SMT Online Editor's View: Call yourself a consultant?

22 Apr 09

Thankfully, April Fool’s Day 2009 passed by without a hitch for yours truly. No prank calls, no spurious e-mails from the Simply Red Fan Club courtesy of my friends (who know right well I listen to rock and metal, and have previously orchestrated such stunts as a result) and – just for once, mind – the Jubilee Line was in full working order and running to time. Now there’s a shocker.

Once ensconced at Ludgate Towers, I settled in for another day of digital action in both the B2B and social media spaces.

CameraWatch founder Gordon Ferrie emailed to ascertain whether or not I’d like one of the team to speak next month in The SMT SELECT Lounge at the NEC (“Yes please”), the Agenda for the next Security Industry Authority (SIA) Research Forum meeting popped into my Inbox and I was invited to meet the ASSA Abloy crew (where else but at IFSEC?).

Sometime after noon, I nipped out for a swift luncheon with Janet Smytherman to discuss matters relating to the Association of Security Consultants (ASC) and then, over the phone, I quizzed Phil Doyle and Dominic Bruning from Axis Communications for a forthcoming feature.

Oh yes. I mustn’t neglect to mention the AFC Group’s guarding supremo Olivier Cavaliere, who requested that I join his LinkedIn group (which runs under the fascinating title of The Cabbage Patch).

Still smiling at the 'Robocows' news item scripted by info4security’s excellent editor Anthony Hildebrand (I’ll bet a few of you were forced to think again about this one, weren’t you?!), I eased my way into the second day of April by responding to a communiqué courtesy of David Gill.

As many of you will no doubt be aware, David is the managing director and principal consultant at corporate security services deliverer Linx International, not to mention a leading driver behind The Security Institute.

He’s also the man who auctioned the last-ever print edition of Security Management Today for charity, raising a cool £500 in the process, but there’s no suggestion from me that he should begin to call that his biggest claim to fame. Oh no.

What, exactly, is a security consultant?

What many of you will not know is that David is currently in the final throes of piecing together a 30,000-word thesis as part of an MSc course in Security Management. The questions framing this mammoth tome? ‘What is a security consultant, and are controls in place to guarantee an acceptable level of expertise?’

In addition to coveting a plethora of material from our website to help with his final, pre-submission deliberations, David also invited me to share my views on the matter.

What follows is the article I wrote and sent to David, tweaked at the edges and with a few extras added-in for your good measure. OK? Let’s begin.

The debate surrounding the role of the security consultant, what that function is – and, perhaps, what it ought to be in this day and age – happens to be one that has surfaced several times in the pages of Security Management Today (SMT) and, of late, on SMT Online.

It’s one of many intriguing security-related topics about which I’m extremely passionate and, as you’d fully expect, I hold strong views on the matter. Views, indeed, that may not be to everyone’s taste, but it’s my considered opinion that the time for challenging The Establishment is long overdue.

There’s little doubt that today’s security environment is underpinned by high-tech equipment, detailed process and, inevitably, the commercial masters it serves. In a great many instances, of course, for the latter grouping read the plc’s Board of Directors.

Skills for Security – and we’ll come back to that organisation later in this discourse – has long talked of, and championed, the notion of the ‘security business sector’ (a phrase coined by one astute chap named Stefan Hay, if memory serves).

That’s exactly what it is. To this end, Security Departments the length and breadth of the UK are now being asked on an increasingly frequent basis to justify their existence.

In short, the Board wants to know what Mr Manager, his supervisors and officers (be they in-house or contracted) are bringing to the commercial table.

Not an unreasonable request, and most certainly not an unreasonable request “in the current climate” (a phrase I’ve now heard one thousand times too often, and which ought to be replaced with: “Gordon and The Bankers have ruined the country’s finances”).

Nothing wrong with outsourcing... or is there?

Many of these private sector operations still choose to outsource the procurement of bog standard security elements, among them risk assessment procedures, surveys and audits, corporate governance and equipment specification.

No harm in that at all, I say. Better to hand everything over to an expert for a reasonable sum of money than pretend to the powers-that-be you know it all and then make a real – and, potentially, very costly – mess as an end result.

Following that perfectly reasonable line of thinking, then, would you – as a security manager or director, and sensible human being – entrust the rewiring of your newly-acquired house in leafy suburbia to an electrical contractor that isn’t affiliated to (and ratified by) the National Inspection Council for Electrical Installation Contractors?

Similarly, would you have a new combi-boiler fitted by a company that pitches up at your door without benefit of Gas Safe (the new equivalent of CORGI) registration?

The simple answer to both questions is an emphatic ‘No’. Of course you wouldn’t.

So why is it that so many security managers and directors are seemingly happy to outsource elements of their employers’ all-important protection regime to ‘consultants’ who, by and large, have no real qualifications to handle the job with which they’re entrusted?

No qualifications, that is, aside from a long-standing career with either the police service or the forces tucked neatly under their belt, wherein they’ve apparently fostered ‘an ability to detect and deter crime’.

At present, what we have in this country is a band of people called ‘security consultants’. For the most part, very worthy individuals, many of whom emanate from the back story just outlined.

I’m sorry if this offends, but that’s where I – and a good many others besides – am beginning to see a real problem.

Automatic ticket for the gravy train

To be frank, is the mere truism that a given individual used to be in the police service or the forces an automatic ticket to become a private sector consultant on security and, in so doing, neatly top up the old pension fund?

The time is long overdue for us to rigorously question this long-established ‘career progression’ route, in much the same way that we ought to be revisiting the ‘qualifications’ necessary to be a security manager.

Several of whom, if we’re honest about it, have been – and are still being – appointed to post because of their contacts book as opposed to any demonstrable flair or ability for the role in question.

Having watched Panorama’s seriously flawed hatchet job on the SIA, Joe Public now knows that just about anyone can leave their home in the morning and decide to (a) call themselves a security consultant and (b) practise as one. What’s more, the Law of the Land is apparently toothless to do anything about it.

Where, I ask myself, is the standard qualification to practise? I don’t see one, aside from the Certified Security Consultant management training programme accredited by Buckinghamshire New University, the aforementioned Skills for Security and the Institute of Risk Management.

‘Graduates’ of this course receive a Level 5 Award, and can have the letters CSC stencilled on their business card. Laudable, and most certainly a step in the right direction.

However, the prospectus openly states: “The modules are structured to provide an individual with the knowledge and broad understanding of security consultancy services” and enable them to “manage a range of security functions”.

Hardly a degree-level qualification, is it? And certainly not a benchmark upon which blue chips could rest the outsourcing of their entire protection regime.

Proving true worth to the client

How can we even begin to talk about the ‘professional’ security consultant when there’s no physical or practical examination for current and aspiring ‘consultants’ to sit in order for them to prove their true worth to the client?

A client that’s entrusting them with, potentially, their life and those of their colleagues, on the strength of ‘an ability to detect and deter crime’?

Undoubtedly, there are transferable skills that can be pulled towards the commercial world from the forces or the police service.

It’s not a case of me suggesting we immediately throw the baby out with the bath water but, on the other hand, every recognised profession – medicine, engineering and architecture among them – demands suitable (and difficult) examinations for entry, yearly Continuing Professional Development (CPD) targets of the highest order and suitable grades of membership duly administered by a registered body.

There’s not much evidence of any of that in this industry for consultants or, indeed, managers (although The Security Institute is striving to change matters for the latter grouping, and making very decent headway to boot).

In all honesty, over the past decade of my close involvement with the security sector, I’ve been privy to so many ‘off the record’ horror stories of ‘consultants’ who, to be blunt, have hoodwinked end users (be they long or short in the tooth), advising them to procure thousands of pounds’ worth of surveillance equipment, for example, when some decent perimeter fencing would have done a far better – and much cheaper – job in terms of repelling the local ‘opportunists’.

I’ve also seen security equipment specifications written for multi-million pound installations by ‘independent’ – a word that is abused too often, I’m afraid – consultants.

Specifications that are so tightly drafted it could only be one or two companies’ kit that’s in the running for winning the day at tender stage. That’s not a fair process by any stretch of the imagination, and must be opened up to far greater scrutiny than is presently the case.

Problems with defining the role

Looking at the situation with objectivity, perhaps the word ‘consultant’ is where the problem lies.

One of the reasons why the Regulator has – for the time being, at least – shied away from licensing such folk is that there’s a real problem when it comes to defining the role and its core competencies (more of which anon). ‘Consultant’ is a word that means whatever it needs to in relation to whomever’s asking the questions.

Why don’t we use the term ‘practitioner’ or ‘advisor’ instead? Those ‘tags’ seem to work well in, for example, the medical hierarchy.

There are no grey areas in that sector, which is most definitely a profession staffed by professional people boasting first degree-level qualifications as a bare minimum.

To my mind, such a recognised qualification for security consultants, advisors or practitioners – let’s leave the terminology aside for a second – in the shape of a degree or a degree-standard diploma must be devised and introduced in the near future.

An in-depth, lengthy course of study with a set of examinations at the end of it all that, if passed, demonstrate tangible competence in the role, and suggest that a given individual is (or will be) performing the function because they can rather than as a result of them harbouring an extensive list of contacts and having spent 20 years working in an office at a provincial nick in Stoke-on-Trent, Warrington or Exeter.

‘Consultants’ – or whatever we determine to call them – must also be regulated by the Government, or at the very least a Government-appointed agency.

The fact that Tom Thumb can walk out of his house today, call himself a consultant and start advising people who have no redress in law when it all goes belly-up is ludicrous to say the least, not to mention demeaning for all those engaged in the role at present.

Another of the Government’s reasons for deciding whether or not to licence – via the SIA – any group of individuals is to begin from the premise that NOT licensing said individuals will be ‘injurious to the public good’ (or something along those lines).

Well, I would strongly suggest that tracts of what we have in place at the moment in terms of security consultancy provision in this country are very definitely ‘injurious to the public good’.

It’s not all one-way traffic

Don’t get me wrong. There are many success stories of people doing things the right way.

Most notably, one need only look at the security consultancy divisions of major multi-disciplinary concerns like Arup, TPS, Buro Happold and Faber Maunsell – in addition to companies such as Capita Symonds and Ian Johnson Associates – to see what first class consultancy provision looks like in the real world.

That said, those boys are the fresh cream that sits atop a rather dry and uninspiring cake whose mix is infested by the kind of operations unveiled on Panorama.

Exactly how many practising consultancies are operating to BS 8549 and, more to the point, being given regular MOTs to make sure that they are?

Just because we have always ‘done consultancy’ in a certain way doesn’t mean that it always has to be so. Indeed, it’s my view that the status quo can no longer be allowed to continue.

Some hard and fast questions, such as those I have posed within the confines of this polemic, need to be addressed now. If the answers happen to upset the apple cart, well I’m afraid that’s just tough.

With the terrorist threat the way it is, and given the fact that it will continue to be so ad infinitum, the days of a free lunch are well and truly over.

How many ex-coppers are really up-to-speed on the increasing convergence of security with IT and building management?

How many of them have been able – or are willing – to grasp the nettle as far as IP technology’s concerned? How many of them have even tried to do so?

Core skills, core competencies

Last December, SMT Online reported on Skills for Security’s Sector Consultation Group and the ASC jointly calling for consultants to help shape any forthcoming regulation by airing their views on what they believe to be the core skills of the role, and what they ought to be.

At the time, the feeling was that any competency requirement must be based on National Occupational Standards, which are themselves to be reviewed this year.

Back to the here and now, technological advance requires a far more fundamental approach to the concept of future-proofing security solutions.

By extension, technology implemented for the sake of implementing it has realised an expensive landscape for so many clients who’ve been coerced into costly, wholesale redesigns.

Redesigns that, in truth, have made little difference to the host company’s problems when it comes to criminal incursions (in whatever form they manifest themselves).

I had to study long and hard for a BA (Honours) degree and sit professional examinations with the National Council for the Training of Journalists in order to enter the media world and, with time and not a little hard work, rise through the ranks to become the Editor of a business-to-business journal.

As a discerning reader of the print version of SMT and now SMT Online, you wouldn’t expect anything less of your Editor, would you? After all, I’m providing you with information and advice that’s helping you to do your job to the very best of your ability.

You trust implicitly that this advice emanates from an educated, professional and proven source and, in the case of SMT Online, it most certainly does. I’m justifiably proud of that fact.

Can we really say the same about each and every operational ‘security consultant’ in this country? Hand on heart, ladies and gentlemen, the answer to that question lies in the negative.

No greater priority than the security of the public

On Monday of this week, security minister Lord West unveiled plans worth £5 million to protect us downtrodden proles from the threat of terrorist attacks in crowded places.

As if by magic, the cash injection dovetails neatly with the issuance of a public consultation paper on how local authorities, businesses, the police and communities might work in collaboration to better secure those environs where we live, work and play.

According to the Home Office spin machine: “The new guidance will help local partners understand their roles, and the practical differences they can make to reduce the vulnerabilities of public areas like pubs, clubs, shopping centres, sports stadiums and schools.”

The Home Office’s carefully-worded missive to the national media continues: “They [ie the aforesaid local partners] will be able to prioritise their work based on advice from police counter-terrorism security advisors who, for the first time, are carrying out a standardised risk assessment of crowded places right across the country.”

Lord West is quoted as saying: “There is no greater priority for the Government than the safety and security of the public”.

Excuse me for laughing at this point, but I don’t know how any member of the current regime can say that with even a hint of belief about them.

Our borders are about as secure as a chocolate teapot. The army, navy and Royal Air Force have been systematically stripped of staff and equipment.

Members of the police service are continually forced to do their seemingly thankless job with one hand tied behind their back. It’s just not funny anymore.

‘Working Together to Protect Crowded Places’

The consultation paper – entitled ‘Working Together to Protect Crowded Places’ – follows publication of CONTEST2 (the Government’s revised counter-terrorism strategy, reported in full on SMT Online) and the Demos report we covered last Monday morning which basically comes to the same conclusions as Lord West’s new missive. Bit of a coincidence that, don’t you think?

Word of the £5 million funding has been met with glee by some members of the security community.

Take Andrew Sieradzki, for example. In response to Lord West’s announcement, the discipline leader for Buro Happold’s Safe and Secure Group told me: “This is excellent news. It’s a great opportunity to raise clients’ and developers’ awareness of the security risks their venues can pose, and to understand some of the potentially serious consequences that could arise if they don’t take the security advice on offer.”

Sieradzki feels that “any additional support to fund the work of police counter-terrorism security advisors is a positive step forward,” and is adamant that his organisation is “fully committed to working with the CONTEST framework”.

The Royal Institute of British Architects is also supportive of the Government’s plans, and is currently engaging in talks with both Lord West and the Home Office on what steps are next to be taken.

Cynics are spouting that £5 million is a drop in the ocean when compared to what’s needed, and I would be inclined to agree with them.

Patrick Mercer – chairman of the House of Commons Committee on Counter-Terrorism – is quoted as saying: “The money is nothing like enough to achieve what’s required and, frankly, I’m amazed that it’s taken so long for the Government to act on this issue.”

Really, Patrick? I’m not surprised. Not in the least. On the one hand, Lord West disdainfully dismisses suggestions that the Government has exaggerated the current terrorist threat. “If you see the material that crosses my desk every day then you’d recognise that claim is pure rubbish.”

On the other, however, he expects us all to believe that a paltry £5 million on top of the £1.5 million already graciously donated by Gordon to expand the numbers of police counter-terrorism security advisors is going to shore up our local defences and protect us all from Al-Qaeda and friends.

My response to that? Dream on, my Lord. Dream on.

Must be close to General Election Time

All of a sudden, the Government has reached a conclusion that elements of the hugely controversial Regulation of Investigatory Powers Act (more commonly known and ‘loved’ as RIPA) are open to abuse, and that a review is in order.

Well, Prime Minister Brown and former Prime Minister Blair, do you now expect us security folk to bow down before you in congratulation for acknowledging fault with ‘The Snoopers’ Charter’ about which you were warned a decade ago and chose to blithely ignore?

In truth, RIPA was brought into force before the terrorist atrocity that was 9/11, primarily to realise a single, statutory base point for a range of powers that many agencies already possessed and which the Government sought to control.

Looking back, claims made at the time by New Labour that the Act was devised to help police combat terrorism were pretty wide of the mark, given that the Boys in Blue (and MI5, for that matter) have separate powers to carry out phone tapping and covert surveillance, etc.

In the real world, on the back of RIPA so many local councils launched ‘spying missions’ – 10,000 of them, no less, in 2008 alone – choosing to snoop on petty offences such as dog fouling or under-age nicotine abuse.

Those same local authorities were also said to be using RIPA as a means for investigating parents accused of telling lies about the location of their fixed abode in a bid to have their children placed in a better quality school.

Rogue traders and terrorists… are they the same?

In announcing the plans to overhaul RIPA, Home Secretary Jacqui Smith told the national media that it’s right this Act be used to combat fly-tippers as well as serious criminals and terrorists alike.

“Our country has a proud tradition of upholding individual freedoms. That includes freedom from unjustified interference by the State.”

So the Home Secretary tells it, then, the Government has no interest in spying on law-abiding people going about their everyday lives. Mmm. We can take that priceless observation with a pinch of salt or three, I reckon.

If nothing else, what RIPA has done to date is openly expose the full extent of Government bodies and quangos that can (and do) watch over people, check on what they’re doing and when and list those whom they contact in the process.

Let’s not forget the infamous headlines in 2002 when there was uproar about the State eavesdropping on peoples’ e-mail communications.

Why the sudden change of heart now, then? Well, there’s a General Election just around the corner.

Labour is about as unpopular with the public as it’s possible for any political party to be, so a quick ‘win-win’ is to forge a smoke and mirrors exercise like this one and make us all feel Big Brother isn’t really watching us.

Might we expect a similar review of the national ID card scheme in the next few weeks? With this mob, nothing’s an impossibility.

Completely out of the loop?

Speaking of ‘Our Jacqui’, the Home Secretary was friendly with former assistant Metropolitan Police commissioner Quick – you know, the guy that didn’t mind images of confidential documents appearing in the press – to the extent that she preferred to call him Bob on the numerous occasions he received televisual praise via Whitehall.

You’ll recall the frequent and loud boasts from Smith that Quick – or should that be ‘Bob’? – always kept her fully-informed in relation to each and every one of his anti-terror projects.

I was reminded of that last Friday when the Metropolitan Police Service issued a further statement on The Damian Green Affair (in which the Met appears to justify its actions and engage in a little self-congratulation, while the fact that an innocent man’s home and Parliamentary office were ransacked for what turned out to be no good reason is neatly glossed over).

Given Smith’s assertions, isn’t it somewhat strange that she claims not to have known in advance about the Conservative politician’s arrest, even though it was Bob’s counter-terrorism squad deployed to conduct the raids?

Quick, of course, wasn’t the only senior policeman involved. Sir Ian Blair’s replacement Sir Paul Stephenson sullied his hands, too, by pressing the green button (and is now caught in the headlights attempting to root out police officers captured on camera at the G20 fracas minus their numbers, appearing to ‘stab’ protestors with their batons, elbow people in the face or use riot shields as weapons rather than defence mechanisms).

As former Marillion lead singer Fish faintly murmurs at the outset of the band’s seminal 1987 track White Russian: “Where do we go from here?”

Get the latest stories first with info4security's newsletters: Click to signup

Post and bookmark this story at the following sites:

What is this?

del.icio.us	Digg	Reddit	Google	Newsvine