California SB 553: Top 10 Elements for Preparing for Workplace Violence Prevention Implications in 2024

California SB 553: Top 10 Elements for Preparing for Workplace Violence Prevention Implications in 2024

The enactment of California SB 553, which takes effect July 1, 2024, creates the first general industry workplace violence prevention safety requirements in the United States. California SB 553 requires California employers to develop their own workplace violence prevention plans as part of their Cal/OSHA Injury and Illness Prevention Plans or as a standalone Violence in the Workplace Prevention Program. Businesses must begin complying with the law on July 1, 2024. 

Most organizations have either a partial Workplace Violence Prevention Program or an Injury and Illness Prevention Plan (IIPP) in place as required for all organizations under OSHA’s jurisdiction.  OSHA, however, does not have specific requirements for a Workplace Violence Prevention program. 

Many US organizations conduct business in California and must comply with this requirement.  As an industry best practice and to ensure compliance, organizations should consider rolling out the plan to their entire organization, not just for their California-based operations.    So goes California, the rest of the states have a strong tendency to follow suit in due time.

To ascertain the current state of your program, your organization must conduct a program assessment to develop a strategic plan to ensure compliance with California SB 553. Key provisions of this would include:

  • Reviewing existing HR, Security, Workplace, Business Continuity, and Injury Illness program policies, procedures, and business processes that have a nexus to the California SB 553 requirement.
  • California SB 553 minimum requirements to be assessed, to the extent they are available, include:
    1. Program roles and responsibilities
    2. Identification of workplace hazards
    3. Reporting methods without fear of reprisal
    4. Remediation of workplace incidents and hazards
    5. Training
    6. Employee communications
    7. Plan compliance
    8. Emergency Response
    9. Post-incident response and investigation
    10. Recordkeeping

The uniqueness of your organization should be addressed through the program assessment findings. Once your organization identifies the gap between the current state of your program and California SB 553 compliance items, you can work on addressing the items you may be deficient in. This phase of the endeavor will be more technical in defining the elements and recording them in a formal program document.

Should you require outside assistance in addressing your California SB 553 program compliance, please do reach out to us to begin a discussion on how Premier Risk Solutions can help.

Smart Digital Risk Detection in 2023 & Beyond

Smart Digital Risk Detection in 2023 & Beyond

With increased cyberattacks on organizations of all sizes, digital risk detection is of paramount importance. What is digital risk detection? Digital risk detection is the process of identifying and assessing the threats that organizations face in their digital environments. It’s the application of a tool or tools to access information on the social, surface, deep, and dark web. It’s seeking out exposures, data breach indicators, threats of violence, or otherwise reputationally damaging content to a brand or an individual’s (typically an executive’s) integrity. Keeping the information funnel succinct with relevant content across so many outlets can be a daunting task, but there are tools available in the marketplace like Media Sonar that aid in filtering the information available into one manageable ecosystem.

In 2023 and beyond, organizations can expect to see the following trends in digital risk detection:

  • Increased use of artificial intelligence (AI) and machine learning (ML): AI and ML can be used to analyze large volumes of data to identify patterns and anomalies that may indicate a threat. This can help organizations to detect threats more quickly and accurately than traditional methods.
  • Greater focus on insider threats:** Insider threats are threats that come from within an organization, such as from employees, contractors, or suppliers. Insider threats can be particularly difficult to detect, as they may have access to sensitive data and systems. Organizations will need to implement a variety of measures to mitigate insider threats, including digital risk detection tools.
  • More sophisticated attacks:** Cybercriminals are constantly developing new and more sophisticated attacks. This means that organizations will need to have a layered approach to digital risk detection, using a variety of tools and techniques to detect and respond to threats.

Here are some tips for organizations to improve their digital risk detection capabilities:

  • Implement a variety of detection tools and techniques. This could include AI/ML-based tools, user behavior analytics (UBA), security information and event management (SIEM) systems, and vulnerability scanners.
  • Monitor your digital environment continuously. This includes monitoring your networks, systems, applications, and data.
  • Have a plan in place to respond to threats. Once a threat is detected, you need to have a plan in place to investigate the threat and take appropriate action.

The Occupational Safety and Health Administration (OSHA) Act of 1970 outlines the duty of care an employer has for keeping a workplace “free of recognized hazards” that could lead to physical harm to a person or persons. This extends to business travel as well. This means an organization must act in a prudent manner to recognize hazards (i.e. be proactive in doing so). Each organization should start with a digital risk assessment to identify its threats and vulnerabilities in order to begin mitigation strategies on how to best tackle the situation presented. Every organization will be unique in its needs due to company culture and risk appetite as well as available resources (capital or otherwise).

While there are a variety of ways to mine information on the web, if you are able to automate searches to collate those into one ecosystem and organize the results in a custom manner germane to your organizational interests how much time would you save your team and efficiency would you create for your operation? Digital risk detection is an essential part of any cybersecurity strategy. By implementing a robust digital risk detection program, organizations can protect themselves from a wide range of threats and reduce the likelihood of a successful cyberattack.

Watch this 2-minute video put together by Media Sonar that discusses’ how their tool functions within this topical matter. Please reach out to the management team at Premier Risk Solutions should you like to discuss your digital risk detection program needs!

Creating a Culture of Security in the Workplace: 6 Elements to Incorporate

Creating a Culture of Security in the Workplace: 6 Elements to Incorporate

In today’s digital age, organizations face an ever-increasing threat of cyberattacks and data breaches. While investing in robust security measures is crucial, creating a culture of security within the workplace is equally important. By fostering a security-conscious environment, companies can empower their employees to become the first line of defense against all threats. In this article, we will explore practical steps and strategies to cultivate a culture of security, emphasizing the role of leadership, employee awareness and training, and the implementation of best practices throughout the organization.

1. Leadership’s Commitment:

Creating a culture of security starts at the top. Leaders must champion the importance of security and set an example for others to follow. By actively demonstrating their commitment to security, leaders can establish trust and motivate employees to prioritize it. They should communicate the significance of security measures, allocate resources appropriately, and foster a sense of shared responsibility throughout the organization.

2. Employee Awareness and Training:

Educating employees about potential threats and providing comprehensive training is paramount to building a security-focused culture. This includes teaching them about common cyber risks, phishing attacks, password best practices, and the importance of data privacy. Regular training sessions, workshops, and simulated phishing exercises can enhance awareness and help employees develop the skills needed to identify and mitigate security threats effectively. Additionally teaching staff about common physical risks such as piggybacking, potential consequences of doors left ajar, and general situational awareness best practices would arm the organization with a team of security and safety-conscious personnel.

3. Clear Security Policies and Procedures:

Developing clear and concise security policies and procedures is essential for creating a culture of security. These policies should address areas such as data handling, access controls, incident response, and acceptable use of technology resources. It is crucial to communicate these policies effectively to all employees, ensuring they understand their roles and responsibilities in safeguarding company data and systems. Good physical security plays its part in the protection of the data and systems by creating the outlying barriers to detect, deter, delay, and ideally displace any attempted criminal element.

4. Encouraging Reporting and Collaboration:

To foster a culture of security, organizations should encourage employees to report any suspicious activities promptly. Implementing an anonymous reporting mechanism can help alleviate concerns about retaliation. Additionally, fostering collaboration among team members, departments, and security professionals can promote a collective effort to identify and address security vulnerabilities effectively.

5. Regular Security Audits and Assessments:

Conducting regular security audits and assessments (penetration tests) is essential for maintaining a secure workplace. These evaluations can help identify vulnerabilities, address potential weaknesses, and ensure that security measures are up to date. By involving employees in these processes, organizations demonstrate their commitment to continuous improvement and provide opportunities for input and suggestions.

6. Recognize and Reward Security Consciousness:

Acknowledging and rewarding employees who exhibit exemplary security consciousness can reinforce the desired behaviors and encourage others to follow suit. Recognitions can range from simple shout-outs during team meetings to formal awards or incentives. By publicly appreciating employees’ efforts in maintaining a secure workplace, organizations reinforce the importance of security and motivate others to prioritize it.

Conclusion:

In an era where data breaches and cyber threats continue to rise, organizations must prioritize creating a culture of security in the workplace. Through leadership commitment, employee awareness and training, clear policies, encouraging reporting, regular audits, and recognizing security-conscious behaviors, organizations can build a workforce that understands the significance of security and actively contributes to its maintenance. By investing in a security-conscious culture, companies can better protect their valuable assets, mitigate risks, and establish a strong defense against the evolving threat landscape.

Safety in Uncomfortable Times: Providing Personal & Professional Comfort in 2023

Safety in Uncomfortable Times: Providing Personal & Professional Comfort in 2023

Dubbed The Yellow Brick Road to Personal and Professional Safety and The Menu Approach to Human Behavioral Threat Assessment, PRS Advisory Board Member Rich Cinfio provides insight into the reasons why both programs have been in high demand and are very well-received in the private and public sectors. With the continuing escalation of acts of mass violence and workplace violence, Rich believes security professionals can best serve their organization and teammates by providing comfort during uncomfortable times.

This core, coupled with simple, yet effective, safety strategies can dramatically change how one views their ability to recognize unsafe situations and quickly respond to prevent harm. Alarmingly so, recent mass-casualty events continue to demonstrate that the first breakdown more often than not is the failure to recognize and report early indicators of pending violence along with the absence of a robust human behavioral threat assessment posture. Rich will shed light on the importance of threat assessment and offer strategies to consider when adopting a program in your organization.

Executive Protection: Honest Practices Around 7 Geographic Regions – A Brief Global Comparison

Executive Protection: Honest Practices Around 7 Geographic Regions – A Brief Global Comparison

Executive protection (EP) is a critical component of safeguarding high-profile individuals in an increasingly complex and interconnected world. However, the strategies and practices employed in executive protection can vary significantly across different regions. This article explores the global perspectives of executive protection, shedding light on the diverse approaches, cultural considerations, and unique challenges faced by security professionals in various parts of the world.

              1.           North America: Striking a Balance between Physical and Technological Security

In North America, executive protection emphasizes a comprehensive approach that combines physical security measures with advanced technological solutions. Close protection teams are trained to maintain a low profile while implementing cutting-edge surveillance systems and leveraging data-driven intelligence. This region’s focus on discreet protection strategies, effective communication, and threat analysis ensures optimal security outcomes for high-profile individuals.

              2.           Europe: Cultural Sensitivity and Multilingual Capabilities

Executive protection in Europe places great emphasis on cultural sensitivity and multilingual capabilities. Given the diverse range of languages and cultures within the continent, security professionals must navigate intricate social dynamics while maintaining the safety of their clients. European executive protection teams are renowned for their adaptability, cultural intelligence, and ability to integrate with different environments seamlessly.

executive protection blending into the crowd; covert protection

              3.           Middle East: Balancing Tradition with Modern Security Measures

The Middle East presents a unique landscape for executive protection due to the blend of traditional values and modern security requirements. Protection teams operating in this region must navigate cultural sensitivities, religious customs, and complex geopolitical dynamics. Executive protection in the Middle East involves a delicate balance between respecting local customs and implementing state-of-the-art security measures to ensure the safety of high-profile individuals.

              4.           Asia: Harmonizing Traditional Practices with Technological Advancements

Asia’s EP practices showcase a harmonious blend of traditional values and cutting-edge technology. Culturally rooted practices like the concept of personal honor and respect play a significant role in shaping protection strategies. Additionally, Asian executive protection teams adopt innovative approaches such as integrating artificial intelligence, biometric authentication, and drone surveillance to counter evolving security threats effectively.

              5.           Africa: Navigating Vast Landscapes and Socioeconomic Challenges

Executive protection in Africa presents unique challenges due to its vast landscapes, diverse cultures, and socioeconomic disparities. Security professionals operating in this region must adapt to the ever-changing environments, employ robust risk assessment methodologies, and collaborate with local stakeholders to mitigate threats effectively. Additionally, executive protection in Africa often involves addressing issues related to political instability, wildlife risks, and infrastructure limitations.

              6.           South America: Addressing Organized Crime and Kidnapping Risks

EP in South America is marked by the need to address significant challenges related to organized crime and kidnapping risks. Security professionals operating in this region must be well-versed in counterintelligence strategies, threat assessment, and crisis management. The emphasis is on proactive measures, such as intelligence gathering, secure transportation, and secure facilities, to mitigate potential threats. Due to the dynamic nature of criminal activities, executive protection teams in South America must maintain close relationships with local law enforcement agencies and leverage their expertise to ensure the safety of their clients.

              7.           Oceania: Isolated Environments and Comprehensive Travel Security

Oceania’s EP practices are influenced by the vast and isolated environments found in the region. Security professionals here face unique challenges, including long-distance travel, remote locations, and unpredictable natural elements. To address these challenges, executive protection teams in Oceania prioritize comprehensive travel security, encompassing secure transportation arrangements, emergency response protocols, and collaboration with local authorities. Additionally, there is a strong focus on wilderness survival skills, as individuals may be exposed to the rugged terrains and natural hazards often found in this part of the world.

Conclusion

The global perspectives on executive protection demonstrate the diverse approaches and cultural considerations employed in safeguarding high-profile individuals across different regions. By understanding the nuances of each location, security professionals can adapt their strategies and tactics accordingly. Whether it is striking a balance between physical and technological security in North America, navigating cultural sensitivities in Europe, harmonizing traditional practices with modern advancements in Asia, or addressing organized crime risks in South America and travel security in Oceania, executive protection practitioners must continually evolve to meet the specific challenges of their respective regions. By embracing these global perspectives, the field of executive protection can continue to enhance the safety and security of high-profile individuals worldwide, regardless of the region they operate in. Ultimately, the collective knowledge and experiences from these varied perspectives contribute to the ongoing development of effective executive protection practices.

Boutique Physical Security in California in 2023 & Beyond

Boutique Physical Security in California in 2023 & Beyond

Approximately 1.5 years ago, our boutique physical security services agency Premier Risk Solutions began the process of opening up an office in the State of California to best serve our client’s needs. Through the navigation of a myriad of legal counsel for the best direction forward along with a lot of patience, we are proud to announce that our President and CEO, Michael Delamere, is also now Co-Founder and CEO of ShieldIQ Executive Security (CA Private Patrol Operator License # 121786).

Along with our Co-Founder and COO, Ben Astafa, who is also CEO of Illyria Security Corp, ShieldIQ has a physical office located in the heart of Silicon Valley in Sunnyvale, CA. ShieldIQ offers a full line of boutique physical security services including security guarding, mobile patrol, special event security, executive protection, security drivers, residential security, security consulting, fully embedded positions, and protective intelligence. From strategy through implementation, our boutique nature allows us to work within a company’s culture to keep everyone safe and at ease.

The management teams of PRS and ISC bring deep industry experience of over 150 years of collective private security service to clients.

For inquiries, please reach out to michael@SiqExecSecurity.com and/or ben@SiqExecSecurity.com.

Preventing Workplace Violence and Implications When We Don’t

Preventing Workplace Violence and Implications When We Don’t

“This year, the U.S. has already had more than 30 mass shootings.” That quote alone would comfortably capture attention no matter what time of year it was reported. And yet that is how we started the first month of 2023. In fact, this very statement alluding to targeted violence was reported by NPR’s Ari Shapiro in January of 2023, just 25 days into the new year.

The NPR story centered around the impact violence is having on mental health and identified that these shootings were a significant cause of stress for the general public. Even when we are not directly impacted from the reported violence, we still feel significant anxiety and begin to worry about our own safety, particularly in the workplace where most of these incidents occur. 

No longer are these attacks generally interpreted as isolated incidents taking place only in specific industries or businesses. They have become common in the American psyche and the moniker, “workplace violence” is well understood. In fact, the US Department of Labor cites acts of violence and other injuries as the third-leading cause of fatal workplace injuries in the US.

Workplace Violence stats
Source: National Threat Assessment Center

For those of us who have not been directly impacted by the violence, we can also increasingly feel distressed, and our continued hypervigilance is eroding our sense of normalcy. Those who are directly affected by these tragedies, especially those who experience the most loss, have increased potential for PTSD, depression, and lasting traumas associated with tremendous grief.

Anecdotal evidence suggests that most people want to do something to counter this violence but continue to be frustrated at the inability to affect and see changes. Whether it’s the same debate for or against gun control, both sides are tired of the stalemate. Though it’s becoming clearer that society is no longer satisfied with the status quo and are demanding accountability in the workplace. This accountability is being handed down through the courts.

Courts demand accountability with billions in fines.

From government and military agencies to individual corporate officers, courts are demanding tighter scrutiny by employers, and oversight regarding how personnel complaints and concerns of violence are handled in the workplace.  This increasing pressure for accountability is forcing organizations of all sizes to confront its own responsibility in preventing violence and protecting its employees. 

The American Bar Association cites a shift in recent court decisions and predicts the trend will be that more will be held liable for failing to prevent acts of violence. Particularly as incidents become more frequent and more widely reported, the argument that an incident was unforeseeable is no longer good enough.

The following jury awards, court rulings, and pending lawsuits align with this trend. Juries are demanding prevention and preparedness even from government agencies who have traditionally enjoyed a level of impunity. Liability and accountability are being sought, and in some cases, delivered in unprecedented monetary sums.   

  • The Justice Department was found negligent and will pay $130 million to the victims of the Parkland high school shootings because the FBI failed to properly investigate tips about the assailant it had received prior to the shooting. The lawsuit argued that the crime was preventable. The FBI acknowledged that they had not followed its own protocols and failed to pursue information provided from their tipline and social media postings from the assailant.
  • The US Air Force was ordered to pay more than $230 million to victims of those killed in Sutherland Springs by a former Air Force Airman (employee) who was discharged in 2014. The court ruled that the Air Force was liable because it failed to report (six times) the Airman’s previous assault and domestic violence convictions and other related information to the FBI. As that may have prevented him from buying the rifle used to in the attack.   
  • MGM resorts agree to pay $800 million settlement to shooting victims. 58 people were killed in the attack where the assailant shot at victims from his hotel room overlooking an open-air concert in Las Vegas. The MGM casino was accused of negligence, wrongful death and liability, failing to protect people at the concert venue, and failing to stop the shooter from amassing weapons and ammunition in his room over several days.
  • Cable company Charter Spectrum was ordered to pay over $1 billion to the family of the victim who was murdered in her home by a Spectrum technician that had previously performed a service call to the residence. Despite the company arguing that the employee’s act of violence was unforeseeable, the court cited Spectrum’s lack of due diligence by hiring the employee without reviewing his work history and ignored behavioral red flags during his employment. The jury had initially awarded the victim more than $7 billion in damages, but was lowered to $1.1 billion by the presiding judge.
  • A $50 million lawsuit launched against Walmart by an employee who survived a workplace shooting perpetrated by a Walmart manager, alleges that the company knew of the assailant’s violent behavior and failed to protect the workers. The employee is faulting Walmart and accusing the company of not taking investigative action despite numerous complaints about his behavior. This case is still pending as of March 2023.
  • Victims of the Uvalde school shooting have filed a $27 billion class-action lawsuit against the police, the city, and school officials for the attack. 19 children and two teachers were among the victims. The lawsuit claims their deaths could have been preventable if not for the collective negligence and failure of the law enforcement officials at the scene. A separate group of survivors have also filed an additional $6 billion suit against Daniel Defense, a company that manufactures the firearm used. This case is still pending as of March 2023.

In all of the cases above, courts are finding convincing arguments surrounding the prevention of these attacks. That is, these targeted attacks were foreseeable and could have been prevented. The courts determined that the responsible parties were negligent, failed to act, and did not satisfy their duty to protect their employees and the community. 

But is workplace violence and targeted attacks preventable?

A recent publication by the US Secret Service’s National Threat Assessment Center, analysis of 173 attacks in the US from 2016 to 2020, offered an unambiguous response. To quote from its executive summary, “…targeted violence is preventable when communities are equipped with the appropriate tools, training, and resources…” Because most locations of attacks were businesses, one of the key implications of this report is squarely directed at businesses; to establish a workplace violence prevention plan to better “identify, assess, and intervene with current employees, former employees, and customers who may pose a risk of violence.”

As reported by the American Bar Association, the perception of whether targeted violence and incidents involving violence in the workplace are foreseeable has begun to shift. In other words, exposure to litigation and significant penalties can now more readily include everyone from business owners of where the incident occurred, to security firms and law enforcement, and even parents of the assailant.

As was the case where parents of a Michigan school shooting suspect was charged with involuntary manslaughter for missed opportunities in preventing the tragedy despite knowing that their son had access to a weapon, and that he was deeply troubled. Indeed, the legal bar of foreseeability and preventability has been lowered. 

Source: American Bar Association/litigation over mass shootings

Crime is trending upward.

According to a recent 60 Minutes interview, FBI Director Christopher Wray acknowledged that there was a 29% increase in murder in the US in 2020, almost 5,000 more people were killed than in 2019. Violent crimes such as murder and aggravated assault saw record increases, by another 4 percent in 2021. And in his testimony before the Senate Judiciary Committee in August 2022, the FBI Director stated that the top concern from law enforcement leadership around the country is the increasing violence in their communities.

Source: UPI Media

Exacerbating this trend are the difficult challenges still present in communities where trust remains low for law enforcement and demands to defund the police continue.

Source: CNBC

Some cities around the country are seeing how lawlessness hampers economic growth and recovery. Starbucks cited increased violence and the need to protect employees and customers when it shuttered 16 stores, with six of them in Seattle alone. Amazon is taking similar approaches by moving employees, or simply not renewing leases in some of its downtown locations, impacting approximately 2,000 employees.

Source: GeekWire

A demand for remedies.

The outcry by the public for remedy has also caused state legislatures to act. New Jersey recently proposed legislation requiring places of worship, movie theaters, and arenas where more than 500 to 5,000 people can gather respectively, to enact enhanced security requirements and submit emergency plans for active shooters. The state of Tennessee now requires private security guards receive de-escalation training before they can work in night clubs and bars.

As recent as 2017, the Canadian province of Ontario enacted comprehensive requirements for companies to assess the risk of workplace violence in their facilities and present a full emergency plan to the government’s joint health and safety committee. At PRS, we highlighted the specific requirements of the new legislation at the time and our article can be found here

How can we help you?

As violence increases, the cost of negligence increases as well. No longer are businesses and companies shielded from traditional beliefs that used to protect organizations from third party negligence. Juries are sending clear messages on who they consider the liable party. Legislatures are also aggressively seeking ways to address the violence, by mandating training and ensuring that emergency plans are developed for each and every workplace.

In other words, we are all on notice to ensure that our organizations develop plans for workplace violence prevention, conduct threat and security assessments, and update emergency response plans.

For nearly 10 years, PRS has been active in assisting our clients to comply with latest requirements of workplace violence prevention laws and associated best practices. We are uniquely qualified and have certified professionals on our team to help you prepare and protect your people. Call on us to help you get started on a workplace violence prevention plan or a security risk assessment.