Pandemic Resources

Using temperature scanners in airports to try to identify and block entry of sick travellers during a disease outbreak is unlikely to achieve the desired goal, a report by French public health officials suggests.

Their analysis, based on a review of studies on temperature screening efforts like those instituted during the 2003 SARS outbreak, says the programs may be of limited use in the early days of a flu pandemic, when governments might be tempted to order screening of incoming travellers to try to delay introduction of the illness within their borders.

For a wealth of resources on Avian Flu and Pandemics, go to the ASIS Pandemic Toolkit, which can be accessed from the following link:

http://www.arc-tc.com/pages/resources_publications.asp#P

World Oil Transit Chokepoints

World oil transit chokepoints are a critical part of global energy security. In 2007global seaborne oil trade was approximately 43 million barrels per day or about half of world oil production.

Click on the link below for a useful US Government site on oil transit chokepoint:

http://www.eia.doe.gov/cabs/World_Oil_Transit_Chokepoints/Background.html

The new Managing Security in the Oil and Gas Sector, 24-28 August 2009, covers many of the security issues surrounding oil security. Drawing on case studies from around the world, it addresses some of the more complex risks associated with oil and gas operations in various environments and includes many practical exercises.

The full list of topics can be found at:

http://www.arc-tc.com/pages/other_accredited_sm.asp#s1

Keeping Track of Maritime Piracy

Stories of piracy in the Gulf of Aden are almost a daily occurrence; and last week there was a resurgence of piracy in the Malacca Straits, through which a substantial percentage of the world’s oil flows.

A useful site to keep track on piracy events is provided by Lloyds. Click on the following tab and you will find the latest Piracy News stories listed on the right:

http://www.lloydslist.com/ll/news/malacca-strait-pirates-capture-tug-crew/20017620560.htm

India Hotel Attackers Had 320 Worldwide Targets – The Guardian

The plotters behind the Mumbai attack, which left more than 170 people dead, had placed India’s financial capital on a list of 320 worldwide locations as potential targets for commando-style terror strikes, the UK newspaper The Guardian has learned.

It suggests that Lashkar-e-Taiba, the outlawed terror group that planned much of the attack from Pakistan, had ambitions well beyond causing mayhem in India.

According to the newspaper Western intelligence agencies have accessed the computer and email account of Lashkar's communications chief, Zarar Shah, and found a list of possible targets, only 20 of which were in India.

For more, read:

http://www.guardian.co.uk/world/2009/feb/19/mumbai-attacks-list-targets

Banks again become the Target of Terrorists - AQ Urges Use of Explosive Gas Bombs

This week Greek police defused a car bomb that was left outside the offices of a leading US-based international bank, in a suburb of the capital, Athens.

Police described the device as "powerful", adding that it consisted of explosives packed into gas cylinders and linked to a timer. A security guard at the bank apparently alerted the police after seeing three people park the car next to the building and then make off. No warning was given. A new and possibly more dangerous generation of Greek extremists is escalating attacks against police and symbols of capitalism.

Gas-bottle bombs have long been a favourite of domestic terrorists in Greece, and were also used by Islamist extremists in 2007 in the UK in their foiled attacks in London and Glasgow Airport. Recently, according to CBS News, a member of a militant Islamist Internet forum who uses the name Abul Baraa al Masri, posted information about an easy and cheap alternative to the usual car bomb commonly used by militants in Afghanistan and other places. Al Masri, who is very active in the military sections of the Internet forum, explained that the bomb consists of a well-sealed tanker to be filled with a mix of 25% Gas and 75% Oxygen and a detonator.

The Protection against Explosive Devices is a full-day subject on the forthcoming Security Management Stage 1 Course. Forthcoming courses are:

South Africa: 9-20 March 2009. Click here for details.

UK: 23 March - 3 April 2009. Click here for details.

Al-Qaeda Kidnap Risk in North / West Africa

According to media, Al-Qaeda's North Africa network (al-Qaeda of the Islamic Maghreb) has now claimed responsibility for the abduction last December of two Canadian diplomats, one of them a United Nations envoy, and more recently, four European tourists in Niger, al-Jazeera television reported. "We are happy to bring our Islamic nation the good news of the mujahedeen’s success in carrying out two quality operations in Niger," the group's spokesperson said in an audio tape aired on the pan-Arab channel this week. "[The Mujahedeen] reserves the right to deal with the six captives under Islamic sharia [law]."

Kindap Risk Reduction and Response is a full-day module on the forthcoming Security Management Stage 3 Course in the UK, 11-22 May 2009. For details, click on:

http://www.arc-tc.com/pages/university_acredited_sm.asp#sm3

Information Theft in Asia

One of the topics covered by delegates attending the recent Security Management Stage 3 Course in Kuala Lumpur, Malaysia, was Investigating Information Leaks and Information Theft.

Although not considered to be a “high profile” crime in SE Asia, the extent of information theft in the region is high, with employees routinely copying business information onto personal flash drives for future personal use, and problem is set to become worse as employees fear job insecurity, and organisations continue to fail to plug this major exposure.

The group identified the following as potential information theft adversaries and tactics:

- Moles ([planted agents, informants, and those who are leaking information under duress)
- Buggists (possibly contract workers such as guards and cleaners)
- Physical keystroke logger planters (possibly contract workers such as guards and cleaners)
- Social engineering (tricking unwary individuals into disclosure)
- Bin raiding (searching through an organisation’s trash
- Access to sensitive information by third party contractors or JV partners
- Employees (especially those anticipating leaving)

If you have a regional / overseas training requirement you would like to discuss with ARC, please contact David.

British Personal Data Protection Standard Is Published

Source: Out-Law.com

A set of instructions on how organisations can stay within the Data Protection Act (DPA) while storing personal information has been published by British Standards (BSI).

National standards body the BSI wants its instructions to become a standard and has asked for comments on a published draft. It wants the eventual standard to help organisations to store personal information legally.

"This standard is the first of its kind in the area of Data Protection and is expected to be used widely by both public and private sector organizations," said Gordon Wanless, chairman of BSI's data protection forum.

Preventing 3rd Parties from Stealing your Most Sensitive Information

One of the topics under discussion at this week’s Security Management Stage 3 Course, in Kuala Lumpur, Malaysia, has been how to protect sensitive company information against exfiltration (or theft by 3rd parties, including contractors.

The US Government has long recognised that groups such as cn-site contract workers pose a significant threat to information such as that relating to processes and R&D.

The UK’s Centre for the Protection of National Infrastructure has useful guidance at the following link on how to manage this problem, including how to tread a “safe” course through the legal minefield. This can be found at:

http://www.cpni.gov.uk/WhatsNew/3692.aspx

Designed to help you formulate security management policy at regional or corporate level,the next Security Management Stage 3 Course will be held in the UK during the period 11-22 May 2009; details can be found at:

http://www.arc-tc.com/pages/university_acredited_sm.asp#sm3

Security Professionals Storm Ahead

Meanwhile, Security Professionals from several countries are currently undergoing Security Management Stage 2 in the UK. Against a background of unusually cold and wet weather in the middle of the European winter, the delegates are considering, arguing and debating some challenging and thought provoking subject matter, including emerging security technologies and the convergence of IT and Physical Security. Extolling the virtues of disussing issues in depth, one of the delegates expressed the view that such an approach is critical to expanding ability and confidence in security professionals.

Asian Security Managers Develop their Strategic Skills

The postgraduate university-accredited Security Management Stage 3 Course, currently taking place in the centre of cosmopolitan Kuala Lumpur, Malaysia, is a two-week advanced security management programme looking at how security management integrates with business management at strategic level, and examines ways in which the security manager can increase his/her overall contribution to the organisation.

One of the sessions on day 2 of the course addressed the issue of Corporate Social Responsibility (CSR), and the proactive effect that this can have on security risk mitigation, especially in the extractive sector. CSR is about creating sustainability and improvement to the local environment (social, economic, healthcare and sanitation, education, etc), especially in areas where the corporate footprint is significant and where government-funded infrastructure may be very basic. In such environments, companies that don’t take account of their local footprint, and which don’t become a driver for local improvement, often suffer increased security incidents.

In community engagement in particular, it is often the security manager who is the best-known community local company point of contact, so an understanding of CSR is essential. In fact, a CEO of a major oil and gas national company, addressing an ARC course last year, declared that CSR and security management were “two sides of the same coin”.

One delegate’s company has a simple rule when it comes to CSR: “energy received, energy returned; aspiring people everywhere.” Not surprisingly, the company is a rapidly globally expanding standard bearer in the energy sector.

The course includes security managers from Africa and Asia, from a wide range of sectors including security systems integration, manufacturing, solar power and a multinational cement company. Three of the security managers are CPP certified, and are using the course to earn their full term of recertification credits! Others are using the course as a part of their MSc studies.

The next Security Management Stage 3 Course takes place in the UK, 11-22 May 2009. Click here for details.

State Intrusion - Too Much Security?

Nation-states and their constituents face a bewildering array of threats, both natural and malicious, with a wide range of risks to national security. The state has a duty to protect its citizens in the face of such threats; however, in the face of serious and growing concerns about the legitimate rights of governments to impinge upon personal privacy, governments must work hard in their attempts to justify intrusions. This has been again highlighted by the UK’s House of Lords, who have challenged the Government’s use of DNA, CCTV and planned interception of communications as an intrusion too far. Use this link http://news.bbc.co.uk/mobile/bbc_news/top_stories/787/78724/story7872425.shtml for an article from BBC News.

Emerging Risks – Are You Prepared?

Risks don’t stay the same for ever – they change, mutate and migrate. The World Economic Forum recognises this fact and produces annually a report covering assessed Global Risks. This year’s areas of concern are grouped as follows:
1. Economic
2. Geopolitical
3. Environmental
4. Societal
5. Technological
Whilst you may think that you have assessed all of the risks to your organisation, this report may give you some food for thought about those which you may have missed. You can download a copy here http://www.arc-tc.com/pages/documents/2009.pdf
ARC’s Security Management Courses and Risk workshops cover risks in terms of the holistic threats to business rather than simply in terms of criminolgy and asset protection and there is no doubt, as the WEF Report indicates – that the range and types of global risks are difficult to predict. If you want to learn more – contact Janet

Maritime Security - Piracy Focus

Recent extensive media coverage of events on the high seas has shown that maritime piracy remains a prevalent threat in some areas. An excellent report by the ICC International Maritime Bureau has assessed the instances locations and methods of piracy attacks for 2008 and provides a good overview of the issues worldwide. It is worth noting its contents – because if any of your business, or that of your suppliers, passes through the locations detailed in the report – then they are potentially at risk. You can access the report here via the ARC Website.

Employees File Sharing? You Could Be Held Responsible!

Lots of people file share - it is illegal in many cases and breaches copyrights worldwide. Those who conduct such activities often think that they will not be detected and even use their employer’s IT systems to share files. The UK Government is taking a new approach which will force Internet Service Providers to disconnect repeated file sharers and to enable legal action. If file sharers are using your systems then there is a risk that you will be disconnected or even sued – both of which will expose your business to unacceptable risk. Follow the link to an internet report on this issue: File Share