How to better protect the business - Introduction based on findings of SUPPORT Delft, May 9, 2012 Henk van Unnik Senior advisor, Securitas Maritime & Logistics Security Solutions

Introduction Picture of crime and terror What has influenzed the corporate invironment Risks related to Ports and Port facilities What drives Crime and what drives Terror SUPPORT´s 11 points of attention How is Security perceived and organized to day How can SUPPORT improve this A proposed Model

Picture of Crime and Terror Corruption and bribe Infiltration through joint ventures Growth in violence Underworld interwoven with the overworld Loss of integrity in the business climate Loss of a Ports reliability Damage to supply chain, economy, and the rule of law

What has influenced the Stakeholders Changes at Corporate level structure and pace of corporate life and - security more global trade and - economy new business practices risks more complex interdependence between risk and business higher security profile

A Port is vulnerable to crime due to concentration of valuable goods limited number of people present during night time poor control over stocks and data poor awareness of risks lack of transparency and inspections of corporate processes blind faith in people, insufficient recruitment processes too much confidence in social control between employees The option of a Toolkit that can create a PFSP is an important step Risks related to a Port

Risks related to a Port facility A Port Operator is extra vulnerable to crime due to: placing too much trust in people and effectiveness 80 – 20 rule lack of awareness lack of efficient security procedures weak systems of internal control inadequate pre- employment and background checks inadequate protection of information and IT systems lack of business partner requirements shift in norms and values

What drives Crime Mechanisms that drives crime Demand driven by:Supply driven by: Greed Own use Global disease Crime as profession shift in norms / values NeedCrime opportunities by created by PR & sales activitiesineffective and insufficient processess, procedures, Poverty risk perception and mitigation exploitation /exclusion / culture Can demand be influenzedCan supply be influenzed Little to nothingBy reducing vulnerabilities throug adequate security management

Mechanisms that drives terror Selecting a terror object is based on the circle of 3 V’s Visibility of an object Value of an object Vulnerability of an object The only V that can be influenzed to break this circle is Vulnerability What drives Terror

Managing security (WP2) (WP5) (manual 2) Threat and vulnerability assessments and control measures (WP4) Access control Inspections at access control Screening of staff Standards for fencing, alarm systems and CCTV (WP3) Monitoring and surveillance performances (WP3) Handling of cargo in cooperation with Customs Checking of personnel at the facility Training and awareness programs High resilience concepts (WP5) 11 points of attention

From a business perspective A defensive approach focused on protection and `loss prevention` stopping people to do their jobs instead of enabling the business to function and grow. From a security perspective Only two components are considered to be addressed the most important components are hidden, leading to a wrong risk perception, a wrong risk coverage and ineffective risk methods. Physical security Process and procedure How is security perceived

Characteristics of alignment Convince colleagues that the role is to deliver security to support every day decisions Initiate the view that security is also there to improve management Help the organization by taking and mitigate risks Make sure that security developments respond to market developments Help departments to align strategic and operational activities from a security perspective Emphasize that legitimacy of security not only comes from expert knowledge but also from –Business understanding –Skills of people –Management ability and –Communication expertise How to align perception and development

Security performance of an organization is as good as its processes and procedures To create a model we looked at two different approaches -one, a top down approach where the top management is responsible for security and instigator and facilitator of a model like Corporate Security Management OR -two, a bottom up approach where the PFSO / PSO supported by instruments, that enables him to do so, takes the initiative for Process Improvement Management Improvements by SUPPORT

Provide the PFSO / PSO, based on the provisions of the ISPScode, the AEO guide lines, the IMO`s “ Guide to Maritime Security and the ISPScode” and other best practices with a TOOLKIT that makes it possible to: Monitor risks related to crime and terror Monitor risks related to corporate processes and procedures Monitor an instigate education and training Prepare and execute drills and exercises A process improvement model

Identify risks related to crime and terror based on example procedures best practices and a cost calculation model Identify risks related to organizational processes and procedures and measures how to mitigate or improve them based on example procedures and process risk matrix Provide standards for education, training, drills & exercises based on best practices and examples how to implement them Recommend changes and implement improvements, by a clear statement why change is necessary, a clear vision how this will affect the organization, an implementation strategy, communication planning Model, work in progress

Questions?