CONSEC 2017, the annual conference of the Association of Security Consultants (ASC), returned to the Marriot Hotel, Heathrow on Thursday, October 12. ASC chairman Joe Connell, reviews the day, and thanks the sponsors and exhibitors.
The conference theme, ‘UK security: Independent, but not alone – maintaining security in a global context’ – reflected the challenges and uncertainties facing security professionals. The speakers would provide the opportunity for delegates to look forward and more widely at the issues they face in their work.
Bill Butler [former chief exec of the SIA] again chaired the conference and opened by reflecting on the happenings around the world of the past 12 months – extreme weather, terrorist and cyber attacks in the UK, political upheaval and the ongoing Brexit soap opera. He encouraged delegates to join in sessions by asking the speakers questions and taking full advantage of the exhibition.
The keynote speaker was Lord James Bethell, who has a 20-year track record working across government, media and industry, a founder of Portland Communications and a patron of the Association of Security Consultants. James gave a wide-ranging and incisive analysis of current politics and the considerable uncertainties facing the UK over Brexit. He discussed the current terrorism agenda and how that changed. His suggestion was that the solution to the current terrorism issues was not through war or the criminal justice system, rather it needed community solutions. His concern was that policing resources are under pressure and that this has an adverse impact on community policing and issues of policing consent within communities.
The second speaker was Ed Butler who, following a distinguished military career, is now Head of Risk Analysis at Pool Reinsurance, the UK Government-backed terrorism reinsurance scheme. Ed talked about the development of current terrorism risks and the escalation of violence to people. He described an analysis based on Volatility, Velocity, Vulnerabilities and Vacuums. He shared the analysis work being done by Pool Re. and stressed the importance of sharing analysis across the broader security community.
CONSEC delegates enjoyed a comprehensive exhibition and practical demonstrations from a broad range of providers during the breaks and were able to network with fellow security professionals. Old acquaintances were renewed and fresh ones made with positive feedback on the quality of business-related introductions.
Sir Hugh Orde, a former senior police officer with 38 years of policing experience, including seven years as Chief Constable of the Police Service of Northern Ireland (PSNI) was the third speaker. Hugh, reflecting the Northern Ireland experience, said that we should remember that terrorism ends – eventually. He suggested that key elements of this were the role of negotiation, the role of the private sector in building protective capacity and the role of community policing. Hugh shared the concern that the pressure on policing resources was undermining this key element.
The final conference speaker before lunch was Cath Golding, Head of Information Security at Nominet, the company that runs the ”.uk” and a Board Member of the Women’s Security Society. Cath was the first of two speakers focusing on cyber security risks and mitigation. Cath said that the Domain Name System (DNS) was like the plumbing – you only notice it when it stops working. Cath provided a simple and understandable explanation of how DNS works and the threats it faces, giving practical examples. Cath described how Nominet monitor the internet to anticipate and identify attacks, and stressed the importance of the effective analysis of data in doing this. However, Cath emphasised that the risk of attacks was such that organisations must prepare for a successful attack and have in place resilience and continuity plans to handle this.
Before lunch, delegates received a presentation from the main conference sponsors, Dallmeier. The Marriott Hotel once again provided a good choice of buffet lunch. The exhibition stands were busy with almost 200 delegates and exhibitors circulating and chatting, many carrying on conversations with the morning’s speakers.
The afternoon commenced with the presentation of the ASC Imbert Award for Security Associations. The Award was presented by Joe Connell to Dr Alison Wakefield for her considerable contribution to the professionalisation of the security sector.
The afternoon speakers began with a presentation from Paul Heffernan, Group CISO for the Unipart Group of Companies. Paul started his career as an “ethical hacker” and has worked at board level to help organisations secure trusted global commerce. Paul continued the cyber theme, speaking about protecting globalised supply chains from cyber risk. Modern supply chains were highly complex and the visibility of those involved down the supply chain, including sub-contracting, multiplies the vulnerabilities and risks, particularly as the nature of the chain requires some openness of data. Paul gave practical examples of how organisations had been penetrated as a result of initial breaches in the security of the supply chain. Risk could be mitigated by active management of the risk with suppliers, requiring best practice certification and sharing intelligence and security testing.
The next speaker was Aiden Anderson, an independent security consultant with a background in army intelligence. Aiden spoke about how organisations can benefit from protection against diverse threats through independent security advice. Organisations face threats from many sources and outsourcing elements of operations and support services makes the threat and risk more complex – as Paul Heffernan had described in the cyber context. An independent consultant could bring a broader view to the threats and risks and, from a properly independent perspective, challenge preconceptions.
The final speaker was Shaun Hipgrave, head of the UK Government’s Joint Security and Resilience Centre (JSaRC), part of the Home Office. Shaun opened by setting out developments in the context of the Prime Minister’s statement that “enough is enough”, following the terrorist incidents earlier in the year. A review of the CONTEST approach was underway and Paul stressed the government’s determination that there should be proper private sector engagement in the process. There was significant investment to support this and also funding in other areas, notably cyber. In practical terms, the task force was now up to 25 people and there were now active projects in partnership with the private sector, including work on effective screening technology for large scale venues. There remained challenges, including being able to release data and the procuring flexibly to include SMEs, but progress was also being made.
CONSEC 2017 concluded with a lively panel debate, of Hugh Orde, Ed Butler, Dr Alison Wakefield and Shaun Hipgrave and chaired by Bill Butler. Bill opened by seeking panel views as to whether security could be “independent but not alone”. The need for operational independence of key elements, such as the police, was recognised, but the panel’s view was that the threats and risks faced requires joined up approaches, locally, nationally and internationally. The audience then joined in and a lively debate took place, covering the importance of better sharing and co-operation between government and private sector organisations and the need for better community and local based policing and intervention. The point was made strongly that successful community relations depended on the community recognising itself in those it was asked to work with.
Bill Butler concluded the conference by setting out his view on the themes that had emerged:
•The need for community based solutions, including the need for sufficient funding and a better reflection of gender and ethnicity in the sector to improve understanding.
•The need to share intelligence and expertise more widely between government and private providers
•The broad range of threats and the need to have plans in place to respond.
•Hugh Orde’s view that, although terrorism was terrible, it ends – eventually.
Overall, CONSEC was a successful opportunity for delegates to hear some authoritative views on the world in which they work and to engage in debate in the conference and the margins on the issues that they have heard about.
CONSEC 2018 is already being planned (for Thursday, October 11, 2018 at the same venue, the Heathrow Marriott Hotel) with sponsorship secured and exhibitor spaces already being booked.
