Facebook's core values of being bold, focusing on impact, moving fast, being open, and building social value allow Facebook to deliver on its mission to give people the power to build community and bring the world closer together.

To foster innovation and collaboration, an open plan office space and a welcoming environment for frequent meetings with external visitors are essential to enable the business.

Nick will use this as an example to illustrate:
• Progressive approaches to creating a safe and secure workplace
• How the company evaluates its risk appetite, and the role of security function in this dialogue
• How governance structures are evolving, with a focus on security as the business enabler and ESRM concepts

Speaker: Nick Lovrien, CPP, Chief Global Security Officer, Facebook, US

Only available for leadership pass holders – register now

Learn how security leaders can successfully engage business leaders in the security risk decision process.

We will cover the role of the security and business leaders in ESRM, and business-based risk mitigation program development.

This session is intended as preparation for the “Bring it to the Board Room” training session following the coffee break.

This session will be led by Rachelle Loyear, Director of Program Management for Integrated Security Solutions, G4S.

Speakers:
Volker Wagner, Vice President Security, BASF Group
Gavin-Henderson, Vice President regional Security Europe & Eurasia , Mastercard
More speakers to be confirmed

Only available for leadership pass holders – register now

This presentation will use real case studies to highlight the key role partnerships play and how they are helping to shape improvements in the security of soft targets.

Learning from experience is a crucial opportunity that should not be overlooked. Sharing those learnings with others should also be viewed as an opportunity.

Recent attacks in Paris, Brussels and Bamako all provided us with unique experiences and in each case the value of public-private and private - private partnerships played a crucial role in our crisis management.

Since the attacks, Radisson Hotel Group has increased its contributions to collaborative efforts around the world including the Global Counter Terrorism Forum initiative on soft target protection, the EU action plan for protection of public places and European hotel industry trade association projects to increase awareness, preparedness and resilience in the European hotel, restaurant and catering industries.

Speaker: Geert Coremans, CPP, Director of Global Safety and Security, Radisson Hotel Group Corporate Support Office, BE

Only available for leadership pass holders – register now

The ASIS Europe 2019 venue and dates were confirmed long before Article 50 was signed, so it is by coincidence the event concludes on the date planned as “Brexit Day”. This session has been scheduled to address the latest developments and update attendees on how businesses are assessing the situation and preparing contingency plans (or not). With expert insight from BCI surveys, we will explore how management and business continuity planning may impact the security and risk outlook for businesses.

Speaker: Rachael Elliott, Leader Thought Leadership Team, Business Continuity Institute, UK

Only available for leadership pass holders – register now

All leadership and professional pass holders for Friday are invited to join us for this concluding session. Purchase your pass now

Digital transformation is today’s hottest business topic. Companies of all sizes across many sectors are seeking ways to leverage new technology. So how do security practitioners get involved without drowning in buzzword soup? And how do you support innovation whilst also supporting good security practice?

Digital transformation requires us to look at business models, roles, and tools, in different ways. Some companies are focused on efficiency or incremental process gains, whilst others are completely re-inventing their business models and creating new ways to engage with customers.

Often, debate on digital transformation is polarised between utopian visions of a world full of convenient, personalised services and dystopian visions of mass unemployment, catastrophic cyberattacks and malicious AI. So, this session has been designed by ASIS to get a grip on core issues facing security professionals and identify key opportunities to advance, and key areas of concern.

Practically speaking, already many systems that traditionally had their primary function as security can now be leveraged for different purposes. For example; IP cameras generate business insights in retail, or traffic management in a smart city; risk assessment data can be packaged and re-sold as intelligence; access control provides insights for building management etc.
So how do we capitalise on digital opportunities? And how do we do it safely, securely and profitably?

After a short scene-setting presentation by Michael Gips, CPP, Chief Global Knowledge Officer, ASIS International, we will use live-polling and the expert facilitation skills of Prof. Martin Gill, Managing Director, Perpetuity Research to guide us through an interactive discussion and lively ideas exchange.

If you’re advanced on your digital journey, please join us to share and benchmark – and if you’re setting out, this is a great opportunity to learn from firsthand experience.

Recent incidents provide disturbing evidence of the stark vulnerabilities of Industrial Control Systems (ICS) to natural, human-factor accidental, and malicious threats.

This presentation includes numerous current, high-profile examples of ICS threats, vulnerabilities, and the severe consequences of such incidents. The presentation will help you learn and understand:
• What ICS includes;
• Where ICS can be found;
• Potential threats and vulnerabilities to and from ICS;
• Why ICS assets are critical to enterprise, business, operations, and mission objectives;
• How to take a proactive, protective systematic management approach to identify and protect the enterprise.

This presentation provides a wake-up call to everyone who manages or is responsible for critical ICS assets and their architectures, systems, facilities and infrastructure due diligence.

Speaker: Michael Bilney, Global Senior Principal – Asset Risk and Resilience, Cardno

Only available for leadership pass holders – register now

GDPR will have been in force for almost a year by the time ASIS Europe 2019 takes place. This session will take a look back at relevant case studies, analyse incidents and address myths around this complex legislation. Ady van Nieuwenhuizen, expert privacy lawyer will guide the discussion with insights from security leaders to frame key issues. We will highlight and address several key challenges for security practitioners.

Know Who You Hire – the Challenge of Vetting Just Gets Harder
Presented by Gilad Solnik, CPP, PSP, Director, Security and Loss Prevention, EMEA, Global Security Operations (GSO), Amazon

Ensuring the safety and security of your employees, company information, and business operations is essential for any modern business. Therefore, knowing who you’re hiring into your organisation is essential. Pre-employment screening measures are aimed at ensuring a safe and secure work environment while setting a foundation for good personnel security (Cpni.gov.uk, 2015). This discussion reviews the how privacy and data protection initiatives and the GDPR has introduced new challenges and restrictions on vetting and pre-employment background checks, and will provide an exchange of potential practical solutions.



Storing CCTV Footage Securely – Reassessing the Criticality of Servers
Presented by Henk Marsman, Lead Product Manager Identity and Access Management, Rabobank, NL

Since the adoption of GDPR CCTV data has become distinctly privacy sensitive. Subsequently, the criticality of systems storing CCTV data was revised (and increased), and access control measures need to be adapted accordingly. This impacted the governance of access to these systems, the periodical reviews on access, and the actual control measures in place for these systems. This discussion will cover key questions security professionals should address when considering access to such systems post GDPR.

Only available for leadership pass holders – register now

Managing identies and access for employees has significant different characteristics than that of customers. In many organizations these two are separately handled. With the rise of connected devices, ranging from small to large in size, it becomes less obvious to separate management of these two populations. Or in other words, there are new ways to combine the management of identities and access of employees and customers.

This presentation will cover the similarities and differences between identity and access management (IAM) of employees and customers. We will then discuss the impact of connected devices for the user and for IAM solutions.

Speaker: Henk Marsman, Lead Product Manager Identity And Access Management, Rabobank, NL

Only available for leadership pass holders – register now

This scenario-based 90-minute workshop will take you through a Red Teaming exercise focused on identifying adversaries’ methods of operation to target the logical, physical and human gate of the organization. Red teaming, as part of a proactive security cycle, is an effective operational intelligence tool. It also helps to create awareness and need for the implementation of a program with counter measures. By discussing the necessary awareness and necessary response to cyber, physical and human related threats the workshop introduces the participants to a method of response preventing unnecessary victims. Awareness is the key word. At the end of this session participants will understand the potential “external” and “internal” threat, why it appears, and what counter measures are effective.

Speaker: Berndt Rif, CPP, PCI, Chief Security Officer, Ministry of Health, Welfare and Sport, NL

Only available for leadership pass holders – register now

This session will take the form of a role-play training exercise where participants will be assigned into teams to address one of 5 security risk concerns from company executives.

Note – this exercise is in how to present the solution, not in judging the solution itself. Teams will be given a template PPT to create an executive presentation to propose a program based on the risk concern of a “company executive”. ESRM experts will engage teams in conversations about the approaches to executive presentations.

Teams will present their proposals to the “Executive Council” and will receive feedback on their presentation and engagement.

Important: participants should attend the prior “Engaging Business Executives in ESRM” session as preparation for the exercise.

This session will be led by Rachelle Loyear, Director of Program Management for Integrated Security Solutions, G4S.

Speakers:
James Willison, Founder, Unified Security Ltd
Mike Hurst, CPP, Director, HJA Fire & Security Recruitment
Volker Wagner, Vice President Security, BASF Group
Mike Gips, CPP, Chief Global Knowledge & Learning Officer, ASIS International
Gavin-Henderson, Vice President regional Security Europe & Eurasia , Mastercard
Bruce Braes, CPP, Principal Consultant Enterprise Security & Resilience Solutions, Jacobs
Mark Schreiber, Principal Consultant , Safeguards Consulting, Inc., US

Only available for leadership pass holders – register now

Info-centric Crisis-management is a new way of thinking within one of the biggest corporate banks in the Netherlands. This ‘idea’ is about creating a new system for Crisis-management where we combine internal and external data sources to act in an early stage when a possible crisis is in sight. This system combines data with roles and responsibilities for those who have to act during a crisis. The system provides an automated choice for a certain scenario. The main goal is to act faster, and creating a Common Operational Picture (COP) and possibly to act before a crisis is hits.

Speaker: Rens van Groenedaal, Pre-Master student Governance, Radboud University Nijmegen, NL

Only available for professional and leadership pass holders – register now

A clear understanding of security risk allows suitable control measures to be selected. This presentation will use several case studies to show how to blend physical, technical and procedural controls to safeguard the built environment and its assets. The presentation will also highlight the risks of taking the “tick box approach” to security design.

Speaker: Christopher Aldous, CPP, PSP, Director, Design Security Ltd, and Board Director, ASIS International UK Chapter, UK

Only available for professional and leadership pass holders – register now

Learn about a new, practical and easy to understand maturity model that can be implemented in hours rather than days.

What is your current security capability? How do you compare yourself against industry benchmarks? And where do you need to focus your efforts?

Maturity models aim to answer those questions and more, but unfortunately, most of them require expensive consultancy to implement and are often far too academic.

A more practical approach is clearly needed. This presentation is going to give you a maturity model that can be easily implemented in hours rather than days. A clear and visual way to easily understand the maturity of all areas of your security organization. You can now derive a clear roadmap that tells a compelling story and will help you obtain the necessary leadership buy in and additional resources for your program.

Speaker: Heimo Grasser, CPP, Senior Security Manager MEA, Medtronic, UAE

Only available for professional and leadership pass holders – register now

The talk will focus on ENISA's efforts to promote IoT cybersecurity by proposing baseline IoT security measures complemented with sectorial vertical studies that look into IoT security in particular sectors, e.g. Industry 4.0, automotive.

ENISA has been working with stakeholders across the board to address the many challenges of IoT security. ENISA advocates for a risk-based and context-based approach that looks into the particularities of sectorial IoT deployments and proposes specific security measures to address relevant risks. In parallel, understanding the ecosystem nature of IoT and the interdependencies, baseline IoT security recommendations have been proposed by ENISA to facilitate security interoperability in a horizontal manner. The talk will discuss related efforts and activities of ENISA and ways the community can engage with the Agency to further improve IoT cybersecurity.

Speaker: Apostolos Malatras, Expert in Network and Information Security, European Network and Information Security Agency, GR

Only available for professional and leadership pass holders – register now

This condensed, fast-paced briefing offers a future-oriented look on terrorism trends in Europe for the coming year, and Jihadi extremist activity in particular. Anchored in an analysis of the latest developments in Q4 2018 and Q1 2019, the presentation will use several perspectives to outline key concerns for the remainder of 2019. This will include consideration of the likely effects of several general elections, international events, upcoming terrorism trials, select migration developments, and Brexit on the terrorist threat in a range of European countries. The update will conclude with an update on newly evolving CT best practices among security departments of large corporations.

Speaker: Glenn Schoen, CEO, [email protected], NL

Only available for professional and leadership pass holders – register now

For organisations whose employees undertake regular travel, Duty of Care is an important concern. In addition, multiple regulators oblige organisations to ensure reasonable travel security for employees. Travel Risk Management (TRM) assesses risk and provides security to staff. However there are no rules, or internationally recognised Codes of Practice, that indicate what should actually be done in order to be compliant.

ISO (International Organisation for Standardisation) has begun developing a standard which will resolve doubts and provide guidance, ISO 31030. ASIS is playing an active role in this.

Learn about work in progress and how you can have your say to ensure that the voice of the Security Profession is heard and acted upon.

Coordinating speaker: Roger Warwick, CPP. CEO of Pyramid Temi Group (Travel Risk Management), Member of ISO 31030 technical committee, Member of ASIS Commission on Standards & Guidelines

Speaker: Werner Cooreman, CPP PSP, CSO Solvay Group, Vice-Chair of ASIS Commission on Standards & Guidelines, ASIS Liaison to ISO 31030 technical comittee

The travel sharing economy, which comprises services such as ride-sharing and house-sharing, has quite literally taken off around the world. Ease of accessibility and use while mobile means non-traditional ground transport and accommodation services are increasingly being used by business travellers. Despite the popularity, only 14 % of organisations surveyed by Ipsos MORI and International SOS* have integrated this in their travel policy. Have you? Join this innovation track to understand the benefits, risks and legal considerations of incorporating share economy services into your business travel policies and how best to do so within a travel risk management framework.

* Business resilience. Trends Watch 2019; Ipsos MORI & International SOS; October 2018.

In October 2018, Ipsos MORI conducted a global survey targeted to those who organise, influence, or are responsible for, their organisation’s travel and risk mitigation policies. These survey findings represent responses from 640 people, across all types of organisations which have had previous contact relating to business travel health and security with International SOS, in 82 countries.

Speaker: Xavier Carn, Vice-President Security EMEA and Medaire, International SOS & Control Risks

How close cooperation between corporate insurance and corporate security departments will make the management of security risks more effective and efficient.

There is common agreement among security and insurance professionals that security incidents are increasingly complex and global. Traditional insurance vehicles help indemnify the damage from such incidents. But to be able to successfully manage the velocity of security incidents anywhere around the world, companies require a level of expertise at immediate global readiness that companies realistically can’t maintain in-house.

The insurance industry has responded to this need for 'anywhere and anytime' immediate expert support, with a new insurance concept: Insurance as a Service. This new trend implies that security professionals and insurance professionals with their expertise and products are playing both an increasingly crucial role in ensuring the success in security incident response and related insurances.

In this inter-active workshop attendees will develop insight in the interplay between insurance and security and will walk away with practical tips on what to discuss with insurance professionals when purchasing insurance as a service.

Speakers:
Stefan Sievers, Head of Business Development Special Risks Europe, Hiscox
Jeroen Meijer, Senior Partner, Control Risks Group

What happens when we as individuals can not trust media in the same way we used to? Misleading media information during the attacks on Westgate Mall in Kenya, Drottninggatan in Stockholm and the Armed Conflict in Donbass Ukraine led to severe consequences. Social media as well as the increased commercialization and politization of traditional media present challenges to individuals and organizations. But this also present opportunities for actors in the security sphere and elsewhere.

Speaker: Johan Tinnerholm, COO, Global Warning System

Many of the changes the IT industry currently is undergoing are also deeply affecting the Access Control industry. These overall trends towards integrating mobile devices for daily use and the support of cloud infrastructure are changing the way how Access control is used and operated. This is also bringing new challenges for system supplier as well as customers when it comes to Cyber Security and GDPR compliance. More than ever solutions require to be designed for this environment and users have to be aware of their advantages but also exposures when it comes to managing their security, organization and personnel

Speaker: Thomas Herling, Senior Vice President Global Business Owner Electronic Access and Data, Dormakaba

Increasing complexity and continuous change of IT environments challenge organizations to gain transparency on their cyber security. The Cyber Security Maturity Assessment supports with a unique method to measure the maturity and effectiveness of cyber security measures and results are documented using the Cyber Security Maturity Cockpit. In addition it provides an overview of the cost-value ratio of identified measures based on ISO/IEC 27001. By creating transparency the Cyber Security Maturity Assessment enables decision-makers to take the right decisions for optimal use of human and monetary resources and to strengthen the cyber security resilience of the organization following a holistic approach.

CSMA enables organizations to answer questions like:
- What do we in relation to cyber security?
- How good are we with what we are doing?
- What does it cost?

Speaker: Christoph Hagenbuch, Cyber Security Manager, innogy SE

Many enterprises have large corporate campuses where hundreds or thousands of employees work at various sites around the world. These sites are complex environments, characterized as open and minimally staffed by security resources. Given this, they are notoriously difficult to protect and vulnerable to active assailant and terrorist threats as evidenced by the recent attack on YouTube’s corporate headquarters in San Francisco, CA. Our universities around the world share similar attributes and have been investing in cutting-edge technology to help protect their staff and students. Attend this session to learn about their transformative advancements and fulfill your duty of care to your employees.

Speaker: Les Allan, Director of SafeGuarding & Logistics Services, Heriot-Watt University

Everyone wants great vendor relationships based on long-term productive partnering, mutual business goals, and trust. Easy to say but how easy to achieve? Going from A-Z, including embedded vendor staff to complete outsourcing the presentation will highlight how its done and what makes lasting relationships more than just saying win-win.

Speaker: Andy Williams, CPP, VP Business Development, Safe Hotels Alliance

The term ‘marine’ comes from the Latin mare, meaning sea or ocean, and marine habitats can be divided into two categories: coastal and open ocean. Video surveillance (VS) applications can cover both types of marine environment with system for ships, maritime ports, onshore and offshore installations, etc. We will analyse VS for ships and explain the types of ships on which it can be used, the ways in which VS can be used on ships, the typical certifications in use, and what features a camera station must have to be installed on a ship and so on.

Speaker: Alessandro Franchini, Marketing & Communication Manager, Videotec

Diversity is a prominent challenge facing businesses today. Diversity has to be part of a company’s DNA – and it has to work as part of a company’s overall desire to hire the best possible people. Research shows that diversity makes workplaces more effective and efficient, plus a diverse workplace also promotes a company’s ability to adapt to any situation. In the panel, experienced security professionals from different countries and backgrounds will share their challenges and success stories. Furthermore, they will discuss diversity perspectives, experiences and skill sets that seem to be invaluable to the success of talent and to support modern business leaders.

Moderator: Alexander Zippel, CPP, Corporate Security, Deutsche Post DHL Group

Panellists include Christina Duffey, CPP, 2019 ASIS International President, Senior Vice President and Regional Director, SOS Security, Letitia Emeana, CPP, PSP, EMEA Snr Security Manager, Tesla, Bruno Kalhoj, Head of Division, Safety and Security, European Central Bank, and Rens van Groenedaal, Pre-Master student Governance, Radboud University Nijmegen, NL

Are we guilty of cloning security specialists? Young professionals entering the security industry may increasingly be the answer to changing the face of the sector.

The operational cog which turns the mechanism of the security industry is routinely led by the 'Grey, Pale and Male' from society. With the guidance of experienced security professionals, ASIS strives to bring through young professionals to the fore of the sector, which is spearheaded by James Morris in the UK. No less does David Clark, UK Chair of ASIS, hold this belief. He argues that we should not 'clone' our predecessors, but rather we should nurture younger professionals into a 'security culture'. Indeed, just as security is modernising and evolving into new frontiers such as cybersecurity and artificial intelligence, so too should the personnel who are increasingly managing it.

Speakers:
David Clark, CPP, PCI, PSP, Head of Security, Francis Crick Institute, UK
Leo Kelly, Security and Risk Management Analyst, Francis Crick Institute, UK
James Morris, CPP, Regional Security Manager, EMEA, Corporate Protection Services, Aon UK

Learn about ASIS’s newest certification program: the Associate Protection Professional (APP). The APP has been developed for security management professionals who are just starting their security career. To be eligible to sit for the APP exam you need 1-4 years of experience (depending on your educational history). During this session, the ASIS Certification Director will be there to answer your questions about this exciting new program.

Speakers:
Lynn de Vries, CPP, PCI, COO, DutchRisk
Gayle Rosnick, Director, Certification, ASIS International

Security professionals must have strong interpersonal skills, including negotiation, leadership, and team-building strengths, to successfully collaborate and engage employees in a security risk management strategy against all security threats. In response to these new demands, IE Business School has created this Program in partnership with ASIS International, through which you will be able to (among other learnings):

• Enhance business acumen and effectiveness
• Develop a strategic understanding, anticipatory and critical thinking.
• Become effective leaders and better decision-makers
• Develop communication and negotiation skills for persuasive influencing.

Speaker: Almudena Diaz Vidal, Associate Director Executive Education, IE Business School