Security Management Magazine Daily News

Security Clearance Loophole Allowed Ex-NSA Hackers to Work for UAE
Read More
With Rise of Far-Right Extremists, NYPD Creates Special Unit
Read More
Jersey City Shooters Had Possible Ties to Black Hebrew Israelites, Investigators Say
Read More
Somali Security Forces Kill Five al Shabaab Fighters to End Hotel Siege
Read More
Fatal Shootings at U.S. Military Bases Highlight Growing Threat — Insiders With Access Badges
Read More
Brazen Kidnappings Multiply in Myanmar's Rakhine State as Conflict Deepens
Read More
Facebook and Barr Escalate Standoff Over Encrypted Messages
Read More
Google Chrome Adds Real-Time Warnings for Phishing Attacks
Read More
Report: Aviation Industry Playing Catch Up On Cybersecurity
Read More
TrickBot Gang Is Now a Malware Supplier for North Korean Hackers
Read More



Security Management Magazine WEEKLY News

U.S. Military Completes Pullback From Northeast Syria, Esper Says
Read More
Shooting at Naval Air Station Pensacola; 3 Dead, Multiple Injured
Read More
China Uses DNA to Map Faces, With Help From the West
Read More
Ransomware Attack Hits Major U.S. Data Center Provider
Read More
Crooks are Exploiting Unpatched Android Flaw to Drain Users’ Bank Accounts
Read More
Two Russian Hackers Charged in Sweeping Malware Attack on U.S.
Read More
FBI Intensifies Hunt for 'Highest-Ranking U.S. Citizen' in a Terrorist Group
Read More
Businesses Harden Their Defenses as Workplace Shootings Make Headlines
Read More
FBI Warns FaceApp Could Pose Counterintelligence Threat
Read More
Senators Sound Alarm on Dangers of Ransomware Attacks After Briefing
Read More




San Francisco Bay Area ASIS Chapter Newsletter May-July 2019 Print

Letter from Chapter Chair

headerIt’s hard to believe that we are already past the half-way point of 2019. This year has been flying by! The ASIS San Francisco Bay Area Chapter Board has continued to focus efforts on creating an environment where all members are welcome, recruiting new members, furthering collaboration with other Security Industry associations, and enhancing documentation of the “behind the scenes” processes to help our volunteer leaders in their roles.


In May, we submitted our taxes ahead of the due date and are squared away with all financial reporting to both the IRS as well as ASIS International. This hasn’t been an easy task and many kudos are due to Alana Forrest, Chapter Treasurer, for spearheading these submissions!
We have had a great second quarter to 2019 with some dynamic speakers at our normal Chapter meetings as well as the Women in Security annual conference and 2 Young Professionals events.
In looking at the third quarter of 2019, you’ll see a lot of great networking events as well as a Chapter meeting with an educational component. I hope I see you at some or all of these events!
As we all know, our local chapter is supported by incredible, motivated, and involved committee members, committee chairs, and volunteers. We are finding that with the growth of events and services we’d like to offer to the Chapter membership, we are in need of more members who would like to get involved. There are lots of opportunities for volunteering and helping out the chapter, in both big and small ways. So if you have some bandwidth to help out and aren’t sure what might be the best way to assist, please reach out to the Board! We are always on the look-out for members who are committed to making our Chapter better through service to the organization and can get you set up with an opportunity that fits your commitment ability.
I’d like to thank each one of you for your continued support of the chapter. Everything we do is to give back to you and the Security community. We hope that you continue to enjoy the events and outreach we have planned for this year and look forward to seeing you there!

Back to top

ASIS International Updates

ASIS International Update

The Enterprise Security Risk Management (ESRM) working guideline is now available! The ESRM value streams intend to submit the draft guideline to the ASIS Commission on Standards & Guidelines for formal development as an ASIS Guideline. Members interested in contributing to the process, are encouraged to participate on the technical committee. For questions about the process, please contact [email protected].

See the published guidelines at

Back to top

Legislative Updates

Legislative Updates

New BSIS Chief Announced...

On 4/16/19, Governor Gavin Newsom appointed Lynne Jensen Andres as the new Chief of the Bureau of Security and Investigative Services at the California Department of Consumer Affairs. Andres, 50, of Roseville has a breadth of experience working in Federal and State government. Prior to her appointment, Chief Andres served as a consultant for the California Speaker’s Office of Research and Floor Analysis and was the legislative director for multiple California State Assembly members and Senators from 2005 to 2017.
She was federal policy advisor for Governor Jennifer Granholm of Michigan from 2003 to 2004, and legislative director in the United States Congress from 1997 to 2003. Chief Andres holds a Juris Doctor (J.D.) degree from Concord Law School, and a Bachelor of Arts from University of Hawaii at Manoa.


Permit Requirements for Patrol Officers in Los Angeles, California…

Officers must be registered with both BSIS and the Los Angeles Police Commission. The City of Los Angeles is issuing administrative citations to security officers who are patrolling the city streets without proper registration.

Applicant must include the following when submitting the original application to Commission Investigations Division:
• Valid California driver’s license
• Valid guard card
• Valid firearm permit (if using firearm)
• Valid baton permit (if using baton)
• A signed letter of employment by the registered employer
• Any other applicable permits
Read more on the “Private Patrol Service Regulations”: LA Municipal Code 52.34

Back to top

Have you updated your ASIS profile?

Have you updated your ASIS profile?

To optimize engagement with ASIS—and to ensure that you receive content most relevant to your needs— please take 5 minutes to complete these 2 easy steps:
1) Log into your ASIS profile.
2) Under “My Account Links,” please review your Communication Settings, Contact Info, Professional Profile, and Social Links for updates and accuracy.
We also encourage you to review our privacy policy at Thank you!

Back to top

Member Article

Member Article

Putting an ROI on Security

By Brendon Gregg, CPP

Justifying a security budget is often a task for which many security practitioners do not have concrete metrics or know how to show a true return on investment (ROI). Security in many companies is usually labeled as a cost center by executives, making the budget easily susceptible to cuts for cost-saving measures. Until someone creates a mathematical formula to prove Deterring Crime = Savings to Company, many security executives will have to continue to fight for their budgets and explain the program’s worth through war stories, after-the-fact incidents and scare tactics.

Fortunately, there are ways to save or even increase your budget with actual metrics and certifications that your company may already have, use and respect.
Two specific examples are joining the Customs-Trade Partnership Against Terrorism (CTPAT) if you ship products in and out of the U.S. (APAC and EU have similar programs as well), or being ISO certified in a security-related product or procedure at your company. Using these certifications can enable you to create a factual, metrics-based, auditable ROI business justification for security that really brings profit to your company.

Let’s look at two examples:

Example 1: CTPAT. In short, “The Customs-Trade Partnership Against Terrorism is a voluntary supply chain security program led by U.S. Customs and Border Protection focused on improving the security of private companies' supply chains with respect to terrorism.”

I like to call it TSA precheck for your products.

Working with your internal audit, finance, international trade, and sales departments, determine what the cost of goods shipped would be if held in customs for nine days (storage, freight, gas, time to market, etc.) versus held in customs for less than 24 hours. Depending on your company’s product and shipping, the numbers are going to be in the millions to hundreds of millions of dollars. Now you have your business case. If your budget of $39 million dollars is not approved for the full amount, you cannot guarantee you will pass CTPAT, thus adding additional costs to multiple other business partners in the millions to hundreds of millions of dollars. It's a win-win.

Example 2: ISO Certification. International Standards Organization has hundreds, if not thousands, of globally-recognized standards, from security and counterfeit to even how to make a cup of tea (ISO 3103, if you’re curious). Sometimes your specific product, a clean room or a process within your company will be ISO certified or should become ISO certified. With certification, you can reach a greater level of respect and trust from your customers, open new channels of business and add to your profit margins, all while lowering your operating costs. Working with your business partners, especially IT, supply chain, facilities, and marketing, look for opportunities to become ISO certified. Often you could be certified at this very moment with no changes to your security program. If you do need to make changes to become ISO certified, it can be well worth it as, like with CTPAT, you can increase your profit margins on each product you sell. For example, a hard drive that is encrypted may sell for $80, while a FIPS-encrypted ISO hard drive could sell for more than $800. That's a 900% increase in almost the same product. If you fail an audit showing poor access control policies and procedures you can kiss that margin goodbye.

While this math may not work in all lines of business, opening your mind to how security can support the business’ bottom line versus being another cost center can not only help you leverage a larger budget, it can actually help your company reach new goals and integrate you with your executives in a new light.



Back to top

Standards & Guidelines

Standards & Guidelines

ASIS International Standards & Guidelines

In this newly created section within the ASIS SFBA Chapter newsletters we are going to share with you resources from ASIS International to ensure you stay up to date and knowledgeable as an ASIS member and security professional in the global security profession. ASIS International, in its role as a Standards Developing Organization (SDO), develops standards and guidelines to serve the needs of security practitioners in today’s global environment.

• Accredited by the American National Standards Institute (ANSI)
• Serves a key liaison role on two International Organization for Standardization (ISO) technical committees

Through these roles and the expertise and knowledge of its members and the industry at large, ASIS plays a pivotal role to influence and impact security standards worldwide.

Instead of trying to recreate the wheel, first check out the ASIS International website, under Standards & Guidelines. Or you can tune into our newsletter every quarter to see a new guideline that may be just what your looking for. Now let’s get started with the first guide below.

Security Business Case Development Guide

The purpose of this Guide is to provide a resource for developing and promoting a security industry specific business case. This Guide will assist ASIS International members to effectively present their program or project to management; garner support for additional resources to manage identified risks; while demonstrating the value of the investment of funds.

The use of a business case is considered standard practice throughout private and public industry and in today’s cost and metrics focused business environment, security practitioners must be able to understand and apply the process. This is significant, as it can reasonably be expected that as a security professional’s position and responsibilities advance, they will be asked to provide a Business Case to justify their current program or for the purpose of advancing their program that are in line with the company’s direction.

Being asked to draft and present a business case to your executive management can be a difficult task even when having a process or structure in place to follow and pointedly more so without an established process. This critical action, in parallel to a security practitioner’s career path, becomes even more challenging if the security professional has not had formal business case development training. Additionally, not having the knowledge to know what questions to ask and when to ask them can make the undertaking of writing a Business Case a very daunting task. This guide will help you to be better prepared for the challenge ahead of writing your first Business Case. The Guide contains the following key compo-nents:

• Fundamentals on how to promote the business case to management
• Purpose and rationale for the business case
• How to outline a business case
• Sample business case elements

Get your copy of this guide at the below link:



Back to top

Consultants Corner

Holistic Approach to Multidisciplinary Threat Assessment and
Management Teams: Why is it important?

With the rise in incidents of workplace violence many states are looking to mandate workplace violence policies and training in the work force. In April of 2017, California began requiring specific health care facilities to establish workplace violence prevention policies and plans, as part of their Injury and Illness Prevention Plans, to protect healthcare workers against aggression and violence (Section 3342, Title 8, California Code of Regulations). California is now working on a second revision of a workplace violence prevention regulation that will extend to all employers in the general industry with some exceptions (Section 3343, Title 8, California Code of Regulations).
It is paramount that employers begin to develop a mitigation and response program to workplace violence that is holistic and pulls from specialized sub fields to strengthen the program and the threat assessment process. Building a strong program should start with enlisting and establishing senior management’s involvement and a commitment to the program along with employee participation. The second phase should involve an analysis of the work environment and how risk factors, in identified typologies, can lead to violence in the workplace. The third phase should involve policy development and implementation that works to control identified factors that put workers at risk. This includes identifying concerning behaviors, having multiple methods of reporting, with a focusing on the continuity of the threat process. The fourth phase involves regular trainings that should be tailored to the working environment and delivered by personnel who have been specially trained. The final phase involves accurate record keeping and ongoing program evaluation. A concern often seen here is workplace violence logs are housed separately from other incident logs like sexual harassment. This, in effect, siloes information, reducing the ability for the situation to be assessed thoroughly.

The continuity of the threat, once it is identified, should be managed by a multidisciplinary team of professionals. The size and represented disciplines in attendance will vary but should include at a minimum, human resource, legal, and security. This should also include a professional specifically trained in behavioral threat assessment or behavioral health. While it may not be financially feasible for some companies to maintain staff specifically for this purpose threat assessment specialist who have a combination of relatable education, training, and experience can be consulted. It is important to establish these relationships beforehand to both familiarize the practitioner with the organization and the organization with the threat assessment process.

The breakdown in this holistic approach is often seen in the piece meal approach to program development motivated by financial restraints. In most cases, I see employers focus on a one-time training to basically put a Band-Aid on fears caused by concerns related to recent disruptive or concerning behavior.

Piece mealing a program together decreases the effectiveness of the holistic approach and handling of threat continuity. As an example, we recently assisted one of our clients with one of its most significant incidents of work-place violence it had experienced. The incident went unreported, despite effective policies and processes, until it was disclosed in a training session to an experienced practitioner who quickly recognized the seriousness of the threat and acted on it. The incident and subsequent criminal investigation resulted in a two-year conviction for threats and stalking. Charges related to attempted murder with an edged weapon in front of the workplace was not pursued. This incident highlights the need for continuous training and the need for a holistic approach to threat assessment and management that includes effective program development and use of multi-disciplinary threat assessment teams.


About the Consultant

Dr. Carr is a principle consultant for Alvarez Associates, LLC and an Adjunct Professor of Clinical and Forensic Psychology at Northcentral University.

Dr. Carr is a professional educator and trainer who is considered a subject matter expert in Clinical Psychology, Forensic Psychology and Administration of Justice. His specialties are in Domestic and Intimate Partner Violence, Crisis Intervention Training and Behavioral Threat Assessment. He has additional education and training in Organizational Behavior and has instructed Essentials of Security courses with a focus on security measures to reduce risk through management and asset protection. Dr. Carr holds a Doctor of Philosophy degree in Clinical-Forensic Psychology, a Master’s of Arts degrees in both Clinical-Forensic Psychology and Organizational Behavior, a Bachelor of Arts degree in Psychology with a minor in Criminology and an Associate’s of Arts Degrees in Criminal Justice, Liberal Studies and General Studies. Dr. Carr is certified as a Level II Academy Instructor through the California Commission on Peace Officer Standards and Training where he instructs on Mental Health disorders in crisis intervention techniques. He is certified by the National Council for Behavioral Health as a Mental Health First Aid Trainor.

Ken Carr, Ph.D., M.A.O.B.
T: 916-293-8852 E: [email protected]
Ken Carr @ LinkedIn

Back to top

Chapter & Event sponsors

Sponsorship Opportunities

There are various packages available from sponsoring a table at an event to general sponsorship that prominently display your company's name and message on all the Chapter's advertising, sponsorship and social media platforms. The individual items at a special event such as our Law Enforcement Appreciation Day are described in the sponsorship material which will be distributed specifically at those events. If you are interested in sponsoring specific events, please contact the Sponsorship Chair.

Please visit the Sponsorship Opportunities Page for more details or to sign up now!

We would like to thank our past Event and Annual Sponsors for their help and contributions in making our chapter events a success. We welcome their continued support and encourage other organizations to consider becoming a sponsor in 2019 or in 2020!

If you have any questions, feel free to contact the Sponsorship Committee Chair at [email protected].

Back to top

Past Events

Past events

56th LEAD | Fremont Marriott | March 14th

On March 14, 2019 The San Francisco Bay Area Chapter of ASIS International recognized local law enforcement for the 56thconsecutive year. Half a dozen police departments nominated their top police officers for categories including, Heroism, Life Time Achievement, Community Policing and Life Saving Actions.

This year’s awardees include a dozen officers and police personnel form the San Bruno Police department, for their involvement in the response to the YouTube HQ attack in April of 2018. Chief Ed Barberini from the San Bruno Police department was the keynote speaker, and provided an overview of the lessons learned from the YouTube incident, and the importance of joint preparation and training for an active shooter incidents.


SFBA member, Carlos Galvez, CPP was featured in Security Management Magazine as the #MYASIS image of the month, for a tweet he posted about the 56th LEAD event.


YP First Happy Hour | Levi’s Stadium | May 9th

The Young Professionals committee has been busy! Soon after the February event, they got their planning hats back on and organized two more events: The First YP Happy Hour and the Second YP Summer Summit!

The Happy Hour was held at Levi’s Stadium, home of the 49ers and included an exclusive tour of the stadium guided by the amazing Russ Butler, VP of Security for that venue. The select group of attendees had the opportunity to have a master class in venue security while going through places that very few have access to like the VIP booths, control and press rooms, jail (yes, there’s a jail in there!), field, and much more. After the class, everyone delighted themselves to networking, drinks, and food at the Bourbon Steak & Bourbon Pub also at the stadium. The committee plans on doing more Venue Security Happy Hours like this and welcomes any suggestions/connections you might have.


YP Second Summer Summit | Northland Controls | June 20th

The YP Second Summer Summit hosted by Northland Controls in Milpitas, consisted of a panel about career progression, having a close look into 5 young professionals in the right track. Troy Lindsey, Intuit’s Global Security Operations Leader; Sarah Muzquiz, Johnson Controls’ Account Executive; Eric Aiello, PG&E’s Senior Physical Security & Risk Management Specialist; Caleb Gilbert, PayPal’s Head of Security for the CEO; and Sebastian Prooth, Allied Universal’s Account Manager shared their personal experiences, tips, and answered questions about their journeys.

After those great insights, the committee held the first ever Speed Networking Game, splitting the room into 4 groups and attempting to get everyone to talk to everyone in quick intervals. The chattering sounds got so loud from everyone’s excitement, it was hard to hear the calls to move, but overall, the game was great, and people seemed to have had a lot of fun! This game will definitely be repeated (with adjustments)!
After that, happy hour and networking filled the walls with friendly conversation and a lot of business cards were exchanged. The committee would like to say a huge “thank you” to all attendees and supporters, especially the host Northland Controls, diamond sponsor Pivot3, Gold sponsor Securitas, and silver sponsors Allied Universal and Arcules.

Soon the Young Professionals will be promoting the next Happy Hour, this time on the East Bay and very informal! Just some get together in a cool bar for pure networking and fun! Stay tuned!

Tip: join the YP LinkedIn group so you don’t miss any announcements! For more information, questions, and suggestions email
[email protected]

Back to top

Calendar of Events

26th Annual Larry Marshall Memorial Golf Tournament

Time: 11:15AM—8:00PM
Location: Spring Valley Golf Course | 3441 E.Calaveras Road Milpitas, CA 95035
Event Schedule: 11:15am: Registration. Open Driving Range & Putting Contest.
12:00pm: Lunch
1:00pm: Shotgun Start
6:00pm: Dinner & Awards
More Details: Event Calendar Early Bird Registration Now Open!

Young Professionals 2nd Happy Hour

Join us for an informal happy hour! Just fun & networking! ALL AGES ARE WELCOME! No registration fee. No open bar.
More Details: Event Calendar

2019 ASIS San Francisco By Area Chapter Social Mixer

Time: 5:30PM—9:00PM
Location: TBD
This is your opportunity as chapter members to bring guests, colleagues, and visitors to promote membership in our chapter! Don't miss our exciting annual Social Mixer!
More Details: Check Event Calendar more info coming soon!


2019 Security Officer Recognition Day (SORD)

Time: 10:30AM—1:30PM
Location: Hiller Aviation Museum in San Carlos
Join your fellow security professionals for this special event to recognize and honor those who serve our business communities. Security Officers and Supervisors who are directly employed by organizations as well as those employed by service contractors.
More Details: Check Event Calendar more info coming soon!


Back to top


The Value of an ASIS Certification

Enjoy personal satisfaction and professional achievement by:
• Validating your security management expertise
• Elevating your stature in the profession
• Gaining a competitive edge in the marketplace
• Enhancing your career and earnings potential. ASIS certificates earn an average of 20% higher salaries than those without an ASIS certification (per ASIS Certification Survey – April 2019)
• Broadening experience and training from law enforcement and military backgrounds

Back to top

Download the newsletter

Click here to download the PDF version of this newsletter.

Back to top

Final Page

Adrian Abuyen
Maria Aguilar
Michelle Alford
Sonora Al-Najjar
Janell Alvarez
Lawrence Alvarez
Christopher Angulo
Fernando Janos Arcia
Jonathan Arrescurrenaga
Roupen Arzoumanian
Victor Avena
Alexander Avina
Anthony Ayala
Patricia Banks MgBam
Gregorio Barraza
Brian Beidelman
George Booth
Bill Bournazos
Greg Bowman
Justin Brown
Zachary Brown
Kelly Burke
Todd Byer
Chantel Carter
Bob Castillo
Joe Ceja
Robert Chamberlin
Tyrone Chambilss
Christopher Charo
Amy Christey
Nicole Clark
Donald Coletti
Jackson Collins
Michael Collopy
Clive Cordeiro
Luis Cortez
Trent Cross
Jamison Cummings
William Davidson
Victoria Disses
Drew Dito
Tori Edwards
Roger Estrada
Harrison Farr
Stephen Foster
David Frankel
Rich Fratus
Robert Freemyer
Benjamin Galetti
Robert Gardali
Carolina Gaskin
Tyler George
Daljinder Gill
Jason Gonzalez
Jared Govorko
Ernest Gumban
Vivian Hagemeyer
Heather Haney
Matthew Harris
Holly Heaven
Robert Helena
Heather Henson
Jeremy Hodges
Parker Hunt
Kevin Irvin
Guy Jakub
Joseph Jansen
Wanda Jenkins
Michael Johns
Dan Johnson
Shraddha Johnson
Sharlene Jones
Yesenia Juarez
Mariko Kawaguchi
Rob Kay
Pete Kemme
Carolyn Korchik
Steven Lassair
Ivan Lee
Adam Leslie
Jeffrey Liang
Jiangto Liu
Dwaine Longmire
Cory Louie
Sam Lu
Brandon Lubag
Bobby Marhamat
William Massey
Molly McCaughin
Edward McGuire
Barbara Medlin
Jeffrey Scott Moore
Isaac Morton
Jarrett Mui
Shiloh Nordby
Zachary O'Hara
Tetiana Olteanu
Larry Ornellas Jr.
Steve Pangelinan
Marco Paz
Rod Pearson
Sean Pepper
Shane Pitts
Dave Plell
Stephen Polk
Delafonte Prince
Todd Pulver
Autumn Rader
Richard Reza
Kyle Ritter
Emma Roberson-Yertzell
Eduardo Robles
Britney Rodriguez
Rothana Roeurth
Florendo Salvador
Daniel Savedra
Taylor Sefried
Alex Serebrina
Tabari Shannon
Timothy Sherman
Danfer Silva
Nicholas Simone
Laramie Simpson
Gur Singh
Varender Singh
Taylor Smith
Nathan Sorensen
Josh Spears
Timothy Stanislao
Drew Stevens
Stephanie Stockwell
Joni Superticioso
Kenneth Syring
Steven Tarchak
Jonas Tegnerud
Andranik Torosyan
Anthony Tran
Maarten VanHorenbeeck
Marissa Walsh
Ying Wang
Bruce Webbe
Kelly Whitlock
Crystal Whittington
Catherine Wu
Kathryn Young
Wei-Chun Yu
Haley Zampa
Veronica Zea
Huiling Zheng
Kevin Zhong


In addition to your ASIS International dues, our chapter membership requires an annual fee of $40.00 from its membership to help defray the costs of chapter meetings (refreshments are always served), including other special events at a discounted rate.
** SFBA Chapter Dues are half off now that we are half way through the year.**
To pay your local Chapter dues for the rest of 2019 for only $20 please go to
To pay your International dues to go
Note: International studies dues are only pay $20 year-round. Go to

Back to top