Mark Hanna, while sitting on a plane to Glasgow on business, starts to reflect on my experience of the last two hours at the airport.

I was pleased to see how dedicated the airport staff in general were, when it came to security whilst maintaining a good level of customer care. As we all know, it was 9/11 that changed not only the aviation industry’s physical and psychological approach to security, but also touched nearly every business sector and individual. I do not wish to recreate the thousands of articles written on the subject, but purely to suggest that we in the security industry in general could be potentially heading onto our own devastating path of destruction! The terrorist attacks on September 11, 2001 were, without doubt the best co-ordinated terrorist attacks in history, for which the after effects can still be witnessed as my visit to the airport suggests. However, despite those attacks being so effective, it has to be said that it changed the security industry on a global footing forever ... or did it?

Despite subsequent successful and thwarted attacks in the UK, the public and private sectors promised to take a harder stance against such risks and threats, but have we now run the course of the constant terrorist threat (if we are to believe the public sector and the media), or are we again becoming complacent regarding any potential future attacks because we have lived with the threat level for so long? Some may argue that according to some of the responses received and published in the November’s edition of this magazine from Romeo Richards’ original article a month previous, we seem to be pulling and pushing in opposite directions towards better and worse standards. However, are we really as dedicated to the protection of staff, business assets and the UK as we all appeared to be in the weeks following September 2001 despite the past and current financial climate we find ourselves in? I decided to pose the question to a cross-section of the UK's security industry to see what response there is in the industry and to see if we really have learned the lessons from previous terrorist attacks and the constant messages coming from political parties, the media and the public sector law enforcement agencies about threat or risk, or should we now take stock of what we have, what we can do and what we should do to ensure the protection of our most critical assets, our staff?



Bill Fairweather, chairman, Institute of Hotel Security Management (www.hotelsecuritymanagement.org)

Complacency has and will always be the Achilles heel of not only law enforcement agencies but that of the security industry and moreover the public themselves. I can recall the start of the IRA bombings in London in the 1970s and in particular the bombing of the Hilton on Park Lane. I gave evidence at the litigation that followed that devastating event. That act of terrorism kindled the reviewing of hotel procedures on how to deal with major incidents. Bombings have continued in London and other parts of the UK with the sad loss of life. The security standards within the hotel industry have however increased continuously to combat the ever-growing sophistication of the terrorist and this is demonstrated by the hotel industry having robust and well-practiced crisis management plans. In addition, the industry is at the fore of Projects Griffin and Argus. The hotel security teams are well versed on identifying possible hostile recognisance and other related suspicious activities. After the Lockerbie disaster, I undertook a three-month enquiry into the security issues surrounding the majority of Britain's airports and still found flaws; however I believe that a lot of lessons have been learnt since then and are now in practice. But it is ‘complacency’ that will be the ally of the terrorist.


Barry Vincent of BRV Risk Management (www.brvrisk.com). A former senior police officer and head of security for Tesco’s supply chain security and distribution network, and adviser to the heads of security in the retailer’s international businesses on security in their retail and supply chain operations. Non-executive director for Intrepid Security providing security to retail and logistics. Associate trainer with Arc International Academy.

Despite the impact of 9/11 and more recently the 7/7 terrorist incidents in London, I am not sure that retailers generally have reacted to the potential risk of terrorist attacks. Despite the UK Government’s attempts to raise awareness the terrorist threat, the retail sectors response has been patchy at best and I believe that retailers see the threat to themselves as low. In London particularly, awareness has been raised among some retailers through businesses cooperating with the Project Griffin initiative and the ongoing training. However, retailers generally do not place terrorist attacks at the top of their risk registers and do not see themselves as prime targets for terrorists. While those retailers operating in multi-occupancy shopping malls or precincts will have been made aware of the potential for terrorist attacks on ‘crowded places’, I suspect this is seen as a collective responsibility with the ownership of any preventative measures being the role of the mall management with individual retailers unlikely to view themselves as targets, although aware of becoming victims of collateral damage should an incident occur. There are also practical issues associated with acknowledging such a risk. Additional security measures including training involves added cost. In a highly competitive retail market where price is a critical factor any added cost can limit competitiveness, especially when there is uncertainty about the appropriate measures to take eg how to deter the ‘suicide bomber’ It is also likely that any additional security measures would conflict with customer expectations and experience. Supermarkets especially are already reluctant to demonstrate too much security in their stores for fear of deterring customers who might view any increased security as an indication of a more dangerous environment.
Going forward any response from retailers is likely to be steered by the involvement of police Counter Terrorism Security Advisers (CTSAs) influencing local planning authorities to impose conditions on developers to incorporate anti-terrorist measures in their architectural designs.



Ian Hall, head of security consultancy, Perpetuity Research and Consultancy International (www.perpetuitygroup.com).

Research by Perpetuity suggests that some security directors do not feel that their peer group have risen to the challenge. There are clearly some excellent security functions out there, doing a first class job, but there are many with major gaps too. For example, many we have spoken to admit that their organisation does not have a strategy to guide them on what they do. Thus there is no way of showing how their functions adds value to the organisation, no way of highlighting how it helps the organisation achieve its objectives. Many staff are not asked about their own security risks and so they are never properly mitigated. Many staff are not vetted properly if at all and can contribute to the risks that they are there to defend against.

Working with the industry, Perpetuity have developed a template for a strategy (that anyone can download free of charge from November) to go with our unique security health check that over three hundred companies have now used to identify where security remains an issue for them from strategic to operational levels. The point is that security remains something that can often be done better. Where a security function does not value itself, and is not valued by the organisation it serves, those who are sub contractors - such as security companies - are always on the run. They often get the blame but they only sometimes deserve it. Security is about good leadership - when it is good it is very good, but when it is bad, well we all know what happens then”.

Norman Mortell, Director of Operations, Agenda Security Services (www.agenda-security.co.uk). Norman is the director responsible for the Security Services division at Agenda, his career spans 30 years. His background is in operational management, quality systems and facility security/risk management. He has used his specialist knowledge of animal rights extremist issues and infiltration techniques in the development of the pre-employment screening services at Agenda. He has also been instrumental in delivering security awareness training programmes to over 5000 people worldwide.

Pre-employment Screening requirements have grown since 9/11 and so have clients’ requirements! Pre-employment screening, vetting and background checks have become much more commonplace nowadays than they were in the years leading up to 9/11. This increase in requirements and organisations carrying out more robust duty of care initiatives has not all been driven by the need to reduce the terrorist threat. Key drivers have also been domestic extremists, the Government’s clampdown on illegal workers, requirements such as BS7858 for guards and door people and broadening of the scope of the Criminal Records Bureau requirements under the Independent Safeguarding Authority. The development of screening guidelines from groups such as the Centre for the Protection of National Infrastructure, MI5, BS7858 and more recently the Government’s Baseline Personnel Security Standard have all heightened awareness but in some cases caused confusion due to their different requirements.

The need for screening is becoming more common though and as founder members of the National Association of Professional Background Screeners, Agenda is working with screening industry colleagues to develop standards and to clarify requirements. This self-regulation and coming together of screening providers is a further indicator of the professionalisation of the industry and recognition of the growing requirements of the client organisations. Independent auditing of quality processes such as ISO9001, security of information through ISIO27001, secure premises, well-trained and screened staff and continual development of processes and people (investors in People) are all pre-requisites. The screening industry has responded positively to the challenges and far from being complacent, we believe there is a growing need for professionally conducted pre-employment checks of both staff and contractors.


Will Geddes is the founder the Managing Director of the ICP (International Corporate Protection) Group (www.icpgroup.ltd.uk). With 18 years of industry experience, Will and his company have advised and supported many companies across varied industries on human threat management issues

As a frequent traveller, the last nine years has been an interesting experience in terms of travelling across the world. Being processed by security and immigration authorities at a diversity of developed and emerging country airports has certainly been a disparate experience. Having been one of the first to arrive in New York on one of the first commercial planes, to the introduction of bans to carry any liquids onto planes in August 2006, two impressions have been distinctly imprinted on me as a security professional. The first, of a constant game of ‘catch-up’ by the authorities and the second of how draconian, albeit necessary, the change of procedures we have seen fluctuating over the years. Another impression that perhaps could be also be added, would be the disparity I witnessed from airport to airport in terms of their implementation of these measures. Something that was frequently evident was the lack of effective training having been provided to airport security staff in their security checks. There were occasions I would innocently pass through unchecked for contraband (such like scissors, lighters, etc) that I would subsequently then only discover in my hand luggage on reaching my destination. My point? Ok, these were not incredibly dangerous items but were listed as banned items not to be carried on. Anyone in security will know that any checks introduced need to be robust, realistic and implementable. Perhaps what we saw was more of a ‘lucky dip’ approach to security; find some, don’t find some. Ban all just in case. The key component that appeared to be missing in my opinion was the passenger participation. It is recognised by law enforcement agencies across the world, that the vast majority of crimes are solved through the information and witness reports of the general public. The threat of terrorism realised through 9/11 became very real for all of us in all its horrific imagery. This visceral and terrifying incident impacted us all but the residue quickly passed, as witnessed by many of us travelling a year later and overhearing passengers back to moaning and whining about the earlier check-ins, delays at security and impacting new security measures. Naturally a very careful and delicate balance always needs to be established between terrifying the travelling community and reassuring them that they are in safe hands, but the battle to win against the terrorist will always is through keeping the ‘target’ audience, forgiving the pun if you can, to collaborating in the solution. Sadly, there were many who have seen events like 9/11 as a means to instil fear and profiteer through the public’s anxiety. These security companies who have traded services and consultancy often yielded short-term benefits that provided little value against these types of attacks. Over time, the security professionals responsible for procuring these services has as a result been able to more astutely determine those ‘providers’ who provide levelled recommendation to those that are more the exploitative. Equally, the general public have certainly become more savvy and learnt considerably in the last few years of the actions and behaviours of the terrorist and although the terrorist will always endeavour to evade detection through altering their operating strategy, they are still bound to the same attack stratagems of advance reconnaissance, planning, rehearsal and subsequent attack. Developing public awareness to understanding these tactics and increasing our front-line of protection in threat detection, surely improves and better qualifies ‘suspicious’ activity reporting and enables the traveller to participate in threat detection. This is not by any means a fool-proof solution as there will never be a resolute solution to the terrorist strapping on their bomb belt one morning and simply walking into their target that same morning, but perhaps it will go some way to disabling the pre-planned and considered threat.



Jim Brown, Group Operations Director, PFMCS/innoventive ltd (www.pfmcs.com.uk). Jim has worked for the Aimita Group of Companies since 1991, in a variety of roles from operations, commercial to health and safety and business development, helping to grow and sustain the business ten fold through that time.

Mark asked me to contribute to his article from a cleaning division perspective, comparing today’s attitude towards the now ‘substantial’ threat of terrorist attack, with those that were experienced prior to and rapidly enforced during the immediate aftermath of 9/11. It’s difficult to express the full effect that the event has had within the words allocation for this article, however the best example of the ‘then and now’ can be summarised from experiences at one specific national contract. Security procedures have always been high on the agenda at all of our clients’ buildings, but 9/11 saw the efforts enhanced ten-fold! The client and contractor employees became, naturally, far more attuned and accepting of the need for increased measures, they suddenly realised that there was a purpose to the security service and they were now willing to be more understanding about access control, work and personal references and higher levels of monitoring and management of information! At this particular contract, increased security procedures enforced by the client were immediately installed and maintained, with training and management responsibilities ensuring complete adherence to the processes being not less than stringent and absolute. The client drove the motivation from the top; cleaning and other soft services staff where previously tending to react to weak reminders, were called to refresher training, and to the regular practice of incident management. These elements together with the inclusion to all of routine and relevant communications have been crucial in maintaining operatives, client and our own concentrated efforts on managing the risk through being highly aware of the potential of, and the substantial threat from, all manner of security concern and – these days, since 9/11, a terrorist attack. It is evident in this particular case that the effective management of CCTV, key holding and recruitment hold now much higher importance compared to the world prior to 9/11. Of course things have always gone missing, there has always been fraud, theft and even assault. But today is different, people are aware, people are more knowledgeable and capable, understanding the reasons for the increased focus on ALL things that once were beyond our comprehension or dare I say, caring! That isn’t something that is specific to any one department, client or contract employees. We are all aware that we all have the responsibility to be vigilant, to take care of ourselves and others and to raise anything unusual with the security and /or authorities, in our ‘external of work lives’ as much as when we are at work … aren’t we?

Kirstine Wilson, Marketing Manager, SCANNA MSC UK (www.scanna-msc.com).

The security landscape with its enhanced layers has become an accepted part of day to day life. The public at large, businesses and of course the security equipment and service providers have embraced the new measures as ‘necessary’. This has resulted in a wider responsibility for the safety, welfare and comfort beyond that of the police, military and security services. The key is to ensure the additional measures do not unnecessarily frustrate or disrupt by using ‘smart solutions’ which have minimum impact on people’s lives without compromise. Effective equipment operated by properly trained staff provides the opportunity for improved human interaction, an all-important part of the smart security mix and facilitates buy in by those subjected to the enhanced measures. The threat is with us and expected to stay, so constant improvement in the equipment used, training of personnel, drills and regular reviews of operational practices with variance of routine is crucial if we are to stay ahead of the game.

David J Gill, Managing Director, Linx International Limited (www.linx-int.com).

David entered the commercial security sector in 1985 following an early career in the police. David’s own specialism is in crisis management and workplace malpractice response, he is retained by a number of blue chip companies as an advisor to their crisis management teams. David has also advised government and sector groups including the Health and Safety Executive (national drug guidelines) and Skills for Security on National Occupational Standards for Security Consultants. David recently completed a Masters Degree in Security Management at Loughborough University. David is the Vice Chairman of The Security Institute and is actively involved in the institute’s bid to attain Chartered Status.

(In response to Mark Hanna’s request for ‘thoughts regarding security within your own specific industry, the security perception and the attitude of those today compared to that of pre-9/11 in your area of the industry, specifically has it improved, declined or peaked and then dropped off and the reasons why etc.) I have been advising a wide range of organisations from multi national corporations to SME’s on security and risk issues since the late 80s. There is little doubt that 9/11 thrust security to the very top of the corporate agenda however, in my experience this was relatively short-lived. Certainly today the vast majority of senior executives that I work with perceive 9/11 and terrorism as issues which now sit directly with Governments and law enforcement agencies. Accordingly 9/11 and terrorism has slipped off the front page of business considerations of many boards. Interestingly however, I have found that within the corporate arena there is now generally a greater emphasis on security and risk mitigation, but not as a consequence of risks associated with terrorism per se; but due to the increasing number of major corporate scandals; such as Enron, WorldCom and more recently Northern Rock.
Reputational risk is now firmly at the top of many companies’ agendas. Boards are increasingly more cognisant of reputational risk mitigation measures and accordingly much greater importance and value is now attached to corporate security. Reputation is a highly prized asset and is vital to any enterprise. A senior executive with one of the world’s largest corporations told me recently that reputational issues pertaining to any of the group’s global businesses/activities is now the first item on the CEO’s agenda at weekly briefings. Corporate governance, compliance, director’s legal responsibilities and duty of care are now very much priority issues – assigning resources proportionate to the risks are key to corporate survival but that surely must include ensuring terrorism is not left solely to ‘the authorities’. By failing to implement effective screening processes and inadvertently employing the services of a person who is subsequently found to be linked to terrorism in some way is a sobering thought?


Hugo Gillum-Webb heads the sales team at Advance Security UK (www.advancesecurity.co.uk) and has been in the security guarding industry for 20 years.

In response to the question it would seem appropriate to consider how we have reacted to 9/11 and what has changed within the security industry since. Perhaps of greatest note was the passing of the Private Security Industry Act in 2001, but this was long awaited legislation that was going to come into effect anyway. In isolation this is lamentable and a sorry indictment of the dynamism of the security industry. On a more positive note most would agree that we have seen the end users of security become far more aware of what precisely they are buying, as well as exercising ever greater controls to ensure they receive a product or service that is appropriate to the needs of their organisations. The providers of security have also reacted positively with a constant stream of new technology and a profusion of new training initiatives, developed by many newly formed training organisations. The manned guarding sector has also upped its game despite the age-old criticisms’ from a sometimes cynical marketplace.

As progress goes, this is all well and good and in many cases has lead to better, more effective partnerships between clients and suppliers. Such individual cases serve the industry well as they act as points of reference in the development of new standards and expectations. All too often however this ideal fails to materialise for one notable reason: cost. Ever more sophisticated procurement teams, driven by stringent targets and burdened by the economic state of the Nation work tirelessly to ensure that their employer receives best value. And there’s the rub: the practical process of getting best value doesn’t work with the notion of services and products that protect their recipients from threats which are undetermined in timing, scale or source. It’s the old ‘how long is a piece of string?’ question with the added complications that: a) time passed dulls the memory for all of us lucky enough not to have been directly involved in attacks such as 9/11 or 7/7 and b) nobody really believes it will happen to them. Add to this the backdrop of an industry that is continually hampered by over-competition and the chances of us living up to the high ideals spoken of in the aftermath of 9/11 fade dramatically.

Progress has been made by the security industry in recent years, but are we doing all we can to produce the type of joined-up solutions advocated by the leading lights within our industry? No, yet again the report reads: could do better. So who is to blame? Bad buyers and bad sellers. If the two groups could reach a better accord via a truly representative quasi-professional body we might eventually all end up with the innovative and dynamic profession our society needs.


Alan French is the Head of Security for Investec and is a member of the Worshipful Company of Security Professionals.

A series of co-ordinated attacks upon the United States by crashing two airliners into the Twin Towers in New York City, a third into the Pentagon and finally the fourth crashed into a field near Shanksville in rural Pennsylvania, after some of the passengers and crew tried to retake control, changed the face of international terrorism forever. There were no survivors from any of the flights and the loss of life on the ground was unprecedented. Tuesday, September 11, 2001 was a day that no one would forget.

Did in-house security take notice, yes, as did third party providers; have the standards improved, well that’s a debate to be had! One thing for certain is that basic office security was propelled to the highest level overnight and many sedentary personnel suddenly found themselves having to respond to questions and issues they perhaps never thought they would encounter and were thrust into the spotlight with a BANG! Advance eight years and the corporate security officer now needs to combine both a welcoming and friendly face to all who enter their buildings, concierge and hotelier like, but also ensuring that the security measures employed imply a foreboding, fortress-like image.

Most people appreciate the presence of practical security measures; combine that with a robust access control system along with quality CCTV, planned and communicated security will actually enhance client/visitors and staff satisfaction as well as their comfort factor. It is impossible, however, to define what the best solution for all facilities is but a single security programme that can support your objectives goes a long way in justifying the financial investment in quality personnel and equipment without unduly alarming whilst preserving your company’s profile and reputation.

A few years later we went in-house because we found that training was, and still is a client driven exercise, and without our pushing and prompting the basic guarding levels remained static, a debate to be had!

Mark Hanna sums up:

As the years go by, many things change. Change as we know is inevitable and in today’s environment, expected., but have we changed as an industry? Have we learnt from the past and can we, or are we able to change for the future threats facing us? Naturally, these are debatable questions as Romeo Richards found out in a previous edition of this magazine when he questioned his ‘industry stagnant position’, but whatever the answer, I think we can all agree with the comments made by the contributors in this article. We have changed in some areas and not in others. We have improved in service provision forethought and declined or remained static in other areas. We want to change in some areas and not in others such as training, licensing and standards. The areas seem to change depending upon our understanding of the industry, the desire for improvement and the vision of the future of our industry and senior leading figures. Therefore, it has to be argued that our industry is only as strong as our members, as strong as those that stand and be counted and those that want change. It was interesting to note that we are not the only industry or profession out there which feels this way. In the recent Federal Computer Week magazine, there was an interesting article on Cyber Warfare to which one annonomous person writes “A good number of practitioners DO take pride in doing good work and protecting their infrastructure. It's just most of us can only wave the flag for so long before we look around and see we're alone in the wilderness. Senior management as a general rule isn't going to give a flying hoot of doing much of anything beyond checklist compliance until their bottom line is affected”. Surely this is the same sentiment as a number of security industry bodies and/ or personnel or is it a wider philosophy than that? However, it still appears that there are those of us that strive for change for the benefit of the industry, and not oneself. There are others that are happy to be followers, and those that simply still tag on for the ride for whatever the political, monitory or person motivations. It brings me back to a story I remember about a reputable consultant that had carried out a security survey on a building six months prior to 9/11 in the City of London. During the survey and specifically looking at the area of risk, he highlighted the need to have a contingency plan for a plane or other aviation type machine hitting the building. The client at the time declined the offer of having this put into the final report and stated that his forward thinking was too extreme as the building was not even on a flight path! The knock-on effect for this consultant was that he was dismissed as an extremist in his field simply looking for risks that were simply not there. Surely then my original question then has to be asked again “Have we really have learned the lessons from previous terrorist attacks and the constant messages coming from political parties, the media and the public sector law enforcement agencies about threat or risk, or should we now take stock of what we have, what we can do and what we should do to ensure the protection of our most critical assets, our staff” As Douglas Macarthur once stated, “There is no security on earth, only opportunity”, but for who?