Sloane Risk Group

Why Security Professionals Should use a Physical Pe*******on Test as a Tool when Creating an ESRM Program

Organisations often fail to appreciate and understand the value that a strategic relationship between their security professionals and stakeholders can bring to the organisation. Asset owners don’t traditionally understand security, they envisage it as the guards who stop known threat actors from walking through the door. Many heads of security feel undervalued, they know where the business weaknesses are and have tried to address them multiple times, only to be knocked back by budget constraints and a lack of understanding.
However, the modern-day security professional is highly skilled and experienced and can help improve the overall business mission by incorporating security practice into everyday business activity.

Enterprise Security Risk Management
In 2019 ASIS, the world’s largest membership organization for security professionals launched the Enterprise Security Risk Management Guideline (ASIS ESRM-2019) defined as “a strategic approach to security management that aligns an organization’s security practices to its overall strategy using globally established and accepted risk management principles”. Its foundation is set on the principle that security risk management is a partnership between the asset or business owner and the organisation's security professionals.

As a security professional, encouraging your business to adopt an ERSM program will holistically benefit the entire organisation and will hopefully be reflected upon you. This can be partially achieved by engaging a professional physical pe*******on testing company that understands ERSM to conduct a physical pe*******on test (PPT) to provide an effective risk analysis of your assets. A well-presented PPT debrief can provide stakeholders with a very realistic and comprehensive report of exactly what vulnerabilities look like. For instance, a presentation to a C-suite showing multiple people literally jumping over speed gates in view of staff members who don’t react has a huge impact when shown visually.

What is a Physical Pe*******on Test?
A physical pe*******on test is effectively ethical burglary. Experienced PPT specialists will use a range of physical entry and social engineering techniques to try and access specific areas of your buildings. The aim is to test the risk to assets by identifying vulnerabilities in procedures, practices, equipment and infrastructure.

To use a PPT to communicate with the C-suite, it is vital to identify the organization's assets and to convey these to the PPT testing organization at the client consultation stage. The PPT will then be created to test the risks that the assets are subject to. These should include both tangible and intangible assets. The consultation stage will provide you with the opportunity to tell the testing team where you feel there are vulnerabilities which should be included in the testing scope and for them to use their experience to suggest ones of which you may not be aware.

A PPT can be subjective, the alignment of security and staff conditions can vary greatly throughout the business day. It is important to allow testers a realistic period of testing to identify the routine and procedures of security, staff, executives, deliveries, and shift changes to gain a comprehensive understanding of where the human and physical vulnerabilities lie. If the findings are going to be used to create a presentation, the testing team will also need the capability and manpower to capture strong high-quality imagery to portray the methodology and findings of the test.

How to identify a professional PPT service

There are many security companies that will offer PPT, however, PPT is not yet regulated, and it is important to choose an organisation that is worthy of your engagement.
Establish the background and experience of the organisation, whether they are sub-contracting the project and the background of the testers that will be used. Whilst many testers will have former government and military experience, they must also have enough commercial security knowledge to understand the principles of ERSM. A varied demographic of testers should be used, women are notoriously more successful at infiltration and social engineering than men as they are often viewed as less suspicious. Don’t be afraid to ask for biographies of testers but remember not to share the information with anyone in your organisation or it could have a negative impact on the test. A testing team should also be able to provide proof of their insurance. Your testing company should understand risk assessment and should have a risk assessment methodology in place to measure the risk found.

How the findings can be used
Once the PPT is completed you will be provided with a detailed report, which will include suggested recommendations to mitigate the identified risks. This can be used to create a presentation delivering the findings to the relevant stakeholders and will form the foundation which will enable you to move to the next stage of ERSM creation, mitigating and prioritising your risks. It may be necessary to improve your organisation's security culture before attempting to gain buy-in for ERSM program development. Security culture change is a slow process involving a lengthy period of continuous improvement to gain maturity but a PPT will certainly provide you with the ammunition to start the conversation.

To find out more about Physical Pe*******on Testing or our other corporate security and counter-espionage services, contact us:

[email protected]
www.sloaneriskgroup.com
020 3633 0672

*******ontesting

Part 4 of the Case Study Series describes an unsusal close protection/ executive protection request.

Close Protection/Executive Protection

The perception of Close Protection or Executive Protection usually presents the image of celebrities, politicians, royalty, and high net worth individuals utilising bodyguards due to their status, wealth, or political bearing. However, one of our recent operations involved a very different principal.

Our Principal

Our principal was an astounding lady, she was well educated with a deep interest in culture, art, the environment, music and history. She was extremely wealthy but unknown publicly. The reason that she required our protection was that she was tremendously vulnerable.

She had been a victim of cuckooing, which is where criminals such as drug dealers and con artists will move into the residence of a vulnerable person and exploit them, often taking their possessions, money, benefits and abusing them for their own interests.

Our client had various medical problems and requested our full-time assistance to keep her safe within her home, es**rt her when she went out and to help her with her daily routine. Many of her requirements were suited to medical professionals and would not be expected of the average bodyguard. However, as we have seen an increase in close protection requests for vulnerable people over the last two years, we were able to source a range of paramedics, nurses, and rare operators with the unique mixture of medical knowledge, soft skills, patience, and close protection experience who were ideal for her situation.

The Deployment

Due to the nature of our principals ailments the task required some careful planning and bespoke policy and procedure creation. Covid added extra complications.

Our client was terminally ill, due to her condition, she was not an easy person to look after, she was often angry and frustrated. However, our team were amazing, they went above and beyond their job description to make her last month’s happy ones, taking great care to provide her with human interaction and the comfort and safety that she needed.

Slone Risk Group would like to thank all of the operators involved, you know who you are and you did an amazing job.

For further information regarding extra-ordinary close protection services please contact us:
Email: [email protected]
Phone: 0203 897 22 72
Website: www.sloaneriskgroup.com
Address: 71-75 Shelton St, Covent Garden, London, WC2H 9JQ