ASIS International

Less Than Three Months Left Until GSX!

This Sept. 23-27, the newly rebranded Global Security Exchange (GSX), formerly the ASIS annual seminar and exhibits, is expected to attract 20,000+ cyber and operational security professionals, vendor partners, media, students, and allied organizations for enhanced learning, career development opportunities, and access to the innovative technologies shaping how business gets done. Taking place at the Las Vegas Convention Center, GSX will deliver a number of exciting updates to the event, which has been widely recognized as the industry’s flagship event for more than 60 years.

GSX offers a record 300+ education sessions, where global subject matter experts from ASIS, ISSA, and InfraGard will speak to best practices and issues facing the profession, as well as emerging risks and threats. Expo floor education will include three new X stages featuring sessions on disruption, innovative technologies, AI, mixed reality, cryptocurrency, and more.

Also on the show floor, enhanced Career HQ programming includes more education, free headshot studio, and a job fair, featuring leading employers like Apple and the Department of Homeland Security—to name a few.

The brand new D3 Experience, supported by AUVSI, offers demonstrations that take a deep dive into issues of unmanned systems security.

These updates, coupled with illuminating keynote addresses from CNN host Fareed Zakaria and futurist Scott Klososky and world-class networking at Brooklyn Bowl and Drai’s Nightclub along the famous Vegas strip, make GSX the year’s can’t-miss security event.

Browse the GSX Blog to learn more and keep updated on program news and announcements.

Advanced pricing is available until August 10, saving you $100 on your All-Access pass. Visit www.gsx.org/register.

Exhibitor Profile: Awareity (Booth #3282)

Awareity is a multi-industry leader and creator of the first-of-its-kind Community-wide Fusion Platform. Established in 2010, Awareity is on a mission to make the world safer using research-based data, evidence-based data, and a passion to help organizations and communities disrupt and prevent incidents and tragedies before they occur.

Community-wide Fusion Platform

Awareity’s Community-wide Fusion Platform offers not only a new category of solution, but a critically needed solution for disrupting, preventing, and stopping active shooters, workplace violence, nurse violence, and numerous other acts of violence. The Community-wide Fusion Platform is successfully preventing incidents and tragedies across multiple industries by eliminating common and dangerous gaps in threat assessment and intervention efforts.

A Different Kind of Camera

15+ years of research into post-incident reports from mass shootings and other acts of violence have provided extremely valuable lessons learned and exposed how “Walking, Talking, Social Media Cameras” can be the difference maker in preventing Active Shooters and other acts of violence.

What are “Walking, Talking, Social Media Cameras”?

People. A student, employee, teacher, family, friend, counselor, principal, nurse, parent, other family member, neighbor, law enforcement, mental health expert, social worker, child services agent, social media user, and other community members who observe warning signs and pre-incident indicators. With a Community-wide Fusion Platform, a central, community-wide team (Threat Assessment Team (TAT), Behavioral Intervention Team (BIT), etc.) could securely see all of the warning signs and pre-incident indicators BEFORE the escalation and attack occurs. When the right people have the right information, they can take the right steps to intervene and prevent attacks before they occur.

Expanding Reseller Program

Awareity is expanding our Reseller Program so leading and forward-thinking Security/Safety Integrators can create differentiation, new prospects, and new revenues to complement current product and service offerings.

Imagine the difference when warning signs and pre-incident indicators are collected and acted upon before incidents and tragedies take place. Join us and help us make schools, colleges, organizations, and communities safer.

For more information, please visit www.awareity.com or visit us at booth 3282 at GSX, September 24-27, 2018.

Managing a Global Workforce in a Crisis

By Tim Crockett

In today’s world, the health and well-being of your employees across the globe is an increasingly important focus. In the face of terrorist threats, natural disasters and health epidemics, the increasing duty of care obligation for employers is undeniable. The question then becomes: what is the best way to pro-actively ensure the safety of your employees, travelers and expats?

When an incident occurs, time to react is critical and four factors are essential: 1) know where global employees are located 2) determine if any employees are impacted by the incident 3) communicate with them and 4) assess their safety needs.

Technology undoubtedly plays a key role in this. Location-based data and knowledge of where your employees are or where they’re going to be is critical. However, technology alone cannot meet an organization’s duty of care needs. Once you know who might be affected by an incident, what happens next? How do you reach those people, and what do you do if they need help? The fact is that it doesn’t matter how technologically advanced the world becomes, nothing can take the place of human interaction and insight. Your employees should have access to relevant information before they travel, empowering them to avoid many of the hazards faced today. This same system should provide the employee the ability to pick up the phone and talk to an expert. Whether they require advice, assistance or find themselves in danger, the knowledge that they have immediate access to medical and security professionals can make a world of difference.

This human element is also critical for risk program managers and other stakeholders. Access to real-time information and guidance on how best to communicate with executives and family members can be the deciding factor in whether an incident is managed successfully or not.

Join me on Monday, September 24^th at GSX 2018 for Session #4102, Managing a Global Workforce in a Crisis. We will be discussing the critical combination of technology and human interaction in next generation crisis management and sharing a case study of the 2017 London Bridge Terror Attack.

Career Opportunities in Security Management

By Ron Martin, CPP

It is important to note that security is a business function, not a subset or spin-off of the criminal justice system. Therefore, security management is a distinct field of academic study, separate and apart from criminal justice. Entrants to the industry seek internships, cooperative or work study programs, and entry level positions with employers.

The industry needs a more diverse community of entry level analysts and technicians. This session will provide a summary of security career opportunities along with the supporting career competencies. The essence of this session is the career competency model developed from the United States Department of Labor Model. Many entrants are not aware of the industry’s career opportunities. Nor do they know the competencies required.

In the security industry, as well as in all industries, there are three distinct actors in the career development process-the employer, institutions, and the individual. The employer’s role is to provide employment opportunities and establish competencies for their employees. The second actor is “the institution”. An obvious example is the school system, but industry associations play an important role as well. They can provide a baseline competency for the industry they serve. Finally, there is the individual. He/she must obtain the requisite knowledge, skills, and abilities to apply and compete for many career opportunities the industry will offer.

New in 2018! ASIS is offering student members a complimentary all-access registration to GSX. For a $20-per-year ASIS membership, students can participate in the on-site career center and job fair, attend important foundational sessions like Security Careers: The What and the How, build their professional network, and more! Learn more about the student membership opportunity.

This session will cover the “What and the How” of security management. The “what” are career opportunities. The “how” are the core career competencies an individual will need to satisfy the employer’s workforce requirements.

Join me on September 26^th for Session #6122, Security Careers: The What and the How.

Cryptocurrency Security Challenges

By Brent Barker

Criminals are early adopters of new technology. They use it to create new crimes and improve old crimes. Law enforcement and the laws are always playing catch-up. This is especially true for cryptocurrencies.

In 2017 the value of cryptocurrencies exploded. At its high, they had a total value of $823 billion USD. The rising value attracted investors and criminals. Bitcoin was the first cryptocurrency but now there are over 1,600. Most are legitimate, but some are scams. One cryptocurrency was even called ponzicoin.

The single largest theft of cryptocurrencies took place in January 2018. Hackers stole $530 million from the cryptocurrency exchange Coincheck. Several people who became rich from cryptocurrencies have been kidnapped and forced to hand over the private key that accesses their cryptocurrencies. Once someone has your private key and steals your cryptocurrency, it is gone. There is no way to get it back.

Countries are using cryptocurrencies. Venezuela introduced the petro earlier this year to avoid U.S. sanctions. And North Korea is suspected of secretly mining cryptocurrencies to earn hard cash.

Companies are using cryptocurrencies as a new way to raise investment money. Most are legitimate, but one study found that over 18% of them were suspicious and likely involved fraud.

But there is good news. Cryptocurrency transactions are not as anonymous as previously believed. They can be tracked, and owners identified. Law enforcement is learning how to “follow the virtual money.”

Today, the attention is on the cryptocurrencies, but many see the greatest potential from blockchains, the software that powers cryptocurrencies. Many believe blockchains could change the world as much as the internet. In the future, every business will use blockchains in some manner including the security industry.
Join me on September 24^th at GSX 2018 as I explore the criminal use of cryptocurrencies, law enforcement investigations and examine the enormous potential of blockchains to fight crime in the future. Join me for Session #4309, Bitcoins, Blockchains and Crime.

Fareed Zakaria, Scott Klososky to Kick-off GSX Keynote Lineup

The Global Security Exchange (GSX) keynote lineup will kick off on Monday and Tuesday with presentations from Fareed Zakaria, global thinker, columnist and CNN host, and futurist and technology visionary Scott Klososky.

Zakaria, host of CNN’s Peabody Award-winning “Fareed Zakaria GPS,” is former editor-at-large of TIME magazine, a three-time bestselling author, and one of Foreign Policy magazine’s Top 100 Global Thinkers.

At GSX, Zakaria will open the conference with an examination of important forces, developments, and risks affecting the global community. His remarks will encompass cyberthreats—espionage, ransomware, spear phishing—which know no boundaries. The once-local crime syndicates that have now metastasized over whole regions and continents. Global expansion and outsourcing, which means managing international teams and varying cultures. And more. With an emphasis on international intelligence and security, Zakaria will explore what it means to live in a truly global era.

Klososky returns as the GSX Tuesday keynote following his popular 2017 presentation, “The Technology Integration of Man.” Building on his continued involvement with chief security officers and ASIS stakeholders in the past year, Klososky will address the impact of today’s rapid digital transformation on security management and leadership. He will build a compelling case for managing and using technology—and knowing when not to use it—to gain a competitive advantage and lead successfully into the future.

The keynote speakers for Wednesday and Thursday morning will be revealed in the coming weeks. Attendees can register by 10 August to save $100 on their all-access pass. To learn more and to register, visit www.GSX.org/register.

Exhibitor Profile: AMAG Technology, Inc. (Booth #1239)

AMAG Technology provides an end-to-end solution that includes access control, video surveillance, intrusion detection, identity management, visitor management, and incident management. Products are powered by a robust policy-based platform to help security operations mitigate risk, reduce cost, and maintain compliance. At the heart of the AMAG solution is the Symmetry™ Security Management System, which provides intelligent networked solutions scaled to manage the security challenges faced by both small, remote facilities as well as multinational organizations around the world.

In this video, Director of Business Development Kami Dukes talks about RISK360, AMAG’s new incident and case management solution that investigates and analyzes incidents to help organizations operate more efficiently, save money, enforce compliance and mitigate risk.

RISK360 is a highly configurable, workflow based solution that empowers security teams to capture information, perform assessments and identify risks, giving companies a clear picture of what is happening on their premises. Organizations can track the time and expenses spent on incidents, monitor resource allocation and use that data to streamline processes and save money. Robust reporting with customized dashboards help companies work smarter and meet compliance requirements.

Available as a Software as a Service or as an on-premise solution, RISK360 operates on all modern browsers and mobile operating systems including IOS, Windows and Android.

RISK360 integrates seamlessly with Symmetry Access Control software. Events in RISK360 are communicated to Symmetry Access Control, and alarms in Symmetry generate events in RISK360. The integration creates Be On the Lookout (BOLO) flyers and automatically terminates a user’s access in Symmetry, providing a safer environment.

RISK360 also helps manage security personnel with guard tours, daily activity reports and passdown logs. Users can leverage computer aided dispatch to identify the closest available responders, saving time and improving efficiencies. Organizations can also capture site specific information using geospatial analysis, perform assessments and notify teams of risk.

For more information, please visit www.amag.com, call 310-518-2380 or email an AMAG Business Development Manager. Or visit us at booth 1239 at GSX, September 24-27, 2018.

Medical Cannabis Security: From Seed to Sale

By Tim Sutton, CPP

In more states than not and in an increasing number of countries around the world, medical cannabis security has become a unique new challenge. In the U.S., twenty-nine states and the District of Columbia have enacted laws legalizing medical cannabis. Cultivation, processing, and dispensing organizations present both shared and unique risks and each state has its own set of rules, regulations, and governing bodies. Join us as we move through all phases of medical cannabis security, beginning with the permit application and continuing through to patient sales. Explore how to demonstrate compliance with varying rules and regulations while providing a safe and secure environment for employees and patients. Study factors in operating multiple sites in multiple states across multiple levels.

At GSX, we’ll explore the complexity of securing the medical cannabis industry and the many challenges faced by Security. The permit application process and security plan are unique to each state’s rules and regulations. Explore how to meet some of the more difficult requirements for compliance and learn about some examples of noncompliance. Learn also about the commonalities and differences across different locations.

We will discuss case studies from several states. There is no cookie-cutter template that will ensure success. The security plan is weighted as 25-30% of the total scoring of permit applications and is much more than cameras, locks, and security personnel. Discover how to integrate ASIS ANSI Security Standards throughout the process as we discuss the core elements of a security plan in the medical cannabis industry used today in operations across multiple states.

Join me on Tuesday 25 September for Securing the Medical Cannabis Industry from Seed to Sale.

Tim Sutton has nearly 30 years experience in loss prevention, safety, and security with more than 20 of those years in management. He has worked in both operations and administrative capacities for some of the largest and most prestigious regional and international companies. His experience in retail, manufacturing, chemical, public and government housing, schools, and hospitals and their specific safety and security needs has helped build his unique perspective and skill set. As Director of Security for GHG Management, Tim is responsible for any and all security concerns including the designing of electronic security systems and all physical security programs within the company’s 12 Medical Cannabis Dispensaries, and Medical Cannabis Cultivation and Processing Centers in IL, MD, and PA.

Exhibitor Profile: Orion Entrance Control, Inc. (Booth #521)

Orion Entrance Control, Inc. manufactures optical turnstiles for corporate, government, and university lobbies. Orion’s turnstiles allow easy entry for employees and visitors. The turnstiles range from a high-security bi-parting full glass speed lane to a four-inch-wide pure optical pedestal. With an award-winning design coupled with infinity lane control software, Orion can meet or exceed any specifications to ensure that lobbies are secure. Its state-of-the-art turnstiles are hand-built, high-quality products made in the U.S.

Exhibitor Profile: Johnson Controls

Johnson Controls: Booth #2217
Johnson Controls, Security Products: Booth #2015

Johnson Controls is a global diversified technology and multi-industrial leader serving a range of customers in more than 150 countries. Its 120,000 employees create intelligent buildings, efficient energy solutions, integrated infrastructure, and next-generation transportation systems that work seamlessly together to deliver on the promise of smart cities and communities. The company’s commitment to sustainability dates back to its roots in 1885, with the invention of the first electric room thermostat. Johnson Controls is committed to helping customers win and to creating greater value for all stakeholders through its strategic focus on buildings and energy growth platforms.

Cyber Protection Program

Johnson Controls’ approach to cyber protection is aimed at providing peace of mind to our customers. It’s holistic cyber mindset begins at initial design concept, continues through product development, and is supported through deployment, including a rapid incident response to meet the comprehensive and evolving cybersecurity environments. It’s methods include the ability to provide cyber resilient systems with a range of capabilities to complement the diverse security needs of their customers.

They have invested in establishing a centralized dedicated Global Product Security team that is focused on managing cyber practices with governance to enforce compliance and is disciplined in executing these as they understand what is at risk otherwise.

Since protecting against cyber threats is a shared responsibility, Johnson Controls engages in market facing programs to provide customer engagement, education, and thought leadership to help their customers achieve success in their mission of a more secure system. To register for security advisories or to receive additional information about the Cyber Protection Program you can sign up via a registration form on their website.

View Johnson Controls on the GSX 2018 floorplan.

Business Continuity for the Aftermath of an Active Shooter Incident

By Hector Sanchez, MBA; CPP

Here we are just over 151 days into 2018 and we already have “473” injured and ”202” killed in active shooter incidents with over 7 months remaining in 2018. There are many reasons why such horrible incidents take place, but the impact is deeply felt throughout our society and the effects are long-lasting. The Department of Homeland Security had developed and tirelessly communicated their “run, hide, fight” approach, via any and all means available; yet victims outnumber the calendar days this year 2:1 with over half the year remaining. There isn’t a solution to this epidemic that continues to metastasize within our society with no end in sight; so, what is there to do?

Here are the 5, 4, 3, 2, 1 considerations to take:

Five (5) actions to take
1. Develop an action plan considering the worst and work backwards
2. Involve all individuals from your organization
3. Engage vendors, contractors, and customers alike
4. Get Law Enforcement and First Responders to play a part
5. Continuously perform Operational Security Assessments

Four (4) areas that must be clearly explained in your Policies & Procedures
1. Incident Management Plan
2. Visitor Management Program
3. Strong CPTED Operational Philosophy
4. Workplace Violence & Active Shooter Insurance

Three (3) Principles to live, operate, and exist by (ASIS)
1. Policies, Procedures, & Protocols (3Ps)
2. Technology, Tools, & Techniques (3Ts)
3. Internal, External, or Hybrid Security HR

Two (2) Operational security incident outcomes of an organization
1. It will survive after the incident because of the readiness level it operated under, or
2. It will perish because it operated under false pretences that “it will never happen to us”

One (1) real fact…
1. It’s not if it happens but when it happens that organizations should operate under

Take action using the previous points or reach out to someone that can help your organization!
Join us on September 26 in Las Vegas, NV at the Global Security Exchange (GSX) from 11:00-12:15 for a live presentation on such an important, valuable, and relevant topic that’s impacting everyone today. I look forward to meeting everyone there!

Managing Cyber Extortion Crises

To be presented by: Lynn de Vries, CPP, PCI & Erik de Vries, CPP

Managing a crisis is always a challenge. But managing a crisis about something that is completely out of your comfort zone can be even more challenging. This is more and more the case as non-technical security professionals have to grapple with how to manage increasingly prevalent cyber extortion crises, including ransomware.

Whether or not they are part of the organization’s crisis team, the (non-cyber) security professional is often the first point of contact when a crisis hits. The most important thing to understand is that, no matter the cause, in most cases, crisis management is about communication and protecting the organization’s reputation. A cyber extortion crisis is no exception. Even though you may not be a cyber professional, knowing which steps to take can help you manage any crisis, even cyber.

Preparedness is always the best response. But where to start?

Using the business impact analysis as the first step in a comprehensive risk management approach is the best starting point from our point of view. The next steps are selecting and training the crisis team(s) and developing a well thought through crisis plan.

One cannot prepare for all kinds of crises. Adopting the all hazards approach and preparing checklists for the most likely scenarios will help crisis teams to be prepared, even though we all know that a crisis never develops as expected.

Apart from the experience of participating in a short but intensive cyber extortion crisis desktop exercise during our training session, attendees will be offered a step-by-step approach to develop or re-define their crisis plans.

Join us at GSX on Wednesday the 26^th of September for our session: Managing Cyber Extortion Crises.