We do not know we do not know

'Vladimir Putin International Security Inc'

Worst case scenario - prevention measures

The development and drafting of the new forth coming ISO PMSC Standard, which is based on ASIS's PSC 1 Standard is currently in development, however the PMSC Market continues to grow and international security demands appear to be increasing dramatically.

With security situations throughout the world appearing to be at a new high, with the continued growth of IS, the security flux within Iraq and Afghanistan and attacks being witnessed from the UK, to Paris, to Denmark and Australia the security industry and international security parameters appear to be entering a new era.  Transportation of illegal immigrants from Libya to Italy demonstrating weaknesses in EU border controls which IS and other affiliate organisations can extort, reports of unidentified UAVs flying over French landmarks in Paris, believed as a new tactic by terrorist in carrying out assessments and recces for possible attacks and teenagers being radicalised over the internet and leaving their homes to fight with IS in their own Jihad, all illustrate the extent of development and risk which the international security forces appear to be struggling to keep up with.

The standardisation of performance, control and oversight of the PMSC Market is vital, but it also needs to be supported and backed up by approved legislation.  Security Services need support and resources which their Governments and the EU appear unable to provide. With the skill sets, knowledge and experience which ex military force personnel can provide, the PMSC Market needs approved legislation to ensure that their market industry can function with the required professionalism and oversight which will ensure confidence and reassurance its clients and other interested bodies require.

How do we currently prevent a PMSC company, in the aftermath of Iraq and Afghanistan requiring new contracts from behaving like Putin is currently in the eastern states.

Myself and other more qualified writers suggest legislation needs to drawn up in consultation with the PMSC Market, not lead by it.  Legislation needs to be developed by Governments with input from PMSCs and other interested parties.  PMSC Market Infrastructure and controls need to be lead and monitored by governments or an independent body to ensure control and governance is independently managed.  Governance is required to control market structure in such a way that PMSC Companies are required to meet standards,  in the same way which industries are required to meet the requirements of H&S Legislation.  They may have an input into it, but it is finalised and controlled by Government and the Health and Safety Executive.  When there is a breach then the HSE are involved in prosecutions.

Consideration should be given to:

1. National and International Law
2. An international Enforcement Body with powers to enforce actions and to inspect and audit PMSCs
3. Approved codes regarding which countries clarify for employing PMSCs and which are not.
4. Greater reporting and clarity for operational control measures and performance of PMSCs to the International Enforcement Body, similar to RIDDOR reporting to the HSE, but more controlled.

I thoroughly believe that the implementation of PMSC Standards are a step in the right direction and that these will assist in raising standards, but without legislation the PMSC Market is setting itself up for a fall.  We need to ensure that controls and oversight are in place, with more enforcement than that EU is showing at present with Putin, that companies which do not comply with the PMSC Standard and new legislation will not be able to trade or compete for contracts within the PMSC Industry.

'Shall we play a game - How about a nice game of chess?'

IS publishing video clips of beheadings and recruitment films, US Centcom Twitter Account being
hacked, the Metropolitan Police bill now passing £10m for the cost of guarding the Ecuadorean Embassy to ensure that Julian Assange does not escape custody, are all recent and ongoing examples that the internet and its facilities have been allowed to grow without appropriate oversight and security.

The field of International Security continues to grow from the fast developing industry of Private Military Security Companies, the use of UAVs and drones for the use of surveillance and a military tool, to the infinitive structure of the internet and the implications of connectivity within the security and battle space.

David Kilcullen states in his book 'Out of the Mountains' that from his research the following four elements may very well become the main drivers of future conflict:

• Population Growth - The continuing rise in the planets total population.
• Urbanisation - The tendency for people to live in larger and larger cities.
• Littoralization -The propensity for these cities to cluster on coastlines.
• Connectivity - The increasing connectivity among people, wherever they live to the internet and satellite TV, mobile phone networks etc.

It is the element of connectivity I wish to discuss briefly as the online security, the growth of computer hacking, the increase use of Facebook, Twitter, Youtube and others are all becoming more prevalent in todays society and within the security arena.  The growth in social media continues to develop and has been observed as being used for good and otherwise.

On the 3rd February 2015 the Independent Newspaper confirmed that a new specialist force is being created within the British Military Infrastructure for the purpose of 'non lethal forms of psychological warfare' through the use of social media.  As describe in the article as 'The fight in the information age'.

This unit is to be made up of regular and reserve troops as well as civilians.  This move illustrates the importance and effectiveness the on line battle has become, and the need to enhance security on line to enhance the security in the 'real world'.  Good luck to Brigade 77 and I trust that they will respect the origins of their unit's name and history and strive to uphold the traditions of its predecessors; 'The boldest measures are the safest'.

The recruitment of both military personnel and civilian personnel, highlight the need in our armed forces for outsourcing expertise, but this is a topic for a future article.

Back to connectivity.  As detailed in Kilcullen's book, the internet is providing the information and organisational infrastructure for organisations from IS to the public movements behind the Egyptian, Libyan and other countries uprising under the banner of the Arab Spring.  As we have learnt through the study of IS's tactics and the tactics observed in the Arab Spring, the internet has  and is playing a pivotal role on the PR front for legal and illegal groups, as well as allowing instant communication throughout the world to raise support, awareness and funds for the causes.

The protestors strategy observed in the Arab Spring, through social media facilities consisted of:

• Facebook - A central depositary to organise and announce details of protests.
• Twitter - A command and control coordination tool - was used very effectively on the ground to co-ordinate on the ground strategy and direct movement of large groups of people instantly. 
• Youtube - The media channel -  used as the 'newsroom' where videos from smart phones, cameras etc where posted for the audience of the mass media outlets and national and international supporters, enhancing support.

In a similar fashion, this online structure was efficiently used by the organisers of the Mumbai attacks and coordinated from Pakistan.   Monitoring of live feed from news broadcast via TV and Facebook and Twitter and communicating to the attackers on the ground from their ops room in Pakistan, the online facilities were the backbone of the terrorists command and control functions.

It does appear that Security Forces in these countries and to a certain degree internationally are playing catch up regarding combating and utilising the use of Social Media within the Battlespace.  Hackers in China using the label of Anonymous, republican demonstrators funded in Dublin by Sinn Fein / IRA manipulating Facebook and Youtube, Pedophile rings grooming children online, to faceless hackers under the banner of Anonymous, hacking accounts and websites just for the 'lulz', the internet has been purposely allowed to grow into a wild west environment without no oversight or control.

Although some say this is in the name of 'freedom of speech' the internet is a social and commercial being, and as such the organisations which function within it must be responsible to contribute to its security.  In fact it should be the responsibility of all of us who must exercise a duty of care to ensure the security and welfare of individuals, families, nations, companies and governments.

As reported in the BBC news 4th November 2014, the UK GCHQ announced that 'tech firms' are 'in denial on extremism'.  I believe this denial is not just by the Tech Firms, but by us all.  Tech Firms, especially Facebook, Twitter, Youtube and the like must enhance the protection of its users and cooperate with the Security Services to enhance the security for all their users.  Promotion of terrorist organisations must be stopped, feeds on Facebook from UK men and women who have travelled to the middle east to fight with IS must be made known to the security services to enhance the security of the real world.

If this is not done, the terrorism and illegal actions of the misusers will grow and the game of chess between the security services will continue in a revolving circle, increasing out of control.  Tech Firms and users need to wake up and assist the Security Services, otherwise future murders by IS such as Moas Al-Kasasbeh, the Jordanian pilot, who was burnt alive or Lee Rigby, where his murders actually posted their planned intents will be on the tech firms key strokes and profit margins.

PMSC Security Industry - The next step

Having been involved, in a small way, in the development of the ASIS International Standard PSC 1 2012, I was happy to see this standard has now entered the industry formally through Intertek and MSS Global being granted UKAS accreditation.  

In addition I was equally encouraged to find out that companies have also recently qualified to certify companies to the ISO 280000 Maritime Security Standard.

I believe that these early accreditation's, if managed correctly, are the starting blocks to ensure the legitimacy of the International Code of Conduct, ICOC, and the industry as a whole. 

As published by UKAS in November 2013 the following companies have now been approved to certify companies to the following standards:

• Certification of land based private security companies to ANSI/ASIS PSC 1-2012
• Intertek Certification Ltd
• MSS Global Ltd
• Certification of Maritime Private Security Companies to ISO 28000:2007
• LRQA Ltd
• MSS Global Ltd

However it is not the end of the journey, as the pressure and responsibility now lies with UKAS, the Certification Companies and the PMSCs to ensure that standards are maintained within the Lead and Internal Auditing Processes so that these standards are upheld to enhance confidence in their effectiveness and maintained by the PMSCs for the right reasons of continual improvement.

It remains the responsibility of the PMSCs themselves to ensure that these certifications are achieved, maintained and continually improved and not just treated as a tick in the box or a certificate for the reception wall which allows them to tender for jobs.  

These standards have been written and developed for the enhancement of the control, transparency and oversight of the industry, for the formulation of a growing industry which is vastly misunderstood and written as a framework to demonstrate how companies comply with human rights as well and international law.

PMSCs now have the opportunity to formally gain certification to these standards and prove that their company, their personal and their actions are legitimate and that through their actions their market can be made more sustainable.