The Professional Protection Officer: Practical Security Strategies and Emerging Trends [2 ed.] 0128177489, 9780128177488

Table of contents :
Cover
THE
PROFESSIONAL
PROTECTION
OFFICER
Practical Security Strategies and
Emerging Trends
Copyright
Dedication
Contributors
Foreword
Introduction
Purpose
History of This Handbook
Dedications
Ron Minion, CPP and IFPO Founder
IFPO Team
Contents
Global Challenges, New Roles, and Responsibilities
CPO Program
Certified Protection Officer (CPO) Final Challenge Program
Conclusion
Part I: Foundations
1
Concepts and Evolution of Asset Protection and Security
Introduction
Asset Definition
Asset Valuation
Threat
Vulnerability
Loss
Risks
Criticality
Frequency
Probability
Impact
Mitigation
Cost-Benefit Analysis
Asset Protection
Layered Protection
Physical Security
Safety
Risk Management
Insurance
Commerce
Law
Labor Relations
Fire Protection
The Cycle of History
Historical Development of Security Services
The Path to Professionalism
Contemporary Careers in Asset Protection
Professional Development Never Ends
References
Further Reading
2
Role of the Professional Protection Officer
Introduction
Definition of a Protection Officer
Levels of Protection Staff
Major Roles of a Professional Protection Officer
What It Means to Be a Professional
What Needs to Be Protected?
The ``How´´ of Protection
Core Functions
Preventative Functions
Mitigation Functions
Verification Functions
Response Functions
Basic Physical Security Officer
Certified Protection Officer
Certified in Security Supervision and Management
Emerging Trends
Need for Standardization
Training and Certification
Summary
References
Resources
3
The Security Officer of the 21st Century
Introduction
What is a Security Officer?
Visibility of the Professional Security Officer
Why Is Training So Important Today and In the Future?
The Image of Officers in a Training Classroom
Training
Writing Reports
Going Forward Into the 21st Century-Robots
References
4
Time and Stress Management
Introduction
When is the Best Time for Planning Your Work?
Protecting the Master Plan
Routine Meetings
Politically Charged Meetings
Meeting Deadlines
Prioritizing Your Work
The Demon Phone and Social Media
Delegation Skills That Lead to Success
Dealing With Stress That is Not Work Related
Handling Fears in Your Professional Life
Follow-Up and Follow-Through
Warning About Praising
Conclusion
4A Critical Incident Stress
Introduction
What Are Critical Incidents?
There Is No Shame in Asking for Help
Critical Incident Stress Debriefing (CISD)
Psychological Trauma Immunization Program
Formal Debriefing Process
Symptoms
Teaching
5 100 Things Protection Officers Need to Know
100 Great Tips!
Summary
Part II: Practical and Operational Applications
6
Occupational Health, Industrial Hazards, Vulnerability Assessment, and Self-Assessment
Introduction
Consider the Following Additional Hazards and Scenarios
Risks to the Protection Officer
Vulnerability Assessment
Self-Assessment
The Role of The Protection Officer in Occupational Health & Safety (OH&S) Programs
Seven Common Safety Hazards
Self-Protection
Key Facts in Accidents
Accident Types
Key Terminology
Emerging Trends
References
Further Reading
7
Legal Aspects of Security
Introduction
The Development of Our Laws
The Common Law
Case Law
Statutes
The Effect of the European Civil Code on Our Legal System
Types of Laws-Criminal and Civil
Criminal Law
Civil Law
Administrative Law and Other Standards
Labor Laws
Interaction of Criminal, Civil, and Labor Laws
Young Offenders
Search and Seizure
Evidence
The Burden of Proof
Trespass
Emerging Trends
Conclusion
References
8
Patrol Principles
Purpose of Patrol
Pre-Patrol Analysis
Patrol
Deter
Detect
Delay
Deny
Emergency Response
Ancillary Supportive Functions of Patrol
Types of Patrol
Post Position
Mobile Patrol
Virtual Patrol
Fixed Post
Preparation for Patrol
Code of Conduct Policy
Training
Post Orders and Patrol Procedures
Equipment
Incident Investigations and Responsibilities
Liaison With Law Enforcement
Emergency Response
Supervisory Oversight
Rest, Relaxation, and Exercise
Awareness and Familiarity
Pre-Patrol Intelligence
Body Cameras for Law Enforcement and the Private Sector (Fennelly & Perry, 2017)
Legal Issues With Audio Recording
Training
Deportment
Equipment Check
Techniques of Patrol
Comfortable Shoes
Flashlight
Stop, Look, and Listen
Baseline
Tactical Maneuvering
Predictably Unpredictable
Vehicle Positioning
Hands
Nonverbal Communications
Enhance Security Measures
Unethical Unprofessional Practices
Critical Thinking
Analytical
Communication
Creativity
Open-Minded
Problem Solving
Emerging Trends
ESRM Board Initiative-Executive Summary (ASIS International, 2016)
ESRM Board Initiative-Goals
Conclusion
References
8A Four Critical Points
Compelling Advice
Resources
9
The Importance of CPR/AED and First Aid Training for Security Officers
Introduction
Security Needs are Growing as Technology Advances
Security Degree Programs are on the Rise
The Security Industry Requires Particular Skills
There are a Variety of Jobs in the Industry
CPR/AED
Chain of Survival
First Aid
References
Further Reading
10
Officer Safety and Use of Force
Introduction
Applying Verbal De-Escalation to Aggressive Situations
Report Writing in Use-of-Force Cases
Emerging Trends
References
11
Active Assailant Preparedness: Beyond Active Shooter Response
Introduction
The Active Assailant Phenomenon
Workplace Violence Prevention
Training
Mental Health Issues
Threat Detection and Assessment
Security Measures
Weapons Policies
The Role of Protection Officers
Law Enforcement and Emergency Response
Case Studies
Conclusion
References
Further Reading
11A
A Look at Solutions to Active Shooters
Introduction
Coverage for Events
NFPA 3000 (PA)
What You Need to Know About NFPA 3000
References
11B
Saving a Life, It's in Your Hands
Stop the bleed
Get the Facts
How Much Do You Know About Tourniquets?
Finally
References
12
Apprehension and Detention Procedures
Introduction
Developing a Working Model
What Constitutes an Arrest?
The Importance of Reasonableness
What Gets Security Officers in Trouble?
Criminal Laws That Can Get a Security Officer in Trouble
Assault
Battery
False Arrest
Civil Law Violations That Can Get a Security Officer in Trouble
Detention and Apprehension Methodology
The Use of Force
Dealing With the Aftermath
Conclusion
References
13
Traffic Control
Signs and Automatic Traffic Signals
Roadway Positions
Hand Signals
The Whistle
Traffic Control
Gate Duty
Equipment
Private Parking and Other Traffic Areas
Calming the Traffic
Traffic Calming Benefits of a Neighborhood Radar Speed Sign (Radarsign, n.d.)
References
14
Fire Prevention, Detection, and Response
Fire Basics
Detection Methods
Fire Types
Extinguishers
Permanent Extinguishing Hardware
Containment
Fire Plans
Arson
Fire as a Weapon
Conclusion
15
Access Control
Introduction
Custody of Client Keys
Emergency Access Control
Examples of Access Control
Audit and Record Keeping
Access Authorization
Applying Physical Security in Access Control
Locks and Key Control
Electronic Access Control Systems
Wireless and Radio Frequency Communication
Access System Database Management
Multiple Factors: Biometric Technologies
Access Control in the Information Age
Emerging Trends
16
Contraband Detection Technology
Which Detection Equipment is Best?
Metal Detection
Magnetometers (Walk-Through Metal Detectors)
Continuous Wave Devices
Pulse-Field Detectors
X-ray Detection
Explosive Detection
Chemiluminescence Detectors
Backscattering Technology
Computed Tomography
Canine Detection
How to Choose Your Dog or Dogs
Electronic Article Surveillance
Unmanned Aerial Vehicles (Drones)
Gunshot Detection Technology
Indoor Detection
Outdoor Detection
How to Respond to an Alarm
Emerging Trends
Summary
References
Resources
16A
Unmanned Aerial Vehicle (Drone) Usage in the 21st Century
Introduction
FAA Guidelines for Unmanned Aircraft Systems (UAS)
Drones 55 lb and Over
Features and Benefits (Chapman, 2016)
Legal or Regulatory Basis (Rupprecht Law, 2019)
Use of Drones
Security Applications for Drones
Accident Reporting Under the Small UAS Rule (Part 107) to the FAA (FAA, 2018b)
A New Use for Drones
References
17
Effective Communications
Effective Communications Defined
Due Diligence Based on Effective Communications
Channels of Communication
The Six Essentials of Effective Communications
Consider the Audience
Verifying Communications With Feedback
Myths and Misconceptions in Communications
Proper Use of Communications Devices
Telephone and Cell-Phone Systems
Walkie Talkie-Two-Way Radios
Repeaters
Intercoms
Emerging Trends
Summary
18
Crime and Incident Scene Procedures
What is an Incident?
The Scene
Hazards to an Incident Scene
Determining Boundaries
Protecting and Preserving the Scene
Evidence
Making Detailed and Accurate Notes
Working With Law Enforcement and Investigators
Emerging Trends
Conclusion
References
Further Reading
19
Foundations for Surveillance
Types of Surveillance
Covert Personal Surveillance
Overt Personal Surveillance
Covert Electronic Surveillance
Overt Electronic Surveillance
Digital Surveillance
Surveillance as a Deterrent
Equipment Requirements
Privacy Issues
Recording and Retention
Emerging Trends in Surveillance
References
20
Report Writing and Field Notes
Introduction
Importance of Report Writing
Field Notes
Reports Should be Written
What Should be Reported
Qualities of Good Reports
Emerging Trends
Resources
21
Crisis Intervention
Introduction
Causes of Disruptive Behavior
Illness or Injury
Emotional Problems or Mental Illness
Substance/Alcohol Abuse or Medication Reaction
Stress
Anger/Frustration
Understanding Disruptive Behavior
Evaluate
Plan
Implement
Document
Review/After-Action
Four Stages of Crisis Behavior
Best Practices Guideline for the Security Professional
Verbal and Physical Disruptive Behavior
Active Listening
Nonverbal Communications
Controlling Disruptive or Violent Behavior
Team Intervention
Positive Factors Resulting From Team Approach
Leadership in the Team Approach
Safety Considerations in Crisis Intervention
Emerging Trends
Conclusion
References
21A
Mental Illness Takes Many Forms
Introduction
Symptoms of Dementia
Cognitive Changes
Psychological Changes
Dementia Solutions-Aside From Medical
Conclusion
References
Further Reading
22
Substance Abuse
Introduction
Impact on Business and Industry
Substance Abuse: What is the Motivation?
How Problematic Behavior and Dependence Develop
How Is Substance Abuse Perpetuated?
Conditions Adversely Affecting the Workplace
How Must Industry Respond?
Drugs of Abuse, Paraphernalia, and Definitions
Indicators and Common Signs of Abuse
Signs and Symptoms: Controlled Substances
Cannabis: Marijuana, Hashish, Hashish Oil
Stimulants: Cocaine, Amphetamines, Crystal Meth, and Lookalikes
Depressants: Alcohol, Barbiturates, Tranquilizers, Rohypnol
Narcotics: Heroin, Dilaudid, Percodan, Oxycodone/Oxycontin
Hallucinogens: LSD, PCP, DMT
Inhalants: Glue, Gasoline, and Erasing Fluid
Protecting People and Assets
Emerging Trends
References
Further Reading
23
Investigation: Concepts and Practices for Security Professionals
Introduction
Investigation and Human Communication
Ethics of Investigation
Preliminary Investigation
Follow-up investigation
Liaison
Notes and Reports
Surveillance
Testifying in Legal and Administrative Proceedings
Emerging Trends
Conclusion
References
Resources
23A
ASIS International: Investigator Certification
Professional Certified Investigator (PCI)
PCI Eligibility Requirements
References
Further Reading
24
Interviewing and Statements
Introduction
What Is Interviewing?
The Power of Communication
The Interview Process
Deception
Concluding the Interview
Emerging Trends
Conclusion
References
Resources
25
Crowd Management and Special Event Planning
Introduction
Definitions
Formation of Crowds
Causes of Crowd Formations
Psychological Factors
Types of Crowds
Crowd Actions and Suggested Countermeasures
When Verbalization Doesnt Work
Security and Demonstrations
Formation of a Mob
Responsibility and Behavior of Protective Groups
Planning Considerations
Personal Behavior
Riot Control Force Deployment Procedures
Crowd Management Assessment
Alcohol Serving Considerations
Emerging Trends
References
Resources
Further Reading
26
Strikes, Lockouts, and Labor Relations
Introduction
Types of Labor Activities
Planning-What to Be Aware of
Things to Expect
The Picket Line/Protests
Taunts and Insults
Surveillance
Searches
The Disciplinary Process Versus Labor Relations
Emerging Trends
Summary
References
27
Workplace Crime and Deviance
Introduction
Theories of Workplace Crime
General Deterrence
Routine Activity
Social Learning Theory
Techniques of Neutralization
General Strain Theory
Summary for Theories of Workplace Crime
Theft Prevention
Objective
Definition of Employee Dishonesty
First Steps
Sample List-Retail Establishment
Markings and Signage
Concealment
Examples:
Response to Theft
Reporting
Preventive Actions
Search Policy
Employee Liaison
Emerging Trends
Summary
References
Resources
28
Espionage-A Primer
Introduction
Espionage in History
Espionage in the 21st Century
Sabotage
How Can Espionage Be Conducted?
Social Engineering
Motivations
Security Clearances and Classifications
Trade Secrets
What Can Security Do About Espionage in the 21st Century?
References
29
Terrorism: What Protection Officers Need to Know
Introduction
What Is Terrorism? A Definition Dilemma
Threat Assessment
How Terrorism Differs From Other Crimes
Detecting Surveillance
The Human Is the Best Weapon System
Exploitation of the Security Services Industry
How to Proceed
Questions and Answers
References
30
Bomb Threats and the Case Against Immediate Evacuation
Bomb Threats
Mentality of a Bomber
Suspicious Objects-Game Changer
Assessment
Search
The Danger of Evacuation
Criminal Hoax
Bomb/IED Outside
Diversionary/Ambush Attack
Bomb/IED Inside
When You Must Evacuate
Crisis Communications 101
Risk Communications: Compliance and Deterrence Media
Crisis Communications
Think BLUF (Bottom Line Up Front)
Active Communications
When and What to Disclose
References
Resources
Further Reading
31
An All-Hazards Approach to Hazardous Materials
Introduction
Role of the Protection Officer
Hazardous Material Incidents
Tools and Resources
Diamond Designation
Response Models and Templates
The Initial Response
Identify the Substance Released
Determine the Quantity of the Released Substance
Activate the Appropriate Contingency Plan
Determine the Extent of the Damage
Perform Site Security
Emerging Trends
References
Further Reading
32
What Is Risk?
Risk Defined
Risk Management Programs and the Security Professional's Role
Risk Program Components
Risk Analysis
Risk Assessment and Risk Rating
Risk Mitigation
Reporting
Summary
Further Reading
32A
What Is Risk Management?
Introduction
The Risk Management Process
Assets
Threat
Intentional Threats
Natural Threats
Inadvertent Threats
Vulnerability
Risk Analysis
Summary
References
Further Reading
33
Emergency Planning
Introduction
Types of Potential Emergencies
Case Studies
Scope of the Problem
Emergency Planning Considerations
Vulnerability Analysis
The Incident Command System
The National Incident Management System (NIMS)
Emergency Operations Centers
Media Relations
Developing the Emergency Response Plan
Reviewing and Integrating the Emergency Response Plan
Training and Testing
Evaluating the Emergency Response Plan
Emerging Trends
Conclusion
References
Resources
Further Reading
34
Security Awareness
Introduction
What Is Security Awareness?
Expanding the Team Through Partnerships
Techniques for Reinforcing Policy and Procedures to Increase Security Awareness
Double Loop Learning
Communication
References
35
Building a Sustainable Culture of Security
Introduction
How to Build a Sustainable Culture of Security
References
36
The Protection Officer's Role in Critical Information Infrastructure Protection
Introduction
International Critical Information Infrastructure Protection (CIIP)
United States National Infrastructure Protection Plan (NIPP)
Chemical Sector
Commercial Facilities Sector
Communications Sector
Critical Manufacturing Sector
Dams Sector
Defense Industrial Base Sector
Emergency Services Sector
Energy Sector
Financial Services Sector
Food and Agriculture Sector
Government Facilities Sector
Healthcare and Public Health Sector
Information Technology Sector
Nuclear Reactors, Materials, and Waste Sector
Transportation Systems Sector
Water and Wastewater Systems Sector
References
37
Physical Security Concepts and Applications
Physical Security Planning
Assets Identified
Loss Events Exposed
Occurrence Probability Factors Assigned
Impact of Occurrence Assessed
Countermeasures Selected
Security Lighting
Types of Lamps
Application Considerations
Security Glazing
Safety/Fire
Burglar/Vandal-Resistive
Bullet-Resistive
Explosion Resistive
Special Purpose
Intrusion Detection
Detectors/Sensors
System Controls
Signal Transmission
System Monitoring
Card Access
Access Control
Locking Hardware
Network Video
Safes and Vaults
Locks
Burglary-Resistive Safes
Burglary-Resistive Vaults
Fire-Resistive Containers
Fencing
UNDERWRITERS LABORATORIES
Integrated Security Systems
Continuing Education
Physical Security Certification
References
Further Reading
38
Alarm System Fundamentals
Introduction
Alarm Monitoring
Local Monitoring
Central Station Monitoring
Direct Fire or Police Monitoring
Proprietary Monitoring
Operator Interface
Customized, Data-Driven Reports
Alarm Sensors
Duress Alarms
Nuisance Alarms
Alarm Response
Fire Alarm Systems
Fire Alarm Sensors
Building Automation Sensors
Building Automation Systems (BAS)
Network Video Systems
Integrated Systems
Emerging Trends
References
39
VIP Security
Introduction
Risk and Vulnerability Assessment: A Questions-Based Approach
Mechanisms of Threat
Threat Mitigation
Hostage Situations
Use of Technology in Protective Services
Professional Development for Personal Protection Specialists
Disclaimer
References
40
Information Security and Counterintelligence
Key Terminology
Threats to Information and Intangible Assets
How Technology is Changing the Threat
A Suite of Protective Measures
Security Measures
Legal Measures
Management Measures
The Role of the Professional Protection Officer
Emerging Trends
Summary
References
41
Cybersecurity for Professional Security Officers
Introduction
Cyberterrorism
Emerging Trends in Cybersecurity
Conclusion
References
Part III: Advancing your Security Career
42
Ethics and Professionalism
Introduction
The Impact of Unethical and Unprofessional Behavior
Those Who Make the Wrong Choices Do Not Last
High-Profile Profession
Key Terms and Concepts
Protection Officer Code of Ethics
Standards of Conduct
Unethical Behavior in the Protection Profession
Values and Ethics (Adapted from Roufa, 2012)
Conclusion
References
43
Networking
Introduction
Why Networking Is Important
Professional Organizations and Training
The Liaison Role
Emerging Trends
Conclusion
References
44
The Protection Officer as a Leader
Introduction
Do You Really Want to Be a Leader?
Team Member Skills: The Foundation of Leadership
Expectations of Leaders
Three Critical Leadership Skills
Ten Steps to Becoming an Effective Leader
The Leader as an Agent of Change
Pitfalls of Leadership
Conclusion
References
Resources
45
Career Planning
Introduction
Begin at the Beginning-Education
Understand the Industry
Stay Current
Network
Find a Mentor
Explore Options
Do Your Homework
Seek Credentials and Certifications
Experience
Investigate Licensure
Conclusion
References
Further Reading
E P I L O G U E. Training Topics From ASIS Guideline PSO-2019
Index
Back Cover

Citation preview

THE PROFESSIONAL PROTECTION OFFICER SECOND EDITION

THE PROFESSIONAL PROTECTION OFFICER Practical Security Strategies and Emerging Trends SECOND EDITION Edited by

SANDI J. DAVIES LAWRENCE J. FENNELLY

Butterworth-Heinemann is an imprint of Elsevier The Boulevard, Langford Lane, Kidlington, Oxford OX5 1GB, United Kingdom 50 Hampshire Street, 5th Floor, Cambridge, MA 02139, United States © 2010, 2020 Elsevier Inc. All rights reserved. © 2020 Brad Spicer. Published by Elsevier Inc. All rights reserved. © 2020 Jeffrey A. Slotnick. Published by Elsevier Inc. All rights reserved. © 2020 Joseph Nelson. Published by Elsevier Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the Library of Congress British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library ISBN: 978-0-12-817748-8 For information on all Butterworth-Heinemann publications visit our website at https://www.elsevier.com/books-and-journals

Publisher: Katey Birtcher Acquisition Editor: Katey Birtcher Editorial Project Manager: Andrae Akeh Production Project Manager: Maria Bernard Cover Designer: Alan Studholme Typeset by SPi Global, India

Dedication We would like to offer this dedication to the strongly committed officers who have sought out their own professional development by engaging in their studies that the International Foundation for Protection Officers (IFPO) makes available. Thousands upon thousands of women and men internationally have successfully completed an IFPO certification program which in turn has enhanced their career. These individuals are raising the bar for our industry. Often these graduates continue with their studies and earn their bachelor’s or master’s degrees. This industry is evolving at such a substantial rate that the need for well-educated and trained individuals is significant. We thank you for taking

steps in protecting people, property, and assets. Be safe! To those fallen officers who lost their lives while on the job in the line of duty words can’t adequately express our gratitude. The loss that your families must be feeling is real and tremendous. You were strong and brave, and YOU did make a difference. Thank you kindly for your service. May God Bless. Once coined “Forgotten Soldiers of an Invisible Empire” comes to mind. by Christopher A. Hertig, CPP, CPOI Sandi J. Davies, Larry J. Fennelly

Contributors Michael Allen, CPP, CFE, PSP, PCI

Robert D. Jaffin, MBS, MTS

Curtis Baillie, CSC

Glen Kitteringham, SDyRM, M.Sc., CPP, CPOI

Brian D. Baker, MA, CPP, PCI, CPOI

Jennifer Lantz

Jeremy D. Bates, CFI

Brian Lunn

Greg Benson, MPA

Ronald L. Martin, CPP, CPOI

Colin Best, CSSM

Robert Metscher, CPP

Patrick C. Bishop, CPP, CFE, CPO

Bonnie Michelman, CPP, CHPA

Norman R. Bottom

Joseph Nelson, CPP

James Broder, CPP

Thomas Norman, CPP, PSP, CSC

Chris Carhart

John E. O’Rourke, CPP

Jeremiah Daley

Denis A. O’ Sullivan, CPP, CPO

Sandi J. Davies

Kevin E. Palacios, M.Sc., CPP, PSP, PCI

Whitney DeCamp, PhD., CPO

Marianna A. Perry, M.S., CPP, CPOI

Matthew R. Dimmick, PSP, CPD

Kevin E. Peterson, CPP, CPOI, CPO

Kevin T. Doss, M.Sc., CPP, PSP

Kevin Pound

Jack F. Dowling, CPP, PSP

Kenna Powell, CPP

Doug Durant, BA, CPP, CPO

David L. Ray, BA, JD, CFE

Francis J. Elliott, CPP

Bethany J. Redmond

Jim Ellis, MA., CPP, PSP

Chris Richardson, CPP

Michael J. Fagel, Ph.D., CEM

James E. Sellers, MSc, CPP, CFE, CPOI

Ken Fauth, CPP

Charles (Chuck) Sennewald, CSC, CPP, CPO

Lawrence J. Fennelly, CPOI, CSSM

Dennis Shepp, MBA, CPP, CFE, PCI

Richard P. Fiems, MA, CPOI, CSSM

Jeffrey A. Slotnick, CPP, PSP

Linda F. Florence, Ph.D., CPP

Brad Spicer

Eric L. Garwood, CPP, CSSM, CPO

Charles T. Thibodeau, M.Ed, CPP, CPOI, CSSM

Terence M. Gibbs, MS, CPP, WSO-CSSD

Franklin R. Timmon, CPP, CPOI

Brion P. Gilbride, MSI, CPP, CSSM, CPO

Ernest G. Vendrell, Ph.D, CEM, CPP

David Halcovitch, MSc

Ted Wade, MA

Michael A. Hannigan, CPO

Scott A. Watson, MCJ, M.Ed, CFE, CPP

Christopher A. Hertig, CPP, CPOI

Linda Watson, CPP, CSC, CHS-V

Jennifer Hesterman, Colonel US Airforce (Retired)

Rav-Zuridan Yisrael, MA, CPP, CPOI, CHS-111

xv

Foreword

Security is a reflection of the society. Globalization, terrorism, and technology continue to drive change in the way security has to operate and respond to risk. The world is in a constant state of flux and therefore the concepts and practice of security must continually adapt to the ever-changing risks. Security professionals must be comfortable with constantly operating in the midst of ambiguity. Drawing from various disciplines and diverse practice areas, security includes and is not limited to STEM (science, technology, engineering, and mathematics), cyber, risk management, political science, leadership, communication skills, business management, and legal aspects. As threats continue to evolve, security professionals at all levels must constantly learn and change, while balancing the parameters of their respective organization, agency, culture, or jurisdiction. Those who intend to harm adapt quickly to overcome preventative and protection measures with increasing creativity and expertise. The good news is the practice of security is moving toward greater acceptance and professionalism as evidenced by research, best practices, guidelines, and a documented body of knowledge. There are numerous career pathways for individuals who choose to dedicate themselves to the practice of professional security through education and certification.

This text is intended as a reference for preparing the reader for the Certified Protection Officer certification as well as a comprehensive reference. The contributing authors are all highly respected professionals from around the globe with expertise and advanced credentials in their respective areas. This book provides a broad overview of topics critical to success for security professionals such as communication, protection officer’s functions, crime prevention, safety, information security, workplace violence, risk management, investigations, private security law, and the use of force. This version builds on previous editions with new and expanded sections to include: • • • •

Enterprise security risk management Armed assailant/active shooter Leadership skills and competencies Expanded sections on technology and physical security

Readers will gain tools, tactics, methodologies, and best practices for protecting their organizations or communities.

xvii

Dr. Linda F. Florence, Ph.D., CPP The Florence Group, LLC Los Angeles, CA, United States

Bonnie Michelman, CPP, CHPA Massachusetts General Hospital Partners Healthcare, Inc. Boston, MA, United States

Introduction PURPOSE The purpose of this book The Professional Protection Officer: Practical Security Strategies and Emerging Trends is to provide “need-to-know” information to protection officers and students throughout the security industry. This resource serves as the course text for the Certified Protection Officer (CPO) program. Many security professionals also find the contents of this textbook helpful as a reference in their day-to-day security management responsibilities.

HISTORY OF THIS HANDBOOK The first edition of the Protection Officer Training Manual (POTM) originated with the birth of the International Foundation for Protection Officers (IFPO) in 1988. A total of 12 dedicated security professionals from the United States and Canada had a vision: to create an organization that would provide meaningful career opportunities for line security officers internationally. The newly formed IFPO Board of Directors realized that a certification program was needed, along with a professional training textbook, to make that vision a reality. Hence, the first edition of POTM was created to serve as the course text for the CPO program. IFPO, the CPO program, and POTM all proved to be vital components in achieving the foundation’s objectives.

Today, IFPO is the recognized catalyst in the development of professionalism throughout the security industry. Thousands of security officers who have earned the CPO accreditation have gained knowledge and professional career enhancement; they have unselfishly provided encouragement and information to their colleagues and employers. Hence, a new dimension of opportunities has spread throughout the security industry. The first version of this book was simple, short, and limited in scope, but included enough information to help the security officer better understand his or her roles, duties, and responsibilities. However, since that simple beginning, each subsequent edition, a total of nine (including seven before the title change), has brought new and enlightening information to the security professional. Heir to this legacy, the Professional Protection Officer is the leading text for protection officers and students. It is also widely used by those teaching in Protective Services, Criminal Justice, Homeland Security, or Emergency Management courses of study.

DEDICATIONS Ron Minion, CPP and IFPO Founder Ron Minion (1938–2008) lost his battle with Lou Gehrig’s disease in 2008. He was the man behind this book, one of the founders of IFPO, a dedicated champion of the security industry,

xix

xx

INTRODUCTION

and a tireless advocate for protection officers. His determination, and vision of professionalism through training for the industry, has resulted in a brighter future for scores of security professionals, and will continue to do so in the future. Ron was the first examined Certified Protection Professional in Canada. He was a founding member of the Calgary Chapter of the ASIS International, where he was a chapter chair and regional vice president. As regional vice president, he earned the president’s “award of merit” for establishing ASIS chapters throughout Canada. In 2006, Security Magazine named Ron as one of the 25 most influential executives. Ron’s legacy includes the thousands of line security officers he employed and mentored over the years. He knew the industry from the ground floor up, and never lost his vision of providing affordable training to security officers to help them turn their mere jobs into viable careers with brighter futures. Ron, our friend, mentor, industry advocate, and trusted colleague, is greatly missed.

IFPO Team IFPO is supported by a team of security professionals throughout the world who, year after year, work diligently on behalf of the Foundation and what it stands for. Because of these men and women who are committed to excellence and remain steadfast in their obligation to high standards of service, IFPO continues to be successful. We thank you. An extra special thanks to Alice Grime. Again her talents have made this book even better! Over the years Alice has worked with our team on a number of other very successful books. Through her professional relentless efforts as a researcher and proof reader, the end product is superior because of her contributions. We indeed appreciate her efforts and her interest in assisting the IFPO meet it’s goals and objectives. We might add that Alice once was a part of our IFPO team

at headquarters in Naples for a period of time. She proved to be an outstanding and valued employee as well. Thank YOU!

CONTENTS This new edition has 3 units and 45 chapters. The contributors to this edition are among the best writers, academics, and practitioners in the security community. This talented group of professionals has generously provided readers of this superior textbook with unique opportunities to acquire current asset protection and life safety information. These writers are outstanding individuals who deserve recognition and appreciation for their service to the security community. The contents of this textbook are sometimes quite basic. However, every security supervisor and manager should fully understand all of the information contained herein to provide better leadership and interpretation of officer responsibilities. The material contained in each unit is arranged to provide the reader with a smooth flow of related security information.

GLOBAL CHALLENGES, NEW ROLES, AND RESPONSIBILITIES Where once the term “security” might have referred to the lone night watchman whose greatest adversary was a burglar hoping to pick a lock, those days are long gone. The night watchman’s role was viewed as merely a job that did not garner much respect in the community. Today’s security professionals are finding their roles greatly expanded in numerous arenas worldwide, due, in part, to a much greater global threat and a reduction in public law enforcement protection. The current economic situation has caused an increase in some types of crimes. At the same time, those economic

INTRODUCTION

realities have also forced local municipalities to reduce public law enforcement efforts through layoffs or hiring freezes, even though the need for more protection is growing. The threat of terrorism was spotlighted for the United States and the world on 9/11, and is still an ever-present threat worldwide. It has and will continue to impact the industry, particularly in the areas of research and risk management methodologies. In recent years, cyberterrorism, which threatens infrastructure and services by attacking computer networks via the Internet, has become a very serious threat. It can, and has, resulted in the loss of billions of dollars of proprietary information, and compromised data at a broad range of institutions, from government agencies to banks, credit card companies, and business firms. Company executives are acutely aware of the danger of data loss, and numerous laws govern what must be done if data is compromised. Cyberterrorism not only puts data at risk, but can also put essential services and infrastructure at risk. Guarding against this type of threat requires continuing education about the ever-evolving risks, deterrents, prevention, and laws. Unlike the night watchman, who only worried about physical security with its fences, gates, and access points, today’s protection officer must also guard against an enemy that moves at the speed of light. The protection officer must not only protect the physical premises and equipment but also guard against an enemy that moves silently to disrupt services, incapacitate infrastructure, and steal data. The National Fire Protection Association’s (NFPA’s) “Guide for Premises Security” and “Standard for the Installation of Electronic Premises Security Systems” have both caused changes that may not make news headlines but will certainly impact the industry. The former will not affect the general public but fire protection, security consultants, facility managers, and insurance companies will be forced to deal with it. ASIS International has already begun setting standards that have impacted

xxi

the industry. The latter more or less cements the impact of the former. While the quest for mutual respect and seamless cooperation between public and private security has improved over the years, it must remain an ongoing goal for both the private and public sectors. Mutual respect and cooperation between public law enforcement and private security is essential to ensuring that security needs are met effectively. Increasingly, security functions have been contracted out to private security firms to fill the gap between what government can do and what is needed. Private security firms are even stepping in to fill the roles that military personnel once filled on military installations and even war zones. A new type of protection officer is increasingly stepping forward to fill the need, ready to deal with new situations and challenges as they come along, thanks to ongoing education and training. Currently, corporations that once relied on that night watchman to patrol a fence as sufficient protection are increasingly instituting their own in-house security departments. An integral part of this overall protection process is the professional security manager and supervisor, complemented with a security staff capable of attending to the ongoing protection needs. Generally, corporations require their security managers and supervisors to be well educated, trained, and experienced. Private security firms are also demanding educated, trained professionals. The night watchman might have been able to do his job with limited education, but in today’s ever-changing, challenging security climate, professionals must be educated and well trained to fulfill their new, evolving, and demanding roles. This new breed of security professional is winning respect by proving that they are skilled and very capable of carrying out the most sophisticated, demanding roles. They are dedicated professionals with the credentials needed to keep themselves, their employers, and their employers’ assets from harm.

xxii

INTRODUCTION

CPO PROGRAM Professional Protection Officer: Practical Security Strategies and Emerging Trends is the course text for the CPO program, an internationally recognized certification for protection officers. The CPO designation is a professional accreditation that can be earned by completing a self-paced course based on this textbook either through traditional correspondence or IFPO’s online platform. In addition to having security experience or the equivalent, a candidate must complete the following stages of progression to earn the CPO designation: 1. 2. 3.

Submit application for enrollment. Successfully complete a midterm examination. Successfully complete a supervised final examination. (A proctor may be located within the candidate’s organization or community.)

(Both examinations are based on the contents of this textbook.)

CERTIFIED PROTECTION OFFICER (CPO) FINAL CHALLENGE PROGRAM This book, The Professional Protection Officer: Practical Security Strategies and Emerging Trends, is also the text for the CPO Final Challenge program, which is the fast-track method of obtaining the CPO certification. The Final Challenge option eliminates the course of study and goes directly to the final exam, which is the same one that is part of the CPO program. Questions on the final exam come from the material in the textbook. Contact IFPO for more information regarding the CPO and/or other programs.

CONCLUSION The term protection officer frequently appears in this textbook. What is a protection officer?

Protection officers have many titles: security guard, security officer, campus police, loss prevention officer, crime prevention officer, retail loss prevention agent, military police, and several others. They can work part time or full time. They can be assigned to protect a person, a group of people, an office building, a network, a store or factory, and many other assets in many locations. Some are armed; some are unarmed. They can be employed as independent consultants, by a security services agency, by the military, by a state government, by the federal government, and by other organizations. The term “protection officer” is not easy to define. Titles vary, specific tasks vary, locations vary, employers vary, but the one thing that all protection officers have in common is that they are willing to take risks and put into place preventive measures to protect tangible assets, such as buildings, intangible assets, such as data, and of course, the public. They assume the risks so that others can go about their business and not have to worry about potential harm. This textbook is written as a useful reference for security supervisors, managers, and those who teach; but the primary beneficiary is the student or working protection officer. The editors of the Professional Protection Officer: Practical Security Strategies and Emerging Trends, Second Edition, are honored to work with so many academicians, researchers, and outstanding security professionals since the planning of the first edition. These talented authors are dedicated security professionals that have worked tirelessly in supporting, promoting, and contributing to IFPO and all of its worthwhile programs. “We could not have done it without you!” Sandi J. Davies and Lawrence J. Fennelly

C H A P T E R

1 Concepts and Evolution of Asset Protection and Security Jim Ellis, Christopher A. Hertig, Robert Metscher O U T L I N E Introduction

4

Safety

9

Asset Definition

5

Risk Management

9

Asset Valuation

5

Insurance

9

Threat

5

Commerce

9

Vulnerability

6

Law

10

Loss

6

Labor Relations

11

Risks Criticality Frequency Probability Impact

6 6 6 6 6

Fire Protection

11

The Cycle of History

12

Mitigation

7

Cost-Benefit Analysis

7

Asset Protection Layered Protection

7 7

Physical Security

8

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00001-8

Historical Development of Security Services 13

3

The Path to Professionalism

15

Contemporary Careers in Asset Protection

16

Professional Development Never Ends

17

References

17

Further Reading

18

# 2020 Elsevier Inc. All rights reserved.

4

1. CONCEPTS AND EVOLUTION OF ASSET PROTECTION AND SECURITY

CHAPTER OBJECTIVES • Define and explain valuation of an asset • List and define key terms • Provide an overall introduction to the concept of asset protection • Discuss the importance of looking at the cycle of history • Discuss fire protection in security • Describe the development of the security profession • Offer suggestions for pursuing contemporary careers in asset protection

INTRODUCTION Asset protection is the basis for everything that a protection officer does. It is the core function of the protection officer’s job. Asset protection can have different meanings and functions depending on who is responsible for establishing the boundaries of that role and function. Ultimately, asset protection is a function of organizational management, and as such security professionals are often expected to provide technical expertise in efficient and effective security risk management activities. The quality of the overall protection effort will depend on the organizational environment, assets, threats, vulnerabilities, and the organizational leadership commitment to managing those risks. Asset protection has been practiced for millennia, from protecting an ancient settlement with night sentries patrolling the perimeter, to securing valuables into a modern vault. The most visible and easily recognizable historical form of asset protection was the medieval castle. The castle was built to protect an asset, be it a royal or noble, and their economic means such as gold, from an attacking adversary. These fortifications passed through several phases of evolution, but

evolve they did as the threat adjusted to circumvent each new design countermeasure. Furthermore, these designs offer a quick visual representation of layered defenses from outermost obstacles to the innermost chambers of the keep. This evolution is a meaningful analogy to the evolution of security countermeasures found today in physical design and those of policies and procedures. Studying history is important as it offers us perspective on where things were, where they are now, and the opportunity to consider where they may be in the future. Historical analysis can provide insight into how certain issues were dealt with, and this may provide guidance for contemporary or future problem solving. By looking back, it is possible to use contemporary terms and concepts that have benefited from their own refinement from real-world tests to their effectiveness. History provides a laboratory for evaluating and potentially testing both theory and application. Security efforts are necessarily implemented moving forward in time, often in response to a negative circumstance or event, but it is always evaluated looking backward in time with hindsight. Consequently, past solutions developed in response to problems of the day may be examined for their positive and negative effects, and their potential role in creating or thwarting new concerns. For instance, the focus in information systems security to create complex passwords often causes users to write their password down to avoid forgetting it. This solution may have provided some level of improved network security, but it resulted in a practice reducing local network access control. Another example is exterior doors that default into a secure or locked state, but are routinely propped open by users, and sometimes left in that open state. Historical study offers the opportunity to observe patterns of cause and effect, draw analogies from those patterns, all with the possibility of identifying and eliminating a vulnerability before a threat exploits it.

I. FOUNDATIONS

5

THREAT

ASSET DEFINITION

ASSET VALUATION

Asset protection begins with defining what assets exist within the scope of the protective efforts. There may be one asset or many assets. An asset can be a person or people; a physical entity such as a building or plant; an object such a painting or a gold bar; or a concept such as a formula or design. The American Society for Industrial Security (ASIS) International Guideline: General Security Risk Assessment (2003) defines an asset as “Any real or personal property, tangible or intangible, that a company or individual owns that can be given or assigned a monetary value. Intangible property includes things such as goodwill, proprietary information, and related property. People are included as assets.” In the hierarchy of assets, people are most often placed first, or at the top, as their protection is of the highest priority. For further clarification of assets, here are four classifications of assets:

The asset must have some type of value. The value of the asset could be a real value, such as a gold bar being worth a set amount of money based on the weight of the bar and the current price of gold. The value of the asset could be based on what it would cost the company to replace. This is sometimes difficult to calculate when discussing specialty items such as the formula or recipe for a soft drink, or the patented design for a product, the loss of which could mean the end of a company. The most intangible valuation of an asset would be in what is referred to as “reputational damage”—the loss of the image of a company or consumer confidence in a company. Reputational damage can occur through major theft of customer information, a senior executive being injured or killed, or the brand name of a company being tainted through inferior “knock off” products. The loss of reputation is difficult to calculate because things such as unrealized sales are nearly impossible to determine. While it is not necessary to have the actual value of an asset on hand at any one time, the value of the asset must be known prior to the implementation of any protection program and reevaluated periodically thereafter.

1. People—employees, visitors, clients, patients, students. 2. Property—real estate, buildings, raw materials, equipment, merchandise. 3. Information—vital information that is necessary for an organization’s survival, such as employee and vendor lists, organizational plans, and other items without which the organization could not operate; confidential information such as patient records, personnel or student records; proprietary information such as trade secrets, customer lists, and marketing plans; classified information that is essential to national defense. 4. Image/Reputation—the image cultivated through years of public relations and advertising that an organization or individual (celebrity) has established. Customer goodwill is an asset. So, too, is a positive image that will not attract the ire of extremist groups or individuals.

THREAT Threats represent adverse effects on assets. Not all threats are security related, for instance, if a competing company introduces a new and better product to the market taking away sales they have created a market-based threat generally considered outside the scope of security. Security threats are the actions adversaries undertake that result in harm to the organization’s assets, outside the accepted scope of market or industry activity. Although these actions may not be crimes, or classified as crimes yet, they are most certainly unethical. Threats can be characterized by the

I. FOUNDATIONS

6

1. CONCEPTS AND EVOLUTION OF ASSET PROTECTION AND SECURITY

formula: Threat ¼ Capability  Intent. It is only when there is both an intention and a corresponding capability does a true threat exist.

VULNERABILITY Vulnerabilities represent exploitable weaknesses. Organizations often have a range of weaknesses that are either beyond exploitation, in all reasonableness, or offer so little return to an adversary as to place them well below the range of exploitation. Such ranges are subjective and relate to each adversary. An example may be an asset maintained in a sufficiently isolated location as to make the travel too onerous for the value of the asset.

LOSS Loss is the general term that includes the damage, destruction, degradation, injury, death, theft, disclosure of sensitive assets, or any outcome that results in a quantifiable reduction in the net value of an organization. This may be in the form of damaged physical assets, like production equipment or inventory, theft of funds, or impact to public reputation resulting in loss of confidence found in a drop in stock prices, finance rates, sales, or other customer patronage. One unusual example is the loss of donations to a not-for-profit enterprise when disinformation, or deliberately inaccurate information, is shared casting them in a negative light compared to other charities.

RISKS

Guideline: General Security Risk Assessment, “risks or threats are those incidents likely to occur at a site, either due to a history of such events or circumstances in the local environment” (ASIS International, 2003, p. 6). It is therefore important to have data on crime and incidents occurring in and around the site being examined. A vulnerability assessment will include a thorough examination of the facility, personnel, contents, materials, suppliers, and contractors, especially anything that by use or omission would damage, harm, or cause loss to the company or its personnel.

Frequency The frequency of losses must then be determined through an examination of the types of crimes and incidents in and around the facility, with special emphasis on the dates on which they occurred. A ranking of the events should be made using a consistent scale (annually, monthly, daily, or hourly) for all such loss events.

Probability Through an analysis of this information, trends may emerge which point to an escalation in activities that may precede a more serious crime against the company. This will help to establish the probability of such an event occurring in the future, assuming all other processes and operations at the facility remain the same. Once there is a change in the assets, the probability of loss will also change.

Impact

Criticality Once the asset and its value are defined, it is necessary to determine what risks there are to the asset. According to the ASIS International

Finally, a ranking of the impact of any loss on the company must be made. Impact is an accounting of the tangible (real) and intangible (unrealized) costs associated with such events. All such tangible losses should be considered,

I. FOUNDATIONS

7

ASSET PROTECTION

from the mundane, such as the loss of power or water service, up to and including the loss of the facility including its contents and a substantial portion of the employees. Intangible losses such as the loss of current or future sales or customers should also be accounted for to the extent that this is possible.

MITIGATION Only after the factors of risk or loss have been compiled and examined can the protection officer assist with developing strategies to help mitigate the risk. All of the mitigation efforts must be designed so as not to “substantially interfere with the operation of profitability of the enterprise” (ASIS International, 2003, p. 6). Mitigation efforts that do substantially impact operations are much less likely to see executive support regardless of the level of risk, as they also substantially impact the profitability of the company.

COST-BENEFIT ANALYSIS A cost-benefit analysis must also be conducted to help assist in evaluating the mitigation measures against the costs incurred. According to the ASIS International Guideline: General Security Risk Assessment, the cost-benefit process involves three steps: • Identification of all direct and indirect consequences of the expenditure. • Assignment of a monetary value to all costs and benefits resulting from the expenditure. • Discounting expected future costs and revenues accruing from the expenditure to express those costs and revenues in current monetary values (ASIS International, 2003, p. 4). If the cost-benefit evaluation determines that the cost of mitigating the risk is greater than the

cost of the asset, then other measures must be employed.

ASSET PROTECTION Layered Protection Asset protection through risk mitigation typically involves a concept of layered protection; also known as defense in depth. In this concept, the asset is considered to be in the center, surrounded by concentric layers of protection. Each layer contributes individually, and as part of the whole, to the overall protection of the asset. The principles behind layered protection consist of deterrence, detection, delay, and defense/ response. Each piece of the layered protection concept can work on its own. However, the most complete protection is afforded through combining all of the layers. Deterrence is the practice of discouraging an individual or group from even attempting to attack the asset. This can be accomplished through a number of means such as signage, fencing, lighting, cameras, or people. Signage at the perimeter of the enterprise property would warn trespassers of the property line and the penalty for proceeding further. Further enhancements to the signage could include the addition of fencing, lights, and cameras. In a personal protection role, the deterrence would appear to be provided by the ring of protection officers or specialists around a high-profile individual. In some rare circumstances, the illusion of additional layers of protection can be a better and more cost-effective deterrent. Detection is the identification of a threat, preferably at the earliest possible opportunity. Alarm sensors, cameras, and even protection officers are all means of detecting and identifying threats to the enterprise. A threat identified earlier in the asset protection process gives the remaining layers of protection more time to contribute to the overall protection of the asset.

I. FOUNDATIONS

8

1. CONCEPTS AND EVOLUTION OF ASSET PROTECTION AND SECURITY

Delaying the attacker also gives the other layers of defense a chance to work together. Sufficient layers of delay must be incorporated so that the detection and defense/response pieces of the asset protection continuum can perform their roles. Delay can be accomplished through an expansive perimeter that takes a while for the attacker to cross, fences that take time to climb, strong doors that must be breached, and interior levels of protection such as additional doors into rooms or a safe that takes even more time to enter. A sufficiently delayed attacker allows for a defense to be mounted from within the site to repel the attacker, or for a sufficient response to be put together and proceed to the site. However, the layers of protection must delay the attacker long enough so as to be able to stop him on the way to the asset, or on his way out with the asset, but before he leaves the property with the asset.

PHYSICAL SECURITY Physical security planning was originally based on response to a military threat. A traditional reference for physical security is FM 3-19.30 Physical Security (US Army, 2001), while a modern reference is the Facilities Physical Security Measures Guideline (ASIS Commission on Standards and Guidelines, 2009). The process used to plan physical security measures is as follows: 1. Identify assets. These generally include personnel, property, information, and image. 2. Loss events are exposed. Risks are identified. This involves research rather than “seat of the pants” reasoning! 3. Probability of occurrence of the loss events is calculated. 4. Impact of occurrence is assessed for each loss event. This means the effect the loss event will have in terms of direct, indirect, and extraexpense costs.

5. Countermeasures are selected. There can be a vast array of interventions; generally physical security utilizes target hardening techniques, such as patrols, access control, lighting, intrusion detection, surveillance, weapons detection, and so on. 6. Countermeasures are implemented. 7. Countermeasures are evaluated as to their effectiveness. Traditionally, this step has been avoided by practitioners in physical security and crime prevention. Patrol operations have been a fundamental part of many physical security systems. They serve as catalysts for the system, bringing all parts together. Patrols have been traditionally used by military forces to scout out the location and disposition of an enemy force. They are used today by police and security forces. While still endeavoring to locate hostile individuals (felons), modern police patrols are used to assess community environments. In a contemporary asset protection scheme, patrols are not only concerned with criminal acts but also with unauthorized activities, safety and fire protection issues, and the performance of auxiliary services. These can include delivering the company mail, checking gauges, conducting lighting surveys, assessing crowd and customer behavior, enforcing lease agreements, and assisting customers. Note that community policing or problem-oriented policing strategies that public police have adopted are very similar to those that security practitioners have been doing for decades. There are other methods for planning physical security efforts, some of which are the result of academic and practical research. Crime Prevention Through Environmental Design (CPTED) is one method that builds on reinforcing territoriality via barriers, access control, and surveillance, while supporting desired activities which, by their presence, discourage negative activities. In addition, the process works to establish orderly maintenance to further eliminate the rationalization of destructive

I. FOUNDATIONS

9

COMMERCE

behavior. Many of these concepts may be found in Jane Jacobs’s works The Death and Life of Great American Cities (1961), with the contemporary shaping of it for security through the writings of Oscar Newman Defensible Space: Crime Prevention Through Urban Design (1972) and C. Ray Jeffery Crime Prevention through Environmental Design (1971).

at least three strategies: risk acceptance, risk reduction, risk assignment or transfer. In short, risk may be accepted in full, reduced through intentional efforts, or transferred to another entity. While the latter is most commonly associated with insurance it can be through other methods like vendor relationships.

INSURANCE SAFETY Protection officers often are engaged in, or partnered with, the safety operations of an organization. While security may focus on intentional harm, safety relates to the confluence of systems or materials failures, human behavior, and environment conditions that result in injury, damage, or disruption. Safety efforts seek to prevent accidents and injuries through procedural design, ergonomics, effective maintenance, and the appropriate use of personal protection equipment (PPE). Accidents cost extensive amounts of direct loss (cost of replacement and repair) as well as indirect loss (downtime, investigative costs, lowered morale, legal fees, etc.) and extra-expense loss (advertising, rental of new rooms or equipment). Note that there are also extensive administrative law requirements under the Occupational Safety and Health Administration (OSHA) and state agencies with which organizations must comply. Safety is a major concern to organizations for all of these reasons.

RISK MANAGEMENT Risk management is a term closely associated with the insurance industry. It is conceptually similar to the physical security planning process in its implementation, but it deals with risks other than “security” threats caused by humans. There are different methodologies for describing risk management strategies. All of these incorporate

According to Purpura, loss prevention originated within the insurance industry (Purpura, 1991). Insurance companies issue policies based on event probabilities using actuarial math. Fee structures vary accordingly as each insurance firm is most often a for-profit enterprise. Various types of insurance coverage have evolved, with a few examples being: business interruption, kidnap & ransom (K&R), worker’s compensation, liability, fire, burglary, robbery, theft, fidelity bonds, and employment practices liability.

COMMERCE Commerce has a tremendous relationship to asset protection and private security. Commerce is the willing exchange of goods and services between a consumer and a provider. Parties on all sides of this relationship experience opportunities for losses that the security professional may be engaged to manage. Professional security personnel must understand the marketing of their employer’s goods and services in order for him or her to be effective. A retail loss prevention agent must understand that selling merchandise at a profit is traditionally the purpose of the store, not the apprehension of shoplifters and not necessarily preventing losses. Security efforts support their organization by identifying and managing internal loss opportunities, exploited by employees and contractors, and external loss opportunities, as well as monitoring for and anticipating future and potential

I. FOUNDATIONS

10

1. CONCEPTS AND EVOLUTION OF ASSET PROTECTION AND SECURITY

loss opportunities of all kinds. Generally speaking, criminals outpace the efforts of police and security professionals. With the emergence of the Internet, this has been called the “hacker syndrome” in that a hacker must only find one exploitable weakness available at one moment, while the target, and their security apparatus, must be prepared to counter all threats at all times.

LAW One of the earliest codifications of law in Western civilization is generally attributed to Hammurabi who served as king of Babylon from 1792 BC to 1750 BC. The Code of Hammurabi specified offenses and specific punishments. It is a complex code introducing requirements for transaction receipts, husbandry, town planning, commerce, divorce, regulations for certain occupations, and slavery (Bottero, 1973). Another significant development is the Magna Carta (“Great Charter”) of 1215 in England. The document specified the responsibilities of the state toward its subjects regarding individual rights, privileges, and security. The Magna Carta established the concept of due process. This means that everyone should be treated fairly and according to uniform procedures. It is a common basis for law and disciplinary procedures. Due process was incorporated into the Fifth Amendment of the US Constitution: “no person shall be deprived of life, liberty, or property without due process of law.” Perhaps most important, the Magna Carta implied that the king was not above the law. Protection professionals must be well versed in legal concepts. In many cases, security and safety professionals develop policies and procedures based on legal obligations. Protection managers are also occasionally asked to provide insight on general legal issues, while attorneys should always be consulted for advice and

guidance it is not always feasible to do so prior to taking action or establishing a policy. Protection officers and investigators must also make legal determinations during the course of their duties relating to legal standards surrounding privacy, property rights, and governmental mandates. Laws are authored in response to social changes in an effort to maintain order. Criminal law includes offenses such as trespassing, various types of thefts (retail theft, theft of trade secrets), vandalism, assault, burglary, robbery, rape, and so on. Operating environments dictate the criminal offenses most likely to be encountered by individuals and organizations. Civil law relates to the conduct between parties, individuals, and groups. This includes some parallels to criminal law, or torts, as found with the unwanted touching of others (civil battery vs criminal assault), and formal, contracted, interactions of two or more parties. Some of these that affect security professionals include contract security service, private investigative service, armored car service, alarm monitoring and response, labor contracts, and nondisclosure agreements. Civil law also covers negligence, a failure to exercise reasonable and due care, by doing something dangerous or failing to act, and is accepted as necessary for safety. One example may be not following a recognized standard. Negligence requires that a plaintiff (party bringing the action or suit) must show the existence of a duty, a failure to perform that duty, injury or harm occurring to a party to whom the duty was owed, the harm was reasonably foreseeable, and the harm was caused by the failure of the defendant to perform the duty (Hertig, Fennelly, & Tyska, 1998). Administrative or regulatory law is established to regulate technical aspects of society by agencies created through legislation. These agencies have the authority to create rules and regulations, investigate, and enforce compliance with those regulations. They also adjudicate violations, and mete out punishments. Consequently, these

I. FOUNDATIONS

11

FIRE PROTECTION

agencies are very powerful. Complying with their regulations is extremely important to avoid their administrative punishment, and also to avoid potential civil lawsuits as a result of not maintaining that standard. Some federal administrative agencies in the United States include the following: Occupational Safety and Health Administration (OSHA), National Labor Relations Board (NLRB), Environmental Protection Agency (EPA), Federal Aviation Administration (FAA), Nuclear Regulatory Commission (NRC), Federal Communications Commission (FCC), and Equal Employment Opportunity Commission (EEOC). Similar agencies also exist on the state level and in city or municipal governments establishing fire and building codes, alcoholic beverage and marijuana controls, among others.

LABOR RELATIONS Labor relations have played a very large role in the history of both policing and security in America. Organized labor brought together people of different ethnic groups under the umbrella of “labor.” It established numerous changes in the workplace, such as benefit plans for employees and the establishment of disciplinary procedures based on the concept of due process. While union membership is declining at present, many of the contemporary approaches to labor relations, physical security, contingency planning, and personnel security are a result of earlier labor issues. The history of “labor relations” in American society offers context to the development of both labor unions and control forces. “Labor relations” during “the mean years” of 1866–1937 (Calder, 1985) saw management employing such tactics as intimidating labor leaders and workers, deploying spies and “agent provocateurs” in unions, assaults with machine guns, and the importation of strike breakers (workers who replace those who are on strike), promoting interethnic

worker conflict. Considerable material is now available online regarding the many strikes, battles, and massacres that occurred around the country. In addition, some key legislation was enacted including the National Industrial Recovery Act, the National Labor Relations, or Wagner, Act, and the Taft-Hartley Act, to name a few. Of particular interest to enterprise security are the “Weingarten Rights” which provide similar protection for investigatory interviews within a union work environment as the Miranda Warnings do for law enforcement interviews. Today, there are specialized contract security firms that have strike security forces. These firms supply consulting and guard service to companies having labor difficulties. They generally employ persons with a military background and provide their personnel with training in labor law, crowd management, and so on. These specialized firms are able to manage volatile labor disputes with minimal harm to persons or property. Additionally, the collective bargaining rights of workers are upheld.

FIRE PROTECTION Fire protection is an issue that separates private security and asset protection from public law enforcement. Fire can destroy almost anything. It is a chemical process whereby heat, fuel, and oxygen combine in a chemical chain reaction to turn a solid or liquid into a gas. With adequate amounts of heat and oxygen, virtually anything can become fuel for a fire. Protection officers are frequently responsible for fire prevention duties including inspections, training, and possibly response. The threat of fire varies with the environment and perception of that threat also changes. Before the Civil War, fire insurance executives generally viewed fire as good for business (Purpura, 1991). Fires were similar to airplane crashes in that they were relatively improbable events that created

I. FOUNDATIONS

12

1. CONCEPTS AND EVOLUTION OF ASSET PROTECTION AND SECURITY

hysteria and spurred the purchase of insurance policies. Insurance companies made money on these policies until excessive fires—in heavily populated areas where buildings were constructed of wood—caused enormous amounts of claims to be paid. These “Great Fires” occurred around the world and destroyed large sections of many cities, such as the London, New York, Boston, Chicago, San Francisco, and Seattle. While these often spurred the passage of ordinances and regulation relating to building construction, it was in 1894 that the Underwriter’s Laboratories (UL) was formed and began independently testing materials, and in 1896 that the National Fire Protection Administration began developing standards for fire protection. These standards are used across industries and are the basis for many municipal fire codes. In 1948 the National Burglar and Fire Alarm Association (NBFAA) began offering membership, publications, seminars, and professional certification programs for alarm installers. The National Board of Fire Underwriters was merged with the American Insurance Association. This resulted in the development of the National Building Code for municipalities in 1965 (Purpura, 1991). Since then other such construction codes have emerged including the International Building Code in use in several countries and several US jurisdictions.

THE CYCLE OF HISTORY The security industry has a rich and largely unconsidered background. “Security” implies protection from intentional harm. This need dates back as far as the existences of predator and prey. It is not solely a human requirement, as both instinctive and intentional actions may be witnessed in nature as prey seeks to avoid predation. Security has evolved from avoiding and thwarting attacks by other species to threats that emerged within our societies. The range of potential threats has only grown over time. From physical attacks and network attacks,

through to sabotage, espionage, and fraud, the threat landscape continues to grow to match society’s complexity. While the security function can be found across organizations, public and private, throughout the world, the security industry has evolved to offer, or supplement, services to individuals and organizations seeking to avoid, mitigate, and respond to perceived and manifested threats. Organizations and individuals take measures to minimize disruption to their lives, and livelihood, or continued prosperity. The historical development of security, loss prevention, asset protection, and the sibling field of safety has moved from the merchant guard and soldier of ancient times to a complex industry and profession necessitating specialization. At the root of all of these specialties are those functions routinely carried out by protection officers. Private initiatives often precede public. In many cases, private protective measures are started to fill a void in services offered by governments. Private corporations are nimbler and more flexible than governments. This enables them to start new programs, protection or control forces, etc. There is a strong relationship between commerce and protective needs. The amount and type of commerce (ships, trains, Internet, and so on) determines the threats or risks posed to the commerce system. Protective efforts may be spawned by the need for mutual protection, such as merchant associations to address street crime, as well as the InfraGard formation to facilitate publicprivate partnership to protect against terrorism. Demographics—population size, density, age distribution, culture—plays a key role in crime control and safety. College students living in dormitories create another set of challenges. High-rise office buildings with business tenants have different protection needs than two-story apartment complexes for low-income families.

I. FOUNDATIONS

HISTORICAL DEVELOPMENT OF SECURITY SERVICES

Security efforts generally are a step behind the latest methods of criminal attack. Pareto’s distribution can be applied in that 20% of prudent security efforts will address 80% of threats, while the remaining top 20% of the threats will consume 80% of the security effort. It is often the evolving threats that fill that top group. Protective efforts are frequently initiated after serious incidents. Any threat exploiting a vulnerability with sufficient impact will likely draw a change in security efforts. This may be observed from the September 11, 2001, attacks on the Pentagon and World Trade Center, driving the Patriot Act and establishing the Transportation Security Administration, among others. The breach of Target Corporation using a vendor’s access resulted in changes to the Payment Card Industry-Digital Security Standard (PCI-DSS).

HISTORICAL DEVELOPMENT OF SECURITY SERVICES Security may be considered in the contexts of a role, a function, and a duty. It has evolved over time from intentional efforts to avoid predation, to efforts used to manage the threat of attack by others, to identifying inappropriate behavior within any social subdivision. This may be domestic issues on a national scale or those within an organization. Consequently, security may be found in discussions relating to military, domestic law enforcement, other public and private organizations, as well as in terms of individual protection throughout history. It has evolved alongside human civilization from intentional efforts to avoid predation to intentional efforts to manage threats posed by people. Ortmeier reveals that in prehistoric times, cave dwellers stacked rocks around perimeters in front of their caves to both mark the space and warn off intruders (Ortmeier, 1999). The first private security roles, in the form of estate or merchants guards, likely gained their

13

skills through military service and military defense practices were fundamental. Concepts such as defense-in-depth became common practice for protecting merchants, their property, and others willing to engage these services. Public policing finds its earliest roots with the domestic use of military forces to maintain order. For instance, order was maintained in ancient Rome by the Praetorian Guards, which was a military unit. There were also cohorts who kept peace. The vigiles were civilian freemen who controlled fires and assisted in controlling crime and disorder. It is interesting to note that urban mob violence would later be one reason why municipal police were formed in both England and the United States. In the early 19th century, London continued to have a large population with crime and disorder problems. As few organizational models were available at this time, the military model was adopted for the London Metropolitan Police (Ortmeier, 1999). What Robert Peel established in 1829 in London served as an organizational model for police and security departments. Peel set forth a series of principles upon which a police force could be established and administered. While his specific frame of reference was public law enforcement, the principles are also adaptable to uniformed private protection forces: 1. The police must be stable, efficient, and organized along military lines. 2. The police must be under government control. 3. The absence of crime will best prove the efficiency of police. 4. The distribution of crime news is absolutely essential. 5. The deployment of police strength both by time and by area is essential. 6. No quality is more indispensable to a police officer than a perfect command of temper; a quiet, determined manner has more effect than violent action.

I. FOUNDATIONS

14

1. CONCEPTS AND EVOLUTION OF ASSET PROTECTION AND SECURITY

7. Good appearance commands respect. 8. The securing and training of proper persons is at the root of efficiency. 9. Public security demands that every police officer be given a number. 10. Police headquarters should be centrally located. 11. Police officers should be hired on a probationary basis. 12. Police records are necessary to the correct distribution of police strength. In the mid-19th century, major American cities began to develop police departments. These forces evolved out of earlier night watch systems relying on volunteers or civilians. Some of these forces only operated at night, and they were no longer effective at controlling crime in burgeoning urban environments. Organized, paid, full-time police operating under the principles established by Robert Peel began to take shape. State police forces also developed. The Pennsylvania State Police is generally regarded as the first modern state police department. While Texas and Massachusetts had state police forces too, these were vastly different from the organizations we think of today as “state police.” The Pennsylvania State Police has full law enforcement authority. In some states, there are separate highway patrol forces that specialize in traffic law enforcement. It is commonly asserted that the modern private security industry grew out of wartime efforts of World War II. However, with each war, governments often seek improved security to thwart saboteurs and spies, and with domestic prosperity citizens often desire protection for themselves and their property from miscreants. An example of the former includes the use of Pinkerton agents for presidential security during the American Civil War, or the explosion at Black Tom Island, a munitions storage facility in New Jersey, set off by a German saboteur in July 1916 that resulted in increased War Department security measures.

During World War II the US Department of War established an internal security division and swore in 200,000 security officers as military police auxiliary. Security services or contract security agencies have played a large role in both public and private protection. Outsourcing or contracting for security makes economic sense. Flat hourly rates are charged and clients do not have to worry about benefit costs and associated human resource management issues. The client can hire as many personnel as desired for as long as desired. This provides for flexibility in protection. Additionally, contract service firms may have specialized expertise that the client does not. Security services are growing and will likely continue to do so. In addition to traditional “guard services” there are patrol services, alarm monitoring and response services, armored car services, personal protection or close protection specialists, undercover investigators, retail security or loss prevention agents, private investigation, and security intelligence analysts to name a few. Outsourced services permit a principal or organization an opportunity to control costs while receiving the benefits of flexible staffing levels and skills sets. Pinkerton, a Scottish immigrant, became involved in investigation by accident. While searching for wood to make barrels, the young copper discovered a gang of counterfeiters. Pinkerton established the largest protective and investigative agency in the world with branch offices in many countries. By the mid-1990s, Pinkerton had 250 offices worldwide with over 50,000 employees (Mackay, 1996). Pinkerton had extensive centralized records, a code of ethics, used undercover investigation, employed the first female detective (Kate Warne—60 years before the first female police officer), and used wanted posters. Pinkerton has been credited with being the first to start a security service; in actuality there were other services started before him, but none have become as well-known as his was.

I. FOUNDATIONS

THE PATH TO PROFESSIONALISM

In 1858 Edwin Holmes started the first “central office” for alarm monitoring and response. Today a “central alarm station” or “central station,” including both proprietary and contracted facilities, may monitor alarms, access control systems and surveillance cameras, and initiate or summon the appropriate response service. Other notable events in the early formation of the security industry include American District Telegraph (ADT), which was founded in 1874 and became the largest alarm company in the world; Brinks Armored, founded in 1891, became the largest armored car company in the world; William J. Burns founded the Burns Detective Agency in 1909, Burns was known for his ability to use evidence collection at the scene of a crime to capture suspects.

THE PATH TO PROFESSIONALISM There have been some significant developments along the path toward professionalism for the security industry: 1952—The Industrial Security Manual was published in 1952. This was considered the “Bible” of the Department of Defense (DOD) contractor security procedures. It established information protection, personnel security, and physical security measures for DOD contractors. Since the United States was in a wartime economy until about 1975, there was heavy activity in this sector. Many security personnel worked in “industrial security.” 1955—The American Society for Industrial Security was formed in Washington, DC. ASIS consisted of security directors for DOD contractor firms. Over the passage of time, ASIS International has grown to tens of thousands of members in over 100 countries. Members have a diverse range of positions within private industry, law enforcement, government, security service, and supply firms. ASIS has numerous councils on such topics as health care, retail, campus, banking, economic crime, commercial

15

real estate, gaming and wagering protection, and so on. 1971—The Rand Report on Private Police in America—This was a private research study by the Rand Corporation. It was important as the security industry had not been studied. The Rand Report found that the security industry was large, growing, and unregulated. The average security officer was an aging white male with a limited education who was usually untrained and who worked many hours to make ends meet. The Rand Report was useful as a reference point for the Report of the Task Force on Private Security in 1975. 1975—The Report of the Task Force on Private Security conducted by the National Advisory Committee on Criminal Justice Standards and Goals was published in 1976. The committee found a lack of training, regulation, and job descriptions within the security industry. The report advocated minimum training standards; these have been used as guides by some states in setting up mandated training and licensing requirements. 1977—Certified Protection Professional (CPP) Program was established by ASIS. First envisioned during the 1950s, the CPP program acknowledged that managers must be competent in a variety of generic subjects such as physical security, personnel security, legal aspects, management, investigations, and so on. There have been thousands of persons designated as CPPs around the world. The CPP program has become an important credential for management level personnel. 1985—The Private Security and Police in America: The Hallcrest Report was published. This report was written by Hallcrest Systems under funding from the Department of Justice. The report studied the contributions of police and security to control crime as well as the relationship between the public and private sector. 1988—International Foundation for Protection Officers (IFPO)—formed to upgrade the professional status of public and private

I. FOUNDATIONS

16

1. CONCEPTS AND EVOLUTION OF ASSET PROTECTION AND SECURITY

protection officers. IFPO has membership, publications, and Article Archives on their website, and several professional certification programs. Over 85,000 people worldwide have become Certified Protection Officers (CPOs). There is also a Certified Security Supervision and Management (CSSM) designation. Over 4350 people have attained this designation. 1988—The Association of Certified Fraud Examiners (ACFE) was started. Today, the ACFE has in excess of 85,000 members worldwide. Certified fraud examiners (CFEs) are employed by a host of public and private entities including district attorney’s offices, federal investigative agencies, state police, corporate security departments, private investigative firms, and accounting firms. Fraud is a concern in virtually all environments. CFEs must have experience in fraud investigation and pass an examination on Criminology and Ethics, Fraudulent Financial Transactions, Fraud Investigation, and Legal Elements of Fraud.

CONTEMPORARY CAREERS IN ASSET PROTECTION There are numerous career fields open to people seeking a challenging and rewarding career in asset protection. Every organization employs some type of protective measures. Many—if not most—have security personnel. A sampling of positions available and functions they perform is outlined below. Fixed posts: Many protection officers work at fixed posts. These may include baggage screening at airports, vehicle gates at manufacturing facilities, emergency rooms in hospitals, access control points at concerts, in museums, or in the lobbies of high-rise buildings. Patrol officer: A patrol officer must be able to observe and report discrepancies in the protected environment. They must collect intelligence on changes, unusual situations, or suspicious persons. Patrol officers must be adept

at interacting with the public in the environment, be that visitors, employees, students, patients, or guests. Patrol officers must effectively maintain compliance with organizational policies. In doing so, they must know the rules of the facility as well as legal issues relating to privacy, search and seizure, property rights, and the rights of employees. Patrol officers must also be able to respond to problems that may occur, such as slippery walkways, blocked emergency exits, hazardous material spills, fires, fights, or crimes in progress. Obviously, patrol officers need a variety of skill sets. They must be competent in many things. Retail loss prevention agent positions are available with many large retailers and contract security firms. These jobs offer persons the ability to learn valuable investigative skills, such as surveillance and interrogation. Openings are readily available and retailers often accept part-time employees. There are extensive opportunities for advancement within retail security. Central alarm station operator/dispatcher: Security officers in many environments will act as dispatchers or central alarm station operators. They will monitor alarm panels, network video systems, and electronic access control systems. As technology expands, so does the job of the central alarm station operator. These central alarm stations may be either proprietary or contract. In a proprietary “in-house” setting, central alarm stations evolve over time. Auditor/investigator: Auditors check on things such as financial records (financial audits) or procedures to determine whether specific activities conform with an established expectation. Audits seek to uncover deviations from procedure, errors, or criminal behavior (Purpura, 2002). A deviation from a procedure might be documenting something that the writer did not verify occurred, such as taking a shortcut. Audits may also uncover errors such as mistakes made in pricing merchandise or forgetting to record required information. Criminal behavior may include falsifying employee attendance

I. FOUNDATIONS

REFERENCES

records or removing raw materials from the workplace. Audits may start investigations or investigations may launch audits to see the scope of the problem. Audits may detect loss stemming from waste, error, crime, or unethical/unprofessional practices. Private investigators work for companies, individuals, or governments on a fee basis. They contract out to perform various types of investigative activity. Such services may span the spectrum of investigations, both criminal and civil, as permitted by law. This includes efforts to identify workplace theft, sabotage, and drug abuse, among other inappropriate activities. They may use methods such as surveillance of suspected employees, forensic accounting, questioned document analysis, and interviews and interrogations, among other specialties. Specialized security functions require K-9 handlers, crowd management specialists and security personnel to work at areas such as concerts in arenas, for employee strikes, and monitor drone surveillance. Information technology (IT) security has developed into a mature field of security. Specialties include such skillsets as perimeter defense management, incident management, data loss prevention, and forensic analysis to name a few. Penetration testing, red teams, and security researchers are a unique subset of the security industry and operate across the physical security and information technology realms. In their roles their services include attempting to compromise organizational security for specific objectives. For instance, they may be engaged to determine whether an access control system may be compromised making unauthorized access possible (or easy), or to test network security as it relates to all or some aspect of network and data access. Security researchers similarly test equipment and system components for vulnerabilities. Their efforts serve to avoid embarrassment by the security practitioner who may deploy a technology with an unexpected exploit negating the value of that tool.

17

PROFESSIONAL DEVELOPMENT NEVER ENDS “The only constant is change,” a quote often attributed to Heraclitus, offers insight into the demands placed upon the security industry. Changes and progress in technology, markets, population, and nearly every facet of society carry with them an impact on security. It is only through continual vigilance and a discipline of learning that permits the security professional to evolve and remain relevant. To this end educational opportunities are available both online and in traditional classroom programs. The Internet has created a wide range of professional development pathways, both formal and informal. The informal options include free resources such as blogs, vlogs, podcasts, and unvetted online courses. Such video platforms as YouTube offer free videos presented by both amateurs and professionals on a range of security topics. Formal development such as college programs, professional seminars, and online learning are offered by a wide range of organizations. IFPO offers one such portal to continued development. Attendance at seminars sponsored by professional organizations offers the added opportunity to network with peers, as do a range of groups found through social media.

References ASIS Commission on Standards and Guidelines ASIS International. (2003). General security risk assessment guideline. Alexandria, VA: ASIS International. ASIS Commission on Standards and Guidelines. (2009). Facilities physical security measures guideline. Alexandria, VA: ASIS International. Bottero, J. (1973). The first law code. In S. G. F. Brandon (Ed.), Milestones of history: Ancient empires. New York, NY: Newsweek Books. Calder, J. D. (1985). Industrial guards in the nineteenth and twentieth centuries: The mean years. Journal of Security Administration, 8(2). Hertig, C. A., Fennelly, L. J., & Tyska, L. A. (1998). Civil liability for security personnel. Naples, FL: International Foundation for Protection Officers.

I. FOUNDATIONS

18

1. CONCEPTS AND EVOLUTION OF ASSET PROTECTION AND SECURITY

Jacobs, J. (1961). The Death and Life of Great American Cities. New York, NY: Random House. Jeffery, C. R. (1971). Crime prevention through environmental design. Beverly Hills, CA: Sage Publications. Mackay, J. (1996). Allan Pinkerton: The first private eye. New York, NY: John Wiley & Sons. Newman, O. (1972). Defensible space: Crime prevention through urban design. New York, NY: Macmillan. Ortmeier, P. J. (1999). Public safety and private security administration. Woburn, MA: Butterworth-Heinemann. Purpura, P. P. (1991). Security and loss prevention: An introduction. Boston, MA: Butterworth-Heinemann Ltd. Purpura, P. P. (2002). Security and loss prevention: An introduction. Stoneham, MA: Butterworth-Heinemann. US Army. FM 3-19.30 Physical security. (2001, January 8). Retrieved September 1, 2019, from https://archive.org/ stream/milmanual-fm-3-19.30-physicalsecurity/fm_319.30_physical_security_djvu.txt.

Further Reading Biery, K. D., Jr., & Schaub, J. L. (1994). The ultimate security survey. Boston, MA: Butterworth-Heinemann. Broder, J. F. (1984). Risk analysis and the security survey. Boston, MA: Butterworth-Heinemann. Coleman, J. W. (1969). The Molly Maguire riots: Industrial conflict in the Pennsylvania coal region. New York, NY: Arno & The New York Times. Constable, G. (Ed.), (1990). The Old West. New York, NY: Time-Life Books. Cote, A., & Bugbee, P. (1988). Principles of fire protection. Quincy, MA: National Fire Protection Association. Fennelly, L. J. (1989). Handbook of loss prevention and crime prevention (2nd ed.). Boston, MA: Butterworths. Fiems, R., & Hertig, C. (2001). Protection officer guidebook. Naples, FL: International Foundation for Protection Officers.

Fossum, J. (1982). Labor relations: Development, structure, process. Dallas, TX: Business Publications, Inc. Gage, B. (2009). The day Wall Street exploded: A story of America in its first age of terror. New York, NY: Oxford University Press. Garcia, M. L. (2001). The design and evaluation of physical protection systems. Boston, MA: Butterworth-Heinemann. Gilbride, B. P. (1999). Sexual harassment. In S. J. Davies & R. R. Minion (Eds.), Security supervision: Theory and practice of asset protection. Woburn, MA: ButterworthHeinemann. Girard, C. M. (1989). Planning, management and evaluation. In L. J. Fennelly (Ed.), Handbook of loss prevention and crime prevention. (2nd ed.). Boston, MA: Butterworths. Green, G. (1987). Revised by Fischer, R. J. Introduction to security (4th ed.). Boston, MA: Butterworths Hertig, C. A. (2002). Investigative concepts. Unpublished paper. York College of Pennsylvania. Johnson, T. (2002). Retail loss prevention management models. Unpublished paper. York College of Pennsylvania. Kuykendall, J. (1986). The municipal police detective: An historical analysis. Criminology, 24(1). Maggio, E. J. (2009). Private security in the 21st century: Concepts and applications. Sudbury, MA: Jones & Bartlett. Matthews, L. J. (1990). Pioneers and trailblazers: Adventures of the Old West. New York, NY: Derrydale. Nalla, M., & Newman, G. (1990). A primer in private security. Albany, NY: Harrow & Heston. National Advisory Committee on Criminal Justice Standards and Goals. (1976). Report of the task force on private security, Washington, DC. National Fire Protection Association, http://www.nfpa.org. Peak, K. J. (1997). Policing in America: Methods, issues, challenges. Upper Saddle River, NJ: Prentice-Hall. Sennewald, C. A. (1985). Effective security management (2nd ed.). Boston, MA: Butterworth. Velke, J. A. (2004). The true story of the Baldwin-Felts Detective Agency. USA: John Velke.

I. FOUNDATIONS

C H A P T E R

2 Role of the Professional Protection Officer Christopher A. Hertig, Kevin E. Palacios O U T L I N E Introduction

19

Response Functions

28

Definition of a Protection Officer

20

Basic Physical Security Officer

28

Levels of Protection Staff

21

Certified Protection Officer

28

Major Roles of a Professional Protection Officer What It Means to Be a Professional What Needs to Be Protected? The “How” of Protection

21 24 25 25

Certified in Security Supervision and Management

29

Core Functions

27

Emerging Trends Need for Standardization Training and Certification

29 29 30

Preventative Functions

27

Summary

31

Mitigation Functions

27

References

31

Verification Functions

28

Resources

31

INTRODUCTION

CHAPTER OBJECTIVES • Provide definition of a protection officer • Explain levels of protection staff • Look at the major roles of protection officers

Life is all about taking risks, and so is business. If businesses were to decide not to take any risks, chances are that they would end up losing more than what they wanted to protect in the first place. Speculative risks allow us to grow and— if in a profit-making organization—gain wealth. Inherent risks where there is no potential for gain (loss events) must be managed. As we move forward in life (and business), the risks we must take

• Discuss the core functions of the protection officer • Explore prevention, mitigation, and response functions

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00002-X

19

# 2020 Elsevier Inc. All rights reserved.

20

2. ROLE OF THE PROFESSIONAL PROTECTION OFFICER

grow bigger and bigger. Every organization needs people to address those inevitable issues … risks.

DEFINITION OF A PROTECTION OFFICER A professional protection officer, a person whose primary job function is to control the effect of uncertainty on organizational objectives (International Organization for Standardization [ISO], 2018), is the most valuable—but often overlooked—member of a system dedicated to maximizing benefits through loss control. The protection officer is dedicated to protecting the interests of organizations, individuals, or various members of the public (customers, visitors, patients, the public, etc.). A protection officer’s work is to give everyone peace of mind. The officers focus on safety and security so that others could concentrate on their own primary concerns. Although employees need to focus on their work, students in a school are there to learn, visitors are there to conduct whatever business they have in a facility (distribution center, library, park, etc.), and customers in a retail store are there to have an enjoyable shopping experience. At the same time each of these groups must have a healthy concern for their own safety and security and/or have a protection officer to perform this task for them. The certainty that “someone is protecting us” allows people and organizations to function.

The professional career path of a protection officer might take him through the operational level: Basic Physical Security Officer (BPSO); the supervisory level: Certified Security Officer (CPO); and management level: Certified in Security Supervision and Management (CSSM) (International Foundation for Protection Officers [IFPO], 2014). The change in the level and job title represents the addition of responsibilities, but the core of

the job description remains the same. A person who chooses a career path in safety or security will never stop being a protection officer. They will never cease to protect the people, information, assets, reputation, and the environment surrounding an organization. Protection officers may be civilian or military, sworn or unsworn. They may not have any arrest authority beyond that of a regular citizen. In other cases, they may have some type of police commission with specific arrest authority: they may arrest for certain offenses and/or within a specific area. They may be members of a law enforcement organization whose job assignment is protecting a public figure, coordinating crime prevention activities, or guarding government buildings. Job titles vary considerably; a basic physical security officer may be referred to in different ways. While the more common titles are “security officer,” “security guard,” or “retail loss prevention agent,” some protection officers may have the title of “police officer,” “campus police officer,” “special officer,” “crime prevention coordinator,” “loss prevention officer,” “deputy sheriff,” “military policeman,” and so on. (In many states these titles are controlled by state law—the state statutes should be reviewed in each state to determine the words you may or may not use.) The protection officer could have full-time, part-time, or occasional employment. Part-time security work is very common in some areas. Part-time personnel largely staff many security service firms. Amusement parks open during the summer may employ a large seasonal staff during the busy season. A small core of permanent supervisory and management level officers may manage the security department. It is not unusual for police officers to work occasional security details. This may be while they are on official police duty or may be while off-duty for a private employer. Security service firms that provide protection during special events may use a combination of regular staff, part-time probation officers, and a few off-duty

I. FOUNDATIONS

MAJOR ROLES OF A PROFESSIONAL PROTECTION OFFICER

police. Sometimes persons in the military are assigned to security work temporarily within the armed forces. In other cases, they work for a civilian employer as a security officer or retail loss prevention agent. The key is that the person’s major focus is on protection of others, tangible assets such as property, or intangible assets such as information or reputation. Legal authority or job title is not the determinant of what a “protection officer” is.

LEVELS OF PROTECTION STAFF A general framework for the design of security functions within an organization is as follows: 1. Non-Protection Employees. They need basic information about self-protection and some method to report hazards and threats. 2. Basic Physical Security Officer (BPSO). Includes everyone from the protection team who must follow simple orders, look after activities carried out by non-protection employees, and work in a low- to mid-threat environment. Basic level officers don’t need any previous experience and might (or might not) need operational—basic level—specialized skills. This person needs a basic training, enough to cover foreseeable situations he or she might encounter. Entry level and professional security officer programs are available through IFPO’s partner Smart Horizons (https://www.smarthorizons.org/sots/). Job examples include uniformed officers, doormen, and patrol officers, to name a few. 3. Certified Protection Officer (CPO). The intermediate level includes everyone who must follow more complex orders, look after processes carried out by protection and nonprotection employees, works in a mid- to high-threat environment, and needs previous experience and specialized skills. This person needs a complete understanding of the various unexpected

21

situations he might encounter. Therefore, training must be very complete. They should complete the CPO certification (https://www.ifpo.org/ training/cpo/) and employer training. Examples include shift leaders, group heads, personal protection specialists, retail loss prevention officers, radio operators, central alarm station monitors, contract security in high-threat zones, and so on. 4. Certified in Security Supervision and Management (CSSM). This advanced level includes everyone who gives orders and makes decisions regarding personnel. This person must understand how the full entity (organization) works, people management, leadership, and motivation. This is a line supervision or mid-level management position. This individual must have met all CPO certification requirements in addition to the educational and experience level of individuals who have been designated CSSM (IFPO, 2013). Examples include security supervisors, asset protection team leaders, and so on.

MAJOR ROLES OF A PROFESSIONAL PROTECTION OFFICER There are several major roles that protection officers fulfill. 1. 2. 3. 4.

Management representative. Intelligence agent. Compliance or enforcement agent. Legal consultant.

Management representative—the officer acts as an agent, a representative of management to employees, visitors, and others. This is where the officer is concerned with representing the philosophies of management (employer or client). To do this effectively, they

I. FOUNDATIONS

22

2. ROLE OF THE PROFESSIONAL PROTECTION OFFICER

must thoroughly understand the mission statement of the organization. They need to know what the policies are and the underlying philosophy behind them. The major emphasis in the management representative role is on positive relations with the various members of public with which security departments deal (employees, customers, visitors, patients, vendors, local law enforcement officers, etc.). A solid background in public and customer relations is a necessity. So, too, is diplomacy when dealing with other departments, external agencies, and so on. Another aspect of this role is educational. Security officers may be very active in educating employees, visitors, students, guests, patients, and so on about safe practices. As the officers grow professionally, they may become increasingly involved in educational efforts. As the security industry becomes more complex, requiring the protection of more intangible assets, this educational role will become more common. Intelligence agent—in this role the officer collects information for management. The officer must understand what information is pertinent. They cannot pry into areas that are not managerial concerns related to loss. At the same time, they must be effective at gaining critical loss-related information. While application of the Waste, Accident, Error, Crime, and Unethical Practices (WAECUP) model is useful, another point to remember is that large problems start as small ones. Issues such as terrorism, crimes, safety hazards, environmental hazards, data loss, major embarrassments, and so on generally begin as unusual or outof-the-ordinary situations. From there, they mushroom into serious problems. An old safety concept is that there is often “a leak before a break.” In other words, a major problem starts out as a small issue. A crack in a wall or floor may mean significant structural damage. It may also indicate extensive erosion of soil underneath the

building. It is a small crack, but it may indicate much larger problems. When investigating crime or misconduct, the principle of expansive significance is important to remember. “Minor is major.” Minor criminal issues often turn out to be of major significance once they are fully investigated. Major crime problems are resolved through combating minor criminal behavior. The same is true of employee misconduct; it often turns out to be more extensive than it initially appeared. In short, professional protection officers must collect intelligence on changes in the environment, unusual situations, or suspicious persons. Most, but by no means all, of the intelligence agent’s role is performed while the officer is on patrol. Officers on patrol should always do the following: 1. Look up—see if there are any pipes leaking or water coming from another floor. Check for items improperly stacked. Look for problems with the ceiling or roof. 2. Look down—look for problems in footing. Look for spills on the floor from soft drinks, bottles of liquid detergent, liquid from pipes, or storage tanks. Look for ice or snow. Look for carpet that is not properly fastened down. Look for tripping hazards such as items left on the floor. 3. Look around—check for equipment and machinery that are not turned on or off when they are supposed to be. Verify that all trash collection points are properly maintained. Trash can become a safety or fire hazard. It may also indicate attempts at theft where an employee discards something for later retrieval. It may also indicate things being thrown out that should not be. 4. What-If? Game—whether on patrol or on fixed post, officers should always play the “What-If? Game.” This is also known as “constructive daydreaming” or “mental rehearsal.” It is simply a process where

I. FOUNDATIONS

MAJOR ROLES OF A PROFESSIONAL PROTECTION OFFICER

officers construct scenarios and review how they would be handled. This could be crime, terrorism, emergency or crisis management concerns, and so on. Safety issues may include slip and falls, structural collapse, persons tripping, or the onset of medical problems (diabetic shock, heat stroke, seizures, heart attacks, etc.). Playing the “What-If? Game” helps prepare the officer for response to the event as if they have seen it before. It also aids in uncovering unforeseen loss events/scenarios. This is part of the ongoing risk assessment that protection staff perform daily. Note that significant issues should be documented. Preferably this documentation is reinforced by personal communication with the appropriate supervisory personnel. Obviously, proficiency in human and public relations is important to fulfilling the role effectively. Most information comes from people. Officers who are approachable learn more about what is going on in the environment they are protecting. Officers must be approachable, but they cannot use the workplace as their social network. They must exhibit interest in people and processes without getting personally, romantically, or financially involved. Professional protection officers engage in short, productive interactions with people. They make every conversation an interview. Enforcement or compliance agent—this is where the officer enforces the rules of the environment. He or she gains compliance with the rules. The officer must know the rules to be enforced. He or she must be thoroughly conversant with them. The officer modifies and manages human behavior so that the rules established by management are followed. Sometimes the term “enforcement agent” is too strong, too law enforcement-oriented to work in a security setting such as a hotel, resort, or office complex. Protection officers must be

23

acutely aware of the cultural expectations of their work environment. They must understand the “territory.” In some cases, they will have to guide and direct; in most they will be more like “compliance ambassadors.” Most people simply need to be reminded about what the rules are. Diplomacy and tact are the most frequently used tools of professional protection officers. There are two major aspects to enforcement: 1. Procedural—The “what” of enforcement. The officer must know what to enforce. This includes all rules and procedures. The officer must know what the rules are and review them regularly. Job knowledge in this area is a prerequisite to success. Note that in many instances the confidence displayed by a knowledgeable officer goes a long way toward convincing people to listen to them. 2. Interpersonal—The “how” of enforcement. This entails interpersonal skills and communications. Using the proper words, articulating clearly, and speaking at the proper volume and tone are crucial to effective communication. The remainder of human communication— about two-thirds—is nonverbal. Posture, appearance, and gestures come into play here. Legal consultant—in this role the officer knows the relevant legal standard and applies it. The officer makes legal assessments. These assessments relate to a variety of issues: privacy, search and seizure, property rights, compliance with administrative laws, and so on. A related compliance concern is making sure that all organizational rules are being enforced. These rules often originate from professional standards or guidelines. They may also be in place due to insurance company requirements. Contemporary protection officers are facing increased demands in this area. The role of “legal consultant” is becoming more important. It is also becoming increasingly complex.

I. FOUNDATIONS

24

2. ROLE OF THE PROFESSIONAL PROTECTION OFFICER

Astute security professionals will learn all that they can about laws, standards, and guidelines. They will keep abreast of them and be able to apply them: knowing a regulation is the first step but understanding how to interpret it and apply it to a specific environment is what is really needed. Personnel knowledgeable about laws, standards, and guidelines are in demand. Those who wish to move up into leadership roles will jump at every opportunity to learn about the interpretation and application of regulations, standards, and guidelines.

What It Means to Be a Professional A professional protection officer distinguishes him- or herself by dedication and commitment. They are not simply performing a job to receive compensation. They are instead dedicated to serving their employers, clients, and the community. Because of their commitment, they stand out from others who may share their same job title and pay grade. They have achieved professional status, a few aspects of which are as follows: • Follows a code of ethics. The International Foundation for Protection Officers’ (IFPO’s) code of ethics is presented in this book. Each item in the code contains a key aspect of professionalism. • Shares a common history with his colleagues. A glimpse of the professional history shared with other protection officers is displayed in various chapters throughout this book. A common history creates a bond between officers. • Supports and works with colleagues. A professional protection officer respects and works with others. Officers analyze various problems and help each other address them. Effecting and maintaining productive relationships with colleagues are very important. • Owns a common body of knowledge. The different chapters of this book cover the varied aspects that a contemporary

protection officer must master to succeed in an ever-changing world. Professional protection officers have a foundation of professional knowledge in topics such as physical security, investigation, crisis management, safety, and so on. • Makes his or her own decisions. Uses discretionary judgment to solve problems. Figures out how to address certain situations and takes the appropriate action. While an entry-level police or security officer must abide by their employer or client’s directions, they do act independently. • Is loss conscious. Professional protection officers look for hazards—constantly. Officers continually ponder the consequences of loss events (fires, accidents, terrorist attacks, errors, etc.). They think in terms of the impact of occurrence. This separates them from practitioners in other disciplines. A professional can’t just be appointed. A professional is a person who has accepted his responsibility and embraces it with pride. Professionals have a positive outlook. Professionals know their limits but are always looking to expand them. They learn and grow from experience, training, and education. Growth is an ongoing process; it never stops. One does not “be” a professional protection officer. One must “become” a professional protection officer.

To accomplish his duties, the protection officer must also be competent; this means that the officer must have the proper balance of knowledge, skills, and attitude (Fig. 2.1). Continuous professional development through education, training, and experience is necessary to become competent. Education gives you knowledge; training provides a means of developing skills. Experience expands upon and refines those skills and helps to develop one’s abilities. Attitude ties knowledge, skills, and abilities together.

I. FOUNDATIONS

MAJOR ROLES OF A PROFESSIONAL PROTECTION OFFICER

FIG. 2.1

25

loss control functions to coordinate enterprisewide risk management identified as the health, safety, security, environment, and quality (HSSEQ) process. The basic role of all protection officers is to prevent, mitigate, and respond to intentionally created loss event occurrences as well as accidental incidents. Of course, while fulfilling ever broader duties, the protection officer must always prioritize his attention to the most critical resources to be protected. These are (in order of priority) as follows:

Competency balance.

A professional protection officer must also demand the authority and tools needed to accomplish his roles and responsibilities in assets protection.

What Needs to Be Protected? Protection officers are the employees or the agents of property owners and managers. These can be the employer of the officer or the client of the officer’s employer in the case of a security service firm. As agents, officers act in the interest of the owners, shareholders and top management. They also represent owners and managers of their organizations in several different ways. Every decision a protection officer makes reflects on the organization he represents. A common example is that patrol officers are often the only people on the premises during evenings and weekends. Some people have referred to this as the security officer being the “after hours Chairman of the Board.” In a managerial position, the protection officer might have a specific role in part of a loss control process, or a much broader enterprise security risk management (ESRM) role. The concept of loss control goes way beyond physical and logical security. A future trend is to expand

• PEOPLE. Employees, agents, third-party workers, customers, visitors. • INFORMATION. Physical and digital records, proprietary info, other information to maintain confidentiality, integrity, and availability. • ASSETS. Those that the organization owns, manages, maintains, controls, or is responsible for (facilities, goods, and assets of monetary value). • REPUTATION. Hard-earned public image; everything that contributes to the desired positioning of the organization. • ENVIRONMENT. Surrounding the organization, natural, community, stakeholders’ interests, social responsibility.

The “How” of Protection A protection officer performs different tasks, at three different levels of responsibility, mostly related to educational, experience, and even professional certification level: • STRATEGIC: Of great importance within an integrated whole or to a planned effect—performed by a security professional CSSM. • OPERATIONAL: Ready for, or in condition to, undertake a destined function— performed by a CPO.

I. FOUNDATIONS

26

2. ROLE OF THE PROFESSIONAL PROTECTION OFFICER

• OPERATIVE: Having to do with physical operations—performed by a basic physical security officer. Each of the three levels has distinct roles assigned to them ranging from specific tasks to protecting corporate objectives. A protection officer’s responsibility would be to work a post

during a given shift, all the way to overseeing the security at entry level; also, different standards, rules, and internal regulations are applicable and serve as guidance to protection officers. A complete relation of roles, responsibility, and guidance is summarized in Table 2.1.

TABLE 2.1 Strategic, Operational, and Operative Roles Strategic CSSM

Role

Responsibility

Guidance

Scope

Protect corporate objectives from uncertainty

An entity consisting of several locations/processes

Corporate objectives

Plan

Interpretation of the entities’ strategic plan into a security department plan and corporate security procedures

Different teams, working at the same time

Corporate strategic plan

Investment and operational budget

Corporate budget

Resources Allocating resources in the most effective way, and to create a security department budget

Operational CPO

Rules

Make the organization compliant with Applicable standards, legal international standards and laws, requirements and stakeholders’ incorporating them into corporate expectations policies

International standards (ISO/ ANSI/ASIS) and international laws

Scope

Keep an ongoing safe and secure operation at his/her location/process

A physical location, or a process

Security department objectives

Plan

Follow the security plan, integrate people, technology and methods into specific post orders

A team of people, often in different shifts

Security department plan

An allocated budget

Security department budget

Resources Find the most efficient way to use the budget

Operative BPSO

Rules

Comply with corporate policies and Corporate policies, local laws and Corporate policies, local regulations creating rules for the local stakeholders applicable for local regulations premises the location or process

Scope

To identify potential or current undesirable or disruptive events, report and act on them

Plan

Use his/her initiative, limited to what The officer and other officers in is written in post orders the same shift

A post, in patrol or fixed duty

Post objectives

Post orders

Resources Accomplish tasks using the resources that were assigned

Tools and resources available at the post

Post resources

Rules

Rules of the premises applicable to the post

Rules of the premise, local law

Reinforce internal regulations and the local law

I. FOUNDATIONS

MITIGATION FUNCTIONS

27

CORE FUNCTIONS The protection officer must become a valuable member of the organization; his participation in systems, processes, and activities must always add value. The value added by a protection officer’s performance is measured in the level of improvement that his work brings into the organization’s protective process and objectives, which are as follows: • Vigilance of better practices and recommend state-of-the-art standards (in addition to the organization’s regulator-specific requirements). • Improving policies, procedures, job-specific instructions (not just following them). • Always reporting adequately and keeping adequate records. It is widely accepted that every process of an organization must fulfill a Plan-Do-Check-Act Cycle (Brown & Blackmon, 2001); the protection process is no exception (Fig. 2.2): • PLAN—Preventative functions. The cycle begins by planning protective measures BEFORE they are performed. • DO—Mitigation functions. All protective measures performed DURING daily operations. • CHECK—Verification functions. Verification of protective systems performance. • ACT—Response functions. AFTER undesirable or disruptive events, the officer must respond accordingly, bring all operations back to normal, and close the cycle with the necessary feedback. Simply stated, in any given organization, the core function of the protection officer is to ensure the continuity of the protective cycle; to prevent all possible hazards from becoming threats, to mitigate threats in order to decrease the probability and potential consequences of its occurrence, to

FIG. 2.2 Plan-Do-Check-Act Cycle.

verify the adequacy of loss control countermeasures but also to respond adequately and timely to all types of loss events in order to regain control of the situation while preventing future occurrences (beginning of a new improved cycle).

PREVENTATIVE FUNCTIONS Prevention includes (but is not limited to) all actions taken before active protection measures are performed. These functions are easily remembered with the four Is: • Investigate (preventative and reconstructive investigations). • Identify (hazards and risk factors— assess risks). • Induce (communicate and train). • Integrate (countermeasures to treat risk).

MITIGATION FUNCTIONS During an actual protection task, an adequate mix of procedures, equipment, and people reduces probability and consequences of risk.

I. FOUNDATIONS

28

2. ROLE OF THE PROFESSIONAL PROTECTION OFFICER

Mitigation functions are remembered with the four Ds: • Dissuade (potential aggressors). • Detect (hazards that are being activated). • Delay (separate physically or delay the aggressor from the objective). • Detain (stop the hazard).

VERIFICATION FUNCTIONS The “real” verification happens DURING emergencies—loss events, but a protection officer should periodically verify the effectiveness of a system by doing: • Inspections (verify conditions). • Observations (verify actions). • Simulations (verify readiness through exercise and drills). • Audits (verify system integrity).

BASIC PHYSICAL SECURITY OFFICER • A patrol officer in a shopping center tours the facility to prevent any “offender-hostile” opportunities and create a “customerfriendly” environment. During his tour he must identify hazards and risk factors (using checklists or his own judgment). While on patrol he sees some liquid spilled on the floor and judges that this represents a fall risk (PREVENTION). • He or she secures the area according to his or her training and procedures (MITIGATION). • Stays on the spot until someone competent (i.e., general services) arrives to fix it (VERIFICATION). • He or she reports all actions taken and recommends improvements in procedures to prevent future unsafe conditions (RESPONSE).

CERTIFIED PROTECTION OFFICER RESPONSE FUNCTIONS Ideally, risk has been mitigated before it creates loss. In cases where this has not happened, it is necessary to respond. After a loss event occurs, all efforts must focus not only on bringing the situation back to normal but to improving the previous situation by vaccinating the organization from that, or a similar risk. Response functions are easy to remember if we use the four Rs: • React (act immediately in accordance with established procedures). • Resume (gain control of the situation). • Reinitiate (start operations with a view to bringing them to the normal level). • Recuperate (wholly recuperate the operative level and vaccinate from that risk). Examples of protection cycles performed by the various levels of protection officers are outlined below.

• A security supervisor receives reports that indicate some employees are suspiciously wandering around the company trash containers after working hours. The containers are in the back of the building. The supervisor identifies this as a theft through garbage risk (PREVENTION). • Starting immediately, she assigns an officer to temporarily patrol that area and gives him specific orders, explaining the nature of the risk and signs of the threat to identify, how to act, and when to report. (MITIGATION). • At the same time, the supervisor organizes a talk to employees given by the local police about crime awareness and the effects of crime in the organization (VERIFICATION). • The supervisor then initiates an internal investigation while reporting this risk to

I. FOUNDATIONS

29

EMERGING TRENDS

management. She recommends changes in methods (employees will have to exit the premises through the front door), equipment (garbage containment area needs to be fenced in), and people (recommends changing the patrol procedures to include a more thorough check of the trash area) (RESPONSE).

CERTIFIED IN SECURITY SUPERVISION AND MANAGEMENT • It has been reported to the HSSEQ (health, safety, security, environment, and quality) manager of a petrochemical facility that someone is stealing empty containers from hazardous materials. He identifies this as a health and environmental threat, since inhabitants of poor neighborhoods in the surrounding area might be using them to store water for washing and cooking (PREVENTION). • After assessing the risk, he sets up an awareness campaign to train the surrounding neighbors of the threat the empty containers pose. The company gives away new containers to these people, while profiting from a positive Socially Responsible Capital Campaign (goodwill to the villagers) (MITIGATE). • As part of the campaign, the firm arranges for doctors from the closest public hospital to measure levels of contamination among villagers and the nearby river. It also contracts to sell all empty containers of hazardous materials to a recycling plant that would treat them accordingly—this funds the whole campaign. (VERIFICATION). • The company revises its liability insurance to include this newly discovered risk while negotiating a premium reduction based on the calculated associated value of potential loss (RESPONSE).

EMERGING TRENDS Need for Standardization Financial austerity and competition among organizations show the importance of loss prevention efforts to maximize profit margins in all sizes of organizations around the globe. This has also pushed commercial organizations to seek new markets and resources in different areas of the world. Some organizations with high-risk appetites are venturing into historically inhospitable environments. Protection officers at these firms are facing broader language and cultural challenges. Laws and regulations vary greatly in different regions of the world. Nevertheless, huge efforts are taking place to standardize procedures, training, and risk management models all over the world. In response to these needs, the International Organization for Standardization (ISO), the American National Standards Institute (ANSI), the American Society for Industrial Security (ASIS), and the Risk Management Society (RIMS) have put a lot of effort in the creation of standards for the security industry. Some of the current standards that are of special interest to all protection officers include the following: • RA.1-2015 Risk Assessment—Developed by ANSI/ASIS/RIMS. • PAP.1-2012 Security Management Standard Physical Asset Protection—Developed by ANSI/ASIS. • PSC.1-2012 Management System for Quality of Private Security Company Operations Requirements with Guidance—Developed by ANSI/ASIS. • INV.1-2015 Investigations—Developed by ANSI/ASIS. • ORM1-2017 Security and Resilience in Organizations and their Supply Chains Requirements with Guidance—Developed by ASIS.

I. FOUNDATIONS

30

2. ROLE OF THE PROFESSIONAL PROTECTION OFFICER

These standards were developed following the Plan-Do-Check-Act cycle, are excellent sources of guidance in specific subjects, and currently protection officers all around the globe are using them as foundations for their work. The Risk Assessment (RA) standard (Fig. 2.3) is a general framework, central to all phases and levels of the core protection officer functions. The Physical Asset Protection (PAP) standard is regularly used for the design of physical assets protection systems—PREVENTATIVE FUNCTIONS. The Private Security Company (PSC) standard or Security Management Operations Systems (SOMS) are excellent guides on the implementation of security operations— MITIGATION FUNCTIONS. Investigations standard (INV) guides through preventative and reconstructive investigations—VERIFICATION FUNCTIONS. The Organizational Resilience Management (ORM) standard is used for resilience and business continuity efforts— RESPONSE FUNCTIONS.

FIG. 2.3

IFPO around the world has developed checklists, procedures, and specific training to take these standards into the day-to-day practice of all levels of the protection officer’s work.

Training and Certification The issue of training continues to be a concern. While on paper it may appear as though security personnel are being trained, closer inspection reveals that this is often not the case. Sometimes in contract security there is a major disconnect between the corporate policy on training and what happens in the field. Maggio cites a 2005 study in New York City in which it was found that most security personnel reported having less training than was required (Maggio, 2009). Moreover, the training that was given failed to emphasize terrorism or working with police or firefighters. One possible solution to the training dilemma is state or provincial mandates. A state or province may require security officers to have a

Risk Assessment Standards.

I. FOUNDATIONS

RESOURCES

certain amount of training and to be licensed. Unfortunately, it takes a long time to get legislation enacted. Once it is in place the training is generally minimal. Also, the regulations rarely cover all protection officers; most state/ provincial laws only cover contract security personnel. Only through education, training, and highly structured socialization will role confusion be prevented. Another driver of this trend is the growth of security service providers. Some of these companies are quite large and operate internationally. Others are not as large or international but may have a major share of a local or regional market. Either scenario may lead to monopolization. Once this happens, the client has limited choice in selecting a security service provider. Should this occur, there may be both an increase in costs and a degradation of service. University degrees and internationally recognized professional certifications, such as the ones awarded by IFPO and ASIS International, are in great demand among quality-conscious employers all around the globe.

SUMMARY A professional protection officer is dedicated to protecting people, information, physical assets, reputation, and the environment surrounding organizations. As a professional, the officer follows a code of ethics, shares a common history with his colleagues, and owns a common body of knowledge. The titles and designations given to protection officers may be insufficient when we need

31

to express the tasks these dedicated men and women perform.

References Brown, S., & Blackmon, K. (2001). Operations management: Policy, practice and performance improvement. Woburn, MA: Butterworth-Heinemann. International Foundation for Protection Officers (IFPO). (2013, September 18). Certified in Security Supervision and Management (CSSM). Retrieved from https:// www.ifpo.org/training/certified-in-security-supervi sion-and-management-cssm/. International Foundation for Protection Officers (IFPO). (2014, January 2). Training Programs. Retrieved from https://www.ifpo.org/training-programs/. International Organization for Standardization (ISO). (2018, February 15). The new ISO 31000 keeps risk management simple. Retrieved from https://www.iso.org/news/ ref2263.html. Maggio, E. J. (2009). Private security in the 21st century: Concepts and applications. Sudbury, MA: Jones & Bartlett.

Resources There are a wide variety of courses! Specialized topics can be studied to prepare for new assignments or jobs. These courses can be used to target individual career interests and earn recertification credits for Certified Protection Officer designates. ASIS International. (2012). Protection of Assets (POA): Physical Security. Alexandria, VA. The POA is the primary text for the Certified Protection Professional designation. It contains several chapters relating to the role of the protection officer, including Security Officer Training and Private Policing in Public Environments https://www. asisonline.org/publications/protection-of-assetsphysical-security/. Butterworth-Heinemann is the premier publisher of security texts for Elsevier. Elsevier has a wide array of titles available on physical security, investigation, emergency management, and so on. Visit http://www.elsevierdirect.com/index.jsp.

I. FOUNDATIONS

C H A P T E R

3 The Security Officer of the 21st Century Michael J. Fagel, Lawrence J. Fennelly, Marianna A. Perry O U T L I N E Introduction

33

Training

35

What Is a Security Officer?

34

Writing Reports

37

Going Forward Into the 21st Century—Robots

38

References

39

Visibility of the Professional Security Officer 34 Why Is Training So Important Today and In the Future?

35

The Image of Officers in a Training Classroom 35

INTRODUCTION

and issues and strive to develop themselves professionally, such as by earning certifications offered by ASIS International or the International Foundation for Protection Officers (IFPO). Education in the security industry is a critical component of success and may consists of formal educational degree programs, certifications, and professional development through industry organizations. Industry-specific knowledge will give security professionals more flexibility in achieving career goals. Our professional security officers of today must be allowed the appropriate opportunities for training and education. Investment in the training and education of professional security officers is ESSENTIAL for them to function efficiently in an increasingly complex world. Training and education are distinctly different and complementary. Training provides the

Traditionally, the security profession has been dominated by former male, law enforcement and military personnel, as well as seasoned male security practitioners. This statement is supported by data collected in September 2016 by ASIS International (McKinley Advisors, 2018) who found that 24% of security professionals have a law enforcement background and 25% have military experience. It is also not surprising to note that 87% of the security professionals responding to the survey were men. Even though men still outnumber women in the security field, the demand for qualified security professionals continues to grow and there are high-profile positions available for both men and women (Davies, 2017). Regardless of gender, all security professionals must be knowledgeable about current trends

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00003-1

33

# 2020 Elsevier Inc. All rights reserved.

34

3. THE SECURITY OFFICER OF THE 21st CENTURY

basis of specific actions a person is to take within a given situation. Security officers need training to understand the application of skills and actions expected of their positions. Training focuses on requirements and the needs of today. Education considers the future challenges. Educating security officers will support their actions in a world of evolving threats. Educating security officers will establish a base of critical thinking, judgment, and reasoning skills. Commitment to an educational focus will support moving the position from a job to a career field. Security officer development is intentional and should consider both training and educational elements. Professional security officers will be better equipped to act in known environments on a day-to-day basis as well as recognize and respond to new threats. Today, we see newly hired security officers thrust into a facility with little to no time to train, let alone understand and comprehend the post orders. Many are given an electronic tour wand, a radio, and told, “Good luck.”

WHAT IS A SECURITY OFFICER? Basically, a security officer is the one called upon to assist in a time of crisis, medical emergency, or he/she may be checking individuals coming into a building or area. The major difference between the law enforcement officers and security officers is that security officers usually protect a specific property or location and law enforcement officers protect all people, property, and locations within their jurisdiction in addition to also enforcing laws. New threats have changed this common description and security officers many times act as “community officers” to proactively protect people and property. Generally speaking, law enforcement officers are more reactive than security officers and respond to calls for service. Security officers are required to complete daily reports to document activity for a specified

amount of time. All reports, including incident reports, patrol procedures, medical reports, accident reports, etc., are to be forwarded to human resources and all are to be completed in a professional manner. It is imperative that these reports accurately describe situations and events and are also free of spelling and grammar errors since many times they are used in civil or criminal proceedings.

VISIBILITY OF THE PROFESSIONAL SECURITY OFFICER An employee once told us that the director of security in her Fortune 500 Company was in the lobby every morning greeting the employees arriving for work. There are also companies where the front desk security officer learns the names of every employee—simply from observing them swipe their access cards every day. The security officer then can greet each of them by name. This is becoming the norm. We see it in Walmart and Best Buy with greeters, in banks with armed security officers at the front door and even in hospitals and schools. The job has changed and will change even more going forward. The professional security officer needs to be the eyes and the ears for the communities they protect. Their scope of responsibilities has changed and with this change in responsibilities come more serious issues. They are the first receivers of information about damage, threats, or vulnerability to the facilities they protect and, most importantly, to the people who rely on them. With effective, appropriate training and education, the officer remains one of the first and foremost lines of protection for the people they serve. Many individuals who begin careers in public safety, begin in large, commercial or industrial operations—possibly at a part-time job with flexible hours while attending college. Many are given no more than 3 or 4 h of training, a ring of keys, and a map drawn on the back of an envelope and told to make rounds. The

I. FOUNDATIONS

35

TRAINING

supervisor may say, “Good luck, I hope you find all your keys and make it back within the hour to begin your next tour.” For many security officers, this was all of the direction they were given. Many times, these commercial or industrial operations had machinery, chemicals, production, noise, heat, and cold to contend with—none of which the security officer was prepared (or trained) to deal with. Needless to say, many security officers have a scary start to their “career” in security.

WHY IS TRAINING SO IMPORTANT TODAY AND IN THE FUTURE? Has security officer training improved in the last 30 years or so? In many cases yes, only because of professional training and certifications, department policy and procedures plus post orders. There are many facilities where we as security professionals conduct surveys with training that is not much different today than it was decades ago. Our professional security officers of today MUST be allowed the appropriate opportunities for training and education. What can we do to help train, equip, and prepare our professional security officers for the complexities of today? Before you answer that question, ask yourself the following questions: “Can your facility afford to wait for first responders to arrive?” (Train your security officers about the “Stop the Bleed” concept. We have a section in this book on this concept.) “Are you equipped with lifesaving equipment such as fire extinguishers, first aid kits, and AEDs (automated external defibrillators), and more importantly, are your security officers (or staff) trained to use them?” “Do you have the equipment necessary to evacuate individuals?” What if your complex loses power and you have individuals in wheelchairs stuck on the third floor? What if a natural disaster hits your

facility and you must evacuate the injured? Safely evacuating the disabled or injured, in any emergency situation, should be the first thing you think of when developing your company’s emergency plan. Don’t let a devastating disaster happen without being prepared or equipped with the proper emergency evacuation equipment! Some evacuation equipment can be expensive to purchase or difficult to use. You need to provide safe, lightweight, and efficient evacuation devices that anyone can use with minimal training. Be proactive and don’t wait for an emergency to happen to find out that you are unprepared. The secret is … practice and practice again.

THE IMAGE OF OFFICERS IN A TRAINING CLASSROOM We must educate and train not the same thing over and over again but prepare security officers for the new threats of today. We must adapt and prepare them for any situation and at the same time meet customer expectations and stay within the budget. Training, educating, planning, and preparing are all keys to success.

TRAINING Training standards, where they exist at all, are inconsistent at best (Fay & Patterson, 2018). There appears a lack of consistency in the states for standard curriculum, number of training hours, and required courses or subjects. For instance, there is no requirement for licensing or registration in Alabama. Yet in New York, the Security Guard Act was passed in 1992, stipulating security guard registration and training, and approval of all training programs. In states with mandated training, employers can postpone the instruction. This, along with high turnover, allows employees to change jobs often and all without any training. On the other hand, the

I. FOUNDATIONS

36

3. THE SECURITY OFFICER OF THE 21st CENTURY

military sets a high standard and requires security officers in combat areas to participate in paramilitary and purposeful training. Topics suitable for entry-level security officer training include the following: • • • • • • • • • • • • • • •

The role of a private security officer Legal aspects of private security Use of force Note taking and report writing Court testimony Conduct and appearance Interpersonal communication skills Ethics Access control procedures Emergency-response procedures Life-safety procedures Patrol operations Intrusion detection and response Workplace violence response procedures First aid, advanced first aid, cardiopulmonary resuscitation (CPR), and AED

ASIS International has developed a set of training topics that are recommended to its members. In addition to entry-level training, the security officer working for a contract private security services company may require specific training appropriate for the client’s business, such as orientation to: • The physical layout of the protected premises • The names, faces, and positions of senior management • The client’s policies in respect to harassment, discrimination, diversity, etc. • Policies on substance abuse • Telephone protocol • Demeanor and behavior of staff • The key rules of a labor-management agreement, if any Training can be administered in three ways: • Classroom • On-the-job • Online

Classroom training methods include lecture, demonstration, use of audiovisuals, and practical exercises. Professional trainers agree that retention of knowledge and acquisition of skills is greatly increased when practical exercises are used. Examples of practical exercises for security officers are how to administer first aid, CPR, AED, directing traffic, self-defense techniques, verbal de-escalation, use of force, applying handcuffs, searching persons and property, inspecting parcels and packages, protecting a crime scene, using communication equipment; and for armed security officers, safety and nomenclature of the weapons issued and extensive practice at a firing range. On-the-job training (OJT) is an excellent method for teaching all of the above. The downside is that an experienced officer or supervisor has to be removed from their normal duties to conduct the OJT and monitor the officer’s job performance. Online training, a method of instruction relatively new to training security officers, is an excellent method for imparting knowledge. The advantages are as follows: • Training occurs wherever a PC or laptop is available. • Learning proceeds at the student’s pace. • Can be done at anytime and anyplace (even at the officer’s home, if allowed). Online training content is identical for all, and the trainee is expected to complete the entire program. When audiovisuals and questions are included in the course, the trainee can better evaluate their progress. Additional help, such as from an instructor or administrator, can be advantageous. Online training software keeps track of the training, alleviating the employer from this task. Although online training cannot provide hands-on learning, the cost is significantly less than other training methods, and gives the trainee a good basic background for his or her job that the OJT will only enhance. Regular classroom training can cause issues in scheduling for employers, especially due to

I. FOUNDATIONS

WRITING REPORTS

employee turnover, which can result in low attendance. This causes in-house training to be expensive and doesn’t help fill the vacant jobs. Therefore, some employers go against rules to simplify the process, by briefly explaining duties, showing a video, and giving a written test. And if the test is failed, the exam is retaken until passed. Those states that regulate the industry, call for employers to provide written assurance that training has been undertaken. The quality of instruction is of no concern, and with regard to the mandatory requirements, the regulatory agencies rarely checks these are met by the employers.

WRITING REPORTS The report writing function might require submission of a formal report immediately after an investigation is opened; a progress report prepared according to a schedule or to important developments; a final report that includes facts, describes evidence and its relevance, identifies persons involved, makes conclusions, and recommends corrective actions; and a supplemental report that reports postcase facts such as the firing of the offending employee, receipt of restitution, and court adjudication. Reports of investigation are distributed on a need-toknow basis. The recipients of the reports are generally the persons responsible for taking action, such as the manager of a department. The goal of licensure and certification organizations is to move the security profession forward from a transitional job “until something better comes along,” to that of a career that is similar to other career choices. One of the ways that this can be done is to remove the stigma that security officers are uneducated individuals who are working for minimum wage. Compensation needs to be directly tied to the skills, experience, and education of the security officer and what they can do to keep people and property safe. What separates professional security officers from others is the drive for knowledge and

37

wanting to learn how to better perform job functions. Professional security officers consider their job an investment in their future and are welltrained, competent, and computer-literate in order to meet the needs not only of technology, but also of new emerging threats. The position of the security officer has become more specialized—especially since acts of terrorism and active shooter/active assailant instances are occurring with more frequency. Security officers are being assigned to schools and other locations as a visual deterrent to take a proactive stance against any type of crime. Law enforcement officers need to be educated about the job of security officers and understand that security officers can complement the job they do and assist them with the protection of people and property. Security like law enforcement is not a profession where one can simply go through the motions and put in 8 h of their shift. Security has to become a way of life for security professionals. One of the things that those of us in the security industry can do is stop referring to security officers as “guards,” which has a negative connotation. “Officer” is a more professional term that better describes a trusted position of authority. Security professionals today must be in constant “learning mode” to stay current on new trends or challenges in the security industry (Fay & Patterson, 2018). Technology is changing at an incredible pace, so security professionals need to as well. Security systems—both electronic and physical—are becoming more advanced and will continue to have a great influence on the security industry. It is important to understand that technology is not the answer to effective security, but instead is a component within the overall security process. Moving forward, all security professionals will need to be adaptable and have the ability to anticipate change and determine the needs of the future by gathering information, analyzing data, and studying crime trends (Fay & Patterson, 2018). Sometimes when we as security professionals discuss the future of the security industry and attempt to identify emerging trends, it’s a bit

I. FOUNDATIONS

38

3. THE SECURITY OFFICER OF THE 21st CENTURY

difficult because there are so many different areas to our discipline. For example, when the book, Security in the Year 2000, was published by ASIS International, computers were not mentioned. The book Security in 2025 is now available and much of that book is devoted to technology in the security industry.

GOING FORWARD INTO THE 21st CENTURY—ROBOTS Robots, built in Silicon Valley by Knightscope and available through Allied Universal to security clients nationwide, were released on June 16, 2017. These robots perform real-time patrols utilizing the K5 (outdoor) and K3 (indoor) models. Highlights of some of their features are as follows: • 360-degree video that provides complete awareness and feeds to a security operations center. • Thermal imaging for identifying fires and gauging proper environmental temperature settings. • License plate recognition, which is an example of a computational task that may include data collection in a large parking facility. • Intercom and broadcast capability that can be programmed to relay messages or alert security personnel to immediately dispatch law enforcement. Robots performing duties that were previously the work of security officers are examples of the new technology available in the security industry. The security professional of the 21st century has already grown accustomed to advanced technology, but the following is our list of the Fifty Emerging Trends in Security from the past 5 years: 1. IT infrastructure protection planning 2. IT infrastructure as a single strategic plan 3. Infrastructure and Crime Prevention Through Environmental Design (CPTED) team up

4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39.

Mitigation strategies IP video and digital video IP security provisions Security IP edge devices HD cameras and monitors Video analytics Visible light cameras Thermal imaging cameras and sensors Detection technology for shots fired Perimeter protection Layers of protection analysis (LOPA) Visitor management systems Mass notification Emergency management training and soft targets Cloud storage and computing for security Cyber-security threats Contractor prequalification Emergency management and planning for disasters Software for physical security maintenance Laser communication Drones: A safety and a privacy issue Encryption Critical thinking Soft targets versus target hardening Establishment of countermeasures and deterrents Embracing the beast Social media monitoring software ASIS and NFPA active shooter initiative Formulation of partnerships to reduce crime Encompassing effective CPTED solutions in 2018 and beyond: Concepts and strategies Community policing: There is a need for more community policing Crime prevention through integrated problem solving—A new approach to the broken windows theory Cybersecurity, cyberattacks, and ransomware The popularity and need for access control Fraud issues: Large and small Social media: The good, the bad and the ugly

I. FOUNDATIONS

REFERENCES

40. The concept of best practices and master planning for all properties and organizations 41. Going green—Leadership in Energy and Environmental Design (LEED) 42. Digital signage 43. Domestic violence in the workplace 44. Mass shootings—Mass casualties 45. Active shooter/active assailant, rethinking solutions 46. Learning strategies to protect soft targets 47. Advancement of CPTED and its reinvention (2018) 48. Cell phone technology controlling integration issues for smart homes

39

49. Climate change and depletion of natural resources, such as water 50. ASIS International and IFPO making numerous changes to increase professionalism in the security industry

References Davies, S. J. (2017). Women in the security profession: A practical guide for career development. Cambridge, MA: Butterworth-Heinemann. Fay, J. J., & Patterson, D. (2018). Contemporary security management (4th ed.). Boston: Elsevier Publishers. McKinley Advisors. (2018). Security Industry Career Pathways Guide. ASIS International. https://www.asisonline. org/globalassets/professional-development/careers/documents/ careerpathwaysguide.pdf.

I. FOUNDATIONS

C H A P T E R

4 Time and Stress Management Greg Benson, Michael J. Fagel, Eric L. Garwood, Charles T. Thibodeau O U T L I N E Introduction

41

When is the Best Time for Planning Your Work?

42

Protecting the Master Plan

42

Routine Meetings Politically Charged Meetings Meeting Deadlines Prioritizing Your Work

43 43 43 44

The Demon Phone and Social Media Delegation Skills That Lead to Success

INTRODUCTION

Dealing With Stress That is Not Work Related Handling Fears in Your Professional Life Follow-Up and Follow-Through Warning About Praising

45 45 46 47

Conclusion

47

only 3 min to go and you were still 10 miles from your destination. If you had only left 15 min earlier, you could have had a stress-free ride to the meeting. This is a very typical stress caused by poor time management. How many other stressors do you have in your life that can be related to time management? Think about it. Is it possible that road rage could be the result of poor time management? The interesting thing about time management and stress is that these two issues are sometimes linked. That is, “poor time management may be caused by stress which in turn may be caused

The lack of adequate time management causes stress and can destroy a career. Stress left unmanaged can cause illness or death. In addition, it can really mess up your day! Because of the seriousness of this topic, this chapter is designed to assist us all with slowing down a little, chilling out, planning our work, and working our plan. Time management and stress are topics that are very closely related. Just think of the last time you were late for a meeting and racing down the highway trying to get there by 10:00 a.m. with

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00004-3

45 45

41

# 2020 Elsevier Inc. All rights reserved.

42

4. TIME AND STRESS MANAGEMENT

by poor time management!” The fact that we do not manage time very well could be a cause of the stress that interferes with us managing time properly. A person under pressure to meet a deadline experiences stress. When that stress peaks they find that time management is just getting in the way and they abandon any hint of managing their time. On the other hand, if that same person starts the day under tremendous pressure, he/she may abandon the time it will take to plan out his/her day and become focused on meeting a single objective. Setting aside planning in the form of time management for 1 day may seem to accomplish one objective but what about the rest of the time for that day?

deadlines. This idea of having something to write on and write with always is very similar to what we teach our security officers regarding field notes. We should follow our own advice. The best time for planning your work is the evening before the next day’s work. Find a quiet time and build a master plan for the next day or next week. By planning for the next day, week, or even month, you can relax and not worry about forgetting something. Throughout the workday regularly adjust the master plan as circumstances dictate. If some major event happens to throw your plan off—don’t throw your hands up in defeat—get back on your plan as quickly as possible. Treat your master plan like a road map in which you took an unexpected detour and are now back on your mapped-out route.

WHEN IS THE BEST TIME FOR PLANNING YOUR WORK? PROTECTING THE MASTER PLAN Each day should not start with planning what to do. That should have already been done at the end of the previous day. Before ending any day, whether you are at your office desk or in your den at home, be sure that you spend some quiet time planning the next day. Go over your notes and upcoming calendar of events and have a solid plan for each day before you go to work. Keep in mind the immediate future and what is coming your way just around the corner. You may not have an immediate deadline, but do you have a deadline coming in 3 weeks? The more time allotted now for what seems in your world to be a long way off, will be tomorrow’s crisis sooner than you think. You may want to chip away at that long-range deadline a little each day so when the deadline is 3 days away you have that work almost finished. Planning your time is a never-ending job. It is a balancing act between being able to deflect interrupters and being flexible enough to change when a true emergency happens. You must always keep a calendar and notepad with you so that you can update your plans periodically throughout the day. That way you can keep track of important business, projects, and

Time management fails most often when we fail to plan, but there are also those forces in our work environment that attempt to sabotage our master plan. At some point, those external forces that seem to be sabotaging our supervisory efforts to stay on track must be defeated and the master plan followed. This can only occur if there is a plan to start with. The word “management” in time management means controlling the requests for your time. Time management control will include doing the following: 1. Handle the politically charged torpedoes as soon as possible. 2. Do not accommodate any time thievery unless it will help with your personal or professional advancement. 3. Sidestep requests from subordinates by delegating out or scheduling the request for a later time. 4. Flat out refuse to take your precious time to be involved with other requests. You know that time management saboteurs will be out there, so a part of time management

I. FOUNDATIONS

ROUTINE MEETINGS

planning includes planning how to say no to others graciously who also want your immediate attention. We recognize that you need to be flexible in the administration of your master plan, but never take your eye off the goal. You will want to become possessive of your time management plan. Do not let anything or anyone take that away from you. The plan is always in your hands when it comes to spending supervisory time. Spend it wisely. Good time management means reduced stress on the job for you and everyone else affected by you and your decisions.

ROUTINE MEETINGS Although a necessity from time to time, the biggest drain on time management is the time spent in meetings. Meetings mean that people stop producing and meet at a place where they all sit around and talk. There are some supervisors and managers who spend all their time going from one meeting to another. Trite but true is the saying, “When all is said and done, there is more said than done.” Call a meeting only when it is necessary, keep the meeting time down to a minimum, always have a meeting agenda and stay on track, never serve refreshments, move the speakers along quickly, and dismiss the participants as soon as possible so that they can get back to the important jobs they were hired to perform. Do not allow the meeting to turn into a social gathering or a party. Keep it business oriented. It is a good idea to avoid calling meetings if other means of communications are available such as email. If an actual meeting is necessary use computer programs like GoToMeeting.com, etc., whenever possible. Use other forms of communications when your physical presence is not necessary. Remember the two important meetings that you will not want to miss: attend all politically charged meetings and meetings that will help your future advancement in the company.

43

Other important meetings you should attend include job-related instruction and business planning meetings, professional license and certification credits training, and professional association meetings. Other important meetings should be decided by the totality of the circumstances. Be sure to attend continuing training classes for your professional certifications or other mandatory training classes.

Politically Charged Meetings An explanation for the term “politically charged” that you keep seeing in this chapter is probably appropriate. From time to time anyone in authority from the supervisor to the president of the company comes under scrutiny for decisions they have made. You must be observant of these occasions and defend your decisions to help others understand your rationale. You must be prepared to win support for the positions you take in your decisions. As you become more successful, you become a bigger target for those who get ahead by taking other people down. Corporate politics is serious business, so take it seriously. As a point of explanation, politically charged meetings are meetings where your position in the company may be threatened if you were not there. For instance, it may be a point of embarrassment for your boss if you fail to show up at a meeting he requested your presence at. If you could get fired for missing meetings, then definitely attend those meetings. If a meeting will result in exposure to individuals in the company who can make a positive difference in your future, you should attend those as well.

Meeting Deadlines Deadlines can be time management killers. When you promise to deliver something be sure that you “promise long and deliver short,” that is, if you think you can get a project done by Wednesday, always promise it for Friday of that

I. FOUNDATIONS

44

4. TIME AND STRESS MANAGEMENT

same week. When you come in early with a project you create a euphoric response from your client. It is a stress reliever for the client who doesn’t have to worry about a deadline especially with a critical time-sensitive commitment. Of course, just barely meeting the deadline on time might be OK, but finishing the project early is so much better! In addition, when you give yourself a cushion of time for delivery, you are being proactive and preventive by taking into consideration unforeseen problem-solving necessities that could prevent your success of meeting that deadline. Overextending your abilities can also be a time killer. The longer you struggle to complete an impossible task the more time you waste. Never be afraid to admit that you do not have the skills and competence to accomplish something you are asked to do. None of us want to do this, but reality says that you cannot sacrifice the entire time management plan because your ego will not allow you to admit that you are not up to a specific task. Good time management requires you to know your skills and competence and have the ability to be honest with yourself and with others regarding those things you cannot do. This prevents you from getting all bent out of shape with performance stress. However, work toward reducing that list of “can’t-do’s,” or you may not have a job if that list gets too long.

Prioritizing Your Work Failure to prioritize is another time-wasting management problem. When planning your day, you need to be able to prioritize what it is you will be doing. See Table 4.1 for a simple time management form. You may want to set up a scale of priority, second priority, and third priority or A, B, and C with regard to what you will be doing the next day on the job. Those listed under the priority column or “A” column will include absolute imperatives that must be accomplished before going home, including

TABLE 4.1 Simple Time Management Form Date/ Time

First Priority (A)

Second Priority (B)

Third Priority (C)

8:00 a.m. 9:00 a.m. 10:00 a.m. 11:00 a.m. 12:00 p.m. 1:00 p.m. 2:00 p.m. 3:00 p.m. 4:00 p.m.

emergency response, meeting deadlines on deadline day, and satisfying politically charged issues. In the second priority column or “B” column you will have items that are day-to-day care needs like checking progress on delegated work, writing a portion of a long-term project, researching products you have been requested to purchase, maintaining databases, interviewing prospective employees, and other prescribed duties you are supposed to do with a high time priority. In the third priority column or “C” column you will put the least important tasks including things that if they do not get done that day, there will be no consequences and you can accomplish them the next day or even the next week if need be. It may be nice to have some free time written into the “C” column for reading, researching, and professional development. That is a great stress-breaker strategy. In any event, having prioritized your tasks for the day will help you stay on track. You may lose part of your “B” column tasks and all of your “C” column tasks to the time management saboteurs, but you are not going home until you have completed your highest priority tasks. Prioritizing will provide

I. FOUNDATIONS

DEALING WITH STRESS THAT IS NOT WORK RELATED

a clear view of which tasks to refuse to deviate from when someone asks for some of your time. If all you accomplish are the “A” column tasks, you will have reduced your highest stress issues for that day. Then your “B” column tasks can become your highest priority for tomorrow.

The Demon Phone and Social Media Phone calling is almost archaic today with the advent of social media—email, texting, Facebook, etc. It seems like a new form of social media pops up every day. The advantage of these is that you can look at them when you have time. The disadvantage is that something urgent might not be seen for hours or even days. Nevertheless, these forms of communication can be some of the biggest time wasters ever. At least a phone call has a definite ending. However, phone interruptions can be a serious threat to your time management plan. Remember also all forms of social media are high risk to sensitive data. Data cannot be secured on social media so do not put company business there. You can master your demon phone best if you have the right equipment. Caller ID is a must. Call forwarding, and a good messaging system are also essentials. A sharp administrative assistant is a great barrier to unnecessary phone calls. When you do take a call discipline yourself to stick to the topic of the phone call and end the call as quickly as possible so that you can get back to the tasks at hand. Your employer will appreciate that, and you will reduce your stress level.

Delegation Skills That Lead to Success Failure to delegate is a time waster. You are a supervisor because you are good at getting things done through the efforts of other people. Delegation of work tasks is a motivator. According to Abraham Maslow, the founder of Humanistic Psychology, employees need recognition and the feeling of belonging. By delegating

45

important work to your subordinates, you will not only challenge them, you will be communicating that you value their skills and expertise; a form of recognition. In addition, you will be buying time to be used on work subordinates are not qualified or skilled enough to complete, and you will be motivating your subordinates, you will be getting more work done than you could all by yourself, and you will be reducing stress through controlling time management.

DEALING WITH STRESS THAT IS NOT WORK RELATED To survive in this world of ever-growing stress, we all must develop coping mechanisms. To accomplish this, we must start with a healthy lifestyle based on good values and attitudes. For some of us that will be a big task because values and attitudes begin to develop very early in life. Our personality which has a lot of influence on our values and attitudes is said to be set by age 6. In some cases, it will take a personality change to acquire appropriate values and attitudes. Our basic personality as well as our values and attitudes may lead us in all the wrong directions to reduce stress. Thus, if we really want a life-changing experience in these areas, it will be necessary for us to take a realistic personal inventory of all external stressors that negatively impact us and directly confront them. Seek education on how to enhance your people serving people skills. Work every day at being otherpeople centered, and not so much self-centered. Your work as a supervisor is all about your subordinates and the clients you are serving and not so much about you.

Handling Fears in Your Professional Life It may be a good idea to make a list of all fears regarding external stress components, like fear of physical confrontation, fear of public speaking,

I. FOUNDATIONS

46

4. TIME AND STRESS MANAGEMENT

fear of criticism, fear of love disconnects, fear of not belonging, fear of not measuring up, fear of not having a life plan, and just plain feeling disconnected from society. Rather than dodging these fears and hiding from them, it may be better to directly confront them until you have lost your fear of them. Some terrific ways of fighting off and reconciling fears are through joining a health club and working out on a regular basis, volunteering at a hospital helping others, becoming a tutor after school to help kids with reading difficulties, participating in one of those Internet love connection clubs, getting out and having fun, getting 6–8 h of sleep every night, taking up bike riding, improving your diet, taking off 50 pounds, and a thousand other activities. The idea here is to get active in the very things you fear. For instance, if you are afraid of public speaking then take a Dale Carnegie course and become a public speaker. If you are afraid of crowds, heights, water, or anything else, then indulge in activities that bring you into direct contact with those fears. Force yourself to participate in those things you are afraid of. The more you expose yourself to performing in those character weak spots the stronger you will become. Soon you will be a good public speaker, swimmer, mountain climber and not have to fear the things that are holding you back. The worst part of this kind of stress is what you become when you are doing nothing to fight it. As human beings we cannot allow stress to control us; we must take control of it. Some of us quit smoking, quit drinking, clean up our language, and do as many other personal improvement activities that we can think of. We must take care of ourselves and raise our self-esteem before we can be an effective supervisor. You can do all these things without expensive therapy. Stress is directly related to your physical and mental conditioning. In the end, we can be just about as stress free as we want to be.

Follow-Up and Follow-Through Never leave a work task or project unsupervised for any reason, that is, be in control of the outcome of every work task that you delegate to an employee in your charge. Like the famous quote by President Harry S. Truman, “The Buck Stops Here.” Ultimately, no matter who does the work, you are responsible for the positive or negative outcome. You can accomplish excellent oversight on delegated work tasks by building in reporting stopgaps in the work direction. You can do this by requiring a progress report on how close to completion your employee is once each week, such as Tuesday morning by 10:00 AM. This should be done every Tuesday during the life span of the project or work task. If you want to inject a shot of adrenaline into the personnel you are responsible for, personally show up at the project site or work site to inspect their work in progress. Comment only on positive observations. Never let the employees feel that your on-site supervision is for punitive evidence gathering. Site visits should be for no other reason than to make you available to the employee for help with something, such as giving clarification to final product expectations, to answer technical questions and, when proper, giving the employee public praise for a job well done. Remember, when discussing “recognition,” it is said that: “Babies cry for it and grown men die for it.” Recognition is a very strong behavior controlling strategy used very successfully in supervising employees. Your appearance at the work site, resulting in praise for your employees, will pay big dividends. Then follow through as the employee gets closer to his or her deadline for delivery of his or her part of the project. Never delegate more than you can expect your employee to produce in the time allotted. If need be, give assistance to the project worker by providing additional employees when necessary to

I. FOUNDATIONS

CONCLUSION

accomplish task completion. Never delegate a task to an employee who does not have the skill set to be successful in the task. Be sure that you give your employees all the tools and assistance necessary to assure the employee’s success. Grease the skids for the employee’s positive outcome and brace yourself. You will be surprised just how much your employees can accomplish by the supervisor showing strong support for their work.

Warning About Praising All employee praise, especially public praise, must be subject oriented and specific to the performance of the employee receiving the praise. Thank the employee for a job well done when he or she has accomplished the following: “__________________.” Always fill in the blank with a specific positive accomplishment. Empty ended praising is seen as phony and something to fear and will hurt your image and reduce the morale of the people you are supervising. Walking around finding your employees doing something right and praising that behavior publicly will produce repetition of the same kind of positive behavior from that employee and any other employee who observes the praising. From that perspective the praising process is a great tool for supervisors. However, walking around giving made up praise, or general praise that points to no specific accomplishment, reduces the professionalism of the praising process and is seen as suspect. It does more damage to employee morale than good.

CONCLUSION From the above it is obvious that stress and time management are definitely interconnected. The stress we experience at work and outside work has the ability of combining and tripping us up on the job. This is important because, for the purposes of this chapter, we are concerned

47

with how the clash of internal and external stressors affects our work performance. Of all the stressors we experience at work as a supervisor, stress emitting from mismanagement of time must be considered critical. External stressors can only exasperate that work-stress experience. Obviously in a short chapter like this, we can only scratch the surface of this topic of Time Management and the reader is encouraged to continue this study from the many sources available. If nothing else, begin implementing some of the ideas expressed in this chapter. The following concepts taken from the text of this chapter will help you remember the most salient points in the chapter: 1. Remember that “poor time management may be caused by stress which in turn may be caused by poor time management!” The fact that we do not manage our time very well could be a cause of the stress that interferes with managing our time properly! 2. The idea of having something to write on and write with always is very similar to what we teach our security officers regarding field notes. We should follow our own advice. 3. All meetings are a drain on time management, regardless of how necessary. Minimize number of meetings. 4. When you promise to deliver something be sure that you promise long and deliver short. 5. Be honest with yourself and others. Admit it when you do not have what it takes to accomplish a task. Consider partnering with another supervisor when these issues come up. Also, we suggest you hire out tasks to trusted contract companies when you lack time or knowledge to complete in a timely fashion. 6. Prioritizing will provide a clear view of which tasks to refuse to deviate from when someone asks for your time. Fight off the

I. FOUNDATIONS

48

7.

8.

9.

10.

4. TIME AND STRESS MANAGEMENT

time thieves that reduce your productivity on the tasks that count. Unless it is an emergency, strictly business, politically charged, or career-enhancing, stay off the phone. In addition, don’t text, Facebook, Tweet, or use any other social media. If a phone call is necessary, ask a member of staff to reschedule at another time. You can follow-up on phone calls when you find the time. The phone is not your friend when you are trying to work on time management. Task oversight is the type of follow-up and follow-through that has essential components of time management. You must control the outcome of each project or work task you have delegated to others. If you find yourself doing more work yourself than you are delegating, you are probably not using the tool of delegation properly. Spend your time in “follow-up” and “follow-through” rather than hands-on working of the project tasks yourself. Never leave a work task or project unsupervised for any reason, that is, be in control of the outcome of every work task

that you delegate to an employee in your charge. Like the famous quote by President Harry S. Truman, “The Buck Stops Here!” Ultimately, no matter who does the work, you are responsible for a positive or negative outcome of every task you supervise. 11. Minimize external stressors. Problems in a supervisor’s life outside of work have a definite negative impact on work performance by adding to the day-to-day internal stressors in the workplace. If you are trucking around external personal pressures, you are not going to be an effective supervisor at work. At the same time, the workplace can be a great stress reliever if you just work hard and bury yourself in your work for 8 h a day. Remember each day to park your homegrown stress at the door before entering the workplace. 12. Remember, when discussing recognition, it is said that: “Babies cry for it and grown men die for it.” Recognition is a very strong behavior controlling strategy used very successfully in supervising employees.

I. FOUNDATIONS

A P P E N D I X

4A Critical Incident Stress Greg Benson, Michael J. Fagel as a police officer and as a firefighter. Everyone is different, and it is critical that we understand our role in this process. Many members of the security profession have had earlier careers in the military or other public safety service. It is important to realize that stress as we know it has a cumulative effect on us, and an event that occurs today may certainly trigger memories or manifestations. Our roles as 40-year responders include responses to the Oklahoma City Bombing April 19, 1995 as well as the World Trade Center attacks in New York City on 9/11 (2001). Also, one of us served as a volunteer member of a Critical Incident Stress Debriefing team in Northern Illinois since 1998, but both of us have helped many in our various public safety professions. We will outline some key elements of what a Critical Incident Stress team may be able to do for the people that may have been affected by an event. A critical incident is any event which is powerful enough to overwhelm the normal “coping mechanisms” used by emergency responders to cope with the effects of emergency response. Stress is any event acting as a stimulus which places a demand on a person, a group, or an organization.

There is compelling logic that argues for the efforts to be directed toward prevention of occupational stress and posttrauma syndromes, especially among high risk professions. Dr. George Everly, A Clinical Guide to the Treatment of the Human Stress Response, 1989.

INTRODUCTION The concept of “what is a critical incident” may mean many things to different people. For example, a multi-casualty incident may overwhelm a first-year graduate of the Fire or Police Academy, 9-1-1 Public Safety Telecommunicators, and our professional security officers. The same event may be viewed differently by a several years veteran of the force. Regardless of what the incident may be, WE all will have some event in our lives and careers that will potentially trigger a response and a need for a critical incidence briefing or critical incident management. Many of our service members have seen events across all lines of public safety, security, or military, but it is not just a phenomenon reserved for public safety, security, or military. Picture a teacher that may have witnessed a singular event that may haunt them the rest of their lives. I can recall my very first fatal incident

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00046-8

49

# 2020 Elsevier Inc. All rights reserved.

50

APPENDIX 4A. CRITICAL INCIDENT STRESS

WHAT ARE CRITICAL INCIDENTS? 1. Line of duty death or major injury of emergency services worker on the job. 2. Death or a major injury to a child. 3. Prolonged search and rescue effort with a negative outcome. 4. Operations involving extensive media coverage. We highly recommend that you become aware of the various elements of an incident, and the programs and processes designed to help you through these events.

THERE IS NO SHAME IN ASKING FOR HELP We, as a public safety profession, must work diligently to help remove the stigma of crisis management, critical incident stress debriefings or other supportive venues. In our early days on the job, we often had a very “unique” sense of humor after an event that wrenched our souls. Several of the ranking officers, when we were rookies, had no place in their vocabulary for “Help,” assistance, counselling or any other peer support. We were afraid to even broach the subject for fear of reprisal. That has slowly changed over the years. In 2001, while working at the World Trade Center incident from September 11, 2001 to Christmas 2001, no one even stopped to take a breath. We had counselors there on the scene, but it was not the right place or time. We had service tents for First Aid, Supplies and Psychological Counseling, BUT no one would be caught dead in the tent with the “P” word, and instead, we would walk into the First Aid Tent and ask to get someone from “next door” to help.

CRITICAL INCIDENT STRESS DEBRIEFING (CISD) CISD is a structured psychological debriefing process which utilizes a direct action-oriented crisis intervention program designed to prevent

or mitigate traumatic stress and its associated effects. CISD can be summarized as follows:

Psychological Trauma Immunization Program • • • • • • • • • • • •

Real-life preservice job orientation Real videos Live sound tracks Photographs of real incidents On scene support Mental health professionals Peer support personnel Defusing Debriefings Family intervention Follow-up services Referral options

CISD is NOT psychotherapy or a substitute for psychotherapy. It’s a meeting/discussion designed to help alleviate the effects of critical incident stress, usually as a group and as a TEAM effort, not a CRITIQUE of an incident or department. CISD’s effectiveness decreases with time. Techniques are best provided by people not well known by the responders as it is primarily a prevention program for BURNOUT, which will not solve all the problems of a department. A CISD intervention may bring old incidents to light. Sometimes it is necessary to refer people for additional fine-tuning following a debriefing. It is not necessary for all to speak during a session to be beneficial. We are most familiar with this formal debriefing process as excerpted in the following:

FORMAL DEBRIEFING PROCESS • • • • •

Introduction Introduce team members briefly Establish ground rules Explain process Discuss facts ASK: Who are you and what was your job at the scene?

I. FOUNDATIONS

51

TEACHING

ASK: What happened from your point of view: thoughts or reaction? ASK: What was your first thought or most prominent thought once you came off auto pilot? ASK: What was the worst part about this call for you personally? ASK: When you think of this call, what pictures come to mind, and what was your reaction?

Symptoms Ask the group to describe any cognitive, physical, emotional, or behavioral symptomology they experienced at the scene, in the following days, and still experience today.

TEACHING At this time, all team members can participate in learning symptomology, which is brought up by the group discussions, and stress survival skills, to use the experience for teaching in the future. Often times we try to find a positive note to leave the group with or sometimes we empower

the group to try to find some positive outcome or gift that will come out of a tragedy. Critical incidents take on many meanings for us all. It is important to recognize events and how they may affect you in the station, or the office, or on a lonely security patrol at night. It is OKAY to be human and reach out to your team for assistance. We, as professional security officers, public safety professionals that encompass police, fire, EMS, security, communications, 911, dispatch, and management (to name a few), are all acutely aware of the “straw that broke the camel’s back” story. We must be ever vigilant to make sure that our teammates are all doing okay and they never say, “I’m Fine,” (two very dangerous words in our profession) without us looking at the circumstances and being available to help our fellow staff at all times. It is our job both ethically and morally to help be on the lookout for any of our members needing help and directing them to the resources we may have. Do NOT ignore the incident, it will NOT go away. We really are “OUR brother’s keeper.”

I. FOUNDATIONS

C H A P T E R

5 100 Things Protection Officers Need to Know Lawrence J. Fennelly, Marianna A. Perry O U T L I N E 100 Great Tips!

53

Summary

11. Are all fire extinguishers full and checked monthly? 12. Lights—which ones are burnt out and which ones are on in the daytime? 13. The value of reports is to report defects and vulnerabilities. 14. Develop professional telephone skills. 15. Be professional 100% of the time. 16. Social media has no place in the workplace. 17. Neither do movies, iPads, or porn on the computer. 18. If you are working 8 a.m. to 4 p.m. be there at 7:30 a.m. to allow for emergency delays such as bad traffic. 19. Read #16 and #17 again. Why? Because it is reason for termination. 20. Crime Prevention Through Environmental Design (CPTED) and the first generation of CPTED have seven concepts and strategies worth reviewing. 21. Change your routine, knowing that bad actors may be watching and planning their attack.

100 GREAT TIPS! Multiple authors from this training manual contributed to this list. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.

Know your scope of responsibility. Study your post orders. Pay attention to all training programs. Understand there is an art to service, to be prepared, to provide good service to your community. Your daily reports can either make you shine or… In your report don’t misspell any words or make any scratch outs. Reports have a purpose that you must understand. Wear a sharp uniform that makes a professional appearance. A secret to reducing overtime is to have several floaters. Are all cameras and intercoms/exterior phones working?

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00005-5

55

53

# 2020 Elsevier Inc. All rights reserved.

54

5. 100 THINGS PROTECTION OFFICERS NEED TO KNOW

22. Be unapologetic about questioning strangers and visitors about their intentions, what they’re carrying, etc. 23. Use your intuition. If something doesn’t feel right, pursue. 24. Note unusual things in your daily report— someone else may be connecting dots. 25. Pace yourself during the shift, make sure you are always hydrated and have a clear, engaged mind. 26. Don’t let your guard down at shift change, a very vulnerable time. 27. While on duty, don’t drink alcohol, take illegal drugs, or prescription drugs that could impair your job performance. 28. Be a good “team” member. 29. Have good personal hygiene. 30. Be polite—say “please,” and “thank you” to clients, customers, coworkers, visitors, contractors, and vendors. 31. Keep your hair and fingernails clean. 32. Don’t falsify reports—your reports may be verified by video surveillance. 33. Be truthful. 34. Use proper patrol techniques while performing walking or vehicle rounds. 35. Stay informed about “issues” or potential problems in your area. 36. Remember that much of your job is customer service and your actions reflect on the client - positively or negatively. 37. Write reports legibly. Don’t use “white-out” or erasers. Instead, draw a line through errors, make the correction, and initial. 38. Write legibly. 39. Don’t forget that your reports may be used in a civil or criminal proceeding and you may be called to testify. 40. Study emergency procedures and know what to do for an active assailant, inclement weather, civil unrest, etc. 41. Do not carry a weapon while on duty unless you are trained and you are assigned as an “armed” officer. 42. Protect the client’s assets. 43. Take care of your issued equipment.

44. Check equipment at the beginning of every shift to ensure it is operational. 45. Report damaged or inoperable equipment as soon as possible. 46. Don’t sleep while on duty. 47. Be alert and aware of your surroundings. 48. While on duty, cell phones are only to be used for emergencies or for business communication. 49. Don’t use curse words on the phone, PA, or intercom. 50. Use appropriate radio protocol. 51. Answer the phone promptly and politely. 52. Perform duties safely. 53. Perform your job duties with integrity. 54. Be dependable. 55. Use good judgment. 56. When you are on duty, “check” your judgments at the door. 57. Be a good listener. 58. Be a problem-solver and help find solutions. 59. Work your assigned schedule. 60. Practice your interpersonal skills. 61. Be efficient while on patrol: observe employee work habits and conduct, to prevent employee misbehavior and mitigate workplace injuries; look for workplace hazards to prevent accidents, e.g., wet floors. 62. Communicate clearly and comprehensively. 63. Have a positive attitude. 64. Take the initiative to perform your job duties without “around the clock” supervision. 65. Have an aptitude for self-motivation and motivate others. 66. Accept responsibility when you make mistakes. 67. Be willing to learn new things. 68. Know the difference between decisiveness and recklessness. 69. Have the ability to work well under pressure. 70. Be open-minded to new tasks or job responsibilities.

I. FOUNDATIONS

55

SUMMARY

71. Have the ability to establish rapport with those you come into contact with. 72. When you are introduced to someone, stand up, make eye contact and shake their hand. 73. Learn to be a good listener. 74. Report accidents and injuries as soon as possible. 75. Practice good housekeeping, disposing of trash properly and keeping your post area clean. 76. Learn to assess different environments and identify hazards. 77. Practice situational awareness. 78. Don’t stand at a stationary post with your hands in your pants or jacket pockets. 79. Don’t chew gum while on duty. Learn healthy ways to deal with stress. 80. Don’t wear too much cologne or have a bad body odor. No one should smell you before they see you. 81. Report hazards (such as nonoperational lighting or broken locks) as soon as possible. 82. If you work or patrol in a hazardous environment, use the appropriate PPE (personal protective equipment, such as hearing and eye protection, etc.) for the job. 83. Be helpful when assisting individuals with disabilities. 84. Work well with first responders when there is an incident. 85. Pay attention during training classes and have the willingness to learn new skills. 86. Lift heavy items safely by using your legs and not your back. 87. Be careful when patrolling on wet or slick surfaces. 88. Be fair, objective, and honest. 89. Utilize your authority or power carefully— Personal vs Positional. 90. Be aware of your nonverbal or paraverbal communication. 91. Be able to adapt to change. 92. Don’t disclose confidential or proprietary information.

93. Don’t post anything about clients or details about security procedures on social media. 94. Don’t steal or pilfer from the client or your employer. 95. Be systematically unsystematic in your patrol, in your daily routines and in your response. 96. Study your work environment to understand what “ordinary” is, so you can immediately identify anything “out of the ordinary.” 97. If you observe anything “out of the ordinary” don’t dismiss it. Inquire about it. Do not move on until you are certain there isn’t a security concern, e.g., unknown person walking around. Don’t assume he is with someone; ask and verify. 98. During patrol pay attention to where the automated external defibrillator (AED) and first aid kits are located. 99. When the opportunity avails itself, run “What if” scenarios through your mind to help prepare for a quick response, e.g., What if there is a fire in the lounge: where is the fire extinguisher? What if someone fell and needed oxygen: where is the oxygen? 100. Understand body language to identify when an employee is nervous, angered, or acting bizarrely. Don’t ignore a person’s personality changes, even if slight. Report your concerns to your supervisor, i.e., remember the “ordinary” vs out of the ordinary.

SUMMARY We found that it was possible to do more than 100 items, but it was decided to cut it off at 100. Which tells us you have a lot to learn as you go through the advances of your career. Our suggestion is to buy several security books and start reading and learning about various concepts and strategies as well as physical security.

I. FOUNDATIONS

C H A P T E R

6 Occupational Health, Industrial Hazards, Vulnerability Assessment, and Self-Assessment Brian D. Baker, Kevin E. Palacios O U T L I N E Introduction

60

Consider the Following Additional Hazards and Scenarios

60

Risks to the Protection Officer

60

Vulnerability Assessment

61

Self-Assessment

61

The Role of the Protection Officer in Occupational Health & Safety (OH&S) Programs

Seven Common Safety Hazards Self-Protection

66

Key Facts in Accidents Accident Types Key Terminology

66 67 67

Emerging Trends

70

References

71

Further Reading

71

64

C H A P T E R O B J E C T I V ES

• Suggest methods to minimize workplace hazards and threats

• Define potential hazards and risks associated with the duties of a security professional

• Explain basic fitness, health, and wellness issues relating to a security professional’s duties

• Show how the security professionals can conduct security vulnerability assessments and self-assessments to identify hazards in the industrial workplace

• Major causes of occupational accidents and illness

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00006-7

64

• Key terminology

59

# 2020 Elsevier Inc. All rights reserved.

60

6. OCCUPATIONAL HEALTH, INDUSTRIAL HAZARDS, VULNERABILITY ASSESSMENT, AND SELF-ASSESSMENT

INTRODUCTION Much attention is placed on the contribution of the security professional to an organization’s overall safety program. Indeed, this role is critical for the prevention, reporting, and investigation of workplace accidents and the maintenance of a secure workplace. The key objective of this chapter is to focus on helping the security professional in identifying those risks that may evolve into a critical safety condition. Emphasis is on the prevention or reduction of these risks to the greatest degree possible. When the security professional must react to the risk, it can be inferred that the damage has already occurred or worse yet, someone may have been harmed.

CONSIDER THE FOLLOWING ADDITIONAL HAZARDS AND SCENARIOS 1. Security officer bitten by ticks on two occasions while patrolling a perimeter fence line with heavy grass and vegetation. 2. Security officer injured her back while holding open a heavy steel door at a bank. 3. Security officer slipped on a tiled floor in a hotel elevator because he had snow packed into the tread on his boots. 4. Security officer suffered carbon monoxide poisoning while using a kerosene heater inside a gate shack with poor ventilation. 5. Security officer stepped on a loose metal floor plate that tipped, causing the officer’s leg to plunge into a drainage channel, resulting in ankle, knee, and back muscle injuries. The security professional should not assume that the employer or supervisor would clearly recognize all hazards. Events that result in injury will not always result in corrective action.

Unfortunately, this is the reality of business and industry. However, the security professional should utilize all legitimate means to report new and potentially unrecognized hazards to his or her supervisor through the proper chain of command. Many facilities and organizations have a procedure or process to report these conditions. While some facilities do not allow security professionals to take corrective action on safety or maintenance matters, one must recognize his or her responsibility to the protection of others, including other security professionals. The security professional should also provide for his or her own safety and comfort through a minimal investment in comfort or safety supplies. A good insect repellent could prevent tick bites. A small pocket flashlight could have helped the officer recognize the loose metal floor plate. And above all, good footwear is vital if you consider that falls are the leading cause of most injuries to security professionals. The self-protection section of this chapter will further discuss personal equipment options.

RISKS TO THE PROTECTION OFFICER Some of the main occupational risks to the protection officers are as follows: • Security officers carry heavy responsibilities and work irregular hours—this may cause psychological stress and burnout. • They may suffer serious bodily injury through acts of crime or violence, firearm accidents, or unsafe handling of dogs. • Inspection tours outside, at all hours, may expose the security officer to the hazards of harsh weather or solar radiation. • Security officers may be exposed to all the hazards of the host employer.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

61

SELF-ASSESSMENT

VULNERABILITY ASSESSMENT Vulnerability assessment is a thorough, comprehensive, and ongoing evaluation of conditions that may create a weakness in the security or safety of the facility. While assessing vulnerabilities sounds like a huge task that should be undertaken by a security supervisor or director, it is actually an important skill that should be developed and practiced by all security professionals. In the most direct sense, whenever a security professional is conducting patrols, and performing other duties of the post, he or she is capable of observing and assessing the workplace environment. The security professional, by direction of post orders and patrol duties, is an extension of the vulnerability assessment. When conducting a vulnerability assessment, a whole hazards approach must be utilized. Whole hazards mean that the security professional is not focused solely on crime or solely on a mechanical type of hazard. “All things” should be considered if there is a realistic potential that the condition could result in a loss: for example, identifying fire hazards or a blocked emergency exit, or a severe weather condition that is approaching a facility. Human life should always be given the most important consideration. Secondary to human life, a security professional should pay attention to conditions that might impact the operation of the facility. Certain employees within the facility, such as executives or engineers, may be particularly important and the security professional may extend attention to the personal safety of these individuals while working, traveling, or commuting. The whole hazards approach seeks to identify the negative things that can occur to the key assets as well as the likelihood that specific events will occur to those assets. For example, the assets or activities critical to the facility may be a focus for protection according to post

duties. In many ways crime prevention and crime detection may become a priority for the security professional during a night shift, but not so during a daytime shift where access control of contractors and shipments is a priority. But assuming that industrial environmental hazards are more likely than crime, consider some potential events that could cause a loss aside from crime: 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12.

Smoke and fire Water leaks and flooding Vehicle accidents and vehicle fires Medical emergencies Structural failure and building collapse Fuel leaks Dangerous debris, vegetation, and tree limb hazards Weather-related conditions Smells from chemicals, solvents, and malfunctions Asbestos and airborne contaminants Hydraulic or chemical leaks Appliance failures such as office, refrigeration or cooking equipment

SELF-ASSESSMENT The security professional should recognize the value and process of the vulnerability assessment and practice this daily while working or patrolling the facility. When viewing the facility from a crime prevention angle, security professionals should ask themselves, “What are some things a thief might want to steal inside this facility? Where are some places that I would hide if I were a burglar? If I wanted to bomb or sabotage this operation, what target would I choose?” But when viewing the facility from the broader whole hazards vantage point, the questions a security professional should ask are basic:

II. PRACTICAL AND OPERATIONAL APPLICATIONS

62

6. OCCUPATIONAL HEALTH, INDUSTRIAL HAZARDS, VULNERABILITY ASSESSMENT, AND SELF-ASSESSMENT

1. Where are the fire alarms and emergency exits? 2. Do I have a flashlight and is there emergency lighting if the power goes off? 3. Where is the safest place for me during a severe weather emergency? 4. Do I know how to shut off the water supply if a pipe leaks? 5. Can I get locked or trapped inside any areas? 6. Who do I call if a critical machine malfunctions? 7. What labs should I avoid because of the dangerous chemicals? 8. Where is it unsafe for me to walk? 9. Is it necessary to check the outside perimeter at night if there are video cameras? This self-assessment process assumes a higher order of thought and should be undertaken regularly once the security professional is oriented to his or her site and knows the patrol routes and procedures. Much of this becomes common sense and second nature and within a few months it may become subconscious. An important aspect of the self-assessment must be for the security professional to recognize what hazards exist by virtue of his or her presence in the facility. 1. Rooftop patrols. 2. Climbing scaffolding. 3. Improper monitoring by command center or blind spots on a camera system. 4. Lack of training regarding dangers along walkways or paths. 5. Traversing through active production areas or maintenance activity. 6. Vulnerabilities from torches, demolition, or vehicles. 7. Overhead hazards such as ventilating gases or falling pipes. 8. Unnecessary patrol through active areas not requiring security presence. There is also a distinction between security professional-created hazards—being in the

wrong place at the wrong time or just being in the wrong place—and the unsafe or hazardous behavior of a security professional. While the former assumes that the individual is attempting to do his or her job correctly and may become inadvertently entangled or exposed to a hazard, the latter implies that the security professional engages in risky or consciously and purposely unsafe or foolish behavior. A significant number of workplace injuries result from unsafe acts, showing off, or otherwise reckless disregard for personal safety. Among these is the hazard of driving a vehicle on patrol. Mechanical failures, accidents caused by the other driver, and complacency or overconfidence may become risks which many security professionals take for granted. The definition of a vehicle can vary from a Segway to bicycle, to pickup truck, to motorboat. Unmanned devices such as aerial and marine drones, or security robots, may also fall into this category because they are controlled by a human operator. It is easy to forget, or ignore, basic safety equipment such as a helmet or seat belt when one is in a rush or is traveling only a short distance. The use of cell phones and text messaging devices is another factor that contributes to accidents because of distraction. Speeding, choosing impractical routes, and laziness are major causes of preventable accidents. Other hazardous behavior includes operating forklifts, cranes, or equipment without proper training or authorization. Security professionals must overcome their curiosity about such equipment in order to avoid injury. In a complex industrial setting, many machines may be linked through one electrical system. The key or switch that is used to start or activate a particular piece of equipment may not be the same key or switch that turns the equipment off or shuts down the process. Exploring electrical switching rooms or confined and underground spaces is extremely hazardous, as is climbing or descending ladders.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

SELF-ASSESSMENT

Another bad practice, with good intentions, is exercising while on patrol or on duty. Jogging, using raw materials such as free weights, or hanging from scaffolding to do pull-ups can create significant risk of injury. Smoking and “vaping” (electronic cigarette smoking) are habits that should be limited or excluded while on duty. Many corporate, hospitality, and health-care facilities have strict no-smoking policies. Though this behavior is regulated by the security professional’s employment or facility guidelines, the addictive nature of these products can be distracting and the health effects may also impact one’s abilities. From the standpoint of vulnerability assessment and identifying hazards in the workplace, smoking while on patrol is extremely unwise because it interferes with one’s ability to smell unwanted smoke from a fire, gas, or hazardous fumes, or other olfactory hazards. Just as the vulnerability assessment process prepares the security professional for knowledge of key assets and potential hazards, the security professional should also understand what could happen to the facility and others if he or she is injured or killed as the result of a hazard. More important, an individual should recognize the impact if he or she is unable to perform the duties as a result of a hazard they created or from hazardous behavior. The following are generic suggestions for minimizing hazards and threats (this list is not specific to any particular environment): • Use caution when approaching partly open doors or overhead loading doors. • Do not eat or drink except in approved areas to avoid risk of food poisoning. • Turn off coffee pots and appliances when empty or not in use. • Always use a handrail when ascending or descending stairs. • Move slowly and carry a flashlight. • Watch out for open areas that may not be marked and areas that were closed or sealed

• • •

•

• • •

• •

• •

•

•

•

• •

63

yesterday that could be open today. Avoid falling into pits and drainage tunnels. Avoid the curiosity of patrolling in restricted or marked danger areas. Stand clear of high-speed roll-up doors and forklift traffic. Avoid greasy areas that are slip hazards. Also, avoid wearing greasy shoes into your home or vehicle. Be aware that some work areas are abandoned when the shift ends as workers will leave tools and parts lying on the floor, posing a trip hazard. Never enter or tamper with vehicles, storage areas, or tool cribs. Be careful of stairs, catwalks, and scaffolding. Padlock controls are important tools not only for loss prevention but also to control access and preserve housekeeping. Report all padlock issues immediately. Avoid confined spaces. Avoid walking on uneven floor plate steel decking or areas where the floor is concealed by wood or cardboard. Always know the work area and location of emergency exits. Avoid dusty areas or enclosures where known pollution cleanup work is being performed. Avoid forklift traffic areas such as ramps and blind corners. Give the forklift the right of way unless the operator stops, makes eye contact, and motions you by. Observe foreign object debris (FOD) and make sure that the walkway is clean before making access or others approach. Avoid treacherous walkways, bridges, or paths with no railings, or walking over deep holes. Never cross or walk on bent or bowed flooring. Know what hazards exist to the exit doors. There may be machinery, FOD, and protruding raw materials. Attempt to keep exit pathways clear.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

64

6. OCCUPATIONAL HEALTH, INDUSTRIAL HAZARDS, VULNERABILITY ASSESSMENT, AND SELF-ASSESSMENT

• Avoid overhead cranes, tilting loading docks, or walking under elevated lift trucks and boom lifts. • Don’t approach trenches and other areas where work is in progress. • Be aware of doors that are welded closed, bolted shut, or temporarily barricaded. • Be cautious of steep ramps and pitted or uneven walkways. • Unexplained water may not be a concern, but running water/flooding areas and water running onto electrical panels could be treacherous. • Be familiar with hazardous materials (HAZMAT) areas and also with HAZMAT signs that no longer apply. This may be needed in case of an emergency to guide the fire department. • Avoid entering work areas from narrow hidden walkways. • Never walk through any liquid if it can be avoided. • Choose to walk over concrete flooring rather than temporary flooring or wood or metal grates. • Be aware that diamond plate steel flooring is designed for traction but when it is wet, or coated with grease, it becomes very slick and dangerous. • Be careful of patches in flooring, cracks in concrete, and areas of new construction where walkways may be unfinished.

THE ROLE OF THE PROTECTION OFFICER IN OCCUPATIONAL HEALTH & SAFETY (OH&S) PROGRAMS The protection officer is trained to observe and identify potential hazards. The majority of large companies maintain a loss prevention department with protection officers on duty 24 h a day, 7 days a week. The protection officer is in a position to report and correct unsafe acts and unsafe conditions while conducting routine patrols.

The protection officer who observes a safety violation by a worker should do the following: 1. Record the worker’s name. 2. Notify the worker’s supervisor, advising him or her of the violation. 3. Document the safety violation and forward a report to appropriate management. The protection officer who observes an unsafe condition or a safety hazard should do the following: 4. Correct the condition or report it to someone who can correct it. 5. Barricade or mark the condition as a hazard where immediate corrective action is not possible. 6. Document the unsafe hazard or condition and the action taken, forwarding the report for appropriate action. Unfortunately, most health-related hazards and risk factors can’t be easily/directly observed. The officers must be aware of the potential symptoms and consequences associated with their workplace in order to report them for early diagnosis.

Seven Common Safety Hazards There are numerous safety hazards that the protection officer should be made aware of. Some of the frequently encountered safety hazards or conditions include the following: 1. Fire protection – Violation of no smoking regulations – Unusual odors, especially smoke – Obstructed passageways and fire doors – Inadequate exit signs – Obstructions in front of hydrants, alarm boxes, and extinguishers – Electrical heaters and coffee pots left turned on – Improper disposal of waste – Flammable gases and liquids which are uncontrolled in areas where they may pose a hazard

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE ROLE OF THE PROTECTION OFFICER IN OCCUPATIONAL HEALTH & SAFETY (OH&S) PROGRAMS

2.

3.

4.

5.

– Paint or painting areas poorly ventilated and not properly secured – Gas pumping areas close to operations where an open flame may be used – Use of flame-or spark-producing equipment near flammable substances – Missing fire protection equipment Housekeeping maintenance and image – Missing handrails on stairways – Debris on grounds – Inadequate containers for trash – Broken glass – Obstructions on walkways, such as snow and ice – Oil spills or slippery substances that may cause slipping and tripping – Cables, pipe, and electrical wires across aisles – Aisle obstructions – Litter accumulation on shop floors – Cracks, holes, breaks in parking lots, roadways, and sidewalks Doors and emergency exits – Burned out or missing emergency lights – Doors that don’t fit properly that would hinder emergency exit – Improperly fitting door frames – Equipment or debris blocking emergency doors – Improper panic hardware for doors Vehicle and fleet safety – Improper audible warning devices for backing up – Improper wheel chocking for parked vehicles – Speeding violations – Improper preventive maintenance procedures – Vehicles parked in fire lane or blocking emergency exit – Vehicles without proper signaling devices or lights – Improper tires for road conditions Personal protective equipment (PPE) – Improper PPE for the job – Protective eye goggles not worn – Safety-toed boots not worn

65

– Protective gloves not worn – Hearing protection not utilized – Respiratory protective equipment not maintained – Proper protective clothing not worn 6. Machinery maintenance – Lack of adequate guarding – Worn belts, pulleys, gears, and such – Frayed electrical wiring that may result in short-circuiting – Workers operating machinery with loosefitting clothing – Dangerous machinery lacking automatic shut-off devices 7. Other hazards – First aid and AED (automated external defibrillators) supplies improperly stored and maintained – Emergency routes not adequately marked – Improper labeling of dangerous goods – Broken or damaged equipment not adequately tagged These are the more common safety hazards encountered by the protection officer on routine patrol. A good rule of thumb is that the protection officer should devote one complete patrol to safety during his shift. Dedicating one patrol to the observation and reporting of unsafe acts, unsafe conditions, and safety hazards is a good practice. It is a protection officer function to contribute to all organized efforts to reduce loss; this not only adds value to his own work, but also to his host work site including other contractors, visitors, and customers. “In today’s economy, an increasing number of workers are assigned by staffing agencies to work at specific host work sites under the direction and control of the host employer. Examples include seasonal workers, such as delivery drivers and warehouse workers, who may be placed in both short- and long-term assignments. In these situations, it is important for the staffing agency and the host employer to communicate and coordinate to provide and maintain a safe work environment for their workers” Occupational Safety and Health Administration (OSHA, 2019).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

66

6. OCCUPATIONAL HEALTH, INDUSTRIAL HAZARDS, VULNERABILITY ASSESSMENT, AND SELF-ASSESSMENT

SELF-PROTECTION In addition to awareness of site hazards and the ongoing evaluation as described in the vulnerability assessment section, there are two areas where the security professional must take personal responsibility: fitness for duty and personal safety equipment. Fitness for duty refers to the security professional’s personal capabilities—his or her physical and mental ability to perform the duties of the post. As mentioned in the beginning of this chapter, patrol duties may involve substantial walking and movement throughout the duration of a shift. In fact, a patrol can involve significant amounts of walking at a slow and steady pace, and also ascending and descending stairs, ramps, or grades depending on the type of post. In large industrial facilities, the security professional may use a combination of foot patrols inside buildings and vehicle patrols between buildings. Some sites may require walking many miles per shift. This distance may be cumulative, interrupted by periods of stationary activity such as monitoring a network video system (security surveillance system [network video systems] or attending meetings; however, it is clear that physical stamina is required.

KEY FACTS IN ACCIDENTS Definition—an accident is an unexpected event in which physical contact is made between a worker and some object or exposure to a substance that interrupts work. The Supervisors’ Safety Development Program (SSDP) trains supervisors and managers to incorporate best safety practices into their daily management activities. A key feature of the program requires participants to demonstrate the knowledge and skills they have acquired from training and are prepared to implement them in the workplace. The SSDPs

are offered in the following ways: classroom training, on-site training, and online with adaptive learning (National Safety Council, 2019). The security professional should list the following when an accident takes place: a. Nature of injury—the type of physical injury. b. Part of body—the part of the injured person’s body affected by the injury. c. Source of injury—the object, substance, exposure, or bodily motion that directly produced the injury. d. Accident type—the event which directly resulted in the injury. e. Hazardous condition—the physical condition or circumstance that permitted the occurrence of the accident type. f. Agency of injury—the object, substance, or hazardous condition that caused the injury to take place. g. Agency of the injury in relation to hazardous condition—the specific part of the accident that was hazardous and caused injury. h. Unsafe act—the violation of a commonly accepted safety procedure that directly permitted the occurrence of the accident event. Other items of information closely related to the key facts that the protection officer should be aware of include age, sex, type of occupation, and type of work. Remember: The protection officer must be knowledgeable of the six basic elements of a safety program: 1. Employer or client safety policy and procedures 2. Safety committees 3. Safety audits or inspections 4. Safety training awareness and motivation 5. Accident investigation 6. Emergency management The protection officer should have some basic knowledge of accident types and accident

II. PRACTICAL AND OPERATIONAL APPLICATIONS

67

KEY FACTS IN ACCIDENTS

causes because he may be involved in accident investigation. These are the three elements to remember about accidents: a. An accident is an unexpected event. b. Contact is made. c. Work is stopped or delayed.

Accident Types Accidents normally involve physical contact or exposure between the worker and some object or substance. With this in mind, accidents are categorized into the following basic types (Table 6.1). TABLE 6.1 Types of Accidents

Accident causation—The many factors that act together to cause accidents. They include personal factors, job factors, and lack of management control factors: Personal factors: • • • •

Inadequate capability Lack of knowledge/skill Improper motivation Stress Job factors:

• • • • • •

Inadequate Inadequate Inadequate Inadequate Inadequate Inadequate

leadership or supervision engineering purchasing maintenance work standards/procedures hazard controls

Lack of management control factors:

Type

Examples

Struck by

For example, struck by a falling tool

Contacted by

For example, contacted by hot steam

Struck against

For example, banging your head against a low beam

Contact with

For example, touching a hot pipe

Trapped in

For example, trapped in a tank

Caught on

For example, pant cuff caught on a board, causing a fall

Caught between

For example, finger caught in a car door

Different level fall

For example, falling down stairs

Same level fall

For example, slipping or tripping

Exposure

For example, exposure to toxic gasses

Overexertion

For example, back strain

Key Terminology Accident—an unplanned event that results in harm to people, damage to property, or loss to process.

• • • •

Inadequate Inadequate Inadequate Inadequate

program program standards compliance with standards hazard controls

Accident investigation—The process of systematically gathering and analyzing information about an accident. This is done for the purposes of identifying causes and making recommendations to prevent the accident from happening again. Accident prevention—The systematic application of recognized principles to reduce incidents, accidents, or the accident potential of a system or organization. Administrative controls—A category of hazard control that uses administrative/management involvement in order to minimize employee exposure to the hazard. Some examples are as follows: • • • • •

Job enrichment Job rotation Work/rest schedules Work rates Periods of adjustment

II. PRACTICAL AND OPERATIONAL APPLICATIONS

68

6. OCCUPATIONAL HEALTH, INDUSTRIAL HAZARDS, VULNERABILITY ASSESSMENT, AND SELF-ASSESSMENT

Danger zone—An area or location where the probability of injury is high (e.g., in the vicinity of saw blades). Due diligence—The taking of every reasonable precaution under the circumstances for the protection of the health and safety of workers. Emergency plan—Detailed procedures for responding to an emergency, such as a fire or explosion, a chemical spill, or an uncontrolled release of energy. An emergency plan is necessary to keep order and minimize the effects of the disaster. Engineering controls—A category of hazard control that uses physical/engineering methods to eliminate or minimize the hazard. Examples of engineering controls include ventilation, isolation, elimination, enclosure, substitution, and design of the workplace or equipment. Environment—The surrounding conditions, influences, and forces to which an employee is exposed in the workplace. Ergonomics—An applied science that studies the interaction between the people and the work environment. It focuses on matching the job to the worker, incorporating biology and engineering into the process. Ergonomics helps to prevent repetitive motion injuries such as carpal tunnel syndrome. First aid—The immediate care given to a person who is injured or who suddenly becomes ill. It can range from disinfecting a cut and applying a bandage to helping someone who is choking or having a heart attack. Hazard—The potential of any machine, equipment, process, material (including biological and chemical), or physical factor to cause harm to people, or damage to property or the environment. A hazard is a dangerous condition, behavior, or object that can cause harm or injury. Hazardous material—Any substance that may produce adverse health and/or safety effects to people or the environment. Health and safety policy—A policy is a statement of intent, and a commitment to plan for

coordinated management action. A policy should provide a clear indication of a company’s health and safety objectives. This, in turn, will provide direction for the health and safety program. Health and safety program—A systematic combination of activities, procedures, and facilities designed to ensure and maintain a safe and healthy workplace. Incident—An unwanted event that, in different circumstances, could result in harm to people, damage to property, or loss to a process. Also known as a near miss. Incident investigation—The process of systematically gathering and analyzing information about an incident. This is done for the purposes of identifying causes and making recommendations to prevent the incident from happening again. Industrial hygiene—A science that deals with the anticipation, recognition, evaluation, and control of hazards in the workplace. These hazards may cause sickness, harm to employee health, discomfort, and inefficient performance on the job. Also known as occupational hygiene. Job design—The planning of a job and the establishment of procedures for performing that job so that the potential for injury and illness is reduced or eliminated. Job enrichment—Adding one or more related tasks or functions to an existing job. These may include some managerial functions (e.g., planning, organizing, controlling). Loss control—Measures taken to prevent and reduce loss. Loss may occur through injury and illness, property damage, poor work quality, and so on. Safety data sheet (SDS)—A form that contains detailed information about the possible health and safety hazards of a product and how to safely store, use, and handle the product. Under the federal Hazardous Products Act, suppliers are required to provide SDSs for all hazardous materials as a condition of sale. Organizations that use hazardous products are required to keep an SDS on site for each product. This is a provision of the Right to Know Act.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

KEY FACTS IN ACCIDENTS

Medical surveillance—The systematic approach to monitoring health changes in workers to identify and determine which effects may be workrelated. Nature of injury or illness—The main physical characteristics of a workplace injury or illness (e.g., burn, cut, sprain, dermatitis, and hearing loss). Occupational health—The development, promotion, and maintenance of workplace policies and programs that ensure the physical, mental, and emotional well-being of employees. These policies and programs strive to: • Prevent harmful health effects because of the work environment. • Protect employees from health hazards while on the job. • Place employees in work environments that are suitable to their physical and mental makeup. • Address other factors that may affect an employee’s health and well-being such as i. Ineffective organization of work ii. Harassment and violence in the workplace iii. The need to balance work and family responsibilities (e.g., elder care, child care) iv. Promote healthy lifestyles Occupational illness—A harmful condition or sickness that results from exposure in the workplace to a biological, chemical, or physical agent or an ergonomic hazard. Occupational safety—The maintenance of a work environment that is relatively free from actual or potential hazards that can injure employees. Personal protective equipment (PPE)—Any device worn by a worker to protect against hazards. Some examples are respirators, gloves, ear plugs, hard hats, safety goggles, and safety shoes. Physical agent—A source of energy (e.g., noise, radiation, vibration, heat) that affects the

69

body, a part of the body, or any of its functions. The effects may be beneficial or harmful. Preventive maintenance—A system for preventing machinery and equipment failure through: • • • • •

Scheduled regular maintenance Knowledge of reliability of parts Maintenance of service records Scheduled replacement of parts Maintenance of inventories of the least reliable parts and parts scheduled for replacement

Procedure—A step-by-step description of how to properly perform a task, job, or activity. Risk—The probability of a worker suffering an injury or health problem, or of damage occurring to property or the environment as a result of exposure to or contact with a hazard. Root cause—The real or underlying cause(s) of an event. Distinguished from immediate cause(s) which are usually quite apparent. Task—A set of related steps that make up a discrete part of a job. Every job is made up of a collection of tasks. For example, answering a phone or entering data into a computer are tasks of a secretary. Task analysis—A technique used to identify, evaluate, and control health and safety hazards linked to particular tasks. A task analysis systematically breaks tasks down into their basic components. This allows each step of the process to be thoroughly evaluated. Also known as job task analysis. Threshold limit value (TLV)—A TLV refers to the airborne concentration of a substance to which it is believed that nearly all workers may be repeatedly exposed day after day (for 8 h per day) without harmful effect. Because of individual susceptibility, however, a small percentage of workers may experience discomfort from substances in concentrations at or below the threshold limit. A smaller percentage may be affected more seriously by aggravation of a preexisting condition or by the development of an occupational illness.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

70

6. OCCUPATIONAL HEALTH, INDUSTRIAL HAZARDS, VULNERABILITY ASSESSMENT, AND SELF-ASSESSMENT

TABLE 6.2 Industrial Hazards Oil Field

Vehicle accidents caused by poor roads Attack from wild animals Slippery walking conditions from rain or oil spills

Urban Parking Garage

Speeding cars Loose handrails Greasy or oil-coated surfaces

Ski Resort

Severe weather Fire in lodges, cabins, or villas Avalanche or ice storms

Logistic Center

Heat exhaustion Deteriorating building construction Falling boxes

Hospital

Radiological waste Wet floors Poor lighting

Workplace inspection—A regular and careful check of a workplace or part of a workplace in order to identify health and safety hazards and to recommend corrective action. Workplace factors that have the potential to cause injury or illness to employees include equipment, materials, processes or work activities, and the environment (Table 6.2).

EMERGING TRENDS Technology continues to help the security professional with the objectives to deter, detect, delay, and deny. If properly implemented, technology can accomplish these goals while decreasing the risk of harm to the security patrol

officer. Digital video analytics, computerized guard tour matrixes, and unmanned or robotic patrols are just a few examples of future security technology that could be used to save lives and increase efficiency. In the industrial, manufacturing, and critical infrastructure protection sector, robots and drones (unmanned vehicle systems) have emerged as an important force multiplier and tool for the security professional. Robots and drones can patrol without fatigue and can cover territory much faster than a walking patrol. Equipped with 360-degree sensors or cameras, these unmanned vehicle systems can detect a heat signal of a person hiding in the shadows of a building, or a person moving behind the vehicle after it has passed by. A tethered drone can provide unlimited flight time while observing activity or conditions on multiple areas of a facility; seeing over sections of vegetation or other buildings. A robot can likewise patrol into areas with hazardous materials, gases, or smoke and conduct an assessment during an emergency that would otherwise jeopardize the lives of rescuers and any workers who were disabled or trapped. While critics of unmanned vehicle systems worry that technology is downsizing human employment in many areas of industry, there seems to be a team approach where robots and drones help the human security professional do his or her job better. For example, patrolling robots may be connected via an intercom through which another person can have a real conversation with a real security professional sitting in a command center. The security professional also makes certain determinations about when and where to send a drone to check on a condition, or what action a robot should take after detecting an incident or intruder. Drones have the ability to patrol remote perimeters or fence lines without risk of injury. At night, equipped with a special infrared camera, a drone may be invisible but able to detect

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FURTHER READING

an intruder or vehicle approaching an unoccupied storage area. When coupled with GPS (Global Positioning System) that tracks a specific asset, a drone or robot may follow along to provide additional observation and security to that asset. Security professionals have continuously experienced the merger of technology with traditional security patrol duties requiring human senses and experience. Since the Certified Protection Professional credential emerged, radio and phone communications have been enhanced into cellular phone and smart phone data transmission. The internet and email connectivity has replaced bulky procedural manuals and log books. While humans remain the weakest part of any security system, because we can ignore or disobey protocols, we also have an abundance of technology that can make us smarter, more efficient, and more effective in our jobs. Computers, network video and access control systems, and now unmanned vehicle systems such as robots and drones, require the security professional to be physically fit for duty, safety

71

minded, with an ability to learn the technology expected by the workplace being protected.

References National Safety Council (NSC). (2019). Supervisor safety development. Retrieved May 13, 2019, from https:// www.nsc.org/safety-training/workplace/supervisorsafety. Occupational Safety and Health Administration (OSHA). (2019). Communication and coordination for host employers, contractors, and staffing agencies. Retrieved May 13, 2019, from https://www.osha.gov/shpguidelines/ communication.html.

Further Reading Critical Incident Response Group, National Center for the Analysis of Violent Crime, FBI Academy, Quantico, Virginia. (n.d.). Workplace Violence. Retrieved from https://www.fbi.gov/file-repository/stats-servicespublications-workplace-violence-workplace-violence/ view. Stowell, H. G. (2018). Force multiplier. Security technology: A supplement of security managementASIS International. https://sm.asisonline.org/ASIS%20Issue %20PDFs/March_Security_Technology_Supplement_ 2018.pdf, pp. 8–11.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

7 Legal Aspects of Security David L. Ray, Linda Watson O U T L I N E Introduction

73

The Development of Our Laws The Common Law Case Law Statutes The Effect of the European Civil Code on Our Legal System

74 74 75 75

Types of Laws—Criminal and Civil Criminal Law Civil Law Administrative Law and Other Standards Labor Laws

76 76 77 79 79

Interaction of Criminal, Civil, and Labor Laws Young Offenders Search and Seizure Evidence The Burden of Proof Trespass

75

79 80 80 81 83 83

Emerging Trends

84

Conclusion

85

References

85

exposure to various actions by acting within the law

C H A P T E R O B J E C T I V ES

• The Development of our laws

• To provide an overview of the development of our current legal system

• Types of Law: Criminal and Civil

• To reduce the liability of the security officer and the employer • To explain how to avoid the costs of litigation and damages for false arrest, illegal search, or failure to provide an appropriate level of security

INTRODUCTION From the earliest times we have created laws to ensure that others will keep their promises, not cause us harm, and act in the best interests

• To describe to the security officer what opportunities are available to minimize risk of

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00007-9

73

# 2020 Elsevier Inc. All rights reserved.

74

7. LEGAL ASPECTS OF SECURITY

of society. Laws may be written, verbal, or implied (e.g., when a customer walks into a restaurant and orders a meal the establishment can assume that the customer intends to pay for that meal). Laws may be based on religious requirements such as the Ten Commandments, the Code of Hammurabi, Buddhist Dharma teachings, the Koran, or other religious codes, and they may also be based on other societal concerns such as business and economics. For our purposes we will define laws as the rules governing society. These rules not only set down our obligations to each other but establish penalties in the form of fines, judgments, or incarceration to punish the perpetrator who breached the obligation or to compensate the victim for the breach. These rules would be ineffective if there were no established procedures for enforcing the obligations, whether a ruling by a tribal chieftain or more modern procedures that provide for search warrants, arrest, incarceration, probation, and so on. Protection officers often provide a role similar to law enforcement, wear a uniform, and are viewed by the public as authority figures who are there to look after their safety and the protection of their property. The protection officer is also involved in activities that are inherently dangerous, which may include protection from criminal activity and life-safety programs such as bomb threats, fire, and evacuation procedures. Trespassers and criminals will view the protection officer as someone who is there to intervene if they commit a criminal act. Protective duties may require the officer to make decisions that raise questions of liability against the officer, the property owner, or the employer. In conducting enforcement duties, the protection officer may be required to arrest, detain, use force, seize property, and testify in court when charges are laid. For all of these reasons, it is important that the protection officer understand his or her duties and responsibilities and the potential liabilities which could arise from them. Their role is complicated by the fact that in some cases protection officers do not have the same

authority that law enforcement has, while in other cases they have more. Protection officers may also be required, in the course of their duties, to ensure that a person’s rights are protected under the US Bill of Rights or the Canadian Charter of Rights and Freedoms. For further information on authority in these areas refer to the chapters on Arrest and Detention and Use of Force.

THE DEVELOPMENT OF OUR LAWS We tend to think of laws as being words written in books and passed by a government authority, but that is only one source of our laws. There are actually three: 1. Common law and the civil code of France 2. Case law 3. Statutes

The Common Law The common law was developed in feudal England. At that time most people could not read or write and, therefore, written statutes would not be of much benefit. In order to resolve issues between citizens they would go to the feudal lord with their disputes. There was an expectation that the feudal lord would be consistent (or common) in resolving these disputes from one issue to another. Citizens therefore believed that “laws” were common throughout the land, even though they were not written down as statutes and there was no written record of the decision. In fact, the decisions were far from consistent and the feudal lords would often have difficulty in resolving an issue and would order that the dispute be settled by combat between the parties (trial by combat). In other cases, the feudal lord would order that there be a trial by ordeal such as drowning, under the assumption that the decision would be made by a “higher power.”

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE DEVELOPMENT OF OUR LAWS

Case Law After the establishment of the royal courts in England, judges would travel out to rural districts to sit at trials and would return to meet at the Inns of Court in London. They would discuss their recent decisions, which led to a greater degree of consistency among them. Law students would sit with the judges and would write reports of the judges’ decisions and these became the first instances of case law that are still used today. Once cases were reported in books, it became much easier to refer to those decisions and follow universal principles. This “case law” is also referred to as “precedent” or “the doctrine of stare decisis.” The principle of case law is fairly simply stated: A court must stand by previous decisions. This case law provides influence in our present-day courts and helps judges to interpret statutes and arrive at decisions which are fair, equitable, and consistent with previous court decisions. Case law also provides defenses to criminal trials (e.g., self-defense) and procedures that govern the police handling of search and seizure processes. The principle may sound fairly straightforward but the common law is still evolving to adapt to changes within our society and, in application, the doctrine can become extremely complex. The weight given to any previous decision of another court will depend on a number of factors including whether the court was within the same legal jurisdiction, the level of the court where the decision was made, or the similarity in the facts of the case.

Statutes Statutes are the law in black and white. As education became more commonplace in feudal England, the government authorities began to pass statutes that would guide everyday life. Today statutes may be passed by any one of several levels of government from municipal right up to federal. Statutes are also continually being

75

amended, new statutes are passed, and old ones are repealed. Our society is constantly changing, and so it is necessary that statutes change as well to meet new requirements or to fill a need in our society. Sometimes the need is economic (e.g., an amendment to income tax laws, to “plug a loophole”) and sometimes the need arises as a result of changes in society (e.g., new computer crime legislation). Regulations on the private security industry have been passed in most jurisdictions. The regulations may address areas of the industry including uniformed staff, private investigators, locksmiths, security officer canine handlers, or armored car services. The regulations may cover training requirements, age restrictions, education, licensing, or criminal background checks. The authority of the protection officer may come from these regulations and from other statutory authority such as extended rights of arrest when acting on behalf of a property owner.

The Effect of the European Civil Code on Our Legal System Prior to feudal times, laws developed differently in continental Europe. The Roman Empire’s early dominance in this part of the world brought a higher degree of literacy, and written Roman law was codified by the Emperor Justinian in AD 533. After the fall of the Roman Empire, the legal system was entrenched in European society. This Roman codified law differed from the English common law because it had been reduced to written statutes whereas the English law comprised the verbal decisions and the particular customs of the landowners and nobles who adjudicated cases. The Justinian Code was similar to our present legal system and included differentiation between public law, which is related to the relationship between the individual and the state (e.g., constitutional law or criminal law) and private law, which is concerned with the relationship between individuals (e.g., commercial law, family law, and

II. PRACTICAL AND OPERATIONAL APPLICATIONS

76

7. LEGAL ASPECTS OF SECURITY

torts). The dominance of Roman law declined in continental Europe but by the 11th century, with the development of international trade and more complex business arrangements, the Justinian Code returned as a standard. This system of laws is referred to as civil law. When William the Conqueror occupied England in 1066, he was astute enough to realize that the English common law system should not be replaced entirely by the civil code. He established royal courts which allowed the system of precedent to continue but developed consistency in the application of laws and introduced written statutes based on the Roman law or civil code principles which could clarify the common law. Our legal system today is a marriage of those two traditions. In 1804, the Napoleonic Code was created in France; it addressed issues of equality of the classes and was the predecessor of modern human rights legislation. The civil law system and the Napoleonic Code still have an effect today on many of the states that were originally settled by the Spanish and on the Canadian Province of Quebec. Today, the term “civil law” not only refers to the system of laws found in Europe and other noncommon law jurisdictions, but also to our system of private law that allows one citizen to recover damages from another.

example, it is an offense to assault someone, but criminal law treats assault as an offense against society and it is the state which initiates prosecution against the offender and imposes the punishment. If a fine is imposed, it will be paid to the state or the offender may be imprisoned in a state institution. The prosecutor acts on behalf of the state, not on behalf of the victim (although in some cases, there are provisions for private prosecutions or compensation for victims of crime). Types of criminal offenses vary from jurisdiction to jurisdiction, but they are generally divided into those that are more serious (felonies in the United States and indictable offenses in Canada) and those that are less serious (misdemeanors in the United States and summary conviction offenses in Canada). Table 7.1 details examples of criminal offenses and Table 7.2 lists the different powers of police, security, and prosecutors.

TABLE 7.1 Examples of Some Types of Criminal Offenses Crime

Description

Murder

Intentional and unlawful taking of the life of another and may include a death resulting from the commission of another crime (felony murder)

Manslaughter

Causing the death of another as a result of negligence or a reduced level of intent

Protection officers may be involved in the enforcement of laws or as a witness in both civil and criminal proceedings and should understand the fundamental difference between the two.

Assault

Deliberately causing menace or bodily harm to another

Kidnapping

Unlawful confinement of another and may include false imprisonment

Sexual offenses

Sexual interference with another without their consent

Criminal Law

Arson

Unlawful and deliberate destruction of property by fire

Burglary

Breaking into a premises with the intent to commit a criminal offense

TYPES OF LAWS—CRIMINAL AND CIVIL

Criminal laws appear to be established to protect people, but they are actually passed to ensure peace and good order in society. For

II. PRACTICAL AND OPERATIONAL APPLICATIONS

77

TYPES OF LAWS—CRIMINAL AND CIVIL

TABLE 7.1 Examples of Some Types of Criminal Offenses—cont’d Crime

Description

Robbery

Unlawfully obtaining the property of another through threats or infliction of bodily harm

Theft

Unlawful taking of the property of another. There are also offenses for possession of property obtained by crime

Forgery

Creating a false document for the purposes of depriving another

Disorderly conduct

Causing a public disturbance

Willful damage

Unlawfully causing damage to the property of another

Computer crime

There are a number of computer crimes related to the unlawful altering or deletion of data or the unauthorized use or misuse of a computer

Bribery

Providing or receiving an unlawful benefit in return for doing or forbearing to do something in relation to employment or office

TABLE 7.2 Criminal Law Powers—cont’d Private Security

Public Police

Indict

Only when by private prosecution

May lay charges

May authorize or lay charges

Prosecute

Only when by private prosecution

Usually turned over to prosecutor

Yes

Prosecutor

Civil Law

TABLE 7.2 Criminal Law Powers Private Security

Public Police

Prosecutor

Investigate

Investigate on behalf of private party

Investigate on behalf of public

May have investigative authority

Seize

Some seizure authority on behalf of private party

Criminal powers to seize or obtain search warrants

May have some power to obtain search warrants

Arrest

Citizen’s power of arrest

Criminal law powers

May have some powers of arrest

Unlike criminal laws, the purpose of civil law is to protect private rights and not public rights. In civil cases, the individual who has been wronged will undertake the civil action. The public prosecutor will not be involved, and the individual must pay for his own attorney and hire an investigator if one is required. Any award that the court orders the defendant to pay will go to the victim (plaintiff) and not to the state, as it would in the case of a fine. Any particular cause of action may be both civil and criminal. If someone is assaulted, the police may investigate the matter as a criminal assault and the person responsible may be charged with that criminal offense. At the same time, however, the person assaulted may decide to sue civilly for damages for the assault and battery. Both cases may proceed at the same time, although through a different court system (see Table 7.3). The person responsible may be fined or sentenced to jail in the criminal court but also ordered to pay damages in a civil court. Some areas of the civil law are as follows: Contracts—The law covering binding agreements between two or more parties. For example, a contract to provide security personnel to protect a property. Warranties—A special type of promise or statement. For example, a guarantee that a fire extinguisher is effective on a certain type of fire.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

78

7. LEGAL ASPECTS OF SECURITY

TABLE 7.3 Crime and Civil Law Comparisons Crime

Civil Wrong

Theft

Conversion

Assault

Assault or battery

Trespass

Nuisance

Agency—An important concept in the security industry. Agency raises a question of whether one person is acting on behalf of another. For example, a protection officer uses excessive force in subduing a suspected shoplifter. Is the protection officer an agent of the retail establishment and is the establishment therefore responsible for damages (vicarious liability) that may have been inflicted in the course of the arrest? The authority of the protection officer comes from the agency relationship with the property owner, occupier, or employer that they are assigned to assist. That authority may be addressed in the contracts issued or by internal policies set up by the customer or employer. There may also be a number of written procedures, manuals, or post orders that provide instructions on the completion of duties whether the protection officer is contracted or in-house. These written instructions give the officer authority as directed by the property owner or employer but can also make them vicariously liable for the actions of the protection officer. Torts—A tort is a civil action that may be an intentional wrong (e.g., assault, battery, wrongful imprisonment, or defamation) or may be negligence (e.g., the failure to provide an appropriate level of security in an employee parking lot). Many intentional torts are closely aligned to criminal offenses but Table 7.4 illustrates some others.

TABLE 7.4 Examples of Some Types of Torts Tort

Description

Intentional infliction of mental suffering

Often initiated in conjunction with torts of assault, battery, or false imprisonment. Causing fear, shame, embarrassment, or other emotional distress

Malicious prosecution

Knowingly initiating a legal proceeding that does not have cause

Defamation

Making or publishing a statement that is untrue and causes damage to another

Invasion of privacy

Unreasonable and offensive intrusion on the private affairs of another. Note that this may also be regulated by privacy statutes

Civil liability has caused increasing concern for the business community, and damages in court actions have increased insurance premiums; hence, some types of liability insurance have become prohibitive to organizations. Executives and property owners have found it necessary to defend against these crippling costs by increasing security measures and through stringent screening and training. The protection officer has a strong role to play in protecting businesses against civil liabilities. Negligence may result in liability during the performance of or failure to provide security duties. Negligence is an actionable cause under common law so that someone who suffers damages as a result of the negligence of another may sue to recover their losses. Negligence may be due to failure to provide an appropriate level of security, failure to have a contingency or evacuation plans in place, or failure to warn someone who is at risk as a result of a security exposure. Negligence can also be established through statutes such as occupiers’ liability or occupational

II. PRACTICAL AND OPERATIONAL APPLICATIONS

79

TYPES OF LAWS—CRIMINAL AND CIVIL

health and safety legislation. Those statutes require that the occupiers of premises provide a safe work environment not only for employees, but also for visitors to the property and sometimes even trespassers. It is the security officer’s duty to assist the property owner in reducing risks on the property and to recommend appropriate methods of handling those risks. It is also the security officer’s duty to ensure that emergency procedures are properly followed, that training takes place to ensure those procedures work, and that everyone is familiar with them.

Administrative Law and Other Standards The security industry is also regulated by a number of other rules and these, together with quasi-governmental standards, may create liability if not properly followed. In the United States, these regulations include those passed by the Offices of Homeland Security and the Inspector General or any one of a number of federal, state, or local authorities. Both Canada and the United States have federal regulatory requirements such as defense, air and commercial transport, port security, and government operational security regulations. There are also a number of other standards that are not regulated, such as those from the International Organization of Standardization or Canada Standards Association, that have recommended standards for the security industry. Many trade associations such as ASIS International have published security standards, as have industry groups (e.g., the chemical industry’s security code). Despite these standards not being regulated by law, organizations should be aware of them as they may be used in a civil or criminal action to suggest that the organization did not meet a generally accepted industry norm. Insurers may also publish standards (e.g., terrorism security requirements) that affect premium rates, or the insurer may assess whether the organization is meeting some of the standards

indicated above to assess premiums, risk, and liability.

Labor Laws Labor laws are established to set parameters for employers and employees or their counsel, associations, and unions to develop and enforce employment contracts. Table 7.5 delineates differences among criminal, civil, and labor laws.

Interaction of Criminal, Civil, and Labor Laws It is a common misconception that initiation of procedures in one sphere of the law will preclude or forestall action in another. For example, if one employee assaults another at the work site the police may be called in to initiate a criminal investigation, but this does not preclude the assaulted employee from initiating a civil action for recovery of damages or the employer from terminating the offending employee for the

TABLE 7.5 Criminal, Civil, and Labor Law Criminal Laws

Civil Laws

Labor Laws

Purpose

Protect the public good

Compensate for damages

Imposition and enforcement of employment contracts

Applies to

Whole community

Private parties

Employers and employees

Responsibility Public for handling prosecutor Potential outcome

Attorneys for Management the parties and union

Fine or Damages or incarceration court order

II. PRACTICAL AND OPERATIONAL APPLICATIONS

Court or arbitration award

80

7. LEGAL ASPECTS OF SECURITY

workplace infraction. In fact, there may be other parallel regulatory actions such as an occupational health inquiry or an arbitration hearing to assess the grounds for termination.

Young Offenders Legislation exists requiring special treatment of juveniles (they may also be referred to in legislation as minors or young offenders) in the course of interviews, detention, or arrest and the protection officer should be familiar with legislation for their local jurisdiction. Legislation will vary in terms of the age prerequisite, may require the presence or notification of a parent or guardian, or may include liability for failure to properly protect the confidentiality of the young offender’s personal information.

Search and Seizure What are the rights of the protection officer to conduct searches and seize property at the work site? Many employers have policies that establish procedures for searches of vehicles, lockers, or personal effects in order to deter theft, misuse of company property, or the possession of illicit drugs or alcohol on site. When these policies are challenged by labor unions or through the courts, the company may be required to establish that the search was reasonable, that there was some evidence to believe an employment offense had taken place, and that the search would result in the discovery of further evidence. The company may also be required to show that the policy is applied consistently within the workforce or facility and that it does not target specific individuals or groups. Courts and arbitrators will try to strike a balance between the rights of the employer or visitor and the right to privacy of the individual. They may also look at whether the company considered all other reasonable investigative means before embarking on search procedures. This is especially true in cases where

searches are conducted on employees or their personal effects, as the company will be required to show that they established procedures to protect the privacy of its employees. The Private Security Advisory Council (US National Advisory Committee, 1976) advises that the following are instances where there may be legitimate grounds for a search: 1. Where there is consent by the person being searched. 2. Where there is implied consent as a condition of employment. 3. Where it is incidental to a valid arrest (although some jurisdictions require probable grounds for the conduct of the personal search). 4. Where it is incidental to valid conditions (e.g., as a condition of boarding a commercial aircraft). Many companies also have policies requiring people to submit their vehicles or personal effects to search on leaving the property. These are usually in conjunction with a notice at the entrance indicating that these items may be subject to search. Even though an employee or visitor may imply that they will allow their vehicle or personal effects to be searched by entering the property, they have the right to change their mind while on the property and may refuse to comply with the search when leaving. The protection officer should not force the issue and should simply report the matter. Management then has the opportunity to treat it as a disciplinary infraction if it is an employee, or has the right to refuse further entry if it is a contractor or visitor. During the course of a consented search, the protection officer has the right to seize items found, such as the following: 1. Property of the employer or property owner that the officer is required to protect and for which the subject has no obvious permission to possess.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

TYPES OF LAWS—CRIMINAL AND CIVIL

2. Evidence of the commission of a crime (i.e., company property, burglar tools, controlled substances, etc.). 3. Weapons that could be used to injure the officer, an innocent third party, or the subject. 4. Items that could help the subject escape detention. If no consent exists, the protection officer has no right to conduct a search. Any items found as the result of an illegal search cannot be seized and may not be accepted in judicial proceedings. However, any of the previously listed items that are in plain view may be seized because the seizure is not the result of a search. All authorized searches and seizures must strictly comply with established procedures developed by the employer or property owner. Additionally, protection officers should be familiar with statutes for their jurisdiction concerning search and seizure by private persons. This will minimize the possibility of criminal or civil actions against the officer and the employer or property owner. Familiarity with the local laws will also help assure that the employer’s or property owner’s policies and procedures concerning search and seizure are in compliance with the statutes. Searches are very personal and can cause great embarrassment, especially if the subject has committed no crime. Searches should be conducted discreetly to minimize public embarrassment for the subject and adverse public/ employee reaction to the officer conducting the search.

Evidence Evidence is the proof that is required to establish the guilt or innocence of the accused. Evidence may be one of the following: 1. Real—a physical object, a gun, a piece of stolen property. 2. Documentary—a contract, a photograph.

81

3. Testimony—the oral statement of a witness while under oath. Evidence must meet certain requirements in order to be admissible in court. For example, a protection officer seizes a stolen computer from an accused, but fails to secure the evidence before it is turned over to the police. Several months later, the officer is called to testify in court. He is presented with the computer and asked if it is the same one that was taken from the accused. He is forced to admit that he cannot be certain. The judge refuses to admit the evidence and the accused goes free. Chain of custody requires that real evidence remain basically unchanged since time of acquisition and this is best achieved with chronological tracking of custody and transfer of anything that may be required for court purposes. Any real or documentary evidence must be protected from the time it is obtained. If possible, an identifying mark (e.g., initials and the date) should be put on it so that the officer can later identify it in court. Extensive notes should also be taken during the inquiry, or immediately after, while it is still fresh in the mind of the investigator. The judge will place a great deal more weight on testimony where a witness’s memory can be refreshed from notes made at the time of the inquiry. The time that passes from the event to the trial can be several months or even years and the importance of notes cannot be overemphasized. The protection officer should also ensure that reports are accurate and detailed. The report itself may be entered into evidence and the officer may be required to explain discrepancies. Likewise, statements taken from witnesses should be accurate and detailed. The officer should properly prepare for any trial or discovery hearing and questions should be answered as clearly and directly as possible. Many witnesses lose credibility because they are afraid to answer a question by saying “I don’t know” or by trying to answer a question that has not been properly clarified.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

82

7. LEGAL ASPECTS OF SECURITY

Any one of the forms of evidence indicated above may be direct or circumstantial. Direct evidence proves the facts in issue directly. Circumstantial evidence proves the facts in issue indirectly. A smoking gun does not prove that the person holding it pulled the trigger, but the inference may be drawn and therefore circumstantial evidence may be admissible in court. It is a common misconception that a person cannot be convicted on circumstantial evidence alone. If the evidence is admissible and the case is strong enough, then it does not matter whether it is circumstantial or direct. The common law developed a rule making hearsay evidence (assertions of someone other than the witness who is testifying) inadmissible in court, but exceptions to the hearsay rule are as important as the rule itself. The rule was developed so that the court would hear from the person who uttered the words rather than having those words repeated by someone else. One important exception to the hearsay rule is testimony from expert witnesses. Normally a witness is only allowed to testify about matters that they saw or heard but, where a court accepts a witness as an expert on a certain matter, that witness can testify based on their education and professional experience. Another exception is business and banking documents that, depending on evidentiary statutes for the jurisdiction, may be accepted as proof of their content. Another important exception to the hearsay rule is the admissibility of confessions in court. A protection officer would not normally be allowed to repeat (in court) a statement made by a suspect, but if the statement is accepted as a confession, it may be admitted as long as it was voluntary. A confession cannot be admitted in court as evidence if there were threats, intimidation, or promises that induced the accused to make the statement. A threat does not necessarily have to be a threat of violence. A threat to terminate someone’s employment if they don’t tell the employer what happened may be enough to question whether the accused confessed because he really did it or whether he

confessed because he wanted to keep his job. Similarly, a simple promise that “things will go better for you if you tell us what happened” may be sufficient to question the reliability and admissibility of a confession. Usually the police will be involved in interviewing an accused to receive a confession, but there may be occasions where a statement made to a protection officer will amount to a confession and may later be used as evidence in court. A confession is simply a written or oral statement made by an accused. Even a denial by the accused may amount to a confession if the prosecutor is able to prove that the accused lied in making the denial (e.g., an attempt to set up an alibi). The protection officer should keep detailed notes of anything that an accused says because it may later contradict a statement made to the police. For example, an accused may tell the protection officer that he wasn’t in the area when the offense was committed, and he may later tell the police that he was in the area but he didn’t do it. The two statements constitute a lie and may be admissible in court as proof of guilt. Interviewing witnesses and suspects requires techniques that not everyone can master to the same degree. Generally, the protection officer will interview witnesses, victims, and/or suspects during a preliminary investigation. More thorough interviews may be done later by investigators or law enforcement personnel during the follow-up investigation. A bad interview during the preliminary investigation can cause information obtained during later interviews to be unusable. The protection officer should know what he or she legally can and cannot do during interviews. Under the Miranda rule in the United States and Charter of Rights requirements in Canada, the police are required to advise an accused of their right to counsel, that they are not required to make a statement, and that the statement may be used at trial. There is no duty to “Mirandize” or Charter Caution the private individual who gives a confession. There have been

II. PRACTICAL AND OPERATIONAL APPLICATIONS

TYPES OF LAWS—CRIMINAL AND CIVIL

some attempts to argue that private security may be in a “position of authority” in conducting investigations and interviews and therefore the US Fifth Amendment or Canadian Charter rights apply. These challenges have been largely unsuccessful, although in Canada it has been held that an employer in a governmental function (e.g., federal, provincial, or municipal government bodies) must follow Charter provisions in conducting investigations. Generally, the protection officer needs only to ensure that the confession was willingly given. A confession need not be a lengthy written statement; it may be a simple oral statement such as “I shouldn’t have taken it.” The officer should accurately note any statements by the accused so that there will be no confusion later in court as to exactly what was said. If the officer has occasion to interview a suspect, the following steps will help ensure the admissibility of a confession: 1. The suspect must be offered a chance to contact counsel and should be given the opportunity to carry on a private conversation with counsel. 2. The object of the interview is to learn the truth, not to induce a pattern of deceit or obtain answers that the questioner wants to hear. 3. There should be no actual or implied threats or promises. 4. The accused should be given the opportunity to give a full explanation. 5. The accused should be questioned in a language and phraseology that they understand—“legalese” or technical terms not known to the accused should be avoided. 6. The interviewer should not ask ambiguous questions. 7. The interviewer should not be aggressive or abusive to the person being interviewed. 8. Where possible, a signed statement should be obtained, and a second witness should be present.

83

The Burden of Proof The burden of proof is different in a civil action than it is in a criminal matter. In a civil action the plaintiff need only prove their case on a balance of probabilities, while in a criminal trial the prosecutor is required to prove guilt beyond a reasonable doubt. This is why a plaintiff may be successful in a civil matter while the same defendant may be found not guilty in criminal court for the same set of circumstances. As an example, O.J. Simpson was found not guilty in criminal court, but the families of his victims were successful in a civil action for wrongful death. Some jurisdictions apply a burden of proof somewhere between the two in labor arbitration cases involving moral turpitude (e.g., workplace theft). They may use terms such as “clear and convincing evidence” or “a preponderance of evidence.” In a criminal trial in common law jurisdictions, the burden is always on the prosecutor to prove that the accused is guilty beyond a reasonable doubt. The onus is not on the accused to show that he is innocent. This has been referred to as the “golden thread” that runs through our judicial system. Because of this rule, the security officer must take steps to protect the admissibility of any evidence that is collected.

Trespass Both the common law and statutes recognize the property owner’s right to control access to, use of, activity on, and protection of their property. The employer or property owner designates the protection officer as their agent to protect the property and enforce their guidelines concerning it. Many protection officers are responsible for property with public access for business or recreation purposes and, as a result, it may seem difficult to determine when a trespass occurs. Generally, one or more of the following must be present for a trespass to occur:

II. PRACTICAL AND OPERATIONAL APPLICATIONS

84

7. LEGAL ASPECTS OF SECURITY

1. The subject does not own or have other legal rights to access the property. 2. The subject must know this. 3. The subject does not have the permission of the property owner or agent (i.e., the protection officer, tenant, etc.) to enter upon or remain on the property. 4. The property is posted in accordance with local ordinances with signs prohibiting trespass or fences and/or other barriers present that would cause a reasonable person to believe they are not to enter the property. 5. The property owner or agent has lawfully requested the subject to leave the property. 6. The subject enters the property, or refuses to leave, after seeing posted notices or physical barriers, or after receiving a lawful request to leave. The protection officer should be familiar with the statutes and local regulations concerning trespass to assure that he or she is acting within the law when dealing with a possible trespass. Generally, the protection officer will not have to arrest a trespasser unless the subject is suspected of or known to have committed other crimes on the property or unless the suspect had been previously evicted from the property and has returned when instructed not to do so. In most cases, the subject will leave when advised that they are trespassing. In others, the subject may not leave unless the protection officer tells them that the local police will be contacted to arrest the individual for trespass. However, if the protection officer must make an arrest, he or she must know the statutes and regulations for that jurisdiction concerning arrests by private citizens, property owners, or agents. The second trend is the shrinking world and increased globalization of business. One of the consequences of this trend is the accessibility of terrorists to businesses in North America and abroad and the resulting increase in the number of regulatory requirements to properly protect organizations and people. The second

consequence is the requirement that organizations and the security industry be cognizant of the requirements of foreign governments in order to do business abroad and to engage in international trade. These sometimes result in a conflict of laws or cultures that ultimately produces more regulations, such as foreign corrupt practices laws.

EMERGING TRENDS I selected several new laws from the Commonwealth of Massachusetts, realizing they differ from state to state, but these are current social issues as well as law in Massachusetts. Massachusetts General Laws: Harassment Order 258 E: Three or more acts (1) aimed at a specific person, (2) was willful and malicious, (3) intended to target the victim with the harassing conduct or speech, or series of acts, on each occasion; (4) conduct or speech, or series of acts, were of such a nature that they seriously alarmed the victim; or (5) one act that by force, threat or duress causes another to involuntarily engage in sexual relations; or (6) one act that constitutes one of the crimes of sexual assault, harassment, and stalking. Restraining Order 209A: Suffering abuse: Causing physical harm; placing another in fear of imminent serious physical harm; causing another to engage involuntarily in sexual relations by threat; or force or duress. Includes family or household members who are married or living together; related by blood or marriage; have a child together regardless of living arrangement; dating, or engaged. Stolen Valor Ch. 272 section 106: (a) A person commits the crime of stolen valor knowingly, with the intent to obtain money, property, or any other tangible benefit. Transgender Laws Ch.272 section 92A: Transgender people must be allowed to use public facilities (including restrooms and locker rooms) consistent with their gender identities.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

Synthetic marijuana Ch.94C section 31: (K-2, Spice) is a controlled substance in Class C. Fentanyl Ch.94C section 32E: (c1/2) Any person who traffics in fentanyl, by knowingly or intentionally manufacturing, distributing, dispensing, or possessing with intent to manufacture, distribute, or dispense or by bringing into the commonwealth a net weight of more than 10 g of fentanyl.

85

requirements directly related to protective services or requiring adaptations to the way we undertake business because of legislation such as human rights, privacy requirements, or occupational health and safety regulations. This increased complexity has necessitated protection officers to undergo constant training, updating, and research to stay abreast of the legal requirements to undertake protection work.

CONCLUSION A review of the development and current status of our legal system reveals two important trends. The first is the ever-increasing number of laws, regulations, and standards being imposed on industry. These include legal

References US National Advisory Committee on Criminal Justice Standards and Goals. (1976). Private security: Report of the task force on private security. Washington DC. [PDF file]. https://www.ncjrs.gov/pdffiles1/Digitization/40543 NCJRS.pdf.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

8 Patrol Principles John E. O’Rourke O U T L I N E Purpose of Patrol Pre-Patrol Analysis Patrol Deter Detect Delay Deny Emergency Response Ancillary Supportive Functions of Patrol

88 88 88 89 89 90 91 91 91

Types of Patrol Post Position Mobile Patrol Virtual Patrol Fixed Post

92 92 93 93 93

Preparation for Patrol Code of Conduct Policy Training Post Orders and Patrol Procedures Equipment Incident Investigations and Responsibilities Liaison With Law Enforcement Emergency Response Supervisory Oversight Rest, Relaxation, and Exercise Awareness and Familiarity Pre-Patrol Intelligence

93 93 93 94 94 94 94 94 95 95 95 96

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00008-0

Body Cameras for Law Enforcement and the Private Sector Legal Issues With Audio Recording Training Deportment

96 96 96 97

Equipment Check

97

Techniques of Patrol Comfortable Shoes Flashlight Stop, Look, and Listen Baseline Tactical Maneuvering Predictably Unpredictable Vehicle Positioning Hands Nonverbal Communications Enhance Security Measures

97 98 98 98 98 99 99 100 100 100 101

Unethical Unprofessional Practices Critical Thinking

101 102

Emerging Trends 103 ESRM Board Initiative—Executive Summary 103 ESRM Board Initiative—Goals 104

87

Conclusion

104

References

104

# 2020 Elsevier Inc. All rights reserved.

88

8. PATROL PRINCIPLES

PURPOSE OF PATROL Pre-Patrol Analysis Today, everyone’s perspective on safety and security is malleable. For the layman, this is due in part to the 24/7 news coverage. What once were local events occurring in far off towns and states are now covered and shown throughout the country. This level of coverage creates an awareness and anxiety level not seen before in the hearts and minds of the average person. For the security practitioner, the present threats and changing methodologies of perpetrators create unique challenges which require continuous reviews of security policies, protocols, and procedures. With the onset of technology, security professionals have an array of tools at their disposal. Security cameras now have analytics with facial recognition and behavioral analysis as well as infrared technology which can see in complete darkness. Burglary systems have layered measures of detection including motion sensors, glass breaks, and door and window contacts. Even doors and locks have improved, providing a greater degree of security than ever before. Despite all this, there still is a need for a physical security presence, that is, the patrol officer. Whether inside a command center— monitoring security cameras and alarms systems—or out on patrol, conducing physical checks—a security officer is necessary to augment the advances in technology. Security patrol, which is the focus of this chapter, is the oldest method of providing security and dates to 1400 BC in ancient Egypt. Although it is the oldest component of physical security, the patrol is still an integral tool in a comprehensive security program.

Patrol Effective patrol programs are designed around a set of findings usually based on a security assessment or survey. These studies look at

threats that exist for the asset or assets planned on being protected. Threats can be man-made or natural. Part of the assessment process is to identify vulnerabilities which exist and to put forth recommendations to mitigate those vulnerabilities. Another part of the assessment is to review the existing security measures in place. From here, recommendations are made to enhance the face of security, normally through a variety of measures, including that of a physical security patrol presence. A security presence is more than just an officer or guard, locks and bolts or alarm systems and fencing. To effectuate a sound security program, security and its applications, both technical and physical needs, must be coordinated in such a way to fit into the environment being protected and at the same time display a firm and secure presence. This can be a challenge in the hospitality setting where the main purpose is to create an open and inviting environment. Because different settings require different security applications and modes of patrol, a security assessment is extremely important before deploying security patrol officers. Once the assessment has been concluded and the areas of vulnerabilities identified, the security solutions can be put in place. Regardless of what those solutions are, security patrol will be based around the protection of assets. There are three asset categories which need protection: People, Property, and Information. Not all patrol assignments center around protecting all three. With the recent increase in workplace violence, active shooter events, and terrorism, protecting people has become a challenge with the threats being diverse and ever changing. Nonetheless, security officers can play an important role in the protection process. Next, protecting property may be the most obvious form of asset protection by a security officer. Images of a night watchman or a security officer standing post outside a front entrance to a business comes to mind. Finally, there is the asset most neglected and overlooked by the less trained and educated

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PURPOSE OF PATROL

security professional, which is information. Whether protecting a prominent individual or high-valued artifacts and merchandise, the information around who or what is being protected should be confidential. Patrol methodologies and assignments will concentrate on delivering a proper level of protection to each asset category. A well trained, properly attired, and professional security officer is crucial to effectively deliver security patrol services. Officers are the face of security and should convey a sense of confidence, knowledge, and reliability. Moreover, security officers should evoke a feeling of safety and security, not only to those being protected but from their supervisors as well. A properly orchestrated security program will have designed their protective measures around what is known in the industry as the “Four Ds of Security.” Whether using technology or a security officer, physical protective measures are built around the principle of Deter, Detect, Delay, and Deny. A security officer should deliver their protective services with the same principle in mind. Let us explore the principle of the “Four Ds:”

Deter Measures in place which can deter unwanted behavior or criminal activity are locked doors, restricted areas, security cameras, fencing and security patrols. Policies and procedures are also part of the deter methodology. Moreover, a properly designed physical security system will layer the protective measures. For example, a fence may be the first layer; a locked exterior door would be another layer and a burglar alarm system another layer. Security cameras add additional layers to security. Interior layers of security would be additional locked doors, alarm systems, and safes. Someone with malevolent intentions seeing such security measures in place may be dissuaded from their intentions. A security officer is part of a layered security system. The purpose of a security officer on

89

patrol is to have a physical presence protecting the assets. Most often, a security officer is part of a greater security program. However, there are times—besides locked doors and windows—a security officer is the only physical security measure utilized. However, there is more a security officer can do rather than just be part of a layered system. A security officer can become a deterrent in and of themselves. An alert and attentive officer can be a powerful deterrent against unwanted behavior, including possible criminal activity. Officers must be strict in enforcing policies and not permissive to clearly defined wrong behavior. An example of this would be allowing an employee to tailgate behind another employee rather than using their access card. Another example would be allowing an employee to keep a door ajar while they temporarily go outside to get something out of their car or smoke a cigarette. Enforcing compliance with organizational policy by all employees, regardless of their position, is a strong deterrent against more troubling behavior. Those watching, wishing to penetrate the security system or take advantage of their employer will be less inclined to do so with a security officer who upholds strict compliance to the organizational rules. Part of an officer’s patrol responsibilities and a deterrent method is having security officers test and inspect fire and burglary alarm systems. An officer should periodically check alarms, locks, security cameras, and lighting to ensure measures which have been put in place are functioning correctly. Any item which has been found to be nonfunctional should be reported to the appropriate department for repair and/ or replacement.

Detect Detecting unwanted or criminal activity can be a challenge, especially for a security officer on patrol. Nonetheless, this is the fundamental reason a security officer is utilized. It is imperative that officers have the requisite skills to

II. PRACTICAL AND OPERATIONAL APPLICATIONS

90

8. PATROL PRINCIPLES

patrol diligently and be able to identify activity which is contrary to policy, or criminal in nature. Often, the signs of criminal or unauthorized behavior are subtle, not overt. A well-trained and well-versed security officer will be aware of this fact and be alert to all activity taking place during their post or patrol. Whether out on patrol, on a post or inside a command center watching security monitors, a security officer should be alert and aware of activity in and around their patrol assignment. Security camera technology has improved to create alerts which notify a security officer of activity taking place on screen. This technology has improved tremendously aiding in facial recognition, item identification, and can even acquire a memory on what a certain camera view should look like. When that view changes, such as someone placing a backpack down and leaving it there—the system can send an alert to security. A security officer should take full advantage of the technology available to them at the specific site they are protecting. Regardless of the technology available, whether it is smart analytics or a simple security camera system, management should ensure the technology is set up appropriately to aid the security officer in their duties. To assist a security officer with detecting unwanted or criminal behavior it is important that officers have the proper equipment needed for the assignments they have been given. Flashlights, binoculars, and night vision technology are tools which enhance a security officer’s ability to detect activity taking place in and around their patrol assignment(s).

Delay The second part of the “Four Ds” is to deter unwanted behavior, trespassing, and criminal behavior. The security features mentioned in the Deter section also help to delay unwanted intruders from gaining access. Fencing creates a physical barrier which requires either an

intruder to climb over or cut through. In doing so, entry by the perpetrator is delayed, which can become a deterrent and displace the intruder to another location where security measures are not as robust. Regardless, if the intruder is not discouraged, the physical barrier delays access. The longer the access can be delayed the more likely the activity will be observed. And, the longer the delay, the more of a deterrent the barrier becomes. Security measures work together to thwart unwanted behavior. A security officer well versed in the concept of creating delay methods during patrol will be a powerful tool both in deterring unwanted behavior and delaying the actions of those wishing to gain access to an unauthorized area or commit unauthorized activity. Furthermore, a security officer who can recognize security features and understand burglary ratings and categories can coordinate his or her patrol patterns with the security measures that are in place. Often, security officers and their supervisors who are designing patrol patterns don’t understand security features built around the assets they are protecting. For example, a prominent company in New York City has fine art paintings on their corridor wall, each valued upward of $100,000.00. To protect these valuable pieces of art, they have placed frame-locking devices on each painting. These locking devices are not armed but have a burglary rating of 45 min. This rating indicates the degree of protection that the locking device delivers. In this case, the rating is indicating it would take a person 45 min to defeat the lock and gain access to the painting. Other security features present on the company floor are access control doors and a night security officer. On the surface, there appears to be adequate protection. But, as anyone who ever has been in an office building knows, accesscontrolled doors are often left ajar, and sometimes doors fall out of alignment and don’t close on their own. However, on further review of

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PURPOSE OF PATROL

their protocols, it was discovered that the security officer was assigned to patrol the floor every 2 h. It was abundantly clear that the management and the security officer were unfamiliar with burglary ratings and the ratings of those locks they had at their place of business. If they did, a 2-h patrol sweep would not have been set up because it allows plenty of time for a burglar to thwart the layered security and defeat the 45-min delay feature of the lock on the valuable art. When delivering security patrol services, a program should be set up to complement the security features in place for the assets being protected. Setting up a security program and deploying officers should be done in an informed way to exist effectively with the overall protective measures in place.

Deny Each preceding “D” in the “Four Ds” works to achieve the objective of denying access to the assets being protected. The whole concept of protection is focused on denying unauthorized entry to the asset or assets being protected. It is the ideal outcome in protecting assets and can be the hardest goal to achieve. Each operation of a patrol program is designed to aid in denying access, policy violations, thefts, and other unwanted behavior. Nonetheless, burglary ratings and categories illustrate the difficulty in achieving the objective of denying access. Burglary safes, fire safes, locking mechanisms, and even safe rooms have ratings which indicate how long the protective measure will hold up before penetration or degradation to the protective layer occurs. It is imperative that a security officer understands this concept. The goal is to protect and deny access to the assets being protected. However, a security officer who understands each security measure in place can still be ultimately defeated. Whether it is a fence, a locked door or a safe, a security officer should conduct their

91

patrol to complement and become an added layer to the security features in place.

Emergency Response In most security programs emergency response is a preliminary action that provides a basic degree of support until police and EMS can arrive. In today’s world, many communities are closing their perimeter doors to society and instituting their own emergency response system, including EMS personnel and even paramedics. These locations are known as “gated communities” and security officers assigned to these locations are trained as “First Responders” and can often deliver advanced triage and transport victims to local hospitals. With the onslaught of workplace violence and active shooter incidents, emergency response for security officers has changed. Seldom would you see an armed security officer 5 or 10 years ago. However, armed private security is becoming more frequently utilized and deployed at a variety of locations and for a variety of protective services. In many cases, these security officers are retired or moonlighting police officers. Yet there are many who do not have law enforcement experience. Regardless of whether a security officer has law enforcement experience or not, comprehensive training on the use of force and proper handling of a firearm should be conducted. Adhering to the minimum standards set forth by the local government or state is required. Nonetheless, in designing a program where an armed security officer is deployed, training should go beyond the legal minimum standard.

Ancillary Supportive Functions of Patrol Besides the core mission commonly thought of by the security professional regarding protection, there are other services performed by a security officer. On the surface, they may appear to be nonprotective and more administrative or

II. PRACTICAL AND OPERATIONAL APPLICATIONS

92

8. PATROL PRINCIPLES

supportive in nature. However, these ancillary functions are aligned with the methodology of asset protection. Let’s look at some of the supportive functions of patrol and how they are in fact, additional layers of security that creates a comprehensive approach to protection. The investigative process is an example of supportive protection measures and is supportive of the concept of the “Four Ds.” For example, writing a report on a slip and fall incident is much more than just documenting the incident. A properly trained officer will examine the scene for hazards which may have contributed to the fall. He or she will examine the victim, render first aid if needed, and check for signs of impairment. Statements will be taken from the victim and any witnesses. Based on visual observations of the scene, the victim and statements taken, an informed decision can be made to determine the cause of the accident. The investigative process is designed to collect data and allow management to utilize this information to identify problematic areas, problematic employees, and problematic departments. Foreseeability is a legal term which means “The ability to see or know in advance; hence, the reasonable anticipation that harm or injury is likely result of acts or omissions.” The investigative process is at the heart of foreseeability. The information gleaned from a properly conducted incident investigation will help management to recognize workplace hazards, inappropriate and unsafe behavior, lack of supervision, and lack of training. From this process, preventive measures can be instituted to prevent similar incidents from occurring. Security assistance and other concierge services are not often thought of as part of a security officer’s duties. Yet, these services are extremely important in providing protective services. Human relations are an important element in having a safe and secure environment. These services create an open and inviting relationship between people and their security staff. Familiarity with those being protected allows an officer to understand how those under their

command behave, dress, and present themselves daily. Aggression is a process that builds over time with subtle warning signs often overlooked. A security officer familiar with how those under their watchful eye are behaving and normally acting will make it more likely for the officer to spot the unusual behavior, which most violent perpetrators display. It is clear that the purpose of patrol is for the protection of assets, whether it be people, property, or information. A patrol program should be built around this concept with policies and procedures designed to deter, detect, delay, and deny threats to the assets being protected.

TYPES OF PATROL The most common scene that comes to mind of a security officer is either at a stationary post or as a night watchman. Officers on post duty are typically stationed at entry points either onto the property or the building where the assets are housed. Officers with these assignments are primarily charged with controlling access. They will examine identification and check to see if the person visiting has been added in the visitor management system. If not, they will verify if the person is expected and enter the visitor into the visitor management system. However, there are many different types of patrol a security officer can perform. Some blend into one another and others stand alone. The various types of security patrol will be examined here:

Post Position A post position is an assignment where an officer is responsible for maintaining the integrity of a certain area. That area can be an access point at an entry point onto the grounds of a company’s property, or at the front door into the facility itself. Other post assignments can be for traffic detail, pedestrian control, or safeguarding a specific area requiring additional protection.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PREPARATION FOR PATROL

Officers assigned to a post position must strictly adhere to their post unless otherwise instructed.

Mobile Patrol A mobile patrol is just as it sounds. A security officer is assigned to be active and mobile during their shift. Officers on mobile patrol will either perform this function on foot, or by means of a motorized vehicle, or in some parts of the world on horse or camel. On other assignments, a boat or helicopter may be necessary. Regardless of the mode of transportation, an officer on patrol must ensure his or her designated area is thoroughly patrolled and inspected.

Virtual Patrol With technology being used more frequently, especially with the protection of high-net-worth assets, an officer may be positioned inside a command center where security cameras and burglary, fire and environmental alarms are utilized to monitor the assets being protected. An officer tasked with monitoring this technology should do more than just wait for an alarm to sound. Virtual tours, going through each camera view, should be conducted periodically to support any field officers on patrol. When no security officers are deployed, a command center officer should conduct these “virtual tours” as if they were on patrol themselves. Stationary views should be examined, and Pan, Tilt Zoom (PTZ) cameras should be used to view each nook and cranny the camera’s view can get to. Moreover, the alarm systems should be examined to ensure all door, window, motion, and environmental sensors are registering correctly and are not in “trouble mode” or inadvertently bypassed.

Fixed Post Many companies have what is called a fixed post. For example, the rear loading dock area where deliveries and pickups are conducted,

93

sign in for vendors, even special packages received by the loading dock, and all recorded and accounted for. You could say the front desk is a fixed post. The secret here is to cross-train the various posts for efficiency.

PREPARATION FOR PATROL Preparing for patrol begins with management designing a program which is holistic and addresses the threats and vulnerabilities existing at the place of protection. First, management needs to develop a set of policies and procedures. Keep in mind, documents are obtainable through the discovery process in all legal matters. All policies should be approved by legal counsel prior to implementation. The following are some of the areas management should focus their efforts on.

Code of Conduct Policy A code of conduct outlines how security officers are expected to behave and comport themselves during their patrol. It sets the ethical standards for conduct within the work environment. Sexual harassment and discrimination are a few of the critical topics normally covered within the code of conduct policy.

Training Training is the foundation for proper security protection and performance by officers. It is important to check with local and state government to ensure all requirements for a security officer are met. Certain jurisdictions require government-issued certification prior to being able to work as a security officer. Keep in mind that government-issued certifications signify minimum standards, not advanced certification. A robust training curriculum will better enable a security officer to perform his or her duties and properly protect the assets being safeguarded. Areas of training should

II. PRACTICAL AND OPERATIONAL APPLICATIONS

94

8. PATROL PRINCIPLES

include, but shouldn’t be limited to, situational awareness, emergency and crisis communications, basic first aid, radio procedures, incident investigation and documentation, network video system monitoring, workplace violence, active shooter, workplace hazards, social engineering, as well as the study of kinesics (nonverbal communication).

Post Orders and Patrol Procedures A set of post orders, patrol procedures, and a reporting structure should be established. Each responsibility to be performed by the officer needs to be outlined with specificity as well as what the command structure will be. Documentation and reporting protocols should be covered in this procedure as well.

Equipment The uniqueness of the assets being protected will determine the type of equipment which is needed to aid a security officer with his or her duties. The types of equipment normally issued are monitors for viewing security cameras, patrol vehicle, flashlight, guard tour wands, radio, cell phone (used as a secondary form of communication and can serve as a camera when needed), first aid kit, oxygen tank, and automated external defibrillator (AED). Lastly, the attire of a security officer should be professional; much consideration should be given in determining the type of uniform or clothing a patrol officer will be wearing.

Incident Investigations and Responsibilities This procedure should outline the steps required in investigating an incident and be designed to guide an officer through the process. The basic Who, What, When, Where, Why, and How should be the blueprint of any investigation. Filing steps should also be included in this procedure section.

Liaison With Law Enforcement A fundamental part of any good security program is having a friendly and cooperative relationship with law enforcement. Too often security departments only call law enforcement when police services are needed. Management personnel responsible for directing security services should develop a working relationship with their local law enforcement to include mutual assistance and information sharing. A beginning step in developing relations with law enforcement is inviting the Chief of Police or his or her designee to have coffee or breakfast to discuss their role and your department’s role in delivering security services. Explaining what your company is about and how security operates will help the police in understanding your facility and aid in working together when events bring about police response. An important component of developing relations with law enforcement is information sharing. From a security perspective, it is important to know what crime is happening near your facility and when such activity is likely. If possible, when there is a police response, security should provide a report to police to aid them in their investigation. Keep in mind security shall not compromise confidential or proprietary information and reports provided to police should not contain this type of information.

Emergency Response This procedure needs to be thorough and provide guidance for the officer with the steps required while responding to an emergent situation. When and how to use emergency equipment should be illustrated and, as previously mentioned, proper training afforded to staff to ensure proper care is delivered. Moreover, protocols on calling police/fire and EMS should be illustrated with current contact information for the responding authorities.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PREPARATION FOR PATROL

Supervisory Oversight This may be the most important of all the procedures as it is the supervisor who will ensure all policies and procedures are followed. As such, detailed procedures for supervisory oversight must be outlined. These procedures should include random inspections of officers and locations being protected. Video reviews must be conducted to ensure suspicious activity is not taking place or being missed by security officers. Most protected facilities and grounds have cameras and supervisors should take advantage of this and inspect the video for officer behavior and patrolling techniques. Moreover, guard tour patrol system technology should be utilized to ensure officers are alert and attending to their assigned duties. This technology captures a digital record of the officer’s location and points checked. Reports can be generated from this technology to audit the officer’s activity and efficiency while working. These reports can help supervisors identify problematic patterns which may create vulnerability in the layers of security. This type of oversight will produce an effective and alert security officer staff. Without continuous oversight, officers are likely to be less effective and become part of the security problem. Without this necessary management tool, officers oftentimes develop relationships within the work environment and start to become permissive to minor infractions to policy. Moreover, officers might take advantage of the lack of oversight and not patrol as effectively as when they know their activities are being monitored. Just as it is incumbent for management to put in place the policies and procedures necessary to deliver an effective security patrol program, it is equally important for a security officer to put things in place for their patrol duties. Preparation for security patrol is much more than just reporting to work 5 min early and beginning your shift. Officers must mentally prepare for

95

patrol if they want to be effective in their duties. Too often, this is not the case, which illustrates the need for security oversight. However, for those officers with laudable intentions the following are helpful measures to take before beginning patrol.

Rest, Relaxation, and Exercise Officers should make sure they are well rested before beginning their shift. For officers working rotating or overnight shifts, this can be problematic. Nonetheless, officers should afford themselves the opportunity to get the proper sleep needed to stay alert and awake during their shift. While off duty, officers should relax and enjoy their leisure time. A well-lived lifestyle is not only healthy for the officer but produces an individual who is eager and ready to get back to work when his or her shift begins. Lastly, not only is exercise necessary for good health and mobility, it will aid the officer in performing his or her duties more quickly and efficiently.

Awareness and Familiarity Benjamin Franklin once said, “An investment in knowledge pays the best dividends.” Officers should learn their job and learn it well. They should be well versed in patrol methodologies, crisis communication, and basic first aid, reporting instructions, areas of responsibility, problematic employees, and vulnerable access points. Officers need to know the environment they are protecting, the people they meet, and the underlying atmosphere of the environment to identify dangerous situations, thievery, trespass, and any other form of unauthorized activity they are charged with preventing. Lastly, officers should understand the concept of situational awareness. On the surface, situational awareness seems easy to understand. Simply put: it is knowing

II. PRACTICAL AND OPERATIONAL APPLICATIONS

96

8. PATROL PRINCIPLES

what is going on around you. However, it is more than just that. Not only does an officer need to know what is going on around them but they also need to know the “why” of the activity that is in their view. For example, a security officer working parking lot patrol sees a flatbed tow truck pull into the parking lot. The occupant gets out of the truck and in plain view of the security officer begins to hook up a luxury car and pull it onto the flatbed of the truck. Thereafter, the driver takes the vehicle away, driving directly in front of the security officer who simply watches the driver exit the property. Several hours later a call came in to security of a stolen car from the parking lot. The driver of the vehicle returned to realize his car had been taken. Fortunately, the investigation revealed the car was not stolen, but repossessed by the creditor. This case study illustrates the importance of a security officer understanding, not only the “what is happening,” but the “why.” This security officer knew the car was being hooked up to a tow truck, but the officer did not know why. The officer figured since it was taking place in the open, in the middle of the day, it must be legitimate. If an industrious thief had pulled into the parking lot with a tow truck, they could have committed the crime in plain view of the security officer. Officers need to know that situational awareness is understanding the ordinary, so they can spot the unusual. If something occurs during an officer’s shift that doesn’t happen on a daily basis, he or she needs to investigate it for further evaluation. Tow trucks seldom pull into the parking lot and take away a vehicle. Understanding what is happening in and around the assets being protected is the best tool a security officer takes on patrol.

previous shift. An officer should pay particular note to anything unusual which was reported. This reported activity may be a prelude to additional threats to the assets being protected. Moreover, officers should be aware of criminal activity and other unusual news events in the surrounding area of the property he or she is protecting. This activity may be indicative of a need for increased awareness and additional patrol oversight may be needed during their shift. Lastly, any reports which were generated by the previous shift should be read by the officer to have an understanding of what occurred prior to them beginning patrol.

Pre-Patrol Intelligence

Training is required so that officers and security will know where and when they can legally record a person. Privacy and the “expectation of privacy” must be understood by those wearing body video technologies.

Prior to beginning a shift, an officer—if not formally briefed by a supervisor or previous officer—should read the patrol log for the

BODY CAMERAS FOR LAW ENFORCEMENT AND THE PRIVATE SECTOR (FENNELLY & PERRY, 2017) Body cameras have quickly become a hot-item issue for both law enforcement and security officers in the private sector. There is certainly a chance for increased liability with the use of body cameras among private security officers, but in the long run, it may be a boon to insurers, security guard companies, and the people they protect (Brownyard, n.d.).

Legal Issues With Audio Recording Some states require only one person (i.e., a person wearing the recording device); whereas others require two people to know that a conversation is being recorded. Visual recording and audio recording legal requirements do not always align.

Training

II. PRACTICAL AND OPERATIONAL APPLICATIONS

97

TECHNIQUES OF PATROL

Deportment Security officers who wear video technology should be more likely to act appropriately and maintain their composure. Program Goals/Program Components—Video surveillance technology, already in use by law enforcement in the form of network video systems has been adapted to be worn by frontline police officers in order to assist in the gathering of evidence and to record police encounters with the public. This involves equipping an officer with an audiovisual-recording apparatus (i.e., a bodyworn camera), which is small enough to be worn by police officers without encumbering them in the conduct of regular police work and developing a system to store and review the data gathered by the device. Advances in the field of miniaturization have led to the development of small yet robust devices that can be worn on the chest, collar, or shoulder, or mounted on glasses or a helmet. These cameras operate as mobile CCTV units and record police activity and encounters while officers are out in the field. There are a number of reasons for police to use body-worn cameras. One is to help in the gathering of evidence and accurate reporting of events. Another objective is to encourage mutual accountability during difficult policecitizen encounters. The objective of having police use body-worn cameras is to reduce the number of use-of-force incidents and reduce the number of complaints from the community by monitoring all police-citizen encounters. One jurisdiction that has adopted the use of body-worn cameras is Rialto, California. The Rialto Police Department serves a population of approximately 100,000 residents and employs 115 sworn police officers and 42 nonsworn staff. The devices used in Rialto are small enough to fit into the officers’ shirt pockets; they also provide high-definition color video and audio, are water resistant, and have a battery life greater than 12 h. Police are instructed to use these cameras for every police interaction with the public,

except in cases of sexual assault of a minor or when dealing with police informants. The devices are visible to the citizens who are interacting with the officers. All the data are automatically uploaded, collated, and inventoried in a web-based, video-management system at the end of each shift (CrimeSolutions.gov, 2016).

EQUIPMENT CHECK Before beginning patrol, an officer should perform a radio test to ensure their radio is transmitting and receiving radio communications. Flashlights need to be checked to safeguard against drained or dead batteries. Security belts should be examined for leather fatigue so important items such as keys don’t come loose during a patrol. If security cameras are being monitored by a command center, the officer should check to see what cameras are not functioning so special attention to that area can be delivered during a patrol. Patrol vehicles should have a full tank of gas and be supplied with the proper equipment such as first aid kits, oxygen tank, and an AED unit. These pieces of equipment should also be inspected to ensure they are full of supplies and in working order.

TECHNIQUES OF PATROL As previously mentioned, a patrol officer is part of a layered security structure. Even for buildings that do not have alarm systems, there are layers of security such as locked doors and windows. A security officer on patrol would be an additional layer of that protection measure. How a patrol officer performs his or her duties can be a dichotomy between enhanced security and noneffective protection. The adage “you are as strong as your weakest link” is a good

II. PRACTICAL AND OPERATIONAL APPLICATIONS

98

8. PATROL PRINCIPLES

illustration of how important it is to have a welltrained and self-motivated officer on patrol and not a feckless one. Moreover, emphasis on supervisory oversight cannot be overstressed, to ensure the officer is meeting expectations and providing the desired level of protection. Effective security officers will understand the variables that can occur during their shift and have prepared solutions for unfolding issues. Just like a skilled tradesman, a security officer should have a toolbox of options to draw upon to deliver the protective services he or she is being paid to perform. That toolbox should have a variety of techniques to help an officer enhance their performance and deter, detect, delay, or deny any unwanted or malevolent behavior. Some of the tools which should be in an officer’s arsenal:

Comfortable Shoes To be alert and attentive and willing to actively patrol, an officer should have shoes that are professional looking but also comfortable. Moreover, shoes should have antislip soles, so they can provide support and are safe on different surfaces.

Flashlight The flashlight can be an effective tool if used correctly. While walking, if possible a flashlight should only be used when needed to see one’s pathway. The flashlight should not be left on continuously while on patrol, unless for the specific purposes of deterring activity in and around an area. While walking the flashlight should be used intermittently to quickly identify one’s pathway and any obstacles present. This is a tactical application for the flashlight. Moreover, this tool should be used to illuminate nooks and crannies, dark perimeters, exterior fencing, tree lines, brush, underneath and in between cars, alongside

and behind buildings. An officer using a flashlight in such a manner will be an effective deterrent against those wishing to do harm or make entry into the property. Furthermore, officers will be more apt to detect people that may be hiding and will delay or deny them access to the assets to which they were trying to get to.

Stop, Look, and Listen Periodically, and unpredictably an officer should stop, look, and listen to what is unfolding around them. In doing so, an officer will develop an understanding of how things ought to sound and look, so when something out of the ordinary is unfolding around them, they do not miss it. This tactic will aid an officer in mixing up their patrol and can be a strong deterrent for those watching security and looking for opportunities to circumvent an officer on patrol.

Baseline This topic is similar to the Preparation for Patrol Section of this chapter, but is worthy of further mention. Understanding the baseline is probably the most important tool an officer can have on patrol. The baseline is the common thread that is weaved in between everything an officer does on patrol. Whether it is identifying suspicious mail or packages or spotting an intruder or a person who is plotting a criminal act, understanding the baseline will better enable an officer to identify problematic people, packages, and mail. The baseline simply stated is ordinary; something that happens within the workplace on a daily basis. Be it employees, visitors, guests, or vendors, people act in a certain way within a general upper and lower tier of normalcy. For example, some people are loud, while others are quiet. Some people are friendly, others are not. Regular vendors and temporary vendors

II. PRACTICAL AND OPERATIONAL APPLICATIONS

TECHNIQUES OF PATROL

act within a certain norm for the industry they’re employed in. A good case study in the baseline is the case of Sidney Reso, the International President of Exxon Corporation who was kidnapped and killed in 1992. The kidnappers simply kicked his newspaper to the opposite side of his driveway to force Reso to get out of his car to retrieve the paper. When he did so, they shot him and pushed him into a waiting van near Reso’s mailbox. For over a decade, give or take an exception here or there, Reso’s newspaper was always where he could just drive up to it, open his door, and bend down and pick it up. If he had realized the paper being on the other side of his driveway was a disruption to the baseline, he could have looked around. It might have been the newspaper person overthrowing the paper, or it could be related to the idling white van near his daily read. In short, the officer should be aware of the following: Baseline: Something which happens on a daily basis. Disruption: Something that does not happen every day. The baseline should be studied to understand the ordinary so an officer can identify the unusual. Disruptions to the baseline (the ordinary) should be inquired. Disruptions are not necessarily cause for concern, but if they are not identified and investigated the risk of overlooking the subtleness and origins of most criminal behavior exists.

Tactical Maneuvering Officers on patrol should be cognizant to the fact that someone may be wishing to take advantage of them on patrol. As such, an officer on duty should patrol in a safe, but tactical manner. Officers should stay a safe distance from areas which can conceal a person who is hiding and harboring ill intentions. They should take corners of buildings to a wide degree so not to be

99

surprised or attacked from someone just around the bend. Or, they should take a corner closely, peering quickly around the corner to identify any threats. While entering a dark room, quickly illuminate the interior with the flashlight and then turn the light off. Doing so will enable the officer to get a quick image of what is in the room and to spot someone who may be trying to take advantage of the darkness. This technique can also be performed with turning on and off quickly the room’s interior lights. With practice, an officer will be able to identify what they saw in a blink of an eye. While entering a room, an officer should not stand in the door’s opening because the backlight will illuminate them. Instead, an officer should quickly move to the left or right inside the room. Prior to turning on the light, stop, look, and listen.

Predictably Unpredictable Too often what is initiated as an increase of protection by having a security officer ends up becoming vulnerability. The average security officers tend to become systematic; they do “hourly checks,” and perform their duties with a routine that becomes familiar to those watching. Whether on break or on patrol, people know where they can find the security officer. An effective officer will be predictably unpredictable in his or her patrol. While starting a shift, officers should change their routine, not only each day but also during the shift itself. Sometimes officers are given ineffective orders such as being required to perform hourly checks. This in and of itself is counterproductive to an effective patrol program. Nonetheless, this is a common practice. A security officer who is knowledgeable can still perform their patrol function in a random and effective manner which can make it hard for others to predict. Assets can be checked at different times; patrol patterns can be varied and periodic increases and decreases in patrol can be

II. PRACTICAL AND OPERATIONAL APPLICATIONS

100

8. PATROL PRINCIPLES

deployed to offset those wishing to circumvent a patrol officer. While on patrol, officers should comport themselves in such a way which makes it hard for others to figure out where they are, what they are doing, and when they will be at one place or the other. As also mentioned prior in this narrative certain security devices have burglary ratings and certain kinds take a specific time to defeat. An officer on patrol must be cognizant of these security measures and make sure that his or her patrol is conducted in a timely manner, so not enough time elapses to defeat any such device.

Vehicle Positioning An officer who uses a vehicle, regardless of type, should position their vehicle in a tactical fashion. The officer should stop a safe distance away from pedestrians or vehicles he or she are stopping on the property to question. The vehicle should be positioned in such a way that someone in another vehicle would find it difficult to see. Normally this is achieved by positioning a security vehicle directly behind the driver’s side of a car where the officer can see the back of the driver’s head. This forces someone to either turn around or use their mirrors to see where the officer is coming from. Moreover, the flashlight or spotlight on the vehicle can be pointed toward either the driver’s rear-view mirror or side mirror. Then the officer has the advantage and the driver has a limited view.

weapon. This is a fundamental principle police officers use while on patrol and a security officer should do the same.

Nonverbal Communications A security officer should be well versed in understanding behavior patterns, especially as it relates to someone in the commission of a crime or is caught doing something unauthorized. Movements and gestures may provide insight into a person’s actions and/or intentions. Often, when someone is lying what they are saying is betrayed by their body language. The body language an officer should be aware of is eye contact, space relationship, facial expressions, gestures, and posture and stance. Each of these can shed some light on whether a person is being truthful, or up to something he or she should not be doing. Nothing in life is absolute; the following are a generalization of known body language indicators: Signs of deception Short responses Speech errors such as um’s, er’s ah’s Blink more Eyes looking up and to the right Fidgety Signs of anger Fists clenched Hands shaking Profuse sweating Breathing rate increase Signs of dishonesty

Hands When interacting with someone, especially someone who is suspected of wrongdoing, an officer should always have a visual of where that person’s hands are. If a person is concealing their hand or hands, it may be because they are hiding something, or have a

Touching nose Rubbing back of the neck Clenched fists held down by hips Picking at lint on shirt or pants Crossed arms held at chest Placing something in front of them while speaking conversely

II. PRACTICAL AND OPERATIONAL APPLICATIONS

UNETHICAL UNPROFESSIONAL PRACTICES

Signs of honesty Eye contact Looking up and to the left Palm of hands held open Hands held on hips Hands in pockets Hand touching chin Calm verbal responses Normal breathing An officer familiar with human behavior and attentive to those in and around their area is a strong protection layer which will deter unwanted activity and increase the likelihood of detecting behavior which is either prohibited or criminal in nature.

Enhance Security Measures An officer should be aware of the security features in place on the grounds, and within the facility, they are protecting. This knowledge will aid the officer in complementing the security measures and not working against them. The officer must take into consideration all the security measures that are in place, in order to avoid any mistakes. They must be aware of what security applications are present and the limits of these measures. An officer should enhance the present security apparatus, not detract from it. For example, an officer patrolling a facility where a UL listed TL-90 safe is being used to secure valuables should ensure a check of the safe is performed every 60 or 80 min. The officer should be aware that a TLE-90 is a burglary rating indicating a wouldbe burglar using common tools can penetrate the safe in 90 min. Understanding this, the officer can inspect the area within the 90-min window to thwart anyone wishing to take advantage of an officer’s patrol pattern. In doing so, he is denying access by not allowing a thief enough time to penetrate the safe. If certain areas are being actively videomonitored by a security officer, the officer on

101

patrol should pay particular attention to the areas not under video surveillance. Additionally, while on patrol in areas under video surveillance, the patrol officer should verify with the monitoring officer if the camera is alerting to his or her motion in the area. Lastly, while on patrol a security officer should check to see what or if any burglary or fire alarm zones are in trouble mode. If so, inspections of these areas should be done to safeguard the area since it is in trouble mode. Security conducting a patrol in such a manner complements and builds upon the existing security measures and works to keep the layers of security cohesively into place.

UNETHICAL UNPROFESSIONAL PRACTICES Black’s Law Dictionary states ethics as “Directives based on one’s ethics and morality. How one lives with others. The foremost concepts and principles of proper human conduct. Socially, it is the collective of universal values, treating each human equally, acknowledging human and natural rights, obeying the law of land, showing health and safety concerns, caring for the natural environment.” Since security officers are tasked with enforcing the policies in place within the environment they protect, they need to set the example. Officers must be aware of the fact they are watched and expected to abide by the same policies and procedures as everyone else. Misuse of time is a common unethical behavior within the workspace and a security officer can often project the image of misuse of time. An officer sitting on a post or in a patrol vehicle reading a book or magazine or watching a video on phone is a breach of duties and is unethical. Sitting stationary on post or in a patrol vehicle and documenting on a patrol log that a patrol sweep or security check was performed, when it was not, is another example of misuse of time.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

102

8. PATROL PRINCIPLES

This behavior is ineffective and may incentivize others to commit policy violations or theft because a security officer is feckless in his or her duties. Time fraud is when employees work less hours than they report. Coming in late and saying you forgot to clock in or leaving early and saying you were in a hurry and forgot to clock out are examples of time fraud. Officers should not fall prey to this type of behavior, even when others may encourage it. Minor policy infractions or noncompliance of policy is unethical behavior and shouldn’t be committed by employees and officers alike. Officers who are permissive to minor violations are committing a breach of duty which is unethical. Officers should have an inherent set of principles: principles of right and wrong, and good and bad, which are consistent with societal norms. Peer pressure—normally associated with adolescence—can carry forward into adulthood and often bleeds into the workplace. Officers befriended by those who they are tasked with ensuring compliance from can be socially pressured into overlooking minor infractions up to and including small theft. Often, other security officers can pressure a less tenured officer to clock extra hours to the pressing, more tenured officer that leaves the workplace early so he is paid for off duty hours. Moreover, supervisors may display unethical misuse of time by asking officers to “leave a line” on their paper log so they can later sign it as if they had conducted a field spot inspection. This example of unethical behavior is a common practice with first-line supervisors who themselves are not supervised. Obviously, besides being unethical, this type of misbehavior is also unprofessional. Unethical behavior is always unprofessional, but unprofessional behavior is not always unethical. Officers reporting to work unshaven and disheveled are not comporting themselves professionally but this is not being unethical. An officer wearing a worn or tattered uniform is acting unprofessionally; just as an officer who is abrasive and

overly authoritative is not comporting himself professionally. A lack of understanding of the rules and policies by an officer is, on the face, unprofessional. On the contrary, a professional is well prepared, knowledgeable in the trade and resourceful with their charged duties, just as a person who acts with integrity and reliability is showing professional behavior. Since security is charged with the responsibility of safeguarding people and property, an officer should always be scrupulous in his or her deportment and manner of dress. Perception is a key ingredient in deterrence. An alert, attentive, and noncompromising officer is a strong representation of ethical and professional behavior.

Critical Thinking Critical thinking is the process of thinking carefully about a subject or idea, without allowing feelings or opinions to affect you (https://dictionary. cambridge.org/dictionary/english/criticalthinking). Top Five Critical Thinking Skills (Doyle, 2019): Analytical Part of critical thinking is the ability to carefully examine something, whether it is a problem, a set of data, or a text. People with analytical skills can examine information, and then understand what it means and what it represents. • • • • • • • •

Asking thoughtful questions Data analysis Information seeking Interpretation Judgment Questioning evidence Recognizing differences and similarities Skepticism

Communication Often, you will need to share your conclusions with your employers or with a group of colleagues. You need to be able to communicate

II. PRACTICAL AND OPERATIONAL APPLICATIONS

103

EMERGING TRENDS

with others to share your ideas effectively. You might also need to engage in critical thinking with a group. In this case, you will need to work with others and communicate effectively to figure out solutions to complex problems. • • • • • • • • •

Asking important questions Assessment Collaboration/teamwork Explanation Expressing opinions and ideas Interpersonal Presentation Verbal communication Written communication

Creativity Critical thinking often involves some level of creativity. You might need to spot patterns in the information you are looking at or come up with a solution that no one else has thought of before. All of this involves a creative eye. • • • • • • • • •

Cognitive flexibility Conceptualization Curiosity Imagination Ability to predict Foresight making abstract connections Making inferences Ability to synthesize Visionary

Open-Minded To think critically, you need to be able to put aside any assumptions or judgments and merely analyze the information you receive. You need to be objective, evaluating ideas without bias. • • • • • • •

Embracing different cultural perspectives Humble Inclusive Objectivity Observation Reflection Fair

Problem Solving Problem solving is another crucial criticalthinking skill that involves analyzing a problem, generating a solution, and implementing followed by assessing that plan. After all, employers don’t simply want employees who can think about information critically. They also need to be able to come up with practical solutions. • • • • • • • • • •

Applying standards Attention to detail Clarification Collaboration Decision-making Evaluation Being grounded Identifying patterns Innovative Logical reasoning

EMERGING TRENDS ESRM Board Initiative—Executive Summary (ASIS International, 2016) In 2016, the ASIS Board of Directors determined that Enterprise Security Risk Management (ESRM) would be a driving underlying force in the global ASIS International strategic plan. The stated goal of the board was “to make ASIS members more effective security professionals and more valuable members of their organizations by enabling them to better identify and manage the various aspects of security risks they face… [leading to an] empowered membership, safer enterprises, a more strategic approach to risk, and a more cost-effective security function.” This project will enable that strategic vision through systematic integration of ESRM principles in ASIS content and education, standards and guidelines, marketing and messaging, certifications, and member support tools.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

104

8. PATROL PRINCIPLES

ESRM Board Initiative—Goals 1. Provide educational courses and materials to ASIS membership on ESRM and topics associated with ESRM. 2. Educate the security industry at-large on the concepts of ESRM. 3. Create an ESRM Standard/Guideline Framework and detailed document set to align existing ASIS standards and recommended practices with the ESRM model. 4. Market the ESRM model appropriately and ensure the ASIS brand is tied closely to the ESRM model and methodology. 5. Provide tools and collateral to ASIS members to assist them in embracing and implementing ESRM in their security programs.

CONCLUSION Whether in the development or in the deployment phase, the security patrol should be methodically thought out and designed as part of a complete security program. It should not be constructed separate and apart from other existing security features. In the conceptual phase, an assessment should be conducted to identify the threats which exist and the vulnerabilities which are present. Part of this process is conducting a security survey to vet the existing security features and evaluate their effectiveness. Thereafter, the data from this process should be analyzed and the patrol procedures should be focused on mitigating any of the vulnerabilities and threats which exist. Policies and procedures are the outlines for which management can gauge the effectiveness of patrol. These policies and procedures enable an officer to follow a set of core standards

and be aware of what is expected of them. Moreover, supervisors have a set of standards which should guide them in their oversight of the officer force. Lastly, patrol assignments and post orders should complement and reinforce the existing security measures which are in place. Patrol procedures should enhance existing security measures and not detract from them. Training is a key factor in whether a security patrol program will be effective. Officers should be provided with intellectual tools necessary to perform the function of security patrol. The curriculum should be relevant and easy for the office staff to comprehend. A well-versed officer is a solid asset to a layered security program. Once officers are deployed, intense supervisory oversight is necessary to educate, train, and inspect that patrol practices outlined are being followed, that alarm systems and other protective measures are being enhanced, and that an officer’s demeanor is representative of ethical and professional behavior. Their behavior will ultimately create an added layer of security through deterrence and detection.

References ASIS International. (2016). Enterprise security risk management (ESRM): Chapters and councils. Retrieved September 10, 2019, from https://asischicago.net/images/ASIS_ International_ESRM_Slideshow.pdf. Brownyard, T. (n.d.). Security magazine | The business magazine for security executives. Accessed May 18, 2019. https://www.securitymagazine.com/authors/1806-torybrownyard. CrimeSolutions.gov, National Institute of Justice. (2016, November 28). Program profile: Police body-worn cameras (Rialto, Calif.). Retrieved from https://www. crimesolutions.gov/ProgramDetails.aspx?ID=499. Doyle, A. (2019). Why employers value critical thinking. The balance careers. Last modified November 26, 2014. https:// www.thebalancecareers.com/critical-thinking-definitionwith-examples-2063745. Fennelly, L. J., & Perry, M. A. (2017). Physical security: 150 things you should know (2nd ed.). Cambridge, MA: Butterworth-Heinemann.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

A P P E N D I X

8A Four Critical Points Ken Fauth COMPELLING ADVICE 1. The Protection Officer and First Aid, CPR and AED Justification: In an incident, medical responses rank very high; the protection officer, as a “first responder” most times and must know not only basic first aid but also advanced measures. In the case of active shooters, it may be a long period before public medical responders get to a scene. Knowing what to do, how to operate life-saving equipment, and battlefield techniques for gunshot wounds can be lifesavers. 2. What a Protection Officer Should Not Do Justification: In most cases the protection officer is an entry level position. This training manual covers a lot of excellent topics but they can be overloading. It is important to also focus on what a protection officer should not do, especially in “overstepping” boundaries.

4. The Protection Officer and Securing the Scene Justification: In most incidents, the protection officer is charged with securing the scene and preventing others from contaminating it. Knowing what is needed to make this happen, how to respond, what to say, and who to allow in (especially non-security, senior management) is critical. Recommendation: This is a topic any security manager can address.

Resources

3. The Protection Officer and the Media, Public and Employees Justification: In incidents, the protection officer is often the first “stationary” official

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00047-X

representative at the perimeter of the scene and maybe the least experienced in dealing with the media or telling others what is occurring. When security officers talk to the media, the public, and employees it is often to be helpful, or to gain respect, or because of not knowing how to respond. Wrong responses can add to rumors and place a company in a bad position.

Black, H. C. (1979). Black’s Law Dictionary (5th ed.). St. Paul, MN: West.

105

# 2020 Elsevier Inc. All rights reserved.

C H A P T E R

9 The Importance of CPR/AED and First Aid Training for Security Officers Marianna A. Perry O U T L I N E Introduction

107

Security Needs Are Growing as Technology Advances

109

Security Degree Programs Are on the Rise

109

The Security Industry Requires Particular Skills

109

There Are a Variety of Jobs in the Industry

109

CPR/AED

109

Chain of Survival

110

First Aid

111

References

111

Further Reading

112

INTRODUCTION Until recently, the majority of security officer positions did not require much security industry knowledge or life-saving skills and there was a lack of industry training standards. With that in mind, approximately 610,000 people die of heart disease in the United States every year—that’s one in every four deaths, and heart disease is the leading cause of death for both men and women (Centers for Disease Control and Prevention [CDC], 2018). About 47% of all sudden cardiac deaths occur outside the hospital (CDC, 2002). These statistics must

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00009-2

be recognized as important arguments for required industry training for security officers in first aid, CPR (cardiopulmonary resuscitation), and AED (automated external defibrillator) operations since many times security officers are the first responders on the scene. An article written in 2014 for The Center for Investigative Reporting states that lobbying by the security industry and big businesses has derailed attempts to require rigorous training standards for armed security officers across the country, most of whom face fewer state

107

# 2020 Elsevier Inc. All rights reserved.

108

9. THE IMPORTANCE OF CPR/AED AND FIRST AID TRAINING FOR SECURITY OFFICERS

training requirements than a manicurist in a California nail salon. For example, in California, an armed security officer must receive 14 h of gun training, of which 6 h is on a shooting range, in addition to 40 h of basic instruction. Manicurists in the Golden State must complete 400 h of training. When security officers do get training, their experiences vary from state to state and company to company. Some spend a few hours watching a video or a few days in a classroom or on a shooting range. In some states, security officers are required to put themselves through basic training by attending a school, then receive more training from a company once they are hired. Other security officers simply complete their training on the job. In the past decade, industry organizations, including the National Association of Security Companies, helped pave the way for regulations in many states, but they faced resistance from some security company operators, restaurant owners, and retailers, who argued that training requirements would give an unfair advantage to larger companies that can more easily absorb costs. In the 1990s, federal lawmakers introduced more than a dozen bills related to national training standards and background checks. But the efforts were criticized as toothless or interfering with states’ rights. With a lack of support from most of the industry and lawmakers, the efforts failed. The article further reported that there are no federal training standards, leaving a hodgepodge of state-by-state rules or no rules at all (Walter, 2014). In early 2001, the Commission on Guidelines was established by ASIS International (ASIS— American Society for Industrial Security) in response to a concerted need for guidelines regarding security issues in the United States. As the preeminent organization for security professionals worldwide, ASIS has an important role to play in helping the private sector secure its business and critical infrastructure

whether from national disaster, accidents, or planned actions, such as terrorist attacks, vandalism, etc. The ASIS Guidelines outline the framework for effectively selecting private security officers. Training criteria are the proposed training requirements considered essential for each regulating body and subsequent propriety or contract security agency to consider in the training of their private security officers. The Private Security Officer Selection and Training Guidelines provides training criteria and topics with recommendations that consideration should be given to emergency response procedures for critical incident response to national disasters, accidents, human-caused events and life safety awareness which includes safety hazards and blood-borne pathogens, etc. (ASIS International, 2004). Industry standard training for security officers includes company rules and regulations, their own general duties, public relations, customer service, terrorism awareness, criminal law, search and seizure, report writing, fire prevention and suppression, etc., along with CPR/ AED and first aid. Part of a security officer’s training is to be observant or practice situational awareness. A well-trained and experienced security officer is constantly aware of the people who are in their immediate vicinity as well as activities that are taking place around them (Leadership and Worker Engagement Forum, GOV.UK/ construction, 2012). Situational awareness is not only used to alert a security officer to potential security issues, but can also be an important skill to possess during medical emergencies. If there is a disturbance or emergency situation and someone’s life is in danger, a security officer is often the first to arrive on the scene. Well-trained security officers who are confident in the skills and abilities learned through training are incredible resources for their workplaces as well as their communities.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

109

CPR/AED

SECURITY NEEDS ARE GROWING AS TECHNOLOGY ADVANCES With the growth of the internet, the need for security in the area of surveillance has increased. There are a number of emerging concerns, like cyber threats, that need to be addressed in order to remain efficient and secure. The assets that governments and companies need to protect are no longer just physical objects. Keeping knowledge and information safe is more important than ever.

SECURITY DEGREE PROGRAMS ARE ON THE RISE Whether cyber, criminal justice, or information technology, the degree programs associated with security are on the rise. Employers in this field know the impact of industry training. These programs, upon completion of degree requirements, will help get the attention of employers (Top Ten Security Degrees, 2018).

THE SECURITY INDUSTRY REQUIRES PARTICULAR SKILLS Security companies will require particular skills and competencies in tomorrow’s security professionals, such as decision-making, oral communication, critical thinking, maximizing other’s performances, and persuasive influencing. ASIS International found that there are 22 areas that need security industry professionals in order to be successful, but the lack of cohesion across various industry sectors and standards at educational institutions will be the biggest challenge for private and public sector stakeholders (Hirepurpose: 5 Things You Need to Know, 2019). Technology is making an impact on the security industry. The security officers of today

not only need to be tech savvy and be able to respond in high-pressure situations, but they also must be prepared for a variety of emergencies. As security officers assume a greater level of responsibility, a higher level of training is necessary. When there is an emergency, it doesn’t matter whether it is a medical situation, a natural disaster, workplace violence incident, or a workplace safety issue, there is a first responder who can make the difference between life and death—the one who is well trained.

THERE ARE A VARIETY OF JOBS IN THE INDUSTRY ASIS International did a study that reveals that jobs in the security industry are extremely diverse. Companies across the world need security specialists to deal with computer and network security, liability insurance, access control, workplace violence, parking lot and garage security, terrorism and violent crime (Task & Purpose, 2019). Most commonly, when we think about individuals who are trained for life-threatening situations, we think police officers, firefighters and emergency medical services (EMS), but in many cases, there is someone on the scene prior to the arrival of law enforcement, firefighters, and EMS personnel and this is the security officer. Security officers work in many different environments, such as in schools, banks, retail stores, and in the workplace, and may come into contact with thousands of people each day. What may make the difference between life and death is whether or not these security officers are well trained and ready to provide emergency assistance on many levels (O’Bryan, 2013).

CPR/AED The first step any security officer should take when responding to a medical emergency is to call 911, and while he/she is waiting for EMS

II. PRACTICAL AND OPERATIONAL APPLICATIONS

110

9. THE IMPORTANCE OF CPR/AED AND FIRST AID TRAINING FOR SECURITY OFFICERS

to arrive with advanced medical training, the security professional could perform life-saving CPR or give first aid and/or other industry standard life-saving techniques. In certain situations, the security officer may be the only individual on-site who knows how to perform CPR and how to operate an AED. It is critical, especially in a cardiac emergency, that someone acts quickly and makes the decision to help save lives. There are also ethical, legal, and cultural factors to consider that may influence decisions about when to provide CPR for someone experiencing a cardiac incident. This is when it becomes critical for security officers to have the proper industry training. There are sometimes early warning signs that may alert others when someone is experiencing a cardiac emergency: • Chest pain or discomfort • Upper body pain or discomfort in the arms, back, neck, jaw, or upper stomach • Shortness of breath • Nausea, lightheadedness, or cold sweats In many of these situations, the person experiencing a cardiac emergency doesn’t react to their symptoms and seek medical care, so the cardiac emergency does not occur in a hospital setting. This is evident since almost half of cardiac deaths occur outside the hospital. An observant security officer may recognize this

Early access FIG. 9.1

behavior and be prepared to intervene—by calling 911 and then performing CPR. Without quick intervention, many times, apart from a security officer performing life-saving CPR and defibrillation, death from sudden cardiac arrest is certain.

CHAIN OF SURVIVAL The Cardiac Chain of Survival (AED brands, n.d.) was developed in 1990 by the American Heart Association and has become the standard of care for cardiac victims. When there is a cardiac emergency, first responders are encouraged to follow the four-step sequence (Fig. 9.1): The first step, Early Access, is recognizing that there is a cardiac emergency and calling 911. It’s important to call 911 right away so that an advanced life support team can respond quickly. The warning signs of sudden cardiac arrest are: • • • •

Loss of consciousness No pulse Unresponsiveness Not breathing

The second step, Early CPR, is providing CPR (compressions and breaths) to keep oxygenated blood flowing through the body’s most vital organs—the heart and brain. Early CPR increases the sudden cardiac victim’s chances of survival but CPR alone cannot save their life. If the first

Early CPR

Early defibrillation

Early advanced care

Cardiac chain of survival. Diagram from AED brands.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

responder has not been trained in CPR, they may receive assistance from the 911 operator. Many dispatchers are trained to coach callers through the basic steps of CPR, but it’s important to remember that CPR must be started immediately. Early defibrillation, the third step, is the only way to stop sudden cardiac arrest because when sudden cardiac arrest occurs, the heart must be restarted by an electrical shock. Outside the hospital environment, the only way to restart the heart is by using an AED. When the electrodes from an AED are placed on the victim’s chest, electricity flows from the electrodes through the chest to the heart. Time is critical because for each minute that defibrillation is delayed, the victim’s chance of survival decreases from 7% to 10%. The fourth step, Early Advanced Care, is given by paramedics and other trained medical personnel on the scene when the victim is being transported to the hospital. Advanced care is needed to help maintain a normal heart rhythm after successful defibrillation.

FIRST AID To complement CPR/AED training, first aid training will help nonmedical professionals such as security officers to provide emergency care before professional first responders arrive, such as EMS. Topics covered in first aid training are as follows (What is First Aid? n.d.): • • • • • • • • • • •

Asthma emergencies Anaphylaxis Burns Choking Diabetic emergencies External bleeding Environmental emergencies Poisoning Neck, head, and spinal injuries Stroke Seizure

In addition to traditional first aid training, the DHS (Department of Homeland Security)

111

developed a national awareness campaign called Stop the Bleed (https://stopthebleed. usuhs.edu/). The goal of the Stop the Bleed initiative is to encourage bystanders to become trained to help in a bleeding emergency until medical responders arrive. This training is critical in an active shooter situation, a terrorist attack, or in other incidents involving mass casualties. Stop the Bleed is an excellent training program for security officers and it can be incorporated into existing training curricula. It doesn’t matter whether it is a security breach, a safety issue, or a medical emergency, the public relies on security officers to be able to handle any of these situations, and those who employ security officers have a moral and ethical responsibility to ensure that they are providing well-trained first responders. Security is a proactive discipline and having security officers who are trained in CPR/ AED and first aid is a part of being proactive by being prepared to respond—regardless of the emergency situation. Well-trained security officers can provide the best value to their employers as well as the people they protect—especially in the most critical, life and death situations.

References 5 Things You Need To Know About The Security Industry. (2019, April 15). Retrieved from https://taskandpurpose. com/5-things-need-know-security-industry. AED brands. (n.d.). Chain of survival for AED programs. Retrieved September 11, 2019, from https://www. aedbrands.com/resource-center/choose/chain-ofsurvival/. ASIS International Commission on Guidelines. (2004). Private security officer selection and training guideline. Alexandria, VA: ASIS International. Centers for Disease Control and Prevention (CDC). (2002). State specific mortality from sudden cardiac death: United States, 1999. Morbidity and Mortality Weekly Report, 51(6), 123–126. Centers for Disease Control and Prevention (CDC). (2018, October 9). Heart disease facts. Retrieved from https://www.cdc.gov/heartdisease/facts.htm.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

112

9. THE IMPORTANCE OF CPR/AED AND FIRST AID TRAINING FOR SECURITY OFFICERS

Leadership and Worker Engagement Forum, GOV.UK/ construction. (2012). Knowing what is going on around you (situational awareness), leadership and worker involvement toolkit. (PDF) http://www.hse.gov.uk/construction/ lwit/assets/downloads/situational-awareness.pdf. O’Bryan, B. (2013, October 22). How life safety training turns security officers into first responders. Retrieved from https://www.securitymagazine.com/articles/84845how-life-safety-training-turns-security-officers-intofirst-responders. Top Ten Security Degrees Employers Are Looking For. (2018, November 7). Retrieved from https://www. securitydegreehub.com/top-ten-security-degrees-emp loyers-are-looking-for/.

Walter, S. (2014, December 9). Why legislative efforts to improve security guard training keep failing. The Center for Investigative Reporting, https://www.revealnews. org/article/why-legislative-efforts-to-improve-securityguardtraining-keep-failing/. What is First Aid? (n.d.). Retrieved on 01-18-19 from: https://www.redcross.org/take-a-class/first-aid/ performing-firstaid/what-is-first-aid.

Further Reading ASIS International. (2019). ASIS Private Security Officer Selection and Training (PSO) Guideline. Alexandria, VA.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

10 Officer Safety and Use of Force Linda Watson O U T L I N E Introduction

113

Applying Verbal De-Escalation to Aggressive Situations

116

Report Writing in Use-of-Force Cases

117

CHAPTER OBJECTIVES • Case law • Deadly force • Weapons • PTSD • Applying verbal de-escalation to aggressive situations • Lethal and less-than-lethal weapons management • Report writing in use-of-force cases • Emerging trends

INTRODUCTION Security officers are affected by the use of force rules and regulations when they swear to protect and serve an organization. When security officers are hired to work in security they

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00010-9

Emerging Trends

118

References

119

must learn the organization’s use of force continuum, policies, and procedures of their security department before they can begin work. When researching and reviewing statistics regarding the use of force, these statistics are primarily from police use of force data. The resulting data will reflect the fact that, even though this chapter focuses primarily on security officers in the security industry, the use of force continuum can vary from state to state and from state to federal. It is important to understand the force continuum that a security officer is working under and the instances when a security officer can and cannot use a level of force. Most use of force continuums have about five to six levels of force that a security officer can use, depending on the level of force that the security officer is facing. Normally, an officer’s presence is the first level of force, followed by verbal commands, chemical weapons, empty hand controls, blunt-impact tools, electrical weapon(s), and lastly lethal force.

113

# 2020 Elsevier Inc. All rights reserved.

114

10. OFFICER SAFETY AND USE OF FORCE

Recently, several agencies have eliminated the force option continuum. Through recent studies, law enforcement trainers have concluded that placing the idea of a strict guideline as to what type of force is to be used and how to increase the level of force. Officers have become confused and at times will not escalate their force response when they are justified in doing so. This trap causes the officer to move up the continuum only after attempting to use the level of force in the level they are in instead of knowing that it is ok to skip a level when the incident calls for it (Schmitz, 2015). Knowing the standard(s) by which an officer’s use of force is judged is very important. One of the standards is Graham v. Connor, 490 US 386 (1989), a United States Supreme Court case, where the court determined that an objective reasonableness standard should apply to a civilian’s claim that law enforcement officials used excessive force in the course of making an arrest, investigatory stop, or other “seizure” of his person (Wikipedia, 2019a). Another standard to which an officer could be held is Tennessee v. Garner, 471 US 1 (1985), a civil case in which the Supreme Court of the United States (SCOTUS) held that, under the Fourth Amendment, when a law enforcement officer is pursuing a fleeing suspect, the officer may not use deadly force to prevent escape unless “the officer has probable cause to believe that the suspect poses a significant threat of death or serious physical injury to the officer or others.” It was found that the use of deadly force to prevent escape is an unreasonable seizure under the Fourth Amendment, in the absence of probable cause that the fleeing suspect posed a physical danger (Wikipedia, 2019b). These two cases are the most common use of force cases that security professionals in the United States are familiar with when studying the use of force. According to Lt. Paul Marik, understanding the use of force case law will help you train your officers to act within the confines of the law. Knowing these cases will help train you

on how to investigate the use of force. Understanding what the Supreme Court and lower courts have said will also help you educate the public on exactly what cops are able to do and how that looks. Here are 15 use-of-force cases that every department and elected official must know, understand, use, and preach. The following are just the names and a quick one-line explanation. Do your homework with a thorough examination of each. 1. Graham v. Connor—This is the essential use of force rubric in the country. 2. Tennessee v. Garner—Addresses deadly force to prevent escape. 3. Terry v. Ohio—Established the legality of so-called Stop & Frisk searches. 4. Plakas v. Drinski—No constitutional duty to use lesser force when deadly force is authorized. 5. Pena v. Leombruni—Addresses suspect’s known mental state regarding force. 6. Thompson v. Hubbard—Case where suspect appeared to be drawing a gun and no gun found. 7. Smith v. Freland—Examined policy violation but no violation of Constitutional law. 8. Bush v. City of Tallahassee—Addresses excessive force applied through Graham. 9. Green v. N.J. State Police—Addresses excessive force applied through Graham. 10. Forrett v. Richardson—Unarmed fleeing felon applied through Tennessee v. Garner. 11. Elliot v. Leavitt—Addresses 20/20 hindsight on officer shooting. 12. Brown v. United States—The original (1921) Graham v. Connor style decision. 13. Wardlaw v. Picket—Punching an approaching verbally argumentative person. 14. City of Canton v. Harris—Addresses liability and “failure to train.” 15. Powpow [Popow] v. Margate—Addresses shooting an innocent person (training) (Marik, 2016).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

INTRODUCTION

“Police fatally shot nearly 1000 people, and 46 officers were killed nationwide in 2017. Experts said they are uncertain why the annual total shows little fluctuation—the number is almost identical to the 995 killed by police in 2015. Some believe the tally may correspond to the number of times police encounter people, an outcome of statistical probability. Other experts are exploring whether the number tracks with overall violence in American society. ‘The national spotlight on this issue has made officers more cautious in unarmed situations,’ said Chuck Wexler, the executive director of the Police Executive Research Forum, a Washington-based think tank. Wexler also said that the training that his group developed for dozens of departments to de-escalate police encounters with civilians may be having an impact. ‘We are giving officers more options like slowing the situation down and using time and distance to gain tactical advantage,’ he said” (Sullivan, Anthony, Tate, & Jenkins, 2018). The police-involved shootings illustrate what experts think is an increase of violence in American society. “Violence—noun. (1) Swift and intense force: the violence of a storm. (2) Rough or injurious physical force, action, or treatment: to die by violence. (3) An unjust or unwarranted exertion of force or power, as against rights or laws: to take over a government by violence” (Dictionary.com, n.d.). “Violence is everywhere-on the street, in the workplace, on campus, and in the community. It can be instigated by everyone from drunken fools who hit like Jell-O to drug-crazed lunatics who cannot only throw a good punch but will slash your throat for good measure, and everything else in between. The danger can come from fists, feet, and flying objects. You might encounter or deploy impromptu weapons, such as bricks, bottles, or bludgeons, or more conventional ones, such as blades, buckshot, or bullets” (Kane & Wilder, 2009).

In our ever-changing society, random violence has become a daily occurrence around us

115

as we go about our lives. Violence has reached new levels of evil with knife attacks, vehicles driving into pedestrians on sidewalks, and active shooter attacks at businesses. Children have become desensitized to violence while growing up and watching violent video games and television. Around 50 or 60 years ago if an argument happened at school or work, the two “guys” would go out in the garage or back and settle it with words or maybe a physical altercation. Fast-forward to now using the same example and the person who feels slighted may start an attack on the internet which could very easily escalate into a potential group physical altercation. Social media has influenced our lives forever with most people having a cell phone with a video camera on their person, ready to record any interaction with a security officer in case there is some type of use of force. Bystanders will record the use of force incident and then upload the video to social media. These images can and usually do go “viral” without many pertinent facts known about the incident. The video is then analyzed and critiqued across many different media outlets. In many of these cases, the person(s) committing these unthinkable acts of violence may suffer from mental health issues which only come to light after the crime has been committed. The security officer interacts with many different types of persons every day. When dispatched to a call for service, the security officer will be interacting with unknown individuals. The security officer must be aware that persons he/she may encounter could be mentally or emotionally imbalanced and must use all their training and experience, assessing whether the person is acting “off,” during their initial contact. They need to consider if a person may be intoxicated on alcohol, prescription medications, illegal drugs, or marijuana (legal in many states). Persons who self-medicate can be very challenging to communicate with in a normal situation, not to mention a high-stress

II. PRACTICAL AND OPERATIONAL APPLICATIONS

116

10. OFFICER SAFETY AND USE OF FORCE

encounter, or the person may need medical attention for some type of medical ailment. After this brief interaction, the security officer needs to be mindful that any interaction can turn violent very quickly and take the appropriate actions to de-escalate the situation if possible. Use of force incidents to control a person or situation from escalating happen every day all over the world. As illustrated, there are a large number of private security officers on duty worldwide. As we review the use of force in this chapter, it is very important to realize that technology has forever changed the way security officers approach their job. Their actions are in most cases being recorded and documented to be reviewed at a later date if needed. In conclusion, a person should be given the respect and dignity they deserve by a professional security officer. The opportunity to de-escalate a potentially violent situation greatly increases when all parties feel that they have been given a fair chance to express their opinions.

APPLYING VERBAL DE-ESCALATION TO AGGRESSIVE SITUATIONS If called to a routine confrontation where the participants appear to be reasonable and the likelihood of injury is low, then the officer may wish to follow some of these de-escalation suggestions: 1. Respect the subject’s dignity. Be as polite as possible and never demean people. 2. Do not shout commands. 3. Be careful not to become part of the problem. 4. Assume officer safety distance (10–15 ft). 5. Provide a pleasant greeting such as “May I help you?” or “How can I help you?” 6. Assume a noncombative attitude. 7. Use nonthreatening questions, and avoid “Why?” These tend to put someone’s reasoning process “on trial.”

8. Slow everything down. Speak a little slower and move a little slower. 9. Be calm, as “calmness is contagious.” 10. Keep hands chest-high and ready to react. 11. Attempt to move the subject away from the conflict zone. 12. Listen intently to subject’s words. 13. Project empathy with the subject’s cause. 14. Observe the subject’s hands and body language. 15. Conduct a visual frisk and check for observable weapons. 16. Look for weapons of opportunity. 17. Listen to peripheral persons. They can be witnesses, cheerleaders, or assailants. 18. Keep talking and negotiating a solution. 19. Practice officer safety at all times. 20. Make the decision to arrest or release. Procedures for dealing with a violence-prone individual differ somewhat from dealing with the average aggressive situation. If the likelihood of injury is certain or extremely high, the officer may wish to follow some of these suggestions. 1. Subject’s dignity is not the main priority. “Defanging the snake” is the priority! 2. Try to respect the subject’s dignity even though this is not the main priority. 3. Respect officer safety distance. 4. Assume a self-defense attitude. 5. Use loud, clear, directive commands for officer safety. 6. Keep hands on the preferred weapon or have weapons drawn. 7. Call for backup before entering the conflict. 8. Give subject directives to reach a solution. 9. Keep talking and negotiating a solution. 10. Listen intently to subject’s words. 11. Project empathy with the subject’s cause. 12. Observe his hands and body language. 13. When backup arrives conduct a search for weapons. 14. Cuff and search for officer safety. 15. Continue dialogue with the subject.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REPORT WRITING IN USE-OF-FORCE CASES

16. Listen to witnesses; take names, addresses, and phone numbers. 17. Take notes of what witnesses say. Use quotes from the witnesses. 18. Make the decision to detain, arrest, or release. 19. Use deadly force only when a life is threatened or serious bodily injury is imminent.

REPORT WRITING IN USE-OFFORCE CASES What is involved in writing the report of an incident where use of force was reasonable and necessary? It should be enough to just sit down and write, in chronological order, the truthful facts of the case. Unfortunately, in our litigious society, where cash-hungry lawyers and an aggressive media lie in wait for the next abuse of force case, the officer cannot be carefree. The report must be written taking into consideration the technical requirements of criminal and civil liability, in both state and federal court. Know the audience! Assume that the report about to be written will be in the hands of an opposing attorney and that you, the officer, will be in front of a judge in the near future. Include in the report if the use of force required a firearm, drawdown, or shooting, a pain compliance tactic, a chemical or electronic incapacitation device deployment, use of a baton, fists or feet confrontation. The report must be timely, thorough, concise, and accurate. Above all, the report must be true. The facts are important to record. While writing the report, the officer must cover the following: 1. NECESSITY (What the subject did) a. Self-defense. b. Defense of others. c. Incident to arrest and escape prevention. d. Incident to ejection from the property. e. Protection of property.

117

2. REASONABLENESS (What the officer did) a. Followed department policy. b. Followed department training. c. Followed supervisor’s instructions. d. Deployed each tactic with restrained, measured, intentional, and minimal force. e. Assured no offensive moves were made and that all tactics were defensive as applied. f. Provided medical follow-up (first aid, 911 call, etc., as needed). 3. THE REPORT MUST BE BALANCED AND COORDINATED a. The report is clear, concise, and complete. b. The report follows a chronology of events. c. The report has synergy, meaning that all parts of the report connect to make the whole greater than any individual part. d. The report has no contradictions. e. Times stated are close to other reports and other records. f. Facts stated are reasonably supported by other reports and records. Any one of the above components that are lacking in the report will provide an opportunity for the opposing attorney to attack the integrity of the report and ultimately the officer’s testimony could fall apart. The officer may have performed perfectly, followed all the rules, provided a truthful report, and still lose the case over the fact that there was a failure to provide one or more of the above items. In reviewing the report, it is useful to play “devil’s advocate.” The writer should try to anticipate what the lawyers or media might try to make out of what is about to be written. Astute report writers review their employer’s policy before writing. Leave no gaps in the report to be filled in later. Don’t assume anything. Never leave out a fact because it seems obvious that everyone would understand it. Being specific and detailed is critical. What may seem to be common sense or common knowledge may not be to the reader. And an omission or careless

II. PRACTICAL AND OPERATIONAL APPLICATIONS

118

10. OFFICER SAFETY AND USE OF FORCE

statement may be distorted by the opposing attorney to appear as if it is a careless mistake or a deliberate attempt at deception. Keep in mind that the main thrust of the defense lawyer, or the plaintiff’s lawyer, is to present their client as the victim in the case, not the perpetrator. They will work hard to accuse the officer of being the perpetrator and, using the “but for” test, they will say, “But for the illegal or negligent acts or omissions of the officer, this plaintiff would not have sustained the injuries that he did.” It is wise to be sure that nothing in the report supports a false assertion that the officer’s actions were illegal or negligent. The officer’s report should pass the “reasonable person” test. That is, either the jury or the judge should be able to read the report and form a mental picture of what actually took place. From that picture, he or she should be able to determine what their own actions would have been under exactly the same circumstances. If the report follows the above guidelines, it should lead that person to the logical conclusion that the officer acted in a reasonable and necessary fashion.

EMERGING TRENDS Protection officers are increasing in number and society expects more of them. Where public police were once the principal protective force, privately employed security officers are now stepping in. With the constriction of government budgets coupled with the extensive cost for police, security forces will continue to grow. Many of these forces have some type of police authority. They also are carrying more and different types of weapons. Society also has a lower tolerance for acts of violence, coupled with a greater fear of crime and terrorism. The expectation of employees, shoppers, students, and guests is that they will be protected. As a result, security forces must be more reactive than in the past. Security officers

are expected to step in and help those facing the threat of violence more than in the past. Posttraumatic stress disorder (PTSD) is recognized as a hazard today. PTSD affects not only those directly involved in a traumatic event, such as use of force, but it impacts those who witness it. Protective services personnel need to be aware of this and seek help. Employers of protection officers have an obligation to address this issue. Officers who are adversely affected by major use of force incidents need help. And their employers need a system to deliver that assistance. Training in communication skills is becoming more critical to manage aggression and deal with violent persons. Enhanced communication ability also aids in dealing with public events and persons higher in the organizational food chain than the officer (top management, clients, VIPs). Enhanced communication skills are also necessary so officers can relate to and manage diverse populations. As a result, more officer survival and defensive tactics instructors are emphasizing communications in their classes. This trend will likely continue. The employment of weapons has also grown. There are more weapon options available than in the past and this trend will continue. Lessthan-lethal weapons provide protection officers with a wider range of options. At the same time, they require additional training and practice. More initial and refresher training is required for officers who are armed than for those who are not. Armed officers are also more likely to be subject to governmental regulation. Armed security officers and those employed by security service firms are the most likely industrial sector to be licensed. The merits of force continuums are also being debated. They are one-dimensional and perhaps a bit simplistic. There is also a danger that persons reviewing a use-of-force event mistakenly believe that all steps in the continuum must be followed in sequential order. As a result, new models that depict the exercise of force are being developed.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

References Dictionary.com. (n.d.). Violence. Retrieved September 5, 2019, from https://www.dictionary.com/browse/ antiviolence. Kane, L. A., & Wilder, K. (2009). The little black book of violence: What every young man needs to know about fighting. Wolfeboro, NH: YMAA Publication Center. Marik, P. (2016, March 18). 15 use-of-force cases every cop needs to know. Retrieved from https://www.policeone.com/ chiefs-sheriffs/articles/154676006-15-use-of-forcecases-every-cop-needs-to-know/.

119

Schmitz, M. H. (2015). Justified: An in-depth look at police use of force. Scotts Valley, CA: Createspace Independent Publishing Platform. Sullivan, J., Anthony, Z., Tate, J., & Jenkins, J. (2018, January 6). Police fatally shot nearly 1,000 people, and 46 officers were killed, nationwide in 2017. Retrieved from https:// www.chicagotribune.com/nation-world/ct-nationwidepolice-fatal-shootings-2017-20180106-story.html. Wikipedia. Graham v. Connor. (2019a, August 14). Retrieved from https://en.wikipedia.org/wiki/Graham_v._Connor. Wikpedia. Tennessee v. Garner. (2019b, August 23). Retrieved from https://en.wikipedia.org/wiki/Tenness ee_v._Garner.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

11 Active Assailant Preparedness: Beyond Active Shooter Response Ted Wade O U T L I N E Introduction

121

The Role of Protection Officers

127

The Active Assailant Phenomenon

122

Workplace Violence Prevention

122

Law Enforcement and Emergency Response

128

Training

123

Case Studies

128

Mental Health Issues

124

Conclusion

131

Threat Detection and Assessment

125

References

131

Security Measures

125

Further Reading

131

Weapons Policies

127

INTRODUCTION Active assailants are usually referred to as active shooters in media coverage of incidents that occur. Active assailant has become more accepted as the proper term in the security industry. This is based on the fact that attackers have used a variety of methods to cause mass violence other than firearms. Headlines have convinced many organizations to implement

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00011-0

Active Shooter Response plans and training. Protection personnel must understand the risks of workplace violence and active assailant incidents. Just as important is understanding the strategies and tactics that can reduce the likelihood and severity of these incidents. Active assailants have been motivated by many different factors. Some seek revenge against specific individuals, while others target groups with less distinction regarding the

121

# 2020 Elsevier Inc. All rights reserved.

122

11. ACTIVE ASSAILANT PREPAREDNESS: BEYOND ACTIVE SHOOTER RESPONSE

individual victims of violence. Some assailants are motivated by political, religious, or ethnic hatreds which motivate their attacks and guide their target selection. While firearms are prevalent in many incidents, there are many other weapons and tactics that have been used by active assailants. These include the use of edged weapons, vehicle attacks on pedestrians, improvised explosive devices, and incendiary materials to utilize fire as a weapon. The common thread is that an individual or small group of people are attempting to harm multiple people with a weapon that they have available against targets that they can access. As with most hazards, it is impossible to completely eliminate the risk of active assailant attacks. Fortunately, there are many things that protection officers and organizations can do to reduce the risks of such an incident occurring. There are also a wide range of actions that can reduce the severity and impact of an attack if an active assailant incident does occur.

THE ACTIVE ASSAILANT PHENOMENON Active assailant attacks are not a new risk. Throughout history, individuals and groups have attempted to commit violent actions to harm others for many of the same reasons that we see today. These types of incident occurred prior to the invention of modern firearms; however, modern firearms can enable an assailant to pose a greater risk than they would pose without the firearms. This does not mean that simply removing this tool from the assailant will remove the risk. A motivated assailant may choose to utilize a different weapon, and this may increase or decrease the risk depending on the tactics chosen and the vulnerabilities of the targets.

Much of the research on the active assailant phenomenon has focused on firearms-based attacks, commonly referred to as active shooter incidents. This has provided data that can be used to better understand the risks and to make informed planning decisions. It does, however, result in an absence of reliable data on other means of attack. Each study also defines active shooter incidents using slightly different terminology and statistics. In general, more than half of active shooter incidents involve an assailant whose most powerful weapon is a pistol. Fewer than half of incidents involve the use of long guns, primarily rifles, but shotguns have been used by active shooters. Several high-profile attacks by violent extremists have demonstrated the deadly potential of vehicles ramming pedestrians which may lead to copycat incidents by individuals. The use of incendiary or explosive devices, alone or in conjunction with a firearms attack, is another tactic that is rarely discussed but has been demonstrated by several active assailant cases. Security and legal measures to reduce access to more effective weapons have led to the adoption of edged weapons attacks by individuals and groups. Most active shooter incidents have involved assailants entering a facility and using firearms at close range. The Las Vegas festival shooting has demonstrated that protection personnel must consider the threat of long-range weapons fire as another attack vector available to assailants.

WORKPLACE VIOLENCE PREVENTION Active assailants and other offenders often target people in their workplaces for a variety of reasons. This makes it essential for protection personnel, management, and executives to adopt measures to make their workplaces safer from these threats.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

123

TRAINING

Workplace violence and active assailant prevention and response is not just the responsibility of security and protection departments. All stakeholders within the organization must have an understanding of the risks posed by workplace violence so they can commit their attention and resources to preventing or mitigating the risk. Executive support and the active participation by all segments of an organization are necessary. Coworkers, supervisors, managers, and human resources personnel should be able to identify the warning signs of workplace violence and how to report it. Labor representatives, if present, also have a role to play in protecting their members from workplace violence and hostile work environments that can increase the risks of violence. All organizations should consider developing a formal Workplace Violence Prevention and Intervention Policy. The Society for Human Resource Managers (SHRM) and ASIS International, a global association of security professionals, partnered to create the Workplace Violence Prevention and Intervention Standard (ASIS International [ASIS], Society of Human Resource Management [SHRM], 2011). This standard provides a resource to assist your organization to develop effective policies and procedures. Individuals who pose a threat often respond very negatively to routine responses taken as disciplinary action. Verbal or written reprimands, suspensions, and terminations may escalate the potential offender’s sense of persecution. It may also reinforce their belief that revenge for these perceived or real grievances is a justified action. The Occupational Safety and Health Administration (OSHA) defines workplace violence as a hazard covered under the General Duty Clause (OSHA, 2018). This requires organizations to take reasonable measures to keep the workplace free of incidents of workplace violence. In 2011, OSHA declared that “Workplace violence is a serious recognized occupational

hazard, ranking among the top four causes of death in workplaces during the past 15 years” (OSHA, 2013).

TRAINING Training is an essential element of any security program including Active Assailant Prevention and Response. Unfortunately, many organizations are reluctant to hold training on these topics for a variety of reasons. Failing to train the members of your organization reduces the likelihood that they will accurately recognize the warning signs of violence. If they do recognize the warning signs, they may also be unsure of what they can do or how to report. After most active assailant incidents, reports surface that many warning signs or indicators were observed but did not lead to adequate efforts to prevent the incident. Individual employees should be trained on several aspects related to workplace violence. Everyone should be aware of the categories and prevalence of workplace violence. Workplace violence can take many forms. It is typically thought of as a disgruntled employee or former employee seeking revenge against the organization and its people. It can also include property and violent crime offenders targeting employees at work including robberies, assaults, and other crimes. It may also include seemingly random active assailant incidents targeting people in public spaces, malls, schools, and other soft target venues. Domestic violence offenders are another category of workplace violence incidents. Offenders will often target their victims in the workplace because they know where to find them, and will frequently intimidate coworkers to prevent the workers from influencing, assisting or becoming involved with their intended victim.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

124

11. ACTIVE ASSAILANT PREPAREDNESS: BEYOND ACTIVE SHOOTER RESPONSE

Employees should be trained to identify indicators or warning signs of violence. Most offenders display behaviors that indicate their propensity for violence for long periods of time prior to an incident. This can include hostile and argumentative behavior, and often holding grudges, attempting to intimidate other people, and veiled or open threats. Many offenders also display an unhealthy fascination with violence and weapons, including researching and idolizing active assailants. Every person gets angry at some point, but potential offenders frequently demonstrate that they get too angry, over too little, at people who were not trying to harm or offend them. They also tend to stay angry too long, turning issues into long-term grievances that they hold against others. Individuals should also know how to report their concerns about an individual that they believe is displaying indicators of potential violence. This would typically include reporting to a supervisor, management, human resources, or security personnel. All reports should be consolidated by a central responsible person or team. They should be aware of multiple employees reporting behavior from the same individual. Leaders and human resources personnel should be trained to implement their responsibilities within an effective Workplace Violence and Intervention program. This would include understanding how preemployment screening, interviews, and investigations can reduce the risks of employing a potential offender. They must also understand that standard employment disciplinary practices may trigger a reaction from a potentially violent individual. If this individual believes the process is unfair or blames others for the situation, it may escalate the potential for violence. Everyone should also be trained in techniques and tactics to be used during an active

assailant incident. A variety of techniques have been promoted by business and government organizations. The US Department of Homeland Security has promoted the “Run, Hide, Fight” program (US Department of Homeland Security [DHS], n.d.). British police have utilized a program called “Run, Hide, Tell” (GOV.UK, 2017) and these are just a small sample of responses. All approaches share several priorities: reduce the number of potential victims the assailant can attack, reduce the assailant’s ability to effectively target individuals, and ensure a speedy response by law enforcement responders.

MENTAL HEALTH ISSUES Several active assailants have not been found to be mentally ill from a medical perspective. However, most assailants were experiencing a mental health crisis that escalated their behavior toward violence. Stress, social isolation, personal and professional setbacks, substance abuse, and other factors reduce their coping mechanisms. Individuals do not typically snap, as is often said, but they spend a significant time being impacted by stress that may eventually overwhelm them. A variety of events can serve as triggering events that can make an individual escalate to take violent actions. Some triggering events are work related, such as disciplinary actions, layoffs, and terminations. Others are associated with these work-related issues: loss of selfesteem, embarrassment in front of coworkers, loss of income, loss of health insurance and other benefits. Triggering events can also occur in an individual’s personal life such as an illness to themselves or another family member, a breakup of a relationship, death of a loved one or friend, financial difficulties and debt, and substance abuse issues.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

125

SECURITY MEASURES

It is easy to see how a work-related issue, such as a disciplinary action that makes it possible to lose a job, might have the potential to trigger a reaction in a person under other stress. The potential of losing your job and health insurance to someone faced with financial problems and a family member undergoing expensive treatment for cancer could seem an insurmountable problem. If they have a history of blaming others for their problems, they may feel motivated to seek revenge against people they believe wronged them. Many active assailants display suicidal tendencies and intentions. Frequently, active assailants will commit suicide during an incident when confronted by responders. Other assailants attack law enforcement personnel to force the officers to use deadly force against them. This is commonly referred to as “Suicide by Cop” in coverage of incidents and events. For some, the attack seems to be a way of lashing out at others to share their suffering. Some active assailants also seek to gain notoriety or infamy from their crimes. They research other active assailants to learn tactics and techniques that have worked. They may select targets and methods or numbers of casualties that will maximize the media coverage.

THREAT DETECTION AND ASSESSMENT A Workplace Violence Prevention and Intervention Policy should ensure that an organization has access to the ability to assess threats posed by individuals of concern. Employees and leaders within an organization should be able to identify warning behaviors. It is important to identify and intervene before an individual travels too far down a pathway toward violence.

A multidisciplinary Threat Management Team should be established to evaluate the threat posed by individuals who are showing indicators of potential violence or threats. This team should be trained and rely on educated personnel to identify individuals who have the intentions and capability to perpetrate violence. Threat assessment professionals can formulate a variety of strategies to mitigate the threat posed by an individual.

SECURITY MEASURES Security programs are often designed to handle the needs of an organization during routine operations. Even if security is adequate for a “good day” rarely is it designed for or capable of mitigating the risk of a worst-case scenario such as an active assailant incident. Adequate planning for how to detect, respond, and recover from such an incident is critical to enable actions to save lives. Planning for an active assailant incident also allows an organization and its protection professionals to identify likely scenarios of attack. Determine the vulnerabilities the organization has to those methods of attack that allows the development of countermeasures to prevent, deter, or respond to an incident. Protections officers and others responsible for workplace violence prevention functions need to maintain situational awareness of potential threats in the workplace. Focusing on detecting early warning signs of violence can greatly assist in preventing the occurrence of a violent incident. Security planning should allow for a scalable response based on the potential for violent actions. During increased threat conditions the organization should adopt additional security measures to reduce the likelihood and severity of an attack. The level of security measures

II. PRACTICAL AND OPERATIONAL APPLICATIONS

126

11. ACTIVE ASSAILANT PREPAREDNESS: BEYOND ACTIVE SHOOTER RESPONSE

and operational disruption tolerated will be determined by the organization’s threat tolerance level. The response could include a variety of methods to increase security including additional protection personnel, increasing the capabilities of a security force such as adding armed personnel or law enforcement officers and increasing physical security measures, and accessing control procedures. Many organizations will have to contract with outside resources to increase either the number or capabilities of security personnel. Employees and stakeholders must be aware of changes in security measures to decrease the emotional and operational impact that increased security may cause. Increasing security staff hours must be done without decreasing the effectiveness of protection personnel. Extending shifts and reducing rest periods may ultimately make a security force less effective, especially if continued for a significant length of time. Increasing the capabilities of protection personnel is another strategy that is commonly used during high threat situations. Organizations may supplement their security program by bringing in armed protection officers to serve as a deterrent or countermeasure against an active assailant. This requires careful consideration and planning in order to be successful. When planning for dealing with active assailant threats, an audit of physical security systems and procedures should be conducted. This audit can ensure that key stakeholders are aware of the capabilities and vulnerabilities of their existing security program. Frequently, stakeholders make decisions based on an assumption that certain security measures are in place and may not know the true capabilities or vulnerabilities of their facility. An audit should look at several major components of the security program including: access control, physical security systems, and the important role of protection forces

and law enforcement responders in prevention and response. An organization should develop a plan for increasing security before a threat exists, as this will allow for a quicker and less disruptive implementation during a stressful incident. Some essential elements are: determining that all doors and portals have functioning locking mechanisms; access control processes are modified by reducing the number of entrances without unreasonable disruption to operations; and checking that doors controlled by an automated access control system may have to be programmed to unlock during certain hours, making the facility more vulnerable. In addition, a 100% inventory of key and access control cards should determine if there is a potential that the threat has a means to access the facility. Access control policies should also be examined to ensure compliance with visitor and package inspection guidelines. A facility may plan to increase these types of security measures and an audit can determine if these are feasible. When the risk of workplace violence increases due to a threat or incident, a planned security response should be implemented. Security and leadership staff should be provided with the assailant’s photo and vehicle information for rapid identification. Law enforcement and emergency dispatch personnel should be made aware of the concerns, so they may assist the organization if they have the resources available. Many law enforcement agencies will direct their officers to make additional patrols of the area around the facility to help detect suspicious activity. Security personnel should conduct a physical security inspection to verify that all entrances and exits are properly secured. If present, fence lines should be inspected to ensure that they do not have gaps or breaches, which an offender could utilize to gain access to the facility. The

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE ROLE OF PROTECTION OFFICERS

127

parking lot can have key vulnerabilities where an intruder could gain entry or access to personnel arriving or departing from the facility, defeating internal security measures. Protection officers should verify that all access control devices are functioning properly. Test and inspect door, intrusion, and panic alarms to ensure the devices and response protocols are performing as expected. Security lighting should also be observed to ensure that it is functional and providing adequate lighting for safety and security. Network video systems and recording systems should also be inspected to verify that they are all functioning properly and providing adequate video footage that can be used during or after an incident.

Studies of individuals who are issued concealed weapon permits in several states have found that this population has an extremely low risk of committing criminal acts. Felony arrest rates for “concealed carry permit holders” were lower than felony arrest rates for police officers. Several active assailant incidents in the United States have been stopped by armed citizens who engaged the assailant. Every organization should weigh these risks and adopt a clear policy in accordance with the risk management philosophy and risk tolerance level of the organization.

WEAPONS POLICIES

Organizations may utilize protection officers in a variety of roles in preventing or responding to active assailant incidents. These roles must be clearly understood, and staffing requirements should ensure personnel capable of performing the expected duties. Organizations may use security forces to observe and detect a threat and report it to the appropriate authorities. They may also use protection officers to initiate emergency responses and activations that may include initiating lockdowns, alarms, and warning systems. It may also involve providing information over a public address system to provide situational awareness to employees regarding the incident, the location, along with a description and actions of the assailant. Some organizations may also have protection officers working in a control center that provides access to a variety of security and building systems. This may allow officers to observe video and alarm activity to relay information to law enforcement responders. It may also allow the officer to take steps to deny the assailant access to potential victims in accordance with policy. This could include securing areas by locking

Many organizations institute policies prohibiting employees from possessing weapons while on the organization’s property. Some jurisdictions have laws that restrict an employer from prohibiting the legal carrying or storage of firearms. Some states allow citizens to store firearms in their vehicles while on their employer’s property. Always ensure that organization policy is in compliance with the laws in the jurisdiction where you are operating. The evidence on weapons policies is mixed, allowing organizational executives the discretion to support policies based on their risk tolerance. A study by North Carolina researchers compared businesses that experienced homicides versus businesses that prohibited all kinds of weapons, and found those that allowed guns were 6.8 times more likely to have a homicide. A variety of factors could have influenced those results, such as employers without a weapons policy may also have greater risk because they did not have adequate security policies in other areas. (Loomis, 2008)

THE ROLE OF PROTECTION OFFICERS

II. PRACTICAL AND OPERATIONAL APPLICATIONS

128

11. ACTIVE ASSAILANT PREPAREDNESS: BEYOND ACTIVE SHOOTER RESPONSE

down entrances and elevators on an access control system. Finally, protection officers may be utilized as a force protection capability. This role requires protection personnel to be capable, equipped, trained, and prepared to engage and neutralize the assailant. This role is most appropriate for armed protection officers equipped with weapons and safety equipment to allow them to confront the assailant. Deployment of personnel in a force protection role must be carefully considered by an organization, as these resources may expose an organization to additional liability. Many organizations rely on contracted security forces to provide additional security personnel during an emergency situation. In-house, contracted and temporary protection officers should all be provided written instructions on the duties and expectations of their role. This information should allow the personnel to complete their assigned duties in an effective manner.

LAW ENFORCEMENT AND EMERGENCY RESPONSE Protection personnel should understand the response capabilities and tactics that law enforcement officers and emergency medical services (EMS) will utilize during a response to an active assailant. These capabilities should also influence the security planning and decision-making process. Most organizations will need to rely on law enforcement response to end an active assailant incident. Likewise, EMS capabilities will determine how quickly and effectively individuals will receive medical care. A facility that can expect one to two law enforcement officers with a delay of more than 30 min will need to be more prepared to defend itself than a facility that may receive the response of many officers in minutes.

Most law enforcement agencies have adopted tactics to rapidly engage an active assailant to end the incident before more innocent people are injured. Some agencies make entry into a facility as soon as the first officer or a small team is available on site. Law officers who have access to maps or who have previously participated in tours of a facility can more quickly navigate a location. Most agencies train their officers not to provide assistance to victims until the threat from the assailant has been contained. Communications with first responders will frequently occur through a government emergency communications center. Law enforcement officers will need to know routine information to initiate a response such as the location, address, type of emergency, and points of contact. During an active assailant incident, additional information can greatly assist the officers to resolve the situation as quickly as possible, such as information on the assailant, their description, clothing, vehicle, and the weaponry they are using in the assault. Understanding the assailant’s capabilities can assist the officers in making decisions on tactics to mitigate the threat.

CASE STUDIES Happy Land Fire Location: New York City, New York, USA Date: 3/25/1990 Weapon: Gasoline Motivation: Domestic dispute with ex-girlfriend and security at the nightclub where she worked. Suspect had lost his job and faced debts in the weeks leading up to the attack. Tactics: Incendiary device attack. Suspect used a plastic container (jug) of gasoline inside the interior entrance to the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CASE STUDIES

nightclub. He ignited the gasoline blocking the primary exit route from the facility. Security Issues: Security personnel at the club engaged in verbal altercation with the suspect rather than deescalating the situation. In addition, to prevent people from sneaking into the facility without paying, the emergency exits had been chained shut. The facility did not have sprinkler systems or functional alarms installed. These factors prevented the escape of victims trapped by a fire engulfing the only open entrance. Casualties: 87 killed, 6 injured. Resolution: Suspect fled the scene but was arrested the next day. Reference: https://en.wikipedia.org/wiki/ Happy_Land_fire. Virginia Tech Shooting Location: Blacksburg, Virginia, USA Date: 4/16/2007 Weapon: Two semiautomatic pistols Motivation: Suspect had diagnosis of severe anxiety disorder, severe depression and selective mutism. Tactics: Active shooter attack. Suspect killed a female student and a male resident advisor who responded in a residence hall. Reports indicate that he may have been attracted to the student but had no relationship. Two hours after the initial murders, the suspect attacked a classroom building in an active shooter scenario. Suspect went from room to room to shoot victims. Security Issues: Campus continued normal operations while the suspect in the first attack was still unidentified and at large. Suspect is believed to have called in prior threats to observe police responses to plan his attack. Suspect likely piggybacked into the victim’s residence hall to conduct the attack. Classroom buildings had no access control. Classrooms only had one exit, into the

129

hallway where the assailant was positioned. Suspect used chains to secure the doors to the building to slow police response. Casualties: 33 killed (including perpetrator), 23 injured. Resolution: Suspect committed suicide when confronted by law enforcement. Reference: https://en.wikipedia.org/wiki/ Virginia_Tech_shooting. Kraft Foods Shooting Location: Philadelphia, PA, USA Date: 9/9/2011 Motivation: Disgruntled employee Weapon: Revolver pistol Tactics: Shooter entered the facility by ramming though the security barrier with her vehicle. She entered the building and shot at coworkers with whom she had conflicts. Suspect then barricaded herself in an office. Security Issues: Suspect had multiple disciplinary issues that provided indicators of potential violence. Suspect had been suspended 10 min prior to the incident and was escorted to her vehicle by a security officer. The officer did not ensure that the suspect left the premises of the facility. Suspect had a firearm stored in the vehicle on the company property. Casualties: 2 killed, 1 wounded. Resolution: Suspect surrendered to law enforcement after the incident. Reference: Associated Press, Suspended Worker Kills 2 Women in Kraft Factory Shooting: Police. NBC News Philadelphia, Channel 10. https://www.nbcphiladelphia. com/news/local/3-Shot-inNabisco-Factory-102589659.html. Crossroads Center Shopping Mall Stabbing Attack Location: Saint Cloud Minnesota, USA Date: 9/17/16

II. PRACTICAL AND OPERATIONAL APPLICATIONS

130

11. ACTIVE ASSAILANT PREPAREDNESS: BEYOND ACTIVE SHOOTER RESPONSE

Motivation: Religiously motivated terrorism Weapon: Two steak knives Tactics: Suspect stabbed individuals outside the mall and then entered the mall to attack additional patrons and employees. All wounds were to the upper body including head, neck, back, and shoulder locations. Security Issues: Suspect had been employed as a security officer resigning prior to the incident. Casualties: 1 killed (the assailant), 10 injured. Resolution: Suspect shot dead on the scene by off-duty law enforcement officer. Reference: https://en.wikipedia.org/wiki/ St._Cloud_mall_stabbing. Pulse Nightclub Shooting Location: Orlando, Florida, USA Date: 6/12/2016 Motivation: Religiously motivated terrorism Weapon: Semiautomatic rifle and semiautomatic pistol Tactics: Active shooter scenario followed by a hostage situation. Suspect entered the facility and began firing at security staff and patrons inside the entrance. Suspect entered nightclub areas and continued to fire at patrons and staff. When confronted by law enforcement responding to the incident, the suspect retreated to the restroom area where many patrons were hiding. Suspect used patrons as hostages while conducting media contacts, social media posts, and negotiations with police. Security Issues: Uniformed police officer was on duty at the facility to assist the nightclub security staff. Officer was positioned outside the nightclub unable to block suspect’s entry to the facility. Hostage situation prevented timely medical assistance to some individuals trapped inside the facility. Suspect was an armed security officer at another facility. Suspect had made threats and other indicators of potential violence prior to the incident. Casualties: 49 killed, 59 injured.

Resolution: Suspect killed by law enforcement tactical team after an armored vehicle was used to breach the building near the suspect’s location. Reference: https://en.wikipedia.org/wiki/ Orlando_nightclub_shooting. Nice Truck Attack Location: Nice, France Date: 7/14/2016 Motivation: Religiously motivated terrorism Weapon: Cargo truck, rifle and multiple fake firearms and explosive devices Tactics: Vehicle ramming attack The suspect used a rented cargo truck to enter a pedestrian area at the end of a public fireworks event. The suspect then used the vehicle to hit people in the crowds departing from the event on streets and sidewalks. Security Issues: Suspect may have initially entered the pedestrian area by convincing law enforcement securing the perimeter that he was making a delivery. Suspect defeated other barriers and parked police vehicles by driving onto the sidewalk to bypass them. Casualties: 86 killed (including the perpetrator), 458 injured. Resolution: Law enforcement officers shot and killed the perpetrator when he exited the vehicle and engaged them with a weapon. Five additional accomplices were arrested following the attack. Reference: https://en.wikipedia.org/wiki/ 2016_Nice_truck_attack. Las Vegas Harvest Country Music Festival Location: Las Vegas, NV, USA Date: 10/1/17 Motivation: Unknown Weapon: 14 AR-15 rifles (equipped with bump stocks, 12 with 100-round magazines), 8 AR-10 rifles, a bolt-action rifle, and a revolver. Tactics: Between September 25 and October 1, the perpetrator stockpiled an arsenal of guns

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FURTHER READING

in his Mandalay Bay hotel room. On the day of the massacre, he used a hammer to break two hotel room windows and fired more than 1100 rifle rounds into the festival audience. Security Issues: During the shooting, police officers were initially confused as to where the shots were coming from. A security fence prevented people from fleeing the 15-acre concrete lot. The mass shooting occurred between 10:05 and 10:15 p.m.; it was 11:20 p.m. when police breached the suspect’s room but he was found dead. Casualties: 58 killed, 422 injured. Resolution: Perpetrator committed suicide from a self-inflicted gunshot wound. Reference: https://en.wikipedia.org/wiki/ 2017_Las_Vegas_shooting.

CONCLUSION All organizations should be prepared to mitigate the impact of workplace violence and active assailant events. There are many steps that organizations and protection professionals can take to prepare their organization. Efforts to prevent the occurrence of violence can reduce the risk of conflict or situations escalating to violent actions. While no prevention plan can eliminate the risk of an active assailant incident, prevention is the safest and surest plan for stopping most active assailants from ever conducting an attack. Adopting adequate security procedures to mitigate the impact of an active assailant incident is also important. Security can deter an active assailant from launching an attack if they do not believe it would be successful. Protection personnel and security systems can detect and delay an assailant reducing the amount of time that they have until responders can arrive. Physical security measures combined with lock down

131

procedures can deny an assailant access to the people whom they planned to attack. Together, these systems and processes can save lives, reducing the number of active assailant incidents and the number of victims during attacks.

References GOV.UK. (2017, November 14). ACT for youth: RUN HIDE TELL. Retrieved from https://www.gov.uk/ government/news/act-for-youth-run-hide-tell. Loomis, D. (2008). Preventing gun violence in the workplace. https://www.asisonline.org/globalassets/foundation/ documents/crisp-reports/crisp-preventing-gunviolence-workplace.pdf. Occupational Safety and Health Administration (OSHA), US Department of Labor. (2018, August 8). Workplace violence—Enforcement. Retrieved from https://www. osha.gov/SLTC/workplaceviolence/standards.html. OSHA Recognizes That Workplace Violence Is Occupational Hazard. (2013, October 21). Retrieved from http:// safecarestandard.org/2013/10/21/osha-recognizesthat-workplace-violence-is-occupational-hazard/. US Department of Homeland Security (DHS). (n.d.). Active shooter: Ready campaign. RUN. HIDE. FIGHT. Retrieved June 5, 2019, from https://www.ready.gov/activeshooter. Workplace Violence: Prevention and Intervention (ASIS/ SHRM WVP.1-2011). Retrieved from ASIS International (ASIS), Society of Human Resource Management (SHRM): https://www.asisonline.org/publications/sgasis-shrm-workplace-violence-prevention-andintervention-standard/.

Further Reading Advanced Law Enforcement Rapid Response Training. Texas State University ALERRT Center: http://www. activeshooterdata.org. Association of Threat Assessment Professionals. https:// www.atapworldwide.org/. U.S. Department of Homeland Security, Active Shooter Preparedness Resources. https://www.dhs.gov/activeshooter-preparedness. U.S. Department of Labor, n.d. OSHA Workplace Violence Resources: https://www.osha.gov/SLTC/ workplaceviolence/.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

A P P E N D I X

11A A Look at Solutions to Active Shooters Lawrence J. Fennelly, Marianna A. Perry, Thomas Norman INTRODUCTION It doesn’t matter if you’re in a coffee shop, a nightclub, a place of worship, a school, or corporate America, 99% of the concepts discussed here will apply to your situation. As a means of introduction, this is a topic we have researched for several years. An important part of our research included a review of past response procedures and post-incident recovery from active shooter incidents. We realize your organization wants to ensure the safety of employees and property, and everything you need to change or purchase to accomplish this cannot be done immediately. The reality is that we all have to operate within budget constraints and follow bureaucratic procedures. For these reasons, we suggest you consider developing a Five-Year Security Plan and create a list of needed changes and prioritize those changes. Your list of needed changes should be taken from the security assessment that a qualified security professional completes of your property. Discuss the recommendations with the security professional and get their input about the hierarchy of security procedures or components to put in place. In other words, what you will do and when. We recommend that you begin your plan with the installation of LED lighting which is “green” and also energy efficient. With the electrical energy savings, you will have additional

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00048-1

money in the budget for more security enhancements. Of course, if you already have LED lighting, you will move to the next item on your Five-Year Security Plan. The 12 no-cost or low-cost security improvements that you can make fairly quickly are as follows:

133

1. Develop natural access control and open lines of sight to ensure natural surveillance around the perimeter of your property and also around all structures. 2. A vestibule entrance makes an excellent second layer for your security plan when access to building entry doors are controlled by authorized staff. 3. Reduce the number of doors being used by following the philosophy of “few entrances, many exits” and install door prop alarms, or local alarms, for when a door is opened or propped open. 4. Develop common sense security policies and procedures that include a training and awareness program. All aspects of the security policies and procedures require not just management approval, but also management participation. This program needs to be reviewed regularly and evaluated for updates annually. 5. Set up a Mass Notification program that can be integrated/interfaced with your existing

# 2020 Elsevier Inc. All rights reserved.

134

APPENDIX 11A. A LOOK AT SOLUTIONS TO ACTIVE SHOOTERS

telephone and communications systems. Ensure there is communication with all buildings and outside areas. Conduct routine tests of your system to ensure operability and make sure to include employee training. Assign rally points for evacuation, and procedures for sheltering in place. Building wardens should be assigned to account for all employees, staff, visitors, and contractors. 6. Implement a Maintenance/Image program to ensure immediate correction of any form of vandalism, inadequate maintenance, defacement of property, or deterioration on or about your property. Do your homework and educate yourself about the Broken Windows Theory (Department of Criminology, Law and Society, n.d.). The Broken Windows model was first discussed in an article written by George L. Wilson and James Q. Kelling in 1982. Basically, the model focuses on the importance of disorder (or broken windows) in generating and leading to more serious crime. Even though disorder is not directly linked to serious crime, it leads to increased fear and withdrawal from the legitimate users of the property which may allow more serious crime problems in the area because there is less informal social control. 7. In May 2018, the National Fire Protection Association (NFPA) (https://www.nfpa. org/) released their NFPA 3000 (PS) News (NFPA, 2018a), to help communities holistically deal with the increasing number of mass casualty incidents that continue to occur throughout the world (NFPA, 2018b). NFPA 3000 provides unified planning, response, and recovery guidance, as well as civilian and responder safety considerations. Educate yourself about NFPA 3000 and incorporate it into your emergency procedures and train your employees as a part of your response plan.

8. Invite local law enforcement, the local fire department, and local emergency medical services to your property for a walk through and get their input about response and recovery for your emergency response plan. Give them paper and/or electronic blueprints/diagrams of your property and all buildings, and ask them to list recommendations. Consider letting local law enforcement use your property (during nonworking hours) for training exercises. Not only will you will be a good community partner by supporting law enforcement, but they will also be familiar with your property if there is an incident. 9. Conduct fire drills, severe weather drills, evacuation exercises, and shelter-in-place exercises so that everyone will know the proper procedures—practice and practice. 10. Educate yourself about the concept of layered security and develop a strong focus on deterrents and traditional security countermeasures, such as electronic and mechanical locking devices, fencing, video surveillance, and intrusion detection systems. 11. A current architectural trend is for more high-performance glass which will allow more natural light into buildings. This will reduce your energy consumption and save on lighting costs. When replacing traditional glass with high-performance glass, consider installing “unbreakable” glass which may be either glass or polycarbonate. Many types are also bullet-resistant and may be considered one layer in your security program. 12. Remember the old saying “If You See Something—Say Something?” (US Department of Homeland Security [DHS], 2019). Make this mantra an important “educational and awareness” building component of your security program. Dr. Jennifer Hesterman, who wrote Soft Target Hardening: Protecting People From Attack (2015), asks the question, “What is the cost of

II. PRACTICAL AND OPERATIONAL APPLICATIONS

COVERAGE FOR EVENTS

doing nothing?” Answer the same question about your organization as you make a pitch to the C-suite for more money to enhance security measures. We suggest you also look for ways to obtain a return on investment (ROI). For example, think about the ROI for installing cost-effective LED lighting. The following helpful list of ROI ideas will save your organization money that can be redirected to improving its security needs. • • • • • • • • • • • • • • • • • • •

• • •

Reduce energy consumption Replace old boilers Replace old air conditioner units Switch to using LED bulbs, relamp every unit Reduce use of cooling systems Replace old appliances and computer monitors with energy-efficient units Control swimming pool operation Replace old pumps Use window or portable air conditioning units to cool the hot areas Add another 40-ton unit for more efficient zone areas Transform solar windows into sun-powered heaters Maximize use of natural light Use daylight sensors that adjust to all levels Recycle paper, cans, bottles, cardboard, plastic, and wooden pallets Upgrade existing chillers and cooling towers with a new heat recovery chiller Modify pump and hydroponic systems Insulate all steam valves and fittings Modernize power plant and infrastructure upgrades Install solar energy systems, such as solar thermal water heating and passive solar in building design Add sensors for effective control of temperatures Install indoor environmental-quality lowglare ambient lighting Install solar-powered systems, a growing concept to provide electricity

135

• Use solar-powered cameras and lighting • Consider an audit of your waste management output • In residential and commercial settings, consider use of low-flow shower heads • Implement an effective and efficient maintenance program • Consider geothermal-hybrid heat pumps • Consider utilizing wind energy and wind power • Use smart plug electrical outlet strips • Install outdoor, LED wall-pack lighting with built-in motion detectors • Consider a reflective roof, to cool down the building by 20% • Check restrooms to save water four ways: repair faucets that leak; fix running water in urinals; fix running water in toilets; and repair all leaky units • Install fans for cooling

COVERAGE FOR EVENTS We recently attended a high school graduation event in Boston, MA. The day before the graduation ceremony, a person was stopped as he attempted to enter the building with two concealed .38 caliber handguns. His explanation was that he had the guns to protect a family member. He was arrested. During the ceremony, we saw a maintenance man frantically working on the PA system, but there was no sense of security—no security officers and no teachers or parents at the doors—nothing. In light of the recent shooting incidents, this is amazing. We must help people become proactive and get away from the “it won’t happen” here mentality. There could have been a very simple, commonsense solution to this … parents could have been asked to be volunteers to be present at the entry doors. We MUST learn to harden our soft targets by layered security and a visible security presence.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

136

APPENDIX 11A. A LOOK AT SOLUTIONS TO ACTIVE SHOOTERS

The following 12-point plan has some suggestions for you to consider: 1. Develop a plan and train your people about good security principles and how to identify suspicious individuals and behavior. 2. Increase your situational awareness program. 3. Work with your internal community and your external community (those inside your organization and those outside). 4. Develop an open, but secured complex. 5. Reduce the opportunity and reduce the likelihood of being a potential target. The key word here is very simple. It’s OPPORTUNITY. We don’t leave the doors unlocked when no one is home, and the windows are not left open wide when we’re gone. Retail stores don’t keep their rear doors unlocked or leave them wide open. The only thing you can control is opportunity, so think like a criminal and harden your targets. 6. Conduct tabletop exercises with your community partner and develop a strong set of security policies and procedures. 7. Have a Risk Assessment and Risk Analysis conducted of your complex. We challenge you to visit your complex some Sunday when it is closed. Think like a thief who wants to break into your facility. How would you get in? 8. Have a complete background check completed of all your employees and staff. The results may surprise you. 9. Prioritize your plan, which should consist of training and the implementation of physical security devices. 10. Be wary of the person who says “It won’t happen to us,” “We are safe and secured already,” or “We don’t have the money.” Listed here are things that NEED to be done that are low cost or no-cost, as well as tips on how to save money. 11. Check with your local Homeland Security Officer and ask for assistance and training material. Establish a community connection for training and planning tabletop exercises.

12. Develop an Emergency Management Plan. Implement it and test it. Creative coping is the trend, not creative panic.

NFPA 3000 (PA) What You Need to Know About NFPA 3000 As more hostile events continue to occur around the world, it is critical for first responders, emergency personnel, facility managers, hospital officials, community members, and others to have the information they need to be prepared when attacks occur. NFPA has developed a new standard—NFPA 3000, which is the standard for preparedness and response to active shooter and/or hostile events—to address that need. The purpose of NFPA 3000 is to identify the minimum program elements necessary for organizing, managing, and sustaining an Active Shooter and/or Hostile Event Response program and to reduce or eliminate the risks, effect, and impact on an organization or community affected by these events. NFPA addressed areas: • • • • • • • • • • • • • • • •

Risk assessment Planning Resource management Organizational deployment Incident management Facility readiness Finance Communications Competencies for law enforcement Competencies for fire and emergency medical services (EMS) Personal protective equipment Training Community education Information sharing Readiness of receiving hospitals Recovery

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

References Department of Criminology, Law and Society, Center for Evidence-Based-Crime-Policy (CEBCP). (n.d.). Broken Windows Policing. Retrieved from https://cebcp.org/ evidence-based-policing/what-works-in-policing/researchevidence-review/broken-windows-policing/. Hestermann, J. (2015). Soft target hardening: Protecting people from attack. CRC Press. National Fire Protection Association (NFPA). (2018a, December 25). NFPA 3000 (PS): Standard for an Active Shooter/Hostile Event Response (ASHER) Program. Retrieved from https://www.nfpa.org/codes-and-

137

standards/all-codes-and-standards/list-of-codes-andstandards/detail?code=3000&tab=research. National Fire Protection Association (NFPA). (2018b, April 24). In response to rising toll of active shooter and hostile events, NFPA to fast-track a new standard for unified response. Retrieved from https://www.nfpa.org/ News-and-Research/Publications-and-media/PressRoom/News-releases/2018/NFPA-to-fast-track-a-newstandard-for-unified-response. US Department of Homeland Security (DHS). (2019, June 12). If you see something, say something. Retrieved from https://www.dhs.gov/see-something-say-something.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

A P P E N D I X

11B Saving a Life, It’s in Your Hands Michael J. Fagel, Greg Benson STOP THE BLEED First aid training for everyone can save lives. The protection officer must learn how to render lifesaving, immediate first aid measures in a crisis. The rules of engagement have changed, and we must train and educate our protection officers for an increasingly important role in today’s era of mass casualty incidents. The “Stop the Bleed” training is a critical first step in this effort. There are numerous campaigns about stopping the immediate bleeding before trained emergency medical technicians (EMTs) arrive. During an emergent crisis, the victims need our help and sadly may not survive without it. Just look at this sobering event: TSA (Transportation Security Administration) officer Gerardo Hernandez bled to death while waiting 33 min to be wheeled into an ambulance (Fox News, 2013). Reports indicate that paramedics were kept away from the scene by law enforcement due to the scene being unsafe or “hot.” It is the protection officer’s role to have the necessary lifesaving equipment at his or her fingertips. The protection officer should carry a small pack, commonly called an IPOK (Individual Patrol Officer Kit) along with two CATs (combat application tourniquets) (Fig. 11B.1).

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00049-3

FIG. 11B.1

Individual Patrol Officer Kit (IPOK).

Of the three devices, they can all be applied by the protection officer, or one can be thrown to another individual to apply. This lifesaving skill set should be carried with the protection officer at all times. The protection officer can learn how to utilize these critical tools by partaking in training in the “Stop the Bleed” campaign,

139

# 2020 Elsevier Inc. All rights reserved.

140

APPENDIX 11B. SAVING A LIFE, IT’S IN YOUR HANDS

and with local trauma hospitals or Fire-RescueEMS teams. It is not “someone else’s job, it’s YOUR job” to learn this lifesaving skill. The life you save may be your own. The following tips are recommended: 1. Add these critical lifesaving skills to your tool belt, at work, at home, everywhere you go. 2. Be prepared. 3. Safety is in YOUR hands.

GET THE FACTS How Much Do You Know About Tourniquets? Think you know all there is to know about tourniquets? Take this quick quiz and see just how much you know. Be sure to challenge your friends’ knowledge while you are at it, and share this quiz on social media. First, apply pressure (The Committee on Trauma, American College of Surgeons, n.d.)! Remember, pressure stops the bleeding. Here is how it works. Just apply continuous pressure until bleeding stops. Q. How long? A. There is no definite amount of time. Use your hands to apply a firm but steady amount of pressure until the bleeding stops. As a rule you should hold pressure for at least 5 min before looking at the wound. If the bleeding does not stop, call 911 and continue applying pressure until medical help arrives. Second, if you can, try to ensure the injured person is on a firm surface. That way, when

you apply force to the bleeding area, you are pressing into something. What can I press on the wound? If gauze is available, use that. If not, use whatever is available, such as a shirt, newspaper, or your hand. Then continue applying pressure until medical help arrives.

FINALLY So far, approx. 275 City of Victorville, CA, employees have been trained in the “Stop the Bleed” campaign. Community groups are next. Our goal is to train 1000 in the City of Victorville. Websites to get additional information: https://www.aurorasafety.com/. https://www.dhs.gov/stopthebleed. http://stopthebleedingcoalition.org/. https://www.dhs.gov/stb-learn-how-stopbleed. https://www.bleedingcontrol.org/. https://www.nsc.org/safety-training/firstaid/courses/emergency-medical-response.

References Fox News. (2013, November 15). LAX security officer bled for 33 minutes as help stood by, report says. Retrieved from https://www.foxnews.com/us/lax-security-officer-bledfor-33-minutes-as-help-stood-by-report-says. The Committee on Trauma, American College of Surgeons. (n.d.). BleedingControl.org. Retrieved from https:// www.bleedingcontrol.org/.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

12 Apprehension and Detention Procedures Jeremy D. Bates, Richard P. Fiems O U T L I N E Introduction

141

Developing a Working Model

142

What Constitutes an Arrest?

143

The Importance of Reasonableness

143

What Gets Security Officers in Trouble? Criminal Laws That Can Get a Security Officer in Trouble

144 144

INTRODUCTION There is probably no topic in the security profession that generates as much discussion and misunderstanding as apprehension and detention. It is not only the source of many complaints by the clients we serve, but it can also be the beginning of a very lengthy and costly legal action. For these two reasons alone, it is worth a long look by people in the business. But there are other, more critical reasons: we also have to look at the possibility of injury, and even death, that could result from a misunderstanding of just how much authority a security officer really has to control the movements of another person. For that reason, we have to start from the beginning. We need to look at a few basic definitions.

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00012-2

Civil Law Violations That Can Get a Security Officer in Trouble

145

Detention and Apprehension Methodology 145 The Use of Force

147

Dealing With the Aftermath

148

Conclusion

148

References

148

Black’s Law Dictionary defines an arrest as: “To deprive a person of his liberty by legal authority” (Garner, 2009). Note the use of the word “authority.” That implies that the person making the arrest has the legal ability to do what they are attempting to do. Black’s goes on to define an arrest by saying, “Taking, under real or assumed authority, custody of another for the purpose of holding or detaining him to answer to a criminal charge or civil demand” (Garner, 2009). The second portion of that definition has two big components. First, assuming the authority to do something does not necessarily mean that the authority really exists. The person could be basing the assumption on bad information or they could just be mistaken about the level of authority they have been given. Either way, the end

141

# 2010 Elsevier Inc. All rights reserved.

142

12. APPREHENSION AND DETENTION PROCEDURES

result could be problematic for the officer. Second, all arrests have to be made with the intention of bringing the arrested person before a judge of some type. An arrest of any kind is never made to inconvenience someone, delay their departure, or as a way to get even for some perceived wrong. If there is no intent to take them before a judge, the arrest is unlawful. Black’s goes on to further define an arrest by saying, “Arrest involves the authority to arrest, the assertion of that authority with the intent to effect an arrest, and the restraint of the person to be arrested” (Garner, 2009). What this means is that in order for an arrest to be legal and binding, the person making the arrest and the person being arrested both must know the following: 1. The authority to arrest is real. 2. That authority is being intentionally used. 3. The person being arrested must be restrained in some way. So, what does it mean to be restrained? Black’s definition of an arrest goes on to say: “All that is required for an ‘arrest’ is some act by an officer indicating his intention to detain or take a person into custody and thereby subject that person to the actual control and will of the officer; no formal declaration of arrest is required” (Garner, 2009). In other words, if someone who assumes the authority to make an arrest indicates by words or by actions that they are taking another person into custody, and that other person believes that they are being taken into custody, an arrest has happened. I would also assert the same if the person believes they are not free to leave the situation. This is why police officers are told to make their intention to take someone into custody as clear as possible to the person being arrested. They are trained to tell the person that they are under arrest and then give them clear orders and commands about what they want them to do in order to submit to the custody.

Since citizens are legally required to submit to an arrest by a police officer, this places the citizen in the position of facing charges for resisting if they don’t comply. But security officers are not police officers. Security officers have the same authority to make an arrest as a citizen, unless some special circumstances exist. A “citizen’s arrest” is defined by Black’s Law Dictionary as follows: “A private person as contrasted with a police officer may, under certain circumstances, make an arrest, generally for a felony or a misdemeanor amounting to a breach of the peace” (Garner, 2009). Security officers generally fall into the category of private citizen. There may be instances, such as a local ordinance, that grants a security officer certain police and/or arrest authority. Your obligation as a professional is to find out what laws and ordinances apply in the place where you are working. It is equally as important to understand whether or not a citizen’s arrest can be applied to prevent specific crimes.

DEVELOPING A WORKING MODEL The law in most jurisdictions allows for a security officer to detain people when such a detention is for a reason that falls within the security officer’s authorized duties. Authorization can come from one or more of three basic places. 1. The law can outline the statutory authority of a security officer within the arena that they are working. That can be a federal, state, or local law. Look for phrases in the law like “special officer,” “auxiliary officer,” “special police,” or “special deputy.” Be sure to be very clear of the definition as stated in the law. They can be very specific. 2. The security company that the officer works for can have a contractual agreement with the client for the officers to exercise a certain level or degree of authority on their property. The

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE IMPORTANCE OF REASONABLENESS

source of this authority then is the contract that exists between the client and the security company. 3. Authority can also come from a job description for security personnel in a proprietary department. The contract of a particular company or the handbook from a human resources department might contain language that establishes the authority of the officer too (Not legal authority). The bottom line is simple. It is, and always will be, the responsibility of the individual security officer to get totally familiar with the basis for the authority that they carry with them onto the job. Ask questions, check around, and, by all means, get the verification in writing. This is one area of the job where it will pay huge dividends to do your homework.

WHAT CONSTITUTES AN ARREST? Being arrested is one of those situations where the perceptions of the arrested person are what really matter. In short, an arrest does not really happen unless the person being arrested submits to the authority of the person making the arrest. A few examples might help make this point. Let’s assume that you are working as a security officer in an area that gives you limited authority to detain trespassers. While you are on walking patrol you meet an elderly lady who has gotten separated from a group that was taking an escorted tour of the facility. You question her about how she came to end up in a restricted area and she is cooperative, but very nervous. While you are trying to sort out the problem, so you can locate the rest of the group, you get an emergency call to respond to an accident where someone has been injured. You take off running to the accident after telling the woman to “Wait here!” 45 minutes later, you

143

are just finishing up the accident call and you remember the elderly lady. You go back to the restricted area and find her still standing there. She stayed there because she thought she had been arrested (or perhaps not arrested, but detained). Her background and experiences in life have taught her to respect authority figures and do what they tell her to do. The determining factor here is that she reasonably believed that she was not free to leave. She submitted to your authority. You may not have intended to give the impression that she couldn’t leave, but it was reasonable under the circumstances for her to feel the way she did. Contrast that with a small change in location and subjects. You are on motor patrol in the same facility and you happen across three young boys who are riding skateboards in a clearly posted restricted parking lot. You are on the opposite side of a chain link fence. You stop the boys and tell them to stay where they are. You then drive down the road and through the gate to get into the lot and by the time you get there the three boys are long gone. They took off as soon as you drove away from them to get to the gate. If you did happen to locate them later, you would have a very difficult time getting them charged with trespassing or resisting your authority in any way. They took off like jackrabbits because they did not believe for one second that they were under arrest. There was no arrest because there was no submission to authority.

THE IMPORTANCE OF REASONABLENESS As with most things legal we find the word reasonable popping up in any discussion about apprehension and detention. It is the commonsense standard that you are going to be held to in almost everything that you do as an officer. It has particular application here because we are talking about taking an action that

II. PRACTICAL AND OPERATIONAL APPLICATIONS

144

12. APPREHENSION AND DETENTION PROCEDURES

essentially deprives another person of their liberty, even if only for a short time. That is something that has never been taken lightly in a free society. While it may be true that the security profession does not have the same restrictions placed on it as our counterparts in the police department, the standards are still the same. When we take an action that limits the freedom of another person, we have to make sure that we are acting in a manner that would seem logical and obvious to a reasonable and cautious person.

WHAT GETS SECURITY OFFICERS IN TROUBLE? When a security officer is placed in the position of having to take control of another person, a world of opportunity for trouble begins to open up. It has to be stressed that the security officer who acts in a reckless or indefensible way will be in for a rough ride. This fact stresses the importance of documentation. Whenever physical contact is made with a citizen, for any reason, the security officer should sit down as soon as possible after the event and write a detailed report about what happened and why they felt that they had to do what they did. Basically, the laws that can cause the problems come from two directions: criminal and civil. If any witnesses were present, it is important for them to also, as soon as possible, write their statement, detailing what they witnessed.

Criminal Laws That Can Get a Security Officer in Trouble Assault Contrary to popular belief, at least in most jurisdictions, you do not have to touch someone to be charged with criminal assault. You only have to place another person in a reasonable fear of being battered. Attempting to lay hands on someone and failing to do so can still be classified as an assault. In many cases, all you have to do is

have the means at your disposal to commit a battery and communicate to the other person that you intend to do just that. For example, if you yell across a football field that you are going to put someone on the ground and handcuff them, the court would probably not consider that an assault. You were too far away to actually take control of the person and it would not be reasonable for them to think that you could reach all the way across the field and grab them. However, if you were standing right in front of the person, with the handcuffs in your hand, and you made the same statement, it would be reasonable for them to think that you were going to do what you said. You have the means and the proximity. If you do not have cause to take them into custody, you could be looking at an assault charge. Battery Battery is the actual physical touching of a person that is either hurtful or insulting in nature. A reasonable person would think that being taken into custody, which involves being stopped, searched, secured in some way, and not permitted to leave, would be a hurtful or insulting set of circumstances. Once again, this stresses the importance of being right in your assessment of the situation and reasonable in taking the actions that you take. False Arrest This involves taking someone into custody without the legal authority to detain. Most jurisdictions, and it is your responsibility to find out the law in the one where you work, will allow for a citizen to take another citizen into custody for an offense, other than a misdemeanor or an ordinance violation, that is committed in the arresting person’s presence, or in some jurisdictions, preventing such an offense would also be justified. In other words, the violation must be a serious one and the person who makes the arrest must have direct knowledge of the commission of the violations. You cannot rely on hearsay or rumors. You can only act on firsthand knowledge.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

DETENTION AND APPREHENSION METHODOLOGY

Civil Law Violations That Can Get a Security Officer in Trouble (Note: A civil violation, also known as a tort, does not carry with it the same burden or amount of proof necessary to establish responsibility in court. In criminal court, the State must prove its case “beyond a reasonable doubt.” In civil court, the plaintiff must prove their case by a “preponderance of the evidence.” Stated another way, guilt in criminal court requires 99% proof. Guilt in civil court requires 50.1% proof. Torts are somewhat easier to prove than crimes.) 1. Assault. Once again, the act of placing someone in reasonable fear of being battered. The belief of the victim must be reasonable. 2. Battery. This is the intentional touching of someone in a nonconsensual, nonprivileged manner. Consensual touching means that you have the other person’s permission. Privileged touching would be the act of giving someone first aid if they were unconscious. 3. False imprisonment. This is the unlawful detention of someone else for no reason, within fixed boundaries. 4. Malicious prosecution. This happens when a security officer detains someone with no intention of bringing criminal charges against them or filing criminal charges without probable cause. 5. Invasion of privacy. This is an unjustified intrusion into the privacy or personal business of another person. What are the keys to avoiding criminal and civil liability? Good training, good human relations, and communication skills are a crucial part of the process. But, basically, you can go a long way toward avoiding problems by following these simple guidelines: 1. Do your job in a reasonable manner. Know your responsibilities and know your

145

limitations. Get familiar with the laws and regulations in your area and stick to the rules. 2. Conduct yourself in a reasonable manner. You are doing a job in an arena full of spectators. It is your responsibility to behave as if someone is watching every move that you make. If the time ever comes that you do have to take control of a person, it would be a great benefit to have the witness testify that you did what you had to do in a tactful and professional manner. 3. Keep detailed notes and records about what happened. It is no secret that memories fade over time. Complaints are seldom filed about an officer’s actions right after the incident occurs. It is not unusual for a period of several months to elapse between an incident and a complaint. There is no such thing as too much information in a report describing an apprehension or detention. Be specific and be thorough. 4. Keep your supervisor informed. Any contact between you and a citizen or employee that could be looked upon as confrontational or potentially explosive needs to be reported to the people in your up line (the sooner, the better). Supervisors are not particularly fond of surprises in the first place and late information about what a security officer did or said in a confrontation with someone else will not help your cause at all.

DETENTION AND APPREHENSION METHODOLOGY What follows is a discussion that centers on tactics. As you know, there is no way that a trainer or teacher can outline a set of tactics that will work in every situation you will encounter as a security officer. So, these are going to be presented to you as tactical guidelines and are intended to get you to think about the situation before things get to the point of having to take physical control

II. PRACTICAL AND OPERATIONAL APPLICATIONS

146

12. APPREHENSION AND DETENTION PROCEDURES

of another person. A good team never goes to the competition without a game plan. A good security officer never goes to a situation without a tactical response in hand. Let’s assume that the situation you are dealing with has developed, or degenerated, to the point that you have made the determination, based on the totality of the circumstances, that you have to take physical control of another person. As with most things on the job, the first rule of security work comes into play: Go home healthy at the end of your shift! 1. Get some backup headed your way. The Latin term non solis (never alone) should be the first thing that comes to your mind. Often the presence of another security officer will deter someone from resisting or causing further problems. Some departments like to use what is called a “swarming technique” that involves getting as many officers there as they can to aid in the situation. At the very least you should be communicating with your department and should also contact the local police as soon as possible. Remember, non solis. 2. Maintain a safe distance and good positioning. You should know what your reactionary gap is. That is the minimum amount of distance that you need to respond to a threatening move made by someone else. Blade your body so that you are balanced and ready and hold your hands up in front of you with your palms facing the person you are dealing with, about shoulder high. This will allow you to protect yourself and deflect an object or a blow if you need to. Leave yourself a way out of the area if you can and try to avoid cornering the other person. You could be injured if they feel that the only way out is through you. 3. Communicate your intentions. Tell the person that they are under arrest or apprehension, whichever is appropriate for your jurisdiction. In many states, the

intention to arrest or detain someone must be communicated clearly to the person being detained. It is also possible that they could be held responsible for resisting the arrest if it is made clear to them exactly what the situation is. If the person demands to know why you are detaining them, tell them in as few words as possible. It is not generally necessary for you to be able to quote the law they have violated to them chapter and verse. Just be clear about what you saw them do and your intention to hold them there until the arrival of the police or a supervisor. 4. Give the person simple, direct commands. Do not yell or threaten. Use a calm and clear tone of voice and tell the person what you expect them to do. If you want them in a chair, ask them to “Sit down, please.” If you want them to move to another spot in the room, point to the location and simply say, “Over here, please.” If they start to shout or become loud say, “Lower your voice, please.” You have to maintain a cool and professional demeanor throughout the entire process. The people who are watching should be able to testify that you were not the problem, the other person was. In the interest of your safety, you should not hesitate to say, “Keep your hands where I can see them, please,” if they start to reach inside a coat or a pocket. There is not a requirement that I have ever seen that stipulates or even encourages you to do anything that would compromise your safety. So, don’t. 5. Move in with extreme caution. If you make the determination that the person needs to be placed in handcuffs, you must proceed with a great deal of caution. The closer you get to them, the more vulnerable you are. Handcuffs should only be used when you are convinced that not using them poses a greater threat to your safety or someone else’s than letting them stand there until the police arrive. In any event, you must remember that handcuffs are temporary restraining devices.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE USE OF FORCE

They in no way guarantee your safety once they are put on another person. Caution is still the rule. Have the person turn around and face away from you. Tell them to place their hands behind their back with the backs of their hands touching. Grasp their right hand with your right hand and place the handcuff on their right wrist with your left hand. Then grasp the loose cuff in your right hand and grab their left hand with your left hand. Using your right hand, place the remaining cuff on their left wrist. DO NOT strike their wrist with the handcuff. It looks cool in the movies, but it seldom works without causing harm to the subject you are cuffing. Tighten the cuffs until they are snug, but not so tight as to reduce the person’s circulation. ALWAYS lock the cuffs in place! Always! Handcuffing techniques should be practiced under the watchful eye of a trained instructor. Your goal is to restrain the person as quickly as possible. This is one of those situations where you will most definitely play the way you practice.

THE USE OF FORCE The most critical time of your professional life will come when you or someone you are protecting is in imminent danger from the actions of another and you have to use force of some kind to protect yourself or them. It is never an easy situation to be in or an easy decision to make. Common sense tells you that the only time you can use force against another person is when there is absolutely no other choice. Security professionals are trained to use the escalating scale, starting with voice commands, and moving upward in the scale to physical force if nothing else will work, or clearly would not have worked under the circumstances. Remember, too, that security officers are not authorized to

147

use overpowering force like police officers are. We can use the same kind of force that a citizen can—neutralizing force, and nothing more. When the person we are dealing with stops using force, we have to stop, too. Neutralize; don’t overpower as imminent danger to me sounds felonious, which would mean you may be attempting to affect an arrest (in the prevention of the felony) of the individual at this point, which gives you the “overpowering” force, like police. Prior to the development of that kind of a circumstance, you need to be comfortable with the decision-making process that you have used. In other words, you have to ask yourself some questions: 1. Was I in imminent (immediate) jeopardy? This has to be clearly established by the circumstances known to you at that point in time. 2. Was someone whom I have a duty to protect in imminent physical jeopardy? What, exactly, is your duty under your orders and rules and regulations? 3. Was my mission as a security officer in imminent jeopardy? Was the action taken to protect property in proportion to the value or criticality of the property itself? In other words, did you behave in a reasonable way, given what you were protecting? 4. Did I have any alternatives to using the force that I did? Force can only be used if there is no other way to respond and solving the problem is something that must be done immediately. 5. Is the harm I am trying to prevent greater than the harm I might cause? Property is replaceable, people are not. Deadly force is NEVER permitted to protect property (except arson of your dwelling). 6. How will the actions that I took be viewed by others? Was I reasonable? Did I do what needed to be done and nothing more?

II. PRACTICAL AND OPERATIONAL APPLICATIONS

148

12. APPREHENSION AND DETENTION PROCEDURES

These are hard questions. That is why they need to be thought about and mulled over before you find yourself in a situation where force may be required. Your head will need to be clear if the situations call for you to go tactical.

DEALING WITH THE AFTERMATH If you are careful and reasonable in your apprehension and detention procedures, you are going to be able to justify what you do. But if a complaint is made or a lawsuit is filed, you need to know that you are not going to go into litigation defenseless. The law does provide some rationale for you in building your case. This is called “affirmative defense.” 1. Self-defense. There is no requirement under law that you have to allow yourself to be attacked. Under law everyone has the right to defend themselves. Just be sure that when you defend yourself, you don’t go too far and become the aggressor. 2. Necessity. If you shove someone out of the path of a speeding car you have committed a battery. You had to in order to protect them from great harm or death. No court in the world would hear a charge against you for that. 3. Mistake of fact. If you are acting in good faith and believe that you are doing something legal and aboveboard, and it turns out that you were misinformed, you have made a

mistake of fact. Ignorance of the law has never been an excuse for violating the law, but a good faith mistake defense can still protect you if the circumstances are believable. The defenses listed above have the effect of taking “intent” out of the equation. If you did not do something in a criminal state of mind, you can defend yourself from a claim that you violated a law or committed a tort. The concept of reasonableness still applies.

CONCLUSION No one really likes the thought of having to take someone else into custody. Hopefully, we can be proactive enough in the way that we do our jobs and we will avoid having to deal with this kind of situation. However, it is your job to be prepared. Keep up with the changes in the law and be very conversant in the rules, regulations, guidelines, and policies of your department when it comes to this subject. You cannot go into one of these situations half prepared and expect that everything is going to be all right. Murphy’s Law has been around since before laws were written. Be ready.

References Garner, B. A. (2009). Black’s Law Dictionary (9th ed.). St. Paul, MN: West Group.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

13 Traffic Control Marianna A. Perry O U T L I N E Signs and Automatic Traffic Signals

149

Equipment

154

Roadway Positions

150

Private Parking and Other Traffic Areas

154

Hand Signals

150

154

The Whistle

151

Calming the Traffic Traffic Calming Benefits of a Neighborhood Radar Speed Sign

Traffic Control

152

References

156

Gate Duty

153

155

citizens recognize to be a difficult and hazardous job can generate and maintain public respect.

CHAPTER OBJECTIVES • Provide an overview of the importance of traffic control • Explore the elements of successful traffic control

SIGNS AND AUTOMATIC TRAFFIC SIGNALS

• Describe basic traffic control hand signals

If you hold a driver’s license, then you can assume knowledge of most traffic signs. The STOP sign is without a doubt the most important sign in use today. These three functions of a STOP sign are taken for granted:

• List five general rules for traffic direction • Traffic calming • Speed cushions

An officer directing traffic at a busy site provides a frequent contact between citizens and security personnel. The importance of bearing, appearance, and attitude cannot be overemphasized. Likewise, the skillful handling of what

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00013-4

1. Regulates traffic flow. 2. Clarifies the question of right-of-way at intersections. 3. Reduces motor vehicle accidents at intersections.

149

# 2020 Elsevier Inc. All rights reserved.

150

13. TRAFFIC CONTROL

Generally speaking, there are two main types of automatic traffic signals: 1. Traffic lights of three colors, sometimes with an arrow for easy turning. 2. Visual and audio warning signals commonly seen at railway crossings. Automatic traffic signals normally provide adequate intersectional control. However, there are numerous situations that must be directed by a “point control” officer, to assure safe and efficient vehicular and pedestrian movements. Construction sites, accidents, rush hour periods, special events, or any other condition that causes congestion of traffic must receive immediate attention. Traffic duty consists of directing and supervising traffic at gates and intersections and patrolling parking areas. These duties are performed in order to keep traffic moving with a minimum of delay and maximum of safety. Since traffic control duty may require an officer to remain at his post for hours in all kinds of weather, protective clothing must be readily available. Proper protection against the elements is an important factor in maintaining efficient traffic control. It has been observed that a wet or cold officer presents a hazard to himself as well as to motorists. Proper clothing should also include highvisibility material to increase the safety value during nighttime assignments, whether the intersection is well lit or not.

ROADWAY POSITIONS The position selected to direct traffic must be suited to the particular intersection and expected traffic patterns. It must command a full view of the intersection and its approaches. In turn, the officer must be completely visible to the motorists and pedestrians. In many instances, noncompliance to gestures or whistle signals is caused by the inability of the motorist

to see the officer. Usually, officers assigned to traffic control will select a position in the center of the intersection or at one of the corners. 1. The center of the intersection: This position affords the greatest visibility, but it is also the most hazardous. This location is usually selected when traffic signals are inoperative, traffic is not moving at a high rate of speed, and where there is little pedestrian traffic. 2. The corner position: Intersections having heavy pedestrian or vehicular turns can be controlled by an officer standing a few feet off the curb line at one of the corners providing the greatest personal safety and better pedestrian control. Posture serves to communicate the fact that the officer is in command of the situation. He/ she must therefore assume a military bearing, with weight evenly distributed on both feet. When not engaged in signaling motorists, he/ she must stand in the “at ease” position, facing traffic, and with hands at his/her sides. When directing traffic, shoulders must be in line with the flow of traffic and attention must be directed to the vehicular movement.

HAND SIGNALS Prompt compliance to hand signals is dependent on the officer’s ability to use uniform, clearly defined, and understandable gestures. Intersectional control does not call for complicated choreography or wild arm movements. Improper hand signals, although highly entertaining to bystanders, cause confusion, hesitation, and lead to violations and accidents. Unusual movements undermine the purpose of traffic control and direction. Stopping traffic: Two clearly defined motions are required to stop traffic. First, select the vehicle to be stopped. Look directly at the driver and point in his direction with the arm fully extended. The position is held until you

II. PRACTICAL AND OPERATIONAL APPLICATIONS

151

THE WHISTLE

are observed by the driver. Then raise your hand so that the palm is extended. The position is held until you are observed by the driver. Then raise your hand so that the palm is toward the driver and the arm is slightly bent at the elbow. Maintain this position until the oncoming traffic has stopped. With the one arm still raised, turn your head and repeat the procedure with your other hand to stop the traffic moving in the other direction. The arms are not lowered until all traffic has stopped (Fig. 13.1). Starting traffic: To start vehicular movement on the cross street, pivot a quarter turn to place your shoulders parallel with the vehicles waiting to move. When the intersection is cleared, turn your head to one side facing the waiting traffic. Attract attention by pointing to the lead car. Then, turning the palm inward, bring the hand up and over to the chin, bending the arm at the elbow. If the driver’s attention has been properly obtained, it will only be necessary to make a few motions. After traffic begins to move, the arm is dropped to the side. The opposing traffic is then started in the same manner, but with the other arm. Slow or timid drivers may be urged to speed up by increasing the rapidity of the arm movements. However, flailing the air with wild arm gestures and shouting at the slow-moving

vehicles is unnecessary and only confuses nervous drivers and may lead to greater traffic congestion or accidents (Fig. 13.2).

THE WHISTLE The whistle, when properly used, attracts the attention of motorists and pedestrians and facilitates compliance with hand signals. Improperly used, it becomes a meaningless distraction that adds to the confusion. To be effective, the whistle must be used in moderation. It then becomes an invaluable aid to assist in the control of the various road users. The whistle should be blown loudly and not tooted lightly. It is a means of communicating rather than a musical instrument. One long blast is used to attract the motorist’s attention to the officer’s hand signals to stop. Two short blasts with a wave means “start.” Three short blasts are used to give warning of unusual or dangerous conditions— turning vehicles, improper crossing, and the like. The number of warning sounds should be limited as it is in this area that most improper whistle usage occurs. Normally, three short blasts will suffice to warn any motorist or pedestrian.

SHOULDERS PARALLEL TO DIRECTION OF MOVING TRAFFIC

BASIC STANCE

WHISTLE

FIG. 13.1

STOPPING 1 POINT

3 POINT

2 STOP

4 STOP

ONE LONG BLAST

Stopping traffic.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

152

13. TRAFFIC CONTROL

STARTING 1 POINT

3 POINT

2 START

4 START

TWO SHORT BLASTS

FIG. 13.2

Starting traffic.

TRAFFIC CONTROL With the responsibility of traffic direction, you will be assigned to safely expedite the flow of traffic, with the purpose of preventing congestion and providing maximum vehicular movement. The following responsibilities must be fulfilled in order to properly carry out this assignment: 1. Regulate the flow of traffic. Give priority of movement to the most heavily traveled areas by allowing longer periods of running time. Traffic movements must be of equal and adequate time if the intersecting streets carry an equal traffic volume. Long runs are preferable as they reduce the loss of time from frequent changes of traffic directions. 2. Control and assist turning vehicles. Supervise all vehicular turns. If traffic is exceptionally heavy or a spillback is caused by another intersection, determine the preference of traffic direction. If turning vehicles increase the amount of congestion, direct traffic to continue straight ahead during the period of the backup. Prevent improper turns; right turns from the left lane, or a left turn from the right lane, must be prohibited. Not only are they illegal

but they increase potential congestion and accidents. Traffic backups or accidents may be caused by motorists waiting to turn left or cutting in front of oncoming automobiles. Assist vehicles wishing to turn left. Direct the waiting motorists to enter the intersection on the left turn lane. Allow approaching vehicles that present an immediate hazard to pass. Stop the other oncoming traffic and motion the vehicles turning left through the intersection (Fig. 13.3). Priority of movement is determined by the amount of traffic flow in each direction. If the number of vehicles turning left is greater than the opposing traffic flow, the turning traffic is given preference. If the oncoming traffic is heavy and there are only a few vehicles waiting to turn, these vehicles are held up until a sufficient amount of traffic has been permitted to pass through. The cross traffic is not started until the intersection has been cleared. In heavily congested situations in which a large number of motorists are making right turns, hold back pedestrians to give precedence to the vehicular traffic. 1. Coordinate the flow of traffic with the adjacent intersections. Whenever applicable, allow the movement of traffic at the adjoining intersections to serve as a

II. PRACTICAL AND OPERATIONAL APPLICATIONS

153

GATE DUTY

LEFT TURN

FIG. 13.3

1 POINT

3 POINT

2 STOP

4 START

Directing a left turn.

guide. If the vehicular movement is not coordinated, traffic spillbacks may occur by reason of traffic being stopped at the next intersection. 2. Protect pedestrians. Immediate motorist response cannot be assured when traffic is signaled to stop. Mechanical failure, inattentiveness, or other reasons may cause failure to obey the signal. Pedestrians can then be protected only if they are held back at the curb until all moving traffic is completely stopped. Pay particular attention to children, blind or handicapped persons, and the elderly. Escort these people across the street if necessary. 3. Assist people seeking information. Carry a street guide or a map of the local area to assist out-of-towners or local citizens seeking directions. If an inquiry can be quickly answered, there is no need to leave the intersection. However, if a detailed explanation is necessary, direct the citizen to the curb where the answer may be given in safety. Don’t leave your post unless traffic conditions permit. 4. Assisting emergency vehicles. Stop all vehicles and pedestrian traffic when an emergency vehicle is approaching and pull over to the right. Give the driver a “Go” signal indicating the intersection is clear. If the driver

of the emergency vehicle signals for a turn, acknowledge by motioning in the proper direction, indicating that the way is clear. There is no written, legal authorization that allows private citizens (security officers) to direct traffic on public land or thoroughfares. However, should you be requested or ordered by a police officer to assist him, you are obligated to do so. This includes directing traffic if necessary. On private property, the safe movement of traffic is the responsibility of the owner or someone delegated by the owner. In most cases, the delegated authority is the security officer. On construction sites, assistance is required to get traffic in and out of the site quickly and safely. Highway flagmen are required for the safety of the workers and for an even flow of traffic around building or repair sites.

GATE DUTY Directing traffic from or at a gate would include such duties as checking passes, checking event tickets, and regulating special types of traffic flow. The position you take at a gate is determined by the design of the gate, traffic characteristics,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

154

13. TRAFFIC CONTROL

daylight or night conditions, and the degree of control required. In taking up your position, keep these factors in mind: a. Be visible to approaching traffic. b. Be in a position to see approaching traffic. c. Do not interfere unnecessarily with the flow of traffic.

EQUIPMENT It is essential that you have the proper equipment when on traffic control. 1. Clothing—You must dress appropriately according to the weather conditions. If you are uncomfortable because you are cold or wet, you cannot perform at peak efficiency. 2. Reflective body vests and armlets—These aids help the motorist to see you and help protect your safety. 3. Flashlight—Use a flashlight with a red or orange cone on the end of it at night. This makes you more visible to the motorist and also aids in giving directions. 4. Whistle—The whistle is used to attract the attention of the motorist and is used in conjunction with hand signals. 5. Radio—The radio provides a means of communication with your supervisor or other security officers. 6. Signs—Stop and Go signs and flags are most commonly used on construction sites and highways. 7. Pass or badge—In some situations, you are required to have a pass or a badge to allow you to perform your duties at a gate, crosswalk, or building or highway construction site.

PRIVATE PARKING AND OTHER TRAFFIC AREAS As a general rule, protection officers are assigned to control private parking and traffic

scenes. Examples are shopping centers, parking lots, sporting events, construction sites, resort areas, and so on. Each area is different, and the protection officer must exhibit sound judgment in selecting his position. For example, when an extremely heavy flow of traffic is expected at a football game, a pregame plan should be formulated. Vehicles should be allotted space by ensuring one section is filled in an orderly fashion before rotating to another section. The signals to start and stop traffic are extremely important. Practice them.

CALMING THE TRAFFIC A number of visual changes to roads are being made to encourage more attentive driving, reduced speed, reduced crashes, and a greater tendency to yield to pedestrians. Visual traffic calming includes lane narrowings (9–100 ), road diets (reduction in lanes), use of trees next to streets, on-street parking, and buildings placed in urban fashion close to streets. Physical devices include speed humps, speed cushions, and speed tables, sized for the desired speed. Such measures normally slow cars to between 10 and 25 miles per hour (16 and 40 km/h). Most devices are made of asphalt or concrete, but rubber traffic calming products are emerging as an effective alternative with several advantages (Wikipedia, n.d.). Traffic calming can include the following engineering measures, grouped by similarity of method (Fitzgerald & Halliday, Inc., 2008): Narrowing: Narrowing traffic lanes makes slower speeds seem more natural to drivers and are less intrusive than other treatments that limit speed or restrict route choice. Narrowing measures include: • Lane narrowings can be created by extending sidewalks, adding bollards or planters, or adding a bike lane or on-street parking.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CALMING THE TRAFFIC

• Curb extensions (also called bulb outs) narrow the width of the roadway at pedestrian crossings. • Chokers are curb extensions that narrow roadways to a single lane at certain points. • Road diets remove a lane from the street. For example, allowing parking on one or both sides of a street to reduce the number of driving lanes. • Pedestrian refuges or small islands in the middle of the street can help reduce lane widths. • Converting one-way streets into two-way streets forces opposing traffic into close proximity, which requires more careful driving. Vertical deflection: Raising a portion of a road surface can create discomfort for drivers travelling at high speeds. Both the height of the deflection and the steepness affect the severity of vehicle displacement. These include: • Speed bumps, sometimes split or offset in the middle to avoid delaying emergency vehicles. • Speed humps, parabolic devices that are less aggressive than speed bumps. • Speed cushions, two or three small speed humps sitting in a line across the road that slow cars down but allows wider emergency vehicles to straddle them so as not to slow emergency response time. • Speed tables, long flat-topped speed humps that slow cars more gradually than humps. • Raised pedestrian crossings, which act as speed tables, often situated at intersections. • Changing the surface material or texture (for example, the selective use of brick or cobblestone) may also include changing the color to highlight to drivers that they are in a pedestrian centric zone. Horizontal deflection, i.e., make the vehicle swerve slightly. These include:

155

• Chicanes, which create a horizontal deflection that causes vehicles to slow as they would for a curve. • Pedestrian refuges again can provide horizontal deflection, as can curb extensions and chokers. Block or restrict access. Such traffic calming means include: • Median diverters to prevent left turns or through movements into a residential area. • Converting an intersection into a cul-de-sac or dead end. • Boom barriers (also called boom gates), which restrict through-traffic to authorized vehicles only. • Closing of streets to create pedestrian zones. Construction of polymer cement overlay (see Fig. 13.4) changes asphalt to brick texture and color to indicate a high traffic crosswalk.

Traffic Calming Benefits of a Neighborhood Radar Speed Sign (Radarsign, n.d.) • Slower speeds ¼ Safer streets • Slower speeds ¼ Lower emissions • Slower speeds ¼ Higher perceived value in home pricing

FIG. 13.4 Polymer cement overlay.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

156

13. TRAFFIC CONTROL

• Slower response times of emergency vehicles: police, fire and ambulance • Added wear and tear on vehicles • Increased noise • Pits neighbor against neighbor (for vs against) • Required expense of maintenance • Perceived neighborhood speeding problem could lower house values

References

FIG. 13.5

Radar speed sign.

Neighborhood radar speed signs (Fig. 13.5) avoid all the negatives of speed humps, including:

Fitzgerald & Halliday, Inc. (2008, June). Traffic Calming Resource Guide (PDF). South Central Regional Council of Governments. http://scrcog.org/wp-content/uploads/ upwp/studies/TrafficCalming_ResourceGuide_Final. pdf. Radarsign. (n.d.). Neighborhood traffic calming/radarsign. Retrieved from https://www.radarsign.com/trafficcalming-applications/neighborhood-speed-control/. Wikipedia. (n.d.). Traffic calming. Retrieved from https://en. wikipedia.org/wiki/Traffic_calming.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

14 Fire Prevention, Detection, and Response Greg Benson O U T L I N E Fire Basics

157

Containment

162

Detection Methods

159

Fire Plans

162

Fire Types

160

Arson

164

Extinguishers

160

Fire as a Weapon

164

Permanent Extinguishing Hardware

162

Conclusion

164

Our best defense is the prevention of fire before it begins. Through effective controls and inspection, this threat can be significantly reduced, to the benefit of everyone. In all fire situations, the protection of human lives must be the most important factor. Property can be replaced, information recompiled, and other materials remade. Protection of human lives must be the overriding consideration in every prevention and response plan.

CHAPTER OBJECTIVES • Identify the three components of a fire triangle • List typical hazard areas where fires may occur • Identify the types of fires • Explain the use of five types of fire extinguishers • Emphasize the necessity of developing a fire plan

Fire has long held a position as one of the most feared threats to life and property. Fires not only destroy homes and buildings, but they can also consume vast expanses of wilderness or entire neighborhoods and take the lives of people within the area affected. Once initiated, fires spread rapidly and become extremely hard to control or extinguish.

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00014-6

FIRE BASICS Fire is, in its basic mechanics, nothing more than an extremely rapid conversion from one state to another. This reaction requires three components to occur and must continue to utilize these three components to be sustained. As such, in looking at the prevention and response to fires,

157

# 2020 Elsevier Inc. All rights reserved.

158

14. FIRE PREVENTION, DETECTION, AND RESPONSE

heat. The heat release rate (HRR) is a measure of how quickly fire temperature will increase.

1. Fuel—For a fire to exist, there must be some materials available that are capable of combustion. The material could be as simple as paper or wood, or as complex as magnesium. In every case, fuel is the component that undergoes the conversion from its current state to a different state. In most cases, conversion is from a solid to a gas, with some solid materials remaining. 2. Oxygen—The conversion of states in a fire situation requires an interaction with available oxygen. In most cases, fires are entirely dependent on the oxygen in the surrounding air; in other, fairly rare, cases the material that is being consumed may produce oxygen as a result of this process. 3. Heat—The final component required to cause the fuel in an oxygenated environment to begin the process of conversion is some source of

The interactions in the fire triangle can vary based on fuel types, environmental conditions, and room or compartment factors. It should be noted that furniture and other contents that are primarily wood or ordinary combustibles will develop HRR at a slower speed. With fuel that is synthetic in nature the fire temperature will increase dramatically faster. Without the presence of all three components, a fire cannot begin or be sustained. This leads us to the basic concept that cleanliness is a major contributor to the prevention of accidental fires. If all available fuels are stored in a manner consistent with fire prevention practices, they will be sufficiently removed from identified sources of heat, and the chance of combustion is reduced. This means that all identified sources of fuel must be identified and properly utilized and stored, to prevent exposure to heat (Fig. 14.1).

at

ide

Re

ac

ain

Ch

Fuel side Fuel

(Reducing agent)

FIG. 14.1

ns Ox

en

He

e yg

e) tur era mp (Te

yg

nt)

Ox

ge

ga

ide

izin

ts

xid

He a

(O

Chemical

it is essential that everyone understand these parts, known as the “fire triangle.”

The fire tetrahedron. II. PRACTICAL AND OPERATIONAL APPLICATIONS

tio

n

DETECTION METHODS

For example, one of the more common fire locations in the hospitality industry is the laundry area. The operation of industrial dryers requires the production of heat. When drying cloth, there is a certain amount of lint that is produced. As a result, there is a ready supply of fuel (lint is very combustible) in close proximity to a heat source. The prevention practice is extremely simple: remove and clean the lint filter after each load, or at least on a regular basis. Other typical hazard areas to inspect could include the following: 1. 2. 3. 4. 5. 6.

Boilers, heaters, and furnaces Cooking areas Electrical equipment and breaker rooms Storage areas for flammable liquids Vehicle storage areas Work areas that utilize oils, paint thinners, and other combustible liquids 7. Process areas that utilize an open flame. 8. Smoking areas As a general rule, areas that are cluttered tend to have an increased chance of fire hazards and should be frequently inspected until they are properly cleaned. Poor housekeeping is likely reflected in a decreased awareness and priority of overall fire safety. This supports a cultural priority to maintain good housekeeping and a high level of fire safety. When inspecting for fire hazards, which should be a constant aspect of every patrol, it is also essential that identified hazards be corrected, documented, and prevented from reoccurring. Educating people in the importance of fire safety can help to reinforce the role of each person in maintaining a safe work environment.

DETECTION METHODS If prevention methods fail and a fire begins, the specific hazard must be detected so that the response program can be effective. The two methods of fire detection are human observation and electronic systems.

159

Human observation is often more effective, since it allows for the use of reasoning and judgment to determine the nature of the actual situation. In this case, however, there must be people present to make the discovery. Patrol officers have excellent opportunities to identify potential fires through smell, sight, and even sound and touch. In some cases, officers observe fires in such an early stage of development that they are able to effectively extinguish them without outside assistance. In addition, by obtaining the cooperation of other people in the environment, the chances of human observation can be increased. Often, these other observers must be given some form of basic training to identify hazards or early stage fire threats so that they can be more effective. Every person should be trained in the actions to take if a fire is discovered. This type of training can be conducted during on-boarding and annually thereafter. Electronic detection can also be highly effective, especially in areas where chances of observation by people are relatively low due to infrequent travel or visual obstruction. Electronic systems of detection can include sensors that watch for smoke, rapid increases in temperature, temperatures above certain levels (regardless of how quickly that temperature is reached), and even early combustion of airborne particles. Unfortunately, electronic sensors can also trigger alarms as a result of situations other than fires. It is because of this that all alarms must be investigated to determine the actual cause. Any alarm activation should be taken seriously until investigated. Failure to thoroughly investigate or turn off the system prematurely has contributed to numerous large fires. The ideal detection program is, of course, a combination of human observation and electronic monitoring. By thoroughly training the protective force and offering basic training to all other people who will be in the area and utilizing an electronic system as a backup to these components, you greatly increase the likelihood of identifying fire situations. Officers should be competent in the specific actions to take when fire is discovered.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

160

14. FIRE PREVENTION, DETECTION, AND RESPONSE

As previously stated, it is essential that fires are identified at the earliest possible moment, so that they have not had a chance to grow too large to be contained and extinguished.

FIRE TYPES Although based on the same concept, fires can be divided into four basic types, determined by the nature of the fuel component of their fire triangle. It is important to know these types and the differences in their fuels, as it can make a difference in how the fire is contained and extinguished. The basic classes are given in the following: 1. Class A fires generally have common solid, combustible materials as their fuel. This may include such fuels as wood, paper, and cloth. This is a very common form of fire. It is also the most basic. 2. Type B fires are fueled by liquid or gaseous fuels, such as gasoline, kerosene, and compressed gas tanks like propane. 3. Type C fires are initiated by, or contain an element of, energized electrical involvement. Fires in a breaker box, power strip, frayed extension cord, or item of powered equipment would fall into this category. De-energizing a Type C fire will create a Type A fire. 4. Type D fires are caused by burning metals, such as magnesium. They are often extremely

FIG. 14.2

intense and require special equipment to handle. 5. Class K fires involve oils and greases normally found in commercial kitchens and food preparation facilities using deep fryers. Once the nature of a fire is understood, it becomes a determining factor in how to handle a particular situation. For the most part, classes A, B, and C fires of sufficiently small size can be contained and extinguished by a person utilizing an appropriate extinguisher. Class D fires require such specialized equipment that most responders will not be able to effectively handle them and should be cautioned to maintain a safe distance in the process of evacuating the immediate area (Fig. 14.2).

EXTINGUISHERS The most critical aspect of deciding if you are going to attempt to extinguish a fire is determining if you can do so without serious risk to your own safety or the safety of others. Make no mistake: fighting a fire is dangerous. By its very nature, this activity requires that you intentionally remain within, or move within, close proximity to a highly hazardous environment. Care should be taken to ensure that the responding person understands the dangers and the

Ordinary

Flammable

Electrical

Combustible

Combustibles

Liquids

Equipment

Metals

(Green triangle)

(Red square)

(Blue circle)

(Yellow star)

Fire classifications.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

EXTINGUISHERS

equipment to be used, as well as its limitations. The purpose of fighting a fire is to save lives and property, not to risk them needlessly. When working in an environment with extinguishers that you may not have used before, it is recommended that a test unit be obtained, even in a group setting, so that the area of effect, limits of range, and duration of use can be explored. Using an extinguisher on a fire, without previous training, can contribute to making the fire worse or injuring people. Security officers should complete annual training in the use of extinguishers to increase their capability levels. When deciding if it is appropriate to attempt to extinguish a fire, it is important that the equipment you select matches the fire type. Mismatching the extinguisher and fire types may result in a marked increase in the level of personal danger to which the responder is exposed. With this in mind, some of the more common extinguisher types and the class of fire they are intended to be used on are as follows: • Dry chemical—These utilize a powder that is expelled from the nozzle in a stream of pressurized, nonflammable gas. Dry chemical extinguishers are usually classified as usable on Class A, B, and C fires, as they will be both effective and relatively safe in those applications. Dry chemical extinguishers extinguish the fire by coating the fuel of the fire, making it unavailable for combustion. • Carbon dioxide—These units produce a cloud of snow-like particles that quickly evaporate into a carbon dioxide layer. This layer reduces the available oxygen and cools the area, breaking the fire triangle. They are commonly classified as B and C type extinguishers. • Water based—Water is a good extinguishing agent for Class A fires but can aggravate other types. If used on burning liquids (Class B), it can spread the fuel, thus enlarging the fire area. If used on electrical fires (Class C), it can

161

cause serious harm to the responder, as it may conduct an electrical charge, causing an electrical shock to be delivered to the holder of the unit or others standing in the runoff from it. • Halogenated units—These are referred to as “clean agent” extinguishers because they contain a chemical that leaves no residue on evaporation. They cool and smother fires, making them typically usable on Class A, B, and C fires. These are the ideal type of unit for responding to computer or other delicate electrical equipment fires, as they are far less likely to cause damage to the equipment in the process of extinguishing the fire. • Foaming agents—These units produce a foam layer that blocks the flow of oxygen to the fire area. They are very effective against Class A and B fires. Unfortunately, foaming agent extinguishers often utilize a water-based agent and so should not be used on Class C fires. In the past, there were extinguishers that had to be inverted to cause a reaction between the main tank contents and a bicarbonate material, resulting in development of pressure. It has been recognized that this motion, the inversion of a heavy extinguisher, may not be within the capabilities of persons with disabilities, and their use has been largely discontinued. In the United States, such extinguishers do not comply with the Americans with Disabilities Act and should not be present in the workplace. Extinguishers should also be checked and inspected on a regular basis. Most fire codes required annual inspection. If there is high traffic in a given area, especially one that is open to the public, checking extinguishers daily, or even on each 8-h shift, might be in order. It is important to ensure that they have not been discharged or tampered with so that they will be available for use if a fire is discovered. Officer awareness of extinguisher type and location can make a difference in the outcome of a fire incident.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

162

14. FIRE PREVENTION, DETECTION, AND RESPONSE

PERMANENT EXTINGUISHING HARDWARE In addition to extinguishers, which may be carried by possible responders, there are some more elaborate extinguishing devices that are installed in buildings: • Automatic sprinklers—these operate through a spring-loaded valve that opens when exposed to certain minimum temperatures. These valves, called “sprinkler heads,” are located at regular intervals throughout the entire building. Once the valve opens, the feed pipe that is attached to it will continue to supply it with water until the control valve for that area is closed or the sprinkler head is replaced. In most systems, the feed pipe has a sensor added to it to activate the alarm system if the water begins to flow toward an activated sprinkler head. • Range-hood systems—in kitchen areas, there are often specialized systems designed to blanket the entire working area with a special chemical agent. This is designed to be highly effective on grease fires and other common kitchen fires, yet still be relatively easy and sanitary to clean up. These systems are triggered manually by persons who observe a fire. • Stand pipes—based on application of fire codes, most buildings have a stand pipe system that allows for the connection and supply of fire hoses. Like an extension of a fire hydrant, these provide the fire department, or in-house fire brigade, with an available source of water. Specialized areas such as computer rooms or high hazard process areas may require different styles of extinguishers. Security officers should be trained in all types of extinguishers that are located in their patrol area. It is widely accepted that, even under the best of circumstances, these types of automatic or

large-scale systems usually slow or contain a fire, but often do not extinguish it. As a result, it is essential that each activation is investigated, and the fire department becomes involved to ensure that the hazard is properly eliminated.

CONTAINMENT In addition to the actions of responders and the utilization of various systems and equipment, there are usually design limitations that aid in the containment of a fire. In most jurisdictions, and within many companies, there are specific design and construction requirements, with regard to the use of fire-resistant building materials. Such items as fire-resistant doors, designed to resist the spread of a fire for certain periods of time, aid greatly in the containment of a fire. However, to be effective, they must be in their proper position and working in accordance with their original design. As part of every officer’s patrol, confirming that fire doors are in proper condition and not propped or wedged open should be a constant component. Toxic smoke from fires can spread quickly affecting personnel at a distance from the fire. In all, 85 people died, most by smoke inhalation, at the devastating 1980 fire at the Las Vegas MGM Grand Casino and Hotel fire. The largest number of fatalities occurred remote from the fire itself as toxic smoke spread through the hotel.

FIRE PLANS Designing a fire plan, prior to an actual event, is the most effective step in any fire prevention, fire detection, and fire response program. It is through this plan that all of these factors should be addressed and given structure, detail, and actions to be taken. Developing such a plan must be done in cooperation with those expected to execute the plan.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FIRE PLANS

Fire safety personnel and security officers should be involved from the beginning. Without this, it is possible that aspects of the final plan may be unrealistic. Lack of collaboration on development of a realistic plan could prevent an effective program from being implemented. The planning process has additional benefits of relationship development among safety personnel. The written plan should include the following as a basic guide: • Emergency contact names and telephone numbers • A formal chain of command for routine accountability and command in the event of an incident. • Detailed explanations of the responsibilities of each person or department in prevention aspects. • Detailed explanations of the responsibilities of each person or department in response aspects. • An explanation of the equipment available, the frequency of inspection, and the method of documentation. • An explanation of the training that personnel receive, the frequency of retraining, and the specific responsibilities bestowed as a result of this training. • Charts and diagrams of the property, detailing equipment locations, routes of egress, evacuation meeting locations, and similar fixed points. It is critical that senior management reviews this program and supports it. Senior management’s attitude toward the safety process will impact all aspects of plan execution and priority. It is also essential, and in some areas required, that the fire marshal have a chance to review the fire plan and approve it prior to implementation. Sharing the plan with area responders will also benefit safety of personnel and property in the event of an incident. Knowledgeable police officers and fire department personnel will increase effectiveness of the plan.

163

As part of a formal plan, alarm systems should be regularly inspected and tested to ensure that the components are functioning properly. Inspection and testing should be conducted to comply with local requirements and codes. This should include activation of every sensor through cooperation with a qualified/ certified inspector or installer and the presence or approval of the fire marshal. All inspections and testing should be documented. Above all, the response portion of a fire plan must be realistic in its assignments and expectations. It should be written with the following limitations in mind: • Assign duties only to people or positions that will always be present. If you work in an area where the patrol officer is the only position that is staffed at all times, the response plan should assume that this will be the only person present for its critical aspects. It is easier to assign an extra person to a new duty than it is to find an extra person for a vacant function. The plan should be written based on roles, not individual people. As an example, the officer on beat 123, not Officer Smith, should be expected to take action. This ensures that people will be trained based on roles and responsibilities. • Write each phase with the protection of lives as the primary focus, and property concerns as a secondary motivation. • Write the plan based on existing equipment and supplies only. Do not count on having time to obtain other items before the plan must be put into action. The plan, once developed, has to be exercised after people have been trained. This ensures that the plan as conceptualized on paper will meet real-world situations. Officers need to be part of the drills and exercises conducted. An untested plan is just a concept. The most important point about fire plans is that they must be put into effect! What good is a

II. PRACTICAL AND OPERATIONAL APPLICATIONS

164

14. FIRE PREVENTION, DETECTION, AND RESPONSE

plan that is exhaustively researched, designed by a broadly scoped committee, approved by every member of the team, and then put on a shelf and never utilized?

Investigating all fires provides a visible message that fire safety is important.

ARSON

Fire has been utilized as a weapon since its discovery. Security officers’ actions in these instances will save lives. Officer awareness of patterns or materials being delivered can be important in overall situational awareness. A large cargo truck of flammable liquids that pulls into the parking lot could be a legitimate delivery or the precursor to a terrorist action. Employees attempting to take dangerous materials off site or using them for vandalism can be another precursor when officers must use fixed fire protection systems. The security officer’s observations and actions are on the front lines of preventing the use of fire as a weapon in an attack. Officer familiarity with the occupancy preplan will be critical in the event of any incident. All security force members should be trained in plans involving evacuation or sheltering in place. Officer actions in these instances will be taken long before fire and police resources arrive. Officer knowledge, awareness, and actions are critical to the outcome of any human caused event.

Fires are not always accidents or acts of nature. An alarming number of cases are thought to be fires that are intentionally set for any of a vast number of reasons. In some cases, insurance fraud is believed to be the motivator; in others it is due to psychological disorders. Whatever the motive, arson fires are some of the most dangerous. Often, accelerants are utilized to cause the fire to grow rapidly beyond the containment and extinguishing capabilities of the responding fire department. In some tragic cases, this means that those within the structure don’t have time to escape before falling victim to smoke inhalation. In even more sinister cases, arsonists have been known to block or lock doors, preventing escape from the flames. Your best protection against arson is a combination of highly visible patrols to deter the attempt, and effective securing of unused rooms and flammables. These steps will reduce the areas of concealment, which the arsonist often relies on to prepare for the incident, and also cause the arsonist to have to bring their own materials, which could draw attention to them. Much like other crimes, a motivated and dedicated arsonist will eventually find a way to attempt to carry out their crime, but you can create an environment where the arsonist, looking for a random place to start a fire, will be less likely to feel comfortable. All fires should be thoroughly investigated to determine their cause and origin. A clever arsonist may start a small fire to gauge response.

FIRE AS A WEAPON

CONCLUSION Know the basics and apply them to every patrol. Train each member of the team who is supposed to respond to fire situations so that they are not hesitant when that time comes. Train everyone in how to prevent fires and respond to discovering them, for their own safety. Fire can be a devastating event, especially if the response is uncoordinated or slow. Regularly check and inspect equipment to ensure that it is in usable condition, should the need arise.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

15 Access Control Colin Best, Joseph Nelson O U T L I N E Introduction

165

Locks and Key Control

171

Custody of Client Keys

167

Electronic Access Control Systems

171

Emergency Access Control

168

Examples of Access Control

168

Wireless and Radio Frequency Communication

172

Audit and Record Keeping

169

Access System Database Management

172

Access Authorization

170

Multiple Factors: Biometric Technologies

173

Access Control in the Information Age

173

Emerging Trends

173

Applying Physical Security in Access Control

170

INTRODUCTION CHAPTER OBJECTIVES • Define access control and its objectives • Identify various methods of achieving access control • Emphasize the value of record keeping and data storage • Describe a security professional’s role in access control management

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00015-8

Access control is defined as the means to control privileges or rights to an asset, but it can also mean to a resource or to an individual. Having access provides one with the opportunity or means to use or benefit from something having value. Most often in security it is the access to property, services, events, or information, but access can also be to people such as the right or opportunity to approach or see someone, like a public celebrity.

165

# 2020 Joseph Nelson. Published by Elsevier Inc. All rights reserved.

166

15. ACCESS CONTROL

Security of assets is often best achieved by organizing a means to balance the desired use of assets with protection from potential risks associated with their loss. Access control provides a means for asset owners to achieve both their desired use and control over their assets by allowing privileges to only agreed individuals. The function and practice of access control are fundamental to the protection officer in his or her duties. The security officer will not only be expected to perform a duty relative to access control but will likely dedicate significant security resource time to access control during the course of their employment. Current day access control is usually achieved with a combination of elements including administrative and engineered controls. The elements often include technical access control systems and security personnel to monitor the controls, record keeping, policy conformance, and if needed any improvements. In some cases, access to a given area may be by staff only through a security patrol identifying any people in the area being patrolled. Most typical in larger organizations, access control involves the control and monitoring of physical security systems, such as key systems, large-scale access control, alarms, and network video systems. For these organizations, the familiar example of access control is a uniformed security officer, with or without additional access elements, behind a desk at the front entrance of an office building, industrial facility, or other property. Typically, at a building’s perimeter, these access areas can be called different things, such as a checkpoint, security or guard station, main lobby, etc. These checkpoints are often a fixed post, meaning the officer is posted permanently until relieved or when policy and/or post orders dictate. The presence of the officer in this key location of common access serves many purposes. One is to provide a deterrent to those who may be unauthorized to enter the protected area or structure. In addition

to the deterrent function, an officer familiar with the protected property and its frequent occupants will recognize those who are common to the property and can challenge those who are unauthorized. Also, security personnel stationed at access points can observe and assist with any service needs such as requests for lost badges, visitor processing, or policy exceptions. While many residential environments have physical keys or electronic systems, some large apartment complexes maintain just security staff at their main access checkpoints. This method can provide an acceptable form of controlling access with the security officer recognizing the regular occupants, along with providing a desired human service level. While less formal, this is a more traditional method of access control which becomes less effective as the volume of traffic increases. It also lacks formal record keeping of activity that technical security systems provide by creating logs with access activity times, dates, and names of all those accessing a space. Successfully achieving the objective of controlling access is often dependent on physical controls. For example, the task to control access to a property consisting of acres of land with no fences or physical boundaries would be much more difficult than a building with one entrance, although continued advances in electronics continue to make the difficulty less so. Access control can only be achieved by frequent patrols of the protected area, challenging unfamiliar persons caught on the property. In this example, these challenges may be the accepted form of access control, with no further control necessary. However, most facilities require additional forms of controlling access, such as at waste sites, storage yards, and other facilities. In some circumstances, large properties or defensible spaces may require a softer form of physical barrier. This may be achieved through dense foliage or even through designated walkways with paint around the area of protection

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CUSTODY OF CLIENT KEYS

or defensible zone. This form of control merely implies that a certain area is off limits and offers a convenient path around the area. Many properties and assets cannot depend on a “soft” form of physical security. It is for this reason that it usually becomes necessary to add other forms of physical security to achieve suitable access control. Fences may be erected around a property to control access and to “force” or “funnel” visitors or employees to a common entrance or “checkpoint” manned by a protection officer. Appropriate signage indicating a no trespassing order will aid in controlling access through the message that anyone trying to breach security and access the forbidden area risks arrest and trespassing charges. In situations where it is expected that the protection officer will arrest anyone caught trespassing, it is crucial that signage is in accordance with the laws concerning local trespass acts. It is also extremely important that it is within the legal rights of the protection officer to perform the arrest. The addition of locks to alternate entrances to the facility or property will also control access. Other forms of additional physical security, such as monitoring with network video and integrated systems, are used to create system redundancy and improved reporting. Alarm systems will further assist in the prevention of unauthorized access. Modern electronic access systems have many features to increase the level of access control to a facility, area, or room. Integrated systems and the use of these systems to create system redundancy and improved reporting are combined with access readers and software rules to prevent what’s called “pass back.” The main purpose of these “anti-pass back” arrangements is to prevent a card or token holder from passing their card or token back to a second person to gain entry into the same controlled area. These arrangements are also designed to limit what is called access “piggybacking.” Similar to tailgating, “piggybacking” refers to when an

167

unauthorized person tags along behind another person who is authorized to gain entry into a restricted area or pass a certain checkpoint. Some systems have enhancements, such as the addition of “mobility impaired” access, to allow the extended opening time of a door. In the event of a stolen card, the card can be “tagged” with an alarm upon use, alerting the operator at the monitoring station to dispatch security personnel to the location of the cardholder. Meanwhile, the card remains active and permits access, so as not to alert the holder of the card. Systems can be interfaced or integrated with other systems such as building automation, fire systems, and human resources computer databases. This allows the access holder to gain access and turn on lights or air conditioning to his or her work area with the use of the access system. With the activation of a fire alarm, an access card could be automatically validated for use by the fire department. Access control systems are designed to limit exposure and reduce threats. Sophisticated access control systems can be defeated when someone props open a door. Door prop alarms are low cost, and desirable solutions to propped open doors. Helping keep energy cost down by ensuring the doors are closed they also serve a vital security need. Sounding when a door is left open too long, door prop alarms, help ensure access control systems are used as intended.

CUSTODY OF CLIENT KEYS The following procedure should be used by the security officer when he or she has custody of the client’s keys. • All client keys will be kept on a key ring in the security officer’s possession while on duty. • The key ring will be designed and constructed large enough so it cannot be

II. PRACTICAL AND OPERATIONAL APPLICATIONS

168

•

•

•

•

• •

15. ACCESS CONTROL

easily lost, misplaced, or mistakenly removed from the post at the end of each shift. The key ring will be secured on a key ring holder. The security officer will securely fasten his or her belt through the key holder. The key ring will remain on the key holder unless keys are being used for locking or unlocking doors. Keys and key ring holder should be passed to each shift and indicated as such on shift report. The security officer will periodically check the keys, key ring, and key holder to insure key control. For keys that are lost or mistakenly removed from the post, contact the supervisor immediately. Never loan the site’s keys to the client, client employee(s) or any unauthorized person. The security officer should follow the policy and procedures provided by the facility for controlling and protecting keys.

EMERGENCY ACCESS CONTROL All access control procedures must consider how to implement safe emergency exits. It is important that physical security is harmonized with the safety of people by not interrupting safe egress from the property or site in the event of an emergency. Whenever controlling access, it must be assured that emergency egress is not sacrificed. Naturally, local and national fire codes can present challenges to controlling access to many facilities; however, it is imperative that there is no sacrifice to the safety of the building occupants in order to achieve better security. In most instances, policies are drastically altered for access in an emergency. Where policy dictates, a fixed post may become a roaming position for the officer to facilitate an escort for emergency medical services or the fire department. The opposite may be true when a

roaming officer will be called from a roaming patrol to a fixed position at the entrance of the protected facility to provide speedy access for dispatched emergency services. Generally, an emergency such as fire, medical concern, hazardous spill, or gas release should result in the halt of all work in the facility to help facilitate access. Elevators and other conveyances should be programmed to ensure that they restrict normal use and are available for potential use by the emergency service personnel. Parking control at a facility entrance or loading dock can be considered an access control duty where entrances are kept clear to make way for emergency personnel.

EXAMPLES OF ACCESS CONTROL With a facility or property that has been equipped with fences, locks, and other barriers, access can be controlled at one or more checkpoints as needed. Visitors and workers can be directed to desired points of access. However, since even strong physical controls can be circumvented, a key question must be answered: What prevents unauthorized persons from bypassing these controls and gaining access through the access check points? The answer to this risk is often placing a protection officer at the access point to monitor and assure compliance with a formal organizational access control policy to reduce the unauthorized access concerns. Access policies should outline a clear definition of the requirements for access to the property; for instance, a facility such as a bar or nightclub may only permit access to those of a consenting age, so patrons may be required to present a valid driver’s license to gain access. In addition, some facilities may require presentation of an invitation or ticket to enter a public venue or private function such as concerts, large weddings, or other events. Sometimes, the organization will seek to add work to the access monitoring and have a

II. PRACTICAL AND OPERATIONAL APPLICATIONS

AUDIT AND RECORD KEEPING

security officer handle additional duties. For example, a protection officer assigned access control to a parking garage might be considered to also collect fees, handle cash, etc. These arrangements should be avoided in almost all cases to maintain the integrity of access control work which can become much less effective when non-security work becomes part of the assignment. That is not to say a protection officer should avoid related access control work such as monitoring access for other services. For example, the officer may control access to a conveyance, such as, an elevator and managing its bookings or those of a loading area or entrance. The issuing of visitor and contractor badges may accomplish control of access in regard to temporary contractors. Office and industrial facilities may require contractors to present company identification. Policies and procedures regarding access control may apply only to certain people in certain areas at certain times. The identification industry is becoming more and more advanced, and many large corporations are implementing identification systems as corporate standards for all employees. At the same time those individuals looking to circumvent security have unfortunately more tools to copy or replicate access cards and credentials. To stay ahead of this criminal capability, organizations must take proactive steps with modern security features on their corporate IDs. The use of holograms and watermarking make replication of a well-designed identification card difficult by unauthorized persons. Company identification can be combined or integrated with an access card for the facility. A trusted means to validate identity is key to the above example (for regular occupants of a facility), but also for the authorized contractor or temporary staff. In these situations, a protection officer may be able to provide additional factors to confirm identity checking against an access or visitor list or permit. The goal is to have those appearing on permits or lists to be the only persons permitted access and those without the

169

validating elements to be challenged by security or by staff in secure areas of a facility.

AUDIT AND RECORD KEEPING Maintaining a security access log, register or muster list by electronic or paper means has become a common function within access control programs. Linking an individual to an access event even in the most basic form, such as signing a security register can help deter unauthorized individuals especially if they are asked for more than one validation action such as the need to present a credential. The security register has a primary function as it can be used as an audit trail of who accessed the facilities at any given time; allowing it’s use to confirm policy conformance. Where access controls are the most assured, access logs can also be used with other means to obtain a sense of “who’s in” a space or building during a specific time. Some are able to use such records to assist facility emergency responders gain awareness of the occupants to assist them in responding to an event such as a fire. While a register can contain as much information as one might choose, generally it carries the individuals name, organization they are affiliated with and perhaps an id number, work location, phone number, as well as the time in and time out of the space. Sometimes it’s appropriate to add additional personal data such as the signature or initials of the individual requiring access. Given the increasing need to protect personal data collected, the officer assigned to the building and maintaining the security register should limit the data involved to only the information that is required to accomplish the desired access task. They should also ensure training and assistance to those unfamiliar with the process in order to maintain governance with appropriate, complete, and consistent files. Records of this nature should be archived for retrieval according to local statue and the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

170

15. ACCESS CONTROL

policies outlined by the employer or the client. Once the agreed retention limit for the confidential records is reached, they should be destroyed prior to disposal. Maintaining confidentiality of these files should be considered part of the duty of officers involved in the access control program.

ACCESS AUTHORIZATION During the course of performing access control, it may become necessary to deny (block) access to those without proper credentials. Given the variety of reasons access may need to be blocked protection officers must be aware that a situation where the person wishing to gain access may have legitimate business on the protected property. Therefore, some means to validate requests, unless an outright denial is agreed, should be in place. This could simply be a supervisor or other is consulted before turning someone away, such as a new employee, client, etc., and would help avoid a negative concern such as the loss of business or goodwill. For this and other related reasons organizations need a clear policy for the denial of access to individuals without proper credentials. There are some facilities that may employ a strict “No Authorization, No Access” policy that can be supported by the organization and will dictate that the person requesting access without proper credentials be denied. While many other facilities will have a procedure to obtain the proper authorization for access. It is often the best practice to escalate these matters consistently to a supervisor who can assist in confirming authority for access. Another example may be to require a visitor requesting access to call an authorized occupant in the facility to provide an escort. When the security officer is left with the decision of whether or not to allow access, it is usually best that the officer acts on the side of caution and explains the organizational

policy that access requires prior approval or other requirements. Advising the person that he or she has to be denied access is an act best accomplished with diplomacy and respect. The event of the denial should also be documented on a report suitable for the employer or client. Policies for clear criteria for granting and or denying access should be part of the protection officer’s post orders or standard operating procedures.

APPLYING PHYSICAL SECURITY IN ACCESS CONTROL For many facilities, control of access within a building at any one point would not require a dedicated protection officer, particularly in large facilities with many areas such as industrial and office buildings. While posting officers at these various checkpoints to control access might be an effective form of access control, in these circumstances the risk may not warrant the cost. These areas could be executive offices, chemical rooms, file rooms, and other areas that may require limiting or curtailing access. In these cases, an analysis of the costs and benefits of posting officers should be completed. Where posting an officer is not appropriate access can be controlled with physical security barriers such as doors, locks, network video systems, alarms, and electronic access control and monitored either actively or passively by the security officer. The effectiveness of physical security is further enhanced by strict key control, effective monitoring of network video systems and alarm systems by the security officer, and accurate database management in electronic access control systems. Other important tools used to aid access control are intercom, telephone, and other voice communications systems. Requests for access can be made from remote points within the facility, allowing an officer to be dispatched or to grant access remotely from an electronic access system, given proper authorization.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

ELECTRONIC ACCESS CONTROL SYSTEMS

LOCKS AND KEY CONTROL Locks and keys have been around for thousands of years and remain fundamental for controlling access in many situations for many areas. Since their invention the durability and security of locks and keys have greatly increased along with their use. Today, they help control access to almost every structure imaginable. Locks exists in many forms but generally speaking, locks are mechanical devices consisting of a cylinder, springs, and several pins or “tumblers” that prevent rotation of the lock cylinder or plug without the insertion of a correctly cut key. Since keys can be duplicated, the high security locks manufactured today make unauthorized replication quite difficult. These specialized “proprietary” systems have unique restricted key control duplication since they are only available for authorized users in agreement from authorized distributors. So, within locks and keys, the restricted proprietary keyway, combined with strict key control, is one of the most effective solutions to controlling access. The management of keys should include a signature or receipt for issued keys. Keys should each have unique control numbers permanently stamped on the key to record and track its identity from date of issue. The temporary issue of keys should be accompanied by signature on a register or key sign-out form indicating a return time. All codes and control numbers appearing on the keys should be documented for key signout. All key control documentation should be considered confidential and should be subject to similar record-keeping procedures as the security register. When the need to revoke access privileges is necessary, keys should be retrieved, or if necessary, locks should be changed. Some newer generation locks can suspend or revoke access to certain keys electronically, similar to an electronic access control system. This can eliminate the costs of lock changes, as well as administrative costs of reissuing new keys to authorized people.

171

ELECTRONIC ACCESS CONTROL SYSTEMS With the addition of electronic access control to a facility, the officer can gain control of many individuals in different areas of the facility at different times, regardless of traffic volume. Most access systems installed today provide ease of access for authorized parties to come and go to their authorized destinations. Access is gained by presentation of a card, badge, token, or software token stored on a mobile device to an access control “reader.” The reader may be connected electronically to an “interface” or “controller,” or networked directly to a host computer system or to the internet for cloudbased services. Often systems with distributed panel controllers are configured so that the remote controller or intelligent reader can make a local decision for access and retain transaction history locally, especially in the event of a host computer failure or scheduled maintenance. This feature is known in the industry as “distributed” or “field” intelligence, and the activation of this feature is often referred to as “degraded” or “offline” mode. When access is granted to a given area, the access transaction is stored electronically on disk, tape, or printed media for future retrieval as part of a “history.” A person attempting to gain access where not permitted can usually be reported as an alarm on a computer screen, directing the security officer to take a predetermined action. Log records often include the individual’s name, ID number, time of transaction, and type of denial, which are also recorded electronically to history, as well as other alarms. History, along with other system reports, can be customized in various ways and can be a valuable aid in the investigation of various incidents, as well as in controlling and monitoring time and attendance. Increasingly in the age of data analytics, companies utilize the access control systems data to trend occupancy levels for building space utilization and building service

II. PRACTICAL AND OPERATIONAL APPLICATIONS

172

15. ACCESS CONTROL

level decisions. This data can also be used as a consideration with energy loads in efforts to save on rising energy prices. The industry of electronic access systems is continually expanding in terms of technologies, manufacturers, and installations. The majority of these systems are becoming more affordable and easier to use, whereas the technology that makes the systems work is becoming more advanced. Compiling modern, easy-to-use, graphical user interface software has made the management of “enterprise” scale systems a much easier task than it was just a few years ago. Older enterprise scale systems use operating systems and software that consist mostly of typed command line interfaces, which are less userfriendly than the more recent graphical user interface-based technology. Front-end computers on these earlier systems usually required more frequent maintenance and were more costly to repair than the modern systems being installed today. Installation of an electronic access control system will also contribute to the control of keys. Master keys need only be issued in certain circumstances and may be signed out only when necessary. A daily sign-out control policy can ensure that master keys never need to leave the property. Most installed access systems use a card or similar medium to provide access in place of the key. If lost, the card can easily be voided by the operator of the system. This is a simple solution compared to the loss of a master key, which results in changing many locks and reissuing keys to all key holders. The access card will usually have a numeric or binary code that is verified by a computer host, ensuring validity.

WIRELESS AND RADIO FREQUENCY COMMUNICATION Most often today access control systems utilize wireless means to transmit card or token information to a card reader, which is read by the system to either permit or deny access. Recent innovations in access control technology

have led to the use of contactless “smart” cards. In addition to providing the required data for traditional electronic access control, other information can be stored on the card, such as personal identification numbers to allow access, or even a biometric template, matching the cardholder’s thumbprint or retina information to the content of the smart card. Other uses for the card may involve building automation or cashless vending. This trend is expected to continue with the advent of software tokens on mobile devices which provide even greater possibilities.

ACCESS SYSTEM DATABASE MANAGEMENT Granting and controlling access privileges must also have similar strict procedures to those of the key systems. Access privileges should be formally requested, approved, and controlled by consistent and appropriate documentation. Typically, information is kept in a cardholder’s file, along with a history of changes and authorizations. These files should remain easily accessible by authorized personnel until a set time has elapsed since termination of the cardholder’s access. Even minor details such as spelling and field record consistency are vital to good access system database management. This not only assists in audits, but can also control costs, as can a card with picture identification that can be kept on file in the event that the cardholder returns to work in the near future. Returned damaged or defective cards should be destroyed and documented in the system database so identical cards can be reissued. Equal attention should be paid to the overall security and management of electronic access systems and these databases. Best practices for IT security should be the norm with proper continuity elements and procedures in place. Frequent software backups may one day pay off in the event of host server failure.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

173

EMERGING TRENDS

MULTIPLE FACTORS: BIOMETRIC TECHNOLOGIES Biometric technology is becoming more commonly included with access cards, and increases the level of assurance only to authorized individuals with access privileges. Requiring more than one factor is very common in higher security environments such as in airports and other immigration checkpoints. Increasingly, biometric technologies are being added to access control systems to provide a second access factor. These biometric systems can include hand, eye, voice, and even full facial recognition. The use of facial technology integrated into network video systems can be used without access systems to identify individuals who are either wanted by law enforcement or may not be permitted travel to a given country. Facial recognition technology is expected to be an important tool in the prevention of international terrorism, smuggling of contraband, and child abduction at points of entry in countries around the world.

ACCESS CONTROL IN THE INFORMATION AGE Today businesses are moving to cloud technologies and replacing the traditional on premises data centers with IT services provided through networked arrangements. We now use these arrangements from everything to salesforce management to human resource management, finance, sales, and other core business functions. Likely security access control will follow and with it some additional benefits and challenges. Years ago, someone would need to be on site in order to circumvent access controls. Today, that risk also includes a computer hacker anywhere in the world as access control systems are connected to larger networks and the internet. This threat has led to an increase in the IT security field, and further work is needed to assure access privileges and their management remain in control.

Paying extra attention to potential weaknesses in physical security elements, facility design, access systems, components as well as the organizational policy must be the norm. As with many processes, the policies and procedures for controlling access in facilities are sometimes subject to flaws or have “room for improvement,” and should therefore be scrutinized by management. Consideration for control measurements or metrics should be made. Continuous improvement and feedback so that ideas for change and improvement can be made by the protection officers and others through observations and discussions, and control measurements should be encouraged. Tightening security should not be the only criterion for continuous improvement. In many instances, the need for faster authentication of authorized personnel may be considered essential, as losses may occur due to an unauthorized person being “held up” by security.

EMERGING TRENDS In addition to trends in information security, there are many new and emerging trends and tools that relate to the function of access control. These include, but are not limited to, optical high-speed turnstiles, handheld explosive, and biohazard detection, and most recently, millimeter wave scanning. Millimeter wave scanning is the latest trend in preboard screening at airport facilities. While it is an effective replacement for manually searching passengers, there are concerns to be managed including privacy, as some of these new technologies do create additional privacy issues. As technology and data analytics provide more potential for increased access control assurance, there is no doubt the role of the protection officer performing and facilitating access control will continue to evolve with them, and become even more dependent on them as a vital first line of defense in the protection of people, assets, and information.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

16 Contraband Detection Technology Kevin T. Doss, Lawrence J. Fennelly, Christopher A. Hertig, Marianna A. Perry, Bethany J. Redmond O U T L I N E Which Detection Equipment Is Best?

176

Electronic Article Surveillance

179

Metal Detection Magnetometers (Walk-Through Metal Detectors) Continuous Wave Devices Pulse-Field Detectors

176

Unmanned Aerial Vehicles (Drones)

180

Gunshot Detection Technology Indoor Detection Outdoor Detection

180 180 181

X-ray Detection

177

How to Respond to an Alarm

181

Explosive Detection Chemiluminescence Detectors Backscattering Technology Computed Tomography

178 178 178 178

Emerging Trends

182

Summary

182

References

182

Canine Detection How to Choose Your Dog or Dogs

178 179

Resources

182

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00016-X

177 177 177

175

# 2010 Elsevier Inc. All rights reserved.

176

16. CONTRABAND DETECTION TECHNOLOGY

“Robots, Drones and Artificial Intelligences Converge to Make Facilities Smarter and Safer.” Dennis M. Crowley, JD, CPP

WHICH DETECTION EQUIPMENT IS BEST? It has been a long-standing practice to utilize inspections and searches to detect and prevent the introduction of dangerous articles or deter the theft of organizational assets. To better protect assets and personnel, detection equipment is used at ingress and egress points. This detection technology can enhance security personnel efforts and assist in the assessment of containers or vehicles. The selection and use of detection equipment should complement the types of inspections defined by security policy and related procedures. In addition, detection technology should be based on the protection level required, as well as the sophistication and type of threat. To determine which detection technology is most suitable for organizational needs, it is essential to consider the durability and reliability of the equipment, the area of detection, and volume of traffic or articles to be screened, and the aesthetic effect on and cultural fit with the work environment. It is also necessary to evaluate the life-cycle cost of the detection equipment when purchasing the proper technology. The life-cycle cost estimates include more than the initial cost of the equipment, as it is necessary to factor in the cost to install, operate, maintain, and adjust for other fees, such as applicable taxes. After the selection of the detection equipment has been made, it is necessary for the supplier to assist in developing training material for the protection officers who will operate the equipment. This training should be developed in accordance with the manufacturer’s specifications and comply with the organization’s security policy and procedures. Such training should address all organizational requirements

and related expectations regarding the implementation of the detection systems. The training phase will also assist in the promotion, awareness, and compliance for employee and visitor alike.

METAL DETECTION Devices used for the detection of metal vary by application (walk-through monitors or handheld devices) and composition sensitivity (what type of metal it can detect). A manual inspection, using a handheld metal detector, may be necessary to locate objects on an individual should a large, automated detector be triggered when the individual passes through the field of detection. It is essential that the protection officer conducting the manual inspection displays the utmost level of professionalism and courtesy to the individual subject to the screening. If possible, the gender of the officer conducting the screening should be the same as the individual being screened. Nonportable, or “fixed,” metal detectors are being used at airports, courthouses, prisons, mail-rooms, and even in public schools. Moreover, high-security facilities, such as laboratories, nuclear plants, and chemical facilities, deploy such technology for both security and safety purposes. Many mineral companies have also deployed such technology to track employees who handle precious metals, such as gold or silver, due to the high value that these metals have on the open market. Another application for metal detection technology is being used by police investigative units that operate portable (often handheld) metal detectors at crime scenes to locate guns, knives, bullets, and casings for investigative purposes. The following are several metal detection technologies in use today.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

177

X-RAY DETECTION

Magnetometers (Walk-Through Metal Detectors) A magnetometer is a device that detects changes in a magnetic field caused by the presence of ferromagnetic materials, or materials attracted by a magnet (Garcia, 2008). Nonferrous metals cannot be detected by a magnetometer. While you plan to implement quick security measures, metal detectors assume prime priority. This equipment helps you to implement a foolproof security system. WHY? Because it’s a major deterrent that makes the security officer’s task much easier and allows for a much higher screening rate without the intrusion into personal space as is the case with handheld units. Magnetometers are used for different events and functions such as: • • • • •

Schools and churches Courthouses and airports Major sporting events Music events/concerts Clubs/pubs

Magnetometers are the most effective type of metal detector because the person is required to walk through it. This enables a quick, effective, complete scan of each person locating both ferrous and nonferrous metals of whatever size or larger are programmed into the unit.

Continuous Wave Devices These devices generate a magnetic field of low strength. A difference in the signals sent and received by the transmitter and receiver from the introduction of a metallic object in the magnetic field will cause an alarm. Continuous wave devices can be calibrated to optimize detection of ferromagnetic or nonferromagnetic metals.

Pulse-Field Detectors Pulse-field detectors operate by complex frequency waves that induce an eddy current in the metal introduced in the field of detection. The signal resulting from this reaction will generate an alarm when it exceeds a certain threshold. As with the continuous wave device, the pulse-field detector’s phase detection permits form optimization for the detection of ferromagnetic and nonferromagnetic metals. If paired with digital technology, a pulse-field detector produces an enhanced analysis of the signal, allowing for better discrimination between different types of metals, as well as between prohibited items and harmless metal objects passing through the detection field.

X-RAY DETECTION X-ray detection technologies are also used to detect dangerous or prohibited items when screening packages, containers, or vehicles. The type of substance detected by the X-ray detector is dependent on the energy transmitted by the device. X-ray detection devices are capable of detecting drugs, metallic items, explosives, and some food items. An example is a portable X-ray detector used in a mail room to check packages for explosives or other dangerous items. Standard X-ray units can only scan objects, but not people, due to the amount of radiation produced. However, low-dose X-ray units are being tested at several airports. These low-dose machines utilize backscatter technology, which allows for safe use of X-ray detection on humans. This type of detector will show the human body underneath clothes and requires a front and back scan to properly assess the individual. A note of caution must be exercised when using these devices, as there have been several lawsuits involving “invasion of privacy” charges by individuals who have been scanned.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

178

16. CONTRABAND DETECTION TECHNOLOGY

In response, one airport has started to “black out” private areas on individuals being scanned to protect their privacy. There are a few concerns when using X-ray technology as a detection method. First is the fatigue that operators experience when looking at an X-ray monitor for extended periods of time. This can be mitigated by rotating shifts routinely based on 20- to 30-min intervals between operators. Another important issue to operators is the assessment interpretation during image analysis. Individuals can make mistakes and often misdiagnose items or overlook dangerous objects. Mistakes can be reduced through proper training of staff and by use of corrective measures.

if only two components of an explosive device can be identified.

Chemiluminescence Detectors Chemiluminescence detectors can detect explosives such as RDX and PETN through photochemical means. Vapor samples collected from the subject being screened are separated into components by a gas chromatograph. After the sample is heated and the existing nitrogen compounds decompose, the residual nitrogen oxide (NO) will react with ozone, creating nitrogen dioxide that emits a photon detected by the device.

Backscattering Technology EXPLOSIVE DETECTION Like metal detectors, devices used to detect explosives may vary based on method of detection or application. Some devices are suitable for screening people, while other technologies can only be used to search containers or vehicles. Security officers involved in the inspection process are responsible for preventing the introduction of hazardous materials into the area and should be able to recognize the five basic components of an explosive device: • A power source such as a battery • An explosive material such as TNT, dynamite, or C-4 • A detonator or blasting cap • A triggering device such as a clock or switch • Connecting wires When viewing the detection equipment monitor, it is important to observe the shapes of objects being screened. Some dangerous articles will be more obvious than others. Sometimes a dangerous or hazardous item may be disassembled. In this case, a package or container may be classified as a possible threat even

Backscattering technology utilizes a detection process which can detect organic compounds with a low atomic number using X-ray reflection. This type of sensing technology is also very effective in detecting narcotic drugs.

Computed Tomography Computed tomography (CT) uses a computer program to automatically scan packages for explosives. CT technology uses X-ray scanners that provide 3D images of the potential explosives. The costs to operate CT technology are comparably higher than other explosive detection technologies.

CANINE DETECTION Dogs can be very effective instruments of detection and offer great portability in a variety of security applications. Research indicates that a dog’s olfactory system is 10,000 to 10,000,000 times more powerful than that of a human. A dog’s keen sense of smell can be developed

II. PRACTICAL AND OPERATIONAL APPLICATIONS

ELECTRONIC ARTICLE SURVEILLANCE

and used in a variety of detection and security applications: • • • • • • •

Explosives Human concealment and tracking Drugs Patrol services Chemical weapons of mass destruction Dual-trained as detection and bite dogs Defense and protection of the handler

Dogs trained for detection purposes may be more reliable than other methods of detection because they are not very susceptible to false alarms. Dogs are reliable and selective when detecting sources of chemical vapors and are able to distinguish between very similar chemical compounds. Machines used in detection are adjustable and can be altered by users to reduce the occurrence of false positives. However, if the threshold of the detection equipment is changed too much, the equipment may no longer be effective in detecting these substances. A well-trained dog and handler team can typically work effectively for 8–10 h. However, there are other variables to take into account to determine how long a dog can work, such as volume of work, temperature, and amount of rest. Consistency must be established during the training regimen, and every handler and dog should be trained under the same conditions. Such consistency and uniformity make it possible for dogs and handlers to be interchangeable among teams. This also allows for additional flexibility among handlers should someone be out on sick leave or take vacation time. Typically, canine olfaction is used to detect explosives at military bases or airports, or during special events. What’s more, dogs are very effective in tracking down illegal substances at border crossings, public schools, and correctional institutions. Dogs are also effective in detecting both live humans and/or dead bodies during environmental disasters such as Hurricane Katrina.

179

Additionally, the presence of a detection dog can provide a deterrent value to individuals considering entering the area with prohibited items or dangerous articles. Dogs are also of high value when used to disarm or distract dangerous subjects. It is worth mentioning that improper behavior by the dog and handler can ruin the reputation of the company or organization. Management should consider the potential reputation damage resulting from unprofessional behavior by the handler or dog and must ensure compliance with any legislation pertaining to the use of guard dogs. Indemnity against harm or damage arising from the use of guard or detection dogs should be provided by the contractor. Another downside to using dogs is the lengthy initial training period required for both dog and handler. Such training equates to cost, and many organizations do not have the patience or funding to support it.

How to Choose Your Dog or Dogs Your dog must pass several critical tests to ascertain if it is suitable for detection training. Each dog should be assessed individually and also medically assessed as fit and healthy before its training starts. The handler should spend time at the dog training school during the handover stage to ensure he or she understands how a detection dog is used in its job. For larger dogs and handler teams, it is usually more cost effective for the trainer to travel to the dogs or team (The K9 Centre, n.d.).

ELECTRONIC ARTICLE SURVEILLANCE Electronic article surveillance (EAS) is a technology that typically uses magnetic, VHF/ microwave, or barcode sensors to detect fraudulent activity. An EAS system is a protection

II. PRACTICAL AND OPERATIONAL APPLICATIONS

180

16. CONTRABAND DETECTION TECHNOLOGY

system that uses electronic sensors and detectors that create a field of detection or surveillance. The electronic sensors, also known as labels or hard tags, are secured directly to the merchandise or asset. If the label or tag is not properly removed from the item, the detector will sound an alarm when the article passes through the zone of surveillance. In the past, EAS technologies were generally used only in retail establishments to prevent the theft of merchandise. Today, EAS systems can be found wherever there is a need to protect assets from loss, including libraries, long-term care or assisted living facilities, and pediatric units in hospitals. Another technology which has gained ground recently is radio frequency identification (RFID). Retailers have been at the forefront of this technology curve, using RFID to detect fraudulent activities. However, RFID technology allows for more than just theft protection at the retail outlet. Products can be tracked from the raw material stage, through the manufacturing/production stages, all the way to the end user. Thus, RFID technology provides real-time data which can assist the organization in efficiency and productivity, while protecting assets from theft or damage. In addition to electronic EAS tags, there are a few other technologies which are currently in use. Value deprivation tags make the item more difficult to steal, but usually do not initiate an alarm. Tags such as the “gator” tag actually tear the clothing they are attached to if an attempt to remove them without the proper tool is made. Another similar tag is the infamous “ink” tag, which explodes stain onto the clothing if an attempt is made to remove it without the proper removal tool. The retailer must place such tags on clothing, so they are visible, since these are considered to be deterrent devices. Moreover, additional training and funding are required to implement such technology storewide. The tags can also reduce cashier efficiency level, as the cashiers must remove the tag at the time of purchase.

UNMANNED AERIAL VEHICLES (DRONES) New ways to maximize the use of drones will continue to revolutionize the security industry. See Appendix 16a for more details and the 2019 Federal Aviation Administration (FAA) regulations regarding Unmanned Aircraft Systems (UAS).

GUNSHOT DETECTION TECHNOLOGY Equipment from Shooter Detection Systems (https://shooterdetectionsystems.com/) is used for this section because SDS is the industry’s leading gunshot detection solutions provider. SDS has technology that has been saving lives for over 15 years. Their technology has been protecting US troops in Iraq and Afghanistan, earning the respect of the Department of Defense (DoD), Department of Homeland Security (DHS), and those dedicated to ensuring the safety of vital American interests and personnel abroad. Their technology is credited with saving over 250 lives on the battlefield. SDS was founded with a singular focus: Commercialize this lifesaving military technology to protect the public against the active shooter threat in our schools, workplaces and public venues. Today, SDS is the industry’s leading provider of gunshot detection solutions with over 15,000 systems in the field that are used in indoor and outdoor applications.

Indoor Detection The dual sensor technology of the Guardian system from SDS (Fig. 16.1) detects gunfire and immediately relays this information via floor plan map with shot location, text, e-mail, and other notification pathways to key personnel and building occupants, with no human

II. PRACTICAL AND OPERATIONAL APPLICATIONS

HOW TO RESPOND TO AN ALARM

181

Acoustic bang Acoustic sensors

Infrared sensors

Infrared flash

FIG. 16.1

Guardian indoor gunshot detection technology from SDS.

interpretation required. When integrated with security systems, the system calls up surveillance cameras in the incident area, initiates lock-down procedures, automates mass notification alerts to desktops and mobile devices, and provides immediate notification to first responders.

Outdoor Detection SDS Boomerang uses acoustic detection and computer-based signal processing to pinpoint small arms fire and immediately report the precise shooter location to authorities. The system can be mounted on vehicles, fixed structures such as poles and walls, or simply sit on a serviceman’s shoulder. Boomerang products were developed to be easily integrated into thirdparty systems for a more comprehensive site security plan.

HOW TO RESPOND TO AN ALARM A systematic process for the investigation, isolation, and handling of the person, item, or area being screened is necessary when responding to an alarm. The detection and identification of a dangerous or prohibited item are the first steps of incident prevention. During an

inspection, a protection officer must be on the lookout for indicators of dangerous articles, unusual series of events, and abnormal behavior. After a suspect article is discovered, it is crucial for the protection officer to proceed rationally and calmly to take control of the situation. Officers and responders must act decisively, in accordance with policy and procedures, while taking into account the circumstances, the environment, and the detected material or article itself. Report the situation to the controller or supervisor and take action to reduce the threat and protect life. Be sure to control and limit access to the immediate area and direct people safely to a designated muster area, away from the suspected article. Do not attempt to move or disrupt the suspect item. Make note of any details of the article and report them to the supervisor and response personnel. When the response personnel arrive, work with them to maintain control of the area and situation. Hands-on inspections of people are to be used only as a last resort, in concurrence with security policy, and under the direction of supervision. A manual inspection may be necessary to locate objects on an individual if an automated detector alarms. If individual refuses to cooperate with the protection officer’s request for an inspection, the officer should remember that physical force is used as a last resort and refusal

II. PRACTICAL AND OPERATIONAL APPLICATIONS

182

16. CONTRABAND DETECTION TECHNOLOGY

to comply with the request is not a crime. Force should only be used under severe circumstances and if the protection officer reasonably believes that the individual poses a threat to others. In the event the inspection reveals the presence of a prohibited or dangerous article, the protection officer should contact law enforcement and hand the person over to them.

EMERGING TRENDS Emerging trends in detection technology include the possible use of MRIs in airports to scan and differentiate hazardous liquids from nonhazardous liquids. Researchers at Los Alamos National Laboratory, who developed MagViz to take enhanced pictures of the brain, believe that this technology might also be helpful in airport security screening. Another detection technology that is becoming more prominent is quadrupole resonance (QR) or nuclear quadrupole resonance (NQR), which is an MRI technology used to detect hidden explosives. This technology uses radio waves (low energy type) to determine if any nitrogen-rich materials are present. The cost of these QR scanners is relatively inexpensive compared to other bulk explosive detection technologies on the market today. One potential application for QR is the detection of land mines in combat zones. As technology advances and security demands increase, the capabilities and uses for detection equipment will also increase. Furthermore, it is anticipated that the adversary will become even more sophisticated, and detection technology will need to improve as new threats develop. In addition, both criminals and terrorists are devising unconventional methods and techniques to destroy or compromise assets. Such advancements will require a more educated and aware operator, along with an effective training program.

SUMMARY It is evident that no single detection technology is properly suited for all applications. The detection technology must be matched to the organizational objectives and applicable threats. As with most security technologies, human interaction and assessment capabilities drive the effectiveness of detection technology. Total cost of ownership for the technology system, along with operator training, is a critical component in choosing a detection system. A security professional should consult with an attorney to discuss potential liabilities and concerns prior to implementing any of these technologies, as some may be considered “invasive.” It is also critical during the planning phase to determine the threat basis, and design the detection system based upon the needs and culture of the organization. Detection technology is here to stay in 2019 and will become more sophisticated to meet security requirements in the future. Finally, we believe that metal detectors as well as all the other detectors mentioned in this chapter are deterrents and need to be implemented.

References Garcia, M. L. (2008). The design and evaluation of physical protection systems (2nd ed.). Boston, MA: Butterworth-Heinemann. The K9 Centre. (n.d.). Detection dogs and detector dog handler training. Retrieved from https://www.k9centre.com/ detection-dogs/.

Resources Fennelly, L. J., & Perry, M. (2018). 150 things you should know about security. Elsevier Pub. Fischer, R. J., Halibozek, E., & Green, G. (2008). Introduction to security (8th ed.). Boston, MA: Butterworth-Heinemann. Patterson, D. G. (2004). Implementing physical protection systems: A practical guide. Alexandria, VA: ASIS International. U.S. Department of Energy. (2008). Contractor protective force. DOE M 470.4-3A.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

A P P E N D I X

16A Unmanned Aerial Vehicle (Drone) Usage in the 21st Century Lawrence J. Fennelly, Marianna A. Perry A drone, in technological terms, is an unmanned aircraft. Drones are more formally known as unmanned aerial vehicles (UAVs) or unmanned aircraft systems (UASs). Essentially, a drone is a flying robot that can be remotely controlled or fly autonomously through software-controlled flight plans in their embedded systems, working in conjunction with onboard sensors and GPS... The integration of drones and Internet of [T]hings (IoT) technology has created numerous enterprise use cases... Drone platforms have two main types: rotor, including single-rotor or multi-rotor (such as tricopters, quadcopters, hexacopters, and octocopters), or fixed-wing, which include the hybrid VTOL (vertical takeoff and landing) drones that don’t require runways. Margaret Rouse, Whatis.com.

INTRODUCTION Drones can be remotely controlled or be guided though software-controlled flight plans working with a GPS (global positioning system). DJI, a Chinese technology company, is one of the businesses making consumer drones that executive Randy Braun describes as “flying robots with high-quality cameras attached” (Dredge, 2018). In 2019, laws and guidelines governing Unmanned Aircraft Systems (UAS) changed. Listed below are the new rules by the Federal Aviation Administration (FAA) (FAA, 2019a).

FAA GUIDELINES FOR UNMANNED AIRCRAFT SYSTEMS (UAS) Recreational Fliers & Modeler Community Based Organizations (49 U.S.C. Section 44809) (FAA, 2019b) Pilot requirements

• Fly only for hobby or recreational purposes • Be 13 years of age or older • If less than 13, a person 13 or older must register the UAS • Be a US citizen or legal permanent resident

Commercial or Small UAS Operation (FAA Part 107) (FAA, 2019c) • Be at least 16 years old • Must obtain an FAA Remote Pilot Certificate • Must pass the initial aeronautical knowledge test at a Knowledge Testing Center • Complete FAA Form 8710-13 for a remote pilot certificate Continued

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00050-X

183

# 2020 Elsevier Inc. All rights reserved.

184

APPENDIX 16A. UNMANNED AERIAL VEHICLE (DRONE) USAGE IN THE 21ST CENTURY

Recreational Fliers & Modeler Community Based Organizations (49 U.S.C. Section 44809) (FAA, 2019b)

Commercial or Small UAS Operation (FAA Part 107) (FAA, 2019c)

Pilot requirements continued

• While recreational drone pilots still don’t require an FAA certificate, they will at some point be required to pass an online aeronautic knowledge and safety test and carry proof of passage while flying. That test is still in development (at time of writing) (Perlman, 2019)

• Complete a Transportation Security Administration (TSA) security background check • Pass a recurrent knowledge test every 2 years • Existing Part 61 pilots: must hold a certificate issued under 14 CFR part 61; have completed a flight review within previous 24 months; complete Part 107 small UAS ALC-451 course online; complete Form 8710-13; and validate identity • All pilots must carry their Remote Pilot Certificate whenever flying their UAS

Aircraft requirements

• All drones must be registered • Drones must be labeled with registration number • UAS must weigh less than 55 lb (25 kg) • FAA airworthiness certification not required by remote pilot but must conduct a preflight check of UAS to ensure safe operation

• All drones must be registered • Drones must be labeled with registration number • UAS must weigh less than 55 lb (25 kg) • Except for small unmanned aircraft operating under 14 CFR part 107 or a part 107 waiver, a civil UAS cannot conduct air commerce in the National Airspace System unless there is an appropriate and valid airworthiness certificate issued for that UAS. U.S. registration is a prerequisite for the issuance of an airworthiness certificate (FAA, 2019d)

Location requirements

• Must NOT fly in controlled airspace (around and above many airports), unless at a recreational flyer fixed site with an FAA agreement • Fly in "Class G" airspace (where FAA is not controlling manned air traffic)

• Pilots planning to fly in controlled airspace must get permission from the FAA • Operations in Class G airspace are allowed without ATC permission

Operating rules

• Must follow community-based safety guidelines, such as from Academy of Model Aeronautics (AMA) • Fly drone at or below 400 ft when in uncontrolled or "Class G" airspace (where the FAA is not controlling manned air traffic) • Keep drone within visual line of sight (VLOS), or within VLOS of an observer in direct communication • Do NOT fly in airspace where flight is prohibited Be aware of FAA Airspace Restrictions • Respect privacy • Never fly near other aircraft, especially near airports • Never fly over groups of people, public events, or stadiums full of people • Never fly near emergencies such as any type of accident response, law enforcement activities, firefighting, or hurricane recovery efforts • Never fly under the influence of drugs or alcohol • Recreational flyers can be held liable for criminal and/or civil penalties if they intentionally violate any of these safety requirements, and/or operate in a careless and reckless manner

• Must remain within visual line-of-sight (VLOS), or within VLOS of an observer in direct communication • At all times must remain close to remote pilot • Daylight-only operations, or civil twilight with appropriate anti-collision lighting • Must yield right of way to other aircraft • Maximum groundspeed of 100 mph (87 knots) • Maximum altitude of 400 ft above ground level (AGL) or, if higher than 400 ft AGL, remain within 400 ft of a structure • Minimum weather visibility of 3 miles from control station • No remote pilot in command or visual observer (VO) for more than one UAS at one time • No operations from a moving aircraft • No operations from a moving vehicle unless the operation is over a sparsely populated area • No careless or reckless operations • No carriage of hazardous materials • Must not operate over any persons not directly participating in the operation, under a covered structure or inside a covered stationary vehicle

II. PRACTICAL AND OPERATIONAL APPLICATIONS

185

LEGAL OR REGULATORY BASIS

DRONES 55 LB AND OVER The Small UAS Rule (14 CFR part 107) is only applicable to unmanned aircraft (drones) that weigh less than 55 pounds at takeoff. To fly an unmanned aircraft that weighs 55 pounds

or more, operators need to apply for an exemption under the Special Authority for Certain Unmanned Systems (49 U.S.C. §44807). This authority replaces Section 333, which was repealed in the 2018 FAA Reauthorization Act (FAA, 2018a).

FEATURES AND BENEFITS (CHAPMAN, 2016) Pros

Cons

Typical Uses

Price (Converted from $AUD)

Multi-rotor

• Accessibility • Ease of use • VTOL and hover flight • Good camera control • Can operate in a confined area

• Short flight times • Small payload capacity

Aerial photography and video aerial inspection

$3.5–$45k for pro drones

Fixed-wing

• Long endurance • Large area coverage • Fast flight speed

• Launch and recovery needs a lot of space • No VTOL/hover • Harder to fly, more training needed • Expensive

Aerial mapping, pipeline and power line inspection

$17.5–$85k for pro drones

Singlerotor

• VTOL and hover flight • Long endurance (with gas power) • Heavier payload capability

• More dangerous • Harder to fly, more training needed • Expensive

Aerial LIDAR laser scanning

$17.5–$210k for pro drones

Fixed-wing hybrid

• VTOL and longendurance flight

• Not perfect at either hovering or forward flight • Still in development

Drone delivery

TBD, in development (Kluber, 2018)

LEGAL OR REGULATORY BASIS (RUPPRECHT LAW, 2019) • New Recreational Drone Laws: 49 U.S.C. Section 44809. • FAA-issued Remote Pilot Certificate, part 107 and the associated guidance in AC 107-2

is for those wishing to fly for commercial purposes. • Unmanned aircraft for commercial purposes must be conducted under part 107 or other applicable FAA regulations (e.g., 14 CFR part 91, 135, or 137).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

186

APPENDIX 16A. UNMANNED AERIAL VEHICLE (DRONE) USAGE IN THE 21ST CENTURY

• AC 91-57 applies to fliers who only operate recreationally under the statutory exception. • Recreational fliers should also be familiar with the most current Advisory Circular (AC) 91-57.

USE OF DRONES The use of drones or UAS is a challenging issue for both the FAA and the entire aviation community because the United States has one of the busiest and most complex airspaces in the world (FAA, 2019e). Both manned and unmanned aircraft systems are required to operate safely. It does appear that technology is moving fast because drones are being used more commonly by businesses and commercial ventures: • • • • • • • • • • • • • • • • • • •

•

For aerial views virtually anywhere For the collection of data By hobbyists For recreational use, which has become more popular For roof inspections By filmmakers By US military For survey of property lines For geo-mapping For search and rescue For missing persons For public safety at disaster scenes or gauging where first responders need to be For firefighting For perimeter patrols during large forest fires For monitoring crops and livestock For inspecting critical infrastructure such as pipelines and utility lines for repairs For package delivery For real estate photography On a ranch or farm, to make owners aware of predators approaching their livestock As a teaching tool in education

• For protection against illegal excavations or mining • To monitor weather • To monitor flooding, storms and hurricanes, landslides, tsunamis, and earthquakes • For measuring and monitoring nuclear accidents (too dangerous for humans) • To analyze volcanic eruptions and track ash clouds • For agriculture, to monitor irrigation problems and pest or fungal infections • For aircraft maintenance, as visual inspection of aircraft • For delivering medical supplies to otherwise inaccessible regions • For large accident investigation • For crowd monitoring • For news gathering and journalism • As airborne lifeguards, locating and dropping life preservers to distressed swimmers • For reconnaissance, providing mission intelligence and surveillance to the US Navy • To map and speed clean-up of minefields • For geomagnetic surveys (Wikipedia, 2017).

SECURITY APPLICATIONS FOR DRONES Security professionals are constantly discussing how the drone industry will change the security industry. New ways to maximize the use of drones will continue to revolutionize the security industry. Possible uses for drones in the law enforcement and security industry are as follows: • Civil security—operations against looters. • Anti-piracy when deployed by the Coast Guard or water patrols. • Surveillance by law enforcement of highcrime areas or “hot spots.” • Assist police officers in a foot or vehicle pursuit. Helicopters have been used to

II. PRACTICAL AND OPERATIONAL APPLICATIONS

SECURITY APPLICATIONS FOR DRONES

•

•

• • •

•

•

•

•

•

support teams on the ground, but are expensive and require time to deploy. A drone could be immediate air support, a more cost effective and just as successful alternative. For surveillance or apprehension, drones can enter narrow and confined spaces, produce minimal noise, and can be equipped with night vision cameras and thermal sensors, allowing them to provide images the human eye is unable to detect. Crime scene photography to aid in the investigation of crimes and the location of evidence. Surveillance of evidence in criminal cases. Monitor serious vehicle, train, or airplane crash scenes, and ship collisions. Monitor traffic flow to determine alternate routes, vehicle accidents, stranded motorists, inoperable traffic signals, etc. Private property and city-owned streets could be monitored for inoperable lighting that needs repair or replacement. Drone security teams protecting large areas of property can patrol the perimeter of a property with an infrared camera on a drone instead of having a human security team walk the perimeter. This may be used by a security/protection officer on private property or by local, state, or federal law enforcement. Ground security cameras in a fixed position can leave blind spots, but since a drone has the ability to move, security teams can search around corners and get a closer look to avoid blind spots. If a security team does find an intruder on the property and the intruder runs, the drone can easily continue monitoring the location of the intruder and the drone operator can relay information to the security team. In the corrections industry, prison guards can monitor the prison yard more efficiently and safely with the assistance of a drone. An operator could send a drone to an area if a

• •

•

•

•

•

•

•

•

187

fight breaks out to assess the situation before correctional officers respond. Help identify trespassers who intend to vandalize property. If security or protection officers patrol an area with vehicles at night, the headlights warn intruders of the security team’s arrival, allowing them the chance to hide. Utilizing a drone will help apprehend the criminal or intruder. The water industry (which includes water engineering, operations, water and wastewater plant construction), wind farms, and oil pipelines could use drones to protect their large infrastructure against acts of terrorism or vandalism. Help security or protection officers monitor and protect people and exhibits at open-air museums and help guard historical artifacts and cultural heritage. Currently, the FAA does not allow drones to be flown over stadiums when they are in use. At some point, there may be potential to apply for a waiver to operate drones during an event. However, drones could still be used for security when the stadium is not being used. Drone security teams can patrol the parking lots of large commercial industries and large venues (such as concerts) during and after events. On large college or university campuses, drones can be deployed to areas that have become trouble spots, giving staff more eyes, without the expense of hiring more security or protection officers. Drones can more than likely be able to reach destinations quicker than a security or protection officer. Patrol a dock yard for loss prevention and movement and also monitor incoming and outgoing shipments. Stop poachers by helping guide animals out of danger or recording and monitoring poachers’ actions and location for apprehension and prosecution.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

188

APPENDIX 16A. UNMANNED AERIAL VEHICLE (DRONE) USAGE IN THE 21ST CENTURY

• Monitor activity at borders and can be used by US Customs and Border Protection to deter drug smuggling. • Monitor borders along waterways to detect people coming in on small water craft. • Patrol large land areas that aren’t bordered by walls and fences, which can lower a company’s need for manpower for patrols. • Help secure foreign embassies and consulates by monitoring the surroundings better than fixed video surveillance. • For maximum security applications, a team of drones could be deployed instead of just one drone. • When equipped with cameras, a powerful strobe light, and audio speakers, drones can be used to engage an intruder. • The presence of a drone flying overhead may be a deterrent for potential offenders. • Routine patrols could be more efficient using a drone with video and an infrared camera rather than a security or protection officer. Drones can cover a much wider area in a shorter amount of time than a human, although only for a limited amount of time. Consider a drone doing a perimeter check around a secure facility, and even being used to patrol in Neighborhood Watch programs. • With the appropriate learning software, drones could recognize threats and identify who an intruder is and follow the thermal image until human backup personnel can arrive. • Detection of illegal hunting. • For illegal landfill detection. • To scout property and locate fugitives (Wikipedia, 2017). A few things to consider: • Technology and regulations haven’t yet created the space for automated drone security solutions either, so an operator would have to fly a drone and relay data to those on the ground. This may negate a

portion of the potential labor savings in security and limit the opportunity for use. • For any law enforcement or protection application, thermal imaging cameras can be used for “night vision” and anyone who will be operating a drone at night will need to apply for a night waiver from the FAA. • Drones usually have fairly short battery lives, which means they’re not a 24/7 security solution. When a drone’s battery gets low, another drone could take its place. Alternatively, some drones have replaceable batteries, which can be used while the depleted battery is being charged. Another option is endurance drones that stay in the air for three consecutive days and reach mindboggling heights (Flynt, 2017), but this choice is expensive. Furthermore, the manufacturers and research organizations are focused on developing electric fixed-wing VTOL aircraft which is more cost-effective and is commercialized for various industries. This will also help in enhancing the endurance for the requirement of longer flights (PR Newswire, MarketWatch, 2018).

ACCIDENT REPORTING UNDER THE SMALL UAS RULE (PART 107) TO THE FAA (FAA, 2018b) The remote pilot in command of the small UAS is required to report an accident to the FAA within 10 days if it results in at least serious injury to any person or any loss of consciousness, or damage to any property, other than the UAS (unless the cost of repair, including materials and labor, does not exceed $500; or the fair market value of the property does not exceed $500). To report an accident in accordance with reporting requirements in the Part 107.9 rule, contact your nearest FAA Flight Standards District Office (FSDO) (FAA, 2019f).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

A NEW USE FOR DRONES At Lady Gaga’s 2018 Super Bowl halftime show, 500 drones were used, and at the Pyeongchang Winter Olympics, 1200 Intel Shooting Star quadcopter drones flew in sync, swooping and swirling along an animator’s prescribed path, to spectacularly depict figures, words, flags, and designs in the night sky. “It’s in essence technology meeting art,” says Anil Nanduri, general manager (now vice president) of Intel’s drone group. Intel’s Shooting Star drones are about a foot long, weigh 8 ounces, and can fly in formation for up to 20 min (Barrett, 2018).

References Barrett, B. (2018, February 9). Inside the Olympics opening ceremony world-record drone show. Retrieved from https:// www.wired.com/story/olympics-opening-ceremonydrone-show/. Chapman, A. (2016, June 15). Types of drones: Multi-rotor vs fixed-wing vs single rotor vs hybrid VTOL. Retrieved from https://www.auav.com.au/articles/drone-types/. Dredge, S. (2018, July 9). Drones, hackers and online satire: Eight lessons from a global tech fest. Retrieved from https:// www.theguardian.com/technology/2015/nov/08/ dublin-web-summit-things-learned-tinder-drones-apps. Federal Aviation Administration (FAA). (2018a, December 14). Special Authority for Certain Unmanned Aircraft Systems (Section 44807). Retrieved from https://www.faa.gov/ uas/advanced_operations/section_333/. Federal Aviation Administration (FAA). (2018b, October 5). Aircraft accident and incident notification, investigation, and reporting. [PDF file]. https://www.faa.gov/doc umentLibrary/media/Order/FAA_Order_8020.11D.pdf. Federal Aviation Administration (FAA). (2019a, May 17). Unmanned Aircraft Systems (UAS): Getting started. Retrieved from https://www.faa.gov/uas/getting_ started/.

189

Federal Aviation Administration (FAA). (2019b, August 13). Recreational Flyers & Modeler Community-Based Organizations. Retrieved from https://www.faa.gov/uas/ recreational_fliers/. Federal Aviation Administration (FAA). (2019c, August 20). Become a drone pilot. Retrieved from https://www.faa. gov/uas/commercial_operators/become_a_drone_ pilot/. Federal Aviation Administration (FAA). (2019d, February 11). Special airworthiness certification—Certification for civil operated Unmanned Aircraft Systems (UAS) and Optionally Piloted Aircraft (OPA). Retrieved from https://www. faa.gov/aircraft/air_cert/airworthiness_certification/ sp_awcert/experiment/sac/. Federal Aviation Administratin (FAA). (2019e, June 6). Air traffic by the numbers. Retrieved from https://www.faa. gov/air_traffic/by_the_numbers/. Federal Aviation Administration (FAA). (2019f, September 17). Flight Standards District Offices (FSDO). Retrieved from https://www.faa.gov/about/office_org/field_ offices/fsdo/. Flynt, J. (2017, July 9). 21 Types of drones. Retrieved from https://3dinsider.com/types-of-drones/. Kluber, A. (2018, August 10). Here are 7 noteworthy VTOL drones currently in development. Retrieved from https:// www.rotorandwing.com/2018/08/10/7-noteworthyvtol-drones-currently-development/. Perlman, A. (2019, May 17). New FAA regulations for recreational drone pilots. Retrieved from https://www. dronepilotgroundschool.com/new-faa-regulations-forrecreational-drone-pilots/. PR Newswire, MarketWatch. (2018, June 21). Global fixedwing VTOL aircraft market anticipated to reach $13.6 billion by 2028, reports BIS Research. Retrieved from https:// www.marketwatch.com/press-release/global-fixedwing-vtol-aircraft-market-anticipated-to-reach-136billion-by-2028-reports-bis-research-2018-06-21. Rupprecht Law. (2019, June 16). New FAA recreational drone laws [May 2019]. Retrieved from https://jrupprechtlaw. com/recreational-drone-laws/. Wikipedia. (2017, December 9). List of unmanned aerial vehicle applications. Retrieved from https://en.wikipedia.org/ wiki/List_of_unmanned_aerial_vehicle_applications.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

17 Effective Communications David Halcovitch, Charles T. Thibodeau O U T L I N E Effective Communications Defined

191

Myths and Misconceptions in Communications

193 193 193 194 194 194

Due Diligence Based on Effective Communications

192

Channels of Communication

192

The Six Essentials of Effective Communications

192

Proper Use of Communications Devices Telephone and Cell-Phone Systems Walkie Talkie—Two-Way Radios Repeaters Intercoms

Consider the Audience

192

Emerging Trends

195

Summary

195

Verifying Communications With Feedback 193

EFFECTIVE COMMUNICATIONS DEFINED

CHAPTER OBJECTIVES • Definition of effective communications • Why effective communications are necessary • The six essentials of effective communications • How to address each audience effectively • Myths and misconceptions about communications • Proper use of communication devices

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00017-1

“Effective communications” means the faithful reproduction of a thought, idea, observation, instruction, request, greeting, or warning, expressed in a verbal, written, electronic alarm annunciation, or pictorial media, originated and transmitted by a communicator or communicating device to a specifically targeted receiver or receiver group. The term “faithful reproduction” means that whatever is contained in the communicator’s original message is both received and

191

# 2020 Elsevier Inc. All rights reserved.

192

17. EFFECTIVE COMMUNICATIONS

understood by the targeted receiver or receiver group. The element of understanding the message is the central focus of this definition, for without that element, communications are blocked. Put another way, effective communications simply are nonexistent without a twoway, mutual understanding of the message being communicated.

official forms of communications. The fourth form of communications found in most organizations is the grapevine, which consists of an outgrowth of informal and casual groupings of employees. Effective communications in any security department require all four of these forms. They provide maximum performance both during stable and predictable periods and during times of stress.

DUE DILIGENCE BASED ON EFFECTIVE COMMUNICATIONS Businesses are required by law to establish and maintain what is called “due diligence.” In layman’s terms, that means operating their affairs by paying attention to the best welfare and interest of their visitor’s safety and security needs. To meet this due diligence requirement, businesses must focus on foreseeable real and perceived threats. Next, the law expects businesses to warn people of danger and then avoid or mitigate those threats that have a chance of materializing and causing a substantial loss of assets, damage to property, and/or injury to people. To comply with this mandate, businesses must conduct perpetual risk analysis, vulnerability assessments, integrated countermeasure designs, security officer training, employee security awareness training, and contingency planning. However, without “effective” communications, none of these practices and procedures could exist. Thus, effective communications are a key element in assisting businesses in meeting their mandate to provide proof of compliance with required levels of due diligence.

CHANNELS OF COMMUNICATION There are four channels of communication in any organization or company: top-down, bottom-up, horizontal, and the grapevine. The first three are essential for information to flow in every direction. These are the formal and

THE SIX ESSENTIALS OF EFFECTIVE COMMUNICATIONS Effective communications must be: 1. 2. 3. 4. 5. 6.

Timely Complete Clear Concise Factual Accurate

This is a bare-bones list of requirements. Certainly, the complete list includes other attributes, but if these six factors are present, communications will be extremely effective.

CONSIDER THE AUDIENCE Everyone communicates at different levels. If you are communicating with someone who is many levels below your communication level, the message you are sending stands a good chance of being misunderstood. In addition, if everyone speaks and understands above your level, it is almost a guarantee that you will be an ineffective communicator. The midpoint between talking above your audience and talking below your audience is currently the seventh-grade level. If you want perfect clarity in your communications, then speak slowly, carefully choosing your words, using no more than five- or six-letter words, and choosing words that are commonly known. In many

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PROPER USE OF COMMUNICATIONS DEVICES

cases, when asked to repeat a message, the receiving person uses different words. Thus, each time you are requested to repeat a message, say it in different words. The security officer’s communications must also accommodate the language difficulties of an ever-growing ESL (English as a Second Language) population. Spanish and French are common, second to English, and there is an ever-growing Asian population whose languages include Korean, Lao, Hmong, Mandarin, and Vietnamese. The security officer of the future may indeed need to be bilingual. Another consideration is medically afflicted people with communication impediments, although there may be nothing you can do to breach their communication difficulties. When dealing with the deaf, blind, or people afflicted with multiple sclerosis (MS), patience is your greatest asset, and a strong commitment to help these people will get you through it. Just be persistent until you can find the way each one communicates.

VERIFYING COMMUNICATIONS WITH FEEDBACK It is of the utmost importance that the receiver of a message gives you indication that he or she received the message and the message received is the same one you sent. What I am alluding to here is the use of feedback to confirm that the receiver did in fact receive and understand the message. The initial communicator who sent the message is responsible for ensuring that the message was not only received but was the same message that was sent. The communicator has a right to believe the message was received and understood if a confirmation message is returned. Acceptable confirmation messages among peers would be any of the following: “10-4,” “Roger,” “good copy,” or a very short verbal message repeating your message.

193

MYTHS AND MISCONCEPTIONS IN COMMUNICATIONS There is one misconception that causes more errors than any other in the communications field and that is brevity, or keeping each communication as brief as possible. To accomplish this one goal, the communicator uses abbreviations, personal shorthand, partial words or partial sentences, poor grammar, and a message that requires deciphering. Being brief many times is not an important goal of writing. Saying as few words as possible and speaking in code is not always the best choice of content for verbal communications. The previous list of six essentials must be present to have a clear and concise message. The length of the message is important in many situations, such as sending duress codes or using a two-way radio. However, brevity is one of the least important factors and most destructive factor in attempting to be “effective” with your communication. A much better question to ask when preparing a message is “Does this message have all six essentials of effective communications?” If not, fix it before the message is sent. If that fix extends the message length, it is better to violate the brevity rule than the need-to-decipher rule. Abbreviations are only valuable to the receiver who can decipher them. Shorthand is usually only valuable to the sender of the message and in many cases cannot be deciphered readily by the receiver of the message. If there is any absolute rule in effective message sending, it is this: No message other than a cryptographic message (CMO) should have to be deciphered by any receiver of the message.

PROPER USE OF COMMUNICATIONS DEVICES Telephone and Cell-Phone Systems The telephone is one of the most important tools that any security officer can have at his or her disposal. At the same time, if the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

194

17. EFFECTIVE COMMUNICATIONS

telephone equipment is not properly designed for a security or emergency setting, it can be a great problem, hampering effective communications. The telephone equipment in a security program must be simple to use with the least probability of failing during an emergency. The cell phone is also available for security officers. In many locations, security departments are investing in cell phones that double as two-way radios. At this point, for most security departments, these telephone-radio combination units are too costly. In other locations, cell phones are used as back-up units to the two-way radios for communications where two-way radio signals are blocked by dead spots. Cell phones play an important part during patrol duties to allow emergency calls to be made from the scene, back to the control center when the two-way radio is ineffective. The cell and car phone can also be used for calls directly to the 911 emergency response centers.

Walkie Talkie—Two-Way Radios The two-way radio is the primary mobile communications device that almost all security officers use to communicate with the control center and between other officers, supervisors, and management. There are some problems with most two-way radio systems and that trouble includes, but is not limited to, failure to operate in dead spots, being susceptible to operator error, and having short battery life. In addition, an adequate two-way radio system is expensive; the units are bulky and take up space on a crowded utility belt. Some of these radios break down regularly and are costly to maintain. However, all these shortcomings aside, we could not do the security job as well as we do without effective communications devices like the two-way radios.

Repeaters In many systems, signal strength gets a boost by use of a repeater. A repeater is a great help but the process by which it works makes it

somewhat user-unfriendly. The repeater receives the signal, turns it around, and sends it back out as a more powerful signal. That process takes time; thus, the two-way radio communicator must hold the transmission switch down for 2 s before talking to engage the repeater and then the communicator must hold the switch down for 2 s after the message is finished to allow for processing. If this is not done, your message will be clipped at both ends. When holding the transceiver up to talk, hold it to the side of your mouth and speak across the microphone. Do not speak directly into the microphone or you may speak too loudly and cause distortion of the transmitted message. The frequency of the radio also has an impact on effective communications. Most radios used by security are FM transceivers. They are either VHF or UHF. VHF transceivers work on what is known as very high frequency. The UHF radios operate on ultrahigh frequency. The difference between these two transmission levels is the lower the frequency, the longer the wavelength. That means the VHF signal will travel a long way, but a VHF signal is a relatively weak signal and does not work as well in tall buildings with lots of steel. By contrast, the UHF transceiver is a stronger signal but has a much shorter wavelength. That means that it packs a wallop and works well in tall buildings with lots of steel, but it cannot travel too far. A UHF system with numerous repeaters in line is possibly the most effective two-way radio communications system.

Intercoms In a retail setting or a hospital setting emergency, codes are sent over the intercom. We all know that “code blue” means cardiovascular problems complicated by respiratory failure. We know that “code red” means fire. In some retail companies a call over the intercom such as “Mr. Jones, please come to the front of the store” means that security is needed at the front of the store. The intercom is useful when it is

II. PRACTICAL AND OPERATIONAL APPLICATIONS

195

SUMMARY

working, but traditionally the intercom system is a weak link in the communications systems of any facility. There are problems with volume and static, and they seem to have more than their fair share of maintenance needs. If the intended receiver of the message is out of the area, where there are no speakers, the message will not be received. In addition, there usually are no procedures to inform the communicator that the message was received and understood. Despite the problems, however, intercoms are still needed. Extra speakers should be placed in remote and hard-to-hear-in areas all over the facility to assure emergency messages reach everyone. If you work in a facility equipped with intercoms for communications and you even think that a message might have been transmitted over an intercom, call dispatch, and check out your suspicion. The mistake that a communicator can make using the intercom is to speak too loudly into the speaker. Many systems will distort if the input signal exceeds maximum input peak-topeak frequency. You do not have to speak loudly when announcing over an intercom, as they have built-in amplifiers to adjust the sound level.

EMERGING TRENDS As states across this country continue to pass laws for mandatory security officer training, effective communications will be an important part of that training. A training curriculum authorized by a state licensing board will likely contain report writing as a mandatory component. It will be a supervisor’s prerogative to assure that the officers in his or her command are following the report writing training they receive. Therefore, it will take the state licensing board and the security officer trainers and

supervisors, both in contract and proprietary security, to enforce acceptable levels of effective communications in the workplace. These supervisors should not hesitate to have a security officer rewrite his or her report when that report fails the effective communications test. In addition, poor report writing should be rewarded with mandatory writing class refreshers taken repeatedly until effective communications improvement is observed. It is very possible that this turn around trend in effective communications will emerge over the next decade, as security departments work toward ensuring that effective communications exist throughout the security industry.

SUMMARY Effective communications do not exist when the speaker and the receiver are not “on the same page.” That is the bottom line in many contract dispute cases where the seller and the buyer failed to reach a “mutual assent to the same proposition.” This means that the buyer expected to receive something that the seller was not selling; thus, the contract could be declared null and void all because the buyer and seller were experiencing a lack of effective communications. One of the situations that led to the death of hundreds of firefighters in New York City during the 9/11 terrorist attacks in 2001 was the fact that their two-way radio system failed. Poor communications turned deadly in that situation. We must be continuously vigilant of effective communications in our security work. Failure to communicate effectively, including failure to communicate at all, can very quickly turn into serious injury or death.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

18 Crime and Incident Scene Procedures Dennis Shepp O U T L I N E What Is an Incident?

197

The Scene

198

Hazards to an Incident Scene

199

Determining Boundaries

199

Protecting and Preserving the Scene

199

Evidence

201

Making Detailed and Accurate Notes

202

It is the protection officer’s objective to be proactive in the protection of assets. To do this, they will use the knowledge and skills they have gained toward preventing incidents or crimes that may potentially cause losses. Notwithstanding protection efforts, incidents will occur and some of them will result in losses. Some incidents might merely require the recording of information in an incident report for investigation or statistical tracking. Some reporting may actually be a preventive measure, such as reporting nonfunctioning HVAC systems, lighting issues, hazardous conditions, or other conditions which may cause an incident. When an incident occurs, it is important that the scene is

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00018-3

Working With Law Enforcement and Investigators

203

Emerging Trends

204

Conclusion

204

References

204

Further Reading

204

protected so that evidence is not damaged or lost. This chapter relates valuable information and skills required of the protection officer to manage a scene until expert and professional assistance arrives.

WHAT IS AN INCIDENT? An incident is a loss-event occurrence of some type that in some way impacts an organization. This may be a loss (like stolen property) or something that happened that the organization wants tracked through reporting (like false alarms, suspicious activities, safety hazards,

197

# 2020 Elsevier Inc. All rights reserved.

198

18. CRIME AND INCIDENT SCENE PROCEDURES

etc.) Most organizations want to track the number of incidents that happen for various reasons, mainly: • To track the cost of a loss event (example: cost of lost property). • To analyze trends of loss costs (example: “How much the organization loses to computer thefts in a year.” This is also referred to as statistical tracking). • Provide tracking of reported potential loss event causes, such as hazards or HVAC issues. To track loss-event information, the organization needs to know: 1. 2. 3. 4. 5. 6. 7.

What was lost? Who lost the property? Who owns the property? Where was it lost? When was it lost? Why was it lost? How did it happen?

Protection officers will see a trend here; basically incident reporting covers the “five-W’s” (W-5’s). The importance of effectively collecting the information needed to report and investigate incidents cannot be emphasized enough. This is why protecting the area where an incident has occurred is important. This enables a more effective investigative process. Some incidents involve criminal activities. Here are some examples of typical criminal activities likely to occur: • • • • • • •

Theft Vandalism Fraud Assault Homicide Burglary Stalking

As previously noted, many (most) incidents will not involve a criminal situation. Some examples of noncriminal incidents could be:

1. Alarms (fire, HVAC) 2. Responding to an accident (vehicle, workplace, recreational) 3. Service requests such as responding to calls for assistance to an employee or visitor as a security escort 4. Complaints of lost and/or found property 5. Insecure doors 6. Fires 7. Harassment (depending on pertinent criminal law governing your area, harassment may be deemed a crime) 8. Administrative breaches with organizational policy and procedures These types of events may require reporting and investigation but are often tracked using patrol/tour management software.

THE SCENE An incident scene can be found in a variety of locations. An incident scene can be an area of land or property, such as a room where a burglary has occurred and computers were stolen. An example on an even larger scale could be an entire property where an explosion and fire have occurred. In this case, the boundaries can be quite large and include a huge area within them. When the protection officer responds to the scene they must determine what the boundaries are and what exactly needs to be protected and why. For example, the scene could involve an area as small as a notebook computer. In this example, the scene that requires protection could have narrow boundaries, for example, the computer room and immediate area around where the computer was stored. The important consideration is that when responding to a call, or as part of a patrol, a protection officer may discover an incident scene that will require security. In most cases, the expectation from management for the protection officer will be to protect the scene until someone with more expertise arrives to conduct an

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PROTECTING AND PRESERVING THE SCENE

investigation. This is normally the case; the responding officer will have an investigative role, however minor that may be. In almost all situations a successful conclusion of an incident will begin with protection of the incident scene.

HAZARDS TO AN INCIDENT SCENE To protect the scene, the protection officer should understand what they are protecting the scene from. The reason an incident scene needs boundaries and protection is from contamination, either deliberate or from accidental external influences. Here is a partial list of common examples: • Weather conditions contaminating evidence • Bystanders or witnesses inadvertently walking on, touching, or taking evidence • Suspects tampering with evidence • Vehicles passing through the scene • Hazards associated with the incident that may contaminate or damage the scene (fire, electricity, chemical leaks, debris, water, sewage, etc.) • Assisting responders (security officers, EMS, fire, and often police officers who are merely bystanders and not investigators or connected to the incident) If the scene involves electronic data or computers with network connections, protecting the scene could involve securing communication and network access to the device and protected information.

DETERMINING BOUNDARIES Essentially, and as indicated by Martin A. Fawcett, CPO, in the 7th edition of The Protection Officer Training Manual, the protection officer’s objective when responding to a crime or incident scene is to: 1. Establish the boundary (perimeter) 2. Protect the scene

199

3. Preserve evidence and scene integrity 4. Maintain detailed and accurate notes of everything (Fawcett, 2003) These are similar rules established for law enforcement personnel. When establishing boundaries for a scene, the protection officer will need to consider how spread out the evidence seems to be around the scene. Although establishing a larger protected or secured area is best, it may not be possible. Determining the boundaries of a crime or incident scene may depend on already established naturally existing barriers. For example, the protection officer needs to protect the office where the notebook computer is located. Locking the office door, posting a security officer, and posting notices may be sufficient. In other situations where the scene needs a larger area protected, establishing a perimeter is more difficult and requires more resources. The officer may need to obtain assistance from other security personnel to protect the area by posting officers at strategic locations to deter access and deploying temporary barricades (crime scene barrier tape, temporary fencing, and Jersey barriers). Imagine the resources needed to protect an entire city block from passing bystanders and traffic.

PROTECTING AND PRESERVING THE SCENE The protection officer is likely to be the first responder to the scene, which means he or she has responsibility to protect the scene immediately. As soon as possible, establish the boundary or perimeter and use whatever resources you have immediately available to protect the area. Some other recommendations are to: 1. Call your supervisor for assistance. 2. Request assistance from other officers to protect the scene.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

200

18. CRIME AND INCIDENT SCENE PROCEDURES

3. Keep bystanders away from the protected area. Consider that some bystanders may be potential witnesses; therefore, do not immediately dismiss them from the area but keep them waiting a safe distance from the perimeter. To best protect the scene and preserve evidence, the protection officer should consider how they would investigate the incident. This will give them a better perspective on how best to protect the area. Unauthorized personnel do not need to access the protected area. This includes other security personnel and even emergency responders, such as the police. Unless the scene has officially been taken over by the investigating authority, keeping people away from evidence and inside the perimeter is a paramount responsibility of the protection officer in charge of the scene. Unless a supervisor has taken responsibility for the scene, the person responsible is typically the initial responding officer. Ensure instructions are clear when someone takes responsibility for the scene and make detailed notation of: 1. The time and date 2. The name, rank, and authority of the person who has taken responsibility Bystanders will need to be contained outside the perimeter while the protection officer is protecting the scene. Although there is a tendency to have bystanders leave the area and carry on with their own business, the protection officer does not want to dismiss potential witnesses to the incident. There is a delicate balance between having bystanders keep their distance from the perimeter yet remain in the area, so they are accessible to the investigators for an interview. Here are some recommendations: 1. To identify potential witnesses, ask if anyone saw what happened. 2. Ask potential witnesses to remain in the area to be interviewed by investigators.

3. Make notes of contact details, including name, date of birth, address, and phone numbers of potential witnesses before allowing them to leave the scene. The protection officer needs to be considerate with potential witnesses. People are typically busy and will not want to remain at the scene and wait for investigators. It is a responsibility of the protection officer to try to politely convince these people to wait. The protection officer has no authority to forcibly detain a potential witness; therefore, they may need to exercise discretion and be very polite while attempting to convince a potential witness to wait until the investigators arrive. If the circumstances permit, the officer may request the witness to provide a written statement while they wait. At the very least, the officer must obtain the name and contact details of the potential witness. Protecting the scene means the area must be preserved exactly as it was at the time of the incident. Nothing should be moved, removed, or altered in any way. Nothing should be introduced to the scene either (example: cigarette butts, garbage, footprints and fingerprints, or people). This includes touching anything at the scene (which introduces fingerprints and DNA). In fact, the protection officer must not touch or walk in any area where evidence may be disturbed or inadvertently introduced to the scene. There are times, though, when the officer or a responder may need to move a person or object; here are some examples: 1. Remove a live victim from a potential danger or hazard at the scene. 2. Introduce a foreign substance (such as chemicals) to a scene to extinguish a fire or prevent an explosion from a fuel spill, for example, water or chemicals from a fire extinguisher. 3. Allow temporary access to the site to evacuate bystanders or other victims because it is the only path for an exit.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

EVIDENCE

When something like this happens, the protection officer needs to make detailed notes of what was changed at the scene and how it was contaminated. The protection officer must remember that although protecting the scene is important, the protection of life is paramount and takes priority. Victims may need to be removed from the scene so that no further harm comes to them or to the responding protection officer. Eating, drinking, or smoking should never be allowed at an incident scene (Schiro, n.d.), as these activities provide other opportunities to contaminate the scene.

EVIDENCE It is important to understand what could be considered evidence. There are several types of evidence, but for the purposes of protecting the scene, the type of evidence most relevant is known as real evidence. This is evidence that is directly involved in the incident (DiCarlo, 2001). It is the physical evidence present at a scene that connects a suspect (person of interest) or helps explain what exactly happened. Physical evidence can have numerous forms, such as: 1. Blood (including blood spatter patterns) 2. DNA samples (blood, bodily fluids, skin, hair, bone, etc.) 3. Fiber samples (clothing, carpet) 4. Markings or impressions from tools, tires, footprints, handprints, etc.) 5. Fingerprints 6. A person (a body or evidence of an assault such as injuries, marks, or contact with an object or another person) 7. Documents (electronic and paper) 8. Computers and accessories (peripherals such as hard drives, disks, memory sticks, CD/ DVDs, MP3 devices, storage mediums, etc.) 9. Pieces from a suspect vehicle (damage left behind, paint samples, glass, parts) 10. Tools or items related to the incident, victim, or suspect

201

11. Chemicals 12. Digital or analog images (network video systems, photos, audio recordings, etc.) 13. Vehicles (automobiles, motorcycles, bicycles, etc.) 14. Furniture 15. Anything that is associated to an incident or crime that may be necessary for the investigation, prosecution, or litigation The previous list is only a sampling, as the types of physical evidence that can be relevant to an incident are varied and can include almost anything. For example, most of the evidence listed above is quite visible, yet the protection officer needs to understand that many forms of evidence are invisible to the human eye: fingerprints, for example, which are latent or impossible to see without investigative aids such as ultraviolet lights and detection powders. Another example is electronic and digital evidence that is contained on a hard drive. You may not know it is even there without expert assistance. This is extremely important to consider when protecting a scene because it will be difficult to protect something you cannot see. Collecting and protecting evidence can be a huge responsibility, considering the vast list of potential items that could qualify as physical evidence. The collection of evidence should only be conducted by a qualified person, but if somehow the protection officer is required to take custody of a piece of evidence, it must be done with extreme care. Often the officer has no choice but to accept evidence if provided to them by a victim or suspect. If evidence is found while on patrol it may be necessary to collect and preserve it so that it is not contaminated. If it is imperative that the evidence be collected by the protection officer, then here are some general recommended procedures to follow: • Consider a piece of evidence as FRAGILE and handle it accordingly.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

202

18. CRIME AND INCIDENT SCENE PROCEDURES

• Do not alter or adjust the evidence in any fashion—keep it as you find it. • Only one person should handle evidence. Assign one person to take responsibility for the evidence and only allow that officer to collect or handle the evidence. • Minimize the amount it is touched or handled and use proper hand protection (gloves) appropriate for the type of evidence. (Other pieces of personal protective equipment may be required, such as eye protection, full body suit, breathing apparatus, hard hat, etc.) • Keep individual items separate so they do not contaminate each other. • If the item was brought to you in a container or package—keep the container and package as evidence. • If the item needs to be repackaged (moist items should never be kept in plastic containers), use the appropriate package and keep the original as evidence. • The new container or evidence should be marked with: • Protection officer’s name • Date and time of possession • Reference Number to Incident • Prepare detailed notes outlining: • How you came in possession of the evidence • When you came in possession of the evidence • Where you came in possession of the evidence and where exactly it came from at the scene • Indicate who provided the evidence to you • Describe the evidence in detail • Photograph the evidence Continuity of possession of the evidence (chain of custody) is very important. Evidence needs to be stored in a proper manner and secured so that no one but the protection officer who accepted the evidence can access it. If the evidence needs to be moved or changes possession, the change and

chain of custody must be documented, and continuity maintained. • Maintain a detailed log of what happens to the evidence while it is in your possession. • If possession changes, document in the log and your notes: • Time and date of change • Who took possession of the evidence • The purpose of the change of custody (transfer to police, laboratory for testing, taken from evidence locker to court, etc.) The proper collection and preservation of criminal evidence can be further researched, and additional resources can be found on the website Crime & Clues: http://crimeandclues. com/category/crime-scene-investigation/. It should be rather clear at this point that the collection of evidence at a scene needs to be handled by professionals who are specially trained. The improper handling of a piece of evidence could impact the outcome of a criminal or civil trial, jeopardizing the appropriate course of justice and/or costing the organization additional losses or damages. The best advice is to protect the scene and allow the investigators to collect and handle the evidence.

MAKING DETAILED AND ACCURATE NOTES The importance of detailed, neat, and complete note taking and reporting cannot be emphasized enough. As already mentioned, the protection officer must keep detailed and accurate notes of everything that happens or that is observed at the scene. The notes may take different forms, for example, drawing a sketch of the room or property layout can help in a later description and report. Sketches are a terrific way to refresh your memory if you need to testify at a later time. Notes are often recorded using an audio recorder. The portability of such devices

II. PRACTICAL AND OPERATIONAL APPLICATIONS

WORKING WITH LAW ENFORCEMENT AND INVESTIGATORS

has made the technology more convenient to use. Some mobile phones have a feature to digitally record dictation. These notes can be saved and later transcribed into written form to be included in a report. Good notes facilitate a good report. Reports are intended to inform the reader of the following essentials: 1. 2. 3. 4. 5.

Who What Where When How

203

book—make a note in the remaining margin of the time, date, and why the page was removed. A good rule to follow when you maintain your notebook is to consider the following: Whatever you write in your notes, you should feel comfortable if someday you see it written in a major newspaper like the New York Times.

WORKING WITH LAW ENFORCEMENT AND INVESTIGATORS

A reader should be able to read a report and develop a clear picture in their mind of exactly what the protection officer saw at the scene. Recreating the scene in written form will assist investigators and help make the protection officer a better witness. Reporting the facts is critical so reports should not contain predictions, opinions, or concepts—just the facts of what was seen, heard, and experienced. It is also important to realize that a protection officer’s notes are not confidential. There is a high probability the notes may be presented to an open tribunal as evidence. Additionally, a protection officer’s notes could be copied and presented to the criminal defense or litigation plaintiff team and form part of their case. Because of the potential of full disclosure, whatever the protection officer writes in their notes should be in a very professional manner. Here are some suggestions: • Only write about factual information and avoid opinions. • Do not write anything derogatory about anyone. • Write your notes neatly and if something is written in error, stroke a single line through the notation and write the correction clearly. Someone should be able to decipher the crossed-out mistake. • Never tear out a page with notes—if it is necessary to tear an empty page from the

It may seem as though the role of a protection officer at a crime or incident scene is not as critical as that of investigators or police, but that is not the case. It is highly likely the protection officer will be the first responder who arrives or discovers the scene. This places a tremendous responsibility on the individual to: 1. Preserve life 2. Protect property When the protection officer arrives at the scene, they will be responsible to provide first aid, call for assistance, be alert for hazards, protect the scene, handle witnesses and bystanders, watch for evidence, handle hectic communications, and coordinate other responders and officers who arrive. The stress level will probably be significant. When the investigators and/or police arrive, the protection officer will be a valuable resource, as the investigators will want to interview and collect as much information about the incident as possible. This is in addition to the continued support that will be expected from the protection officer to protect the scene and assist in other ways (rescue, traffic control, etc.) while investigators collect evidence. The protection officer is a member of the incident team and should act in a manner that will impress and instill confidence in the other members of the team. This also includes performing

II. PRACTICAL AND OPERATIONAL APPLICATIONS

204

18. CRIME AND INCIDENT SCENE PROCEDURES

in a professional manner when interacting with the victim, suspect, and witnesses. When law enforcement or internal investigators arrive, they will likely take charge of the incident. There is a well-planned incident command structure practiced in most communities and organizations around the world that will outline who takes command at an incident scene. The incident commander is typically the highest-ranking member of a responding organization and could be a member of law enforcement, EMS, or fire service. In some cases, it could be a representative from the organization responsible for the site. As a member of the incident response team, the protection officer will be required to take instructions and direction from someone from a public agency (police, fire, EMS) or someone from the organization where the protection officer provides their service.

EMERGING TRENDS Societies subjected to tougher economic times and reduced public spending will expose the security industry to increased responsibilities that were traditionally reserved for public law enforcement. Governmental budgets will undergo closer scrutiny by taxpayers, resulting in reduced funding for police and government agencies. This reduction in available funds will impact all resources, including personnel. Reduced manpower will mean security personnel and protection officers will be required to undertake more responsibilities at crime and incident scenes. In particular, the private sector will be expected to manage more of the investigation and reporting for incidents that could be considered minor.

The result of these trends will be the need for additional, specific training for protection officers to prepare them to better fulfill the nontraditional roles and new responsibilities. These new quasigovernmental responsibilities will subject protection officers to more regulation and scrutiny, holding them to a higher standard.

CONCLUSION The protection officer is an important resource when it is necessary to respond and protect a crime or incident scene. Often the outcome of a crime or incident will not be immediately apparent when the officer arrives as the initial responder. This means they have to act in a professional manner and practice the knowledge and skills gained in this chapter while protecting a scene and preserving evidence. The final outcome of a criminal or civil court case could depend on how well the evidence was protected, collected, and managed.

References DiCarlo, V. (2001). Summary of the rules of evidence. Findlaw. Retrieved 9 September, 2009, from http://library. findlaw.com/2001/Jan/1/241488.html/. Fawcett, M. A. (2003). Field notes and report writing. In Protection officer training manual, IFPO. (7th ed.). Boston, MA: Butterworth-Heinemann. Schiro, G. (n.d.). Protecting the crime scene. Retrieved 6 July 2018, from https://www.crime-scene-investigator.net/ evidenc1.html.

Further Reading Fennelly, L., & Perry, M. (2017). Investigations: 150 things you should know. Butterworth-Heinemann.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

19 Foundations for Surveillance Matthew R. Dimmick O U T L I N E Types of Surveillance Covert Personal Surveillance Overt Personal Surveillance Covert Electronic Surveillance Overt Electronic Surveillance

206 206 207 207 208

Digital Surveillance

208

Surveillance as a Deterrent

208

In most media, the concept of surveillance is represented as a man in a wrinkled, coffeestained suit or an extremely large, sophisticated, and complex electronic array that requires three or more people to monitor. In reality, the typical surveillance operation falls between these two levels of complexity and utilizes the combination of both personnel and technologies effectively. The basic goal of surveillance is to obtain information that might not be immediately available without a concerted effort, focused attention on the subject(s) and appropriately refined observational skills. Understanding the behavior and activities of the subject of investigation can help find key focus points for

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00019-5

Equipment Requirements

209

Privacy Issues

210

Recording and Retention

210

Emerging Trends in Surveillance

211

References

212

the operative. At the same time, the causal nature of the surveillance (criminal, custodial, civil, fraud, etc.) should also be a planning consideration. The effectiveness of surveillance operations is determined through effective planning of the task at hand. Thoroughly planning a surveillance operation includes, but is not limited to, personnel, resources, subject focus, operational security (OpSec), recording and reporting, and communications, and substantially increases the likelihood of an accurate, fair, and timely investigative outcome. There are a variety of restrictions placed on surveillance activities, whether conducted by government entities or within the private sector.

205

# 2020 Elsevier Inc. All rights reserved.

206

19. FOUNDATIONS FOR SURVEILLANCE

These restrictions, primarily focused on maintaining a reasonable expectation of privacy for the public, employees, and others, may come in the form of laws and regulations, organizational policies, company policies, or procedures. The importance of investigators and surveillance operatives having a comprehensive understanding of privacy rights and the extent to which they can legally and ethically perform surveillance cannot be overstated.

TYPES OF SURVEILLANCE Surveillance operations can be described based on the type of activity, covert and overt, personal and electronic, static and mobile, or digital. This chapter frames utilizing these categories as defined in the following: • Covert operations are those done in secret without the knowledge of the subject. • Overt operations are out in the open and can usually be easily identified as a surveillance activity. • Personal operations are those carried out in person by individuals or teams of operatives. • Static surveillance operations are intended to determine the activities of a particular home or business. • Mobile surveillance operations are focused on the activity of the individual subject of the surveillance regardless of location. • Electronic operations can range from video surveillance systems to transmission interception and receipt of other electronic information. • Digital surveillance may also be referred to as activity monitoring and is focused on the digital footprints of the subject of surveillance. These items are described in the following sections based on logical combinations utilized during surveillance operations.

Covert Personal Surveillance Covert personal surveillance is the act of a surveillant watching a subject from a location of concealment, or in a manner in which the surveillance is not obviously being carried out. Covert surveillance may be particularly effective in investigations, including cases of marital strife, insurance fraud, and even law enforcement investigations. While this surveillance is personal rather than electronic, it should be noted that some electronics are usually involved. For many operations, the equipment utilized may be limited to a camera, a voice recorder for the retention of comments on the observations, communications equipment, and other commonly used electronics. The environment, time of day or night, and the goals of the surveillance activity all weigh on equipment selection and each operation may be different. We discuss equipment in greater detail later in this chapter. The primary advantage of covert personal surveillance is that it provides for human decision-making as the situation evolves. By being on the scene, the operative(s) can determine how to refocus the operation to obtain better results. One major drawback to this type of surveillance is that it is extremely manpower intensive, and thus can be very expensive. Such activities are manpower intensive to avoid discovery of the surveillant. In order to not attract too much attention, it is best to utilize multiple operatives with differing appearances to limit the potential for discovery. It is important in covert personal surveillance that the same person is not in the area for an extended period of time, drawing potential interest by being conspicuous. Covert personal surveillance may be conducted by a team of operatives with a particular investigative interest in the activities at a given location. The reasons for the interest in the location may range from suspected criminal

II. PRACTICAL AND OPERATIONAL APPLICATIONS

TYPES OF SURVEILLANCE

activity to excessive losses in a supply chain or similar environment and everything in between. Surveillance focused on a particular location is referred to as static. It is important when conducting static surveillance to regularly change up personnel and dress, and vehicles (if used) should be regularly rotated to avoid suspicion or being made out by the subject. When performing mobile surveillance, which typically involves utilizing vehicles, the changes to the appearance of the vehicles are even more of an issue, as specific vehicles are easily recognized if they continuously pass into and out of view. Multiple vehicles should be utilized in this type of surveillance. It is important to note that there must be two individuals in each car. A driver should ensure the safe operation of the vehicle and an investigator is responsible for observations, note taking, photography, etc., as needed. Mobile surveillance may also be conducted on foot in dense urban areas that are heavily dependent on public transportation. These operations can yield interesting results stemming from the fact that, when properly executed, those observed are not aware that others are paying attention to them.

Overt Personal Surveillance This type of operation ranges widely in its application. Most people in the field of protection engage in this type of operation on a regular basis without realizing that it falls within this category. Overt personal surveillance is the execution of visible and open inspection, such as when on patrol. The act of gathering information is just as important as the deterrent value of such an operation. The person executing these duties may be looking for specific types of incidents or situations. Through their presence, and the fact that they are paying attention to their surroundings and the persons in those surroundings,

207

those in the area may reconsider intentions of violating company policy or legal restrictions. To enhance the effectiveness of overt personal surveillance at fixed locations, viewing zones between 2 and 6 ft in height should be kept clear of obstructions like bushes, tree canopies, privacy fences (except as required), and other objects. Allowing for better sight lines increases the potential that elicit activities may be discovered. In addition to supporting security operations personnel, clear sight lines also afford other users of the space the opportunity to witness activity that is outside of the normal activity for the site and report it to security or law enforcement personnel. Overt personal surveillance operations have been found effective in altering previous behavior and responses of persons in the observed environment. This deterrence of criminal or abnormal behavior is believed to be due to the fact that there are obviously people paying close attention to personnel in the area and their activities.

Covert Electronic Surveillance The use of hidden cameras, voice and electronic recording equipment, and similar devices falls within this category. It is within this type of operation that the surveillance agent must pay the closest attention to privacy issues, as the unwelcome observation of persons, under certain circumstances, may violate state or federal restrictions on such actions. Further, with private organizations, company policies and potential impact on reputation and branding should be considered. Care must be taken and counsel sought when designing such operations, so that violation of such restrictions does not occur and/or the private firm conducting the investigation is not exposed to criminal or civil liabilities. The intent of covert electronic surveillance is to surreptitiously record activities, intercept

II. PRACTICAL AND OPERATIONAL APPLICATIONS

208

19. FOUNDATIONS FOR SURVEILLANCE

communications in the form of radio or other electronic means, or record conversations of the subject. Much like personal covert operations, this method often yields very interesting results. If the operation is properly executed, the subject is not aware that they are being observed. As a result, they will act in a manner that is completely natural to them in the given environment.

Overt Electronic Surveillance Overt electronic surveillance involves the utilization of visible static or pan/tilt/zoom (PTZ) cameras to observe activities in a particular area. In order to be effective as a surveillance medium, the video surveillance cameras must be monitored by an operator. Video surveillance cameras that are not monitored are primarily used to provide evidence for postincident investigations and may not have the same effects on behavior or crime as those that are monitored regularly. One well-known example of overt electronic surveillance would be the PTZ camera domes found in most department stores. These provide a significant amount of information to a trained operator and can be utilized to quickly assess activities and respond to incidents, when needed. Overt electronic surveillance allows for sufficient response of security or loss prevention personnel to a particular area based on the assessment of the security incident, person(s) involved and the potential for loss.

DIGITAL SURVEILLANCE While not a classical form of “surveillance” like you would see in a Hollywood thriller, the advent of an online, interconnected world rife with social media and virtual work environments powered by instant messaging has spawned a new form of surveillance known as

“digital surveillance.” Digital surveillance may be utilized in support of broader surveillance and investigative activities and assist the investigators with identifying potential surveillance focal points, understanding subject behavioral patterns, and, in some circumstances, potentially identifying close affiliates. The advent of digital footprints and the information that can be gathered via the internet and social media provides a wealth of information to investigators. More and more, law enforcement agencies, private investigators, and companies have found the monitoring of online activity to be beneficial to the investigative process. The most common, current uses are for reputation management and third-party vendors’ due diligence. Where allowed by regulations, this type of review may also be included as part of initial background investigations of prospective candidates for employment. From an operational surveillance perspective, social media activity monitoring can be utilized in the planning of the operations. By assessing the information made publicly available online by the subject, the officer, or supervisor responsible for planning the surveillance, may potentially gain insights into the behaviors, focus points, and other relevant information relating to the subject’s activities.

SURVEILLANCE AS A DETERRENT Overt surveillance has a secondary benefit in that it may serve as a very visible deterrent to certain types of crimes. Often, if the recordings of such a system are replayed, persons can be seen behaving in one manner, looking up to find that a camera is in the area, and immediately altering the previous behavior to bring it more in line with the expectations for that environment. The perception of the subject of overt surveillance is that there is no means of their knowing whether activities are being

II. PRACTICAL AND OPERATIONAL APPLICATIONS

EQUIPMENT REQUIREMENTS

monitored or not. It is the potential of being observed and the concern over punishment that comes from possibly being observed that provides the deterrent factor in this case. To preserve the deterrence factor of surveillance systems in industrial locations and employee-only areas of other types of businesses, the cameras should be placed in plain view making it obvious that video surveillance is in use. At the same time, it is best to avoid allowing employees outside of the security department to view the monitors themselves. Those in the area should know that observation occurs but not be able to determine which area at any given time is being observed.

EQUIPMENT REQUIREMENTS As previously stated, the equipment may vary widely. In the case of personal surveillance, either covert or overt, it may be as simple as binoculars, a camera (usually 35 mm), a minirecorder, and a notepad. For instance, where 24-h surveillance (i.e., surveillance in low light conditions) is required, additional equipment in the form of IR cameras, night vision, flashlights, etc. may be required. It is also wise to outfit operatives with a map of the area where the operation will occur to allow them to physically mark focus points, diagram routes, and identify patterns of activity over the area of operations. The initial financial outlay is dependent upon the equipment selected. It is important to note that the majority of the equipment involved in personal surveillance can be retained over a period of many operations. For covert electronic surveillance, some equipment options might include pinhole cameras; cameras concealed in sprinkler heads, clocks, books, and other nondescript items; scanners tuned to permissible frequencies; and even long-range audio amplifiers as permitted. Technological advances, brought about by the advent of microsensors, have greatly reduced

209

the size of eavesdropping devices and cameras. These advances have had an impact on the discoverability of the concealed devices, increasing their effectiveness and complicating mitigation strategies subjects may attempt to employ. The equipment selection, given the right budget, can look very much like the property of a movie spy. The actual selection is often limited only by the budget of the operation. In overt electronic surveillance operations, the investment will be based on the function, scope, and sophistication of the intended operation. As an example, a moderate grade PTZ camera requires not only the camera dome but also a control unit, video cabling, power sources and cable, and a recording media to store the video. Some older or less expensive systems may rely on analog videotaping as the means of recording. Most of these systems are being replaced with digital video recorders (DVRs) or network video recorders (NVRs) due to superior capacity, length of retrieval time, and the elimination of changing and storing video tapes. With the ancillary equipment, installation labor and other requirements, even a stand-alone camera system can require an investment of several thousand dollars. The cost of the system should be weighed against the benefits of the surveillance activities to determine if the return is worth the investment. In other words, will the reduction in losses, liability, and criminal activities “pay” for the system over time? The equipment must be selected based on functionality. Considerations such as environment, lighting, glare, and reflectivity should be considered alongside the nature and scope of the operation if the surveillance system is to be of optimal effectiveness. Security officers and supervisors interested in the application of video surveillance systems may find additional resources on this subject online, in bookstores, through industry association training, or at their local library. Experience with the layout of camera systems will enhance your ability to determine the exact system requirements for your application.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

210

19. FOUNDATIONS FOR SURVEILLANCE

Regardless of the nature and method of the operation, the underlying goal of obtaining information must also be addressed in the equipment. As discussed earlier, properly designed surveillance systems at facilities include recording media (digital or analog). For surveillance outside of fixed site overt electronic surveillance, any activities of interest should be recorded by the best method available to the operative at the time. In civil and criminal trials, physical evidence including still photographs and video recorded by a surveillant are impactful. Many cases like insurance fraud or slips and falls, where litigation is involved, can be made or broken based on the quality of the physical evidence provided by an investigator. It is in this type of instance that the true return on investment for surveillance equipment is realized. With regard to digital surveillance there are a variety of tools available to support the monitoring of social media platforms. Many of these tools utilize keywords or search terms to facilitate the monitoring and review of posted content. In the absence of these tools, an investigator or analyst knowledgeable in the use of the internet and familiar with social media can work through available open source information and make some initial determinations with regard to the activity of the subject.

PRIVACY ISSUES Although the pursuit of justice and the protection of personal or company property is highly important, it is also critical that the laws protecting privacy are honored and protected. As such, it is essential to understand the basic concepts and research laws that could have bearing on the specific operation to be undertaken. As an example, in some states, recording a telephone conversation may not be done without the prior knowledge and consent of both parties on that call. In other states, only one

person must be aware that a recording is being made. In some cases, an employer may listen in to employee telephone conversations, based on legal permissions, specific content in the employee hiring agreement or employee handbook, or simply because the telephones are owned by the employer and provided only for the execution of work-related duties. Without a clear understanding of the laws and restrictions that apply to the location in which you intend to perform a surveillance operation, it could be very easy to violate those laws. Although there are many “rules of thumb” on this issue, the fact is that privacy requirements vary so widely that the best guideline to follow is to research those that apply to your target area. This research should include laws or statutes, regulations, company policies, and legal precedents. It is prudent when conducting surveillance operations to coordinate, where practical, with legal counsel (corporate, prosecutors, etc.) prior to initiating activities which may potentially impinge on the reasonable expectations of privacy individuals have. Do not ever assume that the privacy laws of one area apply wholly to another area. Further, do not assume that what was acceptable, in terms of privacy laws, during the last surveillance activity in a given region is still applicable on the next. Every year, dozens of new guidelines, laws and regulations at the international, federal, state, and local levels are passed. Each new law has potential to impact how surveillance is conducted and should be considered, particularly as new techniques and technologies are developed.

RECORDING AND RETENTION As already noted, it is best to make some durable record of the surveillance operation’s results. In some cases, this can prove a suspicion; in others, it could be used to defend the execution of practices of those involved in the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

EMERGING TRENDS IN SURVEILLANCE

operation. The materials produced by such activities should be retained for a period of time that is appropriate for the material and actions identified through that investigation, that is appropriate to meet applicable regulations, or for the time frame that those involved might be allowed to enter into a civil action, whichever is longer. In short, be prepared to prove your case for however long might be required and be prepared to defend your operation against civil accusations. Some companies have a policy that directs all closed case materials to be destroyed after a certain period of time, such as a 2-year retention policy. Research and evaluate these directives before executing them. In some states, plaintiffs are permitted extended periods of time to file civil suits. It would be in the best interest of investigators and the company involved to retain supporting evidence should a suit be initiated within the allowed period of time. The importance of researching the laws and restrictions that apply, not only to your location but also the specific location where the operation takes place, cannot be overstated. Save all of your recordings and imagery from the investigation for the same amount of time. Even if the image of the subject does not appear relevant to the investigation at first, you never know what might be seen in the secondary areas of the image upon further assessment. Some cases have begun and been proven based on the background scene in video recordings. Even when the primary action, the focus of the video, does not prove to be a violation, pay attention to your background, and review all materials with this in mind. If storage space becomes an issue, it might be that noncritical materials have to be discarded. Review these materials prior to removal to ensure that there is nothing of value in them. With the advent of digital recording, physical space is becoming less of an issue for evidence resulting from most operational surveillance activities.

211

EMERGING TRENDS IN SURVEILLANCE Throughout this chapter, we have discussed surveillance and technology. While many tools will remain steadfast in the investigator’s tool box, technology continues to evolve and bring new capabilities to the field. Innovators are continually challenging the status quo with regard to the technologies that we utilize on a daily basis. During the years since Steve Jobs introduced the first iPhone, smart phones and the capabilities they carry with them, from communications to cameras and voice recorders, have found a place in our daily lives and in many investigator’s tool kits. Another example where emerging technologies are impacting surveillance is in retail. Currently, retailers are utilizing facial recognition technologies, free Wi-Fi, and camera analytics to determine who is entering their stores, how long they are staying and how much of that time is spent at which displays and aisles. This information is used in loss prevention by enhancing the overt surveillance operator’s understanding of the activities in the store; however, its primary benefit to the retailers relates to product placement and effectively moving merchandise. Understanding and being able to articulate secondary benefits of new or emerging surveillance technologies provides the investigator with another avenue to justify investments in surveillance to management. The world is evolving rapidly, connecting and coalescing in ways that were not possible just a few short years ago. Technologies that were dreamed up for science fiction movies and “real crime” television are not as far-fetched as they once were. In the coming years, miniaturization, automation, improved resolution, Internet of Things (IoT) devices, augmented and virtual reality, and advanced analytics will contribute to the development of new surveillance equipment, capabilities, and enhancements of user

II. PRACTICAL AND OPERATIONAL APPLICATIONS

212

19. FOUNDATIONS FOR SURVEILLANCE

defined operational pictures (UDOP). These advances will allow for smaller, more efficient cameras with better image quality, employment of surveillance cameras on autonomous robots and drones, crowd sourcing images to identify subjects, the ability to review hours of footage in seconds, and the advent of specific artificial intelligence. This may also facilitate the development of security command centers with augmented reality video management systems similar to the one as seen in the movie Minority Report (Spielburg, 2002). As the world evolves and technology becomes further ingrained in surveillance, it is imperative that security officers, supervisors, and investigators are

able to adapt. The ability to understand and adopt emerging technologies will significantly increase the efficiency and effectiveness of personal, electronic, and digital surveillance, whether covert or overt in nature. Organizations and personnel who stay on top of these emerging trends and begin to integrate technology into their surveillance operations should see measurable advantages in their security programs and/or careers.

References Spielberg, S. (Director). (2002). Minority report [Motion picture]. USA: Twentieth Century Fox.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

20 Report Writing and Field Notes Jack F. Dowling, Rav-Zuridan Yisrael O U T L I N E Introduction

213

What Should Be Reported

215

Importance of Report Writing

213

Qualities of Good Reports

215

Field Notes

214

Emerging Trends

216

Reports Should Be Written

214

Resources

217

in any instance, it is widely accepted and validated that report writing is of the utmost importance in the security industry.

CHAPTER OBJECTIVES • Explain the basics of report writing • Emphasize the usefulness of report writing • Explain the purpose of field notes

IMPORTANCE OF REPORT WRITING

• Identify the essentials of good report writing

INTRODUCTION As in many other professions, reports are essential to the security industry. In fact, report writing is one of the essential functions for security officers. Some security professionals list the primary directives of a security officer as detecting, deterring, and reporting. Other professionals state that the main duties of security officers are observing and reporting. However,

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00020-1

One of the most important issues of report writing has to do with liability. Proper report writing may significantly reduce the potential liability faced by security officers or their employers. Reports can aid in documenting potential loss that an organization may face and the response that the organization takes to mitigate the risk of loss. Additionally, reports may aid in determining who is accountable for an incident. For example, if a security officer is working for a contract security company and he/she

213

# 2010 Elsevier Inc. All rights reserved.

214

20. REPORT WRITING AND FIELD NOTES

notices a torn carpet that presents a trip hazard, that security officer has a duty to report the hazard. If the hazard is not repaired and someone is injured, the fact that the officer reported it reduces the liability of both the officer and the officer’s company. Once the officer submits the written report, it is now primarily the responsibility of the property owner or property manager to develop an adequate safety or security measure to remedy the situation (i.e., repairing the carpet). However, if no measures are taken to remedy the hazard and someone is injured, the owner of the property can likely be held liable and accountable for their inaction. Therefore, it is evident that reports are important in determining liability as well as accountability.

FIELD NOTES It is imperative that reports be accurate and factual. To ensure that reports meet this requirement, field notes should be written while conducting one’s duty as a security officer. Field notes should be written in an easy-to-carry pocket-sized notebook. While on patrol or responding to incidents, field notes are taken as the initial step in reporting incidents, unsafe conditions, and breaches in security, violations of policy, or any unusual events. Field notes are useful in many situations. For example, if an incident arises that requires the police department, fire department, or ambulance to arrive at a work location, it is much simpler to write down the necessary facts while handling the incident. Handling certain events can be stressful; however, it will be more stressful to have to search for a piece of paper to write down important details. Additionally, recording the information as soon as possible after the occurrence of the incident helps to ensure the accuracy of the incident report. For example, if an officer observes a vehicle crash into a parked vehicle and then drive off rapidly, it is easier to write down the make and model of the car and

its license plate number in the field notebook than it is to remember the information 20 min later while writing an incident report. Field notes provide a means of recording the intricate and specific details of an event or unusual or unsafe circumstance and should be retained with the written report file. Information to record in field notes may include: 1. Descriptions of suspects 2. Names and badge numbers of emergency services personnel 3. Vehicle numbers of emergency service vehicles 4. Names of witnesses 5. Notes from interviews of witnesses 6. Descriptions of vehicles 7. List of items stolen 8. List of items broken 9. Names and contact information of victims 10. Time of incident 11. Arrival times for emergency service personnel 12. Nonworking lights (security hazard) 13. Torn carpets (trip hazard) 14. Leaking pipes (trip hazard or damaged fire suppression system) 15. Any other detail or event that will be needed for a report at another time

REPORTS SHOULD BE WRITTEN Considering that reports are critical to adequately perform one’s duties as a security officer, it is necessary to discuss reports in better detail. Security officers should write all reports; even if a verbal report of an incident is given, written reports are necessary. Written reports are more dependable than verbal communication. For example, do you remember what you were wearing on the 13th day of last month? What did you have for lunch that day? What was the description of the first person that you saw that day at work? The average individual does not remember such specific details of past

II. PRACTICAL AND OPERATIONAL APPLICATIONS

QUALITIES OF GOOD REPORTS

events. Additionally, even with the best of intentions, either party can forget a verbal report. If there is a conflict regarding whether a verbal report was submitted, the issue becomes a matter of hearsay or a case of “he-said/she-said.” A written report is a means to recall the intricate details of an event and to verify submission of the report. Verification of submission of a document can be via a signature on a traditional report or by printing a copy of a report that has been inputted into a database. Not only should the report be in written format, it should be written as soon as possible after an incident and notes should be taken during the incident if possible. This will ensure the most accurate record of the details that took place.

WHAT SHOULD BE REPORTED Determining which incidents require reporting may seem complicated to novice security practitioners. A good rule to follow is: if it is an uncommon event, then report it. It is far better to have an incident report that is not needed than to need a report and not have it. When there is doubt on whether a report should be written, it is better to err on the side of writing the report. Some examples of events to report include broken equipment or property, illegal activities, trespass, activities against company policies, accidents, injuries, hazardous situations, fires, breaches in security, and vandalism.

QUALITIES OF GOOD REPORTS There are certain qualities that all effective reports should have. A good way to remember the qualities of a well-written report is the “Three (3) C’s of report writing.” The 3C’s of report writing are a guideline to the characteristics of a good report: clear, concise, and complete. Each of the 3C’s will be discussed in further detail.

215

Clear—Refers to the readability and understandability of the report. A report should be written legibly or typed to ensure that others can read it, as it has little value if not understood. Clear also relates to the words used and the sentence structure. It is best to write a report in the simplest and clearest terms, again, to ensure that it is easily understood. Reread the report, or have others read it, to make certain the correct message is being conveyed. Additionally, word usage is important to create a clear and precise report that is useful to others. An example of a statement that demonstrates poor word usage is “the subject is a short, white male.” That sentence is very vague and leaves the height of the suspect to the interpretation of the reader. Better reporting of the suspect’s description is that “the subject is approximately 5 ft and 5 in. tall.” This makes the description more concrete, as opposed to a subjective description, such as short, which may vary from person to person. Finally, punctuation, grammar, and spelling are important to report writing. If you are unsure how to spell a word, refer to a dictionary. Remember that a report is a reflection of your professionalism. Concise—A good acronym to remember when it comes to writing reports is K.I.S.S. (Keep It Short and Simple). Conciseness has to do with the brevity of the report. It is not necessary to expound extensively on an incident. However, it is necessary to include all relevant information and to ensure that this information is factual and accurate. Additionally, reports are to be objective and impartial; never add your opinions or assumptions to a report. Your opinions can be shared with necessary parties as needed; however, they have no place in a report. If your opinion is a likely truth, an objective party is probably going to reach the same conclusion or consider your conclusion by an objective review of your report. However, it is important to ensure that the conciseness of a report does not affect its completeness. Complete—This means ensure that all of the details are included in the report. One method to

II. PRACTICAL AND OPERATIONAL APPLICATIONS

216

20. REPORT WRITING AND FIELD NOTES

accomplish this is to consider the “5 W’s and 1 H of report writing,” which is a guide to ensuring that a report is complete. It requires that you answer the following questions as they relate to the incident: Who, What, Where, When, Why, and How? Obviously, each question is not applicable to every incident; however, this is a very thorough starting point. Examples of questions that should be answered in the report are listed below: Who: • • • • •

Who Who Who Who Who

is the victim/complainant? is the culprit/accused? responded? was notified? witnessed the incident?

What: • • • •

What happened? What was the consequence? What was the response? What were the badge numbers of the police who arrived? • What was the truck number of the ambulance that arrived? Where (be exact: include address, floor, room number, etc.): • • • •

Where Where Where Where

did the incident occur? was the victim taken? was the suspect taken? specifically in the building?

When (this includes the day, date, and time): • When did the incident occur? • When did the police or ambulance arrive? • When was the incident reported? Why: • • • •

Why Why Why Why

did the incident occur? were the police called? did security respond? did the alarm sound?

How: • • • •

How How How How

was was was was

the the the the

incident reported? incident discovered? suspect apprehended? issue resolved?

Writing a quality report is one of the most important duties of a security professional. It is essential to remember to remain truthful and honest in your reports. Security professionals are entrusted with the responsibility of protecting the assets of others; are given access to areas, items, and information only because of the responsibility of their position; and, therefore, should act in an ethical and moral manner. One’s ability to communicate effectively through written reports may directly affect career advancement. Reports are a reflection of the author and in many ways reflect their competency at performing their job functions. Additionally, reports may be used for legal matters, recalling the details of incidents, and determining which security or safety issues must be addressed more thoroughly.

EMERGING TRENDS Many organizations are moving toward having their incident reports compiled and stored in a database. The database allows various managers to view incident reports without having to hand-deliver a hard copy. Additionally, the database allows users to sort incidents based on the nature of the incident. The ability to sort a year’s worth of incidents with the click of a button is of great benefit to managers conducting risk assessments on the facility as well as determining trends with certain types of incidents. Finally, in court cases you may not go to trial until 9 months later, at which point your report and field notes will be a life saver. So, get in the habit of saving a copy of all your reports.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

RESOURCES

Resources Hess, M. E., & Wrobleski, H. M. (1996). Introduction to private security (4th ed.). New York, NY: West Publishing Company. International Foundation of Protection Officers. (2003). Protection officer training manual (7th ed.). New York, NY: Butterworth-Heinemann.

217

Security Guard Management. (n.d.). Writing reports. Retrieved September 16, 2019, from https://sgmnow.com/reportwriting/. State of New York Division of Criminal Justice Services. (1995). Eight hour pre-assignment training course for security guards.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

21 Crisis Intervention Michael A. Hannigan, Christopher A. Hertig, Brion P. Gilbride O U T L I N E Introduction

220

Verbal and Physical Disruptive Behavior

223

Causes of Disruptive Behavior Illness or Injury Emotional Problems or Mental Illness Substance/Alcohol Abuse or Medication Reaction Stress Anger/Frustration

220 220 220

Active Listening

224

Nonverbal Communications

224

Controlling Disruptive or Violent Behavior

225

Understanding Disruptive Behavior Evaluate Plan Implement Document Review/After-Action

221 221 221 221 221 222

Four Stages of Crisis Behavior

222

Best Practices Guideline for the Security Professional

223

220 220 221

Team Intervention Positive Factors Resulting From Team Approach Leadership in the Team Approach

226 226 226

Safety Considerations in Crisis Intervention

227

Emerging Trends

227

Conclusion

228

References

228

• Emphasize the importance of empathetic listening and nonverbal communications

CHAPTER OBJECTIVES • Discuss causes of disruptive behavior

• Discuss team intervention approach

• Review stages of management of disruptive behavior

• Review safety considerations in crisis management

• Develop security professional guidelines

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00021-3

219

# 2020 Elsevier Inc. All rights reserved.

220

21. CRISIS INTERVENTION

INTRODUCTION The security professional often encounters and must deal with individuals who engage in disruptive behaviors that, if left unchecked, might lead to additional destructive or even violent behavior. This behavior sometimes is caused by or exacerbated by such factors as alcohol or drug consumption, being a victim of a crime, suffering an accident, illness, an argument with a spouse/cohabitant/significant other, or the loss of a loved one. Such individuals may pose a threat not only to themselves but also to employees and/or the public. The security professional, therefore, must have means at their disposal to effectively de-escalate or minimize the potential for violence. Fortunately, there is such a means available. Referred to as both behavioral management or crisis intervention, this strategy assists a security professional in better controlling the outcome of a situation such that the care and welfare of an agitated or out-of-control individual are maintained while simultaneously protecting the security professional as well as those around them. In order to discuss this strategy, the causes of disruptive behavior(s) must be understood.

CAUSES OF DISRUPTIVE BEHAVIOR People become violent or disruptive for a variety of reasons but most will fit one or more of the following categories:

individuals may not have control over their actions or even remember what they have done.

Emotional Problems or Mental Illness People with mental illness, depending on the nature of their illness, may become verbally abusive or physically assaulting. They may be suffering from severe depression, psychosis, or schizophrenia. While these conditions are often managed with prescription medication, the individuals may have stopped taking their medication or have taken too much medication. These individuals require prompt professional attention.

Substance/Alcohol Abuse or Medication Reaction Those who abuse alcohol or other substances, such as PCP (animal tranquilizers, also called “angel dust”), cocaine, LSD, heroin, and so on are prime candidates for violence. The rise of synthetic substances, such as ecstasy (MDMA) or methamphetamine over the last 10–15 years has exacerbated this issue, as has the ability of distributors to “cut” other chemical substances into them. As a result, consumers of these substances often have no awareness of what they’re actually using. This means responding security professionals also cannot determine what substances the individual ingested, thus making it harder to safely address. It is not possible to predict behavior patterns without having some indication of the kind of substance involved.

Illness or Injury People who are suffering from insulin shock, have severe breathing problems, or are in need of a particular medication can become agitated or even physically violent until they receive medical attention. Sustaining a head injury, for example, could cause a person to become aggravated. In these situations, the affected

Stress Stress is often referred to as the “silent killer.” Everyone suffers from various levels of stress from time to time. Stress that more frequently leads to depression remains a personal matter. However, individuals who are not able to manage personal stress may be susceptible to severe

II. PRACTICAL AND OPERATIONAL APPLICATIONS

UNDERSTANDING DISRUPTIVE BEHAVIOR

aggravation, which can precede violence directed against others. Violence in stressed individuals is also difficult to predict as individuals respond to stress in different ways.

Anger/Frustration These conditions are often exhibited by individuals who lack the common decency to behave in a manner that is socially acceptable. Often the level of individual maturity will dictate the extent of objectionable conduct. But in some cases, the anger and lack of emotional control can lead to any number of violent reactions on the part of the subject.

UNDERSTANDING DISRUPTIVE BEHAVIOR Understanding disruptive or violent behavior is essential to determine what steps to take to safely resolve an incident. Managing such behaviors is best accomplished using a fivestage process; the stages are based on conditions that security professionals must learn to recognize.

221

people or equipment? Remember that situations usually start out one-on-one but should not be permitted to stay that way for long—no longer than it takes to get back-up personnel. Once the course of action has been determined, whether it is to continue talking, containment, restraint, removal of the person(s), referral or arrest, communicate the decision to team members. When planning, seek input from others when possible.

Implement Put the plan into action. At this stage, the situation is fluid and things often do not go as anticipated. Regardless, the security professional must remain calm. A contingency plan can be activated that may be more fitting for the circumstances. In all crisis situations, the security professional’s personal safety is of prime importance, and actions should be dictated accordingly. Security professionals should not attempt to resolve a volatile situation alone. In those instances, positioning with safety in mind and observation of parties involved, their action(s), and notation of potential hazards are key.

Document Evaluate What is going on? Why? Who is involved? Is the security professional, disruptive person or others in immediate danger? Is support needed from fellow officers or resource personnel, such as supervisory staff, social workers, medical personnel, or police?

Plan Once the situation has been evaluated, what do the security professionals need to do? What are their options? What is the plan? Once determined, how do they implement the plan? Are necessary resources available, such as

Effective documentation of a crisis incident is vital. A well-documented report will also serve to provide litigation protection should legal actions result from actions or inactions on the part of crisis respondents. The final report should include the standard who, what, where, when, how, and why. Address each of these questions carefully so that the report can be read and understood by all individuals and organizations involved. The audience for such reports begins with the security professional’s immediate supervisor and can range from that supervisor to various parties such as: • Chief executive officer • Corporate counsel

II. PRACTICAL AND OPERATIONAL APPLICATIONS

222 • • • •

21. CRISIS INTERVENTION

Federal, state, local law enforcement Emergency medical professionals Criminal/civil judicial authorities Prosecution/defense attorneys

Review/After-Action Once an incident is resolved, it is imperative that the organization review the incident to identify both the positive and negative occurrences. This is when the staff critiques the entire crisis event. Carefully examine all documentation. It is imperative to openly discuss exactly what happened. It gives all security professionals involved the opportunity to vent feelings and frustrations and gain the needed confidence to deal with future similar situations. Discuss what happened, why, and if it could have been prevented or handled more effectively. Such discussions must be managed in a positive manner. It is not a “fault finding mission” but, rather, a time to reflect positively on the actions taken and develop safeguards for future occurrences.

FOUR STAGES OF CRISIS BEHAVIOR When dealing with an individual who is either in crisis or whose behavior suggests a crisis is developing, the security professional must remain aware of the four stages of crisis behavior: 1. 2. 3. 4.

Prevention Escalation Crisis Postcrisis Resolution

The first stage, Prevention, is the early warning stage. In this stage, a person is not yet in crisis but is beginning to show anxiety. Anxiety may manifest itself in a variety of ways whether

physical or verbal. Physical signs might include pacing, fidgeting, or other repetitive motions. Verbal signs may include tonal or volume changes. The second stage, Escalation, will build on these physical and verbal signs. The individual will offer more resistance to the security professional’s requests, such as questioning/ arguing, stalling, or outright refusing to cooperate. Additional physical activity may occur, or the pacing, fidgeting, or other repetitive motions may become more extreme. Other verbal activity at this stage might include the individual talking or swearing to themselves, loud enough for the security professional (or any other available audience) to hear. The third stage, and the most dangerous for the disturbed individual as well as responding security personnel or bystanders, is the Crisis stage. Here, the individual is either actively threatening themselves or others, or acting aggressively toward themselves or others. The individual may swear at or verbally threaten violence against either themselves or others, or otherwise exhibit a loss of control. Worse, the individual may become physically resistant or aggressive. The security professional must bear in mind that physical aggression in these situations is not necessarily directed at the security professional; it will be at whomever the individual focuses their anger upon, including the individual themselves. In Crisis it is essential to secure the safety not just of the bystanders or the security professionals but also the individual. The fourth stage, Postcrisis Resolution, occurs once the situation has de-escalated, whether because the individual backed down or because security professionals applied the appropriate measures to secure the individual. In this stage, the individual often regains control of their behavior, and their energy/stress levels decrease. It is in this stage that the security professionals must be aware that they too must de-stress and de-escalate from the situation (Bradley, 2018).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

VERBAL AND PHYSICAL DISRUPTIVE BEHAVIOR

BEST PRACTICES GUIDELINE FOR THE SECURITY PROFESSIONAL While written policy and procedures vary from one organization to another, there are three basic guidelines that are applicable to most situations. • Remain calm—move a little slower and speak a little lower. Remember that “calmness is contagious,” and lead by example. • Act appropriately—be serious but human. • Be objective. Do not allow the subject to anger you or induce you to act inappropriately. Loss of composure will almost certainly exacerbate the situation. Remember that “when you lose your temper; someone else has control over you.” Don’t become complacent and take anything for granted. Always be alert. In terms of personal protection, the security professional should not position themselves directly in front of an agitated individual as this can be interpreted as a challenge. Instead, the security professional should stand just off to the side, at an angle; this is considered a nonthreatening position. The agitated individual should be addressed by name and treated with respect, even when such respect is not reciprocated. A minimum of 3 ft. of distance between security professional and subject should be maintained. This serves two purposes: first, it will preserve the individual’s personal space; and second, it will provide time to react if the individual begins to physically act out. Remember, the amount of personal space may vary according to the individual and the situation. For example, if the person is highly agitated, he or she may need more room and coming closer may intensify the crisis. By contrast, a troubled person may want to have other people closer; their presence may feel reassuring. Identify the amount of space needed to develop a calming effect. How to react, and how quickly to react, will depend on the nature of the disturbance and whether there is an immediate threat constituting

223

a safety hazard. If an immediate threat is not apparent, use the time to calm the subject and to continue evaluation of the situation. If an audience is present, move them or move the situation if feasible. Only people who could provide probable support should be allowed to remain in the area—not spectators. The presence of spectators can exacerbate a situation as the agitated individual may act or “perform” for the crowd. It is important to know how and why the situation started and always make sure help is available.

VERBAL AND PHYSICAL DISRUPTIVE BEHAVIOR When a person is verbally acting out, they may or may not be fully aware of what they are saying or doing. They may express anxiety or defensiveness, make demands or threats, or use abusive language. This is especially true when the subject is in insulin shock, having severe breathing difficulties (lack of oxygen to the brain), or has suffered a head injury. These individuals are not usually able to control their actions and may suffer memory loss. Subjects who are physically violent and require preventive measures can be easily identified by the security professional. Typically, they throw objects or use them as weapons, kick, or attempt to grab or strike other individuals. These physically out-of-control people may even try to barricade themselves in a room or a particular area. Security professionals need to be aware of the indistinct signs of physical acting out (violence). Certain signs are likely to precede more combative behavior. Watch for indicators, such as gritting teeth, closing and opening hands, the “thousand-yard stare,” blading their body, and tensing. Oftentimes, a person about to become physically assaultive will position themselves accordingly. These are strong indicators of a possible onset of physical aggression.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

224

21. CRISIS INTERVENTION

ACTIVE LISTENING Active listening is a process which enables the interviewer to more fully understand what a person is trying to say. There are four components of active listening. 1. Seek to understand before seeking to be understood: To understand what a person is saying; the security professional must listen. To listen is to remain quiet. To listen is not to be formulating a response while the other person is still speaking. There is nothing inappropriate about pausing for reflection before responding. With an agitated individual, this pause before speaking may help calm them as the security professional’s pause demonstrates that what the individual said is being considered. 2. Be nonjudgmental: If an issue is important to an individual, they have formed a judgment about that issue. When that issue is communicated to the security professional, that judgment is communicated as well. If a security professional shares their own judgment regarding an issue before fully receiving and understanding the issue from the agitated person, such a premature judgment may be interpreted by the agitated person that the security professional is not listening or does not care or have empathy. This perception may cause a situation to escalate. 3. Give your undivided attention to the speaker: Eye contact and body language are essential here. Eye contact with the speaker typically demonstrates that the security professional is paying attention (listening). Body language, such as hands clasped gently in front of the security professional, sometimes referred to as the “Father Murphy” pose, generally presents a nonverbal message of “openness.” The opposite of this might be standing with arms folded in front of the chest, which generally presents a nonverbal

message of “I’m closed to what you’re saying.” 4. Use silence effectively: If the security professional is talking, or interrupting, the agitated person will not be talking. If the agitated person is not talking, the security professional does not learn anything. If the agitated person is talking, they are likely focused more on what they are saying and less on committing an aggressive act. If the agitated person is not talking, they can focus much more intently on an escalation of their choice, be that an escape, an attack, or a diversion—this while the security professional is talking and now has divided attention between watching the agitated person and composing/delivering a thought. Silence joined with open body language and occasional nods or “uh huh”-type affirmation will often encourage the agitated person to continue speaking. This can not only help them to calm but also can buy time until support arrives (US Department of State, n.d.).

NONVERBAL COMMUNICATIONS Nonverbal communication deals with body language—a message that is conveyed to someone without words. Subtle or obvious body movements or gestures can provide clear indications as to what another person might be thinking. Only a small percentage—perhaps 7%–10%—of what is said is conveyed by the words that are spoken, whereas at least 85% of interpersonal communications are paraverbal or nonverbal. Individuals who are functioning under a stressful or emotional state of mind will often communicate even more useful information in a paraverbal or nonverbal manner. Nonverbal communication: Commonly referred to as body language. Includes eye contact, posture, facial expression and physical movements, such as crossed arms or open palms.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CONTROLLING DISRUPTIVE OR VIOLENT BEHAVIOR

Paraverbal: Also called “paralanguage,” refers not to what is said, but how it is said. The “how” includes volume, tone, pitch, inflection, and vocabulary (Author Unknown, 2016). Proxemics or personal space: The distance between two individuals can impact communication. In public, most individuals have a proxemic zone of approximately 1 ft. in any direction from the individual. This zone, if entered into by a complete stranger, is considered a violation and may provoke a reaction. If not a stranger, then the intimacy of the relationship between the individual and the other person dictates the size of the zone. For a conversation, the proxemic zone is between 4 and 12 ft., and for intimacy, the zone is 1½ feet or less. Kinesics: Refers to movement of the hand, arms, body, or face (Nayab, 2017). Field interview stance: A positioning of the body and extremities common to security and law enforcement professionals where the lower body (hips and feet) serves as a stable platform allowing the upper body (shoulders and arms) to engage in interviewing, defensive tactics, or shooting as the situation dictates. In a field interview stance, the security professional’s body is bladed at a 45-degree angle toward the person they are conversing with. Feet are approximately shoulder-width apart. Hands are located at/around waist level in a nonthreatening position (i.e., arms not crossed and fists not clenched). This stance allows the security professional to convey nonthreatening nonverbal messages while simultaneously permitting a rapid transition to an offensive or defensive positioning (Murgado, 2012).

CONTROLLING DISRUPTIVE OR VIOLENT BEHAVIOR There are a number of useful methods that can be applied to control violent or aggressive behavior, such as verbal communications, use of chemicals, physical force, or a combination of all three.

225

Verbally—Assume a neutral or field interview-type stance. Allow the individual to talk and listen to what they are saying. Do not argue or threaten. Acknowledge feelings and thoughts. This can be achieved without agreeing or disagreeing. Consider voice tone, volume, and rate when communicating verbally (paraverbals). Use the person’s name and maintain eye contact. It may be necessary to make the subject aware that his/her actions are inappropriate, and he/she will be held accountable for his/her actions and responsible for the outcome of the situation. Chemically—In most crisis situations that occur, the security professional seldom has the use of chemicals as a viable option. The decision to chemically control an individual can only be made by qualified medical or psychiatric personnel. Medications that could be used in these instances are generally depressants, such as Valium, Thorazine, or Haldol. There are other medications as well and the qualified medical professional will use what is felt to be most effective after evaluating the behavior of the individual. An additional chemical option may include the use of oleoresin capsicum (OC) spray, which is a cayenne pepper derivative that irritates the mucous membranes in the eyes and nose and causes an intense burning sensation when applied to the skin. OC spray often defuses an attacker as they focus on the burning sensation, temporary loss of visual acuity, and chest muscle contractions associated with the inhalation of the spray. Physically—Physical control techniques are used to prevent harm or injury to the individual or others in the immediate vicinity of the incident. Application of physical force should be considered only when a situation has escalated such that officer presence or verbal commands have failed or are inadequate. If an individual has to be restrained, nonviolent techniques are a logical choice. These techniques are intended for personal safety and self-defense and must be taught by a qualified instructor. The primary focus is to protect employees and clients from injury.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

226

21. CRISIS INTERVENTION

Other—Whether or not to use pepper spray or electronic control devices (tasers) is dependent on local laws/ordinances and organizational policy. Intensive training is a must before any consideration can be given to the use of these kinds of protective equipment.

TEAM INTERVENTION Team intervention is considered to be the best approach to be used during crisis development. Personnel should use the least restrictive method to control aggressive/disruptive individual(s). The objective, as in almost all volatile conditions that require security intervention, is to defuse the situation in a manner that reduces the risk of guilt, pain, or injury.

4. Team members can provide verification of actions and inactions. The verification can support a legal position in the event of complaints or litigation. The manner in which the team gets to the scene is vitally important. A mass convergence of staff will be perceived as a show of force and have an unsettling effect on the disruptive individual(s). Try to avoid the attraction of a crowd. Resource staff involved in deployment to the scene must receive pre-incident training and instruction in all facets of the intervention process, particularly methods of communications. Security professionals should carry two-way radios that facilitate effective communication with other team members.

Leadership in the Team Approach Positive Factors Resulting From Team Approach The team should consist of no more than five people, all of whom must be capable of dealing with a crisis situation. More than five members tends to lead to confusion and a lack of unit cohesiveness. When team action seems inevitable, reserve/resource members should remain out of sight, nearby, and ready. These are some of the advantages of the team approach: 1. Team members enjoy more personal safety and a feeling of security resulting from the presence of fellow officers or other support staff. Strength in Numbers. 2. Team members are able to maintain a professional profile because of the support and reliance that result from team member interactions. 3. Team members do not feel that the violence or unruly behavior is directed against them personally; rather it is directed at the team as a whole.

In any teamwork approach, someone must be the team leader. The team leader can be anyone who has special skills, training, or expertise that will lend strength and unity to the team; it does not necessarily have to be a supervisor. When the team leader arrives at the scene, he/she must be prepared to “take over.” Here are some additional points to consider when selecting a team leader. 1. The team leader is often the first person on the scene. They have the most insight on what has happened or is happening. 2. The leader should, ideally, be familiar with the acting out person or persons. 3. The leader must be familiar with personnel who occupy the facility or facilities that may be a target for a crisis. 4. The leader must be familiar with the physical layout of the facility. 5. The leader must be confident. When an incident occurs, and a team approach is called for, the team leader must take charge and ensure that the following measures/steps are taken as quickly and prudently as possible:

II. PRACTICAL AND OPERATIONAL APPLICATIONS

227

EMERGING TRENDS

1. Assess the situation and determine a course of action. 2. Formulate an action plan and execute as quickly and effectively as conditions allow. 3. Keep team members and management informed. Each team member must know his/her responsibilities. In the absence of an existing policy or procedure, the leader must improvise.

SAFETY CONSIDERATIONS IN CRISIS INTERVENTION The goal in any crisis situation is to neutralize the threat/risk while maintaining the safety and welfare of everyone involved. Mentally deranged or violent individuals will often resort to throwing objects or try to grab or strike the person they envision as a threat. Usually, this is the person in charge, most often the security professional. In these instances, being resourceful is important. Effective use of the cover and concealment may be necessary. Other protection can be established using whatever means are available, even a pillow, chair back cushions, or other readily available objects. A blanket or coat can be used to help restrain an individual while diverting their attention. Responding security professionals should note the location of any windows, doors, and furniture in the area. Tactical advantage is essential; security professionals should strive to keep their contact with the disturbed individual away from windows. Security professionals should avoid (where possible) positioning the disturbed individual between the security professional and the only access/ egress point. Effort should be made to keep the subject away from things that can be used as weapons: chairs, water pitcher, phone, glass, desk accessories, or any kind of blunt or sharp object.

EMERGING TRENDS Crisis intervention is increasingly important as society continues to change, age, and selfmedicate. Incidents involving security officers and law enforcement being “ambushed” have become more frequent, as have interactions involving persons who believe, for one reason or another, that rules, regulations or laws do not apply to them. With the aging of Baby Boomers into their 60s and 70s, there are far more of them than there are of younger generations; managing disruptive persons of advanced age will become more common. With the near-legalization or outright legalization of marijuana in many countries or states/provinces, combined with the far stronger/potent marijuana now available, security professionals will encounter more disturbed persons under the influence either of something the disturbed person intentionally took or those under the influence of what they thought was marijuana but was actually cut (combined) with something more dangerous. Opioid abuse, both legal (suboxone, methadone, and fentanyl) and illegal (methamphetamine and heroin) is on the rise in many countries. Security professionals will encounter more individuals taking these as well. There are also greater expectations for safe, efficient, and effective management of aggressive behavior. Security professionals at health care facilities, schools, treatment centers, and special events need to be particularly adept at handling a crisis. The 24  7 news cycle combined with YouTube guarantees that every millisecond of an incident will be recorded and potentially broadcast, whether as it actually happened or through selective editing. Security professionals must assume that everything they say and do will be recorded somewhere. As the security profession gains greater understanding about the adverse effects that a

II. PRACTICAL AND OPERATIONAL APPLICATIONS

228

21. CRISIS INTERVENTION

crisis and/or its subsequent intervention and resolution have on its participants, changes to how security professionals respond as well as how they are supported after a crisis will continue to occur. Posttraumatic stress disorder will be a concern. Critical incident stress debriefing is becoming an integral part of a crisis after-action process. The fact that security professionals resolved an incident to the employer’s satisfaction is no longer enough; employers must ensure that any physical or psychological effects are identified and addressed.

CONCLUSION Disruptive individuals can have a serious adverse effect on organizational operations. If such incidents are perceived as threatening by employees, it will reduce productivity, lower morale, and instill a sense of fear. The presence of a capable, confident security professional, willing and able to effectively communicate with employees, will have a stabilizing effect on the workplace. In a postcrisis intervention situation, the security professional may experience anger, fear, or frustration; this is a natural reaction that must be controlled. It is not uncommon for the officer to feel that he/she has been the victim. This can result from a real or perceived lack of management support during and after the crisis or being exposed to the crisis for a prolonged period of time. Resolving the crisis in an expeditious manner will reduce team frustration and apprehension. Security professionals must waste no time in committing thoughts to paper. By promptly composing a well-written report, the writer can vividly recall what exactly has happened. In some instances, discussing the matter with

other team members will help. Sometimes other team members will remember something that was forgotten in the heat of the moment. The security professional must write as to what they saw, heard, said, and/or did to the best of their ability. Where feasible, the security professional should have a team member or supervisor involved with the incident proofread their report. An incident report on a physical interaction with a disturbed person could reach a variety of audiences, from corporate counsel to senior management to law enforcement to prosecuting/defense attorneys. Above all, when crisis intervention is required, security professionals must always stay calm, be objective, and act appropriately. Let common sense prevail.

References Author Unknown. (2016). Communication in the real world: An introduction to communication studies. Minneapolis, MN: University of Minnesota Libraries Publishing. http:// dinus.ac.id/repository/docs/ajar/Communication-inthe-Real-World-An-Introduction-to-CommunicationStudies.pdf. Bradley, E., Drummond, C., Developmental Disabilities Primary Care Initiative (Eds.). (2018). Crisis prevention and management planning. Nashville, TN: Vanderbilt University—Vanderbilt Kennedy Center for Excellence in Developmental Disabilities. Available from: https:// vkc.mc.vanderbilt.edu/etoolkit/mental-and-behavioralhealth/crisis-prevention/. Murgado, A., One stance, three uses, Police Magazine—Law Enforcement News, Articles, Videos, Careers & Podcasts, Last modified October 24, 2012, https://www. policemag.com/340851/one-stance-three-uses?page=2. Nayab, N. (2017). Three different types of communication: Verbal, nonverbal & visual. Project management methods & ideologies. Bright Hub PM. https://www.brighthubpm.com/ methods-strategies/79297-comparing-various-forms-ofcommunication/. US Department of State. (n.d.). Active listening. Retrieved May 22, 2019, from https://2009-2017.state.gov/m/a/ os/65759.htm.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

A P P E N D I X

21A Mental Illness Takes Many Forms Michael J. Fagel INTRODUCTION My younger sister has dementia. She was 68 when it was detected, and her drinking issues sometimes go hand-in-hand with it. It was explained to me that maybe the person knows something is wrong but are not sure of what it is, or they are in denial. Because of the shortage of space, I chose to address only one issue of mental health, dementia, a disease which affects millions of men and woman.

SYMPTOMS OF DEMENTIA Dementia symptoms vary depending on the cause, but common signs and symptoms are as follows (Mayo Clinic, 2019):

Cognitive Changes • Memory loss, which is usually noticed by a spouse or someone else; it often goes along with a degree of lying, because the individual can’t answer questions correctly. • Difficulty in communicating or finding words. • Difficulty in reasoning or problem-solving, and problems in managing money. • Difficulty in handling complex tasks. • Difficulty in planning and organizing.

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00051-1

• Difficulty with visual and spatial abilities, such as getting lost while driving. • Difficulty with coordination and motor functions. • Confusion and disorientation.

Psychological Changes • • • • • • •

Personality changes Depression Anxiety Inappropriate behavior Paranoia Agitation Hallucinations

According to the Mayo Clinic, dementia develops in adults with damaged nerve cells in their brains. Many people with the most common cause of dementia, Alzheimer disease, display buildup of plaque in certain brain areas, which affects memory. The second most common type of dementia, vascular, is caused by damage to the blood supply. Both types of dementia impact the brain’s blood supply.

DEMENTIA SOLUTIONS—ASIDE FROM MEDICAL Regular physical exercise may help lower the risk of some types of dementia. Research has shown that exercise may directly benefit brain

229

# 2020 Elsevier Inc. All rights reserved.

230

APPENDIX 21A. MENTAL ILLNESS TAKES MANY FORMS

cells by increasing blood and oxygen flow to the brain. There are some solutions which may help someone who is suffering from dementia or other mental health issues, including the development of green space to help reduce depression. The following list is based on research from the Design Council in the UK (Toms, 2018) and WebMD (WebMD, 2018). 1. Areas for regular exercise, walking, or swimming. Exercise can be just as effective as antidepressant medication for mild and moderate depression. It can also reduce stress and anxiety and help alleviate some of the symptoms associated with attention deficit hyperactivity disorder (ADHD), dementia, and even schizophrenia. 2. Reduce dark corners or hidden spots and create natural surveillance or sight lines. 3. Reduce feeling unsafe or the fear of crime. 4. Maintain this green space and safe place to create a positive image. 5. Community activity is an important part of a mental health program. The Villages in Florida provides a variety of over 3000 activities (The Villages Community Development Districts, n.d.). 6. Good street lighting increases the perception of safety. 7. In landscape architecture, the built environment is understood to mean a human-made landscape, as distinguished from the natural environment; for example, a city park is a built environment (Wikipedia, 2003). 8. One study in Denmark has found that health benefits of bicycle commuting are far beyond the calories burned. Bike commuters also ate healthier diets and felt less stress at work, among other positive effects. If we could make biking transportation fully safe and

9. 10. 11. 12.

accessible in our cities, the health impacts would be immense (Cycling Embassy of Denmark, 2015). Eat healthy foods, such as fruits and whole grains, take vitamin D, and limit caffeine. Listen to soft music, get a pet, have therapeutic massages, and exercise. Utilize urban design using CPTED (crime prevention through environmental design) concepts. Assisted living, even though it may be hard for the individual to accept; his or her neurologist can help in this matter.

CONCLUSION It’s been a year, and my sister is doing fine in assisted living. One thing you must know is that it’s stressful for the caregiver beyond what you can imagine. My brother and my sister’s best girlfriend were in denial and felt she was “OK.” I told them three doctors have confirmed it. Seek help if necessary, get the best of doctors, and don’t worry.

References Cycling Embassy of Denmark. (2015, May 26). Cycling is healthier than you think. Retrieved from http://www. cycling-embassy.dk/2015/04/30/cycling-is-healthierthan-you-think/. Mayo Clinic. (2019, April 19). Dementia—Symptoms and causes. Retrieved from https://www.mayoclinic.org/ diseases-conditions/dementia/symptoms-causes/syc20352013. The Villages Community Development Districts. (n.d.). VCDD Rec News. Retrieved July 4, 2019, from https:// www.districtgov.org/departments/recreation/ recevents.aspx. Toms, R. (2018, April 24). Designing good mental health into cities: The next frontier for urban design. Retrieved from https://www.designcouncil.org.uk/news-opini on/designing-good-mental-health-cities-nextfrontierurban-design.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FURTHER READING

WebMD. (2018, March 20). Dementia treatments: Medication, therapy, diet, and exercise. Retrieved from https://www. webmd.com/alzheimers/dementia-treatmentsoverview#1. Wikipedia. (2003, May 11). Built environment. Retrieved from https://en.wikipedia.org/wiki/Built_environment.

231

Further Reading Fennelly, L. (2019). Handbook of loss prevention and crime prevention. Waltham, MA: Butterworth-Heinemann.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

22 Substance Abuse Jeremiah Daley, Francis J. Elliott, Terence M. Gibbs, Glen Kitteringham O U T L I N E Cannabis: Marijuana, Hashish, Hashish Oil Stimulants: Cocaine, Amphetamines, Crystal Meth, and Lookalikes Depressants: Alcohol, Barbiturates, Tranquilizers, Rohypnol Narcotics: Heroin, Dilaudid, Percodan, Oxycodone/Oxycontin Hallucinogens: LSD, PCP, DMT

Introduction

234

Impact on Business and Industry

234

Substance Abuse: What Is the Motivation?

236

How Problematic Behavior and Dependence Develop

236

How Is Substance Abuse Perpetuated?

237

Conditions Adversely Affecting the Workplace

238

Inhalants: Glue, Gasoline, and Erasing Fluid 248

How Must Industry Respond?

239

Protecting People and Assets

248

Drugs of Abuse, Paraphernalia, and Definitions

Emerging Trends

250

241

References

251

Indicators and Common Signs of Abuse

242

Further Reading

252

243 243 245 246 247

Signs and Symptoms: Controlled Substances 243

• Identify the risks that these behaviors pose for employees and the employer

CHAPTER OBJECTIVES • Provide an overview of the impact of various types of substance abuse • Elevate the protection officer’s awareness about substance abuse in the workplace

• Prepare security professionals to deal with substance abuse on the job and effectively communicate observations and information to supervisors

• Discuss psychoactive drugs and the behaviors resulting from their use and/or abuse

• Identify conditions that may point to a security risk or vulnerability

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00022-5

233

# 2020 Elsevier Inc. All rights reserved.

234

22. SUBSTANCE ABUSE

INTRODUCTION Today, we live and work in a society in which substance abuse is omnipresent. It is a major problem confronting Canada, the United States, and other countries around the world and is the leading cause of crime, health problems, and child abuse. According to the World Health Organization (WHO), the use of psychoactive substances around the world is estimated at 2 billion alcohol users, 1.3 billion smokers, and as of 2015, 255 million illicit drug users, up from 185 million several years prior. Substance abuse was estimated to be responsible for 12.4% of all annual deaths worldwide (WHO, 2019). Substance abuse adversely affects our schools and the education of our children; it divides and destroys families, significantly strains the economy of entire communities, and impairs competition in business and industry. Substance abuse is a threat to our society, negatively impacting public safety through crime, accident, disease, and other perils. It destroys the human will and denies dreams. Substance abuse does not discriminate. It favors no race, age group, intelligence level, social or economic status, or gender. It consumes anyone who dares to embrace its false promises of perpetual self-gratification and well-being. This chapter is aimed at elevating the protection officer’s awareness about substance abuse in the workplace, and about psychoactive drugs and the behaviors resulting from their use and/ or abuse. It identifies the risks these behaviors pose for employees and employers, and the methods available to prevent or confront these risks. As a security professional, you must be prepared to deal with substance abuse on the job and effectively communicate your observations and information to your supervisor. Because of your daily interaction with employees and others who visit your workplace, you must be able to recognize conditions that may point to a security risk or vulnerability.

For the purposes of this chapter, the phrase “substance abuse” refers to the use, usually self-administered, of any psychoactive drug in a manner that deviates from the approved legal, medical, or social patterns within a given culture. A drug is defined as “a chemical substance that alters the physical, behavioral, psychological, or emotional state of the user” (ASIS International, 2012, p. 305). A psychoactive drug is one which alters the structure or function of the brain. Psychoactive drugs alter mood, perception, or consciousness. Examples include nicotine, alcohol, marijuana, heroin, cocaine, amphetamines, and LSD. Because our focus is on drugs that directly affect performance and behavior on the job, nicotine will not be a focus of this chapter. However, it is important to note that nicotine consumption produces classic drug dependence characteristics. Along with marijuana, it is considered a gateway drug for those who ultimately use other dependence-producing drugs, such as heroin and cocaine. Finally, nicotine has been clearly identified as an insidious substance responsible for approximately six million deaths worldwide, mostly in developing countries (United Nations, 2017). WHO has called it the biggest “killer in the world.”

IMPACT ON BUSINESS AND INDUSTRY The National Institute on Drug Abuse (NIDA) reports that illicit drug use in the United States has been increasing, with an estimated 24.6 million Americans aged 12 or older having used an illicit drug in the past month (NIDA, 2015). In the United States, recent studies reveal that 75% of illicit drug users (Fischer, Halibozek, & Green, 2008) and 90% of alcoholics are employed in the workplace. Many of these employees are

II. PRACTICAL AND OPERATIONAL APPLICATIONS

IMPACT ON BUSINESS AND INDUSTRY

polydrug abusers. That is, they abuse more than one drug during their drug-taking behavior. Employees with alcohol and other drug problems represent 10%–20% of any given workforce. Within this workforce, the highest concentration of abusers is within the 18–25-year-old age group. A 2007 US Department of Health and Human Services study shows that 20% of workers age 18–25 use drugs on the job, while the rate for 27–34-year-olds is 10%, 35–49-year-olds is 7%, and 50–64-year-olds is 2.6% (Larson, Eyerman, Foster, & Gfroerer, 2007). The Canadian Centre for Occupational Health and Safety put the 2002 economic cost of substance abuse to the Canadian workplace at $39.8 billion (Canadian Center for Occupational Health & Safety, n.d.). The US government data suggest that the economic impact of illicit drug use, alcohol abuse, and prescription opioid abuse approaches $500 billion annually in costs related to crime, lost work productivity, and health care (NIDA, 2017). The annual cost for a single employee with a substance abuse problem is reported to be between 5% and 15% of a company’s health-care budget (Fischer et al., 2008). The European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) (2009) estimates that at least 100 million Europeans, or 32% of the population, have a lifetime prevalence for using such drugs as cannabis, cocaine, ecstasy, amphetamines, and opioids. It is reasonable to assume that their workforce is also directly impacted by substance abuse. Aside from the substance abuser population, there exist an unspecified number of employees who are codependent. These employees do not abuse drugs. However, they share a common thread. They are the spouses, children, and significant others who arrive for work each day preoccupied with the physical and emotional condition of their loved ones. These are some of the tangible costs generated in the workplace by substance-abusing employees as compared to nonabusing employees:

235

1. Decreased productivity—they are 25% less productive. 2. Accidents—they are three to four times more likely to have an accident on the job. A total of 50% of all accidents are attributable to substance abusers. In all, 40% of industrial accidents resulting in fatality are linked to alcohol consumption and alcoholism. 3. Absenteeism—they may be absent as much as 16 times more often (ASIS International, 2012, p. 308). Also, they are more likely to be away from their assigned locations during regular work hours. 4. Theft—they are responsible for 50%–80% of employee thefts. 5. Worker’s compensation—they are five times more likely to file a worker’s compensation claim (ASIS International, 2012, p. 308). 6. Health-care costs—they may use medical/ sickness benefits three times more often (ASIS International, 2012, p. 308). Family members of substance abusers generally have higherthan-average health-care claims (ASIS International, 2007, Ch. 8, Part II). Aside from the tangible costs of substance abuse, many hidden costs exist for which a dollar figure cannot be assigned, such as the following: • • • • • • •

Morale problems Intimidation of managers and employees Wasted supervisory time Overtime costs Grievance costs Training and replacement costs Decreased quality of products and services

To successfully address the adverse consequences of substance abuse in the workplace, we must elevate awareness and change existing attitudes and procedures that enable perpetuation of the problem. There is no single solution. The greatest success will come through the selection of various prevention and remedial components that complement a company’s philosophy

II. PRACTICAL AND OPERATIONAL APPLICATIONS

236

22. SUBSTANCE ABUSE

and culture. These components include policy development, training and education, employee assistance programs, the security function, and drug testing measures.

SUBSTANCE ABUSE: WHAT IS THE MOTIVATION? Time and again the question being asked is, “Why do people abuse drugs?” The reasons are usually complex. Early drug use, at any age, may be a result of peer pressure, low selfesteem, insecurity, boredom, or various other social, environmental, psychological, and biological factors that induce stress and anxiety. In all likelihood, some combination of these variables stimulates the initial use and abuse of psychoactive drugs. Initial use is usually reinforced as a result of (1) pleasant effects, (2) a perceived control over the drug, (3) peer acceptance and recognition, and (4) myth and misinformation. What we know is that drugs can quickly relieve unpleasant feelings. Mind-altering drugs quickly affect the pleasure centers of the brain so that the user who is feeling good feels better, and those feeling bad will feel good. The result is nearly immediate self-gratification, but it is only temporary. In reality, sooner or later, the user, and those close to the user always pay the price. Continued use of a psychoactive drug will most often result in problematic behavior such as drinking and driving, job jeopardy, or splitting with the family. Ultimately, repeated use can lead to physical and/or psychological dependence. As use continues, there are usually three anticipated outcomes: 1. Return to a drug-free lifestyle. 2. Continue to abuse drugs, avoiding dependence but exhibiting problematic behavior at work, home, or the community. 3. Continue to abuse drugs to the point of dependence and most likely death from his/ her disease.

How each substance abuser will land is unpredictable and is often guided by circumstances beyond anyone’s control.

HOW PROBLEMATIC BEHAVIOR AND DEPENDENCE DEVELOP Today, drug dependency is viewed as a disease with identifiable causes, signs, and symptoms. As such, in many jurisdictions, people with addiction issues are protected by human rights councils. Dependency follows a predictable course and outcome, and it is treatable. The disease of drug dependence can be: Primary—it is not simply the symptom of some other problem(s); it is in itself the problem. Contagious—it attracts others who are vulnerable. A family disease—it affects entire family, not just the individual abuser. Chronic—it is difficult to control, is quite often recurring, and although treatable, it is incurable. Fatal—it takes hundreds of thousands of lives annually. Drug dependence may be physical or psychological, and it represents an individual’s loss of control. Physical dependence occurs when a person cannot function normally without the repeated use of a drug. If drug use is abruptly discontinued, the person experiences severe physical and psychic disturbance, known as withdrawal. Psychological dependence provides a strong psychological desire to continue the self-administration of drugs for a sense of improved well-being. A great number of programs and treatment approaches exist for the treatment of drug dependencies. What we do know about these various programs is that no single approach or program is effective for every drugdependent person. We also know that there are not enough of these programs to meet the needs of the afflicted. According to the US government, the cost offset is tremendous. For

II. PRACTICAL AND OPERATIONAL APPLICATIONS

HOW IS SUBSTANCE ABUSE PERPETUATED?

every $1.00 spent on treatment, $7.00 is saved on crime and criminal justice costs. When factoring in health-care savings, a total of $12.00 is saved (US Department of Health and Human Services, 2009). While the cost-benefit analysis demonstrates the value of specialized treatment programs, the National Institute on Drug Abuse (NIDA) has identified a “treatment gap” in the United States. It notes that in 2013 there were an estimated 22.7 million Americans in need of treatment for a drug- or alcohol-related problem but only about 2.5 million of them (0.9%) received specialized treatment (NIDA, 2015, p. 6). Despite the various programs and models that have been made available, we are aware that recidivism rates are high. So, for all that is known, the experts still have much to learn and they continue to do so each day. There is, nevertheless, a solid body of evidence pertaining to the stages of dependency and associated behaviors which the protection officer should know. An understanding of the process is critical to prevention and rehabilitation efforts. Drug dependence follows a predictable course of action which, most often, begins with experimentation. This may be the result of curiosity, peer pressure, or a variety of other variables or combination of variables. Everyone is susceptible to the abuse of drugs and some more so than others due to a host of social, environmental, psychological, and biological issues or, in some cases, it is heredity. What is significant is that each incidence of use makes the user more susceptible to continued use, up to and including dependence. Further, the earlier drug use begins, the more likely it is to progress to abuse and dependence. Another facet of dependence is recovery. The individual user has a greater opportunity for a full recovery if treatment begins before dependence sets in. The longer one uses a drug, the more complex the physical and psychological symptoms become. As a result, recovery for the dependent person, or daily user, is a greater

237

challenge in most instances than recovery from occasional use or experimentation. Therefore, early intervention is paramount. Whether an intervention occurs at home, work, school, or in the community, it is certain that the earlier the intervention takes place the greater the opportunity is for recovery.

HOW IS SUBSTANCE ABUSE PERPETUATED? There are essentially five reasons why substance abuse continues to be a problem in the workplace. 1. 2. 3. 4. 5.

Denial Mixed messages The “harmless” theory Drug use is controllable by the user The problem is viewed as controllable through attrition

Denial provides the biggest single roadblock to successfully addressing the problem of substance abuse in society or the workplace. Parents, teachers, husbands, wives, managers, and users themselves all tend to deny the problem exists, even in light of hard evidence. Some familiar phrases illustrate the point: “Not my kid.” “What is wrong with a few drinks?” “Not in my company.” “Not Joe—he’s just a goodnatured guy.” “It must have been entrapment.” Mixed messages are heard daily and are confusing to the layperson. Some insist that the use of certain drugs for “recreational” purpose is harmless. Others say that the same drugs contribute to many individual, social, and occupational ills. For instance, some marijuana advocates say this drug is harmless and does not interfere with one’s work. Others claim the drug has a negative impact on education, motivation, and the ability to remember and perform complex or new tasks. Hence, marijuana use may contribute to industrial accidents. That marijuana is becoming increasingly accepted

II. PRACTICAL AND OPERATIONAL APPLICATIONS

238

22. SUBSTANCE ABUSE

in society, as evidenced by the decriminalization, if not outright legalization, in many jurisdictions only magnifies this problem. The “harmless” theory contends that the use of drugs such as marijuana, cocaine, and alcohol is considered by many to be an innocuous activity, on or off the job. In fact, some forces are aggressively moving to legalize all psychoactive drugs. In reality, no drug can ever be considered harmless. Any drug is harmful when taken in excess, even aspirin and, of course, alcohol. Certain drugs can be harmful when taken in dangerous combinations, such as barbiturates and alcohol. Some drugs, like overthe-counter (OTC) medications, can be harmful in therapeutic doses if alertness is diminished or drowsiness results. Finally, certain drugs taken by hypersensitive people can be lethal—for example, penicillin. Given the potential harmfulness of some legal, prescription, and OTC drugs, one must realize the increased potential for harm, impairment, and death posed by illegal street drugs, whose composition is never truly known. Controllable use is some people’s belief that drug use can be “recreational,” provided one controls his/her intake of a given psychoactive drug. However, this arrangement is academic because even so-called social, “recreational,” or “controlled use” of psychoactive drugs on the job often leads to impairment, which in turn leads to diminished performance, accidents, and other adverse consequences. Everyone pays a price for one’s drug use. Some pay earlier than others, and all too often innocent people suffer first. Attrition in industry is often seen as a solution to the drug problem. Unfortunately, tomorrow’s workforce is intimately involved with drugs today. Consider the following: In 1975, 55% of high-school-aged children had tried illicit drugs. This increased to 66% by 1981. In 2008 the rate of abuse in the United States for 12–17-year-olds is 47% (D.A.R.E., 2008, p. 8). Similar statistics from the United Kingdom for 16–24-year-olds were reported in

the Annual 2002/2003 British Crime Survey. Those who tried illicit drugs in this age category at least once were reported at 47% (Condon & Smith, 2003). The data clearly show that tomorrow’s workforce is intimately involved with the use and abuse of alcohol and other drugs today. It is evident that business and government will constantly be confronted with a new generation of young people predisposed to tolerating the use and abuse of psychoactive drugs. For this reason, the business community must gather its resources to establish sound drug-free workplace programs that will meet this challenge.

CONDITIONS ADVERSELY AFFECTING THE WORKPLACE As substance abusers arrive for work each day, they generally fit into one or more of these categories that present threatening conditions for employees and their employer: 1. Appear for work under the influence of drugs and will be openly and obviously impaired, or intoxicated and unfit for duty. 2. Possess and use drugs on the job. Although they are impaired, it may not be readily evident. 3. Sell or otherwise distribute or transfer illegal drugs or legal drugs illegally, while on the job. 4. Display impairment due to the residual effects of drugs taken hours or even days prior to coming to work. These effects may include emotional outbursts, personality changes, irritability, combativeness, memory problems, and the inability to complete assignments. 5. Have codependent loved ones working at jobs where they too will be less productive. Keeping in mind that the protection officer is not a diagnostician, recognizing impairment due to sustained low dosages and residual

II. PRACTICAL AND OPERATIONAL APPLICATIONS

HOW MUST INDUSTRY RESPOND?

effects, or codependence, will be unlikely unless he/she is informed of this by a third party. If third-party information is received, then the protection officer should bring this information to his/her supervisors immediately. These conditions are best left to supervisors and managers who can evaluate these issues as a matter of job performance and make the necessary referrals, or take disciplinary action when performance is deteriorating. However, the protection officer should be alert for the outward signs of drug possession, use, and distribution, which are often overlooked by the layperson. These signs include the following: 1. Observation of drugs and/or drug paraphernalia in the workplace. 2. Observation of suspicious activity, especially in secluded areas of the facility or parking lots. Whenever protection officers observe suspicious activity, they should immediately contact supervision and request backup before approaching. However, immediate action may be necessary if a threat to personal safety exists. 3. Chemical odors not typically or routinely present in the workplace. 4. Observation of abnormal behavior, including signs of intoxication. Keep in mind that not all abnormal behavior is an indication of substance abuse. Some employees may have legitimate medical problems that can result in behavior similar to intoxication. Regardless of the cause, immediate action is required to protect the employee, coworkers, and the company’s property and interest.

HOW MUST INDUSTRY RESPOND? The workplace plays an integral part in the fight against substance abuse. When continued employment is conditional upon being drug-free, then employment becomes a powerful incentive in support of a drug-free workplace. When a company demonstrates a commitment to a

239

comprehensive program in support of a drugfree workplace, then the opportunity to affect attitudes, behavior, and the lifestyles of employees is significant. Through the influence of these programs, employees are likely to make healthier choices. Employees who are educated and committed to a drug-free lifestyle convey this attitude to their families and friends. In effect, the employees not only serve to reduce substance abuse at work but they also serve to improve the health of their families and communities. Historically, “private enterprise has pioneered most of the programs in drug detection, rehabilitation, and prevention” (Fischer et al., 2008, p. 357). To respond effectively, a multidimensional approach is necessary. A company should consider five components in the development of a comprehensive drug-free workplace program: 1. 2. 3. 4. 5.

Policy development and implementation Training and education Employee assistance Drug testing Security measures

A company policy is the first step on which to build an effective drug-free workplace program. It must clearly state the company’s purpose: what will and will not be tolerated, how the company will respond to violations, and what training and treatment support is available. It should also describe the company’s drug testing policy if it chooses to conduct these tests. Training and education should be provided at all levels of employment, especially supervisors and managers, for they represent a company’s first line of defense. Training and education should focus on a review of the company’s policy and ensure a clear understanding of the nature and scope of substance abuse and the required action to prevent it, and, as necessary, the appropriate response to address the problem. Employee assistance programs (EAPs) are most often a resource offered by large companies. However, more and more small-sized companies are forming consortiums, thereby making the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

240

22. SUBSTANCE ABUSE

availability of EAP services cost-effective. An EAP may be an in-house function or contracted out through an independent service. These programs assist employees and their families in addressing a wide range of personal problems, including substance abuse. In addition, they offer training programs, consult on matters pertaining to troubled employees, assess employee problems, make referrals for treatment and counseling, and in some instances, oversee drug testing programs. Current data reveals that each dollar invested in an EAP can save a company $5.00–16.00 in the long run. Where an EAP is not available, a company may provide insurance coverage that will allow an employee to obtain professional services. As in the case of EAPs, drug testing programs have traditionally been employed by large companies. One of the restrictive factors for a small company is, of course, cost. As with EAPs, smaller companies are banding together to form consortiums to make drug testing more costeffective. This momentum for testing is being pushed: • By legislation that all workers in safetysensitive positions are subject to mandatory testing. • By insurance companies who threaten to increase rates if drug testing is not carried out. • By the resurgence of background checks, partly precipitated by the events of September 11, 2001 (Gips, 2006, p. 54) The purpose of drug testing is to deter substance abuse, prevent the hiring of substance abusers, and provide for the early identification and referral to treatment of employees with a substance abuse problem. Several types of testing can be performed by a company, depending on its needs and collective bargaining or legal restrictions. These include preemployment, postaccident, follow-up to treatment or counseling, reasonable suspicion, and random. Urinalysis has been the predominant

method used to test for the presence of controlled substances. However, other testing methods being evaluated and/or used include blood, hair, pupillometry, and saliva. Each of the components discussed above plays an integral part in a drug-free workplace strategy. However, these components cannot address all situations. Sometimes a security response is required. This is true when reckless and wanton behavior places the safety of employees and the interest of the company at great risk. Protection officers should clearly understand why and when the security response is necessary. There is a small percentage of substance abusing employees, perhaps 4%–10%, who will not accept or benefit from an offer of assistance in the way of treatment or counseling. These individuals include drug dealers who may or may not use drugs on the job and users who are not interested in or ready for recovery because they are in denial. Employees who deal with drugs are engaged in criminal activity that cannot be tolerated. They make available the supply of substances on which troubled employees depend and they establish new opportunities for other types of criminal activity such as gambling, prostitution, and theft. A survey conducted with substance abusing employees revealed that 44% had sold drugs on the job. They sell their drugs in bathrooms, parking lots, vehicles, and secluded areas. In some cases, major drug trafficking organizations have directed dealers to secure jobs in industry and to develop a clientele. Why? Because (1) there is low police visibility, (2) security forces are well known and predictable, and (3) there is a ready pool of potential clientele. These types of employees create morale and safety problems and, in many cases, create a great deal of intimidation for employees and managers alike. Theft is a major problem for both employers and employees. Employees who use drugs on or off the job need to support that use. In many cases the cost of drugs is very high, thousands

II. PRACTICAL AND OPERATIONAL APPLICATIONS

DRUGS OF ABUSE, PARAPHERNALIA, AND DEFINITIONS

of dollars a month. To support this need, these employees may engage in the theft of assets, such as equipment, money, and trade secrets, as well as valuables belonging to other employees. To effectively address the activities of drug dealers on premises, a company’s security department or its independent contractor will need to conduct a complete and thorough investigation. Investigative practices and techniques that may be used, depending on the specific activity being addressed, include employee interviews, undercover operations, covert surveillance, and searches of workspaces, desks, lockers, and vehicles, etc. Drug-detection dogs and reliable chemical processes may assist in the search operation. Extreme care must be taken to ensure compliance with civil and criminal law, as well as labor and contractual constraints. Interviews are conducted for the purpose of gathering information that can be developed into actionable intelligence, such as policy changes or the selection of a subsequent investigative technique. Employees quite often possess critical information, but may not recognize its significance unless and until questioned by a competent investigator. An undercover operation is a specialized investigative technique conducted for the purpose of covertly infiltrating a workforce in order to identify violations of company policies or law. These operations are usually initiated when there is a reasonable belief that drug dealing is taking place, but the source and the extent are unknown. Even if a source has been identified, in many instances an undercover operation may be necessary to gather the evidence required for disciplinary or legal action. Covert surveillance or hidden cameras are used when the activity in question is confined to an individual or specific location. A surveillance camera can be covertly placed in a ceiling, wall, clock or other appliance, the range of fixtures being limited only by one’s imagination. The greatest advantage of the

241

hidden camera is a visual record of the event and those involved that is difficult to dispute. The act of searching a work area or entire workplace is not a common practice in most industries. When a search is performed it may be augmented by the use of drug-detection dogs or chemical analysis. Some employers reject searches using dogs, based on the perceived negative impact this would have on employee morale. However, these searches can and do detect the presence of certain controlled substances. Once illicit drugs are detected, a host of questions is raised regarding what legal or disciplinary action may be warranted. The action to be taken must be determined on a case-by-case basis, established on an analysis of the particular facts of the case and conclusions derived. A search augmented by chemical analysis is less intrusive and much more discreet. This investigative process involves sweeping an area and analyzing the contents for the presence of a controlled substance. The chemical analysis is, however, restricted to the identification of a limited number of drugs. The same legal, contractual, and labor-relations issues apply, as mentioned above.

DRUGS OF ABUSE, PARAPHERNALIA, AND DEFINITIONS Although there are many drugs that will fall within the psychoactive classification, it is important that protection officers have an awareness of those that are most prevalent in the workplace. The following are in order of significance: 1. 2. 3. 4. 5. 6. 7.

Alcohol Cannabis Stimulants Depressants (other than alcohol) Narcotics Hallucinogens Inhalants

II. PRACTICAL AND OPERATIONAL APPLICATIONS

242

22. SUBSTANCE ABUSE

To facilitate a review of the most popular drugs of abuse within each class, a controlled substance chart is provided that identifies specific drugs, trade or other names, medical uses if any, their potential for producing dependence and tolerance, duration of effects, routes of administration, and possible effects of abuse, overdose, and withdrawal. Before continuing, it will be helpful to review the following definitions: Tolerance: Refers to a state in which the body’s tissue cells become accustomed to the presence of a drug at a given dosage and eventually fail to respond to this ordinarily effective dosage. Hence, increasingly larger dosages are necessary to produce the desired effect. Physical dependence: Often referred to as addiction, this occurs when a person cannot function normally without the repeated use of a drug. If the drug is withdrawn, the person has mild to severe physical and psychic disturbance, known as withdrawal. Withdrawal: This is characterized by symptoms that occur after drug use is abruptly discontinued. Symptoms may be mild or severe and include seizures, restlessness, irritability, nausea, depression, and more. In some cases, as with alcohol and other depressants, withdrawal can be life-threatening. Psychological dependence: This is the result of repeated consumption of a drug that produces psychological but not physical dependence. Psychological dependence produces a strong desire to continue taking drugs for the sense of improved well-being, but the body is not physically dependent on the drug. Psychological dependence is the most difficult to treat. Potentiation: This is the concurrent use of two or more drugs that results in a synergistic effect, that is, one that is greater than the sum of the effects of the individual drugs when taken alone. An example of this is the concurrent use of barbiturates and alcohol. Potentiation can result in unexpected lethal overdose.

Lookalike drugs: Drugs (tablets, capsules, and powders) that are manufactured to closely resemble the appearance of well-known, generic or brand-name drugs, such as Dexedrine (“Dexies”), and Biphetamine (“Black Beauties”). They generally contain drugs found in OTC medications, but usually in larger amounts to provide greater potency. A word of CAUTION: You should never taste, smell, or directly touch an unknown substance. IT COULD BE HAZARDOUS TO YOUR HEALTH!

INDICATORS AND COMMON SIGNS OF ABUSE There are various indicators that suggest or positively identify drug involvement in any environment, including the following: • Presence of a drug and/or drug paraphernalia • Physical signs (needle marks and dilated pupils) • Behavioral cues (slurred speech, irritability, and personality changes) • Analytical tests (saliva, urine, blood, and hair) There are many signs of substance abuse that can be recognized and identified by the protection officer. However, keep in mind that some people have legitimate reasons for possessing a syringe and needle (e.g., insulin-dependent diabetics), or having capsules and tablets (valid prescriptions). Having the sniffles, watery eyes and/or runny nose may be due to a head cold or allergy and not cocaine use. Unusual and odd behavior may not be connected in any way with drug use. For these reasons, protection officers cannot and should not view themselves as diagnosticians. The protection officer’s role is to observe and promptly report suspicious conduct or behavior through one’s chain of command to the designated

II. PRACTICAL AND OPERATIONAL APPLICATIONS

SIGNS AND SYMPTOMS: CONTROLLED SUBSTANCES

management entity charged with investigating these matters. In this way, efficient and effective management decisions can be made to thoroughly and completely examine each incident and follow through accordingly to ensure a just and proper outcome.

SIGNS AND SYMPTOMS: CONTROLLED SUBSTANCES The following are specific characteristics attributable to each drug class:

Cannabis: Marijuana, Hashish, Hashish Oil 1. Initially, the person may appear animated with rapid loud talking and bursts of laughter. In later stages, he/she may be sleepy. 2. Pupils may be dilated and the eyes bloodshot. 3. Use of drugs results in distortion of depth and time perception, making driving or the operation of machinery hazardous. 4. Smokers may be impaired for as long as 24 h following intoxication, or only 1–2 h. 5. Short-term memory is impaired. 6. Long-term use of marijuana is associated with mental deterioration in some users and presents a significant health risk to adolescents, the unborn, diabetics, the emotionally disturbed, and those with respiratory problems. Marijuana is the most commonly used illicit drug in the workplace because it is easily concealed, and its use can be accomplished quickly. This drug is often a brown, herbaceous substance, but may be shades of brown, red, green, or yellow depending on its origins. Marijuana is smoked as a “joint” (cigarette) or through various types of pipes. When the joint is reduced to a butt and can no longer be held with the fingers, it is referred to as a “roach” and held with a “roach clip” (alligator clips) for continued

243

smoking. Another method used to smoke marijuana is to hollow out a cigar and refill it with marijuana. Called a “blunt,” this preparation draws its name from the original style of cigar used for that purpose, the “Phillies Blunt.” Marijuana may also be taken orally when used in the preparation of food or drink. However, smoking is the preferred route of administration. Cost is based in large degree on availability and/or its potency, which is determined by the concentration of the psychoactive chemical THC (Delta 9 Tetrahydrocannabinol). It is often packaged in clear plastic baggies, but any type of container may be used. Marijuana users attempt to avoid detection on the job by smoking small amounts of marijuana, called “sustained low dosages,” throughout the workday. This enables the user to avoid intoxication and therefore detection because the euphoria or impairment is not outwardly obvious. The user experiences mild effects along with a level of impairment that can adversely affect one’s fitness for duty and safety on the job. Hashish and hashish oil contain concentrated levels of THC, which result in increased potency over marijuana. These forms of cannabis are generally not consumed at work because of the preparation required, but they are readily distributed.

Stimulants: Cocaine, Amphetamines, Crystal Meth, and Lookalikes 1. The user may be excessively active, irritable, argumentative, nervous, or restless. 2. The user generally shows signs of excitation, euphoria, talkativeness, and hyperactivity. 3. May perform the same tasks repeatedly. 4. Dilated pupils and dry mouth are common. 5. Regular users can go long periods without sleeping or eating. This can result in fatigue, depression, and weight loss. 6. Long-term heavy use can produce delusions, psychosis, paranoia, or death.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

244

22. SUBSTANCE ABUSE

7. Specific to cocaine—the user may exhibit runny nose, sniffles, watery eyes (symptoms similar to the common cold), and ulcerations of the nasal passage. 8. Paraphernalia consists of razor blades and mirrors for chopping cocaine into fine particles. Straws and small spoons are then used for snorting. Cocaine is a powerfully addictive drug produced by chemically processing the leaves of the coca plant, indigenous to South America. Cocaine is usually a white, crystalline substance that looks like snow. When processed into “crack,” it takes the form of solid matter and resembles small rocks or pebbles. Various containers are used to conceal or store the drug, such as tin foil, paper, and small glass vials. Cocaine is taken by various routes of administration, including snorting (the most popular route), injection, and smoked as crack. On-thejob use is usually confined to snorting, which can be accomplished quickly and surreptitiously. Cocaine can be snorted with the use of a coke spoon, a straw, the corner of a matchbook cover, or the tip of a long fingernail. When using a straw, which might be a rolled-up piece of currency, the user arranges the powder into lines and inhales it. This is referred to as “snorting a line.” In addition, there is paraphernalia available today that is disguised as common sinus inhalers and used to dupe unsuspecting employers into believing the user is treating an allergy. In some cases, employees have been sent home on sick leave to address their symptoms! Although traces of cocaine remain in the body for up to a week, its mind-altering effects, which users seek, last only 15–30 min. This is important because following this brief drugged state, the user experiences varying degrees of depression, exhaustion, and dullness due to chemical disturbances in the brain that reinforce readministration of the drug. This may lead to continued or compulsive use and quite often to new routes of administration to achieve a more potent effect.

The high cost is a powerful force that can lead to theft, drug dealing, and other criminal activity in the workplace. Amphetamines are produced by both legitimate pharmaceutical companies for medical purposes and clandestine laboratory operators (drug traffickers) in makeshift laboratories located in bathrooms or garages, or in elaborate facilities such as workplace laboratories. Their effects are similar to cocaine with one important exception: They last for hours rather than minutes. When these drugs are used for nonmedical reasons, they are commonly obtained through (1) pharmacy theft, (2) clandestine manufacturers, or (3) unscrupulous doctors who write illegal prescriptions for monetary gain, the last being known in law-enforcement parlance as “pill mills” (US News & World Report, 2019). Some of the more popular amphetamines are methamphetamine (Methedrine, Desoxyn, Crystal Meth, and “Speed”), dextroamphetamine-amphetamine (Adderall, Biphetamine, and “Black Beauties”), Dexedrine (dextroamphetamine sulfate, “Dexies”), and amphetamine sulfate (Benzedrine, “Pink Hearts”). Ritalin (methylphenidate HCL) and Preludin (phenmetrazine) are also popular. Amphetamines are taken orally as tablets or capsules that vary in color, shape, and size. Some, like methamphetamine or methcathinone (CAT), are available in powder form and are injected, snorted, or taken orally. In addition to the drugs listed earlier, a whole new class of substances referred to as “lookalike” drugs has become problematic. Initially utilized by truck drivers and students, these substances have now infiltrated the workplace and are taking their toll. They can be distributed legally and consist of capsules, tablets, and powders that contain legal, OTC stimulants such as caffeine and ephedrine. They are marketed as “stay awake” and “stay alert” drugs. However, their use can cause irritability and fatigue that in turn have contributed to morale problems within the workforce.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

SIGNS AND SYMPTOMS: CONTROLLED SUBSTANCES

The use of stimulants, often referred to as “uppers” or “speed,” on the job poses three serious problems. First, being under the influence of these drugs gives one a false sense that one is capable of achieving any task or conquering any challenge. In this condition, employees may use poor judgment or attempt tasks that are beyond their training and knowledge, resulting in wasted time, safety infractions, and accidents causing property damage and personal injury. Second, in a stimulated, talkative, and hyperactive condition, users often disrupt coworkers, thereby creating employee morale problems. Finally, stimulant users tend to repeat tasks. This reduces productivity and quality control and can affect morale in an environment dependent on a team effort. Note: Many precursor chemicals necessary to manufacture illegal drugs are legitimately used in private industry. To avoid the theft of these chemicals by drug traffickers, a company should establish safeguards. Also, the workplace has been used to manufacture illegal drugs. This not only creates an image problem but also a safety problem because many of the necessary precursor chemicals are highly flammable and/ or explosive.

Depressants: Alcohol, Barbiturates, Tranquilizers, Rohypnol 1. With the exception of alcohol, users exhibit no breath odor 2. Staggering, stumbling, or decreased reaction time 3. Falling asleep while at work 4. Slurred speech 5. Constricted pupils 6. Difficulty concentrating and impaired thinking 7. Limited attention span These drugs, with the exception of alcohol, are produced and obtained in the same manner as amphetamines.

245

The most commonly abused drugs in this group, aside from alcohol, are the barbiturates, such as Secondal (“Red Devils”), Tuinal (“Rainbows” or “Double Trouble”), and Nembutal (“Yellow Jackets”), and the benzodiazepines, such as Valium, Xanax, and Librium. Another popular drug in this classification is Rohypnol (“Roofies”). The depressants possess two important characteristics that bear mentioning. First, they are potentiating when combined with certain other drugs. Second, withdrawal from depressants can be life-threatening, and should always be done under medically supervised conditions. Valium, Xanax, and Librium are the most widely prescribed and abused anxiolytics, being in the benzodiazepine class of drugs. They are also potentiating when combined with alcohol, barbiturates, or similar drugs. “Lookalike” substances containing antihistamines and analgesics like acetaminophen are also available in the same manner as stimulants. Rohypnol is a well-known fad drug of the 1990s and has become increasingly popular with young people. Also a member of the benzodiazepine class of drugs, it has Valium-like effects and is known on the street as “Roofies.” It has never been approved for medical use in the United States by the Food and Drug Administration (US Drug Enforcement Administration [DEA], n.d.). Depressants are taken orally, and no specific form of packaging is outstanding. The use of depressants diminishes alertness and impairs judgment, making the operation of machinery difficult and dangerous. Manipulative skills and coordination are also affected. This type of impairment can lead to accidents and poor-quality control, as well as diminished work performance. Depressants are frequently referred to as dry alcohol, and alcoholics routinely substitute these drugs for alcohol during the workday in order to avoid detection from alcohol’s odor.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

246

22. SUBSTANCE ABUSE

Narcotics: Heroin, Dilaudid, Percodan, Oxycodone/Oxycontin 1. Scars (tracks) on the arms or on the backs of the hands, caused by repeated injections. 2. Pupils constricted and fixed. 3. Scratches oneself frequently. 4. Loss of appetite. 5. May have sniffles, red, watering eyes, and a cough that disappears when the user gets a “fix” (injection). 6. The user often leaves paraphernalia such as syringes, bent spoons, cotton balls, needles, metal bottle caps, eye droppers, and glassine bags (made with wax-like paper) in lockers or desk drawers. They may also be discarded in stairwells, remote areas of a parking lot, or a secluded location within the workplace. 7. Users, when under the influence, may appear lethargic, drowsy, and may go on the “nod” (i.e., an alternating cycle of dozing and awakening). Natural narcotics (opium, morphine, and codeine) are a product of the opium poppy, which is cultivated for the purpose of extracting these powerful drugs for medical use. In addition, semisynthetics like heroin and Dilaudid, and synthetics like Demerol, Percodan, and fentanyl, are popular. Narcotics are usually available in tablet, capsule, or powder form, and can be injected, smoked, snorted, or taken orally. In addition, capsules may be used to conceal heroin in powder form to produce a legitimate appearance. Heroin is generally packaged much like cocaine in tin foil, paper, balloons, baggies, and vials. Heroin is usually white, brown, or black (“black tar”), or in shades of these colors. Synthetic and semisynthetic tablets and capsules appear in various colors, shapes, and sizes. Misuse and abuse of prescription drugs, particularly opioids, has resulted in a tragic and severe crisis in the United States and elsewhere. “Opioids” is a term for drugs that bind to opioid receptors in the body. They include everything

from heroin and fentanyl to prescription pills like oxycodone (OxyContin), hydrocodone (Vicodin), codeine and morphine (ONDCP) (Truth Initiative, n.d.). Increasingly, the term is used interchangeably with the term “opiates,” which technically refers to those drugs derived from opium, a naturally-occurring substance derived from opium poppies; however, opioids include synthetically produced chemicals that mimic the effects of opiates in the human brain. Commonly prescribed for persons with acute pain following surgery or dental procedures, or sometimes for chronic pain associated with back injuries and cancer, the misuse and abuse of opioid prescription pills are most often the initial routes toward an opioid addiction. Because the human body develops a “tolerance” to opioids, a user may increase the amount he/she takes to get the same effect. As tolerance grows, and doses increase, a person may develop a “dependence” on opioids, and if the individual were to suddenly stop taking an opioid, they would go into “withdrawal,” often described as being “dope sick.” While not fatal, withdrawal symptoms are described as feeling 10 times worse than having a bad case of the flu and include cramping, sweats, diarrhea, and nausea. When a person misusing or abusing prescription opioids can no longer obtain them due to a doctor refusing to write a new prescription, cost or some other factor, an opioid-dependent person will likely seek out nonprescription opioids like heroin. Heroin is a semisynthetic opioid, eight times as strong in its effect as morphine, which was first formulated in the mid-19th century for medical use but is now illegal in virtually every country because of its addictive properties and sometimes deadly effects. While most of the world’s heroin is produced from opium from South Asia, virtually all heroin in America comes from Mexico and South America. While the forms of heroin vary, from an off-white powder to a blackish-brown, tar-like substance, all have similar properties.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

SIGNS AND SYMPTOMS: CONTROLLED SUBSTANCES

Increasingly, heroin is being mixed with a fully-synthetic substance named fentanyl, which is about 50 times as powerful as heroin. In clinical settings, fentanyl is used for surgical and postsurgical pain control. However, clandestinely produced fentanyl, coming from rogue chemical labs in China and Mexico, is now being combined with heroin—or substituted for it altogether—to increase the potency and lower the cost of production, thus increasing a trafficker’s profits. However, it poses a significantly increased risk of overdose to those using it. There are multiple “analogues” of fentanyl as well, making it difficult to detect. Usually found in a fine, white powder form, clandestinely produced fentanyl is particularly dangerous to public safety personnel, as it can be accidentally inhaled, absorbed through the skin, or swallowed if proper personal protective equipment is not used when it is encountered. Opioids are a central nervous system (CNS) depressant (a chemical that slows the body’s metabolism) and an analgesic (suppresses pain). A person experiencing the effects of opioid overdose will likely have slowed or shallow breathing, a weak and lowered heart rate, and signs of anoxia (a lack of oxygen in the body) that include blue or purplish skin tone, particularly around the lips and under fingernails. They will likely be unresponsive or unconscious and may sound like they are snoring. An opioid overdose is a medical emergency which requires an immediate response, but usually can be reversed with the administration of naloxone—an opioid antagonist or “antidote”—that is now available in several forms, including a nasal spray, for public safety and citizen administration. Rescue breathing and CPR may also be required in severe cases. Regardless, 9-1-1 should be contacted to have EMS respond and assess an overdose victim. CDC reported that in 2016 alone, about 50,000 American deaths were attributed to acute opioid poisoning, which is staggering when compared to

247

automobile deaths and homicides that together total 55,000 (Daley, 2018).

Hallucinogens: LSD, PCP, DMT 1. Behavior and mood vary widely. The user may sit or recline quietly in a trancelike state or may appear fearful or even terrified. 2. Rapid eye movement, drooling, flushing and sweaty in appearance, trembling hands, and dizziness. 3. There may be sensory changes relating to light, sound, touch, taste, smell, and time. Hallucinogens are rarely utilized by employees on the job because of their long duration of effects (2–12h) and their unpredictable nature. Also, impairment is total, therefore obviating any degree of productivity. Hallucinogenic drugs are especially popular with 18–25-year-olds and are frequently available at the workplace for distribution in their various forms. The most popular hallucinogens include LSD and PCP. Hallucinogens, often called “psychedelics,” are a group of drugs that alter perception and awareness. Their effects are generally unpredictable and, in some cases, bizarre. The nature and intensity of the drug experience are determined by the potency and amount taken, the user’s personality, mood expectation, and the social and environmental setting. The LSD experience is labeled a “trip” that is characterized as “good” or “bad,” the latter being referred to as a “bummer.” The nature of the trip can only be determined after ingestion and can last for 10–12 h. The “good trip” is characterized by a passive trancelike state with pleasant hallucinations, perhaps a kaleidoscope of colors and altered sensations. Sensory impressions sometimes cross so that the user sees sounds and hears colors, a phenomenon known as synesthesia. These characteristics result in the hallucinations being touted as mind-expanding

II. PRACTICAL AND OPERATIONAL APPLICATIONS

248

22. SUBSTANCE ABUSE

drugs. The “bad trip” is characterized by unpleasant experiences including terrifying hallucinations, panic, and irrational acts, which have resulted in injury and death. LSD is sold on the street in tablet and blotter form. In tablet form, it is commonly referred to as “microdot acid,” and is sold in a variety of colors, shapes, and sizes. When liquid LSD is dabbed on blotter paper, it is called “blotter acid,” and consumed by placing under the tongue. Because of LSD’s negative reputation as an unpredictable and bizarre drug, it is commonly sold to unsuspecting buyers as THC or mescaline. Mescaline (mesc), phencyclidine (PCP, “angel dust”), psilocybin (“magic mushrooms”), DMT (dimethyltryptamine), and MDMA (“Ecstasy” or “Molly”) are other commonly used hallucinogens.

INHALANTS: GLUE, GASOLINE, AND ERASING FLUID 1. Odor of substance inhaled, smelled on breath and clothes 2. Excessive nasal secretions and watering of the eyes 3. Poor muscle control 4. Drowsiness or unconsciousness 5. User has presence of plastic or paper bags or rags containing saturated quantities of the inhalant 6. Slurred speech Inhalants represent a diverse group of psychoactive chemicals composed of organic solvents and volatile substances. These chemicals can be readily found in the home and workplace in compounds like glues, paint products, gasoline, and white erasing fluid. Their easy accessibility, low cost, and ease of concealment make inhalants, for many, one of the first substances abused. Inhalants are usually sniffed directly from an open container or from a rag soaked in the substance and held to the face. This is usually referred to as “huffing.” Some users have been

known to place open containers or soaked rags inside a bag, where the vapors can concentrate, before being inhaled. These substances are rapidly transported to the brain and can result in unconsciousness or death. Inhalants are not widely abused in the workplace. However, incidents of workplace inhalant abuse have been reported. Many of the chemicals used by some businesses can be and are diverted for the purpose of inhalation. In some cases, the diversion and subsequent use have resulted in death on company property (Table 22.1). For further information on drugs of abuse, a comprehensive description and photographic collection of drugs and paraphernalia can be found in Drugs of Abuse: A DEA Resource Guide, published by the U.S. Department of Justice, Drug Enforcement Administration (DEA) (2017).

PROTECTING PEOPLE AND ASSETS The role of any protection officer is that of safeguarding people and assets. The protection officer accomplishes this responsibility by observing and reporting incidents or situations which present a threat to the people and assets he or she has a duty to protect. Substance abuse is one such threat, and the protection officer represents a critical component in a company’s effort to combat this threat and maintain a drug-free workplace. By understanding the scope and nature of this problem, along with the specific security-related concerns, the protection officer will be prepared to recognize and report substance-abuse situations that undermine safety and security. Finally, every protection officer should communicate his/her knowledge about the causes and effects of substance abuse beyond the confines of the workplace. By sharing this vital information about the perils of abuse, the protection officer can influence his/her family and community in a most positive way.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

TABLE 22.1

Controlled Substances: Uses and Effects

Drugs

N a r c o t i c s

H a l l u c i n o g e n s C a n n a b i s S t e r o i d s

Dependence potential Physical Psychological

Tolerance Duration of effects Usual method of Possible effects of abuse administration (in hours)

Fentanyl

Innovar, Sublimaze

Analgesic, anesthetic

High

High

Yes

10 – 72

Injected

Morphine

Analgesic

High

High

Yes

3–6

Oral, smoked, injected

Analgesic, antitussive

Moderate

Moderate

Yes

3–6

Oral, injected

None in U.S.

High

High

Yes

3–6

Injected, snorted

High

High

Yes

12 – 24

Oral, injected

Codeine

Codeine

Heroin

Diacetylmorphine, Horse, Smack

Methadone

Dolophine, Methadone, Methadose Dilaudid, Darvon, Demerol, Percodan

Analgesic, heroin substitute, analgesic, antidiarrheal, antitussive

High

High

Yes

3–6

Oral, injected

Hypnotic anesthetic, anti convulsant, sedation, sleep

Moderate

Moderate

Yes

5–8

Oral

Barbiturates

Noctec, Sommos Amytal, Nembutal, Phenobarbital, Seconal Tuinal

High-moderate

High-moderate

Yes

1 – 16

Oral, injected

Glutethimide

Doriden

Sedation, sleep

High

Moderate

Yes

4–8

Oral

Alcohol

Ethyl Alcohol, Ethanol

Ingredient in some medicines

Moderate

Moderate

Yes

2–8

Oral

Benzodiazepines

Ativan, Halcion, Equanil, Librium, Miltown, Serax, Tranxene, Valium, Verstran

Anti anxiety, sedation, sleep

Moderate

Moderate

Yes

4–8

Oral, injected

Other depressants

Equanil, Dormate, Noludar, Placidyl, Falmid

Anti anxiety, sedation, sleep

Moderate

Moderate

Yes

4–8

Chloral hydrate

S t i m u l a n t s

Medical use

Morphine

Other narcotics

D e p r e s s a n t s

Trade or other names

Local anesthetic

Possible

High

Yes

1–2

Narcolepsy, weight control

Possible

High

Yes

2–4

Weight control Hyperkinesis, narcolepsy

Possible

High

Yes

2–4

Oral

Possible

High

Yes

2–4

Oral, injected

Weight control

Possible

High

Yes

2–4

Oral, injected

Acid, Microdot

None

None

Degree unknown

Yes

8 – 12

Oral

Mescaline and peyote

Mescal, Buttons, Mesc

None

None

Degree unknown

Yes

Amphetamine variants

MDA STP, Ecstasy, COM, MDMA

None

Degree unknown

Degree unknown

Yes

Variable

Oral, injected

Phencyclidine

PCP, Hog, Angel Dust

None

Degree unknown

High

Yes

Days

Oral, smoked, Injected

Other hallucinogens

DMT, DET, Psilocybin

None

None

Degree unknown

Possible

Variable

Oral, injected, smoked, snorted

Marijuana, THC

Pot, Frass, Sinsemilla, Thai Sticks, Marinol (Synthetic THC)

Marijuana — none, THC — antiemetic

Degree unknown

Moderate

Yes

2–4

Oral, smoked

Hashish and hashish oil

Hash, Hash Oil

Hashish — none

Degree unknown

Moderate

Yes

2–4

Oral, smoked

Testosterone

Depo-Testosterone, Delatestryl

Hypogonadism

Degree unknown

Degree unknown

Degree unknown

14 – 28 days

Injected

Nandrolone

Nortestosterone, DECA

Anemia, breast cancer

Degree unknown

Degree unknown

Degree unknown

14 – 21 days

Injected

Oxymetholone

Adadrol - 50

Anemia

Degree unknown

Degree unknown

Degree unknown

24

Oral

Amphetamines Phenmetrazine

Preludin

Methylphenidate Other stimulants

Ritalin Plegine, Sadorex, Adipex

LSD

Cocaine

Source: US Department of Justice, Drug Enforcement Administration (DEA).

8 – 12

Withdrawal symptoms

Slow and shallow breathing, clammy skin, convulsions, coma, possible death

Watery eyes, runny noses, yawning, loss of appetite, irritability, tremors, panic, chills, and sweating, cramps, nausea

Slurred speech, disorientation, drunken behavior, stumbling

Shallow respiration, cold and clammy skin, dilated pupils, weak and rapid pulse, coma, possible death

Anxiety, insomnia, tremors, delirium, convulsions, possible death

Increased alertness, excitation, euphoria, dilated pupils, increased pulse rate and blood pressure, insomnia, loss of appetite

Agitation, increase in body temperature, hallucinations, convulsions, possible death

Apathy, long periods of sleep, irritability, depression, disorientation

Illusions and hallucinations (with exception of MDA); poor perception of time and distance

Longer and more intense “trip” episodes, psychosis, possible death

Oral Injected, snorted, smoked Oral, injected, smoked

Coke, Snow, Flake, Crack Biphetamine, Ice, Desoxyn, Dexedrine,

Euphoria, drowsiness, respiratory depression, constricted pupils, nausea

Effects of overdose

Oral Withdrawal symptoms not reported

Euphoria, relaxed inhibitions, increased appetite, depth and time perception distorted

Fatigue, paranoia, possible psychosis

Insomnia, nervousness, and decreased appetite

Virilization, acne, edema, aggressive behavior, testicular atrophy, gynecomastia

Unknown

Possible depression

250

22. SUBSTANCE ABUSE

EMERGING TRENDS As we have seen in this chapter, substance abuse is nothing new in our society. Prescription drug abuse, primarily abuse of opioids, continues to emerge and grow more prevalent in our society. Children continue to fall victim to this threat. We previously reported the number of Americans abusing prescription drugs increased from 3.8 million in 2000 to nearly 7 million in 2006, a startling increase of 80%, more than the number who were abusing cocaine, heroin, hallucinogens, Ecstasy, and inhalants combined (DEA Fact Sheet: Prescription Drug Abuse—a DEA Focus). According to data provided in the 2014 National Survey on Drug Use and Health (NSDUH), “about 15 million people aged 12 or older misused or abused prescription drugs in the past year,” a startling increase over the previously reported data. Similarly, a 2011 analysis by the Centers for Disease Control and Prevention “found that opioid analgesic (pain reliever) sales increased nearly fourfold between 1999 and 2010; this was paralleled by an almost fourfold increase in opioid (narcotic pain medication) overdose deaths and substance abuse treatment admissions almost six times the rate during the same time period.” Prescription drug diversion and abuse are a rapidly spreading plague among our population. The US Drug Enforcement Administration’s “Prescription Drug Fact Card: The Truth About Prescription Drug Abuse” presents sobering data regarding this persistently emerging trend, including: • Since 2002, deaths resulting from the misuse of prescription drugs, primarily opioids, have outpaced overdose deaths from cocaine and heroin combined. The National Center for Health Statistics/Centers for Disease Control reported that in 2013 there were 16,235 opioid analgesic deaths; 4944 cocaine deaths; and 8257 heroin deaths. • The misuse of prescription drugs is more prevalent than the use of cocaine, heroin,

•

•

•

•

•

methamphetamine, MDMA, and PCP combined. Prescription opioid analgesics, specifically those containing oxycodone and hydrocodone, are the most common types of prescription drugs that are diverted for misuse and abused (DEA, 2015). Only marijuana is abused more than prescription drugs in the United States. Many prescription drug abusers, when unable to obtain or afford prescription drugs, begin using heroin because heroin is a cheaper alternative that offers the same physiological effects. Each day in the United States, over 120 people die as a result of a drug overdose (Centers for Disease Control and Prevention, Prescription Drug Overdose in the United States: Fact sheet, January 9, 2015). According to the 2014 Monitoring the Future drug survey, Adderall was the second most abused drug by 12th graders. Only marijuana was abused more than Adderall by 12th graders. In the 2014 National Survey on Drug Use and Health, approximately 75% of current nonmedical users of prescription drugs (12 years and older) reported using pain relievers (Substance Abuse and Mental Health Services Administration [SAMHSA], 2015).

The ready and increasing availability of prescription drugs and the misperception that they are safer than street drugs must be addressed and corrected. The SAMHSA, in its 2006 National Survey on Drug Use and Health (September, 2007), reported that 70% of pain relievers, both prescription and OTC drugs, were obtained from friends or relatives (Office of National Drug Control Policy, Executive Office of the President, 2008). The implications of this persistent trend are of great concern to security professionals. The teenagers of today who are abusing prescription drugs are the adults of tomorrow who may very well continue that abuse. Entering the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

workplace, they will bring with them the yoke of drug abuse and addiction that can lead to numerous security threats, including employee theft and workplace injury and violence. To rise up and effectively defeat this challenging trend, we must develop and deliver to all stakeholders in our society a competent training program that will raise their awareness level and enable them to promptly and adequately identify the telltale signs of prescription drug abuse. This training must include the requisite steps to be taken to restrict teen access to these drugs. It is imperative that we educate our youth to enable them to make informed decisions regarding the lawful, proper, and responsible use of prescription drugs, thereby enabling our children to grow and develop into healthy adults who will contribute to communal safety and security rather than threaten and undermine it.

References ASIS International. (2012). Workplace substance abuse: Prevention and intervention. In Protection of assets (POA), Security Management, Chapter 11. Alexandria, VA. ASIS International. (2007). Workplace substance abuse: Prevention and intervention. In Protection of assets manual, Vol. 1, Chapter 8, Part II. Alexandria, VA. Canadian Center for Occupational Health & Safety. (n.d.). Retrieved May 23, 2019, from https://www.ccohs.ca/ oshanswers/psychosocial/substance.html. Condon, J., & Smith, N. (2003). Prevalence of drug use: Key findings from the 2002/2003 British crime survey. London: Home Office. Daley, J. (2018). Public safety officer briefing paper. Liberty Mid-Atlantic High Intensity Drug Trafficking Area. National Center for Health Statistics, Center for Disease Control & Prevention. https://lmahidta.org. D.A.R.E. America. (2008). 25 Years D.A.R.E. America. [PDF file]. https://dare.procon.org/sourcefiles/2008DAREAnnual Report.pdf. European Monitoring Centre for Drugs and Drug Addiction (EMCDDA). (2009). 2009 Annual report on the state of the drugs problem in Europe. Retrieved from http:// www.emcdda.europa.eu/publications/annual-report/ 2009_en. Fischer, R. J., Halibozek, E., & Green, G. (2008). Introduction to security (8th ed.). Boston, MA: ButterworthHeinemann. Gips, M. A. (2006). High on the job. Security Management 50(2), 50–58.

251

Larson, S. L., Eyerman, J., Foster, M. S., & Gfroerer, J. C. (2007). Worker substance use and workplace policies and programs. Rockview, MD: Department of Health and Human Services: Substance Abuse and Mental Health Services Administration Office of Applied Studies. SAMHSA Office of Applied Studies, Page 1. National Institute on Drug Abuse (NIDA). (2015). Nationwide trends. National Institutes of Health. https://www. drugabuse.gov/publications/drugfacts/nationwidetrends. Accessed 22 May 2019. National Institute on Drug Abuse (NIDA). (2017). Trends & statistics. National Institutes of Health. Office of National Drug Control Policy, Executive Office of the President. (2008). Prescription for danger. [PDF file]. http://publichealth.lacounty.gov/sapc/resources/ prescription_report.pdf. Truth Initiative. (n.d.). Opioids. Retrieved May 23, 2019, from https://www.thetruth.com/o/opioids. Substance Abuse and Mental Health Services Administration (SAMHSA). (2015a). Results from the 2014 National Survey on Drug Use and Health: Details tables. Retrieved from https://www.samhsa.gov/data/sites/ default/files/NSDUH-DetTabs2014/NSDUHDetTabs2014.pdf. United Nations. (2017, January 10). Daily Press Briefing by the Office of the Spokesperson for the Secretary-General. Retrieved from https://www.un.org/press/en/2017/ db170110.doc.htm. U.S. Department of Health and Human Services. (2009). Cost offset of treatment services. Rockview, MD: Substance Abuse and Mental Health Services Administration Center for Substance Abuse Treatment. SAMHSA Office of Applied Studies. U.S. Department of Justice, Drug Enforcement Administration. (2017). Drugs of abuse: A DEA resource guide. [PDF file]. https://www.dea.gov/sites/default/files/ drug_of_abuse.pdf. U.S. Department of Justice, Substance Abuse and Mental Health Services Administration (SAMHSA) Office of Applied Studies. (2007, September). Results from the 2006 national survey on drug use and health: National findings. [PDF file]. https://files.eric.ed.gov/fulltext/ ED498206.pdf. US Drug Enforcement Administration (DEA). (n.d.). Rohypnol. Retrieved May 23, 2019, from https://www.dea. gov/factsheets/rohypnol. US News & World Report. (2019, January 10). Doctor in pill mill case sentenced for money laundering. Retrieved from https://www.usnews.com/news/best-states/westvirginia/articles/2019-01-10/doctor-in-pill-mill-case-sent enced-for-money-laundering. World Health Organization (WHO). (2019, September 11). Management of substance abuse: Facts and figures. Retrieved from https://www.who.int/substance_abuse/ facts/en/.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

252

22. SUBSTANCE ABUSE

Further Reading Dujarric, S. (2017). Tobacco. United Nations Daily Press Briefing by the Office of the Spokesperson for the Secretary-General. Joseph, D. E. (Ed.), (2005). Drugs of abuse. Washington, DC: Government Printing Office, U.S. Department of Justice, Drug Enforcement Administration. Management of Substance Abuse: Facts and Figures. World Health Organization. Accessed May 23, 2019. https:// www.who.int/substance_abuse/facts/en/. National Drug-Free Workplace Alliance. (2014). Prescription drug abuse and the workplace fact sheet. https://www.ndwa. org/prescription-drugs/prescription-drug-abuse-and-theworkplace/. Substance Abuse and Mental Health Services Administration (SAMHSA). (2016, September). Prescription drug use and misuse in the United States: Results from the 2015 National Survey on Drug Use and Health. Retrieved from https://www.samhsa.gov/

data/sites/default/files/NSDUH-FFR2-2015/NSDUHFFR2-2015.htm. U.S. Department of Justice, Drug Enforcement Administration (DEA). National Drug Threat Assessment Summary, October, 2015. https://www.dea.gov/documents/2015/ 10/01/2015-national-drug-threat-assessment. Accessed May 23, 2019. U.S. Department of Justice, Drug Enforcement Administration (DEA). (2015). The truth about prescription drug abuse. https://www.dea.gov/sites/default/files/ resource-center/Publications/PrescriptionDrugFact Card_2015_508_version.pdf. Accessed May 23, 2019. U.S. Department of Justice, Substance Abuse and Mental Health Services Administration (SAMHSA), Center for Behavioral Health Statistics and Quality. (2017, September 7). Results from the 2016 national survey on drug use and health: Detailed tables. [PDF file]. https:// www.samhsa.gov/data/sites/default/files/NSDUHDetTabs-2016/NSDUH-DetTabs-2016.pdf.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

23 Investigation: Concepts and Practices for Security Professionals Brian D. Baker, Christopher A. Hertig, Robert Metscher O U T L I N E Introduction

253

Surveillance

268

Investigation and Human Communication

257

Ethics of Investigation

263

Testifying in Legal and Administrative Proceedings

269

Preliminary Investigation

264

Emerging Trends

271

Follow-up Investigation

266

Conclusion

271

Liaison

266

References

272

Notes and Reports

267

Resources

272

• Provide a framework for conducting a preliminary investigation by the security professional

CHAPTER OBJECTIVES • Define the security professional’s role in conducting investigations • Define the history of investigation and the importance of ethics for investigators • Explain the process of investigation as a fact finding and documentation process • Provide an introduction to the need for proficiency in human communications in the investigative process • Define recommended practices for general surveillance in an investigation

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00023-7

INTRODUCTION Few related careers, other than the security profession, offer a dynamic and lucrative opportunity for entry-level and early experience to individuals to provide investigative services. While many larger organizations have a few specific investigators, positions staffed by seasoned or senior level staff, the skills and role of fact finder, diligent observer, and human data

253

# 2010 Elsevier Inc. All rights reserved.

254

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

analyzer are necessary for all organizations’ protective security function. As a security professional, investigation skills are necessary skills to be developed and sharpened throughout the career pathway. The word investigation comes from the Latin word investigationem or investigatio, meaning a searching into or a searching for, and the word investigere, which means to track or trace (Harper, 2010). A root of the word investigation, vestigium, is further defined as tracking of a footprint. While tracking of footprints sounds like an exciting process, the figurative searching for information and tracing that information toward factual conclusions is easier to understand in the actual practice of investigation skills for a security professional. When conducting an inquiry or investigation, one’s title, the uniform he wears, or the size of the organization does not limit the importance of the professional skills that this chapter seeks to introduce. Investigation can take many forms—from the simple asking of a few questions and noting it in a report to a fully complex analysis of computer data and records. Many people believe that only police detectives conduct investigations and by the mere official sounding phrase, “We are conducting an investigation,” imaginations can run wild with speculation, nervousness, and mistrust about who is looking into (searching into) what information, about who, and for what outcome. The security professional does not need to turn an investigation into a complex and specialized process. A successful investigation may be completed in a simple few steps such as speaking to witnesses at an accident scene, or it may be a long process of reviewing months of digital video footage to establish patterns of an internal theft. The scope of an investigation is only limited by the imagination of factors, situations, and incidents, which might affect the assets and operation of an organization. In other words, an investigation may not always have the

outcome of an apprehended criminal being marched away by the police, or some lesser consequence impacting an individual suspected of wrongdoing against the organization. To think like an investigator, the security professional should think like a problem solver who needs specific facts to reach a decision. The process of investigation begins with identifying the problem and the solution, then determining the best way to collect information that connects this beginning (problem) and end (solution). One critical starting point in the discussion of investigation skills is for the security professional to recognize the limitations of their authority. Authority is granted in two key ways: there is the legal authority that regulates what actions can be taken in accordance with both criminal and civil law; and there is the authority which the organization gives the security professional for investigation. Foremost, it should be clear that a security professional is not a law enforcement officer. Behaving as if one is a police detective will typically backfire on the security professional and lead to a lack of cooperation and a lack of respect from others. The security profession often experiences the struggle of appearing to be a “minor league” or a step-down for those who were not qualified to become “real” law enforcement. The investigative process used by a security professional is not typically intended to bring about the arrest of a criminal suspect, and the process must not openly appear to be something it is not, by someone confusing a problem-solving role with a prosecution goal. This is not to say that the investigative process is not similar between police and security professionals. There are several key words that establish the tone of this chapter, and these key words are fundamentals of investigation that are not owned by police detectives, or by security professionals. While deciding on where to begin the list of key words, confidentiality and discretion

II. PRACTICAL AND OPERATIONAL APPLICATIONS

INTRODUCTION

seem to take the top of the list and neither should be prioritized: An investigation should be confidential and discreet. An investigator should use discretion, and respect confidentiality, privacy, and the need to know the basis of information. This is often a challenge to new investigators, because many times the initial inquiries of witnesses or review of information may be met with hesitation by others. “Why do you need that information?” or, “Why are you asking me about this person, did they do something wrong?” A good investigator should be prepared for certain questions and for the natural human curiosity of others to push the investigator to disclose secrets or give details. Curiosity by others is often stirred up by the same images and stigma that accompany the term “investigation” and therefore wise advice may be for the security professional to avoid phrases such as “I am investigating an incident,” or “I need some information for an investigation.” The work of a security professional rarely gains attention in the same way police are seen apprehending criminals at the end of an investigation. Most of the work done by a security professional, including investigation, can be defined as preventive to a situation or incident. Even if the investigation does follow an incident, such as theft or accident, the contribution to the organization is designed to help prevent that matter from occurring in the future. For example, often when an internal theft is detected and investigated, the organization learns about vulnerabilities or flaws in asset protection systems, and those problems are remedied so the loss does not occur again. Security professionals are often relied upon by Chief Security Officers and leadership in the organization to provide detailed information on observations, statements by others, and analysis of data. Confidentiality helps the organization leadership to make decisions while protecting the privacy and trust of those affected by the decisions. It is common to see an asset protection department, protective services team,

255

guard force, or information security function that is closely linked to the upper level leadership in an organizational chart. Security professionals may be reporting directly to a manager or vice-president of operations, finance, or human resources. Because of the benefits security professionals can provide to organizational decisions, including through investigation services, organizations increasingly value and expect discretion and confidentiality. The days are past when security professionals reported to a facilities manager, the same as a custodian or delivery driver. Many activities undertaken in the investigative process are regulated by legal privacy considerations. The use of hidden cameras, GPS tracking technology, audio voice recorders, computer hacking and monitoring, and social media have legitimate and prohibited roles in an investigation. While the laws and workplace compliance guidelines may vary by organization and by the state, territory, or nation involved, the emphasis is for security professionals to know the limits of their authority and the limits of any investigation. To begin this education, security professionals should completely study and understand all employee policies and procedures, an organization’s employee handbook, and various job descriptions of those employed in the organization. There may be explicit rules, exceptions for behavior, and conditions to employment, and processes that control inquiry of employee information. For example, a data breach investigation may require speaking to all employees who accessed a particular office area on a specific date. An employee may know that their friend removed records without authorization, but the employee may not want to give information against their friend. Some organizations require employees to cooperate with all internal investigations as a condition of employment. The security professional may need to report that employee’s lack of cooperation to a supervisor; however, in no situation should the security professional

II. PRACTICAL AND OPERATIONAL APPLICATIONS

256

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

threaten or intimidate the witness to believe his job is in jeopardy. The security professional’s job is to investigate, not to make decisions on another’s eligibility for continued employment. The discretion in this situation is best exemplified by how well the security professional knows what policies exist and what legal liabilities exist if any particular lines are crossed. In many aspects, the security professional serves as a consultant to the organization’s leadership. When delivering a verbal or written report of investigation, the use of certain jargon or vocabulary should be avoided. Speaking like a police detective, and even using the same terms as studied in this chapter, may be enough to confuse another person or entirely turn them off to the credibility of information. Knowledge of the organization’s informal culture is as important as knowledge of the organization’s employee policies and procedures, or the legal regulations that govern the investigation process. In terms of liability, it is better for a security professional to say, “I don’t know the answer to that, but I can find out,” than it is to say afterwards, “I’m sorry I didn’t realize that I shouldn’t have done that.” Asking questions and seeking guidance in certain investigation scenarios is always a safe move. One such area in which many laws, rules, and procedures may exist is in a union workplace or an organization with employees under an organized labor contract. Examples of such organizations may include, but are not limited to, automotive manufacturing, textiles, printing/publishing facilities, public transportation, schools, and government offices. A security professional should always know if a labor union or contract exists and what limitations are specified, prior to initiating any investigation. Private investigators are also commonly used when an organization requires additional assistance or if an area of investigation is outside of the security professional’s capacity. In many cases, the security professional may conduct a preliminary investigation and collect facts or names of witnesses. Because of the numerous

duties and scope of the security professional’s work, a private investigator may be employed to continue with follow-up investigation, provide special surveillance, or locate witnesses or property that is outside the organization’s property or control. An example of this might be for a private investigator to locate a former customer to ask questions about an employee’s activity, or to trace a company vehicle being driven without permission by an employee’s relative. Some complex financial inquiries or suspected computer crimes require the hiring of specialists. Undercover investigation is another area where investigation services are outsourced to private investigators. Insurance companies may use private investigators to conduct surveillance of employees engaged in disability or workers’ compensation fraud. Private investigators generally must be licensed. The security professional responsible for engaging a private investigator should require a copy of the investigator’s license, as well as the license of the agency if it is separate from the individual license. Many states and countries maintain databases of licensed private investigators, and the security professional should seek to confirm licensure has not been suspended or revoked for any reason, prior to engaging the private investigator. Additionally, many private investigators maintain professional liability insurance for errors and omissions and for use of force when duties require that they protect high value property or executives. Confirmation of a certificate of insurance coverage is also a minimum step that is as important as confirming licensure. Similar to the security professional, a private investigator is not a law enforcement officer and does not have any special authority beyond a private citizen. Being licensed as a private investigator primarily certifies that the government has given this individual a license to charge a professional fee to private individuals or organizations, for the provision of investigation services. The use of surveillance cameras, computer information, and other techniques of

II. PRACTICAL AND OPERATIONAL APPLICATIONS

INVESTIGATION AND HUMAN COMMUNICATION

investigation are not based on special authority. Private investigators most often understand how to use the specialized equipment and techniques within the scope of the law, and it is this skill that most organizations and security professionals should seek when engaging private investigators. One aspect of involving a private investigator, and something that security professionals also must be aware of, is knowing the limits of the investigation based on one’s skills and experience. Many private investigators are retired or former police officers. While this past employment may give the private investigator a particular world view or ability to conduct themselves with confidence and discretion in public, it does not automatically imply that the private investigator would understand or be competent to do a preemployment background investigation for a position of financial trust, or that the analysis of a social network linkage diagram is something they would understand. Many former police officers who become private investigators have what they call “people skills” or an ability to talk to nearly anyone and to gain information if the person is cooperative and willing to talk. Where the line must not be crossed is for the former police officer, now a private investigator employed by the security professional’s organization, to utilize coercive or intimidating methods in the same way that they may have interacted with a street criminal during their police career. The security professional is ultimately responsible for the actions of any subordinate investigators or private investigators assisting with an investigation. Any wrongdoing or problems can jeopardize the success of the investigation and bring legal liability and embarrassment upon the organization. It is the responsibility of the security professional to make sure every investigation is conducted in the confidentiality and discretion expected within the organization. Any private investigator or similarly contracted specialist should be completely familiar with the

257

investigation and the cultural expectations of the organization. Matters such as the provision of a written report, preservation of evidence, the carrying of weapons or access to information, and agreement on payment and fees should be resolved prior to agreeing to use a private investigator.

INVESTIGATION AND HUMAN COMMUNICATION Most textbooks devoted to investigation will agree on the starting process of fact finding: When? Where? Who? What? How? Why? Also known as the five W’s and an H or sometimes referred to as NEOTWY, an acronym for the last letter of the previous six questions. New investigators may write these six one-word questions inside the cover of their field notebook or even at the top of each page before stepping into a meeting with witnesses. Eventually, the need for reminders lessens as these key questions become more familiar and more routine. Though these questions may seem elementary, that is precisely the purpose—that every investigation needs to begin with these questions. As explained previously, the process of investigation for a security professional involves identifying the problem and the solution. Knowing the facts puts the problem in context. In other words, knowing the facts allows for a decision maker to identify what must change so the situation never repeats or can be resolved. A change in time, location, persons, circumstances, equipment, a process, or a reason may be the starting point or it may be the conclusion. One aspect of these fact-finding questions that an investigation should determine is consistency. Do the facts match the statements of witnesses? Is there video evidence that corroborates or confirms the sequence of events? Are there any digital or electronic records that can place an individual in a certain part of the facility at a specific time? Are there additional witnesses the investigator should speak with?

II. PRACTICAL AND OPERATIONAL APPLICATIONS

258

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

There are many clever phrases that good books and experienced investigators can share with security professionals who are learning the process of investigation. “You won’t get good answers unless you ask good questions.” “You won’t get the right answers unless you ask the right questions.” Some of these phrases can undermine the confidence of an investigator, but there is truth to the importance of the roles of searching, tracing and following facts (tracking). A security professional can capably question a witness to provide the facts: Q. “What time did this occur?” A. “4’oclock this morning.” But a good investigator might ask differently and allow space in the conversation for followup: Q. “Tell me what you saw.” A. “It was about 4’oclock and my crew was driving passed the gate and saw two young boys, probably teenagers running, and one had what looked like bolt cutters and the other had a flashlight. I don’t know if they were trying to get into the storage trailer where the copper wire is stored but they were running from that area.” In the longer response to an open-ended question, the witness actually provided answers to all six fact-finding questions, including the Why, based on the inference that the two teenagers seen trespassing may have been attempting to steal copper wire that was stored in that area. A follow-up question could simply ask the witness to explain why he thought the storage trailer was the target, or how could it be these individuals knew the copper wire was kept in that location. A skill in effective human communication is engaging a conversation and then listening to what is provided by the speaker. There is no skill needed to ask yes or no questions, or to provide a form asking for one-word responses such as time, name, location, and how many individuals were observed. In the above scenario, the witness also revealed to the investigator that he was with other workers in his crew and that he was traveling in a vehicle. The investigator would next

want to ask the names of the crew members who may have seen the same thing, and also information, such as the type of vehicle or the witnesses’ seating position in the vehicle. Contradictions among witnesses could be based on the level of awareness by those witnesses at the time. For example, if the witness’s crew were traveling in a large truck that sat high off the ground, individuals might automatically appear small. If the witness was riding on the back of a small utility vehicle, facing rearward, while noticing the individuals running immediately as the vehicle passed, then the perspective might be more accurate as the observation was clear. This fact-finding conversation is also referred to as an interview. For purposes of repeatedly emphasizing the distinction between a police officer and a security professional, a security professional should avoid any use of the term “Interrogation.” When speaking to individuals, whether they are witnesses, suspects, involved parties, or have any information about the investigation, this conversation should always be referred to as an Interview. However, the process of an investigative interview is nothing unusual or highly specialized. It is a conversation to gain information and facts. The investigator should not contact a witness and say, “Hello, I need to interview you for my investigation.” This is an example of using jargon, terminology, or official sounding phrases that may intimidate, frighten or confuse an individual. It is suggested that a softer approach or more casual introduction be considered when first speaking to someone during an investigation: “Hello. May I speak with you about the individuals you observed earlier this morning?” Or “I’m following up on something that was reported this morning and I understand you have some information that would be helpful.” Whenever talking with someone as part of the investigation, make sure that the conversation begins with an appropriate introduction.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

INVESTIGATION AND HUMAN COMMUNICATION

An investigation could become a legal liability if someone feels that they gave information to someone without fully understanding who they were speaking with: “Nice to meet you, I’m with the security team, I wanted to follow-up on the accident report from yesterday…” Obviously, this refers to an open inquiry and not to an undercover investigation or covert surveillance investigation. A security professional should provide the witness or subject of the interview with a business card or method for future contact if appropriate: “If you think of anything else, you can call extension 300…”. One common mistake made by new investigators is to focus on the facts and to forget to document the name, phone number, and contact address for the source. Many times, the contact information of a witness may come from personal or business records. Once the investigator makes contact with this source of information, the proper spelling of their name and all contact information should be confirmed as correct. When speaking with a witness at a scene or incident, begin with asking for first and last name. If there is noise or environmental distractions, or if there is a language or other communication barrier, ask the individual to print their name on a separate page of your field notebook, or on a notecard carried separately. If appropriate, ask the person to forward contact information to you electronically, by allowing them to type their mobile phone or smartphone number, email, or contact information into your phone, or by giving them your device phone number and asking them to call you and preserve the phone number in the contacts setting. (This may be inappropriate for investigators or security professionals who are using their personal phone or digital devices. Maintaining discretion and privacy must be balanced with the importance of always documenting the source’s name and contact information.) Along with this common error is the mistake in spelling or understanding the person’s name. It is polite and acceptable in most cases to ask

259

them to spell the name, and if it’s a nickname or shortened version of a longer name, asking them for a full name is usually not considered offensive. (For example, Margaret may go by the name Peggy. “Soosh” might be short for Sushant.) Any conversation should be documented with first and last name, along with their contact information. However, it is not unreasonable to have a witness or an individual state that they don’t want to give their name or get further involved. As security professionals, there is no authority to insist that someone provides this information, although there may be obligations in certain situations within the workplace or the organization. In some settings, the security professional may be authorized to look at employee identification or credentials, and this can be used to confirm identification. On private property, some uniformed security professionals might have authority to request photo identification of persons; however, the issue with asking for or viewing identification must be decided on an individual basis depending on where the security professional is based or the scope of the investigation. Documenting driver’s license numbers, for example, may be considered inappropriate or a breach of privacy laws in some locations. A security professional should continue to be careful of crossing the line and presenting an appearance of a police officer checking identification (as in checking for a driving record or looking for arrest warrants.) Remember that experienced investigators have developed their own style, rhythm, and method for asking questions to find facts. Security professionals learning the process of interviewing subjects should proceed slowly and feel comfortable taking notes and referring to the important questions to ask. However, as stated previously, the process of human communication should feel like a conversation and less like an interview. Being nervous, appearing disorganized, looking unprofessional or poorly groomed, allowing cell phone text messages

II. PRACTICAL AND OPERATIONAL APPLICATIONS

260

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

and digital device distractions, using tobacco or smelling offensively of food or drink can all be barriers to successful communication. It would be more realistic to say that some situations will bring on anxiety or that in a crisis you might need to take a call and ask the individual to stand by. Practice does make for improvement, and there will be rare times when investigative interviews will go perfectly every time. Preparation for the interview is even more preferable than practice. We learn more from the things we do well and the things we do wrong than by the number of times we do the same average thing over and over. Preparation means knowing the facts about what you are discussing with your source. Read subsequent reports more than once, noting details, dates, and times. If an incident occurred on the 5th of the month, for example, know if the 5th was a Friday, or a Saturday. If speaking to a witness or source, do your basic homework and try to learn something about their job or how long they’ve been with the organization. If it’s a patron or customer, find out if they have been part of any other investigations or if they are known to the customer services team. People like to talk. Sometimes a person will provide all necessary information in a few minutes but will want to spend another 10 min discussing family, sports, politics, and religion. It takes experience to learn how to disengage from someone who has gotten off topic or who now wants to socialize. There are many additional books and sources on human communications that can help provide tips on succeeding in these uncomfortable situations. The investigator must admit that if an individual provides valuable information, then rapport and courtesy are quite important to maintain. Concluding the interview, or redirecting the subject who has gotten off subject and into a tangent conversation, can be managed with a few concluding questions: For a scheduled interview where the subject was invited to the investigator’s office, or where the investigator

met with the subject on their own property or location, an excellent question is, “Was there anything else that I didn’t ask you, that you were expecting me to ask you when we set this meeting?” Sometimes this question helps to give the subject back ownership of their space. In other words, this is the question that allows the subject to do anything from providing additional information or giving critique to the investigator on how they felt the interview went. In some cases, the subject might offer a file or photos that they expected to be asked for. Some may say, “I’m surprised you didn’t ask me about…” The other concluding question is simpler and can bring the same response: “Is there anything else you think I should know.” Or “Is there anything else you want to tell me?” Both this question and the question asking about expectations of the interview can be used simultaneously. It is possible that each question may also yield different responses. In these situations, the investigator must make certain they are engaged in listening and allow the person to finish talking. It is also possible that this open style questioning could take an interview of 5 min into an interview of 1 h. Or, the subject might also reply, “No. I don’t have anything more to tell you.” At the conclusion of any conversation, the security professional should consider asking the subject if they would mind being contacted again, if it’s necessary to clarify any information: “I greatly appreciate your help. If I have any more questions, is it OK for me to contact you?” Or, “Thanks. I think that’s everything. If I need more help, can I call or send you an email?” Investigation is fact finding, not just fact recording. As stated earlier, asking open questions will get people speaking freely and the more that is said, the more information there may be for strategic and well-planned followup questions. This requires the investigator to be listening, thinking about what is being said,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

INVESTIGATION AND HUMAN COMMUNICATION

and making mental or physical notes. Thinking about asking the next question before the previous answer is given, will cause a loss of focus that is just as bad as thinking about something unrelated, such as eating lunch. Human communication takes brain power and also an ability to think quickly, or “thinking on your feet.” One issue that can become an obstacle to sincere and effective human communication is taking notes in a notebook or on an electronic device while the witness is still talking. Some witnesses are distracted to see their words being recorded like dictation. A common error made by some investigators, seasoned as well as new, is to take notes when the witness wishes to make eye contact and have a conversation. The investigator should measure the witness’s reaction when he or she pulls out a pen and notepad, or opens a writing tablet while sitting at a table. This can be done at the beginning when the investigator documents the witness’s name and contact information, or when the investigator simply writes the date and time on a notebook page. Witnesses who are unnerved or uncomfortable about the note-taking process will quickly or intensely focus their gaze on the investigator’s pen or notebook. Sometimes, their rate of speech will slow down considerably, as if speaking purposefully slow enough to allow the investigator to write. Other instances may include the witness shifting to speak only in sentence fragments or with extra deliberation to avoid saying the wrong thing or saying something out of context. The investigator needs to balance two problems when encountering a witness who becomes afraid of note-taking. First, the investigator needs to be aware and respectful of this concern, and work sincerely to not take dictation of every spoken word. This requires listening skills and memory skills that need to be developed. Dictation and scribing every response could be replaced by writing only key words, names, dates, and responses. In other words, the responses given by the witness when asked

261

the six key questions of fact finding could become the words on a notebook page. As the conversation progresses to follow-up questions, the investigator can explain that the purpose of writing some additional notes is purely for their own memory later on. As the note-taking progresses slowly, the witness will become more and more comfortable with the process and less upset about what they are saying and how they are being quoted. By this point, the witness will have already made their statement and become comfortable with that statement during the process of follow-up and taking notes. The development of listening skills and knowledge of the investigator’s learning style are perhaps more challenging than maintaining the rapport of a conversation balanced with note-taking. Investigators should know certain things about themselves. Probably foremost is the learning style of visual, auditory, or tactile. A simple internet search: “What is my learning style?” can lead one to several free questionnaires and “testing” websites. Once the learning style is determined, the investigator needs to further research how that learning style can impact their retention and learning of certain facts and concepts. In other words, how is the investigator’s learning style related to their ability to listen to a witness, process what the witness says, and remember that information well enough to form follow-up questions? Additionally, the investigator may learn information from a witness or subject, and while listening to that information, subsequent investigative steps may come into mind. The investigator needs to be able to complete the reception of the witness’s statements, while also not losing some valuable discernment or idea that unexpectedly comes into their mind. This, too, while possibly not trying to distract the witness by taking notes. A visual learner, or visually motivated investigator, may be seeking documentation or notes or reading reports while listening to a witness speak. The rudeness to the witness is clear and the investigator should practice natural eye

II. PRACTICAL AND OPERATIONAL APPLICATIONS

262

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

contact and gestures to signal they are listening to the witness. An auditory learner, however, may be the best investigator for conducting an interview, because this investigator values the spoken words and all the inflections and variations of what is heard. Reception of the message may be easy and may be recalled later without written notes. A visual learner, who goes into an interview with limited note-taking, should attempt to get quickly isolated, in order to write extensive notes after the interview has ended, whereas an auditory learner may be able to retain what was said with great accuracy, for longer periods of time without notes. The tactile learner requires demonstration, physical handling of sketches or documentation, or even the process of traveling to a scene of an incident to “see for themselves” what occurred. Use of maps, asking the witness to draw a picture or look at photographs, or actively engaging the witness in an examination of the setting are parts of what helps the tactile investigator to better remember and understand, without taking exact notes and dictation of the witness’s statement. What needs to be specified here is the importance of the notes and a written report based on the investigative interview. If notes can’t be taken thoroughly during an interview, then the investigator must immediately find a quiet and controlled location and begin to free write as much information as possible into the notes. While certain headings, key words, and details should be specified using the limited notes, the investigator (regardless of learning style) should attempt to fill in as much information with thoroughness, as soon as possible. Those notes should then guide the investigator in writing the investigative report, which will also highlight any missing information, areas of confusion, and any circumstances, should the need arise, to contact the witness for immediate follow-up. Investigation has that romanticized context, like someone with special powers who is out extracting personal secrets. Rather, investigation

is tedious and exacting. It has to do with not only fact-finding but also research into the facts. Investigation is simply an objective process used to discover facts about a situation, person, or behavior. When an investigator asks a witness “Why?” the common hesitation is to say it is wrong to ask someone their opinion. After all, doesn’t an investigation seek out facts and isn’t someone’s opinion in contrast to or the opposite of an objective process? The answer is, not really, because an investigator can only be as good as the facts he or she has. A theory, or a witness’s opinion, on why something occurred could actually be based on well-reasoned facts. They are the witness’s well-reasoned facts but that doesn’t mean someone else’s opinion or theory is wrong. Once those facts are discovered, they are recorded in an appropriate manner, and the process of investigation continues to the next level. Take for example the previous open-ended interview response of the witness who observed two teenagers running from the direction of a storage trailer where copper wire was stored. That theft of the copper wire was an opinion as to why the individuals were in that location. The investigator would then research whether the contents of that trailer were known and by whom, and how long the contents had been there. Another aspect of the investigation might seek consultation from local police or security professionals in nearby facilities, to ask if copper wire theft was a risk or problem that they have experienced recently. Other sources’ opinions are not always wrong, even if they are not always objective. Investigation has a great deal to do with research; those who like to do online or library research may acclimate themselves to investigative activity better than those who disdain research. An investigator must be able to read, analyze, reread and retain the information obtained from statements, reports, and numerous other sources of information. Any factors that infringe on the investigator’s ability to read,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

ETHICS OF INVESTIGATION

and the ability to comprehend and retain what they have read, should be carefully trained and improved. Casual reading of leisure books, literature, as well as professional journals and articles, will eventually help to hone a security professional’s reading skill into a good investigative analysis. Aging security professionals should also be honest with themselves and obtain reading glasses when it is necessary. There is more shame in doing a bad job than there is in seeking assistance with one’s vision. Investigation requires precision and attention to detail. It culminates in writing reports about the known facts. These reports are the product of the investigation. Investigation is important because, without facts, management cannot make the correct decisions.

ETHICS OF INVESTIGATION History teaches some important lessons regarding the important relationship between ethics and a successful investigation. Individuals and organizations that don’t have good ethics may profit initially, but in the long run, they fail. The same is true of investigators and investigative organizations. Investigator ethics can be traced back to an example set by Allan Pinkerton and the Pinkerton Detective Agency. Pinkerton’s firm became the largest private investigative and security firm in the world and the name Pinkerton remains a distinguished name in the investigative profession to this day. Pinkerton’s example of ethics focused heavily on hiring the right people for the trusted positions within his firm, and in making sure those people were fairly compensated. To that note, one thing Pinkerton opposed was the establishment of any reward or contingency fee for the outcome of an investigation. His investigators were paid for their honest efforts and the information they obtained. They were not rewarded based on the value of the information, nor did they receive a bounty for particular results in a

263

case. The Pinkerton Detective Agency made no warranty that an investigation would have a particular outcome, and the wages paid to investigators were consistent so as not to create temptation for dishonesty by the investigators, and not to present suspicion or doubt that the investigation was anything less than true and honest. Security professionals today must make sure that they not only avoid any appearance of accepting a gift, gratuity, favors, or reward but also that they avoid the appearance of any conflict of interest. Any investigation into a family member or friend should be avoided. Appearances of favoritism or covering up information may impact the respect and credibility of an investigator. While the employee policies and procedures shall heavily influence a security professional’s ethics, the mentorship of senior security professionals and leaders should always be consulted whenever a doubtful situation or challenge is apparent. Though we use the term ethics and ethical investigation to imply similar terms such as integrity, objectivity, and being unbiased, there are truly additional terms that can further help to define what is an ethical investigation. The ASIS International Professional Investigator’s Manual (Knoke, 2010) references several qualities of an effective investigation, which fit well into defining a framework for ethics. Objectivity and thoroughness stand out as the top qualities of effectiveness in fact finding. Objectivity is best defined as an avoidance of prejudgment while focusing on rational hypotheses during the investigation. Thoroughness corroborates the key findings of an investigation into a conclusion, only after all relevant leads and sources of information are checked. Using an example of a witness interview, the failure to follow-up with a particular witness because that witness has a known bias or because that witness is not available at a particular time, may greatly affect the true conclusion of an investigation. A professional investigator who does not follow up with certain leads may never

II. PRACTICAL AND OPERATIONAL APPLICATIONS

264

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

be able to fully believe in a conclusion, beyond any doubt, and if asked to testify in court regarding their findings, this doubt may surface as an embarrassingly incomplete inquiry. Personal and organizational liability may arise because of a lack of ethics. Other terms cited in the Professional Investigator’s Manual in describing the qualities of an effective investigation include relevance, accuracy, and timeliness. In many investigations, there can be an abundance of evidence, witnesses, statements, and data. Sorting through these factors to isolate the core issues is a challenge even for the most experienced investigators, but it is a necessary function that can’t have shortcuts because of lack of time or predisposed conclusions or because of a rush and push for completion by supervisors. Accuracy provides factual credibility with the source of information. The most basic details in NEOTWY are a starting point for investigative accuracy. Spelling a person’s full name correctly, or documenting the correct time and address, are some of the basic starting points for accuracy. One area where investigators can find problems with accuracy rests in the reliance of online information obtained through a search engine or through the examination of social media sources. Information obtained online should be cited in investigative reports so that others can know and decide on the reliability of the data as well. The ability to misread search engine results is as much a peril to the investigator as is failing to verify online information through a secondary source such as a direct interview with a witness or obtaining certified copies of public records. Timeliness of an investigation is also an ethical issue because results may be affected by a stalled investigation due to a delayed start because of bias or investigator reluctance. There are also concerns for the fading of witness memories, purging or overwriting of digital systems, and transience of certain people in the workforce. By delaying an investigation, it is possible

that critical evidence may disappear forever. Pressures to jump into an investigation before gaining all the facts can be as harmful to the outcome as is ending an investigation prematurely without properly following-up or consulting secondary sources of information. When lives may be impacted by employment decisions, determination to prosecute, or financial resources are involved, the phrase “timing is everything” couldn’t be more true.

PRELIMINARY INVESTIGATION This is the most important aspect of the investigative process. It is also the investigative stage that security professionals find most relevant because involvement at this stage often occurs when an incident is “fresh.” The preliminary investigation is the initial fact-finding component of the investigative process. It may be performed when the crime or incident is first discovered and fact finding and documentation is crucial to the success of the follow-up investigative effort. That follow-up investigation may be done by security supervisors, police officers, human resources managers, or others in leadership in the security professional’s organization. The scenarios and themes in a preliminary investigation are as numerous as one could imagine; however, it is possible to categorize the types of investigations into a few general areas: incidents, misconduct, and compliance (Knoke, 2010). The incidents category includes crimes such as thefts and assaults, or it may include accidents such as a worker falling from a ladder or two vehicles colliding at a distribution center parking lot. Incidents that include a verbal dispute between workers may also fit into this category depending on what was said, or what organizational policy says regarding the conduct. A security professional is most likely to be contacted during the incident or immediately

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PRELIMINARY INVESTIGATION

following, and this is why the earliest stages of preliminary investigation emphasize safety, treatment of injured, and containment of a scene ahead of any actual investigative steps. A misconduct investigation most commonly involves inquiry into an employee violation of a workplace policy or rule. Depending on the seriousness of the misconduct, a security professional may be asked to assist in the investigation by contacting witnesses, reviewing video security camera footage, or gathering statements. Discrimination, sexual harassment, and personal injury or property damage claims may be examples of misconduct cases. Whenever involved in a misconduct investigation, the security professional must be highly protective of confidential information and should never divulge or be tricked into giving away any information to unauthorized individuals. Misconduct investigations are often referred to as internal investigations, and the results of an investigation may very likely result in a worker being terminated from employment in the organization. Because there is a high possibility that a conflict of interest may arise during these types of inquiries, security professionals should be highly aware of a need for ethics and of the steps to take if they find a challenge, and should contact their supervisor about any need to withdraw from an investigation because of an ethical concern. Compliance investigations also vary based on the type of organization; however, most often a compliance matter will involve financial privacy, data protection, workplace safety, political or environmental issues. Because of the highly specialized professional nature of compliance, including regulatory and business governance issues, it is more likely that a senior security professional or a highly experienced investigator may become involved. This does not mean that an entry-level security professional should not be aware of the importance of compliance issues, because it may be due to something relatively minor that could result in significant damage or liability to the organization.

265

If outside regulatory compliance investigators (such as a government safety inspector) is involved in an investigation, the security professional may be asked to investigate digital or video evidence, compile statistics, review incident or accident reports, and assist with various aspects of the investigation. Professional demeanor and respect are important when working with outside compliance investigators, and whenever a security professional is unsure about a course of action, a supervisor must be contacted for further guidance. Some serious compliance investigation matters that may involve the security professional will include any workplace accident or incident resulting in the death of a worker, any data breach of customer financial records or confidential patient information, or any allegations of major polluting or dumping believed to financially benefit an organization. Industries such as casinos, hospitals, hotels, and medical marijuana dispensaries all have elaborate regulations on access control, accountability, privacy, and retention of video data. The security professional may become involved in auditing of this data, utilizing similar investigation techniques discussed in this section on preliminary investigation. Preliminary investigation consists of several key steps: 1. Scene safety: This is an often wide-ranging first step that includes everything from attending to the injured or wounded individuals, to preserving the scene and limiting access, or conducting steps to eliminate risks such as extinguishing a fire or apprehending a criminal on the property. 2. Locating and questioning witnesses: Attempting to determine if there are witnesses and then questioning witnesses should be performed as soon as possible. Systematically find and interview those who may have seen or heard something related to the incident or matter being investigated.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

266

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

3. Preserve the crime/incident scene for evidentiary purposes. Control access to the scene, take photographs, and note observations. The scene must be controlled for the purposes of answering the critical questions, but realistically, the preservation of a scene cannot be indefinite, so the security professional must work quickly to take notes and photos. 4. Forwarding information about the incident to the proper management or the shift security supervisor. A security professional must be aware of the protocol for informing supervisors in the chain of command. Most organizations have a triage or priority level assigned to most incidents or types of investigations, and the level of investigation may determine the difference between calling a member of leadership at home in the middle of the night or more simply sending an investigative report the next day. 5. Completing a preliminary report so that follow-up investigators have adequate information with which to proceed. Ideally, a follow-up investigator should have the case report delivered with the completed answers of when, where, who, what, how, and why. If the security professional’s organization allows for a statement by the investigator to provide a preliminary conclusion, then that conclusion should be concisely stated, and the investigator prepared to discuss further in follow-up. In many organizations and corporations with strict paper trails and accountability for every written report, it is not uncommon to have meetings where internal investigations and other sensitive matters are discussed face to face between the security professional, follow-up investigators, and senior investigative personnel. Unless otherwise instructed, every preliminary investigation should have a written report of preliminary investigation. Whenever a report is not prepared, the investigator must be sure to preserve all notes and records of the incident and investigation,

until directed to destroy or discard those notes through shredding destruction, at the request of a supervisor.

FOLLOW-UP INVESTIGATION Follow-up investigation is the process that begins where the preliminary investigation ends. The typical delay between the preliminary and follow-up investigation occurs because reports and data need to be analyzed, and additional information may develop. Follow up is a process of examining the information provided by the preliminary report and proceeding to uncover additional data until the case is solved and a complete understanding of the matter is attained. Obviously, the success of the follow-up investigation is heavily dependent upon the preliminary investigative effort. Without adequate records, evidence, or witnesses, little or nothing can be determined, even if the follow-up investigator is extraordinarily proficient. Follow-up investigations may be completed by the same security professional that performed the preliminary investigation, but in most cases, they are handled by investigative specialists, police detectives, or supervisory personnel. For this reason, close liaison must exist between those who conducted the preliminary investigation and those with follow-up investigative duties.

LIAISON In many, if not most, cases, investigative efforts are undertaken in cooperation with other organizations. A simple example is counterfeiting. The problem is discovered by a teller or cashier who notices a suspect bill of currency. The teller or cashier contacts a manager and/or the security professional on duty. Next, the local police are involved, and, in this example, the counterfeit currency becomes an investigation by the US Secret Service (responsible for investigation of counterfeit money).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

NOTES AND REPORTS

Another example would be an accident in a parking lot. Security professionals and facilities managers would be involved. If there are injuries, local emergency medical services and police are called. In the wake of the accident, there may be an investigation by an insurance company. Many investigations involve more than one organization with different goals; however, the security professional’s goal is to cooperate and to facilitate good communications. In order to be effective, liaison with other organizations must be developed and maintained. Security professionals may find the most important relationships depend on the nature or function of the organization. Those working in a health care environment may become closely connected with emergency medical and paramedic crews, whereas a financial organization may be more involved with external insurance adjusters and investigators. Whenever facility protection is a mission, maintaining effective liaison with local police and infrastructure protection professionals is extremely critical. These relationships may be personal through face to face contact, or they may be through professional organizations such as local ASIS International chapters, or local task forces and educational groups. During the development phase of liaison, it is important for the security professional to understand the role and authority (or lack of authority) that an outside organization has. For example, a government agency conducting an investigation may have a higher need for certain data than would an insurance investigator for a private company, who is investigating a single individual or incident.

NOTES AND REPORTS Notes are the foundation of a report. It is sometimes said that testifying—the last step in the investigative process—begins with note-taking. Without adequate notes on the crucial details, there can be no effective report, follow-up

267

investigation, or testimony. Reports are what make or break investigators. They are the summation of the investigator’s or security professional’s work. Note-taking should be considered a priority throughout the investigation process: • Notes are an aid in remembering key details. • Headings such as the date and the incident number or name of the witness should be placed at the beginning or top of each page so that the notes are organized. • Start each set of notes on a new page. Also, make sure to skip a few lines after each entry so that additional information can be added. • Always have a paper notebook available or something to physically write on. Always have a pen and a spare pen. (Taking notes on a smartphone, digital tablet, or laptop computer may also be appropriate, as long as doing so does not distract from human communication, and as long as the security professional responsibly protects the noted information.) • Verbally summarize, to the witnesses giving statements, what has been written, so that you are sure to get the information correctly recorded. This should always be done at the conclusion of an interview, or it can also be done at various junctures throughout the interview process. • Use abbreviations with caution. Many organizations will have common abbreviations or “short-hand” that all security professionals recognize. Consider what could happen to an important investigation if the security professional was incapacitated or ill, and another investigator needed to read the notations. Would someone else be capable of reading the handwriting and understanding the abbreviations used? • Use rough sketches in notes to pictorially represent incident scenes. Simple hand-drawn figures can aid in making the notes useful later on.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

268

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

• Treat notes as the part of the official record that they are. Start each set of notes on a new page. Number each page. Write in ink and cross out and initial each correction that must be made. Individual organizations have their specific rules and policies regarding notes made by investigating security professionals. These policies may impact the need to keep or destroy notes, along with how those notes should be used.

SURVEILLANCE Surveillance is an essential investigative activity for security professionals. Surveillance can accomplish various objectives: 1. Identify suspects in a crime such as theft, trespassing, or workplace drug use. 2. Record the movements and associations of suspects. 3. Identify patterns of criminal activity or workplace misconduct. 4. Collect information to supplement an investigation. 5. Locate suspects or stolen property. 6. Prevent crimes or other losses from occurring. Once objectives have been identified, the planning process for surveillance can begin. The entire planning process consists of the following steps: 1. Establish the objective of the surveillance. What is the purpose behind the investigation? 2. Reconnaissance (presurveillance) of the area where the surveillance observations will be conducted. Examine the area for routes of entry and exit as well as vantage points from which to observe. Are there alternative locations to observe if original vantage points are blocked or not available? 3. Collect as much information as possible on the background(s) of the subject(s).

Knowledge on the subject being observed can have important bearing on the safety and success of the surveillance. Knowing an accurate description of a person, their car or type of transportation, and any unique clothing can help improve the effectiveness of surveillance. Knowing the person’s habits (such as smoking or walking with a limp) or potential for danger (whether they carry weapons or have a criminal history of violence) is also critical. 4. Calculate the personnel requirements. Often a minimum of two people will be needed if the surveillance lasts for any appreciable period of time or if there is danger present. In many circumstances, there might not be the budget or availability for two or more people to work together on surveillance, so options and alternatives may include the use of specialized equipment or techniques that can minimize the risk of danger. 5. Establish communication. Cell phones and radios are essential tools. A laptop or tablet device might also be useful if surveillance personnel are also observing footage from external or remote camera systems. Privacy and continuity of communication are essential, so the presurveillance work must also address any potential for dead spots in communication by cell phones, and also avoid the use of Wi-Fi hot spots that could allow others to intercept communications. 6. Calculate equipment needs. Equipment may consist of binoculars, digital cameras and camcorders, extra batteries and memory cards, power inverters and chargers, logbook, notebook or report forms, hidden cameras, unmarked surveillance vehicles, and disguises such as hats, coats, and glasses. If surveillance is by vehicle, then additional preparations should be made to see that the vehicle is correctly fitted too.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

TESTIFYING IN LEGAL AND ADMINISTRATIVE PROCEEDINGS

If surveillance operations are planned properly, the chances for success are much higher. As the costs of initiating surveillance activities are high, it certainly challenges the investigator to carefully scrutinize all aspects of the operation before wasting precious time and money. Special attention must be devoted to communications and the response to incidents. Investigators must decide what may occur and how they will react to it. Specifically, there is the risk that surveillance will be discovered and the reaction/response by subjects is difficult to predict. With this in mind, the needs of personnel, equipment and countermeasures can be addressed logically. When recording surveillance activity via any means, there are important legal considerations that the investigator must be aware of. It is always best to consult with a supervisor or experienced investigator before undertaking a surveillance investigation. While laws generally allow for persons who are in public view to be legally surveilled, there are areas where expectations of privacy exist and where surveillance should never be undertaken. Restrooms, locker rooms, and private residences are a few examples where privacy laws could be violated and the investigator could be found in legal or criminal trouble if any recording occurred in these areas. Unions or facilities operating under an organized labor contract may have prohibitions against any recording of employees under any circumstance. While the existence of these contractual prohibitions may frustrate the goals of a workplace investigation and surveillance, these conditions must still be honored and if possible another type of investigation strategy should be considered. The recording of audio, such as conversations and sound on video recordings, may also be protected by law. These restrictions are not consistent between states and nations, and therefore the investigator must know the law that is specific to the location where the surveillance is

269

set to occur. Some US states have a “2-party” notification law which means recording of conversations is only legal if both parties know they are being recorded and give consent. Other states are “1-party” meaning that if one person knows the conversation is being recorded, then the recording of conversations is permissible. For a surveillance investigator who might be observing drug distribution between two persons behind a delivery truck in a warehouse parking lot, the recording of the conversation would only be legal if one or both suspects knew about the recording, as the investigator does not count as the knowing party whenever it’s a hidden surveillance situation.

TESTIFYING IN LEGAL AND ADMINISTRATIVE PROCEEDINGS Once a case has been investigated, it may become necessary to present findings in a court, disciplinary hearing, or labor arbitration. Security professionals are also called upon to give testimony at depositions in civil suits. Attorneys for insurance companies do frequently conduct depositions or questioning, known as examination under oath. In many cases, the security professional may testify in several different courts as the case progresses. Each of these proceedings has a different format and takes place in a different environment, but all require providing factual and consistent information in a professional manner. Here are some things to bear in mind when testifying in court: 1. Always be positive and tell the truth. Project a positive, affirmative image. Show appropriate emotion and expression for the situation. Being polite and friendly does not project weakness or unprofessionalism. Some have said that it is important to be likable but not memorable.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

270

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

2. Be neatly groomed, with clean and conservative or basic style clothing. Business formal attire is appropriate for court testimony. The business-like atmosphere of a courtroom or legal proceeding means that some security professionals may need to dress differently than they would in their organization’s workplace. In many instances, a uniform may be inappropriate. Likewise, the clothing or attire one might wear to a formal occasion such as a wedding, funeral, worship service, or celebration (tuxedo or evening gown) might be too fancy and pose a distraction that would cause others to look down on the security professional. Conservative or basic business style clothing that is generally acceptable in a courtroom would include a white colored shirt, solid dark colored necktie (men), a dark colored jacket and matching pants, or a business suit. Cultural expectations may also impact what is appropriate in a courtroom; however, if there is any question the security professional should be sure to address this issue well in advance. 3. Posture is important when giving testimony. If there is a microphone, pull the microphone close to your mouth so you can be heard comfortably over the room speakers. Often a judge or other official will assist you early on with the adjustment of the microphone. Once the microphone is adjusted, remain seated calmly and maintain an erect posture with shoulders and head comfortably positioned. 4. Project your voice. Maintain eye contact with persons asking questions and then consider looking at the judge or jury when giving an answer. Project your voice to the person farthest from you. This will ensure that you are heard by everyone who needs to hear you. 5. Answer “yes” or “no” to questions posed by counsel or the judge. Don’t clarify or elaborate on your answers unless it is necessary to do so. If you must clarify a point, choose your words carefully and know what

6.

7.

8.

9.

you’re going to say before you open your mouth. Prior to the proceeding, consider what questions may be asked and think reasonably about what your answers might be. Prepare for the case before the trial. Any reports or evidence presented must be carefully prepared and reviewed prior to court. Consult counsel about the case beforehand to ensure that preparation is adequate. Find out if counsel has any questions about your reports, or about your background and experience as an investigator. If you have never testified before, it is a good time to speak with the attorney or counselor who represents you and ask them for tips on remaining calm. Any notes or reports taken to the stand may be examined by the opposing attorney. Be critical of and careful with notes for this reason. Don’t simply read from notes; consult them only if necessary. Don’t take something onto the witness stand that could cause embarrassment and a loss of credibility. Only professional information should be in an officer’s notebook and for this reason, security professionals are encouraged to know their organization’s policy on notes, as well as some generally accepted guidelines on maintaining professional notes and keeping personal thoughts, doodles, and lists separate from case notes at all times. Avoid any show of arrogance, bad attitude, bias, sarcasm, conceit, or disgust. Be objective and unemotional. Don’t try to speak in a different jargon or use words that are only meaningful in your world view as a security professional. Don’t use words like “perp” or “felon” when describing an accused criminal, and if possible, refer to parties by their last names, such as “Mr. Smith” or “Ms. Jones.” Never try to argue with an attorney or a judge. Be polite and professional and apologize if there is a misunderstanding. If you don’t understand a question or can’t hear clearly, please ask that the question is

II. PRACTICAL AND OPERATIONAL APPLICATIONS

271

CONCLUSION

rephrased and don’t try to provide an answer that you think others want to hear. If you don’t know, you should say you don’t know. Never lie or exaggerate.

but also the privacy of that organization’s employees, customers, and patrons.

CONCLUSION EMERGING TRENDS The RAND Corporation, a nonprofit organization focused on research and analysis to improve public policy, has identified data security and particularly financial data (credit and debit cards, account numbers, and customer identity) as some of the greatest emerging risks to business organizations. As with the prevalence of digital devices and the online, internet accessibility of our lives, modern and future security professionals will need to be capable of using a wide range of digital systems. Access control, video security, unmanned automated surveillance systems, social network analysis, and cyber security systems have become present-day expectations for the security professional’s toolbox. This trend is not likely to disappear. Along those lines, the importance of social media as a source of investigation cannot beunderstated. Evidence of workplace violence, cyberbullying, fraud and workplace misconduct is increasingly migrating to the digital world of websites and mobile phone applications(apps). Security professionals should be aware that former methods of signing into a building have been replaced with scanning of photo identification, limiting access to areas, and placing more emphasis on security escorts for guests and visitors at a facility. As the digital security practices of facilities and organizations improve, the criminal or person aiming to commit fraud has blended “old school” techniques of physical social contact, spying, committing burglary and trespass, and even “dumpster diving” to obtain any information possible against a target organization. Security professionals have not only an obligation to protect their organization

Investigation and security protective services are interrelated functions. Neither can exist in any real sense without the other. A security professional serves as a multifaceted agent for security risk management of an organization. The security professional responsible for investigation of an incident, workplace misconduct, or compliance issue is tasked with collecting and reporting all manner of information on potentially related loss-causing conditions. Contemporary concerns that are a priority for most organizations, focus on prevention of terrorist attacks, intervention of workplace violence risks, and prevention of injuries and loss through drug distribution in the workplace. The abundance of privacy, environmental, and safety regulations also burdens organizations with regulatory compliance issues which will frequently involve security professionals with investigations. In most cases, security professionals are involved in performing preliminary investigations. As the preliminary investigation is the most important phase of the investigative process, it is essential that it is conducted properly. This ensures that both security management, leadership, and public law enforcement agencies can uncover facts during follow-up investigation that are necessary for the completion of their respective goals. Proficiency and future growth and development in investigation depend on a mastery of the basic skills. Security professionals must master interviewing techniques and be competent in human communication, note-taking, and report writing. Efforts must also extend to testifying in legal and quasi-legal or administrative proceedings. Effective oral communication skills are a necessity if cases are to be presented effectively not only in court but to leaders and in liaison with outside agencies and investigators.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

272

23. INVESTIGATION: CONCEPTS AND PRACTICES FOR SECURITY PROFESSIONALS

References Harper, D. (2010). Investigation j Origin and meaning of investigation by Online Etymology Dictionary. Retrieved June 2, 2019, from https://www.etymonline.com/word/ investigation#etymonline_v_1219. Knoke, M. E. (2010). Professional investigator’s manual. Alexandria. VA: ASIS International.

Resources ASIS International. (n.d.). Professional Certified Investigator (PCI). Retrieved September 20, 2019, from https://www.asisonline.org/certification/professionalcertified-investigator-pci/. Association of Certified Fraud Examiners. (n.d.). Becoming a Certified Fraud Examiner (CFE). Retrieved September 20, 2019, from https://www.acfe.com/member-becoming-acfe.aspx.

Bennett, W., & Hess, K. (2006). Criminal investigation. Belmont, CA: Wadsworth. Butterworth-Heinemann, https://www.elsevier.com/ search-results?query=Investigation&labels=all&page=1. Hollywood, J. S., Woods, D., Lauland, A., Jackson, B. A., Silberglitt, R. (2018). Emerging technology trends and their impact on criminal justice. Santa Monica, CA: RAND Corporation. Retrieved June 3, 2019, from https://www. rand.org/pubs/research_briefs/RB9996.html. Fennelly, L., & Perry, M. (2018). Investigations: 150 Things you should know about security (2nd ed.). Cambridge, MA: Butterworth-Heinemann. International Foundation for Protection Officers: www.ifpo. org. The Loss Prevention Foundation (LPF): http://www. losspreventionfoundation.org/. John E. Reid and Associates: www.reid.com.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

A P P E N D I X

23A ASIS International: Investigator Certification

PROFESSIONAL CERTIFIED INVESTIGATOR (PCI)

PCI ELIGIBILITY REQUIREMENTS Work Experience

The Professional Certified Investigator (PCI) credential (ASIS International, n.d.) provides demonstrable proof of knowledge and experience in case management, evidence collection, preparation of reports, and testimony to substantiate findings, and is applicable to a wide range of specialized investigations, including: • • • • • • • • • • • • •

Arson Child abuse Forensics Gaming Healthcare fraud High-tech crime Insurance fraud Loss prevention Narcotics Property and casualty Threat assessment White collar crime Workplace violence

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00052-3

• Five years of investigations experience, including at least 2 years in case management AND Education • A high school diploma or GED equivalent AND • Be employed full time in a securityrelated role • Not have been convicted of any criminal offense that would reflect negatively on the security profession, ASIS, or the certification program • Sign and agree to abide by the ASIS Certification Code of Conduct (ASIS International, n.d.-a) • Agree to abide by the policies of the ASIS Certification programs as outlined in the Certification Handbook (ASIS International, n.d.-b) OR

273

# 2020 Elsevier Inc. All rights reserved.

274

APPENDIX 23A. ASIS INTERNATIONAL: INVESTIGATOR CERTIFICATION

• Hold the APP (Associate Protection Professional) designation and have 4 years of investigations experience, including at least 2 years in case management Earning a PCI designation provides independent confirmation of specialized skills in security investigations, including case evaluation and review of options for case management strategies. It validates the PCI’s ability to collect information through the effective use of surveillance, interviews, and interrogations.

References

ASIS. (n.d.-a). Certification Code of Professional Responsibility. Retrieved September 26, 2019, from: https:// www.asisonline.org/certification/professional-code-ofconduct/. ASIS. (n.d.-b). International Certification Handbook. Retrieved September 26, 2019, from: https://www. asisonline.org/globalassets/certification/documents/ certification-handbook_final.pdf.

Further Reading Rose, J. D., & Ferraro, E. F. (2019). ASIS Professional Certified Investigator (PCI) Study Guide (The). Retrieved from: (2019). https://www.asisonline.org/publications/asisprofessional-certified-investigator-pci-study-guide-the/.

ASIS International. (n.d.). PCI (Professional Certified Investigator). Retrieved September 26, 2019, from: https:// www.asisonline.org/certification/professional-certifiedinvestigator-pci/.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

24 Interviewing and Statements Dennis Shepp O U T L I N E Introduction

275

Concluding the Interview

280

What Is Interviewing?

275

Emerging Trends

280

The Power of Communication

276

Conclusion

280

The Interview Process

278

References

280

Deception

279

Resources

281

It is the investigator’s duty to conduct interviews and obtain statements. However, the protection officer will often be in a situation where persons will speak to him/her and reveal information that is important to the incident or crime. While performing duties to protect the scene, the officer will interact with the victim, suspect, and potential witnesses. It is therefore important that a protection officer understands the importance of statements, whether written or verbal, and how to properly conduct oneself when engaged in an interview while obtaining information or a statement.

CHAPTER OBJECTIVES • Explain the process of interviewing witnesses, victims, and suspects • Provide examples of verbal and nonverbal behavior • List six recommendations for establishing rapport as a listener • List five steps for conducting a successful interview

INTRODUCTION When an incident or crime occurs, the responding protection officer is expected to protect the scene until investigators arrive to take over the investigation. The investigator can be from law enforcement or from the organization interested in the incident. The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00024-9

WHAT IS INTERVIEWING? Interviews are part of the investigative process. An investigation is a systematic and thorough examination or inquiry into something or someone that involves the collection of facts

275

# 2020 Elsevier Inc. All rights reserved.

276

24. INTERVIEWING AND STATEMENTS

and information and the recording of that examination in a report (ASIS International, 2006). Investigations can involve the police or private security regarding administrative incidents (policy and/or procedural infractions) and/or criminal matters. (Investigations are examined in more detail in Chapter 31.) Interviews will review information that will often be vital to the investigation of an incident or crime. The most effective tool for gathering information about an incident is interviewing people (ASIS International, 2006). Therefore, any information gained from an interview, typically in the form of statements, will be considered evidence. This may form a type of evidence known as testimonial evidence or, if involving a written statement, documented evidence. The detailed explanation of types of evidence is not important at this stage; what is important for the protection officer is to understand that interviewing someone, even if it appears casual and unofficial, will produce a statement, either verbal or written, and this statement could become important evidence. That is why it is important to understand the procedures that should be followed when interviewing someone and obtaining their statement. What is the difference between an interview and an interrogation? Typically, interviews involve witnesses or victims and an interrogation is an interview of a suspect. The goal of an interrogation is not only to seek the facts of what happened but also obtain a confession. It is not likely that a protection officer will be required to conduct an interrogation as part of their duties and only trained investigators skilled in the techniques of interviewing should conduct interrogations. Trained interviewers and interrogators spend years learning and practicing to become skilled in this art and science. Understanding people is another important aspect of interviews and statements. Many studies have been conducted on human behavior and crime. Investigators have learned from the research about how to effectively interact

with individuals to facilitate useful communications which in turn can produce valuable information for the investigation. The protection officer can also benefit from understanding human behavior.

THE POWER OF COMMUNICATION Interviewing someone involves communication in two ways: 1. Verbal communication 2. Nonverbal communication Verbal communication is the most commonly understood form of interview and statement. The interviewer speaks and the interviewee responds, or vice versa. This seems simple; however, in many situations the interviewer seeks to obtain information from people who are reluctant to speak or cooperate. This is where some insight into human behavior and psychology helps the interviewer. Research has shown that people form their basic impressions of one another during the first few minutes of an interview (Quinn & Zunin, 1972). Therefore, it is very important for the interviewer to always think about how they are presenting themselves to the other person. If the officer does not initially conduct himself or herself in a professional manner, this may create a negative relationship with the interviewee. A negative mood will be counterproductive in an interview. The interviewer needs to be an active listener or someone who the interviewee would want to talk with. To do this, the interviewer needs to develop rapport or a relationship with the interviewee. This means the interviewer will attempt to establish a bond between them that is a connection in which the interviewee perceives the interviewer to be a caring, impartial, and concerned individual. Here are some recommendations: 1. Be empathetic—show the person you understand and care about how they feel. This helps the interviewee accept and feel

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE POWER OF COMMUNICATION

2.

3.

4.

5.

6.

comfortable with you and will facilitate open and honest communication. Eliminate your prejudices—try to detach yourself from any personal prejudices or bias you may have against the interviewees: • Actions—detach yourself from what the accused may have done, no matter how bad it was. • Race—do not discriminate against the person based on race or ancestry. • History—show the person that you are not prejudging based on past history. Try to be nonjudgmental and do not place immediate blame. Be patient—show the person you can wait to listen and understand their story of what happened and why. Showing patience is a sign of a very good listener, and is a sign to the interviewee of tolerance, acceptance, and understanding. Reflect feedback—repeat back to the interviewee statements, facts, and comments they have related. The interviewer acts like a “mirror,” reflecting back to the interviewee their words, feelings, and attitudes, showing to them you are listening and care about what they say (Nirenberg, 1988). Do not interrupt—it is rude to interrupt, just like in any communication or conversation, so do not interrupt the interviewee when they are relating their story to you. Allow them to finish what they are saying. Concentrate—interviewing someone requires complete concentration on what they are saying and how they are saying it. Concentration can best be equated to playing a game of chess—the interviewer not only needs to concentrate on what is currently being said, but also must think ahead to anticipate what the interviewee might (or should) say.

Why would concentration be important and matter when the interviewee is telling the story and relating the facts as they know it? This is because the interviewee will sometimes not tell the truth and will attempt to deceive the

277

interviewer, for a variety of reasons. This is why the interviewer needs to concentrate on what is said and follow the story and attempt to detect deception. Detecting deception is explained in more detail later. Nonverbal communication is a type of communication between persons that involves written statements (discussed later) and bodily movements which are considered a form of communication. This is important for an interviewer to understand because how people (this includes the interviewer too) project themselves can reveal significant information about their state of mind. For example, when an interviewee shows by their nervous voice tone, shaking hands, and darting eyes that they are anxious and afraid, this should be recognized by the interviewer and an attempt made to try to calm the interviewee and make them feel more relaxed. This helps toward developing rapport between the interviewer and the interviewee. Additionally, changes in behavior and body movements can indicate stress. Stress is an important indicator for an interviewer. This can be the stress of the interview itself or from a specific and directed question such as “Did you take the money?” A guilty person may show signs of “fight or flight syndrome.” Fight or flight is an instinctual phenomenon, based on when humans relied on this instinct to help them either run from danger (flight) or face it (fight). It actually is a manifestation of bodily reactions to stress that humans will experience even nowadays when confronted with stress. Asking a question that may compel the interviewee to lie will often cause this type of stress. A well-trained interviewer can act as a human polygraph (lie detector) when someone attempts to deceive by telling a lie or not revealing information. Many of these telltale signals come from nonverbal and verbal responses to stress and are evident in clusters of observed body movements and reactions. As mentioned, it can take many years of training and experience for a skilled interviewer to recognize these signals of deception and further specialized training is

II. PRACTICAL AND OPERATIONAL APPLICATIONS

278

24. INTERVIEWING AND STATEMENTS

recommended before anyone attempts to seek or analyze verbal and nonverbal behavior in an interview. Nonetheless, here are some examples of verbal and nonverbal behavior when subjected to stress: 1. Changes in voice and speech patterns, such as changes in the types of words used. 2. Changes in the rate and volume of speech (louder, softer, faster, or slower). Tension will often cause speech to become more rapid and stammered, sometimes two to three times the normal speed. 3. Burst of anger (threats to sue you, complaints of how the interviewee has been handled, comments about your incompetence). 4. Pausing, stalling, or delaying tactics (the interviewee suddenly needs to leave for an appointment, long pauses to try to think of an answer, changing the topic in an attempt to delay the interview, suddenly wants a lawyer). 5. Nervous or false laughter (this is a form of energy release when someone is under stress). 6. Sudden shifts in body movement not previously displayed by the interviewee during the interview (e.g., shifting body position, pacing, jumping out of chair, waving hands and arms, shaking, kicking legs and feet, coughing, and yawning). These are also forms of energy release when someone is feeling stressed. It is vital for the protection officer to understand that nonverbal indicators need to be analyzed by a trained investigator and interviewer. It is important to understand as a protection officer (interviewer) you will outwardly display your feelings by how you present yourself. Therefore, be careful and aware about how you may appear to the interviewee.

THE INTERVIEW PROCESS Here are some steps to consider when preparing to conduct an interview:

1. Prepare yourself, physically and mentally. • Examine your appearance—how do you look to the interviewee? Are you professional in appearance? Are you showing the right attitude to conduct the interview? • Are you mentally prepared? Can you focus on the interview? Do you appear confident and prepared? 2. If possible, try to use a suitable location for the interview. • There can be many distractions when interviewing someone, especially if the interview occurs at the scene of the incident. • Try to find a quiet and private place to conduct the interview, away from potential distractions. • Avoid interviewing anyone in the presence of other witnesses—their testimony or account of observations can be tainted if they listen to another witness’s account. 3. Ask open-ended questions. • Avoid closed-ended questions that will typically require a simple “yes” or “no” response. • Open-ended questions are the type that prompt longer answers and compel the interviewee to provide a narrative response. For example: – “Please tell me everything that happened.” – “In detail, can you please explain what occurred here today?” – “Please describe everything you saw regarding what happened here.” 4. Record the interview. • The most common method is to write detailed notes of what the person says. • If possible, and the local legal system permits, record audio or video of the interview—this is the best method of maintaining an accurate account of what exactly is stated.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

279

DECEPTION

• When taking a statement, the best method is to obtain a “pure version” statement. • Pure version statements allow the interviewee to provide their version of an account in a narrative format without any prompting from the interviewer other than a request, similar to: “Please write in detail everything that happened from the time you left your house to the time the police arrived at the scene.” • If the person responds with “What exactly do you want me to say?” the protection officer’s response should be “Please explain in as much detail as possible everything that happened from the time you left your house to the time the police arrived at the scene.” • The pure version statement remains the best method to obtain the interviewee’s account of what happened. This statement becomes the basis for further questions that can be asked by the investigator to complete a detailed account of what occurred. • Be careful what questions you ask. It is part of the psychology of interviewing that an interviewer needs to consider the questions they ask an interviewee—the famed investigator, Avinoam Sapir, who discovered through his extensive research the process known as “Statement Analysis,” has aptly said: “Specific questions are not designed to obtain information. Specific questions are designed to detect deception. The most serious disadvantage of questions is that one can ask only about what is already known. What is not known would not be explored and therefore would remain unknown.” It is also from an interviewer’s questions that an interviewee can learn how much the interviewer already knows (or doesn’t know) about the incident. 5. Remember the elements for useful statements (Sennewald & Tsukayama, 2006):

• Identify who wrote the statement (interviewee’s name and identification information). • Date, time, and location of the interview. • Indicate if the statement is voluntary. • Signed by the interviewee. Other guidelines for written statements (Sennewald & Tsukayama, 2006): 1. Use lined paper and write margin to margin. 2. The text should flow into additional pages (if necessary). 3. If corrections are required, draw a line through the sentence or word and sign your initials on the change. 4. Sign your initials next to the last word on a page and where the page number is written: (e.g., “Page 1 of 3” INITIALS). 5. Ensure the interviewee understands what is written (if the statement is written for them)—have the interviewee read back what is written. 6. Include a sentence acknowledging the statement is voluntary, without the influence of drugs or alcohol, and is the account of the interviewee.

DECEPTION There may be times where the interviewee may provide inaccurate information or may try to deceive the interviewer. Deception can take additional forms other than what some may immediately think is a lie or untruthful statement. Sometimes deception is avoiding facts that are known by the interviewee or changing the account of how something happened. It is not only a suspect who may try to deceive; witnesses and victims may often avoid facts for various reasons. Detecting deception from an interviewee and knowing how to react properly while continuing the interview requires an investigator’s skill. These skills will develop from training and experience. This is where the interviewer becomes a “human polygraph” and is able to react in an

II. PRACTICAL AND OPERATIONAL APPLICATIONS

280

24. INTERVIEWING AND STATEMENTS

appropriate manner. The best practice for the protection officer facing a deceptive interviewee is to make detailed notes of the statements made by the person and have them commit to the statement in writing and under their signature. This written statement can be used quite effectively by a skilled investigator during a subsequent interview.

CONCLUDING THE INTERVIEW When the protection officer concludes the interview he or she should make detailed notes of the following: 1. Name of the interviewee 2. Contact details (residence and employment): • Telephone numbers (mobile, work, residence, other) • E-mail addresses (work, residence, other) • Addresses (work, residence, other) 3. Identification (date of birth, ID number, passport, etc.) 4. A brief account of the interviewee’s involvement in the incident (witness, victim, suspect, or person of interest) The protection officer should continue with a professional demeanor when dealing with witnesses, victims, and persons of interest. Notwithstanding the fact that an interviewee may have confessed to a crime or committing a breach of organizational policy, he/she should still be treated with respect and dignity. This behavior will benefit the officer in the long term.

EMERGING TRENDS Although the process of interviewing has been around for centuries, the methods have and will continue to evolve considerably. Statement analysis is a relatively new science as applied to investigations, but it illustrates that the process of investigative interviews will constantly evolve and improve.

What seems most interesting are the improvements mainly involving learning more about linguistics and human psychology and applying refined or new techniques to better interpret communications. Humankind has not been investing in new gadgets or technology to do this; rather, it has been improving traditional methods such as verbal interviews, nonverbal kinetics, and written statements. We will continue to learn more about human behavior and how to apply our understanding toward seeking truth from communications. Technology will also improve and will likely provide more tools to investigators in their pursuit of the facts.

CONCLUSION The protection officer will undoubtedly become involved in an incident where he or she will be required to conduct an interview. It is highly recommended that further training be obtained from recognized training organizations such as John E. Reid & Associates Inc., Laboratory for Scientific Investigation, and other internationally recognized groups. Proper training in the knowledge and skills needed to manage effective interviews is essential. Any time the protection officer is faced with a situation in which the interview may require these skills, the officer should seek assistance from a professional investigator qualified to conduct interviews.

References ASIS International. (2006). Protection of assets manual. Chapter 1, Part 1 (p. 8). Alexandria, VA. Nirenberg, J. (1988). Getting through to people. Englewood Cliffs, NJ: Prentice Hall. Quinn, L., & Zunin, N. (1972). Contact: The first four minutes. New York, NY: Ballantine Books, Inc. Sennewald, C., & Tsukayama, J. (2006). The process of investigation: Concepts and strategies for investigations in the workplace (3rd ed.). Elsevier/Butterworth-Heinemann.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

RESOURCES

Resources Gordon, N. J., & Fleisher, W. L. (2006). Effective interviewing: Interrogation techniques (2nd ed.). Academic Press. Reid technique: Interviewing and interrogation. (2005). 2-CD-ROM Training Collection, http://www.reid.com/ store2/detail.html?sku5cd-rtiivs/.

281

Yeschke, C. (2014). The art of investigative interviewing (3rd ed.). Butterworth-Heinemann. Zulawski, D. E., & Wicklander, D. E. (2002). Practical aspects of interviewing and interrogation (2nd ed.). CRC Press.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

25 Crowd Management and Special Event Planning Patrick C. Bishop, Terence M. Gibbs, Jennifer Lantz O U T L I N E Introduction

284

Definitions

284

Formation of Crowds

284

Causes of Crowd Formations

285

Psychological Factors

285

Types of Crowds

286

Crowd Actions and Suggested Countermeasures

287

When Verbalization Doesn’t Work

289

Security and Demonstrations

289

Formation of a Mob

289

Responsibility and Behavior of Protective Groups

290

Planning Considerations

290

Personal Behavior

291

Riot Control Force Deployment Procedures

291

Crowd Management Assessment

291

Alcohol Serving Considerations

292

Emerging Trends

293

References

293

Resources

293

Further Reading

293

• Define basic terms

• Planning strategies, personal behaviors, and responsibilities for crowd management and control

• Explain causes of crowd formation

• Explore riot-control formations

• Identify different types of crowds

• Crowd-management assessment

• List steps to take when controlling a crowd

• Alcohol serving considerations

CHAPTER OBJECTIVES

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00025-0

283

# 2020 Elsevier Inc. All rights reserved.

284

25. CROWD MANAGEMENT AND SPECIAL EVENT PLANNING

INTRODUCTION Whenever people gather together in large numbers such as at athletic events, parades, strikes, peaceful demonstrations, protest rallies, and so on, there exists a potential for mass discord. When disturbances do occur, it becomes the responsibility of the police, and in some instances, the responsibility of security forces, to restore order. Once a crowd has gotten out of control, whether through inadequate supervision or despite the best efforts by security personnel to prevent its deterioration, the task of restoring any semblance of order, protecting life and property, and the eventual dispersal of the crowd or mob is a tremendous one. It is important, therefore, that police and security forces be able to quickly determine if a gathering will become uncontrollable and take immediate steps to prevent disorder. The only way this can be successfully accomplished is for all crowd-management personnel to have a good understanding of the types of crowd formations they are likely to encounter. Also, these personnel should note the different responsibilities of security officers, police, and riot-control forces.

DEFINITIONS 1. Crowd—A concentration of people whose presence or anticipated behavior is such that it requires police action for the maintenance of order. 2. Demonstration—A crowd that is exhibiting sympathy for or against authority, or some political, economic, or social condition. 3. Disaster—Any extreme or catastrophic condition that imperils or results in the loss of life and/or property. 4. Picket line—A demonstration in which several people walk about in a public space, carrying signs that show their displeasure with a business or government policy. Often associated with strikes, picket lines are

5. 6.

7.

8.

usually legal in the United States, as long as the picketers keep moving and do not attempt to harass or interfere with others in any way. Rally—A gathering of people to show support for a common cause. Riot—A breach of the peace committed to violence by three or more persons, in furtherance of a common cause to protest or disrupt some enterprise, venging action against anyone who may oppose them. Sit-down strike—A form of a strike in which the workers refuse both to work and to leave the workplace. This makes it impossible for the employer to bring in others to do the strikers’ jobs. Sit-down strikes are illegal in the United States. Strike—A work action in which employees withhold their labor in order to put pressure on their employer to agree to employee demands.

FORMATION OF CROWDS A crowd may exist as a casual or temporary assembly having no cohesive group behavior. It may consist of curious onlookers at a construction site, spectators at the scene of a fatal accident, or curious citizens who are attracted to a soapbox orator. Such a crowd has a common interest for only a short time. It has no organization, no unity of purpose beyond mere curiosity, and its members come and go. Such a group will normally respond without resentment to the urgings of police or security to “stand back,” “move on,” or “keep moving.” There is no emotional unity and they offer little concern. However, even in this most ordinary and routine situation, the person in authority who is lacking in good judgment and discretion may meet with resistance. Derogatory remarks, unnecessary shoving and the like cause immediate resentment in people and become selfdefeating. Impartiality, courtesy, and fair play hold the key to any situation involving people.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PSYCHOLOGICAL FACTORS

When you instruct a crowd to “move on,” it must mean everyone. If you make exceptions and allow some people to remain, strong objections may be raised. This glaring partiality may cause some people to defy you. Incidents such as these can rapidly change crowd attitudes and, if nothing else, impart a very poor impression of the officer. A crowd may also assemble for a deliberate purpose—spectators at a football game or a rally of some sort—or it may be disgruntled citizens willing to be led into lawlessness if their demands are not met. Members of these crowds have little dependence on each other, but they do have a unity of purpose; they are drawn together to share a common experience. If outside influences interfere with their purpose or enjoyment, it is possible for some individuals in the group to become unruly and aggressive. There are numerous instances of riots occurring during, or immediately following, a sporting event or rally in which emotions run high.

CAUSES OF CROWD FORMATIONS 1. Basic cause—The basic reason for the formation of any crowd is the occurrence of an event that is of common interest to each individual. The nature of the crowd is largely governed by the nature of the event. 2. Casual causes—A large and comparatively orderly “casual crowd” may gather in a shopping area or at a sporting event. This casually formed crowd is characterized by the fact that its members think and act as individuals. There is an absence of cohesion or organization. This type of crowd is easily controlled in its formative stages, but it may develop otherwise if the event becomes alarming, or if something occurs which causes severe emotional upset to its members. 3. Emotional causes—Crowds that are formed due to events that incite the emotions of the

285

members are almost invariably unruly and troublesome simply because emotion makes them blind to reason. The following are the most frequently encountered emotional causes: a) Social—Crowd disturbances resulting from racial or religious differences, or excitement stemming from a celebration, sports, or other similar event. b) Political—A common political cause may result in attempts by large groups to gain political power or settle political disputes by other than lawful means. c) Economic—Economic causes of disturbances arise from conditions such as disagreements between labor and management, or from such extreme conditions of poverty that people resort to violence to obtain the necessities of life. d) Absence of authority—Absence of authority, or the failure of authorities to carry out their responsibilities, may cause people to believe they can violate the law with impunity. e) Disaster—Disaster conditions may result in violent emotional disturbances among people in the area due to fear, hunger, loss of shelter, or injury and death of loved ones.

PSYCHOLOGICAL FACTORS In addition to the factors that cause crowds to form and turn peaceful groups into disorderly mobs, it is important that people dealing with crowds understand that a small crowd often attracts a great many initially disinterested people, thereby rapidly increasing its size; this snowballing effect is caused by certain psychological factors: 1. Security—Certain individuals may be attracted to a crowd due to the feeling of security and safety it provides while

II. PRACTICAL AND OPERATIONAL APPLICATIONS

286

2.

3.

4.

5.

25. CROWD MANAGEMENT AND SPECIAL EVENT PLANNING

associating with large numbers. This situation is most likely to arise during periods of civil unrest where large gangs are roaming the streets, looting and threatening the safety and peaceful existence of the citizens who become fearful for their well-being and join with the gang for the security it may afford them. Suggestion—Persons joining a crowd tend to accept the ideas of a dominant member without realization or conscious objection. If the dominant member is sufficiently forceful with their words and ideas, they may be able to sway the good judgment and commonsense reasoning of those about them. There is a tendency to accept even the wildest of ideas; thus, they transform the susceptible into unthinking followers. Novelty—An individual may join a crowd as a welcome break in one’s normal routine and, through persuasion and suggestion, react enthusiastically to what they consider proper form under these new circumstances. Loss of identity—Similar to the “security” factor, the individual tends to lose selfconsciousness and identity in a crowd. Consequently, one may feel safe from detection or punishment for any participation in wrongdoing. Release of emotions—The prejudices and unsatisfied desires of the individual that are normally held in restraint may be released in an emotional crowd. This temporary release of emotions is a strong incentive to an individual to participate in the activities of the crowd. It provides the opportunity to do things he or she has been inwardly desirous of doing but hitherto has not dared.

TYPES OF CROWDS The behavior of crowds varies widely depending on the motivational interest. Crowds are classified in accordance with their behavior

patterns and it is essential that any security measures are based on recognition and understanding of the type of crowd the security personnel must deal with. The following list is representative of most of the crowd types security may encounter in North America: 1. Acquisitive—The members of an acquisitive crowd are motivated by the desire to get something. They are best illustrated by a crowd of shoppers seeking items in short supply or at an auction sale. They have no leaders, little in common, and each member is concerned with his or her own interest. 2. Expressive—In this type of crowd, the members gather to express their feelings such as at a convention or political rally. The expressive crowd is usually well behaved; however, some persons in it may feel that slight disorders and unscheduled demonstrations should be condoned by the officials. When they are thwarted or restrained, resentment occurs, and their otherwise cheerful enthusiasm may be replaced by hostility. 3. Spectator—This crowd gathers to watch out of interest, curiosity, instruction, or entertainment. It is typically well behaved and good humored initially; nevertheless, since spectator sporting events, parades, and similar venues tend to stir the emotions rapidly, this type of crowd can quickly become unruly and violent. 4. Hostile—Crowds of this nature are generally motivated by feelings of hate and fear to the extent they are prepared to fight for what they want. The most prominent types are strikes, political demonstrations, and hoodlums or rival mobs. Hostile crowds may have leaders who direct and maintain a high degree of hostility in their followers, but not always. 5. Escape—An escape crowd is one that is attempting to flee from something it fears. It is leaderless and completely disorganized, but it is homogeneous in that each person is

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CROWD ACTIONS AND SUGGESTED COUNTERMEASURES

motivated by the same desire, which is to escape. Once an escape crowd reaches safety, it will lose its homogeneity and its members must then be handled as refugees.

CROWD ACTIONS AND SUGGESTED COUNTERMEASURES The majority of crowds do not, as a rule, resort to violence; however, any crowd is potentially dangerous or, at the least, potentially aggressive. The mood of a peaceful crowd—that is, acquisitive, spectator, or expressive—may change quickly to that of a hostile or escape crowd. Since most concern is caused by a hostile crowd, as compared to the other types mentioned, a more thorough study is presented here. A hostile crowd is usually noisy and threatening, and its individual members may harass security personnel. Generally lacking organization and leadership in its early stages, this type of crowd will hesitate to participate in planned lawlessness. However, it may provide the seedbed for “mob action” when it is aroused by the more forceful persons who assume leadership. It may also be triggered into violence by the undesirable actions of security personnel. Aroused crowds will often vent their resentment and hostility on those assigned to maintain order. In an attempt to discredit authorities, some individuals may try to bait security officers into committing errors of judgment or displays of unnecessary force. They may further incite crowd members to commit acts of lawlessness or oppose security’s efforts to regain control. Such crowd actions are usually directed toward one or two individual officers in the nature of taunts, obscene language, and other minor annoyances. Verbal abuse must be ignored, no matter how aggressive it may become. By contrast, immediate action must be taken to isolate, control, and remove those who assault security personnel, throw rocks or other missiles at them, or attempt in any way to interfere with them.

287

In controlling a hostile crowd, sufficient manpower is basic to your success. If it appears that a peaceful demonstration or other large crowd gathering is showing hostile tendencies, do not hesitate to report and call for immediate assistance. This does not, however, mean you may or should resort to the use of unnecessary force. Such action is never justified. Potentially dangerous crowds can usually be controlled by the following methods: 1. Isolating and removing individuals involved in precipitating an incident before the crowd can achieve unity of purpose. This may cause temporary resentment in a very small portion of the crowd members. It is important, therefore, to immediately remove the subject from the area. Elimination of the cause of irritation will prevent an ugly incident. Remember that the injudicious use of force can well defeat your purpose and turn the entire crowd against you. 2. Fragmentizing the crowd into small, isolated groups. The police often arrive at the scene of an incident or hastily conceived demonstration after a crowd has assembled and achieved a degree of unity. The close contact of the crowd members and the emotionalism of the situation cause the individuals in the crowd to become group influenced and directed. Individual controls disappear, and each person is swayed by the mood and feelings of the crowd. This collective excitement is communicated to each member of the group in what is known as the “milling process.” The presence of an adequate security force to disperse the crowd and break it into small, isolated groups before it becomes hysterical and aggressive is an effective method of coping with the milling process. It is necessary for security to demonstrate a show of force, which does not necessarily mean the use of force. The identifiable officer presence of an adequate number of well-disciplined

II. PRACTICAL AND OPERATIONAL APPLICATIONS

288

3.

4.

5.

6.

25. CROWD MANAGEMENT AND SPECIAL EVENT PLANNING

and well-trained crowd-control personnel often suffices. Removing the crowd leaders. The most excited and vocal members of a crowd establish themselves as the informal leaders. Isolating and removing the agitators contributes greatly to eventual crowd dispersal. However, isolating and removing the more boisterous individuals should only be attempted if sufficient manpower is available. (A crowd is not effectively swayed by inadequate manpower; violence may result. Individual heroics are foolhardy and dangerous.) Diverting the attention of the crowd. The use of a public address system on the fringe of a crowd, urging the people to “break it up and go home,” is a successful crowd dispersal tactic. Amplifying the authoritative tone of the command attracts the attention of individuals in the crowd and breaks the spell cast by the more excited crowd members. A crowd that grows in hostility and defies orders to disperse can also be controlled by forcing the individuals to focus attention on themselves rather than the objectives of the group. Instead of making a direct assault on the crowd, a series of random arrests are made of individuals situated on the edge of a crowd. The crowd will soon recognize that a greater number of persons are being arrested. But the fact that arrest is threatened through haphazard selection causes them to fear for their liberty and a spontaneous dispersal results. Using a recognized leader. An effective method of counteracting the developing leadership in a crowd is by using someone having greater appeal to the crowd. A trusted labor leader, a member of the clergy, a well-known sports figure, or a wellknown civil rights leader can often successfully plead for order and reason. Depending on the origin and cause of the crowd formation, an appropriate public figure or official may greatly assist in

calming the excitement and emotions of the crowd. 7. Preventing panic from developing in a crowd. Panic is caused by fear and is most often found in the escape crowd fleeing from disaster or the threat of disaster or violence. The primary cause of panic is blockage of the escape route. Security actions should endeavor to provide an escape route, directing and controlling the progress of the crowd along that route, and, when possible, dividing the crowd into small groups, fanning them out into safe areas. The following control techniques might be implemented: a) Display a helpful, calm, and confident attitude. Loudspeakers should be used to give directions and provide helpful information. b) Use rational members of the crowd to assist in calming or isolating hysterical persons. c) Provide first aid to the injured and weak, particularly the elderly and disabled, and children, and ensure follow-up medical attention. d) Use security to block off selected streets and pathways, and channel movement onto and along designated routes leading away from the threat and toward safe areas. Care must be taken to ensure that the security forces do not panic a crowd by hasty action, arrogance, or thoughtlessness. Rather, security personnel should evince an aura of confidence and discipline, calmly yet authoritatively directing the crowd toward safety. 8. Directing women and children. Crowds and demonstrators may resort to having women or children wheeling baby carriages at the head of their advance. If the marchers must be stopped, an attempt should be made to divert the women and children or let them pass through the ranks and then close rapidly behind them.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

289

FORMATION OF A MOB

WHEN VERBALIZATION DOESN’T WORK When verbalization alone is ineffective, the need to physically move crowd members arises. This should be done only as a last resort and should include effective verbalization. It should be a planned action, executed by professionally trained crowd-control personnel who are proficient in the proper procedures for doing so. The following are some physical control techniques that are appropriate for the movement of people in crowds: 1. “Heavy hands”—Assert your presence with your hands in front of you. 2. Be assertive! Do not take a backward step when moving the crowd. 3. Destabilize and neutralize resistant persons by one or more of the following techniques: a) Upper torso restraint. b) Arm around waist with an escort hold. c) Lifting the offender by his belt, along with an escort hold. d) Pressure point control as appropriate. e) Wrist locks, team control position, arm bars, as appropriate.

SECURITY AND DEMONSTRATIONS Security organizations assigned to supervise demonstrations have a twofold responsibility. Regardless of individual convictions, they must first protect the peaceful demonstrators who are exercising their right to protest. Spectators not in sympathy with the demonstration constitute a potential threat of violence. This is often aggravated by counterdemonstration whether it is organized or spontaneous. Crowd-control forces must also protect the general public from demonstrators who infringe upon the rights of others. The more

common problems occur when demonstrators engage in “sit-ins” and similar activities and violate the property rights of others. Fanatical members may lie down in the path of vehicles and refuse to move. Once the decision to remove the obstructers has been made by command personnel vested with lawful authority, the obstructers must be picked up and carried away at once. The use of tear gas in this situation is not generally recommended in view of the passive nature of the gathering and their relatively few numbers. When considering the use of tear or noxious gas in crowd control, private security must bear in mind that in some jurisdictions only “a duly constituted officer of the law” may lawfully use or direct the use of tear or noxious gas against any person involved in a labor dispute (Pennsylvania Crimes Code, Sec. 2708). Such groups may attempt to discredit security with harassment during removal, by resorting to shouts of “brutality,” raising their hands as if to ward off blows, and emitting cries of pain when they are aware of the presence of news media. Such encounters will tax the patience and control of individual security officers, who must ignore all such verbal attacks.

FORMATION OF A MOB The crowd or demonstration will deteriorate into a mob if it has been preconditioned by irritating events, aroused by rumors, and inflamed by professional agitators who appeal to emotion rather than to reason. Hostility prevails, and unity replaces confusion and disorganization. The early frustrations engendered by agitation and rumor require a climactic incident to unleash the mob. This may come about for any number of reasons and may well be influenced by the apparent weakening of the strength and resolve of security personnel assigned to maintain order and preserve the peace.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

290

25. CROWD MANAGEMENT AND SPECIAL EVENT PLANNING

RESPONSIBILITY AND BEHAVIOR OF PROTECTIVE GROUPS Protection must extend to all people. This means fair and equal treatment of all. Observe a position of neutrality—act with firmness—this is not belligerence or unreasonable force. After an order is given, it must be enforced for the preservation of the public peace and the carrying out of the traditional mission of protecting life and property to ensure the basic rights of all people. If you observe a hostile crowd gathering, never hesitate to request assistance. In these instances, it is definitely safer to overstate the number of personnel needed to restore order than to attempt to act alone or underestimate your requirements. A show of force not only has a restraining effect on the crowd, but also provides the necessary manpower. Order must be established. Approaching the more vocal individuals in a crowd is an effective method of dealing with a group. When addressing these persons, be firm and carefully phrase your commands. Do not become involved in an argument. Use simple language and inform the people of the violations they are or may be committing. Request that the violations stop and that the groups disperse. Allow the crowd the opportunity to withdraw peacefully without interference. If the throng defies authority and the apparent leaders make no efforts to disperse the crowd, arrests should be made, and police assistance obtained. Whenever you are dealing with an excited or hostile crowd, remember that it is potentially dangerous and may require only a slight incident to turn it into a mob. Your example and your ability to maintain order are the best deterrents to mob action.

PLANNING CONSIDERATIONS From time to time, security personnel have the opportunity to plan for large crowd events. An example of this may be political rallies,

sporting events, parades, or shopping-center events. As there is typically some form of advance notice for these expected large crowd events, the following considerations should form part of the contingency procedure: 1. Police participation—Is it required? 2. Barriers, including chain-link and/or plastic-mesh fencing, pedestrian or “bike-rack” barricades, ropes and stanchions, people 3. Communications, including two-way radio, land-line telephones, mobile phones, and PA (public address) system 4. Emergency medical services, including first aid stations, ambulances, and doctors/ EMTs 5. Location of event—Indoors, outdoors, private, or public 6. Fire department services 7. Mobile or fixed command center 8. Media observation area 9. VIP logistics, including vehicles, entry and exit locations, parking, and personal protection 10. Parking for attendees, security and police personnel, etc. 11. Lavatories/porta-potties and hand-wash stations 12. Food and beverage concessions 13. Disabled-persons access and seating, including wheelchair users and others requiring specialized assistance 14. Entertainment before and/or after event 15. Signage 16. Schedules, including event activities and security operations 17. Number of security personnel and degree of expertise required 18. News releases and media precoverage 19. Time of year and type of environment 20. Power sources, including drop lines and backup power 21. Alternate power sources 22. Estimated crowd size

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CROWD MANAGEMENT ASSESSMENT

When a large crowd event is known ahead of time, allowing for sufficient time to plan, the event should take place with minimal problems for both security staff and participants alike.

PERSONAL BEHAVIOR 1. Stand your ground without yielding. Your job is to maintain order and protect life and property. a) Avoid all unnecessary conversation. b) Do not exchange pleasantries with the crowd or apologize for your actions. c) Do not give the impression you will not enforce orders to disperse or arrest individuals defying such an order. 2. Take lawbreakers into custody and turn over to the police for arrest. 3. Use reasonable force to maintain order and enforce the law. a) Do not overlook violations or defiance of lawful orders. b) The use of unreasonable force often incites an otherwise passive or curious crowd. c) Charges of brutality are often made in an attempt to discredit the security force; they will have no basis in fact if excessive or inappropriate force is not used. 4. Remain on the fringe of the crowd. Do not get too close or mix with a hostile crowd. Remain out of reach and observant of crowd and individual activities, pending the arrival of reinforcements. 5. Assist fellow officers who may be in trouble. If one of your associates situated near you is physically attacked, go to his or her immediate assistance. Arrest the assailant. To permit such a person to escape will encourage others to assault or try to overpower individual security personnel. 6. Refrain from participating in crowd activities.

291

a) An aggressive crowd will invariably throw a barrage of rocks, sticks, bottles, and so on at security forces. DO NOT throw them back at the crowd! This will only precipitate greater hostility and supply the crowd with more missiles. b) Withdraw to a safe distance until dispersal operations can be commenced.

RIOT CONTROL FORCE DEPLOYMENT PROCEDURES Basic riot and crowd-control formations employed by security personnel exist in the following forms (Fig. 25.1): 1. Arrowhead—This formation is used to strike into and split a crowd or mob, or to provide an escort for a person(s) to a given point through a friendly or disorganized crowd. The use of an additional inverted arrowhead at rear of the formation will give all-around protection. 2. Left flanking and right flanking—This is used to move a crowd or mob to the right or left, or to turn a crowd away from the front of a building, fence, and so on. 3. Line—This is used to move a crowd or mob straight back up the street.

CROWD MANAGEMENT ASSESSMENT 1. What is the officer-audience ratio? 2. Are the security personnel deployed in such a way as to maximize surveillance of the crowd? 3. What type of event is this? 4. Are the security personnel properly trained to handle the crowd? 5. Are the security personnel knowledgeable in first aid? 6. Are the security personnel licensed and armed with weapons?

II. PRACTICAL AND OPERATIONAL APPLICATIONS

292

25. CROWD MANAGEMENT AND SPECIAL EVENT PLANNING

PERSONNEL DEPLOYMENT BASIC RIOT AND CROWD CONTROL FORMATIONS USED BY CONTROL FORCES EXIST IN THE FOLLOWING FORMS:

a) ARROWHEAD THIS IS USED TO STRIKE INTO AND SPLIT A CROWD OR MOB, TO PROVIDE AN ESCORT FOR A PERSON(S) TO A GIVEN POINT THROUGH A FRIENDLY OR DISORGANIZED CROWD. THE USE OF AN ADDITIONAL INVERTED ARROWHEAD AT REAR OF THE FORMATION WILL GIVE ALL-AROUND PROTECTION. b) LEFT FLANKING

AND

RIGHT FLANKING

USED TO MOVE A CROWD OR MOB TO THE RIGHT OR LEFT, OR TO TURN A CROWD AWAY FROM THE FRONT OF A BUILDING, FENCE, ETC. c) LINE USED TO MOVE A CROWD OR MOB STRAIGHT BACK UP THE STREET.

FIG. 25.1

Riot and crowd control formations.

7. Are the security personnel properly briefed on the type of crowd? 8. Is the company providing security properly licensed? 9. Have all required permits been obtained? 10. What is the seating? Are all loose chairs fastened together to inhibit picking them up and throwing them? (Berlonghi, 1990, p. 167) 11. What is the procedure for extracting problem people from the crowd and ensuring that they leave the venue without posing a threat to anyone inside or outside the venue? 12. Is supervision present and adequate? 13. Are communications, including two-way radios, available and adequate? 14. Is alcohol being served at the event? If so, what are the procedures for controlling access to alcohol beverages? 15. What are the evacuation procedures in the event of an emergency or panic in the crowd?

16. In the event of a cancellation after the audience has been admitted to the venue, what procedures are in place to placate the crowd?

ALCOHOL SERVING CONSIDERATIONS Serving alcohol at special events can create a host of safety, security, and liability issues. The following are some considerations regarding alcohol service: Are persons dispensing alcohol: 1. Properly trained in the correct procedures for checking and verifying IDs of patrons? 2. Properly trained in the methods used to control service of alcohol beverages? 3. Properly trained in the recognition and identification of behavioral cues of intoxication and the intervention techniques available to cut-off service and ensure

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FURTHER READING

intoxicated persons do not harm themselves or others? (Training for Intervention ProcedureS [TIPS], 2018) Are security personnel: 1. Properly trained in the preceding techniques so that they can control access to the venue? 2. Able to intervene properly and effectively in matters involving intoxicated patrons, including making sure that intoxicated patrons do not harm themselves or others. 3. Properly and adequately trained in the best practices for extracting problem patrons from the crowd? 4. Correctly trained and instructed to ensure evicted patrons do not linger about the exterior of the venue to take revenge upon other patrons or employees, or re-ignite an earlier conflict?

EMERGING TRENDS Special events are complex and fluid, and, despite the best planning, many things can go wrong. Perhaps the best way to conceptualize this is with the old saying, “Whatever can go wrong, will go wrong.” Special-event security is a facet of the security discipline that requires ongoing analysis and critique. In light of the recent mass shootings that have occurred in Paris, France, Orlando, Florida, and Las Vegas, Nevada, it is evident that the most salient crowd management-related threat to emerge in recent years is the active shooter. Be it a terrorist attack, hate crime, or other atrocity, this lethal threat demands that law-enforcement and security personnel at all levels, as well as venue owners and managers, maintain a high level of security awareness. Plans must be in

293

place to deter, deny, and interdict these attacks. Should an attack nevertheless occur, the security plan must include procedures to direct attendees and other persons to safe cover and concealment while minimizing exposure to gunfire and other perils. Emergency medical services must be readily available, out of sight and out of range of the shooter. Because security personnel are very often the first responders to an on-site emergency (ASIS, 2011, p. 101), their efficient and effective coordination and communication with law-enforcement personnel are essential to life safety.

References ASIS International. (2011). Protection of assets: Applications. Alexandria, VA. Berlonghi, A. (1990). The special event risk management manual. Dana Point, CA: A. Berlonghi. TIPS (Training for Intervention ProcedureS). (2018). Official TIPS Alcohol Certification Site j eTIPS j. Retrieved from Health Communications, Inc. website: https://www. gettips.com/index.html.

Resources The International Association of Venue Managers (IAVM) is an organization of professional venue managers. The IAVM conducts and publishes research, holds meetings, and administers a professional certification program for assembly managers. Visit https://www.iavm.org/. IAVM’s Venue Management School (VMS) and the Graduate Institute (VMS-GI), are considered two of the best professional education programs available for venue managers. Visit https://www.iavm.org/vms/vms-home.

Further Reading Commonwealth of Pennsylvania, 1973-2018. Title 18, Crimes and offenses (the crimes code).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

26 Strikes, Lockouts, and Labor Relations Brion P. Gilbride O U T L I N E Introduction

295

Searches

301

Types of Labor Activities

295

Planning—What to Be Aware of

296

The Disciplinary Process Versus Labor Relations

301

Things to Expect

297

Emerging Trends

302

The Picket Line/Protests Taunts and Insults

298 299

Summary

302

References

302

Surveillance

299

INTRODUCTION The security professional is often a part of labor relations on behalf of their employer, as the individual who responds to, initially addresses, and/or documents an incident involving one or more employees, including the security professional themselves. In the private sector and sometimes in the public sector, employees belonging to a collective bargaining unit or union may take action to influence the employer. These actions range from protests to strikes. Conversely, sometimes an employer may take action to influence the bargaining unit by locking them out of a facility. Collectively, these activities are

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00026-2

referred to as labor relations. Whether the event is a protest/picket line, strike, or lockout, the security professional must be aware of not only their responsibilities but also their potential impact on the labor relations process.

TYPES OF LABOR ACTIVITIES To understand the security professional’s roles and responsibilities with regard to labor relations, it is important to understand the different activities engaged in by a bargaining unit or its membership. First, and most common, is the protest or picket line. In this situation, members of a bargaining unit stage a protest just off

295

# 2020 Elsevier Inc. All rights reserved.

296

26. STRIKES, LOCKOUTS, AND LABOR RELATIONS

of company property, typically, at access/egress points to the property. In these protests, the participants often have homemade or pre-made signs, they march and chant slogans, and generally try to draw attention to their protest. Picket lines are typically nonviolent and while they may sometimes slow access to a facility it is unusual for them to completely impede such access. Protests may be in lieu of a strike or sometimes accompany them, depending on the situation. Second is the strike. Strikes are an almost inevitable occurrence for many unionized companies. Indeed, it may be argued that for such companies, strike costs are an integral part of the labor costs to maintain the operation. A strike is an organized work stoppage often used in conjunction with other labor relations activities such as contract negotiations. Strikes appear in one of two forms: 1. Wildcat strike or illegal walkout: This is an unauthorized work stoppage in violation of law and/or an existing bargaining agreement. The most common reason for a wildcat strike is the result of the union considering some action to be unjust. 2. Lawful strike: The lawful strike usually occurs in accordance with applicable laws and the bargaining agreement in existence. Lawful strikes often occur when a contract expires, and the union seeks to influence management to change one or more policies in a new bargaining agreement. These strikes are voted on by membership and typically follow stipulations in the most recent agreement. Typical causes of lawful strikes involve wages and health and safety. Finally, there is the lockout. The lockout, like the strike, usually occurs in accordance with applicable laws and the bargaining agreement in existence. A lockout occurs when management refuses to allow bargaining unit members on company property. Like the strike, the

purpose of a lockout by management is to put pressure on members of the union to change one or more items in an upcoming negotiation that bargaining unit members are otherwise unwilling to adopt.

PLANNING—WHAT TO BE AWARE OF Companies should, and often do, have plans developed for how to address protests, strikes, and/or lockout situations. The security professional must be familiar with these plans. These plans provide guidance to managers and security staff on a wide variety of issues. These issues include but are not limited to the following: Access control: While less of an issue during protests than during strikes or lockouts, the security professional must continue to ensure that only individuals permitted by company management that have access to company property are allowed to be there. Access control is essential during labor management activities as there have been cases of locked out or striking employees gaining access to company property and interfering with or damaging property or vehicles. While automated access control systems track the movements of individuals with access devices, visitor records should be maintained of all persons entering or exiting a facility along with their reason for visiting and who escorted them (if anyone). Key control: A subset of access control; any keys or other access devices issued to employees should be recovered prior to the strike or, failing that, be disabled. For access systems using biometrics, magnetic cards, proximity cards, key fobs, or similar device, the profiles for affected employees can be disabled or suspended. For actual keys, locks may need to be changed or doorknobs

II. PRACTICAL AND OPERATIONAL APPLICATIONS

297

THINGS TO EXPECT

secured such that keys cannot be used in them until the situation is resolved. Escorts: When bargaining unit members are being permitted on the property during a strike or a lockout, most often for negotiationrelated activities, such members should be escorted by a security professional at all times. In addition, when advance notice is available, security professionals should plan the route(s) being used for the escort and remove any sensitive items or materials along the escort route. Where possible, escorts should also be remotely monitored if camera coverage is available and feasible. Law enforcement response: Ideally, any contingency plans for labor unrest should be coordinated with the appropriate law enforcement agency or agencies. A clear delineation of roles, responsibilities, and chain of command are essential. There will be situations that will begin with the security professional’s involvement that will be transitioned to the arriving law enforcement agency. Having an existing relationship with the arriving agency will make the transition run smoothly. Incident command: A command post should be established for security and protection operations. Ideally, this will be sited near the area where a rapid, coordinated response would most likely be required. Depending on the situation, there may be outside agencies embedded in the command post. Fire prevention/medical response: In the absence of employees at the worksite normally responsible for responding to fires or medical emergencies, security professionals will be forced to assume some or all of these responsibilities in addition to their existing responsibilities. Proper training on fire suppression systems, equipment, and

response are essential, as is first aid, CPR (cardiopulmonary resuscitation), and automated external defibrillator (AED) training. Lighting: When practicable, all existing facility lighting should be checked and repaired as needed. In addition, portable lighting should be considered for areas where labor activities may take place. Effective lighting not only makes detection of unauthorized activity more likely, it also makes effective recording of such activity more likely as well. Digital network video systems: As with lighting, all existing cameras and recording systems should be checked and repaired as needed. If the system permits, additional cameras should be placed and added to the system for more comprehensive coverage. Covert and overt camera placement should be considered. Patrols: Patrol rounds, locations, checkpoints, vehicles, and anything else associated with patrolling company property should be reviewed and adjusted based on the incident using all available intelligence. Patrols may be increased or rerouted. Vehicles may need to be repaired or reinforced. Checkpoints may be revised to ensure patrols check certain locations. Purchasing: Security professionals should be coordinating with the company purchasing department to ensure essential shipments of raw materials, goods, or equipment can safely enter and/or exit the property.

THINGS TO EXPECT As a labor activity gets underway, there will likely be certain activities occurring that security professionals must be aware of and, where possible, prepare for. Disruptions to normal

II. PRACTICAL AND OPERATIONAL APPLICATIONS

298

26. STRIKES, LOCKOUTS, AND LABOR RELATIONS

company operations should be expected. Such disruptions might impact facilities, communications, employees, or some combination thereof. Threatening phone calls: With modern mobile phone technology, this likely will expand beyond voice calling and into social media (Twitter, Facebook, and Instagram), message boards, text (SMS) messages, and other venues. The intent, however, is generally the same—to provoke a reaction from the company, and the more extreme the reaction the better for the bargaining unit’s cause. Threats may be vague, such as “You’ll get what’s coming to you!” or they may be specific. All threats should be taken seriously to the extent possible. IP addresses and phone numbers should be traced back wherever possible and call logs saved for review and for sharing with the law enforcement agency if the situation requires. Depending on the jurisdiction, such calls may be recorded— security professionals should seek advice through their chain of command from corporate counsel before engaging in any recording or monitoring. Bomb threat: While this also fits “threatening phone calls,” the response to a bomb threat is more specific, typically involves law enforcement, and there are things a security professional must try to do if a bomb threat call is received. In many companies, there is likely a “bomb threat checklist” kept near telephones reminding users what to listen for or ask for in the event a bomb threat is received. This checklist provides recipients of a bomb threat a list of questions to ask, things to record, and things to listen for. Time and date of the call should be recorded, as should the phone number the call came from (if known). The caller should be asked about the bomb itself—where it is, what it looks like, how it is activated, or who placed it. The exact words

used by the caller should be documented, and attention should be paid to background noises that might give a clue to where the caller is. Attention should also be paid to the language used by the caller (are they coherent, irrational, rehearsed, or taped) and the caller’s voice (Federal Emergency Management Agency, 2012). Vandalism/sabotage: As a labor action commences, its purpose is typically to disrupt company operations as a persuasive measure. Vandalism, like sabotage, can be difficult to establish or interdict and it is that difficulty that makes it an attractive tactic for bargaining units. It may be as simple as spray-painting slogans on a wall or fence, or it may be as complex as cutting an overhead telephone cable leading onto the property. Vandalism, particularly to the exterior areas of a facility, may pose a risk as company employees respond to clean or repair the damage and a bargaining unit knows that management may or may not risk a confrontation or jeopardize employee safety. While such acts are illegal, the risk of prosecution is low if the vandalism is not recorded or witnessed. Interfering with telephone or electric lines carries a greater risk as the impact to operations could be extensive, and the cabling for those utilities is usually owned by the carrier (telephone) or the utility company (electric, gas, water) and they will have their own interest in prosecuting saboteurs.

THE PICKET LINE/PROTESTS The picket lines or other protests will present a unique set of challenges for the security professional. It is here, more than anywhere, that the security professional will be face-to-face with individuals who are likely to test limits

II. PRACTICAL AND OPERATIONAL APPLICATIONS

299

SURVEILLANCE

with their behavior. Above all, the security professional must maintain his/her integrity and calm when dealing with protesting or picketing individuals.

Crossing the picket line: There may come a time that security professionals may be required to cross (and recross) the picket line. If crossing becomes a necessity, the security professional should keep the following in mind:

Taunts and Insults

• Crossings are safer by vehicle; avoid crossing on foot if possible. • Crossings are safer in groups; avoid crossing alone. Every added person to the crossing group is a potential witness. • Movement is safety. Try not to stop. • If directly confronted by picketers in front of the vehicle, a stop may be unavoidable. • If stopped, do not leave the vehicle and keep the windows up and doors locked. • Be aware of picketer behavior—are there angry elements among the group that might instigate a confrontation?

The security professional, as the immediate representative of management and the ones most available to protesters and picketers, will likely be insulted and/or taunted by bargaining unit members. Depending on the nature of the protest, security professionals may be recognized as ‘doing their jobs’ and accordingly have minor issues with the protesters, while in other cases security professionals will receive the full force of any ire directed at company management. In those situations, remember a saying attributed to Elizabeth Kenny: “He who angers you conquers you” (Kenny, 2002). Security professionals must not respond to insults and taunts. While it is human nature to do so, by responding the security professional can no longer remain proactive—by their response the security professional becomes reactive. By becoming reactive, the security professional enters a situation that is bad for several reasons: 1) By reacting to a provocation, the security professional invites further provocation. Now the bargaining unit knows it will work. 2) By reacting to a provocation, the security professional will focus on the reaction and will be distracted from other activity that may be occurring. In other words, it could be a diversion. 3) If the security professional reacts too harshly to a provocation (i.e., an excessive use of force), the bargaining unit is given an incident that it can use against management. In other words, from management’s standpoint the security professional has given the bargaining unit a propaganda victory.

SURVEILLANCE During any labor activity, be it a strike, lockout, or picket line, as part of the company the security professionals must be able to monitor as much activity as possible. This monitoring may be physical, it may be remote, or it may be a combination of the two. Monitoring and recording labor activities will serve as an evidentiary record of any incidents captured during such monitoring. This can be beneficial to the company or detrimental to it, depending on the professionalism and behavior of individuals on either side of the incident. Keep in mind that there should be a chain of custody and documentation (paper or digital) regarding the location, date, and time of the recording, who made it, etc. Security professionals should consult corporate counsel regarding the recording, transmission, or sharing of any footage. At one time, surveillance of strike activities would have involved a significant commitment of personnel, a fair amount of stealth, and fairly unreliable technology. In the 21st century,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

300

26. STRIKES, LOCKOUTS, AND LABOR RELATIONS

however, technology has improved considerably. Digital video systems, digital cameras, mobile phones, microphones, digital voice recorders, and drones are some of the options available. These systems now use digital storage, which can hold exponentially more video and/or audio than previous technologies. The devices are smaller, making them easier to conceal. The devices are often wireless; there’s no cable to run or power supply to attach. Security surveillance systems and network video systems are two terms that have replaced CCTV systems, are digital and can store considerably more footage than videotape. Cameras on these systems can record in color, can have pan/tilt/zoom capabilities, can support software-controlled camera tours, can record audio, and even operate in infrared mode. For areas without digital video coverage, video can be recorded on cameras and even mobile phones. The quality on cameras and mobile phones is equal to or exceeds that of the digital video surveillance systems. The most impressive technological change at this time is the use of drones. Drones can be equipped with the same quality of camera that digital video systems use. Drones can store footage on a microSD card which can hold hours worth of footage. Because a drone can often hover like a helicopter, a drone can record footage from above a picket line or protest. This capability makes it difficult for picketers to interfere with the recording. Drones can be moved horizontally and vertically to capture footage from different angles, which provides a significant advantage over a fixed camera. Drones can be customized to fly at particular speeds, at particular heights, have different amounts of battery power, and be of different sizes. There is one significant downside to digital recording technology, regardless of the venue. Just as this amazing technology is available to security professionals, it’s also available to everyone else. Drones can be used to collect intelligence on security professionals—their

fixed positions, their vehicles, their patrol routes (where accessible), and anything else a drone can be positioned to observe. Video and audio can be stored on the same microSD cards that security professionals use, or in cloud storage or anywhere else. Potentially worse for security professionals and the company, however, is that video and audio recorded by the bargaining unit members can be edited and posted to social media—think YouTube, Facebook, Instagram, Vine, or a hundred other sites—and that can be done right after the footage is recorded or even can be streamed live. This will allow the bargaining unit to shape the public relations message instead of the company. If security professionals, operating within whatever legal parameters are appropriate for their jurisdiction, are going to surveil strike or picket activity, there are specific things to focus on. Surveillance should be used, where possible, for the duration of the labor action—this could encompass several days or even weeks of footage. While digital storage makes this much easier than tape storage, determining how much storage is needed and where to secure it does require some level of planning prior to the labor action. Remember, the security professional is gathering both evidence and intelligence through these surveillance activities and some of what is recorded will fit both categories. Intelligence: Security professionals will want to record or document the location of pickets and protesters, the words on signs being used and their affiliation with specific bargaining entities, types of communication devices in use (radios, cell phones, MiFi, or wireless hotspots), times of picket lines or if protests are active/inactive, license plates and make/ model of any vehicles used by the bargaining unit, names/identities of potential corroborating witnesses, etc. Evidence: Security professionals will want to record or document damage to vehicles,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE DISCIPLINARY PROCESS VERSUS LABOR RELATIONS

property, equipment, fences, cameras/ surveillance devices, etc. Movement of individuals or vehicles onto or off of the perimeter of the property or into the property itself could be recorded. Recording of conversations between security professionals and bargaining unit members at the perimeter depends on the jurisdiction.1

301

counsel prior to any implementation. If search policy and procedures are instituted, they should be practiced both consistently and impartially. Searches are an important tool in preventing inappropriate or illegal items from entering the workplace as well as preventing company property from unauthorized departure. Regular searches also serve as a deterrent as employees will recognize the increased odds of being caught.

SEARCHES If individuals participating in a strike or picket line/protest are going to be permitted onto company property, one potential consideration is that such individuals may conceal items on their person going into and/or leaving company property. Conducting a search of an individual (or their belongings) is, from a legal standpoint, a complex matter that varies depending on the jurisdiction. Depending on the jurisdiction, some company policies as well as some collective bargaining agreements may spell out the situations under which a search can be conducted. Stipulations may include specific instances when a search may be conducted, perhaps during entry and/ or exit to a particular building or location. The permission levels needed to authorize a search may be delineated, as may the verbal or written consent to search. The recording of a search, or nonrecording for privacy purposes, may be considered. The nature of a search—whether it is a vehicle, a person’s belongings, assigned workspace, or locker—may also be spelled out in a bargaining agreement in detail, as any requirement to have a union steward or manager present as a witness. Search policy and procedures, whatever they may be, should be thoroughly vetted by corporate

THE DISCIPLINARY PROCESS VERSUS LABOR RELATIONS While any disciplinary process serves a management need of stopping and correcting an inappropriate behavior or activity, for the front-line security professional it is essential to have an awareness of the process for their particular employer. As discussed earlier, security professionals will be deployed to areas where labor activity is occurring or will be surveilling such activity. The different violations captured will likely involve different levels of disciplinary actions. There are five main types of disciplinary action that are taken against an employee when a violation is identified. For most infractions, a verbal or written warning is common, with additional violations leading to progressively more serious corrective action. A verbal warning is just that: typically there is no documentation beyond “Subject X was advised by Manager Y to stop doing Z immediately.” A written warning is often used for more serious minor infractions or for an infraction where a verbal warning has already been given. Written warnings often follow a specific format and are retained for a specific amount of time. These formats and

1. Different jurisdictions have different laws or regulations regarding the recording of conversations. Some jurisdictions require both parties to be aware of a recording, and some require only one party. Some jurisdictions forbid this activity outright. Corporate counsel must be consulted before recording a private conversation.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

302

26. STRIKES, LOCKOUTS, AND LABOR RELATIONS

times are often spelled out in collective bargaining agreements. After verbal and written warnings often comes suspension. In a suspension, the employee is typically given written notice of a suspension for a specific number of days and the employee may not report to the worksite or receive pay for time served in a suspension. Suspensions often remain in employee files indefinitely, or for a significant length of time. Depending on the nature of the employment, a demotion is also a disciplinary action that can be used. These tend to involve repeated infractions combined with mitigating factors such as the employee’s tenure with the company or previous disciplinary record. Demotions are often a “last chance” offered before termination. Termination, the fifth and final type of disciplinary action, is the removal of the employee from the company. In using any disciplinary actions against a bargaining unit employee, there are specific rights for bargaining unit members that must be observed, collectively referred to as Weingarten rights. In the United States, these rights derive from a 1975 Supreme Court case concerning an investigatory interview of a company employee. In this case, National Labor Relations Board (NLRB) v. J. Weingarten, Inc. (hereafter referred to as Weingarten), the Supreme Court ruled that any employee being interviewed by a management representative was entitled to union representation during the interview (NLRB, 1975). As a security professional may question an employee, the security professional represents management and may be obligated to provide notice to an employee of their Weingarten right to representation prior to any questioning that can reasonably be expected to lead to disciplinary action. It should be noted that Weingarten rights do not place an obligation on management to conduct an interview, merely that the interviewee has the right to representation should management decide to conduct such an interview.

EMERGING TRENDS As technology continues to revolutionize the way work is completed, often requiring fewer workers while producing greater work at less cost, unionized work forces will continue to push back against management when employee interests are threatened. Paradoxically, while technology will continue to alter the workplace, private-sector union membership, at least in the United States, continues to fall. Union membership that was once 1 out of every 3 workers has fallen in the last 50 years to 1 worker out of every 10 (Bui, 2015). With shifting priorities in domestic law enforcement, security personnel will likely be called upon to respond and address situations precipitated by labor activities with mixed levels of support.

SUMMARY Labor activities such as picket lines/protests, strikes, and lockouts present unique challenges to the security professional. These activities often combine situations normally occurring in isolation creating a complex situation that the security professional must be able to respond to, document, and resolve while maintaining their professionalism and integrity against opponents that may not feel that same restraint. Pre-strike and pre-protest planning are essential to effectively managing these kinds of incidents, and the security professional must know his/her role in an incident as well as how that role may change depending on the situation at hand.

References Bui, Q. (2015). 50 Years of shrinking union membership in one map. Washington, DC: National Public Radio (NPR). Accessed 31 May 2018 from: https://www.npr. org/sections/money/2015/02/23/385843576/50-yearsof-shrinking-union-membership-in-one-map.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

Federal Emergency Management Agency. (2012). Bomb threat call procedures. Washington, DC: Federal Emergency Management Agency. Accessed 28 May 2018 from: https://emilms.fema.gov/is906/assets/ocsobomb_ threat_samepage-brochure.pdf. Kenny, E. (2002). “Elizabeth Kenny Quotes” (BrainyQuote). Accessed 28 May 2018 from: https://www. brainyquote.com/quotes/elizabeth_kenny_100902.

303

National Labor Relations Board (NLRB) v. J. Weingarten, Inc. (420 US 251). (1975). Accessed 30 May 2018 from: https://supreme.justia.com/cases/federal/us/420/ 251/.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

27 Workplace Crime and Deviance Whitney DeCamp, Brian Lunn, Norman R. Bottom O U T L I N E Introduction

305

Theories of Workplace Crime General Deterrence Routine Activity Social Learning Theory Techniques of Neutralization General Strain Theory Summary for Theories of Workplace Crime

306 306 307 307 308 309

Theft Prevention Objective Definition of Employee Dishonesty First Steps Sample List—Retail Establishment

310 310 311 312 312

310

INTRODUCTION In any organization, some employees will steal. The more opportunity allowed for theft, the more theft there will be. Employees who do steal tend to steal what is most available to them. Office personnel steal office supplies, computer users steal technology, cashiers steal cash, and warehouse employees steal merchandise passing through their hands.

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00027-4

Markings and Signage Concealment

312 312

Response to Theft Reporting Preventive Actions Search Policy Employee Liaison

314 314 315 315 316

Emerging Trends

316

Summary

318

References

319

Resources

320

Further Reading

320

Managers, supervisors, and line employees can all steal. Protection officers have been known to steal, too. Many times, employees who steal will work together with external accomplices, such as family and friends. An individual employee can steal, or several employees may conspire to commit theft for their mutual benefit. In addition to the theft of products, materials, tools, or information, acts of sabotage may be committed. Hourly employees who wish to

305

# 2020 Elsevier Inc. All rights reserved.

306

27. WORKPLACE CRIME AND DEVIANCE

strike at management may damage equipment or interrupt processes. Too many managers who harbor some resentment toward the employer engage in deliberate work interruptions. Although not nearly as common as stealing, sabotage is sometimes interwoven with theft. Both may occur together. This information should not make a protection officer pessimistic, as most people are honest (to varying degrees). The problem is not that everyone steals or does damage; the problem is that everyone has the potential to do so. As a result, no one is beyond reasonable suspicion.

THEORIES OF WORKPLACE CRIME There are dozens of mainstream criminological theories that explain theft. Many of these theories focus on social influences that long precede actual crime (e.g., lack of social bond, poor parenting, lack of legitimate opportunity), while others focus on more immediate factors related to crime (e.g., opportunity for crime, perceptions of approval, lack of guardianship). For the purposes of preventing workplace crime, there are a few theories that are particularly relevant to theft prevention.

General Deterrence Deterrence is perhaps the most well-known theory of criminal behavior. It actually dates back to Cesare Beccaria’s book, An Essay on Crimes and Punishments (Beccaria, 1764). Beccaria lived in a time when crime was often attributed to evil influence, and punishment was quite severe. In an attempt to give guidance to the leaders of the time, Beccaria provided a logical rationale for punishment: to decrease further crime. He argued that two possible benefits arise from punishing someone caught committing a crime. First, that person might learn his or her lesson and not commit the crime again. Today, this is referred to as specific deterrence. Second,

others might witness the punishment and learn that committing the crime is not worth the consequences. This more widespread result is called general deterrence. Both are important benefits of punishment, although general deterrence has the potential for the greater impact of the two. This, however, only describes why we punish. It is in the specifics of punishment that we learn how to punish properly. Three concepts influence the effectiveness of punishment. First, punishment certainty is the likelihood of getting caught. The more often a crime is committed without the perpetrator getting caught, the less punishment certainty there is, and the less of a deterrent there will be. Second, punishment celerity refers to the swiftness of the punishment. The quicker a punishment occurs, the more of a deterrent it will create. This aspect of deterrence is less obvious than the others. Think of it like this: if someone is stealing on a regular basis and gets away with it for a year, then gets caught, but does not go to court for another 10 months, the cause and effect of crime and punishment are not as obvious to the public as they would have been if the entire process was quicker. The final element of deterrence is punishment severity. The more severe a punishment is, the more deterrence it will cause. However, this is only true up to the amount of punishment that outweighs the benefit of the crime itself. Once the punishment outweighs the crime, additional severity will not further increase the amount of deterrence. The overall implication of this theory is probably already the policy of most loss prevention efforts: catch and punish. It is the subtleties of these efforts that can be improved by understanding this theory. Punishment severity is often easiest to increase. As a result, although punishment certainty is not ignored, severity is more of a focus. Beccaria argued that this is backward. As long as the severity of punishment exceeds the benefit of the crime, it is sufficient. Rather, it is punishment certainty that can be improved upon to reliably increase a deterrent effect.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THEORIES OF WORKPLACE CRIME

Routine Activity Although general deterrence is valuable for understanding the importance of detection and punishment, it does not speak very well to specific circumstances. For looking beyond the generalities and probabilities that the deterrence theory uses, a more recent theory is appropriate. In an attempt to explain increases in crime several decades ago, Cohen and Felson (1979) developed their theory of routine activity. It should be noted that this theory applies only to “direct-contact predatory violations,” which includes theft, robbery, and other crimes that involve taking possession of something illegally. According to the theory, crime (here we focus on theft) is a product of three circumstances happening at the same time and in the same place. The first requirement for crime is the presence of a motivated offender. For the purposes of this theory, it is assumed that everyone is a motivated offender, or at least that such potential offenders are not scarce. The second requirement for crime to occur is the presence of a suitable target. In determining how suitable a target is, four aspects of the potential target should be considered: value, ease in moving the item, accessibility, and visibility. Because one would not want to decrease the financial value of something, it is the last three aspects of a potential target that usually can be addressed. Making an item harder to move, limiting access to only those who need access, and keeping it out of sight are all actions that would make a target less suitable. The third and final requirement for theft to occur is the absence of capable guardianship. This concept is the one that ties routine activity theory to deterrence theory. If a guardian is present, punishment certainty is increased to near certainty, and therefore the crime is less likely to occur. A capable guardian need not necessarily be a protection officer, loss prevention specialist, or other such person. It can be

307

anyone who might report the theft, or even an inanimate object, such as a noticeable security camera, that could result in the perpetrator getting caught. Many standard practices of the security industry have already addressed this theory, including target hardening, CPTED (crime prevention through environmental design), situational crime prevention, and other such strategies.

Social Learning Theory Both the theories discussed so far make a common assumption: that all people are willing to commit a crime if they think they can get away with it. Although this is at least partially true, there are other factors involved. Specifically, even in the same situation, some people might be more or less likely to commit a crime than others. There are many criminological theories that address this issue. However, most are not particularly useful from a security and loss prevention standpoint. One of the few such theories that has potential application to workplace crime is social learning theory. Generally, social learning theory (Burgess & Akers, 1966; Sutherland & Cressey, 2003) is applied most often to describe how children learn from their parents and peers, and how that influences their decision of whether crime is an acceptable behavior. However, the same model can be applied to the workplace. In its broadest sense, social learning theory describes two categories of learning that can occur. First, one may learn from peers (or other sources) how to commit crimes. Some crimes, such as petty theft, require little technical ability to commit. Learning better ways to commit these crimes, however, may improve one’s technique, and therefore make it easier to commit the crime, or make it less likely that one will get caught. The other form of learning, and the one that is more useful to address, is learning to perceive crime, or certain types of crimes in specific situations, as acceptable behavior. If someone

II. PRACTICAL AND OPERATIONAL APPLICATIONS

308

27. WORKPLACE CRIME AND DEVIANCE

notices that other employees are stealing, they are more likely to do it themselves, not only because it makes it more obvious that it is possible to get away with the crime, but also because it makes them feel like it is not taboo. The more often someone is exposed to this message, the more accepted it becomes. Unfortunately, this theory in and of itself does not contribute to policy that might be useful beyond what is already obvious: that employees who steal should be removed to prevent them from tainting other employees (and for other obvious reasons, of course). However, this framework also supports efforts that could be made to highlight why it is not acceptable to steal or engage in other workplace crimes. Such positive messages can counteract messages that favor crime. To get some specific ideas for what messages to counteract, the techniques of neutralization may be useful.

Techniques of Neutralization The techniques of neutralization were first described by Sykes and Matza (1957). They listed five categories by which an offender might neutralize his or her behavior to make it seem acceptable, thus preventing guilt. Other researchers, notably Cromwell and Thurman (2003) and Coleman (1994), have expanded on the original theory provided by Sykes and Matza, with Cromwell and Thurman applying the theory to shoplifters specifically. The techniques identified by these researchers are presented in Table 27.1. In a workplace setting, it is more often denial of injury and denial of victim that are used. For example, if an employee can in some way attribute blame for some personal problem on the employer or even coworkers, whether such blame is deserved or not, that person could convince him- or herself that the company or

TABLE 27.1 The Techniques of Neutralization Technique

Sample Justifications

Denial of Responsibility

I wasn’t in control It wasn’t my fault

Denial of Injury

It didn’t hurt anyone They won’t even notice

Denial of Victim

They deserved it This group deserves it

Condemnation of the Condemners

The police are corrupt The stores exploit their customers for a profit

Appeals to Higher Loyalties

I was just following orders I was doing God’s work

Defense of Necessity

My family needed me to do it I had no choice

Everybody Does It

Everybody steals This is normal, I just got caught

Justification by Comparison

I may be bad, but I could be worse If not this, then it would be something more dangerous

Postponement

I just don’t think about it I’ll deal with it when I am not under stress

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THEORIES OF WORKPLACE CRIME

coworkers deserve whatever the crime costs them. Denial of injury is even easier to apply, as it is not difficult for an individual to fail to recognize that their actions hurt a “faceless” corporation. This is especially true if they realize that an insurance provider will cover losses. Note that other crimes in addition to theft may be neutralized by workplace criminals. Condemnation of the condemners and appeals to higher loyalties may be used by those who commit acts of sabotage or espionage. Labor union extremists, terrorists, and spies may focus on the employer, criticizing and blaming them for some perceived wrongdoing. Terrorists involved in religiously based extremism may choose to believe that God has granted them the right to commit acts of sabotage. So, too, may those who steal information and give it to an adversary organization.

General Strain Theory General strain theory (GST) explains that when people experience strain, they may respond with crime in order to alleviate the strain and related emotions (Agnew, 1992, 2006). According to GST, strains are events and conditions that are disliked. This can take two general forms: objective strain and subjective strain. Objective strain is an event or condition that is disliked by most people. Subjective strain, on the other hand, is an event or condition that is disliked by the person experiencing it. Because not everyone evaluates events and conditions the same (not everyone sees divorce, e.g., as a strenuous event) subjective strains are seen as being stronger predictors of crime. Of these two types of strain, there tend to be three forms the strain comes in: losing something of value, being treated in an adverse or negative way by others, and not being able to achieve one’s goals (Agnew, 2006). As the objective and subjective strain distinction indicates, not all strains are considered equal. Indeed, the most criminogenic strains

309

are those that are perceived as high in magnitude, believed to be unjust, associated with low control, and that create pressure or incentive to engage in criminal coping. The greater magnitude, the more sense of injustice, the less feeling of control, and the greater pressure are all likely to produce negative emotional states such as anger, fear, and sadness. Negative emotions create pressure for corrective action, and crime is one form of corrective action. According to GST, different emotions have different impacts on criminality. For example, anger is more likely to lead to violent crime, whereas envy is more likely to lead to property crimes (e.g., theft). Individuals experiencing strain are more likely to respond with crime when they are less able to cope legally, when the costs of crime are seen as low, and when the individual has pro-crime associations (criminal friends and family) and beliefs. From GST there are several suggestions for how to limit crimes, including theft. Of particular interest here are: (a) equipping individuals with the traits and skills to avoid strains conducive to crime, (b) increasing social support, (c) increasing social control, and (d) reducing exposure to situations conducive to crime. There are likely resources available through your employer or in the local community that can help people who are experiencing or on the verge of experiencing strains. Financial strains, which are more likely to lead to theft than other forms, may be averted through financial counseling for entry level employees, for example. Knowing what resources are available and getting them to those who need them can prevent crime and loss. Employee interactions can serve to form a collective network of people who help with strain, lowering the attractiveness of crime as an option. Further, this may lead to stronger social controls, as peer networks develop and create regulatory frames. Lastly, through various forms of target hardening you can remove the opportunity for strain to lead to crime in your workplace.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

310

27. WORKPLACE CRIME AND DEVIANCE

Summary for Theories of Workplace Crime These theories provide some ideas on how criminological theories might be applied to workplace crime and the prevention of such crimes. Moving toward more specific strategies and actions, the following section will provide an in-depth analysis of preventing the most common crime at the workplace: theft.

THEFT PREVENTION Not all internal (employee) theft is preventable. This section will provide some ways to minimize, moderate, and control this criminal activity, but not stop it entirely. Protection officers can have an impact by preventing, deterring, and displacing theft. When security is tight, thieves look for another place to steal. Making theft so difficult and so much trouble that the would-be thief will decide against it is a reasonable goal for a loss prevention officer. Preventing theft can save many jobs, and that includes one’s own. Opportunities for employee theft come about because of waste, accident, error, crime, and unethical or unprofessional practices. The first letters of these opportunities come together to form the acronym “WAECUP” (pronounced “wake up”). Below is a list of WAECUP loss threats with several examples of each. Waste • Protection officers who waste time create opportunity for employees to steal. • Waste containers are favorite stash places for employees who steal. • Discarding usable items causes loss, as does deliberately putting them in trash to be stolen later on. Accident • The confusion that surrounds an accident scene may be used to screen employee theft.

• Arson has been used by employees to cover up theft. (What seems to be an accident can actually be a crime.) • Worker’s compensation fraud may occur after an accident where the employee exaggerates the extent of the injury. Error • Protection officers who err in following procedures, such as failing to make an assigned round, create opportunity for undetected theft. • Other (non-security) employees who fail to follow security-related instructions, such as failing to lock up storage areas or exterior doors, create opportunity for theft. Crime • If protection officers allow employee theft, other employees will get the idea that it is okay to steal and commit other crimes. • Failure to recognize valuable merchandise allows more crime (protection staff and management will not be watching the correct items). Unethical/Unprofessional Practices • A general feeling among employees that it is okay to pilfer (steal) will result in more theft. This is sometimes called the “rolling ball effect.” It is similar to the “broken windows” theory. • Unprofessional practices by management create resentment among other employees, leading to deviant acts like theft.

Objective Protection officers must reduce employee theft and be proactive in order to do so. This section focuses on practical methods to reduce theft. However, it takes more than your presence, standing around in a sharp uniform, or strutting through an area. You must know what to look for, what to report, and what actions to take. You must also know what actions not to take.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THEFT PREVENTION

Thieves can be clever, and new opportunities for employee theft will develop. This chapter is only a beginning. You must continue to study employee theft prevention as long as you are a protection officer. The objective of this section is to whet your appetite on the scope of employee theft prevention and widen your knowledge. This will give you some tips on observation. For example, employees who bring in empty or almost empty shopping bags and then leave with bags bulging should be viewed with suspicion. Those bulging bags may contain company property. As a general rule, always look for the unusual and out of place, and then investigate discreetly. Also, this section will explain some things about reporting, and discuss what to report and to whom. For example, doors propped open (that are normally locked) may be used by thieves as access points to sneak company property outside. Such things should be reported and written up. There will also be a discussion of actions to take and not to take. For example, managers and other executives often work at home during the evening. They are usually permitted to take company property home to do this. Hourly workers (shift workers) seldom have the right to take company property home. Know company rules before you act or accuse.

Definition of Employee Dishonesty Employee dishonesty can take many forms, including theft. It can be cheating customers. It can be committing industrial espionage. It can be lying on employment applications and falsifying time records. It can be claiming sick leave when there is no sickness. Anything that can be moved, or taken apart and the pieces moved, is a candidate for employee theft. Protection officers can reduce the theft of visible items of the company property. They can catch thieves, of course, but it is better to reduce opportunity for theft.

311

Each organization has its own types of property, including personal (movable property) and fixed (real property). Real property, such as permanent buildings and land, cannot be carried off. In these strategies, only personal property will be addressed. Personal property, in business usage, is not “personal effects.” Businesses try to protect the machinery or means of production. The materials or equipment used for the production (or sale) of goods and services need protection, and those goods, services, products, and so on offered to the public must be guarded. Businesses want to protect and keep their reward: the income received from selling its products, of course. Those categories are what we mean by business personal property. Some business is devoted to manufacturing. Here, the threat of employee theft takes place at several stages. Those stages occur from the time that machines are installed and raw materials purchased through the entire production process until the finished goods are delivered. Other companies specialize in storage and transportation. They warehouse and distribute manufactured products. These companies worry while goods are stored. Each time goods are handled by employees it causes theft concern, too. Goods in transit present additional possibilities for theft. We all shop at malls and other retail stores. Retail is certainly a familiar business to all. There are also wholesale outlets that specialize in selling quantities to the trade. Each retail store, and each wholesaler, worries about losing the property they hope to sell. Employee theft is one way the property can be lost by these owners. Institutions like hospitals have special employee theft problems. These include the unauthorized use or taking of narcotics, and theft of patients’ property. Banking institutions worry about their cash, naturally. The point to remember is that all businesses need protection against employee theft, and that necessity demands proper security and loss control effort by protection officers.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

312

27. WORKPLACE CRIME AND DEVIANCE

First Steps The first step in employee theft prevention is to learn what can be stolen. A list of property categories is useful for reference. All protection officers can use such a list to help them identify the company property.

Sample List—Retail Establishment Office area 1. Paper products 2. Computers and telephones 3. Desks, chairs, bookcases, and file cabinets 4. Rugs and paintings 5. Petty cash Stock room 1. Sales merchandise of various types 2. Shelving 3. Materials and handling equipment 4. Office supplies Sales area 1. Merchandise to be sold 2. Shelving and cabinets 3. Cash registers/computerized sales terminals 4. Product displays 5. Sales receipts (cash, checks, etc.) Parking areas and outbuildings 1. Exterior merchandise displays and loading dock 2. Equipment stored outside (in the open or in outer buildings) 3. Company vehicles 4. Trash and refuse containers A similar list of categories can be drawn up for any work environment. Buy a notebook and make your own list, especially if there is no master list available. And if there is no master list, suggest to your supervisor that an official one be created. Test your powers of observation by comparing your list with those of other protection officers. Update your list as new property arrives and old property is replaced. It is good to know as much as possible about all company property, including value. More valuable

items, especially if easily moved (portable), deserve a special theft prevention effort.

Markings and Signage Life becomes difficult if company property is not marked to indicate ownership. Learn what marking system, if any, is used to mark all equipment. This includes office typewriters, computer equipment, and so on. Sale merchandise should be marked, too, with special tags. Some marking systems use stick-on labels. Other marking systems involve stamping numbers on metal. Paint and stencil are used by some companies for identification purposes. There are chemical compounds that can be painted (or sprayed) on the property. These compounds leave markings visible only in certain light. If valuable items are not marked, you should ask “Why not?” Your supervisor might give you a good explanation. He may commend you for an idea that’s time has come. A good protection officer learns how to recognize the company property. A general reminder: Learn, learn, learn— continue to ask good questions. Keep written records of the answers. In that way, you will not have to ask the same question twice. And you will have a ready reference when there is no supervisor available.

Concealment Hide and seek is a children’s game, familiar to most of us. The basic instructions call for someone blindfolded to count while other children hide. The counter then opens his eyes and tries to find the others. It may help to think of employee thieves as the other children who have the time to take and hide your company’s property. The protection officer should not, of course, have his eyes closed while this theft and concealment goes on.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THEFT PREVENTION

Concealment can occur through several mediums. A thief may conceal an item in their pockets, under their clothing, or otherwise on themselves. Seeing what is in the suspected thief’s hands is essential, as “concealing motions” alone do not indicate a theft. Further, the use of bags (purse, backpack, shopping bag, lunch container, etc.) allows for a thief to easily conceal and carry property away. Employees may conceal items in bags and then transfer them to another person (who may or may not know a theft is in progress), so knowing where the property has gone is essential in preventing or reporting a theft of this nature. Further, sometimes employees may consume items they have not purchased. This loss is no different than if they took the item home. Trash and garbage containers are timehonored hiding places for employee thieves. Plastic garbage bags are another useful item for thieves. Modern garbage bags are sturdy and unaffected by moisture, and are opaque— that is, you cannot see through them. The protection officer should look for garbage bags in containers, both inside and outside the building. Garbage bags will be found in corners and adjacent to doorways. Periodically, check all garbage cans, dumpsters, and sealed garbage bags for stolen merchandise. Be especially alert to those employees who take garbage and trash outside. That activity is a critical junction. It is critical because stolen merchandise can be hidden in the trash. It is a junction because the merchandise is leaving the premises. Normally, only a few trusted employees are allowed to take trash outside. Know who these employees are. Another trick of the employee thief is to take a particular item and hide it for later pickup. Remember that everything has its place, and everything should be in its place. Be alert to the out-of-place item concealed in a strange or unusual location. This may be an indication of employee theft in progress. Look behind

313

shelved merchandise; examine storage rooms and broom closets. Examples: • Valuables, like watches, normally under lock and key, found on open shelves, tucked behind cheap items. • Office equipment and/or office supplies stashed in an area where there is no desk or clerical work performed. • Valuable merchandise found in areas set aside for employees to leave their purses and other personal belongings. The same goes for employee locker areas. • Sheds, lean-tos, truck courts, and other locations outside main buildings, but on the company property. The company property found at these locations should be appropriate to the area. For example, office computers do not belong in a garden shed. Briefcases, lunchboxes, purses, shopping bags, and other containers are usually carried to work by employees. Thieves use these containers to remove company property from the site. The officer must realize, of course, that such personal items are entitled to reasonable privacy. Always remember this, or your search will only cause trouble to you. Always check with a supervisor before searching an employee or his property. Many companies have rules about what types of items can be brought onto company property. Know these rules. You may prevent a theft by advising an employee that the gunny sack in his hand cannot be brought in. Vehicle parking is another factor in concealment. The personal vehicle of an employee should not be parked next to the storeroom door, for example. In fact, employee parking should be at some distance from buildings and doorways. Company policy establishes the parking rules, but you should point out parking hazards that make employee theft easier.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

314

27. WORKPLACE CRIME AND DEVIANCE

Employee thieves may use their own car or truck. They may also use a company vehicle to haul away the stolen merchandise. For example, a driver may load a few extra cases onto the truck, cases not listed on the manifest. These will be sold for his personal profit and the company’s loss. Some thieves are very bold. They will attempt to walk out with stolen merchandise in their hands. Employees who attempt to remove company property from the premises should have a pass or other authorizing document. Since pass forms may be stolen or counterfeited, it is important to know and recognize authorized signatures. When in doubt, check with your supervisor. And make sure that the pass covers each and every item. If the pass says “six” items, do not let the employee remove seven.

RESPONSE TO THEFT Reporting All observed suspicious activity, and especially that involving employees, should be immediately reported. Remember that all observations and concealment findings are a waste of time unless your results are promptly reported. Along with the need for timely reporting, there is a second thing to remember. Get report results to the right individual(s). The right person or persons will be able to take the necessary action. So far, there are three main points to remember. First, reporting must follow observation. Observation may involve sighting suspicious activity by employees. Observation includes threat potential, such as open doors. Or the protection officer may discover concealed company property. First observe; then report. The second main point is timely reporting. If you wait too long to report suspicious activity, the theft will take place. If you wait too long to report a suspicious open door, stolen items will exit through that door. If you wait too long to

report a concealed item, it will be removed by the thief. The third main point is reporting to the right person. The right person will react properly to the threat you observed. The right person will authorize or take corrective action in a timely fashion. The right person will see that your work is not wasted. Who is the right person(s)? Your supervisor, if available. The non-security supervisor in the hazard area is another. Each company and each business will have a chain of command or leadership tree. Protection officers must know the responsibilities of various managers. They must know how to reach managers in the case of an emergency, which can include a serious threat of employee theft. If your employer utilizes a computer-based reporting system linked to an intranet, then this process can be streamlined. In this case, entering your reports in a timely manner is critical to the information being shared with the proper people. Reports about employee theft should be both verbal and written. The need for verbal reporting often increases with rapidly unfolding events. The need for written reports is twofold. First is clarity. Verbal information often becomes distorted when relayed from one person to another. Second is record keeping. Written reports serve as the basis for planning by the security and loss control staff. History tends to repeat itself, and hazards repeat unless records are kept and used. Your reports are an extension of yourself. When you write a report, it is because it will be reviewed by someone. Even when you believe that management will not review your reports, make sure to write in a clear, concise, and legible way. Reports are not valuable if they are poorly written or have illegible handwriting. When criminal activity, or activity that is against company policy, is uncovered, your reports will serve as a central piece to the corrective action taken. If your report fails to communicate the details of the incident clearly and directly, or if

II. PRACTICAL AND OPERATIONAL APPLICATIONS

RESPONSE TO THEFT

it is unable to be deciphered by those who utilize your report, then the offender may be released without consequences. A protection officer may develop a negative attitude about reporting his observations (to include employee theft hazards). Perhaps nobody asked for an explanation of important observations. No pats on the back or positive feedback occurred. Or nothing seems to have been done to reduce the reported threat. Many protection officers, especially those working the night shift, never see the protection boss or his deputies. In that shift, especially, they may wonder if their reports are ever read. What can be done to improve reporting? Verbally report suspicious activity and other employee theft potentials. Discuss your written reports with supervisors whenever you can. Once in a while, take some initiative and call the protection office when you are off-duty and the boss is in. Show your concern for your duties and for your reports. Such dedication is often rewarded. The protection officer bears responsibility for his observations on employee theft or the potential for theft. Your observations must be understood by the top ranks. No excuses or moaning about the lack of communication will help the situation.

Preventive Actions Observation and reporting are crucial in employee theft prevention, as already addressed. Preventive action is also important, but actions can be hazardous. The wrong action can bring unnecessary embarrassment to an employee, the protection manager, and the individual protection officer. Wrongful action can expose you and your company to civil suit. For example, an employee falsely accused of theft can bring suit for monetary damages. Some wrongful actions lead to criminal prosecution and jailing of the protection officer. Be careful when facing accusations. Be especially careful in conducting

315

searches. Search actions are the most troublesome preventive actions. Preventive actions do not always mean trouble. Many preventive actions are pleasant. They involve heading off employee theft at an early stage. Never forget, the essence of protection is prevention of employee theft. Cultivate a good liaison with as many senior employees as you can. Let these employees be additional eyes and ears.

Search Policy Occasionally, you may feel it necessary to search a lunch bucket or purse. Or you may decide an employee locker contains stolen merchandise. There may be an excellent reason to suspect that the company property is in an employee’s personal vehicle. However, before you take action, before you search, know your company policy and always follow it. Do not take actions in conflict with company policy. Policy may state that employee packages or vehicles can be inspected on demand, or policy may instead authorize periodic and random searches of employee parcels, briefcases, and purses. A company without a written and well-communicated policy is buying trouble for itself and the protection staff. When in doubt about search policy, ask your supervisor. Remember that an error on your part could result in your termination or court action. Searching a company vehicle is less hazardous, but company policy still rules. It may be necessary to break a door seal. A search could delay delivery of overdue merchandise. The union contract may set limitations or requirements. For example, rules may require the presence of a union steward or a supervisor during the search. Know the rules and follow them, and document in your report any action taken. Searching other areas, such as storage sheds, or checking trash containers and garbage bags is normally simple, but it is wise to ask your supervisor if such routine checks can be done

II. PRACTICAL AND OPERATIONAL APPLICATIONS

316

27. WORKPLACE CRIME AND DEVIANCE

without giving prior notice to the protection office or some supervisor. Routine searches should be done at different times, of course. If officers always check a trash container at 4:00 p.m., employee thieves will wait until 4:10 p.m. to stash the stolen goods. Protection officers may not be allowed in some areas unless invited. Such areas often include the research laboratory and executive offices. Barging into a research laboratory could ruin experiments in progress. It is important to remember that company executives do not want protection officers poking around when important business is under way. Public relations are the key to almost everything the protection officer does. This is never truer than in searching an employee’s bag, briefcase, or vehicle. Your attitude during a search must be professional and nonthreatening. Remember that you must work tomorrow with the same employees you search today. An overbearing or nasty attitude will make enemies you cannot afford.

Employee Liaison No protection officer can be successful without help. Help will come from the protection staff, of course, but you can also get help from non-security employees. It is necessary to cultivate the respect of those employees who can assist you to estimate employee theft threats. Morale is a good indicator of theft potential. When overall morale is high, there tends to be less employee theft. When morale is low, theft is more likely. The protection officer needs to keep his or her finger on the pulse of employee morale. This can best be done through contacts in the workplace. Often, non-security employees will witness an employee theft, but fail to report it. This can continue for a long time. A protection officer who has the respect of key employees may receive valuable hints about the deviant activities of employees.

Liaison with non-security employees has other benefits. A roving protection officer will never know an area or the activities taking place as well as employees who work there. Changes in the workplace—for example, getting a shipment of new, valuable items, opening a formerly sealed door, or hiring temporary help—can raise the potential for employee theft. New merchandise represents something additional to observe. Opening a previously sealed door means another access route to remove stolen merchandise. Temporary staff may themselves steal or be blamed as regular employees attempt theft.

EMERGING TRENDS Losses caused by employees have been a concern throughout history. At one time, employers in England and the United States forbade employees to talk during working hours. This was to ensure that there was no loss due to wasted time. A more contemporary approach to this issue is the use of temporary employees. Contract service firms provide employees to client organizations on an as-needed basis. Such an approach cuts waste, but may create the potential for theft, espionage, and other crimes. Obviously, all employees with access to assets must be properly screened and supervised. Employee loyalty and commitment to the employer are also critical if theft, sabotage, espionage, and so on are to be controlled. Similarly, Imperial Food Products (a company that produced chicken food products for retail) in the United States locked its fire exits to prevent employee theft of chicken nuggets. When the factory caught on fire in 1991, 25 workers died. This is a case where, according to Aulette and Michalowski (2006), both the company and the state are guilty of criminal wrongdoing. Although this example of statecorporate crime (Kramer & Michalowski, 2006) may seem out of the control of a protection

II. PRACTICAL AND OPERATIONAL APPLICATIONS

EMERGING TRENDS

officer, you may find yourself in situations where you need to report the behavior of managers who are taking action against law or policy. When companies and governments act in a way that violates law and/or policy, they create loss of money, merchandise, and sometimes life. In a related tone, white collar crime indicates that crime is not simply a habit of the average person, but also of the wealthy. When upper level employees use their status or position to violate law or policy they have committed a white-collar crime, as defined by Sutherland (1949). Reporting these sorts of violations of law and policy are just as important as theft from entry level employees. Technological advancements are altering many fields, and protection officers are very much included in this. Cybercrime can have devastating consequences for a company, as criminals can steal important information and resources without being present. This makes cyber security an important area of growth in the corporate security arena (Li, 2017). Further, technological growth allows for more widespread use of security surveillance systems and digital monitoring systems (Hou et al., 2017). These systems are growing more sophisticated, allowing tiny aperture pictures with pinhole cameras, to providing highdefinition pictures, and even to providing facial recognition capabilities. Camera systems of higher sophistication can even be linked to exception reporting systems (discussed shortly), allowing for transactional data to be relayed alongside video monitoring. Technology, although certainly benefiting the protection officer and the consumer, has also opened opportunity for crime. One example is the cybercrime mentioned earlier. In the retail store we find another example in self-checkout terminals (Taylor, 2016). These systems allow for customers to scan and purchase their own merchandise, without interacting with a cashier. This allows thieves to avoid paying for merchandise through a

317

variety of avoidance techniques. Knowledge of the technology utilized in your store will enable you to be better prepared for this. For example, some stores use camera systems that monitor these terminals for non-scanned items, and automatically report the loss to management. These systems can prove critical in preventing loss. Organized crime has been involved in some workplaces for many years. Survey data shows a continuing growth in organized retail crime (ORC) activity (National Retail Federation [NRF], 2018). These groups are turning to the internet to sell stolen goods at an increasing rate (Aniello & Caneppele, 2018). Infiltration of businesses, with the goal of exploiting their assets, is a common occurrence. Organized crime groups are now becoming involved with identity theft/fraud. Exploitation of an insider who provides confidential customer or employee information is a key concern. As information becomes a more valuable and accessible asset, such scenarios will likely increase. This is especially true as credit card readers are manipulated so that criminals can steal information as customers complete their transactions. The digital age opens up opportunity for theft to occur without the offender being present (Leukfeldt, Lavorgna, & Kleemans, 2017). Intelligence and crime analysis positions are becoming more common. In public sector organizations, there are often crime analysts employed by police departments. Intelligence analysts may be employed within law enforcement or investigative organizations. Major corporations are also using the services of those who can conduct applied research on an organization’s loss problems. Crime analysts help pinpoint where crime is occurring by day, time, and location. They aid in more effectively deploying personnel and other resources to address the crime problem. Intelligence analysts help to spot and track the activity of organized crime groups, terrorists, and embezzlers. The effective use of intelligence analysts helps to detect crime or loss

II. PRACTICAL AND OPERATIONAL APPLICATIONS

318

27. WORKPLACE CRIME AND DEVIANCE

problems that are forming. Intelligence analysts can also direct investigation into crime or loss situations. Exception reporting systems, which spot deviations from the norm, such as an unusual amount of voided sales at a cash register, are part of a theft intelligence system. These systems can be rather sophisticated, and can provide information on specific employees, customers, registers, and merchandise. If your company utilizes this technology, becoming familiar with it can allow for a focused and efficient monitoring of otherwise difficult to apprehend forms of loss. For example, if a cashier is using their register to “return” money onto their personal credit card, visual observation alone may not detect the behavior. But exception reporting systems can identify repeated returns to the same card and direct your observations. The individual protection officer plays a key role in reducing workplace crime and deviance. Unfortunately, many organizations do not fully recognize this, relying instead on accountants, auditors, and human resources personnel to manage internal losses. This perspective is most often seen with uniformed security personnel; plainclothes personnel, such as retail loss prevention officers, tend to be more involved in internal loss problems. In retail, loss prevention agents do various forms of auditing, interviewing, and surveillance. In many cases, retail loss prevention officers also are involved in educational programs for employees. Coordinating and delivering awareness programs on internal loss, ORC, safety, and related topics are functions that are often performed below the managerial level.

SUMMARY This chapter presented some lessons about controlling employee dishonesty. Employees at all levels may steal from their employers. Most employees steal what is immediately available

to them. Protection officers cannot prevent all employee theft, but they can have a positive impact. Theft prevention is a good idea at any time. Today, it is especially important because of the economic climate. Practical methods to prevent theft have been provided. These include tips on what to look for, what to report, and what actions to take. As a general rule, always look for the unusual and out of place, but be prudent in taking action. An employee may have permission to take company property off the premises. Protection officers can reduce theft of visible items, but it is best to reduce opportunity for theft. Theft reduction requires knowledge of company property, how it is marked, and its value. Make a property list to aid one’s memory. Concealment often comes before the removal of company property by the employee thief. Trash, garbage containers, and garbage bags are favorite hiding places. The thief may conceal valuable merchandise behind less valuable items. Everything should be in its place. Look behind shelved merchandise; examine storage rooms and broom closets. Know the rules about what employees may bring onto company property. You may be able to prevent a theft simply by advising an employee not to bring in a container. Vehicle parking is another factor. Point out parking hazards that make employee theft easier. Report suspicious activity, both verbally and in writing. Timely reporting is critical to the right person or persons. Know who the right person is. Follow-up on the reporting in discussions with protection supervisors. Preventive actions are important to employee theft prevention. Wrongful actions by protection officers can lead to civil and criminal problems. Considerable care is needed in making searches and in making accusations. Some preventive actions are pleasant. Employee liaison is an excellent way to prevent employee theft. Liaison with senior employees means additional eyes and ears.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

Company search policy must be understood and applied. Know whether policy allows random searches or searches on demand. A written search policy is essential. Search of company vehicles may be easier, but complications can arise with respect to seals, merchandise delays, or contract provisions. Always follow the rules. Search of trash or storage areas is usually without complication. These searches should be done at staggered times. Some areas, such as research labs and executive offices, need prior permission to enter, even by the protection officer. There are valid reasons for these restrictions. Public relations are important, especially during any search involving an employee. An officer must work tomorrow with the employee who is being searched today. Cultivate the respect for senior employees. These people can help the officer recognize employee theft potential. As a general rule, morale is a good indicator of theft potential. Low morale is likely to mean more employee theft problems. Sometimes employees witness theft, but do not report it. If the protection officer develops the respect of key employees, hints about employee deviancy may be received. Liaison with non-security employees has other benefits. Changes in the workplace environment can raise the potential for employee theft. Good liaison will keep you up-to-date on such changes. The protection officer can do a good job in preventing employee theft, but only if he follows the methods outlined and company policy. Workplace crime is not limited to theft; sabotage by employees can also occur. There are various types of sabotage, from total or near total destruction of equipment and facilities (planting explosives or incendiaries), to damaging equipment, to deliberate work slowdowns. Sabotage may be motivated by a variety of reasons. In construction and other industries, sabotage may be conducted to prolong the work; damage slows

319

completion of the project and keeps hourly workers employed. Conversely, acts of sabotage may be motivated by labor unrest during contract negotiations or strikes. Sabotage may be committed by those advancing political or social agendas (terrorism), or it may be the work of foreign agents during times of war. Regardless of the motivation, sabotage is a type of workplace crime. The control of sabotage is similar to the control of theft in most cases.

References Agnew, R., Emory University. (1992). Foundation for a general strain theory of crime and delinquency. In Criminology 30(1), 47–87. [PDF file]. http://clydebankhigh. org.uk/New%20CHS%20Website/Files/modern% 20studies/Adv%20Higher/CausesEffects%20of% 20Crime/Articles-handouts/Strain%20Theory.pdf. Agnew, R. (2006). General strain theory: Current status and directions for further research. In F. Cullen, J. Wright, & K. Blevins (Eds.), Taking stock: The status of criminological theory, Vol. 15, Advances in criminological theory (pp. 127– 148). New Brunswick, NJ: Transaction Publishers. Aniello, S., & Caneppele, S. (2018). Selling stolen goods on the online markets: An explorative study. Global Crime, 19, 42–62. Aulette, J., & Michalowski, R. J. (2006). The fire in Hamlet. In R. J. Michalowski & R. C. Kramer (Eds.), State-corporate crime: Wrongdoing at the intersection of business & government (pp. 45–66). New Brunswick, NJ: Rutgers University Press. Beccaria, C. (1764). Essay on crimes and punishments. Retrieved from: https://oll.libertyfund.org/titles/beccariaan-essay-on-crimes-and-punishments. Burgess, R. L., & Akers, R. L. (1966). A differential association-reinforcement theory of criminal behavior. Social Problems, 14, 128–147. Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 44, 588–608. Coleman, J. W. (1994). Neutralization theory. An empirical application and assessment. Ph.D. Dissertation, Oklahoma State University. Cromwell, P., & Thurman, Q. (2003). The devil made me do it: Use of neutralizations by shoplifters. Deviant Behavior, 24, 535–550. Hou, L., Wan, W., Hwang, J., Muhammad, R., Yang, M., & Han, K. (2017). Human tacking over camera networks: A

II. PRACTICAL AND OPERATIONAL APPLICATIONS

320

27. WORKPLACE CRIME AND DEVIANCE

review. European Association for Signal Processing (EURASIP) Journal on Advances in Signal Processing, 2017, 1–20. Kramer, R. C., & Michalowski, R. J. (2006). The original formulation. In R. J. Michalowski & R. C. Kramer (Eds.), State-corporate crime: Wrongdoing at the intersection of business & government (pp. 18–26). New Brunswick, NJ: Rutgers University Press. Leukfeldt, E. R., Lavorgna, A., & Kleemans, E. R. (2017). Organized cybercrime or cybercrime that is organized? An assessment of the conceptualization of financial cybercrime as organized crime. European Journal on Criminal Police and Research, 23, 287–300. Li, J. X. (2017). Cyber-crime and legal countermeasures: A historical analysis. International Journal of Criminal Justice Sciences, 12, 196–207. National Retail Federation (NRF). (2018). 2018 Organized retail crime survey. Retrieved from https://nrf.com/ research/2018-organized-retail-crime-survey Sutherland, E. H. (1949). White collar crime. New York: Holt, Rinehart, and Winston, Inc. Sutherland, E. H., & Cressey, D. R. (2003). A theory of differential association. In F. T. Cullen & R. Agnew (Eds.), Criminological theory: Past to present: Essential

readings (2nd ed., pp. 131–134). Los Angeles: Roxbury [Reprinted from Principles of criminology, 6th ed., 1960]. Sykes, G. M., & Matza, D. (1957). Techniques of neutralization: A theory of delinquency. American Sociological Review, 22, 664–670. Taylor, E. (2016). Supermarket self-checkouts and retail theft: The curious case of the SWIPERS. Criminology & Criminal Justice, 16, 552–567.

Resources The Association of Certified Fraud Examiners has over 45,000 members. Membership is open to students. There are a series of substantial discounts available to educators who join the Association. The Association sponsors the Certified Fraud Examiner (CFE) designation and has a database of articles on fraud. Visit the site at: www. acfe.com.

Further Reading ASIS International, 2011. Workplace violence prevention and intervention. ASIS/SHRM WVPI. 1-2011, Alexandria, VA.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

28 Espionage—A Primer Brion P. Gilbride O U T L I N E Introduction

321

Motivations

326

Espionage in History

322

Security Clearances and Classifications

327

Espionage in the 21st Century

322

Trade Secrets

327

Sabotage

323

How Can Espionage Be Conducted?

324

What Can Security Do About Espionage in the 21st Century? 329

Social Engineering

325

“Gentlemen do not read each other’s mail.” —Henry L. Stimson, US Secretary of State, 1929

INTRODUCTION When we think of espionage, what is the first thing that comes to mind? Shadowy government agents trading briefcases full of secrets in a dark alley, the CIA and KGB, James Bond, 007. This is because this is what most people, regardless of where they are in the world, understand about the business of espionage. The reality is that governments do collect all manner of information on the operations and activities of other countries, both friend and foe. Also, part of this reality is that businesses and individuals also collect

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00028-6

References

329

information on each other—whether for business advantage, revenge, protection, or any other reason. Espionage, in essence, is stealing secrets. Secrets can be in nearly any form—a document, an email, computer files, recorded conversations, text messages, etc. Who keeps secrets? Governments do. So do companies and people. The secret formula for Kentucky Fried Chicken. That’s a secret. The schematics for a new machine. Those are secret. Negotiations for a merger between two companies. Plans for a brand-new aircraft carrier. A list of spies with official cover working in Turkmenistan. All secrets. There are thousands of examples. If another entity—either a corporation or even a government—got their hands on one

321

# 2020 Elsevier Inc. All rights reserved.

322

28. ESPIONAGE—A PRIMER

of these secrets, what would the impact be? A competitor’s product beats your employer’s product to market, costing millions in revenues. Another government begins feeding misinformation to your government’s spies because it now knows who they are. Two companies don’t merge and instead one company fails while the other survives. There are countless bad outcomes.

ESPIONAGE IN HISTORY If these examples seem vague, there are plenty of real-life examples. Over 200 years ago, in November 1778, General George Washington ordered that a spy ring be established to operate in New York City and supply information on British troops. The ring, called the Culper Spy Ring, operated until 1783. None of the members were ever caught. Methods used by the spy ring include pseudonyms, writing messages in invisible ink, and designing a numerical substitution system to identify people and places. During the ring’s 5 years, their successes included thwarting a British attack on Rhode Island in 1780, as well as the capture of British Major John Andre, the spy who led the Americans to Benedict Arnold (Williams, 1778). In the period after World War II, the Soviet Union was able to produce an atomic bomb years before anyone thought they could. How did they do it? They had help from several people; one was noted scientist Klaus Fuchs. Fuchs worked on the Manhattan Project—the scientists attached to the Manhattan Project developed the atomic bombs that were ultimately dropped on Nagasaki and Hiroshima, Japan at the end of the war. Fuchs passed information on bomb design and assembly when he was working in the United States, and when he moved to London he passed information on methods of making a hydrogen bomb. To whom did he pass this information? The Soviet Union (Weinstein & Vassiliev, 1999). Fuchs was arrested in February 1950 and sentenced to 14 years in prison.

During the 1980s an Iraqi scientist working on Saddam Hussein’s nuclear program used his memory to identify foreign recipients of a restricted report so that he could obtain copies of it for Iraqi use. In his book The Bomb In My Garden, Dr. Mahdi Obeidi described his search for a particular report on the design of an atomic weapon. He tracked down this report to a library at the University of Virginia. When Dr. Obeidi went to see it, he learned that he’d need to complete paperwork and provide identification for security purposes. To avoid leaving anything incriminating behind, Dr. Obeidi protested that the paperwork would take time and asked if he could briefly peruse the report to confirm it was the particular report he was looking for. The University agreed and Dr. Obeidi was given the report. In doing this Dr. Obeidi had the paper in his possession long enough to review the list of people that copies were provided to at the time it was published. This list contained the name of an Italian professor of Dr. Obeidi’s acquaintance who may not have been subject to restrictions such as those placed by the University of Virginia. In this way, Dr. Obeidi was able to obtain a copy of the report without anyone in the United States knowing that he did so—in the United States his attempt to access the report at the University of Virginia likely would have been reported to the authorities (Obeidi & Pitzer, 2004).

ESPIONAGE IN THE 21ST CENTURY As demonstrated, different varieties of espionage have been used over the years. As the amount of information amassed by people has exploded over the years and as the methods of storing or transporting all of that data have also exploded, the threats generated by espionage have changed. Espionage cases from the 21st century demonstrate some differences. In June 2013, an Indian national living and working in the United States was arrested and charged with

II. PRACTICAL AND OPERATIONAL APPLICATIONS

323

SABOTAGE

theft of trade secrets. This person allegedly downloaded 8000 files from Becton Dickinson’s computer servers on a disposable pen injector that the company was developing. The files were stored on external hard drives, thumb drives, and other storage devices (US Department of Justice, 2015). In 2014, the man was sentenced to 18 months in jail and deportation. On February 28, 2007 Hanjuan Jin, a naturalized US citizen of Chinese descent from Aurora, Illinois, was intercepted at Chicago O’Hare International Airport attempting to board a flight to China. In her possession were over 1000 electronic and paper documents that were the property of Motorola. During her trial in 2011, a number of facts came to light. Jin joined Motorola in 1998 and worked until taking a leave of absence in 2006. During this leave, Jin obtained a job with Sun Kaisens, a Chinese communications company with connections to their military. On February 15, 2007 Jin returned to the United States and resumed employment with Motorola on February 26. Jin made multiple visits to Motorola between February 26–27 and during those visits Jin downloaded hundreds of technical documents from Motorola’s servers and transported numerous hard-copy documents out of the facility. Among the materials seized from Jin on February 28 at O’Hare Airport were descriptions of specific Motorola product features, classified Chinese military documents, and $30,000 in cash. Jin was convicted on three counts of theft of trade secrets but was acquitted on three counts of economic espionage on behalf of China (Federal Bureau of Investigations [FBI], 2012). On May 20, 2013, a man named Edward Snowden boarded a flight from Hawaii to Hong Kong. In his possession or under his control at that time were numerous files and documents containing classified information on US intelligence and diplomatic activities throughout the world. Snowden is believed to have obtained these items via his work with the US National Security Agency (NSA) as a contract employee.

Prior to this work, Snowden had worked for the US Central Intelligence Agency from 2007 to 2009 as an information technology (IT) specialist, and before that worked for the NSA as a security guard (Greenwald, MacAskill, & Poitras, 2013). It was primarily his IT background that enabled him to find and then copy the materials he ultimately fled with. Among those materials were the documents relating to NSA capabilities concerning the collection, recording, and analysis of international and domestic phone calls involving the United States (McCullagh, 2013).

SABOTAGE Espionage cannot be adequately covered without discussing its evil twin, sabotage. Sabotage occurs when an individual takes an action that interferes with normal business or government operations. Keep in mind that the action does not have to be physical, such as pouring sugar into the gasoline tank of a car to prevent the engine from working properly. It can be something simple such as renaming an important computer file so that others cannot find it. Being able to commit sabotage requires many of the same elements that committing espionage requires—particularly opportunity or access to items or systems that can be sabotaged. In 2013, a train carrying nuclear waste derailed in Bessines-sur-Gartempe, France. On the same day, a passenger train derailed in Bretigny-sur-Orge, south of Paris. Subsequent investigation of both rail accidents revealed that a part called a “fishplate” used to link pieces of rail together became loose. The loosening of the “fishplate” caused the two rails to which it was fastened to come apart, causing the derailments (RFI, 2013). In 2010, two Russian nationals and one Kazakhstan national were arrested near an Effingham, Georgia power plant after being spotted by a park ranger. A search of their nearby vehicle found a machete, shovel, wire

II. PRACTICAL AND OPERATIONAL APPLICATIONS

324

28. ESPIONAGE—A PRIMER

cutters, and ski masks (Komanecky, 2010). The intentions of these three men are not clear, but the presence of equipment that would be useful for breaching a fence or cutting electric wires suggests that their intentions were not good. In 2011, a man was arrested after placing a homemade bomb at a natural gas pipeline substation in Okemah, Oklahoma. The bomb was found by an employee and fortunately did not detonate (Author unknown, 2012). Had it done so, it would have caused significant damage to the natural gas company’s infrastructure—the pipeline and substation—and possibly killed people who worked or lived in proximity to the line.

HOW CAN ESPIONAGE BE CONDUCTED? The practices involved in committing espionage, referred to as tradecraft, have varied over the years. In many ways, tradecraft was and is dependent on what forms of information are available. In the days before computers, information had to be memorized and transmitted verbally, written down, or transmitted via a communication device (i.e., radio, telegraph). Capturing or stealing information had a certain element of risk in those days because one could be caught in the act of using the communication device or intercepted while actually carrying the evidence of espionage. To protect information, governments devised codes to deter eavesdroppers from intercepting it. The discipline that evolved from this practice is referred to as cryptography. Tradecraft, especially before computers became widespread, relied partly on equipment being simple to use, reliable, and, most importantly, concealable. One of the simplest ways, and riskiest, is to pass information from person to person via a handoff. This can be done out in the open but is subject to detection if there’s any surveillance. This method is easily applicable to 21st century espionage activities—the difference

being that instead of paper or microfilm the items passed are encrypted thumb drives or small DVD disks. The risk here is that if the person is intercepted by security officials then the evidence is right there on their person. Another method to pass information is by using a “dead drop.” A “dead drop” occurs when one party leaves an item or package in a prearranged place that is retrieved by another party. This is less risky in that the parties are not seen together, but just like the person-toperson handoff (also known as a “brush pass”) if the party with the item is intercepted by security officials the evidence is right there. Information being transported may also be concealed via encryption. Before computers, information was often disguised using codes generated by a cipher machine. A code and a cipher are not the same thing. A Khan Academy lesson on Codes and Ciphers defines a code as “mapping from some meaningful unit into something else.” In other words, in a code one typically smaller or less complex thing is substituted for a larger thing. A cipher is defined as “…mechanical operations (known as algorithms) which are performed on the individual or small chunks of letters” (Khan Academy, n.d.). A cipher, therefore, is the exercise used to create the code. If a cipher is used to create a code, the same cipher can be used to break it. When transporting information, an additional level of safety is provided by encryption, such as a “one-time pad” (OTP). A “one-time pad” is a cipher. It is defined as “a series of numbers randomly keyed to letters that can be put into clear text only by someone having an identical OTP” (Royden, 2007). Communications technology in the precomputer age also made espionage risky. Telephones were not wireless, so unless someone was using a radio there was no way to capture transmissions out of the air—the transmission line itself had to be accessible in order to eavesdrop. Such devices were called taps. In some instances, the cable carrying conversations could be tapped but not individual phone lines.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

325

SOCIAL ENGINEERING

The United States did this with a cable running beneath the Sea of Okhotsk to intercept Soviet communications at the naval base in Petropavlovsk. The operation, called Ivy Bells, required a submarine and divers to install a tap and later to retrieve and replace the recording tapes (Yenne, 2005). A conversation between two people in a room could also be recorded via a transmitting device called a bug. Bugs could be concealed inside the room but were detectable via scanning equipment or by someone physically finding it. Other tradecraft concerned the creation or use of identity documents. One of the ways to protect an organization that is committing espionage is to have the perpetrators of such acts disguise their identity. In the 20th century, this might have involved photo-substituting a legitimate passport, applying for a driver’s license using a fake birth certificate so as to have a real document on a fake person, or it might involve altering one’s appearance to match a legitimate person or identity document, that is, as an impostor. The widespread use of biometrics in the 21st century, from fingerprints to palm prints to retinas, has made these methods far more complicated to use, but not impossible. In the digital age, a number of things have changed. Most telephone calls, including cellular phones and satellite phones, are broadcast through the air to towers or satellites. This means unencrypted conversation can be intercepted without having to physically enter a site or install a tap on a phone line. Encryption technology has become far more powerful and accessible to the public than it used to be—yet conversely computing power has multiplied exponentially such that encryption can potentially be defeated. Bugs have become smaller and more powerful—there’s no longer a need to hide a bug in a room when they can be concealed on the person. A bug could be concealed in nearly anything, and most cellular phones that people use come with recording and

photography capability that is nearly professional quality. This technology, too, is accessible to the general public. Like telephone calls, the data transmitted by wireless networks, iPhones, and other devices can be intercepted without having to physically install a recording device or enter a restricted space. In the digital age, most of the world’s information or data is stored in computers, servers, or devices that can communicate with computers or servers. If someone accesses information on a company’s computers or servers to which they are not authorized or entitled, that falls pretty clearly under espionage. Espionage might also include someone denying a company access to proprietary information or data. If a person hacks into a company’s computer and wipes (erases) the hard drives, they have accessed information to which they are not authorized or entitled and gone a step further by altering or destroying such information. To give an idea of the scale of the changes between papers and tape recordings versus digital storage, consider the following comparison. Instead of passing documents or microfilm, an espionage agent might pass a DVD-ROM disc or a USB thumb drive. Consider how much more information a USB thumb drive can hold versus actual paper or microfilm. The 32-gigabyte (GB) thumb drives are inexpensive, and if 1 GB is analogous to 900,000 pages—multiply that by 32. That is just shy of 29 million pages. If the book Atlas Shrugged is 1000 pages long, that’s 28,800 copies of it on one thumb drive.

SOCIAL ENGINEERING Social engineering is a recent phenomenon— it encompasses both the use of technology and person-to-person techniques in order to elicit information. If a person can be convinced to unintentionally or inadvertently give up information, a level of plausible deniability is created for those seeking unauthorized access to that

II. PRACTICAL AND OPERATIONAL APPLICATIONS

326

28. ESPIONAGE—A PRIMER

information. This activity is referred to as social engineering. Social engineering is defined as “the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data” (Fruhlinger, 2019). In simpler terms, it’s a confidence game. The social engineer tries to bluff his/her way into the information being sought. CSO magazine published an article in 2008 that describes some of the tactics used by social engineers. For social engineering to work, the “engineer” must convince the target that he/ she is someone who is entitled to the information they are seeking. The “engineer” might use company-specific jargon to convince the target that he/she is an employee of the company, particularly one of higher rank than the target. The rank confers the additional advantage of making the target less likely to question something from a higher-up in the corporate hierarchy. Other tactics include using a recording of the company’s “on hold” music to simulate calling from an internal phone—the idea being that the target hears the familiar music and assumes the person is calling from elsewhere in the company. Combine this with “spoofing” the caller ID (causing the caller ID on the target’s phone to display a different number than the one actually calling) and the tactic can be quite effective. Social networking sites such as LinkedIn and Facebook have made social engineers’ lives easier as many people share too much about their personal and professional lives via those sites. In addition, the frequent changes to the security settings of those sites make it difficult for even prudent persons to keep their information secure (Goodchild, 2008).

MOTIVATIONS It is not enough to understand how data might be captured or transmitted to effectively defend against it. It must also be understood why a person or an organization might want

to intercept a company’s secrets. According to the Department of Defense Personnel Security Research Center (PERSEREC), below are reasons that a person might engage in espionage: 1. Increasing prevalence of personal financial problems and/or compulsive gambling. 2. Diminishing organizational loyalty. 3. Ethnic diversification and/or allegiance to a global community (Kramer, Heuer, & Crawford, 2005). The first reason, and the most common, is money. The data held by a company can be quite valuable in some instances. Design specifications, blueprints, customer data, financial data—any of these could be turned over to another company or even another government for remuneration or other consideration. An employee who lives beyond his/her means could be susceptible to this, or one who gambles compulsively, or one overwhelmed by serious medical bills for a spouse or other relative. Diminishing organizational loyalty is an interesting and more recent phenomenon. During much of the 20th century, it was possible to start working for a company and stay with them for an entire 20- or 30-year career. This meant that there was considerable loyalty between the company and the employees, with the employees knowing that if they worked hard the company (via their pension) would take care of them in their old age. In the 21st century, that’s fallen by the wayside for a variety of reasons. It’s no longer uncommon for someone to hold the same position with different companies or to change jobs entirely. The downside to feeling less loyalty to one’s employer is that it removes a significant mental barrier to violating one’s integrity—or enables the rationalization of taking something from the company. Ethnic diversification and/or allegiance to a global community is also a recent phenomenon. Populations in many countries are much more diversified than they were 50 years ago. Back

II. PRACTICAL AND OPERATIONAL APPLICATIONS

327

TRADE SECRETS

then, people emigrated to the United States to become American, or to Canada to become Canadian. In the 21st century, however, a hyphenated description has become common. Chinese-American would denote someone who emigrated from China to the United States, or Indo-Canadian would describe someone from India who moved to Canada. The distinction described here is between a person who emigrates to become a citizen of their destination country and one who temporarily emigrates to take advantage of opportunities or benefits accessible in the destination country with the goal of returning “home.” This change has occurred with the prevalence of organizations such as the United Nations or the European Union in favor of the traditional nation-state. The ability of the average person to easily and quickly move from one place to another across the globe and the general interconnectedness of the world via the Internet (as we know it) has also contributed to this change. The question becomes if the emigrant must choose between (a) the country they’ve emigrated to and (b) the country they’ve emigrated from, with whom will they place their loyalty?

SECURITY CLEARANCES AND CLASSIFICATIONS Governments have come up with systems to identify information that they want to keep secret. Governments also have procedures to identify and vet persons who can be permitted to access such secret information. Security classifications generally are used to restrict government-held or government-related information. These classifications are applied to any information that, if exposed, would adversely affect national security. This kind of information is commonly referred to as “classified information.” In order to obtain access to classified information, a security clearance is

required. There are different levels of security clearance, depending on the nature and sensitivity of the information classified at that particular level. A person does not need to be a government employee to be granted a security clearance. Many private companies working on government contracts, particularly those of a military nature, employ persons with security clearances. Regardless of their employer, if a person requests a security clearance, a background investigation will be conducted. The intensity of the investigation varies but background investigators ultimately have to learn enough about the person so that an adjudicator can determine if that person is not a potential security risk. It must be determined that the individual’s personal and professional history indicates loyalty to the United States, strength of character, trustworthiness, honesty, reliability, discretion, and sound judgment, as well as freedom from conflicting allegiances and potential for coercion, and a willingness and ability to abide by regulations governing the use, handling, and protection of classified information. —US Department of State, “All About Security Clearances” (n.d.).

The procedures vary by the nature of the entity granting the clearance, but essentially the grantor of the clearance must be satisfied that the person requesting it will not steal, leak, or lose the information to which they’ve been granted access.

TRADE SECRETS In the private sector, trade secrets are analogous to classified information. Trade secrets are information which, if exposed, would impact the health (and sometimes the very existence) of the company that possesses them. The Legal Information Institute (LII) at Cornell University describes six factors under US law that will typically determine whether or

II. PRACTICAL AND OPERATIONAL APPLICATIONS

328

28. ESPIONAGE—A PRIMER

not information can be referred to as a trade secret (Legal Information Institute [LLI], n.d.): • Extent to which information is known outside the company. • Extent to which information is known by employees and/or others involved with the company. • Extent of measures taken by the company to guard the secrecy of the information. • Value of the information to the company and its competitors. • Amount of effort or finances expended in the development of the information. • Ease or difficulty with which the information could be properly acquired or duplicated by others. These factors are straightforward. Something that is not secret cannot be a trade secret. Information that is not protected (i.e., published on the company’s Internet site) cannot be a trade secret. Information that is valuable because of the resources used to develop it can be a trade secret as long as it is known to the minimum necessary number of people and is protected via encryption, a safe, armed guards, or some other method. Note that this is different than a patent; a patent requires disclosure of information in order to receive protection, and for a limited amount of time. A trade secret is a secret until it is exposed. As a member of the World Trade Organization (WTO) and a party to the Agreement on Trade Related Aspects of Intellectual-Property Rights (TRIPS), the United States is obligated to provide trade secret protection (United States Patent and Trademark Office [USPTO], 2019). In Europe, policymakers took a major step forward in codifying trade secret laws in all countries of the European Union (EU) in June 2016 with the adoption of the EU Trade Secrets Directive. The Directive covers the unlawful acquisition, use and disclosure of trade secrets. EU member states were required to bring their domestic laws into line with the objectives of

the Directive by mid-2018. According to Article 2(1) of the Directive: “Trade secret” means information which meets all of the following requirements: • It is secret in the sense that it is not, as a body or in the precise configuration and assembly of its components, generally known among or readily accessible to persons within the circles that normally deal with the kind of information in question. • It has commercial value because it is secret. • It has been subject to reasonable steps under the circumstances, by the person lawfully in control of the information, to keep it secret (Nirwan, 2017). As you can see, the definitions of a trade secret are quite similar. Simply, the information can’t be already known or accessible, it must be protected as a secret, and it must have some value by virtue of being kept secret. A company should consider taking the following steps: • Identify their trade secrets • Develop procedures for protecting data • Restrict access to trade secrets and limit their distribution • Establish a trade secrets policy, which would cover how trade secrets should be managed • Ensure employees sign a document confirming they have read and agree to the policy • Review employment, partner, customer and supplier contracts to ensure they cover trade secrets and strengthen them if required • Use Non-Disclosure Agreements and ensure they are followed • Provide training to anyone who may have access to confidential information which could be considered a trade secret • Require exiting employees to sign a document to confirm they have returned all information in their possession which could be considered a trade secret

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

• Designate a team to have ultimate responsibility for protecting trade secrets • Monitor IT and security systems and ensure they are kept up-to-date; and • Be alert to the risk of trade secrets entering the company (McClelland, Grimes, & Murphy, 2019).

WHAT CAN SECURITY DO ABOUT ESPIONAGE IN THE 21ST CENTURY? Companies and governments are more vulnerable now than ever to espionage. The sheer volume of information stored in a nonphysical format and the multitude of methods by which to intercept such information makes security, and especially cybersecurity, more relevant to company operations and to maintaining the bottom line. Some of the espionage methods described previously can only be detected by IT professionals—such as the introduction of an unauthorized thumb drive onto the company network or the attempted accessing of restricted files. Methods such as the dead drop or the person-to-person handoff can only be detected by observation via video or by someone witnessing the event. Persons attempting to access company data via wireless transmission can now stay far enough away from the facility that law enforcement may be the only ones to detect such activity. The background investigations conducted by the human resources (HR) division take on additional importance with the increasing number of immigrants living and working in a particular location. The importance of cultivating relationships with the corporate IT department, the corporate HR department, as well as the appropriate law enforcement entities cannot be understated if the fight against espionage is to be successful. Tactics such as “red teaming”—where security professionals deliberately try to penetrate an organization in order to identify weaknesses—

329

are becoming more and more common in both the government and the private sector. Security awareness is also important—the “general population” company employee will supplement good security practices if they understand why they need to do something. Security professionals can support that by making periodic presentations to the employees. If presentations can include the corporate IT department or law enforcement, that will have additional impact.

References Author unknown. (2012). Okla man sentenced for trying to bomb gas line. San Francisco, CA: San Francisco Chronicle. Goodchild, J. (2008, November 6). 8 common socialengineering tactics. Retrieved from CSO website: https://www.csoonline. com/article/2123378/8-common-social-engineeringtactics.html. Greenwald, G., MacAskill, E., & Poitras, L. (2013, June 11). Edward Snowden identifies himself as source of NSA leaks— as it happened. Retrieved from The Guardian website: https://www.theguardian.com/world/2013/jun/09/ nsa-secret-surveillance-lawmakers-live. Federal Bureau of Investigations (FBI). (2012, February 8). Suburban Chicago woman convicted of stealing trade secrets from Motorola before attempting to travel to China. Retrieved from https://archives.fbi.gov/archives/chicago/pressreleases/2012/suburban-chicago-woman-convicted-ofstealing-trade-secrets-from-motorola-before-attemptingto-travel-to-china. Fruhlinger, J. (2019, September 25). Social engineering explained: How criminals exploit human behavior. Retrieved from CSO website: https://www.csoonline.com/article/ 2124681/what-is-social-engineering.html. Khan Academy. (n.d.). Ciphers vs. codes. Retrieved January 24, 2014, from https://www.khanacademy.org/computing/ computer-science/cryptography/ciphers/a/ciphers-vscodes. Komanecky, D. (2010, September 9). Effingham deputies call Feds after arresting Russians with shovel, wire cutters outside Georgia power plant. Retrieved from Savannah Morning News website: https://www.savannahnow.com/effingham-now/ 2010-09-09/effingham-deputies-call-feds-after-arrestingrussians-shovel-wire-cutters. Kramer, L. A., Heuer, R. J., Jr., & Crawford, K. S. (2005). Technological, social, and economic trends that are increasing U.S. vulnerability to insider espionage (05-10). Retrieved from Department of Defense Personnel Security Research Center (PERSEREC) website: https://www.dhra.mil/Portals/52/ Documents/perserec/tr05-10.pdf.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

330

28. ESPIONAGE—A PRIMER

Legal Information Institute (LII). (n.d.). Trade secret. Retrieved September 29, 2019, from https://www.law. cornell.edu/wex/trade_secret. McClelland, J., Grimes, S., & Murphy, S. T. (2019, February 7). EU Trade Secrets Directive: What are reasonable steps? Retrieved from Lexology website: https://www.lexology. com/library/detail.aspx?g=b59572d9-5e29-44e4-b4fe67c5559bcf32. McCullagh, D. (2013, June 15). NSA spying flap extends to contents of U.S. phone calls. Retrieved from CNET website: https://www.cnet.com/news/nsa-spying-flap-extendsto-contents-of-u-s-phone-calls/. Nirwan. P. (2017, December). Trade secrets: The hidden IP right. Retrieved from the World Intellectual Property Organization (WIPO) website: https://www.wipo.int/wipo_ magazine/en/2017/06/article_0006.html. Obeidi, M., & Pitzer, K. (2004). The bomb in my garden (pp. 77–79). Hoboken, NJ: John Wiley & Sons. RFI. (2013, July 19). French police investigate sabotage in nuclear train crash. Retrieved from http://en.rfi.fr/europe/ 20130719-french-police-investigate-sabotage-nucleartrain-crash. Royden, B. G. (2007, May 8). Tolkachev, a worthy successor to Penkovsky—Central Intelligence Agency (CIA). Retrieved

from https://www.cia.gov/library/center-for-the-studyof-intelligence/kent-csi/vol47no3/html/v47i3a02p.htm. US Department of Justice. (2015, August 20). Former engineer for Global Medical Technology Corporation charged with stealing trade secrets from New Jersey employer. Retrieved from https://www.justice.gov/usao-nj/pr/former-engineerglobal-medical-technology-corporation-chargedstealing-trade-secrets-new. US Department of State. (n.d.). All about security clearances. Retrieved January 1, 2014, from https://2009-2017.state. gov/m/ds/clearances/c10978.htm. US Patent and Trademark Office. (2019, February 7). Trade secret policy. Retrieved from https://www.uspto.gov/ patents-getting-started/international-protection/tradesecrets-policy. Weinstein, A., & Vassiliev, A. (1999). The haunted wood: Soviet espionage in America—The Stalin era (pp. 319–320). New York, NY: Random House. Williams, V. (1778). Culper spy ring. Retrieved May 16, 2019, from George Washington’s Mount Vernon website: https://www.mountvernon.org/library/digitalhistory/ digital-encyclopedia/article/culper-spy-ring/. Yenne, B. (2005). Secret weapons of the cold war. In From the H-bomb to SDI (pp. 242–243). New York, NY: Berkley Books.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

29 Terrorism: What Protection Officers Need to Know Jennifer Hesterman O U T L I N E Introduction

331

The Human Is the Best Weapon System

335

What Is Terrorism? A Definition Dilemma

332

Threat Assessment

333

Exploitation of the Security Services Industry

335

How to Proceed

336

How Terrorism Differs From Other Crimes

334

Questions and Answers

336

Detecting Surveillance

334

References

336

Security is always too much…until the day it’s not enough.  William Webster, Former CIA and FBI Director

INTRODUCTION I kept the William Webster quote on my desk as an Air Force colonel in charge of security for Andrews Air Force Base, Maryland—a vast military installation and home to Air Force One. Not only was I responsible for protecting the nation’s most important aircraft, but also the President, Vice President, other highranking government officials, and over 20,000

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00029-8

employees, as well as family members who traversed the base daily. Naturally, we had a very robust security program to accomplish our mission; however, the plan had to be flexible and adapt to new threats, plus incorporate cutting edge technology to stay one step ahead of bad actors. I didn’t worry much about criminal activity due to the standard military posture of layered defense—putting the asset at the middle with rings of security that act as tripwires. However, what kept me awake at night was the sophisticated actor, answering a higher call and willing to die for their cause: patiently and stealthily planning, perhaps aided by an insider with access and sensitive information

331

# 2020 Elsevier Inc. All rights reserved.

332

29. TERRORISM: WHAT PROTECTION OFFICERS NEED TO KNOW

to maximize the damage. Could there ever be “too much security” in the face of this unknown threat? In this chapter, we will discuss terrorism—acts of extreme violence causing catastrophic loss of life and destruction of property. The indicators of terrorism and activities of terrorists often differ from those in the criminal realm and are more difficult to detect and mitigate. Therefore, it is imperative that protection officers understand the rising international and domestic terror threat, why and how bad actors attack, and alternative ways to prepare and defend.

WHAT IS TERRORISM? A DEFINITION DILEMMA The word “terror” comes from the Latin word terrorem, meaning “great fear.” A terrorist uses violence (or threat of violence) to kill, cause fear, intimidate, and coerce. A terrorist act translates intentions to action. The first use of the word terror as related to violent acts comes from the French Revolution or the regime de la terreur (reign of terror) prevailing in France from 1793 to 1794. The Revolution leader, Maximilien Robespierre set out to rid France of the enemies of the Revolution and killed large numbers of Frenchmen. According to Robespierre, “Terror is nothing other than justice, prompt, severe, inflexible; and is therefore an emanation of virtue; it is not so much a special principle as it is a consequence of the general principle of democracy applied to our country’s most urgent needs” (Halsall, 1997). Robespierre believed the “ends justified the means,” including the execution of 40,000 of his fellow citizens. This mentality is prevalent among terrorists today, as evidenced by radicalized Americans who become violent extremists and carry out attacks here in the homeland. The US Code of Federal Regulations (CFR) defines terrorism in the United States as “the

unlawful use of force and violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives” (28 CFR). We struggle with the definition of the word “terrorism” and “terrorist” due to political and social aspects of the government’s definition. Even after Omar Mateen pledged allegiance to ISIS, officials tripped over the word “terrorist” in their briefings. Same with white supremacist Dylann Roof’s targeted massacre at the AME church in Charleston and ISIS foot soldier Sayeed Farouk’s San Bernardino Christmas Party massacre—both clearly terrorist attacks. The FBI continues to warn us they still have over 1000 open cases regarding homegrown terror (just the tip of the iceberg?) but it barely makes the news. Remember DHS’s (Department of Homeland Security) color-coded terror system? In May 2011, DHS did away with the Homeland Security Advisory System (HSAS), which was useless. Despite the detection of serious terror plots and cells, and even terror attacks on our soil, the national threat level was never raised to red, orange, yellow, or even blue. Why? HSAS’s replacement, the National Terrorism Advisory System (NTAS), also provides little valuable information or actionable intelligence. The NTAS does reinforce DHS’s “See Something, Say Something” campaign but doesn’t tell citizens what to look for, the type of data to collect, and to whom to give the information. In an effort not to scare our populace, the government is actually doing little to educate us on the threat and response—yet education on how to best protect self and family would actually lessen fear. Not only is the public mostly kept in the dark, there is an overreliance on first responders and law enforcement to swoop in and “save the day” during a crisis. And those very agencies are overtasked, and resource constrained. This is truly “the perfect storm” and, as protection officers, you must be part of the solution and the bridge between perception and reality about the threat and response.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

333

THREAT ASSESSMENT

Understand that contemporary terrorism has no moral boundaries. Who could have predicted, even 10 years ago, that schools, churches, hospitals, malls, and stadiums would be considered routine, legitimate targets for terrorist groups? Outrage and outcry at the beginning of this soft targeting era has given way to acceptance. Psychologically it is more comfortable to pretend there is no threat here in the homeland, and these heinous attacks will always happen “somewhere else.” Americans also have a very short memory—a blessing when it comes to resiliency and bouncing back from events like devastating civil and world wars, the Great Depression, and 9/11. However, in terms of security, this short-term memory can be our Achilles heel when faced with a determined, patient enemy. In fact, we almost have a revisionist history, downplaying and explaining away previous attacks as individual acts of violence by a psychologically impaired person or a group of madmen, and not seeing the larger trends. When consulting, I sense a deep denial regarding the terrorist threat in our country. The 9/11 attacks took place in 2001, yet many facility owners and managers are experiencing “security fatigue” and falling into what I label the five emotional traps: hopelessness (there is not much we can do to prevent or mitigate the threat), infallibility (it will never happen here), inescapability (it is destiny or unavoidable, so why even try), invulnerability (it cannot happen to me), and the most dangerous, inevitability (if it is going to happen, there is nothing I can do about it anyway) (Hesterman, 2018). You need to fight these dangerous mindsets in your organization as they create a severe blind spot, adding to your vulnerability. Back to the definition of terrorism and terrorists: some say it doesn’t matter whether a violent act was criminal or terrorist, since clarification won’t bring back the dead or heal the injured. However, it certainly does make a difference in terms of our hardening activities. If you guard a soft target location, a civilian-centric venue,

you simply must understand the rising terror threat and prepare accordingly.

THREAT ASSESSMENT The assessment of both the international and the domestic terror threat in the United States is grim. Al Qaeda (AQ) and its splinter groups are gaining strength and, once again, present the greatest international terrorism threat to our country. AQ worldwide affiliates are strong, and the Islamic State (ISIS), an al Qaeda splinter with a different brand of terror, is now spreading beyond its weakened position in the Middle East into other regions like Southeast Asia and West Africa. The FBI is investigating more than 1000 cases of either al Qaeda or ISIS inspired radicalized Americans. Therefore, homegrown terror is a major concern and our country still has no deradicalization process; those convicted of terror offenses leave prison and disappear back to society with no rehabilitation. Hezbollah is the most tactically proficient terror group in the world and Hamas remains a formidable force in the Middle East. Both Hezbollah and Hamas have been in operation for over 30 years and have a presence in the western hemisphere, in Latin America, Mexico, Canada and the United States. The domestic terror front is also of great concern. We can break domestic terrorism down into three categories: active, dormant, and persistent. Unlike in the international terror realm, there is no comprehensive list of domestic terror groups. Right-wing extremism is the most persistent and lethal threat. White supremacists, militias, and sovereign citizens groups are very active in our country and increasingly prone to violence. Single-issue or special-interest terrorism is on the rise, particularly with environmental concerns related to pipelines and other major infrastructure projects. The Mexican cartels, with their own brand of violence, are now operating deep inside our country and moving out to rural areas. All of these actors have the capacity to

II. PRACTICAL AND OPERATIONAL APPLICATIONS

334

29. TERRORISM: WHAT PROTECTION OFFICERS NEED TO KNOW

strike soft targets or have already carried out acts of terror and extreme violence against them in our country.

you must use your imagination and create “what if” scenarios in your security planning.

DETECTING SURVEILLANCE HOW TERRORISM DIFFERS FROM OTHER CRIMES Terrorism is an act of extreme violence, as terrorists seek to rapidly advance an agenda or cause, instill mass fear and panic in the populace and gain as much press coverage as possible. Terrorism is a crime but does not lend itself to the same disincentives as normal offenses. The threat of prison or even death does not deter. A terrorist will step up and engage law enforcement, not retreat. Also, a terrorist, especially when religiously motivated, is a determined and committed actor. If he or she has a specific target in mind, we must understand that cameras, armed security officers, and other types of security enhancements will likely not deter. Thus, we can only hope to catch the terrorist during preoperational activities such as purchasing weapons and bomb making material, constructing devices, conducting surveillance, or upon approach to the facility. If the terrorist has no specific target and seeks the highest possible casualty count, then hardening activities will serve to deter and divert, as the bad actor will seek the path of least resistance. Remember, the goal of hardening is to stop the fight before it begins; the terrorist may go elsewhere to carry out the attack, and this is not your concern—stay focused on protecting your facility and its occupants. Unlike traditional crime, the terrorist attacker’s methodology will also be asymmetric and unique, meaning we must imagine the ways they may strike. Think of how every terrorist attack hits the “reset button” in the security realm. Consider the use of vehicles as weapons, which went from one paragraph in ISIS propaganda to a tactic that spread across Europe and then was used on a bike path in New York City. When faced with an asymmetric threat,

The 14 major terrorist attacks since 2014 had one common thread—the terrorists performed some type of pre-attack surveillance. Consider Omar Mateen’s surveillance of targets the night of his massacre. About 4 h before his assault at the Pulse Nightclub, he drove to the Disney Springs Shopping complex, his target of choice which he previously surveilled with his wife. Mateen’s plan was to smuggle the weapon into the complex in a baby stroller along with a lifelike doll, both of which he purchased. However, seeking the easiest approach, he was deterred by the presence of armed police officers at the location and decided to change targets. Surveillance video captured Mateen walking near the House of Blues club, looking behind him at police officers standing nearby. About 2 h later, his phone pinged a cell tower near Epcot, which he also passed up as a target. At 12:22 a.m., Mateen searched Google for “downtown Orlando nightclubs” and a club called EVE Orlando and the Pulse nightclub showed in the results. He got directions from Google Maps to EVE, a highend nightclub in downtown Orlando. Mateen drove near EVE at 12:55 a.m.; he likely saw the substantial security at the entrance and how everyone was searched before they entered the club. At 00:52 a.m., he did another Google search for clubs in downtown Orlando and got directions to Pulse. He drove around the area for a while, finally walking up to Pulse, buying a ticket and entering the club. He came out 10 min later, went to his vehicle and retrieved his weapon. At 2:00 a.m., Mateen started his assault (CBS News, 2018). There is an art and science to the surveillance tradecraft, and most terrorists lack the requisite skillset. Thus, their surveillance is sloppy and detectable to the trained eye.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

EXPLOITATION OF THE SECURITY SERVICES INDUSTRY

335

Nervous behavior, profuse sweating, asking inappropriate questions, photography, sketching, walking off steps to measure distances are a few giveaways. As protection officers, unapologetically approach the person and ask them if you can help. Assess their behavior, elicit information, and make good eye contact. This simple act could deter a would-be terrorist as you take away the element of surprise they crave. An old saying is worth repeating: “If there is doubt, there is no doubt.”

anything you put in the air could obscure an actual drone threat to your facility or grounds. In addition, your drones could be hijacked, grounded, or turned around and used against you. Again, you must be the naysayers and craft counterarguments when technology is flaunted as a replacement for boots-on-theground security. Resist the temptation to give up manpower for technology; find a way to use both to complement the unique skills each brings to the table.

THE HUMAN IS THE BEST WEAPON SYSTEM

EXPLOITATION OF THE SECURITY SERVICES INDUSTRY

This military axiom is important to remember, as the insatiable appetite for security technology permeates our industry. Technology was never meant to be the central focus of protective measures, but to complement human security efforts. Humans detect subtle changes in behavior, learn, and have intuition— attributes not (yet) perfected by artificial intelligence. Data shows humans deter bad actors, including terrorists, who seek the path of least resistance to carry out their attack plan. A study of 360 burglars showed the best deterrents against their criminal activity were the presence of people, guards, noise inside, and dogs (Kuhns, 2013). Also, data collected from convicts indicates cameras, although important for evidence collection, does not affect how determined actors plan an attack. They assume the camera isn’t working, taping, being monitored, or real—and sadly, their assessment is often correct. Drones are the hottest security gadget but remember that anything you program or use with a radio frequency can be hijacked. Understand that terrorists are already using drones; ISIS has a fleet and perfected how to build them from scratch, using drones as shooting platforms, to drop bombs and have even experimented with the dispersal of chemical and biological agents. Also, remember that

There is a recent trend toward terrorists and other violent actors having experience in the security services industry. Some seek out the training to further nefarious goals; others are possibly recruited for their unique access and knowledge. We’ve seen this type of exploitation with Mexican cartels, which actively attempt to compromise the Customs and Border Patrol system by recruiting or planting operatives (Hesterman, 2013). The New Jersey Office of Homeland Security Preparedness (NJOHSP) conducted a review of terrorism cases in 2016–17, finding that extremists in the West sought employment with private security firms to “gain weapons experience and access to secure facilities” (SNJOHSP, 2018). The report reminds us that although not all security personnel receive weapons training, the position still affords credentials, uniforms, and access to otherwise restricted areas. A review of the cases from the last few years, especially that of Pulse Nightclub attacker Omar Mateen, allows insight into the how and why bad actors might exploit the security services industry to further their agenda and goals. For those case studies and additional information on mitigating this type of insider threat, see the second edition of my book Soft Target Hardening: Protecting People from Attack (CRC Press, 2018).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

336

29. TERRORISM: WHAT PROTECTION OFFICERS NEED TO KNOW

HOW TO PROCEED Although this chapter paints a gloomy picture, we are not helpless. Every terrorist attack in the world teaches valuable lessons about how we can best harden against this asymmetric threat. Also, we can easily cross-apply best practices from different realms (schools, churches, malls, airports, etc.), yet I see little happening to facilitate this kind of information sharing. Security stovepipes prevent us from a holistic solution set. You must become a student of the subject of terrorism, terrorists, and tactics, reading afteraction reports, case studies, think-tank analysis, and information from reputable news outlets. In the end, we simply cannot protect 100% against every terrorist threat. As I learned when protecting Air Force One, the problem is far more complex than lack of funding or resources. And protecting soft targets is even more difficult, as they are vulnerable, when security isn’t a major mission and responsibility for securing the facility rests on the owners. Therefore, you must educate them on the changing threat, assist with tough vulnerability assessments, and help effectively apply resources to harden your venue or establishment. Hopefully this chapter has given you some ideas for approaching the decision makers in your organization. Your collaboration with them is critical. If all else fails, you should ask one question: What is the cost of NOT protecting our facility?

Questions and Answers 1. Terrorist and criminals have different goals. The word “terror” comes from the Latin word terrorem—what does it mean? Great fear. 2. A terrorist uses violence (or threat of violence) to accomplish what goals?

3. Name a few ways to detect someone’s surveillance activities. Nervous behavior, profuse sweating, asking inappropriate questions, photography, sketching, walking off steps to measure distances, etc. 4. Identify elements of human-based security that makes humans superior to technology. Humans detect subtle changes in behavior, can learn, and have intuition. 5. Name a few attributes of protection officers that are attractive to terrorists or groups and that may lead to recruitment of insiders and other exploitations of the industry. Weapons and tactics training, credentials, uniforms, and access to otherwise restricted areas.

References CBS News. (2018, March 28) Pulse nightclub shooter intended to attack Disney, prosecutors say. Retrieved from https://www.cbsnews.com/news/orlando-pulsenightclub-shooter-omar-mateen-intended-to-attackdisney-shopping-complex-prosecutors-say/. Halsall, P. (1997). Maximilien Robespierre: Justification of the use of terror. Modern History Sourcebook. https://sourcebooks. fordham.edu/mod/robespierre-terror.asp. Hesterman, J. (2013). The terrorist-criminal nexus: An alliance of international drug cartels, organized crime and terror groups. Boca Raton, FL: CRC Press. Hesterman, J. (2018). Soft target hardening: Protecting people from attack (2nd ed.). Boca Raton, FL: CRC Press. Kuhns, J. (2013). Understanding decisions to burglarize from the offender’s perspective. The University of North Carolina at Charlotte Department of Criminal Justice & Criminology. State of New Jersey, Office of Homeland Security and Preparedness. (2018, February 5). Extremists exploit security positions. Retrieved from https://www. njhomelandsecurity.gov/analysis/extremists-exploitsecurity-positions.

Kill, cause fear, intimidate, and coerce.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

30 Bomb Threats and the Case Against Immediate Evacuation Brad Spicer O U T L I N E Bomb Threats

337

Mentality of a Bomber

338

Suspicious Objects—Game Changer

340

Assessment

340

Search

340

The Danger of Evacuation Criminal Hoax Bomb/IED Outside Diversionary/Ambush Attack Bomb/IED Inside

341 341 341 341 343

When You Must Evacuate

343

BOMB THREATS Bomb threats are far more like promises than contracts. They are made to obtain a desired response, which is typically anxiety and confusion. The best response is rarely immediate evacuation; the best response requires an assessment of the situation, a search of the facility, and sound crisis communications. Understanding the nature of bomb threats and being aware of recent salient events will The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00030-4

Crisis Communications 101 Risk Communications: Compliance and Deterrence Media Crisis Communications Think BLUF (Bottom Line Up Front) Active Communications When and What to Disclose

344

References

347

Resources

347

Further Reading

347

345 345 346 346 346

help to improve your ability to assess bomb threats. Imagine an emergency, like a bomb threat, and place it as an “X” on a time line. Everything after “X” is response and everything before “X’ is your opportunity to prevent and prepare for that emergency. The Annual Explosives Incident Report (EIR) reviews bombing and explosives related incidents from information reported to the United States Bomb Data Center (USBDC) through the Bomb Arson Tracking System (BATS)

337

# 2020 Brad Spicer. Published by Elsevier Inc. All rights reserved.

338

30. BOMB THREATS AND THE CASE AGAINST IMMEDIATE EVACUATION

(Fig. 30.1). In 2016, there were 1536 bomb threats followed by a decrease in 2017 to 1228, whereas in 2018 there was a sharp increase to 1627 threats, returning close to the 2015 number. Of actual explosions in 2018, there were 706 that resulted in 72 injuries and 16 deaths, but there is no evidence that any of the explosions were preceded by a bomb threat (Fig. 30.2). (US Bomb Data Center [USBDC], n.d.). Bomb threats are common, bombings are not, and bombings preceded by a bomb threat are exceptionally rare.

MENTALITY OF A BOMBER A bomber places a bomb to kill people or destroy a structure. If the goal were to destroy a structure and not to kill people, the bomb would be set to go off at a time when the building was not occupied. If the goal were to kill people, it would be set to go off when the building was fully occupied. Therefore, calling in a bomb threat is counterproductive to either of these goals.

FIG. 30.1 Bomb explosion. From the title page of the Annual United States Bomb Data Center (USBDC) Explosives Incidents Report (EIR). 2018. https://www.atf.gov/file/136971/download.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

339

MENTALITY OF A BOMBER

Bomb Threats 2014–18 1800 1700 1600

1693

1670 1627

1500

1536

1400 1300 1200 1228 1100 2014

2015

2016

2017

2018

FIG. 30.2 Bomb threats—5-year trend analysis. From the Annual United States Bomb Data Center (USBDC) Explosives Incidents Report (EIR). (2018).

To place a bomb or an IED (improvised explosive device), someone must: 1. Obtain the knowledge of how to build a bomb. 2. Obtain the materials necessary to build the bomb. 3. Risk their life to build the bomb. 4. Risk their life and liberty to place the bomb. To believe a bomb threat you must believe that a person went through these steps, and then at the last minute called to warn you of their intentions. It is certainly a possibility that a bomber would have a change of heart at the last minute and call in a warning. If this were the case, it is likely the bomber would give detailed instructions as to the exact location of the bomb. As Gavin de Becker points out in his New York Times bestselling The Gift of Fear (de Becker, 1999), threats are more like a promise than a guarantee. Threats are dispatched to gain a desired response. Threats do not state fact or even intention. If someone in your community wants to plant a bomb inside a facility, it is highly unlikely they will communicate a threat.

The reality is that a link between bomb threats and actual bombings rarely exists. Immediate evacuation upon receipt of a bomb threat might be instinctive, but it is not the best practice as it likely increases danger. Emergency plans (and response) should differentiate between a bomb threat and the discovery of a potential or actual IED. Actually locating a suspicious object or IED, takes it beyond the “threat” aspect, and the evacuation protocols then become prudent to move people away from the device. Upon initial receipt of a threat, heightened security measures should be implemented to control access and movement during assessment/investigation. “Heightened security” is operationally similar to a soft lockdown but avoids using the term “lockdown.” This is important because “lockdown” may be associated with an active shooter-type attack and create confusion and increased anxiety. The goal of heightened security is to focus entirely on security. Under heightened security, access into the facility should be prevented and movement inside should be restricted.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

340

30. BOMB THREATS AND THE CASE AGAINST IMMEDIATE EVACUATION

SUSPICIOUS OBJECTS—GAME CHANGER Locating a suspicious item changes the incident from a threat to an imminent danger. A suspicious item may be defined as any item (e.g., package, vehicle, etc.) identified as potentially containing explosives, an IED, or other hazardous material that requires bomb technician diagnostic skills and specialized equipment for further evaluation. Suspicious indicators are based upon the prevailing and/or communicated threat, placement and proximity of the item to people or valuable assets, and more tangible aspects include, but are not limited to, unexplained wires or electronics, other visible bomb-like components, unusual sounds, vapors, mists, or odors. Remember, any suspicious device should be treated as an actual IED. What a bomb looks like is limited only to the imagination of the bomber. Leave formal identification to the experts. If a suspicious object is located, continue to search the evacuation route(s) and evacuation rally points—more devices may be present.

ASSESSMENT While it is very rare for a threat to be associated with an actual bomb, no bomb threat should ever be ignored, and an assessment must be conducted. When conducting an assessment, remember, you are assessing the situation and facts surrounding the threat, not simply confirming if a threat was made. The goal is not to determine if someone made a threat. The goal is to determine if someone poses a threat. To accomplish this, anxiety must be removed from the analysis. A threat is more like a promise than a guarantee. Threats are dispatched to gain a desired response. Threats do not state fact or even intention. When assessing the threat, consider the totality of bomb threats vs actual IED incidents;

there is no single deciding factor on whether a bomb threat is legitimate or a hoax. Measure all of the facts, their context, and conclude from the whole picture whether the possibility of a “real” threat exists. All threats should be carefully evaluated on an individual basis and called in to local law enforcement regardless of the circumstances.

SEARCH A search of the campus, building/facility, and grounds is a vital element of any assessment. Formal identification must be left to the experts. So, the focus is to identify anything suspicious or possibly dangerous. As mentioned earlier, a suspicious item is defined as any item (e.g., package, vehicle, etc.) potentially containing explosives or other hazardous material that requires specialized evaluation. Suspicious indicators may be based upon the communicated threat, placement, and proximity of the item to people and more obvious aspects include but are not limited to unexplained wires or electronics, other visible bomb-like components, unusual sounds, vapors, mists, or odors. Staff, who are familiar with their work areas, are best suited to identify “suspicious” items. Remember this search is simply to identify something that might be dangerous so “eyes open, hands in pockets” is a good mindset. It is important to educate staff on proper search procedures prior to the receipt of a bomb threat. This will lessen anxiety and improve the assessment process. If something suspicious is located, the response shifts from a bomb threat to a possible explosive device. The discovery of a suspicious object should not automatically mean the conclusion of a search; more devices may be present, especially outside. All threats are not equal, and the assessment process will help to quantify the threat. If a

II. PRACTICAL AND OPERATIONAL APPLICATIONS

341

THE DANGER OF EVACUATION

threat is easily categorized as “low risk” the resources and time spent on the assessment and search can be minimized, whereas a “high risk” or potentially “high risk” threat warrants greater attention (Fig. 30.3).

THE DANGER OF EVACUATION

to result in lost hours and costs for the school or business, remaining inside may cause a public relations concern as the public might feel evacuation is safer. Likely safest response: Neutral. Because there is no IED, a criminal hoax does not pose immediate danger. Likely safest response

Buildings offer protection in the form of cover and concealment. Cover is protection from gunfire and explosions (and even chemical exposure). Concealment prevents attackers knowing your exact location. When people are evacuated, this protection is lost. A facility should be evacuated only when it is reasonably believed people are safer outside. In most bomb threats, the only “evidence” that there is danger inside the facility is the communication from the anonymous criminal who is making the threat. When a bomb threat is received, the initial fear of most leaders is that a bomb is inside. While this is a normal reaction, a bomb inside is the least likely scenario. A bomb threat presents four core scenarios. In order of probability, they are as follows: 1. 2. 3. 4.

Criminal hoax. Bomb/IED outside. Diversionary/ambush attack. Bomb/IED inside. Two main response options are:

A. Evacuation B. Heightened security Evacuation is the typical response, but because the actual scenario is unknown, evacuation does not provide the greatest level of safety.

Criminal Hoax A criminal hoax is by far the most common bomb threat scenario. While evacuation is likely

Evacuation

Neutral

Heightened security

Bomb/IED Outside Bombings are very rare. When bombs are present, they are more likely to be placed outside. An IED outside raises two major concerns: 1. It is easier to place a large IED. 2. An IED’s blast radius is larger, without the building to contain/compartmentalize the explosion. A facility with basic access control and situational awareness will likely limit the size of an IED to a backpack, which is still certainly dangerous. Outside, a vehicle-borne IED or a car bomb is devastating. Likely safest response: Heightened security. Likely safest response

Evacuation

Neutral

Heightened security

Diversionary/Ambush Attack A diversionary attack is when an attacker uses a means of deception with the purpose of drawing the target into an area more conducive to attack. While rare, more people have been killed in the United States by diversionary attacks than bombings that were preceded by a bomb threat.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

342

30. BOMB THREATS AND THE CASE AGAINST IMMEDIATE EVACUATION

FIG. 30.3 Threat assessment. From United States Department of Homeland Security (DHS). (2016). Bomb threat guidance. Retrieved June 17, 2019 from https://www.dhs.gov/sites/default/files/publications/dhs-doj-bomb-threat-guidance-brochure-2016-508.pdf.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

WHEN YOU MUST EVACUATE

343

Likely safest response: Heightened security. Likely safest response

Evacuation

Neutral

Heightened security

Bomb/IED Inside If it is known, or there is reason to believe, there is a device inside the facility, evacuation is the safest response. However, when the presence of a device is unknown, evacuation increases risk if there is an IED outside the facility or the potential for an ambush-style attack. Further, while far from optimal, the building will provide protection from the IED blast to the majority of people inside. To be clear, if the presence of an IED is known or a suspicious item is located, evacuation is undoubtedly the best response. Likely safest response: Evacuation. Likely safest response

Evacuation

Neutral

Heightened security

Evacuation is the safest course of action for only one scenario, IED inside, and that scenario is the least likely. This is not to suggest evacuation is not the safest course of action if there is an IED or suspicious object inside; however, when a bomb threat is received, it is unknown which of the four core scenarios is reality (Fig. 30.4).

WHEN YOU MUST EVACUATE When evacuation is warranted or simply preferred due to concerns over public perception, it is necessary to safeguard against secondary attacks (explosive devices or ambush). Secondary attack refers to an attack using a secondary device, diversionary attack, or a combination thereof.

FIG. 30.4 Bomb threats—four core scenarios.

Secondary device definition: An explosive device that is placed in an area of evacuation or staging to inflict greater casualties and/or disrupt emergency response. Diversionary attack definition: A strategy of deception used by an attacker to draw the target into an area more conducive to attack. One of the most disturbing aspects of a secondary attack is that it preys on the good intentions of personnel, who are attempting to protect lives. Nothing is more instinctive than the desire to evacuate people at the sounding of a fire alarm or after receiving a bomb threat. In the event of a fire, or the discovery of a potential IED, those are not only reasonable, but one would be negligent not to enact them. It is the bogus alarm or the baseless bomb threat that should lead officials to consider the possibility of a secondary attack. When there is no evidence of danger beyond a bomb threat or fire alarm, consider, “Why does someone want us to evacuate?” Secondary attacks have been a part of warfare (both conventional and unconventional) for as long as man has engaged in battle. In fact, the single largest loss of life is a school attack: The 1927 Bath, MI School Bombing, where the killer,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

344

30. BOMB THREATS AND THE CASE AGAINST IMMEDIATE EVACUATION

Andrew Kehoe, planted explosives in a school and then detonated his truck—targeting emergency responders. As a result, 44 people were killed and another 58 were wounded (Bath School disaster, 2004). There have been other school attacks that also targeted evacuation as an opportunity to maximize casualties. Columbine (1997). The original intent was to use IEDs to prompt evacuation into an ambush and vehicle-borne IEDs. When the IEDs failed, the two killers entered the school and carried out a conventional active-shooter attack. Jonesboro, AR (1998). While IEDs were not used, this attack shows how killers used a fire alarm to force an evacuation to maximize casualties. The 13-year-old killer pulled a fire alarm inside the middle school and joined his 11-year-old accomplice in the woods and shot students and a teacher when they evacuated.

FIG. 30.5

When a facility does have to evacuate, secondary attack countermeasures should be embedded in the emergency plans (Fig. 30.5). Proper emergency planning and training will reduce the anxiety associated with bomb threats and enhance response, thereby improving safety. Regardless of whether the facility evacuates, effective crisis communication is critical.

CRISIS COMMUNICATIONS 101 Saving lives is the priority in any emergency. However, an organization’s ability to effectively communicate during and after an incident can greatly impact the success of the response, as well as the organization’s credibility thereafter. Most often, a facility is evacuated because of public perception. Leaders accept that remaining inside does not increase risk, but the worried public may not understand the rationale behind not immediately evacuating.

Ongoing and postthreat countermeasures.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CRISIS COMMUNICATIONS 101

With regard to emergency management, there are two core communications strategies: risk and crisis. These communication strategies are vital elements of all-hazards emergency planning efforts. • Risk communications: Proactive messaging to educate and inform your audience about prevention and response procedures before an emergency. • Crisis communications: Postevent messaging designed to improve response and educate stakeholders about the emergency.

Risk Communications: Compliance and Deterrence Media Ultimately security and emergency planning efforts, like conducting a bomb threat tabletop exercise, should mitigate risks and help to reduce staff anxiety. Risk communications should prepare stakeholders and the public by educating them on preparedness efforts and what to do/ expect when an emergency happens. Deterrence media is another value of risk communications. Deterrence media publicizes nonsensitive security and emergency planning efforts to let stakeholders and would-be bomb threat makers know that your location is not a soft and unprepared target. Security upgrades and staff training are important aspects of preparedness and publicly releasing general information can have significant deterrent value. Additionally, risk communications improve compliance with emergency response procedures. It is human nature for people to be drawn to the scene of an emergency. This desire increases exponentially if the emergency impacts a loved one. Letting people know that you have a plan before an emergency will increase their confidence in your response during and immediately after the incident.

345

Crisis Communications Risk communications occur before the emergency, and crisis communications kick in during and after the incident. Within crisis communications, there are two approaches: active and passive. Active approach: Provide notification and information before the community and media may even know about the event. Passive approach: Wait until the community or media approach you—requesting information. Depending on the magnitude and public awareness of a specific circumstance, you may respond actively, passively, or use a combination of both approaches. An active communications strategy is almost always called for after a bomb threat. Here are some general guidelines for when to implement active crisis communications: • The situation is dangerous or serious, and it affects (or has the potential to affect) many people. • The situation legally requires disclosure. • It is imminent that the news media will become aware of the situation and a proactive release of information may minimize the impact. For example, the timing of a news release may contain the situation to a 1-day story vs a 2-day story. When implementing an active response, remember: Maximum Disclosure, Minimum Delay A passive communication strategy is rarely appropriate for an actual bomb threat but could be used if there is a rumor of a bomb threat. Here are some general guidelines for when to implement passive crisis communications: • The situation is deemed minor. • Few audiences are affected. • News media have not been alerted, nor is it likely they will be alerted.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

346

30. BOMB THREATS AND THE CASE AGAINST IMMEDIATE EVACUATION

• If news media eventually cover the situation, there will not be negative fallout for failing to alert the media. • Information available is limited and speculation may be worse than reality. • There are no legal requirements regarding disclosure.

Think BLUF (Bottom Line Up Front) BLUF (bottom line up front) refers to the military communications tactic, which is now widely adopted, of placing the conclusion and recommendations at the front of any communication—whether a press release, email, conversation, planning document, or other form of communication—rather than at the end, to enable more rapid decision making.

Active Communications When active communications are required, there are just four things your stakeholders, the public, and the media want to know: 1. 2. 3. 4.

What happened? What have you done? What are you doing next? How can people help?

When and What to Disclose Maximum disclosure and minimum delay are always worth considering, but when and what to release is unique to each incident. In any emergency, but especially with humanbased threats, all messages should be coordinated with internal (district, corporate, etc.) and external (law enforcement) release authorities. Releasing sensitive information can jeopardize lives and dissemination of inaccurate information can harm credibility and impact people’s confidence in the organization. When developing messages for an actual emergency, work with your response partners to provide consistent messages that target your

audience and stay within your lane. Do not speculate or release unapproved information. Be sure your messages answer the four questions; this will help prevent an information vacuum. Here is an example of an effective communications strategy to deal with bomb threats: 1. Conduct a tabletop exercise focused on a bomb threat. 2. Invite media to observe the end of the exercise and make the superintendent or other leadership available for interviews. a. Key talking points are that you take safety very seriously. b. Immediate evacuation due to a bomb threat is not always the safest course of action. 3. Send out messages to parents or relatives, reiterating these messages (risk communications). a. Explain things you are doing to make the facility even safer and discourage bomb threats (see something-say something, access control, video, security, staff training, etc.). b. Emphasize that the organization has a comprehensive emergency plan. c. Tell them how you will notify them of any emergency and explain how they can report any concerns. When a bomb threat happens, which is very likely, your crisis communications should revert to previous risk communication messages from the tabletop exercise, and address BLUF and the four things that the public and media want to know: 1. What Happened? Give a clear, concise statement that illustrates your organization understands the scope of the incident and is taking appropriate actions. Rather than using the term “lockdown,” consider using “heightened security.”

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FURTHER READING

347

2. What Have You Done?

References

Without jeopardizing operational security, privacy, or ongoing investigations, provide a brief, high-level overview of actions.

Bath School disaster. (2004, August 5). Retrieved from https://en.wikipedia.org/wiki/Bath_School_disaster. de Becker, G. (1999). The gift of fear and other survival signals that protect us from violence. New York, NY: Dell Publishing. United States Bomb Data Center (USBDC). (n.d.). Data & Statistics (including Explosive Incident Reports 2015, 2016, 2017, and 2018). Retrieved June 17, 2019, from https:// www.atf.gov/resource-center/data-statistics.

3. What Are You Doing Next? Again, protect operational security and do not divulge too many specifics. For instance, if a facility is to be evacuated, there is no need to publicly divulge where people are being evacuated. Remember, the overarching goal is to communicate you have a plan. 4. How Can People Help? The vast majority of people and the media want to help. Create strategies that let them help and prevent them from interfering with response and recovery operations. At some point organizations may be impacted by a bomb threat (“X”). Getting before “X” with emergency planning, training, and sound crisis communication will help to ensure safety and can turn the media into your, ally instead of an adversary.

Resources Bureau of Alcohol, Tobacco, Firearms and Explosives. (n.d.). Bomb threat checklist. Retrieved October 1, 2019, from https://emilms.fema.gov/is906/assets/ocso-bomb_ threat_samepage-brochure.pdf.

Further Reading Federal Emergency Management Agency (FEMA). (2003). Explosive blast, Chapter 4, in Primer for design safe schools projects in case of terrorist attacks (FEMA 428). US Department of Homeland Security (DHS), National Threat Assessment Center. (2018, July). Enhancing school safety using a threat assessment model. An operational guide for preventing targeted school violence. Retrieved from https://www.dhs.gov/sites/default/ files/publications/18_0711_USSS_NTAC-EnhancingSchool-Safety-Guide.pdf.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

31 An All-Hazards Approach to Hazardous Materials Robert D. Jaffin O U T L I N E Determine the Quantity of the Released Substance Activate the Appropriate Contingency Plan Determine the Extent of the Damage Perform Site Security

Introduction

349

Role of the Protection Officer

350

Hazardous Material Incidents

351

Tools and Resources Diamond Designation

352 353

Emerging Trends

356

Response Models and Templates

353

References

357

The Initial Response Identify the Substance Released

354 354

Further Reading

357

INTRODUCTION

CHAPTER OBJECTIVES • To define hazardous materials • Explore the role of the protection officer in handling hazardous materials • Explain how to respond to a hazardous materials incident • Provide response models and templates, as well as tools and resources

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00031-6

354 355 355 356

The concept of hazardous materials can be difficult to grasp. There are literally millions of materials that could be classified as hazardous. In addition, some materials might not be considered hazardous in their original state, but they become hazardous once they are used, or they become hazardous “waste.” For the purposes of this discussion, a hazardous material is anything that has the potential to cause harm to people or the environment (plants, animals, and waterways) if

349

# 2020 Elsevier Inc. All rights reserved.

350

31. AN ALL-HAZARDS APPROACH TO HAZARDOUS MATERIALS

released in an uncontrolled manner. Beyond that, material that one might never think of as hazardous can become hazardous if released in the wrong place. For example, saline—or saltwater—is ordinarily viewed as a benign substance, one that does not need special attention. However, if an organization is moving saline via tank car and a derailment causes one of the tank cars to rupture, pouring this saltwater into an upstream freshwater fish spawning ground, it can create an environmental disaster. In this case, that saltwater has become an environmentally hazardous material. The same is true for moving milk in bulk using a tank truck or a tank car. Liquids of any sort, including water, when released at the wrong time or the wrong place, can create a life-threatening or facility-threatening situation. Anything that moves in bulk that could be considered a raw material can meet the definition of a hazardous material if improperly discharged. In 2002, the unofficial estimate was that there are 1.2 million movements of hazardous materials per day in the United States alone. Note the implications—there are hazardous materials moving into and out of almost every industrial operation on a daily basis. Those quantities could be as small as a few ounces or they could be as large as multiple tank cars. These movement estimates do not even take into account pipelines, which distribute some of the most hazardous, although not necessarily the deadliest, materials in use. From a practical standpoint, it is important to understand the generally accepted concepts and definitions for hazardous materials. The best, but extremely complex, definition is in Federal Standard 313D of the Material Safety Data, Transportation Data, and Disposal Data for Hazardous Materials Furnished to Government Activities. That standard takes over two pages to define a hazardous material and references multiple external documents. On a practical level, hazardous materials have been internationally categorized into one of nine hazard classes. Some of these classes are further divided into divisions. The most widely used and commonly understood classification system includes 23 classes and divisions. Seven of these

classes and divisions represent inherently hazardous materials that must be considered immediate and direct threats in any quantity. These include certain classes and divisions of explosives, mass explosion hazards, projection hazards, fire or incendiary hazards; dangerous when wet materials; toxic inhalation hazards; and high-level radioactive materials.

ROLE OF THE PROTECTION OFFICER A proactive approach on the part of any business and every individual should lead to minimization, if not elimination, of hazardous materials incidents. Education and training that specifically include a full explanation of all the materials that move through or are used within a facility are the first line of defense. Understanding the terminology and federally mandated response framework is a critical part of that training. The fact is that there is nothing heroic or exciting about maintaining good and safe work practices and proper site security, to eliminate the possibility of an incident occurring. That is the unglorious but real challenge for the professional protection officer. Yet, in today’s world, where the “all-hazards approach” has become the standard, weather-related incidents and hazardous materials incidents represent the majority of recurring serious incidents in the workplace. Awareness of the evolving technologies and the inherent dangers of many new products is an often-overlooked part of this job. Today’s products, including products carried and used by protection professionals, represent their own set of new and unique hazardous material challenges. Here are some examples of new and, in some cases, variations on older products that represent new and often times overlooked or misunderstood hazards: 1. Ethanol-enhanced fuels. It requires a different kind of foam to fight an ethanol- or alcohol-based fire than a gasoline- or petroleum-based fire. Knowing that ethanol

II. PRACTICAL AND OPERATIONAL APPLICATIONS

HAZARDOUS MATERIAL INCIDENTS

is being moved may require a facility and its protection force to increase the type and number of both portable firefighting devices and fire suppression systems available. 2. Lithium ion (Li-ion) batteries. These batteries are one of the most dangerous products and used in everything from toys to oxygen-generating vests, aircraft black boxes to computers and UPS backup power supplies. These batteries present such a great risk in transportation, as opposed to individual use in consumer products, that the international community has assigned new identification numbers for them; and in the 2008 Emergency Response Guidebook (ERG), for the first time in over 12 years the US Department of Transportation (USDOT) added a new guide number. That is particularly significant, because there are over five million different hazardous materials but there are only 66 guides in the ERG. If lithium ion batteries are short circuited they will generate a tremendous amount of power, usually in the form of heat. There are very few satisfactory firefighting techniques for lithium ion battery fires. Realistically, lithium ion batteries, like magnesium, burn at extremely high temperatures and can break down water into oxygen and hydrogen, which is an explosive mixture. While not always practical, the most effective way to fight fires caused by what is known as “refractory” substances is to bury them with sand and deny them the oxygen that is required to support continued combustion. 3. Compact fluorescent lights (CFLs). All fluorescent lighting contains mercury and it is illegal to dispose of such light bulbs by merely discarding them in the trash. If any quantity of fluorescent light bulbs is broken, it would generate a surprisingly large release of mercury, requiring separate and specific federally mandated cleanup activities. A single broken light bulb is not a cause for alarm; however, it is still officially an “event” because mercury, which is extremely toxic, has been released into the environment.

351

4. Pressurized fire extinguishers. While fire extinguishers are important to have on hand for safety reasons, the heat generated from a fire can cause those fire extinguishers to explode. 5. Aerosol lubricants and de-icing materials. These materials are not regulated for private use, so if a private individual has them in a vehicle there are no federal safety “rules” that apply. However, under the USDOT guideline 49 CFR 173.6, if one has those materials in a patrol vehicle, they become “materials of trade” and certain rules do apply. Those rules are based primarily on individual awareness of the inherent hazards of such materials and the need to properly secure them. The portable radio and the cell phone as well as the “green” vehicle being used for patrol duties all might represent their own unique hazards. Understanding, and therefore minimizing, the possibility of untoward events involving hazardous materials requires a full awareness of the workplace environment, the products used, and the nature of all materials from janitorial supplies to production processes, to power generation and finished products of the business being protected.

HAZARDOUS MATERIAL INCIDENTS The technological and social changes that occurred at the beginning of the 21st century have forced those in safety and security to reevaluate their roles and better define their responsibilities. Law enforcement, firefighters, emergency medical personnel, and protection officers are not expendable. These personnel form our first line of defense in case of an incident, regardless of that incident’s cause. While their overall objective is the protection of life and property, a protection officer’s primary objective must always be to survive so that they can continue to provide that protection to the general public. That means the protection officer

II. PRACTICAL AND OPERATIONAL APPLICATIONS

352

31. AN ALL-HAZARDS APPROACH TO HAZARDOUS MATERIALS

must understand how to evaluate and take the action that will bring the correct resources to bear for the many different types of incidents that can occur. Rule number one with hazardous materials incidents is to always approach from upwind, uphill, or upstream. Obviously, if one comes upon an incident in the course of normal duties it may not be possible to observe that rule. However, a HAZMAT (hazardous materials) response team will always observe that rule. It generally would be wrong for a protection officer to take direct action, except for small releases of the more common and less lethal hazardous materials, but direct action is sometimes appropriate. Even for the smallest of spills involving the most benign chemicals, no action should be taken until the material has been positively identified and appropriate actions confirmed. Knowing where to find the correct information and/or expertise is much more critical than being a “hero.” Nowhere is that more important than when dealing with hazardous materials. Mitigation of danger in a hazardous materials release situation should be left to those with proper training and experience. For protection officers, the first step is self-protection, the second is material identification, the third is to evacuate as necessary and activate the appropriate contingency or response plans, and the last step in most circumstances is to provide containment. That may be as simple as maintaining a physical security perimeter or as complex as breaking out absorbent materials, turning off entire HVAC plants, and preserving “crime scene” integrity.

TOOLS AND RESOURCES While protection officers should know some basic firefighting techniques and basic emergency medical techniques including CPR and first aid, most security professionals recognize that they are neither paramedics nor firefighters. The same concept is true for hazardous materials response, containment, and mitigation. Small

releases of less deadly materials can be handled by anyone with the right formal training, basic knowledge of hazardous materials response, an understanding of the risks and protocols, and access to the material safety data sheets (MSDS) to properly identify risks associated with each specific incident or material. The most universally accepted method to identify and classify hazardous materials comes from the world of transportation. The original work was developed by the United Nations Committee of Experts, who developed the “Orange Book” of recommendations that is the basis for the initial classification and identification of hazardous materials throughout the world; these are not regulations but a set of recommendations. Individual nations, as well as international governing authorities, must recognize those recommendations and codify them into their own regulations. While hazardous materials fall under the Occupational Safety and Health Administration (OSHA), Environmental Protection Agency (EPA), and DOT, the most comprehensive information available on the majority of these hazards comes from the federal DOT guideline 49 CFR parts 100 to 180, which is known as the “Hazardous Materials Regulations” or HMR. The HMR are standardized and harmonized with the rest of the world. Portions of the EPA and OSHA regulations contain language and definitions that are not universally accepted and may be unique to the United States or North America. The HMR is also one of the most difficult federal regulations to read and understand. A good practical tool to use is the most current version of the Emergency Response Guidebook (ERG); at the time of this writing that would be the 2016 ERG. This guidebook is published by the USDOT, Pipeline and Hazardous Materials Safety Administration (PHMSA), in conjunction with Transport Canada and the Secretariat of Communications and Transportation, United Mexican States, and has been updated on a 4-year cycle since 1996. Copies of the regulations, as well as handy pocket-sized copies of the ERG, are available

II. PRACTICAL AND OPERATIONAL APPLICATIONS

RESPONSE MODELS AND TEMPLATES

from a number of sources and the leading providers of this material have been included at the end of this chapter, in Further Reading (USDOT, Transport Canada, & United Mexican States, 2016). The single most valuable site for obtaining additional HAZMAT information (although not emergency response information in the face of a specific incident) is http://www.phmsa.dot.gov/hazmat. The Emergency Response Guidebook is a tool that should accompany the professional whenever on duty; this author keeps one in the glove compartment of his private vehicle. Learning how to use the ERG is a key to minimizing and mitigating the impact of hazardous materials releases. There are going to be times when the most appropriate action is to turn and run! The ERG is a quick response tool to initiate both protective and response/containment actions. To paraphrase standardized training materials, “it is good for the first 30 seconds.” That statement is an oversimplification, but it goes to the heart of the issue. It is better to spend time reading the ERG in the case of a real release than to spend time taking any mediation action. There are cases when the only action might be something as simple as “use a fire extinguisher or cover with sand,” but there are other times when the correct action is to “run the other way.” Remember that the professional protection officer cannot help anyone or everyone else if that officer has already been harmed. One of the first things a professional should do in a new job, or for that matter in a new location, is to identify all the hazardous materials that enter, are used in, or leave, the facility. OSHA, under 29 CFR 1910.1200, has defined a “Hazard Communication Standard.” The two key pieces that intersect the role of the protection professional are the requirement for the MSDS and the requirement for a workplace Hazard Communication Program that includes easy accessibility to the MSDS in every workspace that hazardous material might pass through. A security professional should review all the MSDS information for each worksite under their

353

protection and know exactly where to find that information in case an incident occurs.

Diamond Designation A standard method, not legally required, to broadly identify hazards in facilities is the National Fire Protection Association (NFPA) 704 M consensus standard. Driving through industrial areas, one can spot many buildings and sheds with a large “diamond” on them. That diamond is in four colors—blue, yellow, red, and white—and it conveys to emergency responders the nature and severity, in very broad terms, of the materials contained within the structure. There are a number of other federal guidelines, documents, and consensus standards that impact directly the actions and protocols required in the case of an incident. Any incident that can have an impact outside of the immediate workspace and requires response from public safety personnel, or that might escalate into a larger scale incident, requires an appreciation and basic understanding of the National Incident Management System (NIMS), including the Incident Command System (ICS) structure and function, the National Response Framework (NFR), and the NFPA 1600 standard. The protection officer may very well be the “first on scene” and the “first responder” and must be ready and able to communicate effectively with all the outside agencies that quickly become involved in such incidents. One does not need to become an expert, but one does need to understand how municipal, or for that matter private, response is governed and how such incidents are managed.

RESPONSE MODELS AND TEMPLATES For decades, hazardous materials were used with little or no training provided to the end users or those individuals charged with responding to a hazardous material release. Traditionally, the common point of view was

II. PRACTICAL AND OPERATIONAL APPLICATIONS

354

31. AN ALL-HAZARDS APPROACH TO HAZARDOUS MATERIALS

that “dilution is the solution to pollution.” This theory held that no matter how hazardous a substance was, if you were able to dilute it enough (usually with water), it would be rendered harmless. In the event of a hazard release, the common response was to call the local fire department or plant security team, who would then wash the contaminated area down in an effort to decontaminate the area. In the process, the contaminated water was usually washed into the sewer systems and surrounding ground, and ultimately into the environment. To a limited degree this method worked for a while. The problem is that after diluting so many hazardous materials into the environment for so many years, the environment has become saturated and, as a result, traces of those same substances are appearing in our food and water supplies today—to say nothing of the long-term and short-term health hazards faced by unprotected response personnel, using no or minimal personal protective equipment (PPE). Today, government and industry agree that just as firefighting requires specialized training, response to hazardous materials requires specialized knowledge, training protocols, and protective equipment to ensure minimal risk to the workplace, the environment, and all individuals. Today there are firms that specialize in enhanced material incident response and cleanup, and both public and private safety and security organizations create and train their specialized HAZMAT response teams.

THE INITIAL RESPONSE Whether or not a facility has a HAZMAT response team in place, there are some basic steps that must be followed.

Identify the Substance Released There are several ways to safely determine what has been released. But the most important thing to remember is the basic instruction

provided in the ERG: always stay upwind, uphill, and/or upstream of any hazardous materials release until able to identify it. One way to identify material at the workplace is to ask the person who was using it. This may not always be possible, since the employee in question may have been injured. However, there are several other safe ways to determine what a released substance is. In the United States, under 29 CFR and 49 CFR, the OSHA and DOT regulations, there is both a requirement for a hazard communication standard (29 CFR 1910–1200) and Hazardous Communications (49 CFR Part 172, subparts D, E, and F). In addition, the EPA’s 40 CFR specifically addresses use of transportation labeling and identifications within workspaces. If material is being used or processed in a workspace those communication standards require easy access to the MSDS. Assuming compliance with those requirements, between the information on an MSDS and the information contained within the ERG, specifically the information provided for each guide number, professional protection officers can identify spilled materials and begin to take mitigating or corrective actions.

Determine the Quantity of the Released Substance After identifying the substance, it is important to determine how much of it has been released. The uncontrolled release of 8 oz. (1 cup) of acetone, while requiring caution in cleanup, does not necessitate response from a HAZMAT team. The same quantity of cyanide or an explosive would require extraordinary measures to be taken. Quickly determining what substance has been released allows more time for the HAZMAT team to decide what course of action they must take. If the release is a liquid or solid and has occurred in a more or less open area, it may be possible to see where the substance is leaking from. Never go near the area unless properly

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE INITIAL RESPONSE

trained in the required level of PPE; this prevents the professional from inadvertently becoming another victim of the incident. It may be possible to read the placard on a transport vehicle or a larger shipment, or the label which should appear on smaller packaging, from a safe distance with or without the use of binoculars. The identifying labels or placards may show a class, such as “Poison Gas,” and should have the class or division number, or on placards of large enough quantities, the specific universally recognized “UN number.” That identifier is a four-digit number which can be looked up in the ERG. When reading the guide information in the ERG, be sure to read all the information on both pages for that guide number. Labels are the least accurate identifiers and although recognizing the label allows one to enter the emergency response guide to determine what to do in the “first 30 seconds,” identifying the four-digit number unique to a spilled material is always the best and most accurate way to determine appropriate response actions. For transportation, that number will appear on the shipping papers. Within the facility, the number should appear in the appropriate section of the MSDS for that material. It takes knowledge of the OSHA requirements and the DOT requirements to most effectively monitor and manage hazardous materials incidents. The more information one can initially provide, the better prepared and equipped the responding organization and personnel will be once they arrive on scene.

Activate the Appropriate Contingency Plan In many countries, facilities are required by law to have a HAZMAT contingency plan in place that can be activated in the event of an uncontrolled release of a hazardous material. In the United States, this is addressed in part by OSHA’s Hazardous Waste Operations and Emergency Response (HAZWOPER) Standard

355

(OSHA, n.d.). If there is no legal requirement for a contingency plan or for some reason the facility does not have one, notify the public agency involved in handling HAZMAT incidents for the area. Usually this will be the local fire department. When they arrive on the scene, they will take command and control of the situation. Everyone will then be directed by the incident commander.

Determine the Extent of the Damage After the material and amount released have been determined, it is necessary to evaluate the extent of any damage that may have been caused. It is necessary to ascertain if there are any fires or fumes being spread by the release. It is extremely important to keep clear of the area and to keep others clear until this determination has been made. The smoke produced by a fire can carry the contaminating substance a considerable distance, sometimes for miles. A classic example of this was a fuming sulfuric acid release at a General Chemical company facility in Richmond, California. In that case, fumes were carried over 20 miles up the Sacramento River Valley with the effects felt as far away as Antioch in Contra Costa County. It is important to determine what path the fumes or smoke might take, but that must be done from a safe distance. HAZMAT response teams, even if composed of employees, are often not familiar with areas of the facility outside of their normal work area. A protection officer is in the unique position of routinely patrolling all areas of a facility and that knowledge can be invaluable to the HAZMAT team in helping them direct a proper response. Any injured people should be treated by qualified first aid or medical personnel as soon as they are safely removed from the contaminated area. Once again, the critical issue is proper identification of the hazardous material; the injured person, if contaminated, will need to be decontaminated before treatment can be rendered.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

356

31. AN ALL-HAZARDS APPROACH TO HAZARDOUS MATERIALS

Perform Site Security In this context, site security simply means keeping onlookers and bystanders out of the contaminated area. This can be a bigger challenge than it sounds. No matter how well the safety and security staff communicate to coworkers or to the general public that there is a hazardous area and that they must keep away for their own good, people seem to have a strong belief that no matter what they do, no harm will come to them. Invariably, people who believe this eventually end up getting hurt. Often, they are the ones who get seriously hurt and force rescue workers to jeopardize their own safety to save them. During the initial phases of an incident, the risks of unauthorized personnel interfering with, or worse, distracting response personnel are very high. It is important to remember that initially the first protection professional on scene is the incident commander. The media will take risks that most normal citizens would never dream of. Reporters have been known to cross barricades and sneak past security to get a close shot of the incident area. This poses several problems: they interfere with the HAZMAT team’s operation by attempting to talk to them and generally get in their way; they typically fail to follow safety precautions and risk becoming exposed themselves; and when they do become unintended victims, they must be treated. This last concern increases the workload of response personnel who may be overextended and understaffed initially. Another problem with the media intrusion is that their entry into restricted areas encourages curiosity seekers to follow and go beyond safety barricades. People like to watch others dealing with problems. On a crowded highway, during rush hour, drivers will always slow down to take a closer look at any incident along their route, even when that incident is on the other side of the roadway. An accident, even on a divided highway, inevitably has the effect of drastically reducing traffic

flow in both directions. That same human curiosity draws onlookers to the scene of a hazardous materials incident.

EMERGING TRENDS Hazardous materials will continue to evolve over time. As new chemicals, medicines, and foodstuffs are manufactured, the potential for dangerous concoctions escalates. Adding to the danger is an increasingly crowded transportation infrastructure. As highways and bridges are more heavily traveled, the potential consequences of a HAZMAT incident increase. A spill or release will affect more people in the future than at present. Hazardous materials management is a key component of an antiterrorism campaign. Understanding the scope and nature of danger that surrounds different substances is a necessary first step in protecting against terrorism. Protection officers must appreciate the risks associated with hazardous materials in and near their work environment. Security measures must be enacted so that terrorists cannot divert or detonate existing materials. We have seen with the 9/11 attacks on the World Trade Center what jet fuel can add to the equation. The Department of Homeland Security, as well as several state agencies, has placed regulations on chemical manufacturing plants. These plants are being required to have security plans and dedicated individuals in charge of the protection function. Such regulation is likely to expand; new jobs and duties will evolve for protection officers at chemical facilities. Along with a more robust regulatory environment, the current concern with environmental protection will undoubtedly play a role in hazardous materials manufacture and use. Organizations will need to continually assess their risk of hazardous materials incidents in light of potential negative publicity. They will also have to mount comprehensive media campaigns

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FURTHER READING

before, during, and after a HAZMAT incident, likely making them more careful in hazardous material precautions.

References OSHA FAQs—HAZWOPER. (n.d.). Retrieved June 19, 2019, from https://www.osha.gov/html/faq-hazwoper.html. US Department of Transportation (USDOT), Pipeline and Hazardous Materials Safety Administration (PHMSA), Transport Canada; Secretariat of Communications and Transportation, United Mexican States. 2016 Emergency response guidebook. [PDF file]. Retrieved June, 19, 2019. https://www.phmsa.dot.gov/sites/phmsa.dot.gov/ files/docs/ERG2016.pdf.

Further Reading CHEMTREC, American Chemistry Council. (n.d.). Chemical Shipping Regulation & Incident Support. Retrieved June 19, 2019, from https://www.chemtrec.com/. Hazmat Shipping Labels, DOT Placards, UN Packaging from Labelmaster from Labelmaster. (n.d.). Retrieved June 19, 2019, from https://www.labelmaster.com/.

357

Office of Response and Restoration (OR&R), NOAA. (n.d.). ALOHA (Area Locations of Hazardous Atmospheres). Retrieved June 19, 2019, from https://response. restoration.noaa.gov/aloha. Safety & Compliance for DOT Transportation, OSHA, HR. (n.d.). (J.J. Keller, primary provider of publications and training materials.) Retrieved June 19, 2019, from https://www.jjkeller.com/home. United States Coast Guard. (1999). CHRIS (Chemical Hazard Response Information System) Manual. [PDF file]. https://www.hsdl.org/?view&did=24079. United States Coast Guard (USCG). (n.d.). National Response Center. Retrieved June 19, 2019, from http:// nrc.uscg.mil/. US Department of Transportation (USDOT), Pipeline and Hazardous Materials Safety Administration (PHMSA), Transport Canada; Secretariat of Communications and Transportation, United Mexican States. 2020 Emergency response guidebook. US Environmental Protection Agency (EPA). (2019, February 12). CAMEO (Computer-Aided Management of Emergency Operations). Retrieved from https://www.epa. gov/cameo.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

32 What Is Risk? Curtis Baillie, James Broder, Charles (Chuck) Sennewald O U T L I N E Risk Defined

359

Risk Management Programs and the Security Professional’s Role

359

Risk Program Components

361

Risk Analysis

361

Risk Assessment and Risk Rating

361

RISK DEFINED Risk is a subjective concept that needs to be viewed and quantified on an individual basis. What risks do you, your company, or your clients face? What is your tolerance for risk? The answers to these questions will shape your definition of and approach to risk. Definitions need to be business specific; for example, financial businesses will define risk related to possible loss of funds or investments, while the medical sector will define risk related to loss of life or possibility of infection. The definition of risk used should reflect the perspective you take in your particular context—the core is the same but perspective causes subtle changes in the approach.

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00032-8

Risk Mitigation

363

Reporting

365

Summary

365

Further Reading

366

For many security professionals an all-hazards approach, which includes the possibility of harm to or loss of people, property, reputation, and/or assets caused by an event, offers a good starting point in defining risk for their organization.

RISK MANAGEMENT PROGRAMS AND THE SECURITY PROFESSIONAL’S ROLE A risk management program is the formal process utilized to quantify, qualify, and mitigate specific concerns an organization may discover or define. Many companies have some form of risk management program. These programs

359

# 2020 Elsevier Inc. All rights reserved.

360

32. WHAT IS RISK?

may be very mature and well defined or may appear to have developed without planning or foresight. It is important for the security professional to identify the program in place and understand the approach accepted in a particular company. The specific model utilized by the company will give the security professional an understanding of the role he or she has in the program. This is critical whether the security professional is an employee or a consultant for a company. Questions that aid in defining the program include what the assessment process involves and who manages the overall risk program. Answers to these questions illustrate the formality of the program and the level of management oversight and support of the program. Risk programs may apply to the enterprise or to a specific business line, depending on the perspective the company takes when defining risk. An enterprise approach is a concerted effort by various divisions within a company to measure risk across the company. This may allow for a broad application of mitigation techniques that produce efficiencies as well as effective spans of control by a smaller number of risk managers. Other programs may focus on key business divisions that have regulatory mandates for reviewing specific risks or have been identified as businesses that operate within a risk culture. These programs tend to address well-defined and known risks with singularly focused mitigation strategies. For example, in the following scenario, documents containing sensitive information need to be transported according to regulations issued by a government agency to protect the individuals listed on these documents; and the regulating agency has produced standards for protecting these documents. The security professional’s role in this scenario may be to compare the protection in place for these documents to the regulatory requirements and identify gaps that may exist. Once gaps are identified, the security professional may present mitigating steps in a report to a senior manager. The security professional’s approach could be different if he or she was asked to perform an

assessment of life safety and traditional security concerns at the direction of a staff member within a company’s corporate security division. This request may require the security professional to review fire systems and their adequacy given the size of the facility and/or the items stored in the facility. Additionally, he or she may have to review local fire department response times and capabilities. The reporting and mitigation plan in this example would be centered on preserving life and mitigating fire damage but would not necessarily adhere to a regulatory mandate. The security professional should understand the requirement behind the program and the overall process so he or she can fulfill the objectives of the overall risk review. Although these examples show the security professional as the one completing reviews and reporting, it does not preclude the security professional from acting as the lead or senior-most manager in the program. Many programs are conducted at the direction of and managed by the security professional. Security directors may also be responsible for the risk management program and/or have converged departments, units, sections, branches, parties reporting to them, such as Corporate Security, IT Security, Business Continuity, and Life Safety, which are critical components of the risk mitigation program for many organizations. Further, the security professional may be asked to relate these security functions and their inherent risks to one another. This allows for a streamlined approach and reporting of an overall mitigation strategy. For example, a traditional security hazard such as a fire in an office building may cause the activation of a business continuity plan for a particular business unit within a company. Additionally, the risk (i.e., the fire) represents concern for life safety. If both responsible parties report to the same manager and have built close cooperative relationships, that manager may be able to direct a response to the immediate need— preservation of life—while activating a plan to meet the secondary need—resumption of business operations.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

RISK ASSESSMENT AND RISK RATING

RISK PROGRAM COMPONENTS Although the roles and programs will differ, risk programs have several common components: • • • •

Risk Risk Risk Risk

analysis assessment and risk rating mitigation reporting

Each component is necessary for a successful program. Organizations such as ASIS International, standards organizations, and government agencies all offer many standards and documents to help manage a risk program. The goal of this chapter is to provide an understanding of the methodology for risk programs and examples of the application of risk concepts. The security professional must then apply this understanding to the unique situations he or she will encounter. The outline of a program and its components, included here, represent an attempt to define as many general areas found in security risk programs as possible and is by no means meant to capture every example and nuance of risk review and/or mitigation strategy.

RISK ANALYSIS Risk analysis includes identification of the assets to be protected and the risks to those assets. These assets can be intellectual property or physical items; however, security traditionally views these assets as: • People (employees/customers, etc.) • Facilities (owned/leased properties) • Property (sensitive documents/financial instruments/vehicles) • Reputation (public perception/client perception) The formulation of the assets that are of value sets the framework for assessing the associated risk. The risks must be identified and described before they can be analyzed. They should be

361

viewed from both the internal (company employees/policies, etc.) and external (natural disasters/competitors, etc.) perspectives. The typical risks to the assets listed previously include: • Natural disasters (hurricane/flood/ earthquake) • Man-made disasters (fire/workplace violence) • Criminal behavior (fraud/embezzlement) • Terrorism (international/domestic) To accurately evaluate risk, a correlation of assets and threats described must be made. The risks should be described in a formal manner and related directly to the asset. For example, consider a fire at a clothing manufacturer’s facility. The manufacturer may have a warehouse that holds inventory while waiting for distribution. The assets in this example are the facility, all of the equipment in the facility, the employees, the manufacturing supplies, and the merchandise stored within the facility. Focusing on fire as the risk, this phase of the program must include naming the risk (fire) and describing what danger the risk poses to the asset, which in this case could be loss of the facility (partial or complete), loss of life, loss of materials, and loss of merchandise. Each asset should be addressed in context of the risk; in the case of the merchandise, the risk to the asset includes total loss due to fire. Additionally, loss of access to the merchandise may have financial impact as orders cannot be filled, or the merchandise may lose value due to smoke being embedded in items such as clothing. Potential damage to the asset is linked directly to the specific risk factor we have just analyzed.

RISK ASSESSMENT AND RISK RATING Once the risk analysis is complete, a measurement of the risk must take place. The risk assessment validates the risk and measures the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

362

32. WHAT IS RISK?

likelihood of occurrence and the extent of the impact the risk could have. During the assessment additional risks may be identified as gaps in protection or other process flaws are discovered. Normally, the assessment is conducted using a checklist or template and, at times, may be part of the security survey process. Depending on the role the security professional has in the risk management program, the risk assessment and the security survey process may be one and the same. The assessment will vary based on length, depth of research, and total staff required. To be properly completed, the assessment process must be flexible enough to allow for these variables. The risk assessment will measure the following: • Qualification of the risk (whether the risk actually exists) • Probability (is likely to occur, very likely, not likely at all) • Other risks/vulnerabilities to the asset • Knock-on effect (e.g., fire in the facility also damages trucks in loading bays) • Total effect of risk (probable loss/total maximum loss) The risk identified during the analysis needs to be validated in the field. For the most part this is academic; however, field-validating the risk may expose other vulnerabilities. Also, the risk may become better defined and the extent of the risk may become more clearly understood. After the risk has been validated, the assessment must then measure the probability of an event occurring. Measuring the probability requires balancing intellect with the facts that are readily available. The intellect portion is based on personal experiences, intuition, and insight into a situation. This is only part of assigning probability; the other part—applying fact—is more scientific. This requires a review of all facts related to the risk and asset to assign a high, medium, or low rating of probability (other rating scales such as numerical assignments can also be used).

To properly rate probability the following indicators should be reviewed: • Previous occurrences (e.g., whether the facility has been prone to fires in the past) • Occurrences in the area or business sector (e.g., burglaries in the neighborhood/ protests against like businesses) • Activities in the business sector (whether the business is a target based on its product; e.g., animal rights, etc.) • Company profile (e.g., whether the company is well known and thus more of a symbolic target) • Geography (whether the plant is next to a terrorist target, or likely to be collateral damage to an attack on a neighbor) This list illustrates some common concerns to be reviewed when assessing probability. Taking the same areas to be considered, let us illustrate a method of assigning probability. Previous occurrences: The plant has had two fires in the last year; the operation and materials on site are unchanged since these events. Given these facts, the probability of a fire at this location would be high. Occurrences in area/sector: The adjoining office building has suffered from laptop thefts at a high rate over the past month. It is likely that the burglaries will spread to other adjoining buildings as well. Activities in business sector: Other similar businesses have had protests at their laboratories. Protests have occurred frequently regardless of the company size or the laboratory location. It is very likely that protests will occur at the laboratory of this business as well. Company profile: The company is very prominent and has a well-recognized brand. This company has higher visibility and therefore is a more attractive target than lesser known companies in the same industry.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

RISK MITIGATION

Geography: The company’s headquarters building is adjacent to a major transportation hub. There has been information that terrorist groups have been targeting transportation hubs. This places the facility at risk of being a secondary target. While reviewing these facts, other vulnerabilities may come to light that need to be considered. For example, while reviewing the possibility of an attack on the transportation hub and its collateral effects on the headquarters building, other risks from the transportation hub should be considered. What risk does fire in the hub or crowds from the hub pose to the facility and employee base when there are major transportation issues? How likely are these scenarios and how does their probability affect the overall likelihood that an event in the hub will put the assets at risk? Risks should be named and probability assigned to those risks. The assessment should record additional risks and/or vulnerabilities discovered while completing the assessment. The assessment results should be documented and the risk rated. The risk rating can be a score, such as a point value or a rating of high, medium, or low. This allows the report to be filtered to show risk criticality. Further assessments may need to be completed based on the rating. The risk rating is the end result of the assessment, the probability of an incident occurring, and the results of an asset being lost to the event.

RISK MITIGATION Mitigation of risk is a broad field. An array of options is available to minimize losses, avoid risk, or insure against the results of a risk event. The security professional is an integral part of the risk mitigation plan for most risk programs. The security professional may have a role in every component of the risk program or play only a limited role, but he or she will always have a role in the mitigation portion of all plans.

363

The mitigation role could be preventive in nature such as designing a physical security plan to include alarms and security surveillance systems (network video) to prevent robbery. Traditionally, in addition to the security planning, the security professional may be called upon to investigate a robbery. The hope is to recover the funds taken and thus eliminate the loss, mitigating the effect of the risk event. So far, we have identified the assets, qualified the risk, and measured and assigned a rating to the risk. The mitigation phase is where we review and plan to minimize the probability and effects of the identified risk to our assets. Mitigation tools should not be limited to device installation or the adding of personnel/security staff. These are legitimate and appropriate security mitigants; however, other options such as training, a robust security plan, and implementing policy changes are also valid, strong mitigation tools to be considered. Through a strong security plan that includes training and security-minded policies, many risks (particularly employee-driven risk) can be minimized. The application of risk mitigants should be goal oriented and designed to mitigate the specific risk identified. The better defined the goals the better the results. This is particularly true regarding the security professional’s role in risk and risk mitigation. To better understand this point, consider training as an example of risk mitigation. Security officers receive training as part of their jobs. In many cases minimum training requirements are mandated by local laws for candidates to become licensed prior to becoming a security officer. This mandatory training normally offers very general rules to be followed and covers laws that are applicable to situations security officers have historically confronted. The security officer is then assigned to a post in the company to perform certain tasks. Typically, the officer receives some on-the-job training, usually supervised by another security officer familiar with the duties. Additionally,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

364

32. WHAT IS RISK?

the officer may be given an operating manual with procedures and post orders to enhance the understanding of the tasks and actions required. This level of training is adequate for the officer to begin working; however, more focused training is needed to truly mitigate risk. Regular training may not address specific access-control guidelines to be followed by the officer. If access control is a mitigating strategy managed by the security officer, more in-depth training must occur for the strategy to be effective. Let us take this example and look deeper into training as a mitigation tool. During the assessment phase, unauthorized access to the facility is identified as a risk at the company. One of the conclusions from the security survey is that the main entry to the facility is an area in need of additional security and monitoring, since it is the most frequently utilized entry for employees and visitors. To mitigate the risk of unauthorized entry, the company installs access control devices and a reception desk staffed with a security officer. The reception desk duties include typical access control and verification as well as visitor management tasks. In the following scenario, during the evening, a recently terminated employee arrives and attempts to gain access to the facility through the entry previously described. What level of training does the officer need to utilize to truly mitigate this risk? Is an acceptable level of mandatory licensing training enough? Is the on-thejob training received from another security officer adequate? Specific facility access control training in combination with situational drills and escalation procedures may place the officer in a better position to properly mitigate this risk. The goal is to highlight that an entry-level security personnel at the entrance is not the proper mitigant to the assessed risk; the correct mitigation tool is a properly trained security officer at the entry. The goal of risk mitigation is to minimize the potential impact of the identified risk to

the point where the concern of the risk is minimal. However, often the risk cannot be mitigated against the outcome of the risk event. This is another example of a risk mitigation strategy—layering mitigation tools to minimize the risks. Some level of risk must be accepted. For example, everyone has a heating or cooling system in their home. The possibility of an electrical fire, gas line explosion, or oil tank leak exists, yet nearly every home utilizes one or more of these to heat, cool, or cook every day. We generally accept the risk but have mitigation strategies in place, such as circuit breakers and shut-off valves. We accept the risk we cannot completely eliminate and potentially insure. After the strategy has been put in place to mitigate the risk, and other risks that cannot be eliminated have been accepted (or possibly insured against), the security professional should begin to understand the company’s willingness to accept risk. This means that if the culture tends to accept the risk early on and lessen the mitigation tools, then this is a high riskacceptance culture. However, if a strategy and layering of mitigation tools are called for prior to accepting any risk, perhaps this represents a culture of low risk tolerance. Table 32.1 is an example of layering that can serve as a guide to a mitigation strategy.

TABLE 32.1 Layering Tool

Implementation

Policy change

Add or alter employee practices to address a specific risk

Preventive measures

Conduct device installation/training sessions

Minimize effects

Perform business continuity planning/ evacuation planning

Insurance

Purchase a policy that will defray associated risk event costs

II. PRACTICAL AND OPERATIONAL APPLICATIONS

365

SUMMARY

REPORTING The security professional will be called upon to present the findings of the risk review, regardless of the extent of the review. If the security professional is retained as a consulting subject matter expert, he or she will be asked to formally report all findings to the client. The security professional who is acting on behalf of his or her employer to review risk will also be required to articulate the findings at some point. In either case, when reporting risk, the security professional should keep these things in mind: • The written presentation will “live” longer than the oral presentation. • Understand the stakeholders to whom you will be reporting. • Where will this report go? The client may share it with the insurance company; a supervisor may pass it to another supervisor, and so forth. • Present the facts without exemption; there are many reasons for accepting or ignoring risk. Present the findings and proposed plan, and then allow the decision process to begin. • Include the security survey and other supporting products utilized to identify the facts. • There is always a measure of risk acceptance—no plan is absolute. This list represents themes the security professional should consider when framing the report. Remembering to whom you ultimately report and the scope of your role will help create a true summation of the process. The report and the presentation must be fact driven. It becomes difficult, at times, to keep personal opinion or the desires of a particular stakeholder out of a report. The security professional’s role in this process should be impartial but as practical as possible. The report should emphasize the threat, the risk (in real terms) that the threat poses to the organization, the suggested steps to reduce the risk, and a summary that relays

the frequency of reevaluation. This will allow the decision makers to analyze how much risk they are willing to accept based on the analysis presented and the frequency with which the risk will be reviewed.

SUMMARY A common idea presented throughout this chapter has been that risk is subjective. Security professionals that excel are the ones that are most flexible and adaptable. Although the approach to risk or the methodology is similar from one program to the next, each risk is different and the security professional should be applying his or her knowledge and experience to the facts appropriately. The basic methodology outlined in this chapter should be used as the basis for risk review. A fully implemented program will have these components at its core with subtle differences depending on the company’s culture, the security professional’s role in the process, and/or the specific requirements of the program. Creation of a risk profile that clearly describes the risk, the probability, and the significance of an event, including potential loss, is important to the long-term success of the program. In describing the risk in this manner, through analysis and assessment, a full view of the risk and the knock-on effects can be reported. A major role of the risk program is to use the mitigation techniques in response to the risk profile. The goal of the mitigation plan is to avoid and/or minimize the occurrences and effects of an event. The mitigation plan should include education, policy/procedure changes, physical design, and insurance, to name a few of the tools available. It is important to understand the company’s approach to risk management as this defines roles and responsibilities. Understanding the company’s approach helps the security professional understand his or her role in the process.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

366

32. WHAT IS RISK?

Risk assessment and risk vulnerability assessment are roles the security professional can fill; however, risk mitigation is historically a role the security professional plays in most risk management programs. The emphasis of the mitigation plan is on avoidance planning and minimizing the negative impact through tools such as training and device installation. The security professional will be called upon for risk mitigation after an event as well, for such things as

investigation, to help minimize the effects. The more successful the proactive mitigation tools are, the more successful the program will be.

Further Reading Broder, J. F., & Tucker, E. (2012). Risk analysis and the security survey (4th ed.). Boston, MA: Butterworth-Heinemann. Sennewald, C. A., & Baillie, C. (2015). Effective security management (6th ed.). Boston, MA: Butterworth-Heinemann.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

A P P E N D I X

32A What Is Risk Management? Kevin E. Peterson INTRODUCTION So how do we (protection professionals) fit into the picture of risk management? As mentioned in an article by Diana Thompson, a well-respected consultant in organizational risk management based in Australia: To most businesses, the concept of risk management is confined to financial aspects … but the risk game is fast changing … [now] covering everything from a computer meltdown to a terrorist attack. (Thompson, 2003)

Assets

Today, risk management is a central concept in the fields of security, asset protection, and crime/ loss prevention. Risk management principles are used to help us conserve our limited resources (in terms of time, effort, manpower, and money), apply the right solutions in the right places, and keep up with changes in our operational environment. Plus, as shown in the quote above, it keeps us attuned to the broad array of threats that we face in any type of organization.

THE RISK MANAGEMENT PROCESS The five components of the risk management process—which lead to a comprehensive asset protection strategy—are depicted in the accompanying diagram (Fig. 32A.1). The process

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00053-5

begins by identifying realistic asset protection objectives and then conducting a comprehensive risk assessment (described later). This can be done at the enterprise-wide level and/or at the specific process or project level. Depending on the nature of the business, it may be appropriate to do it at multiple levels.

The first step in risk assessment is identification and valuation of assets. As Gardner (1995) asserts, “the first step in establishing [any] effective [asset protection] program involves identifying the businesses’ assets.” Although this is a step that is frequently overlooked, no effective security program can be implemented without a thorough understanding (on the part of both the asset owner and the security professional) of what is being protected—or should be protected. All three types of assets—tangible, intangible, and mixed— should be considered and incorporated into the risk assessment process. Too often, asset owners and security professionals focus exclusively on tangible assets or those which appear on the accountant’s balance sheet. Each component of the risk management process must be evaluated (gauged or rated) and this can be done either qualitatively or quantitatively. The value of assets is often expressed in

367

# 2020 Elsevier Inc. All rights reserved.

368

APPENDIX 32A. WHAT IS RISK MANAGEMENT?

Risk management process Select Test Implement Train

Protective measures

Asset identification and valuation

Risk analysis

Threat definition Vulnerability assessment

FIG.32A.1 The risk management cycle.

dollar amounts, but assigning such a number is not always possible, particularly in the case of intangible and mixed assets. This provides a natural lead into the debate over qualitative versus quantitative assessment approaches. Each approach has inherent pros and cons. • Qualitative analysis is any approach which does not use numbers or numeric values to describe the risk components. Generally, comparative terms such as “critical,” “high,” “medium,” “low,” and “negligible” may be

used to gauge the asset value and levels of risk components and risk itself. • Quantitative analysis is any approach which uses numeric measures to describe the value of assets or the level (severity or probability) of threats, vulnerabilities, impact, or loss events. It can vary from simple scale ratings (e.g., 1 to 5) to sophisticated statistical methods and mathematical formulas. Many executive decision makers prefer information to be summarized in charts and graphs which can display a great deal of data in a concise manner. (One example is shown in Fig. 32A.2.) This is the strongest argument for using a quantitative approach. The other major advantage is the ability to automatically manipulate the data using computer programs and algorithms. Qualitative methods, by contrast, are generally simpler and quicker to use, and often provide results that are just as meaningful as numeric calculations. Among the factors to consider in determining asset value are immediate response and recovery costs, investigation costs and replacement costs, and indirect costs (which are often overlooked in the overall assessment). Indirect costs may include things such as:

FIG.32A.2 Most prevalent risks by severity level.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE RISK MANAGEMENT PROCESS

• temporary leased facilities • equipment rental/ purchase • alternative suppliers/ vendors • alternative shippers/ logistics support • temporary warehousing facilities • special employee benefits • counseling/employee assistance • loss of market share (temporary or permanent) • decreased employee productivity • increased insurance premiums

• temporary workforce/ staffing • recruiting/staffing costs for permanent workforce • increased security costs (temporary or permanent) • increased communications capabilities • data recovery/IT system (Information Technology) • administrative support • increased travel • marketing/public relations efforts • emergency/continuity plan revamps

In addition, intangible and mixed assets must be considered even though they are generally very difficult to value. Executive decision makers need to be educated with respect to intangible and mixed assets. Although it is often difficult or impossible to place a specific dollar value on intangible assets, they are certainly subject to loss events and can have a significant impact on the organization’s vitality and mission performance.

Threat Enterprises—regardless of size, location, or mission—face a wide variety of threats that fall into three categories: intentional, natural, and inadvertent. A comprehensive—and hence more meaningful—threat assessment will consider all three categories of threats. Since September 11, 2001, it is common to focus heavily (sometimes almost exclusively) on the terrorist threat when conducting corporate or organizational risk analyses. However, terrorism is only one aspect of

369

one category of threats that should be considered. This tendency is not unique. In the mid1980s, for example, there was an overemphasis on the theft of advanced technology. At other times, the security community has focused too heavily on white collar crime, cyberattacks, natural disasters, or other calamities. A balanced approach to threat assessment is necessary. Of course, some types of threats will be more prevalent at certain times and in certain places. Long-term asset protection strategies, however, must be based on a realistic, full scope, and balanced threat assessment. According to security expert and author Ira Winkler, “accurate assessment of the level of threat against your organization is critical to the success of your security plan….Threat is an essential factor in your risk reduction formula, and you must consider it carefully. If you don’t, you’ll simply be flying blind when it comes to prioritizing countermeasures” (Winkler, 1997, p. 37). In terms of evaluating levels of threat, consider the following three primary categories: Intentional Threats Evaluation of intentional threats is based on identification and study of potential adversaries. Assessors should think “outside the box” when listing potential adversaries. For example, the most obvious adversaries in a particular case may be international terrorist organizations, organized crime, or aggressive business competitors. Other important potential adversaries, however, may be activist groups (such as environmental rights activists or other special interest groups)—and their threats could be easily overlooked. The identification and assessment of adversaries are growing challenges today based on the post-Cold War environment, the global nature of our economy, worldwide demographic shifts, and the emergence of a far more asymmetric (less conventional and more difficult to define) nature of modern-day threats.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

370

APPENDIX 32A. WHAT IS RISK MANAGEMENT?

In most cases, adversaries can be judged according to their capabilities to cause a loss event (or attack) and their intentions to do so. Among the sources of information on adversary capabilities and intentions are past history, organization rhetoric, public pronouncements, other open sources, internal communications (newsletters, websites, etc.), law enforcement reports, automated databases, and threat assessment professionals. Natural Threats Rather than adversary capabilities and intentions, natural threats are typically evaluated using historical trends and statistics. Long-term data are generally collected on weather and other natural hazards for specific geographical areas, terrains, and environments. In some cases, data have been assembled on natural hazard effects for particular industry sectors or facility types. Although this data provides extremely useful planning information, assessors must recognize that the unexpected can, and usually does, occur. Therefore, comprehensive contingency planning and at least some degree of all-hazard preparedness are strongly recommended by most professionals. Inadvertent Threats Perhaps the most overlooked or neglected threats are inadvertent threats. These include accidents, errors, and omissions. Security expert and author Ira Winkler put it best when he wrote that “the biggest threat to US corporations is human error….People make mistakes, and those mistakes are the most likely things to hurt you” (Winkler, 1997, p. 39). Another key consideration—which is a subset of the inadvertent threat—is that of peripheral threats—for example, a threat that is targeted at a neighboring facility but that may have a major impact on the post operation. The effects of peripheral threats can include utility interruptions, required evacuations, closure of access routes to the facility, unwanted attention or

traffic at the facility, full or partial operation shutdowns, productivity disruptions, and environmental effects (e.g., smoke, debris, water, or chemical runoff ). Inadvertent threats are the most difficult to predict and prepare for. Although, to some degree, the nature of the workforce, operations, or other environmental factors can influence the level of the inadvertent threat, there is usually little or no historical data to use for planning purposes. The best defenses are preparation, education and awareness, and realization that the threat exists.

Vulnerability The most common view of “vulnerability” is a security weakness or problem. Although this can be the case, we must also recognize that some vulnerabilities are simply existing conditions or business practices which support mission accomplishment. For example, engaging in sales by e-commerce can be viewed as a vulnerability, but it may also be an essential way of conducting business for a particular company. One concise definition of “vulnerability” is “a weakness or organizational practice that may facilitate or allow a threat to be implemented or increase the magnitude of a loss event” (ASIS International, 2007, p. 8). One important difference between a threat and a vulnerability is that a vulnerability is a characteristic of the organization or facility. As such, it is generally something over which the organization can exercise at least some degree of control. Threats, by contrast, are usually outside the control of the organization. Vulnerabilities can be evaluated in different ways, but one common approach is to measure them in terms of observability and exploitability. • Observability is the ability of an adversary to see and identify a vulnerability. For example, a hole in a chain-link perimeter fence is likely observable by a potential adversary, whereas an inoperable security surveillance system (network video system) camera is not.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THE RISK MANAGEMENT PROCESS

• Exploitability is the ability of the adversary to take advantage of the vulnerability once they become aware of it. In assessing natural threats, we can still use the concepts of observability and exploitability, although from a slightly different perspective. The observability factor would essentially be reversed and refer to our ability to observe—or become aware of and track the oncoming threat (e.g., storm). This involves mechanisms for early warning and notification of the impending threat. By contrast, exploitability would be expressed in terms of the capability of a particular threat to cause damage specific to the facility, mission, or organization. Using this observability/exploitability approach, asset protection professionals can assess and develop plans to mitigate vulnerabilities both in the long-term (strategic) and immediate (tactical) time frames. For inadvertent threats, the observability/ exploitability approach is again slightly different. In this case, we measure our vulnerabilities via two questions: 1. Are we aware of the vulnerabilities? 2. Are the particular vulnerabilities subject to relevant inadvertent threats? Again, both the inadvertent threats and associated vulnerabilities are generally the most difficult for any organization to identify and measure. This should not, however, be used as an excuse for neglecting this aspect of the overall risk posture.

Risk Analysis In this step, the assessor puts all of the information on assets, threats, and vulnerabilities together, and then considers the potential

371

impact or consequences of a loss event. In all risk analyses, but particularly in quantitative ones, it is advisable to determine the evaluation levels (for threat, vulnerability, and impact) by committee. In other words, assessments should be performed by a multidisciplinary team of subject matter experts1 in order to reach credible and justifiable numbers as input to the analysis. Justifying the numbers is the area where assessors are most often challenged when reporting their risk-analysis results to clients, executives, and decision makers. There are many effective and time-tested approaches to calculating risk results once the numbers (evaluation levels) have been identified. Risk analysis results should be presented to the client or decision maker in a manner which assists them in understanding the data and making decisions. This includes placing the identified risks in a priority order or into priority categories to help show, from the assessor’s perspective, which risks should be addressed first. A final note about risk analysis, as discussed in a 2000 Security Management article titled “Truth & Consequences”: we need to consider low-probability/high-consequence risks as well as those that are most likely to occur in our workplace (Garcia, 2000). Many corporate executives and decision makers only want to hear about the risks that represent the highest probability of occurrence—that’s where they want to expend their resources. We must also, however, give serious consideration to potential losses that, although they are not highly likely to occur, will result in very significant consequences (mission impact) if they do occur. Examples of such risks are terrorist attacks and catastrophic workplace violence incidents. Again, the objective of

1. Team members and the required expertise must be tailored to individual assessment. Examples of team expertise may include physical security, IT security, information protection, personnel security, technical security, operations, audit and safety.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

372

APPENDIX 32A. WHAT IS RISK MANAGEMENT?

a comprehensive asset protection strategy is a rational balance between the focus on highprobability-of-occurrence risks and lowprobability/high-consequence risks.

their mind-set and business practices at all levels.

SUMMARY

ASIS International. (2007). Information Asset Protection Guideline. Alexandria, VA. Garcia, M. L. (2000). Truth & consequences. Security Management, 44(6), 44–48. Gardner, R. A. (1995). Small business: Reducing the risk. Retrieved from http://www.crimewise.com/library/ bizrisk.html. Thompson, D. (2003). Risk management—A brief history. Business and Financial Services, 30–32. Winkler, I. (1997). Corporate espionage: What it is, why it is happening in your company, what you must do about it. Roseville, CA: Prima Publishing.

Risk management is a critical process that touches every aspect of organizational asset protection as well as the activities of the professional protection officer. There are many specific and formalized models—even some sophisticated computer models—for risk management, but all are based on a basic “asset-threat-vulnerabilityimpact” model. The simple objective is “smart security decisions,” whether it is how to structure a huge multi-national corporation’s security function or how to word an incident report. Every protection professional should become intimately familiar with the concepts of security risk management—and incorporate them into

References

Further Reading International Organization for Standardization (ISO). (n.d.). ISO 31000 Risk management. Retrieved October 5, 2019, from https://www.iso.org/iso-31000-risk-management. html.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

33 Emergency Planning Michael J. Fagel, Ernest G. Vendrell, Scott A. Watson O U T L I N E Introduction

374

Developing the Emergency Response Plan

384

Types of Potential Emergencies Case Studies

374 377

Scope of the Problem

378

Reviewing and Integrating the Emergency Response Plan Training and Testing Evaluating the Emergency Response Plan

385 385 386

Emergency Planning Considerations

378

Emerging Trends

387

Vulnerability Analysis The Incident Command System The National Incident Management System (NIMS) Emergency Operations Centers Media Relations

379 380

Conclusion

387

References

387

Resources

388

Further Reading

388

382 383 383

principles can help to stabilize a serious incident

CHAPTER OBJECTIVES

• Emphasize the importance of hazard identification, vulnerability analysis, and risk assessment

• Explore the scope of emergency management in the United States • Review and understand the potential impact that emergencies can have on people and organizations

• List the many internal and external stakeholders that will be involved in times of crisis • Explore how effective communication leads to coordination and collaboration among emergency responders

• Explain emergency management as a critical organizational function • Describe how applying effective comprehensive emergency management

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00033-X

373

# 2020 Elsevier Inc. All rights reserved.

374

33. EMERGENCY PLANNING

INTRODUCTION The word “emergency” or “incident” may conjure up images of epic events such as the September 11, 2001, terrorist attacks on New York City and the Pentagon, the Pulse Nightclub in Orlando, Hurricane Sandy’s sprawl in the northeast, category 5 Michael in the Panhandle, or the seasonal wildfires that sweep through California and other western states. While all of the aforementioned events are correctly classified as emergency situations (also referred to here as incidents or events), in a broader sense an event does not need to be on such a large scale to be classified as an emergency. The fact is that emergencies happen every day and in all types of environments. While not all emergency situations are of the same scale, they have a number of things in common. 1. An emergency or event impacts people: Emergency situations increase the risk of death or injury and will generally require long-term recovery support for those affected by the event in many ways. Proactive organizations engage in extensive preplanning to mitigate injury and loss of life, preserve and protect property, as well as to effectively respond to those affected by the event in many ways. 2. An emergency situation disrupts normal operations: Normal organizational activities are impacted by emergencies. Affected staff can’t perform their normal duties, damaged equipment cannot properly function, and evacuated facilities do not produce goods or services. Proactive organizations build redundancies into their response and recovery plans. These redundancies mitigate disruptions and serve to speed an organization’s recovery. 3. An emergency situation impacts the local community: Those in the local community who rely on goods or services produced by the affected organization are personally impacted when the normal operations are disrupted. Proactive organizations have

practiced and effectuated plans in place to mitigate the impact of these disruptions on communities. 4. An emergency situation stretches resources: In an emergency, additional resources will be needed to handle immediate response needs, the needs of those served by the organization, and initial preparations for long-term recovery. The need to address all of these issues stretches resources. Proactive organizations will make arrangements to obtain needed equipment, supplies, and additional response personnel in advance. 5. An emergency situation will certainly garner an after-action review, either officially or by the public: In this era of instant global communications, social media (or antisocial media) (Fagel & Hestermann, 2016), the response to an emergency is likely to draw both internal and external scrutiny. This scrutiny is often manifested as a sort of referendum on the quality of the organization’s leadership (Knight & Pretty, 1996). As a result, the quality of the response to an emergency impacts a long-term organizational recovery. Proactive organizations engage in a regimen of continual planning and exercising of their response plans; they also train key personnel on how to respond to media, governmental, and public inquiries (Fig. 33.1).

TYPES OF POTENTIAL EMERGENCIES Given the importance of planning for and responding to emergency situations, the professional protection officer must be prepared to deal with a multitude of emergency situations. These situations include, but are not limited to, the following (Fig. 33.2): 1. Medical Events and Accidents: Medical events and accidents resulting in injury are common emergencies at all organizations. All

II. PRACTICAL AND OPERATIONAL APPLICATIONS

TYPES OF POTENTIAL EMERGENCIES

375

Natural hazards Floods

People

Earthquakes Hurricanes Storm Surges

Postmortem analysis

Operations

Tornadoes Wildfires

Emergency situation

Mass Movement Volcanic Eruptions Tsunamis/tidal waves

Resources

Communities

Blizzards Drought Avalanches

FIG. 33.1 The wide impact that emergencies can have on people, organizations, and communities.

Technological hazards Fires Hazardous materials incidents

professional protection officers should be trained in at least basic first aid and CPR. Depending on the specific requirements of the organization, additional training may include the use of automatic external defibrillators (AEDs), or training as a first responder or emergency medical technician (EMT). 2. Fires and Evacuations: Fire and smoke can quickly sweep through a building, resulting in injury or death of people and significant damage to property. The professional protection officer must be confident in his or her ability to facilitate an orderly evacuation of the facility according to the organization’s response plans. In addition, he or she should have basic familiarity with local fire regulations, as well as any equipment that is on site and that the officer has been trained to use such as AEDs, first aid gear, bleeding control, and respiratory protective equipment. 3. Shelter in Place (National Terror Assist, n.d.) and Lockdown Incidents: Hazardous material (HAZMAT) events, such as a

Nuclear and Radiation Accidents Terrorism Weapons of mass destruction Civil unrest

FIG. 33.2 List of various natural hazards and technological hazards. Adapted from Haddow, G. D., & Bullock, J. A. (2017). Introduction to emergency management (5th ed.). Cambridge, MA: Butterworth-Heinemann.

chemical spill, or hostile events, may result in the need to shelter or lock down personnel inside a facility for their own protection. The professional protection officer must be familiar with his or her organization’s Shelter in Place procedures, and lockdown/active shooter protocols. In addition, familiarity with electronic access control systems, and a working knowledge of the facility’s systems, is helpful in such situations.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

376

33. EMERGENCY PLANNING

4. Bomb Threats and Suspicious Packages: Bomb threats and suspicious packages occur at many facilities. While most of these incidents turn out to be harmless, they all must be taken with the utmost seriousness. In the aftermath of the September 11, 2001 terrorist attacks, a series of highly publicized incidents took place in which media representatives and public officials received packages containing anthrax. Bombs and suspicious packages have even been sent as a result of ongoing domestic disputes. In order to be effective at responding to such issues, the professional protection officer must have detailed knowledge of their organization’s response plan, as well as training on how to recognize suspicious packages and utilize a bomb threat checklist. The US Postal Service, along with other well-known parcel delivery companies, have been vectors in preventing mail bombs 5. Civil Disobedience: Civil disobedience can take place as a result of labor disputes, political unrest, environmental protests, racial tensions, and a host of other controversial issues. Given the complex and interdependent nature of modern society, an organization should not be directly involved in controversial activities to avoid becoming a target. Financial firms have been targeted due to investments they made in companies that perform controversial activities. Biotechnology companies that do not perform tests on animals have been targeted by animal rights groups because of a perception that they engage in such activities. The professional protection officer must be familiar with the many types of threats that may arise out of actual or perceived controversial activities in which the organization they serve may be involved. Charleston, Virginia 2017 and Ferguson, Missouri 2014 are two events the professional officer needs to review to understand the changing

climate of security across the nation and worldwide. Also worthy of review are the two reports “Active Shooters in the United States” for 2016/2017 and 2018 (Advanced Law Enforcement Rapid Response Training [ALERRT] & FBI, 2018a, 2018b); and the 2018 Marjory Stoneman Douglas High School shooting in Coral Springs (Brown, 2019). 6. Power Outages: All organizations have power necessities and all organizations eventually experience a power outage. When the power goes out, lights, machinery, and HVAC systems all come to a halt. The professional protection officer must be prepared to deal with safety issues that arise as a result of a power outage. Many organizations have emergency batteries and generator back-ups. The professional protection officer should be familiar with how these systems operate. The facility must test these under LOAD on a regular basis. 7. Disasters: Disasters, whether natural or technological, pose a threat to all organizations. Natural disasters include such events as a tornado or hurricane, blizzard, wildfire, earthquake, flood, tidal wave, and a host of other naturally occurring phenomena. Technological disasters include such events as explosions, collapses, HAZMAT incidents, and industrial fires. The professional protection officer should be familiar with the potential impacts of natural and technological disasters and how those disasters may impact the organization they serve. 8. Terrorist Actions: Terrorist acts can include bombings, armed assaults, kidnapping, sabotage, hostage-taking, and a host of other serious incidents. While the probability that an act of terrorism will occur at a given site on any given day is low, the impact of such actions can have serious and long-lasting consequences on people, organizations, and communities. The professional protection officer should take the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

TYPES OF POTENTIAL EMERGENCIES

time to become familiar with terrorism and terrorist groups, their tactics, goals, and, most important, preincident indicators (red flags) of potential terrorist actions.

Case Studies The professional protection officer is in a unique position to respond to emergency situations. Since the protection officer is usually stationed at the facility where the emergency is taking place, they are typically the first personnel to arrive on the scene. These first several minutes constitute a critically important window of opportunity. Professional, quick, and decisive action on the part of the protection officer can contain the situation, ensure that people are safe, and mitigate damage to organizational assets by taking required initial steps. Although often unnoticed by the public, the actions of professional protection officers save lives and property on a regular basis. Here are just a few examples. 1. Review the ALERRT and FBI reports issued in 2018 listing 50 active shooter incidents that occurred in 2016 (20) and 2017 (30); and 27 in 2018 (ALERRT & FBI, 2018a [2016/2017] and 2018b [2018]). 2. Natural disaster: Hurricane Sandy affected 24 states in 2012, causing damage that exceeded 70 billion dollars. It struck over the last weekend in October 2012, reaching from the Bahamas to the northeast. Fagel served in several Disaster Field Offices in New York City during the aftermath. 3. Civil Disobedience: A financial firm was targeted for a large-scale protest by an environmental group. The environmental group objected to investments the firm made in a company that was engaged in construction projects in an ecologically pristine area. The financial firm became aware of the date and time of the planned protests and quickly deployed additional protective personnel. On

377

the day of the protests, members of the environmental group attempted to enter one of the firm’s buildings and handcuff themselves to a stationary object located just inside the main entrance. Protection officers successfully kept the protesters from entering the building. Additional preplanning also allowed the firm’s public relations personnel to have statements already prepared for the media. Had the protesters succeeded in handcuffing themselves inside the building, operations could have been impacted and the media attention to the event would certainly have been greater. This list has grown with: • Ferguson • Charleston • Occupy movement 4. Medical Emergency: Protection officers in a large high-rise building were called to the scene of a collapsed individual. Upon arrival, the protection officers, who were trained as EMTs, checked the scene to ensure that it was safe to enter and then began to assess the situation. The patient was found to have stopped breathing and had no pulse. Utilizing an AED, the protection officers were able to revive and stabilize the patient until emergency medical services personnel arrived on scene and transported the patient to a nearby hospital. The Department of Homeland Security (DHS) has initiated a “Stop the Bleed” campaign that can help to save lives (DHS, 2018). 5. Flood: A protection officer on routine patrol at his facility discovered a major water leakage that was spilling into a hallway located just outside of a critical computer room. The protection officer immediately called for assistance over his radio and then proceeded to follow the emergency procedures outlined in the organization’s response protocols. The protection officer took highly absorbent material from a nearby

II. PRACTICAL AND OPERATIONAL APPLICATIONS

378

33. EMERGENCY PLANNING

crash cart and began to divert the water away from the computer room. In the interim, the command center officer dispatched additional help to the scene, sent out an emergency notice, set up a conference bridge for the crisis team, and contacted a preselected vendor to respond to assist with the cleanup. As a result of these quick actions, the computer room suffered minimal damage and the organization was able to maintain its operations without disruption. These and many other types of emergency situations can happen to any organization, at any time. The professional protection officer must be prepared to respond to such events in accordance with his or her organizational protocols, training, and, most important, good judgment.

SCOPE OF THE PROBLEM Over the years, limited research has been conducted with respect to emergency preparedness in the private sector (Tierney, Lindell, & Perry, 2001). The research that does exist indicates that many private sector organizations have not been proactive in this critical arena (Tierney et al., 2001). This is unfortunate, since not having an effective plan in place can ultimately lead to a variety of negative consequences ranging from adverse publicity to significant operating losses, as well as loss of life. Viewed from a homeland security perspective, this is troubling, considering that approximately 85% of the critical infrastructure in the United States is owned by the private sector (Fagel, 2011). In contrast, some organizations that have come to realize that emergency response planning is vital, have created elaborate policies and procedures designed to deal with a variety of emergency situations. Moreover, these organizations usually feel confident that they are prepared to deal with any contingency. Their emergency response plans detail specific actions to take in

the event of a catastrophic event and outline the steps that should be employed during the ensuing recovery effort. However, far too often this is where the planning process ends. Typically, the planning document is filed away and forgotten until a critical incident occurs ( Joyce & Hurth, 1997; Phelps, 2007; Reid, 1996). Furthermore, as Canton (2007) points out, a plan is merely a snapshot of an organization’s intention at that particular point in time, and many are out of date as soon as they are published.

EMERGENCY PLANNING CONSIDERATIONS No one emergency response plan can be applied to every potential crisis situation. The basis of survival is not the plan itself, BUT, the planning process (Fagel, 2014). However, a comprehensive plan that takes into consideration potential, natural, technological, and man-made threats, and involves key personnel in the planning process, can help organizations to systematically manage emergencies in an effective and efficient manner. Consequently, the planning process is a key element that enables protection officers to explore viable options that can be employed in the event of a critical incident. Additionally, the planning process can facilitate effective problem solving and communication among various stakeholders, thereby creating a flexible and adaptable environment for managing critical incidents (Canton, 2007). Being prepared for emergencies involves four important components: planning, reviewing, training, and testing. These are the cornerstones of any emergency response plan and it should be noted that it is a circular rather than linear process. Perhaps Nudell and Antokol (1988) explain this concept best when they describe the above components, when implemented, as an umbrella of preparation against the thunderstorms of a potential crisis.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

VULNERABILITY ANALYSIS

Some elements to consider when forming a planning team involve selecting the right people, equipping and training them, as well as allowing the time to plan, practice, and prepare for the event (Fagel, 2010). These include but are not limited to: • • • • • • • • • • • • •

• • • • • • • •

Establishing a culture, policy Identifying risks and all hazards Identifying resources Selecting crisis team personnel Locating the crisis management center Equipping the crisis center Training crisis team personnel Testing contingency plans and emergency procedures Dealing with the media Dealing with victims and their families Dealing with other affected persons (such as employees) Getting the organization’s usual work done during the crisis Returning to normal operations after the crisis (both operationally and in human terms) Managing resistance to the planning process Adopting an all-hazards approach (consider all potential disasters) Promoting multiorganization response Relying on accurate assumptions Identifying appropriate actions while encouraging improvisation Linking emergency response to disaster recovery and hazard mitigation Training and evaluating Adopting a continuous planning process

There are a number of established standards for emergency planning. One highly regarded standard was developed by the National Fire Protection Association (NFPA). NFPA Standard 1600, “Recommended Practice for Disaster/ Emergency Management and Business Continuity Programs,” was created with the participation of the Federal Emergency Management Agency (FEMA), the International Association of Emergency Managers, and the National

379

Emergency Management Association. It sets criteria for both developing and evaluating existing emergency management programs, including private sector business programs (Lindell & Prater, 2003). NFPA 1600, which is widely recognized by professionals in government and industry, defines 14 criteria for programs (Lindell & Prater, 2003): • • • • • • • • • • • • • •

Laws and Authorities Resource Management Direction, Control, and Coordination Communications and Warning Operations and Procedures Finance and Administration Exercises, Evaluations, and Corrective Actions Crisis Communications and Public Information Hazard Identification, Risk Assessment, and Impact Analysis Hazard Mitigation Mutual Aid Planning Training Logistics and Facilities

VULNERABILITY ANALYSIS Hazard identification, risk assessment, and impact analysis are important steps in the planning process, since many of the key decisions made relative to the emergency plan are based on this information. Many times, this procedure can be accomplished by using a simple numerical rating system (scale of 1–5, with 1 as the lowest and 5 as highest) to list potential emergencies (such as fire, flood, terrorist attack, etc.), estimate the probability of each emergency occurring, assess the potential human impact (death and injury), property impact (losses and damages), potential business impact (loss of market share), and, finally, the strength of the internal and external resources that may be available (1 being weak resources and 5 indicating strong resources).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

380 TABLE 33.1

33. EMERGENCY PLANNING

Vulnerability Analysis Chart

The lower the score the better From Federal Emergency Management Agency. (2007). Emergency management guide for business and industry. [PDF file]. https://www.fema.gov/medialibrary-data/20130726-1511-20490-6446/bizindst.pdf.

Next, you would total the score for each potential emergency, taking into consideration that the lower the score, the better. Although somewhat subjective, the comparison will be of significant assistance in determining planning priorities. The following example helps to illustrate the process (FEMA, 2017) (Table 33.1):

The Incident Command System Incident Command is a concept that has been reinforced by the Federal Emergency Management Agency utilizing the National Incident Management System (NIMS) as revised in 2017. The Incident Command System (ICS) was developed in the early 1970s after a series of major wildfires in southern California. The fires affected all levels of government (federal, state, and local), and highlighted various recurring problems that prevented responding agencies from working together. In particular, determining who was in charge of the overall response effort, duplication of efforts, poor coordination due to no joint planning, lack of a common organization, and ineffective intra-agency communications, hindered the overall emergency response to the fires. ICS established an on-scene management system that would

help responding agencies work together using a coordinated and systematic approach that can be used for all types of incidents regardless of size (FEMA, 2017). Common Terminology: Common vocabulary is used instead of signal codes. Functional assignments are standardized and easily understood (Fig. 33.3). Integrated Communications: To accommodate various agencies, a common communications plan is used with assigned frequencies. Unified Command Structure: The command structure expands when there is more than one responding agency, and all organizations share a common set of incident objectives and strategies. Unit Integrity: Typically, responding units are not broken up before being deployed. Most responders receive orders through their existing chain of command. Unity of Command: To avoid organizational confusion, every individual has a designated supervisor. Effective Span of Control: One supervisor for every 3–7 subordinates, with 5 being the optimum number. Modular Structure: Can expand or shrink based on needs.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

VULNERABILITY ANALYSIS

381

Some key terms and acronyms in emergency management: Hazard: A source of danger that may or may not lead to an emergency or disaster Risk: A measure of the likelihood that a hazard will manifest into an actual emergency or disaster Vulnerability: A weak point Impact: The consequences an event has on people, property, operations, and communities Disaster: An event that demands substantial response capability beyond the scope of normal operations ICS: Incident Command System NIMS: National Incident Management System

FIG. 33.3 Key terms and acronyms in emergency management. Adapted from Haddow, G. D., & Bullock, J. A. (2017). Introduction to emergency management (5th ed.). Cambridge, MA: Butterworth-Heinemann.

Comprehensive Resource Management: Human, material, and equipment resources are always checked in, and their status maintained at all times. Consolidated Action Plans: A single planning process, leading to one incident action plan. The ICS structure is built around five major management activities or functions (McEntire, 2007) (Fig. 33.4): Command: The incident commander (IC) determines strategy and objectives and is responsible for overall command of the incident. Three positions/functions work closely with the IC: • Information Officer: Works with the media and releases information to the public as appropriate. • Safety Officer: Monitors operations and advises the IC on all matters related to safety. • Liaison Officer: Is the IC’s point of contact with representatives of other organizations. Operations: Responsible for directing and coordinating all tactical operations to meet incident objectives.

Planning: Responsible for all incident-related data (gathering and analyzing) as well as the status of all available resources. Logistics: Responsible for providing the necessary support (facilities, services, and materials) to meet all needs for the incident or situation. Finance: Responsible for on-site financial and administrative management, including monitoring and documenting all costs related to the incident. This is especially important for reimbursement by the federal government when there is a Presidential Disaster Declaration. It is important for protection officers to understand how ICS works for several reasons. First, it is a relatively simple on-scene management tool that has proven effective in a variety of settings over the years, including the private sector. Second, any time there is a serious incident that requires public safety personnel from any level of government to respond, they will likely be using ICS. Consequently, understanding ICS, and being able to seamlessly fit into this management system in an effort to solve problems, would be advantageous for all of the entities involved in the incident.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

382

33. EMERGENCY PLANNING

Incident commander

Command staff Public information officer Safety officer

Liaison officer

Operations section chief

Planning section chief

Logistics section chief

Finance/ administration section chief

General staff

FIG. 33.4 Example of an ICS Organization with a Single Incident Commander. From FEMA. (2017). National incident management system. [PDF file]. https://www.fema.gov/media-library-data/1508151197225-ced8c60378c3936adb92c1a3ee6f6564/ FINAL_NIMS_2017.pdf.

The National Incident Management System (NIMS) In recent years, the United States has been impacted by a number of devastating disasters: in particular, the terrorist attacks of September 11, 2001, Hurricanes Katrina in 2005, Sandy in 2012 and Michael in 2018, to name just a few major events. From Puerto Rico and the Virgin Islands being devastated in 2017, to the continual wildfires in California, flooding and mudslides in Japan, volcanic eruptions in Guatemala and Hawaii, tragic dust storms in India, earthquakes in Mexico and Papua New Guinea, the Indonesia tsunami, as well as 2019’s horrendous flooding in India, and Hurricane Dorian’s destruction and death toll in the Bahamas—such disasters have become all too common. The National Incident Management System (NIMS) provides a systematic, proactive, all-

hazards approach that guides all levels of government, nongovernment organizations, and the private sector to work together to respond to, and manage, incidents of all sizes and complexity. Clearly, as we have seen over the years, the private sector plays a vital role in incident response. For this reason, the private sector should be incorporated into all facets of NIMS, and should prepare for all-hazard incidents that may affect their ability to operate. This is particularly important for private sector organizations that are part of the critical infrastructure, or those that have a role in emergency response. Moreover, those private sector organizations that play a role in emergency response are encouraged to become NIMScompliant through various training programs offered by FEMA (2019). It should also be noted that ICS is an integral part of NIMS. This is another reason why private sector organizations and protection officers may

II. PRACTICAL AND OPERATIONAL APPLICATIONS

VULNERABILITY ANALYSIS

wish to have a thorough understanding of ICS and be able to apply the concepts readily in the event of a serious incident that will require a multiagency response.

Emergency Operations Centers An Emergency Operations Center (EOC) serves as a centralized area for the management of emergency operations. The EOC is where decisions are made by the emergency management team based on information provided by emergency responders and other personnel (Fagel, 2010). The EOC can range from a dedicated, wellequipped center (comprehensive emergency communications capability including radio, telephone, fax, Internet access, computer, and television; self-sustaining power sources; bathroom, eating, and sleeping facilities for staff, etc.) to an ad hoc room that is used as circumstances dictate.

Media Relations Procedures for dealing with the media are another important area that cannot be overlooked. When a critical incident occurs, the security manager will undoubtedly be pulled in many different directions. Faced with a considerable number of important tasks, the security manager may not view media relations as a primary concern. However, being prepared ahead of time to deal with the media can help an organization to get through the incident without the additional damage that can be caused by misinformation and speculation. In addition, the negative publicity that an organization receives as a result of a critical incident can have far-reaching effects. An organization’s image and business can be adversely impacted. Litigation is bound to result as victims, the families of victims, employees, customers, and perhaps various interested outside parties will be seeking to lay blame and recover damages. Attorneys are bound to examine every newspaper account and TV report of the incident. They will, of course,

383

be looking for statements from representatives of the organization for any admission or confirmation that the organization was in some way negligent (Fagel, 2014). Four things to consider: 1. Have a media plan 2. Build a relationship with the media before a crisis strikes 3. Train employees in crisis communications 4. Maintain a good relationship with the media after [a] crisis Cooperating with the media provides an organization with a number of important benefits that far outweigh the benefits of denying them access. In particular, it provides the organization with an opportunity to provide its side of the story. This is important since oftentimes the spokesman for the organization can release background information that may provide a different perspective on the situation. Furthermore, working with the media may prevent reporters from seeking out secondary sources that are typically less informed and more likely to misrepresent the organization. Consequently, it is far better to have the organization give an accurate statement of the situation as opposed to leaving it up to the reporter to locate an “informed” source, which can lead to speculation and misinformation. Saying “nothing” also has its own risks. Ignoring bad news will not make the incident go away and usually this tactic raises additional questions (Gardner, 1997). FEMA (1993, p. 41) provides a number of important considerations for dealing with the media in an emergency: • Designate a trained spokesperson and an alternate spokesperson • Set up a media briefing area • Establish security procedures • Establish procedures for ensuring that information is complete, accurate, and approved for public release • Determine an appropriate and useful way of communicating technical information

II. PRACTICAL AND OPERATIONAL APPLICATIONS

384

33. EMERGENCY PLANNING

• Prepare background information about the facility Do’s 1. Give all media access to the information 2. When appropriate, conduct press briefings and interviews. Give local and national media equal time 3. Try to observe media deadlines 4. Escort media representative to ensure safety 5. Keep records of information released 6. Provide press releases when possible Don’ts 1. Do not speculate about the incident 2. Do not permit unauthorized personnel to release information 3. Do not cover up facts or mislead the media 4. Do not put blame on the incident It is quite evident that, although safety issues are always a top consideration, an organization cannot overlook the importance of having an effective crisis media relations plan in place and training protection officers with respect to their roles. This is critical, since the plan must be implemented quickly during a critical incident in order to provide accurate and timely information while safeguarding the reputation and interests of the organization.

mission statement that introduces the emergency management plan, its purpose and importance to the organization, and defines the structure and authority of the planning team. Additionally, it is important, in the initial planning stages, to select an individual within the organization to assume responsibility for the plan and act as the planning team leader or coordinator. Ultimately, capabilities and hazards should be analyzed, specific roles and responsibilities should be carefully outlined, and critical company products and services should be identified in order to ensure a coordinated and effective response when a critical incident does occur. This will typically involve meeting with outside groups, and establishing mutual aid agreements where appropriate. According to Canton (2007), resource management under NFPA 1600 is broad in scope, enabling organizations to establish a baseline and determine where they are deficient. Organizations can then make plans to meet these shortfalls through procurement or establishing mutual aid agreements with outside groups or agencies. Some outside groups or agencies could include (FEMA, 2017): 1. 2. 3. 4. 5.

DEVELOPING THE EMERGENCY RESPONSE PLAN The development of a comprehensive emergency management plan requires considerable time and effort, and sufficient time should be provided for its completion. Representatives from key organizational units must be involved from its inception, and upper management support is essential throughout the entire process. Typically, this can be readily accomplished by having the chief executive officer or facility manager issue a

6. 7. 8. 9.

10. 11. 12. 13. 14. 15.

Local police department Local fire department Emergency medical services City or county office of emergency management Local emergency planning committee (LEPC) Public works department Electric utilities Telephone companies Volunteer agencies such as the American Red Cross, the Salvation Army, and so on Essential contractors Suppliers of emergency equipment Company insurance carriers Neighboring businesses Trade associations National Weather Service (NWS)

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REVIEWING AND INTEGRATING THE EMERGENCY RESPONSE PLAN

In crisis situations, organizations respond differently based on variations in tasks and level of preparedness, as well as political considerations. Conferring with outside groups or agencies ahead of time will undoubtedly decrease confusion and delays during the response phase of an emergency, improve communication and coordination during the management phase of the incident, and help organizations transition to the recovery phase much faster. However, it is important to note that these agreements should clearly define the type of assistance as well as the procedures for activating the agreement in order to avoid unnecessary conflict.

REVIEWING AND INTEGRATING THE EMERGENCY RESPONSE PLAN Once the initial plan is complete, it is essential that its various components be reviewed in depth by planning team personnel and revised as necessary. The draft plan could then be presented to key management personnel as well as any individuals who may be required to perform or provide support services. Many times, a tabletop exercise provides an excellent opportunity to review potential critical incidents with key personnel since problem areas can be readily identified and discussed. The plan can then be modified accordingly and later presented to the chief executive officer for final approval. Upon approval, the plan can be distributed to all affected personnel who should be required to sign that they have received the document. It is then important that the plan is quickly and clearly communicated to all affected personnel (Gigliotti & Jason, 1991). It is imperative at this point that the plan is fully integrated into the organization’s standard operating procedures (SOPs). According to the Guide for All-Hazard Emergency Operations

385

Planning (FEMA, 1996, p. 3–3), SOPs and checklists provide the detailed instructions that an organization or individual needs to fulfill responsibilities and perform tasks, assigned in the EOP [emergency operations plan]… Clearly, a comprehensive checklist that includes major planning, implementation, training/testing, response, and recovery components would be an invaluable asset to any organization’s emergency response plan.

Training and Testing Utilizing the FEMA Homeland Security Exercise and Evaluation Program (HSEEP) (FEMA, 2013) After the plan has been finalized, communicated to all affected personnel, and integrated into the organization’s SOPs, it must be thoroughly tested. An emergency response plan will not work properly unless realistic training is provided and it is thoroughly tested prior to implementation in an actual emergency. Testing the plan helps to identify problem areas, as well as inherent weaknesses, that must be corrected in order to ensure that the plan will work as designed. Training and testing thus serve to identify areas in need of improvement, thereby enhancing coordination and communication among emergency response personnel. The first step in the training process is to assign a staff member responsible for developing an overall training plan and the requisite goals and objectives for each component. Additionally, a determination must be made as to the following: • Who will actually perform the training? • Who will be trained? • What types of training activities will be employed? • What materials and equipment are needed? • When will the training take place? • Where will the training take place? • How long will the training last?

II. PRACTICAL AND OPERATIONAL APPLICATIONS

386

33. EMERGENCY PLANNING

personnel are tested. Participants are asked to make note of potential hazards along the way and the emergency response plan is modified accordingly. Full-Scale Exercise—An emergency is simulated as close to reality as possible. Involves management, emergency response personnel, and employees, as well as outside groups and agencies that would also be involved in the response.

• How will the training be evaluated and by whom? • How will the training activities be documented? • How will special circumstances be handled? • How will training costs and expenses be budgeted? It should be noted that critiques, or evaluations, are an important component of the training process and must be conducted after each training activity. Sufficient time should be allotted for the critique and any resulting recommendations should be forwarded to the emergency planning team for further review and action. Additionally, organizations should consider how to involve outside groups and agencies in the training and evaluation process. As previously mentioned, this could certainly help to avoid conflict and increase coordination and communication when a critical incident does occur (FEMA, 2017). Orientation and Education Sessions— Sessions designed to provide information, answer questions, and identify needs and concerns. Tabletop Exercise—This is a cost-efficient and effective way to have members of the emergency planning team, as well as key management personnel, meet in a conference room setting to discuss roles and responsibilities and identify areas of concern. Walk-Through Drill—The emergency planning team and response teams actually perform their emergency response functions. Functional Drills—Designed to test specific functions such as medical response, emergency notifications, and communications procedures, although not necessarily at the same time. The drill is then evaluated by the various participants, and problem areas identified. Evacuation Drill—Participants walk the evacuation route to a predesignated area where procedures for accounting for all

Practical “hands-on” training always provides personnel with excellent opportunities to use skills that are taught and to learn new techniques and procedures. For emergency response training, simulations such as tabletop exercises, drills, and full-scale exercises are particularly valuable for practicing decision-making skills, tactical techniques, and communications. Moreover, simulations serve to determine deficiencies in planning and procedures that can lead to modifications to the emergency response plan (ASIS International, 2005; Fagel & Hestermann, 2016; FEMA, 1993; Nudell & Antokol, 1988).

Evaluating the Emergency Response Plan Phelps (2007) advocates that training should occur every 3 months, and that eight major areas should be tested. These include: • • • • • • • •

Internal communications External communications Resources Systems Safety Coordination Record-keeping Legal issues

With respect to communications, this is a critical area that has posed many problems for emergency responders over the years. In particular, during multiagency responses to critical incidents, responding personnel have not been able to communicate and coordinate their responses because their radio equipment has

II. PRACTICAL AND OPERATIONAL APPLICATIONS

387

REFERENCES

not been compatible (interoperable). The World Trade Center response on September 11, 2001 certainly highlighted the extent of this problem, which had disastrous consequences for emergency responders. Unfortunately, according to Straw (2009, p. 68), “nearly eight years after 9-11, the national goal of ensuring that commanders from different public safety agencies and jurisdictions have interoperable communications remains elusive …”. Regardless of the training schedule selected, a formal audit of the entire emergency response plan should be conducted at least once a year. Furthermore, in addition to the yearly audit, the emergency response plan should be evaluated, and modified if necessary, as follows (FEMA, 1993): 1. After each drill or exercise 2. After each critical incident 3. When there has been a change in personnel or responsibilities 4. When the layout or design of a facility changes 5. When there is a change in policies or procedures Of course, any modifications or changes to an emergency response plan should be communicated to affected personnel as soon as possible. Similarly, changes to the planning document should be incorporated and distributed in a timely manner.

EMERGING TRENDS Conducting Exercises in Difficult Economic Times or With the Reluctant Organization The only way to truly tell if a plan is effective is to either experience an actual incident or to conduct an exercise. While most organizations understand the need to exercise plans, too few actually expend the time and money necessary to accomplish this task. This tendency not to conduct exercises is even more pronounced during difficult economic periods and with organizations that

haven’t completely adopted resiliency concepts into their corporate culture. Tabletop exercises are a unique and costeffective method to help train AND educate staff as to their roles and responsibilities.

CONCLUSION Since emergency situations take on many forms and have significant impacts for organizations, individuals, and communities, it is imperative that professional protection officers and the organizations they serve maintain a 24/7 (24-h-a-day, 7-day-a-week) state of readiness. Readiness involves a thoughtful approach and continual planning, training, and testing in all four phases of the emergency planning cycle: Mitigation, Response, Recovery, and Preparedness. Professional development is also an important part of this process, and organizations and officers should take advantage of various professional development activities designed to increase knowledge and skills. By making continuous, incremental improvements to incident response plans and the teams that carry them out, the professional protection officer can work as part of an interdisciplinary team to save lives, prevent property damage, and maintain order.

References Advanced Law Enforcement Rapid Response Training (ALERRT), Federal Bureau of Investigations (FBI), & US Department of Justice. (2018a). Active shooter incidents in the United States in 2016 and 2017. Retrieved October 6, 2019, from https://www.fbi.gov/filerepository/active-shooter-incidents-us-2016-2017.pdf/ view. Advanced Law Enforcement Rapid Response Training (ALERRT), Federal Bureau of Investigations (FBI), & US Department of Justice. (2018b). Active shooter incidents in the United States in 2018. Retrieved October 6, 2019, from https://www.fbi.gov/file-repository/activeshooter-incidents-in-the-us-2018-041019.pdf/view.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

388

33. EMERGENCY PLANNING

ASIS International. (2005). Business continuity guideline: A practical approach for emergency preparedness, crisis management, and disaster recovery. VA: Alexandria. Brown, J. (2019, January 2). Scathing Parkland shooting report, citing widespread failures, goes to governor. Retrieved from https://www.miamiherald.com/news/ local/community/broward/article223839585.html. Canton, L. C. (2007). Emergency management: Concepts and strategies for effective programs. Hoboken, NJ: John Wiley & Sons, Inc. Fagel, M. J. (2010). Principles of emergency management and Emergency Operations Centers (EOC). Boca Raton: CRC Press. Fagel, M. J. (2011). Principles of emergency management: Hazard specific issues and mitigation strategies. Boca Raton, FL: CRC Press. Fagel, M. J. (2014). Crisis management & emergency planning, preparing for today’s challenges. New York: CRC Press. Fagel, M. J., & Hesterman, J. (2016). Soft targets and crisis management: What emergency planners and security professionals need to know. Boca Raton, FL: CRC Press. Federal Emergency Management Agency (FEMA). (1993). Emergency management guide for business and industry. [PDF file]. https://www.continentalmessage.com/ resources/business-emergency-management-guide/. Federal Emergency Management Agency (FEMA). (1996). Guide for all-hazard emergency operations planning. Washington, DC: U.S. Government Printing Office. Federal Emergency Management Agency (FEMA). (2013). Homeland Security Exercise and Evaluation Program. Retrieved from https://www.fema.gov/media-library/ assets/documents/32326#. Federal Emergency Management Agency (FEMA). (2017). National incident management system (NIMS). (3rd ed.). [PDF file]. https://www.fema.gov/media-library-data/ 1508151197225-ced8c60378c3936adb92c1a3ee6f6564/ FINAL_NIMS_2017.pdf. Federal Emergency Management Agency (FEMA). (2019). National Incident Management System (NIMS) Training. Retrieved from https://www.fema.gov/nims-training. Gardner, R. (1997). Getting ahead of the headlines. Security Management, 41(7), 115–119. Gigliotti, R., & Jason, R. (1991). Emergency planning for maximum protection. Boston, MA: Butterworth-Heinemann. Joyce, E., & Hurth, L. (1997). Booking your next disaster. Security Management, 41(11), 47–50. Knight, R. F., & Pretty, D. J. (1996). The impact of catastrophes on shareholder value. Oxford, England: The Oxford Executive Research Briefings; a Research Report sponsored by the Sedgwick Group. [PDF file]. http://eternity.websurgeon.ca/papers/whitepapers/ sedgwickreport.pdf. Lindell, M. K., & Prater, C. S. (2003). Assessing community impacts of natural disasters. Natural Hazards Review, 4, 176–185.

McEntire, D. A. (2007). Disaster response and recovery. Hoboken, NJ: John Wiley & Sons, Inc. National Terror Assist. (n.d.). Shelter-in-place: Know how, know where. Retrieved October 6, 2019, from http://www. nationalterroralert.com/shelterinplace/ Nudell, M., & Antokol, N. (1988). The handbook for effective emergency management. Lexington, MA: Lexington Books. Phelps, E. F. (2007). No lights, no camera, just action. Security Management, 51(11), 55–61. Reid, K. E. (1996). Testing Murphy’s Law. Security Magazine, 40(11). Straw, J. (2009). Communicating to save lives. Security Management, 53(5), 63–69. Tierney, K. J., Lindell, M. J., & Perry, R. W. (2001). Facing the unexpected: Disaster preparedness and response in the United States. Washington, DC: Joseph Henry Press. US Department of Homeland Security (DHS). (2018, July 26). Stop the bleed. Retrieved from https://www.dhs.gov/ stopthebleed.

Resources Broder, J. F. (2006). Risk analysis and the security survey (3rd ed.). Burlington, MA: Butterworth-Heinemann.

Further Reading ASIS International. (2003). Emergency planning handbook (2nd ed.). Alexandria, VA: ASIS International. Bennett, B. T. (2007). Understanding, assessing, and responding to terrorism: Protecting critical infrastructure and personnel. Hoboken, NJ: John Wiley & Sons, Inc. Bullock, J. A., Haddow, G. D., Coppola, D., Ergin, E., Westerman, L., & Yeletaysi, S. (2006). Introduction to homeland security (2nd ed.). Burlington, MA: ButterworthHeinemann. Carlson, M., Shannon, E., & Winbush, D. (1990). Murder by mail. Time magazine. Fold3 by ancestry. (n.d.). T J Mosser stories [of Unabomber]. Retrieved October 9, 2019, from https://www.fold3. com/page/15841545-t-j-mosser/stories. Fagel, M. J. (2011). Principles of emergency management and emergency operations centers (EOC). Boca Raton, FL: CRC Press. Fagel, M. J. (2012). Principles of emergency management, hazard specific issues and mitigation strategies. Boca Raton, FL: CRC Press. Federal Bureau of Investigation (FBI). (2016, May 18). Unabomber. Retrieved from https://www.fbi.gov/ history/famous-cases/unabomber. Hawkes, K., & Neal, J. (1998). Command performance. Security Management, 42(11), 77–83. Meyer, J., Oliphant, J., & Zajac, A. (2009, June 11). Two people shot at Holocaust Memorial Museum in Washington.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FURTHER READING

Retrieved from https://www.latimes.com/archives/laxpm-2009-jun-11-na-holocaust-shooting11-story.html Molino, L. N., Sr. (2006). Emergency incident management systems: Fundamentals and applications. Hoboken, NJ: John Wiley & Sons, Inc. Nuss, R. (1997). Effective media crisis communication during a critical incident. Winter Springs, FL: Nuss and Associates, Inc. Perry, R. W., & Lindell, M. K. (2007). Emergency planning. Hoboken, NJ: John Wiley & Sons, Inc. Purpura, P. P. (2007). Terrorism and homeland security. Burlington, MA: Butterworth-Heinemann.

389

Shane, S. (2008). Anthrax evidence called mostly circumstantial. Retrieved May 20, 2009 from http://www.nytimes.com/ 2008/08/04/us/04anthrax.html. U.S. Department of Homeland Security. (2008). National incident management system. Available from: http://www.fema. gov/pdf/emergency/nims/NIMS_core.pdf. Accessed 20 May 2009. Washington Times. (2005). Katrina-hit states turn to security firms. Available from: http://www.washingtontimes.com/ news/2005/sep/09/20050909-104738-8181r/. Accessed 20 May 2009.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

34 Security Awareness Jack F. Dowling, James E. Sellers O U T L I N E Introduction

391

Double Loop Learning

395

What Is Security Awareness?

392

Communication

395

Expanding the Team Through Partnerships

393

References

396

Techniques for Reinforcing Policy and Procedures to Increase Security Awareness

394

CHAPTER OBJECTIVES • Explore the importance of security awareness to the overall success of an organization • Explain how a stakeholder approach is used to create a partnership, which helps achieve a safe and secure environment • Explore examples of “lessons learned” by an organization to help partners understand why security awareness is important personally and for the success of the organization

INTRODUCTION Security awareness has long been a goal of organizations that strive to provide a safe and secure environment for their employees,

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00034-1

customers, and those who want to defend precious assets. The practice of security awareness operates best when a reasonable plan is put together with policies and procedures that support a comprehensive team concept. A security awareness team is crucial to sustaining a healthy corporate environment, and it should include everyone connected to corporate functions. Managers should formulate a plan that emphasizes enlisting every employee to form partnerships with critical external acquaintances to build a diverse team. When properly launched and actively reinforced, an effective security awareness team encompasses various entities to achieve basic protective goals, which then help deter unwanted activities that threaten the organization. Although the basic roles, skills, and knowledge of team members will vary, each should understand that he/she is an essential player in safety

391

# 2020 Elsevier Inc. All rights reserved.

392

34. SECURITY AWARENESS

management and in helping the company achieve security goals. This creates an environment that reduces liability risk and loss prevention by encouraging general safety practices and strategies that produce lasting results. Whether a matter of routine or during an emergency, team members should, at least, know the most current corporate security plan, accept responsibility, and be able to implement program objectives.

WHAT IS SECURITY AWARENESS? When we speak about “security awareness,” we are talking about the need to focus attention on security throughout the organization and to keep security in the forefront and consciousness of every employee’s mind during the day, so the employees are making more secure decisions. It involves a sense of duty by those who could be affected to be aware of security practices as they relate to daily activities of the organization. Although the plan can be extensive, it does not require every employee to know every aspect; many times, it will apply to specialized or departmental duties. The importance of security awareness for private security officers is recognized by ASIS International in its 2019 Private Security Officer Selection and Training Guideline where this aspect of training for security officers is one of the core topics and subject matters to be mastered (ASIS International, 2019). Security awareness provides a framework of established policies and procedures that participants employ by reporting unsafe conditions, suspicious activity, and noticing general safety breaches, merely as second nature. Security awareness is one of the four essential components of an effective security program that includes physical, electronic and design security; security staff; security policies, procedures and protocols; and security education and training. All these elements combine to protect the organization’s assets and reduce liability. Security awareness is the first step that precedes the education and training elements of

the security program. For business invitees, licensees and other visitors/guests, and even trespassers, the security awareness effort may be as simple as a warning sign or as complex as a signed document regarding premises security guidelines. For security and other staff, the security awareness may be a series of security or crime alerts relating to an ongoing security and/or crime trend and pattern and specific instructions for both the security staff and other staff to follow. Security signage indicating the private property status of the facility and the deployment by the owner of certain security measures on the premises, that is, digital security cameras, alarms, patrols, etc., and/or prohibited activity on the premises, is a common security awareness communication method. Security awareness documents usually specify the crime and/or security issue and concern, what you can do to mitigate or prevent the security issue, and what steps the organization is taking to mitigate or prevent the security issue. Depending on the nature of the crime and/or security threat, the organization may need to furnish education and training for specific responses to the threat. For example, workplace violence awareness will usually involve detailed information, instructions, and specific training, including exercises, drills, and tests. Security awareness efforts interface and integrate with the entire security program of an organization to present a seamless and streamlined system to reduce or eliminate the security and crime threats faced by the organization. To succeed, support from the top management of the organization for security awareness is critical. A comprehensive and effective security awareness program has and can prevent both criminal and terrorist events through employee security related actions, that is: “If You See Something, Say Something” (a security awareness slogan trademarked by the New York’s Metropolitan Transportation Authority after 9/11). Team members are trained and polled regularly to heighten their awareness about changing

II. PRACTICAL AND OPERATIONAL APPLICATIONS

393

EXPANDING THE TEAM THROUGH PARTNERSHIPS

trends in practices and rapidly advancing technology. In the past, the main concern has been on physical site security issues, focusing mostly on gates, doors, windows, and locks. Today, along with physical awareness, security initiatives must include internal matters, like avoiding workplace violence, enhancing personal safety, and being up-to-date on the latest information technology, including safe Internet practices. Greater emphasis must now be placed on these issues, more so than in the past.

EXPANDING THE TEAM THROUGH PARTNERSHIPS To be effective, the security department should instill “security awareness” among members from all layers of the organization as well as external partners. Employees should be made to feel part of the awareness team and should be solicited for their

ideas to improve security. Encourage employees to report security problems and correct safety potential issues when observed. Use a double loop communication model, which means that information should not only flow from the top of the organization down but should also flow back up to the top. It is in this way that outdated procedures are discovered and corrected. Modern security techniques now involve more collaboration with external associates such as customers, vendors, contractors, insurance providers, security consultants, public safety officials, law enforcement, the fire department, government emergency management operators, and others. By collaborating with associates a synergy is developed that acts as a force multiplier. Value is added to the security plan by using proven ideas from experienced external contributors. Security departments should liaise with local, state, and federal law enforcement officials. These officials can speak with management to reinforce security and safety practices that the

DOUBLE LOOP LEARNING Management

Security department

All employees

External partners

FIG. 34.1

Security awareness with a partner approach for the stakeholder. Figure courtesy of Sellers (2010). II. PRACTICAL AND OPERATIONAL APPLICATIONS

394

34. SECURITY AWARENESS

security department recommends including company policies and procedures. The security manager should solicit the officials to offer advice and feedback from their observations. The internal and external partners described above become stakeholders through common interests and shared goals that help the organization succeed. Stakeholders may be directly or indirectly related to an organization and may offer input that reflects commitment to ongoing functions. As stakeholders, the management and employees all benefit through financial or personal investment, employment, and so on. All share the belief that it is in their best interest to protect and promote the organization as if it were their very own (see Fig. 34.1).

TECHNIQUES FOR REINFORCING POLICY AND PROCEDURES TO INCREASE SECURITY AWARENESS To greatly increase security awareness, members from all layers of the organization, especially the security department, and external partners (local, state and federal agencies) should be instilled with a sense of partnership through interactive activities that include orientation sessions, training, social media, security updates via newsletters, e-mails, and informative signage. All employees should be apprised of the organization’s policies and procedures upon entering the organization. Employee orientation should be documented and signed to indicate the rules are understood. Organizational policies and procedures should be clear, concise, and written correctly. They should also be reviewed and updated annually, at a minimum. Print and electronic copies should be readily available to all employees. Repetition and reinforcement of the security awareness message will lead to increased involvement.

Written policy and procedure orientation

Scheduled meetings, training, focus groups, surveys Security updates via email, newsletter, webcast

Informative signage, posters, handouts, library

FIG. 34.2

Developing security awareness. Figure courtesy of Sellers (2010).

Repetition and reinforcement can be accomplished by such methods as daily exposure using posters, weekly exposure via e-mails, and monthly or quarterly exposure through newsletters and handouts. Security awareness meetings should be held with all departments at least every quarter or more frequently if new issues arise or breaches occur. Security awareness can make use of Emergency Notification Systems (ENS) and Mass Notification Systems (MSN) that employ the various modes of electronic media to inform the stakeholders of impending and/or ongoing threats and actions to be taken. Technology such as Internet e-mail, Webcast training, and electronic newsletters now enable security departments to easily and inexpensively communicate and distribute valuable security and safety information throughout the organization. The correspondence should focus on the positive outcomes that can be achieved if the organization’s security procedures are followed (see Fig. 34.2).

II. PRACTICAL AND OPERATIONAL APPLICATIONS

395

COMMUNICATION

Security information suggestions from employees to management (ideas are considered to correct errors and improve security)

Security policy and procedure from management to security department

Security information from Security management to all employees

FIG. 34.3 Developing security awareness. Double loop learning security awareness communication model (Sellers, 2010). Adapted from Argyris and Schon (1978).

DOUBLE LOOP LEARNING

COMMUNICATION

Management should consider the Double Loop Learning theory of Argyris and Schon (1978). In this theory the organization becomes a “learning organization” by detecting and correcting errors through questioning and modification of existing norms, procedures, polices, and objectives. According to Fiol and Lyles (1985), learning is “the process of improving actions through better knowledge and understanding.” With a double loop learning security awareness communication model (Fig. 34.3), a mechanism is instituted which provides feedback from employees on improving security awareness. By creating double loop communication, employees can then become stakeholders who have a vested interest in the success of the security awareness effort.

For an effective and efficient operation to exist in an organization, management should create and foster an open climate in communication. Utilizing only a verbal-down (management to staff ) method of communication will not result in an optimal communication environment and will not furnish the breadth and depth of security awareness necessary for an organization. In addition to verbal-down communication, an organization needs to have a communication strategy that includes verbal-up (staff to management); written-down (management to staff ); written-horizontal (management level to management level); written-up (staff to management); and verbal-horizontal (management level to management level). Supporting these

II. PRACTICAL AND OPERATIONAL APPLICATIONS

396

34. SECURITY AWARENESS

types of communication in an organization will ensure feedback that represents the viewpoints and perspectives of all organizational levels. Examples of these various communication methods are given in the following: • Verbal-down—orders to perform a certain specific duty from a supervisor to a subordinate, i.e., unlock the door at 6 a.m. • Verbal-up—information from the subordinate to the supervisor on a better way to perform the duty, i.e., unlock the door at 6:45 a.m. since the first employee does not arrive until 7 a.m. Some organizations utilize a “hotline” for anonymous tips about security concerns. • Written-down—handbooks, policy and procedure manuals, and newsletters. • Written-horizontal—information from the director of security to the director of human resources concerning a new standard for hiring security personnel. • Written-up—organizational process for sending written questions, suggestions and concerns to management. • Verbal-horizontal—meeting sessions both intradepartmental (security department only)

and interdepartmental (other departments within the organization). A critical component of this open climate in communication is the need for action based on the information developed by these methods and strategies. Action by management on the information from these methods of communication will signal that the organization is listening and responding to the concerns of the staff, encouraging future communication.

References Argyris, C., & Schon, D. (1978). Organisational learning: A theory of action perspective. Reading, MA: AddisonWesley. ASIS International (2019). ASIS Private Security Officer Selection and Training Guideline: What you need to know. Retrieved from https://www.asisonline.org/ professional-development/webinars/2019-past/asisprivate-security-officer-selection-and-trainingguideline-what-you-need-to-know/. Fiol, C. M., & Lyles, M. A. (1985). Organizational learning. The Academy of Management Review, 10(4), 803–813. Sellers, J. E. (2010). Security awareness. In The professional protection officer: Practical security strategies and emerging trends. IFPO. Burlington, MA: Butterworth-Heinemann.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

35 Building a Sustainable Culture of Security Lawrence J. Fennelly, Marianna A. Perry O U T L I N E Introduction

397

How to Build a Sustainable Culture of Security

397

References

integrated into the policies and procedures. It cannot be separated from the mission of the organization and should be a part of the overall security master plan.

CHAPTER OBJECTIVES • Explain culture of security • Describe “If you see something, say something”

HOW TO BUILD A SUSTAINABLE CULTURE OF SECURITY

• Address fear of crime • What is a master plan?

INTRODUCTION What is a sustainable culture of security? If asked, the majority of organizations will say that they have developed one, but when asked to define it, they have difficulty. A culture of security is initially driven vertically from the top of the organization down. From there, it is driven from the bottom of the organization up and also across horizontally by all levels of employees. A sustainable culture of security has to be a part of every operation within the organization and

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00035-3

401

Will it be easy to develop a culture of security in your organization? The answer to this question is—“it depends.” To have a sustainable culture of security in your organization depends on whether or not you have total support from upper management. In the security industry, when employees participate it is called “buyin,” but it is really much more than that. You have to have management participation as well as buyin. Buy-in and participation are not the same thing. Employees of the organization need to see management actively participating and engaged in the security program. For a security program to be successful, no one is exempt from

397

# 2020 Elsevier Inc. All rights reserved.

398

35. BUILDING A SUSTAINABLE CULTURE OF SECURITY

following security procedures, regardless of their title or role in the organization. Ensure that your organization does not have the “us and them” mentality or that management is “allowed” to disregard security procedures out of a sense of entitlement. When there is a sustainable culture of security, security belongs to everyone in the organization and everyone in the organization is an active participant. In the article, “The Importance of a Security Culture Across the Organization,” Kevin Beaver states, “A strong security culture is both a mindset and mode of operation. One that’s integrated into day-to-day thinking and decision-making can

FIG. 35.1

make for a near-impenetrable operation” (Beaver, 2015). In order to develop a sustainable culture of security in an organization (see Fig. 35.1), you first have to develop security awareness to ensure employees understand what security is and how important it is to the organization. What is the organization securing against? A vulnerability or threat assessment will help identify the assets and the risks of the organization and then security countermeasures are put in place to help secure the identified assets and mitigate the risks. Your security program is seen as professional if you adhere to best practices, standards and regulations.

Building a sustainable culture of security.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

HOW TO BUILD A SUSTAINABLE CULTURE OF SECURITY

When you develop policies and implement procedures, these should define and clearly communicate the goals of the overall security program of the organization. Remember that organizational policies change less often than organizational procedures. Ensure that emergency procedures are a part of the policies and procedures of the organization and review and update them every 5 years or more often if necessary. Employees are a critical component of any security program. Make it personal to them. Encourage employee participation and accountability. One of the largest security issues facing organizations is that employees do not understand what to report. Help them to understand what suspicious behavior is or what they should do when they observe something that doesn’t seem quite right. Employees need to describe specifically what they observed, including: • • • •

Who or what was seen, When it was seen, Where it occurred; and Why it’s suspicious (US Department of Homeland Security [DHS], 2019).

Ensure that the organization has a visitor management program in place and the security officers and employees are trained to identify suspicious behavior and activity. This emphasizes the need to greet visitors or customers and have someone available to answer questions and direct them to the proper location. Think about the national campaign “If You See Something, Say Something” licensed through DHS, that advises “if you see something you know shouldn’t be there—or someone’s behavior that doesn’t seem quite right—say something. Because only you know what’s supposed to be in your everyday” (DHS, 2019). Many times, it’s as simple as approaching someone who is not wearing a company badge (employee, visitor, contractor or vendor) and asking if you can be of help, or depending on the situation, contacting security and/or law enforcement and reporting the

399

individual using as much detail as possible. Security officers and/or trained employees are ideal for detecting suspicious behavior and activity. Another critical component of developing a positive security culture is using metrics to measure the effectiveness of employee security awareness training. When effectiveness is measured, successes can be celebrated and areas that need improvement can be identified. How will you know if an employee recognized a suspicious person or incident, reduced risk, or prevented a loss? Measuring your successes will help management justify the cost of the security awareness and training programs. Everyone in the organization needs to understand how crime or security breaches can be prevented or they will assume that security incidents will not really impact the organization as a whole or affect them personally. Identify the risks of the organization for employees and help them understand their role in helping the organization achieve its security goals to ensure profitability and also safety. Define specific incremental goals and celebrate successes when they are achieved. Each employee in the organization must act individually and directly to support the security plan in order to keep the workplace safe. Many times, when a security breach is discovered, it is not the technology or the security policies or procedures that failed, but the action or inaction of people. To put it another way, it is the people operating the system or the people that are trying to circumvent the policies or procedures that are the problem. It’s true that people are an organization’s most valuable asset, but they are also an organization’s greatest vulnerability and/or liability. A culture of sustainable security does not apply to the technology within the organization. It is for the people who develop the policies, implement/enforce procedures and follow the procedures every day. Promote your programs through awareness and training, through resources, such as found in “Security is everyone’s business” (Detectify

II. PRACTICAL AND OPERATIONAL APPLICATIONS

400

35. BUILDING A SUSTAINABLE CULTURE OF SECURITY

blog, 2015). This means preventing crime and instilling security awareness are not just the responsibility of security officers or designated staff members. “Security is everyone’s business” is a great idea, but be sure it is happening in reality and not just a concept. A sustainable culture of security should be part of an overall security master plan. Timothy Giles defines a security master plan as, “a document that delineates the organization’s security philosophies, strategies, goals, programs, and processes. It is used to guide the organization’s development and direction in these areas in a manner that is consistent with the company’s overall business plan. It also provides a detailed outline of the risks and the mitigation plans for them in a way that creates a five-year business plan.” (Giles, 2009) Your security program is an on-going process to foster change and will define and set the climate for how the plan will be implemented so the organization will reach its security goals. The first step is to have a vulnerability or risk assessment conducted by a trained security professional, so the organization will know what assets they need to protect and what risks to retain, transfer, or mitigate. When the appropriate countermeasures are put into place, the emphasis will be on layers of security along with security policies and procedures. It also may be helpful to have a safety and security committee. The formulation of partnerships is not a new idea. Partnerships have just become more visible in recent years. Decide the goal of the partnership—is it to reduce crime and the fear of crime, for emergency response or for a different reason? Develop relationships with all resources that are available in the local area. Next, identify the stakeholders in your partnership. The goal of your partnership will determine the stakeholders. Discuss security concerns and daily operations of the organization with first responders and involve them in training and drills. The basic idea is plan, practice, and prepare. Regardless of the goal of the

partnership, remember it is a proactive approach, not a reactive approach where members of different groups work together. These may be law enforcement, local government officials, fire departments, emergency medical services, local emergency management personnel, community leaders, owners of commercial and residential property, area residents, area housing management, community members, local schools, neighborhood business owners, faithbased organizations and houses of worship. The key to successful partnerships is to understand the roles, responsibilities, and resources of each partner to prepare, plan, and train together. The idea is a total coordination of efforts. In order for a partnership to be successful, planning needs to be done and the lines of communication have to stay open. Through training and practice, each partner develops a better understanding of each other’s capabilities, roles, responsibilities, and available resources. It’s important to remember that partnerships will require ongoing maintenance to keep them engaged. At the completion of the vulnerability or risk assessment, a discussion with the security professional about recommended countermeasures will help to design a blueprint of effective security measures. The foundation for an effective physical security program that is a part of the overall security master plan is the Four D’s (deter, detect, delay, and deny) and layered security (defensein-depth) (Knoke, 2015). All countermeasures implemented should be “best practices” for the specific industry of the organization. To ensure the success of your security master plan and security program, you will need to promote your programs through education and training. This means that employees need to understand their roles and responsibilities. Each individual should know what part they play in the overall security master plan. This is not a one-time or annual training. Instead, in order to have a sustainable culture of security, the job of security must belong to everyone in the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

organization from the lowest paid job to the top management position. Everyone has to feel like they are an important part of the security program. To develop security awareness, security has to become a part of the daily routine or a part of every job that is performed in the organization and also a part of every decision the organization makes. In order to hold employees accountable, first you must help them to learn security awareness. A security awareness program helps to create a security-conscious culture within an organization, where employees are subconsciously considering risks and threats in their daily routines. As security professionals, we put security countermeasures in place to mitigate these risks and threats (Mannerud, 2014). Research has shown that the fear of crime or perception of crime is much higher than the actual crime rate, but fear is real and should be addressed. To reduce fear of crime, you have to identify and understand what people are afraid of and then address that specific fear. One of the purposes of a security program is not only to implement security policies, procedures, training, and countermeasures but also to direct efforts that reduce fear of crime. For example, if a source of fear in the organization is that a stranger could walk into the building at any time, organizing a company softball team is not going to fix that particular problem. A company softball team may reinforce the concept of teamwork, but it is not going to help the access control problem. To address the problem, consider access control measures such as installing a card access system at all entry locations and monitor other doors with video surveillance. Another solution may be to have security or courtesy officers in the front lobby of the building providing customer service to each individual that enters the building. The response to employee fear has to be tailored to that specific issue. It’s important that people “feel” safe at work. Since people are the weakest link in any security program, a culture of security must be developed to help the people in

401

the organization see “where they fit” into the big picture of security and what they can do personally to ensure the success and the security of the organization. Many may not want to admit it, but every organization has a security culture, whether it is good or bad. It is important to understand that a negative (bad) security culture can be changed into a positive (good) and sustainable culture of security if the organization makes a conscious decision about the ongoing process to foster change and then invests in security. To promote your security program, be specific about the objectives and how these objectives will be achieved. Good communication within the organization to clearly identify security responsibilities and expectations will help ensure success. Developing a good (positive) and sustainable culture of security is an on-going process that will deliver a return on investment (ROI) for the entire organization, but an investment of time and resources must be a priority. It doesn’t matter what product or service an organization makes, sells or provides; security has to be a part of it. Security should be a part of the mission statement or vision of the organization and simply be “just the way things are done around here.”

References Beaver, K. (2015, September 28). The importance of a security culture across the organization. Retrieved from https:// securityintelligence.com/the-importance-of-a-securityculture-across-the-organization/. Detectify blog. (2015, September 21). Security is everyone’s business. Retrieved from https://blog.detectify.com/ 2015/09/21/security-is-everyones-business/. Giles, T. D. (2009). How to develop and implement a security master plan. Florida: Auerbach Publications. Knoke, M. E. (Managing Editor). (2015). Physical security principles. United States: ASIS International. Mannerud, T. A. (2014, September 27). Creating a security culture. Retrieved from https://www.mannerud.org/ tom-andreas/creating-a-security-culture/. US Department of Homeland Security (DHS). (2019, July 10). If you see something, say something: About the campaign. Retrieved October 24, 2019 from https://www.dhs.gov/ see-something-say-something/about-campaign.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

36 The Protection Officer’s Role in Critical Information Infrastructure Protection Ronald L. Martin O U T L I N E Introduction

403

International Critical Information Infrastructure Protection (CIIP)

404

United States National Infrastructure Protection Plan (NIPP) Chemical Sector Commercial Facilities Sector Communications Sector Critical Manufacturing Sector Dams Sector Defense Industrial Base Sector Emergency Services Sector

404 406 406 406 406 406 406 407

INTRODUCTION The protection officer as well as most of the industrialized world depends on multiple infrastructures that are critical to the population. Protection officers have had and will continue to have an important role in providing security to the facilities of these infrastructures. The United States Department of Homeland Security (DHS) describes critical infrastructure as “the physical and cyber systems and assets that are so vital to the United The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00036-5

Energy Sector Financial Services Sector Food and Agriculture Sector Government Facilities Sector Healthcare and Public Health Sector Information Technology Sector Nuclear Reactors, Materials, and Waste Sector Transportation Systems Sector Water and Wastewater Systems Sector References

407 407 407 407 407 407 407 407 407 408

States that their incapacity or destruction would have a debilitating impact on our physical or economic security or public health or safety…” (DHS, 2019a). The officers provide this service based on the infrastructure’s security policies and procedures. In the United States the government has provided and continues to provide a framework for the nation to view and interact with infrastructures that are critical to the survivability of the country. This is not to overlook or downplay the protection efforts of other countries.

403

# 2020 Elsevier Inc. All rights reserved.

404

36. THE OFFICER’S ROLE IN CRITICAL INFO INFRASTRUCTURE PROTECTION

INTERNATIONAL CRITICAL INFORMATION INFRASTRUCTURE PROTECTION (CIIP)

UNITED STATES NATIONAL INFRASTRUCTURE PROTECTION PLAN (NIPP)

To view some of the worldwide efforts The International CIIP Handbook (2008/2009) (Brunner & Suter, 2008/2009), published by the Center for Security Studies (CSS) at ETH Zurich (ETH Zurich, n.d.), provides the critical infrastructure programs of 25 nations. ETH Zurich is a center of competence for Swiss and international security policy. It offers security policy expertise in research, teaching, and consulting activities. This handbook focuses on international governmental efforts to protect critical (information) infrastructure. It identifies critical sectors of 25 countries and 7 international organizations. The 25 countries were surveyed by the CSS who reported their findings in the following sections:

The focus of this section is the United States program. The core document in the US National Infrastructure Protection Plan, referred to as the NIPP, and titled NIPP 2013, is: Partnering for Critical Infrastructure Security and Resilience (DHS, 2013). The plan is published by the United States Department of Homeland Security (DHS). A key statement from the plan shows the importance of critical infrastructure. “Our Nation’s well-being relies upon secure and resilient critical infrastructure—the assets, systems, and networks that underpin American society.” The Presidential Policy Directive-21 (PPD-21) (Interagency Security Committee [ISC], 2015) assigns a federal agency, known as a sectorspecific agency (SSA) (DHS, 2015), to lead a collaborative process for critical infrastructure security within each of the 16 critical infrastructure sectors (DHS, 2019b). Each SSA is responsible for developing and implementing a sectorspecific plan (SSP), which details the application of the NIPP concepts to the unique characteristics and conditions of their sector. SSPs are being updated to align with the NIPP 2013. The NIPP outlines the precepts for the management of risks to the infrastructure. The plan also outlines the vision, mission, and goals for the critical infrastructure community. This community includes protection officers. In most instances the protection officer is the first-line defender of the infrastructure. Protection officers will encounter many threats to the infrastructure. The five evolving threats identified by the NIPP are:

• • • • •

Critical sectors Past and present initiatives and policies Organizational overview Early warning and public outreach Law and legislation

Since we reside in a world community, the seven international organizations and forums surveyed by the CSS were: • European Union (EU) • The Forum of Incident Response and Security Teams (FIRST) • Group of Eight (G8) • North Atlantic Treaty Organization (NATO) • Organization for Economic Cooperation and Development (OECD) • United Nations (UN) • The World Bank Group International protection officers must consult with their country’s critical infrastructure protection authority.

• • • • •

Extreme weather Pandemics Acts of terrorism Cyber threats Accidents or technical failures

II. PRACTICAL AND OPERATIONAL APPLICATIONS

UNITED STATES NATIONAL INFRASTRUCTURE PROTECTION PLAN (NIPP)

Other infrastructure threats the protection officer must face in their duties are: • • • •

Loss prevention and asset protection Domestic crimes Insider fraud and sabotage Intrusions by unauthorized personnel in protected areas • Workplace violence • Demonstrations and worker strikes Therefore, each protection officer, protection officer supervisor, and the protection organization must be familiar with the infrastructure’s protection plan. Additionally, as appropriate, they must be a part of the planning process. International protection organizations must be familiar with the risk protocols necessitating the need for a protection officer. In the United States the NIPP outlines 16 sectors. These sectors are grouped by a common industry focus. Many international partners use the United States infrastructure categorization. These efforts are important because the world is more interconnected than ever before, and threats from natural disasters and cyberattacks do not know or respect international boundaries. However, by working together and continuing an open dialogue, the United States and our international partners can enhance the security and resilience of the critical infrastructure we depend on every day, wherever we may call home (Durkovich, 2013). In Section 4 of the NIPP 2013, there are seven “core tenets” that organizations must consider when planning for critical infrastructure security and resilience (DHS, 2013). They are: 1. Risk should be identified and managed in a coordinated and comprehensive way across the critical infrastructure community to enable the effective allocation of security and resilience resources. 2. Understanding and addressing risks from cross-sector dependencies and

3.

4.

5.

6.

7.

405

interdependencies is essential to enhancing critical infrastructure security and resilience. Gaining knowledge of infrastructure risk and interdependencies requires information sharing across the critical infrastructure community. The partnership approach to critical infrastructure security and resilience recognizes the unique perspectives and comparative advantages of the diverse critical infrastructure community. Regional and State, Local, Tribal, and Territorial (SLTT) Government partnerships are crucial to developing shared perspectives on gaps and actions to improve critical infrastructure security and resilience. Infrastructure critical to the United States transcends national boundaries, requiring cross-border collaboration, mutual assistance, and other cooperative agreements. Security and resilience should be considered during the design of assets, systems, and networks.

The protection officer may be asked to supplement the organization’s infrastructure security and resilience. Therefore, the protection officer must be familiar with and trained on the security and safety aspects of the industry and its critical infrastructure sector. The NIPP designates a federal department or agency as the lead coordinator. This designation is known as an SSA. The key point of establishing the SSAs is for information-sharing processes and sector-specific protocols with private sector partners. This sharing environment improves information quality and timeliness. Once the information-sharing process is established, communications between government and industry is enhanced. Another concept designated by the NIPP is the establishment of sector governing bodies: The Sector Coordinating Councils (SCCs)—Selforganized, self-run, and self-governed private

II. PRACTICAL AND OPERATIONAL APPLICATIONS

406

36. THE OFFICER’S ROLE IN CRITICAL INFO INFRASTRUCTURE PROTECTION

sector councils consisting of owners and operators and their representatives that interact on a wide range of sector-specific strategies, policies, activities, and issues. SCCs serve as principal collaboration points between the government and private sector owners and operators for critical infrastructure security and resilience policy coordination and planning and a range of related sector-specific activities. The Government Coordinating Council (GCCs)—Consisting of representatives from across various levels of government (including federal and SLTT), as appropriate to the operating landscape of each individual sector, these councils enable interagency, intergovernmental, and cross-jurisdictional coordination within and across sectors and partner with SCCs on publicprivate efforts. Critical Infrastructure Cross-Sector Council— Consisting of the chairs and vice chairs of the SCCs, this private sector council coordinates cross-sector issues, initiatives, and interdependencies to support critical infrastructure security and resilience. There are other councils that have regional and cross-sector roles. However, these three councils are the most important groups for a protection officer organization to interact with. If the protection officer organization is employed by a multistate or national company, liaison with a wider council would be appropriate. As mentioned previously, in the United States there are 16 critical infrastructure sectors (DHS, 2019b). These 16 sectors are briefly identified and outlined below. Each sector has a sector guide for the protection officer to study the attributes of the stated sector.

Chemical Sector The Chemical Sector is an integral component of the US economy that manufactures, stores, uses, and transports potentially dangerous chemicals upon which a wide range of other critical infrastructure sectors rely. Securing these chemicals

against growing and evolving threats requires vigilance from both the private and public sector. https://www.dhs.gov/chemical-sector.

Commercial Facilities Sector The Department of Homeland Security is designated as the SSA for the Commercial Facilities Sector, which includes a diverse range of sites that draw large crowds of people for shopping, business, entertainment, or lodging. https:// www.dhs.gov/commercial-facilities-sector.

Communications Sector The Communications Sector is an integral component of the US economy, underlying the operations of all businesses, public safety organizations, and government. The Department of Homeland Security is the SSA for the Communications Sector. https://www.dhs.gov/ communications-sector.

Critical Manufacturing Sector The Department of Homeland Security is designated as the SSA for the Critical Manufacturing Sector. https://www.dhs.gov/ critical-manufacturing-sector.

Dams Sector The Department of Homeland Security is designated as the SSA for the Dams Sector. The Dams Sector comprises dam projects, navigation locks, levees, hurricane barriers, mine tailings impoundments, and other similar water retention and/or control facilities. https://www. dhs.gov/dams-sector.

Defense Industrial Base Sector The US Department of Defense is the SSA for the Defense Industrial Base Sector. The Defense Industrial Base Sector enables research,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

UNITED STATES NATIONAL INFRASTRUCTURE PROTECTION PLAN (NIPP)

development, design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts to meet US military requirements. https://www.dhs.gov/ defense-industrial-base-sector.

Emergency Services Sector The Department of Homeland Security is designated as the SSA for the Emergency Services Sector. The sector provides a wide range of prevention, preparedness, response, and recovery services during both day-to-day operations and incident response. https://www.dhs.gov/ emergency-services-sector.

Energy Sector

407

Healthcare and Public Health Sector The Department of Health and Human Services is designated as the SSA for the Healthcare and Public Health Sector. https://www.dhs. gov/healthcare-public-health-sector.

Information Technology Sector The Department of Homeland Security is designated as the SSA for the Information Technology Sector. https://www.dhs.gov/ information-technology-sector.

Nuclear Reactors, Materials, and Waste Sector

The US energy infrastructure fuels the economy of the 21st century. The Department of Energy is the SSA for the Energy Sector. https://www.dhs.gov/energy-sector.

The Department of Homeland Security is designated as the SSA for the Nuclear Reactors, Materials, and Waste Sector. https://www. dhs.gov/cisa/nuclear-reactors-materials-andwaste-sector.

Financial Services Sector

Transportation Systems Sector

The Department of the Treasury is designated as the SSA for the Financial Services Sector. https://www.dhs.gov/financial-servicessector.

The Department of Homeland Security and the Department of Transportation are designated as the Co-Sector-Specific Agencies for the Transportation Systems Sector. https://www.dhs. gov/transportation-systems-sector.

Food and Agriculture Sector The Department of Agriculture and the Department of Health and Human Services are designated as the Co-Sector-Specific Agencies for the Food and Agriculture Sector. https:// www.dhs.gov/food-and-agriculture-sector.

Government Facilities Sector The Department of Homeland Security and the General Services Administration are designated as the Co-Sector-Specific Agencies for the Government Facilities Sector. https:// www.dhs.gov/government-facilities-sector.

Water and Wastewater Systems Sector The Environmental Protection Agency is designated as the SSA for the Water and Wastewater Systems Sector. https://www.dhs.gov/ water-and-wastewater-systems-sector. The SSP details how the National Infrastructure Protection Plan’s risk management framework is implemented within the sector’s unique characteristics and risk landscape. Each SSA develops an SSP through a coordinated effort involving its public and private sector partners. The protection officer should review the “Sector-

II. PRACTICAL AND OPERATIONAL APPLICATIONS

408

36. THE OFFICER’S ROLE IN CRITICAL INFO INFRASTRUCTURE PROTECTION

Specific Plan” of the sector’s infrastructure being protected. This will allow the protection officer to be cognizant of the threats and vulnerabilities inherent within the sector’s infrastructure.

References Brunner, E. M., Suter, M., & Center for Security Studies (CSS), ETH Zurich (2008/2009). International CIIP handbook 2008/2009. [PDF file]. https://css.ethz.ch/content/ dam/ethz/special-interest/gess/cis/center-forsecurities-studies/pdfs/CIIP-HB-08-09.pdf. Durkovich, C. (2013, May). Working together to enhance critical infrastructure resilience around the globe. The CIP Report, Volume 11, Number 11. Retrieved from https://www. semanticscholar.org/paper/The-CIP-Report-May-2013-2Working-Together-to-the-Durkovich-Delp/ 37ddd486a3126d2c72fa6c8071f9f4560322806d. ETH Zurich. (n.d.). Center for Security Studies (CSS), Department of Humanities, Social and Political Sciences. Retrieved October 11, 2019, from https://css.ethz.ch/en/center.html.

Interagency Security Committee (ISC). (2015, February). Presidential Policy Directive 21 (PPD-21) Implementation: An Interagency Security Committee White Paper. [PDF file]. https://www.dhs.gov/sites/default/files/ publications/ISC-PPD-21-Implementation-White-Paper2015-508.pdf. US Department of Homeland Security (DHS). 2015 sector-specific plans. Retrieved October 11, 2019, from https://www.dhs.gov/cisa/2015-sector-specific-plans. US Department of Homeland Security (DHS). National Infrastructure Protection Plan (NIPP) 2013: Partnering for critical infrastructure security and resilience. [PDF file]. https://www.dhs.gov/sites/default/files/ publications/national-infrastructure-protection-plan2013-508.pdf. US Department of Homeland Security (DHS). (2019a, June 17). Infrastructure security. Retrieved from https://www.dhs.gov/topic/critical-infrastructuresecurity. US Department of Homeland Security (DHS). (2019b, March 3). Critical infrastructure sectors. Retrieved from https://www. dhs.gov/cisa/critical-infrastructure-sectors.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

37 Physical Security Concepts and Applications Kevin T. Doss, Denis A. O’Sullivan, Jeffrey A. Slotnick O U T L I N E Physical Security Planning Assets Identified Loss Events Exposed Occurrence Probability Factors Assigned Impact of Occurrence Assessed Countermeasures Selected

410 410 411 411 412 412

Security Lighting Types of Lamps Application Considerations

415 415 416

Security Glazing Safety/Fire Burglar/Vandal-Resistive Bullet-Resistive Explosion Resistive Special Purpose

416 416 417 417 417 417

Intrusion Detection Detectors/Sensors System Controls Signal Transmission System Monitoring

417 418 419 419 419

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00037-7

Card Access Access Control

420 421

Locking Hardware

422

Network Video

422

Safes and Vaults Locks Burglary-Resistive Safes Burglary-Resistive Vaults Fire-Resistive Containers

425 425 426 427 428

Fencing

428

Underwriters Laboratories

430

Integrated Security Systems

430

Continuing Education

431

Physical Security Certification

431

References

432

Further Reading

432

409

# 2020 Jeffrey A. Slotnick. Published by Elsevier Inc. All rights reserved.

410

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

C H A P T E R O B J E C T I V ES • Define physical security planning • List five steps of the security planning process • List three options for intrusion monitoring • Explain the three primary objectives of security lighting • Provide the three roles of network video systems and access controls • Explain the value of safes, vaults, containers, fencing, and barriers

“[A]n organization’s physical security and their IT security are each at risk from vulnerabilities in the other. One cannot secure their organization without securing both properly. Each is dependent on the other.” —Thomas L. Norman, CPP/PSP, The Compelling Case for Unifying IT and Physical Security, 2017

PHYSICAL SECURITY PLANNING What is “physical security planning?” It is a recognized security process that, if followed, will result in the selection of physical countermeasures based on risk, threat, vulnerability, and consequence. The selected countermeasures should also be justifiable from a cost point of view. In other words, there is a return on investment for the countermeasures implemented which are realized in the prevention of criminal incidents, injury or death to people, theft of property, and harm to reputation. In the security planning process, the organization identifies which assets require protection and the types of risks that could compromise those assets. This critical function determines the level of appropriate countermeasure that is required based on a formally documented

process. Risks are usually categorized into three categories: 1. People—Human resources are usually the most critical asset within any organization, and as such, must receive a stronger consideration when assessing risk. 2. Property—Physical property or intellectual assets. 3. Legal liability—Legal risks can also affect people and property but need to be considered as a separate category. This is due, in part, to the extent that lawsuits affect the security industry these days. Additionally, the security planning process should determine the probability of such occurrences and the impact of loss on the organization if the risk should occur. These steps are critical in determining how to best protect organizational assets and must be performed periodically. An added benefit of the security planning process is the potential for increased security awareness throughout every level of the organization. The security planning process consists of the following five steps: • • • • •

Assets identified. Loss events exposed. Occurrence probability factors assigned. Impact of occurrence assessed. Countermeasures selected. Let’s look at each of these steps.

Assets Identified At first glance, this step would appear easy; however, this is not necessarily the case. Have you ever attempted to take inventory of your personal property? The major problem seems to be “how to”; that is, do we include every nut and bolt? For security purposes, this is not necessary. It should suffice to group assets according to category except where an item is especially attractive (from a thief’s

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PHYSICAL SECURITY PLANNING

viewpoint) and valuable. The following categories should encompass most assets for most companies: – – – – – –

Land Heavy machinery Office equipment Vehicles Goodwill Raw material

– Buildings – Production equipment – Office furniture – Cash or other negotiables – Public image – Finished product

Depending on the nature of the company’s activities, there may be other categories. In any event, there is one asset which has not been mentioned primarily because it is controversial: employees. Employees are a company’s most valuable asset, although some people do not like to group them with all the other assets.

Loss Events Exposed This step consists of exposing all possible threats to the assets that can be identified. As with the grouping of assets, we group threats according to their nature. All threats can be grouped under the following headings: industrial disaster (chemical spills and train derailments), natural disasters (earthquake, hurricane, and other severe weather), and man-made disasters (crime, terrorism, workplace violence, and civil disturbance). Industrial disasters—these should be easy to identify; associated threats are related to the on-site or adjacent activity. The following are typical industrial disasters that might affect most companies: explosions, fires, major accidents, and structural collapse. To correctly assess the threat, you must intimately know the nature of company activity, the nature of activity on adjacent properties, dangerous routes, flight paths, and the existence of nearby major oil or gas pipelines. Natural disasters—the potential for a natural disaster largely rests with the geographic

411

location of the company property. If the property is in the southeast United States, it is reasonable to identify hurricanes as possible loss events. Similarly, if the property is in California, it would be reasonable to plan for earthquakes. Other areas may suggest the need to identify floods or tornados as threats. Civil disturbance—most companies can be threatened either directly or indirectly by actions that can be categorized as civil disturbances. If your company is engaged in weapons technology, or indeed any activity that might be viewed as threatening the environment, it is reasonable to expect that the company might become the target of demonstrators. All labor disputes fall under this heading. Crime—it is relatively easy to identify crimes that might affect company operations. Any or all the following will affect most companies: arson, assault, bomb threats, breaking and entering, theft, and vandalism. If a company is engaged in high-tech, it would be reasonable to also include espionage, extortion, and sabotage as likely threats. Other risks—this is meant to be a catch-all for those threats that do not neatly fit the above categories such as cybercrime and loss of utilities.

Occurrence Probability Factors Assigned Having identified assets and exposed the threats to those assets, the next step is to quantify the possibility that the threat will occur. This is probably the most difficult step in the process. Information must be collected and carefully analyzed to determine its effect on the probability of occurrence. The following affect probability: • The physical composition of structures—for example, wood frame or concrete block. • The climatic history of the area, such as the number and frequency of tornadoes, hurricanes, and earthquakes.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

412

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

• The nature of activity at the property to be protected. For example, if the products being produced are televisions and related products, then the probability for theft will likely be high. • The criminal history for the local and adjacent areas. • Past incidents at other similar organizations. • When there is community conflict in the area. An analysis of the foregoing, coupled with a review of the activity and organization of the company to be protected, will enable one to decide with reasonable accuracy regarding the probability for a loss relative to specific assets or groups of assets. The probability of occurrence will not be the same for all loss events. For this reason, and to facilitate later correlation with impact factors, we must assign probability ratings. While the actual wording is not important, the following are suggested: • • • •

Certain Highly probable Moderately probable Improbable

To make these words more meaningful, we can assign percentage weights to each: certain 75%–100%; highly probable 50%–75%; moderately probable 25%–50%; and improbable 0%–25%.

Impact of Occurrence Assessed This step is not as difficult or as uncertain as determining probability. Impact for almost all organizations has a bottom line of dollars and cents. The most important thing to remember is that dollar losses may be either direct or indirect and that they may be so high as to be crippling to the enterprise. Direct costs are those that can be directly assigned as the value of the asset that has been lost or damaged. Indirect losses are those costs associated with the loss that would not have

been incurred if the loss event had not occurred. An example is downtime. The final task in relation to impact is to assign levels or classifications that will allow for correlation with the four degrees of probability. Again, the actual words are not important; however, the following are suggested: • • • •

Very serious Serious Moderately serious Unimportant

We will see the importance of these ratings shortly. Before we move to the final step, let us recap: we have taken inventory of our assets, identified the threats to those assets, assessed the probability of occurrence for the threats, and assessed the potential impact on company operations if one of these threats were to occur.

Countermeasures Selected This is the final step in the planning process. We now must use all the data we have collected to protect our property in the most efficient manner, while also considering the cost of these countermeasures in relation to the value of our assets. The initial step is to decide on the level of protection needed; the level can range from low to very high. When selecting physical security countermeasures, it is imperative that one use a definable, justifiable, and systematic approach. By standardizing the process, mistakes are less likely to occur and more accurate calculations can be made. In addition, one must document the process and keep accurate written records of the recorded data. This allows for betterinformed decisions regarding the selection and implementation of physical security countermeasures. Additionally, when the process is repeated at regular intervals we can determine if the situation is getting better or worse. The best way to obtain program funding is to document and demonstrate improvement over time.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

413

PHYSICAL SECURITY PLANNING

a complex pattern of different levels of protection. This is not as confusing as we might expect, particularly if we think in terms of security-indepth. Security-in-depth, also known as layered protection, is a concept that means placing a series of progressively more difficult obstacles in the path of an aggressor, requiring the aggressor to have more skills and more complex equipment and tools. These obstacles are often referred to as lines of defense. The first line of defense is at the property line. Methods of defense at this point may be either natural, such as a river, or man-made, such as a fence. Additionally, the barrier may be psychological or physical. At the very minimum, the property boundary must be defined in some

There are several methods or processes available to the security practitioner when selecting countermeasures; however, the simplest method to ascertain the desired levels of protection is a matrix as illustrated in Fig. 37.1. For example, consider the threat of fire. The probability of a fire can be rated as “moderately probable” for most types of businesses; from a criticality point of view, we must consider fire as potentially “very serious.” Referring to our matrix, we can quickly see that the recommended level of protection is “level IV,” the highest level possible. This would suggest using an effective detection system coupled with an efficient suppression system. The large number and variety of assets and associated threats mean that we will end up with

Threat level matrix Improbable

Moderately probable

Highly probable

Certain

Unimportant

I

I

I

I

Moderately serious

I

II

II

II

Serious

II

III

III

IV

Very serious

III

IV

IV

IV

Levels of security I Low II Medium III High IV Very high

FIG. 37.1

Threat level matrix.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

414

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

way that separates it from its neighbors. Psychological barriers, such as property definition, do not necessarily impede would-be trespassers; however, they do play an important role in the rights of the property owner. The second line of defense is the exterior of buildings. Controls at this point should be difficult for a perpetrator to overcome. It is important to remember that all six sides of structures (roof, floor, and walls) may present weaknesses that must be strengthened. Special attention must be given to the usual points of breaking and entering: doors, windows, and skylights. In fact, any opening greater than 96 in2. in area and less than 18 ft from grade must be protected. It is usually at this line of defense that electronic intrusion detection devices and electronic access controls are used. The third line of defense is interior controls or object protection. Controls at this line of defense include electronic/video motion and intruder detection devices, access controls, safes, vaults, document storage cabinets, quality locking devices, and fire protection. Applying the security-in-depth concept means more than simply establishing three lines of defense that will meet all your needs. Ideally, we would apply the principle first to the property in general terms as described above, and then to each asset separately. An example would be an industrial complex and an asset such as information.

The complex itself will probably be protected by a perimeter fence. Each building within should be properly secured and electronic intrusion detection systems included. In addition to this general protection, we should attempt to establish protective rings around the information and cyber information. For example, the information should be stored in a safe or server room (third line of defense), the room should have interior motion detection (second line of defense), and access to the room should be through a door equipped with proper locking hardware and possibly a card access system (the first line of defense) (Fig. 37.2). Selecting appropriate countermeasures is a difficult task, requiring considerable practical experience and extensive knowledge of the various controls and their strengths and weaknesses. Additionally, integrated technologies offer expanded capabilities. Effective planning will result in a cost-justified, integrated protection program. An integrated protection program results from a systems approach to selecting controls. The following are two important points in relation to using a systems approach: 1. The whole, as well as each separate part, must be considered. 2. Design should allow for an acceptable level of redundancy, without any unnecessary duplication of effort.

Alleys and rear properly lighted

Doors locked and barred Roof openings secured Alarm system throughout store, 24-h phone number available Locks modern and adequate

Fence in good repair Windows locked, barred, or well secured Access to roof protected Debris cleared

Safe lighted and in open view Building interior well lighted

FIG. 37.2

Cash draw empty and open to prevent damage

Defense around exterior of building.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

SECURITY LIGHTING

A systems approach is often referred to as “systems engineering.” The remainder of this chapter will concentrate on the physical components of a protection program. While space will not permit detail, we will attempt to explain the major points relative to security lighting, security glazing, intrusion detection, card access systems, locks and keying, network video, safes and vaults, and fencing.

SECURITY LIGHTING Security lighting has three primary objectives: 1. It must act as a deterrent to intruders. 2. It must make detection likely if an intrusion is attempted. 3. It should not unnecessarily expose patrolling personnel. Lighting systems are often referred to as “continuous,” “standby,” and “movable” or “emergency.” Continuous lighting is most commonly used. Lamps are mounted on fixed luminaries and are normally lit during the hours of darkness. Standby lighting is different from continuous lighting in that the lamps are only lit as required. Movable or emergency lighting is portable lighting that may be used to supplement either continuous or standby lighting. Light sources may be incandescent, gaseous discharge, or quartz lamps. The common lightbulb emits incandescent light. Gaseous discharge lamps are street-type lighting and may be either mercury vapor or sodium vapor lamps. Mercury vapor lamps emit a strong light with a bluish cast. Sodium vapor lamps emit a soft yellow light. Both types of gaseous discharge lamps take 2–5 min to reach

415

maximum intensity. They are very effective in areas where fog is prevalent. A word of caution in relation to gaseous discharge lamps is that they make color identification unreliable.

Types of Lamps A light emitting diode (LED) is a two-lead semiconductor light source. Its diode emits light when activated. LEDs are typically small, and integrated optical components may be used to shape the radiation pattern. LEDs have many advantages over incandescent light sources, including size and faster switching. Smart LED bulbs allow lighting to be voice activated or controlled remotely and scheduled via the Internet. Metal halide lamps are also of a gaseous type, but due to the excellent color rendition this lamp offers, it is recommended for many security applications. Metal halide lamps can be used very effectively with color NETWORK VIDEO cameras due to the light properties which imitate natural daylight. The downside of this lamp is that it is expensive to use. Incandescent lamps are typically used in residential homes for lighting. They are very inefficient and have limited use for security purposes due to being expensive and their short lifecycle. Quartz lamps emit a very bright white light. Lighting may be classified as floodlights, searchlights, fresnels, and street lighting. The difference between floodlights and searchlights is that searchlights project a highly focused beam of light, whereas floodlights project a concentrated beam. Fresnels produce a rectangular beam of light and are particularly suitable for illuminating the exterior of buildings. Streetlights produce a diffused light and are suitable for use in parking areas and driveways. Certain lighting intensities are recommended for specific situations.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

416

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

Location

Lighting Intensity

Perimeter or property boundary Parking lots (open) Parking garage (enclosed) Vehicle entrances Pedestrian entrances (active) Exterior of buildings Open yards

0.15–0.4 fc 2.0–3.0 fc 5.0–6.0 fc 1.0 fc 5.0 fc 1.0 fc 0.2 fc

The foregoing is suggested lighting intensities only; specific circumstances may dictate different intensities. To explain the suggested intensities, “fc” means foot-candle and simply refers to the amount of light emitted within 1 ft2 of a lit standard candle.

Application Considerations 1. When designing a protective lighting system, consider three lines of defense: the perimeter, open yards, and building exteriors. 2. Illumination of transaction areas, such as ATMs, fare handling machines, and other online transaction stations should be adequately illuminated, independently of the surroundings. 3. All accessible exterior lamp enclosures should be in tamper- or vandal-resistive housing. This means that the receptacle and lens should be constructed of a material that will resist damage if attacked and that the mounting screws or bolts should be tamperresistant. 4. If protective lighting is to be in an area that may be subject to explosions, the housings should be explosive-resistant. 5. Before finalizing any decision on the installation of lighting, consider the impact that additional lighting will have on the neighbors. Failure to consult with a neighbor prior to installation may result in costly redesign.

The foregoing is a presentation of the basics of security lighting. Prior to utilizing any of the suggested standards, please check local codes or ordinances.

SECURITY GLAZING The various uses, methods of fabrication, and an overabundance of trade names make the selection of an appropriate glazing material appear very confusing. To simplify the process, we will address the subject under the following headings: • • • • •

Safety/fire Burglar/vandal-resistive Bullet resistive Explosion resistive Special purpose

Safety/Fire Under this heading, we are basically looking at two types of glass: tempered and wired. Tempered glass can be considered safety glass, as it is several times stronger than ordinary glass. It is especially resistive to accidental breakage. If it does break, it will disintegrate into small pieces with dull edges, thereby minimizing the risk of injury. Tempered glass is available in different thicknesses to suit different purposes. Wired glass is glass with a wire mesh built into it. The wire is embedded in the glass when it is still in its molten state. Wire glass resists impact because of its strength. It is also listed by Underwriters Laboratories as a fire-retardant material. Here are some suggested uses for safety/fireretardant glass: 1. 2. 3. 4.

Passageways Entrance doors and adjacent panels Sliding glass doors Bathtub enclosures and shower doors

II. PRACTICAL AND OPERATIONAL APPLICATIONS

INTRUSION DETECTION

Burglar/Vandal-Resistive Several types of burglar/vandal-resistive glazing materials are available, including laminated glass, wired glass and acrylic, and polycarbonate plastics. Laminated glass will resist degrees of impact proportionate to its thickness. This type of glass is particularly valuable where the quality of transparency is important and where other types of impact-resistant material may be subject to vandalism. Wired glass provides resistance of a limited nature; it will not resist prolonged attack. Acrylic plastic is particularly resistive to forced attack; however, it is not as resistive as polycarbonate. It is, however, much more transparent than polycarbonate. Polycarbonate plastic is 20–30 times stronger than acrylic of comparable thickness.

Bullet-Resistive Bullet-resistive material is available in the form of laminated glass or acrylic and polycarbonate plastics. Bullet-resistant laminated glass consists of multiple piles of glass and plastic material laminated together. Highly transparent, bullet-resistant acrylic material is suitable for many cash-handling situations, such as those which occur in banks. Polycarbonate, consisting of several sheets of plastic laminated together, is highly resistive to ballistics; however, visibility is somewhat impaired.

Explosion Resistive When required, explosion resistive glazing is designed by an engineer using specific standards which include two American Society for Testing and Materials (ASTM) standards: ASTM F1642 (airblast loadings), ASTM F1233 (ballistics and physical attack); as well as the UL standards for burglar-resistant and bullet-resistant glazing. These standards enable building owners and designers to better understand the performance of security glazing as a means of reducing the

417

risk of personal injury and physical damage to a facility. The ISO (International Organization for Standardization) 16933:2007 “Glass in building—Explosion-resistant security glazing— Test and classification for arena air-blast loading” is useful for the same purposes as for an international organization.

Special Purpose Under this heading, we will look at transparent mirror glass, coated glass, heated glass, and rough or patterned glass. Transparent mirror glass may be installed in a door or in a wall. From one side, it is functionally a mirror, and from the other, it permits an unobstructed view through the mirror. The primary purpose of transparent glass is for surreptitious surveillance. Flow-on or cement-on plastic coating is available for application to existing installed glass. This material may serve well as an interim measure until a more appropriate vandal-resistive material can be installed. Rough or patterned glass is available with many different designs that make it range from practically opaque to practically transparent. This type of glazing is most appropriate where there is a conflict between the need for privacy and naturallight.

INTRUSION DETECTION Every intrusion detection system is meant to detect the following: 1. Unauthorized entry 2. Unauthorized movement within 3. Unauthorized access to controlled areas or objects There are four components to an intrusion detection system: 1. 2. 3. 4.

Detectors/sensors System controls Signal transmission System monitoring

II. PRACTICAL AND OPERATIONAL APPLICATIONS

418

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

Detectors/Sensors The design and implementation of intrusion sensors are critical for any physical security program. Intrusion sensors are typically integrated with physical barriers, such as a door or window, and must take environmental conditions into consideration to be effective. Selection of the appropriate detector, from the numerous and varied options available, is often a difficult task. The end user is well-advised to become familiar with the different types of detectors/sensors available and must evaluate both the application and environmental conditions prior to implementation. If relying on advice from a vendor for proper intrusion sensor selection, it is essential that the end user describe their objectives and make the vendor contractually responsible for meeting those stated objectives. In the following paragraphs, we will look at different types of detectors: magnetic switches, metallic foil, audio, vibration, ultrasonic, photoelectric, passive infrared, microwave, dual technology, and video motion. Magnetic switches—these are often referred to as door contacts. They may be either surface-mounted or recessed. The choice is largely an aesthetic one; however, the recessed ones do afford more protection from tampering. Switches are commonly “unbalanced,” which means that they may be defeated by substitution of a secondary magnetic field, to keep the contacts in the open position, while the detector magnet is moved away from the housing containing the contacts. For high-security applications, a “balanced” switch is available. This switch is designed to withstand defeat by the creation of a secondary magnetic field. Magnetic switches have many potential uses in addition to their traditional use on doors and windows. They may be used on desk or file cabinet drawers or to secure equipment to a fixed position. Metallic foil—this is a narrow strip of metal foil designed to break if the surface to which it is

attached is attacked. It is mostly used as a glass breakage detector and is commonly seen on storefront windows and glass doors. However, metallic foil is rarely used today. Vibration—vibration detectors are shock sensors. They may be used to detect persons climbing chain-link fencing, breaking through walls, or attacking safes or other containers. As glass breakage detectors, they are very effective and not too expensive. Ultrasonic—these are motion detectors. A protected area is flooded with an oval pattern of sound waves. As the sound waves bounce off objects, they reflect a signal back to a receiver. Any movement in the protected area will cause a change in the reflected pattern, which will result in an alarm. Ultrasonic sound waves are in a frequency range that is above the capacity of the human ear. These detectors are particularly susceptible to false alarm due to air turbulence. Photoelectric—a beam of light is transmitted to a receiver. The transmitter and receiver may be in one housing with the beam reflected. Any interruption of the beam causes an alarm. These devices are commonly used as automatic door openers or in stores to ward off a customer from entering. When used for security purposes, different methods are used to make the beam invisible to the naked eye. Either an infrared LED is used or an infrared filter is simply placed over the light source. Either method effectively makes the beam invisible. Infrared—these are probably the most versatile detectors currently available. Patterns of coverage are available that will protect practically any configuration of space. They can be used effectively to protect long narrow corridors, portions of rooms, or entire large rooms. An infrared detector is often referred to as a passive infrared detector (PIR) and “consists of two halves because its purpose is not only to detect infrared waves but also to indicate a change as a signal for motion. The sensor is idle when there is no motion in the detection field.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

INTRUSION DETECTION

However, when a person or another living thing that radiates heat, such as an animal passes in the field range, it produces positive differential change in the first half on its way in and a negative differential change in the second half of the sensor on its way out” (Kisi, 2019). When activated, they simply establish the ambient temperature. From that point on, any significant deviation will result in an alarm. Microwave—microwave detectors use highfrequency radio waves to establish a protected area. They are particularly suitable for use in areas where air turbulence or changing air temperatures may prohibit the use of ultrasonic or infrared detectors. A major weakness with microwave is that it can penetrate beyond a protected area. Microwaves will penetrate practically all surfaces except concrete and metal. Dual technology—dual technology sensors combine two technologies into a single sensor. An example of this would be to combine a passive infrared sensor with a microwave sensor. An alarm signal is not generated until both sensing devices are triggered. Thus, the use of such technology should result in fewer nuisance alarms being generated if installed correctly and applied properly. Video motion—network video cameras, which incorporate video content analysis (VCA; also known as video content analytics), have the capability of automatically analyzing video to detect and determine temporal and spatial events when programmed using complex algorithms to identify predetermined behaviors such as a bag left behind, facial recognition, traffic moving opposite direction of flow, license plate recognition, and virtual fence crossings.

System Controls System controls consist of components that transform individual detectors/sensors into a network of intelligence-gathering devices.

419

System controls include data processing equipment, signal transmission equipment, on/off and reset controls, backup power supply, LED system status indicators, and any other equipment specific to a particular system. The data processing equipment basically acts as a receiver and interpreter of signals from the sensors/detectors and reacts to these signals in accordance with preprogrammed instructions.

Signal Transmission The signal transmission equipment is the means by which an alarm is raised. This equipment may simply activate a local siren, send a message to a smart device, or it may send a signal over a wire to a remote monitoring location. The on/off and reset controls can be keys, toggle switches, or digital keypads. The digital keypad is recommended. The backup power supply is essential in case the electrical power supply fails or is sabotaged. The LED system status indicators use different colors to indicate whether the system is on or off, or if there is trouble in the system. The usual colors are red for system okay (but in the off mode), yellow for trouble somewhere in the system, and green for armed and properly functioning.

System Monitoring There are basically three options: 1. Local 2. Proprietary 3. Commercial A local system can integrate with a computer, smartphone, or iPad to communicate an alarm, in the event of a holdup of the monitoring personnel. Commercial monitoring falls into two categories: monitoring stations or answering services.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

420

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

The answering services are useful for the economical monitoring of signals transmitted by telephone dialers; however, this is not for high-security systems and not recommended. Commercial monitoring stations are either Underwriters Laboratories (UL) approved, or they are not. UL-approved is the best guarantee of quality service. Note: An initial step in planning an intrusion detection system is to identify zones of protection in the building that will create a series of independent subsystems. Each subsystem should (1) be compatible with normal operations, and (2) allow for prompt response to a specific problem area. When the functional requirements of a system have been identified, the system engineering should be left to experts.

CARD ACCESS The decision to use or not to use a card access system should be based on the perceived need for accountability and the accompanying financial considerations. An objective statement for a card access system might read: “To economically eliminate the inherent security weaknesses in key access systems by electronically supervising and documenting the activities or persons authorized to access the property.” To be useful, a card access system should have the following minimum capabilities: • Restrict access by authorized persons to certain locations, times, and/or days of the week. • Allow controlled after-hours access to selected areas within. • Control after-hours access to a parkade. • Selectively control after-hours use of elevators. • Maintain a record of all valid and invalid use of cards. • Provide an audit trail permitting a digital record of persons on the property at any one time.

There are numerous types of cards: • • • • • • •

Magnetic coded Magnetic strip coded Proximity coded Wiegand coded Hollerith Optical coded Chip coded

The magnetic coded card contains a sheet of flexible magnetic material on which an array of spots has been permanently magnetized. The code is determined by the polarity of the magnetized spots. The magnetic strip encoding is widely used in commercial credit cards. The proximity card is a badge into which electronically tuned circuits are laminated. The badge gets its name from the fact that it must be held near the reader for authorized access to be granted. The reader for this card is concealed in the wall behind drywall or paneling. The Wiegand-coded badge contains a series of parallel wires embedded in the bottom half of the badge. Each wire can be assigned a logic “0” or “1”; the combination reveals the ID number. The Hollerith badge is easy to recognize because the card has small rectangular holes punched in it. It cannot be considered a highsecurity badge. The optical coded badge is easy to recognize if it uses a barcode as its encoding device. The barcode is commonly used on retail goods to assist the cashier with pricing. A smart card, chip card, or integrated circuit card (ICC) is any pocket-sized card that has embedded integrated circuits. Smart cards are typically made of plastic. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Smart card standards are contained within Homeland Security Presidential Directive 12 and The Federal Information Processing Standard (FIPS) Publication 140-2 (FIPS PUB 140–2) and is a US government computer security standard used to accredit cryptographic modules.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

421

CARD ACCESS

The title is Security Requirements for Cryptographic Modules (National Institute of Standards and Technology [NIST], 2001). All the commonly used coded cards are reliable and, except for the Hollerith badge, are reasonably resistive to being compromised. Although it is not recommended, many organizations like to use their access cards as both an access card and an identification badge. Smart cards can be used for both physical and cyber access control. The information contained in the normal employer ID card can be incorporated into any access card: • • • • • • • •

Company name and logo Details of cardholder Name Department Date of birth Signature Photograph Conditions of use (restrictions)

Badge input into reader

This is not recommended, however, because if the card is lost, it will be obvious to the finder that it is owned by an organization, which may lead to unauthorized use of the card. There are many different card readers; the significant difference among them is the addition of a secondary method of verification or confirmation, such as the requirement for insertion of a personal identification number (PIN), through a numerical keypad. The use of a numerical keypad usually offers the valuable option of allowing a user to signal that he is operating under duress. Fig. 37.3 shows the functional operation of a card access system.

Access Control In addition to card access, another form of access control is where mobile or Smartphone users just hold their phone to a Bluetooth or Near Field Communications (NFC) reader, and

Proper type of badge

Send badge number for analysis

Badge number analyzed

Valid badge number

Time zone allows access

Door opens for seconds

Door relocks

FIG. 37.3

Functional operation of a card access system.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

422

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

the door will unlock, and the permissions (log-in credentials) are checked in the background. The Internet of Things-based (IoT) door readers have powerful sensors with auto-updating firmware and Internet connectivity that can be updated for security reasons or to add new functionality (Kisi, 2019).

LOCKING HARDWARE Locking hardware can be categorized as mechanical, electrical, or electromagnetic, and as either security or non-security. Quality mechanical security locks should be used for all the following: • Perimeter openings • Doors that control/restrict internal movement • Doors to sensitive/restricted areas Only deadbolt locks should be considered. The bolt should offer a minimum of a 1-in throw, where the bolt passes 1-in into the door frame. If the door is a glass metal-framed door, the bolt should be of the pivotal type to ensure maximum throw. Electric locks are particularly suitable for the following: • Remote control of the after-hours pedestrian entrance door • Grade-level emergency exit doors • Exit doors from stairwells to grade level • All stairwell doors Electric locks are available where the strike is normally in the locked or unlocked position. Electromagnetic locks are particularly suitable for use on emergency exit doors, as there are no moving parts that can accidentally become jammed. Several conditions must be met before this type of lock can be used on an emergency exit door: • A manual or automated egress device to unlock door within proximity

• When activated, the fire alarm system must be able to automatically deactivate the locking device • Each location must have a fire pull station in its vicinity, and its activation must automatically deactivate the lock Note: It is essential that the fire department is consulted prior to any final decision on the locks of any door that may be considered an emergency exit. Get their decision in writing, and carefully consider it before compliance. Emergency exit devices that are normally used on emergency exit doors cause a justifiable security concern. If permitted, only quality electric or electromagnetic locks should be used. If electric or magnetic locks cannot be used, great care should be taken to ensure the emergency devices use such features as the following: • Deadbolts • Deadlocking latches • Vertical locking bars for pairs of doors Remember that emergency exit devices can be connected to a proprietary or commercially monitored alarm system. Loud local alarms are also an effective way to protect emergency exits. Locks can also be actuated through use of a biometric reader.

NETWORK VIDEO Network video has three major roles in any physical security program: • To deter crime or unwanted activities • To allow the ability to witness an act as it occurs • As an investigative tool after an act has already been committed Although network video is typically used to monitor a property or facility for crime prevention purposes, there is a multitude of applications with which this technology can be used to

II. PRACTICAL AND OPERATIONAL APPLICATIONS

NETWORK VIDEO

visually monitor events. Network video is a great tool for assessing a real-time situation involving crowd control and responding to personnel movements. In addition, it can be used to capture customer movement and behavior in the retail environment as well as to monitor internal staff as they work. Network video can also remotely watch traffic flow on highways and monitor weather activity in specific areas. Network video technology has progressed quickly in recent years. The advent of softwarebased analytics has skyrocketed the capabilities of network video. “Intelligent video,” as it is known, can offer tremendous capabilities under the right circumstances. As with any network video system, the surrounding environment can adversely affect the effectiveness of any network video program. That being stated, here are a few network video software feature sets that fall into the intelligent video realm: • • • • • • •

Video motion detection (VMD) People counting and tracking Object classification, counting, and tracking License plate recognition Facial recognition Crowd detection Psychology of motion (still under development)

Intelligent video is currently used in some of the largest cities in the world to detect criminal activity and other issues, such as traffic problems, loitering, and riot activity. Among the tremendous benefits of using technology to detect certain events, intelligent video may allow for the reduction of manpower by harnessing technology to increase efficiency and accuracy of network video systems. There are three main views that a standard network video system should provide, depending on the application requirements: 1. Identification of any subjects. 2. Identify the actions within a scene. 3. Identify the scene where the act occurred.

423

Subject identification is based on the principle that whoever or whatever is viewed must be identifiable beyond any reasonable doubt. This includes capturing specific features that could identify the person, such as nose, ears, and eye characteristics. As an example, the scene view usually will provide about 25% coverage of the person being viewed. The subject identification view is critical when used with facial recognition software, as the facial features must be captured to have a reasonable success rate in identification. Action identification is a view that can assess what has occurred within a given area. This level of video surveillance can usually determine what has occurred. A good example might be that a painting was stolen or that an act of violence occurred. Another illustration of an action identification view would be in a retail environment to determine how a retail customer purchases specific goods while shopping, and which advertisement was most effective in gaining additional sales. The action view usually comprises about 10% of the total scene image. Identification of a scene view is based on being able to identify where an act took place. An example might be in a lobby or in a specific department. Each scene must stand on its own merit and be identifiable during playback. Weather monitoring is another example of an application using a scene view. Great care must be exercised in designing a network video system to ensure that the objectives are achieved. Caution is also necessary to ensure that costs do not get out of hand. This is a common problem when the system is not designed by a security expert. The following are suggested practical applications for network video: • Parking areas, entrances/exits, shuttle elevator lobbies, stairwells, and elevators • Shipping/receiving areas • Main floor elevator lobbies • Cross-over floors • Cash handling areas

II. PRACTICAL AND OPERATIONAL APPLICATIONS

424

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

All network video systems are made up of several components that an end user should be, at the very least, familiar with. The following is a brief description of each component: Cameras—a primary consideration in relation to camera selection is the available light, image quality, day/night use, field of view and depth of view. The two most common cameras in use today are the charge coupled device (CCD) and the complementary metal oxide semiconductor (CMOS). Both are relatively stable camera platforms that outperform older camera technology. Lenses—there are three major types of lenses available for cameras today. They are fixed lens, varifocal lens, and zoom lens. The fixed lens only offers a single point of view and is best used on indoor applications due to the more consistent environment. The varifocal lens offers a range of views and great flexibility in application, as long as the range is within the lens capabilities, and the lens does not need to be refocused. The zoom lens, by contrast, is best for situations in which the lens needs to be refocused, should one change the field of view. The focus on a zoom lens is maintained either through manual or motorized adjustments. Housings—several types of housings are available. They fall into two categories: aesthetic and environmental. Housings can also effectively disguise the existence of a camera. Monitors—monitors are available in different sizes and in color, monochrome, or LCD. When a quality image is required, it is necessary to use a high-resolution screen. Sequential switches—it is not necessary, or usually desirable, to have a monitor for every camera. By using a sequential switcher, the image from two or more cameras can be routinely rotated for viewing on one monitor. When required, an operator can lock on the image from one camera for select viewing. Motion detectors—cameras are available with built-in motion detection capability. If movement occurs within the field of view of the camera lens, an alarm will sound at the control center, or

a video recorder will be activated to record the activity that caused the alarm. This feature is very valuable when using a large number of monitors. Pan/tilt/zoom—the need to use several cameras to cover an area or activity can be avoided by carefully positioning one camera and providing pan/tilt/zoom features. Controls—in addition to the normal television controls, controls will be required for whatever special features are built into the system. Consoles—the design of a control center console that houses a network video system is definitely an engineering task. Care must be exercised to ensure operator comfort, particularly in relation to viewing angles and ease of accessibility of controls. Video recorders—a network video system should be considered incomplete if it does not have the ability to selectively record events. Recording can be done on VHS recorders; however, these are quickly being replaced by digital video recorders (DVRs) and by network video recorders (NVRs). In some cases, the recordings are sent directly to a computer server using a graphical user interface (GUI). The GUI eliminates the need for a separate recording “box” by using software to manage the recordings. Another storage option is Cloud storage. Cloud storage is the term for saving files to a remote storage system accessed online instead of, or in addition to, saving files on an NVR or computer hard drive. This gives several advantages over saving all surveillance videos on an NVR, including the ability to access videos from anywhere, and larger storage capacity than an NVR may have. Cloud storage is easy to use and requires minimal equipment. Cloud storage can benefit a surveillance system in many ways: • Video files are easily accessible from anywhere using a computer, smartphone, or tablet.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

425

SAFES AND VAULTS

• Files are not stored locally, so even if your equipment is damaged or stolen, the videos are still safe. • Many organizations choose to save video for long periods of time, especially in case of accidents in the workplace; Cloud storage makes it easier to keep those files without taking up limited space on a hard drive. • Cloud storage can also be used as a backup for an NVR or hard drive even if it’s not the main storage solution.

For an example of a typical network video system, see Fig. 37.4.

Day/time generators—this feature has potential benefits in specific circumstances—for example, where no immediate incident response capability is available, or if the recording may be required as evidence in court.

Safes are available with three types of locking systems:

SAFES AND VAULTS Safes and vaults are designed to offer varying levels of protection from specific risks— namely burglary, robbery, and fire.

Locks

1. Single combination 2. Single key lock combination (see Fig. 37.5) 3. Dual combination (see Fig. 37.6)

Video Management Software & Recorders

Video Management System

IP cameras

Internet

Network Switch Remote Computer Monitor Stations

Local Computer Viewing Stations FIG. 37.4

Typical network video system.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

426

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

FIG. 37.5

Single key lock combination.

FIG. 37.6

Dual combination locks.

With the single combination option, an unaccompanied person with the combination can access the contents at any time. The second option, a key lock combination, requires that two persons be in attendance to open the safe. One person has the key to unlock the combination-turning mechanism, and the other has the combination to unlock the safe. The third option is similar to option two in that two persons must be in attendance to open the safe. Each person has only one of the combinations.

Burglary-Resistive Safes In addition to their actual construction, burglary-resistive safes have several protective features: • • • • • •

Locks Interior design Depository Time locks Time delay locks Relocking device

• Extra weight • Floor anchoring • Counterspy dials Interiors—sufficient options are available in interior configurations so that the need for customization can be avoided. Available features include fixed or adjustable shelving and enclosed compartments that may be either key or combination-locked. Available options increase proportionately to the size and cost of the safe. Depository—this feature permits the insertion of property, most often cash, without allowing access to the safe contents. The depository is usually fitted with an antifish baffle device to inhibit retrieval of deposited property. Time locks—time locks prevent access to the safe contents for predetermined time-frames by persons normally authorized for access. For example, when a bank safe is locked at the close of the business day, it cannot be opened again until the following morning. Should the bank manager be taken from his home forcibly, he cannot be forced to open the safe.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

427

SAFES AND VAULTS

Time-delay locks—this feature is designed to protect against a holdup. Opening a safe equipped with this feature requires keying the lock, followed by a predetermined waiting period before the locking mechanism will unlock. A safe with this feature is often used at late-night convenience stores or 24-h gas stations. Relocking devices—these devices are designed to act as a secondary locking feature if the normal one is attacked. For example, if someone attacks the combination dial with a sledgehammer, the relocking device will activate. After this happens, only a qualified safe expert can open the safe. Extra weight—to prevent thieves from simply walking away with a safe, it is recommended that a safe weigh a minimum of 340 kg or 750 lbs. Most large safes do weigh 340 kg, and smaller ones can be ordered with extra weight added. Floor anchoring—an acceptable alternative to extra weight, where extra weight may present problems. Counterspy dials—it is not uncommon for thieves to note the combination of a safe while surreptitiously viewing it being unlocked. A counterspy dial prohibits anyone other than the person immediately in front of the dial to see the numbers, and only one number is visible at a time. Apart from the foregoing obvious security features, we can tell little about a safe by looking at it; nowhere can appearances be more deceptive. For this reason, a purchaser has to rely on a particular vendor or on an independent appraisal. An independent appraisal is available from Underwriters Laboratories Inc. (UL). If a manufacturer submits a product sample to UL, they will conduct various tests and issue authority to the manufacturer to affix a specific label to the protected line. The following UL labels are available:

UL Labels

Resistant to Attack From

T.L.-15

Ordinary household tools for 15 min

T.L.-30

Ordinary household tools for 30 min

T.R.T.L.-30

Oxyacetylene torch or ordinary household tools for 30 min

T.R.T.L.-30 6 Torch and tools for 30 min six sides X-60

Explosives for 60 min

T.R.T.L.-60

Oxyacetylene torch for 60 min

T.X.-60

Torch and explosives for 60 min

T.X.T.L.-60

Torch, explosives, and tools for 60 min

Safe manufacturers sometimes assign their own ratings. An assigned rating will usually mean that the safe offers a level of protection that compares to what UL would assign if given the opportunity to test. A concern exists, however, that without an independently assigned rating or classification, a purchaser has no way of verifying the expected level of protection.

Burglary-Resistive Vaults Any storage container specifically designed to resist forcible entry and large enough to permit a person to enter and move around within while remaining upright, can be considered a vault. Vault construction consists of: reinforced concrete walls, floor and ceiling, and a specially constructed vault door. Any consideration to build/purchase (prefabricated vaults are available from most large safe manufacturers) must be carefully assessed to ensure cost-effectiveness. The assessment must recognize that the value of the asset to be stored in the vault will likely attract the professionally competent thief. The impact of this is that, regardless of construction, the vault will only delay penetration.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

428

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

In addition to applicable features as mentioned for “burglary-resistive safes,” the possibility that an employee (s) may be locked into the vault accidentally, or deliberately in a robbery situation, must be considered. To ensure the safety of employees, all vaults should be equipped with approved vault ventilators and a method of communicating to those outside the vault.

Fire-Resistive Containers Insulated safes, filing cabinets, and record containers that offer varying degrees of protection to contents from exposure to heat are available. The appearance of fire-resistive containers can be particularly deceptive—of necessity, the construction material is totally different from burglary safes. The insulation material used in fire-resistive containers offers little protection from physical assault. Two very important points in relation to fireresistive containers are: 1. Paper records will be destroyed at temperatures in excess of 350°F (159°C). 2. Computer tapes/disks will be destroyed at temperatures in excess of 150°F (66°C). Underwriters Laboratories tests fire-resistive containers for their ability to protect contents when exposed to heat. Tests are also conducted to determine the container’s ability to survive a drop, as might happen when a floor collapses in a fire situation. Note: It is of the utmost importance to remember that safes and vaults are only designed to delay entry when attacked; they are not impenetrable. For this reason, safes and vaults should always be protected by a burglar alarm system. Similarly, alarm systems should be used to protect the records and contents of safes from theft.

FENCING The subject of fencing is a much more interesting and important topic than most people

first realize. Fencing has been used throughout history as a defense against enemies—the walled city of Pompeii dates to 800 BC, and it was not uncommon for the complete frontiers of kingdoms in China to be walled (origin of the Great Wall of China). Closer to home, the old city of Quebec remains the only enclosed city in Canada and the United States. Modern acts of terrorism and civil disturbance have resulted in innovations in the types and usage of fencing. Barbed tape (razor ribbon), a modern version of barbed wire, is a very effective (if not vicious) defensive, or should we say offensive material. Its use is rarely justified, except where the highest standards of security are necessary—for example, in a federal penitentiary. The use of barbed tape in industrial facilities is not common in North America. Barbed tape can be used in coils along the top of fences, instead of the conventional barbed wire overhang. In very high-risk situations, coils of barbed tape stacked in a pyramid configuration between a double conventional fence will provide a very effective defense. Another product of modern terrorism is the freely rotating barbed wire fence topping recently developed in Ireland. When a wouldbe intruder grabs the overhang to gain leverage, a second overhang simply rotates into place. This is more effective than the conventional overhang and much more acceptable for routine application than coils of barbed tape. Fencing, as used in most applications, is the common chain-link type with a barbed wire, outward facing overhang. A major weakness with the chain-link fence is the ease with which it can be climbed. To overcome this problem, the British developed the “welded mesh fence.” Compared to the 2-in2. opening in chain-link fence fabric, the welded mesh fence has openings of 1.5 in2. The openings are 3 ½ and run vertically. The narrowness of the openings makes it almost impossible for a climber to gain purchase. The width of the openings also inhibits the use of wire or bolt cutters.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

FENCING

Prior to making any decision on the location and type of fencing, it is necessary to conduct a walk-through of the enterprise’s operation. For this article, we will discuss the fencing requirements for a typical manufacturing plant located in an industrial area of a large city. The objective of the fencing program is twofold—to control movement to and from the property and to minimize the need for costly manpower at control points. The latter is to be attained by keeping the number of perimeter openings to a minimum. While it is true that the industry is becoming ever more security conscious, it is also true that the owners of industrial facilities do not want their property to look like a prison compound or armed camp. The first objective is to define the boundary of the property. Most often, this will require a combination of structural and psychological barriers. From a psychological point of view, we are only concerned with defining the boundary—mostly for: legal reasons, prevention of trespass, and liability lawsuits. Property definition may be simply a change in landscaping, or indeed, anything that distinguishes the property from its neighbor. Somewhere between the property line and the area of company activity, it will be necessary to install a structural barrier that will act as a physical deterrence to the would-be intruder. Usually, this barrier is a chain-link fence, and it should be topped with a barbed wire overhang. The following are suggested minimum specifications: 1. Minimum of 7 ft. in height excluding top overhang. 2. Wire must be 9-gage or heavier. 3. Mesh openings must not be larger than 2 in2. 4. Fabric must be fastened securely (top, bottom, and center) to rigid metal set in concrete or reinforced concrete posts. 5. There should be no more than 2 in. between the bottom of the fence and the ground. 6. Where the ground is soft or sandy, the fence fabric should extend below the surface.

429

7. Top overhang should face outward and upward at a 45-degree angle. 8. Overhang supporting arms should be firmly affixed to the top of the fence posts. 9. Overhang should increase the overall height of the fence by 1 ft. 10. Three strands of barbed wire, spaced 6 in. apart, should be installed on the supporting arms. 11. A clear zone of 20 ft. or more should exist between the perimeter and exterior structures. 12. Where possible, a clear zone of 50 ft. or more should exist between the perimeter barrier and structures within the protected area. Vehicular and pedestrian gates in the perimeter fence should be kept to a minimum— ideally, to only one common entry point for employees and business visitors. Depending on the size and layout of the site, it may be necessary to install a secondary entry point for emergency use, such as access by the fire department. However, this entry point should normally remain closed and locked. All openings in the perimeter fence should be equipped with gates. Even if these gates are not to be electronically controlled initially, planning should provide for power to each gate location with provision for a remote-control capability from the control/security center. Typically, security control is provided at the first defensible point; however, numerous facilities allow free access beyond this point to an inner control location. This may be beneficial for many reasons, especially in large, heavy traffic plants. Once inside the initial perimeter, signs should direct employees to the employee car park, visitors to an information center, and truck traffic to shipping/receiving areas. Beyond these points, a secondary secure perimeter should be established. The employee car park should be completely enclosed; access to the area should ideally be controlled by a card access system. Access from

II. PRACTICAL AND OPERATIONAL APPLICATIONS

430

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

the car park to the plant should be through a control point (manned during shift changes). In addition to the possible need for a secondary line of defense, there may also be a need for fenced areas to provide secure overnight storage for company vehicles, bulk raw materials, or large finished products. Waste awaiting disposal should also be stored within a fenced area. Fencing may also be required to segregate operational areas, such as stores, tool cribs, and so on. It is important to remember that fencing is first and foremost a barrier and that as a barrier, it does not have to be chain-link fencing. If we also remember that fencing will only delay the determined would-be intruder, it should be easy to be flexible regarding the material used. Hedging, poured concrete, solid concrete blocks, and decorative concrete blocks are all suitable fencing material. If fencing is required to provide a very high level of protection, its use should be supplemented by fence disturbance detectors, motion detectors, and patrolling security officers, or surveillance by network video systems. For fencing which is used to prevent vehicle penetration, there are additional standards to consider. ASTM F2611-15 establishes the material selection, system design, and layout requirements, as well as installation procedures for chain-link security fence systems intended to substantially increase the difficulty to penetrate, thereby increasing intrusion delay time. Selection criteria are provided herein for the following materials and fencing components: chain-link fabric; fence framework including line posts, terminal posts, and rails; barbed wires; barbed tape obstacles; tension wire; fittings; post ties, rail ties, and hog rings; swing gates; slide gates; and vehicle crash gates. Installation procedures for passive antiram systems are also provided in the F2611-15 Standard. ASTM F2656/F2656M-18 Standard Test Method for Crash Testing of Vehicle Security Barriers provides a structured procedure to

establish a penetration rating for vehicle perimeter barriers subjected to a vehicle impact. Knowing the penetration rating provides the ability to select an appropriate barrier for sitespecific conditions around a facility.

UNDERWRITERS LABORATORIES Underwriters Laboratories (UL) mentioned previously is a recognized certification organization for security equipment, security systems, and security monitoring. UL criteria are important in physical security, as they help to reduce potential litigation by conforming to specific standards. UL has created safety standards for every device, system, and monitoring center that they certify. Many jurisdictions require UL certification prior to commissioning the system, and in many cases, insurance premiums can be reduced for UL-compliant installations.

INTEGRATED SECURITY SYSTEMS Integrated security systems have come a long way in the past 10 years. At one time we were speaking about convergence. Today we are looking at physical security systems which are devices on an information technology network commonly known as the Internet of Things, or IoT. Highly functional integrated systems allow for real-time monitoring of systems via a security operations center and a smart device (portable telephone or iPad). Additionally, integrated systems allow for multiple functions to be accomplished in a near simultaneous fashion. For example, an integrated gunshot detection system detects gunfire. Immediately, a camera turns toward the location the gunfire is coming from, an integrated critical communication system communicates a lockdown message and notifies 911, while a door locking software locks down all the doors.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

PHYSICAL SECURITY CERTIFICATION

431

Another example is the merging of physical and cyber access control. Both systems use the same access control card but, in many cases, are independent systems. In another example, a person attempts to log into the cyber system but has not logged into the building access control—the system detects an attempted breach. In short, higher levels of integration lead to better security. But, let’s take that concept to the next generation, which includes the use of artificial intelligence (AI) and machine learning (ML). The data analytics and information produced by these devices can become predictive in nature. What is needed is educated people to imagine the data sets for programming. Imagine an AI interface like Cortana, Siri, or Alexa which can create reports, initiate actions, develop custom reports, view cameras, and other control center operations on voice command. Organizations that take a holistic view of security and integrate their physical security program are finding mutual benefits within the entire organization. When an organization can integrate their video, intrusion, access control systems, visitor management systems, and critical communications, there are efficiencies that can improve the entire organization.

Work experience is also a critical component, and when combined with the proper education, it can lead to opportunities not afforded to those without the benefit of continued education. ASIS has a Learning Exchange for professional development that can build on knowledge, skills, and expertise at all stages of the protection officer’s career (ASIS International, 2019). Universities, such as Leicester, Portsmouth, and South Wales in the United Kingdom (FindAMasters, n.d.), and the American Military University (n.d.), specialize in the compilation and distance education delivery of securityspecific educational opportunities.

CONTINUING EDUCATION

The course reference materials comprise of eight publications, offering a substantial look at physical security-related topics designed to assist security professionals in their career field. ASIS also provides an annual list of many scholarship and grant opportunities offered by ASIS and the International Foundation for Protection Officers (IFPO) (ASIS International, n.d.-a). IFPO has also coupled with Purdue University Global for undergraduate degree programs (Purdue University Global & IFPO, 2018). ASIS International does have eligibility requirements, which include work experience, to sit for the PSP certification exam (ASIS International, n.d.-b).

There are many benefits in continuing one’s education in the security field. Continued education is part of the career planning phase and should not be overlooked as a method of differentiating oneself in the job market. It is more important than ever today to continually improve one’s knowledge and education. Employers are searching for employees that are dedicated to their field and have a wide range of exposure to concepts and theory in security management. If already employed in the security industry, an advanced degree can lead to faster promotions or an increase in salary.

PHYSICAL SECURITY CERTIFICATION The ASIS Board Certified Physical Security Professional (PSP) designation focuses on one’s proficiency in three major domains of knowledge: 1. Physical security assessment 2. Application, design, and integration of physical security systems 3. Implementation of physical security measures

II. PRACTICAL AND OPERATIONAL APPLICATIONS

432

37. PHYSICAL SECURITY CONCEPTS AND APPLICATIONS

References

Purdue University Global | IFPO. (2018). Retrieved May 30, 2019, from https://go.purdueglobal.edu/els/ifpo/.

American Military University. (n.d.). Security management. Retrieved from https://start.amu.apus.edu/securitymanagement/overview?gclid=Cj0KCQjw3JXtBRC8ARI sAEBHg4mzTWn3wYcC5FjmHObbdc9kdnFQAM1sxij Xeou_Dr9GYwHnho7uUDAaAkGbEALw_wcB# school=sgs. ASIS International. (n.d.-a). Scholarship and grant opportunities. Retrieved October 14, 2019, from https://www. asisonline.org/get-involved/asis-foundation/foundationscholarships-and-grants/. ASIS International. (n.d.-b). ASIS Board Certifications. Retrieved May 29, 2019, from https://www.asisonline. org/certification/asis-board-certifications2/. ASIS International. (2019). Retrieved May 29, 2019, from https://learning.asisonline.org/diweb/start. FindAMasters. (n.d.). Distance learning masters degrees in criminology. Retrieved October 15, 2019, from https:// www.findamasters.com/masters-degrees/criminology/ distance-learning/?32gosej0. Kisi. (2019, October 9). Infrared sensors security. Retrieved from https://www.getkisi.com/guides/ infrared-sensors. National Institute of Standards and Technology (NIST). (2001, May 25). FIPS 140-2, Security requirements for cryptographic modules. Retrieved from https://csrc. nist.gov/publications/detail/fips/140/2/final.

Further Reading ASIS International. (2009). Physical security professional (PSP) reference (2nd ed.). Alexandria, VA. Barnard, R. L. (1988). Intrusion detection systems (2nd ed.). Boston, MA: Butterworth-Heinemann. Broder, J. F. (2006). Risk analysis and the security survey (3rd ed.). Boston, MA: Butterworth-Heinemann. Fennelly, L. J. (2019). Effective physical security (6th ed.). Boston, MA: Butterworth-Heinemann. Fischer, R. J., Halibozek, E., & Green, G. (2008). Introduction to security (8th ed.). Boston, MA: Butterworth-Heinemann. Garcia, M. L. (2008). The design and evaluation of physical protection systems (2nd ed.). Boston, MA: ButterworthHeinemann. Illuminating Engineering Society of North America. (2003). Guideline for security lighting for people, property and public spaces. New York, NY: Illuminating Engineering Society of North America. Nilsson, F. (2009). Intelligent network video. New York, NY: CRC Press. Phillips, B. (2002). The complete book of electronic security. New York, NY: McGraw-Hill.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

38 Alarm System Fundamentals Doug Durant, Kevin Pound, Jeffrey A. Slotnick O U T L I N E Introduction

433

Nuisance Alarms

438

Alarm Monitoring Local Monitoring Central Station Monitoring Direct Fire or Police Monitoring Proprietary Monitoring

434 434 434 435 435

Operator Interface Customized, Data-Driven Reports

435 436

Alarm Response Fire Alarm Systems Fire Alarm Sensors Building Automation Sensors Building Automation Systems (BAS) Network Video Systems Integrated Systems

439 439 440 441 441 442 442

Alarm Sensors

436

Emerging Trends

442

Duress Alarms

438

References

443

INTRODUCTION

C H A P T E R O B J E C T I V ES • Define an alarm system • Explore the fundamentals of alarm systems and operations • List four types of alarm monitoring • Explain alarm sensors and how they work • Describe fire alarm systems • Provide effective alarm response guidelines • Explain network video systems

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00038-9

In many cases, alarm systems form the backbone of a facility’s physical protection program. Universally used, alarms are very likely to be encountered by the protection officer or security specialist as they perform their daily duties. In fact, regardless of your industry, employer, shift schedule, or geographic location, it is likely that you will have some involvement with alarm systems. An understanding of basic alarm systems and their operation should be considered a “core

433

# 2020 Jeffrey A. Slotnick. Published by Elsevier Inc. All rights reserved.

434

38. ALARM SYSTEM FUNDAMENTALS

knowledge” requirement for anyone responsible for the protection of people, property, profits, and information. This chapter provides the fundamental information you need to know to be successful at your job. It is important to point out that this material must be supplemented with specific information as it applies to the alarm systems at your duty location. While all alarm systems perform the same basic function, each manufacturer’s product may operate in a slightly different manner at the location. The site may require some specific alarm system component that makes the operation of the system different from other sites that you may attend or be involved with as a security practitioner. Starting with the basics, a definition of an alarm system is in order. Quite simply, an alarm system is used to provide early warning of an intruder. There are three components to an effective alarm system: sensor, signal, and response. The “system” can consist of a relatively simple switch that activates a local audible device (e.g., siren and/or flashing emergency lights). If the system is monitored, a signal can be sent to alert authorities or response personnel, who can then investigate the cause of the alarm. It can also be quite complex, consisting of hardware and software elements that require considerable skill and training by assigned security staff. The most effective physical security is “layered.” An alarm system should be designed to provide one or more layers of detection around an asset. Each layer is made up of a series of detection zones designed to isolate the protected property and to control the entry and exit of authorized personnel and materials. In more sophisticated systems, sensors are interfaced with electronic entry-control devices, network video, alarm reporting displays (both visual and audible), critical communications, and security lighting. As you can see, the alarm system can serve as a crucial “layer” in any physical security plan.

ALARM MONITORING Your involvement with an alarm system will depend largely on how it is monitored. There are four methods of monitoring.

Local Monitoring This is the simplest form of alarm monitoring. It consists of a bell or horn located near the protected door or window. In the event of an attempted penetration, the resulting sound is intended to alert nearby police, security personnel, neighbors, or company employees. A major drawback of this approach is the fact that many people will not bother to investigate a blaring alarm. Furthermore, manpower shortages often make a security or police response impractical. Although relatively inexpensive to install, this form of alarm monitoring does not provide an adequate level of protection for most situations. Also, a potential criminal can disable these alarms relatively easily. In many jurisdictions, local municipal noise laws require the bells or horns to stop after a required period of time. When activated, the audible alert tells the intruder his activities have been noticed. In many cases, this will scare the criminal off before the crime can be completed. However, in other instances, a seasoned criminal may realize a response is dependent on someone in the local area not only hearing the alarm but also taking action to investigate it. In short, the criminal may be well aware that he has a certain amount of time to “work,” despite the activation of the alarm.

Central Station Monitoring This is the best and most popular method of alarm monitoring. It consists of a company that is paid to provide monitoring services for a variety of clients. Typically, these alarm companies

II. PRACTICAL AND OPERATIONAL APPLICATIONS

435

OPERATOR INTERFACE

charge a one-time installation fee and then bill monthly for monitoring services. Alternatively, many larger businesses may have all of their alarm signals monitored by their own control centers and have an in-house or proprietary security force respond. When an alarm signal is received, an employee of the alarm company is responsible for notifying the police so they can respond. In most cases, a company’s security officers are also notified so they can respond as well. Despite its popularity, central station monitoring is not without problems. There have been several documented cases where the alarm company failed to make the proper notifications. Some alarm companies will provide their own security officers to respond to and investigate alarm conditions. In these instances, the alarm company’s employees must be given keys to the protected premises in order to investigate alarms. From a security and business viewpoint, this should be considered an additional risk. Mobile technology. Alarm communication is now available via mobile devices and mobile technology. More and more we are seeing this technology develop.

Direct Fire or Police Monitoring This is no longer a common method of alarm monitoring. However, in some rural or remote jurisdictions, the local police or fire station will monitor alarms from their headquarters. When used, this method tends to be a relatively reliable way to monitor alarms.

Proprietary Monitoring In this approach, alarms are monitored by the company’s security staff. In most cases, a security control center is on the premises and serves as a focal point for all security operations. During an alarm event, the situation can be assessed

by dispatching security staff to the alarm location or by using an integrated network video to “check things out.” In a proprietary monitoring approach, the alarm system is operated and controlled by the property owner. In most cases, this means assigned security specialists are adequately trained and are very familiar with their property and its various security systems. They have a vested interest because they are protecting “their” company. A drawback, however, is that proprietary monitoring can be very expensive. This is because the company must not only buy the required monitoring equipment but it must also pay people to operate it. Likewise, a proprietary system may provide inferior results if it is not designed for the specific needs of a building and its occupants.

OPERATOR INTERFACE Regardless of the type of alarm monitoring used at your current location, eventually the system’s operation will come down to a human being. This person might be a monitor in central station hundreds of miles away, or they could be one of your coworkers, assigned to the security control system on the first floor of corporate headquarters. In all cases, the operator interfaces with the alarm. He or she interacts with the alarm system through devices that can be seen, heard, or touched, as well as manipulated. In most modern systems, visual displays and printers can be used to inform the operator of an alarm or the equipment’s status. Likewise, audible devices are frequently used to alert an operator to an alarm or the equipment’s failure. Such computer workstations permit an operator to acknowledge and reset alarms. Visual displays. The type of display used to visually inform the operator of the system’s status is determined mostly by the system’s

II. PRACTICAL AND OPERATIONAL APPLICATIONS

436

38. ALARM SYSTEM FUNDAMENTALS

complexity. Today, status information is usually displayed on computer workstations or large high-definition video screens. Computer workstations provide great flexibility in the type and format of alarm information that may be displayed. Both text and graphic information can be presented in a variety of colors. Multiple alarms may also be displayed. If alarms are prioritized, higherpriority alarms may be highlighted by blinking, changing colors, or by using bold print, and so on. To assist the operator in determining the correct response, alarm-specific instructions may be displayed adjacent to the alarm information. Audible alarm devices. In conjunction with the visual display of an alarm, the system must also generate an audible alarm. The audible alarm may be produced by the ringing of a bell or by the generation of a steady or pulsating tone from an electronic device. In any case, the audible alarm serves to attract the operator’s attention to the visual alarm display. Most systems have a switch to silence the audible signal before the operator resets the alarm. Logging devices. All alarm system activity (such as arming the system, disarming the system, maintenance, and system faults) should be logged and recorded. Logged information is important not only for security personnel investigating an event but also for maintenance of personnel checking equipment. This is especially important when trying to troubleshoot nuisance or “false” alarms.

Customized, Data-Driven Reports Integrated systems can produce data-driven reports which can perform analysis on the various types of alarms. These reports are user configured depending on the type of reports needed. Alarm printers. Alarm printers are typically of the high-speed, continuous-feed variety. The printer provides a hard copy record of all alarm events and system activity.

Report printers. Many modern systems include a separate printer for printed reports, which use information stored by the central computer. Operator control. A means is required to transmit information from the operator to the system. The types of controls provided usually depend on the type of display the system uses. For example, keypads consist of a numeric or LCD display system that is generally provided with a 12-digit keypad and several function keys. These allow the operator to perform such actions as to secure, access, acknowledge, and reset alarms.

ALARM SENSORS A basic alarm system is divided into three layers: perimeter protection, area protection, and spot protection. Perimeter protection is the first line of defense to detect a potential intruder. Alarm sensors on the perimeter are typically mounted on doors, windows, vents, and skylights. Since a vast majority of burglaries are committed to using such openings, it is important that they be a priority for protection. Commonly used perimeter sensors include the following: Glass-break sensors. These detect the breaking of glass. The noise from breaking glass consists of frequencies in both the audible and ultrasonic range. Glass-breakage sensors use microphone transducers to detect the glass breakage. The sensors are designed to respond to specific frequencies only, thus minimizing such false alarms as may be caused by banging on the glass. Balanced magnetic switch. Balanced magnetic switches (BMSs) are typically used to detect the opening of a door, window, gate, vent, skylight, and so on. Usually, the BMS is mounted on the doorframe, and the actuating magnet is installed on the door. The BMS has a threeposition reed switch and an additional magnet (called the bias magnet) located adjacent to the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

ALARM SENSORS

switch. When the door is closed, the reed switch is held in the balanced or center position by interacting magnetic fields. If the door is opened or an external magnet is brought near the sensor in an attempt to defeat it, the switch becomes unbalanced and generates an alarm. Area protection is also sometimes called volumetric protection. The sensors used for this purpose protect the interior spaces of a business or residence. These devices provide coverage whether or not the perimeter is penetrated and are especially useful in detecting the “staybehind” criminal. As a general rule, area sensors may be active or passive. Active sensors (such as microwave) fill the protected area with an energy pattern and recognize a disturbance in the pattern when anything moves within the detection zone. By contrast, active sensors generate their own energy pattern to detect an intruder. Some sensors, known as dual-technology sensors, use a combination of two different technologies, usually one active and one passive, within the same unit. Sensors used for area protection include the following: Microwave motion sensors. With microwave motion sensors, high-frequency electromagnetic energy is used to detect an intruder’s motion within the protected area. Passive infrared (PIR). These motion sensors detect a change in the thermal energy pattern caused by a moving intruder and initiate an alarm when the change in energy satisfies the detector’s alarm criteria. These sensors are passive devices because they do not transmit energy; they monitor the energy radiated by the surrounding environment. Dual-technology sensors. To minimize the generation of alarms caused by sources other than intruders, dual-technology sensors combine two different technologies in one unit. Ideally, this is achieved by combining two sensors that, individually, have high reliability and do not respond to common sources of false alarms.

437

Available dual-technology sensors combine an active ultrasonic or microwave sensor with a PIR sensor. Proximity sensors. Spot protection is used to detect unauthorized activity at a specific location. It serves as the final protective layer of a typical alarm system. Assets most commonly secured with spot protection include safes, vaults, filing cabinets, art objects, jewelry, firearms, and other high-value property. These sensors (sometimes referred to as proximity sensors) detect an intruder coming in close proximity to, touching, or lifting an object. Several different types are available, including capacitance sensors, pressure mats, and pressure switches. Capacitance sensors. These detect an intruder approaching or touching a metal object by sensing a change in capacitance (storage of an electrical charge) between the object and the ground. A capacitor consists of two metallic plates separated by a dielectric medium (an insulating substance through which electric charges can travel via induction). A change in the dielectric medium or electrical charge results in a change in capacitance, and thus an alarm. Pressure mats. Pressure mats generate an alarm when pressure is applied to any part of the mat’s surface. For example, an alarm is triggered when someone steps on a mat. Pressure mats can be used to detect an intruder approaching a protected object, or they can be placed by doors or windows to detect entry. Because pressure mats are easy to bridge, they should be well concealed, such as hidden beneath carpeting. Pressure switches. Mechanically activated contact switches can be used as pressure switches. Objects that require protection can be placed on top of the switch. When the object is moved, the switch actuates and generates an alarm. Naturally, in such applications, the switch must be well concealed. The interface between the switch and the protected object should be designed so that an intruder cannot slide a thin piece of material under the object to override the switch while the object is removed.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

438

38. ALARM SYSTEM FUNDAMENTALS

DURESS ALARMS In addition to perimeter, area, and spot protection, alarms can also be used for specialized applications. For example, duress alarms (sometimes called “panic buttons”) are frequently encountered in many business settings. They are often concealed under a desk or countertop. Duress alarms are often used by receptionists, cashiers, bank tellers, security officers, and customer service employees engaged in transactions with the general public. In short, anyone who may encounter a threatening, hostile individual in the course of his or her work may find a duress device of value. Duress alarm devices may be fixed or portable. Operations and security personnel use them to signal a life-threatening emergency. Activation of a duress device will generate an alarm at the alarm monitoring station. Police or security personnel are then dispatched to render assistance. Fixed duress devices are mechanical switches permanently mounted in an inconspicuous location. They can be simple pushbutton switches activated by the touch of a finger or hand or foot-operated switches attached to the floor. Portable duress devices are wireless units consisting of a transmitter and a receiver. The transmitter is portable and small enough to be conveniently carried by a person. The receiver is mounted in a fixed location within the facility. Either ultrasonic or radio frequency (RF) energy can be used as the communication medium. When activated, the transmitter generates an alarm that is detected (within range) by the receiver. The receiver then activates a relay that is hardwired to the alarm-monitoring system.

NUISANCE ALARMS A vast majority of alarms are nuisance or “false” alarms. In many jurisdictions, this places a great deal of stress on local law enforcement agencies. Each time a police officer is dispatched

to investigate an alarm, valuable resources are being consumed. To make matters worse, most faulty alarms are generated by the following: 1. 2. 3. 4. 5. 6.

User error Poor installation Alarm monitoring Substandard materials Employee indifference Inadequate training and system information

Security officers and business owners must learn as much as possible about their alarm systems. Where are the sensors located? What type are they? Who monitors the system? Awareness is the first step in effective alarm management. There is simply no excuse for arming a security system only to have alarms activated because people are still in the building. Similarly, at some larger facilities, people sometimes simply forget to turn the alarm system on. Checklists should be used to arm and disarm various parts of the alarm system as required during the business day. This will also provide documentation of who did what and will minimize the chances for oversights between shift changes. When it comes to installation, many alarms are the result of inappropriate sensor selection or placement. Alarm installations and equipment selection are not jobs for amateurs. Alarms are electrical/mechanical devices. As such, they require periodic maintenance. Routine operational checks should be included to ensure sensors and related components are working properly. For example, security staff should walk-test every motion detector each day. This involves physically ensuring that each detector is functioning properly. Likewise, there is considerable truth in the saying, “you get what you pay for.” Substandard materials can include sensors, mounting hardware, wiring, and even software. There is nothing wrong with going for the lowest bid on an alarm installation. However, make sure you are not chasing a false economy by using

II. PRACTICAL AND OPERATIONAL APPLICATIONS

ALARM RESPONSE

inadequate materials which will break and require continual replacement and repair. Many nonsecurity employees have little understanding of security issues. This includes even the most basic awareness of the company’s alarm system. Often, employees will think nothing of coming into work early, staying late, or visiting the office on a holiday. There is usually nothing wrong with such an activity. However, if it results in continuous alarm activations, an employee awareness program is probably in order. Nuisance alarms consume security and law enforcement resources which could be more usefully employed in other activities. Those which come to the attention of the police can also be expensive. The nuisance alarm rate has become so bad in many areas that local governments are now assessing fines on businesses and residences. These can run into thousands of dollars. Your organization’s ability to operate its alarm system may not only protect property but also help protect hard-earned profits as well.

ALARM RESPONSE Earlier, the various types of alarm monitoring were discussed. In some cases, the protection officer or security specialist will be dispatched to investigate an alarm event. The alarm might be the result of an employee entering his office before the alarm is deactivated. It could have been caused by a stray cat wandering the interior of a warehouse. The simple movement of balloons, plants, or a sign from the building’s air conditioning or heating system can activate a motion detector. Then again, it could be something much more dangerous. One of the major problems with nuisance alarms is that they invariably reinforce a mindset that every alarm is a nuisance alarm. For both public law enforcement and private security, this leads to complacent attitudes and poor officer safety procedures. For the private sector

439

protection officer, the following alarm response tactics are recommended: 1. Never assume an alarm event is “nothing.” Assume you are responding to an intrusion until proven otherwise. 2. Maintain radio contact with fellow officers and your security control center. 3. Maintain sound discipline. Keep radio volume low. Secure noisy keys and other equipment. 4. If upon arrival to the scene, you detect broken glass or other indications of an intrusion, do NOT proceed into the building. Call the police and assume a position from where you can be a “good witness.” 5. Evaluate all alarm information. Has there been just one alarm? Is there a series of alarms which might indicate someone is actually moving around the interior of the building? The professional evaluation of all alarms can assist you in determining where the intruder is. Relay this information to responding police units. 6. Know your company’s policy for alarm response. Use common sense and avoid complacency that can lead to tragic consequences. 7. Know of or how to locate appropriate phone numbers and passwords for your monitoring station. 8. Keep emergency call lists, updated with appropriate call-out lists, as well as local authorities. 9. Any alarm system is only as good as the people who operate, monitor, and respond to it. Protection officers must be properly trained to respond to alarms. They must understand how their system works and the need to treat every alarm seriously.

Fire Alarm Systems Of all the alarm systems, it is most critical for security officers to understand the basic operation and interaction of fire alarm systems. Fire

II. PRACTICAL AND OPERATIONAL APPLICATIONS

440

38. ALARM SYSTEM FUNDAMENTALS

alarm systems are regulated by building and fire alarm codes adopted by the municipality in which the facility resides. Because different municipalities may adopt different codes, how a system operates or is installed at one location might be quite different at another location. As fire alarm systems are so essential for the safety of the employees and the well-being of the facility, it is critical to have a thorough working knowledge of the operation of the system and the security officer’s role in its successful use. It is also very important to understand the proper operation of the system and the expectations of the fire department. Fire alarm systems typically have a main control panel with a display. If necessary, additional displays can be installed in other areas. Larger systems may incorporate a graphical display of the facility and locations of the various sensors therein. Where the alarm must be monitored off- site, a communicator is installed to allow the fire alarm to send alerts to an alarm company’s central station or, in some rare cases, to the fire department. Like intrusion alarm systems, fire alarms can be connected with a number of devices on a zone. Newer, larger fire alarm systems (and intrusion alarm systems as well) utilize a multiplex loop, where all of the devices are connected on the same loop, with each device having its own unique identifier or address. This type of system is known as a multiplex or addressable system. The largest fire alarm systems integrate dozens or hundreds of control panels across several facilities, with a dedicated main computer in the company command center for monitoring.

Fire Alarm Sensors The ability of fire to devastate lives and property should never be underestimated. Fire alarm sensors seek to prevent significant damage by

detecting fires in their earliest stages, allowing protection officers and fire officials ample time to respond. Fire alarm sensors include1: Heat detectors. These measure changes in a room’s ambient temperature. They are programmed to a certain baseline temperature and when the room’s temperature exceeds the baseline, a fire alarm is triggered. Photoelectric smoke detectors. This type of detector contains an electric eye, generating a beam of infrared light within its housing. When smoke enters the detector, it refracts that infrared light and an alarm is triggered in response. Ionization detectors. These devices contain a tiny amount of radioactive material, which creates radiation in an ionization chamber. Any smoke that enters will absorb some of the radiation and change the electrical charge within the chamber, prompting the device to send an alarm signal to the monitoring station. Air sampling detectors. These are often used to protect rooms filled with sensitive equipment, such as computer servers. They continuously take in air from the room and analyze the air samples for smoke or combustion particles. If a positive result is received, the detector generates an alarm and in many cases, immediately causes a fire suppressant to be discharged within the room. Beam detectors. These utilize an electric eye, which extends a beam of infrared light across an entire room, rather than within the housing of a photoelectric detector. They are most often used in rooms with very high ceilings, where it would be impractical to install and maintain a smaller detector. Again, the beam of light will be refracted by smoke in the room and an alarm will be triggered. Flame detectors. These are able to spot actual flames, rather than sense smoke or combustion particles. They typically incorporate ultraviolet

1. J. Russell, personal communication, July 8, 2009.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

ALARM RESPONSE

light sensors, infrared light sensors, or visible light sensors. Pull stations. These switches are strategically placed throughout a protected facility, and when a person observes fire or smoke, he or she is encouraged to manually pull the nearest switch, triggering a fire alarm and speeding evacuation of the area. Unfortunately, pull stations are easily abused. To activate a pull station in order to cause a false public alarm is a criminal offense in most jurisdictions; therefore, protection officers responding to such alarms should be prepared to enforce their organization’s relevant policy or involve local law enforcement as appropriate.

Building Automation Sensors Building automation sensors are typically used to measure and adjust the heating, ventilation, air conditioning, lighting, and other environmental conditions in a protected facility. They include: Gas detectors. There are several different types of gas detectors, each of which will measure the levels of a particular type of gas in the air (such as natural gas, carbon monoxide, carbon dioxide, and radon). If the gas levels exceed a preset tolerance, an alarm is generated. Level indicators. These are often applied to tanks that hold liquids or gases that are critical to a facility’s operation. When the amount of liquid or gas in the tanks drops below a preprogrammed level, a notification can be sent to the central monitoring station or to personnel who will refill the tanks.2 Temperature sensors. As the name suggests, these measure the ambient temperature in a room. They are often utilized in rooms where scientific experiments are being conducted and the temperature must be kept extremely hot,

441

extremely cold, or within a specific range. If the temperature falls out of the preset range, an alarm is triggered. Power failure sensors. These are integrated with the electrical system of a facility. When a power failure occurs, a notification alarm can be sent to the central monitoring station. At the same time, devices such as backup generators and emergency lights can be automatically activated. Integrated sensors. Some of the same devices used to detect intruders—magnetic door switches and motion sensors, for example— can be integrated with lighting systems. In this way, lights can be programmed to turn on automatically when a staff member enters a darkened room.

Building Automation Systems (BAS) Building automation systems operate much the same, and in a similar configuration, as access control systems. Building automation systems control heating, ventilating and air conditioning (known collectively as HVAC), as well as lights. More expansive systems can assist in controlling elevators, escalators, and irrigation systems. Building automation systems may integrate with, or share the same software and hardware as, an access control system. Building automation systems share several industry standard protocols such as BACnet, which allows systems or components from different manufacturers to communicate with each other. Some BAS functions such as lighting, heating, and cooling can be controlled or initiated by security functions such as a swipe of an access card after hours. Still, other BAS functions can be controlled by the security system to act as a deterrent such as stopping the elevators from running or activating the irrigation system outside.

2. Ibid.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

442

38. ALARM SYSTEM FUNDAMENTALS

Network Video Systems Network video systems allow dispatchers to watch over a large number of areas at once. They provide an excellent (and cost effective) way to monitor high-sensitivity and high-risk locations at all times, without needing to post a protection officer at those locations. The cameras used may be easily visible to the public or they may be hidden to the point of near-invisibility, depending on the needs of the organization and the locations at which they are stationed. From the central monitoring station, a dispatcher may be able to view up to 16 separate images in real time on a single monitor (Nelson, 1999). Alternatively, he or she may view a single image at a time, and switch to other images on demand or at preset intervals. The video images may be in color or black-andwhite format. According to Nelson (1999), color images are better for identification purposes, while black-and-white images have better performance in low light. Cameras may be stationary, but those with pan, tilt, and zoom capabilities can easily be installed wherever they are necessary. From the central monitoring station, dispatchers can control these cameras at will, in order to focus on locations or individuals that require close observation at a given time. These cameras can also be set up to focus on a series of locations, one after another, each for a preset length of time. Network video cameras generally incorporate a method of recording the images they monitor. This allows protection officers to revisit images to verify descriptions of individuals and events and also to retain those images for use as evidence. At particularly sensitive locations, video may be recorded on a continuous basis, but this very quickly consumes a great deal of data storage space. Cameras that are integrated with other sensors—intrusion sensors, for example—can be set up to focus on a specific area and begin recording when an alarm is received from the associated sensor. A dispatcher typically has the ability to begin and end a video recording at

any time and to take a single snapshot image. Images have typically been stored on video cassettes, in either real-time or time-lapse format (Ruiz, 1999). However, the current trend is for image files to be digitally stored onto computer hard disk drives either using digital video recorders (DVRs), or with several drives together, or onto large capacity storage devices known as network attached storage (NAS) or storage area networks (SANs). It is possible to connect the hard disk drives into a configuration known as a redundant array of independent disks, or RAID. Such a configuration has the capability of either manually or automatically backing up drives so that the failure of any one drive does not result in the loss of all recorded data. Other options for exporting images include CD-ROM compact disks, digital video disks, or even USB flash drives.

Integrated Systems As security and fire alarm systems become more expansive in scope and operation, it is sometimes necessary to link the systems together under one controlling piece of software or application. Other times it is necessary to link various systems together, such as human resources systems, parking applications, and payroll systems, so that there is greater functionality and more accurate information flowing automatically between those systems. Such systems are generically referred to as “integrated systems.” Integrated systems and the fundamental use of integrated systems create system redundancy and improved reporting.

EMERGING TRENDS Alarm systems have and will continue to form a part of a protection plan in the foreseeable future. However, the technology and reporting mechanisms that form part of an alarm system continue to broaden. As with any technology, end users will continue to look

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

for smarter, faster, and more economical solutions. The use of video analytics, in combination with network video, along with voice verification, will help to provide verified alarms. Alarm signals that generate attached video or captured images of the location of the alarm will provide the end user with a clearer picture and understanding of the situation and allow them to respond effectively. This will continue to help lower the false alarm rates and will help organizations comply with local and regional false alarm legislation. Sensor technology continues to change, allowing for larger and more complex facilities or structures to be protected, along with new ways to send those signals. Methods of alarm

443

notification continue to be explored with improved ways to provide mass notification alerts to the large employee or student populations. Instant messaging, text alerts, and cellular messaging are some of the options being used and improved.

References Nelson, L. A. (1999). Designing operations centers. S. J. Davies, & R. R. Minion (Eds.), (2nd ed.). Security supervision: Theory and practice of asset protection (pp. 277–279). Burlington: Elsevier Science. Ruiz, H. C. (1999). Security technologies. S. J. Davies, & R. R. Minion (Eds.), (2nd ed.). Security supervision: Theory and practice of asset protection (pp. 263–271). Burlington: Elsevier Science.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

39 VIP Security Jennifer Hesterman, Chris Carhart O U T L I N E Introduction

445

Use of Technology in Protective Services

448

Risk and Vulnerability Assessment: A Questions-Based Approach

445

Professional Development for Personal Protection Specialists

450

Mechanisms of Threat

446

Disclaimer

450

Threat Mitigation

447

References

450

Hostage Situations

448

INTRODUCTION Contrary to public opinion, VIP security is rarely the glamorous and violent montage of tuxedo-clad agents in gunfights and speeding motorcades seen in movies. In fact, the realities of protective operations would make for terrible television: Done well, the mission requires unglamorous planning and logistics work and excessively long hours; the majority of time will be spent standing in a state of hypervigilance with little downtime; and should you find yourself in one of those made-for-TV gunfights, you’ve already failed. VIP protection adheres to a dual-pronged methodology. Reactive protection, or “body guarding,” is a crucial pillar of the mission, and the one most commonly portrayed. Close protection combative skills, rapid and efficient firearms deployment, and hurried evacuations make for The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00039-0

great action movies, and serve a vital purpose in guaranteeing the protectee safety. But the second pillar offers an invaluable advantage over potential adversaries: advance planning. In protection, the best gunfight is the one planned for, mitigated against, and prevented altogether. In this chapter, we will discuss VIP risk and vulnerability considerations, assess a sampling of the threat’s VIPs are likely to encounter and outline mitigation techniques and professional development opportunities available to the security officer.

RISK AND VULNERABILITY ASSESSMENT: A QUESTIONSBASED APPROACH Preventative VIP protection first requires an understanding of the risks and vulnerabilities

445

# 2020 Elsevier Inc. All rights reserved.

446

39. VIP SECURITY

your protectee may face. This begins with their profile. Social status, notoriety, and controversy are all factors that may amplify your protectee’s threat level and should be considered when building their protection plan. Are they a well-known, easily recognizable personality? Have they been in the news lately? Have they been a contentious public figure? Atmospherics surrounding your VIP should guide your overall protective posture. Your protectee’s pattern-of-life will also inform your security planning. Does the VIP meet with the public often? Do they jog through the park every morning? Do they have a preexisting medical condition requiring treatment? Your security plan will have to address the vulnerabilities presented by your protectee’s daily routine while remaining as unintrusive into their day-to-day life as possible. Beyond the inherent threat posed to your protectee, the places they travel may present new vulnerabilities. Is your VIP traveling to a high-crime neighborhood? Are they traveling to a rural, remote area far from law enforcement or medical services? Are they visiting an austere location, like a violent conflict zone? Your security plan should be constantly revised based on the environments and circumstances your protectee enters. Moving to more specific risks, has your protectee had uninvited, inappropriate, harassing, or threatening contact with another individual or group? Written letters, social media posts, or reoccurring first-person contact can all serve as mediums for individuals to voice inappropriate interest or overt threats toward your protectee. Security officers should work to identify these individuals and the nature of the threat posed, not only to augment protective posture if needed but also to readily detect these individuals should they appear in proximity to your VIP.

MECHANISMS OF THREAT Preventative protection also requires an understanding of the mechanism(s) of threat your protectee may face, in order to plan for and mitigate

against them. Since the iconic assassination of Abraham Lincoln, the image of the lone gunman has been engrained in the American psyche. But the threat posed to VIPs, heads-of-state, and public figures has evolved well beyond the lone gunman, requiring VIP security practitioners to keep up with a myriad of emerging trends while preempting nascent hazards. The most common threat to VIPs stems from unwanted, excessive, inappropriate, or violent close physical contact, no weapons required. This can manifest as simply as an overzealous fan or incensed critic encroaching in your protectee’s space, holding a hug or handshake for too long, or attempting to interrupt or impede their movement. If your VIP is a prominent public figure or interacts with the public regularly, they’ll likely encounter some variant of this threat. Due to their availability and relative ease-ofuse, conventional weapons, wielded by lone attackers or in complex attacks, remain a preeminent threat. Edged weapons pose a concealable and intimate risk, requiring attentive and anticipatory close protection. Handguns are also concealable and effective at short range. Small and large-caliber firearms are less concealable but able to be effectively deployed at range, perhaps beyond the perimeter of your security footprint. Improvised explosive devices (IEDs) pose a persistent global threat and can be deployed in a variety of configurations. Personnel-borne IEDs (PBIEDs) are typically concealed within a person’s clothing, potentially allowing them to gain proximity to your protectee without detection. Remote-controlled IEDs (RCIEDs), on the other hand, can be prestaged at a location your protectee is known or likely to visit and then detonated by an observer at distance. Vehicle-borne IEDs (VBIEDs) can be constructed within cars, motorcycles, boats, or any other vehicular platform, and are both concealable and mobile. Magnetically attached IEDs (MAIEDs) are built onto a magnetic source and can be rapidly affixed to, for instance, a passing vehicle. Unmanned aerial systems pose an emerging

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THREAT MITIGATION

IED threat, as foreign terrorist organizations have begun using remotely piloted airframes as agile platforms for IEDs. Foreign substances pose a disruptive and potentially harmful threat to your protectee. Irritants, crowd control agents, and toxic industrial chemicals are readily available and require little technical skill to deploy. Depending on the agent, effects could range from minor irritation to serious health complications. Potentially harmful biological materials, including bodily fluids, can carry disease and pose a pathogenic risk to your VIP.

THREAT MITIGATION As a protection officer, your ability to mitigate threats will vary depending on your environment, the nuances of your protectee and their routine, and your agency’s equipment, personnel, and capabilities. The most efficient protective measures, and the one’s we’ll discuss, are minimally reliant on resources, and disproportionally tilt the mission in your favor: communication, movement, and manpower. Communication can be the foremost determiner of success or failure in the protection mission. On one level, an open line of communication with the protectee is critical: they are the keepers of their routines and itineraries, details of which you’ll require to plan ahead and best anticipate for your mission requirements. The security officer must make a concerted effort to regularly check-in with their VIP. On another level, communication among all security parties in play enables coordinated threat detection and reaction. Verbal communication may suffice in small-detail environments where persistent line-of-sight between security personnel is guaranteed. Cell phone comms, voice or text, may suit your needs in a lowthreat, urban setting. Push-to-talk radio communications may be more appropriate in more complex, fast-paced, or austere protective environments.

447

The third level of communication is external, that is, the ability to contact resources beyond your immediate security detail. The ability to reach your agency to advise of protectee movements or request resources is important, but the ability to contact supplemental medical or law enforcement first responders could make-orbreak your protective mission. If your protectee is moving through a remote area where cell or radio service is likely to be disrupted, a secondary and tertiary communications plan should be developed, potentially requiring alternative communication devices. If they’re traveling to a foreign country, particularly an austere one, it behooves security personnel to have a predetermined procedure for contacting host-nation response parties and may require the use of a local SIM-enabled cell phone or satellite phone. Protectee movement is another mitigation consideration. Both the timing and routing of your VIP’s movements can be manipulated to prevent unwanted attention or deter potential threats by minimizing your protectee’s contact with unknown crowds. On timing, arrival and departure times can be planned to ensure the public and protectee’s movements occur at offset times. On routing, the use of alternate entry and exit points at venues helps ensure your protectee’s walking path and that of the general public overlap as little as possible. While dependent on the resources of your agency, manpower serves as another mitigation variable. Placement of manpower around your VIP, within and surrounding venues, or along walking or motor routes, is a vital consideration, requiring a big-picture analysis of security gaps in your protectee’s immediate environment. When possible, security officers should be prestaged in locations your protectee is likely or scheduled to visit. In this capacity, they can identify and relay security concerns back to the VIP’s detail before their arrival. In addition to the obvious tactical benefits of well-staffed and appropriately deployed protective details, a larger footprint also serves as a visual

II. PRACTICAL AND OPERATIONAL APPLICATIONS

448

39. VIP SECURITY

deterrent to possible assailants, potentially dissuading the uncommitted threat actor.

HOSTAGE SITUATIONS Planning for worst-case scenarios is critical to successfully protecting a VIP. For instance, you should strongly consider the possibility of a kidnapping and hostage situation. The use of this tactic is on the rise from petty criminals who drive victims to their ATM or bank for cash withdrawals, to sophisticated cartel plots to extort money, drugs, guns and/or exact revenge. Kidnapping is a lucrative tactic business for criminals and terrorists; naturally, wealthy and/or famous people and their family members are targets of opportunity. Gone are the days of demands for suitcases of cash; shadowy groups involved in kidnapping activities will likely ask for an untraceable digital payment, such as transfer of Bitcoin. In ransomware attacks, bad actors who hack a system and gather sensitive data will demand immediate payment of e-currency from the targeted company. The clock starts ticking, and the hackers threaten to release confidential, damaging information if not paid. Therefore, many companies are establishing Bitcoin accounts to expedite payments in the event their systems and data are held “hostage.” Your wealthy clients may wish to do the same. Terror groups also take hostages; however, these unfortunate victims are usually “doomed captives.” Terrorists don’t expect to survive the ordeal and have nothing to negotiate for, as witnessed in the Beslan school assault, the Moscow Dubrovka Theater siege, the Paris Bataclan Theater attack, and the Orlando Pulse Nightclub massacre. The bottom line: this is not a pleasant topic to think about or discuss with your protectee but the world has changed, and our protection tactics must adapt accordingly. You must be knowledgeable about the threat of violent crime and terrorism in the areas

you will traverse with your protectee and be especially mindful of their vulnerability at major events held in enclosed public spaces like stadiums, theaters, and conference centers. For more information on soft target attacks, mitigation, response, and recovery, see Soft Target Hardening: Protecting People from Attack (Hesterman, 2018). Preparing for the worst will also allow your team and the protectee to handle smaller crises with greater ease.

USE OF TECHNOLOGY IN PROTECTIVE SERVICES Today, your cell phone has more computer power than all of NASA back in 1969, when it placed two astronauts on the moon. Dr. Michio Kaku, American physicist and futurist.

As previously mentioned, you should fully tap and leverage the power contained in the modern smartphone, using it as a virtual assistant, a sophisticated communication platform, and even a lifesaving tool. For instance, during the violent earthquake in Haiti, a victim trapped in the rubble used iPhone apps to save his life. Trapped for 65 h in the lobby of his Port-au-Prince hotel, Dan Woolley used information from an iPhone firstaid app to make a tourniquet for his fractured leg and slow the bleeding from his head wound. He used his camera to take pictures of his wounds to zoom in and assess the extent of the injuries. Woolley said his phone “was like a high-tech version of a Swiss Army knife that enabled me to treat my own injuries, track time, stay awake, and stay alive” (Levs, 2010). At the very least, there is a psychological aspect to victims participating in self-care and taking control instead of feeling panic or loss of determination to live, especially for those who are trapped and alone. You should have a conversation with your protectee about the unlikely event you are separated during a natural disaster and how he or she will communicate with you and take care of their needs until rescue or escape.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

USE OF TECHNOLOGY IN PROTECTIVE SERVICES

The following list of applications is not allinclusive, but rather a select few recommended by law enforcement, first responders, and emergency response experts. Encourage your clients to also download and become familiar with apps to help them communicate and survive during a crisis. 311 App for your city 5-0 Radio Police Scanner 911 toolkit AccuWeather Bomb Threat Standoff Broadcastify (source of news and live audio streams) Bugle (notify contacts of activities) CDC blast injury citizenAID Close call Compass CPR and Choking Disaster Alert EchoLink Emergency radio (scanner) Emergency Response Guidebook Emergency Survival Handbook Facebook (To mark yourself “safe” in an emergency) FEMA Field Facts First Aid by American Red Cross Flashlight with SOS and beacons Gas Buddy Go-To-Aid GPS Guardly Mobile HazMat Reference and Emergency Response Guide iPhone tracking iStethoscope iTriage iWrecked Kitestring (gets you home safe) Know Your Plan Life360 Man Down

449

Mobile REMM (Radiation Emergency Medical Management) MyRadar Nextdoor NOAA Weather Noonlight (formerly SafeTrek) Notepad Offline Survival Manual palmEM: Emergency Medicine Pet First Aid (Red Cross) Pocket First Aid and CPR Police siren (scare away intruders and signal for help) PulsePoint Radarscope—weather app Red Panic Button Red Cross Emergency Reunite Responder Self-Care Shelter View (open shelters) ShotSpotter Smart911 Social Alert SOSQR (formerly ICEBlueButton) Storm Radar Twiage (prehospital triage) Twitter Waze Traffic Weather Underground Weather Channel WikiHow Wiser (HAZMAT response for 1st responders) Zello (walkie talkie) The Red Cross also has helpful apps for preparing for and responding to emergency situations (Red Cross, n.d.). One new app helps educate those in stressful situations, replacing the uncertainty and emotion of the situation with easy, data-driven instructions to save their lives. STOP the Bleed free app by citizenAID (2018) was developed by military and civilian medics in the UK following the Paris attack to teach people how to provide potentially life-saving

II. PRACTICAL AND OPERATIONAL APPLICATIONS

450

39. VIP SECURITY

treatment before the arrival of emergency services in the event of an incident. If the user is in an emergency, clicking on the “I’m in a Live Incident” button provides a host of services including what to do in specific incidents— active shooter, knife attacker, bombs and vehicles as a weapon. Medical advice includes stopping bleeding, tourniquets, CPR, and opening airways. In case of a total communication outage, you should keep a note on your phone listing everything you need to know in case of emergency—names, phone numbers, and addresses. If traveling abroad, screenshot a map with the location of the closest US Embassy in case you need to go there on foot. Companies are developing apps that users can purchase to access password-protected information and secretly communicate. For example, the SPOT (Spot LLC, n.d.) app allows for continuous GPS tracking and silent, two-way communication. Many schools are now asking staff to download the app, as they can discreetly send a message to notify first responders of their location and also send pictures of the scene to assist in recovery operations. It may sound unnecessary but remind your protectee to keep their smartphone fully charged. Ensure they (and you) have plenty of back up battery power available in the event of an emergency. A solar charger is a good idea; the Hiluckey is inexpensive and water, shock and dust-proof.

PROFESSIONAL DEVELOPMENT FOR PERSONAL PROTECTION SPECIALISTS Even if personal protection is not a primary duty, you may be called upon to step in and provide this service, and therefore must be familiar with the basics. The International Foundation of Protection Officers (IFPO) defines their series of executive protection courses (IFPO, n.d.-a) as a system of close personal protection, educational programs, and contingency planning which is applicable to all types of protection situations.

The material in their executive protection course consists of three learning modules and is designed for integration with other training offerings such as their Certified Protection Officer (CPO) course and the Certified in Security Supervision and Management (CSSM) program. Topics covered include Threats, Residential Concerns, Vehicle Basics, Vehicle Armoring, Individual Protective Measures, Introduction to Protective Details, Protective Planning, The “Advance,” Introduction to International Operations, Improvised Explosive Devices, Bomb Threats, Protective Formations, Investigating Stalkers, Targeted Violence, Protective Planning and Techniques, Weapons and Equipment, Protocol and Professionalism, and Resources for Advanced Training. For more information, see the IFPO website (IFPO, n.d.-b).

Disclaimer Opinions expressed in this chapter are those of the authors and do not represent the official policies or positions of the US Government.

References citizenAID. (2018, January 15). STOP The Bleed FREE APP. Retrieved from https://citizenaid.us/. Hesterman, J. (2018). Soft target hardening: Protecting people from attack (2nd ed.). Boca Raton, FL: CRC Press. IFPO. (n.d.-a). Executive protection training and certification. Retrieved May 27, 2019, from www.ifpo.org/ training/professional-development-programs/ professional-development-program-pdp-series/ executive-protection. IFPO. (n.d.-b). About Certificates & Certification. Retrieved May 27, 2019, from https://www.ifpo.org/aboutcertificates-certification/. Levs J. (2010, January 24). Trapped father survives with help of phone app. Retrieved from http://www.cnn.com/ 2010/WORLD/americas/01/24/haiti.survivor.phone. app/index.html. Red Cross. (n.d.). Mobile Apps. Retrieved May 27, 2019 from http://www.redcross.org/get-help/how-to-prepareforemergencies/mobile-apps. Spot LLC. (n.d.). Spot satellite messenger: Home page. Retrieved from https://www.findmespot.com/en/ index.php?cid%C2%BC7075.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

40 Information Security and Counterintelligence Michael Allen, Kevin E. Peterson O U T L I N E Key Terminology

451

Management Measures

Threats to Information and Intangible Assets

453

The Role of the Professional Protection Officer

460

How Technology Is Changing the Threat

455

Emerging Trends

460

A Suite of Protective Measures Security Measures Legal Measures

457 457 458

Summary

460

References

461

• Explore the role of the professional protection officer and security service providers in the protection of sensitive information and intangible assets

CHAPTER OBJECTIVES • Provide important definitions related to information security and counterintelligence • Explain the difference between “counterintelligence” as used in the private sector versus the federal government sector • Describe the primary threats to information and intangible assets in both the public and private sectors • Identify various types of information security vulnerabilities, reasonable risk mitigation, and security measures to counter the threat

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00040-7

458

KEY TERMINOLOGY To help professional protection officers better understand information security and counterintelligence, the following terms are explained below: Information Assets—According to the Protection of Assets Manual (POA), information

451

# 2020 Elsevier Inc. All rights reserved.

452

40. INFORMATION SECURITY AND COUNTERINTELLIGENCE

assets “consist of sensitive and proprietary information, privacy-protected data, intellectual property, intangible assets, and information defined under international, federal, and state laws governing trade secrets, patents, and copyrights” (ASIS International, 2011, p. 1–1.1). Although not all-inclusive, some examples of information assets are: • Intellectual property (e.g., scientific, technical data, research and development, trade secrets, coding, algorithms, formulas, manufacturing processes, testing procedures and results, engineering specifications, etc.) • Competitive information (e.g., brand, marketing, pricing, strategies, etc.) • Information protected under regulatory requirements (e.g., personally identifiable information, protected health information, financial, and legal/attorney-client privileged) • Information assets exist in many forms and formats including but not limited to hard copy, computer data (on systems, in transmission, portable devices, portable drives, etc.), electrooptical signals, spoken word, individual knowledge, prototypes, models, and processes. Protection strategies should consider both the content of the information to be protected and the form or format in which it exists. Information Asset Protection (IAP)—This is an overarching concept that integrates the subdiscipline of information security along with several emerging disciplines that are focused on protecting information and intangible assets under specific conditions. Fig. 40.1 illustrates the concept. Information security includes traditional information protection measures such as labeling, classifying, storage, transporting, proper transmission, and destruction of information. It also encompasses information technology (IT) security to protect information systems, hardware, software, and the data being stored, processed, or transmitted through them. The third element of information security involves the protection of intellectual property rights (IPR).

Information asset protection

Information security

Emerging disciplines

Traditional infosec

Due diligence

IT security Intellectual property protection

Market entry planning Product security

FIG. 40.1 Structure of information asset protection (IAP) functions.

Information security has been defined as the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability (Committee on National Security Systems, 2015). The strategies of Enterprise Security Risk Management (ERSM) take a holistic approach to assess risk and may include information security. Vendor risk management and due diligence reviews of potential partners, vendors, contractors, and other third parties allow businesses to make risk-informed decisions. They also include the practice of market entry planning and product security (ASIS International and IAP Council, 2009). These topics will be discussed later in this chapter. Information assets protection brings these disciplines and elements together in a concerted way and provides a comprehensive approach to maintaining the value of information and intangible assets. Intangible Assets—These are assets of any organization (including companies and government agencies) that are not physical in nature. Examples of intangible assets are an organization’s reputation, brand, relationships, management style, knowledge, and processes. Intangible assets are generally very difficult to measure or quantify—and may often be overlooked when determining where to apply security or protection efforts.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

THREATS TO INFORMATION AND INTANGIBLE ASSETS

Competitive Intelligence versus Economic Espionage—Although both methods involve collecting information for the ultimate purpose of supporting business or government objectives, they represent opposite ends of a spectrum of “ethicalness.” Competitive intelligence is a normal business function, which can include completely benign activities such as market research. As competitive intelligence measures become more aggressive, they may approach a “gray area” in the center of the spectrum that borders on unethical behavior. This includes activities like making pretext phone calls (or e-mails) to competitors to gather information or sending individuals to pose as job applicants. Industrial or economic espionage is on the other end of the spectrum and includes illegal activities such as electronic eavesdropping and hiring employees away from competitors for the specific purpose of gaining confidential information (Webster University, 2008). Compromise—Refers to a situation where sensitive, controlled, or classified information falls into the hands of an unauthorized person or organization. This is contrasted with a security violation, for example, in which a policy or procedure was not followed but there is no indication that any information was lost. Counterintelligence—Any measures taken to negate intelligence collection efforts against an organization or its people. In the federal sector, counterintelligence relates to programs designed to counteract foreign intelligence services and recruited agents. In the private sector, it is often referred to as “counter competitive intelligence” and may be focused on protecting against actions ranging from simple market research up to and including industrial espionage. The term is also used in the law enforcement community to refer to actions taken to protect sensitive information from falling into the hands of criminal organizations that may be targeting law enforcement agencies, personnel, or task forces. Counterintelligence activities may be defensive or offensive in nature and may also be primarily proactive or reactive.

453

Economic Espionage—According to the Economic Espionage Act (Title 18 U.S.C. §1831), economic espionage is (1) whoever knowingly performs targeting or acquisition of trade secrets (2) to knowingly benefit any foreign government, foreign instrumentality, or foreign agent. In contrast, the theft of trade secrets (Title 18 U.S.C. Section 1832) is (1) whoever knowingly misappropriates trade secrets (2) to benefit anyone other than the owner (FBI, 2016). Information Security—(see paragraph on Information Assets Protection). Sensitive Information—Information or knowledge that might result in loss of an advantage or level of security if disclosed to others (ASIS International, IAP Guideline, 2007a, p. 8). Technical Surveillance Countermeasures— Also known as TSCM, they include services, equipment, and techniques designed to locate, identify, and neutralize technical surveillance activities such as covert listening devices (ASIS International, 2011, p. 26 1.6.1). Trade Secret—Trade secrets are defined by laws, such as the Economic Espionage Act, at the federal level, as well as by state and local laws. Generally, trade secrets are designated by the owner but must meet certain criteria to qualify for applicable legal protections. Although the laws vary, most require that information have demonstrable value to the owner, is specifically identified, and adequately protected to qualify as a trade secret.

THREATS TO INFORMATION AND INTANGIBLE ASSETS As with any asset protection issue, we must consider three categories of threats: intentional, natural, and inadvertent. Like any tangible asset such as a building or piece of equipment, information will be subject to all three categories. Although our primary focus in IAP is on intentional and inadvertent threats, some attention must also be directed at natural threats. For example, in the wake of Hurricane Katrina

II. PRACTICAL AND OPERATIONAL APPLICATIONS

454

40. INFORMATION SECURITY AND COUNTERINTELLIGENCE

(2005), many small businesses failed, not because their facility was destroyed, or their people displaced, but because they lost the bulk of their critical business information. It is not uncommon for organizations to prepare their facilities and people for the effects of a natural disaster while neglecting to take prudent information protection measures. Preparations such as geographically separated off-site backup or data protection measures for contingency remote computing can mean the difference between successful business recovery and catastrophic failure. The nature and extent of the threat to information and intangible assets is concisely summarized in the introduction to the Counterintelligence page on the Federal Bureau of Investigation’s (FBI) website: https://www.fbi.gov/ investigate/counterintelligence. The FBI estimates that every year billions of US dollars are lost to foreign competitors who deliberately target economic intelligence in flourishing US industries and technologies (FBI, 2016). The methods that comprise the threat to information assets cover the gamut from old, time-tested techniques to new and innovative collection measures. Among the commonly reported collection methods are: • Open source collection of public information • Data mining and/or the use of information brokers • Social engineering and other elicitation techniques • Co-opting/recruiting a current or former employee (or trusted third party) • Hiring key employees away from the targeted organization • Targeting meetings and conferences • Electronic eavesdropping • Theft of hard-copy information • Theft of soft-copy information/media (e.g., thumb drives, laptop computers, mobile devices, etc.)

• Unauthorized penetration of information systems (e.g., hacking) • Unauthorized access to information systems by insiders • Exploitation of joint venture partners or other trusted third parties • Unauthorized physical access to (or observation of) information • Misdirected or intercepted e-mail or other electronic communications • Deliberate disclosure (e.g., by a disgruntled employee) • Inadvertent disclosure through errors or by accident • Inadvertent disclosure through third parties who may not maintain the same security standards that your organization does (ASIS International, 2007b, p. 28) One specific threat that is worth mentioning separately is that of laptop computer theft. A research report (for the ASIS Foundation) by consultant Dr. Glenn Kitteringham, CPP, studied the theft of laptops. The report noted that a 2006 Ponemon Institute survey found that 81% of companies responding reported the loss of one or more laptop computers in the preceding 12 months. Kitteringham’s study also mentioned that according to the FBI, 97% of stolen laptops are never recovered (Kitteringham, 2008, p. 5). Recent studies indicate that insiders (employees and others with a trusted relationship) working with outside attackers cause the most data breaches. Several studies, including the Data Breach Report (Ponemon, 2012); Cost of Insider Threats: Global Organizations (Ponemon, 2018); the Cisco Annual Security Reports (Cisco, 2008, 2018); the CyberSecurity Watch Survey (Carnegie Mellon University, 2011); the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), Insider Threat Detection Study (Kont, Pihelgas, Wojtkowiak, Trinberg, & Osula, 2015), suggest that breaches caused by insiders are the costliest. Insiders have some level of authorized access, they know

II. PRACTICAL AND OPERATIONAL APPLICATIONS

HOW TECHNOLOGY IS CHANGING THE THREAT

“the system,” and they know where to look for valuable information. According to the 2007 Trends in Proprietary Information Loss Survey Report: “The largest threats to proprietary information are from those with a trusted relationship with the organization—current and former employees and those partners, outsourced providers, and customers with a trusted relationship” (ASIS International, 2007b, p. 29). It is important for the professional protection officer to understand who our adversaries might be in terms of threats to our information assets. The collectors (or perpetrators) are well defined by the list of methods previously mentioned in this section. However, we should also consider who the clients or end users of the information might be. Being able to distinguish between the collector and the end user allows security professionals to develop more effective risk mitigation strategies for IAP. End users may be the same as the collectors but often are not. Among common end users for compromised information assets are: • • • • • • • • • • •

Domestic and foreign competitors Foreign governments Organized criminal enterprises Information brokers Activist groups (environmental, animal rights, monetary rights, anticapitalists, etc.) Terrorist groups Political advisors Quasi-government groups Financial or business cartels and/or Narcocapitalists Product counterfeiting operations Targets of law enforcement activities

HOW TECHNOLOGY IS CHANGING THE THREAT Today technology is moving and advancing at an amazing pace. This results in wonderful opportunities for information sharing, productivity, and accomplishment, but it also

455

represents a new paradigm for security risks. In some ways, the threat remains unchanged, yet in other ways, things are very different. David Drab sums it up this way in a white paper on the Economic Espionage Act (EEA): The motives and tactics have remained constant over the years—economic gain, competition, career recognition, and vengeance. However, the methods used to collect and transmit information have significantly changed because of high technology, the World Wide Web, and worldwide telecommunications. (Drab, 2003, p. 2) A few studies available online have now concluded that more than 60% of small to midsized companies would go out of business or be forced to completely shut down following a data breach. One result of changing technology is that the traditional reaction to information compromise—containment—essentially is obsolete. Previously, when a privileged hardcopy document was inadvertently (or intentionally) disseminated to unauthorized recipients, the immediate reaction was to attempt to retrieve the copies and hopefully get them all back. This concept no longer works in our 21st-century interconnected world. As the 2007 ASIS report on the Trends in Proprietary Information Loss Survey puts it: [We need to recognize the] reality of “speed” at which valuable informationbased assets can be acquired and disseminated globally. Once the asset is gone or compromised, containment—in the conventional sense—is seldom a realistic option. The consequences in terms of lost economic/competitive advantage can be extremely quick and long-lasting. (ASIS International, 2007b, p. 41) In other words, once information is lost, it is lost permanently and globally—and that can

II. PRACTICAL AND OPERATIONAL APPLICATIONS

456

40. INFORMATION SECURITY AND COUNTERINTELLIGENCE

happen instantaneously. As security professionals, we need to recognize this fact. Other technological factors affecting the risk environment for information assets include: Miniaturization of Media—More and more data is being stored on smaller and smaller devices. Not only can huge amounts of data be stored, but today we can even build an entire computing environment on a flash drive. Social Networking Media—Sites such as Facebook, Twitter, WhatsApp, and LinkedIn are a part of our daily lives. Although they are extremely popular among almost all demographics, they also have security risk implications. For example, this type of media provides another outlet for instantly sharing information (including possibly sensitive/proprietary information or destructive false rumors/news) across wide audiences—and in some cases, anonymously. The threat of an unhappy employee posting damaging information in an angry rage (before thinking about the implications or having the opportunity to calm down and regain a rational state) is a growing concern for organizations of all types and as mentioned: once it’s gone— it’s gone. Volume and Dispersal of Data—The enormity of the current volume of data makes it far more difficult in many cases to identify a data breach in real time or to determine if sensitive information has been compromised. Data Mining and Information Brokers— Emerging threats to sensitive information worldwide. A cottage industry is growing up around the mass collection of data from a multitude of sources and selling it to whoever is willing to pay for it. Modern software tools are available to “mine” (search and collect) information continuously from databases, repositories, archives, Web sites, and other sources. Additional software tools can sort, collate, and analyze data to easily and quickly generate a useful—and very valuable—product on any subject requested. This is automated intelligence

gathering—and it is happening every day and everywhere. It represents a significant threat to information assets in both the public and private sector. Wireless and Remote Computing Environments—These expose new vulnerabilities as sensitive information can be exchanged through hot spots in public locations, hotel networks, or even home networks. As more employees work from home and abroad the need to use encrypted, corporate approved devices on a virtual private network (VPN) has become essential to protecting intellectual property. Security of Security Systems—is a growing concern as security systems for surveillance, access control, facility management, intrusion detection, and other functions increasingly ride on the Internet and can be managed remotely (including on mobile devices). The following quote on this topic is eye-opening to many protection professionals:

[S]ome underground actors are helping script kiddies in automating the process of hacking into and exposing the video streams of cameras or even exploiting these IoT [Internet of Things] devices for malicious activities such as distributed denial-of-service (DDoS) attacks, covert cryptocurrency mining, and even financial crimes... [M]uch of the activity doesn’t require special knowledge or advanced hacking skills. It’s small wonder, then, that tapping into exposed cameras is considered a low-hanging fruit for entry-level cybercriminals and script kiddies, or unskilled hackers who use existing scripts or code rather than developing their own… In one post on a forum … as many as 2,000 exposed IP cameras are said to be connected to cafes, hospitals, offices, warehouses, and other locations. (Trend Micro Forward-Looking Threat Research [FTR] Team, 2018)

II. PRACTICAL AND OPERATIONAL APPLICATIONS

A SUITE OF PROTECTIVE MEASURES

A SUITE OF PROTECTIVE MEASURES Effectively protecting information and intangible assets presents special challenges, but like any asset protection situation, warrants a well-thoughtout strategy that comprises a suite of countermeasures. The measures employed to protect information assets fall into three categories: security, legal, and management.

Security Measures The following list represents a sampling of security measures that are typically applied to the task of protecting information and intangible assets: • Assessment (possibly including penetration testing or “red teaming”) • Need-to-know controls (limited access, separation of duties) • Information storage and handling • Physical security (surveillance, access control, and intrusion detection) • Premise access controls procedures (card management visitor control and escorts) • Design and layout of facility security zones (controlled versus open/public areas) • Security officers/response forces • Information destruction processes and standards • Technical security measures • Technical Surveillance Countermeasures (TSCM) • Communications, emanations, and signals security measures • Information systems security (IT security) • Cybersecurity awareness training • Product security • Travel security programs • Training and awareness (for employees, users, contractors, vendors, partners, and trusted third parties) • Investigation capabilities

457

Many of these are standard security measures which are in place and protect all types of assets: people, property, and information. Other measures are more specific to information protection. Our challenge is to effectively leverage the standard security measures while identifying and implementing those specific measures that support the IAP strategy. While there are a variety of sources (including other chapters of this book) that give details on these countermeasures, a few of the items listed above warrant some brief discussion here. Training and awareness are essential tools. They must be delivered using a variety of media (classroom programs, computer-based training, posters, intranet resources; etc.) on a regular basis to keep the subject in the forefront of protection officers’ minds. As the IAP Guideline mentions: Security awareness and training are ... the most cost-effective measures that can be employed to protect corporate and organizational information assets. Where everyone entrusted with sensitive information takes prudent measures and personal responsibility for protecting those assets, a robust security environment should occur naturally. (ASIS International, IAP Guideline, 2007a, p. 14) Another strong recommendation for all organizations is that elements of IAP be incorporated into due diligence assessments (investigations) for mergers, acquisitions, joint ventures, partnerships, and other key business transactions. This will aid immeasurably in anticipating risks that will or may present themselves after the fact. Finally, product security technologies including embedded electronic article surveillance (e.g., Bluetooth, GPS, near and far field), various packaging innovations, RFID, and serialization techniques are commonplace. Some measures will be reactive rather than proactive. When an information loss is known

II. PRACTICAL AND OPERATIONAL APPLICATIONS

458

40. INFORMATION SECURITY AND COUNTERINTELLIGENCE

or suspected, investigate to support a damage assessment as well as any possible law enforcement, litigation, or asset recovery actions. The results of the investigation should also reveal the root cause of the compromise and be used to implement corrective actions and prevent future occurrences (ASIS International, 2008, p. 2-I-29).

Legal Measures Beyond their deterrent value, most legal measures are reactive in nature. Nonetheless, they are an important element of the IAP strategy. Patents, copyrights, and trademarks are common legal tools in protecting highly valuable information. Another tool is that of a “trade secret,” which is generally considered to be the most restrictive or protective measure. Trade secrets have the advantage of not requiring registration but are subject to strict interpretation in court with respect to the need to identify, determine value, and adequately protect the information. The high legal standard of “adequate protection” often supports the use of robust security measures within an organization—which is a welcome situation from a security perspective. For these legal means to be useful, however, the organization must be willing to enforce the tools in a court of law. This can be a very resourceintensive ordeal, particularly in terms of time, effort, and cost. These are decisions that must be made at the executive level and shared with key players in the organization such as the security and legal departments. Other legal measures include nondisclosure agreements (NDA), contract clauses, third party agreements, and possibly even performance incentives for vendors, partners, and joint venture participants. Information and intellectual property protection is a highly specialized discipline and organizations should obtain support from a qualified legal advisor/

firm rather than relying on a generalist or local general counsel. An important tool in protecting information assets is the 1996 Economic Espionage Act (EEA). This is a very relevant piece of legislation as it makes the theft of intellectual property a federal offense and allows the FBI to investigate such cases even if a foreign intelligence service is not involved. A Xerox white paper on the EEA reads: [Recognizing that] trade secrets are the lifeblood of most process-driven companies … it naturally follows … that organizations that fail to safeguard their intellectual assets lose ground. The Economic Espionage Act … [prohibits] misconduct regarding trade secrets … [including anyone who] steals or obtains [trade secret information] by fraud or deception. The law includes the following as prohibited activities with respect to trade secrets and related information: anyone who “copies, duplicates, sketches, draws, photographs, downloads, uploads, alters, destroys, photocopies, replicates, transmits, delivers, sends, mails, communicates, or conveys such information.” A violator can also be someone who “[knowingly] receives, buys, [or] possesses” information. (Drab, 2003, p. 4) This is a very forward-thinking law that can be, and has been, applied effectively to resolve trade secret and intellectual property cases in many industry sectors.

Management Measures An interesting study by the US Secret Service looked at threats to information assets by analyzing several specific cases. It focused on “insider” threats and reported some relevant results. In 80% of the cases studied, the

II. PRACTICAL AND OPERATIONAL APPLICATIONS

459

A SUITE OF PROTECTIVE MEASURES

FIG. 40.2

Legal Protections

Security Protections

Patents Trademarks/service marks Copyrights Trade secrets Nondisclosure agreements Noncompete agreements Nonsolicitation agreements Contract clauses Performance Penalties/bonuses

Physical security Security officers Personnel security Technical security IT security Information protection Investigations Training and awareness Product security

Examples of legal protections and security protections.

perpetrator had come to the attention of management due to inappropriate behavior before the incident (e.g., tardiness, truancy, arguments with coworkers, or poor job performance) (Keeney et al., 2005, p. 15). This highlights the importance of “management measures” as part of an overall IAP strategy. Other management measures that should be considered, and generally be coordinated with the security program, include effective employee screening (preemployment and periodic), drug screening, establishing relevant policies and procedures, and offering a reporting mechanism that allows employees and others to provide information (and make allegations). When using a reporting mechanism such as an employee hotline, be sure that the organization is responsive to calls and allegations. Otherwise, the hotline will soon lose its effectiveness, and important reports will be missed. The FBI offers some recommendations on their counterintelligence webpage, including several brochures and articles to help protect a business from espionage. As indicated, it is important—in any private or public-sector setting to find the proper balance between legal protection and security

protection. Fig. 40.2 shows some considerations for each. To achieve protection objectives and ensure they are consistent with the business or organization’s strategic goals, these two “communities” of protection measures should work together to develop an integrated risk mitigation approach. Working in a vacuum can result in duplication of effort and significant waste as well as poor results due to internal conflicts. Finally, according to well-respected consultant and author Ira Winkler, the best approach to addressing risks to information assets is to apply defense in depth (layered security) by incorporating both IT and traditional protection measures (a prelude to the growing study of convergence between the two disciplines). Even if one or a few layers fail, other layers will back up the ones that were unsuccessful. As Winkler puts it, when we apply defense in depth, “security [isn’t] perfect, but it [is] prepared” (Winkler, 2005, p. 305). Examples of some of those “layers” might be strong password protection, encryption, biometric authentication, physical security measures, personnel screening, facility access attended by security officers, employee training, and password-protected screensavers.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

460

40. INFORMATION SECURITY AND COUNTERINTELLIGENCE

THE ROLE OF THE PROFESSIONAL PROTECTION OFFICER The most effective protection officers are those who know their client (the organization they serve) and tailor the way they provide security services to the client’s DNA, mission, and culture. In many organizations, information assets are crucial to the survival and success of the enterprise. Officers should recognize this aspect of the organization and factor it into the performance of their protection duties. It should be noted that many contemporary companies are centered on information as their core business function, hence our “information-based society.” It is our responsibility to remember that a key objective of IAP is to enable core business functions, rather than present obstacles. As a past chairman of the ASIS Information Asset Protection (IAP) Council puts it, “The ultimate objective is to enable business. Security’s role is to help organizations assess and address the risk to enable ‘smart’ business transactions.” In general, professional protection officers place most of their emphasis on protecting people and property, but it is important to support the third asset category as well: information. Elements of information asset and intellectual property protection should be included in officer and supervisor training, as well as quality assurance standards for security programs. Security service providers should consider adding IAP services to their suite of protective service offerings. This might include conducting information protection assessments, specialized protection services, courier services, or other tools focused on this category of asset.

EMERGING TRENDS Three issues that are relevant to the protection of information and intangible assets are the increasingly interconnected global business

environment, the rapid advances in information technology, and the fact that we now must consider—in a different way—the security of security systems. These issues are discussed in this chapter but need to be constantly reviewed due to the unprecedented pace of change in today’s security environment. The advances in information technology have several implications. One is the new family of risks that are introduced by drastically increased use of information technology in business, organization, government, and home settings. As such use and popularity increases, systems and the data residing on them become more attractive targets for a variety of adversaries. These new technology tools can also be exploited by adversaries to support their illicit activities. The best examples now are the new cottage industry of information brokers and the use of sophisticated data-mining tools and techniques to target sensitive information. This trend has expanded now that cloud computing, software as a service (SaaS), and wireless technologies are ubiquitous in our work and are being “abused” by bad actors for nefarious activities.

SUMMARY Studies have concluded that as much as 75% or more of a company’s value may lie in intellectual property, or information, and intangible assets (Moberly, 2008). Since these assets are the most difficult to identify, measure, and control, they deserve a great deal of attention from a risk management perspective. Following a thorough risk assessment, an orchestrated suite of security, legal, and management solutions should be applied to the identified organizational risks. The mission and culture of the organization (client) should be factored into the services provided and the way they are delivered and managed. Protection officers play a key role in the protection of information and intangible assets. In fact,

II. PRACTICAL AND OPERATIONAL APPLICATIONS

REFERENCES

they can even influence the reputation of an organization by presenting a highly competent and professional image and by acknowledging the nature of the assets (including information assets) they are responsible for protecting. Through conscientious IAP practices, organizations will be better prepared to deal with today’s broad array of threats ranging from competitive intelligence and industrial espionage, to cyberattacks, to counterfeiting and product piracy (ASIS International and IAP Council, 2009).

References ASIS International. (2007a). Information asset protection (IAP) guideline. Retrieved from https://www. asisonline.org/publications/sg-asis-information-assetprotection-guideline/. ASIS International. (2007b, June). Trends in proprietary information loss-survey report. [PDF file]. https://foundation. asisonline.org/FoundationResearch/Publications/ Documents/trendsinproprietaryinformation-loss.pdf. ASIS International. (2008). Physical security professional (PSP) reference: Excerpts from the protection of assets (POA). Alexandria, VA. ASIS International. (2011). Information of asset protection. In: Protection of assets (POA), Alexandria, VA. ASIS International/Information Asset Protection (IAP) Council. (2009). Fact sheet—“what is” series: “What is information asset protection?” “what is information risk management?” “what is market entry planning?”. Carnegie Mellon University. (2011). 2011 CyberSecurity watch survey: How bad is the insider threat? Pittsburgh, PA: CERT Program, Software Engineering Institute. Cisco Systems, Inc. (2008). Cisco 2008 annual security report. [PDF file]. https://www.fbiic.gov/public/2008/ dec/Cisco2008Annual_Security_Report.pdf. Cisco Systems, Inc. (2018). Cisco cybersecurity report. Retrieved from https://www.cisco.com/c/m/en_au/ products/security/offers/annual-cybersecurity-report2018.html.

461

Committee on National Security Systems. (2015, April 6). Committee on National Security Systems (CNSS) glossary (CNSSI No. 4009). [PDF file]. https://rmf.org/wp-content/ uploads/2017/10/CNSSI-4009.pdf. Drab, D. (2003). Protection under the law: Understanding the economic espionage act of 1996. A White Paper by Xerox Global Services. Federal Bureau of Investigations (FBI). (2016, May 3). Counterintelligence. Retrieved June 23, 2018, from https:// www.fbi.gov/investigate/counterintelligence. Keeney, M., Kowalski, E., Cappelli, D., Moore, A., Shimeall, T., & Rogers, S. (2005). Insider threat study: Computer system sabotage in critical infrastructure sectors. Washington, DC: National Threat Assessment Center. [PDF file]. https://resources.sei.cmu.edu/asset_files/SpecialReport/ 2005_003_001_51946.pdf. Kitteringham, G. (2008). Lost laptops = lost data: Measuring costs, managing threats. (CRISP Report). Alexandria, VA: ASIS International/ASIS Foundation. Kont, M., Pihelgas, M., Wojtkowiak, J., Trinberg, L., & Osula, A. M. (2015). Insider threat detection study. Tallinn, Estonia: NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). Moberly, M. D. (2008, July 23). Business continuity and contingency planning: Intangible assets and IP [Web log post]. Retrieved from https://kpstrat.com/2008/07/23/ business-continuity-and-contingency-planning-intangibleassets-and-ip/. Ponemon Institute LLC. (2012, March). 2011 Cost of data breach study: United States. [PDF file]. https://www.ponemon. org/local/upload/file/2011_US_CODB_FINAL_5.pdf. Ponemon Institute. (2018, April 23). Ponemon report: 2018 Cost of insider threats—Global organizations. Retrieved from https://www.observeit.com/ponemon-report-cost-ofinsider-threats/ Trend Micro Forward-Looking Threat Research (FTR) Team. (2018, May 8). Exposed video streams: How hackers abuse surveillance cameras. Retrieved from https://www. trendmicro.com/vinfo/us/security/news/internet-ofthings/exposed-video-streams-how-hackers-abusesurveillance-cameras. Webster University, National Capital Region. (2008). Business Intelligence. In Course materials. Winkler, I. (2005). Spies among us. Indianapolis, IN: Wiley Publishing.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

41 Cybersecurity for Professional Security Officers Thomas Norman O U T L I N E Introduction

463

Conclusion

467

Cyberterrorism

464

References

468

Emerging Trends in Cybersecurity

466

INTRODUCTION It is 4:16 a.m. in Los Angeles, CA on the morning of June 18, 2013. A late-night police reporter is sitting in a gas station looking over the useless information that he has been able to produce for the night. No joy. There is nothing here that any news agency will ever buy. This has been a very quiet night. While he is looking at his computer, his dashcam picks up a Mercedes C250 flashing by at a very high rate of speed, running the red light directly in front of the reporter. He doesn’t notice. He is engrossed in his computer. Suddenly, his police scanner crackles. The police dispatcher is alerting patrol units to a call about a car traveling at a very high rate of speed in this very neighborhood, at this very intersection. Patrol cars begin to respond to the call. The

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00041-9

reporter quickly turns on his car and follows the direction of the speeding car. After 3 min, the dispatcher reports an explosion in the neighborhood. It is directly ahead of the reporter. He arrives on the scene 1 min later. The car is engulfed in a massive fireball. The car hit a tree on one of the safest streets in Los Angeles. This is not “Dead Man’s Curve.” This road is straight as an arrow, divided by a median with tall palm trees. This car swerved at a reported speed of 80–120 miles per hour directly into a tree. Bystanders report the collision and two other explosions. Later, the police find the engine and transmission to the car 150 ft farther down and across the road. This is one of the most violent car crashes in the history of the city. And—the driver, an award-winning journalist, is dead. Dead in a “connected car”; a car with drowsiness assistance monitoring;

463

# 2020 Elsevier Inc. All rights reserved.

464

41. CYBERSECURITY FOR PROFESSIONAL SECURITY OFFICERS

brake assistance; and an electronic stability program (ESP); a car that has live Internet capabilities. Could it have been hacked? If so, who could have done that? So, can a connected car assassinate its driver? Can a car with on-board connected computers that can brake by itself, alert the driver of drowsiness, stabilize a skid, and has Smartphone and Internet capabilities be controlled to kill its driver? That is the question about Michael Hastings death. Michael Hastings was the same journalist that wrote the Rolling Stone article that caused General Stanley McChrystal, former head of US Central Command (CENTCOM), in charge of all US and allied troops in Afghanistan, to resign his post. It turns out that Hastings was secretly working on another blockbuster article, this time about CIA Director John O. Brennan, to be uploaded to WikiLeaks in just hours from when the accident occurred. Who killed Michael Hastings? In an interview after the accident, Former US National Coordinator for Security, Infrastructure Protection, and Counter-terrorism Richard A Clarke told The Huffington Post that what is known about the single-vehicle crash is “consistent with a car cyberattack.” Clarke said, “There is reason to believe that intelligence agencies for major powers”—including the United States—know how to remotely seize control of a car. “So, if there were a cyberattack on the car—and I’m not saying there was,” Clarke added, “I think whoever did it would probably get away with it” (Wikipedia: Michael Hastings, 2019). Subsequently, WikiLeaks released a trove of documents titled “Vault 7.” Vault 7 indicated the CIA has the ability to hack into and control “smart” devices, including—wait for it— connected cars (Wikipedia: Vault 7, 2019). So, while some might call that national defense, those affected might call it cyberterrorism. Was this a cyber assassination of a journalist who was just about to release an expose on the sitting CIA director? It gives one pause. This

could have been just one more example of cyberterrorism. If it was a case of cyberterrorism, how could the attacker have gotten control of the car? There are several ways that this could occur. (1) A malicious program allowing the attacker to remotely control the car could be implanted through the OBDII port under the dash of the car. This port can be accessed either when the car is in the shop for routine maintenance, or by using a special tool that remotely unlocks virtually any car with a remote key fob; the attacker could gain entry to the car while it is parked in a shopping center, at a grocery store, or in its own driveway late at night. (2) Through the car stereo: A CD can be programmed to not only play the music listed on its label but also to download a command/control program, allowing the attacker full remote control of the car. (3) Through the “connected car” function, which allows the user to call for help in an emergency, use real-time GPS maps, update with up-to-the- minute traffic conditions, and which can also allow the manufacturer to remotely install software updates to the car. There are other methods too that require physical access to the car, but these are all tools used by the US and other intelligence agencies.

CYBERTERRORISM While Michael Hasting’s circumstances of death were certainly dramatic and spectacular, if it was a cyberattack, it is not the only example of cyberterrorism. Cyberterrorism is real. Cyberterrorism has been directed with devastating effect against Ukraine, decimating its economic sector and national infrastructure. And there is a good reason to believe that a number of countries are even today being subjected to low-level cyberterrorism. This includes the unexplained destruction of commercial, governmental, and military computerized systems with breadcrumbs that point back to specific

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CYBERTERRORISM

other governments, hacktivists, and criminal organizations. So, one might wonder—why would professional security officers like me need to know anything about cyberterrorism? How could it possibly matter to my job? How could it make a difference to my performance? And how could it help me protect my client in any meaningful way? We will answer all of those compelling questions in this chapter. But first, let’s take a look at what cyberterrorism is and why it matters to the professional security officer. Terrorism is the use of violence against people, property, and information to alter an organization’s or government’s actions in furtherance of the goals of the terrorist or terroristic organization. Cyberterrorism is the application of terroristic methods to damage and destroy information technology equipment, and the information it processes for the furtherance of the terrorist organization’s purposes, and in so doing, to damage the target organization’s ability to serve its mission. In practical terms, cyberterrorism is the use of hacking and malware against an organization that can result in the destruction of the organization’s information technology (IT) equipment and data, resulting in loss of or damage to its data, and loss of its business reputation, and loss of jobs at the organization. Imagine being the guy responsible for letting that kind of nightmare into the company’s IT system. Cyberterrorism is a real thing and is a major disrupter of business organizations, that is, especially focused on targeting employees who spend a lot of time on a workstation. Employees who are most targeted include business managers, and employees who have hours of access to a company’s computer, and little work to do on it. In other words, quite inadvertently, a professional security officer is a key target of cyberterrorists. So how is that possible? Let me explain.

465

First, a little background information is needed. IT systems are most commonly corrupted in one of two ways: (1) malware (malicious software), or (2) by an intrusion (a threat actor intentionally making entry into the system). One of the most common ways that both of these actions occur is through an innocent user “accidentally inviting” the offending software of the intruder into the system. This occurs in a seemingly quite innocent manner. In both cases, a simple URL click (clicking on a link in an email or clicking on a link in a webpage) can initiate the action. Most responsible organizations today take prudent precautions to prevent this from happening. But new attack vectors are always being introduced literally daily by clever threat actors, and some of these, called “zero-day attacks,” always get by even the best organizations’ defenses. A “zero-day” attack is an attack method that has never been used before, and so many common protective measures have no defenses for this type of attack. Thus, the attack gets through until it is discovered by the protection company, and they modify their hardware or software to prevent the new attack method. This can take hours. In that time, many organizations and individuals can be compromised. In most cases, one of two things happens: (1) If it was a malware infection, the software “phones home” to a command/control server to get instructions. Typically, the instructions are to download ransomware onto the system (more on that in a moment). Or (2) If it was an intrusion attempt, the URL link will download a little bit of code that allows the intruder to gain access to the system, using the users’ own access permissions. It also alerts the intruder that he/ she now has permission to enter the system. From there, the intruder enters silently and begins moving deeper into the system until they obtain “administrator” access, at which time the real damage begins. This can take literally only minutes to achieve on some systems. From there, the intruder most likely will sit quietly

II. PRACTICAL AND OPERATIONAL APPLICATIONS

466

41. CYBERSECURITY FOR PROFESSIONAL SECURITY OFFICERS

and wait, watching network traffic, looking into emails, documents and letters, gathering the information that is most useful to the attacker. And then they will strike, to take the system down, or in some cases, they will simply quietly exit the system with the information they have gathered, with no one the wiser. In this manner, trade secrets are stolen, strategic plans are compromised, important sales proposals are handed over to the competition for a price, military weapon system designs are stolen by foreign powers, money is transferred out of the company bank account using faked authorized credentials, manufacturing processes are damaged—rendering the product output useless, reputations are destroyed, massive amounts of money are lost, and jobs are lost. Lots and lots of jobs are lost. Like I said—nobody wants to be the person who let that chaos and destruction into the company’s IT system. Earlier, I mentioned ransomware. One of the most common attacks is a ransomware attack. Ransomware is software that does two things to the organization’s entire computer network. (1) It encrypts all of the organization’s data. All of its files, all of its manufacturing processes, all of its payroll, accounts payable and accounts receivable records, everything. Just everything. Encryption scrambles the data so that it resembles an egg that has been scrambled. It bears no resemblance any longer to the egg. The data bears no resemblance any longer to the organization’s original data. It is complete gibberish. The data becomes completely useless files. The attacker uses a key to do this. And the key can unscramble the data, returning it to its original state. (2) The attacker says that they will give the organization the key for a large amount of money (the ransom). Some organizations pay the ransom. Some of them get the key, and some of the keys actually work to restore the data. But just as often, after paying the

large ransom, there is no key, or the key does not work. There is just an attacker sitting somewhere with a fat bundle of the organization’s money, laughing hysterically at the organization’s misfortune; and the misfortune of its customers, its suppliers, and its employees, who have all lost everything.

EMERGING TRENDS IN CYBERSECURITY And—the ransomware fraudsters have upped their play to an entirely new game. They are now into crypto-mining. “Wait—What?” What is crypto-mining? Well, first some background. It relates to cryptocurrencies, such as Bitcoin. Cryptocurrencies are all based on a function called blockchain, which is a fancy way of saying that it is a process that assures the integrity of a transaction by the use of many steps, each of which is dispersed across the Internet, and not coincidentally, very opaquely. It is the very opaque nature of the transaction that has attracted the attention of bad actors, who are using Bitcoin and other cryptocurrencies as payment for ransomware attacks. Cryptocurrencies require an endless supply of prime numbers to operate on. Prime numbers are any number that is only divisible by either 1 or itself (as a whole number, not a fraction). For example, 1, 3, 5, etc. are all prime numbers. Well, prime numbers can get very, very large. And there are computer programs that search for ever-larger prime numbers. The process of looking for prime numbers for cryptocurrencies is called crypto-mining. And it uses vast amounts of processing power and electricity. So, why pay for your own computers to do this (and the power bill that goes with it), when you can seize somebody else’s computer to do the work for you? That is the idea behind crypto-mining ransomware. Well, technically

II. PRACTICAL AND OPERATIONAL APPLICATIONS

CONCLUSION

it’s not ransomware as the bad guys are not asking for a ransom. In fact, they are not asking for anything. They are just seizing your network’s computing power for their own purposes: for crypto-mining. So, without anybody’s permission, if they can get into the system, they can cause it to start crypto-mining and spitting out prime number after prime number. All the while—without anybody’s permission—they are using vast amounts of network computing resources that cannot be used for the organization’s own networking duties. Hmmm! So crypto-mining is the next evolution of ransomware. That’s another in a long list of not good things that threat actors can do with your organization’s information technology (IT) network. If—they can get into the network.

CONCLUSION So, how does all this relate to a professional security officer again? All the bad outcomes begin with a mouse click. Typically, it’s a mouse click that is made on a sketchy email, such as “Free iPhone to the first 50 people to click on this link!” etc., or a mouse click on a webpage. And there are certain types of webpages that are “clickbait” magnets. These are typically websites that are attractive to people who have a lot of time, and not very much to do. People, for example, who have to make a patrol every hour and then have 20 min to kill in front of a company computer or smartphone until the next patrol. You know— people like professional security officers. Am I saying that many websites are made specifically to attract security officers to make bad clicks that download ransomware and cryptomining software onto the organization’s network? Yes, that is exactly what I am saying. Imagine a programmer thinking of how he can beat his competition (yes, they compete for this) to make a URL button that attracts the most clickthroughs on a Friday night and early Saturday

467

morning. It’s exactly like that. They know that professional security officers have long boring work hours and are often sitting in front of a computer with an open Internet connection. And so, they compete to write clickbait URLs just to see who can attract the most clicks between midnight and 5 am (as an example) on certain classes of websites. These include: – – – – –

Facebook Google Amazon Porn websites Any forums that people might read for a while for entertainment – Even news organizations All of these might contain “clickbait” links that can download malware, ransomware and crypto-mining payloads onto the organization’s network. So, what’s the message from all this? Don’t be that person! Cautious people learn how to recognize a bad URL in an email. And they learn how to recognize a bad URL on a website. The first is easier. Look for something like: – A misspelled email address: For example, “From: [email protected]” – A bad URL in a website may look like: www. whitehouse.com (it should be www. whitehouse.gov) – Another example is a sketchy email that you didn’t expect; from someone you don’t know; asking you to open the important attachment: “Your UPS delivery is coming tomorrow morning. Click on the attachment to see the details.” That attachment is what my grandfather used to call “pie.” – Another example is www.amazoniphones. com (which may take you to a site that is not Amazon). – An even worse problem is that you may find a button to click that seems too good to be true.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

468

41. CYBERSECURITY FOR PROFESSIONAL SECURITY OFFICERS

organization’s) computer that can take down the entire organization. – All pies are traps! Look out for the pie!

For example:

– That’s another example of what my grandfather used to call “pie.” (Something that is too good to be true, and so it isn’t true.) The way my grandfather told it to me: • “Kid, if you’re walking through the woods, and you come upon a pie on the ground, and there’s a big net hanging overhead— that pie is a trap! • And Kid, if you’re walking down the sidewalk and there’s a pie in someone’s front yard that has a very big box over it that is held up by a stick with a string attached—that pie is a trap! • And—Kid, just remember—All pies are traps! – That button “Click Here Now” is pie. That pie will lead you into a website that will NOT give you a free phone, and it WILL download malicious software onto your (and your

So, the difference between a “professional protection officer,” and the “guard” who is right now trying to contact his dispatcher by talking into his candy bar, is the seriousness with which he or she approaches the job. Professional protection officers know the law as it applies to them, they know the rules of the organization, and they, more than anyone, follow those rules. In consideration of the fact that one click on the “pie” button can quite literally take down the entire organization, they don’t do that. Professional protection officers do not surf illegitimate websites on company time. They don’t click on clickbait emails or attachments. And, most especially, professional protection officers do not fall for the old “pie under the net in the woods” trick. Thanks for being the professional and not the one who can’t resist the pie.

References Michael Hastings (journalist). (2019, March 6). Retrieved from https://en.wikipedia.org/wiki/Michael_Hastings_ (journalist). Vault 7. (2019, June 9). Retrieved from https://en.wikipedia. org/wiki/Vault_7.

II. PRACTICAL AND OPERATIONAL APPLICATIONS

C H A P T E R

42 Ethics and Professionalism Jeremy D. Bates, Christopher A. Hertig O U T L I N E Introduction The Impact of Unethical and Unprofessional Behavior Those Who Make the Wrong Choices Do Not Last High-Profile Profession

471

Key Terms and Concepts Protection Officer Code of Ethics

473 473

Standards of Conduct Unethical Behavior in the Protection Profession Values and Ethics

472 472 472

479

References

480

for police ethics to be some of the highest among any profession. —Timothy Roufa, Ethics in Law Enforcement and Policing

 List and define key terms and concepts  Provide a guide to ethical decision-making

 Discuss reasons why unethical behavior occurs

It’s often said that no other profession demands a higher ethical standard than that of law enforcement. Police work is a career that requires utmost dedication to doing the right thing. It undeniably and understandably places a tremendous degree of expectation upon officers, leading the standards

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00042-0

478 478

Conclusion

CHAPTER OBJECTIVES

 Review ethical issues in protection professionalism

475

INTRODUCTION Ethical and professional conduct by protection officers is necessary for all concerned—the officer, the organization they represent, and the public that they protect. Officers who wish to have long and fulfilling careers need to develop an ethical approach; they must be ethical and perform in a professional manner at all times. As protection officers increase in number and take on a greater array of functions placing them

471

# 2020 Elsevier Inc. All rights reserved.

472

42. ETHICS AND PROFESSIONALISM

in contact with the public, it becomes readily apparent that there is an acute need for higher standards of professionalism. Consider the following trends: • A steady increase in the number of security personnel, particularly in the contract service sector. • Increased contact with the public. Due to an increasingly violent society, protection officers are more commonly found in shopping centers, churches, schools, office buildings, and public venues and events. • Gradual, yet often unrecognized, assumption of duties formerly performed by public entities, such as maintaining order at special events, transporting prisoners, and responding to alarms (due to privatization). Obviously, the role played by security officers is changing and will continue to morph with societal issues and trends. Unfortunately, protection officers occasionally participate in unethical or unprofessional practices, disseminate confidential information, lie to clients, discriminate, use profanity in public, have poor relations with law enforcement, EMS and other first response organizations, and dress unprofessionally. This type of behavior inevitably leads to a negative public image and can also reflect poorly on the client and host organization. Additionally, within organizations impacted by serious ethical scandals, there are legal costs, increased personnel turnover, and lowered efficiency by a demoralized workforce.

The Impact of Unethical and Unprofessional Behavior From a personal perspective, officers should realize unethical and unprofessional officers do not have rewarding careers. They are marginalized by colleagues and superiors, passed over for promotion, and terminated from employment in the more serious cases. The most extreme

cases of unethical and unprofessional behavior result in revocation of licenses and civil or criminal liability.

Those Who Make the Wrong Choices Do Not Last Protection officers must have the decisionmaking skills and professional knowledge to make the right choices in stressful or uncertain situations. For too long, words such as “professional” have been used indiscriminately, without a complete examination of their meaning. Understanding what these lofty terms represent and demonstrating how they are manifested on the job is a necessary step toward adopting and implementing ethical and professional behavior.

High-Profile Profession Security officers are high-profile individuals who require a special skill set and training to execute their duties. Consider the following points: 1. Command Presence: The public sees the protection officer as an authority figure—they have a question or problem and the officer is the solution. The question could be mundane, such as “where is the restroom” or a question that is a matter of life and death. A protection officer must learn to respond to both in a timely and professional manner. 2. Communicating with Angry People: If an individual is upset or angry, the protection officer’s objective is to listen and to calm the person down. This requires patience, good “read” skills, a proper tone of voice and verbal cues. 3. Communication: Listening is perhaps the most underrated communication tool, yet a skill required of all protection officers.

III. ADVANCING YOUR SECURITY CAREER

KEY TERMS AND CONCEPTS

4.

5.

6.

7.

Also, the ability to read body language is critical, as it is also a form of nonverbal communication. Dealing with Mentally Challenged Persons: An occasion may arise where a protection officer must deal with a mentally challenged person; in this case, he or she must be protective, take control of the situation, and keep an understanding demeanor as they call for additional help. Defusing Conflict and Crisis: The protection officer must immediately engage and ask questions to clarify the situation, resolving a potentially violent or dangerous situation before escalation. They may need to put themselves in danger to execute this duty. Tactical Communications: Protection officers must make radio calls, cell phone calls, and send text messages. These must always be professional in nature, as they are official records, and direct when transmitting on the radio or cell phone. Public Relations: A protection officer is always dealing with the public, whether manning the front entrance of a building, walking on the premises, patrolling the parking lot, or answering phone calls for assistance. Professionalism in these situations is paramount.

KEY TERMS AND CONCEPTS Ethics: The study of the branch of philosophy involving systematizing, defending, and recommending concepts of right and wrong conduct within a profession. Ethics deal with the examination of moral philosophy, combined with the duties and obligations within a certain profession. Ethical behavior leads to ethical decision-making. The International Foundation for Protection Officers Code of Ethics provides the basis for ethical decision-making and actions (IFPO, 2010; pp. xxv–xxvi).

473

Protection Officer Code of Ethics The Protection Officer shall: 1. Respond to an employer’s professional needs 2. Exhibit exemplary conduct 3. Protect confidential information 4. Maintain a safe and secure workplace 5. Dress to create professionalism 6. Enforce all lawful rules and regulations 7. Encourage liaison with public officers 8. Develop good rapport within the profession 9. Strive to attain professional competence 10. Encourage high standards of officer ethics In today’s unpredictable and violent environment, the public demands a great deal from the uniformed security officer. In the past, there has been far too little attention paid to the ethical aspects of the profession, one in which trust is paramount. There must be professional guidelines that each officer comprehends and demonstrates. More importantly, it is essential each manager and supervisor perform his or her duties in a manner reflecting honesty, integrity, and professionalism. Protection officers are under intense scrutiny and with the advent of smart phones and other recording devices, can expect their actions and words are being taped and possibly shared with the public at large. As such, every training program should address the need for professional conduct on and off duty. Line officers must exhibit a willingness to gain professional competency and adhere to a strict code of ethics that must include the following: Loyalty: The officer must be loyal to the employer, the client, and the public. The officer must have a complete and thorough understanding of all regulations and procedures necessary to protect people and assets on or in relation to the facility that they are assigned to protect.

III. ADVANCING YOUR SECURITY CAREER

474

42. ETHICS AND PROFESSIONALISM

Exemplary Conduct: The officer is under constant scrutiny. Hence, it is essential that he or she exhibits exemplary conduct at all times. Maturity and professionalism are the key words to guide all officers. Confidentiality: Each officer is charged with the responsibility of working in the interests of his or her employer. The officer will likely encounter confidential information which must be carefully guarded and never compromised. However, if this information is potentially illegal in nature, he or she should report it to the immediate supervisor. Safety and Security: The foremost responsibility of all officers is to ensure the facility is protected and secure for all persons with lawful access. The officer must fully understand all necessary procedures to identify, mitigate, or eliminate security and safety risks. This assessment is an ongoing, not static, process, as the security environment changes daily. Deportment: Each officer must dress in an immaculate manner. Crisp, sharp, clean, and polished are the expectations and will convey professionalism and competency to the public. We cover this more in depth later in the chapter. Law Enforcement Liaison: It is the responsibility of each officer to make every effort to encourage and enhance positive relations with members of public law enforcement. Seek assistance when a genuine need exists and offer assistance whenever possible. Invest time in building and maintaining these relationships during periods of regular activity, as you will engage with local, state, and perhaps federal law enforcement during emergencies. Strive to Learn: To become professionally competent, each officer must constantly strive to be knowledgeable about his or her chosen career. Methods for protecting people, assets, and information must always be a learning priority for every officer. As the security

environment is ever changing, it is important for the protection officer to undertake selfstudy in addition to staying current on all certifications. Develop Rapport: It is necessary to be constantly aware of the image that our profession projects. Officers can enhance the image of the industry, their employer, and themselves by reaching out and building relationships with peers and security leaders throughout the industry. Mentoring and having a mentor builds this rapport and adds to the professionalism of our industry. Honesty: By virtue of the duties and responsibilities of all officers, honest behavior and acting with utmost integrity are absolutely essential at all times. Each officer occupies a position of trust that must not be violated. Dishonesty can never be tolerated by the security profession, as it leads to a devastating loss of trust and confidence in the officer and the industry. Prejudice: The job of protecting means that the officer may need to impose restrictions on people that frequent the security workplace based on their lack of credentials or need to access the site. All persons must be treated equally, with dignity and respect, regardless of color, race, ethnicity, gender, religion, or political beliefs. Self-Discipline: With the position of trust comes the responsibility to diligently protect life and property. These duties can only be discharged effectively when the officer understands the gravity of his or her position and exhibits willpower and restraint when placed in compromising situations. In short, self-discipline means trying harder and caring more. The job of protecting life and property hinges on the professionalism and capabilities of individual security officers. By strictly adhering to each section in this code of ethics, security professionals, and the security industry as a whole

III. ADVANCING YOUR SECURITY CAREER

KEY TERMS AND CONCEPTS

will enjoy an elevated reputation and earn the trust of a skeptical and questioning public. You, the individual officer, must be making an effort to actively participate in this process.

Standards of Conduct The following standards of conduct were compiled to present a working guideline. Normally, any team member who fails to maintain proper standards of conduct, violates any provision of the Team Member Handbook, interferes with the orderly and efficient operation of the complex, or harms our reputation, may be subject to disciplinary action, up to and including warning, suspension, or termination. 1. Theft, attempted theft, removal, or unauthorized possession of any property without proper approval from the worksite, another team member, or guest. 2. Offensive or disruptive behavior, including fighting with or threatening team members or guests, interfering with others in the performance of their duties, or acting in an immoral or indecent manner on company property. 3. Harassing, threatening, intimidating, bullying, sexual harassment, coercing, or unlawfully discriminating against others. 4. Violation of the Harassment-Free Workplace Policy and/or failure to report any such incident. 5. Using abusive language or profanity. 6. Discourtesy or inappropriate conduct with visitors or team members. 7. Possessing, consuming, distributing, or being under the influence of alcohol or any controlled substance on the premises. 8. Unauthorized possession of weapons, firearms, explosives, or other dangerous devices on the premises. 9. Willful or negligent failure to abide by safety rules, and practices or conduct, creating thereby a safety hazard.

475

10. Horseplay or other actions endangering others, damaging property, or disrupting work. 11. Intentional or negligent conduct resulting in destruction of, or damage to, the property or supplies, or the property of another team member, customer, visitor, or guest. 12. Causing general dissension and unrest among team members, including malicious gossip or false accusation. 13. Defamation of character of another team member or guest, including a false, malicious statement. 14. Disloyalty to a company, including, but not limited to, slandering the complex, or acting in such a manner that could damage the reputation of the company or result in a loss of trust. 15. Sleeping or malingering on the job, or leaving the assigned work area without authorization. 16. Solicitation of gratuities. 17. Dishonesty regarding any aspect of employment. 18. Misappropriation of funds. Failure to handle funds in accordance with guidelines. 19. Criminal acts. 20. Breach of security. 21. Vandalism. 22. Unauthorized distribution of goods or solicitation during working time. 23. Falsifying, altering, or making material omissions in any company document or records, including but not limited to the employment application, time cards, guest checks, and tip reports. 24. Unauthorized discussion or removal of company confidential information (including payroll information or information contained in personnel records). 25. Unauthorized disclosure, discussion, or removal of company trade secrets or other confidential or proprietary information.

III. ADVANCING YOUR SECURITY CAREER

476

42. ETHICS AND PROFESSIONALISM

26. Insubordination (refusal to carry out reasonable instructions). 27. Failure to follow instructions. 28. Refusal to work a reasonable amount of overtime when required. 29. Unexcused absence on scheduled workdays, without an approved reason and/or without proper notification. 30. Excessive absenteeism. 31. Excessive tardiness. 32. Excessive break time. 33. Loss of a controlled key or building keys. 34. Unauthorized duplication of complex keys. 35. Poor job performance, including unsatisfactory attitude that detracts from job performance or the efficient operation of the company. 36. Willful or negligent neglect of duty, causing waste or defective work. 37. Gambling on the premises. 38. Soliciting or collecting funds on property without written permission of supervisor. 39. Smoking or chewing gum in restricted areas. 40. Being in an unauthorized or non-designated work or guest area during scheduled work period or on your days off, without your supervisor’s specific authorization. 41. Receiving friends or family at work or conducing personal business during work hours. 42. Failure to abide by meal/break periods. 43. Taking meal/break periods in an unauthorized area. 44. Failure to report on-the-job accident or injury to a supervisor or team member. 45. Falsely stating or making claims of injury. 46. Failure to meet performance standards. 47. Failure to follow grooming and appearance standards. 48. Violation of rules or procedures, including those set forth in the Team Member Handbook and elsewhere. 49. Patronizing a company restaurant, bar, lounge, or any other guest facility without permission.

50. Release of operational information of any type or scope to the media or other individuals without direct authorization. 51. Violation of departmental policies and procedures. 52. Use of excessive personal phone calls, use of personal computers or in-house computers for personal use. Duty: A task or action one is required to perform as part of a job or a professional obligation. Protection officers have a duty to protect the lives and property of employees, conduct professional investigations, maintain order, and assist visitors, employees, and customers. Duties may be established by statute, custom, policy and procedures, or your contract. A Professional: one who practices a profession; one who has special knowledge and skill that results from advanced training and education. Often, an apprenticeship is required, as well as some type of professional certification (Certified Protection Officer, Certified in Security Supervision and Management, Certified Protection Professional, etc.). Professions often have codes of ethics and affiliations with professional organizations or associations. A professional is loyal to his or her chosen profession. Professionals think in terms of their duties and obligations, not their authority. A true professional has the following skills and traits: • Training for required tasks and duties. • Experience within the profession, whether an apprenticeship, internship or on-the-job proficiency. • Professional education. • Collegiality with coworkers. This includes being mutually respectful, aiding and assisting, and never demeaning colleagues. • A commitment to the profession, marked by continuously striving for excellence. The acronym PROFESSIONAL is another way to illustrate these skills and attributes (IFPO, 2010; p. 571):

III. ADVANCING YOUR SECURITY CAREER

KEY TERMS AND CONCEPTS

P—precise, exact, detailed. R—responsive to clients and the public. O—objective in thought, free of prejudice, and preconceived notions. F—factual in all reporting processes, honest. E—ethical. S—sincere about doing the best job possible. S—striving for perfection by constantly trying to improve one’s job performance. I—informed about events and trends within one’s profession. O—observant of people and the work environment. N—neat and orderly in dress and work. A—accommodating and helpful to others. L—loyal to one’s employer, clients, and profession. We started this section with the word “professional” for a reason. Right or wrong, many times others make initial decisions about our capabilities by the way we “look” or, in other words, the way we dress and carry ourselves. Look at “N” in the above acronym: N—neat and orderly in dress and work. Why is this important? The answer is simple: you are a “security professional.” The author of the acronym above goes on to say, “Deportment: How one carries oneself, bearing, outward manifestation of attitude, and image.” The acronym DEPORTMENT provides additional insight into the meaning and practical application of the term: D—dress as a representative of your employer and/or client. E—efficient in performing both routine and emergency job duties. P—precision, i.e., ironed shirts, neatly combed hair; all buttons, zippers, and pins properly secured. O—organized on the job. R—responsive to customers, clients, visitors, and community members; approachable. T—talk in a professional and respectful manner.

477

M—manners and respect for others exhibited at all times. E—edit and review interviews and notes before concluding segments of an investigation. N—nurture professional growth and development always; strive to learn! T—timely; being on time is essential. Manners: manners are simply an accepted means of conducting oneself in public (i.e., politeness). They consist of consideration and respect for others. They are social graces, or skills used to interact politely in social situations. A few basic tenets of proper manners are: • Allow others to speak and express their views; do not interrupt, but listen. Not only does this reflect good manners, but it is an effective interviewing tool. The truly professional protection officer makes every conversation an interview. • Be respectful of the input of others. Compliment rather than criticize. • Praise others when appropriate. Be genuine in doing so. • Stand to greet people entering the room as a sign of respect and consideration, as well as an opportunity to create a personal bond. Protection officers must exhibit sound professional judgment. They must engage in ethical decision-making, factoring in a sense of justice and the common good. Basic decision-making involves problem solving, using the following steps: 1. Identify and define the problem. 2. Determine if a decision is urgent or can wait. 3. Research various options and available solutions; many poor decisions stem from a failure to fully explore all of the options. Professional knowledge of law, technology, and the organizational structure/chain of command is important to generate a solution set from which to choose.

III. ADVANCING YOUR SECURITY CAREER

478

42. ETHICS AND PROFESSIONALISM

4. Select an option or course of action. Consider the ramifications or possible negative outcomes. 5. Implement. 6. Report your decision. Evaluate the outcome and document. A practical, “real-world” method of dealing with ethical dilemmas, or situations in which a choice must be made between two equally undesirable options, is to use simple, easy-toremember acronyms. Once the problem has been identified, the ethical dilemma can be managed by use of the PORT acronym: P—problem, define and describe. O—options—what are they? Be sure to list them. R—responsibility to employers, family, the public, the profession. T—time; consider the test of time: “How will I feel about my decision in 10 years?” You must employ ethical decision-making in everyday work situations to build credibility and trust; this will serve you well in times of crisis.

Unethical Behavior in the Protection Profession Unfortunately, like all professions, ethical lapses occur in the protection industry. Some common causes of ethical lapses are: 1. Character flaws. Protection officers—or any other person in a position of trust—must possess good character. Past behavior is the most reliable indicator of future behavior; and is why thorough screening and background scanning is critical to employers. 2. Taking the “path of least resistance.” Unfortunately, doing what is easy does not always solve the problem. Taking a short cut usually means problem avoidance, where the person confronting the dilemma hopes

the problem will either go away or solve itself. As we all know, it likely won’t take either course. 3. Conflict with full-time and part-time employment. The practice of moonlighting, with its inherent division of loyalties between the full-time and part-time employers, can create a breeding ground for unethical conduct. 4. Fatigue. People often make the wrong choices simply because they are tired. Fatigue and stress impede good decision-making and can create a vicious cycle of poor decisions and increased stress. 5. Resistance to change. Resistance to change is the action taken by individuals and groups when they perceive that a change is a threat to them. Key words here are “perceive” and “threat.” The threat need not be real or large for resistance to occur. Officers may not embrace new training techniques, technology, or uniforms. Resistance to change can be viewed as unprofessional or even unethical if it leads to a hostile work environment or retaliatory behaviors.

Values and Ethics (Adapted from Roufa, 2012) What Are Values?—"Value" is the term given to those ideas, behaviors, and actions that are important to us. Values are those things worth fighting for and worth sacrificing for—what we hold most dear in the profession. Our values strongly influence decision-making and help determine where we place our emphasis in our personal and professional lives. Values form the basis for our understanding of ethics. Within society, we have personal values and societal values. Our personal values are ours alone, and are often influenced by our upbringing, cultural and ethnic background, religious beliefs, and personal experiences. Personal values are unique to each individual, and likely inform

III. ADVANCING YOUR SECURITY CAREER

479

CONCLUSION

how we view, appreciate, and approach ethical behavior. There are some values, though, that are universally held by most societies. These societal values are also how we derive our understanding and expectation of ethics and ethical behavior. Such ideals include: • • • • • • • • •

Integrity Honesty Hard work Kindness Compassion Empathy Sympathy Justice Bravery

These ideals, or universal values, help guide us toward ethical behavior and ethical decision-making. Ethics Defined—Ethical principles are premised on the notion that right is always right and wrong is always wrong. When officers fail to do what is right, or when they take a course of action which is clearly and blatantly wrong, they erode the public trust and degrade law enforcement’s ability to work within the community and carry out the policing mission. Adherence to high ethical standards, then, is as vital to achieving the overall goal of modern policing as any other tactic, technique, or practice. The importance of a high ethical standard in police or security work is impressed upon aspiring officers from the very day of their training. Agencies have several ways to promote ethics among their ranks. First and foremost is the oath of office that law enforcement officers take; this serves as a rallying call, and the foundation of service. An ethical culture starts at the top, with ethical leaders. Creating an environment of safe reporting, where officers can come forward with possible derogatory information regarding peers or supervisors, is paramount. Finally,

rewarding ethical behavior and decisionmaking publicly reinforces the culture.

CONCLUSION Protecting a society from the increasingly violent actions of criminals and terrorists is a challenging undertaking. While respect for individual rights must be paramount in a free society, the common good is also a strong consideration. What is essential is that we respect individual rights and make every attempt to preserve them. Perhaps an adoption of an ethics of care philosophy is appropriate for those who protect. Ethics of care means being concerned with the welfare of others: having empathy, understanding the other’s feelings, and understanding how they view a situation. The ethics of care approach fits well with the community policing model; care, concern, and partnering with a community will help solve its crime-related problems. As protection officers gain experience and wisdom on the job, handling a variety of situations and people, they will become more sensitive to their ethical obligations. Finally, as an information-based society is more firmly established, so, too, do concerns with the handling of private or sensitive information. While adhering to the basic principle of “need to know” affords some protection against abuse, there is still an increasing potential for disclosure of confidential and proprietary information. The Internet, social media platforms, and smart devices have all complicated the officer’s actions to protect privacy of victims and subjects. Also, the officer may be videotaped by the public while apprehending a subject or handling a crime or accident scene. Thus, acting ethically in every situation is paramount. We recommend reviewing the Josephson Institute Exemplary Policing Center (JEPC)

III. ADVANCING YOUR SECURITY CAREER

480

42. ETHICS AND PROFESSIONALISM

website, which was established to create an ethical business culture to enhance morale, growth, and profitability while reducing risks of costly and reputation damaging lawsuits and scandals. The JEPC provides comprehensive resources, including best practices, policies, articles, major reports, and instructional and inspirational videos. The JEPC also offers training and customized training programs in police ethics. Visit http://josephsonsexemplarypolicing.org/ for more information.

References IFPO. (2010). The Professional Protection Officer: Practical security strategies and emerging trends. Burlington, MA: Butterworth-Heinemann. Roufa, T. (2012, October 12). Ethics in law enforcement and what the public expects from police. Retrieved June 6, 2019 from https://www.thebalancecareers.com/ethicsin-law-enforcement-and-policing-974542.

III. ADVANCING YOUR SECURITY CAREER

C H A P T E R

43 Networking Brion P. Gilbride O U T L I N E Introduction

481

Emerging Trends

486

Why Networking Is Important

481

Conclusion

487

Professional Organizations and Training

484

References

487

The Liaison Role

485

security professional encounters employees, managers, vendors, visitors, customers, law enforcement personnel, emergency response personnel, and government inspectors or agents on a near-daily basis. Building professional relationships with each of these groups of people will serve the security professional in a variety of positive ways. The cultivation and maintenance of these relationships is commonly referred to as “networking.”

CHAPTER OBJECTIVES • Describe the various types of networking activities • Discuss the importance of networking to the security professional • Discuss why networking is important • Discuss the role of professional organizations and training • Describe the importance of liaison in security networking

WHY NETWORKING IS IMPORTANT INTRODUCTION The security professional is often the public face of an organization, whether working directly for that organization or contracted to it. That

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00043-2

Although it may seem commonplace or even intuitive, the importance of networking cannot be overstated. As an employee in a proprietary security or public safety department, retail loss

481

# 2020 Elsevier Inc. All rights reserved.

482

43. NETWORKING

prevention operation, contract guard service, or law enforcement agency, the security officer is the guardian of the interests of the company that he/she serves; the security officer protects the company’s assets, its personnel, and its reputation. It is in the security professional’s own interest to establish and maintain working relationships with those they encounter or serve. For example, if a job requires a security practitioner to conduct a preliminary investigation into something—be it a fire alarm, shoplifting report, suspicious person, fake identification, or a stolen credit card—professional relationships can be key to providing timely and actionable information to the appropriate authorities or even resolving the situation entirely. Networking facilitates professional success through collaboration and, in a tight economy, this could mean the difference between walking on patrol versus walking the unemployment line. A similar relationship-building can be achieved when a security professional serves as liaison to another group or entity. This can be as simple as being a “point of contact” for the other entity or might instead be formalized in a variety of ways. This type of relationship tends to be more common in large organizations whose jurisdictions are complex or overlapping. While a liaison relationship tends to evolve through persons of equal or similar rank or position, it is also increasingly common for the liaison relationship to evolve through persons of similar specialty backgrounds. Whether the relationships are formed through informal networking or through formal liaison activity, security professionals improves themselves through these often mutually beneficial relationships. Informal networking occurs in a variety of ways. Consider the different locations a security professional might work. These locations include, but are not limited to: • • • •

Colleges/universities Manufacturing plants Shopping malls Government facilities

• • • •

Banks/armored car services Hospitals/medical facilities Housing/office complexes Marinas/vessels

Depending on the nature of the facility, there are numerous entities that the security professional will encounter during their work. Each contact represents a potential relationship. Some encounters are common to all facilities— employees, visitors, and vendors exist at most locations that security personnel are commonly hired to protect. While some locations have independent emergency services, such as medical, fire, or police services, others use the resources of the community in which the facility is located. For example, a security professional working for a port authority might be patrolling or monitoring a dock facility for commercial operating vessels. Commercial operating vessels include bulk cargo ships, tankers, container ships, or cruise ships. By virtue of working at that dock facility, the security professional is likely to have interaction with: • Fire and emergency medical service personnel (EMS) • Police agencies (port authority, municipal, city, state, or other—depending on location) • Coast Guard/military authorities • Customs and/or immigration authorities • Longshoremen • Truck/transport drivers • Crane/equipment operators • Maintenance/facilities staff • Port authority managers/executives • Landscaping/janitorial staff • Ship’s agents/customs brokers • Vessel crew • Public • Regulatory entities (i.e., OSHA) Each of the individuals described above has something that is always useful to the security professional—information. Simply put, information is knowledge. Knowledge might concern a

III. ADVANCING YOUR SECURITY CAREER

WHY NETWORKING IS IMPORTANT

particular fact or a series of facts. Knowledge can be communicated, received, studied, researched, or instructed (Information, n.d.). The knowledge that these individuals possess will impact the security professional’s work in some way. The information they have available to them will vary widely, but in its own way will have relevance to the security operation. In a complex environment such as a commercial seaport, security professionals can’t be everywhere, and they can’t see everything—yet they are responsible for doing just that. A security professional, even with the latest access control and remote surveillance technology, must move beyond that technology to truly understand their environment and to do so requires a human element. Networking is the process of developing that human element. There are persons that the security professional will see each and every day. The managers, office support staff, longshoremen, maintenance, and janitorial staff typically fit this description. These individuals perform their duties in various places in the facility and some (maintenance, for example) work everywhere. These individuals will see and hear things that the security professional would otherwise not be aware of. They also want to share pertinent information but are unlikely to do so with a stranger—particularly if they are not sure to whom their information should go. Establishing a relationship with people seen on a day-to-day basis may be as simple as saying “Hello” to them when encountered. A friendly wave and a smile may suffice. In other instances, brief conversation may work wonders—if the security professional is a baseball fan and the maintenance manager likes the same team, that is a commonality that may be used to develop rapport. Rapport is defined as “a connection, especially harmonious or sympathetic relation” (Rapport, n.d.) and is essential to developing an ongoing interaction with someone. Developing rapport and cultivating relationships is essential to a security professional’s success. Using the

483

previous example, if the security professional develops good rapport with the maintenance manager, the maintenance manager may become comfortable sharing information learned from the maintenance staff that might be of interest to the security staff. Maintenance staffs are often in spaces not accessible to the public, which means that anything they observe mostly in those inaccessible spaces will be of interest to the security staff. Other entities that security professionals will have semi-regular interaction with are emergency medical and fire personnel. In a facility as complex as a commercial seaport, there are numerous opportunities to encounter emergency personnel, and not all of them as the result of an incident. Fire drills, fire system testing, and alarm malfunctions are noncritical situations that may allow time for networking. In addition, learning from fire department or emergency medical personnel the steps security professionals can take or the information security professionals can provide to support an emergency response can help build a relationship as well. Emergency personnel typically do not know the quirks of a particular facility, such as where hazardous materials (HAZMAT) are stored or used, the location of emergency eyewash/ shower stations or decontamination equipment, access and egress points to buildings, storage yards, or the site itself—all of these things are information that a security professional will likely know that can help emergency personnel protect the people as well as the facilities at a worksite. In the event of an incident, particularly those involving injuries or casualties, security personnel will often be the first individuals on the scene. As such, security personnel will assume the responsibilities of incident command until support arrives. Those responsibilities include but are not limited to: scene command, medical triage, crowd control, or communications. These incidents are both a test of and a justification for the invaluable networking relationships a

III. ADVANCING YOUR SECURITY CAREER

484

43. NETWORKING

security professional builds over time. During a major incident there’s no time to unravel jurisdictional issues or problems—the priority is the preservation of life first and property second. While networking-based relationships are often positive influences on a security professional’s career, there remains one variable that cannot be overlooked. That variable is the human aspect of relationships. Sometimes, there will be conflict between a security professional and someone from another entity with whom they must work in collaboration to resolve a situation. The reasons behind such conflict vary. As described by Ben Dattner in a 2014 Harvard Business Review article, reasons might include “[P]eople’s interests may truly be opposed; roles and levels of authority may not be correctly defined or delineated; there may be real incentives to compete rather than to collaborate; and there may be little to no accountability or transparency about what people do or say” (Dattner, 2014). It is unlikely that security professionals working with law enforcement to resolve a vehicle break-in will have opposing interests, but confusion about authority and accountability and competition taking precedence over collaboration are possibilities in that situation. If either the security professional or the law enforcement officer misunderstands the role(s) each plays in the context of investigating a vehicle break-in, it will be much more difficult to collaborate. There are needs that each entity will have in this situation, for example, that will be challenging to meet if the primary communication between the entities involves accusations of noncooperation or interference with an investigation. The investigating agency may need evidence that only the security department will have (digital video, access/egress records) and the security department may need a copy of the investigating agency’s report on the incident for documentation purposes. If the two entities have a positive relationship, needs

will be fulfilled, and that positive relationship begins with the frontline staff of each entity.

PROFESSIONAL ORGANIZATIONS AND TRAINING If this chapter is about networking, one might ask why there is a discussion on training, education, and professional organizations. The networking opportunities present in these three groups are possibly the most valuable. Peers will be taking the same training, studying for the same education, or participating in the same professional bodies. Instructors for these training and educational groups, along with organizational officers for these professional organizations, will also be present and will be bringing networks of their own into the group. For the security professional, these resources are priceless. Consider the phrase, “If I don’t know the answer, I know someone who probably does.” That’s where networking can help. And as the security professional’s career grows, they too will one day be “the person that might know that answer.” Aside from interactions at the workplace or during incidents, there are other opportunities for security professionals to meet and work with colleagues in law enforcement, fire, emergency services, regulatory agencies, and others. Membership in professional organizations and the networking and training opportunities inherent to those memberships are an excellent way to build relationships. There typically is investment upfront in the form of membership dues or training course fees—some employers will support these while others will not. Whether employer-supported or not, joining and participating in these organizations shows a desire to improve one’s career standing. The networking opportunities implicit in these memberships are tailor-made to facilitate such improvement.

III. ADVANCING YOUR SECURITY CAREER

485

THE LIAISON ROLE

There are a variety of professional organizations out there for security officers. For example, the International Foundation for Protection Officers (IFPO) specializes in entry-level and intermediate security officer training and certification; ASIS International (ASIS) specializes in advanced training and certification for midand senior-level security professionals and executives; the International Association of Healthcare Safety and Security (IAHSS) specializes in entry-level and intermediate security officer training and certification within the healthcare field; and the Association of Certified Fraud Examiners (ACFE) specializes in fraud-related investigations. Networking opportunities within these organizations are legion. ASIS and IAHSS, for example, hold monthly chapter meetings across the world. The meetings might include guest speakers, discussions on issues affecting the security profession, or any other activity that furthers the interests of the security profession. IFPO has numerous training offerings, culminating in the Certified Protection Officer (CPO) and Certified in Security Supervision and Management (CSSM) designations. The instruction manuals for IFPO’s programs are written by authors from various disciplines throughout the security field, providing a broad perspective on issues impacting the profession (IFPO, n.d.). ASIS members are often former military or law enforcement officials with a variety of contacts throughout the profession. ASIS offers advanced training for its members, such as the Certified Protection Professional (CPP) and the Physical Security Professional (PSP) (ASIS International, n.d.). IAHSS also has certification programs geared toward security officer positions or management, such as Certified Healthcare Security Officer (CHSO) and Certified Advanced Healthcare Security Officer (CAHSO) (IAHSS, n.d.). The ACFE also holds monthly chapter meetings and offers the Certified Fraud Examiner (CFE) designation (ACFE,

n.d.). Beyond these organizations, there are specific entities dedicated to locksmithing, cybersecurity, alarm system installation, executive protection, and a host of others offering similar programs and networking advantages. In addition to professional organizations, many postsecondary educational institutions offer associate’s, bachelor’s, and even master’s degrees in security-related disciplines. These degree programs, although considerably more expensive and time-consuming than a certification or training program, also offer networking opportunities. Institutions offering these programs employ instructors and professors in the security discipline that have had real-world experience in the field as security professionals, law enforcement officers, or military. Many students that participate in these programs provide additional networking possibilities. As with professional organizations, these programs expose the security professional to individuals with diverse career backgrounds, knowledge, and contacts that may positively impact one’s career. These institutions need not be brick-and-mortar colleges and universities, either. Given the round-the-clock nature of the security profession, it may not be feasible to attend class at one physical location and work at another. Online programs are offered by many colleges and universities that are often less expensive and the coursework is asynchronous, meaning that the student can access the content at any time and not be restricted to a particular schedule.

THE LIAISON ROLE While not a traditional networking opportunity, organizations that interact with governmental and/or investigative entities sometimes designate a specific individual to represent the organization in dealing with these entities. In some cases, the liaison role is not necessarily formal; sometimes it occurs organically. With

III. ADVANCING YOUR SECURITY CAREER

486

43. NETWORKING

the 21st-century proliferation of intelligence fusion centers, joint task forces, and similar multi-organization collaborations, particularly in the United States, liaison-type roles are becoming more common. Some organizations, such as the New York City Police Department, have developed comprehensive informationsharing programs, such as NYPD SHIELD. NYPD SHIELD is specifically geared toward private security. NYPD SHIELD incorporates both intelligence and threat briefings from NYPD staff with website and email notifications (SHIELD Alerts) regarding incidents around the city. NYPD acknowledges on their website: “[W]e recognize… that our private sector partners are uniquely qualified to assist NYPD personnel during counter terrorism deployments. Your personnel know your buildings, blocks, and neighborhoods from a different perspective. You know what belongs and what is out of place. We urge you and your staff to speak with the police officers you see on the street, particularly those assigned to posts in the vicinity of sensitive and critical locations” (NYPD SHIELD, New York City Police Department, n.d.).

With a program such as NYPD SHIELD, a security professional might be designated the liaison to that program, or he/she may informally familiarize themselves with the police officer(s) assigned to patrol beats in the security professional’s area of responsibility. Regardless, the two-way flow of information encouraged by the NYPD SHIELD, benefits both the security professional’s employer and law enforcement. Building relationships, as a conscientious security professional, is essential for the day when the security professional needs police assistance or the police need the security professional’s assistance. Similar liaison relationships can be developed when dealing with industry-regulation government entities. These could be national or state/provincial/county entities. In the United Kingdom, for example, the regulator is the Security Industry Authority (SIA). The SIA

is involved in regulating individuals and contractors as well as security training and those who provide it (SIA, n.d.). In South Africa, the regulator is the Private Security Industry Regulatory Authority (PSiRA) and performs similar activities to the SIA (PSiRA, n.d.). Depending on the size of the organization, a security professional might serve a liaison function with a regulating entity. In the United Kingdom and South Africa, for example, the regulatory entity is national. In the United States, this tends to be on a state-by-state basis. Like many regulating authorities, both the SIA and the PSiRA have investigative and compliance functions—this means there may be requests for information, site visits, interviews, audits, or other activities as part of their mandate. Positive relationships with these regulatory bodies are essential to the provider of security services as well as the entities employing them. Developing relationships with the investigators, auditors, and/or regulators requires an individual both aware of the needs of these regulatory bodies and the interpersonal skills to sustain a relationship with them. For security professionals, representing the employer before a regulatory entity presents tremendous opportunity for advancement but requires a significant level of trust, meaning a security professional will likely have several years of experience that covers a broad spectrum of the security needs of that organization before being used in such a role. Remember that the regulatory authority and the employer have an equal stake in positive findings during an audit, review, or compliance investigation.

EMERGING TRENDS As the security profession continues to advance and technology becomes further integrated into most every security function imaginable, networking will remain a constant for the

III. ADVANCING YOUR SECURITY CAREER

REFERENCES

security professional. That said, as society continues to move toward FaceTime, Skype, GoToMeeting, and other applications that allow people to connect remotely with each other, networking will do much the same. While there is no substitute for face-to-face meetings between colleagues, the ability of distant colleagues to reach one another will be both beneficial and transformational. While distance education has been around for some years now, the ability of colleagues to talk face-to-face using technology means that networking can and will occur between people that have never actually met in person. Security professionals will be able to “know” people that they don’t actually know. They’ll be able to have discussions, receive training, conduct meetings, and more in the same “virtual” location without ever leaving their home office or territory.

CONCLUSION Networking is the art of developing relationships with individuals for mutual benefit. Accordingly, it is an integral part of a security professional’s career. Networking builds the foundation for both providing and receiving mutual support or recognizing mutual interest and can support career advancement. Networking in some ways is organic, such that the security professional may not even realize it’s happening. Similar to the concept behind community policing, networking encourages security professionals to get to know those they may only

487

encounter during a crisis or emergent situation prior to such a situation so that a level of trust will be in place when it is most needed.

References ASIS International Board Certifications. (n.d.). Retrieved October 21, 2019, from https://www.asisonline.org/ certification/asis-board-certifications2/. Association of Certified Fraud Examiners (ACFE). (n.d.). How to become a Certified Fraud Examiner j Qualifications. Retrieved October 21, 2019, from https://www. acfe.com/become-cfe-qualifications.aspx. Dattner, B. (2014, May 20). Most work conflicts aren’t due to personality. Cambridge, MA: Harvard Business Review. https://hbr.org/2014/05/most-work-conflicts-arent-due-topersonality. Information. (n.d.). Dictionary.com. Retrieved October 20, 2019, from https://www.dictionary.com/browse/ information. International Association for Healthcare Security and Safety (IAHSS). (n.d.). Training and certifications. Retrieved October 21, 2019, from https://www.iahss.org/page/ trainingandcertifications. International Foundation for Protection Officers (IFPO). (n.d.). Training programs. Retrieved October 21, 2019, from http://www.ifpo.org/training-programs/. NYPD SHIELD, New York City Police Department. (n.d.). About: Introduction | what we do | what we ask. Retrieved October 21, 2019, from http://www. nypdshield.org/public/. Private Security Industry Regulatory Authority (PSiRA). (n.d.). Welcome to PSiRA. Retrieved October 21, 2019, from https://www.psira.co.za/psira/. Rapport. (n.d.). Dictionary.com. Retrieved October 20, 2019, from https://www.dictionary.com/browse/rapport?s% C2%BCt. Security Industry Authority (SIA). (n.d.). Home. Retrieved October 21, 2019, from https://www.sia.homeoffice. gov.uk/Pages/home.aspx.

III. ADVANCING YOUR SECURITY CAREER

C H A P T E R

44 The Protection Officer as a Leader Franklin R. Timmon, Scott A. Watson O U T L I N E Introduction

489

The Leader as an Agent of Change

495

Do You Really Want to Be a Leader?

490

Pitfalls of Leadership

496

Team Member Skills: The Foundation of Leadership

Conclusion

496

491

References

496

Expectations of Leaders

491

Resources

497

Three Critical Leadership Skills

492

Ten Steps to Becoming an Effective Leader

494

CHAPTER OBJECTIVES • Compare and contrast the words “management” and “leadership” • List and explain 10 expectations of leaders • Identify and explain three critical leadership skills • List four key interpersonal communication skills and explain their importance

INTRODUCTION In the course of this chapter, we discuss the basic principles, skills, and characteristics of leadership. To understand leadership, we need

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00044-4

to establish from the beginning that leaders and supervisors/managers are not one and the same. Our expectation would be that every supervisor/manager is a leader, but every leader is not necessarily tasked with direct line supervision. Simply stated, a leader is anyone who influences the willing actions of others in support of organizational goals and processes. Note the word “influences” in this definition. A leader derives his or her power from the ability to inspire others to willingly follow a process or recommended course of action in support of organizational goals and objectives. Since leaders are not necessarily charged and empowered with direct authority, the “willingly” part of the definition is of critical importance. In contrast, a manager or supervisor is charged and empowered with direct authority;

489

# 2010 Elsevier Inc. All rights reserved.

490

44. THE PROTECTION OFFICER AS A LEADER

however, without solid leadership skills, the manager will be ineffective in meeting organizational goals and objectives (Hertig, McGough, & Smith, 2008; Johnson, 2005; Sennewald & Braillie, 2015). Who should study and develop leadership skills? 1. Managers and Supervisors: Those entrusted with management and supervisory roles have, by virtue of their acceptance of their position, a responsibility to study and develop leadership skills. 2. Team Members: Those who wish to take on the added responsibility of influencing their own team, and the greater organization they serve, should study and develop leadership skills. 3. High Potential: Those with high leadership potential should be encouraged to study the principles of leadership in order to make a career decision about their long-term goals. It is also important to keep in mind that not everyone desires to be a leader, and that’s okay. There are a great many people who are both content and effective in their roles as a team member. Still, a manager or supervisor should never assume that one is content; lines of communication need to remain open and the question needs to be asked (Watson, 2007).

DO YOU REALLY WANT TO BE A LEADER? To some people, the idea of being a leader sounds glamorous because they immediately think of exerting influence over a team, being consulted about important decisions, and being recognized as indispensable to the organization. Indeed, leaders experience many of these benefits, but they come at a high price. The legendary football coach Vince Lombardi said, “Leaders aren’t born; they are made. And

they are made just like anything else, through hard work. And that’s the price we’ll have to pay to achieve that goal, or any goal.” The decision to develop leadership skills and assume a role of influence within an organization should not be taken lightly. Leadership involves long-term commitment and hard work without an immediate payoff. Leadership is not about position or privilege and often involves putting one’s self-interest below that of the team. Before embarking on the journey to become a leader, it is wise to answer the following 10 questions about, and for, yourself: 1. Are you interested in the power or the responsibility? A good leader leads, and is responsible for others, whereas those more concerned with power generally do not get far in their careers, or they are not well-liked or effective. 2. Are you motivated to lead? Leaders must have upward ambition and know what motivates them and how to stay motivated, along with motivating and managing their team members. 3. Do you interact well with others? Leaders must inspire performance and morale. 4. Do you learn from past experiences and seek out new ones? A new leader learns from their mistakes and past successes and seeks out opportunities to learn new methods and experiences. 5. Are you confident and trustworthy? A good leader is confident without being arrogant or a know-it-all. 6. Can you adjust to new people and situations, including those that are unclear and ambiguous? A leader with “my way or the highway” attitude is doomed to fail. A leader must learn to adapt to a myriad of personalities and working styles. 7. Are you ready to give up a lot of your time to help others? Former General Electric CEO, Jack Welch, said it best: “Before you are a leader, success is all about growing

III. ADVANCING YOUR SECURITY CAREER

EXPECTATIONS OF LEADERS

yourself. When you become a leader, success is all about growing others.” 8. Are you really open to constructive criticism and feedback? You are not only going to get a lot more criticism and feedback as a leader, but you will also need to learn from it—and fast. 9. Are you comfortable with having hard conversations? Part of being a leader is having tough talks and being confrontational at times, including terminating a well-liked but underperforming worker. 10. Are you willing to be accountable for not only your actions but also the actions of your team? A leader must get used to being responsible for the work of others. When one person on a team fails, it reflects a failure of the leader, which can be hard for many leaders to accept (Byham, 2017). Coach Lombardi was right; leadership is hard work! As previously stated, leadership isn’t for everyone and many people do not seek out leadership positions. Still, the seasons of a person’s life change and with time, so, too, can one’s desire to become a leader. Leaving oneself open to the possibility of becoming a leader is a wise choice, as some of the most effective leaders are sometimes the most reluctant to assume those roles ( Johnson, 2005; Sennewald & Braillie, 2015; Watson, 2007).

TEAM MEMBER SKILLS: THE FOUNDATION OF LEADERSHIP If you make the decision that becoming a leader is a worthwhile goal, the hard work begins as a team member. As team members, we all have certain understood and implied responsibilities. Much of what we do is grounded in the roles and expectations set

491

forth by the organization we serve, but other characteristics include the values that we, as team members, possess. You cannot be an effective leader until you have first met the basic tenets of being an effective team member. Some very important attributes of being an effective team member are (US Department of Energy, 2009): 1. Communicate effectively; in fact, overcommunicate. 2. Be aware of error traps in the workplace or daily work processes. 3. Ensure that firewalls or protection is in place to address the error traps. 4. Be motivated to improve operations; always strive for excellence. 5. Continuously identify ways to improve human performance. 6. Advise management when problems exist in performing work. 7. Have a questioning and supportive attitude as well as a willingness to be a proactive problem solver. 8. Embrace and practice the STAR concept (Stop, Think, Act, Review). 9. Strive for success but have a plan for failure. Continually ask, “What if?” 10. Take the time required to do the job right the first time.

EXPECTATIONS OF LEADERS Now that we understand what it takes to be an effective team member, let’s examine what additional expectations we have of leaders. Remember, as we previously stated, a leader is any individual who influences the willing actions of others in support of organizational goals and processes. Additional traits that can characterize a leader in any organization include: 1. Encourages open communication. 2. Advocates teamwork, to eliminate error traps, and strengthen firewalls.

III. ADVANCING YOUR SECURITY CAREER

492

44. THE PROTECTION OFFICER AS A LEADER

3. Seeks out and eliminates organizational weaknesses that foster error traps. 4. Reinforces desired work behaviors. 5. Knows the importance of preventing error traps. 6. Challenges atmospheres that support complacency. 7. Works to clarify organizational and individual employee issues. 8. Champions “across the board” adherence to the highest standards. 9. Ensures all workers fully understand the potential consequences of unsafe behavior. 10. Minimizes unfamiliarity among members of the team.

access to confidential information, knowledge of specific security vulnerabilities, and the trust of individuals within the organization. As a result of this expanded access, knowledge, and trust, we in the protection field are held to a higher standard of behavior than the population at large.

Ethics should go beyond the following concepts:

THREE CRITICAL LEADERSHIP SKILLS

1. Following Organizational Rules: It is not enough for a protection officer to simply refrain from violating organizational rules; everyone is supposed to follow the rules. Since the professional protection officer is expected to enforce rules, following those same rules is expected as a matter of course. 2. Complying with Laws: It is not enough for the protection officer to simply comply with laws. Laws are, after all, minimal standards of behavior expected by the society at large. A protection officer should not only comply with legal requirements but also strive to go above and beyond the minimal standards provided by law.

The development of leadership skills is a lifelong process, so a complete list and detailed explanation of all the skill sets required for effective leadership could fill several libraries. What follows is an overview of three broad categories of practice that all leaders should study and strive to master. Practice 1: Ethics. This is the cornerstone of the protection field. The organizations we serve entrust us to protect their most valuable assets. As a professional protection officer, you are likely to have access to secure areas of the facility in which you work. You are also likely to have

Practically speaking then, ethics both encompass and surpass the minimal standards of law and the basic expectations of the organizations we serve. A protection officer should always be cognizant, not only of what constitutes violations of law and organizational policy but also what appears to violate such laws and policies. Only by doing so can the protection officer avoid doing wrong, while engendering confidence in those he or she serves ( Johnson, 2005; Sennewald & Braillie, 2015; U.S. Department of the Army, 2006; Watson, 2007).

Leadership involves the ability to understand the goals of the organization we serve. For the sake of our chapter, let’s refer to everyone outside our sphere of influence as our customer. Our clients, our managers and supervisors, our peers and our community, no matter who that may be, are our customers. Once we understand the goals and objectives of our customers, then we can better serve their needs (Johnson, 2005; Sennewald & Braillie, 2015; Watson, 2007).

III. ADVANCING YOUR SECURITY CAREER

493

THREE CRITICAL LEADERSHIP SKILLS

Practice 2: Mission Focus. Organizations exist for a purpose. This purpose is the organization’s mission or reason for existence. The role of the security department is to provide professional protective services that allow the organization to accomplish its mission. The role of the protection officer is to ensure that the security department accomplishes its mission to serve the organization. Those who wish to be leaders in the protection field must be familiar with the organization’s mission and how the security department contributes to accomplishing it.

Verbal

Nonverbal

Writing

Listening

FIG. 44.1 Four key areas of interpersonal communication.

The professional protection officer’s quest to be mission oriented should include an understanding of the following (US Department of the Army, 2006; Watson, 2007): 1. 2. 3. 4. 5. 6.

7. 8. 9. 10.

The organization’s mission. Who the organization serves. The organization’s values. The history of the organization. The organization’s structure. The geographic area and economic climate in which the organization operates. The image of the organization. The security department’s role in the organization. The security department’s organizational structure. His or her own role in accomplishing the mission.

Practice 3: Interpersonal Communication. Organizations consist of groups of people all working together under a common structure for a common purpose. An ability to understand and relate to people is a key element in effective leadership because it enables the leader to influence others to accomplish organizational and departmental missions.

There are four basic communication skills needed of every leader: verbal, nonverbal, listening, and writing (Fig. 44.1). The optimal way to communicate is face-to-face. This allows both the sender and the receiver of information to engage in real-time verbal and nonverbal analysis. It also allows for clarification and immediate feedback. 1. Verbal Communication: Verbal communication is composed of the spoken word. It is very important because it allows us to: a. Express ourselves in words. b. Ask questions and clarify nonverbal communication actions. c. Provide feedback to the listener. 2. Nonverbal Communication: Nonverbal communication is just that: communicating with your body or emotions. Some experts say that we do the vast majority of our communicating nonverbally. No matter how you or another individual communicates nonverbally, clarification is critical in checking for understanding. A nonverbal message has meaning, just as a verbal one does. The content is more difficult to “read,” but it is just as important. Many actions are interpreted with specific feelings, whether or not those feelings were meant to be conveyed by the sender. By asking for clarification,

III. ADVANCING YOUR SECURITY CAREER

494

44. THE PROTECTION OFFICER AS A LEADER

misunderstandings can be kept to a minimum. 3. Listening Skills: Listening is often-times the most overlooked aspect of communication. Although more than half of our communicating time is spent listening, compared to other types of communication, we spend a small amount of time learning how to listen effectively or actively. In order to improve your listening skills, listen actively, devoting all of your concentration to the task. In fact, to be a good leader, we must be a good listener. We must understand what the expectations really are and we must align our roles and responsibilities to meet those expectations. Comprehension is the primary goal of listening. We need to understand the message being sent before we can process the information, evaluate it, and provide a response. NOTE: If at any time, during this process, you get confusing information—ask for clarification! 4. Writing Skills: Writing is another key element in communication and a skill developed over a lifetime. As a professional protection officer, you may find yourself writing incident reports, daily logs, email communications, proposals, training programs, statements, security survey reports, and annual reports along with a host of other correspondence. There are many ways to enhance one’s writing capability, but the best teacher is direct experience and professional feedback from peers, managers, supervisors, and customers. Over time, writing tends to improve, so don’t be discouraged if this is a weak area for you. The protection officer who strives to maintain the highest standards of ethics constantly remains aligned with departmental and organizational mission, develops solid interpersonal communications skills, and will make steady progress in developing leadership skills (Elgin, 1980; Sennewald & Braillie, 2015; US Department of the Army, 2006).

TEN STEPS TO BECOMING AN EFFECTIVE LEADER The following 10 steps or precepts are provided as a guideline for the serious student of leadership. 1. Be the Leader You Would Want to Follow: Remember our definition of leadership: any individual who influences the willing actions of others in support of organizational goals and processes. Ask yourself, “What type of leader would I be willing to follow?” Once you answer that question, strive to be that leader! 2. Accept That Conflict Is a Normal and Healthy Part of Growth: Remember that conflict is inevitable in all areas of human endeavor. While some conflicts can have negative effects, the absence of conflict would mean that everything would always stay the same and improvement would never occur. When engaged in a conflict, ask yourself, “What progress can be made by actively listening to another point of view?” 3. Know Yourself and Know Others: A leader has to be completely honest about his or her strengths and weaknesses as well as the strengths and weaknesses of others. Only by doing so can the leader make significant progress toward accomplishing both the departmental and organizational goals. Train yourself to be constantly assessing your strengths, weaknesses, and motivations, as well as those of others around you. 4. Continually Assess the Situation: Life moves quickly, and situations can change instantly. As a professional protection officer and a leader, you must prepare for whatever is coming next. This can only be accomplished by training yourself to develop and maintain situational awareness.

III. ADVANCING YOUR SECURITY CAREER

THE LEADER AS AN AGENT OF CHANGE

5. Remember What Is Truly Important: As mentioned earlier, ethics is the cornerstone of the protection field, and an organization’s mission is its reason for existence. Always keep in mind that ethics are more important than a specific job; your career is more important than a specific position and the mission is more important than pet projects or short-term gains. Remembering what is truly important will help you keep perspective. 6. Take Action: A leader must know when to act and when to wait. Failure to act, especially in the protection field, can be very costly. 7. Position Yourself and Your Organization Well: A leader must position him- or herself to be ready to take advantage of opportunities when they arise. As you move forward in any situation always be aware of potential opportunities and take the time to position yourself and your team so that you can capitalize on them when they arise. 8. Be Adaptable: It is easy to get hung up on ideas, but not all ideas are acceptable to the organizations we serve, nor are all ideas workable. Always be ready to adapt your plans to suit the needs of the organization. Doing so will allow you to overcome obstacles quickly and be more effective in the long run. 9. Avoid Predictability: The protection field requires structure and accountability, but it also requires staying one step ahead of situations and those who would victimize the people or organizations we serve. 10. Collect and Use Information: Information is the lifeblood of an organization and affects the functioning of an effective protection team. As a leader, it is important to collect and properly use information about the organization, threats, vulnerabilities, and a host of other matters. By being mission-focused and honing the interpersonal skills necessary to develop good relationships, the professional

495

protection officer will find more sources of information and, in turn, be a more effective leader. These 10 steps or precepts, if worked on, will help the professional protection officer in developing solid leadership skills (Watson, 2007).

THE LEADER AS AN AGENT OF CHANGE As the last link between senior management and line employees or customers, it is the leader’s job to assist in the implementation of change. To do this, certain obstacles must be overcome. There are several strategies for reducing resistance to change. Much resistance to change comes from lack of trust or people having to operate outside their comfort zone. Resistance can sometimes be overcome, or the impact lessened, if the following are completed: 1. Fully explain the upcoming changes. 2. Make certain employees or customers fully understand the change. 3. When possible, discuss why the change is required. 4. Identify and discuss the possible effects with employees or customers. 5. Answer questions or take the information and follow-up if you don’t know the answer. 6. Build trust with your employees; they will better accept the change. 7. Be honest and be consistent. Change can potentially create fear in the organization and paranoia in the minds of executives and managers hired to protect the status quo. Change not only drives fear; it also drives the fact that more effort is required to complete the change. This entire process means moving outside the individual’s comfort zone. Many people believe in the saying “don’t rock the boat.” An important point to consider is that

III. ADVANCING YOUR SECURITY CAREER

496

44. THE PROTECTION OFFICER AS A LEADER

the boat can already be rocking. The question is, do we steer the organization (boat) into the wave or do we allow the organization to be broadsided? A key element to help any organization better deal with the effects of change is TRUST. Trust can’t be purchased. It is a house that must be built one brick at a time. It opens the door to the path for success. Trust is earned through the following simple steps ( Johnson, 2005): 1. Honesty—Can an employee/customer believe what you say? 2. Integrity—Can an employee/customer believe you will keep your promise? 3. Openness—Can employees/customers believe that you will share what you know?

PITFALLS OF LEADERSHIP Oftentimes, people who see themselves as leaders think that others will follow them without question. Leaders must understand that leading is more about serving, negotiating, motivating, communicating, and actively listening than the physical act of leading. Incorrectly assessing a situation and trying to be overly persuasive or dominant can bring disaster to a leader, especially one who has just assumed that role. To avoid these pitfalls, here are some points that a leader should recognize and consider ( Johnson, 2005; Sennewald & Braillie, 2015; Watson, 2007): 1. Leading is more about achieving a shared goal, not managing or supervising people. 2. A leader has to always display confidence, trustworthiness, and truth: in other words, characteristics that make someone want to follow them. 3. Many times, other employees/customers have the answers or at least some thoughts. Leaders need to be active listeners.

4. Make certain the elements of leadership are aligned with corporate or customer goals and desires.

CONCLUSION A leader is any individual who influences the willing actions of others in support of organizational goals and processes. While leadership roles can be rewarding, they come at the high cost of consistent hard work and dedication, often without a discernible return on investment. Those who wish to assume leadership positions in the protection field must be prepared to put the needs of the team above their own. They must exercise the highest standards of ethics, remain missionfocused, and develop the solid interpersonal skills necessary to motivate others ( Johnson, 2005; Sennewald & Braillie, 2015). Finally, lead by example.

References Byham, T. (2017, June 16). 10 questions to ask yourself before you become a leader. Retrieved from https:// www.ddiworld.com/blog/june-2017/10-questions-toask-before-becoming-a-leader. Elgin, S. H. (1980). The gentle art of verbal self-defense. Upper Saddle River, NJ: Prentice Hall. Hertig, C. A., McGough, M., & Smith, S. R. (2008). Leadership for protection professionals. In S. J. Davies & C. A. Hertig (Eds.), Security supervision and management (3rd ed., pp. 219–239). Burlington, MA: Elsevier. Johnson, B. R. (2005). Principles of security management. Upper Saddle River, NJ: Prentice Hall. Sennewald, C. A., & Braillie, C. (2015). Effective security management (6th ed.). Newton, MA: Butterworth-Heinemann. U.S. Department of Energy. (2009). Human performance improvement handbook; Volume 2: Human performance tools for individuals, work teams and management. U.S. Department of the Army. (2006). FM 22 army leadership competent, confident, and agile. Watson, S. A. (2007). The art of war for security managers; ten steps to enhance your organizational effectiveness. Burlington, MA: Elsevier.

III. ADVANCING YOUR SECURITY CAREER

RESOURCES

Resources Bolton, R. B. (1979). People skills: How to assert yourself, listen to others and resolve conflicts. New York, NY: Simon & Schuster. Elgin, S. H. (1993). The gentle art of written verbal self-defense: How to write your way out of life’s delicate situations. Upper Saddle River, NJ: Prentice Hall.

497

Fujishin, R. (1993). Discovering the leader within; running small groups successfully. San Francisco, CA: Acadia Books. Sawyer, R. D., & Tzu, S. (1994). The art of war. Boulder, CO: Westview Press Inc.

III. ADVANCING YOUR SECURITY CAREER

C H A P T E R

45 Career Planning Christopher A. Hertig, Kenna Powell, Chris Richardson O U T L I N E Introduction

499

Do Your Homework

501

Begin at the Beginning—Education

499

Seek Credentials and Certifications

501

Understand the Industry

500

Experience

502

Stay Current

500

Investigate Licensure

502

Network

500

Conclusion

503

Find a Mentor

500

References

503

Explore Options

501

Further Reading

503

INTRODUCTION

BEGIN AT THE BEGINNING— EDUCATION

If you want to further your career as a security professional, recognize that you already have what it takes to navigate this challenging landscape. You could be well on your way to maximizing your potential as a security professional by simply implementing one basic security management tenet: planning. That same strategic approach applied to career development can expand your options and maximize your potential. The three basic stages of career planning are self-assessment, career exploration, and job search (Santa Barbara Career Services, n.d.). Keep in mind that progression may not be linear so just keep moving.

The Professional Protection Officer https://doi.org/10.1016/B978-0-12-817748-8.00045-6

Everyone starts at a different place— primarily due to different levels of education, experience, and employment—but it’s important to strategize at any stage and in all positions. Assessment is a fundamental first step to effective security planning. The same holds true for career planning. It begins with self-awareness, i.e., an understanding of one’s abilities and interests, and of the industry. This is also referred to as career literacy (Career Vision, n.d.). Take a professional inventory or, better yet, conduct a SWOT analysis of your strengths, weaknesses, and the opportunities and threats

499

# 2020 Elsevier Inc. All rights reserved.

500

45. CAREER PLANNING

that you face (Martin, 2019). Another option is to take the traditional approach through a career center at a local college or university. Regardless of how you arrive at your completed inventory, continue to move forward with a plan for selfactualization—the realization or fulfillment of one’s talents and potential. It’s a drive and need that most of us experience (Self-Actualization, n. d.). Anyone who has picked up this book and is reading this chapter is already on the way. Before setting goals, however, there is more to understand, more to explore.

UNDERSTAND THE INDUSTRY While guns, guards, and gates remain important mitigation measures in physical security, the security landscape is much broader (Ritchey, 2012). It’s also important to take another step back and look at the bigger picture. The best practices approach to providing security for people, property, and information is now defined as enterprise security risk management (ESRM) (Petruzzi, 2017). ESRM links security activities to an enterprise’s mission and business goals through risk management methods (Petruzzi, 2017). Security professionals may now be invited to the c-suite table to participate in the decisionmaking process. With that in mind, recognize that your role is critical to the success of the organization you serve. So, how can you best serve and protect while planning your career?

STAY CURRENT One of the easiest ways to stay current is to peruse professional periodicals and one of the best is Security Magazine (https://www. securitymagazine.com/). Other examples include industry-specificperiodicals,suchas CampusSafety Magazine (https://www.campussafetymagazine. com/) that focuses on public safety and security of hospitals, schools and universities; and SDM

Magazine (https://www.sdmmag.com) that focuses on security software, hardware, trends, and industry issues. Most of these organizations also sponsor downloads and online training as well as conferences and workshops. In addition to current best practices and industry trends, you will become more familiar with professional tracks and real-time job postings. Online resources are abundant.

NETWORK Networking, especially through industry associations, will provide you with additional information about career opportunities. Consider joining your local chapter of ASIS, InfraGard, ISACA (Information Systems Audit and Control Association), ISSA (International Sports Sciences Association), Public Risk Management Association or local, community-based professional security organizations. That initial handshake could lead to a future partnership. Look outside the private security industry to other partners. Local law enforcement, fire, MEDIC, and emergency management often open their exercises (tabletop, functional or full scale) to volunteers. This is a golden opportunity to build relationships in preparation for emergencies within your organization, add to your skill set, and meet other like-minded safety and security professionals. Local law enforcement may also offer additional training (Police Citizens Academy) and Emergency Management may offer CERT (Community Emergency Response Team) training—unique community networking opportunities.

FIND A MENTOR While networking, you may identify someone who is willing to invest in your professional development. More than likely, you will catch the attention of a potential mentor through a

III. ADVANCING YOUR SECURITY CAREER

SEEK CREDENTIALS AND CERTIFICATIONS

creative idea or committed work ethic while performing your duties. Most seasoned security professionals understand that their success is due in part to those who helped them along the way. These mentors are to be protected as valuable assets because they can help provide meaningful opportunities for growth. They can advance many facets of your career planning from managing daily workplace challenges to formulating a five-year plan. “One of the greatest values of mentors is the ability to see ahead what others cannot see and to help them navigate a course to their destination.”—John C. Maxwell (AZquotes, n.d.).

EXPLORE OPTIONS What opportunities lay ahead? Research LinkedIn, Indeed.com, career fairs or simply Google security jobs or security company websites to provide you with real-time openings. For a static but helpful guide to opportunities, check out the SIA Security Industry Careers Guide (Aronson, Dunn, Huddart, & Kohl, 2017). The most comprehensive approach is offered by ASIS through ASIS Career HQ (ASIS International, n.d.-a), which offers professional services such as resume writing and career coaching as well as a current list of security professional openings.

DO YOUR HOMEWORK Many higher education institutions offer undergraduate, graduate certificate programs, and graduate degree programs in fields relating to security, including criminal justice, risk management, emergency management, public administration, Homeland Security, cybersecurity, and others. Remove the roadblocks of time and cost through online programs that complement your work schedule and through full or partial scholarships often offered at your workplace, higher educational institutions or professional security organizations.

501

At the end of the day—or end of the semester—experts agree that education helps to advance your career at any level in many ways, including the following (Walburg, 2018): 1. 2. 3. 4. 5.

Gain knowledge Enhance your soft skills Demonstrate a strong work ethic Boost your confidence for success Grow your social network

SEEK CREDENTIALS AND CERTIFICATIONS “Professionals are continually viewing higher credentialing as important for advancement," according to Howard Horton, President of the New England College of Business and Finance (Smith, 2013). The ASIS organization cites the following as rationales for ASIS board certification (ASIS International, n.d.-b): 1. Validate your security management expertise 2. Be globally recognized by your peers and industry 3. Get a competitive edge in the marketplace 4. Enhance your career and earnings potential 5. Broaden experience These three ASIS board-certified credentials clearly set the security professional apart (ASIS International, n.d.-b): 1. Certified Protection Professional (CPP)— Board certification in security management: • Demonstrates your knowledge and competency in seven key domains of security • Globally recognized as the standard of excellence for security management professionals 2. Professional Certified Investigator (PCI)— Board certification in investigations • Demonstrates your knowledge in three key domains identified by professional investigators as required areas of competency in this field

III. ADVANCING YOUR SECURITY CAREER

502

45. CAREER PLANNING

3. Physical Security Professional (PSP)—Board certification in physical security • Demonstrates your knowledge in physical security assessments, application, design, and integration of physical security systems, and implementation of security measures There are many other certifications and credentials, so the challenge is for you to do the research, especially as they apply to your position or future plans. Don’t forget about certifications and learning about the latest best practices from Department of Homeland Security (DHS) through online independent study programs. (Federal Emergency Management Institute [FEMA], n.d.). Opportunities for classroom instruction are also available. The training is free and taught by subject matter experts.

EXPERIENCE Experience in a particular field or in a position is one of the most cited criteria or qualifications for employers. A quick search through online job boards or job openings will reveal that the majority of the positions require a “minimum” number of years of experience. If experience is not required for a particular position, there are often other qualifying criteria such as education, certification, or skills listed as a prerequisite. Internships are an excellent way for a student to gain experience in the security and/or criminal justice industry. Employers are much more inclined to hire an intern with no or limited experience than a permanent employee with no or limited experience. The significant differences are the internship has defined employment dates, the intern is more closely supervised, and internships are often unpaid. Two new websites have been recently launched to connect employers and students with internships. The website internships.com (Chegg Internships, n.d.) provides a listing of security internships listed by employers with both a proprietary and contract security staff. The Criminal Justice website (Internships and Practicums, n.d.)

provides a listing of criminal justice internships with local, state, and federal agencies. Both websites offer more than just a listing of internships. They offer resume templates, scholarship information, career news articles, and a listing of other valuable websites. There are times when career planning involves a transition into another field or discipline. For example, a security director may want to transition into audit or compliance. While these two fields are loosely related, the transition may be smoother if it occurs within the same organization. It is more difficult to transition into another field or discipline at another company or organization. Volunteering is another approach to filling the experience void in one’s resume. Volunteer work can sometimes be performed for nonprofit organizations such as churches or civic organizations. It can also be offered by different departments in one’s employing organization; an employee may volunteer to perform work outside of their department. This gives them volunteer experience, something to put on their resume, and references for future jobs.

INVESTIGATE LICENSURE Once you’ve identified your potential area of interest, determine if the position requires a license. (Some laws vary from county to county and state to state.) These licenses give the security professional the right to practice and also elevate your marketability. “Licensing is intended to ensure that only competent and ethical individuals practice in an occupation. To obtain a license you must demonstrate that you meet state standards for that career. Steps include completing specified training, logging a designated amount of work experience, and taking a licensure exam” (US Department of Labor, n.d.). Examples of some licenses relating to security include firearms, unarmed security officer, armed security officer, private patrol, and investigations. Continue to build your professional profile.

III. ADVANCING YOUR SECURITY CAREER

FURTHER READING

CONCLUSION “You are accountable for your own success. As such, it is your responsibility to discover your special gifts, attributes, and capabilities that can give you a competitive edge and the greatest probability to have a flourishing career. Career management requires quality networking, being in the right place at the right time, earning a voice at the table, knowing your unique value proposition and how to use it, managing your personal brand, being influential—to name a few essentials. But in the end, all of these factors require one important thing: a personal commitment to manage and invest in your career the right way” (Llopis, 2012). Career planning is a commitment to and an investment in your future. By applying these practical suggestions and the security techniques you already practice, you can further your career and reach those positions of increasing rank, responsibility, and compensation.

References Aronson, P., Dunn, S., Huddart, M., & Kohl, G. (2017). SIA Security Industry Careers Guide. Retrieved from https://www.securityindustry.org/report/sia-securityindustry-careers-guide/. ASIS International. (n.d.-a). Career HQ. Retrieved October 23, 2019, from https://www.asisonline.org/professionaldevelopment/career-hq/. ASIS International. (n.d.-b). About certification. Retrieved October 23, 2019, from https://www.asisonline.org/ certification/asis-board-certifications2/. AZquotes. (n.d.). John C. Maxwell Quote. Retrieved October 23, 2019, from https://www.azquotes.com/quote/882171. Career Vision. (n.d.). What is career literacy? Retrieved October 24, 2019, from https://careervision.org/careerliteracy/. Chegg Internships: Security. (n.d.). Retrieved October 23, 2019, from https://student.internships.com/search? position-types=internship&context=seo&seo-mcid= 33755519234325544964616447658582092856&keywords= security. Federal Emergency Management Institute (FEMA)—Independent Study (IS) j course list. (n.d.). Retrieved October 23, 2019, from https://training.fema.gov/is/crslist.aspx.

503

Internships and Practicums. (n.d.). Retrieved October 23, 2019, from https://www.criminaljustice.com/resources/ internships-and-practicums/. Llopis, G. (2012, November 28). Five most effective ways to invest in your career. Retrieved from https://www. forbes.com/sites/glennllopis/2012/10/22/five-mosteffective-ways-to-invest-in-your-career/#340787495c8f. Martin, M. (2019, October 10). How to do a personal SWOT analysis. Retrieved from https://www.businessnewsdaily.com/5543-personal-swot-analysis.html. Petruzzi, J. (2017, November 29). ESRM: An enduring security risk model. Retrieved from https://www.asisonline. org/publications–resources/news/blog/esrm-anenduring-security-risk-model/. Ritchey, D. (2012, June 1). 2012 security leadership issue: the security leader: Beyond guns, guards and gates. Retrieved from https://www.securitymagazine.com/articles/ 83130-2012-security-leadership-issue-the-security-leaderbeyond-guns-guards-and-gates. Santa Barbara Career Services, University of California. (n.d.). Three steps of career planning. [PDF file]. http://career.sa.ucsb.edu/files/docs/handouts/Three %20steps%20of%20career%20planning.pdf. Self-Actualization j Definition of Self-Actualization by Lexico. (n.d.). Retrieved October 23, 2019, from https:// www.lexico.com/en/definition/self-actualization. Smith, J. (2013, August 14). 12 Tips for professionals who want to go back to school. Retrieved from https:// www.forbes.com/sites/jacquelynsmith/2013/08/14/ tips-for-professionals-who-want-to-go-back-to-school/ #53014cbb3fa3. US Department of Labor. (n.d.). CareerOneStop. Retrieved October 23, 2019, from https://www.careeronestop. org/. Walburg, E. (2018, February 21). Five reasons why education helps to advance your career at any level. Retrieved from https://www.cornerstone.edu/blogs/lifelong-learningmatters/post/five-reasons-why-education-helps-toadvance-your-career-at-any-level.

Further Reading Maxwell, J. C. (2015, February 12). From Oprah to Churchill: 20 inspiring mentoring quotes. Retrieved from https:// www.geteverwise.com/mentoring/20-inspiringmentorship-quotes/. McKinley Advisors for ASIS International and Security Industry Association (SIA). (n.d.). Security Industry Career Pathways Guide: Practitioners and Suppliers. [PDF file]. https://www.asisonline.org/globalassets/ professional-development/careers/documents/ careerpathwaysguide.pdf.

III. ADVANCING YOUR SECURITY CAREER

E P I L O G U E

Training Topics From ASIS Guideline PSO-2019

(a) Access control and visitor management • Electronic security systems • Ingress and egress control procedures (b) Applicable jurisdictional laws including those relating to individuals’ rights and privacy (c) Control center operations (d) Containment, search, and detention (e) Critical incident response (e.g., natural disasters, accidents, human caused events) • Disaster preparedness • Evacuation processes (f) Crime scene investigation procedures and evidence preservation (g) Crowd control procedures (h) De-escalation and conflict resolution (i) Electronic communications • Electronic devices (two-way radios, cell phones, emergency communication stations) • Communications protocol (routine and emergency situations) (j) Emergency preparedness and response procedures (k) Employer orientation and policies • Communications modes, including electronics (e.g., telephones, pages, radios, computers)

505

(l) (m) (n) (o) (p)

(q) (r) (s) (t)

(u)

• Mission and values • Substance abuse Equipment and materials, management and controls Gender and cultural issues and respect for the local population Incident and crisis management Information security Interpersonal communications • Conflict resolution • Customer service and public relations • Media interaction • Verbal communication skills Interview techniques Job assignment and post orders Labor relations (strikes, lockouts, etc.) Legal aspects of private security • Court testimony • Equal employment opportunity (EEO) and diversity • Evidence preservation • Incident scene preservation • Power of arrest • Federal, state, and local laws • Criminal and civil laws • Use of force policy Life safety awareness • Emergency equipment use and placement

506

(v) (w)

(x) (y) (z) (aa) (bb) (cc)

EPILOGUE

• Fire prevention skills • Hazardous materials and right to know law • Safety hazards in the workplace/ surroundings • Providing medical assistance and/or first aid Note taking, documentation, and report writing Observation and incident reporting • Observation techniques • Patrol techniques and response Patrol vehicle operation Physical and cyber security measures Principles of safeguarding proprietary and confidential information Processing of information and complaints Public relations, images, and professionalism Public safety/private security liaisons

(dd) Response to threats or violence security awareness • Crime and loss prevention • Information sharing • Private security officers and criminal justice system (ee) Screening operations (ff) Security officer conduct • Ethics • Honesty • Professional image (gg) Traffic and parking lot security (hh) Training in support of law enforcement (ii) Use of force (jj) Weapons (kk) Workplace violence Taken from the Private Security Officer Selection and Training Guideline. (2019). Alexandria, VA: ASIS Commission on Standards and Guidelines. Used with permission.

Index

Note: Page numbers followed by f indicate figures and t indicate tables.

A Access control access authorization, 170 access system database management, 172 administrative and engineered controls, 166 arrest and trespassing charges, 167 assets security, 166 audit and record keeping, 169–170 biometric technologies, 173 custody of client keys, 167–168 data analytics, 171–173 definition, 165 electronic access control systems, 167, 171–172 emergency, 168 emerging trends, 173 examples of, 168–169 function and practice, 166 in information age, 173 locks and key control, 171 “mobility impaired” access, 167 monitoring, 166–169 network video, and integrated systems, 167, 173 physical security, 166, 170 protected area, patrols of, 166 protection/defensible zone, 166–167 wireless and radio frequency communication, 172 Accident investigation, 66–67 Accident prevention, 67 Accident/technical failures, 404 Accuracy, 264 Acquisitive crowds, 286–287 Acrylic plastic, 417 Action identification view, 423

Active assailants Active Shooter Response plans and training, 121 case studies Crossroads Center Shopping Mall Stabbing Attack, 129–130 Happy Land Fire, 128–129 Kraft Foods Shooting, 129 Nice Truck Attack, 130 Pulse Nightclub Shooting, 130 Virginia Tech Shooting, 129 definition, 121 firearms-based attacks, 122 law enforcement and emergency response, 128 mental health issues, 124–125 phenomenon, 122 role of protection officers, 127–128 security measures, 125–127 access control, 126 law enforcement and emergency dispatch personnel, 126 lighting, 127 network video, and integrated systems, 442 physical security inspection, 126–127 planning, 125–126 threat detection and assessment, 125 training behavior changes identification, 124 disgruntled employee, 123 domestic violence offenders, 123 programs, 124 warning signs of violence, 123 Workplace Violence and Intervention program, 124 weapons and tactics, 122 weapons policies, 127

507

workplace violence prevention, 122–123 Active crisis communications, 345 Active shooter, solutions to Broken Windows Theory, 134 NFPA 3000 (PS), 136 return on investment (ROI) ideas, 135 12 no-cost/low-cost security improvements, 133–135 12-point plan, 136 Acts of terrorism, 37, 404, 428 Administrative controls, 67–68 Administrative law, 79 Administrative/regulatory law, 10–11, 79 Aerosol lubricants, 351 Affirmative defense, 148 Agency, in civil law, 78 Agitation, 229 Air sampling detectors, 440 Alarm system, 433 asset security, 166 balanced magnetic switch, 436–437 capacitance sensors, 437 components, 434 definition, 434 dual-technology sensors, 437 duress alarms, 438 emerging trends, 442–443 glass-break sensors, 436 microwave motion sensors, 437 monitoring, 419–420 central station, 434–435 direct fire/police, 435 local, 434 proprietary, 435 nuisance alarms, 438–439 operator interfaces audible alarm devices, 436

508 Alarm system (Continued) customized, data-driven reports, 436 logging devices, 436 operator control, 436 visual displays, 435–436 passive infrared sensors, 437 pressure mats, 437 pressure switches, 437 response building automation sensors, 441 building automation systems (BAS), 441 fire alarm sensors, 440–441 fire alarm systems, 439–440 integrated systems, 442 network video system, 442 tactics, 439 Alcohol, 220, 245 All-hazards approach, 350, 359 Al Qaeda (AQ), 333–334 Amphetamines, 234, 244 Ancillary supportive functions, of patrol, 91–92 Antidote, 247 Anti-pass back, 167 Anxiety, 129, 222, 229 Apprehension and detention procedures arrest citizen’s, 142 custody, 142 definition, 141–142 restrained, 142 what constitutes an, 143 dealing with aftermath, 148 methodology, 145–147 Murphy’s Law, 148 reasonableness, 143–144 security officer in trouble assault, 145 battery, 145 civil law violations, 145 criminal laws, 144 false imprisonment, 145 invasion of privacy, 145 malicious prosecution, 145 keys to avoid liability, 145 problem avoiding guidelines, 145 use of force, 147–148 working model development, 142–143

INDEX

Area protection sensors, 437 Aroused crowds, 287 Arson fires, 164 Artificial intelligence (AI), 206, 211–212, 431 ASIS International, 485 Commission on Guidelines, 108 Investigator certification PCI, 273 jobs in security industry, 109 physical security measures, 8 Physical Security Professional (PSP) designation, 431 Professional Investigator’s Manual, 263–264 security awareness for private security, 392 security standards, 79 Training Topics, PSO-2019, 501–502 workplace violence prevention, 123 Asset(s), 367, 369 classifications, 5 definition, 5 loss, 4 management, 367 analysis, 371–372 process, 368 qualitative analysis, 368 quantitative analysis, 368 threats, 369–370 vulnerability, 370–371 mitigation, 7 risks criticality, 6 frequency, 6 impact, 6–7 probability, 6 valuation, 5 vulnerability, 6, 370–371 Asset protection commerce, 9 contemporary careers auditor/investigator, 16–17 central alarm station operator/ dispatcher, 16 fixed posts, 16 information technology (IT) security, 17 patrol officer, 16 penetration testing, red teams, and security researchers, 17 private investigators, 17 retail loss prevention agent, 16 specialized security functions, 17

definition, 4 fire protection, 11–12 insurance, 9 laws, 10–11 layered protection, 7–8 patrol, 88 prevention of loss, 197 safety, 9 Association of Certified Fraud Examiners (ACFE), 16, 485 Attrition, 238 Audible alarm devices, 436 Auditory learner, 261–262 Automated external defibrillator/ cardiopulmonary resuscitation (AED/CPR) training, 36, 105, 297 Cardiac Chain of Survival, 110–111 cardiac emergency, 109–110 and first aid training, 111 Automatic sprinklers, 155 Automatic traffic signals, 150 Awareness, in patrol, 95–96

B Backscattering technology, 178 BACnet, 441 Bad trip, 247–248 Balanced magnetic switch (BMS), 436–437 Balanced switch, 418 Barbed tape, 428 Barbiturates, 238, 242, 245 Barcode, 420 Bargaining unit, 295, 298, 300 Baseline, in patrol, 98–99 Basic physical security officer (BPSO), 21, 28 Beam detectors, 440 Biometrics, 173, 296, 325 BitCoin, 448, 466 Black’s Law, 101, 141–142 Blockchain, 466 Blotter acid, 248 BLUF (bottom line up front), 346 Body cameras, 96–97 Body guarding, 445 Bomb threat checklist, 298, 376 Bomb threats, 298, 337 assessment, 340, 342f bottom line up front (BLUF), 346 calling in, 338 emergency management

INDEX

crisis communications, 345–346 risk communications, 345 evacuation cover and concealment, 341 criminal hoax, 341 diversionary/ambush attack, 341–343 IED inside, 343 IED outside, 341 secondary attack countermeasures, 344 likely safest response, 343 maximum disclosure and minimum delay, 346 mentality of bomber, 338–339 search, 340–341 suspicious item, 340 and suspicious packages, 376 United States Bomb Data Center report, 337–338, 338f Boombarriers, 155 Boomerang, SDS, 181 Brevity, 193 Broken Windows Theory, 134 Brush pass, 324 Building automation sensors gas detectors, 441 integrated sensors, 441 level indicators, 441 power failure sensors, 441 temperature sensors, 441 Building automation systems (BAS), 441 Bullet-resistive material, 416–417 Bummer trip, 247–248 Burglar/vandal-resistive glass, 417 Burglary-resistive safes, 428 counterspy dial, 427 depository, 426 extra weight added, 427 floor anchoring, 427 interiors, 426 relocking devices, 427 time-delay locks, 427 time locks, 426 UL labels, 427 Burglary-resistive vaults, 427–428 Buy-in, 397–398

C Cameras, 88–90, 93, 96–97, 208–209, 241, 297, 300, 317, 424, 442, 456 Campus Safety, 4, 15, 129, 187

Campus Safety Magazine, 500 Canine detection, 178–179 Canine olfaction, 179 Cannabis, 241, 243 Capacitance sensors, 437 Card access systems, 401, 414 access control, 421–422 capabilities, 420 functional operation, 421, 421f types of cards, 420 Cardiac emergency, 109–110 Cardiopulmonary resuscitation/ automated external defibrillator (CPR/AED) training, 36, 105, 297 Cardiac Chain of Survival, 110–111 cardiac emergency, 109–110 and first aid training, 111 Career planning, security professionals career exploration, 499 education, 499–500 experience, 502 finding mentor, 500–501 homework, 501 internships, 502 job search, 499 licensure, 502 networking, 500 options exploration, 501 seeking credentials and certifications, 501–502 self-assessment, 499 staying current, 500 SWOT analysis, 499–500 understanding industry, 500 volunteering, 502 Case law, 74–75 Cell-phone systems, communication device, 193–194 Center for Security Studies (CSS), 404 Certification programs, 12, 16, 273, 431, 485 Certified in Security Supervision and Management (CSSM), 15–16, 20–21, 29, 450, 485 Certified in Security Supervisor and Management (CSSM) program, 450 Certified Protection Officer (CPO), 15–16, 21, 28–29, 476, 485 course, 450 Certified Protection Professional (CPP), 501

509 Chicanes, 155 Chain-link fencing, 143, 428, 430 Chain of Survival, 110–111 Charge coupled device (CCD), 424 Chemical weapons of mass destruction, 179 Chemiluminescence detectors, 178 Chip card. See Smart card Chokers, 155 Cipher, 324 Circumstantial evidence, 82 CitizenAID app, 449 Citizen’s arrest, 142 Civil code of France, 74 effect on legal system, 75–76 Civil disobedience, 376–377 Civil disturbances, 411, 428 Civil law, 10, 75–79, 78t agency, 78 contracts, 77 security officer in trouble, 145 assault, 145 battery, 145 false imprisonment, 145 invasion of privacy, 145 malicious prosecution, 145 torts, 78 warranties, 77 Classified information, 327 Classroom training methods, 36–37, 66 “Clickbait” magnets, 467 Client keys, custody of, 167–168 Cloud computing, 460 Cloud Storage, 424–425 Cocaine, 244, 250 Code, 194–195, 324, 420 Code of conduct policy, 93 Commerce, 9–10, 12 Commercial Facilities Sector, 406 Commercial system monitoring, 419–420 Common law, 74 Communications Sector, 406 Community-based professional security organizations, 500 Community officers, 34 Compact fluorescent lights (CFLs), 351 Competitive information, 452 Competitive intelligence vs economic espionage, 453 Complementary metal oxide semiconductor (CMOS), 424 Compliance investigations, 265

510 Computed tomography (CT), 178 Concealment, 312–314, 318, 341 shelved merchandise, 313 trash and garbage containers, 313 vehicle parking, 313 Confidentiality, 169–170, 254–255, 474 Consoles, 424 Containment, fire, 162 Continuing education, 431 Continuous lighting, 415 Contraband detection technology. See Detection technology Contract clauses, 458 Contracts, in civil law, 77 Controls, network video, 424 Corporate politics, 43 Cost-benefit analysis, 7 Counter competitive intelligence, 453 Counterfeiting, 266 Counterintelligence, 453–454, 459. See also Information security Counterspy dial, 426–427 Covert electronic surveillance, 207–208 Covert personal surveillance, 206–207 CPR training, 107–111 Crime, 5–6, 61, 334, 411. See also Incident scene; Workplace crime physical security planning, 411 preservation of, 78t, 266 Crime analysts, 317–318 Crime Prevention Through Environmental Design (CPTED), 8–9, 53, 307 Criminal hoax, 341 Criminal laws, 10, 76, 76–77t, 79t security officer in trouble assault, 144 battery, 144 false arrest, 144 Crisis communications, 344–347, 379 active approach, 345 implementation guidelines, 345 passive approach, 345 Crisis intervention active listening, 224 best practices guideline, security professional, 223 crisis behavior stages, 222 emerging trends, 227–228 guidelines, 223 safety considerations, 227 team intervention

INDEX

leadership, 226–227 objective, 226 positive factors, 226 Critical incident, 378, 383 briefing/management, 49 Fire or Police Academy, 49 help seeking, 50 9-1-1 Public Safety Telecommunicators, 49 Critical incident stress, 49, 227–228 formal debriefing process, 50–51 symptom, 51 teaching, 51 Critical incident stress debriefing (CISD), 50, 227–228 Critical Information Infrastructure Protection (CIIP), 404 Critical infrastructure Chemical Sector, 406 Commercial Facilities Sector, 406 Communications Sector, 406 Critical Manufacturing Sector, 406 Dams Sector, 406 Defense Industrial Base Sector, 406–407 definition, 403 Emergency Services Sector, 407 Energy Sector, 407 Financial Services Sector, 407 Food and Agriculture Sector, 407 Government Facilities Sector, 407 Healthcare and Public Health Sector, 407 Information Technology Sector, 407 International Critical Information Infrastructure Protection (CIIP), 404 nuclear, materials, waste sector, 407 Presidential Policy Directive-21 (PPD-21), 404 Sector Specific Agency (SSA), 404 Transportation Systems Sector, 407 US National Infrastructure Protection Plan (NIPP), 404–408 Water and Wastewater Systems Sector, 407 Critical Infrastructure Cross-Sector Council, 406 Critical points, 105 Critical thinking, patrol, 102–103 Crossroads Center Shopping Mall Stabbing Attack, 129–130

Crowd management/special events actions, 287–288 alcohol service considerations, 292–293 definitions, 284 detection, 423 emerging trends, 293 formation, 284–285 causes, 285 management assessment, 291–292 mob formation, 289 personal behavior, 291 physical control techniques, 289 planning considerations, 290–291 protective groups, 290 psychological factors, 285–286 riot control force deployment procedures, 291, 292f arrowhead, 291 left flanking and right flanking, 291 line, 291 security and demonstrations, 289 suggested countermeasures, 287–288 types, 286–287 verbalization, when ineffective, 289 Cryptocurrencies, 466 Cryptography, 324 Crypto-mining, 466–467 Curb extensions, 155 Cyber assassination, 464 Cybercrime, 317 Cybersecurity, 329, 457 clickbait magnets, 467 connected car crash, 463–464 cryptocurrencies, 466 crypto-mining, 466–467 cyber assassination, 464 cyberterrorism, 464–465 emerging trends, 466–467 intrusion, 465 malware infection, 465–466 pie, 467–468 ransomware, 465–467 recognizing bad URL, 467–468 zero-day attacks, 465 Cyberterrorism, 464–466 Cyber threats, 109, 404

D Dams Sector, 406 Danger zone, 68 Data breach investigation, 255–256

INDEX

Data mining, 454, 456 Deadbolts, 422 Dead drop, 324, 329 Deadlines, in meetings, 43–44 Deceptive interviewee, 279–280 Decision-making skills, 472 Defense and protection of handler, 179 Defense Industrial Base Sector, 406–407 Defense, layered protection, 7–8 Delay, layered protection, 8 Dementia solutions, 229–230 symptoms cognitive changes, 229 psychological changes, 229 Demographics, crime control, 12 Demonstration, in crowd, 284 Demotions, disciplinary, 302 Department of Agriculture and the Department of Health and Human Services, 407 Department of Energy, 407 Department of Health and Human Services, 234–235, 407 Department of Homeland Security (DHS), 124, 134, 356, 377, 399, 403–404, 406–407 Department of Homeland Security and the Department of Transportation, 407 Department of Homeland Security and the General Services Administration, 407 Department of the Treasury, 407 Deportment, 97, 474, 477 Depressants, 241, 245 Depression, 229 Detection, layered protection, 7 Detection technology alarm response, 181–182 canine detection, 178–179 how to choose, 179 electronic article surveillance, 179–180 emerging trends, 182 explosive detection, 178 backscattering technology, 178 chemiluminescence detectors, 178 computed tomography (CT), 178 gunshot detection technology, 180–181, 181f life-cycle cost, 176 metal detection

automated detector, 176 continuous wave devices, 177 equipment, which is best?, 176 magnetometers, 177 manual inspection, 176 nonportable/fixed metal detector, 176 police investigative units, 176 pulse-field detectors, 177 selection, 176 training material, 176 unmanned aerial vehicle (drone), Federal Aviation Administration, 180 Deterrence general, 306 in layered protection, 7 specific, 306 Deterrence media, 345 DHS’s “See Something, Say Something” campaign, 332, 399 Digital surveillance, 206, 208 Digital video recorders (DVRs), 209, 424, 442 Dilaudid, 246 Dilution method, hazardous materials (HAZMAT), 353–354 Direct evidence, 82 Disasters, 284–285, 361, 376–377, 382, 411 Disgruntled employee, 123 Disruptive behaviors. See also Crisis intervention best practices guideline, 223 causes anger/frustration, 221 emotional problems/mental illness, 220 illness/injury, 220 stress, 220–221 substance/alcohol abuse/ medication reaction, 220 controlling disruptive/violent behavior, 225–226 crisis behavior stages, 222 five-stage process documentation, 221–222 evaluation, 221 implement, 221 planning, 221 review/after-action, 222 nonverbal communications, 224–225 verbal and physical, 223

511 Diversionary/ambush attack, 337, 341–343 Documentary evidence, 81 Documented evidence, 276 Door prop alarms, 167 Double loop learning security awareness model, 395, 395f Double loop learning theory, 395 Drones, 70, 180, 183, 300, 335. See also Unmanned aerial vehicle (UAV) 55 lb and over, 185 accident reporting under the small UAS rule, 188 features and benefits, 185 Federal Aviation Administration, 183 GPS, 183 guidelines aircraft requirements, 183 commercial and small UAS operation, 183 operating rules, 183 location requirements, 183 pilot requirements, 183 recreational fliers, 183 legal/regulatory basis, 185–186 in picket line/protest, 300 security applications, 186–188 security teams, 187 in terrorists attack, 334 uses new, 189 list of, 186 Drug abuse (see Substance abuse) characteristics, 243–248 definition, 234 dependency, 236–237 detection, 177–179 illicit, 234–236, 238 lookalike, 242 mind-altering, 236 psychoactive, 234, 236, 238 self-administration of, 236 testing, 239–240 trafficking, 240 Drug dependence causes attrition, 238 controllable use, 238 denial, 237 harmless theory, 238

512 Drug dependence (Continued) mixed messages, 237–238 disease, stages, 236 physical and psychological, 236 programs and treatment, 236–237 recovery, 237 Drugs of Abuse: A DEA Resource Guide, 248 Dry alcohol. See Depressants Dual technology sensors, 419, 437 Dual-trained dogs, 179 Due diligence, 68, 192 Duress alarms, 438

E Economic espionage, 453 competitive intelligence vs, 453 Economic Espionage Act (EEA), 453, 455, 458 Education ASIS International, 31 and career planning, 499–500 continuing, in security field, 431 in emergency response plan, 386 IFPO, 31 professional organizations, 484 and security awareness, 392 of security officers, 34 Effective communications, 23, 226 channels of, 192 consider the audience, 192–193 definition, 191–192 devices intercoms, 194–195 repeaters, 194 telephone and cell-phone systems, 193–194 walkie talkie, two-way radios, 194 due diligence, 192 emerging trends, 195 essentials, 192 myths and misconceptions, 193 proper use of communication devices, 193–195 six essentials of, 192 verifying with feedback, 193 Electric locks, 422 Electromagnetic locks, 422 Electronic access control systems, 167, 171–172 Electronic article surveillance (EAS), 179–180 Electronic surveillance operations, 206

INDEX

Emergency management, 66, 381f in bomb threats crisis communications, 345–346 risk communications, 345 key terms and acronyms in, 381f Emergency medical services (EMS), 109, 267, 290, 293, 384, 482 Emergency medical technician (EMT), 139, 374, 377 Emergency Notification Systems (ENS), 394 Emergency Operations Center (EOC), 383 Emergency personnel, 483 Emergency plan, 68, 339, 344–345 Emergency planning, 374, 415 access control, 168 cardiac, 109–110 case studies, 377–378 comprehensive plan development, 384–385 considerations, 378–379 evacuation equipment, 35 exit, 65 devices, 422 door, 422 impact of, 374, 375f key terms, 381f management plan, 66, 376, 381f multiagency responses, 386–387 natural and technological hazards, 374–376, 375f response plan, developing all-hazard emergency operations planning, 385 components, 378 Emergency Operations Center (EOC), 383 evacuation drill, 386 evaluation plan, 386–387 full scale exercise, 386 functional drills, 386 Homeland Security Exercise and Evaluation Program (HSEEP), 385 incident command system (ICS), 380–381, 382f media relations, 383–384 National Incident Management System (NIMS), 382–383 NFPA Standard 1600, 379 orientation and education sessions, 386

reviewing and integrating, 385–387 standard operating procedures (SOPs), 385 tabletop exercise, 386 training and testing, 385–386 vulnerability analysis, 379–384 walk-through drill, 386 scope of the problem, 378 types, 374–378 bomb threats/suspicious packages, 376 civil disobedience, 376 disasters, 376 fires and evacuations, 375 medical events and accidents, 374 power outages, 376 shelter in place and lockdown incidents, 375 terrorist actions, 376 vehicles, 153 vulnerability analysis, 379–384 Emergency response, 91, 94, 128 Emergency Response Guidebook, 351–353, 449 Emergency Services Sector, 407 Employee assistance programs (EAPs), 235–236, 239–240 Employee dishonesty, 311 Encryption technology, 325 Enforcement/compliance agent, 21, 23 Engineering controls, 68 Enterprise approach, 360 Enterprise Security Risk Management (ESRM), 25, 103, 452, 500 Entry-level security officer, 36 The Environmental Protection Agency, 10–11, 352–353, 407 Erasing fluid, inhalants, 248 Ergonomics, 68 Escalation, crisis behavior, 222 Escape crowd, 286 Escorts, 297 Espionage, 309, 316, 321–322 codes and ciphers, 324 and communications technology, 324–325 competitive intelligence vs economic, 453 conducting tradecraft, 324 cryptography, 324 cybersecurity, 329 economic, 453

INDEX

in history, 322 and IT professionals, 329 motivations, 326–327 red teaming, 329 sabotage, 323–324 security clearance and classifications, 327 social engineering, 325–326 trade secrets, 327–329 in 21st century, 322–323 ESRM Board Initiative, 103–104 Ethical behavior, 472–473, 479 Ethical investigation, 263 Ethics and professionalism decision-making skills, 472 definition of ethics, 473, 479 ethical behavior, 473 ethics of care philosophy, 479 high-profile profession, 472–473 International Foundation for Protection Officers Code of Ethics, 473 key terms and concepts, 473–479 making wrong choices, 472 protection officer code of ethics, 473–475 rights, 479 standards of conduct, 475–478 trends, 471–472 unethical behavior character flaws, 478 conflict, 478 fatigue, 478 impact, 472 path of least resistance, 478 resistance to change, 478 and unprofessional, impact of, 472 values and ethics, 478–479 ETH Zurich, 404 European Civil Code, 75–76 Evacuation drill, 386 Evacuations, fire and, 375 Evidence, 81 in bomb threats, 341 collection, 273 incident scene, 201–202 chain of custody, 202 collection and preservation, 202 physical, 201 recommended procedures, 201–202 for labor action, 300 legal aspects, 81–83

testimonial, 276 types, 276 on weapons policies, 127 Examination Under Oath, 269 Exemplary conduct, 473–474 Exploitability, 370–371 Explosion resistive glazing, 417 Explosive detection, 178 Explosives, 177–179, 182, 340 Expressive crowds, 286 Extinguishers annual inspection, 161 carbon dioxide, 161 dry chemical, 161 fire, 160–161, 351 foaming agents, 161 halogenated units, 161 hardware, 162 pressurized fire, 351 training security officers, 161 water based, 161 Extreme weather, 404

F FAA Flight Standards District Office (FSDO), 188 FaceTime, 486–487 Fact-finding conversation, 258 False imprisonment, 145 Federal Aviation Administration (FAA), 10–11, 180, 183, 186–188 Federal Emergency Management Agency (FEMA), 298, 379–380, 383–385 Fencing, 7, 90, 428–430 Fentanyl Ch.94C section 32E, 85 Field interview stance, 225 Field notes, 214 “Fight or flight” syndrome, 277–278 Finance, in ICS, 381 Financial Services Sector, 407 Financial strains, 309 Fire arson, 164 basics, 157–159 components, 157–158 containment, 162 detection methods electronic detection, 159–160 human observation, 159 and evacuations, 375 mechanism, 157–158 plans, 162–164

513 prevention extinguishers, 160–161 carbon dioxide, 161 dry chemical, 161 foaming agents, 161 halogenated units, 161 water based, 161 inspection of hazard areas, 159 permanent extinguishing hardware, 162 tetrahedron, 158f types, 160, 160f weapon, as a, 164 Fire alarm sensors air sampling detectors, 440 beam detectors, 440 flame detectors, 440–441 heat detectors, 440 ionization detectors, 440 photoelectric smoke detectors, 440 pull stations, 441 Fire alarm systems, 422, 439–440 Fire extinguishers, 160–161, 351 Firefighters, 351–352 Fire or Police Academy, 49 Fire personnel, 483 Fire protection, 11–12, 64 Fire-resistive containers, 428 Fire triangle, 157–158 First aid, 36, 68, 105, 111, 355 First aid training, 111 emergency medical technicians (EMTs), 139 lifesaving skill, 140 “Stop the Bleed” training, 139–140 tourniquets, 140 First line of defense, 173, 351–352, 413–414 Fixed lens, 424 Fixed post, 16, 93, 168 Flame detectors, 440–441 Flashlight, in patrol, 98 Flight Standards District Office (FSDO), 188 Flood, 375f, 377 Flow of traffic, 152–153 Follow-up investigation, 266 Food and Agriculture Sector, 407 Foreseeability, 92 Formal debriefing process, 50–51 Forum of Incident Response and Security Teams (FIRST), 404 Fourth Amendment, 114

514 Freely rotating barbed wire fence, 428 Full-scale exercise, 386 Fuming sulfuric acid, 355 Functional drills, 386

G Gas detectors, 441 Gaseous discharge lamps, 415 Gasoline, 248 Gate duty, in traffic control, 153–154 General deterrence, 306 General Services Administration, 407 General Stanley McChrystal, 464 General strain theory (GST), 309 Glass-break sensors, 436 Glue, 248 Golden thread rule, 83 GoToMeeting, 486–487 Government Coordinating Council (GCCs), 406 Graham v. Connor, 490 US 386 (1989), 114 Graphical user interface (GUI), 172, 424 Group of Eight (G8), 404 Guardian indoor gunshot detection technology, 180–181, 181f Guard services, 14 Gunshot detection technology, 180–181, 181f

H Hacker syndrome, 9–10 Hallcrest Report, 15 Hallucinations, 229, 247–248 Hallucinogens, 241, 247–248 Hamas, 333–334 Hand signals, in traffic control, 150–151, 151–152f Happy Land Fire, 128–129 Harassment Order 258E, 84 Harmless theory, 238 Harvard Business Review, 484 Hashish, 243, 249t Hashish oil, 243, 249t Hazard Communication Standard, 353 Hazardous materials (HAZMAT), 64, 68, 178, 350. See also Industrial hazards aerosol lubricants and de-icing materials, 351 classification system, 350 compact fluorescent lights (CFLs), 351

INDEX

concept of, 349–350 dilution method, 353–354 emergency personnel, 483 emerging trends, 356–357 ethanol-enhanced fuels, 350 events, 375 incidents, 351–352, 375f, 483 initial response contingency plan activation, 355 damage evaluation, 355 quantity of released substance, 354–355 site security, 356 substance identification, 354 lithium ion (Li-ion) batteries, 351 pressurized fire extinguishers, 351 protection officer, role of, 350–351 reponse models and templates, 353–354 response teams, 354 tools and resources diamond designation, 353 DOT guideline, 352–353 Emergency Response Guidebook, 352–353 firefighters, 352 Orange Book, 352–353 Hazardous Materials Regulations (HMR), 352–353 Hazardous Waste Operations and Emergency Response (HAZWOPER) Standard, 355 HAZMAT response team, 351–352, 355 Health and safety policy, 68 Health and safety program, 68 Healthcare and Public Health Sector, 407 Health, safety, security, environment, and quality (HSSEQ) process, 25, 29 Hearsay evidence, 82 Hearsay rule, 82 Heat detectors, 440 Heightened security, 339, 341, 343, 346–347 Heroin, 246–247 Hezbollah, 333–334 Hidden costs, of substance abuse, 235 High risk threat, 340–341 Hollerith badge, 420 Homeland Security Advisory System (HSAS), 332

Homeland Security Exercise and Evaluation Program (HSEEP), 385 Honesty, protection officer code of ethics, 474 Hostage situations, in VIP security, 448 Hostile crowds, 286–287, 290 Hot spots, 186, 268, 456 Huffing, 248 The Huffington Post, 464 Human concealment and tracking, 179 Hurricane Katrina, 179, 453–454 Hypervigilance, 445

I ICS. See Incident command system (ICS) If You See Something, Say Something campaign, 134, 392, 399 Illegal substances, 179 Improvised explosive devices (IEDs), 122, 339, 446–447 Inadvertent threats, 370 Inappropriate behavior, 229, 301, 458–459 Incandescent lamps, 415 Incident commander (IC), 204, 381 Incident command system (ICS), 380–381, 382f Incident investigation, 68 Incidents, 197, 374 bomb threats, 376 criminal activities, 198 definition, 197–198 emergency response plan, 384 FBI, 377 five-W’s (5-W’s), 198 hazardous materials, 375–376 Homeland Security Exercise and Evaluation program (HSEEP), 385 Incident Command System (ICS), 380–381 lockdown, 375 media relations, 383–384 National Incident Management System (NIMS), 380, 382–383 noncriminal incidents, 198 reporting, 197–198, 202–203 terrorist, 376 tracking loss-event information, 198 training and testing, 385–386

INDEX

Incident scene boundaries determining, 199 law enforcement, rules for, 203–204 objective by protection officer, 199 detailed and accurate notes, 202–203 evidence, 201–202 chain of custody, 202 collection and preservation, 202 physical, 201 recommended procedures, 201–202 governmental budgets, 204 hazards, 199 law enforcement personnel, rules for, 199 locations, 198 preservation, 199–201 protection, 198–201 protection officer’s objective, 199 quasigovernmental responsibilities, 204 Indirect losses, 9, 412 Individual Patrol Officer Kit (IPOK), 139, 139f Industrial disasters, 411 Industrial hazards, 70t accidents causation, 67 definition, 66 job factors, 67 lack of management control factors, 67 personal factors, 67 safety program, basic elements of, 66 Supervisors Safety Development Program (SSDP), 66 types, 66–67 emerging trends, 70–71 in Occupational Health & Safety (OH&S) programs broken/damaged equipment, 65 doors and emergency exits, 65 fire protection, 64 first aid and AED, 65 housekeeping maintenance and image, 65 improper labeling, 65 machinery maintenance, 65 personal protective equipment (PPE), 65

safety violation, 64 vehicle and fleet safety, 65 occupational risks, 60 and scenarios, 60 self-assessment, 61–64 self-protection, 66 vulnerability assessment, 61 Industrial hygiene, 68 Informal networking, 482 Information asset protection (IAP), 452–454, 452f, 460 Information assets, 451–452, 455, 457, 460 Information brokers, 454–456 Information officer, 381 Information security competitive intelligence vs economic espionage, 453 compromise, 453 counterintelligence, 453 definition, 452 economic espionage, 453 emerging trends, 460 information assets, 451–452 information assets protection, 452, 452f intangible assets, 452 professional protection officer, role of, 460 protective measures legal measures, 458 management measures, 458–459, 459f security measures, 457–458 sensitive information, 453 technical surveillance countermeasures, 453 threats changing technology, 455–456 data breaches, 454–455 end users, 455 information asset protection (IAP), 453–454 intangible assets, and information, 453–455 laptop computer theft, 454 level of authorized access, 454–455 natural disaster, 453–454 time-tested techniques, 454 trade secrets, 453 Information Systems Audit and Control Association (ISACA), 500

515 Information Technology Sector, 407 Infractions, 301–302 InfraGard, 500 Infrared sensor, 418–419 Infrastructure threats, 405 Inhalants, 241, 248 Inherent risks, 19–20 Injury/illness nature, 69 Insurance, 9, 11–12, 29, 78, 256, 364t Intangible assets, 452 threats to, 453–455 Integrated circuit card (ICC), 420–421 Integrated Security System, 430–431 Integrated sensors, 441 Integrated systems, asset security, 166 Intellectual property, 361, 452, 458 Intellectual property rights (IPR), 452 Intelligence agent, 21–23 Intelligence analysts, 317–318 Intelligence, pre-patrol, 96 Intelligent video, 423 Intel’s Shooting Star drones, 189 Intentional threats, 369–370 Intercom and broadcast capability, 38 Intercoms, 38, 70, 194–195 Internal investigations, 265 International Association of Healthcare Safety and Security (IAHSS), 485 The International CIIP Handbook, 404 International Critical Information Infrastructure Protection (CIIP), 404 International Foundation for Protection Officers (IFPO), 15–17, 24, 30, 33, 431, 450, 473, 485 International Foundation for Protection Officers Code of Ethics, 473 International Sports Sciences Association (ISSA), 500 Internet of Things (IoT), 211–212, 421–422, 430, 456 Internships, 502 Interpersonal communication, 493f listening skills, 494 nonverbal communication, 493 verbal communication, 493 writing skills, 494 Interviews, 275–276 concluding, 280 deception, 279–280 emerging trends, 280 vs interrogation, 276 nonverbal communication, 277–278

516 Interviews (Continued) process location selection, 278 open-ended questions, 278 preparation, 278 recording, 278 remember elements for statements, 279 written statements, 279 verbal communication, 276–277 Intrusion detection system components, 417–418 detectors/sensors, 418–419 signal transmission, 419 system controls, 419 system monitoring, 419–420 Intrusion sensors, 418, 442 Investigation definition, 254 emerging trends, 271 ethics accuracy, 264 objectivity and thoroughness, 263–264 Pinkerton’s firm, 263 timeliness, 264 follow-up, 266 and human communication, 257–263 legal and administrative proceedings, 269–271 liaison, 266–267 notes and reports, 267–268 preliminary, 264 compliance investigations, 265 incidents, 264–265 key steps information protocol, 266 locating/questioning witnesses, 265 preliminary report, 266 preserving scene, 266 scene safety, 265 misconduct investigation, 265 steps in, 265–266 private investigators, 256 process, 256 scope of, 254 surveillance, 268–269 testifying in proceedings, 271 undercover, 256 Investigator certification ASIS International PCI, 273 Ionization detectors, 440 iPhone first-aid app, 448

INDEX

Islamic State (ISIS), 333–334 ISSA, 500 Ivy Bells, 324–325

J Job design, 68 Job enrichment, 68

K Keys custody of clients, 167–168 locks and, 171 Key systems, asset security, 166 Kidnapping, VIP security, 448 Kinesics, 225 Kraft Foods Shooting, 129

L Labels, 179–180, 355 Labor laws, 79, 79t interaction of, 79–80 Labor relations/activities, 11, 295 bomb threat, 298 vs disciplinary process, 301–302 drones, 300 emerging trends, 302 lockout, 296 management plans access control, 296 escorts, 297 fire prevention/medical response, 297 incident command, 297 key control, 296 law enforcement response, 297 lighting, 297 network video systems, 297 patrols, 297 purchasing, 297 planning, 296–297 protest/picket line, 295–296, 298–299 searches, 301 strikes, 296 surveillance, 299–301 taunts and insults, 299 things to expect, 297–298 threatening phone calls, 298 vandalism/sabotage, 298 Laminated glass, 417 Lane narrowings, 154 Large-scale access control, 166 Law enforcement liaison, 474 Lawful strike, 296

Laws, security arrest, 73–74 burden of proof, 83 case law, 75 development of case law, 75 common law, 74 European Civil Code, 75–76 statutes, 75 emerging trends, 84–85 incarceration, 73–74 judgments, 73–74 probation, 73–74 search and seizure, 80–81 search warrants, 73–74 statutes, 75 common law, 74 trespass, 83–84 types of administrative law, 79 civil law, 77–79, 78–79t criminal laws, 76, 76–77t, 79t evidence circumstantial, 82 direct, 82 documentary, 81 hearsay rule, 82 real, 81 testimony, 81 interaction of, 79–80 labor laws, 79, 79t search and seizure, 80–81 young offenders, 80 Layered protection, 7–8. See also Security-in-depth Layering mitigation tools, in risk, 364, 364t Leader, definition, 489–490, 496 Leadership agent of change, 495–496 critical leadership skills ethics, 492 complying with laws, 492 organizational rules, 492 interpersonal communication, 493–494, 493f listening skills, 494 mission focus, 493 nonverbal communication, 493 verbal communication, 493 writing skills, 494 expectations, 491–492 guideline, 494–495

517

INDEX

high potential, 490 leader definition, 489–490, 496 managers and supervisors, 490 pitfalls of, 496 resistance to change, 495–496 skills development, 490–491 team members, 490 team member skills, 491 10 questions for potential leaders, 490–491 ten steps to be effective, 494–495 Legal aspects of security, 73–85 Legal consultant, 21, 23–24 Legal liability, 258–259, 410 Lenses, 424 Level indicators, 441 Liaison officer, 381 License plate recognition, 38 Licensure, 502 Life-cycle cost, 176 Light emitting diode (LED), 415 Lighting systems application considerations, 416 continuous, 415 gaseous discharge lamps, 415 lamps, 415–416 movable/emergency, 415 standby, 415 Lithium ion battery, 351 Local monitoring alarm system, 434 system monitor, 419 Locks and key control, 171 Locking hardware, 422 Lockout, 296 Logistics, ICS, 381 Lookalike drugs, 242, 244 Loss control, 20, 25, 68 Loud local alarms, 422 Low risk threat, 340–341 Loyalty, protection officer code of ethics, 473

M Machine learning (ML), 431 Magna Carta (“Great Charter”), 10 Magnetically attached IEDs (MAIEDs), 446–447 Magnetic coded card, 420 Magnetic strip encoding, 420 Magnetic switches, 418 balanced, 436–437 Magnetometers, 177

Malicious prosecution, 145 Management representative, 21–22 Marijuana, 115–116, 227, 234, 237–238, 243, 249t smoking method, 243 sustained low dosages, 243 Marking systems, in theft prevention, 312 Massachusetts General Laws, 84–85 Mass Notification Systems (MSN), 394 Material safety data sheets (MSDS), 352–354 Mechanical security locks, 422 Media in emergency planning, 383–384 miniaturization of, 456 Medical emergency, 109–111, 374, 377 Medical surveillance, 69 Mental illness. See Dementia Mercury vapor lamps, 415 Metal detection automated detector, 176 continuous wave devices, 177 magnetometers, 177 manual inspection, 176 nonportable/fixed metal detector, 176 police investigative units, 176 pulse-field detectors, 177 Metal halide lamps, 415 Metallic foil, 418 Microdot acid, 248 Microwave detectors, 419 Microwave motion sensors, 437 Millimeter wave scanning, 173 Milling process, 287 Misconduct investigation, 265 Mitigation asset, 7 functions, of professional security officers, 27–28 risk, 363–364 VIP security threat, 447–448 Mobile patrol, 93 Mobile surveillance operations, 206 Modern garbage bags, 313 Monitoring, 419–420 central station, 434–435 direct fire/police, 435 local, 434 proprietary, 435 Monitors, 424

Morale, 316 Motion detectors, 424 Movable/emergency lighting, 415 Multiplex/addressable system, 440 Murphy’s Law, 148

N Napoleonic Code, 76 Narcotics, 246–247, 273 Narrowing traffic lanes, 154–155 National Association of Security Companies, 108 National Fire Protection Association (NFPA), 134, 353, 379 National Incident Management System (NIMS), 382–383 National Infrastructure Protection Plan (NIPP), 404–408 National Institute on Drug Abuse (NIDA), 234, 237 National Terrorism Advisory System (NTAS), 332 Natural disaster emergency planning, 376–377 physical security planning, 411 Natural threats, 370 Need-to-decipher rule, 193 Negligence, 78–79 in civil law, 82–83 Neighborhood radar speed sign, 155–156 NEOTWY, 257, 264 Network attached storage (NAS), 442 Networking career planning, 500 conflicts, 484 definition, 481 emergency personnel, 483 emerging trends, 486–487 FaceTime, 486–487 fire personnel, 483 GoToMeeting, 486–487 importance of, 481–484 incidents, 483–484 informal, 482 information, 482–483 law enforcement, 484 liaison role, 482, 486 locations, 482 opportunities, 485 point of contact, 482

518 Networking (Continued) professional organizations and training, 484–485 professional relationships, 481–482 rapport and cultivating relationships, 483 security professional interaction, 482 Skype, 486–487 Network video, 16, 127, 166, 170, 425, 425f action identification, 423 in alarm response, 442 applications, 422–424 labor activities, 297 roles, 422 scene view identification, 423 subject identification, 423 system components, 415 in workplace crime prevention, 317 Network video cameras, 415, 419, 442 Network video recorders (NVRs), 209, 424 New Jersey Office of Homeland Security Preparedness (NJOHSP), 335 New York City Police Department (NYPD) SHIELD, 485–486 NFPA 3000 (PS), 136 NFPA Standard 1600, 379 Nice Truck Attack, 130 Nicotine, 234 NIPP 2013, 404–405 Nondisclosure agreements (NDA), 458 Nonportable/fixed metal detector, 176 Non-protection employees, 21 Nonverbal communication, 224–225, 277–278 disruptive behaviors, 224–225 interpersonal communication, 493 in patrol, 100–101 North Atlantic Treaty Organization (NATO), 404 Note-taking, 202–203, 267–268 Nuclear quadrupole resonance (NQR), 182 Nuisance/false alarms, 438–439

INDEX

Occupational safety, 69 Occupational Safety and Health Administration (OSHA), 9, 65, 123, 352–353, 355 Officer safety and use of force communication skills, 118 continuum, 113, 118 deadly force, 114, 117 de-escalation police encounters, 115 verbal, 116–117 ever-changing society, 115 Fourth Amendment, 114 Graham v. Connor, 490 US 386 (1989), 114 level of force, 113 PTSD, 118 report writing, 117–118 rules and regulations, 113 self-medicated persons, 115–116 social media, 115 Tennessee v. Garner, 471 US 1 (1985), 114 training, 118 use-of-force, 114–115 violence, 115 weapons, 118 1-party notification law, 269 One-time pad (OTP), 324 Online training, 36 On-the-job training (OJT), 36, 147 Open-ended questions, 258, 278 Operator control, 436 Opiates, 246 Opioid abuse, 227 Opioids, 246–247 Optical coded badge, 420 “Orange Book” of recommendations, 352–353 Organization for Economic Cooperation and Development (OECD), 404 Organized crime, 317, 369 Outsourced services, 14, 256 Overt electronic surveillance, 208 Overt personal surveillance, 207 Oxycodone/oxycontin, 246

O Objective strain, 309 Objectivity, 263–264 Observability, 370 Occupational health, 69. See also Industrial hazards Occupational illness, 69 Occupational risks, 60

P Pandemics, 404 Panic, 288 Pan/tilt/zoom (PTZ) cameras, 93, 208, 424 Paranoia, 229, 243, 495–496 Paraverbal communication, 55, 224–225

Pass back, 167 Passive crisis communications, 345 Passive detectors. See Infrared sensor Passive infrared (PIR) sensors, 418–419, 437 Path to professionalism, 15–16 Patrol assessment process, 88 asset protection, 88 body cameras, 96–97 department equipment check, 97 program goals/program components, 97 ESRM Board Initiative, 103–104 Four D’s of Security, 89 intelligence, 96 legal issues with audio recording, 96 preparation awareness and familiarity, 95–96 code of conduct policy, 93 emergency response, 94 equipment, 94 incident investigations and responsibilities, 94 liaison with law enforcement, 94 postorders and patrol procedures, 94 rest, relaxation, and exercise, 95 supervisory oversight, 95 training, 93–94 purpose ancillary supportive functions, 91–92 delay, 89–91 deny, 89, 91 detect, 89–90 deter, 89 emergency response, 91 pre-patrol analysis, 88 security presence, 88 techniques baseline, 98–99 comfortable shoes, 98 disruptions, 99 flashlight, 98 hands, 100 nonverbal communications, 100–101 predictably unpredictable, 99–100 security measure enhancement, 101 stop, look, and listen, 98 tactical maneuvering, 99 vehicle positioning, 100

INDEX

training, 96 types fixed post, 93 mobile patrol, 93 post position, 92–93 virtual patrol, 93 unethical unprofessional practices Black’s Law, 101 critical thinking, 102–103 minor policy infractions, 102 misuse of time, 101–102 peer pressure, 102 time fraud, 102 Patrol large land areas, 188 Patrol services, 14, 89, 91, 179 Pedestrian refuges, 155 Peer pressure, 102, 236–237 Percodan, 246 Perimeter protection, 38, 436 Personality changes, 45, 55, 229, 238 Personal protection specialists, 21, 450 Personal protective equipment (PPE), 9, 69, 354 Personal surveillance operations, 206 Personnel-borne IEDs (PBIEDs), 446–447 Photoelectric sensor, 419 Photoelectric smoke detectors, 440 Physical agent, 69 Physical drug dependence, 236, 242 Physical security planning, 8–9, 410, 431 assets identification, 410–411 card access access control, 421–422 capabilities, 420 functional operation, 421, 421f types of cards, 420 certification process, 431 continuing education, 431 countermeasures selection, 412, 414 first line of defense, 413–414 matrix, 413, 413f second line of defense, 414 security-in-depth, 413 third line of defense, 414 fencing, 428–430 fire-resistive containers, 428 impacts of threat occurrence, 412 integrated security system, 430–431 intrusion detection components, 417–418 detectors/sensors, 418–419 signal transmission, 419 system controls, 419

system monitoring, 419–420 locking hardware, 422 loss events civil disturbances, 411 crime, 411 industrial disasters, 411 natural disaster, 411 other risks, 411 network video technology action identification, 423 practical applications, 422–424 subject identification, 423 system diagram, 425, 425f typical use or role, 422 risks, 410 safes and vaults burglary-resistive safes, 426–427 burglary-resistive vaults, 427–428 locks, 425–426 scene view identification, 423 security glazing bullet-resistive, 417 burglar/vandal-resistive, 417 explosion resistive, 417 safety/fire retardant, 416 special purpose, 417 security lighting application considerations, 416 continuous, 415 gaseous discharge lamps, 415 movable/emergency, 415 standby, 415 types of lamps, 415–416 systems approach, 415 threat occurrence probability factors, 411–412 Underwriters Laboratories (UL), 427, 430 Physical Security Professional (PSP) designation, 431 Picket line, 284, 295–296, 298–299 Piggybacking, 167 Pinkerton Detective Agency, 263 Pinkerton’s firm, 263 Plan-Do-Check-Act cycle, 27, 27f, 30 “Point control” officer, 150 Poison Gas, 355 Politically charged meetings, 43 Polymer cement overlay, 155, 155f Postcrisis resolution, crisis behavior, 222 Post position, 92–93 Posttraumatic stress disorder (PTSD), 118, 227–228 Posture, 23, 150, 270

519 Potentiation, 242 Power failure sensors, 441 Power outages, 376 Practical “hands-on” training, 386 Pre-attack surveillance, 334 Precedent. See Case law Prejudice, protection officer code of ethics, 474 Preliminary investigation, 264 compliance, 265 incidents, 264–265 misconduct, 265 steps in, 265–266 Pre-patrol analysis, 88 Prescription drug abuse, 250–251 Presidential Policy Directive-21 (PPD21), 404 Pressure mats, 437 Pressure switches, 437 Pressurized fire extinguishers, 351 Prevention, crisis behavior, 222 Preventive maintenance, 69 Private initiatives, 12 Private investigators, 17, 256–257 Private Security Industry Regulatory Authority (PSiRA), 486 Professional Certified Investigator (PCI), 273, 501 Professional Investigator’s Manual, ASIS International, 263–264 Professional protection officers core functions mitigation functions, 27–28 Plan-Do-Check-Act cycle, 27, 27f preventative functions, 27 protective process and objectives, 27 response functions, 28 verification functions, 28 definition, 20–21 ethical and professional conduct (see Ethics and professionalism) 100 items officers need to know, 53–55 protecting critical resources, 25 protection staff, levels of basic physical security officer, 21, 28 certified in security supervision and management, 21, 29 Certified Protection Officer, 21, 28–29 non-protection employees, 21 roles competency, 24–25

520 Professional protection officers (Continued) enforcement/compliance agent, 21, 23 ESRM, 25 in information security, 460 intelligence agent, 21–23 legal consultant, 21, 23–24 loss control process, 25 management representative, 21–22 professional status, 24 responsibility and guidance, 26 standardization, need for, 29–30 training and certification, 30–31 What-if game, 23 Proprietary monitoring approach, 435 Protectee’s pattern-of-life, 446 Protection of Assets Manual (POA), 451–452 Protection Officer Code of Ethics, 473–475 Protection officers as leader (see Leadership) role, 74 active assailants, response to, 127–128 Protest, 295–296, 298–299 Proxemics/personal space, 225 Proximity card, 296, 420 Psychedelics. See Hallucinogens Psychoactive drug, 234, 236, 238 Psychological drug dependence, 236, 242 Public policing, 13 Public Risk Management Association, 500 9-1-1 Public Safety Telecommunicators, 49 Pull stations, 441 Pulse-field detectors, 177 Pulse Nightclub Shooting, 130 Punishment celerity, 306 certainty, 306–307 severity, 306

Q Quadrupole resonance (QR), 182 Qualitative risk analysis, 368 Quantitative risk analysis, 368 Quartz lamps, 415 Questions-based approach, VIP security, 445–446

INDEX

R Radar speed sign, 156f Radio frequency identification (RFID), 180, 457 Rally, crowd gathering, 284 RAND Corporation, 15, 271 Range-hood systems, 155 Ransomware, 465–467 Raw material, 3, 63, 350 Reactive protection, 445 Real evidence, 81 Recreational drugs, 237–238 Red Cross app, 449 Red teaming, 329, 457 Redundant array of independent disks (RAID), 442 Relocking devices, 426–427 Remote-controlled IEDs (RCIEDs), 446–447 Repeaters, 194 Reporting response to theft, 314–315 risk, 365 Report writing, 37–38, 117–118 emerging trends, 216 field notes, 214 importance of, 213–214 incident determination, 215 qualities of clear, 215 complete, 215–216 concise, 215 3C’s, 215 questions, 216 3C’s, 215–216 what to report, 215 in written format, 214–215 Reputational damage, assets, 5 Response functions, of professional security officers, 28 Restraining Order 209A, 84 Right-wing extremism, 333–334 Riot, 284 Riot control force deployment procedures, 291, 292f Risk analysis, 361, 371–372 assessment, 23 assessment and rating, 361–363 assets criticality, 6 frequency, 6 impact, 6–7 management, 9

probability, 6 assignment/transfer, 9 communications, 345 criticality, 6 definition, 359 frequency criticality, 6 impact, 6–7 management, 9 management program, 359–360 components, 361 enterprise approach, 360 and security directors, 360 security professional’s approach, 360 mitigation, 363–364 layering, 364, 364t security officers, training, 363–364 probability, 6 reporting, 365 Risk management, 9 asset protection, 367–369, 368f qualitative analysis, 368 quantitative analysis, 368 cycle, 367, 368f principles, 367 risk analysis, 371–372 threat assessment, 369–370 vulnerability, 370–371 Risk profile, 365 Risk reduction, 9 Roach smoking, substance abuse, 243 Road diets, 155 Robots, 38, 70 Rohypnol, 245 Rolling ball effect, 310 Rolling Stone, 464 Rough/patterned glass, 417 Routine activity theory, 307 Routine patrols, 64, 188 “Run, Hide, Fight” program, 124 “Run, Hide, Tell” program, 124

S Sabotage, 305–306, 316, 319, 323–324 Safes, burglary-resistive, 426–427 Safety and security, protection officer code of ethics, 474 Safety data sheet (SDS), 68 Safety/fire retardant material, 416 Safety officer, 381 Scene identification view, 423 SDM Magazine, 500 Search policy, in theft response, 315–316

INDEX

Secondary attack, 343 Second line of defense, 414 Sector Coordinating Councils (SCCs), 405–406 Sector Specific Agency (SSA), 404–406 Sector-Specific Plan (SSP), 404, 407–408 Security of assets, 166 definition, 4 valuation, 7 commerce, 9 contemporary careers, 16–17 cycle of history, 12–13 evolution, 4 fire protection, 11–12 4Ds of, 89 legal aspects (see Laws, security) network, 4, 17 path to professionalism, 15–16 physical, 8–9 professional development, 17 services, historical development of, 13–15 threats, 5–6 Security awareness, 391–393 communication verbal-down method, 395–396 verbal-horizontal, 395–396 verbal-up, 395–396 written-down, 395–396 written-horizontal, 395–396 written-up, 395–396 double loop learning model, 395, 395f framework, policies and procedures, 392 modern techniques, 393 notifications to stakeholders, 394 partnerships, 394 reinforcing policies and procedures, 394, 394f repetition and reinforcement, 394 suspicious activity, 392 Security clearance, 327 Security culture, 398 Security degree programs, 109 Security Guard Act in 1992, 35–36 Security-in-depth, 413–414 Security Industry Authority (SIA), 486 Security is Everyone’s Business, 399–400 Security Magazine, 500 Security master plan, 397, 400 Security officers

definition, 34 industry-specific knowledge, 33 report writing, 37–38 training advantages, 36 classroom training methods, 36 and education, 33–34 entry-level security officer, 36 image of classroom, 35 important, today and future, 35 online training, 36 on-the-job training (OJT), 36 private contract security company, 36–37 Security Guard Act in 1992, 35–36 21st century, robots, 38–39 visibility, 34–35 Security services industry, exploitation of, 335 Self-assessment, vulnerability, 61–64 Self-discipline, protection officer code of ethics, 474 Self-protection, industrial hazards, 66 Sequential switches, 424 Shooter Detection Systems (SDS), 180–181, 181f Short-hand, 267 Signage, 7, 167 Signal transmission equipment, 419 Silent killer. See Stress Single-issue/special-interest terrorism, 333–334 Sit-down strike, 284 Site security, 356 Situational awareness, in patrol, 95–96 Skype, 486–487 Smart card, 172, 420–421 Snorting a line, 244 Social engineering, 94, 325–326, 454 Social learning theory, 307–308 Social networking media, 456 Society for Human Resource Managers (SHRM), 123 Sodium vapor lamps, 415 Software as a service (SaaS), 460 Special-event security, 293 Specific deterrence, 306 Spectator crowds, 286–287, 289 Speculative risks, 19–20 Speed bumps, 155 Speed cushions, 155 Speed humps, 155 Speed tables, 155 Spot protection, 436–437

521 Standard operating procedures (SOPs), 170, 385 Standby lighting, 415 Starting traffic, in traffic control, 151, 152f Statement analysis, 279–280 Static surveillance operations, 206–207 Statutes, 74–75, 210 Stimulants, 243–245 Stolen Valor Ch. 272 section 106, 84 Stopping traffic, in traffic control, 150–151, 151f STOP sign, in traffic control, 149–150 “Stop the Bleed”, 35, 111, 139–140, 377, 449–450 Stop, Think, Act, Review (STAR) concept, 491 Storage area networks (SANs), 442 Stress, 49, 220–221 Strengths, Weaknesses, Opportunities and Threats (SWOT) analysis, 499–500 Strikes, 284, 296 surveillance, 299–300 Strive to learn, protection officer code of ethics, 474 Subject identification view, 423 Subjective strain, 309 Substance abuse common signs of abuse, 242–243 conditions affecting workplace, 237–238 controlled substances, 243–248 use and effects chart, 249t definition, 234 drug dependence, 236–237 drugs and paraphernalia, 241–242 classification, 241–242 definitions, 242 emerging trends, 250–251 how perpetuated, 237–238 five reasons, 237 how problematic behavior develops, 236–237 impact on business/industry, 234–236 hidden costs, 235 indicators and signs, 242–243 inhalants, 248 motivation, 236 protection, of people and assets, 248–249 signs and symptoms cannabis, 243

522 Substance abuse (Continued) depressants, 245 hallucinogens, 247–248 narcotics, 246–247 stimulants, 243–245 tangible costs, 235 workplace response chemical analysis, 241 covert surveillance/hidden cameras, 241 drug-free workplace program, 239 drug testing, 240 employee assistance programs (EAPs), 239–240 undercover operation, 241 Supervisors’ Safety Development Program (SSDP), 66 Surveillance causal nature of, 205 as deterrent, 208–209 emerging trends, 211–212 equipment, 209–210 goal of, 205 in investigation, 268–269 labor activities, 299–301 by law enforcement, 186 planning, 205 privacy issues, 210 recording and retention, 210–211 types covert personal surveillance, 206–207 covert electronic surveillance, 207–208 digital surveillance, 206, 208 mobile surveillance operations, 206 overt personal surveillance, 207 overt electronic surveillance, 208 static surveillance operations, 206 Suspension, 123, 302 Suspicious objects, 340 Sustainable culture of security, 397 access control measures, 401 awareness and training, 399–400 buy-in, 397–398 develop policies and procedures, 398–399, 398f employee participation and accountability, 399 formulation of partnerships, 400 If You See Something, Say Something campaign, 134, 399 metrics, 399

INDEX

on-going process to foster change, 400 practices, standards and regulations, 398–399 security awareness development, 398–399 security master plan, 400 visitor management program, 399 Synesthesia, 247–248 Synthetic marijuana Ch.94C section 31, 85 System controls, 417, 419 Systems engineering, 415

T Tabletop exercises, 136, 346, 386–387 Tactical communications, 473 Tactical maneuvering, 99 Tactile learner, 262 Tangible costs, of substance abuse, 235 Task analysis, 69 TCP/IP-enabled networks, 456–457 Team member skills, 491 Technical surveillance countermeasures (TSCM), 453, 457 Techniques of neutralization, 308–309, 308t Techniques of patrol baseline, 98–99 comfortable shoes, 98 disruptions, 99 flashlight, 98 hands, 100 nonverbal communications, 100–101 predictably unpredictable, 99–100 security measure enhancement, 101 stop, look, and listen, 98 tactical maneuvering, 99 vehicle positioning, 100 Technological disasters, 376 Telephone, 193–194 Telephone taps, 324–325 Temperature sensors, 441 Tempered glass, 416 Tennessee v. Garner, 471 US 1 (1985), 114 Terrorism vs crimes, 334 definition, 332–333 five emotional traps, 333 detecting surveillance, 334–335 how to proceed, 336 human, best weapon system, 335 pre-attack surveillance, 334

security services industry, exploitation of, 335 threat assessment, 333–334 international and domestic, 333–334 Terrorist, 182, 309, 332 Terrorist actions, 376 Terrorist attack, drones in, 334 Testimonial evidence, 81, 276 Thermal imaging, 38 Third line of defense, 414 Third party agreements, 458 Thoroughness, 262–264 Threatening phone calls, 298 Threat Management Team, 125 Threats, 5–6. See also Bomb threats assessment, 333–334 cyber threats, 109, 404 to information and intangible assets, 453–455 occurrence probability factors, 411–412 vs vulnerability, 370 Threshold limit value (TLV), 69 Time and stress management master plan protection, 42–43 not work related stress developing coping mechanisms, 45 follow-up and follow-through, 46–47 handling professional life fears, 45–46 warning about praising, 47 planning, 42 poor time management, 41–42 routine meetings deadlines, 43–44 delegation skills, 45 demon phone and social media, 45 politically charged meetings, 43 time minimization, 43 work prioritizing, 44–45 time management form, 44, 44t Time-delay locks, 426–427 Time fraud, 102 Timeliness, of investigation, 264 Time locks, 426 Tolerance, 242, 246 Torts, in civil law, 78 Tourniquets, 140 Tradecraft, 324–325 Trade secrets, 5, 323, 327–329, 453 EU Trade Secrets Directive, 328 six factors to determine, 328 steps to protect, 328–329

INDEX

Traffic calming engineering measures, 154–155 physical devices, 154 radar speed sign, 155–156, 156f visual changes, 154 Traffic control automatic traffic signals, 150 on construction sites, 153 “point control” officer, 150 duty, 150 equipment, 154 gate duty, 153–154 hand signals improper, 150 starting traffic, 151, 152f stopping traffic, 150–151, 151f private parking, 154 on private property, 153 roadway positions, 150 STOP sign, 149–150 traffic backups/accidents, 152 traffic calming benefits, 155–156 traffic direction, responsibility of, 152–153 whistle, 151 Traffic duty, 150 Training for active assailant prevention, 123–124 and best practices guideline, 223 and certification, 30–31 classroom, 36–37, 66 for emergency response plan, 385–386 officer safety and use of force, 118 online, 36 on-the-job training (OJT), 36, 147 preparation for patrol, 93–94 professional organizations and, 484–485 in sustainable culture of security, 399–400 for security officers, 35–37 CPR/AED ASIS International, 108 Cardiac Chain of Survival, 110–111 cardiac emergency, 109–110 first aid training, 111 industry standard training, 108 jobs in, 109 National Association of Security Companies, 108 security degree programs, 109 security needs, 109

situational awareness, 108 skills required, 109 Transgender Laws Ch.272 section 92A, 84 Transparent mirror glass, 417 Transportation Systems Sector, 407 Trespass, 74, 83–84 21st century espionage activities, 322–323 2-party notification law, 269

U UHF transceivers, 194 Ultrasonic detectors, 418, 437 Unbalanced switch, 418 Undercover investigation, 14, 256, 258–259 Undercover operation, 241 Underwriters Laboratories (UL), 427, 430 Unethical behavior, 102 character flaws, 478 conflict, 478 fatigue, 478 path of least resistance, 478 resistance to change, 478 and unprofessional, impact of, 472 United States Bomb Data Center (USBDC), 337–338, 338f United States Bomb Data Center report, 337–338, 338f United States infrastructure categorization, 405 United States National Infrastructure Protection Plan, 404–408 Unmanned aerial systems (UAS), 446–447 Unmanned aerial vehicle (UAV), 180, 183. See also Drones Unmanned vehicle systems, 70 UN number, hazardous materials, 355 Uppers/speed, 245 USB thumb drive, 325 User defined operational pictures (UDOP), 211–212

V Vandalism/sabotage, 298 Varifocal lens, 424 Vaults, burglary-resistive, 427–428 Vehicle-borne IEDs (VBIEDs), 341, 446–447, 449 Vehicle positioning, 100

523 Verbal and physical disruptive behaviors, 223 Verbal communication interpersonal communication, 493 in interviews, 276–277 Verbal de-escalation, 36, 116–117 Verbal-down communication, 395–396 Verbal-horizontal communication, 395–396 Verbal-up communication, 395–396 Verbal warning, 301–302 Verification functions, of professional security officers, 28 VHF transceivers, 194 Vibration detectors, 418 Video content analysis (VCA), 419 Video recorders, 410, 424, 442 Video, 360-degree, 38 Violence, 115 Violent behavior. See Disruptive behaviors VIP security dual-pronged methodology, 445 advance planning, 445 body guarding, 445 hostage situations, 448 hypervigilance, 445 notoriety, 445–446 personal protection specialists, 450 professional development, 450 reactive protection, 445 risks and vulnerabilities, 445–446 technology usage, protective services citizenAID app, 449 communication and survival apps, 449 iPhone first-aid app, 448 Red Cross app, 449 threat mechanisms of, 446–447 mitigation, 447–448 Virginia Tech Shooting, 129 Virtual patrol, 93 Visibility, of professional security officers, 34–35 Visual learner, 261–262 Visual traffic calming, 154 Volume and dispersal of data, 456 Volumetric protection, 437 Vulnerability, 6 emergency planning, analysis in, 379–384 risk management, 370–371

524 Vulnerability assessment emergency response planning, 379–384 industrial hazards, 61 self-assessment, 61

W WAECUP (Waste, Accident, Error, Crime, and Unethical Practices), 22, 310 Walkie talkie, two-way radios, 194 Walk-through drill, 386 Walk-through metal detectors. See Magnetometers Warranties, in civil law, 77 Water and Wastewater Systems Sector, 407 Weapons, 113, 115–116, 118 and tactics, 122 policies, 127 Weingarten rights, 11, 302 Welded mesh fence, 428 What-if game, 23 Whistle, in traffic control, 151

INDEX

Wiegand-coded badge, 420 Wildcat strike/illegal walkout, 296 Wired glass, 416–417 Wireless and remote computing environments, 456 Withdrawal, 236, 242 Workplace crime emerging trends, 316–318 general deterrence, 306 general strain theory, 309 response to theft employee liaison, 316 preventive actions, 315 reporting, 314–315 search policy, 315–316 social learning theory, 307–308 summary of theories, 310 techniques of neutralization, 308–309, 308t theft prevention concealment, 312–314 employee dishonesty, 311 first steps, 312 markings and signage, 312

objective, 310–311 property lists, 312 WAECUP loss threats, 310 theory of routine activity, 307 Workplace inspection, 70 Workplace violence, 36, 91, 122–123, 271, 405 Workplace Violence Prevention and Intervention Policy, 123, 125 The World Bank Group, 404 Written-down communication, 395–396 Written-horizontal communication, 395–396 Written reports, 214–215 Written statements, 200, 276–279 Written-up communication, 395–396 Written warning, 301–302

X X-ray detection, 177–178

Z Zero-day attacks, 465 Zoom lens, 424