In this Qatar edition, we are looking at the top 5 hotels in Qatar. Our local security providers and security managers have drawn upon their collective experience and corporate knowledge to pull together this list based on an extensive understanding of the particular dynamics of the region. Please click on each below to be linked to their specific details
Security Transportation and Executive Protection Qatar
ETS are executive protection and security transportation Qatar providers with extensive experience of operating throughout Qatar. We utilize trusted, vetted local personal security specialists and have a pool of vehicles available, including armored vehicles. Please contact us to discuss your requirements, or consider visiting our innovative web-based platform providing our clients the capability to book security transportation and executive protection services online ExecSecure.
ETS base all our assessments and advice on the latest information available to us but we encourage all our clients and travelers to monitor local travel advisories and their home country’s guidance period to travel. As appropriate you should consider seeking the specialist advice of expert security providers prior to travel Please Contact Us. Execsecure accepts no responsibility or liability based on the advice presented here.
The looming shadow of terrorism is pervasive. The recent suicide attack that targeted a music concert in Manchester, UK; the vehicle attack in London, UK, two months prior; and compounded further by regular images across the media of marauding attacks in cities such as Paris and Berlin. These acts of extreme violence are perpetrated by individuals who embrace death as part of the objective of their actions. The very thought of this is no doubt extremely worrisome, but what are the chances of falling victim to terrorism? The simple answer: very small indeed. Worrying about terrorism to the neglect of more prevalent threats, however, may actually increase your risk.
Business travelers quite often have irrational or misplaced fears that can lead them to not feel secure, when in fact they are, while conversely some often feel secure when abroad but are actually far from it. A significant number of travelers fear the risk of terrorism and, in doing so, neglect those risks that are statistically far more likely to kill or injure them.
“Security is two different things – it is a feeling and a reality. You can feel secure even if you are not and you can be secure even if you don’t feel it,” says security technologist Bruce Schneier.
Schneier further explains certain biases in risk perception:
Human beings tend to exaggerate spectacular and rare risks and downplay common risks.
The unknown is perceived to be riskier than the familiar.
Why and how do these relate to business travel safety?
Bias #1: Human beings tend to exaggerate spectacular, rare risks and downplay common risks.
The U.S State Department maintains records of all registered deaths of U.S. citizens abroad. The details identify for the majority what they died of and where. The results may surprise you. See the two charts in the images above for details.
In Figure 2, it is interesting to note the correlation between deaths due to Terorism (Yellow) and that of deaths due to Pedestrian accidents (Orange).
Bias #2: The unknown is perceived to be riskier than the familiar.
Regular travelers to certain city or location may likely become complacent, especially if they have not been directly affected by any of the dangers or hazards that may be present. This is also referred to as “Boiling Frog Syndrome” – named from the phenomenon that a frog if put into boiling water will immediately jump out, but if you place the frog in cold water and slowly heat it up will stay in there and eventually boil to death. Not an overly joyous image, but one that paints the picture accurately.
This complacency prevalent with certain travelers often leads to their safety and security decreasing whilst the chances of them being a victim to crime, or neglecting risks increasing. If our feelings match security reality – we make better trade offs. To improve our personal security services United States it is important to understand these two key biases.
“If it is in the news don’t worry about it, as by definition news is something that almost never happens,” says Bruce Schneier. The solution, therefore, is to know what the risks are – and obtain “Ground Truth.” This should involve research into your destination. What are the main dangers of the country or cities that you will be visiting?
Crime, natural disasters, health issues and political instability are all important factors to consider. Consider also specific and current issues such as date rape drugs being utilized in a tourist hotspot, or a spate of recent muggings in certain locations. Study the U.S. State Department website, or the equivalent travel advisory guidance of your country of origin.
What your company spent years to develop can be lost in an instant at the hands of one bad intentioned employee. The statistics on employee theft of intellectual property (IP) paint a dark portrait of what employees do when disgruntled, moving on, or stockpiling for a rainy day. William Evanina, the U.S. government’s National Counterintelligence Executive in the Office of the Director of National Intelligence says, “As a corporate leader, the single most important investment in protecting your proprietary information and sensitive trade secrets is developing a viable and enterprise-wide insider threat programs”.
To paraphrase the well-worn mantra on hacking and apply it to the pandemic of Insider Threat: There are two types of companies, those whose employees have already stolen IP, and those who simply don’t know it yet. No matter where your company is along its journey toward an effective insider threat program, success or failure is measured by the last harmful egress of research, formulas, algorithms, strategies, service manuals, or other critical business information (CBI). Whether your effort to detect, deter, and prevent CBI loss has become an industry model or is still a nascent vision, three common components can help build a new plan or help review and adapt a mature program.
Security professionals exploring insider threat fundamentals can take a lesson from first year journalism students. Budding reporters are trained to instinctively repeat basic questions designed to get to the truth, and three of those questions drive formation of all Insider Threat programs: “What?”; “Where?”; and, “Who?” Security leaders should make it their practice to ask these three questions of their staff, key partners, and operational components of their companies. What is it that most merits protection? Where is this most critical information located, physically and in cyber space? Who amongst us requires regular access to CBI?
As the past head of counterintelligence for the FBI, a former corporate security executive for one of the world’s largest companies, and now a risk management consultant, it no longer surprises me to hear new security professionals struggle to answer these basic questions. Security practitioners sometimes perpetuate the long-standing C-suite myth that “security’s got this” when it comes to everything from a missing gym bag to a missing gyroscope. The perception that someone, somewhere, must have already addressed, planned for, or is in the process of resolving the concern of the moment, provides comfort to our senior executives and job assurance for those of us in the profession. But the comfort is dangerous and the assurance is hollow. Rather, we should work to dispel the notion that security can or should protect everything. To do that, the savvy security executive endeavors to first identify and then deeply understand exactly what represents the future of the company, where it resides, and which employees have stewardship of this lifeblood. Done correctly, in partnership with key stakeholders including Human Resources (HR), Legal, IT Risk, and Engineering, Science or Business leaders, this approach provides laser-like focus on what really matters, shares ownership across components, and generates confidence in a process designed to protect against existential threats to jobs and share price.
Build Your Team
Successful implementation of insider threat programs hinge on assembling the right team. IP protection is a team sport and should not be carried out by one component alone. The team requires willful senior level participants who are convinced the time is right to defend the company against the threat from within. Leadership is often motivated to take this step by a crisis sparked by the loss or near loss of a trade secret at the hands of a departing or on-board employee or contractor. But waiting for such a crisis is not advisable. Gather data on losses suffered within your industry, supply chain, or customers. Talk to FBI corporate outreach contacts and ask for examples of economic espionage targeting your technologies. Talk to HR about where employees go when they depart and ask those employee’s former managers whether cumulative losses pose a concern.
Meet one-on-one with a senior thought leader in Legal, IT Risk, HR, Business Development, or Research and ask them to partner with you to assemble a team and form an Insider Threat program. Next, meet unilaterally with each proposed team member to brief them on the threat and risk to proprietary data and seek their support to more strongly defend the company. In some non-defense corporate cultures, using the phrase “Insider Threat” can still generate privacy, trust, and culture concerns. In one large company, a security leader’s proposal to discuss such a program was met with this question from the head of HR, “Do you not think we should trust our employees?” The security leader responded, “I do, and I think we should have mechanisms in place to defend our trust.” Meeting first with each partner will allow you to listen to their concerns. Limit the team to five or six decision makers from key functions. When the team is assembled start asking the first of the Journalism 101 questions.
Whether a newly appointed security leader or seasoned veteran, the question at the heart of IP protection is, “What exactly are we protecting?” Responses provided by security and business leaders to this single question help measure the need for an Insider Threat initiative or the maturity of an existing program. Common responses from the security ranks include; “I’m protecting these buildings”, “I’m protecting this campus”, “I’m protecting people”. Even security professionals in large, sophisticated corporations frequently do not cite, “ideas”, “research”, “technologies”, or “critical employees”, when asked what they protect. Follow up questions on which campuses, buildings, or people are more critical than others are sometimes met with silence or criticism that the question implies some employees are more important than others. One long-tenured security leader responded by displaying his daily automated reports advising him which doors, hallways and offices were entered, but, he could neither articulate which company functions occurred there nor how his data was relevant.
Importantly, your team should pose the “What” question to key business leaders including the CEO, General Counsel, CFO, Supply Chain leader, Research or Engineering executives, Business Development or Sales heads, and corporate audit manager. Provide context by framing the question as an attempt to identify the small subset of proprietary information that would most damage the company if it fell into the wrong hands. Various formulas and thresholds can be customized to help guide this discussion and quantify the degree of damage to finances, share price and reputational risk.
Security professionals can only truly protect that which they know is there. Once CBI is identified, the team must learn where it resides, in both physical and cyber space. In large companies with thousands of employees and facilities, this question is more easily asked than answered. Yet, the answer is vital to learning how your CBI is exposed. One large company locating its CBI discovered a proprietary formula sitting in an open folder accessible by its entire employee population. Audit of the folder revealed that employees in high risk nations had visited the folder without any valid reason.
When countering the insider threat, the physical and the cyber security of CBI must be viewed as one holistic endeavor. The behavior of data and the behavior of humans are inextricably linked and the partnership between IT Risk and Physical Security should be seamless. Once aware that specific buildings, offices, or laboratories contain CBI, protocols and checklists for enhanced safeguarding can be drafted. This initiative counters more than just the internal threat. Upon learning the location of a sensitive manufacturing process one company found the process was part of a public tour route.
The seemingly simple “Who” question can generate more consternation than the previous two questions combined, particularly from your partners in HR and Labor & Employment Law. While answering the first two questions is often labor intensive, this last query raises issues of policy, organizational culture, and law. Companies may learn that some CBI is assigned to contractors, and the team must wrestle with the issue of whether people with less allegiance, and more transient tenure, should be entrusted with the firm’s future. Yet, identifying employees who require access to CBI is easy compared to planning how to relate to them. This discussion should include: standards for employees to receive and maintain CBI access; policies on travel and device security; enhanced computer monitoring; and, governance protocols for investigative response to suspicious conduct. Importantly, the approach to such vital and often singularly knowledgeable employees should be an inclusive one that views them as special stewards with more responsibility than the average employee.
If approached carelessly, insider threat plans can breed mistrust, alienate key employees, erode company culture, and even violate labor or privacy laws. But, a quality program can be a leader’s most important legacy, reaping tangible dividends in loss prevented, jobs saved, and relationships forged.
Originally posted in the Security Magazine https://www.securitymagazine.com/articles/88644-insider-threat-programs-a-beginners-guide