Some GSX attendees got a head start on education in Vegas by attending pre-conference sessions at the Las Vegas Convention Center.
Consulting. At the pre-GSX education program, "Successful Security Consulting," a faculty of seasoned security consultants sketched out the ways security professionals can make a living with their own practice.
The seminar was divided into six sections, including the business basics of security consulting; the various practice areas consultants can work in; and avoiding common mistakes and pitfalls.
Sometimes, diplomacy is required when a consultant is hired by a company that has a full-time security manager who is not comfortable with outside help.
"Many security managers will be threatened by bringing in an outsider," said Alan Brockbank, CPP, and president of B-Secure Consulting.
ESRM. "ESRM defines the role you play, not the tasks you assign."
That's the message Tim Wenzel, CPP, special security projects manager at Facebook, told attendees during a session on Enterprise Security Risk Management (ESRM), where they discussed what ESRM implementation in an organization would look like.
"Financial, legal, and HR departments do risk management all the time—they're in the business of looking at what could go wrong and taking steps in making sure that doesn't happen," Wenzel said. "We need to take ourselves out of the tactical sphere and look at it the same way."
One challenge can be accepting that the security department does not inherently own the risks a company faces.
"Our role is to be subject matter experts and provide guidance to executives on the risk we've uncovered," explained ASIS Board Member Timothy McCreight, CPP. "They also have the option to not do anything. It's the business decision of the executive team to accept that risk."
Gaming. October 1, 2018, will mark the one-year anniversary of the Las Vegas shooting, the deadliest mass shooting in U.S. history that was carried out by a gunman stationed in the Mandalay Bay hotel in Las Vegas.
This incident was a major topic of discussion for the pre-GSX session "Trending Issues in Gaming Security," sponsored by the ASIS Gaming and Wagering Protection Council. The session focused on issues and solutions to security challenges in casinos and other gaming environments.
Tommy Burns, CPP, president of Burns & Associates, explained that roughly 30 years ago, most Las Vegas properties moved away from arming their security personnel. But in the wake of last year's shooting, security departments are once again considering arming staff to respond to incidents.
Policies. When updating policies and procedures, organizations should document the history of the changes, said Alan Zajic, CPP, principal and owner at AWZ Security Consultants and chair of the ASIS Gaming and Wagering Protection Council, in Sunday's "Policy Writing Workshop." This will help protect companies if a case goes to trial.
"Seventy percent of the cases I get involved in, the policies and procedures I receive are not the same as the policies and procedures there were on that date," said Zajic, who regularly serves as an expert witness.
The workshop's goal was to present policy writing in an approachable manner.
"It doesn't have to be written at a legal level," said Darrell A. Clifton, CPP, executive director of security at Eldorado Resorts and a workshop instructor. "It can be written very simply."