By Emily Cadman
In a submission to a House of Lords select committee the BSIA has called on the security industry to take a lead in reassuring the public about measures in place to protect their privacy.
The House of Lords Select Committee for the Constitution is currently looking into the impact that government surveillance and data collection have upon the privacy of citizens and their relationship with the State.
In its submission to the committee, the BSIA argued that CCTV is a vital weapon in the prevention and detection of crime and its use has increased the sense of security felt by individuals.
The BSIA also noticed that whilst it “may be necessary to review common legislation and standards in order to continue to protect the privacy of the public” privacy is protected both through current legislation - such as the Data Protection and Human Rights Acts - industry guidelines and codes of practice.
Pauline Norstrom, BSIA CCTV Section Chairman, commented: “There has been much public debate in recent months about CCTV’s role in what is termed a ‘surveillance society’. The security industry must be at the forefront of not only professing CCTV’s many benefits such as crime prevention and detection, but also in reassuring the public as to the many measures in place to protect their privacy.”
“The security industry must be at the forefront of not only professing CCTV’s many benefits such as crime prevention and detection, but also in reassuring the public as to the many measures in place to protect their privacy”
Pauline Norstrom
She added: “As an industry we must be prepared not only to develop new technologies, but also to consider the effects that such technologies may have on the privacy of the public and to review current legislation and guidelines accordingly.”
The Lords enquiry, which was launched in April, stated purpose is to: “Seek to find out if increased surveillance and data collection by the state have fundamentally altered the way it relates to its citizens.”
Key questions the committee will be looked at include:
• What forms of surveillance and data collection might be considered constitutionally proper or improper? Is there a line that should not be crossed? How could it be identified?
“The broad constitutional implications of these changes have not thus far been sufficiently closely scrutinised”
Lord Holme
• What effect do public and private sector surveillance and data collection have on a citizen’s liberty and privacy?
• How have surveillance and data collection altered the nature of citizenship in the 21st century, especially in terms of citizens’ relationship with the state?
• Is the Data Protection Act sufficient to protect citizens? Is there a need for additional constitutional protection for citizens in relation to surveillance and the collection of data?
Commenting at the start of the enquiry in April, Lord Holme of Cheltenham, Chairman of the Constitution Committee, said: “The nature and extent of surveillance and data collection have changed dramatically in recent years. We now have close to 4.2 million CCTV cameras in the UK and with the introduction of the NHS Spine and the ID card database the government will hold more information about us than ever before.
“The broad constitutional implications of these changes have not thus far been sufficiently closely scrutinised. As a Committee we hope to get to the bottom of how these changes are altering the relationship between individuals and the State, and to ascertain whether necessary protection is in place.”
sábado, 15 de dezembro de 2007
sábado, 20 de outubro de 2007
HOW TO SELL SECURITY TO THE BOARD
By Mike Howse
Getting budget for security systems has proved tough as it is a nebulous area and hard to quantify return on investment…. until you have a data breach. The arrival of regulations with teeth, like the Payment Card Industry Data Security Standard (PCI DSS), are an important driver for selling in security, but this article shows you how to develop the added incentive of a cost-benefit model to break down the board’s resistance.
The security industry has long been fond of making analogies between data protection applications and things like fire extinguishers, burglar alarms and seat belts – you may not need these devices all the time but when you do require their services you’re extremely happy that they are there, and that they work. No one would suggest that just because your car wasn’t in an accident this year that seat belts are a complete waste of time and money. The same goes for security solutions – no hack attacks in the last fiscal period obviously doesn't mean the all-clear has finally sounded and you can jettison the firewalls and stop patching applications.
But logic such as this doesn't fulfil an executive's passionate desire for hard numbers to use when planning budgets and purchases. Any project that's likely to be approved needs to show real business benefits and a solid return on investment in order to get, or retain funding. Such benefits are easy to calculate when it comes to things like advertising campaigns, marketing efforts and equipment expenditures. However, it is notoriously difficult to estimate exactly what revenue and productivity gains, cost-savings and value are produced by data security applications.
The problem is that there's no way to know what might have happened – or not happened – without the security solution. While you can use system auditing trails to prove that some attacks were thwarted by your security systems, the majority of problems will probably have been warded off by the presence of the protection systems -- data theft is often a crime of easy opportunity. That's great, but is of no help in proving the benefits of a security system to the board who want to see hard numbers.
To get the green light on security projects, there needs to be an accurate and understandable model of an organisation's risk factors together with an explanation of how the expenditure supports company objectives and needs. Here's how to develop that model and make your case.
Security is risk management
An accurate method of determining RODSI – the Return On Your Data Security Investment -- requires a different model from the standard cost-benefit analysis. Security is a risk management system and exactly like insurance, security's value to any given corporation can be calculated. You have to determine what things might reasonably be expected to happen, how likely it is for these things to happen, and what it would cost to fix these problems should they occur. To answer these questions you need a risk analysis model.
Begin with the logical assumption that any business which collects, transmits and stores private customer data on a computer network is a target. Most executives accept the fact that the question now is not “if” your company’s network will be attacked, but when. But they still want to ensure they are not spending too much, or receiving diminishing returns on their investments. A good risk model answers all of these questions.
“Any project that's likely to be approved needs to show real business benefits and a solid return on investment in order to get, or retain funding.”
Developing a risk analysis model
Begin your risk modelling by determining the level of inherent threat exposure you have within the industry that you are part of, and the sort of data you collect. See the table to the right "Developing a risk analysis model" for an example.
Any industry that's known to have and hold large amounts of valuable data – retail, universities and government agencies among others – is more at risk that those industries that aren't likely to harbour much in the way of re-sellable information.
Once a company’s overall basic risk factor is established, other factors must be considered to arrive at a true picture of its data threat potential.
Companies have their own corporate cultures, their own policies, procedures and business practices, all of which either enhance or undermine technological security measures. Individual employees, most probably with varying degrees of security awareness, also impact the vulnerability of sensitive data. If scant attention is paid to employee training, developing solid security policies, ensuring that applications are patched promptly, and paying anything more than basic lip service to the idea of security, then a company’s risk profile is affected. The damage a successful breach can cause will be much higher in such an organisation than a company in the same industry that has a corporate culture centred on security. (See the table to the right "Policy and procedure risks").
A company's individual risk factor can be difficult to discuss with executives, especially if poor choices and priorities have created unacceptably high risk levels. If so, use the inherent and individual risk factor to establish probability (the likelihood of a data breach) without pointing fingers or making accusations – e.g. "as a retailer who processes and stores vast amounts of payment card data and employs many, often temporary workers who aren't fully trained in the importance of data security…etc" and focus more on the costs associated with a breach.
Counting the cost
“Security is a risk management system and exactly like insurance, security's value to any given corporation can be calculated”
After an organisation’s particular risk profile has been established, that profile is then used to determine the likelihood of a breach. A model can be created of the various costs that are likely to be involved in managing a data breach. And here's where things get challenging.
Based on all the cost factors discussed in depth below, the cost of a breach can be reasonably estimated. But there is no single set of figures that fit all businesses; so you'll need to work out the costs likely to accrue if your own systems are successfully attacked. The principal variable that will drive many of the costs is the size of the breach – specifically, how many client records have been compromised. Larger breaches obviously require a greater expenditure to prepare proper responses and handle the communication after-effects of disclosure. And clearly the risk of liabilities associated with fraudulent use of the data will escalate as the number of records grows.
In general, the majority of security consultancy companies estimate that a data breach will cost a company roughly €25 per compromised customer record. This is a general guideline, not a hard and fast rule, and includes the costs of managing the damage caused by publicly reporting a breach. While the UK does not legally require companies to publicly report breaches, the calls for such a law are getting louder, and may be not too distant. Best to plan for it now, since it really is the right way to do business.
The costs of managing a significant data breach include:
• Detection of the breach and determination of response
• System downtime
• Customer remediation (if publicly reportable)
“Based on all the cost factors discussed in depth below, the cost of a breach can be reasonably estimated”
• Corporate remediation (if publicly reportable)
• Cost of fraudulent use of data, associated fines and litigation
1. Begin your cost analysis by determining the loss associated with systems going offline and the work/time involved in analysing a breach.
As soon as a breach is suspected to have occurred, costs begin to mount. Typically systems may need to be shut down to prevent further damage and allow for a thorough analysis; it’s possible that at least part of the business will need to go ‘offline’. The initial investigation will require a careful look back through system logs and auditing records in an attempt to determine the extent of the breach and its likely impact on the business.
Obviously, the more skilled the attacker, the harder it will be to backtrack and discover exactly what he’s done and how he’s done it. Outside experts may be needed to help determine what actually happened. The time period immediately following a suspected breach is always a disruptive and costly process that typically has a severe impact on the company’s overall productivity. Developing a response plan before an attack occurs can help mitigate these costs to some extent.
2. Factor in the costs of responding to the breach
Affected systems frequently need to be isolated during the initial investigation and potentially may need to be taken offline completely until the factors enabling the breach can be fully determined and affected systems can be completely analysed, cleaned out/patched or otherwise repaired.
“In general, the majority of security consultancy companies estimate that a data breach will cost a company roughly €25 per compromised customer record”
The initial triage will likely be followed by a more in-depth internal systems review. Depending on the size of the breach this stage will require significant internal investment and cooperation with outside vendors such as assessors, consultants and card issuing agencies. A breach should also trigger a heightened obligation for periodic audit and assessment.
If publicly reportable, factor in costs of notifying customers and investors, as well as setting up communications systems to respond quickly to their concerns. The media will also need access to company spokespeople.
In a breach that exposes payment card data there is a very high likelihood of fines and penalties being imposed. For example, companies who process, store, or transmit payment card data are required to adhere to the Payment Card Industry (PCI) Data Security Standard (DSS). The standard was developed by major credit card companies to help enhance consumer data security. Non-compliant businesses run the risk of losing the ability to process credit card payments and face fines of about €250,000 per incident, as well as increased auditing controls and possible loss of card processing services.
Crunching the numbers
The potential of an attack occurring, and the estimated cost of such an attack compared to the cost of the proposed security system, comprise your RODSI analysis.
But you should also include information about how your proposed security initiative will support the business' mission and vision. Compliance issues are a strong factor to include in your cost benefit analysis, comprehensive security systems are no longer an option for many businesses – they are a requirement.
Modern security systems often simplify the process of consistently complying with data security regulations, and will also complement many businesses’ missions to create and maintain sustainable sources of revenue. As an example, a web application firewall (WAF) supports a mission to expand online sales and services. Without a WAF, such an initiative is likely to devolve into a costly mess, plagued by nasty hack attacks and stolen data. You can back up these statements with research showing the prevalence of specific sorts of attacks such as cross-site scripting and SQL injection.
The days when FUD (fear, uncertainty and doubt) were all that it took to sell a security project to executives are almost gone. Calculating risk factors and developing a cost analysis isn't likely to be anyone but an insurance actuary's idea of fun, but it's guaranteed to be significantly less stressful than managing an attack on your system.
About the author: Mike Howse - European managing director, Protegrity Corporation - has 20 years of pan-European IT sales and marketing experience, specialising in security hardware and software for twelve of those. Previous roles include VP EMEA sales at Eracom Technologies AG, sales and marketing director at ASPACE Solutions (now ActivCard) and senior positions at companies including nCipher, Racal-Airtech, Ungermann-Bass, Synoptics and 3COM.
Getting budget for security systems has proved tough as it is a nebulous area and hard to quantify return on investment…. until you have a data breach. The arrival of regulations with teeth, like the Payment Card Industry Data Security Standard (PCI DSS), are an important driver for selling in security, but this article shows you how to develop the added incentive of a cost-benefit model to break down the board’s resistance.
The security industry has long been fond of making analogies between data protection applications and things like fire extinguishers, burglar alarms and seat belts – you may not need these devices all the time but when you do require their services you’re extremely happy that they are there, and that they work. No one would suggest that just because your car wasn’t in an accident this year that seat belts are a complete waste of time and money. The same goes for security solutions – no hack attacks in the last fiscal period obviously doesn't mean the all-clear has finally sounded and you can jettison the firewalls and stop patching applications.
But logic such as this doesn't fulfil an executive's passionate desire for hard numbers to use when planning budgets and purchases. Any project that's likely to be approved needs to show real business benefits and a solid return on investment in order to get, or retain funding. Such benefits are easy to calculate when it comes to things like advertising campaigns, marketing efforts and equipment expenditures. However, it is notoriously difficult to estimate exactly what revenue and productivity gains, cost-savings and value are produced by data security applications.
The problem is that there's no way to know what might have happened – or not happened – without the security solution. While you can use system auditing trails to prove that some attacks were thwarted by your security systems, the majority of problems will probably have been warded off by the presence of the protection systems -- data theft is often a crime of easy opportunity. That's great, but is of no help in proving the benefits of a security system to the board who want to see hard numbers.
To get the green light on security projects, there needs to be an accurate and understandable model of an organisation's risk factors together with an explanation of how the expenditure supports company objectives and needs. Here's how to develop that model and make your case.
Security is risk management
An accurate method of determining RODSI – the Return On Your Data Security Investment -- requires a different model from the standard cost-benefit analysis. Security is a risk management system and exactly like insurance, security's value to any given corporation can be calculated. You have to determine what things might reasonably be expected to happen, how likely it is for these things to happen, and what it would cost to fix these problems should they occur. To answer these questions you need a risk analysis model.
Begin with the logical assumption that any business which collects, transmits and stores private customer data on a computer network is a target. Most executives accept the fact that the question now is not “if” your company’s network will be attacked, but when. But they still want to ensure they are not spending too much, or receiving diminishing returns on their investments. A good risk model answers all of these questions.
“Any project that's likely to be approved needs to show real business benefits and a solid return on investment in order to get, or retain funding.”
Developing a risk analysis model
Begin your risk modelling by determining the level of inherent threat exposure you have within the industry that you are part of, and the sort of data you collect. See the table to the right "Developing a risk analysis model" for an example.
Any industry that's known to have and hold large amounts of valuable data – retail, universities and government agencies among others – is more at risk that those industries that aren't likely to harbour much in the way of re-sellable information.
Once a company’s overall basic risk factor is established, other factors must be considered to arrive at a true picture of its data threat potential.
Companies have their own corporate cultures, their own policies, procedures and business practices, all of which either enhance or undermine technological security measures. Individual employees, most probably with varying degrees of security awareness, also impact the vulnerability of sensitive data. If scant attention is paid to employee training, developing solid security policies, ensuring that applications are patched promptly, and paying anything more than basic lip service to the idea of security, then a company’s risk profile is affected. The damage a successful breach can cause will be much higher in such an organisation than a company in the same industry that has a corporate culture centred on security. (See the table to the right "Policy and procedure risks").
A company's individual risk factor can be difficult to discuss with executives, especially if poor choices and priorities have created unacceptably high risk levels. If so, use the inherent and individual risk factor to establish probability (the likelihood of a data breach) without pointing fingers or making accusations – e.g. "as a retailer who processes and stores vast amounts of payment card data and employs many, often temporary workers who aren't fully trained in the importance of data security…etc" and focus more on the costs associated with a breach.
Counting the cost
“Security is a risk management system and exactly like insurance, security's value to any given corporation can be calculated”
After an organisation’s particular risk profile has been established, that profile is then used to determine the likelihood of a breach. A model can be created of the various costs that are likely to be involved in managing a data breach. And here's where things get challenging.
Based on all the cost factors discussed in depth below, the cost of a breach can be reasonably estimated. But there is no single set of figures that fit all businesses; so you'll need to work out the costs likely to accrue if your own systems are successfully attacked. The principal variable that will drive many of the costs is the size of the breach – specifically, how many client records have been compromised. Larger breaches obviously require a greater expenditure to prepare proper responses and handle the communication after-effects of disclosure. And clearly the risk of liabilities associated with fraudulent use of the data will escalate as the number of records grows.
In general, the majority of security consultancy companies estimate that a data breach will cost a company roughly €25 per compromised customer record. This is a general guideline, not a hard and fast rule, and includes the costs of managing the damage caused by publicly reporting a breach. While the UK does not legally require companies to publicly report breaches, the calls for such a law are getting louder, and may be not too distant. Best to plan for it now, since it really is the right way to do business.
The costs of managing a significant data breach include:
• Detection of the breach and determination of response
• System downtime
• Customer remediation (if publicly reportable)
“Based on all the cost factors discussed in depth below, the cost of a breach can be reasonably estimated”
• Corporate remediation (if publicly reportable)
• Cost of fraudulent use of data, associated fines and litigation
1. Begin your cost analysis by determining the loss associated with systems going offline and the work/time involved in analysing a breach.
As soon as a breach is suspected to have occurred, costs begin to mount. Typically systems may need to be shut down to prevent further damage and allow for a thorough analysis; it’s possible that at least part of the business will need to go ‘offline’. The initial investigation will require a careful look back through system logs and auditing records in an attempt to determine the extent of the breach and its likely impact on the business.
Obviously, the more skilled the attacker, the harder it will be to backtrack and discover exactly what he’s done and how he’s done it. Outside experts may be needed to help determine what actually happened. The time period immediately following a suspected breach is always a disruptive and costly process that typically has a severe impact on the company’s overall productivity. Developing a response plan before an attack occurs can help mitigate these costs to some extent.
2. Factor in the costs of responding to the breach
Affected systems frequently need to be isolated during the initial investigation and potentially may need to be taken offline completely until the factors enabling the breach can be fully determined and affected systems can be completely analysed, cleaned out/patched or otherwise repaired.
“In general, the majority of security consultancy companies estimate that a data breach will cost a company roughly €25 per compromised customer record”
The initial triage will likely be followed by a more in-depth internal systems review. Depending on the size of the breach this stage will require significant internal investment and cooperation with outside vendors such as assessors, consultants and card issuing agencies. A breach should also trigger a heightened obligation for periodic audit and assessment.
If publicly reportable, factor in costs of notifying customers and investors, as well as setting up communications systems to respond quickly to their concerns. The media will also need access to company spokespeople.
In a breach that exposes payment card data there is a very high likelihood of fines and penalties being imposed. For example, companies who process, store, or transmit payment card data are required to adhere to the Payment Card Industry (PCI) Data Security Standard (DSS). The standard was developed by major credit card companies to help enhance consumer data security. Non-compliant businesses run the risk of losing the ability to process credit card payments and face fines of about €250,000 per incident, as well as increased auditing controls and possible loss of card processing services.
Crunching the numbers
The potential of an attack occurring, and the estimated cost of such an attack compared to the cost of the proposed security system, comprise your RODSI analysis.
But you should also include information about how your proposed security initiative will support the business' mission and vision. Compliance issues are a strong factor to include in your cost benefit analysis, comprehensive security systems are no longer an option for many businesses – they are a requirement.
Modern security systems often simplify the process of consistently complying with data security regulations, and will also complement many businesses’ missions to create and maintain sustainable sources of revenue. As an example, a web application firewall (WAF) supports a mission to expand online sales and services. Without a WAF, such an initiative is likely to devolve into a costly mess, plagued by nasty hack attacks and stolen data. You can back up these statements with research showing the prevalence of specific sorts of attacks such as cross-site scripting and SQL injection.
The days when FUD (fear, uncertainty and doubt) were all that it took to sell a security project to executives are almost gone. Calculating risk factors and developing a cost analysis isn't likely to be anyone but an insurance actuary's idea of fun, but it's guaranteed to be significantly less stressful than managing an attack on your system.
About the author: Mike Howse - European managing director, Protegrity Corporation - has 20 years of pan-European IT sales and marketing experience, specialising in security hardware and software for twelve of those. Previous roles include VP EMEA sales at Eracom Technologies AG, sales and marketing director at ASPACE Solutions (now ActivCard) and senior positions at companies including nCipher, Racal-Airtech, Ungermann-Bass, Synoptics and 3COM.
domingo, 16 de setembro de 2007
RISK MANAGEMENT Y SEGURIDAD: UN ENFOQUE PROFESIONAL Y COMERCIAL PARA AGREGAR VALOR A LOS SERVICIOS A CLIENTES
Autor: Prof. Ing. Julio Alarcón Saavedra, M.A. - Santiago, Chile, dacademico@iparchile.com
¿Qué empresario de seguridad no ha deseado obtener ese gran contrato de 120 guardias de seguridad, frente a un cliente que, colmado de problemas, ve como única solución el recurso humano? Bueno, si sus sueños se hicieron realidad, felicitaciones, pero tenemos malas noticias: esos tiempos parece que terminaron.
Si aún existe un tipo de cliente así, lo más probable es que, a no mucho andar el contrato de servicios, estemos enfrentado una reducción del personal o bien estemos saliendo por una puerta y otra empresa de la competencia entrando a continuación, haciendo lo mismo, pero con menos.
Es que el enfoque moderno de cómo llevar los negocios, por parte del cliente, tiende aceleradamente a internalizar la seguridad, o mejor dicho la prevención y control de pérdidas, ya explicaremos por qué, como parte integrante de sus procesos. Dicho de otra forma, la administración moderna del negocio tiende a seguridad con cero costo.
Pero no nos preocupemos, ese objetivo es ideal y de muy difícil consecución. Lo que a nuestro juicio sí está muy claro, es que todos perdemos si el cliente no tiene como contraparte a un empresario de seguridad que pueda respaldar los servicios que ofrece, en términos de profesionalismo, racionalidad y con un sólida base de gestión administrativa, entendiendo por tal una capacidad de satisfacción integral de las necesidades del cliente.
Ayuda en el objetivo anteriormente indicado, el plantearse una aproximación a nuestros clientes desde una perspectiva basada en una moderna visión de la Administración de Riesgos, o Risk Management si lo prefieren, lo que pretendemos demostrar a través de este trabajo.
Estamos empeñados en una verdadera cruzada en orden a establecer una cierta uniformidad de criterios respecto a la terminología que utilizamos. Total, si queremos enaltecer profesionalmente esta actividad que hemos elegido para desenvolvernos laboralmente y caminar por la vida, lo mínimo que podemos hacer es utilizar una terminología similar e inequívoca.
Sólo para dejar enunciado un problema que sería largo de tratar en este trabajo, en la actualidad debemos muchas veces recurrir a los términos anglosajones para hacernos comprender, por ejemplo ahora estamos hablando del Risk Management, o en otras oportunidades nos referimos a la "Security" para diferenciarla de la Prevención de Riesgos o Salud Ocupacional, o como quieran llamarla en cada país, a la cual denominamos "Safety", y así. Podríamos preguntarnos por una definición de Seguridad, Security, y nos contestaríamos que es, entre otras definiciones, la prevención de determinados riesgos.. Entonces, en qué quedamos?
En el caso del Risk Management, dependiendo de cuál escuela tomemos, norteamericana, británica o española, tendremos algunas diferencias respecto a su significado. En general, se entiende que el Risk Management es un proceso mediante el cual una organización identifica las áreas de pérdidas potenciales, lo que le permite adoptar a continuación una determinada decisión en orden a tratar dicho riesgo. Esta decisión no necesariamente es la Seguridad.
El Risk Management es en primer lugar un nivel de decisión estratégica respecto al riesgo, ya que implica adoptar una o varias formas de enfrentarlo: el aceptarlo y asumirlo, el transferirlo y el reducirlo, entre otras. Como se puede comprender, lo estratégico se deriva de que decisionalmente son opciones que pueden reorientar el negocio, en lo referido al tratamiento del riesgo.
Por otra parte, la decisión de reducir el riesgo es lo que comúnmente llamamos Seguridad, pero, para no tener que entrar a definir de qué seguridad estamos hablando, Security o Safety, sugiero que quememos los ídolos que hemos adorado y los manuales que hemos usado por mucho tiempo, y empecemos a olvidarnos un poco del término Seguridad, utilizando en su reemplazo, o mejor como complemento, decididamente el término de Prevención y Control de Pérdidas.
Así podremos olvidarnos de la Security y el Safety, y enfrentar, técnica y comercialmente el problema de la reducción del riesgo bajo un solo paraguas, con lo que se acaban las diferencias y quedan sólo las especializaciones respecto al tipo de pérdidas de que estamos hablando.
¿Qué empresario de seguridad no ha deseado obtener ese gran contrato de 120 guardias de seguridad, frente a un cliente que, colmado de problemas, ve como única solución el recurso humano? Bueno, si sus sueños se hicieron realidad, felicitaciones, pero tenemos malas noticias: esos tiempos parece que terminaron.
Si aún existe un tipo de cliente así, lo más probable es que, a no mucho andar el contrato de servicios, estemos enfrentado una reducción del personal o bien estemos saliendo por una puerta y otra empresa de la competencia entrando a continuación, haciendo lo mismo, pero con menos.
Es que el enfoque moderno de cómo llevar los negocios, por parte del cliente, tiende aceleradamente a internalizar la seguridad, o mejor dicho la prevención y control de pérdidas, ya explicaremos por qué, como parte integrante de sus procesos. Dicho de otra forma, la administración moderna del negocio tiende a seguridad con cero costo.
Pero no nos preocupemos, ese objetivo es ideal y de muy difícil consecución. Lo que a nuestro juicio sí está muy claro, es que todos perdemos si el cliente no tiene como contraparte a un empresario de seguridad que pueda respaldar los servicios que ofrece, en términos de profesionalismo, racionalidad y con un sólida base de gestión administrativa, entendiendo por tal una capacidad de satisfacción integral de las necesidades del cliente.
Ayuda en el objetivo anteriormente indicado, el plantearse una aproximación a nuestros clientes desde una perspectiva basada en una moderna visión de la Administración de Riesgos, o Risk Management si lo prefieren, lo que pretendemos demostrar a través de este trabajo.
Estamos empeñados en una verdadera cruzada en orden a establecer una cierta uniformidad de criterios respecto a la terminología que utilizamos. Total, si queremos enaltecer profesionalmente esta actividad que hemos elegido para desenvolvernos laboralmente y caminar por la vida, lo mínimo que podemos hacer es utilizar una terminología similar e inequívoca.
Sólo para dejar enunciado un problema que sería largo de tratar en este trabajo, en la actualidad debemos muchas veces recurrir a los términos anglosajones para hacernos comprender, por ejemplo ahora estamos hablando del Risk Management, o en otras oportunidades nos referimos a la "Security" para diferenciarla de la Prevención de Riesgos o Salud Ocupacional, o como quieran llamarla en cada país, a la cual denominamos "Safety", y así. Podríamos preguntarnos por una definición de Seguridad, Security, y nos contestaríamos que es, entre otras definiciones, la prevención de determinados riesgos.. Entonces, en qué quedamos?
En el caso del Risk Management, dependiendo de cuál escuela tomemos, norteamericana, británica o española, tendremos algunas diferencias respecto a su significado. En general, se entiende que el Risk Management es un proceso mediante el cual una organización identifica las áreas de pérdidas potenciales, lo que le permite adoptar a continuación una determinada decisión en orden a tratar dicho riesgo. Esta decisión no necesariamente es la Seguridad.
El Risk Management es en primer lugar un nivel de decisión estratégica respecto al riesgo, ya que implica adoptar una o varias formas de enfrentarlo: el aceptarlo y asumirlo, el transferirlo y el reducirlo, entre otras. Como se puede comprender, lo estratégico se deriva de que decisionalmente son opciones que pueden reorientar el negocio, en lo referido al tratamiento del riesgo.
Por otra parte, la decisión de reducir el riesgo es lo que comúnmente llamamos Seguridad, pero, para no tener que entrar a definir de qué seguridad estamos hablando, Security o Safety, sugiero que quememos los ídolos que hemos adorado y los manuales que hemos usado por mucho tiempo, y empecemos a olvidarnos un poco del término Seguridad, utilizando en su reemplazo, o mejor como complemento, decididamente el término de Prevención y Control de Pérdidas.
Así podremos olvidarnos de la Security y el Safety, y enfrentar, técnica y comercialmente el problema de la reducción del riesgo bajo un solo paraguas, con lo que se acaban las diferencias y quedan sólo las especializaciones respecto al tipo de pérdidas de que estamos hablando.
sexta-feira, 14 de setembro de 2007
Private security contractors'role grows in Iraq
By Jim Michaels, USA TODAY
The number of times that private security contractors working for the U.S. military fired warning or deadly shots at Iraqis nearly doubled during the past year, according to the U.S. military command in Iraq.
The records from Multi-National Force-Iraq illustrate the expanding role of private contractors in Iraq and highlight concerns about the growing reliance on civilian security workers who operate in a sometimes ambiguous legal area.
In the year ending May 2007, there were 207 reported incidents of private contractors firing shots, up from 115 during the same period the year prior, according to the Multi-National Force-Iraq. The incidents resulted in four deaths of Iraqis in separate shootings.
The records track incidents in which warning or deadly shots are fired at people or motorists who appear threatening.
Military officials don't know why shooting incidents increased, said Capt. Michael Greenberger, who released the data.
The higher numbers seem to follow the increased use of private security contractors to protect U.S. supply convoys. Contractors protect more than 500 convoys per month, compared with about 200 to 300 a month two years ago, U.S. military records show.
Shooting incidents could increase further. The Pentagon is considering using private security contractors to protect some convoys that are now protected by U.S. troops. The military command in Iraq has asked for the option to use security contractors to protect military supply convoys that ship non-essential supplies, such as magazines for sale in base post exchanges, said Air Force Maj. Gen. Darryl Scott, commander of the Joint Contracting Command-Iraq/Afghanistan.
"That's part of a larger effort to look at ways we can use contractors' capabilities and allow GIs to go home," Scott said.
It's not clear whether all shootings are reported. Generally it is the responsibility of the contractors to report the incidents.
"It's based on an honor system," said Army Lt. Col. Greyce Powell, a Reserve officer who returned this year from a tour in Iraq where she was director for the national reconstruction operations center.
"Nobody knows whether they are meeting the requirement or not," she said.
Triple Canopy, a private security company, fired three employees in July 2006 for not reporting an incident in which security guards fired on Baghdad's airport road.
Scott said the number of shootings is low compared with the frequency contractors protect convoys. "Thousands of convoys have moved over that period," he said.
"We are now dependent on contractors," Scott said.
There are about 6,000 armed private security guards working under military contracts in Iraq, Scott said. They are part of about 160,000 contractors supporting the 150,000 U.S. troops in Iraq, Scott said.
It's not clear whether private contractors shoot more often than soldiers, but critics say they are not held accountable for their actions.
Peter Singer, an analyst at the Brookings Institution in Washington who has written widely on the use of security contractors, points out that no security contractors have been charged in shooting incidents. "Compare that to how many soldiers have been court-martialed for crimes big and small," Singer said.
The military acknowledges that coordinating and enforcing discipline among the thousands of contractors moving around the battlefield has been a challenge.
Some of the shooting incidents were questioned by the Multi-National Force-Iraq.
In May 2005, a 60-year-old Iraqi was shot three times and seriously injured when a civilian security detail on the Baghdad airport road fired warning shots at motorists attempting to avoid a traffic jam, MNFI records show.
"Assessment of the incident was that the warning shots were unnecessary," according to the MNFI's written description of the incident. The other incidents involving deaths appeared to have been ruled justified, according to the records.
Private security contractors are required to use the same procedures as the military when encountering a threat.
They are supposed to progressively "escalate force" by issuing warnings verbally or with hand signals before shooting to kill.
The number of times that private security contractors working for the U.S. military fired warning or deadly shots at Iraqis nearly doubled during the past year, according to the U.S. military command in Iraq.
The records from Multi-National Force-Iraq illustrate the expanding role of private contractors in Iraq and highlight concerns about the growing reliance on civilian security workers who operate in a sometimes ambiguous legal area.
In the year ending May 2007, there were 207 reported incidents of private contractors firing shots, up from 115 during the same period the year prior, according to the Multi-National Force-Iraq. The incidents resulted in four deaths of Iraqis in separate shootings.
The records track incidents in which warning or deadly shots are fired at people or motorists who appear threatening.
Military officials don't know why shooting incidents increased, said Capt. Michael Greenberger, who released the data.
The higher numbers seem to follow the increased use of private security contractors to protect U.S. supply convoys. Contractors protect more than 500 convoys per month, compared with about 200 to 300 a month two years ago, U.S. military records show.
Shooting incidents could increase further. The Pentagon is considering using private security contractors to protect some convoys that are now protected by U.S. troops. The military command in Iraq has asked for the option to use security contractors to protect military supply convoys that ship non-essential supplies, such as magazines for sale in base post exchanges, said Air Force Maj. Gen. Darryl Scott, commander of the Joint Contracting Command-Iraq/Afghanistan.
"That's part of a larger effort to look at ways we can use contractors' capabilities and allow GIs to go home," Scott said.
It's not clear whether all shootings are reported. Generally it is the responsibility of the contractors to report the incidents.
"It's based on an honor system," said Army Lt. Col. Greyce Powell, a Reserve officer who returned this year from a tour in Iraq where she was director for the national reconstruction operations center.
"Nobody knows whether they are meeting the requirement or not," she said.
Triple Canopy, a private security company, fired three employees in July 2006 for not reporting an incident in which security guards fired on Baghdad's airport road.
Scott said the number of shootings is low compared with the frequency contractors protect convoys. "Thousands of convoys have moved over that period," he said.
"We are now dependent on contractors," Scott said.
There are about 6,000 armed private security guards working under military contracts in Iraq, Scott said. They are part of about 160,000 contractors supporting the 150,000 U.S. troops in Iraq, Scott said.
It's not clear whether private contractors shoot more often than soldiers, but critics say they are not held accountable for their actions.
Peter Singer, an analyst at the Brookings Institution in Washington who has written widely on the use of security contractors, points out that no security contractors have been charged in shooting incidents. "Compare that to how many soldiers have been court-martialed for crimes big and small," Singer said.
The military acknowledges that coordinating and enforcing discipline among the thousands of contractors moving around the battlefield has been a challenge.
Some of the shooting incidents were questioned by the Multi-National Force-Iraq.
In May 2005, a 60-year-old Iraqi was shot three times and seriously injured when a civilian security detail on the Baghdad airport road fired warning shots at motorists attempting to avoid a traffic jam, MNFI records show.
"Assessment of the incident was that the warning shots were unnecessary," according to the MNFI's written description of the incident. The other incidents involving deaths appeared to have been ruled justified, according to the records.
Private security contractors are required to use the same procedures as the military when encountering a threat.
They are supposed to progressively "escalate force" by issuing warnings verbally or with hand signals before shooting to kill.
quinta-feira, 23 de agosto de 2007
A SEGURANÇA COMO CIÊNCIA
A ciência, como conceito aberto, pode ser considerada como sendo a aproximação máxima e permanente a uma realidade. O caráter momentâneo conferido à realidade é exatamente o elemento que impulsiona ao aprofundamento permanente, com o qual se busca a confirmação, a comprovação e/ou manutenção da verdade já estabelecida.
A verdade é o objetivo máximo da busca cientifica que impulsiona, permanentemente, a pesquisa em direção ao aperfeiçoamento do conhecimento.
Para que seja possível atingir um nível de conhecimento cientifico satisfatório, as conclusões dos experimentos baseiam-se por meio da testagem e comprovação das hipóteses levantadas.
Como hipótese entende-se a "suposição duvidosa, mas não improvável, relativa a fenômenos naturais, pela qual se antecipa um conhecimento, e que poderá ser posteriormente confirmada direta ou indiretamente".
Hipóteses surgem diariamente pelo senso comum, e não podem ser consideradas como verdadeiras, mesmo quando possuem alguma coerência. O método popular faz uso da mera especulação, ou seja, "a reflexão aérea e subjetiva à revelia da realidade, algo que um cientista não poderia refazer ou controlar".
O método cientifico observa e especula as hipóteses, por meio do levantamento de casos, aplicando comumente um método experimental para tratar os resultados estatisticamente, resultando em comprovações testadas.
É preciso muita atenção em relação ao conhecimento científico apresentado, pois, é fato que este pode variar o seu conteúdo. A verdade pode ser modificada a qualquer momento; vide o próprio conceito de ciência.
É dever de todo pesquisador teorizar, constantemente, com as hipóteses apresentadas e, a partir destas, utilizar os princípios elaborados pela ciência para que seja alcançado um resultado satisfatório e a conclusão, firmada para o momento, possa ser tratada como científica.
Quando se fala de segurança como ciência, há que se levar em conta certos fatores que contribuem para o assunto segurança e seu oposto, a insegurança, tais como os fatores endógenos e exógenos, sendo estes analisados a partir do ponto de vista psicológico e do ponto de vista físico.
Considera-se o primeiro como a segurança numa situação na qual existe a sensação de resguardo das surpresas desagradáveis e de situações indesejáveis, conceituação válida também em um determinado contexto social, já que toda organização trata de alcançar os objetivos que justifiquem sua existência com maior ou menor ambição, considerando que isso representa um caminho que não somente encontrará dificuldades naturais, assim como vontades que se valerão pelos interesses opostos, numa real luta de interesses. Sendo assim, a segurança a ser alcançada deve possibilitar a conquista dos objetivos da organização.
Em contrapartida, desde o ponto de vista físico, deve-se defini-la, em síntese, como aquela segurança cujo objetivo a alcançar é o ambiente de proteção de elementos físicos ou de mecanismos enfocados ao amparo de uma entidade ou ser, a fim de permitir o desenvolvimento de suas atividades.
Essas conceituações científicas propiciam, em seu grande conjunto, o alcance de um estado de segurança desejado. Mas haverá um aspecto decisivo, que enfocará o indivíduo ou organismo, baseado em princípios realistas, que é a confiança em sua capacidade. Sem esse aspecto não existirão medidas suficientes, tampouco haverá, jamais, garantias e, por conseqüência, será impossível que exista segurança.
Conhecendo estes antecedentes, será possível conceituar a segurança, do ponto de vista científico, como uma ciência dinâmica que trata de salvaguardar o indivíduo no contexto social em que atua e proteger seus bens contra casos fortuitos ou premeditados, com o objetivo de alcançar um ambiente de bem-estar, confiança e melhores condições de progresso.
A concepção moderna da ciência da Segurança diz que não é suficiente um avançado sistema técnico de proteção para alcançar fins estabelecidos, em razão de que sempre a capacidade, os conhecimentos e as qualidades do homem de segurança serão fatores determinantes do êxito ou fracasso de qualquer sistema.
Por outra parte, seja qual for a dimensão do grupo social com que se trate, pretender dar-lhe a segurança necessária implica considerar valores tais como disciplina, honestidade, justiça, como guias para dirigir e respaldo para exigir; não tê-los em conta fará com que a evolução técnica, orgânica e normativa perca significado, por mais eficazes que possam parecer.
Cabe aqui destacar o termo denominado Cinturão de Segurança, que trata de todos aqueles objetos, dispositivos, medidas, etc, que contribuem para tornar mais seguro o funcionamento ou a utilização de algo.
Dessa maneira, resulta indispensável estabelecer um equilíbrio entre o homem e os sistemas, equação básica que possibilitará encontrar o caminho do êxito nessa difícil tarefa.
Em consonância ao expressado anteriormente, essa nova ciência está alicerçada na aplicação, não somente nos aspectos técnicos, dos sistemas de controle, das condições estruturais e operativas, mas também considerando aspectos próprios do desenvolvimento do ser humano, tanto individuais como coletivos. É por ele que se requer uma qualidade moral significativa na direção da segurança para que seja manejada com honestidade, ainda que se conheça a vinculação entre a segurança e a eficácia operativa.
Sem qualquer dúvida, alcançar uma nova concepção ética, capaz de enfrentar, de maneira incorruptível, a realidade cotidiana e universal da vida em sociedade, não será, por certo, tarefa fácil, é por isso que há a necessidade que de cada um dos homens de segurança conheça e pratique esses conceitos, ao mesmo tempo em que pratique as técnicas mais avançadas para fazer prevalecer o bem sobre o mal – descartada a simples abordagem maniqueísta, de tal forma que não se vejam surpreendidos com a realidade sem saber proteger a si mesmo, aos outros e às instituições.
A segurança das diferentes instalações físicas, tais como indústrias, laboratórios, organizações e empresas do Estado e privadas, instalações nucleares, estabelecimentos bancários, aeroportos, hotéis, residências apresentam diferentes particularidades, reclamam a necessidade de galgar ao conhecimento científico esta nova ciência e, por essa razão, ter sempre em consideração que a segurança não somente se alcança com a tecnologia de ponta, sem que o ser humano tenha que aportar as atitudes e os conhecimentos científicos dessa disciplina. Por outra parte, há que se considerar a existência dos grandes riscos imprevistos e não excludentes no contexto da segurança, nos quais se deve atuar também com capacitação e preparação adequadas no enfrentamento desses riscos acidentais, como um complemento na prevenção e controle dos sinistros, já que a segurança se dá em três etapas, a saber, antes, durante e depois.
Mesmo assim, é conveniente destacar que essa ciência trabalha em estreita ligação com outras disciplinas do conhecimento humano e que esses conhecimentos deverão ser levados em conta para o melhor desenvolvimento de suas atividades. Também é possível dizer que essa ciência tem aspectos científicos em razão de que realiza análises de riscos, entendendo risco como sendo a possibilidade ou proximidade de um dano, perigo ou ainda como ameaça. Com efeito, partindo-se da base de que a segurança integral envolve o ser humano, haverá que compatibilizar essas funções durante as atividades internas da empresa e fora dela mesma, durante o desenvolvimento de projetos e na sua execução, assim como durante as 24 horas do dia.
Por último, faz-se importante acreditar que todo o investimento na valorização do homem e na preservação de sua vida, indubitavelmente, redundará em maior eficiência e rentabilidade; inverter a equação poderá ser o início das dificuldades e, provavelmente, será impossível de controlar os riscos.
É assim que a Segurança, entendida como ciência dirigida ao bem-estar e progresso do homem, está dando seus primeiros passos, especialmente nos países mais adiantados, tratando de contribuir para a difícil realidade sócio-econômica mundial, como desafio que se inicia e como reflexão para todos que são encarregados de propiciar a segurança à sociedade e ao patrimônio público e privado.
É real a concepção de que a Segurança se inicia como uma nova ciência e começa a difundir-se já não como um conhecimento sem base científica, mas, sim, com seus delineamentos próprios. Enfim, ensinar uma ciência não é transmitir um catálogo de artigos e fórmulas definitivas; é desenvolver a atitude para aperfeiçoá-las.
A ciência, como conceito aberto, pode ser considerada como sendo a aproximação máxima e permanente a uma realidade. O caráter momentâneo conferido à realidade é exatamente o elemento que impulsiona ao aprofundamento permanente, com o qual se busca a confirmação, a comprovação e/ou manutenção da verdade já estabelecida.
A verdade é o objetivo máximo da busca cientifica que impulsiona, permanentemente, a pesquisa em direção ao aperfeiçoamento do conhecimento.
Para que seja possível atingir um nível de conhecimento cientifico satisfatório, as conclusões dos experimentos baseiam-se por meio da testagem e comprovação das hipóteses levantadas.
Como hipótese entende-se a "suposição duvidosa, mas não improvável, relativa a fenômenos naturais, pela qual se antecipa um conhecimento, e que poderá ser posteriormente confirmada direta ou indiretamente".
Hipóteses surgem diariamente pelo senso comum, e não podem ser consideradas como verdadeiras, mesmo quando possuem alguma coerência. O método popular faz uso da mera especulação, ou seja, "a reflexão aérea e subjetiva à revelia da realidade, algo que um cientista não poderia refazer ou controlar".
O método cientifico observa e especula as hipóteses, por meio do levantamento de casos, aplicando comumente um método experimental para tratar os resultados estatisticamente, resultando em comprovações testadas.
É preciso muita atenção em relação ao conhecimento científico apresentado, pois, é fato que este pode variar o seu conteúdo. A verdade pode ser modificada a qualquer momento; vide o próprio conceito de ciência.
É dever de todo pesquisador teorizar, constantemente, com as hipóteses apresentadas e, a partir destas, utilizar os princípios elaborados pela ciência para que seja alcançado um resultado satisfatório e a conclusão, firmada para o momento, possa ser tratada como científica.
Quando se fala de segurança como ciência, há que se levar em conta certos fatores que contribuem para o assunto segurança e seu oposto, a insegurança, tais como os fatores endógenos e exógenos, sendo estes analisados a partir do ponto de vista psicológico e do ponto de vista físico.
Considera-se o primeiro como a segurança numa situação na qual existe a sensação de resguardo das surpresas desagradáveis e de situações indesejáveis, conceituação válida também em um determinado contexto social, já que toda organização trata de alcançar os objetivos que justifiquem sua existência com maior ou menor ambição, considerando que isso representa um caminho que não somente encontrará dificuldades naturais, assim como vontades que se valerão pelos interesses opostos, numa real luta de interesses. Sendo assim, a segurança a ser alcançada deve possibilitar a conquista dos objetivos da organização.
Em contrapartida, desde o ponto de vista físico, deve-se defini-la, em síntese, como aquela segurança cujo objetivo a alcançar é o ambiente de proteção de elementos físicos ou de mecanismos enfocados ao amparo de uma entidade ou ser, a fim de permitir o desenvolvimento de suas atividades.
Essas conceituações científicas propiciam, em seu grande conjunto, o alcance de um estado de segurança desejado. Mas haverá um aspecto decisivo, que enfocará o indivíduo ou organismo, baseado em princípios realistas, que é a confiança em sua capacidade. Sem esse aspecto não existirão medidas suficientes, tampouco haverá, jamais, garantias e, por conseqüência, será impossível que exista segurança.
Conhecendo estes antecedentes, será possível conceituar a segurança, do ponto de vista científico, como uma ciência dinâmica que trata de salvaguardar o indivíduo no contexto social em que atua e proteger seus bens contra casos fortuitos ou premeditados, com o objetivo de alcançar um ambiente de bem-estar, confiança e melhores condições de progresso.
A concepção moderna da ciência da Segurança diz que não é suficiente um avançado sistema técnico de proteção para alcançar fins estabelecidos, em razão de que sempre a capacidade, os conhecimentos e as qualidades do homem de segurança serão fatores determinantes do êxito ou fracasso de qualquer sistema.
Por outra parte, seja qual for a dimensão do grupo social com que se trate, pretender dar-lhe a segurança necessária implica considerar valores tais como disciplina, honestidade, justiça, como guias para dirigir e respaldo para exigir; não tê-los em conta fará com que a evolução técnica, orgânica e normativa perca significado, por mais eficazes que possam parecer.
Cabe aqui destacar o termo denominado Cinturão de Segurança, que trata de todos aqueles objetos, dispositivos, medidas, etc, que contribuem para tornar mais seguro o funcionamento ou a utilização de algo.
Dessa maneira, resulta indispensável estabelecer um equilíbrio entre o homem e os sistemas, equação básica que possibilitará encontrar o caminho do êxito nessa difícil tarefa.
Em consonância ao expressado anteriormente, essa nova ciência está alicerçada na aplicação, não somente nos aspectos técnicos, dos sistemas de controle, das condições estruturais e operativas, mas também considerando aspectos próprios do desenvolvimento do ser humano, tanto individuais como coletivos. É por ele que se requer uma qualidade moral significativa na direção da segurança para que seja manejada com honestidade, ainda que se conheça a vinculação entre a segurança e a eficácia operativa.
Sem qualquer dúvida, alcançar uma nova concepção ética, capaz de enfrentar, de maneira incorruptível, a realidade cotidiana e universal da vida em sociedade, não será, por certo, tarefa fácil, é por isso que há a necessidade que de cada um dos homens de segurança conheça e pratique esses conceitos, ao mesmo tempo em que pratique as técnicas mais avançadas para fazer prevalecer o bem sobre o mal – descartada a simples abordagem maniqueísta, de tal forma que não se vejam surpreendidos com a realidade sem saber proteger a si mesmo, aos outros e às instituições.
A segurança das diferentes instalações físicas, tais como indústrias, laboratórios, organizações e empresas do Estado e privadas, instalações nucleares, estabelecimentos bancários, aeroportos, hotéis, residências apresentam diferentes particularidades, reclamam a necessidade de galgar ao conhecimento científico esta nova ciência e, por essa razão, ter sempre em consideração que a segurança não somente se alcança com a tecnologia de ponta, sem que o ser humano tenha que aportar as atitudes e os conhecimentos científicos dessa disciplina. Por outra parte, há que se considerar a existência dos grandes riscos imprevistos e não excludentes no contexto da segurança, nos quais se deve atuar também com capacitação e preparação adequadas no enfrentamento desses riscos acidentais, como um complemento na prevenção e controle dos sinistros, já que a segurança se dá em três etapas, a saber, antes, durante e depois.
Mesmo assim, é conveniente destacar que essa ciência trabalha em estreita ligação com outras disciplinas do conhecimento humano e que esses conhecimentos deverão ser levados em conta para o melhor desenvolvimento de suas atividades. Também é possível dizer que essa ciência tem aspectos científicos em razão de que realiza análises de riscos, entendendo risco como sendo a possibilidade ou proximidade de um dano, perigo ou ainda como ameaça. Com efeito, partindo-se da base de que a segurança integral envolve o ser humano, haverá que compatibilizar essas funções durante as atividades internas da empresa e fora dela mesma, durante o desenvolvimento de projetos e na sua execução, assim como durante as 24 horas do dia.
Por último, faz-se importante acreditar que todo o investimento na valorização do homem e na preservação de sua vida, indubitavelmente, redundará em maior eficiência e rentabilidade; inverter a equação poderá ser o início das dificuldades e, provavelmente, será impossível de controlar os riscos.
É assim que a Segurança, entendida como ciência dirigida ao bem-estar e progresso do homem, está dando seus primeiros passos, especialmente nos países mais adiantados, tratando de contribuir para a difícil realidade sócio-econômica mundial, como desafio que se inicia e como reflexão para todos que são encarregados de propiciar a segurança à sociedade e ao patrimônio público e privado.
É real a concepção de que a Segurança se inicia como uma nova ciência e começa a difundir-se já não como um conhecimento sem base científica, mas, sim, com seus delineamentos próprios. Enfim, ensinar uma ciência não é transmitir um catálogo de artigos e fórmulas definitivas; é desenvolver a atitude para aperfeiçoá-las.
Assinar:
Postagens (Atom)