Table Of ContentSecurity and Loss Prevention
An Introduction
Seventh Edition
Philip P. Purpura
Butterworth-Heinemann isanimprintofElsevier
TheBoulevard,LangfordLane,Kidlington, OxfordOX51GB,United Kingdom
50HampshireStreet,5thFloor,Cambridge, MA02139,United States
Copyright©2019 ElsevierInc.Allrightsreserved.
Nopartofthispublication maybereproducedortransmittedinanyform orbyany means,
electronicormechanical,including photocopying,recording,oranyinformation storageand
retrievalsystem,without permissioninwritingfromthepublisher. Detailsonhow toseek
permission,furtherinformation aboutthePublisher’s permissions policiesandour
arrangements withorganizations suchastheCopyrightClearance CenterandtheCopyright
LicensingAgency,canbefoundatourwebsite:www.elsevier.com/permissions.
Thisbook andtheindividual contributions containedinitare protectedundercopyright bythe
Publisher(otherthanasmaybenotedherein).
Notices
Knowledgeandbestpractice inthisfield areconstantly changing.Asnewresearch and
experiencebroaden ourunderstanding, changes inresearch methods,professional practices,
ormedical treatmentmaybecomenecessary.
Practitionersandresearchersmustalwaysrelyontheirownexperienceandknowledgein
evaluatingandusingany information,methods, compounds,orexperimentsdescribed herein.
Inusingsuchinformationormethodstheyshouldbemindfuloftheirownsafety andthesafety
ofothers, includingparties forwhomtheyhaveaprofessional responsibility.
Tothefullestextentofthelaw, neitherthePublishernortheauthors,contributors, oreditors,
assumeany liability forany injuryand/or damagetopersons orproperty asamatter of
productsliability, negligenceorotherwise,orfromany useoroperationofany methods,
products,instructions,orideascontained inthematerialherein.
LibraryofCongress Cataloging-in-Publication Data
Acatalog recordforthisbook isavailablefromtheLibraryofCongress
BritishLibraryCataloguing-in-Publication Data
Acataloguerecord forthis bookisavailablefromtheBritishLibrary
ISBN:978-0-12-811795-8
ForinformationonallButterworth-Heinemann publications visitourwebsiteat
https://www.elsevier.com/books-and-journals
Publisher:KateyBirtcher
AcquisitionEditor:KateyBirtcher
EditorialProjectManager:NateMcFadden
ProductionProjectManager: MohanambalNatarajan
Designer:MarkRogers
TypesetbyTNQTechnologies
To my family.
To the millions of military, public safety, security and loss prevention,
and other professionals who seek global security and safety.
About the Author
PhilipP.Purpura,certifiedprotectionprofessional,hasexperienceasacollegeeducator,
consultant,expertwitness,andwriter.HedirectedtheSecurityandJusticeInstituteand
theSecurityforHousesofWorshipProjectinSouthCarolina.Purpurabeganhissecurity
career in New York City and held management, proprietary, and contract investigative
positions. He also worked with a public police agency. He served as chairperson of the
ASIS International Council on Academic and Training Programs and continues as a
member of this council as well as the Cultural Properties Council and various ASIS
committees.Heholdsanassociate’sdegreeinpolicesciencefromtheStateUniversityof
New York at Farmingdale and bachelor’s and master’s degrees in criminal justice from
the UniversityofDaytonand Eastern Kentucky University,respectively.Healso studied
in Europe, Asia, and the former Soviet Union.
Purpura is the author of seven other books: Security: An Introduction (Boca Raton,
FL: Taylor & Francis/CRC Press, 2011); Terrorism and Homeland Security: An
Introduction with Applications (Burlington, MA: Elsevier Butterworth-Heinemann,
2007); Security Handbook, second ed. (Boston, MA: Butterworth-Heinemann, 2003;
Albany,NY:Delmar,1991);Police&Community:Concepts&Cases(Needham,MA:Allyn
&Bacon,2001);CriminalJustice:AnIntroduction(Boston,MA:Butterworth-Heinemann,
1997); Retail Security & Shrinkage Protection (Boston, MA: Butterworth-Heinemann,
1993); and Modern Security & Loss Prevention Management (Boston, MA: Butterworth,
1989). Purpura was contributing editor to three security periodicals; wrote numerous
articles that are published in journals, magazines, and newsletters; and has been
involved in a variety of editorial projects for publishers.
xv
Preface
The seventh edition of Security and Loss Prevention: An Introduction continues to draw on
manydisciplinesforanswerstoprotectionchallengesfacingprofessionalswhilehelpingthe
reader to understand this vocation. As in previous editions, a major focus is on threats,
hazards, and countermeasures. This book shows an awareness that, beyond the attention
terrorism has received since the 9/11 attacks, protection practitioners continue to confront
thesamebasicriskstheyfacedbeforetheattacks.However,sincethelastedition,weareinan
era of more powerful and sinister adversaries and more destructive disasters that are both
shocking and a serious menace to our way of life.
Inmanyways,today,thebadguyshavetheadvantageoverthegoodguys.Thebadguys
include a variety of criminals, such as hackers, organized criminals, violent offenders, ter-
rorists,thieves,andinsiders(e.g.,corruptemployees).Inaddition,enemynation-statesresort
to just about any method as they seek economic, military, and political superiority; their
arsenal includes spies, cyberespionage, cyberwarfare, proxy wars, and fake news. With no
shortageofbadguys,theyhavethebenefitoffirststrikeandsurprise,andtheyarerelentless.
Global cybersecurity professionals are facing the daunting task of responding and
defending against an onslaught of persistent hackers from throughout the world who are
wreaking havoc on individuals, organizations, and infrastructures. Major changes in pro-
tection strategies are desperately needed in this increasingly ominous cyber battleground.
Although there are many soft targets, such as public transportation and public gath-
erings, what makes matters worse is the terrible fact that security itself has become a soft
target!Forexample,hackerspenetratenetworksandsecuritysystemstounlockdoors,spyon
video systems, and steal information and data.
Thesethreatstoourwayoflife,economy,andnationalsecurityaremajorproblemsthat
are being confronted. Cybersecurity professionals are not only enhancing defenses but also
going on the attack (e.g., hacking back). Security and loss prevention professionals are
working with cybersecurity professionals on strategies such as policies and procedures,
awareness programs, security of mobile devices, and investigations. Manufacturers and en-
gineers are hardening security systems.
Increasinglydestructiveandcostlynaturalandhuman-madedisastershaveresultedin
enormousharmtopeople,communities,andbusinesses.Populationclustersinurbanareas
and building booms in geographically unsafe locations increase risk. Resilience and an all-
hazards approach to disasters are explained in this book. Enterprise risk management and
enterprisesecurityriskmanagementarewovenintothecontenttobreakfromanarrowview
of security and loss prevention in favor of a holistic approach.
There is no guarantee here of solving the world’s protection and resilience problems.
What this book does is help the reader to understand and apply theory, methodologies, and
practical strategies to real-world challenges.
Othergoalsofthisbookaretoguidethereadertobecomeamoreastutecriticalthinker
while enhancing skill-sets and providing a deeper understanding of our unpredictable,
complex,anddangerousworld.Suchattributesimprovedecision-makingwhilestrengthening
xvii
xviii Preface
jobsecurity.Seniorexecutivesaredemandingthatprotectionandresiliencemethodsshowa
return on investment. Suchinvestments mustavoid failure, or worse, increase risk.
This book helpsthe readerto understand thebad guysand whattheyare doing, while
offeringoptionstoenhancesuccessesagainstthem.Examplesofsecurityasasofttargetare
exposed while offering mitigation strategies.
A major theme of this book is to connect the traditional security manager, physical
securityspecialist,andinvestigatortoITsecurity.ThisisnotaclaimtomakethereaderanIT
securityexpert.Rather,thereaderwilllearnaboutsimilaritiesanddifferencesofphysicaland
IT security; internal and external IT risks and countermeasures; and the mindset of the IT
security specialist. In addition, the convergence of physical security and IT security, as
covered in the contents, makes an understanding of IT especially important to the security
and loss prevention professional.
The many disciplines within this book include criminal and civil law, business, ac-
counting, risk management, intelligence, business continuity, emergency management, fire
protection, safety, sociology, and psychology. Terminology, concepts, and theories, at the
foundation of this profession, are emphasized. Updates include new statistics, laws, stan-
dards, guidelines, research, strategies of protection and resilience, technology, events, and
issues.Thepublicationssupportingthecontents includeavariety ofperiodicals,books,and
researchreportsfromnumerousorganizations.Over400newreferencesareincludedinthis
seventh edition. An effort has been made to include relevant and practical research from
journalstoassistdecision-makerswhenchoosingsecuritystrategiesthatareevidencebased.
The contents retain basic information on the body of knowledge of security and loss
prevention.
ThewritingofSecurityandLossPrevention:AnIntroductionincludedreferencetoASIS
certification domains, standards, guidelines, academic/practitioner symposiums, and the
security studies committee. Another source was the University of Phoenix/ASIS research to
identifyenterpriserisksandthecompetenciesandskillsrequiredbyprofessionalstomitigate
those risks; this project culminated in an Enterprise Security Competency Model formatted
fromaframeworkfromtheUSDepartmentofLabor.Anadditionalsourcewascybersecurity
workforcecompetenciesresearchedbytheUniversityofPhoenix/(ISC)2.Thisprojectresulted
in a Cybersecurity Competency Model also formatted from a framework from the US
Department of Labor.
The US Department of Homeland Security, Interagency Security Committee, was
anothersourcethroughthepublicationtitledSecuritySpecialistCompetencies:AnInteragency
Security Committee Guideline. This Guideline seeks the uniformity and consistency of core
competencies among federal agencies in the training and professional development of se-
curity specialists.
This book is an aid to applicants preparing for the Certified Protection Professional
Examination, which is sponsored by ASIS International. Numerous topics included in the
examination are covered in this book.
What specifically is new in the seventh edition? To provide the reader with a view of
some of the updates, here is a list of new terms and topics included in the book:
Internet of Things (IoT)
Climate change and security
Environmental security
Security as a soft target
Soft target security
Preface xix
Hard target security
Data analytics
Private equity firms
The built environment
Business case for security
Gap analysis
Fortress problem
Balancing (legal) test for security investments
Fitness devices and litigation
Body cameras
Social media
Emotional intelligence
Bloom’s Revised Taxonomy of Educational Objectives
Cloud-based services
Legacy systems
Panoramic cameras
Audio analytics
Autonomous video analytics
Electrified fence
Laser space detection sensors
Investigation and intelligence functions
IoT and investigations
Counter social media techniques
Deep web and dark web
Emojis and emoticons as evidence
Jamming devices
GPS manipulation
Geofencing
“Cooking the books”
Posttraumatic stress disorder (PTSD)
Fire as a weapon
Pressurization systems
Critical incident management
Incident Command System
ISO 45001
Root cause analysis
Remote-plotted terrorist attacks
ISIS
Weaponization of information
Cognitive security
Virtual currencies
xx Preface
Counterintelligence
General Data Protection Regulation (GDPR)
Bug bounty programs
Vishing
Cybersecurity of critical infrastructure and the IoT
Life critical embedded systems
Cyber defense versus cyber offense
NSA hacking strategies
“Israelification” of the US aviation
Total retail loss (TRL)
Consumer racial profiling
Racial profiling assessment
Mobile point-of-sale
Mobile wallet
Cash recycler
Tokenization
Flash mob criminals
Cyber-enabled economic warfare
Det Norske VeritaseGermanischer Lloyd
Active assailant
Active assailant management
Threat score
BSI PAS 3001
Security at large-scale events
Impairment in the workplace
Defend Trade Secrets Act of 2016
Trade secrets and security and criminal justice technologies
Mobile device management
WikiLeaks
Behavior transmitter-reinforcer
Workplace wearables
Human-embedded microchip
Artificial intelligence
Robodrone
Crime-as-a-service
Toassistthereaderoftheseventhedition,thefollowingisincluded:learningobjectives
and key terms at the beginning of each chapter, key terms in bold within each chapter,
definitions, examples, illustrations, photos, boxed scenarios, boxed international topics for
global perspectives, and career boxes that explain various specializations in security.
Thestudentorpractitionerwillfindthecontentstobeuser-friendlyandinteractive,as
in previous editions. Several features facilitate an understanding of not only the basics but
also the “reality” of the field. The reader is placed in the role of the practitioner through
Preface xxi
various exercises. Within each chapter, loss problems are described and are followed by
coverageofnuts-and-boltscountermeasures.Sidebarsineachchapteremphasizesignificant
points and encourage critical thinking. Cases titled “You Be the Judge” appear in the text.
Thesefictionalaccountsofactualcasesdealwithsecurity-relatedlegalproblems.Thestudent
is asked for a verdict based on the material at hand and then is directed to the end of the
chapterforthecourt’sruling.Anotherlearningaidistitled“YouDecide!WhatIsWrongWith
ThisFacility?”Withtheassistanceofchaptercontent, thereaderexposesvulnerabilities ata
facility and offers suggestions for improved protection. Additional boxed cases appear in
chapters and offer bits of interesting information or analyze a loss problem relevant to the
subjectmatterofthechapter.Thecaseproblemsattheendsofchaptersalsobridgetheoryto
practiceandcontainquestionsforapplyingconceptsinthechaptertoreal-worldsituations.
Theseexercisesenablethestudenttoimproveanalyticalanddecision-makingskills,consider
alternativestrategies,stimulatecontroversyingroupdiscussions,makemistakesandreceive
feedback, and understand corporate culture and ethical guidelines.
This new edition also serves as a helpful directory. Professional organizations and
sourcesofinformationthatenhanceprotectionprogramsareincludedwithwebaddressesat
the ends of chapters.
Thefirstfewchaptersprovideanintroductiontosecurityandlossprevention.Chapter1
definessecurityandlosspreventionandpresentsacriticalperspectiveonthehistoryofthis
profession. The second chapter concentrates on the growth of the security industry and
related challenges. The next three chapters provide a foundation from which protection
programs can become more efficient and effective. Chapter 3 focuses on why security is a
profession, theory, planning, budgets, risk analyses, standards, regulations, evaluation,
research,andthebasicsoforganization.Chapter4providesanoverviewofthejudicialsystem
oftheUnitedStates,civil andcriminallaw,premisesecurityclaims,administrativelaw,and
laborlaw.Thischapteralsocoversarrestlaw,searches,useofforce,andquestioningsubjects.
Chapter 5 explains the “why” and “how” of working with people and organizations to assist
loss prevention efforts. Topics include internal and external relations, marketing, social me-
dia,andthenewsmedia.Chapters6e8emphasizestrategiesforcurbinginternalandexternal
crime threats through job applicant screening, management countermeasures, and physical
security. Chapter 9, on purchasing security services and systems, is vital because not all se-
curity specialists are wise consumers, and the best plans are useless when followed by poor
purchasingdecisions.Chapter10providespracticalinformationoninvestigations,including
typesofinvestigations,legalissues,technologyandevidenceinourdigitalage.Thestrategies
ofaccountability,accountingandauditingaredescribedinChapter11,withanexplanationas
to why these tools are essential for survival. Chapter 12 focuses on resilience, risk manage-
ment,businesscontinuity,andemergencymanagementasafoundationforChapter13onlife
safety, fire protection, emergencies, and disasters. Chapter 14 emphasizes workplace safety
and OSHA. The topics of terrorism and homeland security are explained in Chapter 15.
Chapter 16 concentrates on critical infrastructure protection, cybersecurity, and border se-
curity.Chapter17describessecurityandlosspreventionatretail,financial,educational,and
health-care organizations. The topics of workplace violence, human resources protection,
substance abuse, and information security are in Chapter 18. The concluding chapter an-
ticipates the future and explains trends, education, research, training, and employment.
Thetraditionalfocusofsecuritydsecurityofficers,fences,andalarmsdistoonarrowto
deal with an increasingly complex world. Practitioners must work to bring protection and
resilience to the next level to confront shrewd adversaries and all hazards. The true profes-
sionalmaintainsapositiveattitudeandseesproblemsaschallengesthathavesolutionsand
possibly opportunities.
xxii Preface
Thetremendousgrowthofthesecurityandlosspreventionprofessionprovidesfertile
ground to advance in a rewarding career. In such a competitive world, the survival and
protection of people, businesses, institutions, technological innovations, and the national
interest depend greatly on the men and women in this vocation. With professionalism
and perseverance, more battles will be won in the never-ending war with adversaries. This
bookshouldinspireandmotivatestudentsandpractitionerstofulfillthesevitalprotection
needs.
