Summaries, Abstracts and Bios

Opening Remarks

H.E. Sultan Bin Saeed Al Mansoori
Minister of Economy, UAE

His Excellency Sultan Bin Saeed Al Mansoori has been appointed as Minister of Economy in the UAE, effective 17th of February, 2008. His Excellency Sultan holds a Bachelor's degree (B. Sc.) in Industrial Engineering & Management Systems from Arizona State University - USA . He also has a Diploma in Computer System Analysis from the Institute of Computer Technology, Los Angeles, California - USA.

Keynote Speech

Strategic, Smart and Secure: Mitigating 21st Century Threats for Resilience and Continuity

Mr. Abdulrahman Wuhaib
Senior Vice-President, Downstream, Saudi Aramco, KSA

Abdulrahman F. Al-Wuhaib was appointed senior vice president, Downstream, on October 1, 2012. He previously held executive management positions as vice president, Information Technology; Engineering Services; Ras Tanura Refinery; Project Management, and Operations Services.

He holds a B.S. in Chemical Engineering from King Fahd University of Petroleum and Minerals (1976) and an MBA from the University of California, Riverside (1981).

Al-Wuhaib served as a board member for S-Oil, South Korea from 1999 to 2003. Al-Wuhaib was a board member of the Saudi Electrical Company (SEC) from 2002 until December 2005. He was appointed Chairman of the Board for Saudi Aramco Mobil Refinery (SAMREF), from January 1st, 2004. He was appointed to the Board of Petro Rabigh in 2005.

Session 1

The Science of Truth and Lies

Leila Edwards
Managing Director and Principal, Transformations Institute, UAE

Shakti Edwards
Consultant and Trainer, Transformations Institute, UAE


An introduction to Dr Paul Ekman’s evidence-based cross-cultural research that demonstrates how the universal facial expressions of emotion can provide valuable information in ‘reading people’ and distinguishing truth from lies.


The average ability of untrained people to distinguish between truth and lies or accurately read body language is no better than chance. For those involved in fraud, investigations and high stakes security situations, this skill is vital. This workshop will introduce the body of cross-cultural scientific research conducted over 40+ years by Dr Paul Ekman and colleagues, which has been used to develop models for differentiating between truth and lies across all five communication channels. This presentation will focus on identifying the reliable universal indicators of emotions on the face and spotting the rapid micro-expressions that cannot be consciously controlled.


Dr Leila Edwards, BA (Hons), MSc, MBA, Ph.D, PGCE, Cert.Couns. LCIP, Cert.SS, AIICPD, Dip.Ad.Hyp, MPT-SNLP, MNACBT, FAPHP, SQHP, FRSA
A leader in the practical applications of behavioural psychology. Formerly a Dean and Director in prestigious universities in the UK and GCC, her applied research in psychology, education, health, accelerated learning, creativity, and change management was honoured with a Women of the West Award. A Master Practitioner and Trainer for the international Society of Neuro-Linguistic Programming™ (NLP), and elected Fellow of the Royal Society for Arts, Manufactures and Commerce, Dr Leila is an entrepreneur who established the first UK and US accredited professional practitioner courses in the GCC, including Dr Paul Ekman’s cutting-edge behavioural science of emotional intelligence

Shakti Edwards, Dip.Perf.Arts, BA (Acting) RSAMD, IDCHPC, CSMC, MAPHP, NLP Master Practitioner (SNLP), Paul Ekman International Approved Trainer

Shakti brings her professional skills and many years of experience as a practitioner, teacher and trainer in the media and performing arts to enhance her current role as a psychological therapist and counsellor, NLP Master Practitioner & Coach. She is a specialist in Communications Skills, Emotional Intelligence and the Science of Truth and Lies.

Session 2

Beyond Best Practice: Threat Alert System

Glenn C. Schoen
Director of Risk Advisory, G4S, The Netherlands


Acute high-order security threats to organizations – be they companies or countries – frequently generate vexing risk management challenges. From terrorism to activism to IT hacks and worker strikes, unforeseen threat surges whether generate by an actual incident or based simply on information can overwhelm the unprepared and suddenly expose security gaps. Drawing on the latest research from three continents, eight country alert systems and recent lessons learned in places as varied as Oslo, Boston, Algiers and Sochi, this dynamic presentation focuses on the latest insights about threat alert (response) systems. Useful for those protecting everything from ministries and refineries to airports and global event sites.


Glenn C. Schoen (1963) is Director of G4S Risk Advisory based in Amsterdam, The Netherlands. He has had a varied career to date serving several governments, international institutions and over 300 companies with engagements in over 30 countries. He started out with law enforcement and progressed to security analysis, consulting and management. Prior to joining G4S in 2010 Mr. Schoen worked for, among others, International Security Management, TranSecur and Ernst & Young. He is a long-time specialist in terrorism and security management. Secondary activities include having served as a volunteer at the White House, a lecturer at Georgetown University’s SSCE program, and membership in various national and international security advisory panels, including OSAC and the United Nations’ ICRI. Mr. Schoen regularly shares his insights with the media and fellow professionals, having given over 1,000 interviews and 100 presentations for a range of professional audiences ranging from the UN, OPCW, Europol, ASIS, OSAC, ECSA, IAFCI, IFMA, ICC and IBSA to a range of Global Fortune 500 companies.

Session 3

Critical National Infrastructure in the Information Age

Nadeem Khan
CTO & Founder, Threat13, KSA


The rapid proliferation of information systems to manage vital systems in modern societies has introduced a set of network and procedural vulnerabilities that can be exploited remotely by malevolent adversaries.


Critical National Infrastructure consists of assets essential to the functioning of modern societies and is spread across the industrial, financial, military, utilities and health sectors with the relative importance of each, dependent on national priorities and associated threats. The primary threats to this asset class historically came from hostile state actors and physical security vulnerabilities exploited by terrorist activities. Another rapidly emerging threat is now accompanying the rise of information systems that perform vital functions and add another dimension to the challenge of critical national infrastructure protection. This presentation discusses the vulnerabilities within critical national infrastructure information management systems.


Nadeem Khan holds a Bachelor degree in Physics from the University of Manchester. Since 1999 he has been working with networks and systems security and was involved with the design and deployment of carrier telecommunications networks including the BT 21CN programme. In 2008, Nadeem conducted a Security and Data Centre Feasibility Study for a proposed ‘Smart City’ in Qatar through PricewaterhouseCoopers. In October 2009 he moved to Saudi Arabia to manage a national infrastructure programme for the Ministry of Interior that included establishing the security domain within the programme and designing the organisational information security management architecture. Nadeem is currently reading for an MSc in Information Security at the University of London and was appointed Director of the Security Consulting business division at Security Control Company in 2012, whose business activities cover Critical National Infrastructure and Government Ministries within the Kingdom of Saudi Arabia. Nadeem is currently reading for an MSc in Information Security at the University of London.

Session 4

Bringing the Organization into the Security Continuity Mindset

Alanood Alrabiah
Business Analyst, Saudi Aramco, KSA


This topic will cover more about putting physical security in line with business continuity concept by providing insights on how Security professionals should apply the business continuity concept when they first design their physical security system in order to bring the organization into the security continuity mindset.


Security is critical to nations; security professional always need to make sure that security is available around the clock. When systems are down, security monitoring operations stop which place the organization and personnel, the most valuable resource of an organization, and other assets at risk. While the ultimate goal of physical security is to deny unauthorized access to resources through the deployment of multiple layers of protection; the takeaway of today's challenge is how to incorporate physical security into the overall business continuity plan. Security must not be breached, weakened, reduced or removed just because business interruption has occurred.


Alanood Alrabiah is a Business Analyst working for Industrial Security Operations at Saudi Aramco. She has 9 years of IT experience on large SAP implementations where she led the technical team to implement new software solutions and enhance services procurement operational stability at Saudi Aramco in 2009. Alanood is Certified SAP Solution Consultant as well as Certified by Business Continuity Institute (CBCI) and holds a Bachelor of Science in Computer Science and a Master Degree in Business Administration from University of Liverpool. She is an active member and the newsletter chairperson of ASIS International, Dhahran chapter 72. In her current role, Alanood provides advice, insight and new solutions for security and the entire supply chain to enhance industrial security operations' business processes.

Session 5

Breaking Down the Silos: Real World Case Studies on the Integration Of Security, Risk & Resilience, From The Board Room To The Front Line

Nick Beale
Managing Director, ISARR, UK


Three real world case studies will share with you the key advantages and lessons learned from the integration of security, risk and resilience disciplines into a single management system


Understanding an organisations key assets, risks, tolerance and dependencies, and how these change based on operational environments and events, is a continuous challenge to many senior executives and their security, risk and resilience practitioners. The information exists within silos across departments and agencies, giving limited risk context and reduced efficiency and effectiveness, particularly within a crisis situation. Through the use of three practical case studies, the Egyptian crisis, a high profile business district, and the London Olympic Games, an integrated system dynamically linking the organisations risk profiles with operational events will be discussed, and the key advantages and lessons shared.


Nick is the founder and Managing Director of ISARR, and has designed and delivered a number of international security and resilience programmes integrating the ISARR (Intelligence, Security & Risk Resilience) web based software across oil and gas, financial services, public sector and government programmes. Nick has an extensive background in specialist security and resilience with a strong focus on technology systems. He was the Manager of the Business Strategy Group at Cyveillance International, a US based consultancy working with high profile clients such as De Beers, PWC, HSBC and JP Morgan. Prior to Cyveillance, Nick was the Manager of Research & Development for iDEFENSE UK, a Washington based Cyber-threat intelligence service provide.. Nick also worked with Cable & Wireless Communications where he created a knowledge management system and process for Intelligence led commercial Fraud Investigations. Nick served for 10 years in HM Forces and was awarded the Queens Commendation.

Session 6

Unit 61398 Cyber Attacks From Shanghai: Prepared?

Ali Pabrai
CEO, ecfirst, USA


The presentation will cover recent cyber-attacks overview on several industries, including banking, finance, healthcare as well as U.S. government agencies.


The brief describes step by step how attacks are launched on your networks without detection or discovery. Examine the critical areas that must be secured appropriately to ensure personally identifiable information is not compromised. Understand several threat scenarios, including, the hacker is in your attic, malware plantation, and techniques used to gain control of your critical servers to access passwords. More than ever before, these cyber-attacks require that businesses must perform a formal risk assessment exercise periodically to identify gaps that can be exploited. In this brief, we step through key areas that must be addressed within the scope of risk assessment exercise.


Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security+, is CEO of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to organizations worldwide. Mr. Pabrai has been a featured speaker at several conferences, including Naseba (Dubai), ISSA, HCFA, ISACA (Las Vegas), HIPAA Summit (Washington DC. San Francisco), Microsoft Tech Forum, Internet World (India), Kingdom Summit (Saudi Arabia), DCI Expo, Comdex, Net Secure, NCPDP, HIMSS, NCSBN and idIndiaExpo (New Delhi).

Session 7

How Can Organisations Reduce Their Exposure to Electronic Crime

Paul Wright
Manager, Professional Services and Investigation Team (Middle East, India and Africa), AccessData, UAE


Electronic attacks are being used to secure important employee and corporate information and intelligence. Therefore, the private sector needs to have strategies and policies to deal with them, and electronic crime per se. They need to identify where they are exposed and vulnerable that will give them a road-map of the risk they face. Then, they need to decide what their risk appetite is so that they can decide how to improve their cyber security.


Paul has extensive experience in the investigation of cybercrime, incident response and IT security, and in this role he is engaged on a daily basis in incident response and forensic investigations, services that helps customers who have been subject of a security breach and those who want to protect themselves from a breach.

Prior to joining AccessData, Paul worked as a cybercrime consultant, and before that within UK law enforcement for 26 years at a local, national and international level the last 10 years of his detective career specializing in Internet, network and computer investigations.

During this time, Paul was appointed as an operational team leader in the National Hi-Tech Crime Team Unit and head of Cybercrime for the City of London Police. In this role, he was the driving force behind the unit’s outreach programme targeted at the business sector, acting as the main liaison to the business community.

Session 8

The Power of Certification: A Middle East Case Study

Jean Perois CPP, PCI, PSP
Senior Vice President, Risk & Co, And ASIS Middle East Certification Representative, Kingdom of Bahrain


Security professionals have essentially two ways to obtain convincing credentials: Professional certifications and university degrees. In this presentation, opportunities for security practitioners operating in the region will be discussed.


Define what certifications and degrees mean in terms of requirement, involvement and credibility. Establish criteria for choices depending on the situation of the practitioner (age, background, experience, objectives, languages). The respective values of certifications and degrees to a prospective employer. An overview of the possibilities offered in the region in terms of ASIS certifications (through chapters, professional providers, etc) and in terms of academic degrees.


Jean Perois, CPP, PCI, PSP is a seasoned professional with a varied experience in the GCC where he as been operating in professional and managerial capacities for the last ten years. A CPP and a PSP , he has led several chapter CPP and PSP review courses, and led the 2 days CPP review course in Dubai at the last ASIS Middle East conference.

Session 9

A Framework for Managing Crime and Fraud

Torsten Wolf
Group Head of Crime and Fraud Prevention, Zurich Insurance Company, Switzerland


The session will show the framework Zurich Insurance uses to prevent, detect and respond to criminal and fraudulent activities committed by internal staff, distributors and third parties.


Enterprises are increasingly confronted with the challenging task to protect their assets and their reputation. Especially companies that operate across the globe find it extremely difficult to protect their operations from criminals and fraudsters effectively and in a consistent manner. With reference to Zurich’s comprehensive anti-crime framework the audience will get an understanding of crime and fraud risks an insurance organization typically faces and how these risks are being addressed by a multinational insurance organization. They can then reflect on how components of Zurich’s anti-crime framework may help enhance the fraud control environment within their own organizations.


Torsten Wolf is the Group Head of Crime and Fraud Prevention for Zurich Insurance. In his role he leads the Group’s efforts to prevent, detect and respond to non-claims related crime and fraud that is directed against Zurich. Torsten looks back on more than twenty years in the insurance industry where he worked across personal lines and large corporate business. Torsten is a Certified Internal Auditor and holds a Degree in Business Studies and Economics as well as a Master Degree in Business Administration. He is a regular presenter on topics of crime and fraud at international conferences.

Session 10

Critical Infrastructure Protection - Target Hardening & Testing - Are Your Security Systems Truly Ready For The Ultimate Test, and How Do You Know?

John Latouf
Security Specialist, Training Lead for Protection and Guard Forces currently with an International Security Firm in the Middle East


The 2 subject matter experts will provide a rare and unique inside look at their cutting edge and exclusive security framework and philosophy which has proven to be invaluable in defending high value targets and assets, such as critical infrastructures, nuclear facilities and nuclear assets. All applicable to the security professional of today and that can be benchmarked to a variety of applications throughout the security world throughout.


Session 11

ISPS Code 2.0: Including the Supply Chain in the International Maritime Security Code

Michael Edgerton CPP
Principal, Good Harbour International Consulting, UAE


Revisions to the International Ship and Port Security (ISPS) Code should include supply chain security requirements that address increased supply chain security concerns in addition to the existing requirements.


Since its implementation in 2004, the ISPS Code has been implemented throughout most of the world and sufficient time has transpired to determine its efficacy. During that same period of time, there has been increased focus on the security of the global supply chain as well as the ports and ships which handle most of the world’s international commerce. Therefore, in order to reflect the concern of the security of the supply chain, any revisions to the ISPS Code should include security requirements that address supply chain security in addition to the existing requirements.


Michael Edgerton is a Principal with Good Harbour International Consulting in Abu Dhabi, UAE. His work focuses on maritime security, security risk management, critical infrastructure protection, and crisis management. In his current position, he has worked in several countries, including; US, UAE, Yemen, Iraq, Afghanistan, Syria, Pakistan, Lebanon, and Jordan. Prior to entering the private sector, he served in the United States Coast Guard and United States Navy as a commissioned officer for 20 years where he spent much of his career specialized in security and intelligence. Mike has an undergraduate degree from Bucknell University, a Master’s Degree in Strategic Intelligence from Defense Intelligence Agency’s National Intelligence University and is a graduate of the U.S. Naval War College. He is also a Certified Protection Professional and a Fellow of the Security Institute. He is the author of the book, “A Practitioner's Guide to Effective Maritime and Port Security” and serves on the ASIS Council on Global Terrorism, Political Instability and International Crime.

Session 12

Automated Fingerprint Identification System (AFIS)

Turki Al Thonayan
Administrator, Security System Support and Identification Division, Saudi Aramco, KSA


The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data.


During the presentation, information about AFIS components and operations will be delivered as well as AFIS application and advantage of utilization will be shown. AFIS was originally used in criminal cases however lately, it has gained favor for general identification and fraud prevention. AFIS critical issues, best practices, and special interests will be explored


Turki Al-Thonayan is the Administrator of Security System Support & Identification Division in Saudi Aramco with 12 years experience in security field including computer security, computer forensics, and security operations of communities, industrial area and offshore. He is certified Hacking Forensics Investigator (CHFI), Ethical Hacker (CEH), Computer Crime Investigator, and Fraud Examiner with a solid technical background of information security experience and computer security policy breaches investigations. He has BS degree in Information & Computer Science and MBA degree both are from King Fahad University of Petroleum and Minerals (KFUPM). Also, He was the President of the Middle East Region of High Technology Crime.

Session 13

Terror at Mumbai: Game-Changing Concept of Terrorism and Precedence for Subsequent and Future Terrorist Attacks

David Gray
Professor, National and International Security, Campbell University, USA


This presentation analyzes the terrorist attack at Mumbai and how the operation has remarkably and inextricably changed the types, methods and strategies of terrorist attacks worldwide


This presentation examines the terrorist attack at Mumbai and argues it has changed the operational methods, strategies and objectives of terrorism worldwide. The strategic context of the Mumbai event and actual target of Mumbai are highlighted. Moreover, critical operational factors are examined including the individual terrorists, their training and selection, the assault ingress, attacks on individual targets, and key counterterrorism operational factors. Furthermore, additional tactical, operational and strategic elements are discussed. Finally and most importantly, this presentation explains how the dynamics of the Mumbai attack are crucial for United States and international counterterrorism efforts today and in the future.


Dr. Gray specializes in international and national security affairs. His expertise includes U.S. and international security and strategic studies; current global security issues; U.S. foreign and national security policy formulation and strategy; intelligence; political violence and insurgency; international terrorism; and international weapons proliferation.

A retired U.S. Air Force Officer, David is also a former, foreign service / Central Intelligence Agency officer and program director. He has extensive experience in the national and international security and intelligence communities and has completed assignments for the United States Departments of Defense, Energy, Homeland Security, Justice, and State, as well as, the United Nations, the Congress and the National Intelligence Council. He also served in a number of overseas assignments in various parts of Europe, Asia, Africa, and the Middle East and has worked with many defense, corporate, law enforcement, security and intelligence organizations and services worldwide.

Session 14

Web 2.0: Risk From Social Media

Pramod Bhatt
Intelligence and Security Professional, Security Risk Management, India


The use of social media applications by employees poses several risks, such as network congestion, compliance and data privacy breaches incidents, to companies that don’t have clearly defined security protocols.


The purpose of this presentation is to help security professionals proactively design social media risk management framework and risk mitigation strategies against the risks originating from the growing use of social media by employees, customers, vendors, cyber criminals and competitors. According to Nielsen, a global marketing and advertising research company, 75 percent of internet users regularly visit social networking sites. Manpower, a leading workforce solution provider, survey in January 2010 indicated that only 20 percent of companies worldwide have a social media policy. Moving forward, many companies will also be required to address compliance issues such as maintaining the records of employee’s social media communications.


Pramod is an experienced Intelligence and Security professional. Earlier, he led Protective Intelligence practice of Deutsche Bank in Asia. He was risk advisor to regional and country heads of Physical Security, Anti-Fraud, Cyber Forensics, Executive Protection, Business Continuity and Crisis Management. Pramod also worked as a risk management consultant in Asia. He consulted a number of Fortune 500 companies. He is an alumnus of Indian Institute of Management Ahmedabad and Risk Leadership School London. He is also a trained criminologist. With seventeen years of experience in the field of security risk management, Pramod has spoken at several international events such as ASIS International conferences in Orlando and Kuala Lumpur, Strategic and Competitive Intelligence Professional Conference at Philadelphia, ASIS CSO Round Table in Kuala Lumpur and Asia Crisis & Security Group in Mumbai.

Session 15

Integrated Crisis Response: Protecting Employees From Today's Evolving Security Risks

Daniel Richards
CEO, Global Rescue, USA


Devastating events affecting travelers are daily occurrences, with new threats rapidly outpacing traditional safety and security measures. International organizations must implement advanced systems to monitor and protect globally mobile employees.


As multinational organizations continue to expand into developing markets, employees are becoming increasingly exposed to modern security threats. Forward thinking organizations are proactive in preparing their employees against evolving international threats through the implementation of an integrated enterprise-wide approach to travel risk and crisis management. Proactive employee safety programs require internal and external integration between travel administrators and travel assistance and crisis response organizations. Integrated response between internal travel management directors and industry experts results in the highest likelihood of a positive outcome for employees involved in a security event or impacted by an act of terrorism.


Mr. Richards has served as the CEO of Global Rescue since he founded the company in 2004. He has planned and led crisis response services for hundreds of organizations, including extractions from many Middle Eastern, North African, and Central Asian countries. He is frequent speaker regarding crisis response, resiliency, entrepreneurship and insurance topics.

Session 16

Shrinking World; Expanding Risks – The Development of High Risk Travel Training

Paul Eddings, CPP
Head of Security Operations, Abu Dhabi National Energy Company (TAQA), UAE

Angela Osborne, Security Intelligence Analyst, Abu Dhabi National Energy Company, UAE


Most travel trainings offered in the market fall into two categories: low risk travel and very high risk travel, often called Hostile Environment Awareness Training (HEAT). The problem is that neither fits for preparing a wide number of employees for potentially high risk travel. TAQA leveraged in-house capabilities to create a tailor-made program relevant to our risk exposure. From 2012 to 2013, the training became a recognisable safety measure for employees around the globe. The program provides security guidance, access to medical resources, and situational awareness techniques. It also offers a blueprint for security departments seeking to increase traveller safety.

Biography - Paul Eddings

Paul Eddings, CPP is the Head of Security Operations for the Abu Dhabi National Energy Company. A former Royal Marine, he worked as a Military Training Advisor in the Gulf region. He joined TAQA in 2009. He leads initial security assessment and on-going security support for a range of facilities across the energy sector in Europe, the Middle East, and North America. Paul has been an integral part of TAQA’s Travel Risk Management (TRM) program implementation.

Biography - Angela Osborne

Angela Osborne has worked as TAQA’s (Abu Dhabi National Energy Company) Security Intelligence Analyst since 2009. She holds an MA in Security Studies with a concentration in Intelligence from Georgetown University’s School of Foreign Service. In 2011, she published her thesis Spies Who Stay Out in the Cold: Looking to Soviet Illegal Operations for the Future of Non-official Cover. She currently serves at the Treasurer of the newly founded Abu Dhabi ASIS Chapter.

Session 17

Security and Community Relations - Interdependence In Difficult Geographies

Sushil Pradhan
Director, Geo-Political Risk Management, MitKat Advisory Services, India


Businesses operating in difficult geographies need to understand the close interdependence of security and Community Relations. The complex geo-political and socio-economic environment prevalent demands deeper involvement with local communities.


The challenge of conducting business operations in difficult geographies is exacerbated by the complex security environment prevalent in such locales. Simultaneously, the lack of resource availability, skilled manpower and difficulty of access emphasize the need to build bridges with the local community. Security and Community Relations are mutually dependant functions in difficult geographies; since globally accepted standards and templates of security are not often practical in such operational conditions. Numerous case studies and real-life examples go to show that companies that have made community relations an integral part of their security strategy have benefited from efficient and cost-effective security solutions.


With 22 years of military experience, Sushil has been decorated for gallantry in Counter-Terrorist operations; he has also been a trainer for Indian and international military & police professionals. He has been on the staff of a UN Peacekeeping Mission in West Africa. In addition to an MBA , he has an MSc in Defence Studies and MPhil in National Security Studies. As a part of his military service, he was responsible for preparation of policy documents, doctrines, geo-political assessments and geo-strategic approach papers. As a private sector crisis management/security consultant, Sushil offers a variety of risk assessment and management services to corporations, government, and non-government organisations; with the primary focus to de-risk businesses and facilitate operations in high risk environments. He has led challenging consulting assignments in difficult geographies in India and other parts of the world. Sushil is a regular contributor to professional journals.

Session 18

Counterfeit Medicines, a New Threat for Generations

Dominique Woloch
Sanofi, UAE


Medicine counterfeiting – is a threat that emerged since few years. During the presentation we will hear about the dangers of this increasing threat, world distribution and prevention.


Counterfeit medicines are not products as the others. They can entail the death or at least supply treatments of very bad quality. This highly profitable criminal activity is increasing year after year due to the lack of local strict enforcement and penalties. Because of the globalization, no country is immune from this threat and Middle East is facing the three issues: production, distribution and transit.

The pharmaceutical industry has developed AC Strategies, ranging from prevention to detection. Thanks to its partnerships within the industry and externally, successes have been registered.

At the international levels initiatives have been taken to tentatively reach a better regulation.


Awarded a diploma in 1985 of the French Military academy of Saint Cyr, with the speciality International Relations and Security, Dominique Woloch began its officer's career in the Mountain Troops, before turning to an international career specialsed in Security in the Middle East. After 14 years in this region, posted in Lebanon, Syria and Yemen, Dominique chose to join the private sector to widen his skills in the field of fight against medicines counterfeiters. Based in Dubai since 2009, as Regional Security Director of the pharmaceutical Group Sanofi, he handles the Global Security of a zone, Turkey-Middle East and South Asia (13 subsidiaries and more than 4,000 employees). During these last 4 years, Dominique has identified in the Region and pushed to the dismantling of 5 illegal facilities producing fake medicines for local and international distribution.

Keynote: How Offenders Say They Get Around Security Measures: Why They Say It Is Easy.

Professor Martin Gill
Director, Perpetuity Research & Consultancy International (PRCI) Ltd, UK

Professor Martin Gill is a criminologist and Director of Perpetuity Research which started life as a spin out company from the University of Leicester. Martin has been actively involved in a range of studies relating to different aspects of business crime including, the causes of false burglar alarms, why fraudsters steal, the effectiveness of CCTV, the victims of identity fraud, how companies protect their brand image, the generators of illicit markets and stolen goods, to name but a few. Martin has been extensively involved with evaluation research and with the offender’s perspective looking at how they target certain people and premises and aim to circumvent security measures. He has published widely (13 books and over 100 articles) and is currently working on the second edition of the 'Handbook' of Security' to be published in 2014). Martin is a member of the both ASIS International Research Council and the Academic and Training Programs Committee and a Trustee of the ASIS Foundation. In 2002 the ASIS Security Foundation made a ‘citation for distinguished service’ in ‘recognition of his significant contribution to the security profession’. In 2010 he was recognised by the BSIA with a special award for ‘outstanding service to the security sector’. In 2013 IFSEC placed him in the top 40 most influential fire and security experts in the world.


Offenders are a major source of information about crime and security, yet they are rarely asked for their insights. In this talk Martin Gill will report back on interviews he has conducted in prison. He supplements this with focus group discussions, and also 'walkabouts', this is where offenders accompany Martin to the locales of their offending and discuss how they tackle any security measures in place. In his talk he will address issues such as why offenders choose the targets they do? What factors make it easy and what makes it difficult and why? The findings are revealing and suggest some important lesson for security.

Session 19

View from the Top: The (ISC)2 Global Information Security Workforce Study CXO Report

Terry Thompson
Vice President, Booz Allen Hamilton, UAE

Mahmoud Yassin
President (ISC)2 United Arab Emirates Chapter; Senior Systems Engineer, National Bank of Abu Dhabi


A new report, mined from the 2013 (ISC)2 Global Information Security Workforce Study, examines the opinions of cyber security leadership on the issues shaping the threat landscape and the workforce of today and the future. The panel will provide insights into the mindset of CXOs and their views on the skills in demand, top threats, emerging technologies, hiring trends and more. Join the discussion with top security leaders from some of the top companies addressing information security today.


A new report, mined from the 2013 (ISC)2 Global Information Security Workforce Study, examines the opinions of security leadership on the issues shaping the threat landscape and cyber security workforce of today and the future. Released exclusively at Security Congress, the panel will provide insights into the mindset of CXOs and their thoughts on the skills in demand, top threats, emerging technologies, hiring trends and more. Join the discussion with top security leaders from some of the top companies addressing information security today. Attendees will understand key difference in how senior leaders in information security see threats and readiness compared with the rank and file, understand how senior security leaders are approaching the workforce shortage and look into the future of information security with a 50,000 foot view.


Terry Thompson is a Booz Allen Hamilton Vice President in Mission Analytics supporting the firm's Middle East business. He joined Booz Allen in 2003 after 30 years of government service in the National Security Agency (NSA) and U.S. Marine Corps.

Prior to his promotion to VP, Terry supported a team of Booz Allen staff and subcontractors that provided highly technical network analysis to many clients within NSA. In 2007-08, Mr. Thompson was assigned to the London office in the security market, where he participated in marketing and branding activities and supported UK government agencies with services ranging from cybersecurity to organizational transformation.

Terry's first assignment with Booz Allen was in the Department of Homeland Security (DHS). Initially assigned to support the Assistant Secretary for Infrastructure Protection, he was part of the small government-contractor team that developed the organizational and mission structure for the National Cyber Security Division. He subsequently supported the Under Secretary for Intelligence Analysis, providing services including intelligence analysis, strategy and policy development, and organizational transformation.

Terry is a member of the NSA Hall of Honor selection panel of the NSA Advisory Board. In 2010 he served as VP of Programs for the AFCEA Central Maryland Chapter. He teaches cyber security in the graduate program at the University of Maryland Baltimore County (UMBC).

Terry holds a B.A. degree in English and an MA degree in Russian Language and Literature from Wayne State University and a PhD degree in Russian Area Studies from Georgetown University.

Mahmoud is Lead Information Security Engineer at the National Bank of Abu Dhabi is manager of the Command Center Team for System & Security Monitoring, responsible for Security Operation Assurance.

Amongst his professional networking groups are the (ISC)2 UAE Chapter which Mahmoud initiated, membership of the ISACA COBIT 5 review member group and he has had articles published with InfoSec Island, a reputable group for information security community. Mahmoud has contributed to several Information Security related events in the UAE and he is member of various security groups as the UAE AAA, ISACA, (ISC)2 and the Identity Management Institute among others.

He has 16 years of experience in the Infrastructure Field, having worked over 10 years as Infrastructure Security Architect for multinational organizations such as Microsoft and Fujitsu. Mahmoud holds a BSE from the University of Cairo and a Master’s degree in Information Security from the University of Fairfax. During his extensive career Mahmoud has obtained professional certificates such as CISSP, CISA, CRISC, PMP, COBIT, ITIL, MCSE.

Session 20

Building a Security Conscious Culture In An Industrial Company

David Patterson CPP, PSP
Principal Partner, Patterson & Associates International Consulting, USA


This presentation offers suggestions for laying a foundation for a security minded corporate culture. Three types or policies, standards, and procedures are introduced with recommendations for implementing and enforcing them.


This presentation offers suggestions stemming from the author’s recent research paper indicating that CSO’s are most concerned with problems related to their employees from such crimes as violence, fraud, theft, unethical conduct, and drugs and alcohol in the workplace. Often these problems are caused by failure to implement clear policies and procedures, generating behavior that undermines organizational authority, jeopardizes organizational efficiency, and often results in lawsuits due to premises liability, negligence, and foreseeability, etc. Industrial Companies need a robust security program with strong policies and procedures to channel employee behavior, create an honest employee culture, and provide legal structure.


Mr. Patterson has over 30 years of international experience as a corporate safety and security consultant for Fortune 500 companies and Governments. He is a recognized author and lecturer with the ASIS International Physical Security Council in the areas of risk analysis, security systems integration, safety, workplace violence, enterprise systems, policies and procedures, and business continuity planning. He is the author of the book “Implementing Physical Protection Systems A Practical Guide,” which is used as a reference text for the PSP certification program and the International Association of Professional Security Consultants (IAPSC). He also authored a book entitled "Study Guide for the Physical Security Professional Certification Program

Session 21

Assessing Supplier Risk in The Supply Chain

Brad Kingston
Security Manager, L3 Communications, Communications Systems West, USA


This session examines the basic principles of assessing risk for your business/supply chain. Session will utilize a scorecard and the CARVER vulnerability method in assessing security risk.


The theme of this presentation is to educate the audience to conduct a supplier risk assessment. The session will conduct a walk-through utilizing a supplier scorecard and the CARVER vulnerability method in assessing security risk. The objectives are to identify threats and security risks within a supply chain, assess the needs and properly apply physical security systems in support of the supply chain security model. Learning Objectives: • Identify threats and security risks within a supply chain • Assess the needs and properly apply physical security systems in support of the supply chain security model • Employing the supplier scorecard to assess risk in the supply chain


Brad Kingston has over 28 years experience in the security and assessments arena. Brad is the Security Manager for the Supply Chain Management Division, L3 Communications, Communications Systems West in Salt Lake City, Utah. He conducts investigations and assessments for all suppliers to Communications Systems West. Brad is a retired US Army Special Forces Sergeant Major after 26+ years with specialties in intelligence, operations and engineering. Brad has had numerous deployments to include two combat deployments to Afghanistan and Iraq. He has conducted security/vulnerability/threat assessments for facilities and firebases throughout the world. He has a Bachelor of Arts in Criminal Justice Administration and a Masters Degree in Computer Resource Management. He is an active member of ASIS International. Brad provides advice, insight and solutions for security and the entire supply chain to assess risk.

Session 22

United Kingdom Maritime Trade Operations

Peter Harriman, Lieutenant Commander, United Kingdom Marine Trade Operations (UKMTO), UAE


This presentation will introduce delegates to UKMTO and its vital work in the Region. It will cover how UKMTO operates, give an overview of the piracy threat in the High Risk Area and show how UKMTO interfaces with military forces operating in the Region.


UKMTO is the primary point of contact for merchant shipping transiting the High Risk Area (HRA), encompassing the Red Sea, Gulf of Aden and the Arabian Sea.

UKMTO maintains a vital link between the merchant shipping community and the EUNAVFOR (European Naval Force), NATO and CMF (Combined Maritime Force) forces operating in the region. Vessels can provide their position, course, speed, destination and other vital information which enables UKMTO to monitor their progress throughout the HRA. In the event of a vessel seeing anything suspicious, if they are being approached by pirates or worse if they are being attacked, they can call UKMTO and the operators will provide advice and guidance over the phone. The operators will also contact the military to alert them to the incident and will remain in constant communication with the merchant ship while the military plans and actions any support to the vessel. UKMTO also undertakes briefings to ships visiting ports in the region to provide face to face guidance and the latest information about piracy related events to Ship’s Masters and Officers. This presentation will introduce delegates to how UKMTO operates, provide an overview of the piracy threat and show how UKMTO interfaces with military forces operating in the Region.


Peter joined the Royal Navy as a Radio Operator in 1979 and has enjoyed a diverse range of sea, shore and overseas appointments throughout his career. In his early years he served in various HM ships taking part in the Falklands Campaign of 1982 onboard HMS Arrow, a Type 21 Frigate. Rising to the rank of Chief Petty Officer, in 1996 he was commissioned and entered the Britannia Royal Navy College at Dartmouth. As an officer his appointments have included Capability Management at the Navy’s Fleet Headquarters and overseas jobs in Canada, Italy and Portugal, the latter saw him involved in NATO’s Counter Piracy mission – Operation Ocean Shield. Peter was appointed Officer-in-Charge of UK Maritime Trade Operations in Dubai in January 2013.

Session 23

Culture and Its Role in Global Resilience

Dr. Mark Clegg
Contract Manager Sellafield Emergency Management Improvement Programme, Serco, United Kingdom


Contemporary security challenges require responses in an interconnected global context. Different cultures are often heralded as problematic in mitigating such challenges. Yet, culture is the key weapon in our armouries.


Culture is the key strength when embarking on global multi-stakeholder resilience initiatives. It forms the core of the most important capability for resilience practitioners – people. Effective employees who are culturally aware and who understand the benefits of enhanced resilience maintain the competitive edge. Although each organisation has a different culture based upon its experiences, aims and objectives, common ground across all stakeholders must be identified and shaped into a shared strategic vision for resilience. But how can we reconcile the varying individual cultural influences in a way that avoids resilience paralysis and supports efforts to enhance group objectives?


Dr. Mark Clegg teaches politics at the University of York. His subject area specialism is security and resilience. He was previously the UK course director of a pan-EU resilience initiative and, before that, was a senior officer in the Royal Air Force. He has a PhD in International Relations and MSc in Strategic Studies.

Session 24

Smart Security: The Application of Queuing Theory Management Systems in diary security queues

Aisha Alomair
Security Systems Engineer, Saudi Aramco, Saudi Arabia


This paper will cover the possibility of applying queuing theory in emergency cases/triage cases in order to adjust the priority of events within a single queue.


As the great Dr.Rich Larson once said: every queue is a business opportunity and every queue causes problems. The way we manage these daily queues gives us insight into how much the security industry can benefit from utilizing this theory. Security queues form in our daily lives as queues of planes at the airport waiting to be dispatched, or screening facilities of passengers at airports, through gates, or maintaining security hardware. By utilizing queue management systems and sophisticated mathematical modules, we can reduce the service times that these queues occupy to make business as smooth as possible every without compromising on downtime, quality or cost. Queuing Management Systems and calculators provide businesses with an estimation how busy their employees are and can give them a very reliable estimation of whether an organization needs to employ more people or not. Every minute of downtime or tardiness of planes departing is costly and the use of this theory optimizes these results drastically.


Aisha Alomair is a security systems engineer working for Saudi Aramco. She holds a double bachelor’s degree in Mathematics and Computer Science from the University of Birmingham in Birmingham, UK. She is a certified Siemens Systems engineer and a Microsoft Certified Technology associate in Network infrastructure.

Session 25

Analysis of the Competency Paths in the Security World

Haithem AlBalawi
Administrator for the Security Systems Maintenance Division, Saudi Aramco, Saudi Arabia


This presentation highlights outcomes of analysis of competency requirements for security professions: (Public, Industrial, Executive and Physical) Security. The analysis looks to profiles from three perspectives: regulator, beneficiary and recipient.


The theme of this presentation is to highlight thoughts around the security HR overall process from the time of hiring. This is achieved by analyzing the regulation, market and customer expectations to identify the process gaps. These gaps can then be compared with international standards and best practices to develop a structured HR process for each Security profession. Having this in place help organizations to do the right selection of personnel during hiring and have the right development programs during their security personnel career. The topic is based on a field surveys and share local experiences.


Mr. AlBalawi is graduated from King Fahad University of Petroleum and Minerals (KFUPM) with an Electrical Engineering background and is pursuing MS in the same field. He has joined Industrial Security Operations directly after BS degree in year 2000. Mr. AlBalawi worked as a security maintenance engineer during and in 2002 headed the maintenance engineering team under the Security Systems Maintenance Division. After have moved to the Projects Group Mr. AlBalawi represented the organization in mega security projects such as the corporate Security Access Control System. Mr. AlBalawi moved the security operations field and covered as security superintendent in different security operations division kingdom wide. Mr. AlBalawi currently is the administrator for the Security Systems Maintenance Division

Session 26

Crisis Management – A crisis Management Case Study of Egypt and Libya – Marriott International

Simon Howse
Director of Security, Middle East and Africa, Marriott International, Ritz Carlton Hotel Company L.L.C

During the Arab Spring, a number of events identified a need for an effective, scalable, flexible crisis management plan. From shelter in place to an evacuation, this presentation will provide two case studies and one organizations approach.

During the Arab Spring of 2011 in Egypt and Libya, a number of factors contributed to the need for an effective crisis management plan, its implementation and on-going monitoring and response. We will walkthrough how MI implemented an effective crisis management strategy in Egypt to minimize exposure, and protect its guests and associates from external concerns. And how a hotel along with its 200 associates were evacuated from Tripoli Libya by air. The mitigation of risk, effective crisis management and support is a critical tool that must be prepared and trained for, rather than reactively mobilized at a time of crisis.

Simon grew up and was educated in his home city of Melbourne, Australia. After working within the hospitality and casino industry in Melbourne for 12 years in varying positions of responsibility, covering surveillance, auditing, compliance and management, security design, Simon moved to Dubai to lead the safety and security efforts for The Ritz-Carlton Hotel Company in Dubai.

After a successful term, Simon relocated to Puerto Rico in the capacity of Director of Security and Surveillance for The Ritz Carlton hotel resort and casino having oversight for security, safety, surveillance and risk mitigation efforts pertaining to the hotels resort and casino’s operations.

Simon relocated to The Ritz-Carlton’s corporate office in Chevy Chase Maryland as Corporate Director of Loss Prevention after a successful period, overseeing implementation of technology projects, identifying security and technology trends and capabilities, security system reviews and supporting the corporate Vice President of Loss Preventions global safety and security efforts, company wide.

Simon next move was to Marriott Internationals head office in Bethesda Maryland, to support Risk Managements Global Security and Safety efforts for Marriott international, encompassing the Ritz-Carlton. As senior project manager, his role was to identify new and emerging technologies, their potential application into the hospitality industry as it pertains to safety and security and risk mitigation, conduct risk and vulnerability assessments for new projects both within north America and globally, and design and review security and safety systems pertaining to security and safety standards industry practices and company policy.

In Simon’s next role of increasing responsibility, Simon returned to Dubai in his current role of Regional Director of Global Safety and Security – Middle East and Africa, overseeing security and safety for Marriott International. His region covers the Middle East, Africa and the extensive range of brands within the Marriott Portfolio to also include The Ritz-Carlton LLC. Simon provides oversight, crisis management, continuity and response, design review, compliance and operational support for hotels within the region.

Session 27

The Rise Of Sectarianism Throughout The Middle East

Mazen Saadah
Director of Middle East and Islamic Affairs, Stirling Assynt, United Kingdom

Tim Williams
Managing Director, Stirling Assynt, United Kingdom


The increasingly dominant role of jihadists in Syria has major implications both for the course of the conflict there and for stability throughout the region.


Western Governments are now talking about supplying arms to “moderate” rebel groups in Syria, despite privately recognising that jihadists are increasingly the dominant force on the ground. The emergence of Jabhat al-Nusra and, more recently, the Islamic State of Iraq and the Levant has major implications both for the course of the Syrian Civil War and for stability in neighbouring countries, particularly Lebanon and Iraq. Meanwhile, sectarian tensions unleashed by events in Syria will affect Sunni-Shia relations throughout the region, intensifying tensions with Iran and driving recruitment for groups on both sides of the conflict.


Mazen Saadah was born in Saudi Arabia and trained as a cleric. He has a deep knowledge of the jihadist philosophy. This enables him to understand al-Qaeda's ideology and hence its strategy. His advice on religious and cultural issues has enabled companies to increase profits and stay secure.


Tim previously worked as a Policy Advisor at the Society of British Aerospace Companies, Head of European Security at the Royal United Services Institute (RUSI) and in a defence policy role for the Conservative Party. He remains an Associate Fellow of RUSI. Tim has lectured widely on defence and security issues, including at the NATO School and Wilton Park.

Session 28

Facilitated Open Discussion: What Keeps You Up at Night?

Kenneth R . Lukins
President and CEO, Lukins & Associates, USA


Protection of offshore installations is critical to ensuring safe and secure operations and protection of your personnel. Exceptional new tactics, technologies and strategies are available.


The threat to offshore installations continues to grow in various parts of the world where piracy and terrorism continue to expand their reach. Daily, new policies, tactics, procedures and discussions take place around the globe with the goal of eliminating the threat; but the reality is that the threat can only be reduced, never eliminated, especially in an age where terrorists, pirates, and extremists are well-funded and equipped. While dealing with the threat is the task of governments, addressing the risks and vulnerabilities of assets remains the responsibility of the stakeholder. While there is no single approach to asset protection, there are several tactics, technologies and strategies now available to aid companies in their endeavor to ensure the safety and security of their personnel and installations are properly addressed. We will discuss a brief history, current risks to offshore installations, and new tactics, technologies and strategies


Chief Ken Lukins, U.S. Coast Guard (Retired) has 35 years experience in Facility and Installation Security and Safety, Crisis Management, Anti-Terrorism, Anti-Piracy, Maritime Safety and Security, Environmental and Emergency Response to include Oil Spills, Chemical Releases, Natural Disaster Response, Law Enforcement/Drug Enforcement, Customs, and Immigration Operations. Ken has provided First Responder services in Crisis Management, Security and Safety, and related Training, Drills and Support Services for the Energy, Chemical and Transportation Industries, and various governments. Ken has lead team efforts in assessing and developing security operations throughout the world, and in currently heavily engaged in assisting governments and corporations in the ME and Africa. He has been responsible for developing and leading all levels of training, drills and exercises focusing on 1st Responders, Facility Security and Safety, Crisis Management, Anti-Terrorism/Anti-Piracy, Maritime Security and Safety, Spill Management and Chemical Response (Including HAZWOPER), Equipment Deployment and Health & Safety.

Session 29

Blast Mitigation Measures – An In-Depth Look At Products and Approaches To Protect Against Explosive Attacks

Hollice Stone
President, Stone Security Engineering, USA


Knowledge is power. This presentation provides detailed knowledge on the pros and cons of current blast protection products/techniques so attendees may effectively select/specify/procure resources to protect people/property from explosions.


Blast protection requirements have expanded in the past 10 years and there are now numerous products to protect people/property from explosions. Where there used to be one or two solutions, there may now be five or ten. It is critical that security and design professionals understand the strengths and limitations of the mitigation measures and their applicability to facilities. The presentation will discuss inherent weaknesses of building and site elements (windows, exterior walls, curtainwalls, columns, vehicle barriers, perimeter walls, etc); available products and techniques that can be used to mitigate these weaknesses; and relative cost implications.


Hollice Stone is a leader in the Security Engineering Industry with 23 years engineering, blast, antiterrorism and emergency response experience. She has devoted her career to helping protect people, buildings, campuses, and critical infrastructure from terrorism. Her work has included anti-terrorism and security engineering design and assessments of new and existing facilities for the US Departments of State, Justice, Homeland Security, and Defense; National Universities, chemical plants, oil refineries, Fortune 50 companies, and international non-governmental organizations. She has had projects in the United States, United Arab Emirates, South Africa, Afghanistan, Iraq, Bosnia Herzegovina, South Korea, China, Uganda, Bangladesh, and Yemen. Stone has performed blast resistant design and/or assessment on more than 200 buildings. Stone recently wrote the latest GSA Blast and Progressive Collapse guidelines and updated the US Army Corps of Engineers blast resistant door and window Guide Specifications.

Session 30

Verbal Analysis - Reading Between The Lines

Erik Ackerfeldt
Founder, Babel Communication, Sweden


Verbal analysis - Reading between the lines Analyzing verbal content is a powerful tool for investigators to identify changes, omissions or even lies in verbal statements making investigations more efficient.


Have you ever been taught to look out for the nervous twitches of a liar, the body shifts, the crossed arms the gaze aversions and so on, even if they are remarkably unreliable? Deceptive individuals tend to hide their fear of detection under the cloak of controlled verbal communication, they divert your attention from their lies. Through systematic verbal analysis techniques we have the tools to detect deception, spot omissions and measure the level of commitment shown towards your investigation. Verbal analysis is without a doubt the most powerful tool in detecting deception!


As Head of Military Interview and Interrogation Training, Erik Ackerfeldt has developed the entire program used at the Swedish Defense Language Institute to train military personnel in information gathering and behavioral communication. With professional experience from hostile environments and warzones across the globe, Mr. Ackerfeldt has trained military and police personnel as well as public companies for 10 years in how to communicate more efficiently under even the most challenging circumstances. He enthusiastically combines his theoretical knowledge with practical training to efficiently make all course participants a superior communicator. He has gathered an impressive collection of practical exercises that he uses to highlight theoretical phenomena, which gives the participants a solid theoretical as well as practical base to stand on.

Session 31

Oil and Gas Industry - Offshore Security

Reuben Murrell CPP
Global Security Manager, Transocean, UAE


Overview of the Operational Environment of oil and gas industry while operating offshore. The Conventional and unconventional Threats. Current Mitigation Strategies. Gaps and Vulnerabilities. Possible Improvement Strategies.


The theme and purpose of this presentation is to review of past security events and incidents and current best practices and shared learning’s and to discuss and consider new strategies for oil and gas offshore security operating in high risk locations.


Global Security Manager with over thirty years experience, having held senior Operational and Corporate positions in the Military, Specialist Risk Consultancy, Oil and Gas Operators and Service companies throughout the world.

Session 32

Private Security in High Risk Environments

Dr. Marc Siegel
Commissioner, Global Standards Initiative, ASIS International, Belgium


Private security service providers are playing an ever increasing role in high risk environments. New contracting requirements, international standards, and liability issues are changing the playing field. How will this affect your business?


Private security service providers are playing an ever increasing role in high risk environments. New contracting requirements, international standards, and liability issues are changing the playing field. The governments of the US and UK have adopted the ANSI/ASIS.PSC.1 as a requirement for contracting, with some private companies following suit. ISO is transitioning the ANSI/ASIS standard to an ISO International Standard. How do you keep your business competitive and use the standard to improve your business management and differentiate your company to receive contracts? What do you need to know about the new contractual realities and consequences of clients requiring certification to the PSC standards?


Dr. Marc Siegel is the Commissioner heading the ASIS International Global Standards Initiative developing international and national risk management, resilience, security, and supply chain standards as well as provides training on their implementation. He is a RABQSA International certified Business Improvement Lead Auditor, as well as a certified Trainer and Skills Assessor for both security and resilience management As an Adjunct Professor in the College of Business Administration and the Master’s Program in Homeland Security at San Diego State University, Dr. Siegel pioneered the concept of applying a systems approach to security and resilience management for organizations and their supply chains. His work includes providing training and guidance on implementation of risk, resilience and security management systems, as well as risk management in regions of conflict and weakened governance for the protection of assets and human rights. Dr. Siegel chaired the technical committees and working groups for the series of ANSI standards developed to provide accountability to legal requirements and the International Code of Conduct (ICoC) for private security service providers. Co-Author: Organizational Resilience: Managing Risks of Disruptive Events – A Practitioner’s Guide, by James Leflar and Marc Siegel, CRC Press, 2013

Session 33

The Risk Assessment and Security Master Planning

Jeff Slotnick CPP, PSP
Chief Security Officer and Founder, OR3M, USA


This session addresses the fundamentals of conducting a high quality all hazards Risk, Threat, and Vulnerability Assessment, knowledge and process of Security Master Planning and understanding the “Business of Security”.


A high quality all hazards risk, threat, and vulnerability assessment is the entry point for value based business security decisions. It answers what we are protecting, what we are protecting against, and the value of the loss to the enterprise. The risk assessment supports the value proposition and leads to a quality Security Master Plan thereby supporting the organization in delineating security philosophies, strategies, goals, programs and processes aligning the organization's security plan with its business plan resulting in high levels of collaboration, contribution to the business function, and budget to support the program through key performance indicators and metrics.


Jeffrey A. Slotnick, CPP, PSP is a highly regarded risk professional and thought leader, with more than 28 years of experience, specializing in the Homeland Security Enterprise and Organizational Resilience Management (ORM). Jeff is peer recognized as one of the “critical architects in the homeland security enterprise” and is responsible for the some of the latest advancements in All Hazards Disaster Resilience, Organizational Resilience Management, Standards Development, and managing the Data Waterfall. Jeff is focused on the professional development and training of security, law enforcement, and military personnel, the provision of exceptional security services, protective services, and all facets of ORM including risk, vulnerability, and threat assessments, preparing Emergency Response Plans, Business Continuity Plans, and Physical Security System Integration.

Closing Session - Keynote

Prof. Dr. Leonard Yong
Senior Consultant, EuroMaTech Training & Management Consultancy, UK and Dubai


Prof. Dr. Leonard Yong (PhD; MEd; B.Sc; DAPA) is Senior EuroMaTech Consultant. He taught for more than 20 years in University of Malaya before retiring as Professor in the Dept of Educational Psychology & Counselling. Professor Yong has extensive cross-cultural experience in consulting and research for agencies and companies in Middle East, Japan, Australia, and the Asian region. His clients include Petronas, Maybank, Intel, Motorola, Malaysian Ministry of Health, Malaysian Ministry of Women, Family & Community Development, Saudi Arabia Government, Thai Reuters, Kuwait Petroleum Company and Oman PDO.