ASIS International

Airspace Security Insights & Intelligence Enable Security Providers to Protect Skies

By Amit Samani

Across the world, drone regulations are being passed, aimed at supporting the productive use of drones in our society and leading to the inevitable increase in the number of drones in our skies. Airspace security is becoming a wide-scale, cooperative effort, with capabilities like Remote ID being launched globally to monitor cooperative drone activity. By applying smart airspace security intelligence and insights, security teams can identify the compliant drones while exposing unauthorized or hostile drones.

Preparing for & Mitigating Against Drone Threats

How should security teams react when an unauthorized drone enters protected airspace? Key to the success of a smart airspace security program is developing proactive response protocols in the event of a drone incursion.

Before developing airspace security standard operating procedures (SOPs), security teams must first uncover patterns in their drone activity and answer the following questions:

How many drones are in my airspace?
What time of day, and on which days, are drones appearing?
What kinds of drones are being flown?
What are the most common areas for drone activity?

Using these questions as a guide, security teams can use airspace security intelligence and insights to advance their response protocols before, during, and after a drone incursion.

Before the incursion:

Practice with your security team: Airspace security programs should begin under ideal, “blue sky” conditions
Engage local law enforcement: Work with local law enforcement to determine the information they require to approach and apprehend an unauthorized drone pilot

During the incursion:

Respond to automated alerts: Alarms are triggered as soon as a drone is detected
Deploy security team to follow drone, and approach or apprehend pilot: By using flightpath information and localization of the drone, security teams can efficiently collect the evidence needed to locate a pilot
Protect assets with passive countermeasures: This can include lowering blinds, monitoring WiFi networks, leading people away from exposed areas, or halting operations
Alert local law enforcement: Local law enforcement can deploy additional resources to apprehend drone pilots

After the incursion:

Build a threat profile: Summaries of drone activity, provide information such as most frequent times and days drones appear and drone hotspots
Update security procedures: It may be that drones are appearing during shift changes, shipping/receiving, or concurrent with significant events at the site, such as game days or executive meetings
Post “No-Fly-Zone” signage: Aerial trespassers will think twice with awareness of the risks they take when flying in your airspace

Prevent Losses with Results-Driven, Smart Airspace Security Programs

The consequences of drone incursions can be costly, from operational downtime to physical property damage and even data breach. Installing and launching a smart security program will deliver complete airspace situational awareness. A philosophy of develop, test, and enhance is essential for security teams and must be considered adjacent to the technology investment.

Amit Samani is the Vice President of UK and Americas for Dedrone. Join Amit at GSX Learning Session, “Achieving Complete Airspace Security Amid Loosening Drone Usage Regulations and Emerging Threats” on 29 September at 11:30-12:30 PM ET, located the Offensive Strategies: Preparing for an Attack Theater. Meet the Dedrone team at Booth #2114.

Understanding the Vulnerabilities of Building Control Systems

Thank goodness companies have IT security specialists to protect those vital business systems that are the target of so many sophisticated hacker attacks. Sure, physical security professionals have to protect some systems, such as business controls or other less sensitive systems.

The thing is, those business control and security systems are increasingly tied to each other and other business systems. And the business control and security systems can be the easiest for hackers to attack and exploit. Uh oh.

The learning sessions at GSX 2021 will feature theaters carrying themes where like sessions are grouped. Kicking off the Offensive Strategies theater at 10 a.m. EDT on Monday, 27 September, Coleman Wolf, CPP, will lead a session on “Hacking Building Controls for Fun and Profit: Security Risks to Cyber-Physical Systems.” In the session, Wolf will give participants knowledge and strategies to try to prevent the “uh oh” from ever happening.

This session and all other Offensive Strategies Learning Theater sessions will be available in-person at GSX and livestreamed to all digital attendees. Register now for an All-Access Pass so you don’t miss it!

Wolf is a 25-year security management and security engineer veteran, currently serving as senior security consultant at ESD Global, Inc. The GSX Blog caught up with Wolf to gain insight on the issue of the vulnerabilities of business control systems.

What are the vulnerabilities of these systems and why should people care?

Building control systems were not traditionally built with security of the system in mind. They were self-contained systems, nearly impervious to external access—it would take physical breach to compromise them. That’s all changed. More and more, these systems are connected to each other and to other systems, becoming part of the larger IT infrastructure. A lot of people will build a connection between a building control or operational control system and, for example, a remote access IT system, but they would build this connection without first really thinking through the security ramifications of that.

One of the reasons is because the building controls were not seen as highly valuable targets. Maybe someone gets in and gains access to turn the lights off. Annoying sure, but it’s not worth expending a ton of resources to stop a practical joker when the resources could be used to fortify actually mission critical systems. One of the things we’re going to spend some time on in the session is how wrong this perception is. Not only can they be an access point to do additional damage, a hacked building control system can cause serious harm to a company.

If these systems are becoming more vulnerable, why not just revert to more self-contained, unconnected systems? What are the advantages to the interconnected trends you describe?

The main reason why they are interconnected and connected to business systems is for functionality and intelligence. It generally starts with there being a business reason to remotely monitor a system. Maybe you want the ability to see what is happening in a system at home during off hours, so you can decide if it needs immediate response or if it can wait. Or maybe you have a portfolio of different sites and locations and you want to monitor them from a central location.

In addition to the functional reasons, companies realized that they can use information from these systems to improve. As the systems grew more intelligent within the building, and different systems could start talking to each other, we now have this intelligent building platform. You can pull actionable data, build dashboards using intelligence from a variety of systems, and make strategic decisions. An example that relies heavily on building control data might be operating at peak energy efficiency—the savings to a company with a large footprint could be significant.

What do you say to a physical security professional who sees it as IT’s job to secure building control and security systems from cyber attacks?

Everyone in the session will leave with a good understanding of the differences between operational technology and systems and information technology and systems. Where the responsibility for securing OT vs. IT systems lies is in a state of flux. Traditionally OT rested in facilities, not IT. The operations folks didn’t want to be burdened by IT controls. Similarly, IT folks recognized that these systems were different animals, and they didn’t want the responsibility of securing systems that sat outside the traditional IT framework and thus did not have various IT protections and protocols built into it. This is probably another reason this is such a high risk for an organization. Companies are beginning to understand that both OT and IT systems need to be managed holistically under the umbrella of risk management.

I’m the physical security professional and one of the operational technology systems under my purview is hit successfully with an attack. What do I need to be thinking about?

There are two fronts. You’re going to be pressured first and foremost to resume operations ASAP. That’s somewhat at odds with the other front, which is forensics to identify what the cause is and, in the case of something like ransomware, you’ve got complex political calculations to make: Do you pay the ransom and hope that your operations will return to normal? Do you pay the ransom and hope that other malware other bad actors won’t try to hold you for ransom again? A lot of companies are finding it might be more prudent to go ahead and pay that ransom because the compromised system is crippling operations.

So those are the two primary things you will have to deal with. In the best situation you’ve got a business resumption, emergency response plan for cyber incidents. Some companies will incorporate this into a comprehensive business continuity plan.

In a lot of ways, you’re talking about a different approach or mindset. How do you get people responsible for building controls and people responsible for IT security to speak the same language?

In traditional IT and cybersecurity approaches, you look at what they call the CIA triad, which stands for confidentiality, integrity, and availability. Those are the elements that need to be addressed. When you look at these building controls and operational controls systems, you have to add something to that mix. You have to add safety. If these systems are compromised, it’s not just the business aspects you have to worry about, you have to add the health, safety, and well-being of anyone—staff, customers, the public—who might be in an environment that is affected by one of the compromised systems. Going back to the attitude that hacking a building control is akin to perpetrating a practical joke—turning the lights off. The breaches can be very serious in any number of ways.

And finally, I’m hoping to do a bit of a demonstration. A demonstration that will show just how easy it is to identify, locate, and access some of these systems—and discuss what people need to about the vulnerabilities.

Going for Gold with GSX Education

For more than 60 years, Global Security Exchange (GSX)’s best-in-class education has been the world’s most comprehensive learning environment for security management professionals. The 2021 education program supports both in-person and digital experiences, including 80+ sessions that tackle vital issues for the security profession.

The GSX Blog sat down with Lisa Terry, CPP, GSX 2021 Selection Committee Chair, for insight into what makes this year’s education lineup stand out.

What trends did the Selection Committee take note of in reviewing this year’s session proposals?

As we reviewed this year’s proposals, we were very pleased to note the abstracts were well written, challenging, and exciting. We found that a significant number of proposals fell into the Information Security and Risk Management categories. The sessions that we selected in those categories cover subject matter like:

Cybersecurity;
ESRM;
Risk, Threat, and Vulnerability Assessments;
Insider Threat;
Workplace Violence;
Crisis Management;
and more.

We also found that there was a number of proposals that fell into four other categories: Managing Organizations; Physical and Operational Security; Professional Development; and Digital Transformation. The sessions that we selected in those categories cover subject matter like:

Leadership;
Career Planning and Advancement;
Career transitioning;
Organizational culture;
Architecture, Engineering, and Design;
Crime prevention;
Security Force Management;
Augmented & Virtual reality;
Artificial Intelligence;
Critical and Analytical Thinking;
and more.

What were some of your key takeaways about the state of the security profession after reviewing the proposals?

In particular for 2021, we knew that in addition to maintaining the highest level of educational quality, we needed to provide a physical environment that prioritized the health, safety, and well-being of all GSX participants. We also knew that we needed to provide a digital learning environment for those individuals who were unable to join the in-person GSX. The GSX format needs to be nimble in order to respond to and work with emergent situations as they arise.

As you know, GSX is an event “for security professionals, by security professionals.” That’s why we conducted a blind review of the proposals, getting the feedback of more than 100 ASIS International members from across the globe with a wide range of security backgrounds. These responses gave the Selection Committee an excellent idea of the education needs of security professionals across the globe.

What excites you most about the 2021 session lineup compared to other years?

In addition to being the first in-person GSX event in two years, the GSX digital experience will support those who are not able to join us in-person in Orlando. Security professionals should expect a brand new experience. Unlike any previous year, this year’s GSX is an integrated experience with in-person and digital features…..and we will be the first GSX attendees to experience this wonderful lineup!

If you’d like to learn more about the GSX education lineup, you can check out Terry’s In the Boardroom interview with SecuritySolutionsWatch.com. Browse the full GSX session lineup and register today!

What’s in Store for GSX 2021: ASIS President John A. Petruzzi, Jr., CPP

Please join me and thousands of security professionals from across the globe at this year’s Global Security Exchange (GSX) on 27-29 September 2021 in Orlando or through our online digital platform. Beginning with our digital kick-off event on 15 September, GSX 2021 will no doubt serve to support, nurture, connect, and inform a diverse group of global security professionals with robust digital and in-person programming—that’s the GSX advantage!

This year’s GSX means a little bit more for many of us. As the first in-person GSX in a little over two years, this year’s event will serve as the first opportunity in that time for us to reconnect in-person with many valued colleagues and friends.

I’ve been an ASIS member for over two decades. I understand the value that these connections provide to security professionals. GSX is far more than just an event. It’s community-building at its finest for the individuals who make our world a safer place to live and work.

GSX Education

When it comes to learning that sharpens your security game, GSX is your playbook for success. The GSX education program addresses the biggest trends and challenges in security, including:

access control,
asset protection,
surveillance,
remote workforces,
workplace violence,
cybersecurity,
business continuity,
crisis management, and more.

The GSX All-Access Pass unlocks six learning theaters and more than 80 live sessions—including inspiring education sessions, expert-led tracks, exhibitor presentations, timely insights from Game Changers, and pre- and post-GSX sessions—and the ability to earn 21 CPEs.

In-Person

Additionally, the in-person format of GSX 2021 will feature nearly 300 exhibitors with cutting-edge innovations, technologies, and services. GSX’s in-person host is the Orange County Convention Center in Orlando, Florida—which received the Global Biorisk Advisory Council® (GBAC) Star™ accreditation on outbreak prevention, response, and recovery. Rest assured that we are taking every precaution to safeguard your health and safety.

Digital

If you can’t join us in-person in Orlando, every player is valued at the GSX digital experience. From the digital kickoff event on 15 September, you’ll have to access on-demand content through the end of the year.

Tune in to live-streamed events from two learning theaters during 27-29 September. Engage in live Q&As and speaker interviews during pre- and post- encore events through the GSX platform. With access to on-demand content available through 31 December, you can maximize your schedule by attending some sessions live and others later.

Build Your Game Plan

Another benefit of being team GSX? Your involvement in GSX directly supports the funding of scholarships for security professionals and the administration of essential industry certifications, standards, and guidelines.

Please visit the following links at your convenience and begin mapping out your personalized game plan for GSX 2021:

Browse GSX.org to learn more about GSX 2021.
View GSX’s health and safety protocols and consult our Frequently Asked Questions.
ASIS International offers discounted registration to members in 135 emerging market countries to ensure that GSX is reflective of our diverse community.
When you’re ready to go, register with our official registration vendor, MCI.

I look forward to seeing you in September!

John Petruzzi, Jr., CPP
President, ASIS International

Welcome to the Orange County Convention Center

Orange County Convention Center (OCCC) Security Supervisor and ASIS member Sandra Dailey, CPP, welcomes you to the OCCC in Orlando, Florida. Watch this short video to learn more about the health and safety precautions in place at the OCCC.

Thank you to Sandra and the rest of the team at the OCCC for facilitating the safest environment possible for GSX 2021 attendees, exhibitors, and speakers!

Telling the Full Story with Analytics

By Luann Edwards

Security professionals: You might not realize this, but you have a superpower. It helps you predict the future, enhance physical security, and generate return on investment. It’s your data, and with it you can demonstrate and deliver measurable value for your organization.

At GSX+ on Wednesday 23 September, Louis Boulgarides of Ollivier Corporation and Jonathan Moore of AMAG Technology presented The real story of how analytics affect physical security. This session looked at security systems data, the capabilities of new analytics technology, and how insights from these can deliver organizational ROI. (If you missed the session, you can watch it on demand here until December 31^st.)

“Data analytics take sources from multiple systems in the organization and analyzes behavior and other trends to yield important information.”

Moore set the stage by outlining the sources of data that exist within the security function: access control, video surveillance, alarm management, and incident management systems are just a few. Analytics have grown increasingly sophisticated in this space. They give today’s security professional the ability to analyze the past, predict the future, and help you identify ways to solve problems you might not have realized even existed.

“Security tech is helping educate the larger business on how to analyze and become more proactive for better decision making,” shared Kristin Lennardson, protective intelligence programs with the Association of International Risk Intelligence Professionals.

As I attended this session, two important themes became clear: Security systems data can paint a complete picture that benefits the entire organization. And, it is critical that you build relationships with leaders across departments to understand their needs and challenges to identify where your own data can help.

Consider this hypothetical scenario: You’re in a Zoom meeting with your counterparts from across the organization, and you note that more employees are entering your building each week per data from your building access system. Your facilities management team takes this information to identify where they need to increase cleaning protocols in high-traffic areas due to COVID-19. Your IT colleagues can factor this in as they ensure that their cyber security efforts and connectivity levels align with the number of remote workers versus those in-house. And if an employee is accessing the building at times that are outside of his normal routine, it might give human resources an indication that he’s considering leaving the company. One data insight, multiple applications.

Not surprisingly, the information that your colleagues can share with you can inform your own program. With strong relationships and communication across departments, you can understand your colleagues’ unique challenges and motivations and create real value through aggregated data. This shift changes the view of the security function from one of overhead to that of a strategic partner. The speakers outlined the likely needs of key players in an organization to help you visualize how this collaboration might look.

One of the greatest opportunities for security technology and data is presented through this “new normal” of COVID-19, as Boulgarides explained. Security professionals are now creating “security, safety and health programs – the scope has broadened a great deal.”

Social distancing, monitoring the number of people in a location, contact tracing, and assessing mask-wearing compliance tend to be manual tasks, but those with the technology in place will be able to automate some of those activities. Think about a turnstyle or an access control system that can also count how many people enter or exit.

“Security is still viewed as a grudge purchase, especially in the economic times like we find ourselves in now.” Edward Baes, head of security consulting at BUROHAPPOLD, shared with ASIS recently.

When security systems provide data that saves an organization money and automates processes in addition to its security objectives, the value is right there in the analytics.

Luann Edwards is a social media marketing consultant and blogger. She is the founder of Socially Professional, a social media marketing consultancy, based in Providence, Rhode Island, USA.

Public Art as an Asset to Security

by Randall Rosenbaum, Executive Director, Rhode Island State Council on the Arts

I’m the director of the Rhode Island State Council on the Arts, and as such, the director of public art for the State of Rhode Island. In September, I “attended” a Global Security Exchange Plus (GSX+) virtual presentation by Art Hushen, the President of the National Institute of Crime Prevention in Tampa, FL. Art was going to talk about “Corporate and Public Art as a CPTED Strategy”.

Since my degree is in music education I had to first discover what CPTED stood for, what it meant, and how public art applied to Crime Prevention Through Environmental Design.

Art did a masterful job connecting the dots for me as an arts professional and advocate for public art in our community. We advocate for public art as a way to enhance and enliven a community, and so does Art. What Art adds to the conversation are all the arguments that we should be using in convincing people to support the inclusion of art – in all its forms – into and around their buildings and communities. As budgets grow tighter, the resistance to art increases. The added benefits of art, as explained by Mr. Hushen, may help those who don’t entirely “get” art, and may not be enthusiastic about spending money from their budget to commission work.

I understand the concept of “Territorial Reinforcement” (although never by that name), and how art can and should be a reflection of the community in which it resides. I never in a million years would have thought about “Natural Surveillance” as a benefit of public art, and the way that art, strategically placed, can help focus people’s attention so that it focuses attention – even of passersby – and helps promote a safe environment.

I was particularly taken with Art’s examples of work that helps extend the footprint and designate entrances to buildings (“Celebrated Entryways” and “Focal Points”) while at the same time promoting a safe and secure environment. And his examples of the placement of human-like sculptural pieces and murals that mimic an apartment house façade with people looking out the windows, all designed to discourage “bad behavior” from unruly folks, was particularly enlightening. It made me long for statistics that measure the decline in police activity around areas where such artwork is located.

I came away from Art’s presentation with a new vocabulary to use in my work, one borrowed from a field that is highly respected and different from the fields in which I operate. I can’t wait to employ this language in my next meeting with a potential public art client.

GSX+ 2020: A Look Back at the Week

By Security Management Senior Editor Megan Gates

The concept was a bit daunting at first. How to take a major security conference held in a bustling convention center full of approximately 20,000 people and put it into a virtual format that was enlightening, engaging, and entertaining—all in just a few months’ time.

But the ASIS community rose to the challenge to create GSX+, full of keynote speeches from security leaders, education sessions from subject matter experts, and networking opportunities, with a few celebrity guest appearances thrown in for good measure. And thousands of security professionals from more than 80 countries tuned in.

“The COVID-19 interruption to our event was significant obstacle to contend with. And I know I can speak for everyone, when I say that GSX+ provided security professionals with all the benefits of our regularly scheduled event,” said John Petruzzi, Jr., CPP, executive vice president of the Northeast Region of G4S Secure Solutions NA, and ASIS International president-elect.

Throughout the week of GSX+, the Security Management team was hard at work bringing attendees analysis and updates via the GSX+ Daily. Here are some of the highlights we covered—many of which feature On Demand presentations available to All-Access Pass holders for viewing until 31 December 2020.

GSX+ kicked off with a strong opening keynote by Juan Manuel Santos, former president of Colombia, who helped broker an unprecedented peace deal—a move that earned him the Nobel Peace Prize.

In his remarks, which covered the COVID-19 pandemic and subsequent economic impacts, climate change, and more, Santos discussed the need to never lose hope.

“Never succumb to fear, because fear is the mother of all negative and destructive systems,” Santos said. “And never forget in times of difficulty and uncertainty, like the times we are living, we must find guidance in our values and our principles. They will show us the way. That’s what we did in Colombia to end the last war in the Western Hemisphere with the strongest guerilla.”

ASIS International President Godfried Hendriks, CPP, shared how he was preparing for GSX+ and his admiration for the security community, which has come together as never before during the COVID-19 pandemic.

“I have never been more proud to be an ASIS member. Watching how our members came together to share information and insights with one another on a regular basis throughout 2020 is a testament to the power of our network,” Hendriks said. “From the beginning of this pandemic, our network immediately embraced technology that would better connect our members locally, nationally, regionally, and globally. It has been quite inspiring to see firsthand how our network has come together more than ever before.”

On Tuesday, leaders from Solvay Group—a multinational chemical company operating across 60 countries—discussed the long-term effects 2020 may have on the business and how security is playing a role in ensuring the organization’s future preparedness and risk management strategy.

French criminologist and national security expert Alain Bauer also stressed on Tuesday the need to reinvest in security apparatuses to prepare for future threats, including the next pandemic.

Later in the week, retired four-star U.S. Army General Stanley McChrystal shared the leadership lessons he learned when facing al Qaeda in Iraq while commanding the Joint Special Operations Command.

“When we think about leaders creating an organization, what they’re doing is creating an environment or an ecosystem in which the people in the organization—the junior leaders and even the most junior people—can do that which only they can actually do, which is accomplish the mission,” McChrystal said. “It’s a different role for the leader; it’s a little less ego-based… but the reality is it’s the most effective way to build an organization that’s fast and adaptable. It creates leaders that help create more leaders, and leaders that help to create success.”

And on Thursday, GSX+ sessions focused on cybersecurity and how innovation is changing the security threat landscape. In her keynote address, Keren Elazari, CISSP, former hacker and security researcher, shared how hackers can act as the immune system for the Internet—encouraging security professionals to address vulnerabilities in their systems.

In a Game Changer session, hacker and Snyk Application Security Advocate Alyssa Miller shared how bad actors can leverage increasingly accessible deep learning neural networks to manipulate media—potentially impacting organizations’ reputations and futures.

GSX 2021 is scheduled to take place 27-29 September 2021 in Orlando, Florida, USA. Provided it’s safe for us to meet again, I look forward to seeing you there!

GSX+ Product Launch: Dedrone RF-360 Drone Detection Sensor

Dedrone, the market leader in airspace security, announced the launch of a new radio sensor for drone detection. In connection with Dedrone’s DroneTracker software, the RF-360 detects, classifies and localizes unwanted or malicious drones and their remote controls on the basis of their radio signals at great distances and in areas with high radio traffic, for example in cities or at airports. The successor to the RF-300 automatically connects to the Internet and is quick and easy to install.

‍“Dedrone continues to innovate and meet the airspace security needs at the world’s most critical operations, including utilities, correctional facilities, government and defense operations,” shares AD Devarakonda, CEO of Dedrone. “The RF-360 provides our customers the data they need to protect their operations against unwanted drones.“ In the past year, the COVID-19 shutdowns accelerated use-cases for drones, and with more drones in the skies, come more exposed vulnerabilities. With this new sensor, Dedrone customers will continue to maintain complete airspace domain and manage their drone risk.”

New features of Dedrone’s RF-360 include:

Detection range of up to 5 km: Additional range provides additional reaction time for security teams to deploy security measures and prevent losses from a drone incursion. Locating the drone is key for rapid response. For areas with larger footprints, such as airports, utilities, smart cities and corporate campuses, Dedrone’s sensor provides expanded coverage with fewer sensors installed across the protected area.

Enhanced performance in RF-noisy environments: In urban environments or at airports, radio signals come from cell towers, microwave antennas, or radar systems. The RF-360 filters this “noise” to reliably and quickly detect specific drone communication signals. It can also be used on vehicles, next to high powered radar systems.

Simple setup and installation for fixed and mobile deployments: The RF-360 has integrated LTE and GPS. Once activated, Dedrone’s RF-360 sensor automatically connects to the Dedrone Cloud and immediately begins assessing airspace activity. Whether installed at a fixed or temporary site, Dedrone’s new sensor easily integrates into existing security command centers and provides additional layers of airspace data. No integration in the local IT infrastructure is necessary – only power is needed.

Generational Diversity in Security: Scouting for Talent

Much has been made of generational differences and their effects on the workplace. Few generations have not found fault with those who came before or followed after, but the acceleration of technology and services has forced many organizations to contend quickly with the need to recruit and retain a digital native workforce. Security is no exception.

Here, Security Management connected with Angela J. Osborne, PCI, PSP, regional director for Guidepost Solutions and an advisor to the ASIS Young Professionals Community, to discuss multigenerational management and how recruiting a diverse workforce can benefit security departments and organizations—as well as some pitfalls to avoid.

Want to learn more about this issue? Hear more from Osborne, plus Jairo Borja and Michael Brzozowski, in their session How to Recruit and Retain Gen Z in Security Organizations on Monday, 21 September, at GSX+.

Security Management. How does having multigenerational talent—Generation Z in particular—bring value to an organization?

Angela Osborne. Having multigenerational talent in security departments is highly useful as we bring distinct perspectives based on our shared experiences as members of different generations. Our baby boomer colleagues often bring institutional memory, experience in working in the field, and an understanding in how to get things done within an organization. These individuals often know where the landmines are placed and the past interactions with different departments and stakeholders.

Gen X is a bridge between baby boomers and millennials, and GenXers often have the ability to translate baby boomer expectations and explain the rationale behind the department’s structure, the method of working, and the means to navigate the entity.

For millennials, they bring a diversity of live experience, savviness with technology, and understanding of perceptions on how security guidance can be understood by millennials and Generation Z colleagues. Gen Z, in particular, is known for its openness, focus on practicality and fiscal responsibility, and digital nativism.

A strong team will focus on having representatives across these groups due to the fact that our organizations and client bases are made up of these different groups. In security, much of our work is on training and awareness, gaining compliance on security protocols, and achieving buy-in to security culture. We need to present guidance and plans for our organizations by considering these distinct groups, keeping in mind that people are individuals, and we cannot assume things about people solely based on their generational range as well.

Security Management. What strategies have you seen succeed in attracting and retaining multigenerational talent?

Angela Osborne. Often in the security field, recruitment takes place based on people’s professional networks, as our work focuses on trust and integrity. The challenge with this is that we are limiting ourselves to our own pool of contacts. We will tend to attract people like ourselves with similar backgrounds and life experiences. Here are three best strategies that I have seen:

Reach out to college and university career centers. Universities often have career posting pages to allow potential employers to promote new positions for recent graduates.
Consider engaging interns. It is important to reach out to Gen Z early for internships as well. From personal experience, I joined the Archer Daniels Midland Corporate security team as an intern when I was in college. It had a tremendous impact on my life. Prior to this, I did not realize the diverse careers in private sector security. We have to get the word out about the careers in our sector to attract key talent. We want to identify people early in their careers.
Engage the ASIS Communities and LinkedIn. I recommend reaching out to the ASIS Young Professionals Community leadership and posting about positions in Communities and on LinkedIn.
Connect with high performers and ask for recommendations. It is a good idea to talk with high performers from the security department and from other departments to identify potential candidates.
Place new joiners with supportive managers. The next recommendation is to match up the new joiner with a supportive manager. Studies show that people, particularly Gen Y and Gen Z, leave jobs because of bad managers. This is a critical element, and a check-in process must take place with both the manager and the new employee.

Security Management. How can a security leader successfully manage someone transitioning into or beginning their career in security?

Angela Osborne. First and foremost, it is important to be clear about expectations. People transitioning into this field need to know what is expected of them, and I try to put these expectations in very clear terms for people.

The next step that goes hand-in-hand with clear expectations is to communicate continually, and don’t assume people will interpret your tasks and direction in the way that you would. We have to maintain open lines of communication, so if people have questions, we can address them early on in the process. The communication should take the form of phone calls or virtual meetings, email, and messaging to cover the bases.

As an example, when I first joined TAQA in the UAE, I reported to a manager based in The Netherlands. Our communication was all virtual for my first summer. This person was very engaged in ISO terminology and put everything in terms of ISO. He asked me to submit a deliverable plan. I submitted a list of goals in the SMART format in order to meet this requirement. We had a very circular conversation after this list, and I realized that we were not speaking the same language. He was looking for me to put my content in MS Project and to use ISO terminology. Once we clarified the terminology, we were able to work together in a more productive manner.

We also have to recognize that among generations we are likely to see things differently based on our life experiences. We should be able to express ourselves but to be mindful that not everyone will agree with us and some topics are not appropriate or productive for the workplace. I encourage teams to avoid discussing politics, religion, and controversial topics in the workplace. We should focus on our entity and department values and use these to guide our interactions. Our societies have a number of exceedingly divisive issues, but our teams must be able to function effectively without alienating people. This is why training and awareness on diversity and inclusion is needed.

We also cannot make assumptions that people joining an entity for the first time or joining a security department for the first time have the same understanding of ethical responsibilities—for instance reporting improprieties. We must stress the importance of acting in ethical manners and reporting concerns, and this should be communicated not just to full-time employees but also contractors and part-time employees. Security departments depend on their reputations, and the team members must hold each other to a higher standard to maintain stakeholder trust.

Airspace Security At A Glance: Emerging Trends in the Counter-Drone Space

Q&A with Dedrone CEO, AD Devarakonda

Aaditya “AD” Devarakonda is the CEO of airspace security company, Dedrone. Visit Dedrone on LinkedIn, Twitter, Facebook and Instagram. Contact [email protected] for more information on how to get started with your complete airspace security program.

Even with shutdowns related to COVID-19, we are still seeing news reports of drones coming to airports, stadiums, and other critical infrastructure. How has airspace security changed in the wake of COVID-19?

COVID shutdowns accelerated use-cases for drones, and with more drones in the skies, come more exposed vulnerabilities. The airspace security market, two years ago, was in its infancy. Today, Dedrone customers are all around the world and reporting back through their datasets that they are seeing nearly over 100% increase in unauthorized drone activity at the start of the COVID-19 shutdowns beginning in March. This might be as simple as, this past summer, drone pilots were sitting at home, bored, and wanted to take drones out to capture footage of the world as we sheltered in place. Drones have always been able to go where you cannot go by yourself. This was the truth before COVID, and it is accentuated even more now.

For example, we are seeing news alerts of drones coming to stadiums to observe MLB games, and more alarmingly, drones continue to fly near disaster sites, such as wildfire or hurricane response zones. Even if it seems like there is no harm done, these drone flights may be violating federal airspace regulations, copyright and IP laws, and also common sense. Airspace security technology is designed to detect, classify, localize the drone, and help security teams stay ahead of any threats to their operations and airspace.

What’s changed in the past year, around what drones are doing in the security space?

Drones are becoming more readily available on the commercial market and more attractive to buy. They are less expensive, able to fly longer, and with greater payloads. Additionally, the drone market is shifting and while DJI remains the market leader, both US sourced and other global brands are coming in to disrupt the market. In the next few years, drone detection technology will have to adapt to this change in the drone landscape and capture the true nature of all drone activity, regardless of the make or model. More organizations are looking to bring drones on as a part of their security team – to help with surveillance, site inspection, or inventory. Still, security teams must also be aware of how to differentiate the drones that are a part of their program, ensure compliance with local, state, or federal laws, and then expose an unauthorized or hostile drone in their area. With the growth of the drone market and the increased savviness of drone pilots, security teams need to be able to detect multiple different drone brands and not just from GPS signals; they must be open to a multi-layered security solution to ensure security.

Counter-drone technology is a broad term covering many solutions – how can we narrow down what an organization needs to implement to protect people and assets from drones?

In order to address airspace risk, organizations first need to shift their mindset from focusing purely on the counter-drone technology, to what they truly need to achieve complete airspace security. Foundational drone detection systems will help security teams understand what drones are in their airspace, and from there, they will know what they need to protect their organization against. The biggest challenge for security providers when it comes to airspace security is understanding their threat level. Companies first need to build a full airspace security strategy, and that begins with quantifying their airspace activity – when, how often, and what drones are entering your airspace. From there, security providers will then want to ask more questions, such as observing the actual drone, and seeing what it is doing and where it is flying.

Can counter-drone technology impact a broader intelligence or security program?

Security providers are operationalizing airspace security into existing infrastructure. Airspace security technology provides the tools needed for situational awareness during a drone incident, and the intelligence to help security teams decide how to integrate airspace security protocols into existing SOPs. Security teams can respond appropriately to the drone threat. This could include changes in shift rotations, shipping and receiving hours, or making sure critical meetings, research and development, and VIP guests have an additional cover or obstructed views. Without a lower airspace risk assessment and the associated intelligence, security leaders will not be able to model their organization’s risk accurately, and therefore, prevent incursions and losses.

Laws and regulations around counter-drone technology are starting to take shape – what should GSX+ attendees look for in the coming months from regulators?

There are laws and regulations being developed across the United States that promote the safe integration of drones into the national airspace. Dedrone helps regulators understand the data behind drone activity – how many flights are not registered, unwanted, or otherwise a threat. The FAA is doing a tremendous job with creating drone registration programs and building awareness of safe flights in this nascent market. Dedrone’s drone detection technology is designed for use in accordance with U.S. federal law. Today, many federal departments and agencies have taken tremendous effort to address how drones are an immediate help, as well as an immediate threat to safety.

The biggest issue we should track on for this year and early 2021 is how the FAA manages the logistics and general lower airspace traffic. The FAA will be responsible for creating and managing a comprehensive unmanned traffic management framework, which will be the backbone of monitoring lower airspace activity. With drone detection systems, organizations like the FAA can quantify drone traffic, whether or not it is authorized or non-compliant, and ensure compliance with FAA drone registration programs, such as Remote ID.

What key use cases and industry verticals are you seeing leading in the adoption of counter-drone technology?

Federal governments and agencies, especially departments tasked with protecting sensitive airspace or large areas of land, like around a border. Airspace threats near military operations are an ongoing issue. More federal governments are looking beyond systems that will detect a single drone and focus on advanced detection technologies to identify drone swarms.

Airports are quickly adopting counter-drone technology as an extension of their existing airspace security systems. The 2018 Gatwick shutdown triggered significant regulatory action in the U.K. to accelerate the adoption of drone detection technology. The U.S. hasn’t experienced a major shutdown at the scale of what happened at Gatwick, but the issue of drones persists, even with some of the most highly protected aircraft, like recently when a drone was spotted near Air Force One. Airport airspace must continue to be protected, and airports can begin with vulnerability assessments to diagnose their drone activity, and then create airspace security programs based on data and analytics. By building this situational awareness first, airports can be more strategic with their counter-operations to prevent and protect against drone incursions. For example, Dedrone works with Newcastle International Airport and other U.K. airports.

Correctional facilities face a persistent, escalating threat of contraband delivery by drones. Drones can easily bypass the most sophisticated security installations by simply flying over the top into a facility. Airspace security technology closes the opportunity gap for contraband delivery. Correctional facilities receive valuable data on drone activities on the site, for example, the number of drone intrusions, times, drone models, and recurring drones and flightpaths.

Stadiums, even amid the COVID-era shutdowns, still experience drone incursions. When the lights are out, a drone might not be anything more than a nuisance or surveillance threat. On game day or when stadiums are in full operation, and security managers are responsible for the safety of thousands of people, a single drone can cause significant disruption and harm. Drones at stadiums can cause game delays, can pose a physical risk if it crashes, and there have been incidents where drones have dropped pamphlets into stadiums and stream live footage, violating broadcast rights.

Critical infrastructure, including ports, oil and gas refineries, energy plants, and nuclear facilities, all have effective security systems to prevent damage. Yet, each of these verticals experiences drone intrusions. Recently, investigative journalists unveiled a series of drone incursions at the Palo Verde nuclear power plant – more information needs to be collected on unwanted airspace at critical infrastructure to ensure these sites have full protection against hostile surveillance.

For GSX+ dealers and integrators who want to get involved with counter-drone technology – how can they educate themselves about the latest in counter-drone technology, so they can offer airspace security services? They are already in the right place – GSX+ has created great opportunities for everyone to review the latest in counter-drone technology and assess for themselves. Check out some of the drone-related sessions taking place at GSX+ this 21-25 September.

The critical part is for integrators to understand what works and what doesn’t work. Can a technology provider make a promise they stand behind? Is the technology provider cognizant of the broader landscape of drones, have an understanding of how the drone market is evolving, and how their technology is advancing to address current and future threats? We always advise anyone looking at counter-drone technology to consider the problem of airspace security and look a few years forward to see if it will still work in a few years. The cost of switching may be more in the future.

GSX+ Brings the Fun of Live Social Events to Your Screen

World-class networking events have long been a hallmark of Global Security Exchange (GSX). With daily happy hours and receptions, this year’s new GSX+ virtual experience looks to bring the same energetic entertaining opportunities to catch up with friends and colleagues in the virtual space.

Join us at 3:30 pm ET every day from Monday through Thursday for a different exciting event:

The Monday, 21 September Welcome Reception features a Rock & Roll Game Show hosted by Song Division. Join us for an hour of nonstop entertainment hosted by renowned musician-MCs, who have worked with international music superstars.
Two of ASIS’s most dynamic communities join forces on Tuesday, 22 September for the ASIS Women in Security and Young Professionals Happy Hour. Grab a drink to toast your peers as you reflect on this year’s achievements, milestones, and awards—from the 10th Anniversary of the Young Professionals Community to celebrating the recipient of the Karen Marquez Honor.
Cap off Military and Law Enforcement Appreciation Day on Wednesday, 23 September at the Military and Law Enforcement Happy Hour. Security professionals and military and law enforcement vets are invited to come together to discuss career transition, education, and professional certifications.
At the President’s Reception on Thursday, 24 September, stop by for a few drinks and lively conversation. ASIS Senior Regional Vice President Marco Vega, CPP, will swap business management stories and prepare a special drink recipe with a special celebrity guest.

End the week in style as we celebrate security’s best at the ASIS Awards of Excellence and Outstanding Security Performance Awards (OSPAs) Celebration at 12:25 pm ET. Explore a virtual gallery space where you can learn more about this year’s award recipients and even congratulate them directly in individual Zoom rooms.

All week long, the ASIS Break Room will provide fun games and diverting activities. Take advantage of:

On-demand exercise videos
Puppy Cam
Atlanta Aquarium Cam
Snap Bar Digital Photo Booth

With networking and meeting scheduling capabilities directly within the platform, GSX+ offers countless opportunities to forge new connections and build existing relationships at the industry’s premier security event—reimagined for the online experience.