Adieu, Arafat! [more...]

New Demands for Passenger Name Records [more...]

TSA to Launch Known Shipper Program [more...]

Russian Spies Again Target U.S. [more...]

If Only They Had Had Insurance [more...]

Designer Drugs Now Popular in the Workplace [more...]

FTC Steps Up Effort to Can Spam [more...]

New Year's Security Resolutions [more...]

Risk Management and the Relationship to Physical Security Forces [more...]

Will the passing of Yasser Arafat bring peace to the Middle East? The question, of course, is an important one not only for the Palestinians and Israelis but the free and democratic nations of the world as well. We suspect the U.S. will be one of many beneficiaries of this important event. Consider that since the former Palestinian leader "renounced" violence during the Oslo Peace Accords on September 13, 1993, at least 53 Americans have been murdered and at least another 83 Americans have been injured by Palestinian terrorists under his direct authority. Excluding the September 11 attacks, approximately 700 Americans have been killed and 1,600 wounded in terrorist attacks since 1970. Arafat's Fatah, the Popular Front for the Liberation of Palestine (PFLP) and Hezbollah carried out many of these attacks and hundreds of others around the world. Most memorable was the hijacking of the Italian cruise ship Achille Lauro. On October 7, 1985, a four-member PFLP death squad took over the ship as it was sailing from Alexandria, Egypt, to Israel. Arafat's terrorists murdered a disabled U.S. citizen, Leon Klinghoffer, by throwing him over the side and into the sea to drown. The rest of the passengers were held hostage for two days and later released after the terrorists turned themselves in to Egyptian authorities in return for their freedom. Perhaps his most despicable act was in 1972, when 5 of his fanatic followers entered the Olympic Village in Munich Germany, and slaughtered 11 unarmed and helpless Israeli athletes in cold blood. But over the years, Arafat has been responsible for killing far more Palestinians than Israelis. His victims were moderates who opposed the killing of children, hijacking passenger planes and giving reward money to the families of his homicide bombers-in fact, all those who dared to promote a non-terrorist "solution."

Shortly after Arafat's death, in a hurried effort to project continuity, the PLO elected former Palestinian Prime Minister Mahmoud Abbas its new leader. The world looks anxiously at Mr. Abbas in hopes that he pursues the path of peace for his people. Regardless, for Americans it is likely we will be safer. It is doubtful Abbas or any of his cabinet will be able to export terrorism and death better than the Egyptian-born terrorist who called himself Yasser Arafat.

The Transportation Security Administration (TSA) has demanded that 72 airlines give the agency June's passenger data in order for it to test the Secure Flight passenger prescreening program. TSA officials said the airlines have been told to handover all Passenger Name Records (PNRs) from June 2004 no later than November 23. While the TSA has yet to reveal which, if any, have not complied, officials estimate that the order will produce approximately 50 million PNRs. The unfiltered data dump is likely to include credit card information, travel itineraries, home addresses, unlisted telephone numbers, and meal requests which could reveal a passenger's religion or ethnicity. The TSA has exempted the information they collect for a number of important protections provided by the Privacy Act, such as passenger's rights to access and correct personal data. The TSA intends to compare PNRs against information compiled by the Terrorist Screening Center, which will include "selectee" and "no-fly" lists. The TSA plans to map their data against profiles it has developed using "suspicious indicators associated with travel behavior" and commercially available databases.

Under the recently passed Department of Homeland Security Appropriations Act of 2005, no funding may be used to deploy Secure Flight until the General Accounting Office (GAO) examines the privacy implications and other aspects of the program. The GAO has until March 2005 to submit its report to Congress.

Unscreened cargo on passenger planes has been a known security vulnerability for decades. Now the Transportation Security Administration plans to do something about it. Last month the TSA proposed rules requiring background checks on all workers who handle freight, as well as centralized vetting of applicants in the Known Shipper program. The program will determine who will be allowed to ship cargo in the bellies of U.S. passenger planes. The TSA said it is developing a cargo "pre-screening"/profiling system that targets shipments based on a set of rules to flag suspicious shipments. Critics say the proposed regs don't go far enough. Massachusetts Rep. Ed Markey says the only way to obtain complete security is to inspect all freight, not just random pieces. The TSA is taking comments on the proposal until January 10, 2005.

According to the TSA, there is an estimated 12.5 million tons of air cargo transported per year, 2.8 million tons on passenger planes. The remaining 9.7 million tons of freight is being shipped in cargo planes.

The Russians are at it again. President Vladimir Putin has put his international spy network back to work. However, unlike during the Cold War era, this time he's got his spooks looking for U.S. industrial secrets. Some military leaders dismiss Putin's push as an attempt to once again appear as a "world player." White House insiders are less cavalier. "The big problem," says one source, "is that the Russians cannot afford to develop their own technology. Without stealing someone else's industrial know-how they will continue to live in the 1950s for the next century." Savvy security professionals have long known about the threat. Said one security manager, "The Russians and Chinese both want our technology and both are willing to steal it."

Putin is no stranger to intrigue. After graduating from college in 1975, he joined the KGB where he worked in the foreign intelligence service division, mainly in Germany. He left the KGB in 1990 and entered politics.

Marsh & McLennan, the world's largest insurance broker, and AIG, a diversified insurance giant, had impressed Wall Street for years. The two firms had grown faster and produced more profits than most of their competitors combined. Company insiders insisted their success was attributable to industry "smarts" and their savvy leadership. Now a different explanation has begun to emerge. New York State Attorney General Eliot Spitzer has charged both firms with criminal misconduct, claiming they conspired to manipulate the insurance market through bid rigging and insider dealing. The latest to be embroiled in the scandal is Employers Reinsurance, part of GE Insurance Solutions. Saturday, following the Thanksgiving holiday, the firm said that it gave Marsh inflated quotes on about 10 occasions when bidding for premiums of less than $1 million. Marsh's CEO, Jeffrey Greenberg has already stepped down. Greenberg also has two sons in the industry: one heads AIG, the other heads the troubled ACE. Replacing Greenberg is Michael Cherkasky, who has been at Marsh only since July and was once Spitzer's boss. Market watchers say it was no coincidence that Marsh selected Cherkasky to head the troubled firm while Spitzer is on their case.

Recently, a new class of illegal drugs has found their way into the American workplace. These synthetic and dangerous substances are commonly called designer drugs; however, this seemingly benign description is a cruel distortion of reality. Designer drugs first came into vogue in the late 90s and were used almost exclusively by young, urban party-goers. Their parties, called raves, rarely start before midnight and often don't end until well after daylight. Loud music, incessant dancing and illegal drug use are their signature. Of the drugs used at raves, one of the most dangerous is gamma-hydroxbutyrate, or GHB.

Produced as a grainy, off-white power, GHB can be dissolved in water, juice, soda or alcoholic beverages and is ingested orally. The drug's highly concentrated street form is almost always found as a clear, water-like liquid. GHB is manufactured from its precursor, gamma-butyrolactone (GBL). GBL is a solvent found in furniture stripping and floor cleaning products, nail polish and super-glue removers. The GHB it produces intensifies the effects of other drugs and alcohol. GHB produces insomnia, anxiety, nausea, delusions, seizures, and sometimes death.

Sold in single or double dose quantities, users no longer restrict its use to after work. Increasingly, GHB and other dangerous designer drugs are being sold and used in the workplace. The unpredictability of these substances when combined with alcohol or other drugs possibly makes them the most dangerous drugs in today's workplace. For more information about GHB contact the National Clearinghouse for Alcohol and Drug Information or The Partnership for a Drug-free America.

Everyone hates those pesky E-mail messages promising health, wealth and happiness. Everyone, it seems, except the Federal Trade Commission. In fact, the FTC collects them. Since January 1, 2001 the FTC has received millions of spam messages, forwarded by fed-up e-mail users to mailto:www.ftc.gov/. For what? To get the goods on purveyors of chain letters, pyramid schemes and other net-frauds. The FTC takes legal action against those who promote get-rich quick schemes, prescription drugs and illegal on-line gambling. According to the FTC, one out of three on-line offers is illegal or promotes an illegal activity.

Now is a good time to review your some of your internal security procedures and protocols. Here are a few of our recommendations:

• Change all of your computer passwords. Passwords should contain a combination of at least six letters and numbers and should be changed quarterly.
• Change the combination to all safes, combination locking mechanisms and doors.
• Conduct a key inventory. Ensure those who have been issued keys still possess them. If any keys cannot be accounted for or have been issued to individuals that are no longer employees, change the locks.
• Reissue all access cards. Disable those which are missing or have been reported lost.
• Test your fire and alarm system.
• Replace batteries in all smoke alarms.
• Inspect all fire extinguishers and internal fire suppression systems. Service those that need servicing.
• Inspect all first aid kits and emergency medical stations. Restock as necessary.
• Verify the names and telephone numbers on your emergency call lists.
• Test cameras, monitors and recorders. Repair or replace those components which do not function properly.
• Communicate and reaffirm your organization's ethics, confidentiality, sexual harassment, substance abuse and search policies.

The key principles to risk management include the following:

1. Employ only the minimum amount of security to neutralize a specific threat.
2. Monitor the risks or threats continuously.
3. Have a plan that addresses an escalation of threats.
4. Place responsibility upon all employees to report violations of rules.
5. Have a specified chain of command for emergencies.
6. Train for incidents and for the specific responses described in the plan.

1. Low threat: Normal world conditions, no specific threat directed against the facility. Generally, minimum physical security standards apply, i.e. locks, fences, lights, and unarmed security officers. Security officers should conduct patrol inspections, look for access rules violations, prepare reports and should respond to emergency situations. All employees should receive security awareness training during pre-employment training.
2. Medium threat: A general threat is conveyed against the community. A typical response during this level is to review security and emergency response plans to ensure accuracy and to ensure feasibility. Security awareness information is disseminated to all employees and security personnel are trained for all contingencies, or at least for the expected ones. Security personnel strictly enforce access procedures, i.e. badging and visitors. Receptionists and mailroom personnel are trained for emergency contingencies.
3. High threat: A specific threat is communicated against the facility. Security personnel are augmented, critical areas are strictly controlled, information about all emergency plans is released to all employees and rehearsals for evacuations are conducted. Any special equipment needed for a response is put on contract or staged on site.