Address to Austin computer security group, DefCon 512, on June 6, 2013 to explain physical security. Talk included examples of failure points and failure modes as well as standards for good security as constant improvement.
1. Physical Security for Data Centers
By Michael E. Marotta, BS MA
Website at CSI: Flint (2011) here.
BS in Criminology Administration, Summa cum Laude, Eastern Michigan
University, 2008.
MA in Social Science, Eastern Michigan University, 2010.
7. But was not always so. Before SWAT teams and “law and order”
politics of the Nixon Era, private security was the default mode.
8. America fought
a two-front war
involving
rockets and
atomic bombs,
and still, Roy
Rogers played
an insurance
investigator, not
a sheriff or
marshall.
9. Some of the 36 Security Guards Who Died
in the 911 Attacks on the Twin Towers
Patrick Adams – 60, Security officer, Fuji Bank
Andrew J. Bailey – 29, Security supervisor, Marsh & McLennan
Lawrence F. Boisseau – 36,, Fire safety director, OCS Security
Francisco Bourdier – 40, Security guard, Deutsche Bank
Denease Conley - 43, Summit Security
Philip Thomas Hayes - 67, Fire safety director, OCS Security
Ronald Hoerner – 58, Security manager, Summit Security Services
Mohammed Jawara - MAS Security
Barry Kirschbaum – 53, Security manager, Marsh & McLennan
Anthony Luparello Jr., 63, Security guard, American Building Maintenance
Sara Manley - 31, Senior security analyst, Fred Alger Management
John P. O'Neill – 50, Security, Silverstein Partners
Alexander Ortiz - Security guard, Grubb & Ellis Inc
Rick Rescorla - 62, head of security for Morgan Stanley Dean Witter
10. "The nine most terrifying words
in the English language are:
'I'm from the government and
I'm here to help.'”
– Ronald Reagan
11. Last fall, Mayor Bloomberg
famously bragged, ”I have
my own army in the NYPD,
which is the seventh
biggest army in the world.”
12. The US Supreme Court has ruled –
“…it is not the duty of the police
to protect
the individual citizen…”
Warren v. District of Columbia,
444 A.2d 1 (D.C. App. 1981).
13. WHAT PRIVATE SECURITY DOES
• It is an axiom of economics that
businesses anticipate the future, while
governments exist to remediate the past.
• Private security prevents problems.
• We look forward.
• We anticipate problems.
• We look for profitable outcomes.
28. Keep a Clear Zone
Too often, facilities workers can ignore security demands because
security very often reports to facilities management.
29. To be effective, security needs
Independence and Autonomy
Contract security remains distinct from
other employees.
Recognition of professional status
Status and title appropriate to business,
rather than to the military.
C-level representation
(a CSO to work with the CIO and CFO)
31. Certified Protection Professional (CPP)®- demonstrated
knowledge and experience in all areas of security
management
Professional Certified Investigator (PCI)®- demonstrated
education and/or experience in the fields of case
management, evidence collection, and case presentation
Physical Security Professional (PSP)®- demonstrated
experience in physical security assessment, the
application, design and integration of physical security
systems, and implementation of physical security
measures
43. The Uniform as Symbol
… a uniform is what you put on when you are deadly serious
and role-filling. A real uniform brings honor to the person
wearing it, and it marks that person as someone who performs
important impersonal and demanding tasks for the powerful …
There is a quasi-religious aspect to uniforms, suggesting that
the wearer is one who commonly engages in self-sacrifice and
risk-taking. … With so-called "suits," the number of buttons on
the sleeve and whether the shirt is buttoned-down … has
traditionally represented either seniority on the job or a sense of
superiority to everyone else ...
THE POLICE UNIFORM
by Prof.. Mark Stevens (USMC-Ret.)
http://faculty.ncwc.edu/mstevens/default.htm