Richard Jenkins, Chief Executive, National Security Inspectorate (NSI) on priorities for security in 2022

We asked Richard Jenkins, Chief Executive, National Security Inspectorate (NSI): What are your priorities for security, for individuals, organisations and public sector organisations, for 2022 and the next five to ten years?

Reducing false alarms and ensuring effective protection of people and property from unwanted intruders go hand in hand. We’ve come a long way from the days of insurers viewing burglary as their single biggest cost item and the police responding more often than not to false rather than genuine alarms. It’s a great success story, but one still ripe for further improvements in deterrence and police effectiveness in apprehending perpetrators.

A newly revised BS 8418:2021 ‘Design, installation, commissioning and maintenance of detector-activated video surveillance systems (VSS) – Code of practice’ is the fresh catalyst.  Introducing fundamental change, this new standard will appeal to many by putting properties protected by a Remote Video Response Centre (RVRC) onto police response, where previously it was not an option.

In addition to previously police-recognised systems, now known as ‘Type A+’ (those well suited to higher risk commercial, industrial, military and similar sites), a new ‘Type A’ classification in BS 8418:2021 is set to attract premises managers as well as owner/occupiers with simpler installation technology requirements.

Allocations of police URNs to third-party surveillance monitored sites will increase significantly, as buyers and operators of sites on 24/7 detector-activated CCTV monitored systems understand the attractive cost/benefit BS 8418:2021 ‘Type A’ represents in summoning police response.

The post Richard Jenkins, NSI on priorities for security in 2022 appeared first on City Security Magazine.

NSI has been working on raising standards in cyber security for security systems – alongside other stakeholders, including the FIA, Internet of Things Security Foundation (IoTSF) Smart Buildings Working Group, and SSAIB – in the British Security Industry Association’s Cyber Security Product Assurance Group (CySPAG).

A number of cross-industry efforts are in place to address important and evolving personal security risks posed by cyber security breaches.

Risk management policy and procedure continues to rise up the agenda in response not only to the COVID-19 pandemic, but also due to increasing risks associated with network-based communications. Since spring 2020 security managers have been prompted to review all aspects of business and staff safety and security – including a heightened emphasis on cyber security.

The importance of network protection – already a pressing concern – is further underlined by the almost daily emergence of new online security risks leaving individuals and companies vulnerable to cyber-attack, with potentially significant corporate and personal security and safety implications.

Connectivity to internal and external networks of safety and security systems, including intruder detection and alarms, access control and video surveillance, has increased exposure to the risk of malicious attack, and the need for effective cyber security measures in terms of their design, installation, commissioning, operation and ongoing maintenance.

Organisations increasingly recognise and are expected to demonstrate the importance of applied cyber security measures to protect their operations, for example through Cyber Essentials/Cyber Essentials Plus certification or ISO 27001 (an international standard which acts as a framework for managing information security risks). Yet equally important is competency in the installation and maintenance of security systems at client premises.

In 1736 Benjamin Franklin, a Founding Father of the United States, declared: “An ounce of prevention is worth a pound of cure”. Raising standards to improve safety and security of people and property does just that. NSI has been working on this question through its participation – alongside other stakeholders, including the FIA, Internet of Things Security Foundation (IoTSF) Smart Buildings Working Group, and SSAIB – in the British Security Industry Association’s Cyber Security Product Assurance Group (CySPAG).

Established in 2017, as a collaborative effort including product and system designers, manufacturers, installers and maintainers of security systems to bring together and harness cross-industry expertise, it provides practical and free-of-charge recommendations specifically for all installers of security systems to help reduce vulnerability to cybercrime (https://www.bsia.co.uk/cyspag).

CySPAG’s ongoing work has included the production of practical and informative guides, the first of which, ‘Cyber secure it’, was published in January 2019. Following this, a 20-page cyber security code of practice for installation of safety and security systems, released last summer, detailed cyber security requirements approved installers can apply to protect their customers’ systems. The effort to deliver this code of practice involved manufacturers, designers, installers and system maintainers all working together. The outcome was ‘CyberCop 342’. This addresses the continually increasing use of internet connected devices and systems in electronic security, and how the increasing number of devices and links on home and business networks leave individuals and companies vulnerable to cyber-attack.

A practical approach

CySPAG is committed to providing publicly available industry guidance focused on what is practicable for installers and what can be expected of clients and end users to provide meaningful and practical cyber secure solutions. This is in contrast and complementary to other cyber security schemes, where products are typically the main focus.

Addressing the essential competency of installers, and to some extent end users too, in safeguarding their systems as cyber secure, CyberCoP 342 is designed to enable professionals within the security industry to take all reasonable precautions when installing and operating security systems with cyber exposure.

CyberCoP 342 aims to ensure that installers ‘joining up the dots’ of hardware in a system do so competently and with reasonable care that delivers customer assurance in their connected solutions, and encourages sound implementation, regular testing and, where appropriate, updating of equipment and software.

End-user role

As CySPAG points out, end users have a role to play in cyber security and need to be aware of their responsibilities in keeping their system secure, in practically managing cyber risks on their installed system, and also in making informed choices when selecting a company to supply, install and maintain their connected security system.

CySPAG’s ongoing work accordingly includes a review of the current industry skills and cyber security competencies, identifying required training needs. It’s recognised that industry up-skilling will be required. The group’s aims include explaining allocated responsibilities as well as ensuring installers apply products that are cyber secure in relation to the risk application scenario in which they will be used. This remit also includes ensuring cyber security updates are provided in a timely manner, with end users being made aware of their own role in keeping their systems secure. The group’s future agenda will involve publication of further industry guidance; a cyber security code of practice for manufacturers of safety and security systems was launched in April 2021.

Conclusion

Information security, already an important issue, is here to stay and poses significant challenges. CySPAG’s collaborative industry-wide approach in addressing this risk signals new technology can be adopted safely, allowing the benefits of interconnected systems and devices to be widely realised without compromising the corporate and personal data of those using them.

Richard Jenkins

Chief Executive

NSI

www.nsi.org.uk

Read more articles from Richard Jenkins

Read more articles from NSI

Read more articles on cyber security

The post CySPAG – cyber security for security systems appeared first on City Security Magazine.

What is the role played by standards, codes of practice and quality management systems in risk management?

Risk management policies and procedures implemented by public and private sector organisations help strike the balance between fulfilling their various daily activities and enabling adequate protection for staff, customers, site infrastructure, visiting contractors, stock, and operational on-site equipment including IT – without interfering with the important, prime activity.

Regularly reviewing this in the context of evolving risks and threats can highlight potential vulnerabilities, as well as opportunities for continual improvement. Policy often invokes standards as a short cut way to ensure quality is maintained. One key to optimising risk mitigation lies in making use of the latest standards and codes of practice developed in response to evolving threats and new technologies. Complementary utilisation of ISO 9001 approval for quality management systems assists in this objective through its inclusion of a strong customer focus, the motivation and responsibility of top management, a process based approach and continual improvement.

Detector activated CCTV

Detector activated CCTV surveillance systems delivering police response is a case in point. The existing standard, BS 8418 (first introduced in 2003 and currently undergoing its third revision), has disappointingly not been widely adopted as a means of qualifying for a police URN. The ‘root and branch’ changes being introduced in this latest version of the standard – BS 8418 version 3, due for publication in 2021 – will tackle previous limitations including a perceived high system cost and, some would say, overly onerous installation requirements.

Cyber risks

The global pandemic has accelerated the role of IT-based communications in all our lives, and the emergence of significant new online security challenges for residential users and commercial/public sector organisations continues to be a growing cause for alarm. Increasingly internet-connected devices and systems, and the growing number of links in home and business networks, leave individuals and companies vulnerable to cyber attack.

Recognising this, the British Security Industry Association’s Cyber Security Product Assurance Group (CySPAG) was formed in 2017. Specifically responding to interest from installers, CySPAG produced a cyber security code of practice for installers of safety and security systems in 2020, providing guidance in practically managing their clients’ cyber risk when supplying, and installing, interconnected security systems.

NSI is working to ‘upgrade’ its scope of approval for security systems to include this code of practice, reinforcing installer competence and the confidence buyers can place in approved businesses. Similarly, an updated NSI code of practice for access control systems, NCP 109 Issue 3, is due in 2021. This revised code, embracing new technologies and methods and drawing on the latest BS EN 60839 standard series, will steer installers for example regarding IT networks and devices, along with cyber security.

The BS 10800 ‘umbrella’

Meanwhile, important developments in the security services field include the required introduction of BS 10800:2020 for NSI Guarding Gold & Silver certificated guarding providers by 31st March 2021. The thinking behind this overarching standard will simplify life for approved companies in the long run. It details managing the provision of security services at a strategic level and provides recommendations for the planning, management, staffing and operation of all organisations providing security industry services. All the security standards for static guarding, mobile patrol and events sit under the ‘umbrella’ of this new standard. Other remaining British Standards covering security services will be aligned with BS 10800 as they come up for revision.

Labour provision under the radar

Neither British Standards, nor the SIA’s Approved Contractor Scheme, directly address agency labour provision at present. Widely used, agency labour provides essential flexibility for guarding service providers. When professionally managed, it ensures security standards are maintained, not compromised, whilst remaining cost effective. Yet it remains an unwelcome opportunity for rogue labour and/or worker exploitation.

NSI is addressing this vulnerability with the introduction of a code of practice for the Provision of Labour in the Security and Events Sectors (NCP 119) after consultation with industry. From December 2021 it will become mandatory for NSI Guarding Gold and Silver approved companies to only use outsourced security staff from labour provider organisations signed up to the code.

Conclusion

Independent third-party certification plays proxy to a degree for discerning buyers of security systems and services, providing confidence in their suppliers’ capabilities and integrity, ensuring relevant service criteria are met, and certifying that associated insurance conditions are complied with.

Underpinning this, standards and codes of practice offer a valuable safety net for buyers, providing them with the reassurance of knowing that competencies are kept up to date and in line with revised standards and codes as a matter of course – in a sense, future-proofing tools.

Richard Jenkins

Chief Executive

National Security Inspectorate

www.nsi.org.uk

Read previous articles from Richard Jenkins

For further views on this topic, see related articles in our categories: Counter Terrorism Risk Management and Security Management

The post Risk management standards and codes of practice appeared first on City Security Magazine.

Since the COVID-19 pandemic took hold in March 2020 the security sector has demonstrated its readiness to adapt, often creatively, to the uncharted and challenging circumstances.

 Given the need to adapt and respond to a sharply changing trading environment and maintain safety and requirements as set out in their insurance policies, risk assessment has sharply risen up the agenda for businesses keen to mitigate risks to staff and customers.

Guarding services providers demonstrated capability to rapidly adapt door supervision and front-of-house duties, taking on Covid- related safety duties to help keep communities safe during lockdown.

Equally, in the security and fire safety systems maintenance arena, making full use of remote monitoring and adopting Covid-secure working practices on site in the interests of systems users and staff has maintained the integrity of security and fire safety infrastructure.

Alarm Receiving Centre operators were quick to recognise where standards fit for the ‘old normal’ were found lacking in accommodating risk mitigation of remote working, and Key Worker status clarification sought to ensure ARC operations were not compromised but able to function in the midst of lockdown. NSI was wholly supportive of creative initiatives which were demonstrably in the spirit of, if not to the letter of, relevant standards.

Throughout the pandemic NSI’s role as the leading certification body has continued to focus on setting sector standards, including its involvement in various Standards working groups, so helping buyers address their risks.

More broadly ‘necessity is the mother of invention’ still rings true with wide adoption of digital collaboration technologies available for some time but only accepted widely in the midst of lockdown by people in all walks of life striving to keep things moving.

Richard Jenkins

Chief Executive,

NSI

For further views on this topic, see related articles from our Police & Partnerships category:

David Ward, City Security Council on the recognising the importance of security officers

Robert Hall, Resilience First, on lessons learnt from 2020

Guy Mathias, Security Commonwealth on evolving the security response

Mike Reddington, BSIA, on dealing with the global pandemic

The post Richard Jenkins, NSI, on security sector response to Covid-19 appeared first on City Security Magazine.

Richard Jenkins, Chief Executive of the National Security Inspectorate, explains some of the challenges and opportunities involved in protecting staff and facilities in a post-COVID-19 world and how security buyers can best approach this.

The operational demands involved in enabling the return to work of furloughed and remote working employees following the COVID-19 pandemic have been a sizeable learning experience for all employers. Unprecedented health and safety measures to ensure safety of staff and visitors and make premises COVID-secure have been implemented, including upgraded cleaning procedures, ventilation, PPE provision, social distancing and some limiting occupancy of premises.

Naturally and properly these safeguards have been prioritised, as befits the importance of the measures required. But it’s also important to be mindful that the coronavirus pandemic simultaneously presents other challenges with wider repercussions looking forward, including escalating security threats.

In this context the independent global risk advisory consultant Sibylline has recently warned organisations to mitigate a variety of risks that have been exacerbated by the COVID-19 pandemic, such as the potential for cyberattack, terrorism and organised crime.

Rising unemployment, potential civil unrest and related societal tensions are also driving concern.

In the context of such heightened security threats, careful attention to the socio-economic impacts of COVID-19 is appropriate. This situation demands attention is given to relevant protective measures to effectively deter, detect and in the event, be ready to respond to any incident. In this way an organisation’s staff, assets, sites, reputation and business continuity planning are secured and allow day-to-day business activity to proceed safely.

Operational challenges

A key way in which buyers of security services including guarding services and security systems, can meet the demands imposed by these circumstances is through selecting providers with suitable credentials. Independent third party certification can offer as much, and so plays proxy for the discerning buyer. It serves to give confidence in the capability and integrity of providers, with the reassurance of quality services supplied by companies which meet relevant standards and operational codes of practice. In practice, benchmark certification is attained through a rigorous ongoing audit programme, a not insignificant investment cost for the provider.

The continuing delivery of audits since the start of the COVID-19 pandemic lockdown has in itself proved challenging. Where certification body auditors have no longer been able to visit firms in person, attention has instead turned to the potential of remote audits – utilising known but until now less widely used communications technologies.

The obvious key question is of course: does a remote audit provide the essential rigour of a traditional on-site audit? Is remote audit an adequate answer to the public and businesses reliant on this discerning buyers’ proxy and does it ensure services meet the competency requirements laid down in standards and codes of practice benchmarks?

Remote audit potential

Coronavirus ‘lockdown’ has seen collaboration technologies being put to far wider use across society – not least in the auditing community.

Interest in remote auditing has risen exponentially over the last six months. COVID-19, so the headlines have it, means that in the world of auditing the time for remote audit has come. Where audit programmes require a focus on reviewing and a reliance on documentation, the now widely familiar technologies of Skype, [Microsoft] Teams, Zoom and the like go a long way to making this possible. Of course, user familiarity with technology and resilient communications are essential to the success of remote audit, as is the availability of key personnel. Any unreliable network or VPN connectivity causing interruption in interviews and meetings can be hugely wasteful and limiting in the completion of successful audits. Yet it’s clear that remote audit – some call it a ‘dynamic desk top review’ – is here to stay. The COVID-19 crisis has given it a traction previously possible, but not adopted, and where Quality Management System audits are concerned the results have proved positive.

It’s also equally true that nothing beats ‘getting out in the field’, ‘seeing for yourself’, and ‘kicking the tyres’. In a variety of situations remote audits are neither practical nor desirable. They do not make best use of the expert auditor scrutiny of the unexpected, the cross-checking of good practice and interviewing staff to verify management’s ‘party line’; put simply, when it comes to product (and service) standards, only on-site audit can tick all of the boxes all of the time.

NSI has accordingly adopted a blended audit programme strategy – a carefully considered combination of remote and on-site audit capability fit for a future post-pandemic world.

Working with current Government COVID-19 guidelines it is delivering for the security industry and its customers, with on-site audits gathering evidence of compliance to technical product (and service) standards. Meanwhile, remote audits are routinely utilised at NSI’s discretion for assessing ‘Management System’ requirements where process and control has a greater emphasis on documentation, and so delivers a complete audit jigsaw.

Conclusion

The all-important confidence of security buyers in services provided by independently audited third party certificated companies should be upheld through a blended remote and on-site strategy designed to ensure robust and trustworthy certification for buyers.

In the current COVID-19 climate new and potentially significant risks may emerge. In this context the reassurance provided to security service buyers through comprehensively certificated services is all the more valid.

Richard Jenkins

Chief Executive

National Security Inspectorate

www.nsi.org.uk

The post Remote security auditing appeared first on City Security Magazine.

The need for security has been drawn into a new sharper focus in the UK since early March. The new crucial element is the response in security planning to protect against the risk of the life threatening coronavirus  (COVID-19).

In such challenging circumstances all organisations are adjusting to the ‘new normal’. Security measures for key workers required to staff various critical facilities are being freshly assessed and, where necessary, strengthened and redesigned, employing a variety of technologies, including smarter access control systems.

Examples of recent systems include those aimed at monitoring and detecting potential COVID-19 symptoms, as well as other more routine health conditions such as the ’flu.

These measures include interfaced CCTV-based thermal temperature monitoring. They are designed to help identify an individual’s abnormal temperature, providing automatic and real-time alerts to on-the-ground security teams. Access points including door entry and turnstile controls can also be linked, to allow or automatically prevent clear passage to persons of interest until tested.

Such systems and procedures are not foolproof. Nevertheless, options like these are a practical response to circumstances. They demonstrate the adaptability and ingenuity of system providers, and remind us of how security can be significantly enhanced by access control solutions.

Technologies can be adapted to offer both physical security and fire safety protection: electronic visitor management systems when interfaced with appropriate access control solutions can provide accurate real-time registers of those in restricted areas for roll call verification purposes, in the event of evacuation immediately post-incident.

Risk assessment for access control

The appropriate specification for access control is informed by an effective risk assessment/threat determination. Carefully defining needs ensures measures are both fit for purpose and user-friendly – and helps importantly with ‘buy-in’ from users once operational.

Risk assessment also helps in the identification of access control needs, the location of access points to be secured/monitored, and any requirements for remote monitoring. It is factored into design, which also takes into account risk classification for access points and how this may vary over time, e.g. inside/outside working hours, during daylight/hours of darkness, at weekends, or during other open/closed periods.

Updated Code of Practice

In response to evolving standards, NSI will shortly be introducing an update to its NCP 109 Code of Practice for access control systems. The Code draws on the Equality Act 2010, British Standard BS 7273-4 for fire protection (activation of release mechanisms for doors) and BS 7671 for electrical installations – all key to safe and well-designed systems.

Buyers choosing companies who comply with the new Code can be assured the access control system design will reflect specific user needs, usability and operating requirements.

This upcoming release of Issue 3 of NCP 109 embraces new technologies and methods. It covers the assessed threat, determining points of higher exposure, expected people flows, means of escape in the event of a fire or security incident, and the most suitable type of recognition technology – such as the deployment of access control systems incorporating complementary surveillance and thermal monitoring systems designed to meet today’s new challenge of COVID-19.

Classification

The update now references BS EN 60839, which classifies each access point (door, hardware and access components) based on a risk assessment. Additionally, it defines access functions that should be included based on risk levels, for example for higher risk access points, anti-pass back, door forced alarms and door held open alarms, including the remote notification of emergency release operation.

Data storage

Access control record keeping and data security are essential in today’s world. Typically, ‘log-ins’ and permissions are a point of risk. Fail-safe system controls and procedures can ensure recognition log-ins are up to date, with permissions for staff or contractors who are given access added and withdrawn in a timely fashion – simple yet essential risk management. Access control systems store personal data which must be held securely, adhering to data protection including GDPR (applicable from 25 May 2018).

Standards

The successful operation of access control systems is built on clear collaboration between users, specifiers and installers. The first can do far worse than check providers are specifying and installing in alignment with recognised standards, and hold independent approval underlining their competence: carefully developed and deployed specifications ensure smart, as well as sound usability in practice.

Richard Jenkins

Chief Executive, National Security Inspectorate

www.nsi.org.uk

The post Smart access control solutions strengthen security provision appeared first on City Security Magazine.

The essential contribution of agency labour providers to the security industry can be undermined by poor practice. Can a new code of practice address the best interests of security buyers and agency workers?

Buyers and providers of guarding services face potential risks in utilising agency labour in the industry.  It’s well known that commercial guarding services providers across a variety of security functions, including duties related to the protection and safety of public events, upscale their staffing resources when required.

The use of flexible labour in both the security guarding and events management sectors is common practice, and enhances providers’ operational efficiency and effectiveness. This operational reality, when professionally managed, ensures security standards are maintained and not compromised, whilst fulfilling contractual requirements.

Upscaling – the dangers

Yet, too often, inadequate management procedures linked to the scoping of additional security officers pose a risk to the safety and security of the public, by prejudicing the integrity of the supply chain, so offering unwelcome scope for rogue labour and/or worker exploitation.

The wider risk for event organisers and other buyers such as facilities owners and site managers is clear: the consequence of poor labour practice, resulting in a security breach, could lead to a loss of public confidence and damage their future business prospects.

In essence, the labour supply chain flexibility that, whether we realise it or not, we rely on to keep us safe, can have hidden ‘weak links’ which, if breached, can have attendant consequences: fallout for buyers, for service providers, for those employed through such working arrangements, and the general public. In the worst-case scenarios, rogue labour could have devastating results.

It’s become increasingly clear that there is a lack of ‘end-to-end’ oversight to fully address this risk. So, how can buyers have confidence their main security contractor’s supply chain is all it’s cracked up to be?

Squaring the circle

NSI, a UKAS accredited Certification Body in the Guarding Services market, approves organisations against British standards, ensuring they operate accordingly. Over the last two years, it has seen sufficient risk in the market to justify development of a Code of Practice and an approval scheme that both protects buyers and allows guarding providers to independently demonstrate their labour supply chain’s integrity.

In the context of feedback received regarding poor practices potentially compromising industry credibility, in 2019 NSI engaged with the Gangmasters and Labour Abuse Authority (GLAA), a government body that works in partnership to protect vulnerable and exploited workers.

Its teams investigate labour exploitation across all sectors in England and Wales, covering offences against the Gangmasters (Licensing) Act 2004, the Employment Agency Act 1973, the National Minimum Wage Act 1998 and the Modern Slavery Act 2015. The GLAA has highlighted sectors vulnerable to labour exploitation as including those with sub-contracting arrangements, since they are harder to monitor.

A workable and practical means of addressing this risk has been a priority, through the development of a new draft Code of Practice, NCP 119, for the ‘Provision of labour in the security and events sector’.  This addresses, and in a sense challenges, labour providers’ processes regarding, for example, the adequacy of screening checks, the monitoring of deployed security guard SIA licences, adherence to Working Time Regulations, compliance with minimum wage regulations, and checks on right to work and employment status. In short, it addresses rogue labour.

Best practice procedures

The new Code of Practice has been developed to enable Guarding Services providers to demand robust and professional employment practices from their labour providers, by requiring them to adopt and seek approval from NSI.  In this way organisations providing labour to security companies will be able to demonstrate best practice by holding independent certification in the scope of ‘Provision of labour in the security and events sector’.

By definition, use of the term ‘labour provision’ applies to activities which are described as bought-in-labour, licensed or unlicensed, as well as labour employed and/or supplied by a third party to temporarily supplement the contracting company’s own workforce. Its scope covers all labour provision to NSI Gold and Silver approved companies operating in the regulated security and events sector.

Importantly, approval to the Code by supply chain partners will demonstrate to buyers of services an end-to-end supply chain commitment to meeting statutory and legislative requirements, as well as meeting certain relevant environmental, social and governance criteria in the provision of services delivered.

These requirements include measures related to best practice in terms of organisational structure, finances, payroll, insurance and premises. They also include personnel, sale of services, operations and documentation, training and record-keeping. Companies procuring additional labour to support service delivery on their contracts will shortly be able to require labour providers to obtain a Certificate of Approval to NCP 119.

The intent is to ensure, and demonstrate to buyers, that professional standards and staff welfare are maintained, whilst ensuring that risks associated with weak supply chains are actively addressed on an ongoing basis, protecting the general public and security officers alike.

Richard Jenkins

Chief Executive,

National Security Inspectorate

www.nsi.org.uk

The post NSI new code of practice for security agency providers appeared first on City Security Magazine.

Two key trends recognised as challenging installers and operators of security and fire safety systems are the shortage of competent engineers and operatives, as advancing technology impacts both the assets themselves and the way in which they are installed and maintained.

Security embraces change

Security and fire safety systems are a significant component of any security deployment. Assets may include CCTV, access control systems, intruder and fire alarms, and emergency lighting, as well as alarm receiving centres and other operational control rooms. It is essential for all within the wider industry to understand not only the technological change, development and convergence that is evident, but also broader factors that could affect best practice and ultimately public confidence in the industry as it delivers its broad mission of safety and security.

Minding the gap

Research from a bespoke extension of Working Futures 2014-2024* forecasts demand of 265,000 skilled entrants from engineering enterprises every year through to 2024, of which around 186,000 will be needed to meet replacement and expansion demand.  Based on these estimates, projected supply will fall short by at least 20,000 new entrants per year (excluding any Brexit effect), whilst at the same time greater demand will be seen for more highly skilled jobs requiring science, technology, engineering and maths-based competences.

One factor that could help mitigate the shortfall is the pace of development in technology, particularly machine learning and artificial intelligence. In some areas of installation and maintenance this is already having an impact. Remote monitoring and diagnosis, for example, reduces need for engineers to visit a site, and allows monitoring operatives a broader span of control. However, the statistics are a stark reminder that the industry must act now to attract and educate new talent to support the application of new technologies as it increases.

Skills initiatives

Every year at IFSEC International, Europe’s leading security event, a national competition, Engineers of Tomorrow, shines a spotlight on apprenticeships within the installer sector, recognising new talent. With the growing skills gap the need for such an event has never been greater.

As a founding stakeholder, NSI has played an integral role in the EoT initiative for over twenty years. NSI expert auditors conceive the skills tests, alongside other industry and technology experts, and adjudicate the competition. EoT has created a high profile showcase for the installer community at large, not just those currently employing apprentices, to understand the value of apprenticeship opportunity, both for employers and colleges.

Notwithstanding the good work in generating more interest from employers, encouraging those currently in full time education to consider an engineering career in the security and fire safety sector is a key strategy. To this end, EoT is now working with WorldSkills Live – an annual event. This international platform targets schools to promote the value of a range of different careers.

It showcases particular industry sectors, including engineering and technology, and hosts a competition pitching the best apprentices the UK has to offer against overseas counterparts. Plans are currently underway to use the existing EoT competition as the basis for selecting the most competent Fire, Emergency and Security Systems Technicians for future international competitions.

Raising standards

As a Certification Body in the security and fire sector, NSI is proud to be an active ambassador for apprenticeships.

Keeping abreast of new technologies, latest industry standards and codes of practice is imperative for companies in order to provide buyers of security and fire safety services with the most effective security measures.

Organisations best placed to deliver such services include NSI-approved companies, who are subject to a continuing independent audit programme which seeks evidence of compliance with the latest standards, requires corrective actions where needed and evidence of commitment to continual improvement. In so doing they are increasingly recognising the importance of apprenticeships and the ‘Engineers of Tomorrow’, as the industry strives in the delivery of its mission.

Richard Jenkins

Chief Executive

National Security Inspectorate (NSI)

www.nsi.org.uk

UKAS-accredited NSI is the UK’s leading independent third party certification (TPC) body within the security systems, fire safety and guarding services sectors, helping to protect homeowners, businesses, the public sector and the general public through rigorous audit of more than 1,800 security and fire safety providers nationwide.

*Taken from Engineering UK 2017 Synopsis and Recommendations Report www.engineeringuk.com/media/1356/enguk_report_2017_synopsis.pdf

The post Preparing for the security & fire safety engineers of tomorrow appeared first on City Security Magazine.

Police Services in the UK stipulate that police response to reported intruder incidents (burglary) is limited to where crime has been witnessed and where intruder alarm systems have a certificate of compliance. This certificate signifies they are installed to recognised industry standards by security companies approved by and registered with a recognised certification body such as NSI.

The number of properties protected by police response alarms continues to grow, yet the frequency of false alarms (as determined by the police themselves) has reduced by 90% since the policy became effective in 1990.

The drop reflects the professionalism, competence and general raising of standards in the installation of systems and 24/7 monitoring of premises. This is coupled with marked improvements in the way security systems installers and Alarm Receiving Centres (ARCs) work together in the service they provide their clients.

Moving to a more automated approach

Notwithstanding this increase in efficiency in deployment of police resources with reduced false alarms, plans are afoot to improve performance further by replacing the existing manual means of ARCs contacting the police by phone. This is to move to a more automated process, i.e. the automatic digital transmission of confirmed alarms from ARCs to police control rooms.

The idea is not new, some forces having adopted automation on a limited, sometimes bi-lateral basis for some time. The key point now is the industry stepping up to develop a national standard approach with potential to apply across the UK.

In 2017 NSI commissioned research about the perception and challenges for implementing such an idea. Its intent was to inform the automation steering group as to the key concerns and issues for all stakeholders, in particular concerning the imagined alarm signalling ‘bridge’ between ARCs and police forces.

The findings revealed an overall positive attitude to automation in principle, but, doubts from many stakeholders that the initiative was workable in practice, particularly because of the wide variety of incompatible operating systems and protocols ARCs and police forces work with. In any event, there was a highlighted need to engage broadly with industry to develop the idea. ECHO was born.

About ECHO – Electronic Call Handling Operations

ECHO is a not-for-profit company limited by guarantee, formed in August 2017. Its sole focus is the implementation of automated alarm call handling between ARCs and the police forces across the UK, with facility to deliver by 2020 in line with NPCC aspirations. Backed by Home Office funding, the initiative was driven by the British Security Industry Association (BSIA), the Fire Industry Association (FIA) and the Fire and Security Association (FSA), all taking their place on the Board of the new Company.

When fully rolled out, ECHO will manage signals from upward of 1.2 million certificated alarm systems via 120 ARCs directly to 44 Police Services and with potential to deliver in future, verified fire alarm signals to the 52 Fire and Rescue Services.

The aim is to simplify and speed up priority signalling of confirmed alarms from ARCs to emergency services control rooms, reducing queueing and call handling times, eliminating risk of human error, and allowing resources to be deployed in a smarter way. The benefit to be delivered will be an improved service to victims of intruder crime – be they residential, commercial or public service premises – and the public purse by enabling more efficient response to genuine confirmed alarms.

The ECHO project has seen the piloting of a technology platform with a number of Police Services and ARCs and is currently talking to potential service providers to deliver the electronic service. Alongside this, the ECHO management team is developing in consultation with key industry stakeholders the business model that will put its service on a sustainable footing and enable Certificated Intruder and hold-up Alarm Systems to be connected via approved ARCs to the ECHO service.

What does the future hold?

ECHO will help enhance the already close operational partnership between ARCs and the police. Further development of ECHO for security alarms could include connecting first responders in the emergency services with live video from alarmed premises, and potentially enhance fire alarm signalling from certificated fire detection systems in areas of critical infrastructure such as care homes and hospitals.

The National Fire Chiefs Council (NFCC) is taking interest in the ‘police model’ for certificated intruder alarm signalling with its track record of 30 years. The Fire Service has reported in 2018 40% of fire alarms attended were false, a total of 231,000 or one every two minutes. There is a school of thought that ECHO could be a catalyst for the Fire Service taking learnings from certificated verified alarm signalling the police have experienced, to raise confidence in technology to deliver high quality verified alarm signals and raise the prospect of greater efficiencies in the deployment of precious firefighting resources.

David Wilkinson, Director of Technical Services at the BSIA, said, “ECHO represents a real opportunity to embrace the digital transition that is taking place across the UK. Taking the longer view, its potential is immense, with critical infrastructure across all sectors of society, from hospitals to heritage, all potentially benefitting from prioritised enhanced confirmed alarms transmission.

“Both intruder and fire responders and the wider public can benefit from a more efficient alarm response to properties and people by 24/7 certificated alarm installations and monitoring supported by ECHO.”

Committed to high standards

NSI approval provides assurance that installers and the management and maintenance of alarm systems and control rooms deliver consistent best practice to help keep people and property safe.

NSI is accredited by the United Kingdom Accreditation Service (UKAS), the UK’s sole National Accreditation Body, responsible for determining, in the public interest, the technical competence and integrity of organisations such as those offering certification services.

UKAS accreditation signifies NSI companies operate its certification schemes and issue Certificates of Approval in accordance with International Standards for Accredited Certification of Management Systems such as ISO9001 (ISO 17021) and Product Standards pertinent to security and fire safety such as BS 7958 for CCTV (ISO 17065).

Companies that benchmark themselves against NSI approval schemes demonstrate commitment to the highest standards of competence in the delivery, operation, management and monitoring of alarms. NSI Gold approval includes certification to BS EN ISO 9001 (for a company’s Quality Management System) as well as its adherence to the relevant product standards.

Richard Jenkins

Chief Executive

National Security Inspectorate (NSI)

www.nsi.org.uk

The post Alarm response: technology and cooperation drive efficiencies appeared first on City Security Magazine.

As a society we recognise the value of surveillance for counter-terrorism, but personal freedoms are an important construct and therefore the security industry and its clients need to work to best practice for the design and operation of CCTV systems.

Recent coverage in the press has featured the potential ubiquitous intrusion of surveillance cameras, citing examples of the use of CCTV in taxis and the use of automatic facial recognition technology.

The public may rightly be concerned with their use and risk of abuse. Four years ago a survey by the British Security Industry Association estimated that in an urban area on a busy day a person could have their image captured by around 300 cameras on 30 different systems. No one would doubt that figure has grown substantially in the last few years, increasing capability to capture, record and monitor activity, and retrieve evidence of actual incidents.

The Surveillance Camera Commissioner

Maintaining a balance between the fundamental rights and freedoms of citizens on the one hand, and safeguarding them in the community on the other is at the heart of the Surveillance Camera Commissioner’s (SCC’s) strategy. Businesses operating surveillance cameras capturing footage in the public domain should be working to best practice standards.

Compliance with the Surveillance Camera Code of Practice issued by the Home Office in 2015 is a valuable symbol of trust in the public eye. The Surveillance Camera Code of Practice raises standards by enabling surveillance providers to benchmark themselves, encourage continual improvement, and ensure surveillance is robust and fit for purpose. This in turn helps secure public confidence.

The code sets out twelve guiding principles: a comprehensive structure that enables sound, transparent decision-making in regard to the use of surveillance cameras. Since being appointed, the SCC has created a series of tools to support the operators of public space surveillance camera equipment.

The self-assessment tools cover use of:

• CCTV
• automatic number plate recognition (ANPR)
• body-worn video (BWV)
• automated facial recognition technology (AFR)

The practical application of good guidance for public spaces can be found in the Surveillance Camera Code of Practice. www.gov.uk/government/publications/surveillance-camera-code-of-practice 

Management and operation of CCTV

British Standard Code of Practice BS 7958 outlines the principles and practice involved in the management and operation of CCTV. Amongst other things, the standard provides a framework for outlining the objectives in the use of a system as well as ensuring records of images are kept securely, with a clear policy regarding the release of information to statutory prosecuting bodies, including the police, and members of the public.

The standard can be used as a management framework for ensuring best practice in all aspects of management and operation of CCTV systems. It includes guidance on working conditions, appropriate use of equipment, the management of recorded information, and legal considerations including privacy and disclosure.

Businesses can gain NSI approval against the full provisions of BS 7958 if they are fully compliant. It is an assurance of professionally and competently run operations, symbolised by the award of the NSI medal and logo.

Businesses can also use contractors that hold NSI approval against specific Annexes to BS 7958. This includes fully trained and security screened contracted staff to work in a stadium’s CCTV control room or sub-contracting out the whole CCTV monitoring service to an external control room.

Whether outsourced or managed in-house, CCTV managed and operated in accordance with BS 7958 provides security managers with significant confidence that operations are fit for purpose.

Security installed and maintained

NSI recently upgraded its own code of practice (NCP 104 Issue 3) for the design, installation and maintenance of CCTV systems. The newly revised code of practice is based on BS EN 62676-4 and provides installers with a structured approach to determining user requirements through an appropriate risk assessment and site survey.

With modern digital camera systems providing high definition images, better accuracy in the recording and retrieval of information, and increasingly facial recognition, quality management and control systems must be in place. These ensure the correct use of CCTV recording and surveillance for the intended purpose, the security of recorded data and a guarantee that rights to privacy are protected and that the latest security software updates are applied to protect from cyber threats.

Together raising standards

Companies demonstrate commitment to good practice by the approvals they hold. NSI Gold approval includes certification to BS EN ISO 9001 for the company Quality Management System as well as adherence to the relevant product standards such as BS 7958 and/or NSI code of practice NCP 104.

NSI is accredited by the United Kingdom Accreditation Service (UKAS), the UK’s sole National Accreditation Body, responsible for determining, in the public interest, the technical competence and integrity of organisations such as those offering certification services. UKAS accreditation signifies NSI operates its certification schemes and issues Certificates of Approval in accordance with International Standards for Accredited Certification of Quality Management Systems (ISO 17021) and Product Standards pertinent to security and fire safety such as BS 7958 for CCTV (ISO 17065).

Companies who benchmark themselves against NSI approval schemes demonstrate commitment to the highest standards of competence in the delivery, monitoring, management and operation of CCTV and security services. NSI approval provides assurance to businesses that installers, operators and the management of CCTV systems and control rooms deliver consistent best practice in surveillance that can be shared effectively with law enforcement bodies in the UK’s fight against terrorism.

Richard Jenkins Chief Executive, NSI

www.nsi.org.uk

See also: Surveillance on public transport networks: too intrusive?

CCTV advances after high conviction rate for London riots

Facial recognition: cutting-edge technology

The post Best practice for CCTV operations appeared first on City Security Magazine.