ANSWER THESE QUESTIONS

Chapter 1 - The History of Security and Loss Prevention—A Critical Perspective

Security and Loss Prevention: An Introduction, 5th Edition

by Philip P. Purpura

More Contemporary Times

England

For the next 500 years, repeated attempts were made to improve protection and justice in England. Each

king was confronted with increasingly serious crime problems and cries from the citizenry for solutions. As

England colonized many parts of the world and as trade and commercial pursuits brought many people into

the cities, urban problems and high crime rates persisted. Merchants, dissatisfied with the protection

afforded by the government, hired private security forces to protect their businesses.

By the 18th century, the Industrial Revolution compounded urban problems. Many citizens were forced to

carry arms for their own protection, because a strong government policing system was absent. Various

police and private security organizations did strive to reduce crime; Henry Fielding , in 1748, was

appointed magistrate, and he devised the strategy of preventing crime through police action by helping to

form the famous Bow Street Runners , the first detective unit. The merchant police were formed to protect

businesses, and the Thames River police provided protection at the docks. During this period, more than

160 crimes, including stealing food, were punishable by death. As pickpockets were being hanged, others

moved among the spectators, picking pockets.

Do you think policing and justice were impotent during the early Industrial Revolution in England? Do

you think we have a similar problem today in the United States?

Peel's Reforms

In 1829, Sir Robert Peel worked to produce the Metropolitan Police Act that resulted in a revolution in

law enforcement. Modern policing was born. Peel's innovative ideas were accepted by Parliament, and he

was selected to implement the act that established a full-time, unarmed police force with the major purpose

of patrolling London. Peel is credited also with reforming the criminal law by limiting its scope and

abolishing the death penalty for more than 100 offenses. It was hoped that such a strategy would gain

public support and respect for the police. Peel was very selective in hiring his personnel, and training was

an essential part of developing a professional police force. Peel's reforms are applicable today and include

crime prevention, the strategic deployment of police according to time and location, a command of temper

rather than violent action, record keeping, and crime news distribution.

Although Sir Robert Peel produced a revolution in law enforcement in 1829, crime and the private

security industry continued to grow.

Early America

The Europeans who colonized North America had brought with them the heritage of their mother countries,

including various customs of protection. The watchman system and collective responses remained popular.

A central fortification in populated areas provided increased security from hostile threats. As communities

expanded in size, the office of sheriff took hold in the South, whereas the functions of constable and

watchman were the norm in the Northeast. The sheriff's duties involved apprehending offenders, serving

subpoenas, and collecting taxes. Because a sheriff was paid a higher fee for collecting taxes, policing

became a lower priority. Constables performed a variety of tasks such as keeping the peace, bringing

suspects and witnesses to court, and eliminating health hazards. As in England, the watch system had its share of inefficiency, and to make matters worse, those convicted of minor crimes were sentenced to serve

time on the watch.

The watch also warned citizens of fire. In colonial towns, each home had to have two fire buckets, and

homeowners were subject to a fine if they did not respond to a fire, buckets in hand. A large fire in Boston

in 1679 prompted the establishment of the first paid fire department in North America ( Bugbee, 1978 : 5).

The Growth of Policing

The period of the middle 1800s was a turning point for both law enforcement and private security in

America, as it had been in England. Several major cities (e.g., New York, Philadelphia, San Francisco)

organized police forces, often modeled after the London Metropolitan Police. However, corruption was

widespread. Numerous urban police agencies in the Northeast received large boosts in personnel and

resources to combat the growing militancy of the labor unions in the late 1800s and early 1900s. Many of

the large urban police departments originally were formed as strikebreakers ( Holden, 1986 : 23). Federal

policing also experienced growth during this period. The U.S. Treasury had already established an

investigative unit in 1864. As in England, an increase in public police did not quell the need for private

security.

The History of Loss Prevention in a Nutshell

Loss prevention has its origin in the insurance industry. Before the Civil War, insurers gave minimal

attention to the benefits of loss prevention. For instance, in the fire insurance business, executives

generally viewed fires as good for business. Insurance rates were based on past loss experience,

premiums were paid by customers, losses were paid to unfortunate customers, and a profit was

expected by the insurer. When excessive fire losses resulted in spiraling premiums, the changing

nature of the fire insurance business created a hardship for both the insurer and the insured.

Insurance executives were forced to raise premiums to cover losses, and customers complained about

high rates. The predominance of wooden construction (even wooden chimneys) in dense urban areas

made fire insurance unaffordable for many. A serious fire peril persisted.

After the Civil War, loss prevention began to gain momentum as a way to reduce losses and

premiums. Fire insurance companies formed the National Board of Fire Underwriters, which, through

the use of engineering, investigation, research, and education, was credited with preventing losses. In

1965, the board was merged into the American Insurance Association (AIA). AIA activities have

brought about the development of the National Building Code, a model code adopted by many

municipalities to reduce fire losses.

Today, executives throughout the insurance industry view loss prevention as essential. Many insurers

have loss prevention departments to aid themselves and customers. Furthermore, customers (i.e., the

insured), to reduce premiums, have become increasingly concerned about preventing losses.

Management in many businesses instituted loss prevention strategies (e.g., fire protection). The

security department within businesses repeatedly handle these strategies, which results in an

expanded role for security. Expansion of the security function to such fields as fire protection and

safety has led to the use of the broader term loss prevention rather than security .

The Growth of Security Companies

In 1850, Allan Pinkerton , a cooper, opened a detective agency in the United States after becoming the

Chicago Police Department's first detective. Because public police were limited by geographic jurisdiction,

they were handicapped when investigating and apprehending fleeing offenders. This limitation facilitated

the growth of private security. Pinkerton (see Figure 1-1 ) and others became famous as they pursued

criminals across state boundaries throughout the country. Today, Pinkerton Service Corporation is a

subsidiary of Securitas, based in Stockholm, Sweden.

During the 1800s, because public police were limited by geographic jurisdiction and restrained from

chasing fleeing offenders, private security filled this need and became a growth industry. Courtesy: National Archives.

Figure 1-1: Major Allan Pinkerton, President Lincoln, and General John A. McClellan, Antietam, MD,

October 1862

To accompany Americans’ expansion westward during the 19th century and to ensure the safe

transportation of valuables, Henry Wells and William Fargo supplied a wide-open market by forming

Wells, Fargo & Company in 1852, opening the era of bandits accosting stagecoaches and their shotgun

riders. Wells Fargo was acquired by Burns International Services Corporation. The name Wells Fargo is

exclusive to Wells Fargo & Company, a large financial services business.

Another security entrepreneur, William Burns , first was a Secret Service agent who directed the Bureau of

Investigation that preceded the FBI. In 1910, this experienced investigator opened the William J. Burns

Detective Agency (see Figure 1-2 ), which became the investigative arm of the American Bankers

Association. Today, Burns International Services Corporation is a subsidiary of Securitas.

Figure 1-2: In 1910, William J. Burns, the foremost American investigator of his day and the first

director of the government agency that became the FBI, formed the William J. Burns Detective

Agency Washington Perry Brink , in 1859, also took advantage of the need for the safe transportation of

valuables. From freight and package delivery to the transportation of payrolls, his service required

increased protection through the years as cargo became more valuable and more vulnerable. Following

the killing of two Brink's guards during a robbery, the armored truck was initiated in 1917. Today, the

Brink's Company is a leading global security services company. It provides secure transportation services,

and it monitors home security systems.

Edwin Holmes is another historical figure in the development of private security in the United States. He

pioneered the electronic security alarm business. During 1858, Holmes had a difficult time convincing

people that an alarm would sound on the second floor of a home when a door or window was opened on

the first floor. His sales strategy was to carry door-to-door a small model of a home containing his electric

alarm system. Soon sales soared, and the first central office burglar alarm monitoring operation began.

Holmes Protection Group, Inc., was acquired by ADT Security Services, Inc., at the end of the 20th

century.

Since 1874, ADT Security Services, Inc., has been a leader in electronic security services. Originally

known as American District Telegraph, ADT has acquired numerous security companies since its

inception. Today, it is a unit of Tyco Fire and Security Services. ADT is a provider of electronic security

services (i.e., intrusion, fire protection, closed-circuit television or CCTV, access control) to millions of

commercial, federal, and residential customers.

The Wackenhut Corporation is another leader in the security industry. Founded in 1954 by George

Wackenhut , a former FBI agent, the corporation extended its services to government agencies, which

resulted in numerous contracts since its inception. The Wackenhut Corporation is the U.S.-based division

of Group 4 Securicor, located in the United Kingdom.

Railroads and Labor Unions

The history of private security businesses in the United States must include two important events of the

19th century: the growth of railroads and labor unions.

Although railroads were valuable in providing the vital East–West link that enabled the settling of the

American frontier, these powerful businesses used their domination of transportation to control several

industries, such as coal and kerosene. Farmers were especially hurt in economic terms because they had

no alternative but to pay high fees to transport their products via the railroads. The monopolistic practices

of railroads created considerable hostility; when Jesse James and other criminals robbed trains, citizens

applauded. Railroads could not rely on public police protection because of jurisdictional boundaries.

Consequently, numerous states passed laws enabling railroads to organize proprietary security forces with

full arrest powers and the authority to apprehend criminals transcending multiple jurisdictions. Railroad

police numbered 14,000 by 1914. During World War I, they were deputized by the federal government to

ensure protection of this vital transportation network.

The growth of labor unions at the end of the 19th century resulted in increased business for security firms

who acted as strikebreakers for large corporations. However, this venture proved costly. A bloody

confrontation between Pinkerton men and workers at the Carnegie steel plant in Homestead,

Pennsylvania, resulted in eight deaths (three security men and five workers). Pinkerton's security force

surrendered. The plant then was occupied by federal troops. Senate hearings followed the Homestead

disaster and "anti-Pinkertonism" laws were enacted to restrict private security. However, local and state

police forces began to emerge quickly to deal with strikers ( Shelden, 2001 : 84). Later, the Ford Motor

Company and other businesses were involved in bloody confrontations. Henry Ford had a force of about

3,500 security personnel, spies, and "sluggers" (i.e., private detectives), who were augmented by various

community groups such as the Knights of Dearborn and the Legionnaires. The negative image brought to

the public eye by newspaper coverage tarnished many businesses and security firms. Prior to World War

II, pressure from Congress, the Roosevelt Administration, labor unions, and the ACLU caused corporate

management to shift its philosophy to a softer "public relations" approach ( Shelden, 2001 : 92). The Great Wars

World Wars I and II brought about an increased need for protection in the United States. Sabotage and

espionage were serious threats. Key industries and transportation systems required expanded and

improved security. The social and political climate in the early 20th century reflected urban problems, labor

unrest, and worldwide nationalism. World War I compounded these turbulent times and people's fears.

Security became a primary concern. A combination of the "war to end all wars," Prohibition, intense labor

unrest, and the Great Depression all overtaxed public police. Private security companies helped fill the

void.

By the late 1930s, Europe was at war again, and the Japanese were expanding in the Far East. A surprise

Japanese bombing of the Pacific Fleet at Pearl Harbor in 1941 jolted the United States into World War II,

and security concerns appeared again. The United States went into full production, and protection of vital

industries became crucial, leading the federal government to bring plant security personnel into the army

as an auxiliary to military police. By the end of the war, more than 200,000 of these security workers had

been sworn in.

The Third Wave

In the decades following World War II, private security expanded even more; during the 1950s, the Korean

War and the unrelenting "cold war" created worldwide tension and competition between the democracies

and communist regimes. The Department of Defense, in 1952, strengthened the security requirements of

defense industries to protect classified information and materials. When the Soviets successfully launched

the first earth satellite (Sputnik, in 1957) and first reached the moon with an unmanned rocket (1959),

Americans were stunned. The technological race became more intense, and information protection

became more important.

The turbulent 1960s created massive social and political upheaval in the United States, and public police

forces were overwhelmed by responses to the unpopular Vietnam war; protests over the denial of civil

rights to minority groups; the assassinations of President John F. Kennedy, Senator Robert Kennedy, and

the Reverend Martin Luther King, Jr.; and rising crime and drug problems. Private security boomed.

Protests, crime, terrorism, and limited public police resources marked the 1970s, 1980s, and 1990s. By this

time, the advanced nations of the world had developed into what Alvin Toffler's (1980) The Third Wave and

John Naisbitt's (1982) Megatrends call third wave societies : societies based on information and

technology. ( First wave societies had agriculture as a foundation, and these dominated the world for

thousands of years, deriving energy from human and animal power. Offenders stole cattle, gold, and other

valuables. Second wave societies occurred during the Industrial Revolution when production was

economic conditions.) With the depletion of world resources, the world is becoming more dependent on

technology and information; and "third wave" criminals exploit technology to commit their crimes, the extent

of which is limited only by technological innovation and the offenders’ imaginations.

"Has Cybercrime Surpassed Physical Crime?"

Gips (2006 : 24) asked the preceding question in response to an IBM survey of mostly chief information

officers. Sixty percent viewed cybercrime as more costly to their business than physical crime. Gips

notes that it is difficult to measure and compare cybercrime and physical crime because "studies that

attempt to quantify security losses across sectors and types of crime are based on extrapolation and

guesswork." He argues that the cost of physical crime in the United States easily outpaces the cost of

cybercrime. Gips refers to several sources on annual costs of crime: the FBI estimates that cybercrime

costs about $400 billion and counterfeit goods cost about $250 billion; the Association of Certified

Fraud Examiners estimates that occupational crime (e.g., altering checks, setting up fictitious

accounts) costs about $652 billion; cargo theft costs "tens of billions" of dollars according to the

International Cargo Security Council; retailers lose about $40 billion from shrinkage and inventory loss;

and physical crime losses often exclude indirect costs, such as defending and paying judgments on

lawsuits alleging negligent security. Gips concludes his arguments by noting that "if you think you are

at risk for cybercrime, that's likely where you will devote your resources. And if the risk lies elsewhere,

that could mean that the company's more costly vulnerabilities will not be adequately addressed." Convergence of IT and Physical Security

Today, the third wave is continuing with three notable occurrences affecting security. First, terminology is

changing. Examples are cybercrime and denial of service . Second, two distinct security camps have

emerged: information technology (IT) security specialists and physical security specialists. Generally, the

former possess a background geared to protect against computer-related crime and unauthorized

intrusions into IT systems, whereas the latter focus on traditional security duties (e.g., perimeter security,

access controls, and contract security forces). Third, both camps often use similar terminology and perform

similar duties. Terms common to both groups include denial of access and intrusion detection . Similar

duties can be far reaching and include investigations, information security, loss prevention, and risk

management. Jim Spencer (2000: 1-13), writing in iSecurity , adds that these two groups have their own

suppliers, consultants, publications, associations, and trade shows.

For several years, cross-training has been a buzzword for various vocations, such as for investigators and

auditors. History repeats itself and we have a need for cross-training for IT and physical security

specialists. Each specialist can assist the other with data, technologies, access controls, biometrics,

investigations, and business continuity, among other areas. Cooperative planning is essential. Suppose an

employee is fired at a company. Security officers and access control systems customarily deny the former

employee entrance to the company facility. However, today, protection requires broader applications

because of remote access to IT systems. An offender no longer has to physically trespass to steal and do

harm to an organization . We can only guess at the number of times the traditional security manager has

done an excellent job of ensuring that security officers are patrolling, physical security is operational, and

the facility is protected, except that a hacker has penetrated the corporate IT system and stolen proprietary

information or caused other harm to the business. Physical security specialists and IT specialists must

work together for comprehensive protection. As explained earlier, an executive with a title such as Vice

President of Security, Vice President of Loss Prevention, or Chief Security Officer can manage all aspects

of security (i.e., physical and digital), work to ensure organizational survival, and report to senior

executives.

Convergence of IT and physical security means that both specializations and related technologies unite

for common objectives. Efforts to secure access to databases, e-mail, and organizational intranets are

merging with access controls, fire and burglar alarm systems, and video surveillance. Physical security is

increasingly relying on IT systems and related software. Both IT systems and physical security systems

have sensors that generate data that is managed. As examples, an IT system will have an antivirus

program and a physical security system will have motion detectors.

Bernard (2007 : 475) notes that "convergence relating to security is occurring at two levels: technology and

management." At the technology level is the convergence of digital information technology with electronic

security systems. At the security management level, convergence is the integration of physical security

functions, IT security, and security risk management.

There are advantages from the convergence of IT and physical security. These include the opportunity for

security personnel to monitor physical security remotely from almost anywhere in the world, less travel time

and expenses for monitoring and investigations, and easier software upgrades. Two disadvantages are a

virus may affect physical security when sharing a single server; and an organization's bandwidth may

reach its limit from the requirements of video surveillance.

Gural (2005 : 9) cites a report from Forrester Research that shows increases in organizational spending

that brings traditional security functions—CCTV, access controls, and security officer duties—onto the

same platform as such functions as IT network access management. In addition, software is increasingly

being used for detection and response instead of relying on only personnel. Security Management (Tech

Talk, 2004 : 45) notes that as traditional physical security increasingly relies on IT systems, IT specialists in

organizations are playing a larger role in physical security decisions. IT specialists want to ensure that

physical security technology is compatible with the network and safe from virus infections and hackers.

Physical security purchasing decisions in organizations often consist of a committee of personnel from

security or loss prevention, IT, and operations. Generally, the IT department has a larger budget than the

security department, and this may increase the clout of IT in purchasing decisions. Furthermore, if IT

managers can convince senior management that cybercrime is a greater threat than physical crime, then

this also will influence the direction of the security budget ( Computer Business Review, 2006 ). Another player in corporate management change is the facility manager. This individual, often an engineer,

ensures that the company's infrastructure, which houses people and operations, functions at optimum

efficiency to support business goals. The traditional security department is likely to feel a "pull" toward IT or

the facility manager because its boundaries are dissolving as a result of information and communications

technology. The process of management is increasingly dependent on information, who controls it, what is

done with it, and its dissemination. The power of IT especially is growing ( Freeman, 2000 : 10).

There are those who may claim the demise of the traditional security manager, who will be replaced by the

IT manager or facility manager. The argument is that if an offender enters a facility and steals a computer,

this crime is minor in comparison to, say, the potential harm from a hacker accessing a company's IT

system. Such reasoning misses the broad, essential functions performed by the traditional security

manager and staff. Examples are preventing crimes against people, responding to crimes, rendering first

aid, conducting investigations, working with public police to arrest offenders, life safety, and fire protection.

At the same time, traditional security practitioners must be put on notice to become involved in lifelong

learning of IT systems, which touch all aspects of their traditional duties.

Convergence of Enterprise Security

Convergence of enterprise security refers to the merging of security functions throughout the entire

business enterprise (i.e., business organization). Research conducted by Booz Allen Hamilton (2005) for

ASIS International, and others, showed a trend of convergence of all components of security in

organizations. The research report titled Convergence of Enterprise Security Organizations explains

convergence in broad business terminology and emphasizes an enterprisewide view of risk. "Delivering on

convergence is not just about organizational integration; rather it is about integrating the security

disciplines with the business’ mission to deliver shareholder value." "To be effective this converged

approach should reach across people, processes, and technology, and enable enterprises to prevent,

detect, respond to, and recover from any type of security incident." The research report referred to an

incident at the Sumitomo Mitsui Bank in London, England, to illustrate the importance of merging security

functions throughout the entire business enterprise. Although the bank had strong IT security measures,

hackers took advantage of a lapse in physical security by posing as janitors and installing devices on

computer keyboards that permitted them to obtain valuable login information. In 2004, in only three days

the MyDoom e-mail virus caused about $22.6 billion in damages as it spread to more than 200 countries.

Besides the initial costs of such incidents, long-term harm can damage reputation and brand, and if the

incident threatens the public good, regulators may enact stricter regulations of business practices.

Surveys and interviews from the Booz Allen Hamilton research point to several internal and external drivers

that are influencing the trend in convergence. They are

◾ Rapid expansion of the enterprise ecosystem . Enterprises are becoming more complex in a

global economy of external partners.

◾ Value migration from the physical to information-based and intangible assets . Value is

continuing to shift from physical to information-based assets.

◾ New protective technologies blurring functional boundaries . Technology is causing an overlap

between physical and IT security.

◾ New compliance and regulatory regimes . Regulations are increasing in response to new

threats and business interactions.

◾ Continuing pressure to reduce cost . Enterprises are constantly striving to efficiently reduce

risk.

Many companies have two security directors, one for IT and the other for physical security. Do you

agree with this approach? Why or why not? Twenty-First Century/Post-9/11 Security Challenges

The last decade of the 20th century offered warnings of what was to come in the next century. The 1990s

brought the first bombing of the World Trade Center, the bombing of the Murrah Federal Building in

Oklahoma City, the first war with Iraq, crimes resulting from the Internet, the increased value of proprietary

information, and attention to violence in the workplace.

As we know, not long into the 21st century, on September 11, 2001, terrorists attacked the World Trade

Center and the Pentagon. Following the attacks, a crisis in confidence in government occurred. Citizens

asked: How could the most powerful nation on earth be subject to such a devastating attack? What went

wrong? Who is to blame? In response to the crisis, President George Bush declared war on terrorism. He

appointed a new Cabinet position, the Office of Homeland Defense, to coordinate counterterrorism. The

attacks also led to greater police powers for search and seizure and electronic surveillance, and the age-

old question of how to balance police powers and constitutional rights.

These bold, surprise attacks, subsequent bioterrorism (i.e., anthrax attacks through the U.S. Postal

System), the war in Afghanistan, and the second war in Iraq show the difficult challenges facing our world

in this new century. The United States and its allies are not only faced with conflict in Iraq, Afghanistan,

and other regions, but also old and emerging state competitors and the proliferation of weapons of mass

destruction.

The 21st century has also recorded huge natural disasters that—along with the problem of

terrorism—necessitate a rethinking of emergency management and business continuity. Hurricanes

Katrina and Rita, in 2005, devastated Gulf-coast states. Katrina flooded New Orleans. The December 2004

Sumatran Tsunami killed almost 300,000 people and affected 18 countries around the Indian Ocean. The

human and financial strain on nations in preparing for and responding to natural and accidental threats is

overwhelming. These challenges require global cooperation, a broad base of knowledge, skills from many

disciplines, and continued research.

From a business perspective, security and loss prevention practitioners are faced with serious challenges

and questions as they assist their employers with surviving in a constantly changing world filled with risks.

How can businesses and institutions protect employees, assets, and operations from terrorism and other

risks? What does the future hold? Who will pay for protection? Although this book offers some insight into

these questions, the answers are still being developed.

A rethinking of strategies will meet these threats. Through improved education, training, research,

professionalism, creativity, astute planning, and support from our business and government leaders,

security professionals will provide a safer environment.

Search the Web

Access the Web and seek an international perspective by visiting the New Scotland Yard, which

includes links to history: http://www.met.police.uk

Use your favorite search engines to check the sites of major security companies. For example:

http://www.pinkertons.com/

What did you learn from these sites?

Use of content on this site is subject to the restrictions set forth in the Terms of Use .

respective copyright holder.

Feedback | Privacy and Cookie Policy | v.4.0.78.212