Executive protection: Why the private sector model is broken

Executive protection detail for government officials is a world of difference from the private sector. So why are CEOs being guarded like politicians?

By Christopher Falkenberg, President, Insite Security

Many approach executive protection in the private sector much like they would a presidential detail. After all, many of the professionals in the executive protection business come from either diplomatic security or the Secret Service. But protecting the president or a diplomat is very different from protecting an executive.

The president and other high-level government figures (Speaker of the House, Cabinet Secretaries and various diplomats) are required by law to receive professional protection. As a result, they are “clients” of a security provider which they cannot change and for which they do not pay a bill.

Also read Robert Oatman on executive protection.

Executives, on the other hand, are vulnerable for a number of reasons including their wealth, controversial businesses, community standing, etc. Threats are very different for CEOs than they are for the president, requiring different security needs. CEOs who are in controversial industries (ones that involve animal testing, pharmaceutical products, and in the very recent past, the oil industry) require something different from CEOs in non-divisive industries. And all CEOs have unfettered discretion in choosing how they are protected and by whom.

Along with job-specific security requirements, there is the issue of qualified vs. unqualified security professionals. Security professionals coming out of traditional law enforcement are experts in, well, traditional law enforcement. This does not translate into executive protection experience. They could have been great homicide detectives or traffic cops working for a municipality, both are uniquely under qualified for executive protection. Conversely, those coming from the State Department or the Secret Service have the experience in protecting the President and other high level diplomats, but have never provided security to a principal who has unlimited control over their own security arrangements.

So, the executive protection model for the private sector is broken. The only thing that the security industry has sold is this half-baked, one-size-fits all solution that is not focused on the real needs of executives or their families.

The approach to executive protection needs to be from the ground up. Look at the legitimate risks to the executive and their family. Where do they reside, how do you mitigate vulnerable situations? Is the business risk specific? Is there a cycle of threatening behavior?

This is a wakeup call for the industry – to both private sector providers and corporate security providers – the service offering is predicated on a model that doesn’t apply to them. Executives don’t live in the “presidential” market place. As security professionals, we need to find the best intersection between conveniences and effective security.

Read more about employee protection in CSOonline’s Employee Protection section.

Christopher Falkenberg discusses the Discovery Channel hostage situation with Gordon Deal on The Wall Street Journal This Morning. The interview starts at 21:00 mark.

http://www.wsjradio.com/WSJAM.html

Tips for Securing Your Summer Home for the End of the Season

By Nick Caruso
RISMEDIA

August 27, 2010 – Many homeowners close their home by shutting the door, locking it and setting the alarm. If you own a home that you won’t be living in for months at a time, this simply isn’t enough to guarantee security.

According to Chris Falkenberg, a former US Secret Service Agent and President of Insite Security, an unprecedented amount of people fail to take the necessary steps to ensure that their homes are properly protected for the fall and winter months. While working with clients and companies on risk preparedness and physical security planning, Falkenberg suggests the following tips for keeping homes safe while you’re away.

Have a Professional Check Your Alarm
Having a professional check your alarm system on an annual basis can help ensure that you are never prone to failures when your safety and security is on the line. A trusted and experienced electronic security installer will be able to assess your system prior to closing the house up for the season to determine if any part should be replaced in a preventative nature. “Like any other electrical component, alarms will fail as some parts simply wear out. You don’t want them to fail when you need them most,” says Falkenberg.

Close Contacts
If your alarm is set off, someone needs to be alerted that something is awry at your home. If you live too far away to travel to the home yourself, having a family friend or contact in the community that is available on short notice to go to the house and open the door for police is a must. Police can then conduct outside inspections and look for indoor damage from water or excessive cold and hot temperatures. Your alarm will detect the problems but it is the response to those signals and the further analysis that gives the alarms their best value.

Assess Fire Risk Before Leaving
Fires are a huge risk to summer homes. It’s extremely important to make a thorough assessment of fire risk, both as to what equipment can be put in the house to prevent fire and also what kind of insurance coverage you should have if a fire does occur in a closed summer home. Falkenberg recommends having your insurance placed into effect by an independent agent who writes insurance for many different carriers and one who will make sure that all your valuables are covered. You don’t want to find out that you weren’t adequately covered after an incident occurs.

One fire risk that is always an issue is turpentines, other types of flammable cleaning liquids and the rags used for cleaning and finishing, says Falkenberg. Homeowners often leave dirty rags and flammable objects around to spontaneously combust. Though the risk has been known forever, it’s a common mistake often overlooked. Be aware of this if you are renovating, and make sure the contractor is cognizant of this as well.

Install a Sprinkler System if Possible
If you are building a new summer house, installing a residential sprinkler system is a smart idea. Sprinklers can greatly reduce the risk of fire, however, because they cannot be turned off remotely or electronically, they can also be a prime source of water damage. Have an important contact ready on call, and make sure they know where the water values are to shut off the system.

Other Measures Do Not Replace Strong Locks
Just because you have an alarm system doesn’t mean you should neglect to have strong locks in place. Secure your home with extra deadbolt locks prior to closing. For houses with lots of glass exposure, consider security window film to make it harder to break.

“The important thing to take away is that this is a starting point – a series of things to think about when trying to consider security risk and mitigating that risk,” says Falkenberg. “People need to focus on themselves and then make sure their security is squared away, or alternatively, get somebody who knows a lot about security to help advise them or safeguard them while they’re away.”

Devil is in the details, expert warns financial gatekeepers

By Tanya Rutledge, Special to Houston Business Journal – May 13, 2010

Company chief financial officers need to operate under a constant state of due diligence, whether for hiring new employees or vetting out third parties for business deals, former U.S. Secret Service Agent Christopher Falkenberg told the crowd during the sold-out Best CFOs of the Year event.

Falkenberg, an attorney and founder and president of New York-based Insite Security, told an audience of about 450 at the final Celebrate!Enterprise event on May 21 that conducting thorough due diligence is the key to successfully operating in today’s business world.

“Due diligence is the most important and significant part of business,” he said. “It avoids a long list of pitfalls, including fraud and abuse. Effective due diligence also reduces the risk and severity of litigation.”

Company stakeholders are growing less tolerant of mistakes made by corporate “gateholders,” Falkenberg said, which is putting more pressure on CFOs and other C-level executives.

He advised company executives to use civil and criminal legal records to their advantage both when hiring employees and when doing background checks on companies they are considering doing business with. These records are important to both uncover information about the person’s actions, and to find out if the person tends to be litigious themselves.

Falkenberg gave an example of a due diligence assignment that turned up four different small claims that a man had filed against his tailor, his gardener and other neighborhood service providers. He said his firm advised their client not to deal with this individual because these claims indicated not only that he was litigious, but that he had difficulty resolving conflicts.

“These types of records can be qualitative in finding out about the character of a person,” he said.

Falkenberg also advised the audience to run credit checks on potential employees, especially those being considered for financial positions.

“Not only is a person in financial collapse more likely to start stealing from the company, but this is the person who is entrusted with the company’s finances,” he said. “If they are challenged with their own finances, they will likely be challenged in dealing with the finances of your organization.”

The due diligence process can provide a great deal of insight into the characteristics of a prospective employee or a business counterparty, and Falkenberg said it should not be taken lightly.

“It can give you success in choosing the right people to do business with,” he said.

Tanya Rutledge is a Houston-based freelance writer.

Has the Big Apple Become the Big Eyeball?

By ARIEL KAMINER

Experts: Sloppy NYC car bomb an amateur operation

By LARRY NEUMEISTER and TOM HAYS, 3 May 2010, Associated Press Newswires

NEW YORK (AP) — The sloppy nature of the car bomb found in Times Square with fertilizer incapable of exploding and battery-powered alarm clocks set to wires makes it likely that a lone bomber rigged the device, perhaps with the help of how-to manuals on the Internet, experts said Monday.

The crude bomb — found in the SUV on Saturday night after a street vendor became suspicious of the vehicle — appeared designed to create a massive explosion, but only if a series of events worked perfectly.

Alarm clocks were connected to a pound of fireworks that apparently were supposed to detonate cans of gas, which would then ignite propane tanks to create a deadly explosion.

Fertilizer, a common component in homemade explosives, was in a nearby metal rifle cabinet along with wires and more fireworks that appeared designed to enhance the blast. Investigators, though, said the fertilizer did not appear to be of the type that would fuel a blast, and Mayor Michael Bloomberg called the device “amateurish.”

Investigators have remained tight-lipped on theories about who they think might have constructed the bomb. But to experts in explosives, it all adds up to the work of someone who really didn’t know what they were doing.

Chris Falkenberg, president of Insite Security, a security firm that works with Fortune 500 companies, said it probably was a “solo operation, a one-off event.”

Falkenberg said the device, as described by authorities, “doesn’t differ much at all from ‘The Anarchist Cookbook’” — the underground 1971 manual for crude, homemade explosives.

Revelations that the fertilizer used in the device never could have exploded was further proof the threat has been overplayed, he said.

“This is amateur hour,” he said. “My kids could build a better bomb than this.”

Barry Mawn, who led New York’s FBI office at the time of the Sept. 11, 2001, terrorist attacks, said suspects could range from those sympathetic to the interest of U.S. enemies to a domestic terrorist to a disgruntled employee who worked in Times Square.

“I’m not on the scene anymore but, based on what I have seen, I feel very confident that those who are responsible will be caught,” he said.

Someone who built such a crude explosive device might not be smart enough to wear gloves and cover up the fingerprint trail, Mawn said.

It was always a concern of law enforcement that people who sympathize with the views of Islamic extremists or al-Qaida might go to the library or the Internet to learn how to assemble a bomb and then try an attack, Mawn said.

“I would say there’s a good chance those will be discovered and neutralized before they create a problem, but, as everyone knows, all it takes is one to be successful,” Mawn said.

Law enforcement officials have learned to be careful about speculating too early that attacks are carried out by lone perpetrators.

In 1990, law enforcement authorities concluded that El Sayyid Nosair was a crazed gunman acting alone when he assassinated militant Rabbi Meir Kahane in a midtown Manhattan hotel. It was only after the 1993 truck bombing that killed six people and injured more than 1,000 at the World Trade Center that investigators realized he was part of a terror network and that some of the trade center bombers were at the Kahane killing, as well.

Experts say that even the Times Square improvised device built with easily obtained components that did not detonate may still have achieved some goals.

“It’s not about the target or the outcome, it’s about spreading fear,” said Maria Haberfeld, a professor of police studies at John Jay College of Criminal Justice. “It’s saying, we can get you whenever we want, however we want.”

Jimmie C. Oxley, a professor of chemistry at the University of Rhode Island, said the components in the Times Square bomb make it seem as if the bomber put together “anything that’s bad and hoped it would be even badder.”

Oxley said she was concerned that the bomb was being described as the work of an amateur when it was somebody “who went to that much trouble.”

“This is somebody who is trying to hurt people, and to characterize it with a non-threatening word like ‘amateurish’ bothers me,” she said.

Kevin Barry, a retired New York Police Department detective and chairman of the board of advisers of the International Association of Bomb Technicians and Investigators, called it the largest vehicle bomb in New York since the 1993 attack and said its level of sophistication wouldn’t have mattered.

“New York was very lucky,” he said. “We dodged a big bullet on this one.”

AP source: Man tied to Pakistan sought in NYC bomb

By TOM HAYS and COLLEEN LONG (AP) 5.3.10

NEW YORK — The search to find out who planted a car bomb that fizzled out in crowded Times Square took an international turn Monday as investigators said they were seeking a potential suspect who had recently traveled to Pakistan and had used cash to buy the SUV from a Connecticut man.

Two law enforcement officials say that authorities have identified the buyer of the SUV used in the botched bombing. One of the officials tells The Associated Press that the potential suspect is a man of Pakistani descent who recently traveled to Pakistan.

The officials spoke on condition of anonymity because the case is at a sensitive stage.

The registered owner of an SUV that was parked in Times Square and rigged with a crude propane-and-gasoline bomb told investigators he sold the vehicle to a stranger for cash three weeks ago, a law enforcement official said Monday.

The owner, who lives in Connecticut, was questioned Sunday about his sale of the darkcolored 1993 Nissan Pathfinder to a man he did not know, the official told The Associated Press. The official spoke on condition of anonymity because the investigation is ongoing.

Officials say the owner, whose name has not been released, is not considered a suspect in the bomb scare. But the revelation of the sale leads authorities one step closer to whomever was aiming for mass carnage on a busy Saturday night in the heart of Times Square and achieved only streets emptied for hours of thousands of tourists.

New York Police Department spokesman Paul Browne confirmed Monday that investigators had spoken to the registered owner.

The vehicle identification number had been removed from Pathfinder’s dashboard, but it was stamped on the engine and axle, and investigators used it to find the owner of record.

“The discovery of the VIN on the engine block was pivotal in that it led to the identifying the registered owner,” Browne said. “It continues to pay dividends.”

Two law enforcement officials familiar with the probe said investigators considered the vehicle’s history one of the best chances for cracking the case. The officials spoke to the AP on condition of anonymity because the probe is at a sensitive stage.

Investigators tracked the license plates to a used auto parts shop in Stratford, Conn., where they discovered the plates were connected to a different vehicle.

They also spoke to the owner of an auto sales shop in nearby Bridgeport because a sticker on the Pathfinder indicated the SUV had been sold by his dealership. Owner Tom Manis said there was no match between the identification number the officers showed him and any vehicle he sold.

In New York, police and FBI were examining hundreds of hours of video from around the area and wanted to speak with a man in his 40s who was videotaped shedding his shirt near the Pathfinder.

The video shows the man slipping down Shubert Alley and taking off his shirt, revealing another underneath. In the same clip, looks back in the direction of the smoking vehicle and puts the first shirt in a bag.

They traveled to Pennsylvania for video shot by a tourist of a different person, but determined they would not release it to the public. They have also received around 120 tips, and three of which were considered promising. They also collected forensic evidence from the Pathfinder.

In Washington, White House press secretary Robert Gibbs said Saturday’s attempted bombing was a terrorist act.

Attorney General Eric Holder, who earlier in the day refused to classify the incident as terrorism, said the bomber intended to spread fear across New York and said investigators had some good leads in addition to the videotape that was released Sunday.

Investigators had not ruled out a range of possible motives, and federal officials said they hadn’t narrowed down whether the bomber was homegrown or foreign.

Homeland Security Secretary Janet Napolitano told NBC’s “Today” show that no suspects or theories had been ruled out.

“Right now, every lead has to be pursued,” she said.

Barry Mawn, who led New York’s FBI office at the time of the Sept. 11, 2001, terrorist attacks and has since retired, said suspects could range from those sympathetic to the interest of U.S. enemies to a domestic terrorist to a disgruntled employee who worked in Times Square.

The Pakistani Taliban appeared to claim responsibility for the bomb in three videos that surfaced after the weekend scare, monitoring groups said. New York officials said police have no evidence to support the claims.

The SUV was parked near offices of Viacom Inc., which owns Comedy Central. The network recently aired an episode of the animated show “South Park” that the group Revolution Muslim had complained insulted the Prophet Muhammad by depicting him in a bear costume.

The date of the botched bombing — May 1 — was International Workers Day, a traditional date for political demonstrations, and thousands had rallied for immigration reform that day in New York.

Security had been also been tight in the city in advance of a visit to the United Nations by Iranian President Mahmoud Ahmadinejad at a nuclear weapons conference.

Police said the bomb could have produced “a significant fireball” and sprayed shrapnel with enough force to kill pedestrians and knock out windows. The SUV was parked on a street lined with Broadway theaters and restaurants and full of people out on a Saturday night.

The SUV was captured on video crossing an intersection at 6:28 p.m. Saturday. A vendor pointed out the Pathfinder to an officer about two minutes later. Times Square, clogged with tourists on a warm evening, was shut down for 10 hours.

The explosive device had cheap-looking alarm clocks connected to a 16-ounce can filled with fireworks, which were apparently intended to detonate the gas cans and set the propane afire in a chain reaction, said Police Commissioner Raymond Kelly.

A metal rifle cabinet placed in the cargo area was packed with fertilizer, but NYPD bomb experts believe it was not a type volatile enough to explode like the ammonium nitrate grade fertilizer used in previous terrorist bombings.

The exact amount of fertilizer was unknown. Police estimated the cabinet weighed 200 to 250 pounds when they pulled it from the vehicle.

To experts in explosives, it seemed to be the work of someone who really didn’t know what they were doing.

Chris Falkenberg, president of Insite Security, which works with Fortune 500 companies, said the device, as described by authorities, “doesn’t differ much at all from ‘The Anarchist Cookbook’” — the underground 1971 manual for homemade explosives.

He said revelations that the fertilizer used could not have exploded suggested “this is amateur hour. My kids could build a better bomb than this.”

President Barack Obama telephoned handbag vendor Duane Jackson, 58, of Buchanan, N.Y., on Monday to commend him for alerting authorities to the smoking SUV. The White House said Obama thanked Jackson for his vigilance and for acting quickly to prevent serious trouble.

Contributing to this report were Associated Press writers Larry Neumeister, Deepti Hajela, Ula Ilnytzky and Jim Fitzgerald in New York; Darlene Superville and Pete Yost in Washington; and John Christoffersen in New Haven, Conn.

Copyright 2010 The Associated Press. All rights reserved.

Owner of SUV with bomb says he sold it 3 weeks ago

By TOM HAYS and COLLEEN LONG

Associated Press Writers Mon May 3, 7:36 pm ET

NEW YORK — The registered owner of an SUV that was parked in Times Square and rigged with a crude propane-and-gasoline bomb told investigators he sold the vehicle to a stranger for cash three weeks ago, a law enforcement official said Monday.

The owner, who lives in Connecticut, was questioned Sunday about his sale of the dark-colored 1993 Nissan Pathfinder to a man he did not know, the official told The Associated Press. The official spoke on condition of anonymity because the investigation into the botched bombing is at a sensitive stage.

Officials say the owner, whose name has not been released, is not considered a suspect in the bomb scare. But the revelation of the sale leads authorities one step closer to whomever was aiming for mass carnage on a busy Saturday night in the heart of Times Square and achieved only streets emptied for hours of thousands of tourists.

New York Police Department spokesman Paul Browne confirmed Monday that investigators had spoken to the registered owner, declining to comment further.

The vehicle identification number had been removed from Pathfinder’s dashboard, but it was stamped on the engine and axle, and investigators used it to find the owner of record.

Two law enforcement officials familiar with the probe said investigators considered the vehicle’s history one of the best chances for cracking the case. The officials spoke to the AP on condition of anonymity because the probe is at a sensitive stage.

Investigators tracked the license plates to a used auto parts shop in Stratford, Conn., where they discovered the plates were connected to a different vehicle.

How Not to Build a Car Bomb (Times Square Edition)

By Nathan Hodge, May 3 2010, Wired—Danger Room

Back in 1920, New York City was the site of the first recorded car bomb attack when a horse-drawn cart rigged with dynamite detonated on Wall Street, killing more than three dozen people.

Fortunately, the designer of the failed car bomb on Times Square did not have access to dynamite, or military-grade explosives. According to police reports, the vehicle used in the attack was packed with gasoline, propane tanks, and some ordinary fireworks — plus several bags of what police described as a “nonexplosive grade of fertilizer.”

In other words, the bomb’s design was amateurish, at best: The bomber did not have the know-how to make, say an ammonium nitrate/fuel oil mixture of the sort that was used to level the Alfred P. Murrah Federal Building in Oklahoma City in 1995. (Fertilizer bombs have also emerged as a weapon of choice for insurgents in Afghanistan, and the top U.S. commander in Afghanistan has asked the government there to impose a ban on some of the precursors for homemade explosives.)

And while the ingredients in the bomb apparently had begun to combust — an alert T-shirt seller notified police when he saw smoke coming from the vehicle — it’s not clear they would have led to detonation, instead of burning down. Chris Falkenberg, founder and president of Insite Security, a New York-based security firm, tells Danger Room that the damage from the bomb would have been minimal.

“Looking at what was found in the Nissan Pathfinder … we see a very simple device comprised of hardware store supplies and some fireworks,’ he said. “The composition of the bomb reveals a lack of bomb-making skill as well as an inability to obtain real equipment like explosives, even nitrate-based fertilizer. As a result, I believe that even if the device had been set off, it would have resulted in a big fire with limited casualties.”

If in fact this incident was planned by an organized terrorist cell, Falkenberg added, “then we have very little to worry about as the threat from this type of low-level attack is minimal.”

Still, the apparent failed bomb brings renewed focus to the threat of domestic terror. In some respects, this incident bears passing resemblance to the 2007 case in Britain, where an Iraqi born in the United Kingdom attempted a car bomb attack on Glasgow airport.

That attack also used gas cylinders, but the effect was negligible. When the bomb went off, it created little more than a burst of flame.

Failed car bomb in Times Square called ‘heartening’

Lack of sophistication leads security experts to believe bomb not part of terrorist plot

By Leischen Stelter – 05.03.2010, Security Director News

NEW YORK—While a car bomb that failed to detonate at one of the city’s busiest areas could certainly have resulted in fatalities, the lack of sophistication of the make-shift explosive has led authorities to believe this was not an organized terrorist attempt.

Janet Napolitano, U.S. Secretary of Homeland Security, said May 2 on CNN’s State of the Union program that the unexploded car bomb appeared to be an “amateurish” terrorism attempt, but that authorities are nonetheless treating the incident as a “potential terrorist attack.”

On May 1, police were alerted by two street vendors that smoke was coming from a Nissan Pathfinder parked on West 45th Street, which had been parked haphazardly at the curb with its engine running and its flashers on. Inside, the police found gasoline, propane, firecrackers and simple alarm clocks as well as eight bags of non-explosive-grade fertilizer inside a 55-inch-tall metal gun locker, according to The New York Times.

“This was not a very dangerous device, even if it had exploded,” said Christopher Falkenberg, president of Insite Security based in New York City. “You can’t make a super bomb by attaching a stick of dynamite to a propane cylinder and certainly not by throwing in some firecrackers. The bags of fertilizer were bags of crap, literally—they weren’t even nitrogen based.”

Had the car exploded, it would certainly have caused a significant fire, he said, but with only approximately 10 gallons of gasoline in the vehicle, the explosive was not powerful enough to jeopardize surrounding buildings.

The police are currently searching for a suspicious man seen on surveillance footage removing layers of clothing. Police have identified the owner of the vehicle, but do not consider him a suspect.

While this event highlights the need to remain vigilant, Falkenberg emphasized that security professionals need to continue evaluating and assessing threats. “It’s important for security directors not to play into the hype and use their knowledge and skills to accurately identify real risks,” he said. “All in all I think this event is pretty heartening and as time goes on I believe more evidence will come out” that this individual was mentally unstable rather than associated with a terrorist group.

The most positive results from this event were the effective response by law enforcement, he said. “The police responded very well and maybe we’ve seen some great return on investment in the special units of the police department,” he said.

Weighing the Value of Home Security System

By Paul Sullivan, April 30, 2010

People may be surprised to learn that when they most need their security system to protect their house, they oftentimes cannot rely on it. Jackie Ostrander discovered that when a storm knocked out power to her home in Greenwich, Conn., for a week in March — too long for her backup battery to keep going. And it took her security company three weeks to restart her system.

“I asked, ‘Are we going to get a credit for this?’ We weren’t,” she said of her company, Protection One. “When they came out, I asked, ‘Are you going to charge me for this call?’ They didn’t, but they did charge me $100 for a battery.”

Jonathan Marvin, director of business solutions for Protection One, said, “We could have done better.”

There are about 36 million security systems in the United States, half of them in homes. Revenue for the industry was $28.2 billion in 2009, according to the Installation Business Report, an annual security industry survey. So a lot of people apparently think their homes are going to be impervious to burglars.

But even when the systems are working properly, the police response times can be slow.

Stan Martin, executive director of the Security Industry Alarm Coalition, acknowledged as much. He said that in big cities like New York, Atlanta and Chicago, police could take 30 to 45 minutes to respond, while in smaller towns the best that could be hoped for was six to eight minutes. Given that those times are in addition to the two minutes it takes for the alarm to register at the monitoring station and the operator to call you, the thief and your jewelry could be long gone.

Mr. Martin also attributed part of the slow response to the high number of false alarms — an estimated 80 percent of alarm calls — and partly to the low priority of burglaries.

To combat false alarms, many police departments charge after the first or second one, he said. In Stamford, Conn., for instance, the cost is $75. Yet these fines are often levied when a police car just drives past your house, not even pulling in the driveway, let alone walking around the property.

So if you are one of the millions of Americans paying a monthly monitoring fee of $25 to nearly $100, what are you getting for your money? It turns out you get many things beyond securing your home — like providing an alert in a fire and keeping an eye on your children’s comings and goings.

WHY HAVE AN ALARM?

If no one is going to show up when your house is broken into, why bother paying the monthly fee? One reason is that insurance companies offer discounts for security systems. The percentage varies depending on the sophistication of the system, with the lowest amount for an alarm that rings just at your house and much more for the safe rooms depicted in Hollywood movies.

The Insurance Information Institute says the average discount is 15 to 20 percent. On our homeowner’s policy, the discount savings amounted to $221.93 a year. A study released last year by the School of Criminal Justice at Rutgers University found that the real value of security systems was that they protected entire neighborhoods. The study, which focused on Newark from 2001 to 2005, found that residential break-ins decreased as the density of alarms in an area increased.

In other words, the more people paying that monthly monitoring fee on your street, the more likely a burglar is not going to take a chance that a police officer is right around the corner.

DO ALARMS DETER CRIME?

When so-called smash-and-grab thieves do strike a home with an alarm system, they are more likely to leave quickly.

On its Web site, the Electronic Security Association says that the average loss on a home with a system is $3,266, compared to $5,343 for a home without one. Nearly $2,100 is nothing to sniff at — unless your years of monthly monitoring fees exceed that.

“The point of a security system is to reduce loss,” said Mike Miller, president of the security association. “It may be that instead of losing your TV, you could have lost a lot more.”

Mr. Martin said that most thieves wander neighborhoods looking for an easy entry point, like an open window. Your security system would have told you to close that window when you tried to turn it on.

Wealthier people, though, need another layer of protection since burglaries to their homes are not as opportunistic. Chances are the person who steals your Picasso when you are away did not happen upon your house by chance.

Christopher Falkenberg, president of Insite Security, which provides security for Martha Stewart’s homes, said prominent people needed levels of security beyond what alarms could provide.

“Alarms are not sophisticated,” he said, adding that basic monitoring panels have not changed in decades. “That said, you have to have one or you’re definitely going to be targeted. But your expectation can’t be that installing an alarm will be your end-all and be-all.”

Upgrading to the level of personalized protection that a firm like Insite provides is not cheap: its monthly rate starts at $7,000.

From an insurance point of view, this is where the discounts start to increase. “We recommend a layered approach so you are going to build out from a security system,” said Rich Standring, risk services manager for the East Coast for Fireman’s Fund. “The one shortcoming of a security system is you have to turn it on.”

BEYOND SECURITY

While keeping burglars out of your house is the foundation of any security system, the monitoring service can include fire alarms, heat sensors and other features.

Robin Lampe, a spokeswoman for Protection One, said the company’s systems offered additional ways to monitor your home. The system can tell when someone has entered or left a house and when a person is trying to open a liquor or gun cabinet. It can also send video clips of who has entered a house or even a specific room — a great tool for parents eager to see what their children are up to.

But in every instance, the security system is only as good as the operator responding to the alert. Jonathan Crystal, who advises customers on their security needs as an executive vice president for Frank Crystal & Company, said he was traveling and got a call from his monitoring company telling him that the smoke alarm was going off in his home. He knew his baby sitter was there and asked the operator if she had spoken to her.

“I asked the woman if everyone was O.K.,” Mr. Crystal said, “But she said she hadn’t asked, because the person who answered was not authorized on the account.”

Mr. Crystal, who would not let me name the security company in print, said he was completely exasperated and ended up switching to a local company, Scarsdale Security. “They didn’t change my system at all, but they provide remote monitoring and they’re excellent,” he said. “They give me peace of mind. I got no peace of mind from” the national service.

While paying a monthly monitoring fee may make little financial sense, finding a service that provides you peace of mind is invaluable.

Laura Bush Publishes Memoir

ORIGINAL AIRDATE: 4/28/2010

It’s like a plot out of a Hollywood movie: The President and First Lady poisoned during an overseas summit!

Former First Lady Laura Bush says it may really have happened.

In her memoir Spoken from the Heart, on shelves May 3rd, Laura says she and President Bush may have been poisoned during the G8 Summit in Germany in 2007.

At the time, the White House played down the illness. But Laura says her husband was so sick he was bedridden during part of the trip.

Former secret service agent Chris Falkenberg finds it impossible to believe the President and First Lady were poisoned: “It’s much easier for me to imagine that they succumbed to a virus then that someone penetrated the security steps and was actually able to introduce a certain toxic element,” he says.

Laura writes the mysterious incident remains just that. “We never learned if any other delegations became ill or if ours, mysteriously, was the only one.”

The former First Lady also writes for the first time about the tragic fatal car crash when she was 17. She ran a stop sign and collided with another car, which was being driven by her boyfriend, Michael Douglas. He was killed instantly.

“The car door must have been flung open by the impact and my body rose in the air until gravity took over and I was pulled hard and fast back to earth. The whole time I was praying that the person in the other car was alive.”

She says the trauma stayed with her for decades: “I lost my faith that November. Lost it for many, many years. It was the first time that I had prayed to God for something, begged Him for something. And it was as if no one heard. My begging had made no difference.”

Exit Strategy

by Christian L. Wright | Published May 2010

When the boss says go, it’s hard to say no—even if it means traveling to some of the less predictable corners of the globe. Christian L. Wright reports on the companies that spring business travelers out of tight spots and how to stay safe when work takes you far from home

When Justin Case (not his real name) and his brother found themselves in the middle of a violent protest high in the Andes in 2007, they called the emergency medical and security service International SOS for help. International SOS staffers immediately advised the brothers to fill the bathtub, in case a fire broke out; put money in their shoes, in case they had to run; and avoid the police station, since it was likely a target of the protesters. Within 48 hours, International SOS had returned the brothers to Lima, shaken but safe. “When I look at pictures of a war zone now,” Justin says, “it reminds me of what it was like.”

Between the narrowly averted military coup in Turkey in 2008, this winter’s sudden cholera outbreak in Mozambique, the earthquakes in Haiti and Chile, and frequent kidnappings from Mexico City to Kathmandu, it can look like a real jungle out there. In fact, the world’s a pretty safe place, with only about three percent of travelers ever falling victim to a crime and far fewer getting caught up in civil strife or natural disaster. Even so, the security industry is growing apace as increasing numbers of companies are sending more employees into remote or unstable places and realizing that it’s good business sense to contract an outside firm to help monitor their workforce overseas.

A range of U.S. security and risk management services consult with both multinational companies and individuals. For example, iJET Intelligent Risk Systems, a full-service security outfit, works primarily with corporations, tracking and supporting upwards of 400,000 business travelers in any given month (the company evacuated 186 clients from Haiti after the January earthquake). On the other hand, half the travelers who hire Clayton Consultants, which specializes in kidnapping, are private individuals. International SOS and Assist America are essentially medical emergency services—think of them as an international 911—sometimes working in concert with risk management experts. And then there are companies like Granite Intelligence, in New York, that offer executive protection—in other words, bodyguards. “It’s not unlike what the secret service does for the president but on a much smaller scale,” says Jeffrey Mueller, co-founder of Granite.

Still, despite the growth in the security industry, a 2007 survey conducted by the U.K.-based firm Control Risks revealed that half of U.S. business travelers polled reported that there was no clear travel security policy at their company and 23 percent said their firm provided no security support at all. Clearly, for business as well as leisure travelers, it’s ultimately up to the individual to be his or her own best risk manager. According to Randy Spivey, CEO and founder of the Center for Personal Protection & Safety, the degree of risk abroad can be summed up by three factors. “Where you’re going, whom you work for, and what you’re doing there. If you’re tied to the coffee industry,” he explains, “in certain parts of Latin America that’s a threat to the drug trade.” In general, one of the biggest threats to the international business traveler is kidnapping—Clayton Consultants handled 40 cases worldwide in 2009—particularly in Latin America, where fully half of all kidnaps-for-ransom take place. Kidnap risk is also higher in oil-rich parts of Africa and the Middle East and in Southeast Asia, where growing economies are attracting more foreigners looking to drum up business. Threats of terrorism are particularly high in Afghanistan, India, Iraq, Pakistan, Sudan, and Yemen. Civil unrest and natural disasters round out the list.

ALL IN THE PREPARATION

You don’t have to hire a security expert to reduce your chances of ending up in a tight spot overseas. In fact, a little preparation can go a long way in minimizing risk and putting you in the best position to respond to the unexpected. “Be a bit obsessive-compulsive” in your planning, advises James Moulton, field security officer for the Global Fund to Fight AIDS, Tuberculosis and Malaria, who has lived and worked in Haiti and the Niger Delta. Moulton and others recommend that travelers to off-the-beaten-path destinations study up on the history, culture, customs, government, religions, and possible risks (natural as well as man-made) well before departure. For instance, if you’re scheduled to head to a politically unstable country and you learn that you’ll be there during its national elections, you might want to change your travel dates. If your company has no library of dossiers on every place the boss might send you, or hasn’t hired an outside company that does, you can refer to the U.S. State Department alerts and advisories online (state.gov/travel), and you can tailor daily e-mail digests from the Overseas Security Advisory Council (osac.gov) to stay current on regions that are of interest to you. To further understand conditions on the ground, some broad overview maps are available online, such as the Risk Atlas from the magazine Risk Management, and ASI Global’s Kidnap & Ransom Threat Map (www.asiglobalresponse.com/downloads/KR_threat_map.pdf).

In an age when the ability to make a phone call or send an e-mail is taken for granted, it’s easy to overlook the issue of communications on a trip abroad. Big mistake. “Your ability to communicate on a moment’s notice could be the difference between life and death,” says Alex Puig, a director at Travel Security Services, a joint venture between Control Risks and International SOS. The Global Fund’s Moulton agrees. “During a coup or rumors of one, the first thing to go down is the telephone network, at precisely the time you need it most.” The answer? A satellite phone, especially “in volatile environments or remote areas where power and cell phone coverage cannot be guaranteed,” Moulton says.

In most parts of the world, though, even the humble cell phone can be a powerful tool in times of trouble. Text messaging, for instance, is still a viable way to communicate when phones are jammed and you can’t make a call. There’s even a 99-cent app called iWitness, available on iTunes, that works on the iPhone and BlackBerry and sends up to 15 contacts a distress signal, notifying them of your whereabouts when you activate the alarm.

Sometimes a phone call is all that’s needed to get you out of a jam. A few years ago, when a car carrying some American businessmen in a remote part of India hit a rickshaw, an angry crowd of about 300 quickly gathered. Although the car was driven by an Indian, the crowd wanted to lynch the Americans. Luckily, they were able to phone colleagues in the vicinity, who quickly came and ushered them to safety.

THE BEST DEFENSE

CLAYTON CONSULTANTS Analyzes the risk potential for any given trip; offers skills training, including lessons in evasive driving and handling firearms; provides response teams for kidnap-for-ransom, extortion, and wrongful detention. Cost: $1,500-$3,000 per consultant per day.

GRANITE INTELLIGENCE Sends an advance team to secure the destination; coordinates safe transportation; vets hotels; provides bodyguards; conducts counter-surveillance and background checks. Cost: $5,000-$20,000 per day, depending on the destination and number of personnel.

iJET INTELLIGENT RISK SYSTEMS Provides destination reports and safety advice; dispenses real-time alerts to e-mail addresses or phones; monitors airlines safety standards; vets hotels; staffs a 24-hour hotline; arranges emergency evacuations. Cost: $5,000 per year for an organization.

INSITE SECURITY Geared to top executives and high-net-worth individuals; sends an advance team to secure the destination; vets hotels; coordinates safe transportation; conducts counter-­surveillance, emergency evacuations, and kidnap-and-ransom negotiations. Cost: From $6,000 for an individual trip.

TRAVEL SECURITY SERVICES This joint venture between International SOS and Control Risks staffs a 24-hour security and medical hotline and arranges evacuations. Cost: From $435 per year for independent travelers.

How security professionals monitor their kids

You can watch your children in countless ways. But what kind of monitoring is truly useful, and how much is too much?

by Joan Goodchild, Senior Editor

CSO Security and Risk – April 12, 2010

Cell phones, texting, IM, email, Facebook, MySpace—kids are interconnected today in ways hardly imagined two decades ago. But these technology-based communication platforms also enable new forms of an age-old parenting strategy: monitoring your kids. Who are they talking to? What are they talking about? Are they going where they said they are going?

Most of us with children think about this stuff. But parents who work by day as security professionals live in a heightened state of risk awareness, and also have the expertise and the tools to monitor kids’ behavior and communication in many ways.

Is it any easier to put the proper measures in place to ensure your child’s security since you already have an expertise in this area? Or do you go overboard because of you are hyperattuned to risk? And what is the right balance of freedom and guidance to provide for kids?

Turns out it was tricky issue before social networking, and remains tricky now. Here are views and strategies collected from an array of security professionals.

‘Spying’ on your kids?

Martin McKeay, a CISSP and security consultant who maintains a popular network security web site and blog, recently found out how divided security professionals are on the issue of monitoring children. McKeay, the father of two boys aged 8 and 10, received an intriguing message recently from someone on a mailing list who wanted his opinion.

“It asked ‘What kind of software can I use to spy on my children and read their every email?’” said McKeay, who was slightly taken aback by the wording and the person’s obvious, no-bones-about-it attitude that they intended to pry into their kids’ lives without warning or limit.

“I consider that going over the top. So I went on Twitter and asked other people: ‘How do you think this should be handled? Is it through monitoring software, or parental relationships?’” McKeay recounted. “With rare exceptions, most people said both. But there were some strong opinions about monitoring what your kids do.”

McKeay said he was surprised that his responses, mostly from other security professionals, revealed many were willing to do at least some covert monitoring with software programs without the kids’ knowledge or consent. The majority felt open and frank discussion, along with some disclosed parental control with products such as Net Nanny, and other similar programs that block web sites and monitor activity, was the best approach.

But he estimates about 25 percent of those who answered his question thought monitoring all actions without telling their kids they were doing so was OK.

“I kind of expected in the security community that more people would realize some of the dangers of that kind of secret monitoring. But I guess when it comes to your kids, most people seem to be more concerned with keeping them safe online than the potential impact on the relationship.”

By danger, McKeay means loss of trust when the child realizes he is being “spied on,” as he puts it. He believes secret, and also open-but-excessive, monitoring of a child’s activities infringes on a kid’s privacy rights and will set parents up for potential damage to the relationship with their children in the future. He also thinks leaving them no room to make mistakes means they won’t learn the security skills they need when navigating the dangers of the internet.

“If kids don’t learn how to live on the internet when they are at home when they are safe, they are never going to learn it, or they will learn it the hard way when they go out on their own.”

The connections kids make using technology that set them up for security risks will only increase, and technology is making that easier than ever. Even if they don’t have a smartphone yet, most teens are using Facebook on their computer at home. But Microsoft this month is unveiling new phones aimed at younger users that have special social networking capabilities. And as social networking, where plenty of questionable and even dangerous  communication can take place, becomes more mobile, the ability to supervise becomes even more difficult, according to Insite Security’s Christopher Falkenberg, a former Secret Service agent.

“Mobility will restrict parents’ ability to supervise as opposed to the home computer which can be reviewed by parents,” he said. “Also there are not programs to help control content on mobile devices like there are for computers. As a parent you can be no less vigilant of a child’s online associations and whereabouts than you can their physical location and friends. If you wouldn’t let them see someone or go someplace in the physical world you should not let your kid go there through the internet.”

But despite what many parents might put into place to keep an eye on their kids, children, as they often do, usually find ways around it. According to a poll conducted in 2008 by Harris Interactive and McAfee,16 percent of kids have created private e-mail addresses or social networking profiles to hide what they do online from their parents. And 63 percent of teens said they know how to hide what they do online from their parents. Additionally, 11 percent have unlocked or disabled parental filtering controls.

Instead of trying to block her kids from questionable or dangerous content and communication, Dena Haritos Tsamitis, head of the Information Networking Institute and director of outreach for Carnegie Mellon CYLAB, approached the security and safety issue by trying to change behavior. Her older kids, now 23 and 21, were her so called ‘guinea pigs’ when she was developing MySecureCyberspace, an online educational resource that provides families with free materials for staying safe online.

“I was able to see firsthand the kind of risk they were taking knowingly,” said Tsamitis. “They knew better but were taking risks anyway. I was thinking: “This is a challenge, because I have to modify their behavior, and kids don’t listen to their parents too easily.”

Through the kids, Tsamitis said she explored strategies for dealing with that age group and helping them understand the real world consequences of their actions in order to shape the informational content on the MySecureCyberspace site. The site also includes free games for kids of varying ages that helps them develop the skills to spot spam and avoid saying dangerous things in front of strangers in chat rooms.

Tsamitis’ youngest daughter is now 13 and just starting to use social networks. As with her older kids, Tsamitis is not blocking content, but instead trying to get her daughter to understand the consequences of her actions online through education.

“If I walk into the room and my daughter is online, I’ll be peeking over her shoulder without hovering. If I see she posts something inappropriate, I’ll ask her if she thought about what she was doing before she posted. I’m trying to teach her to think about things more than just react.”

And in the physical world…

Of course, security risks aren’t just online. Security pros still have the old-fashioned worries about kids’ whereabouts and the company they keep when they are out of the house. Physical security veteran Daniel Finger, who once served as a security director at several large hospitals around the country, now heads a consultancy in Jacksonville, Florida. When his son was in school, Finger wanted to give him the space to learn things on his own, but at one point made the decision to change his own life around in order to ensure his son was safe. Finger’s son, who faced a bus ride each day that required him to transfer to a second bus in order to get to school outside his district, was witnessing fights every day while he awaited the second bus.

“For a while, I thought the interaction of taking the bus would be good, but it didn’t work out that way,” said Finger. “After hearing about the fights he was seeing, I finally said ‘You don’t need that.’ So for last two years of high school I rearranged my morning schedule so I could drop him off myself.”

Finger’s son graduates from college in a few weeks, and Finger admits he was fortunate to have had a teenager who didn’t get into a lot of trouble.

“We never had a situation where we had to go to the police, or smelled alcohol or marijuana. And as a former security director I would have picked up on that stuff.”

But he and his wife kept an eye on his son and his school by getting involved. Finger’s wife was on the PTA. Both made a point of volunteering often at school events in order to get to know the teachers and other families. It’s this kind of vigilance that he thinks gives parents an advantage: Monitoring that isn’t too invasive, but is also informative.

As for McKeay, he admits that he hasn’t had to worry much yet about his sons looking for objectionable, and even dangerous, content because they are still so young. He has put some controls in place. The computers are all in the family room. Some sites are blocked, but, like a true tech security guy, McKeay has turned the roadblock into a challenge.

“I’ve blocked YouTube with disclaimer that if they can figure out how I did it, they can have it back until they give me reason to take it away again.”

In the right circumstances, this kind of tactic offers a possible way to make monitoring and blocking feel less adversarial. Going forward, McKeay hopes he and his wife can continue their policy of allowing freedom coupled with open lines of communication with the kids.

“My wife and I have had numerous talks with them to say ‘If you get on a bad site, you need to leave it. If you see anything that makes you uncomfortable, come and tell us.”

© CXO Media Inc. http://www.csoonline.com/article/590613/How_security_professionals_monitor_their_kids

CEO security-tabs fall at Google, FedEx and Disney

Starbucks pays more to protect CEO Howard Schultz

By Matt Andrejczak, MarketWatch April 12, 2010, 2:34 p.m. EDT

SAN FRANCISCO (MarketWatch) — Executives at Kodak and Deere are now paying for their own home-security systems, a sign that executive-security is one perk corporate board’s are scrutinizing more closely.

Indeed, other companies cut back on security expenses, too — especially those known to spend big bucks on protecting their CEO, according to a MarketWatch review of proxy statements filed so far this year by Dow 30 components and larger S&P 500 companies.

The security tab for Google CEO Eric Schmidt fell 42% to $233,542 last year. The bill for FedEx CEO Fred Smith dropped 23% to $461,405, while the cost for Disney CEO Bob Iger dipped 9% to $589,102.

Since 2007, Google (NASDAQ:GOOG) has paid $1.1 million in personal security expenses for Schmidt, FedEx (NYSE:FDX) has paid $1.5 million for Smith, and Disney (NYSE:DIS) has paid $1.9 million for Iger.

Compensation consultant Todd Gershkowitz of Farient Advisors said CEO security is not an egregious perk compared to goodies like country-club memberships, chauffeurs or taxes companies pay on super-sized severance packages for axed CEOs.

But company-provided security “becomes an invasion of privacy, some CEOs don’t want it, some accept it,” said Gershkowitz, who considers CEO security expenditures more of an issue about risk than one of executive perks handed out by directors.

He said he’d like to see more detailed disclosures about CEO security in proxies.

Deere (NYSE:DE) and Kodak (NYSE:EK) won’t pay the bill for residential security anymore, according to their yearly proxy statements filed with the Securities and Exchange Commission.

Starting this year, Deere said eight executives will have to reimburse the company for security services that had included “drive-by surveillance and response to security alarms” for certain executives by Deere’s corporate security staff.

This perk cost Deere less than $19,000 last year, but the exact number is unknown since the tractor maker lumped the cost in with spouses attending company events.

Kodak paid a one-month bill of $876 for five executives, before dropping the perk in February 2009. Long-struggling Kodak, which lost $210 million last year, will still pick up the tab for CEO Antonio Perez, however.

At Citigroup (NYSE:C) , the bank won’t be paying for personal bodyguards and armored vehicles for Roberto Hernandez Ramirez, a Mexican-based banking executive who stepped off Citi’s board last spring. Since 2007, Citi had paid $5.4 million for his security, office space and airplane use.

The emphasis corporate boards put on CEO security expenses can vary vastly depending on their culture. IBM (NYSE:IBM) , Dupont (NYSE:DD) and Procter & Gamble (NYSE:PG) require their CEOs to use the corporate jet even for personal travel.

Compare that to UPS (NYSE:UPS) . UPS CEO Scott Davis and other top execs fly commercial when traveling for business.

Terry Lundgren, CEO at Macy’s (NYSE:M) , is provided a car and driver to shuttle him around New York City. That cost more than $261,000 in 2009. Intel (NASDAQ:INTC) CEO Paul Otellini drives himself to work from his San Francisco home to Silicon Valley when he is in town.

Since proxies from S&P 500 companies are still trickling out, it’s too early to determine if the nation’s 500 largest companies cut CEO security perks as they slashed other operating costs during the so-called Great Recession.

CEO security tabs had been on the rise from 2006 through 2008 at Fortune 100 companies, according to Equilar, an executive compensation research firm.

The security tab for Starbucks CEO Howard Schultz has climbed in each of the past three years. It rose 25% to $640,000 in 2009 due to “increased personal security details” and upgrades to Schultz’s residential security systems.

Coke (NYSE:KO) paid more to protect Jose Octavio Reyes, its top executive in Mexico, where drug violence worsened last year. His security bill, which comes with bodyguards and 24-hour residential security, rose 36% to $488,719.

SEC disclosure rules changed in 2007, forcing companies to illuminate perks valued over $10,000. Before then, companies used studies from boutique security firms to justify the costs as business expenses for federal tax reporting purposes.

The costs to hire bodyguards or armored vehicles, or install home-security systems, pop up in proxy statements of publicly-traded companies, revealing what companies are willing to pay to keep the CEO and their families safe. The SEC deems such costs a perk and the tab is part of the “all other compensation” column in executive compensation tables.

For a larger home, the cost to install a home security system runs from $7,000 to $10,000 and typically includes fire alarms, smoke detectors and sprinkler systems, according to Tim McKinney, group director of the custom home unit at ADT, the home-security firm.

That compares to the set-up cost of $400 to $600 for a regular home, McKinney said.

Executive security is not limited to CEOs of public companies.

Hedge fund managers are concerned, too, said former U.S. Secret Service agent Christopher Falkenberg, whose firm Insite Security has set up an office in Greenwich, Conn., the New York City suburb that is home base for many hedge funds.

Falkenberg, who once protected President Bill Clinton, said he’s been developing family security plans for the spouses and children of hedge fund managers. The aim is to make their families harder targets to would-be criminals.

3M (NYSE:MMM) and Caterpillar (NYSE:CAT) got a scare last year when factory bosses in France were held hostage by laid-off workers who demanded higher severance pay outs.

During the recession, Jeff Sexton, a former United Nations security adviser, said his firm was hired to ensure the safety of human-resource managers and other executives when manufacturing or corporate office workers were about to be laid off.

In some cases, he said, the factories were in small towns and the company was the biggest employer, making it a delicate situation. “It can be really trying and emotional time,” said Sexton, who runs Fairfax, Va.-based Sexton Executive Security.

Starbucks (NASDAQ:SBUX) , which closed 1,000 stores during the economic downturn, has run up a security-tab of $1.6 million for Schultz since 2007.

The coffee giant pays the bill because of the risks associated with his status as a “high-profile founder” of a large, multinational company, the coffee chain said in its proxy.

Schultz “is closely identified with Starbucks brand and the board firmly believes his vision and leadership are critical components of Starbucks success,” the proxy added.

The same could be argued for Apple CEO Steve Jobs. But Apple (NASDAQ:AAPL) lists no security costs for Jobs in its proxy statement. The company couldn’t be reached for comment. Recently, Jobs stopped by Apple’s Palo Alto, Calif. store with his wife and daughter the day the much ballyhooed iPad went on sale.

Microsoft (NASDAQ:MSFT) doesn’t list any security costs for CEO Steve Ballmer, either. The software giant has had at least one incident of note: Former CEO Bill Gates got hit in the face by a cream pie during a 1998 visit with European Union antitrust officials.

Oracle CEO Larry Ellison and Dell CEO Michael Dell are among the most-protected U.S. tech executives — at least according to security costs listed in regulatory filings.

In the past three years, Oracle has paid $4.6 million for a residential security program that includes security guards at Ellison’s residence. Dell (NASDAQ:DELL) has paid $3.2 million for bodyguards and home-security for its founder. Dell is known to send advance security detail teams to scout out certain locations where the CEO will be.

The boards of both tech companies call it an appropriate business expense. Ellison owns 23% of Oracle (NASDAQ:ORCL) . Dell owns 13% of his namesake personal computer maker.

As part of an executive severance agreement, Whirlpool (NYSE:WHR) is still on the hook to the pay for the cost of a car and driver for Paulo Periquito, its former head of Latin America who lives in Brazil. He resigned at the end of 2009 and he keeps the car and driver through April 2012, according to a regulatory filing.

The cost of the car and driver was $104,352 in 2009.

Here are some other examples found in recent proxy statements:

• 3M ponied up $35,864 to “complete several projects improving the personal security” of its CEO George Buckley and his family “at their residences.” That paid for monitoring service fees, installation services and materials.

• Former Schering-Plough CEO Fred Hassan was protected with personal bodyguards, home-security system, and a car and driver. The drug maker explained that its executives had received threats from animal rights activists and others because of the products it sells. Since 2006, Schering-Plough had paid $442,196 for those services. Hassan stepped down from Schering-Plough after its merger with Merck (NYSE:MRK) in November 2009.

• Ford Motor Co. (NYSE:F) paid $1.2 million in security costs for its executive chairman Bill Ford, Jr. last year. In 2008, this expense was not listed because Ford (the great-grandson of Henry Ford) didn’t meet the definition of “named executive” under SEC rules. Meanwhile, home-security expenses for CEO Alan Mulally were $43,447, down from $112,114 in 2008.

• Inter-Con Security Systems does work for some Fortune 100 companies, including Wal-Mart Stores (NYSE:WMT) and McDonald’s (NYSE:MCD) . Inter-Con CEO Enrique Hernandez, Jr. also is popular with corporate boards. He is a director at Chevron (NYSE:CVX) , Wells Fargo (NYSE:WFC) , McDonald’s, and Nordstrom (NYSE:JWN).

Copyright © 2010 MarketWatch, Inc. All rights reserved. http://www.marketwatch.com/story/ceo-security-tabs-fall-at-google-fedex-and-disney-2010-04-12

An Executive Plan for Troubled Travel

A security expert offers tips and tactics for surviving a business trip to some of the world’s most dangerous locations.

by J. Jennings Moss Mar 05 2010 Portfolio.com

Travel Security: What to Pack to Survive a Natural Disaster

Secure travel plans often consider kidnapping or terrorism. But what about natural events like the recent quakes in Haiti and Chile? Chris Falkenberg has advice on what travelers should pack for the best chance of surviving a disaster

By Joan Goodchild, Senior Editor, CSO

March 02, 2010

Security directors and CSOs are often responsible for devising secure travel plans for the employees in their organization.Preparation often includes education, training, and perhaps even a counter-surveillance program.But what about iodine pills and a satellite phone? If you ask Chris Falkenberg, founder and president of Insite Security, all travel plans should also include certain items that can be invaluable in the event of an unforeseen natural disaster (Also see: 4 Steps Security Can Take to Prevent Kidnapping).

According to Falkenberg, the 8.8 earthquake in Chile, coupled with the 7.0 Haitian quake, has made the issue of travel security more important than ever. Insite, a United States-based security and risk management firm, advises corporations and high-net-worth individuals.

“Much thought is given to man-made disasters such as terrorism, but relatively little to natural and unpredictable catastrophes,” said Falkenberg. “It is important for the corporate security manager or other c-level executives to embrace a holistic approach to risk mitigation including natural disasters and their results.”

Falkenberg spoke with CSO about the variables organizations should consider, and the items they should pack, when traveling, particularly in the developing world or politically unstable regions.

CSO: You think these recent earthquakes have really brought to light the importance of secure travel plans that consider not just man-made security challenges, but natural ones. Why is that?

Falkenberg: I think the issue of travel preparedness is one that has to incorporate a broad area of risks. What usually happens in a security department is a great focus on man-made events; a great focus on terrorism, a great focus on crime. There is much less of a focus on natural disasters. That is probably because in some cases they are easy to avoid and also they are so rare. But it’s very valuable for travelers to think about what happens if they are off the grid for a few days and really have to make it by themselves, staying healthy and getting out and to a place of safety. That is something that both Chile and Haiti underscore: If you’re responsible for travel security and travel safety, it’s important to prepare travelers to be able to fend for themselves for 72 hours. That, in my view, is the story of these earthquakes. It’s not only the bad guy down the hallway or the bad guy with a truck bomb, it’s also fires and earthquakes, and other sorts of bad stuff that can happen.

CSO: So what kind of advice can security folks give travelers? What should they advise them to pack and be prepared?

First is a satellite phone. I think they are very valuable, even in the U.S. In the event of a big U.S. crisis, like a black out, or even some kind of crisis where cell towers are still up, they will be deluged with calls. And in some municipalities, cell phone providers prioritize calls from police and public service, so you might not be able to get a line. We are told to use SMS messaging to get information through, but if a cell tower is down, you’re stuck. A satellite phone is totally independent. And if you don’t want to carry a satellite phone, there are satellite-based beacons that people can carry that are designed for back up use but are applicable to people are in a city as long as they are outside.

The second thing is the issue of pure water. One of the most valuable things we could send to Concepcion (Chile’s largest city impacted by the quake) now is one of a variety of water-treatment mechanisms. All of them are very small and intended for backpackers and hikers and so therefore easy to put in suitcase. There are clean water straws, there is a UV-electric device, there are iodine pills, there are a number of ways in which you can take unsafe water and make it safe. I think that’s really important to consider packing something like that when you are traveling in a developing country.

The next thing is flashlights. I can’t imagine a more valuable security or emergency tool than a flashlight.

And N-95 masks. They would be very useful in Haiti and Chile because it enables you to breathe in dusty environment. A mask would also be helpful if you found yourself somewhere in a flu pandemic and you want to protect yourself form airborne contaminants.

Lastly: A good medical kit. We work closely with a group of emergency doctors who send their clients off with pretty robust medical kits and access to a physician. You may not have access to physician immediately, but if you have a medical kit with prescription medication you are just so far ahead of where you would be otherwise. If you have an injury with tremendous pain, you can take prescription pain medication and hold it together until you can get out to a medical facility.

All of this equipment is not small, but it doesn’t take up a ton of space either and can be very valuable if you get into a situation.

CSO: Have the recent earthquakes in Chile and Haiti had an impact on your clients travel or business continuity plans?

We had a number of clients in Haiti, so after the quake in Port au Prince, we were busy ensuring safe transportation of supplies from the Dominican side to the Haitian side. But so far in Chile, we’ve had nothing. It’s only Monday and that may change, but so far we haven’t heard of any client needs related to what’s going on in Chile.

The tsunami warning created a significant problem because it was such a wide, potentially-affected area that it caused a ripple in a lot of logistics problems for clients as far as landing locations for refueling and other positioning issues. We had to work around that. For instance we had a client who was supposed to land in Hawaii to refuel an aircraft, so that required a whole bunch of re-routing of airplanes from there to Anchorage. Obviously you can’t have airplanes flying into airports that may be subjected to flooding. So you have to think quickly in cooperation with flight planners to move stuff around.

Travel Safety Tips Provided

by Jack O’Dwyer

With political unrest widespread throughout the globe, former Secret Service Agent Christopher Falkenberg is advising clients who are traveling to avoid hotels that are “identifiably American or part of an American chain.”

Falkenberg, who now heads Insite Security, said travelers should not take fancy luggage and should dress “plainly” since the wealthy are a popular target.

Travel from the foreign airport to a destination is something that should be arranged in advance, he says.

“You should know who your driver will be in advance and have a picture of him or her,” he advises.

Driving at night is to be avoided and use a local driver if that is possible, says Falkenberg. He recently gave a webinar on traveling abroad with Dr. Daniel Carlin of WorldClinic.

Among tips from the webinar is that travelers should pick rooms on the second through seventh floors that do not face the street.

Other advice is to take a room that is far from the lobby and not to linger in the lobby.

Check if the hotel has sprinklers and fire alarms before booking a room.

Information should be obtained on how to contact the local authorities in case of an emergency.

Should there be a “medical emergency,” Falkenberg and Carlin warned that the “first hour is critical.”

Scope out the best local hospitals in advance, they said.

“Seemingly innocuous things” such water, mosquito bites and mopeds can cause big problems, said the pair.

Contaminated water can be avoided by buying sealed bottles of water and travelers should be aware that mosquitoes carry serious disease.

Travelers should get the proper inoculations beforehand and pack copies of medical and legal records in case of an emergency.

Take a small LED lithium-powered flashlight, a smoke mask, cable ties for luggage, and a satellite phone if visiting a Third World country.

Use of a moped can be dangerous unless the traveler is accustomed to driving one, they said.

Political demonstrations are to be avoided because they have a tendency to “get out of control.”

Newark Airport Security Breach Video Shows Man Giving Goodbye Kiss to Girlfriend

AVIATION, ESSEX COUNTY, TRANSPORTATION

January 7, 2010

By MIKE FRASSINELLI & JOSEPH R. PERONE

The video of the Newark Liberty International Airport security breach that was finally released to the public on Thursday showed what people who had seen it earlier already described — and more.

The security officer leaving his post. The female passenger helping the man under the security ribbon. The goodbye kiss.

The footage was grainy and the faces hard to make out, but security experts and others who looked at said the problems at the airport were clear.

“It’s a total screw-up in every sense,” said Fred Cate, a professor and security expert at Indiana University.

Cate was one of many security experts who viewed the video for the first time Thursday; many of them found problems that had not yet been pointed out.

“You have people right up against the exit lane,” Cate said, referring to secure and non-secure areas shown in the video being separated only by a rope. “In most airports, you have a corridor. But Newark doesn’t have room. They need some low walls to create an exit, so you don’t have people behind a taped barrier.”

The video was made public after U.S. Sen. Frank Lautenberg (D-N.J.) demanded it from the Transportation Security Administration and Port Authority in an effort to get help from the public in identifying the mystery man who caused Sunday night’s breach inside Terminal C.

Among the additional revelations, the video begs the question of how one TSA security officer could possibly keep track of so many people in the exit lane.

Nonetheless, it does show the officer was away from his post — a small desk near the area where people wait for arriving passengers — for 85 seconds.

While the officer is away from his post at the Terminal C-1 exit lane, a female passenger who had already been screened leans over the same desk to help a man get inside the secure area. The two embrace and walk away hand-in-hand, 30 seconds before the unsuspecting security officer returns to his post.

“I was enraged” by the video, Lautenberg said during a news conference at the airport last night. “To think, here’s a guard post and a narrow corridor — and this guy literally walked through. How could that happen?”

The TSA has said the man, who was not a passenger, later left the airport after seeing off the woman on her flight. Authorities are still trying to locate him.

“It really looked like there was some kind of pre-arranged planning — that he was going to go with her into the controlled area,” said Richard Bloom, director of terrorism, intelligence and security studies at Embry-Riddle Aeronautical University, who said his students pointed out problems revealed by the video all day.

The breach, reported by another passenger, shut down the major terminal at one of America’s busiest airports for nearly six hours, stranding thousands of passengers and tying up flights around the world.

When TSA officers went to review the security breach on a video surveillance recorder focused on the exit lane, they realized the camera system hadn’t been working for six days. That prompted them to try to access the video by Continental Airlines, the main tenant in Terminal C. But there was a delay because TSA called a number different from Continental’s operations center.

TSA was advised by Continental to call the operations center from now on, and TSA has volunteered to check the camera system regularly and work with the Port Authority of New York and New Jersey, which operates the airport, to make sure their cameras are working properly.

MONETARY DAMAGE

Airport security areas should be standardized around the country, said George Hobica, founder of airfarewatchdog.com, a travel web site.

“And obviously, this guy should be fired immediately,” Hobica said of the security officer. “He caused a huge amount of monetary damage — probably in the hundreds of thousands when everything is tallied up in missed vacation days, wasted jet fuel and police overtime.”

The TSA officer has been placed on administrative leave, an agency spokesperson said.

TSA has also added an extra officer in the exit corridor and stationed the officers farther back in the corridor to give them a better view of people walking the wrong way.

TSA spokeswoman Ann Davis said the agency is conducting a comprehensive review of the incident.

“The surveillance video from Newark Liberty Airport clearly shows that a TSA officer’s actions led to the Sunday incident,” the TSA said in a statement yesterday after the video was released by Lautenberg’s office. “We will use this hard lesson to reinforce the sharp focus and tight discipline at all our stations across the country and ensure we maintain the public trust.”

U.S. Sen. Robert Menendez (D-N.J.) last night pushed for additional measures. He called for video surveillance that continuously functions and is continuously monitored, as well as additional security layers to compensate for human error, such as electronic sensor equipment or one-way gates.

Menendez called the breach “completely unacceptable” and cited horror stories from Sunday night, including a member of the Armed Forces who was caught up in the delay and feared he would be classified as AWOL.

Christopher Falkenberg, a former U.S. Secret Service agent and chief executive of Insite Security, a New York security consulting firm, said the TSA should consider installing turnstiles or revolving doors to restrict access to secure areas.

“It’s simple technology that exists in every New York City subway,” he said.

Sunday night’s breach unnerved people for the security holes it exposed at Newark Liberty, more than eight years terrorists passed through the airport’s screening, undetected, on Sept. 11, 2001, and took over a plane that eventually crashed into a field in western Pennsylvania.

The TSA should use Sunday’s incident as an opportunity to improve, said Michael Wildes, an immigration attorney, anti-terror expert and former mayor of Englewood.

“A security system reduced to rote procedures and routine cannot suffice,” he said. “We should use Israel’s system as a model. The airport should be a sterile experience, and security intelligence should begin when travelers book their tickets.”

Douglas Laird, an aviation security consultant who formerly was director of security for Northwest Airlines, said finding the man who caused the breach might not be easy.

“In all my days at Northwest Airlines, we probably had 15 of these a year worldwide,” he said. “In no place did they ever find the person who caused the breach.”

Staff writers Brian Murray and Ted Sherman contributed to this report.

Supply Chain Security Threats: 5 Game-Changing Forces

CSO

December 16, 2009

By LAUREN GIBBONS PAUL

As any CSO knows, it’s not enough to mind your own business. You have to look after your business partners as well, across all links that connect to your supply chain—whether that chain is physical or virtual. And that goes double in times of rapid change and high stress.

“The threat environment is constantly changing,” says Ryan Brewer, CISO for the Centers for Medicare and Medicaid Services. “Sometimes it’s hard to put your finger on what’s most important.”

Who would have thought three years ago that piracy on the supply chain would be such a big concern? Sometimes the big worry is terrorism, sometimes it’s natural disasters, lately it’s malware. Here are the top five developments CSOs say have the biggest potential to wreak havoc on their supply chains.

No. 1 Game-Changing Force: ‘Black Swan’ Events

As Nassim Nicholas Taleb explained in his 2007 book of the same name, the term “black swan” refers to an event that is high-impact, hard to predict and rare. Black swans need not be negative (as in the case of 9/11) and can present times of great opportunity, but CSOs rightfully spend their time worrying about the former scenario.

When it comes to the supply chain, black swan events can include everything from disastrous weather to global pandemicto terrorist attacks. The problem is, if you prepare for the worry du jour, you may leave yourself exposed on other fronts. Case in point: avian flu. Warned that a large-scale outbreak of Asian bird flu would put supply chains at risk, global businesses braced for the worst. Executives discussed how the supply chain might be affected if the flu broke out in China. Their plans rested on transporting and storing materials in other places around the world.

Then, early this year, H1N1 flu broke out in Mexico and spread quickly to unexpected regions like Australia. “Companies had to immediately reassess their plans because they were based on specific scenarios,” says Adam Sager, senior manager of business continuity consulting at Control Risks, a security consulting firm in Washington. This was a major wake-up call. “Companies realized they needed to better prepare for unexpected events and increase their knowledge of how their organizations could be impacted. If something is emerging on a global basis, they need to act before it affects their supply chain,” says Sager.

When a crisis hits—no matter where on the globe—you need to be able to understand and assess the situation using firsthand country- and location-specific information, says Sager. And you need bi­directional communication between crisis managers and the locale where the event is occurring. Sager notes that companies are discovering gaps between their crisis plans and their operations.

“They had security management and crisis management plans in place, but the missing link was integrating them with the business so people around the world could understand management’s position regarding critical things such as uptime, issue resolution and who’s responsible,” he says. This type of information is often not conveyed to the field in advance, a crucial error. Management needs to empower local decision-makers in advance to take action quickly to mitigate damage if certain conditions are met.

The plans have to address not just key supply chain nodes and specific scenarios that could occur, but also emerging security vulnerabilities. “That is a different mind-set and way of planning,” Sager says. “The security department has to come together with the operational/financial side of the business,” looking at all aspects of the supply chain, including where the different components are located and alternative sourcing arrangements. Sager puts his clients through tabletop testing, in which executives sit in a conference room and go through a scenario point by point with the key decision-makers, reviewing how they would respond.

Marc Siegel, commissioner for the ASIS International Global Standards Initiative, is leading the charge to develop an ISO standard for supply chain resilience. ASIS has already published SPC.1, its first organizational resilience standard, which it expects will be ready by the end of the year. “We think standards are the answer for dealing with [black swans],” Siegel says. “Companies have to develop a comprehensive [supply chain resilience] strategy because their resources are limited. This allows you to look at the full picture, rather than just separate out the different things.” For example, a strategy to prevent terrorism might work against piracy or help during an earthquake as well.

Organizations need to approach risk from a holistic standpoint, Siegel adds. “The problem with the risk du jour is that the likelihood of it happening varies so greatly between organizations that it can divert your attention away from doing a comprehensive risk assessment.” In short, it can make you take your eye off the ball.

No. 2 Game-Changing Force: The Rise of Malware

Information security matters also weigh on CSOs’ minds, though they are not as visibly related to the supply chain as physical security is. An organization (and therefore its supply chain) can be brought low by an attack on its information network as surely as it can be hurt by an attack on its cargo. Many CSOs say they are worried about botnets; two of the most pressing threats related to botnets are spam/phishing attacks on employees and the possibility of a resurgence in the denial-of-service (DoS) attacks that first appeared 10 or more years ago.

Ed Amoroso, CISO of AT&T, blames rampant technological complexity for the rise in malware. “The primary root cause for almost everything we deal with—commercial customers and everything—is complexity. The computers and networks that people set up and use have become way too complicated,” says Amoroso. Since no one knows exactly where all the connection points between systems lie, it is easy for wrongdoers to exploit them. “I’ve read that 95 percent of the spam that is floating around is botnet-originated,” he adds. “It’s all about complexity—people not knowing how to stop it on an individual, corporate and information security level.”

Like Amoroso, Joonho Lee worries a lot about the advent of integrated DoS attacks. “DoS used to be about large-volume traffic hitting your network,” says Lee, an officer for the National Incident Response Team and assistant vice president at the Federal Reserve Bank of New York. “Now, there are so many different types of attacks. It’s not just flooding you with traffic anymore. It’s flooding you with traffic that you can’t block.

“We have all the DoS protections, but I’m very skeptical about them always working. If you get hit by a 40-gig-per-second pipe, it’s going to knock you out, either your network or your provider,” says Lee. “The hackers are leveraging hundreds of thousands of machines. DoS is definitely back on the horizon.”

Rena Mears, a partner in security and privacy services for Deloitte & Touche, believes the malware supply chain is itself approaching maturity. “You go back a decade, and it was a few people doing mental gymnastics. Then we moved to an era where it was monetized [via phishing and spam]. The next step was the massive quick hit—equivalent to a bank robbery. Now we are seeing something much more insidious,” says Mears. Malware and its perpetrators are growing increasingly sophisticated.

Rather than carrying out the massive hit-and-run DoS attacks of the past, today’s malware seeks to sustain itself at a relatively low level, similar to the way a parasite survives in nature. “This is more of a constant-stream-of-revenue strategy. The malware agent can live below the organization’s pain threshold, but it siphons off information to compromise intellectual property or scoop up credit card information,” Mears says.

Lee, for one, does not believe that network service providers can adequately protect against the threats posed by new-breed malware. Amoroso of AT&T acknowledges that the situation is difficult, saying only that, like other providers, AT&T has developed multiple strategies for handling new-breed DoS attacks. He believes that the increasing popularity of thin clients will help thwart these attacks because they are simpler, with fewer moving parts to attack.

No. 3 Game-Changing Force: Economic Downturn

It is axiomatic that crime increases as the economy deteriorates. A number of threats—to physical security as well as information security—have become more pressing in the past year or so. Many CSOs expect the associated threat pool to continue to widen. Although the economy is forecast to improve slowly in the coming year or two, many experts expect the reshaped landscape will not necessarily signal a return to prosperity for all, or even most, of society. Some people will be desperate and therefore prone to desperate actions.

As the economy continues to falter, more and more people are losing their jobs, which often means losing their health insurance as well. Ray Biondo, CISO at Health Care Services (which runs four Blue Cross Blue Shield plans in Illinois), fears ongoing economic problems will cause wide-scale employee layoffs, which the company has so far managed to avoid. He fears the coming of a national healthcare plan could have the same effect. Biondo finds himself worrying more about insider threats to information and physical safety than he did a few years ago.

“I worry about internal physical threats and threats to our data. People become very anxious, and data leakage becomes an issue,” says Biondo. He believes he has taken all available measures to protect information and physical security, but he remains uneasy. Chris Falkenberg foresees increased threats to personal security, including the kidnapping of business executives abroad and attacks on high-net-worth individuals. “CSOs will have to deal with these things because they have to protect their executives,” says Falkenberg, president of security services firm Insite Security. He also worries that personal kidnapping could become a problem in the United States, though the country does not have the widespread governmental corruption that typically allows such activities to take root. He believes most CSOs do not have the internal expertise to handle this type of threat.

Lee, of the Federal Reserve Bank, believes emerging threats such as malware and attacks by insiders require stronger communication between the information security and physical security groups, as well as any other departments that get involved when there is a problem, such as legal. “There needs to be better teamwork. It’s not just training,” he says. “Even if these groups do speak to each other, they usually would just offload the case onto the other side. Everyone involved needs to know the logical next steps. There needs to be recognition of joint ownership of the problem.”

No. 4 Game-Changing Force: Data Explosion

Data is now so ubiquitous and so pervasive that people lose sight of it. Even many manufacturers today are so massively involved in data, they never think of themselves as anything other than purveyors and users of information. The level of integration companies have with their processes and business partners is something they could not have contemplated just five years ago, says Mears. The explosion in both data itself and the practice of sharing data outside organizational boundaries presents a number of different kinds of risk.

Companies of all types and sizes share infinite amounts of information with business partners. This data is constantly updated and flows back and forth. “This is a two-way chain,” says Mears. “That means you are replicating data. We used to say ‘defend the perimeter.’ Many companies don’t even have a perimeter anymore.”

Data and information are assets, but executives don’t know what they have, where it all is and who is (and isn’t) protecting it. “It is very difficult to secure data when you don’t know exactly what it is and who you’re sharing it with and no one is on the hook for those decisions,” says Mears. This reality necessitates a risk-based approach to data protection. “You cannot protect all data anymore. Not all data assets are worth the same amount. You have to be sure there is a return on that data asset, just as you would with any other asset. You should provide security commensurate with the value of the information asset,” she says.

Deloitte is advising its clients to develop a more focused response to information security. In a highly integrated global environment, companies understand that their core intellectual property is at risk, but they cannot afford to protect the daily flotsam that is part of business as usual. “Data protection is now a C-suite and a board-level issue. Executives are beginning to think about how to maximize the return on their data assets,” says Mears.

No. 5 Game-Changing Force: Regulatory Burdens

Since Sept. 11, 2001, and the passage of the Sarbanes-Oxley Act in 2002, regulatory activity has been high in virtually every industry. This is certainly true in the food/beverage/agribusiness industry, due to the obvious importance of maintaining a food supply that’s safe from contamination, whether malicious or innocent. H.R. 2749, the Food Safety Enhancement Act of 2009, just passed. And Walmart made news in 2008 when it required all of its food suppliers to comply with the stringent GFSI (Global Food Safety Initiative) standard. According to Rick Shanks, this standard above all mandates traceability within the food supply chain.

“Many food processors are not prepared to deal with the level of traceability required by the regulation,” says Shanks, national managing director of Aon Risk Services, the risk advisory division of Aon Corp. Traceability requires a high level of supply chain visibility, which has not always been available. That makes it more difficult to mitigate a food contamination incident such as salmonella in peanut butter or listeria on deli slicers. “When you have a food event, you have to be able to trace it back to its source,” says Shanks. Aon recently announced a service offering that helps food processors and producers achieve the necessary visibility.

A related force reshaping supply chains in the food and beverage industry is consumers’ increasing demand for visibility into the provenance of their food. Produce and seafood have been labeled to indicate origin for a few years now. The current “locavore” trend—which emphasizes eating locally grown food—stems in part from consumers’ beliefs that food grown and consumed nearby is less likely to become contaminated. Here, supply chains are shedding links to help allay consumer fears.