The Carpenter, Not the Hammer, Builds the House March 8, 2012
Posted by Chris Mark in InfoSec & Privacy, Risk & Risk Management, weapons and tactics.Tags: Chris Mark, cybersecurity, InfoSec, mark consulting group, risk management, security
add a comment
I was in a discussion yesterday with a friend of mine who happens to be the Editor in Chief of The Counter Terrorist Magazine. Chris and I served together long ago and I always enjoy talking to him as he is one of the most insightful people I know. He mentioned what he felt was the over reliance on technology in CT operations and how it was causing people to lose sight of the fact that it is the people that matter and not the tools.
I find this particularly relevant in all areas of security but especially in information security. In a past life I operated as a Marine Scout/Sniper. When my civilian friends learn of this, it is not uncommon for me to hear the question: “What is the best rifle to use?” (more…)
Security 101: “You don’t have to out run a bear…just your friends” February 22, 2012
Posted by Chris Mark in InfoSec & Privacy, Piracy & Maritime Security, Risk & Risk Management, weapons and tactics.Tags: armed security, arms race, Chris Mark, cybersecurity, InfoSec, Piracy & Maritime Security, risk, risk management, security
add a comment
Yesterday MSNBC had a story that discussed the “arms race” between Somali pirates and shipping companies. The article discussed the increasing violence of the pirates. While this should come as no surprise to anyone, it is a single statement that caught my attention. “Greater use of private armed security guards on ships and a much tougher approach by international navies is beginning to work, some… say. (more…)
“Lipstick on a Pig”- Vetting Armed Security Part 3 February 21, 2012
Posted by Chris Mark in Piracy & Maritime Security, Risk & Risk Management.Tags: Anti Piracy, armed security, Chris Mark, Maritime Security, Piracy & Maritime Security, risk management, security, vetting security
2 comments
The recent event where Italian military personnel killed “suspected pirates” off the coast of India should provide an exclamation point to shipping companies on the need to carefully evaluate the armed security protecting their vessels. While military personnel were involved in this particular incident, it is simply a matter of time before private military contractors make the same mistake. This post is part 3 of a series of posts on vetting companies. You can read the previous posts here and here.
One of the tactics being employed by many companies within the maritime security arena, and especially those with little experience, is to promote the fact that they are “ICOC signatories” as evidence of their professionalism and expertise. While there is little debate that the ICOC is a step in the right direction toward gaining some form of control over a growing industry, the ICOC is NOT and should NOT be viewed as anything more than what it is. Using the ICOC as any basis of evaluation of a security company is both dangerous and short sighted. All companies should be signatories of the ICOC. That being said, the ICOC is not intended to be a governance document or standard. The purpose of the International Code of Conduct for Private Security Companies (ICOC PSC) is to: (more…)
“Pick your poison” – Security or Convenience February 15, 2012
Posted by Chris Mark in InfoSec & Privacy, Risk & Risk Management.Tags: access control, armed security, Chris Mark, mark consulting group, markconsultinggroup.com, risk management, security, security policy
3 comments
I have discussed the challenges of security & convenience for some time. The latest news regarding the 10 year breach of Nortel gave me new fodder for the discussion.
Whether we are discussing information security, physical security, operational security (to name a few) the concepts of security & convenience are diametrically opposed. When we talk of convenience we can include operational efficiency in the discussion. Consider a companies like Nortel with a large IT infrastructure. One one side of the discussion is the IT department. They are constantly hearing about how they need 99.999 uptime and faster systems. In the payment card industry where transaction times are critical additional latency can be problematic. They also hear over and over about how someone needs more access to more data. (more…)
Vetting Armed Security Providers February 13, 2012
Posted by Chris Mark in Risk & Risk Management.Tags: armed security, kevin doherty, maritime piracy, Maritime Security, nexus consulting, Piracy & Maritime Security, risk management, Somalia
1 comment so far
Nexus Consulting’s CEO, Kevin Doherty was kind enough to let me post a questionnaire his company developed specifically for companies considering the use of armed security on ships. Nexus has conducted hundreds of transits through the Gulf of Aden and is one of the original maritime security companies and currently one of only 3 companies in the US that work with US Flagged vessels. Please download the document here.
Global Security, Privacy, & Risk Management 