Subscribe to


Rumor mill

Thursday, November 20, 2008

Check out who is being considered for homeland security secretary.


Security guards with kitchen knives

Thursday, November 20, 2008

I was listening to NPR this morning and heard a story about the pirates who hijacked a Saudi oil tanker and are demanding $25 million in ransom. But, the part that made my security-honed ears perk up was the fact that these ships have little to no security at all. Actually, that's what the NPR story was focused on too. There's a security company, Anti-Piracy Maritime Security Solutions, which, for $30K will send three unarmed (yep, you read right, unarmed) security guards to protect the ship and "scare away potential pirates." I mean really? In this day and age when we're equipping college and mall security officers with weapons, why is someone nervous about arming people to protect millions and millions of dollars worth of oil? It seems preposterous.
The pirates seem to have a pretty good business plan going on, I'll give them that. They show up at the boat, wave around their big scary guns, demand millions of dollars and off they go. Truth be told, these pirates seem to be pulling a fast one over these ship owners. I mean, even if they captured and "stole" this boat with its oil, would they have the means to sell its contents? Obviously there's a market for oil, but it seems like there are some logistical issues with getting rid of 2 million barrels of crude oil, but what do I know.
Anyway, in the interview when asked why his guards don't have weapons, the CEO of the company said something ridiculous about having access to kitchen knives or something? I mean I'm not a huge fan of guns or anything, but I think if someone's going to pay you to ward off pirates (as glamorous as it sounds) then you should probably have the means to do so. I know Johnny Depp wouldn't back down to a bread knife.

Viva Las Vegas?

Tuesday, November 18, 2008

I'm now in a huge rush to get to the show floor because my wonderful computer was experiencing e-mail issues but I wanted to get a quick blog post in for y'all.

G2E started off yesterday but the crowds at the convention center stayed away. The exhibit floor opens up today so I'll have more of a feel for the traffic after today but Las Vegas as a whole is quiet. There was no line for cabs at the airport, no line to check-in at the hotel and the casino is relatively quiet. The mood is quite different than it was when I was here for ISC West. My ever knowledgeable cab driver said business has dropped off pretty significantly and yesterday, security and surveillance practitioners were buzzing about the hold new construction projects are facing (the new Stardust and the new Frontier are in holding patterns) and the downtrodden economy.

But all was forgotten at last night's welcome reception, which was sponsored by systems integrator North American Video. I have never seen so many people line up for a party at an event before. And once inside, it was packed. Compared to ISC West and ASIS events, it was fairly unspectacular and I'm not sure I would recommend Rain nightclub as a venue for such an event but it was good to see one fully attended event, even if there were free drinks.


Lights, camera ....

Friday, November 14, 2008

I'm super busy today wrapping up our December issue and getting ready for a quick trip to the Global Gaming Expo next week. I'm looking forward to this conference because this is my first 'official' trek in which I will be developing content for SDNtv, which launches on our web site on Jan. 15.

I know you are dying to know what SDNtv is, right? Well, its going to be a mixture of things: news reports from conferences and trade shows like Global Gaming, interviews with prominent security practitioners (even if you don't consider yourself prominent, we probably do), previews of what we are working on, breaking news reports and even videos provided by our readers and advertisers. These videos will be varying lengths, will be available on our homepage and I think we'll be archiving them too. It's still a work in progress and it will probably change as we learn what works and what doesn't.

So next week if you see me with a video camera running after some guy, be assured that I am working hard to bring the most relevant and breaking news directly to your computer. Either that, or I've just spotted George Clooney.

Surprise! Retail crime is up

Wednesday, November 12, 2008

The second annual Global Retail Theft Barometer found that while global retail shrink as a percentage of total sales has declined slightly in the past 12 months, the overall cost of retail crime has increased substantially.

The Global Retail Theft Barometer, survey conducted by the Centre for Retail Research and sponsored by Checkpoint, reports key findings on retail shrinkage and crime in 36 countries and on five continents, based on data from a confidential survey of 920 large retailers with combined sales of U.S. $814 billion and 115,612 operating retail outlets. All figures in the report relate to a 12-month period ending in June 2008.

Global retail shrinkage cost retailers $104.5 billion over the past year, equivalent to 1.34 percent of retail sales. In North America, shrink totaled $42.338 billion, or 1.48 percent of sales, with the U.S. accounting for the majority of that figure.
While the global figure represents a marginal decline in shrinkage of $1.56 billion (-1.5 percent) compared to 2007, due in part to the increase in survey respondents and a slight decline in shrink, the overall cost of crime to retailers has increased by $4.7 billion since last year. The cost of retail crime, calculated on the basis of crimes by customers, employees and suppliers/vendors (excluding internal error), plus the costs of loss prevention, was $112.78 billion in 2008, compared to $108.1 billion last year.

Employee theft is the largest source of shrinkage for retailers in North America and Latin America (46.3 percent and 42.0 percent respectively), while customer theft is the leader in the Asia-Pacific region and Europe (53.8 percent and 46.8 percent).

Globally, customer theft, including shoplifting and organized retail crime, remained the largest source of shrinkage loss in most individual countries, totaling more than $43 billion (41.2 percent of total shrinkage). Employee theft accounted for 36.5 percent of shrinkage ($38.15 billion), while supplier/vendor theft and supply chain fraud represent 5.8 percent of shrinkage ($6.09 billion). Internal errors and administrative failures (such as pricing, process or accounting mistakes) accounted for 16.5 percent of losses ($17.22 billion.).

Victory and defeat

Tuesday, November 11, 2008

Techdirt aside, I'm not one to stir up controversy but this begged for my attention.

My office received the November issue of Security Management yesterday. Here is the cover:

More than a few people in my office were offended by this cover. First of all, gang violence does not originate from the African American community. Whites, Hispanics, Asians, Latinos and every other race/nationality is known to take part in these crimes. There is no reason to focus this cover on the black community; it feeds into stereotypes this country is trying to move forward from.

Was the editorial staff of Security Management asleep over the last few months? As they were going to press did they not realize that there was a 50 percent chance that Obama would be elected and that this very issue would land on people's desks right before or right after the election. Was that the point? I certainly hope not.

I'm really surprised by this. I have nothing but respect for Security Management, its content and its editorial team. But the fact that this cover got through the production channels really scares me. Less than one week ago, we celebrated the election of our first African American president. After seeing this cover, that victory seems very far away.

Will the TSA ever win?

Tuesday, November 11, 2008

Here's a rather alarming, yet slightly humorous article about the failings of the TSA from this month's issue of the Atlantic Monthly (thanks to Doug Laird of consulting firm Laird & Associates for directing me to it).

Jeffrey Goldberg writes about his experience dodging various TSA rules, what he calls "security theater." In the end, he manages to board a plane using a fake boarding pass, no ID and purposely acting suspicious in an effort to see if TSA will detain him. Goldberg even sits down with Kip Hawley, director of the TSA, to talk about vulnerabilities, which Hawley more or less concedes to. But that wasn't the most interesting part of the article, I thought (it's a great piece and I highly recommend making the click, though, so we're all on the same page).

Goldberg discusses some of the new initiatives the TSA is taking in regards to how it screens and profiles passengers.

We handed our boarding passes and IDs to the security officer, who inspected our driver’s licenses through a loupe, one of those magnifying-glass devices jewelers use for minute examinations of fine detail. This was the moment of maximum peril, not because the boarding passes were flawed, but because the TSA now trains its officers in the science of behavior detection. The SPOT program—“Screening of Passengers by Observation Techniques”—was based in part on the work of a psychologist who believes that involuntary facial-muscle movements, including the most fleeting “micro-expressions,” can betray lying or criminality. The training program for behavior-detection officers is one week long.

We just blasted out a newswire with an article about LAX utilizing Israeli experts to evaluate security measures at the airport. Israel doesn't mess around when it comes to security (check out Sam's blog about his trip to Israel. Scroll to the bottom, there are several entries on his trip). Of the many sophisticated techniques employed by Israelis (like screening people BEFORE they enter a building, what a concept!) they focus largely on behavior screening. As a security measure they talk (i.e. briefly interrogate) every passenger as they come through security to evaluate that person's behavior. And that's why they have one of the safest airports in the world.

Goldberg also discusses how easy it is to circumvent the TSA's no-fly list:
It’s easy for a terrorist to check whether the government has cottoned on to his existence, Schnei­er said; he simply has to submit his name online to the new, privately run CLEAR program, which is meant to fast-pass approved travelers through security. If the terrorist is rejected, then he knows he’s on the watch list.

To slip through the only check against the no-fly list, the terrorist uses a stolen credit card to buy a ticket under a fake name. “Then you print a fake boarding pass with your real name on it and go to the airport. You give your real ID, and the fake boarding pass with your real name on it, to security. They’re checking the documents against each other. They’re not checking your name against the no-fly list—that was done on the airline’s computers. Once you’re through security, you rip up the fake boarding pass, and use the real boarding pass that has the name from the stolen credit card. Then you board the plane, because they’re not checking your name against your ID at boarding.”

What if you don’t know how to steal a credit card?

“Then you’re a stupid terrorist and the government will catch you,” he said.

I think it's interesting how the CLEAR system plays into this. Sounds like otherwise one wouldn't know whether they're on the list or not (although it's a safe bet that serious terrorists probably have a variety of aliases, credit cards, passports and such at their disposal).

Lastly, Goldberg touches on something that I just learned about today (and will subsequently be writing an article about for our December paper. Keep your eyes out.). He briefly mentioned how Hawley said the TSA plans to encrypt boarding passes with passenger information.

(Hawley said that boarding passes will eventually be encrypted so the TSA can follow their progress from printer to gate.)

I spoke with John Barclay, the CEO of Laser Data Command, which developed the encrypted cards/boarding passes. He told me the TSA just completed testing the integrity of the system. Barclay said that while an official report hasn't been released (I'm so on the cutting edge of security news!), he expects nothing less than a glowing review and said the TSA could begin employing the technology at any point. More on that later.


What's your opinion?

Monday, November 10, 2008

We are putting our December issue together this week and will be tallying this month's newspoll soon, so if you haven't voiced your opinion on active shooter prevention programs yet, please do so.

Last month's newspoll had a record breaking number of responses. Exactly 389 readers weighed in on who they thought should be elected the next president of the United States, with 53 percent choosing John McCain, 44 percent voicing support for Barack Obama and 2 percent supporting a third-party candidate.

Of course, we all know what the results are now. What are your thoughts on our new president. If you didn't vote for him, will you support him now? How do you think his suggested national/homeland security policies will affect your job?

Changes on the horizon

Thursday, November 6, 2008

In the midst of all the noise surrounding Obama's presidential win, I completely forgot that the White House isn't the only building in Washington that will be under new management.

Here's today's statement from Michael Chertoff:
At the Department of Homeland Security, we are actively planning to leave the department strong in January 2009, an effort that has been a priority for my leadership team since early last year. Historically, we know transitions may be periods of increased vulnerability. We are keenly focused on ensuring a smooth hand-off to the new administration and working closely with the incoming transition team.
DHS has been aggressive in preparing internally for the upcoming transition, to ensure there are no gaps in the leadership team or in our planning efforts. Our transition is led by the Under Secretary for Management, who appointed U.S. Coast Guard Rear Admiral John Acton as the Director for DHS Presidential Transition in June 2008 to implement the department’s internal efforts, as well as coordinate with the new administration’s appointees.
Last year, we established a succession plan for all component agencies, ensuring that the top leadership in each component includes career executives who will preserve continuity of operations before, during and after the administration transition. We’ve trained and exercised those senior career employees to ensure that each component and office within DHS has capable leadership ready to move up and take the reins during an administration transition, and assist new appointees to be ready on day one. In addition, we are going beyond briefing materials to develop and implement improved processes to equip the new appointees with the tools they need, and the information and relationships required to be effective in their jobs.
In the coming weeks and months, we intend to include the transition team in the ongoing series of tabletop exercises that we have been running for some time, to educate the new administration on incident response procedures. On behalf the department, I extend my congratulations to the President-elect, and stand ready to work with the Senate and new appointees to quickly confirm the new senior leadership for the department.

I, for one, wish that I had a guy to handle transitions when they have come up in the past. Probably, would have saved me a few sleepless nights.

But in all seriousness, I'm very interested to see who the new appointees will be and what they see as the future of the department. You?

Obama gets down to business

Thursday, November 6, 2008

Wow. What a rush. The election fury definitely caught up with me and I'm exhausted from election overstimulation. And even though the results are in, I can't keep myself from reading news report after news report about everything from what type of puppy the Obama's should get to speculation about his administrative appointments. But, luckily, I haven't completely squandered precious work hours for nothing. I came across this article that referenced Obama's plan for the future of TSA workers. Here's an excerpt:
In another letter, Obama said getting TSA screeners collective-bargaining rights “will be a priority for my administration” and a means to better workplace conditions and cut down on TSA’s high attrition. “It is unacceptable for [transportation security officers] to work under unfair rules and without workplace protections,” he wrote.

Obama also wrote that he may dismantle TSA’s pay-for-performance system, the Performance Accountability and Standards System, if he finds it is unfair and not transparent, and put TSA employees back on the General Schedule.

Unionizing TSA workers and paying them better wages seems like it would draw more qualified people and thus boost their credibility as security officials (and not just hope their spiffy new uniforms demand authority). It seems like more qualified and committed employees would lead to an overall improvement of security in the aviation industry, but from a business standpoint, unions equal less money to the bottom line and it's not like airlines are exactly rolling in it. However, despite the controversy, I think it's a good sign that Obama's addressing these kind of security issues before he's even sworn in as Commander-in-Chief.