KEYNOTE ADDRESS

sponsored by

Lenel

The Consultant Responsibility

Presenter: Will Wilkins, Executive Director, Global Security Operations, Valero Energy Corp.

"…the social force that binds you to the courses of action demanded by that force; every opportunity, an obligation; every possession, a duty."- John D. Rockefeller Jr.

The role of consultants, integrators, and other customer-facing business development managers has changed dramatically since 2001. Collectively, the industry has evolved towards greater dependence on IT and cloud based solutions that serve as force multipliers in the field. Moreover, vertical markets are continuously challenged with doing more with less and finding creative ways to leverage their products beyond their intended security application. This presentation offers the client perspective on effective organizational engagement, the importance of building operational benefit for products and services, and reveals the common metrics used in vendor selection. It explores how the need for innovation has reframed the functions of consultancy with responsibility. This obligation demands that the relationship shift from providing a service to becoming a trusted partner – one that understands the industry, its regulations, challenges, and opportunities. It requires acknowledgement that the first point of sale in any engagement is not your customer. Instead, together you have shared customers and only through effective collaboration can you maximize cumulative value. From this vantage, the social capital of the consultant must be greater than that of the economic return of the product or service being provided. This can only be achieved through transparency regarding capabilities and limitations, realistic expectation setting, and delivering beyond the point of sale.

GENERAL SESSIONS

sponsored by

Tyco

Where's the Talent?

Moderator:Paul Boucherle, Matterhorn Consulting
Panelists:Kathryn Bartunek, AECOM (tent.)
Chrissy McCutcheon, Security by Design
Michael Newsome, Butchko, Inc.
Chris Wiggins, Securo Group (NZ)

Not only is the security industry in general faced with identifying and recruiting talent to meet its future challenges, it's even more difficult for the security consulting and engineering firms. While the opportunities in the security industry are clearly not understood by many in the early stages of their careers, consulting is also a mystery to a significant fraction of those already practicing security. Certainly the entry path to the profession is not clear. This session will feature a panel of younger consultants sharing their experiences in entering the profession. It will solicit ideas from our consultant attendees in order to add perspective and suggest some reasonable approaches to address the staffing dilemma.

Maximizing the Value of Your Client Relationship

Moderator:R J Hope, CPP, Burns & McDonnell
Panelists:Mark Powers, Catalent Pharm Solutions
William Crews, Security & Resilience Consulting
+1 Panelists TBA

Our keynote speaker, Will Wilkins, will offer meaningful insight from the client viewpoint into understanding the dynamics and internal stakeholders of the security client’s organization. With this as the symposium’s opening backdrop, a panel of consultants and current and former end users will discuss their own experiences and insights which have contributed to successful, collaborative, and enduring relationships and greater value for the security investment.

CYBER SECURITY TRACK

sponsored by

Digital Watchdog

Cyber - The Integrator Perspective

Moderator:Andrew Lanning. Integrated Security Technologies
Panelists:Phil Aronson, Aronson Security Group (ADT)
John Nemerofsky, CGL Technologies
Rodney Thayer, Smithee Solutions
Wayne Smith, Tech Systems

Increasingly, Government and Critical Infrastructure clients are seeking a higher level of cyber assurance from their supply chain partners which includes their security system integration partners. Consultants are uniquely positioned to translate a client's cybersecurity requirements into an electronic security system specification which ultimately goes out to the integrator community for implementation. This session will review, from the integrator's point of view, cybersecurity requirements and cost considerations the consultant could/should be discussing with their client during initial risk assessment, during commissioning/testing, and for post-installation monitoring, testing, and life-cycle management.

Cyber Hardening (double session)

Presenter:David Brent, Bosch Security and Safety

As of 2015, close to 300 million IP cameras have been installed around the world. Many of these cameras have been installed with default user names and passwords and can be accessed from anywhere in the world. For years the question has been "How secure is the video that a system produces?" but that question is changing. Now the question is "Can my security system be used against me?" Most IP cameras are manufactured with an open operating system, or basic kernel, that gives no real consideration to data or cyber security. What are the current fundamental considerations that an organization needs to take into consideration before placing any IP camera on their network?

Cyber Certification & Specifications

Presenter:Ray Coulombe, SecuritySpecifiers

The two previous CONSULT symposia have dealt with topics of cyber liability and cyber specifications. This session will deal with two primary related topics. The first is the latest iteration of cyber specification language for consideration by consultants to support projects in design. It encompasses such considerations as submittals, product characteristics, asset management, password provisioning, and contractor responsibilities. The second is to address current efforts to formulate a cybersecurity certification around the topic of cyber-secure installation, establishing a knowledge baseline that can be referenced in a specification’s Qualifications section.

TECHNOLOGY TRACK

sponsored by

Brivo

Virtual Infrastructure

Presenter:Fernando Macias, CCIE, VMWare

Virtualization has become the single most effective way to reduce IT expenses while boosting security and efficiency for all size businesses, and it now encompasses network and storage. Better understanding virtual networks and the underlying concept of micro-segmentation prepares you to have a more productive conversation with the IT organization, understanding what network and security virtualization features may be in use. Learn how a virtual networking fabric contributes to better cyber security. Logical security can be greatly enhanced by using micro-segmentation to reduce the impact of cyber-attacks. This session will cover the basics of virtualization and micro-segmentation and review current cyber security methodologies. It will also provide practical examples and review multiple ways to operationalize a software-defined infrastructure which, in its broadest sense, is referred to as Hyper-converged Infrastructure (HCI).

Secured Communication and the Future of the Converged World (to include IoT)

Presenter:Pierre Bourgeix, Convergent ESI

The convergence of things with the fast paced movement towards machine learning, deep learning and synthetic cognition/AI is leading our world into a unified symbiosis. For thousands of years our world was disparate or separated - however today it is unified and connected. With this in mind we as humans have all agreed to drink from the chalice and move into the uncharted waters of unified thought. Data, meta data, converged technologies, IT, OT, PS, and IIoT integration using deep learning, machine learning, synthetic cognition /AI are the keys to today’s industrial and IT revolution. Secured Communication and Secured Identity are two key elements that are required to begin this evolution and to insure that this new world is created in our image.

Design Implications of Data Aggregation (Big Data)

Moderator:Mark Schreiber, CPP, Safeguards Consulting
Panelists:Joe Mayberry, Intel
Jonathan Rhoads, TBL Systems
Greg Skarvelis, Verint Systems

Over the past several years, the security industry has come to embrace the term "Situational Awareness". Also, the term PSIM (Physical Security Information Management) has been often overused and misunderstood. Both of these address the requirement to have, as much as possible, a holistic picture of impending and existing events to facilitate preparation and response. Now, with the advent of data science, which seeks to pull meaning from a large body of structured and unstructured data, there is the emerging potential to significantly enhance situational awareness and predictive analytics. This session will explore the likely relevance of “Big Data” to the security industry in general and its impact on the thinking behind security design.

Converged Cloud Security (On Premise vs Cloud)

Moderator:Dan Dunkel, PSA Security Network
Panelists:Min Kyriannis, JB&B
Steve Van Till, Brivo
+1 Panelists TBA

Cloud computing and services are fast becoming woven into the fabric of security for reasons of cost, program updates, and even cyber security. However, some worry about the loss of Internet connection, data back-up, availability, and even cyber security. Are some security applications better candidates to be in the cloud than others? In what situations, if any, do cloud solutions represent a poor fit? What questions should the security designer be asking of both client and cloud solution provider to formulate good solution recommendations?

RISK TRACK

sponsored by

Veracity

Surf the Privacy Wave; Risk Management and Operational Security in an Evolving Privacy World

Presenter:Salvatore D'Agostino, IDmachines

The session will review the current privacy requirements for security and surveillance systems. It will provide an overview of the relationship of privacy to security and how this relationship is evolving both locally and globally at this time. The session will introduce the concepts behind measuring and assessing privacy risk and the creation of a resulting privacy profile. The session will review existing surveillance and privacy codes of conduct, standards, frameworks and references and how these can be used by security and surveillance service providers and professionals. It will look at the particular considerations in the use of analytics and cloud based services as examples of high privacy risk applications. The session will give examples of the countermeasures that can be used to mitigate privacy risk in general and in this particular use case. Finally the session will examine the ways to measure and improve the usability of privacy from the perspective of the enterprise and the individual.

Errors and Omissions (E&O) Insurance Considerations

Presenters:Wayne Dean, McGriff Insurance Services
Hannah Hoeflinger, INSUREtrust

Hear from an insurance company and an underwriter familiar with the security industry about the ins and outs of E&O insurance, and how that relates to general liability and cybersecurity concerns.

Cyber Risk and Incurred Liabilities

Presenters:Wayne Dean, McGriff Insurance Services
Hannah Hoeflinger, INSUREtrust

There is a growing acceptance of the need for cybersecurity insurance. But how often do claims get paid…and why? The presenters provide insurance services to PSA Security Network integrators and will discuss the circumstances around several cases where claims against several integrators have been paid. What lessons are to be learned and how can security service providers better prepare themselves to be protected from cybersecurity liability?

Operations Risk – Holistic & Practical Assessment

Presenter:Benjamin M. Butchko, Butchko, Inc.

Recognizing and evaluating cyber, physical, and operations risks provide for significantly greater delivery of value to the business operation. However, assessment and identification of risk is often performed in silos and from differing perspectives. Go beyond hype and marketing vernacular to see how a holistic view can be achieved through a manageable and repeatable process. Perform assessments that look beyond the tree and provide a clear view of the forest.

SPECIAL TOPICS

sponsored by

LifeSafety

Escalation: How to handle a project that goes 'sideways'

Moderator:Rodney Thayer, Smithee Solutions
Panelists:Min Kyriannis, JB&B
+2 Panelists TBA

How do you handle resolving problems with vendor's “solutions” that aren’t solutions at all? The physical security marketplace often shows up ill equipped to handle these situations causing a project to go sideways and responding in an ad hoc manner with one-off band-aid solutions? The answer may well lie in "escalation". Can problems be handled in an orderly manner or is there a need to escalate with extreme prejudice (cancel the purchase order, rip and replace)? Can issues be resolved, leading to a "lessons learned" conversation and ensuring the problem doesn't happen again? This panel will discuss processes, honed in the IT arena, that can be used successfully to manage vendor problems whose severity begs for escalation.

Understanding Security Systems Commissioning

Moderator:James Krile, Heapy Engineering
Panelists:Forrest Gist, Jacobs Engineering
Jim Henry, Securitas ES
+1 Panelist TBA

Have you ever approached a client about a value added service such as commissioning, only to have them respond that "Isn’t this already included in your proposal?". In this session, we will discuss the often mis-understood and sometimes poorly defined project close-out activity referred to as Commissioning. We will explore some of the more essential aspects of Commissioning our increasingly complex and interconnected Security Management Systems. These include (1) What is Commissioning? (2) What is the justification for this value added service; and (3) What does the commissioning process look like?

Mitigating Liability Risks During Hostile Event Response

Presenter:Jerry Wilkins, Active Risk Survival

Applying industry best practices can directly affect an organization’s liability in the aftermath of a hostile event. There is significant published guidance including PASS 4th Addition Partner Alliance for Safer Schools, NFPA-3000 (PS) Active Shooter Hostile Event Response Planning, USSS Enhancing School Safety, and FBI Developing Emergency Operations Plans. Drawing from case studies including Mueller Water Products, the New Zealand Mosque Attack, and MDS High School in Parkland FL, this session will focus on the due diligence (actions and processes) an organization can pursue in preparation for a random tragic event.

Project Success or Fiasco: Dealing with Shocks, Illusions, and Ambushes

Moderator:Ed Chandler, Security by Design
Panelists:+3 Panelists TBA

Every project has its unexpected moments. Sometimes, though, the unexpected can feel like a tidal wave. Manufacturers can be suddenly acquired, client personnel suddenly change, product capabilities have been oversold or forgotten, or the contractor becomes more foe than friend. These and other situations can threaten the success or even viability of a project unless cooler heads prevail. Hear from a panel that has nearly seen it all to understand how they’ve dealt with different project-threatening situations and what they might do differently in retrospect.

Questions or comments? Contact us at info@AttendConsult.com.

About Us

CONSULT is a security industry event sponsored by SecuritySpecifiers. SecuritySpecifiers is an online community and network of security professionals established to address the need for the physical security industry to more effectively engage with designers and consultants.

Useful Links

Contacts Details

203-405-3740