Sunday, 7 June 2015

ISO9001:2015 Leadership

 Benefits to International Security Providers

The new Quality Management System Standard ISO 9001:2015 is expected to be published late 2016.  This new updated standard focuses on an ongoing standardisation format of all ISO Standards, as well as requiring greater focus on leadership. International Organization of Standardisation state that:

'Leadership requirements will be consistent across all of the ISO's management standards as they are revised in the future,, helping to demonstrate that certification is a clear sign of an organisation meeting international best practice'.

With this new focus from ISO not just on format but on quantifying and providing more structure for organisational leadership, this is a potential advantage which the forth coming ISO Standard for ISP's may have over the ASIS PSC 1 Standard.

ISPs have already started gaining certification to the ASIS PSC 1 Standard, designed to provide ISPs with a formal mechanism designed around meeting the requirements of the International Code of Conduct.  However with the new ISO 9001:2015 update and the ISO standardisation of standards, I am encouraged for the ongoing drafting and development of the ISO equivalent to the ASIS PSC 1 Standard within the UK, which will assist in providing not just a framework for compliance to the ICOC, but structure and focus to leadership.

With this in mind it is imperative that these standards be they PSC 1 of the forth coming ISO for ISPs and their management systems are adopted and effectively maintained in the manner they have been designed.

Like all incidents or set backs in industry, it is focus on post review, root cause analysis and implementation and monitoring of corrective actions which can prevent reoccurrence and continual improvement.  Post Nisour Square convictions of the four Blackwater Operatives in the United States, ISPs, more than ever need to effectively demonstrate compliance to the ICOC, legal requirements as well as providing systems through effective leadership to enhance confidence in their market with regard to current and new opportunities.

The Nisour Square convictions and other previous incidents in Iraq and Afghanistan have illustrated that ISP have in some instances been found wanting.  Concerns of this nature, within the international community, undermine the ISP Market and illustrate the need for controls to be in place to ensure legal compliance, governance and transparency within corporate as well as operational teams.  Without clear direction and effective leadership, the ISP Market may well be in jeopardising future contracts and the overall sustainability of its own market.

Skills related to sound leadership and experience in the field, in tactical (and indeed longer term strategic) situations, is a very real and developed advantage, which current and past member of the military have over civilian organisations.  The need for good leaders and indeed leadership itself as a skill, is somewhat lacking in many modern organisations and in current industries.

The ISP market must continue to rail against disparaging terms such as 'Mercenary' or 'Guns for Hire' and represent itself for what it is; an integrated element of the UK / US Security Strategy, as well as a much needed professional service provider which protects NGO, Aid Agency and International New Agencies personnel, operational activities and assets world wide.

At present I believe that it is the minor actions of the few which is being used to judge the majority of the ISP Market.  There have of course been media worthy incidents and individuals who have acted illegally with the result that innocent civilians are hurt or killed.  But there have also been numerous occasions where, through the unselfish actions of the ISP Personnel on the ground, very often with greater practical knowledge, training and/or experience in comparison with their regular troop counterparts, numerous lives have been saved and more serious incidents have been prevented.

These include:
1. Will Scully - 1997 Freetown, Sierra Leone.  Protected 1000 civilians during a siege of a hotel by over 200 armed rebels and single handedly leading the 1000 civilians to safety.  Will was awarded the Queens Gallantry Medal for his heroic achievement.
2. Blackwater - Najaf Square Siege.  Blackwater Operatives held the coalition compound which was under attack with Blackwater Littlebirds flying in supplies and taking out wounded during the attacks.
3. Blackwater - 10 Oct 2007 the rescue of the Polish Ambassador
4. Craft - April 2003.  Provision of monitoring and security at the Boston Marathon Bombing Incident.

However, it is important that the less flattering incidents such as Nisour Square and Fallujah, are seen to clearly generate corrective actions, have them identified and them identified and them implemented within the ISP Market, Market Standards and individual management systems to prevent similar occurrences, but these incidents should never used to subsequently label all ISPs who provide professional and effective services so effectively.

In a similar manner to Health and Safety legislation in the UK (those more practical elements at least), it is the actions with prevent incidents, injury or even death that we are unable to quantify accurately and as such are overlooked or discarded.

(I have the privilege of knowing members and ex-members of her Majesty's Armed Forces, most of whom held / hold the rank of NCO or higher.  I have also seen men with exemplary military service having to settle for a second rate career sitting as a civilian security guard on a gate, or behind a reception desk, because civilian employers do not understand their qualifications, initiative, drive, leadership and problem solving abilities which could openly benefit a civilian organization if properly directed and managed.)

In terms of ISPs however, through effective and efficient implementation of these new management system standards, and through clear and precise leadership, it is clear that these companies can assist in ensuring continual improvement and enhanced capability in current and new potential security markets, which will surely contribute to the overall global security.

Friday, 1 May 2015

Defence not defiance

Defence not Defiance

International Security Providers and a potential proactive solution to the Mediterranean migrant crisis

The significant increase in the movements of migrants in the mediterranean is a stark and immediate reminder of the ongoing and 'infectious' state of instability in the Middle East and Africa.

With the alarming numbers of migrants being rescued, or dying in transit, the EU are under increasing pressure to provide resources and assistance in the midst of chaos and tragedy.  Boatloads of people risk their lives to gain access to Europe, and are reported to be coming through illegal trafficking routes out of Turkey, Libya, Western Africa and other countries with coast lines on the Med - an area traditionally known for its commercial and leisure shipping, rather than as a focus for illegal human trafficking and human rights violations.

Rescues are being made not just by naval and coast guard vessels, but by merchant vessels.  As the International Maritime Organisation, IMO, have reported, 'The current illegal migration in the Mediterranean is stretching authorities to breaking point'.

With the Italian Coast Guard and the EU Force Joint Operation Organisation 'Fronted', currently in the forefront of the current of illegal migrants / refugees, it creates concern, when it is reported by the International Press that the Icelandic Coast Guard Vessel 'Tyr', which forms part of the Fronted Force', coming under attack from a speed boat during a rescue mission and that the boat of gunmen make off with the boat now empty of refugees in the direction of Libya.

The concern is not just the strategy of human traffickers, which may illustrate 1. they are running out of boats or 2. a potential future trend to primary, a speed boat today, a larger vessel tomorrow.  But that the 'Tyr' with her 40mm Boers Cannon, various small arms and portable weapons and crew, did not take action in order to defend the refugees as well as preventing the gunmen taking their prize vessel, which can be reused to send more migrants to either the EU or their deaths.

After the meetings held by the EU last week, strategies to cope with the current flow of migrants are being developed, but the strategy of the EU for 'rescue' could be construed as having the wrong focus.  The human traffickers and migrants know that all they need to do is to continue to abandon a boat full of migrants out in the Med and the Italian / EU forces will do the rest, including bringing its passengers to the EU Mainland.  
Surely this in itself is flawed, as it will not stem the flow or migrants, but instead encourage the traffickers and increase the flow, and thus risk more deaths.

The migrant crisis, if left insufficiently addressed, has certainly the potential to turn out to be another Somalia.  An area in which terrorist organisations and organised crime can thrive, train and grow, but this time right on the door step of Europe and within target distance of international shipping lanes, both commercial and leisure.  Perhaps again leading to untimely peacekeeping intervention and its difficulties with regard to management.

In addition, growing numbers of migrants being allowed to enter the EU territory will only increase pressure on the EU countries, including the UK, to develop mechanisms and methods of dealing with the influx.  This in turn creates a security issue, with the Med being a haven for potential piracy, a route for retuning jihadists / would be terrorists to enter mainland Europe, and an unquantified number of migrants, potentially a threat in itself, to stretch further the strained infrastructure and resources of the EU.  There elements pose a real risk to the security and wellbeing of residents in the EU and especially the UK through further increased pressure on the national health service, education, social security, housing, etc.
The must be a determination to be made, with regard to the saturation point for the UK and other EU countries in terms of new numbers of people, until existing infrastructure starts to seriously be affected?

With reports of IS moving into the vacuum in Libya, the international community and NATO cannot allow them to gain a foothold in this region.  This, with the significant unquantified number of refugees and migrants wanting to enter the EU, of necessity must create a buffer zone outside EU territory in order to:
  • provide a safe and secure staging location and collection point for migrants, thereby permitting time and space for effective processing.  Including the consideration of other countries including UAE, Dubai etc to assist.
  • provide a central location were countries, resources, aid agencies, human rights monitors etc can focus their resources.
  • provide a central location to allow migrants, if deemed appropriate, to be sent back to their country of origin or to the nearest safest country to their country of origin. 
  • Once central location which can be built around a purpose built airstrip to ensure effective movement of aid and assistance, which can be controlled.
  • One central location can be designed, located and secured more effectively than a number of make shift camps.  One location can be secure and maintained, as we have precedence of Camp Bastion etc for a reliable example. 
The collection point can relieve the pressure and provide breathing space in terms of handling unknown figures of migrants and thus relieve the pressure currently being experience by Italy, Malta, etc.

Rescue efforts in bringing migrants to the EU is in itself part of the problem and encourages human traffickers to continue to leave their 'customers' adrift, as they delegate the delivery of their loads to the EU and Fronted.

Whatever the EU strategy moving forward including the 10 point action plan, the mindset should be that of defence, not defiance.  We must not ignore the plight of these migrants on one hand, yet conversely - our actions can not be to the detriment of the security and defence of the EU mainland or the UK.  This situation could well be bigger that what the EU can handle, especially as their efforts very regularly are underwritten by a small number of EU countries.

To ensure our defence and not to defy human rights, where reasonably practicable, I believe that future strategies should include the employment of experienced, qualified, competent and certificated International Security Providers, or known by some as PMSCs.  These companies and their personnel have had some bad press in recent weeks, especially with the convictions of the Blackwater personnel in relation to the Nisour Square incident, but the majority of their work is very often overlooked, with little credit given for when they get it right.  They have wide field of experience, are made up of our ex-military personnel and provide a wide ranges of services based on their experience within Maritime security, Intelligence, anti piracy, emergency relief and in providing structure infrastructure and security in unstable environments around the world.

These professional companies under their new PSC 1 International Quality Standard amy be able to assist the EU in providing support of the new promised resources.  There can be little doubt that the ISPs will bring much needed experience and competence which can potentially be lacking within individual European agencies and some EU countries national forces which deploy on behalf of NATO.

Sunday, 8 March 2015

We do not know we do not know

'Vladimir Putin International Security Inc'
Worst case scenario - prevention measures

The development and drafting of the new forth coming ISO PMSC Standard, which is based on ASIS's PSC 1 Standard is currently in development, however the PMSC Market continues to grow and international security demands appear to be increasing dramatically.

With security situations throughout the world appearing to be at a new high, with the continued growth of IS, the security flux within Iraq and Afghanistan and attacks being witnessed from the UK, to Paris, to Denmark and Australia the security industry and international security parameters appear to be entering a new era.  Transportation of illegal immigrants from Libya to Italy demonstrating weaknesses in EU border controls which IS and other affiliate organisations can extort, reports of unidentified UAVs flying over French landmarks in Paris, believed as a new tactic by terrorist in carrying out assessments and recces for possible attacks and teenagers being radicalised over the internet and leaving their homes to fight with IS in their own Jihad, all illustrate the extent of development and risk which the international security forces appear to be struggling to keep up with.

The standardisation of performance, control and oversight of the PMSC Market is vital, but it also needs to be supported and backed up by approved legislation.  Security Services need support and resources which their Governments and the EU appear unable to provide. With the skill sets, knowledge and experience which ex military force personnel can provide, the PMSC Market needs approved legislation to ensure that their market industry can function with the required professionalism and oversight which will ensure confidence and reassurance its clients and other interested bodies require.

How do we currently prevent a PMSC company, in the aftermath of Iraq and Afghanistan requiring new contracts from behaving like Putin is currently in the eastern states.

Myself and other more qualified writers suggest legislation needs to drawn up in consultation with the PMSC Market, not lead by it.  Legislation needs to be developed by Governments with input from PMSCs and other interested parties.  PMSC Market Infrastructure and controls need to be lead and monitored by governments or an independent body to ensure control and governance is independently managed.  Governance is required to control market structure in such a way that PMSC Companies are required to meet standards,  in the same way which industries are required to meet the requirements of H&S Legislation.  They may have an input into it, but it is finalised and controlled by Government and the Health and Safety Executive.  When there is a breach then the HSE are involved in prosecutions.

Consideration should be given to:
  1. National and International Law
  2. An international Enforcement Body with powers to enforce actions and to inspect and audit PMSCs
  3. Approved codes regarding which countries clarify for employing PMSCs and which are not.
  4. Greater reporting and clarity for operational control measures and performance of PMSCs to the International Enforcement Body, similar to RIDDOR reporting to the HSE, but more controlled.
I thoroughly believe that the implementation of PMSC Standards are a step in the right direction and that these will assist in raising standards, but without legislation the PMSC Market is setting itself up for a fall.  We need to ensure that controls and oversight are in place, with more enforcement than that EU is showing at present with Putin, that companies which do not comply with the PMSC Standard and new legislation will not be able to trade or compete for contracts within the PMSC Industry.

Thursday, 12 February 2015

'Shall we play a game - How about a nice game of chess?'

IS publishing video clips of beheadings and recruitment films, US Centcom Twitter Account being
hacked, the Metropolitan Police bill now passing £10m for the cost of guarding the Ecuadorean Embassy to ensure that Julian Assange does not escape custody, are all recent and ongoing examples that the internet and its facilities have been allowed to grow without appropriate oversight and security.

The field of International Security continues to grow from the fast developing industry of Private Military Security Companies, the use of UAVs and drones for the use of surveillance and a military tool, to the infinitive structure of the internet and the implications of connectivity within the security and battle space.
David Kilcullen states in his book 'Out of the Mountains' that from his research the following four elements may very well become the main drivers of future conflict:
  • Population Growth - The continuing rise in the planets total population.
  • Urbanisation - The tendency for people to live in larger and larger cities.
  • Littoralization -The propensity for these cities to cluster on coastlines.
  • Connectivity - The increasing connectivity among people, wherever they live to the internet and satellite TV, mobile phone networks etc.

It is the element of connectivity I wish to discuss briefly as the online security, the growth of computer hacking, the increase use of Facebook, Twitter, Youtube and others are all becoming more prevalent in todays society and within the security arena.  The growth in social media continues to develop and has been observed as being used for good and otherwise.

On the 3rd February 2015 the Independent Newspaper confirmed that a new specialist force is being created within the British Military Infrastructure for the purpose of 'non lethal forms of psychological warfare' through the use of social media.  As describe in the article as 'The fight in the information age'.
This unit is to be made up of regular and reserve troops as well as civilians.  This move illustrates the importance and effectiveness the on line battle has become, and the need to enhance security on line to enhance the security in the 'real world'.  Good luck to Brigade 77 and I trust that they will respect the origins of their unit's name and history and strive to uphold the traditions of its predecessors; 'The boldest measures are the safest'.

The recruitment of both military personnel and civilian personnel, highlight the need in our armed forces for outsourcing expertise, but this is a topic for a future article.

Back to connectivity.  As detailed in Kilcullen's book, the internet is providing the information and organisational infrastructure for organisations from IS to the public movements behind the Egyptian, Libyan and other countries uprising under the banner of the Arab Spring.  As we have learnt through the study of IS's tactics and the tactics observed in the Arab Spring, the internet has  and is playing a pivotal role on the PR front for legal and illegal groups, as well as allowing instant communication throughout the world to raise support, awareness and funds for the causes.

The protestors strategy observed in the Arab Spring, through social media facilities consisted of:
  • Facebook - A central depositary to organise and announce details of protests.
  • Twitter - A command and control coordination tool - was used very effectively on the ground to co-ordinate on the ground strategy and direct movement of large groups of people instantly. 
  • Youtube - The media channel -  used as the 'newsroom' where videos from smart phones, cameras etc where posted for the audience of the mass media outlets and national and international supporters, enhancing support.
In a similar fashion, this online structure was efficiently used by the organisers of the Mumbai attacks and coordinated from Pakistan.   Monitoring of live feed from news broadcast via TV and Facebook and Twitter and communicating to the attackers on the ground from their ops room in Pakistan, the online facilities were the backbone of the terrorists command and control functions.

It does appear that Security Forces in these countries and to a certain degree internationally are playing catch up regarding combating and utilising the use of Social Media within the Battlespace.  Hackers in China using the label of Anonymous, republican demonstrators funded in Dublin by Sinn Fein / IRA manipulating Facebook and Youtube, Pedophile rings grooming children online, to faceless hackers under the banner of Anonymous, hacking accounts and websites just for the 'lulz', the internet has been purposely allowed to grow into a wild west environment without no oversight or control.
Although some say this is in the name of 'freedom of speech' the internet is a social and commercial being, and as such the organisations which function within it must be responsible to contribute to its security.  In fact it should be the responsibility of all of us who must exercise a duty of care to ensure the security and welfare of individuals, families, nations, companies and governments.

As reported in the BBC news 4th November 2014, the UK GCHQ announced that 'tech firms' are 'in denial on extremism'.  I believe this denial is not just by the Tech Firms, but by us all.  Tech Firms, especially Facebook, Twitter, Youtube and the like must enhance the protection of its users and cooperate with the Security Services to enhance the security for all their users.  Promotion of terrorist organisations must be stopped, feeds on Facebook from UK men and women who have travelled to the middle east to fight with IS must be made known to the security services to enhance the security of the real world.

If this is not done, the terrorism and illegal actions of the misusers will grow and the game of chess between the security services will continue in a revolving circle, increasing out of control.  Tech Firms and users need to wake up and assist the Security Services, otherwise future murders by IS such as Moas Al-Kasasbeh, the Jordanian pilot, who was burnt alive or Lee Rigby, where his murders actually posted their planned intents will be on the tech firms key strokes and profit margins.

Wednesday, 28 January 2015

PMSC Security Industry - The next step

Having been involved, in a small way, in the development of the ASIS International Standard PSC 1 2012, I was happy to see this standard has now entered the industry formally through Intertek and MSS Global being granted UKAS accreditation.  

In addition I was equally encouraged to find out that companies have also recently qualified to certify companies to the ISO 280000 Maritime Security Standard.

I believe that these early accreditation's, if managed correctly, are the starting blocks to ensure the legitimacy of the International Code of Conduct, ICOC, and the industry as a whole. 

As published by UKAS in November 2013 the following companies have now been approved to certify companies to the following standards:

  • Certification of land based private security companies to ANSI/ASIS PSC 1-2012
    • Intertek Certification Ltd
    • MSS Global Ltd
  • Certification of Maritime Private Security Companies to ISO 28000:2007
    • LRQA Ltd
    • MSS Global Ltd
However it is not the end of the journey, as the pressure and responsibility now lies with UKAS, the Certification Companies and the PMSCs to ensure that standards are maintained within the Lead and Internal Auditing Processes so that these standards are upheld to enhance confidence in their effectiveness and maintained by the PMSCs for the right reasons of continual improvement.

It remains the responsibility of the PMSCs themselves to ensure that these certifications are achieved, maintained and continually improved and not just treated as a tick in the box or a certificate for the reception wall which allows them to tender for jobs.  
These standards have been written and developed for the enhancement of the control, transparency and oversight of the industry, for the formulation of a growing industry which is vastly misunderstood and written as a framework to demonstrate how companies comply with human rights as well and international law.

PMSCs now have the opportunity to formally gain certification to these standards and prove that their company, their personal and their actions are legitimate and that through their actions their market can be made more sustainable.