As managing director of the BSB Group, Mike Bluestone presides over an award-winning consultancy that, in the space of six short years, has shot up from being a 'one man band'-style operation to a respected multi-disciplinary affair combining forensics, training and fraud management with general security advice. How did such a major transformation come about? We visit the company's London Head Office to find out.
With a solid and highly successful career in security management and investigations spanning over 12 years already behind him, Mike Bluestone – managing director of multi-disciplinary security consultancy the BSB Group – is adamant where the gaps lie in the industry's professional training regimen.

"To date, security management training has focused on the technical issues. Dealing with emergency scenarios and the like, and differentiating between surveillance systems," states Bluestone. "That's fine up to a point. However, I don't believe there has been nearly enough emphasis on the broader skills of management and managing people. Nor do I think there has been enough emphasis on the relevance of using intelligence as a resource for practical security."

Mirroring the thoughts of many current practitioners, Bluestone suggests that the traditional 'promotion' route from military and police service to the private security industry can be as much of a hindrance as a help.

"In the military, and sometimes in the police service, there are these imaginary demarcation lines between intelligence and security," he suggests. "One faction is seen as a gatherer of information, the other viewed as a protector. It's terribly important that, in the private sector, intelligence be evaluated and used wisely to help security professionals protect their premises and people in the best possible way. In a sense, that's what went wrong in the States. The intelligence community and the security community were not talking to each other."

Mike Bluestone certainly talked at the time the World Trade Centre was devastated by terrorism, being called in by the BBC as an official spokesperson from the private sector (a task he has taken on many times since, offering his opinions on the use of air marshals aboard commercial aircraft and the conviction of David Tovey, who last year pleaded guilty to nine counts of possessing weapons and explosives – and was duly convicted).

"When the BBC began quizzing me about September 11, it was obvious they felt that it had to be down to a massive security failure. Apart from anything else, it was actually a huge intelligence failure. Individuals had obviously been running all over America completing private pilot training courses, and yet that hadn't been reported."

Bluestone is certain that there has been a traditional reluctance among some intelligence communities when it comes to sharing their information. "It may be against the national interest to reveal anything," he suggests, "but in situations like those which transpired in New York and Washington, you must at least tell your security people on the ground of any suspected activity."

Speaking from experience
Bluestone is well placed to speak out on international terrorism. Being of Anglo-Jewish origin, and having proudly served for a short spell with the Israeli military, he has had to live with the issues surrounding Middle Eastern politics for all of his 50 years.

Born and brought up in the Highbury area of Islington in north London – he supports current Barclaycard Premiership Champions Arsenal FC, but "only from a distance" – Bluestone was greatly influenced by his parents, who instilled in him a great deal of empathy for Israel and its continuing struggle for survival.

Bluestone picks up the story of his youth with affection. "I come from a family where, for several generations, my relations had joined the British forces. I lost two Great Uncles in the First World War. My father's brother was a war hero, having been wounded in Normandy, and my own father was actually disabled out of the forces during World War II."

As a result, the need to protect people is absolutely in Bluestone's blood. Little surprise that, on leaving school in 1969, he first trained as a legal executive having studied economics and the British Constitution at JFS Comprehensive in Camden Town. The trappings of that background can still be seen today, with copies of The Economist and The Financial Times weighing heavy atop this security consultant's ever-full in-tray.

"To be honest, I really had a yen for teaching (which is pretty much the fulcrum of his current vocation in security consultancy, of course), but familial pressures were guiding me towards a profession that was perhaps a little more heavyweight," continues Bluestone. "I also thought about joining the police service, but my mother and father were quite overly protective of me in those days."

Indeed, it was the very fact that his parents worried about him that led the budding young professional into neglecting to mention that he'd joined The Territorial Army for a spell.

With his career in the law having provided "a useful backdrop" for later years, Bluestone decided to 'up sticks' not long after turning 30 and took his then wife and two small children 'home' to Israel. Following his economic and cultural instincts to the fullest, Bluestone worked in export management for quite a few years, looking after the companies markets here in the UK.

"That was great," he chips in with a broad grin spreading across his distinctive face, "because I could maintain my business links at both ends". Indeed, even now Bluestone makes a point of keeping up with all the latest news by way of BBC Ceefax, which is on throughout the day at his Grosvenor Gardens office near London's Victoria Station.

During that time spent in the Middle Eastern land of his Forefathers, Bluestone moved from being a Territorial Army recruit to fully-fledged soldier when he was conscripted into the Israeli military to work with the immigrant population. "That really propelled me into learning the language," he urges, before recalling the five months he spent slavishly pouring over Hebrew text books in a concerted bid for assimilation.

"I graduated from my army training course as the outstanding cadet," opines Bluestone, before pointing with immense pride to one of the many professional plaques and certificates that adorn his office walls.

The overriding impression is that everything Bluestone has achieved – from membership of The Security Institute and the Association of Security Consultants through to his MA degree certificate in Security Management from Loughborough University – is purposefully up there for the whole world to see.

Although a very private man, Bluestone is obviously not about to hide these particular lights under the bushel. And nor should he.

Trusting in the Community
Perhaps one of the most interesting – and, he stresses, "formative" – periods of Bluestone's life came back in 1989. In the summer of that year, he was invited back to the UK by the Community Security Trust (CST) to take charge of security for Jewish community institutions throughout the country. Everything, in fact, from schools and cemeteries through to traditional synagogues.

The industry tends to forget that there are a good many facilities and premises managers out there who are given a security responsibility, but don’t have the skills and experience to be able to cope with that. We must endeavour to plug this gap in knowle

"One came across a good deal of anti-semitism and Muslim extremism," adds Bluestone. "That said, I was absolutely overwhelmed by the sympathy and help we received from the wider security community, including the police service."

For Bluestone, it was a period in his life when he learned to lead from the front. Although there were several thousand people involved with the work of the CST, he was directly in charge of 20 people at Head Office.

"For a small professional team to motivate what was largely a band of volunteers, as a manager you had to be hands-on and get yourself out there to lead them. However, that doesn't mean that one should engage in tokenism, either. I'm not talking about visiting sites merely to press the flesh and do all the PR stuff. It's about practical teaching."

One management ethos instilled in Bluestone during this time was a need for him to trust his colleagues implicitly, and be seen to prove that by giving them just enough autonomy. "You cannot run any organisation by looking over peoples' shoulders all the time," stresses Bluestone, who is firmly opposed to centralist management in favour of a more participatory edict. "By the same equation, I'm not saying that organisations should work by committee. That's wrong as well. You can't have Soviet-style management, and must at the very least explain to your staff why it is that certain decisions have been taken."

In a sense, Bluestone is able to relate some of these experiences to the way in which he approaches the task of leading a major security consultancy. He continues: "When clients contact me now to deal with an internal fraud or a disciplinary matter in their company, the first question I ask is: 'What steps were actually taken to inform staff about the penalties of doing something wrong? Were procedures in place to cover all bases?' You can't start beating people up over alleged mistakes unless you, as a manager, have laid strict ground rules in the first place. That's extremely important."

Working with the CST also made Bluestone aware of the fact that you can have the very best security technology in the world, but it's people who 'make it happen'. "I'm not being glib when I say that, nor trite," he opines. "I firmly believe that. As a consultant, I constantly bear witness to scenarios where security breaches and crimes have taken place, but the protective systems installed have failed because humans have neglected to maintain and service those systems."

Although head-hunted for the CST post, Bluestone's heart strings were tugged yet again by the pull of his Israeli roots. Returning 'home', he spent two years in a non-security management role. Alas, he didn't really enjoy the experience.

"I did a good deal of thinking about the future, and how I could best use the knowledge and skills I had acquired to help the wider community". It was 1996 and, heading back to the UK, Bluestone knew what he wanted to do.

"I was approached by the Dawnay Day Group, a long-established private finance and investment concern, to discuss my aspirations for setting up a security consultancy. They liked what I had to say, and the Berkeley Security Bureau was born."

Early days at BSB
Armed with nothing more than a filofax, mobile telephone, a laptop computer and the staunch support of second wife Vanja, Bluestone made a commitment towards being a truly independent consultant – thus shunning any form of connection with security installations or uniformed manned guarding.

Initially, the bulk of his work necessarily focused on general investigation projects, security audits and surveys and some pre-employment checking. There was also a smattering of close protection commitments.

As the general consultancy side of the business began to grow – by early 1997 the secretarial support had become full-time, and an assistant consultant appointed – Bluestone felt a commitment to do two things. First, to focus on training. "All of the efforts we were making to promote good training were largely falling on deaf ears," says Bluestone. "To this day, I wouldn't say that end users are beating a path to our door, but there's certainly a greater awareness now that if corporate security is to be truly effective then there must be a significant investment in proper training."

Apart from anything else, Bluestone believes that training is a great motivator. "It can be, and indeed usually is wonderful for staff morale."

Second, Bluestone felt that the Berkeley Security Bureau needed to be that much different from other consultancies out there. "There are many fine consultancies in this country, and you'll not hear me being critical of the real professionals out there," he stresses. "The trouble is that end users don't always know and recognise the better ones, and are sometimes taken in by the cowboy element."

In wanting to take the company along a slightly new route, Bluestone decided – in January 1998 – to dabble with forensic investigations and electronic counter-measures. "We then bolted on a fraud management function at the back end of 2000," he says boldly.

Broadening in focus
In the Spring of last year, this broadening of specialist expertise was reflected in a change of company name. The all-new BSB Group takes in four 'mini' companies, namely BSB Consulting, BSB Forensic, BSB Fraud Management and BSB Training (headed up by Jerry Proffitt, who was recruited last summer), employing 20 full-time consultants into the bargain.

"By focusing on management training and more specialist courses, we were beginning to offer a service for security professionals that wasn't available elsewhere," opines Bluestone, before neatly linking-in to a very salient point. "The industry tends to forget that there are a good many facilities and premises managers out there who are given a security responsibility but don't have the skills to be able to cope with that. We must endeavour to plug this gap in knowledge before it's too late."

Bluestone is very much in favour of practical, vocational training. This ethos, harnessed on the Loughborough MA course, manifested itself in the development of a series of six-day intensive security management courses delivered to blue chip clients in both the private and public sectors (taking in the banking, pharmaceutical, insurance and local Government communities to name but a few).

Of late, the BSB Group has also embarked upon some niche training such as defensive driving instruction. "We also provide security awareness training for non-security personnel," chips in Bluestone. "In my view, that's every bit as important as management training. The receptionist, the porter, the cashier... These are the people often at the sharp end of security incidents, so they must be taught the basics."

The Security Institute has accredited the BSB Group's security management training course, but Bluestone is quick to point out that corporate organisations should be free to shop around for the type of training they think is best for them. "What surprised me most about the Private Security Industry Act 2001 is that the word 'training' doesn't appear. I sincerely hope that the Security Industry Authority (SIA) will put a great deal of thought into training provision, and canvass the opinions of as many training providers as possible before committing pen to paper."

The consultation period between the industry and Perpetuity Research and Consultancy International was slated to finish around mid-January, so we shouldn't have too long to wait for the results...

"The issue of 'capturing' in-house security operatives for licensing is one that many clients are already finding to be totally confusing," adds Bluestone. "It's bizarre that you could have an unlicensed in-house supervisor in charge of outsourced officers who are all regulated. That's a contradiction we have to sort out, so it's probably a good thing that the Act is designed to be enabling legislation."

Harking back to his economic leanings, Bluestone then adds: "One of the failures of the security industry has been its neglect of engaging in the education and training of business students and post-graduates from other disciplines. As a whole, our industry has failed to educate the wider management community about security risk management. Whole businesses, not to say economies, now live or die by their security. The future of the entire western economy is embroiled with security issues, but where is the input from the security sector in the wider management community to reflect that?"

PAS 49: a step in the right direction
Along with many of his peers, Mike Bluestone believes the recently-issued PAS 49 document to be an "excellent starting point" for taking security consultancy as a discipline onto the next level. "It's great, if for no other reason than that it places the whole topic of security consultancy before a much wider audience. We clearly have a problem with definitions. That is why PAS 49 is so important, really. I hope that the SIA will control quite firmly those that claim to be providing a consultancy service."

Like Security Management Today, Bluestone recognises that the first exposure a corporate chief executive will have to someone like himself is immediately after an incident – be it minor or major. "That's entirely wrong," states Bluestone. "Security is too often reactive when it should be pro-active."

Taking a pro-active approach himself, Bluestone completed some voluntary work for the Fraud Advisory Panel back in 2001. Operating within a Working Group chaired by Martin Robinson of Lloyds TSB, he helped produce a seminal booklet entitled 'Fighting Fraud: A Guide for SMEs'.

"For me, that document sums it all up," suggests Bluestone (who is an active member of the Panel's Education and Training Working Party). "What's better for a blue chip organisation? To have a first class fraud investigation department, or simply engage in fraud prevention? What does fraud prevention mean? It means due diligence. Sound vetting and screening. Good internal controls. A solid corporate structure."

Interaction and the SIA
Over the next five years or so, Bluestone believes that the way in which the private sector interacts with the SIA will be crucial. "This industry of ours is one in which egos are often powerful," he sighs. "We need to try and temper those egos in the years ahead, and place the best interests of the industry and its clients at the top of the agenda."

Bluestone is also adamant that the industry must stop focusing on minimum standards and begin to look instead at maximum standards. In his eyes, good security equals sustainable corporate profitability.

"The question I'd like to ask end users is simple. How much does it cost your company each time your buildings are broken into and, for example, computers are stolen? What information is stolen, and what's system downtime costing you? How many of your employees will have to spend valuable time talking to police and consultants during the ensuing investigations?"

As Bluestone states in true 'economist speak': "When people say you cannot quantify good security, you can. It's not easy, but you can," he says with a forceful tone. "Never close the door to reality. The minute you refuse to hear anything new, and start to think of yourself as an expert, you will shy away from reality. My time in the Middle East has taught me to be extremely tolerant and respectful of others, and aware of the fact that I'll learn something new every day about this job."

Spoken like a man who, not surprisingly, has always made his point by persuasion based in fact rather than coercion based on half truths.

Source

SMT