accredited_sm.asp#s2

Security Management Stage 1, India (University Accredited)
22 September – 3 October
http://www.arc-tc.com/pages/SecurityManagementDevelopment.asp

Security Management Stage 3, UK (University Accredited)
22 September – 3 October
http://www.arc-tc.com/pages/university_acredited_sm.asp#sm3

Maritime Security Management (In Accordance with ISPS), UK
6 – 10 October
http://www.arc-tc.com/pages/other_accredited_sm.asp#s3

Security Management Stage 2, UK (University Accredited)
13 – 24 October
http://www.arc-tc.com/pages/university_acredited_sm.asp#sm2

Investigating and Interviewing Skills, UK
3 – 6 November
http://www.arc-tc.com/pages/accredited_investigation.asp#f1

.

IT Security and Incident Response, UK
12 – 13 November
http://www.arc-tc.com/pages/accredited_investigation.asp#f4

Security Management Stage 1, UK (University Accredited)
17 – 28 November
http://www.arc-tc.com/pages/university_acredited_sm.asp#sm1

Fraud Investigation, UK (NEW)
1 – 3 December
http://www.arc-tc.com/pages/accredited_investigation.asp#f3

.

.

For more information on these or any of our other security management courses, visit the ARC website or contact Janet.

Security Management Stage 1 – The Debate Begins

As Security Management Stage 1 began in Nigeria, the delegates for the concurrent UK course were beginning to arrive to begin their course. Representing mainly energy companies, the delegates hail from Africa, the Middle East, Russia and Malaysia and like their fellow ARC alumni in Nigeria, have been debating the issues related to the skills and abilities of security managers.

For this course, the debate centred around the benefits of having military or police experience and, as in Nigeria, these delegates concluded that there are undoubted benefits to the security manager having more than just an ex-service portfolio of skills. However, there was general consensus that the modern services produce personnel with far better-developed business and ‘soft’ skills than in the past. The group cautioned against discarding these skilled personnel completely and concluded that bridging the gap in security managers’ skills involves personal and professional development and training for both business professionals (in security skills and knowledge) and security professionals (in business management skills).

It is interesting to note that only 4 of the 11 delegates have a military or police background and clearly understand, from their own experiences, the benefits and disadvantages of polarised skill-sets for the security professional.

One of the delegates summed up the debate as follows:

‘I agree, it is absolutely true, that the security manager has to combine traditional security skills with profound business and technical knowledge. I absolutely agree with the description of the whole range of skills which a security manager has to master, such as basic IT and presentation delivery; interpersonal skills; functional management in all its applications (managing projects, selecting contractors, managing the team and managing time etc). From one side, it is a complicated goal to achieve, from the other, it helps a security manager to feel comfortable in a business environment, speaking the same business language with other managers and directors.’

The groups will be developing this theme throughout the course and exploring the areas of business where both ‘sides’ can effectively improve and contribute to corporate aims and objectives.

If you want to join the debate – go to the ARC website, or contact Janet for further information on our Security Management Courses.

Should We Expect a New Wave of White Powder Attacks?

This week may see an announcement on the future of the investigation known as “Amerithrax,” the investigation of the mailings of anthrax-laced letters in September and October 2001 that resulted in five deaths and the sickening of 17 people and disrupted the US mail and Congress, according to online magazine HS Today.

On Friday, Aug. 1, Bruce Ivins, a US Army researcher who was the chief suspect committed suicide at his home in Frederick, Md. Ivins was to have met with FBI agents to discuss a plea agreement in the case on Friday. The FBI, the lead agency in the investigation, which includes the US Postal Service’s Inspection Service and the Department of Homeland Security, must decide whether to conclude the investigation.

It is possible that the reigniting of media interest will generate a wave of white-powder copycat attacks from pranksters, and security managers are advised to ensure that contingency plans are in place. For advice on what needs to be in a contingency plan for biological threats by post go to:

http://www.hse.gov.uk/biosafety/diseases/anthrax.htm

Since the 2001 attacks in the US ARC has trained mailroom staff from a number of organisations in the handling of suspicious items delivered by post. To discuss your mailroom staff training needs in confidence, contact Phil Wood MBE, who has specialist military training in the area of CBRN defence.

Voice over Internet Protocol – Is It Secure?

One of the topics discussed on ARC’s recent Specifying Security Technology Course was Voice over Internet Protocol, which provides not only huge cost savings, but can also be rolled out alongside IP CCTV projects using common hardware.

For long, there have been debates about the security of VoIP, but most experts agree that as long as encryption is specified as standard from the outset, it can be secure, or even more secure, than traditional landline.

Read on here for a discussion of telephone security and VoIP:

http://www.schneier.com/blog/archives/2006/04/voip_encryption.html

Identifying Core Securitiy Management Skills

Delegates attending the Security Management Stage 1 Course in Lagos, Nigiera, have been examining skills gaps for entrants into security management. Almost all of the delegates are graduates in varied subjects including economics, geography, computer science, law, international relations, philosophy, business administration etc, in some cases at Masters level. Interestingly, relatively few have military or police backgrounds, the underlying philosophy being that military and police skills can be contracted in, and that in security management requires, like almost all other mainstream business disciplines, business acumen, sound academic credentials and operational knowledge as bedrock.

Commenting on the difficulties of this approach, one delegate remarked that in his experience many CEOs, especially in non-multinational companies, tended to persist in the view that the number #1 prerequisite for the position of security manager was past military or other government security agency experience, since all the incumbent needs to do, in their opinion, is to position guards to man the gates and the premises and supervise them in a military fashion.

Specifically, this participant states: “Clearly, in my view, a security manager needs more than just past military/police/etc experience (that is if needs it at all) to function in that role. I agree that successful security operations management requires the incumbent to be many things. He must be fully conversant with both the business operation and his core competence – security. In addition to this knowledge he needs a whole range of generic business skills that must be developed. A security manager must have the basic arithmetical, IT and presentation delivery skills to demonstrate quantitatively that he is delivering a genuine return on investment.

Again his inter-personal skills must be well honed not only to stand him in good stead at every level of the business but also to give him the leading edge as he liaises with, and cultivates relationships with, outside agencies such as the police and intelligence services. Furthermore, the incumbent must be capable of functional management in all of its applications. This includes managing projects, selecting contractors and consultants, leading the security team and, especially, managing time”.

The next Security Management Stage 1 Course takes place in Gurgaon (Delhi) India, 25 August - 5 September, and repeated 22 September - 3 October. Contact Janet for more details or to reserve a place.

Illegal Drug Use around Three Times Higher among Professional and Managerial Classes Compared with the Semi or Unskilled

These are the findings of a BBC survey into drug use in the UK. For the full story click on the link below:

http://news.bbc.co.uk/1/hi/uk/4998522.stm

Critical National Infrastructure – It’s Critical and Vulnerable

Unlike many countries and regions, Western Europe and the US depend extremely heavily upon their Critical National Infrastructure (CNI) to live and to operate. Electrical power is generally taken for granted, but when interruptions do happen the result is chaos. A power outage affected many areas of the UK this week and caused chaos and major disruption with industry, the transport system and even hospital operations suffering serious impact.

It is not only the control systems that are at risk, but also weak points within the overall infrastructure - and when these are knocked out, recovery could take days. For a society so dependent upon continuity of supply the effects can clearly be devastating.

To read an interesting report on this incident from the UK Times newspaper, please follow this link:

http://business.timesonline.co.uk/tol/business/industry_sectors/utilities/article4023634.ece

And if you don’t have security and business continuity plans in place to allow you to protect and recover, maybe now is the time to think about it.

For details of ARC's Critical Infrastructure Security Course go to:

http://www.arc-tc.com/pages/other_accredited_sm.asp#s5

Happy Birthday!

Happy Birthday, 3 August, to Emilios Maroulis of BAT Greece!

Let ARC Bring CPP Training to You!

According to website Outlaw.com one graduate in six lies to get a job in financial services, a survey of CVs has shown. The survey of nearly 4,000 CVs found that 17% of applicants for jobs in the financial sector lied at least once. The number of people lying on CVs has increased by 30% since last year and the number of people lying increased in every job sector surveyed except stockbrokers.

The survey was conducted by the Shell Technology and Enterprise Programme for employee screening firm Powerchex.

Job applicants most commonly lie about the dates on which they held certain jobs. The next two most popular lies are related to qualifications and directorships held. The survey found that while these three categories of lie increased in their frequency, all the other kinds of lie told – about bankruptcy, job titles, salaries, reasons for leaving past jobs and criminal records – decreased in popularity.

The threat posed by dishonest personnel to employers - and correct hiring protocols - are among the many topics covered in the ASIS CPP Syllabus. The CPP is the most popular security certification in the world (over 6,500 security professionals hold this designation)

ARC Training has a one-week intensive CPP examination preparation package which it can deliver on-site anywhere in the world. The classroom sessions are supported by a series of distance learning tasks.

Contact David for further information.

Troops Deploy to Guard Sensitive Sites in Italy. Meanwhile in London Police Warn of Continued Terrorist Activity

Thousands of troops are being deployed in Italian cities to help police fight crime, according to the BBC, citing an Italian Government announcement. About 2,000 troops will guard "sensitive" sites such as train stations and embassies. Another 1,000 will go on street patrols with police. The six-month deployment includes Rome, Naples, Milan and Turin. Some troops will guard migrant holding centres.

Meanwhile, in the UK, Scotland Yard has announced that is has disrupted 13 terrorist networks in London in the last financial year. During the 12 month period, there was an average of a suspected terrorist incident in London every other day. There were 181 incidents, slightly up on the previous year's figure of 177 and police took 4,346 calls on the anti-terrorism hotline. The figures were revealed in a document prepared for the Metropolitan Police Authority.

For advice on how ARC can assist you with your terrorism defence planning, staff awareness training, contingency and business continuity planning, contact Phillip Wood MBE CPP PSP CBCI.

A Vast Security Management Reference Library on Your Desktop – For Free!

Instructions:

Navigate to http://www.arc-tc.com/pages/resources_publications.asp

Right click on mouse.

Select create shortcut and send to desktop. (Some operating systems may offer you send to desktop direct)

Done! You now have a clickable link to a great web library of security management resources on your desktop screen. And the list of links is being added to weekly.

The Most Popular Security Management Course in the World?

The Security Management Stage 1 course must surely be the most popular security management course in the world. The course has been attended by hundreds of security manager delegates from literally all over the world, and ARC is now in the process of taking the course out to regional international hubs.

Monday 4th August will see the two-week course commence in both the UK and Lagos, Nigeria simultaneously. Attending the UK programme, led by Phil Wood MBE, will be delegates from Africa, the Middle East, the Far East, Russia, and Central Asia. With countries as diverse as Algeria, Malaysia and Russia, the course is sure to be a very cross-culturally enriching experience with best practice exchanged from literally around the world.

David Cresswell will be leading the programme in Nigeria, which is an in-house requirement for a major oil and gas sector client.

Later in the month David will be making the first of two two-week visits to India to conduct a modified Security Management Stage 1 for an oil and gas client in that country. Although originally designed as an in-house programme, places on these courses are available on an open basis. Please contact Janet for further information or click here.

Security Management Stage 1 runs again later in the UK, 17-28 November, after which it will be conducted in Bahrain, 18-29 January 2009 and in Cape Town, South Africa, 23 March – 3 April 2009.

For more information contact Janet.

Crisis and Business Continuity Management – A Growing Concern

As the range of potential crises and emergencies which could impact upon them continues to grow, many companies and organisations are starting to take Crisis and Business Continuity management seriously. This growing concern has been reflected in Phil’s expanding portfolio of Crisis and Business Continuity training activities this year.

Phil Wood MBE has returned this week from Dubai, where he was working with a major client on their preparedness and planning procedures and is conducting ongoing work with them. This month alone he will be travelling to Oman and Kenya to conduct similar training for specific agencies and a major multinational company in contingency planning. This is definitely a growing part of ARC’s business and we will be looking to increase our activities in this sphere further in next year’s schedule.

To back up his own experience in the subject, Phil recently undertook the Business Continuity Institute (BCI) Certification examination. His pass with merit underlines his knowledge and ability in this area and demonstrates his understanding of Business Continuity processes and issues. This, combined with his experience of delivering training to corporate clients provides ARC with a market leading edge in this specialist area.

It is surprising how many businesses are not prepared for emergencies. If your plans, people and processes need some attention, ARC can meet your training and consultancy needs. Contact Janet for details. For information on BCI Certification, follow this link: http://www.thebci.org/certificationstandards.htm

Happy Birthday!

Happy birthday today to the following ARC alumni:



Kingsley Onyeoziri, Nigeria

Armando Francisco, Angola

Hector Borges, Venezuela



Best wishes from all ARC staff!

New Report on Terrorism from Rand Corporation - Download Summary Here

Source: Rand Corporation

All terrorist groups eventually end. But how do they end? Answers to this question have enormous implications for counterterrorism efforts. The evidence since 1968 indicates that most groups have ended because (1) they joined the political process or (2) local police and intelligence agencies arrested or killed key members. Military force has rarely been the primary reason for the end of terrorist groups, and few groups within this time frame achieved victory.

Continue reading at:

http://www.rand.org/pubs/monographs/2008/RAND_MG741.sum.pdf

ARC Training’s Protection Against Explosive Devices Workshop takes place on 7th August. For further information and to book a place contact Janet Ward.

Getting Tough - UK Companies Monitoring Outbound Email and Sacking Email Policy Violators

Source: out-law.com

Nearly half of UK companies have fired workers in the past year because of abuses of email. Over half of UK firms regularly audit employees' email to make sure they are complying with company rules, a survey has found.

The survey also found that almost half of the UK's companies conducted investigations into email leaks of confidential or sensitive data in the past year. The figures show UK companies to be more suspicious of and more rigorous in checking employees' use of email than their counterparts in Germany and France.

Research carried out by Forrester on behalf of email security firm Proofpoint found that 44% of UK companies had fired employees in the past year because of violation of email policies, while 78% of them had disciplined workers for the same offence.

It found that 53% of UK companies surveyed regularly audited outbound email content, while 47% have investigated a leak in the last year.

ARC Comes to India

The ARC Training International Academy for Security Management will be conducting two university-accredited Security Management Stage 1 Courses in Gurgaon, India, in the coming weeks.

The first course takes place 25 August – 5 September, and the second takes place 22 September – 3 October. This is a unique opportunity to study with this world-famous institution in India for the first time.

The courses have been attended by hundreds of security managers worldwide and are seen as a benchmark security management professional development milestone by many of the world’s largest multinational companies.

The course syllabus includes: security risk management; security operations management; physical and electronic security; integrating and specifying security technology; access management; developments in CCTV, workplace crime prevention; manpower selection and leadership; introduction to security surveying; protection against explosive devices; information security; transport security; protection of at-risk personnel; crisis management and corporate social responsibility.

For further information and to enquire about reserving a place click on this link or contact Janet Ward directly.