|
||
 |
In the Boardroom™ |  |
|
||
 |
Security Strategies Today |  |
Current Security Strategies Today Articles:
In The Boardroom™ With...
Mr. Steve Cocco
President
Security Strategies Today
Security Strategies Today is a private investigations firm offering services in English and Spanish to the private sector, NGOs and government agencies as well as to individuals and businesses. We focus on crisis management training, threat and vulnerability identification and assessment as well as training in active shooter and emergency management protocols for the workplace. Our consulting services include simulated scenarios and role playing geared toward maximizing client engagement and preparation. We offer comprehensive, high quality services and take pride in offering a tailored and affordable alternative in enhancing security and safety both at the workplace and during official or personal travel.
Security Strategies Today also offers comprehensive travel briefings and threat reporting, identifying potential security, health or political risks that could affect your personal or business travel overseas. Our written briefings are concise and time-sensitive and are a valuable tool, providing independent examination of risks. We include tips for cultural acclimation while overseas and a list of "do's and don'ts" while in country.
Finally, in Arizona, we conduct private investigations into potential violations of criminal or civil law and offer litigation support and expert witness testimony in related proceedings.
SecuritySolutionsWatch.com: Steve, you’ve told us that you’ve developed a partnership with a cyber security company that’s doing great things. Tell us a little about your new partnership with a company in the UK. What services do Cyber Armed Security provide?
Steve Cocco: We are excited about our new partnership with Cyber Armed Security. This UK-based company is composed of a global team of ethical hackers with over 20 years of experience in cyber security. Its operatives come from ex-military, ex-intelligence, Interpol, and the British army. Their intelligence-gathering activities enable them to conduct cyber-based attacks and test the weaknesses and vulnerabilities of clients, which is not feasible without a robust intelligence element. The company merges cyber security and physical security by utilizing OSINT (open-source intelligence) and leveraging partnerships, such as with Security Strategies Today. For example, they conduct travel risk assessments, looking at OSINT on locations, as well as the risks to people, taking into account that different jurisdictions have different interception capabilities at the government level. The threat is therefore different according to the location. Their reports for clients compile everything from physical security risk all the way to cyber risk and vice versa. They offer penetration testing, vulnerability scanning, counter phishing solutions, and physical cyber security sweeps on premise.
It’s really an ideal partnership for us, as we both bring different but complimentary services to the client. I invite you to check out the link we’ve highlighted above.
SecuritySolutionsWatch.com: Interesting. What does Cyber Armed Security say about the cyber threat landscape and how it affects the security of a person or a business?
Steve Cocco: Cyber Armed Security has emphasized that the threat landscape can affect the dignity, privacy, safety, reputation, and finances of a person or a business. Technology is an extension of our human ability and an extension of our brain. For example, an average smartphone will contain a person’s memories and valuable data. It’s ultimately an extension of the person and it facilitates our daily interactions. If someone compromises your privacy, for example, by posting intimate photographs or by manipulating your personal data, that can cause your dignity, privacy, safety, reputation, and money to be at risk. With the right cyber security, every element of risk is taken into consideration, and different attack vectors are remediated to reduce the risk. Your company’s digital presence is a real-world concern, and we need to safeguard it as much as we would maintain our physical security.
SecuritySolutionsWatch.com: What do you see as the future of cybersecurity?
Steve Cocco: Artificial Intelligence (AI) is the hottest topic in technology right now, and while it has the potential to be very helpful, it is also very dangerous. AI can plan and do things in a way that is beyond human imagination, and it is surprisingly accurate and potentially dangerous. For example, in the UK there is a proposal that would allow AI to be connected to private communications, which means there is essentially a live policeman that will be in our pockets. Initially, it would be employed for things like terrorism detection and prevention, but where does it stop? We all need to take cybersecurity seriously and be very concerned about how humans implement these controls.
SecuritySolutionsWatch.com: Steve, what is Cyber Armed Security identifying as dangerous trends in that we need to be mindful of?
Steve Cocco: Phishing is becoming more diversified and sophisticated. While the old-school way of social engineering does not work as well anymore, hackers are now using OSINT to conduct their attacks based on intelligence. For example, if there is a vacancy in a company, a hacker could find out who the HR director is via OSINT and mimic their email address, or they could exploit applications, such as, Slack and Microsoft Teams to social engineer employees from a point of authority. This is why people need to be more aware of these increased targeted attacks, as phishing can now occur in any social online interaction. Keyloggers are also on the rise, and physical intrusion devices, such as Lan turtles, can be easily planted in the back of a computer without anyone realizing.
Finally, the insider threat is a growing concern, as lower-paid but high-level employees with access to sensitive information can be easily bribed. To combat this, Cyber Armed Security has the full suite of cyber services and has established a new service called Cyber Sweep, that tackles physical security in relation to cyber. It uses specialized skills and equipment to detect embedded hardware, bugs, servers, and circuitry cabling, making it a service everyone should use to ensure their office is clear of malicious activity, while staying compliant and meeting the requirements of standards such as ISO 27001 physical access controls.
SecuritySolutionsWatch.com: Anything else, Steve, about this new partnership with Cyber Armed Security that you would like to highlight?
Steve Cocco: We understand that as technology and security threats evolve, it's important to partner with a dynamic and capable cyber security business. Cyber Armed Security offer a unique blend of ethical hacking and intelligence services that complement our boots-on-the-ground security expertise. Our combined perspective allows us to provide comprehensive, up-to-date threat analysis and real-time intelligence that can even enhance travel risk assessments for VIPs through to the essential security of a small business.
Cyber Armed Security services clients world-wide and most of its work is accomplished through on-line and remote connection.
We encourage anyone interested in reviewing their cyber security posture to reach out to us. Let us show you how we can help protect your business from evolving security threats with our unique blend of expertise.
UPDATE 2/27/23:
SecuritySolutionsWatch.com: Thank you for joining us again today, Steve. The headlines once again shocked us all on November 22, 2022, "6 victims shot and killed in a Virginia Walmart".
ACTIVE SHOOTER TRAINING AND WORKPLACE VIOLENCE MITIGATION
“This is our hands-on, basic course for you and your business, religious congregation, school or other educational venue. It teaches participants the basics of the workplace violence phenomenon-how to recognize and report behavior of concern and how to train for an immediate and efficient response to an actual event so as to increase the possibility of survival and reduce the rate of injuries. This is a must-do course to address one of the most critical issues of our time.”
Please tell us more Steve about the ACTIVE SHOOTER TRAINING you provide and what are your takeaways from the tragic shooting at the Walmart in Virginia.
Steve Cocco: The Walmart shooting was another example of how we seem to fail time after time in keeping weapons out of the hands of the mentally ill or emotionally unstable. The shooter, identified as Andre Bing, had purchased the weapon he used to gun down his co-workers that very morning. There was no effective background check and no requirements for even a minimum amount of training. In the note he left before taking his own life, Bing stated that he "was being led by Satan" in committing the murders. The background checks and our will to keep weapons away from those who would threaten to use them in the manner in which Bing did is a political and societal question too broad and complicated to address here. However, our Active Shooter training course is geared to any and all individuals, workers, spectators or school employees or parents with an interest in not only staying safe, but in fostering an environment in which people can work, pray and thrive without the fear of becoming a shooting victim. Some points we cover in the course include:
- Knowing the warning signs of a person who might be inclined to commit an act of violence as revenge or because the person holds personal grievances against identified individuals
- Equipping the workforce, students, faculty or congregation with an updated emergency action plan designed to provide the tools necessary to react effectively during a shooting or other act of violence, and
- Educating attendees on the importance of being proactive rather than reactive and of engaging frequently with local police, FBI or security professionals.
SecuritySolutionsWatch.com: Let’s talk about “Background Screening” for a moment. What is your perspective Steve on the importance of doing thorough background checks especially in these times in the face of recent crime trends.
Steve Cocco: Well, we just spoke about the Walmart shooter and that is a case of systemic failure. Unfortunately, only national legislation with stringent requirements for screening would be effective in keeping guns out of the hands of those who intend to commit crimes with them. A state-by-state approach does not work, for obvious reasons. Background checks should not only include database checks for criminal history or history of threatening behavior, but familiarization with the mental health history of the prospective gun owner. There are privacy concerns there with regard to mental health-but which is better, temporarily denying an applicant a deadly weapon or risking a shooting in which innocent people are killed or injured? There needs to be a political will to move in that direction and although the public may agree, politicians are likely to push back.
SecuritySolutionsWatch.com: We also read with great interest on your site about…
THREAT AND VULNERABILITY ASSESSMENTS
“Your business is secure and you and your employees are safe once inside, right? You probably know by now that such an attitude disregards today’s most critical and common threats, from the nightmare of a workplace violence event to a devastating loss of data or intellectual property due to a disgruntled employee-an “insider” threat. Have you ever conducted a survey of your current safety and security posture? Have you taken stock of the threats in your immediate surroundings, in your region, country and in your industry or market segment as well? Be proactive and get a comprehensive threat and vulnerability assessment. We’ll cover all the essentials in our study and leave you with a complete evaluation of your workplace as well as with a list of remedies you can take to mitigate threats.”
Care to elaborate for us, Steve, about your process in performing a “threat and vulnerability assessment”. Please tell us about the journey that your clients take when they engage with you.
Steve Cocco: When a client engages us to perform a threat and vulnerability assessment, that client can expect a detailed and comprehensive look at every aspect of its operations and their effect on security. We look at doors, locks, barriers, frontage and other structures for weak access points or vulnerabilities. We take a look at the lighting, both inside and outside and assess it for sufficiency. We will also look at the visitor and vendor access process and screening. Finally, we will take a look at employee security and procedures with the intention of enhancing both security and workplace safety-is there an emergency action plan? Has it been practiced? Has it been updated lately and do all employees/administrators or contractors know where to find it? It is a detailed process which unfolds over a few days, but it is well worth the cost and time. At its conclusion, the client receives a detailed report which we review with them and a series of recommendations which they may consider implementing in order to harden the overall security environment.
SecuritySolutionsWatch.com: Schools, religious institutions, shopping malls, sports venues, retail establishments, any workplace today, for that matter, is, unfortunately, vulnerable today. Are there any recent engagements, Steve, that you would like to share with us?
Steve Cocco: I recently performed a threat and vulnerability assessment at a large shopping mall and another one at an apartment housing complex. There are significant differences between them and each location of course serves a different purpose and brings a different demographic. A housing complex needs to focus on access from the outside and on safe walkways, garages and common areas. Are all public-facing doors or gates locked so that only authorized individuals can enter? Are internal walkways and common areas well-lit? Are CCTV cameras in place and operational? On the other hand, a shopping mall seeks to encourage public entry and so its threat profile is vastly different.
With a religious institution, the threat is sometimes even harder to quantify. Even if we assume that the physical structure is secure, what do we know about the congregants or attendees? How do we vet or assess a new member? What do we do if we receive a threatening phone call, email or if our exterior walls are defaced with graffiti?
Let's take a look for a second at a religious institution. There is no shortage of hate speech and all religions have been targeted. You need to take hatred voiced at individuals because of their faith or religious practices as a possible precursor to violence. I say possible, because of course most hate speech is protected speech and most does not rise to the level of a threat. But look at that person closely and be mindful of that person's activities. Screen new congregants closely and look at their social media posts for possible signs of violent ideations.
SecuritySolutionsWatch.com: Any upcoming speaking engagements, Steve, that we should know about?
Steve Cocco: I will once again be present at ISC West in Las Vegas this March and will be participating in panel events involving workplace safety and overall business security.
SecuritySolutionsWatch.com: Thank you again for joining us today, Steve. Is there anything else you would like to discuss today?
Steve Cocco: Yes. Don't hesitate to give us a call or send us an email for more information. Our website provides further detail but we always appreciate a call!
SecuritySolutionsWatch.com: Thank you for joining us again today, Steve. The world we live in has certainly changed quite a bit since we first talked several years ago. Violence where we work and send our kids to schools, Covid, political unrest, natural disasters, and other issues are, unfortunately, headline news all the time. In this environment, it’s truly an honor to speak with you once again. As a 27 year veteran of the FBI, you’ve seen it all. Before discussing Security Strategies Today services and capabilities in greater detail, please update our readers about your impressive background.
Steve Cocco: Many know that I worked as a Special Agent and agent supervisor with the FBI for nearly three decades. I gained valuable experience in criminal investigations, counterterrorism and counterespionage as well as tactical experience required for the safe conduct of enforcement activities, such as arrests or search warrant execution. Well since we last spoke, I have continued my work on providing businesses, NGOs and individuals with detailed threat and vulnerability assessments and have incorporated new software and new assessment techniques to accommodate the large number of requests I get. I leverage the experience I obtained after 27 years in the FBI, particularly in the counterterorrism realm, to address the growing need in the private sector for comprehensive vulnerability studies on critical infrastructure. During my time with the FBI and particularly after the attacks of September 11, 2001, I gained significant experience in understanding the terrorist mindset but also in their operational capabilities and weaknesses. This has afforded me an advantage that other professionals in critical infrastructure protection may not have. Naturally, these assignments allowed me to develop substantial contacts overseas and to this day I continue to be in contact with many of them, who are quite helpful in covering international leads and obtaining information from overseas.
SecuritySolutionsWatch.com: Workplace violence is, unfortunately, it’s on the rise. Many American workers report having been victims of workplace violence each year. Unfortunately, many more cases go unreported.
We read with great interest on your site about Threat and Vulnerability Assessments ,
“You may think your environment is safe and secure, when you’re at your office, at work in a shopping mall, at school as a teacher or student or even at a medical appointment. But, how do you know this? Have you taken into account the physical surroundings, including access roads, doors, windows, locks and other barriers? What about the threat from committed terrorists or from someone who would wait in silence in a dark area of your facility for a victim to approach? If we work in a business that actively tries to draw in large crowds, such as a sports venue or hotel, then that business objective must be achieved taking into consideration multi-layered, effective security.
So, just how secure are your surroundings from these threats as well as others that can manifest themselves with no warning? We’re not talking about the safety of the stairs or whether the glass on the windows is tempered. We’re talking about viable escape routes should an explosive device detonate, a specific game plan for worker and guest protection, a designated safe haven, updated crisis management plans and an effective deterrent to mitigate the “insider” threat. When, if ever, did your business or place of employment complete a multi-faceted vulnerability assessment, that is, a dedicated effort to identify threats from insiders and outsiders who would seek to inflict deliberate harm on the structure, its customers and/or its employees?”
Please tell us more, Steve, about your capabilities in the area of workplace safety and active shooter training.
Steve Cocco: Every employer needs a workplace safety plan.These plans can save lives when a worst-case scenario takes place. Such scenarios can be a natural disaster, such as a major hurricane, tornado, earthquake or fire that devastates the workplace, displaces employees and threatens lives.
Workplace safety planning includes making sure each and every employee knows his or her role in a workplace emergency, is trained on basic or advanced crisis management techniques, knows about alternate work sites and knows how to communicate with a manager via alternate means of communication. It takes methodic planning and practice to get workplace safety plans right. Your workplace safety plans also need to be updated periodically, as personnel and roles change over time.
Unfortunately, sometimes the worst-case scenario is man-made, such as an act of violence at the workplace. Such acts of violence are not limited to an "active shooter" scenario, but increasingly that is what we see in the US. Most people do not know how to react during a sudden shooting nor do they recognize the warning signs of someone who may be heading down a path of violence. The active shooter training program starts out with a basic presentation of about 45 minutes. We subsequently offer a more advanced module for those who want to expand their knowledge and learn more detail regarding the history of the phenomenon in the US and overseas. If desired, we can include practice or mock scenarios in a safe, weapons-free training environment.
SecuritySolutionsWatch.com: Let’s talk about Private Investigations. One will read on your site,
“Security Strategies Today is authorized by the Arizona Department of Public Safety (DPS) to conduct private investigations within the state under license number 1655585. In addition, through our partnership with other agencies, we pursue investigative leads throughout the United States and in select foreign countries.
Whether you have been the victim of a get-rich-quick scheme, fraud, stolen identity, theft or misappropriation of assets, if you have been injured in an accident or as a result of medical malpractice, a trusted private investigator can be a crucial member of your team. An experienced PI gathers evidence, develops investigative leads, interviews witnesses and provides an investigative report with all the details you will rely upon in presenting your case in court. If you are the plaintiff in a lawsuit or have been named as a defendant, your private investigator works for you and has your interest in mind. Importantly, a good PI will often be recognized as an “expert witness” by courts at all levels and offers context and interpretation to investigative results.”
Care to elaborate, Steve?
Steve Cocco: Yes, our services are used by various Arizona law firms who are in need of identifying victims of crimes or other schemes as well as in assisting family members in identifying heirs and assets of deceased family members.
SecuritySolutionsWatch.com: Natural disasters from earthquakes, hurricanes, floods, wildfires and other events are also on the rise. What are the services you provide, Steve, regarding Crisis Management?
Steve Cocco: Crisis management is an essential element to long-term business sustainability. It includes the planning, practice and eventual execution of plans to enable a business to get back up to at least partial operational status after a major, adverse event, such as a hurricane, fire or man-made disaster like a mass shooting. Crisis management training includes the essential protocols to follow in preparation for such an event and provides simulated scenarios so your team can practice key aspects.
SecuritySolutionsWatch.com: Travel Safety and Threat Awareness is also more important than ever before in today’s security climate. How do you help your clients, Steve, if they are considering travel for work or pleasure to a foreign destination?
Steve Cocco: Maintaining a sense of security and safety when travelling abroad is essential, whether you are on business or personal travel. Myriad threats can negatively impact your experience abroad and some may even land you in hot water with authorities or even worse, in a hospital. When planning a trip abroad, make sure you are educated on the countries you will visit; learn something about their legal system and find out how to obtain legal representation in-country should you need it. Additionally, you'll want to know how to avoid common scams targeting foreigners. Are there health risks to be aware of? What about food and water safety and what societal or official norms are in place regarding your rights? You may know that your country's embassy often maintains a list of local attorneys who provide legal representation to foreigners. What you may not know is that you are responsible for finding them and screening them. You also must rely on your own, personal funds to pay them.
With so much to consider, why not get a low-cost travel briefing from us before you depart? This concise summary will touch on these and other issues to be aware of when planning your trip.
SecuritySolutionsWatch.com: Any success stories or testimonials you care to mention, Steve ?
Steve Cocco: We have presented "active shooter" training on several occasions during 2022, both at a basic and at an intermediate level. In all cases, the training was well-received and led to additional inquiries. We have found out that in general, citizens are ill-prepared to survive such an event but with even some basic training, they felt a little more at ease and potentially more prepared.
SecuritySolutionsWatch.com: We understand that the Hispanic community is a particular area of focus for your business and that you are also engaged with international clients. Please tell us more.
Steve Cocco: Our US Hispanic community is growing and is an integral part of our society. It's not that the community requires training in Spanish, as so many are US-born and speak English as their first language. However, a vast swath of Hispanics in the US are foreign-born and they often feel more at ease in receiving instruction and training in Spanish. It fosters a better understanding of the subject matter and creates a positive rapport. Our Hispanic clientele is growing and we appreciate the opportunity to serve the community.
SecuritySolutionsWatch.com: Care to mention any recent speaking engagements or upcoming events?
Steve Cocco: We of course will be in attendance for the eighth year in a row at the 2023 International Security Conference-West, to be held in Las Vegas in March. It is a great venue for meeting clients in person and for sharing our expertise. Look for our display once on site!
SecuritySolutionsWatch.com:Thanks again for joining us today, Steve, we look forward to more updates about your capabilities and services.