Speaker Biographies and Programme Abstracts

Session 1

Hunter Burkall

Hunter Burkall is a Safety and Security Planning Specialist with the Abu Dhabi Urban Planning Council, UAE. Hunter received a Bachelors Degree in Asset Protection from Eastern Kentucky University, USA, and is an ASIS certified Physical Security Professional. Hunter is recognized by the American Crime Prevention Institute as a CPTED Specialist and Instructor, and is a member and instructor for ASIS's Security Architecture and Engineering Council. Hunter previously represented Marriott International as Hotel Director of Loss Prevention Operations and Corporate Manager of Loss Prevention Technical Services. He has since provided security consulting and design services for numerous corporate, government, and institutional clients around the globe. Hunter currently manages safety and security for urban planning and facility design projects proposed within the Emirate of Abu Dhabi.

Abstract

Crime Prevention through Environmental Design, or CPTED, is a relatively new concept in the Middle East. CPTED seeks to direct positive human behaviors through the design and use of the built environment and, in doing so, lead to reduced crime and fear of crime. This program is organized to provide an overview of the relationship between the built environment and crime, and specifically, the basic concepts and strategies that comprise CPTED. The basic CPTED strategies discussed will examine the language used and the strategies employed in a variety of international settings, in particular the United Arab Emirates.

Session 2

Jamil Darwish

Jamil Darwish has worked for the U.S. Secret Service for 18 years. He was initially assigned to the New York Field Office where he investigated various financial crimes and counterfeit currency cases. He was subsequently assigned to the Presidential Protection Division in Washington DC where he worked for several years before being transferred to US Secret Service Headquarters.

Mr. Darwish has taught financial crimes and counterfeit currency investigations at the International Law Enforcement Academy in Gaborone, Botswana. He is currently the Branch Chief for INTERPOL's Counterfeit and Security Documents Branch in Lyon, France.

Mr. Darwish has a Bachelor's degree in sociology and psychology from Queens College, City University of New York and a Master's Degree in International Relations and National Security Policy from Troy University.

Abstract

The presentation will describe the efforts by INTERPOL's Financial and High Tech/Counterfeit and Security Document Branch's (FHT/CSDB) in combating currency and security document counterfeiting, border security and financial crimes and will detail its programs, training, web based initiatives, conferences and latest endeavors.

It will also emphasize CSDB philosophy in utilizing Public/Private partnerships in order to help achieve INTERPOL's objectives. CSDB works with many law enforcement organizations, public institutions, and private industry in order to achieve its mission as they all contribute various levels/types of expertise.

And will highlight a few of FHT/CSDB's initiatives to include Project S-Print, INTERPOL's Birth Certificate/Registration Project, and INTERPOL's Travel & ID Document Reference Centre. A portion of the presentation will focus on how counterfeit identity documents and illegally obtained genuine identity documents facilitate financial crimes, drug trafficking, terrorism, and trafficking of human beings. I will also highlight how organized crime utilizes aforementioned to further their criminal activities. Essentially how one facilitates the other.

Session 3

Paul Beat

Paul Beat is responsible for delivery of Control Risks consultancy throughout the Middle East and Africa. With more than 800 consultants deployed in up to 20 countries in the region, he assists companies to operate securely in complex or hostile environments. Paul additional oversees the Global Maritime team based in Dubai. Before joining Control Risks, Paul was a security adviser for a large multinational advising on management security and community policies, emergency response policies, mass evacuation, extortion and fraud, as well as human rights issues. Paul served as a commissioned officer in the British Army and qualified as a counter terrorist instructor, jungle warfare instructor and parachute instructor. Paul appears regularly in the media to comment on maritime security, crisis management, security and current affairs.

Tim Stear

As Global Head of Maritime Security, Tim manages Control Risks' team of regional maritime practice leaders based in offices worldwide as well as advising group management on all maritime issues. Tim is responsible for delivering consistency and high standards to maritime clients and oversees all maritime services Control Risks provides, including bespoke maritime security plans, training and transit security. Tim is also Control Risks General Manager for the Middle East, managing offices in Dubai, Abu Dhabi, Pakistan and Saudi Arabia. Tim frequently appears in the media and at speaking engagements around the world advising on Maritime Security. Tim will also be publishing a White Paper on Maritime Security in 2012.

Abstract

Over the course of the last 12 months, the profile of piracy incidents has drastically changed. This has lead to a change in position from major stakeholders in the maritime industry as they seek to mitigate their risk. Shipping companies are seeking solutions to help them navigate dangerous waters. Insurance companies are requiring armed maritime protection and flag states are advising companies to take arms on board, but what are the consequences of this escalation? Looking at evolving piracy techniques, mitigation measures and what the future holds, we explore the knock-on effects of this increasing threat on the international community.

Session 4

Carlos Velez

Retired Lieutenant Colonel from the Colombian Army with more than 30 years of experience in the security field, working for the government, international organizations, and multinational corporations. During his service, Carlos served in several combat units and participated in multiple anti-terrorist operations against drug cartels and terrorist groups. He applied his knowledge and skills in the international arena as part of the United Nations Blue Berets Corps during the War in The Balkans where he served for over 2 years. After his service in the Colombian Army, Carlos moved to the private sector where he has occupied security managerial senior positions in first-class corporations such as in Brinks Inc, Nestle and Johnson & Johnson. Those positions have contributed to his formation as a Security Professional. Carlos Velez is a recognized expert in providing security and protective services, investigative services, counter-terror planning and now services in the new area of supply chain security. He is the Vice chairman of the Supply Chain &Transportation Security Council, Chairman of the Interpol Committee-Law Enforcement Liaison Council and Chairman of the Supply Chain Security Committee. Carlos is an ISO 28,000 Lead Auditor. Carlos is currently the Global Supply Chain Security Director for Johnson & Johnson.

Carlos is also the Chairman of the Supply Chain Security Committee, Vice Chairman of the Supply Chain and Transportation Security Council and he is also the Chairman of the Interpol Committee.

Education: ISO 28,000 Lead Auditor, Military Sciences BA Degree from the Military University in Colombia, a major Degree in Business Administration from the Sergio Arboleda University, and a Postgraduate Degree in International Relations from the Jorge Tadeo Lozano University. He also attended the Security Executives Program in the Kellogg Business School, Northwestern University in Chicago, Illinois.

Abstract

Security in the supply chain to include storage, transportation and distribution networks is fundamental to preserving cargo integrity moved around the world. The supply chain itself extends from raw materials, manufacturing, storage, transportation and distribution of goods and services. Recent events impacting the global supply chain have captured the attention of the Management to include the "C-Suite", who are now devoting considerable time and resources to protecting their companies against terrorism, counterfeited goods, products diversion and theft.

Session 5

Matthias Ernst

As Vice President Global Accounts of ADT/Tyco, Matthias Ernst is responsible for a global operation that partners with ADT/Tyco's largest clients, providing them security advice and solutions around the globe. Services include development and design of customer bespoke security concepts, the deployment and after-sales services such as maintenance, monitoring and software support. Applications are globally integrated and service levels standardized for the entire business.

Abstract

Our global society is changing rapidly, as a result of increasing globalisation, the demands placed on the protection and security of the very fabric of society are increasingly under pressure.

ADT looks at how security and safety play an increasingly important issue in responding to the needs of society.

In this dynamically changing global economy and society we are facing some of the biggest challenges to our future. The population of the world is increasing at a rate that we have not seen before, the impact of the economic crisis will have lasting affects for many years to come, and our environmental challenges are increasingly becoming more imperative. All of these factors are having a significant impact on society right across the globe and have a major impact on the security and safety of our world. From the protection of people within borders, to the safety of our critical infrastructure and protecting our global supply chains to the very core of our behaviour in society, as the world becomes more populated and resources are challenged we look at the role of safety and security on the needs of the global society.

Session 6

Malcolm Smith, CPP

Malcolm Smith is an accomplished security professional with over 25 years' experience in the security field. He is currently the Corporate Security Strategist at MCS Associates. Previously he was the Head of Security for Diageo Africa, the Regional Security Manager for Shell Oil Products Africa and Head of Security for Old Mutual. Malcolm began his professional career in the South African Defence and resigned as Branch Commander. He also served as Unit Head [Scorpions, Senior Special Investigator] at the Directorate of Special Operations, and worked as Independent Security Consultant for Olive Security in Iraq and Kuwait.

Malcolm earned the Henley Executive MBA and a Bachelor of Laws (LLB) from the University of South Africa. He is a Certified Protection Professional (CPP) and a Certified Management Consultant with the International Institute of Management Consultants.

Malcolm currently serves as the Regional Vice President (Region 43) for ASIS International, is a member of the Chief Security Officers Roundtable, and a Fellow at the UK Security Institute.

Abstract

The general inability of the security function to demonstrate how it impacts positively on the bottom line often results in its marginalisation. Without holistic performance measures it is not possible to demonstrate strategic performance in a form that business leaders will most clearly understand. The security function needs to collect metrics to highlight how it performs against the organisation's strategic goals. The BSC approach can help to assess security's financial and non-financial performances. The BSC is a strategic planning and management system used to align business activities to the vision and strategy of the organization, improve internal and external communications, and monitor organizational performance against strategic goals.

Session 7

David Cresswell

David Cresswell CPP PSP is Managing Director of the ARC Training International Academy for Security Management, a UK-based organisation specialising in security management professional development, including postgraduate university-accredited courses, Edexcel BTEC professional awards and preparation courses for the ASIS CPP and PSP certifications.

David is the Professional Development Lead for Chapter 208 (UK) and is a member of the ASIS European and Middle East Advisory Committees. As a trainer he has successfully prepared hundreds of security professionals for ASIS certification awards, and achieved a 100% first time candidate pass rate with UK CPP and PSP students in 2011.

Abstract

Unprecedented economic challenges have resulted in a highly competitive job market. You need to differentiate yourself from other professionals contending for the same positions. Leverage the scope and strength of your knowledge and experience, and validate your professional competencies by earning your board certification from ASIS International (ASIS) — the world's preeminent organization for security professionals. The CPP certification is ideal if you are a security manager or consultant and you want a credential that will demonstrate a benchmarkable level of security management competence.

If your work involves the specification or selection of physical security systems either as a consultant or an end user, then you should consider the PSP certification, which will provide you with the knowledge necessary for successful security risk analysis and security systems project management.

The PCI certification provides you, and those with whom you interact, with a benchmark standard in investigating.

Session 8

Pete Dordal

Pete Dordal is the Senior Vice President for GardaWorld, and responsible for our operations in Afghanistan and Central Iraq, as well as overseeing our Washington DC office and driving strategic US partnerships. Previously he served as President of a large security and investigations firm where he conceived, designed and executed the creation of a security and investigations platform with the acquisition and integration of six companies in three years. Pete is a U.S. Marine Corps Special Operations veteran. He holds a Masters of Business Administration from the McColl Graduate School of Business and a Degree in Security Administration. A frequent media commentator on terrorism and security issues, he sits on the Board of Directors of Nevins, Inc. and Executive Security International, Ltd., one of the oldest security training academies in the U.S.

Abstract

Arab Spring and Impacts to the International Private Security Industry: combined with various Revolutions in the Middle East with US Military draw downs in Iraq and Afghanistan we will explore the pro's and con's to PSC's operating in the region.

Session 9

Bill Nelson

Bill Nelson is a consummate security professional and manager with a wealth of international experience, Bill leads the ARUP Security Consulting Business in the Middle East and has worked on such projects as Guggenhaim Abu Dhabi; Yas Island, and heart of Doha. A Former Lieutenant Colonel in British military intelligence with a wide range of international operational experience, he has worked in the commercial security sector for over 12 years. His experience includes corporate security management with Mobil Oil and Bechtel, security service provision and business management with G4S, and before joining ARUP he operated as a freelance consultant concentrating on high risk projects. He has lived in the Middle East for 7 years and previously in the former Soviet Union for two years.

Abstract

Any visitor to the Middle East is familiar with unattractive ad hoc security measures, usually imposed after a serious security incident; invariably incongruous mitigation and worryingly of doubtful efficacy. Security consultants are often appointed almost as an afterthought, and their associated design and engineering activities have never enjoyed the same obligatory status as those surrounding the design of fire prevention and life safety. This ignores the potential to develop a risk-led approach offering savings to clients of proportionality, procurement, operational efficacies, and importantly pleasing aesthetics. This presentation champions the cause of security risk management in the region's built space.

Session 10

Andy Davis

Andy served in the British Army for nine years before joining Durham Constabulary his local police force where he remained for 12 years. Since 2002 Andy has worked for the British government in security and risk management roles. He has undertaken overseas assignments that have seen him operate in Uganda, Latin and Central America, the Middle East and in Pakistan. Andy is a regular speaker at international security conferences and is a former visiting lecturer at a British University. Andy holds a Msc. in Security and Risk Management from the University of Leicester and is also qualified to CPP level.

Kaleem Ahmed

Kaleem Ahmed has served in Pakistan Army for ten years on various command and staff appointments before joining Pakistan Petroleum Limited. Actively participated in various operations against terrorists organisations operating in Pakistan. Served in Siachin the highest war zone for one year. Currently performing duties at Sui Gas Field which is major natural gas producer of Pakistan in security and risk management roles. Kaleem Ahmed has delivered various presentations in Army conferences and is a recommended instructor by Pakistan Army. He is currently preparing for CPP exam.

Abstract

The presentation will cover the dynamics of terrorism in Pakistan from two distinct viewpoints. Firstly the Pakistani viewpoint will offer a greater understanding of what actually constitutes terrorism in Pakistan. It will seek to educate the audience differences between perceived Western thoughts and factual realities of the terrorist organisations. The second viewpoint will be from a European Security Manager who have operated in Pakistan and will outline the actual threats that international organisations face when operating in Pakistan. Both presenters will seek to advise and educate the audience with the hope of adding some clarity to a confused and often misquoted situation."

Session 11

David Natelson

David Natelson has over 25 years of Executive Management, Product Development, Consulting, and Marketing experience in the Security and High Technology fields. Mr. Natelson is currently the President and Chief Operating Officer (CCO) for Nasatka Security a Security Manufacturer and System Integrator based in Clinton, Maryland USA.

Prior to Nasatka Security, Mr. Natelson was employed at Approva Corporation as the VP of Sales for U.S. Federal Sales, Canada, and the Eastern USA territories. Approva Corporation is a software company based in Reston, Virginia that focuses on IT Systems Compliance. David's key clients while at Approva included Raytheon, Bombardier, Comcast, NASA and the U.S. Department of Interior. Mr. Natelson graduated from Vanderbilt University in 1986 with dual B.S. degrees in Mathematics and Computer Science and graduated from The Johns Hopkins University Whiting School of Engineering with a M.S. degree in Computer Science in 1989. In 2004, David attended the Stanford Business School Executive Program in Strategy and Organization (EPSO).

Abstract

David Natelson will be discussing of how to access and better secure the network, copper, fiber, or TCP/IP, used to control remote devices such as active vehicle barriers/road blockers, bollards, gates, and crash beams. Discussion of why it is important from an operational managed device standpoint as well as from cyber security threats.

Session 12

Robert Hall

Robert Hall is the Managing Partner of the Clear Horizons Consulting Consortium, which specialises in risk, resilience and security management, as well as Special Adviser to companies based in Budapest (CNS Risk) and Dubai (CRI Group). Robert has 20 years' experience in senior managerial positions in both the public and private sectors, including two FTSE-100 companies. He has written extensively on strategic and intelligence-related issues, and presented to previous ASIS conferences. He is a member of a sub-group of the BCI Corporate Partnership currently examining discipline mapping in connection with resilience.

Abstract

Much is spoken of the word 'resilience'. It means many different things to different people, depending on the locale and circumstances. However, very few people truly understand what it means in practice. This presentation will aim to establish its significance where dramatic changes and dynamic business environments mean that the ability to bounce back after a crisis - and adapt - is a key element of success and security. The study will consider the key components of resilience and relate them to recent events in the Maghreb and Middle East so that the audience will be able to build on existing security structures but convert them into a more relevant platform for the future.

Session 13

Hollice Stone

Hollice Stone is a Security Engineer with 20 years engineering, blast, antiterrorism, and emergency response experience. She has worked in Afghanistan, Iraq, UAE, Sarajevo, Uganda, South Africa and the US.

Abstract

Security Engineering provides vulnerability assessments and new and retrofit designs for protecting people, structures and business operations from terrorist attacks including explosive, forced entry, mob, ballistic, and mortar and standoff weapon attacks. In High Threat environments, there are often no predetermined design criteria, and the threats are fluid and can rapidly worsen. The security engineering team must consider: multiple threats, often in combination as complex attacks become more prevalent; long to non-existent response times from local law enforcement; safe haven and evacuation requirements in hostile territories; and limited access to sophisticated building techniques and materials.

Session 14

Nasser Al-Buhairi

Nasser Al-Buhairi has vast amount of experience in intelligence and Security Operations. He fully appreciates the local security environment, and currently holds a senior security role within Kuwait Government and the Oil and Gas Sector. Graduated in 1999 from Britannia Royal Naval College and awarded the Royal Navy Sword of Honor (UK), and was recognized as the best officer cadet in the fleet (RN). Nasser served the Kuwait Navy in the field of force protection, and Naval Warfare and the Intelligence and Security Department in the field of intelligence and counter terrorism before he moved to the consultancy field and corporate security. Nasser has an excellent knowledge of the Middle Eastern security environment based on very recent experience with Governments and Security agencies in the region.

Abstract

This presentation will intend to familiarize non-intelligence Specialists with Security Intelligence methods and operations for Analyzing threat activities. This will be achieved by following a systematic approach starting with describing the threat environment and the nature of challenges in the MENA. Followed by introducing the audience to the Intelligence and Counter Intelligence operation in a context close to industrial and critical infrastructure security operations, this will lead to the discussion of the Indication and Warning concept. We will sum up by discussing selected cases to apply theories learned in the lecture to real events.

Session 15

David Patterson, CPP, PSP

David Patterson has 30 years experience as a corporate safety and security manager and consultant for the worldwide operations of high technology, insurance, and industrial companies as well as government agencies. He is a recognized author and lecturer with the ASIS International Council on Physical Security in the areas of anti-terrorism, security systems integration, safety, policies and procedures and business continuity planning. He is the author of the books "Implementing Physical Protection Systems: A Practical Guide" and "The PSP Study Guide".

Abstract

This presentation offers suggestions from the author's book on the same subject providing valuable information for industrial security managers getting ready to implement new security systems or upgrading existing ones. The entire security system life cycle is explained and the activities that need to be accomplished during each phase. Lesson learned, pitfalls, and problems to avoid are also discussed from actual experience. This session provides valuable information for security practitioners in any field that involves implementation of security systems.

Session 16

Dr. Robin McFee

Dr. Robin McFee is the ASIS Council Member - Global Terrorism, Political Instability and International Crime Council. Chair/Co-Chair Global Terrorism Council conferences. Co-Founder/former director - Center for Bioterrorism Preparedness Consultant to government, corporations, health care agencies, and the media on emerging threats, WMD preparedness. Medical Director, Threat Science - a preparedness consultancy. Practicing medical toxicologist. Co-authored 2 books on bioterrorism and emerging threats as well as over 50 articles on terrorism, avian flu, pandemic preparedness and emerging threats.

Abstract

Emerging diseases, environmental hazards – natural/manmade, terrorism, toxic weapons, product vulnerability, political unrest – all compromise the cornerstones of corporate security – protecting people, infrastructure, corporate function. These threats have emerged as globally important and can compromise more traditional security planning. Essential to security planning, is obtaining appropriate preparedness expertise. Such expertise often ignored beforehand, sought only as the emergency occurs – resulting in unnecessary losses. Preparedness experts with both medical and traditional security experience can enhance the likelihood of successfully addressing these threats. Examples where threats have been mitigated by such collaborations, and best practices based upon assisting clients world-wide will be discussed.

Session 17

Rens de Wolf

Rens de Wolf has been working with Fox-IT since 2002, where he has been the company's security officer for several years. In his current role as manager of the UK office and business development manager for the government, automation and Critical Infrastructure (CI) markets he is responsible for working together with these organisations to develop and implement security controls that provide the best level of security. The latest developments in the US and EU regarding Critical Infrastructure Protection are his current focal point and through Fox-IT he is involved with several large CI entities to ensure they are well protected from cyber threats through the application of leading edge technology.

Abstract

Recently, the North American Electric Reliability Corporation (NERC) has published the Critical Infrastructure Protection (CIP) standards, providing a compliance framework for the protection of national critical infrastructures, like nuclear power stations, smart grids, public transportation networks, gas and oil refineries and water treatment facilities. To protect these infrastructures from cyber attacks an Electronic Security Perimeter (ESP) must be established. The European Union and other countries are expected to follow soon. This presentation delves into the requirements for critical infrastructure protection, the reality of the threats and the mitigation options. Through real-world cases and examples NERC-CIP theory is put in practice.

Session 18

Matthew Horrox

Matthew Horrox is a certified management consultant, risk practitioner and seasoned security advisor, he is an expert on security risk methodology within the region (including the SVA, AS/NZ 4340 and ISO 31000 derivatives, ASIS, FEMA 452, CARVER, COSO and others). During his consulting career he has both authored and peer reviewed numerous security risk analyses (both in-house and consultant reports). He earned his Master's degree from the London School of Economics and his Bachelor's degree from the University of Wales. He is a registered MOR risk practitioner and MSP programme manager, qualified BS25999 business continuity lead auditor, a certified management consultant (CMC), a member of the Institute of Business Consultants in London (MIBC), and is a member of the UK's Royal Institute of International Affairs.

Fraser Lamond

Fraser Lamond has been with International SOS since 1999 developing the assistance services, air ambulance and emergency response services provided by the group within the Southern Africa and MEA region. Dr. Lamond is now responsible for managing the medical assistance delivered from the International SOS Dubai and Moscow alarm centers and for all air ambulance service delivery in the MEA region. Prior to joining International SOS, Dr. Lamond gained vast experience in both fixed wing and helicopter air ambulance evacuation and has extensive experience in pre-hospital emergency care and aviation medicine. He holds a BSc Hons in physiology, Bachelor of Medicine and Surgery, Diploma in Primary Emergency Care and is an aviation medical examiner as well as a registered specialist in Emergency Medicine in South Africa.

Abstract

The best way to assist employees during an emergency is to have the proper plans and procedures in place. Having resources able to execute those plans ensures that your organization does its part in protecting employee well-being and minimizing time away from work. It is important for management to understand the operational procedures and organizational risks associated with emergency planning and evacuation, especially how a medical emergency can quickly turn into a security incident. Attendees will learn the operational difficulties of mass and individual evacuations with focus on the limited resources and security challenges of the Middle East region.

Session 19

Andy Williams, CPP

Andy Williams has recently joined Temi Group – a Global Security Consultancy – as a Senior Partner based out of Istanbul.

Prior to Temi Group, Andy was Head of Security for TDIC – a UAE government entity engaged in master development of $10 billion+ of: tourism, cultural, leisure, education, environment and investment projects in Abu Dhabi - with key responsibility for strategic direction of design, planning and operational implementation of security on all projects.

This appointment was preceded by 15 years in the hotel industry, principally with Marriott International as a Regional Director of Loss Prevention covering UKI, Continental Europe, Middle East and Africa -travelling extensively in the field supporting 200+ operational properties and 100+ projects under feasibility, development or design at any one time.

On the vocational front, Andy served as a Regional Vice President for ASIS International; is a member of The Security Institute, The Royal Society for Promotion of Health, a CPP Certified Protection Professional and a former member of the European Institute of Corporate Security Management.

He has specialized security knowledge in relation to counter terrorism and crisis management within the commercial sector and has worked in liaison with: NaCTSO - The EU Council and United Nations Intelligence Crime and Justice Research Unit on projects relating to counter terrorism, security in public places and public, private partnership initiatives.

Prior to working in the private sector he was a member of London's Metropolitan Police, working on crime squads in the North East of London.

Abstract

A personal view of emerging risks in the region in 2012 and onwards using the risk treatment concept of OPTICS to focus and clarify future vision. OPTICS (Operational, Physical, Technical, Intelligence, Communications, Safety) is a simple risk treatment to any given security threat and risk profile ensuring each discipline of security is both considered and addressed. The presentation will expand on each element in the context of key risks relating to People, Property and Asset, leaving the audience to their own discretion on where to prioritize and allocate resources.

Session 20

Michael Legary, CPP

Michael Legary, CPP, specializes in enterprise security architecture, risk assessment and forensic procedure for high risk enterprise. As a Principal of Seccuris Inc, Michael helps address business risks associated with Intellectual Property, Technology and Compliance for enterprise and government clients around the world. Michael's core passion lays in development of cutting edge security initiatives. Through the SABSA Institute and Seccuris Labs, Michael focuses include research regarding enterprise assurance architecture, auditing infrastructure, trusted systems design, risk assessment and forensic methodologies. Specialties Corporate Governance of Audit, Information and Enterprise Security Compliance Architecture Security Architecture Digital Forensics Incident Handling Threat & Risk Assessment Vulnerability Assessment Security Information & Event Management Instruction and Presentation.

Abstract

From employee investigations, systems audit and eDiscovery to technical analysis and incident handling, Digital Forensics has become a required capability for any information based organization. Michael will discuss what issues are enterprises facing that are driving the need for a digital forensics program, describing the requirements that should be considered by any organization. A discussion of the common service mechanisms and an Enterprise Forensic Response Service (EFRS) and the key considerations for implementation and service management will be highlighted as Michael shows how leading organizations have used EFRS to reduce impacts and realize new business opportunities across the globe.

Session 21

Jean Perois, CPP, PSP

Jean Perois, CPP, PSP, is a seasoned security professional with a vast experience in Physical Security in the Middle-East (Saudi Arabia, Qatar, UAE and Bahrain). He is currently Vice President Risk Enterprise at Risk management International in Bahrain. He is currently Vice President Business Development at RMI Middle East, Saudi Arabia.

Abstract

In spite of recent criticisms, the Security Vulnerability Assessment is a formidable tool to assess the security posture of a facility provided its limits are understood and its objectives clearly expressed. This presentation will allow managers, directors and heads of security departments to understand the SVA process, evaluate its contents, assess its recommendations and propose cost-effective solutions to Senior Management to improve the facility security posture.

Session 22

Omar Khawaja

Omar Khawaja has over a decade of experience in the delivery, development and management of enterprise security solutions. Over the past few years, Khawaja has been focused on assisting enterprises in the areas of data protection, healthcare and cloud security.

Khawaja has designed and implemented mission critical networks and security infrastructures for financial firms, e-commerce environments and government institutions. Khawaja has also worked with enterprises to identify, classify and assess critical assets to determine business impact of potential threats and develop plans to attain an acceptable level of risk. In addition, Khawaja has managed networks for some of the world's largest service providers.

Khawaja frequently advises security leaders in the Global 1000 and speaks at industry conferences (RSA, ISSA, CSO Perspectives, ISF...) on the topic of making security more business-centric. Khawaja has an undergraduate degree in electrical engineering from Georgia Tech and an MBA from the Darden School of Business. In addition, he also holds several Cisco certifications, is a CCSK and CISSP.

Abstract

One of the few constants in IT is convergence. The latest convergence IT departments are facing is one consisting of historically orthogonal constructs: remote access, guest users, cloud sourcing and mobility. Information security leaders have the task of ensuring compliance and data protection through this business-driven convergence. In this world, it is becoming increasingly difficult for security decision makers to say "No".

During this session and case studies, we will demonstrate how cloud and mobile are symbiotically intertwined; therefore, securing them should not represent distinct efforts. we will propose a new approach to architecting a security program - one that accommodates the needs of the business vis-à-vis cloud and mobile (security leaders can say "Yes") without taking on unreasonable risks and counter to many conventional security programs, this approach suggests starting with what the business cares about (assets, impact) and then ending up with the associated controls. The presentation will show how a strong security program can give organizations a head start in addressing other (seemingly disconnected) components of a security program.

Session 23

Berndt Rif, CPP

Berndt Rif, CPP, worked as high risk flight agent and profile agent at Amsterdam Airport Schiphol. He was also head of the security department at the Academic Medical Center in Amsterdam. After leaving the university hospital he worked as security coordinator and information security officer for the ING Group. Before he joined the Dutch Central Bank, in June 2007, he worked for the Ministry of Interior and Kingdom Relations. Berndt Rif holds a Bachelor Degree in Policy and Culture, a Master of Science Degree in Policing and Public Order Studies and a Master of Business Administration degree in Security Management. Berndt Rif is chairman of the European Council Activities Subcommittee and chairman of the Information Asset Protection and Preemployment Screening Council at ASIS International.

Abstract

Criminals and terrorists use the three gates approach to gain access to our companies assets and information. They attack our physical security measures (physical gate), they attack our IT security measures (logical gate) or they start working for our organization as an employee or vendor (human gate) and as such get automatic access to our assets. The only way to protect our companies against criminals and terrorists is a shared threat perception as a basis for security measures taken at all three gates. This presentation will explain the three gates approach and focus on our adversaries method of operation.

Session 24

John S. Cowling

John Cowling is a Senior Consultant within Control Risks Security Risk Consultancy practice who has been working in the Middle East region for over six years. His experience over the previous 25 years has been within the sectors of; Protective Security Consultancy, Risk Management Consultancy, Government Prison Service, Project Management, Training, Event Management, and Finance. Highlights of John's recent experience include:

• Development of Risk Management framework, tools and knowledge transfer in alignment with ISO 31000:2009 for a Middle East government utility.
• Managed the security training centre of a regional oil and gas company whose diverse range of training programmes achieved accreditation to Australian national standards

Alex St. Matthew-Daniel

Alex has management oversight for all consultants that Control Risks has embedded within client operations throughout the Middle East.

Alex is a qualified project manager and gained valuable experience on risk management projects in Iraq and Afghanistan. In 2003 Alex joined Control Risks in Nigeria where he successful managed and built-up one of Control Risks largest business operations. In 2010 Alex took up his current position in the UAE.

Educated at Repton and The Royal Military Academy Sandhurst, Alex served in the British Army completing 16 years of service in 2002 and leaving with the rank of Major. Alex took part in operational tours in Northern Ireland and the Gulf where he was commended for his part in Desert Storm.

Abstract

Regional turmoil in the region has opened up company thinking to look at new and innovative methods of filling the gaps of the resource needs in such a manner that allows for the input of specialist skills without being restricted by organisation constraints. This allows organizations to cope with the rapidly evolving regional security environment and future proof their business to mitigate threats and risks by engaging a diverse range of security specialists to meet the fluctuating and often temporary needs of the organisation which otherwise may not be adequately managed by directly employment of a single specialist.

Session 25

Dennis Shepp, CPP, PCI

Dennis Shepp, CPP, PCI is currently an independent security management consultant, educator and corporate trainer. He recently was an advisor for King Abdulla University of Science and Technology (KAUST) in Jeddah, Saudi Arabia following a two-year term as a faculty member with the College of Technology Project in the State of Qatar. Dennis was a senior partner for 25-years in a security management and investigative consulting firm. He graduated from the University of Alberta; Security Management program and has an MBA from Royal Roads University. Dennis is Board Certified in Security Management (CPP) and investigations (CFE) and (PCI).

Abstract

Today's response to threats and risks demands pro-active strategies which address a range of security and business program elements. These elements must be correctly selected, implemented, maintained, scalable, mutually supporting and capable of integration with one another as well as be measurable with respect to their performance. To assist, the availability of existing and newly emerging security standards facilitates the path to excellence. The presentation will discuss what this process might look like and present tools that will assist. In addition, we'll see how this positions security as a "business enabler" in your journey towards security excellence.

Session 26

Dr. Christoph Rojahn

Dr. Christoph Rojahn is an investigations and intelligence specialist with Deloitte AG in Switzerland. He is a graduate of the universities of Oxford, Birmingham and Munich as well as the ASIS/Wharton Program for Security Executives. He was previously responsible for internal investigations and security threat monitoring of one of the world's largest financial services providers. Dr. Rojahn has worked for several specialized consultancy firms as well as the German foreign intelligence service. He is ASIS RVP - Region 28 and has lectured and published extensively on issues like investigations, intelligence and terrorism.

Abstract

Research from various sources indicates that economic crime (including fraud, corruption and economic espionage) impacts on the vast majority of international corporations. Initiating, conducting and managing investigations into suspected cases provides a wide range of challenges for corporate security professionals, ranging from operational issues to legal considerations. At the same time, increasing regulation across the globe and many sectors mean that the importance of providing results to support the business is becoming more and more important. This presentation will discuss the investigative process, focusing in particular on the challenges associated with cross-border operations and multi-jurisdictional environments.

Session 27

Lt. Col Dato' Husin Jazri

Husin Jazri has more than twenty years of experience in information and communication systems security obtained from a long-time military career and his work with research institutions and government agencies in Malaysia. He is currently the Chief Executive Officer of CyberSecurity Malaysia, an agency under the Ministry of Science, Technology and Innovation (MOSTI).

He holds a Bachelor's Degree in Engineering from the University of Hartford, Connecticut, U.S.A., a Post Graduate Degree in System Analysis from University of ITM, Malaysia, a Master of Science Degree (with distinction) in Information Security from Royal Holloway University of London, U.K., and a Master of Business Administration Degree from the University Putra Malaysia. Col. Husin Jazri has been a visiting lecturer at the University Technology Malaysia since 2004.

He was a member of the (ISC)² Board of the Directors from 2006-2008, Chairperson of the Asia-Pacific Computer Emergency Response Team (APCERT), Chairperson of the Malaysia IT Security Association from 2003–2007, and Vice President of Institute for Mathematical Research, University Putra Malaysia (UPM) from 2006-2008.

He is currently a member of the (ISC)² Asian Advisory Board, Chairperson of the Organization of Islamic Countries Computer Emergency Response Team (OIC-CERT), and Chairperson of the Malaysian Vocational Advisory Committee - Information and Communication Technology (ICT) and Department of Skills Development, Ministry of Human Resources.

Husin Jazri was the 2009 Showcased Honoree for (ISC)²'s Asia-Pacific Information Security Leadership Achievements in the Senior Information Security Professional category and the recipient of the prestigious (ISC)² Harold Tipton Lifetime Achievement Award in 2010. Col. Husin received the 2010 ASEAN Chief Security Officer Award, Vietnam and the Malaysia Computer Industry Leadership Award 2010.

Abstract

People accustomed to protecting traditionally isolated assets, require new instincts as they face challenges in an increasingly connected world. Understanding the fast-developing threat landscape, now dominated by blended threats or APTs that co-ordinate the targeting of physical and technical vulnerabilities, including employees generally is a daunting task. So too is developing the ability to assess the proliferation of technical solutions and standards evolving to address them.

Offering examples from the front lines in the protection of critical national infrastructure, this session focuses on the human issues in a world where cyber threats are fast beginning to eclipse traditional challenges in security. It outlines who needs to understand the issues- technical, management, executives, and employees— how they can be educated, managed, and benchmarked to ensure the competencies required right across the organisation. Most lessons here apply to all.

Session 28

Jeffrey Slotnick, CPP, PSP

Jeffrey A. Slotnick, CPP, PSP is a highly regarded security consultant, with more than 28 years of experience, specializing in the Homeland Security Enterprise.

Jeff is peer recognized as a "Thought Leader" and one of the "Critical Architects in the homeland security enterprise". Jeff is responsible for the some of the latest advancements in All Hazards Disaster Resilience, Organizational Resilience Management, and Standards Development. As the President of Setracon Inc he is focused on the professional development and training of security, law enforcement, and military personnel, the provision of exceptional security services, protective services, risk, vulnerability, and threat assessments, and preparing Emergency Response Plans/ Business Continuity Plans.

Mr. Slotnick has extensive experience in the Public Works and Utilities field with specific expertise in Water, Waste Water, Dams, Transportation Infrastructure, Light and Heavy Rail, Supply Chain, Religious Institutions, Schools, and Power Co-Generation Facilities. Jeff is a member of the International Society of Explosives Engineers, The Infrastructure Security Partnership, Association of Threat Assessment Professionals, and ASIS International where he serves as ASIS International Faculty, Chair of the Physical Security Council, and Assistant Regional Vice President for Region 1a ASIS International. Jeff is a Reserve Law Enforcement Officer for the past 10 years.

Abstract

Today's Security professional touches all aspects of Security and Risk Management and all professional aspects of the Enterprise. The CEO, CFO, CIO, COO, CHRO, and CTO are just learning how to interact with the CSO! Part of the responsibility for the education of the "C" suite resides with us! But in order to be effective trainers we first have to study ourselves. This session will assist you in understanding our impact on the enterprise including internal and external relationships (critical interdependencies), the ability to identify all forms of Enterprise Risk, and having a firm grasp of core business management principles.

Session 29

Dr. Mohamad Z. Zineddin

Dr. Zineddin is the Director of joint programs and associate professor in practice in the Institute for International and Civil Security (IICS), and the department of Civil Infrastructure and Environmental Engineering (CIEE) at Khalifa University for Science, Technology and Applied Research (KUSTAR). Before joining KUSTAR he was a consultant and lead subject matter expert for Abu Dhabi government in safety and security engineering, protective structures, blast effects on modern structures, physical security, force protection, antiterrorism design and assessment. He obtained his Bachelor of Science, Master of Science, and Ph.D. degrees in Civil/structural Engineering from the Pennsylvania State University (Penn State) with a specialty in structural dynamics, protective structures, and civil engineering materials. Before moving to UAE, he served as a professor of civil engineering and director of research at the United States Air Force Academy (USAFA). He taught senior level structural engineering design courses and developed new courses in the areas of antiterrorism protection, physical security, hardened structures and blast engineering to educate the future leaders of the US Air Force. He also developed new research programs related to the improvement of blast resistant materials and blast mitigation design methods. Dr. Zineddin was internationally selected as a member of the Editorial board of the International Journal of Safety and security Engineering. He has authored numerous technical engineering journal articles and has been honored with many teaching awards. He is involved with various national and international professional organizations. He is a lifetime member of the Engineering Honor Society (Tau Beta Pi), a member of the Society of American Military Engineers (SAME), a member of the American Concrete Institute (ACI), a member of the American Society of Civil Engineers (ASCE), a member of the American Institute of Steel Construction (AISC), a member of the American Standard of Testing Materials (ASTM), and a member of ASCE/SEI (59-11) Standards Committee on Blast Protection of Buildings.

Abstract

The fundamental goal of protective construction is to improve the probability of survival of people and other contents in a given facility for a given threat. It is important to realize that the protective building is the last layer of defense against a threat and that all other protective measures (intelligence, law enforcement, surveillance, barriers, etc.) have failed if the threat can be projected onto a facility. This implies that a designer must "know" the threat before conceptualizing the design and this may not be possible in many cases. Attackers can use various weapon systems in different combinations and such events cannot be predicted. However, using reliable information and objective threat and risk assessment can produce effective estimates of such incidents.

Physical security can be achieved by a variety of means and devices with a wide range of capabilities. These capabilities can be used to enable detection, deterrence, delay, and prevention of hostile activities. Structural hardening is a passive defense capability; it is only one aspect of these considerations and should be addressed in the broader context of physical security. As with any other fortification technology, passive defense alone cannot be used to protect against mobile and constantly varying threats.

Session 30

Ramon Grado, CPP

Ramon Grado, CPP, is currently Director of Sales, Latin America/South America at CNL Software, Inc. An ASIS Certified Protection Professional (CPP), his security background includes managing physical security forces as an Infantry officer and vast experience developing new international markets for firms such as TYCO and Schneider Electric/Pelco.

Abstract

The fast-growing implementation of IP video demands that systems integrators change the way they approach their job. Simply comparing the cost of a network camera vs. an analog camera can lead to serious errors in analyzing project Total Cost of Ownership. The entire system must be considered, and assessing the suitability of the individual components is crucial. Presentation agenda: (1) Defining Total Cost of Ownership; (2) TCO Elements and Analysis—Analog Installation; (3) TCO Elements and Analysis—IP Installation; (4) Case Study; and (5) Lessons Learned. Presentation target audience includes architects, consultants and engineers, as well as security system integrators.

Session 31

Marc Siegel

Marc Siegel is Commissioner heading of the ASIS International Global Standards Initiative. He represents ASIS at the International Organization for Standardization (ISO) and at regional and national standards forums. Siegel works with ASIS International and national standards bodies on five continents to develop international and national risk management, resilience, security, preparedness, and continuity standards as well as provides training on their implementation. He is a RABQSA International Certified Security Management Systems - Business Improvement Lead Auditor as well as a certified trainer and Skills Assessor for the ISO 28000 – Security in the Supply Chain Lead Auditor Certification Program.

As an Adjunct Professor in the College of Business Administration and the Master's Program in Homeland Security at San Diego University, Dr. Siegel pioneered the concept of applying a systems approach to security and resilience management. He has worked with various countries to develop management systems standards for security and resilience in individual organizations, as well as for their supply chains. In addition to developing the standards, he has overseen their pilot testing, providing training and guidance in standard implementation, risk assessment and management, and internal auditing for the pilot program participants.

Abstract

Assessing risk is the cornerstone of decision-making and planning for expected and disruptive events. Standards can help. By conducting an organized and comprehensive risk assessment you can better predict where to focus the resources you need to prevent and manage risks of disruptive events. The session will examine how to conduct a methodical risk assessment to tailor your risk minimization strategies.

Session 32

Guy Higgs

Guy Higgs is a global security, investigation, intelligence and brand enforcement management specialist with extensive experience in the Central Europe, Middle East, Africa and India with regard to the specialist areas of Security Management, Crisis Management, Investigations, Fraud management, Anti-Corruption / Oversight and Anti-counterfeiting.

Guy has 15 years of military and government service before joining the private sector in 2001. Since then he has lived and worked in Angola, Liberia, Jordan, Cyprus and now the UAE. Over the past 10 years he has conducted a number of security and investigation related missions across the Central, Europe, Middle East, Africa and India regions. In 2007 he joined Nokia as Regional Security Manager for MEA and then in 2010 he was given the additional responsibility of leading global security investigations. Guy is responsible for all loss prevention and security activities in support of protecting Nokia personnel and assets within the MEA region. Guy has a post graduate certificate in Secuirty management awarded by Loughborough CHaRM and is a graduate of the Nokia executive program at Wharton University, USA.

In his spare time he is a triathlete and is training for his first Ironman in July.

Abstract

Organization spend millions of USD a year on marketing incentive schemes in an effort to increase market share and profit. However, there is a high risk of employees and clients defrauding the organization. Many of the models used by organizations to promote marketing incentive schemes actually expose themselves to fraud. With some very simple anti-fraud and compliance programs this fraud can be prevented. In these challenging economic times what if you could demonstrate to your organizational leadership that these losses can be prevented, sales increased and brand reputation improved. By examining a typical case study learn how to identify the fraud, how to prevent it from happening and demonstrate the added value of your security/investigation team to your leadership.

Session 33

Julian Davies

Julian Davies specialises in the strategic and operational risks of operating in Yemen and the Middle East. He has worked in most areas of Yemen since 2007, and has in-depth experience of supporting mining and oil operations and exploration in areas largely beyond the control of central government. His main area of expertise is al-Qaeda in the Arabian Peninsula and tribal affairs. He regularly advises leading media on Yemeni affairs and supported the BBC during the filming of the documentary, 'The Incense Trail', which involved travelling by road through areas of Yemen usually considered inaccessible to foreigners. Julian remained in Yemen through the political unrest in 2011 and has firsthand knowledge of managing security risks in the context of severe civil unrest.

Abstract

The combined challenges of jihadi militancy, civil conflict, tribalism, the absence of governance, corruption and serious political unrest combine to make risk management operations in Yemen probably the most challenging in the region. The key lessons are taken from a case study of establishing Yemen's first mining venture in a remote northern region, but lessons are also drawn from oil and gas operations across the country. The presentation will include detail from firsthand experience on evacuation and business continuity management during Yemen's popular revolution in 2011.