Разп

рост

ряня

ва с

е бе

зпла

тно

INDUSTRIALSECURITY

Брой 4, година II, юни-септември 2010

1

Dear Readers,

We are pleased to present you the new number of the Magazine Professional! The first paper issue brings all the positive features and trends of the previous three units in electronic format. We are satisfied that the topics provoked interest and increased audience, thus we have the courage to expand the range of users to whom we send messages through our magazine. The leading theme of this issue is Industrial security, but here will direct your attention also to risk management, development of security systems, conservation of personal and business information, extreme hobbies and physical security. Top-ics which are recently attended an increasingly acute in the public space. Leading in and using of new technolo-gies, systems and techniques raise need for contemporary personal and corporate security. Risk management at all levels has strategic importance for the development of the business and the society. That’s why, in this magazine you will find valuable tips, recommendations and analy-sis of existing methods of protection from unintended consequences.

We will be glad to receive your feedback and recommen-dations on the topics in our magazine or why not sending your materials.

Enjoy reading!

Team Profisec Bulgaria PLTD

SECURITY Competitive Intelligence with limited budget 2 Envelopes for valuables and evidence - new standards 4

INFORMATION PROTECTION „The enemy in your pocket” 10 Security of GSM calls 12 Network Security Policy 14 Secure remote array of encrypted data 16

SECURITY Driving and safety issues 20

NATIONAL SECURITY Concept of contracts related to access to classified information 22

BUSINESS Risks in business and its management 24 Business etiquette and negotiations 26

EXTREME Join the battle brotherhood 27 Risks and hazards of extreme sports 40

SPECIAL FORCES SWAT (Special weapons and tactics) 30

HOBBY Second prize is not awarded- How to learn to shoot and hit 32

WEAPON

Wich’s the best security and observation technologies company? pg. 17

What is Safe - Promet Bulgaria

pg. 6

Rifle VSS “Vintorez” pg. 34

Rifles, Thompson

Center pg. 36

chIEf EDIToR - Nikolay TsaprevEDIToR - Mariana Nikolova

PUBLIShER - PRofISEc PLTD1407 Sofia, “Bigla” str. 16A, 4 floor

tel/fax: +359 2 962 05 23 e-mail: profisec@abv.bg,

profisec.company@gmail.comwww. profisecbg.com

photos - foTILIAissue - 3000 pgs

PRINT - INARTVISIoN

2 Professional 3

Continuing from previous issue collection of information on a limited budget always begins with information gathering from obvious sources. Knowing obvious sources and information received by them are of great importance. often it is a guideline for further areas of research and intelligence. Therefore, the ability to think outside the box and to avoid clichés is a precious quality that has to develop all specialists of the competitive intelligence. This grade is vital in conditions where there is insufficient funding. Such lateral thinking means the ability to find un-usual and alternative sources of information. for example, one of the best free sources about news and events in the U.S. are not located in America and it is the website of British “UK financial Times “. competitive intelligence services, which are not suffering disadvantages in funding, may gain access to various tools and sources. for low cost most services of these resources are unavail-able, and no one can ensure that even a successful company will reduce funding. Therefore, competi-tive specialists must constantly look for cheap or totally free sources. for example, membership of professional or trade associations can access to li-braries of these associations including reports and analytical articles. Moreover, the competitive in-telligence professionals must learn to use the Inter-net professionally. When funding is not enough, specialists have to look for many things alone. This allows intercalation within limited budget, but lost much time. Professional competitive intelligence with limited funds, should consider the following options in Internet: •VarioustoolstosearchtheInternet,theirstrengths and weaknesses (Good English-language site on this subject – Search Engine Watch); •Toolstosearchthenews(forUKthisisNews-Bot and Excite News); •Branchportals(theyhavelinkstoresourcesin a specific branch). In the UK branch por-tals are searching with using the search engine LookSmart; •Thematicgroup’snews,discussiongroups(fo-

rums), thematic conversations. In the West they are detected using resources of DejaNews, foru-mone and Liszt. Another good source is the ScIP discussion forums. Western specialists recom-mend Registration and use following sites: •FT.com-siteofthemagazine“TheFinancialTimes”. Interesting for a specialist in competitive intelligence is the news from various branches of the economy and stock information. Especially interesting is the database “World Reporter”, col-lecting news from 3000 publications all over the world. fT.com service is free, including access to the database “World Reporter”. •NorthernLightispositionedasasearchen-gine. Provides quality search service and is aimed at business consumers, collecting news and arti-cles from more than 6400 sources. The database of the Northern Light has analysis of market, shares and market research. The price is a few dollars. There is a service that notifies subscriber to new information about interested theme. •Powerizeoffersfreeaccessto2400sourcescov-ering different branches and, with extra pay opens access to several thousand resources. Powerize independently publishes economic news topics. •Transiumstoreinformationaboutmorethan300,000 companies worldwide, allowing quick and easy to find information about each of them. •Hoover’smaintainsrecordsofsmallcompaniesincluding financial organizations and large com-panies from other industries. The information is provided in convenient format. •CompanySleuthensurespublicationontheInternet information about U.S. companies, which shares be freely sold. Valuable resource is also “facebook”, files and databases of private and state structures. All competent specialists in competitive intelli-gence must not only be aware of the Internet, but command and know how to work with primary sources. Although the basic operating principles are the same for large and small companies, spe-cialists in small are forced to do everything alone. Even outside consultants or companies engaged in marketing research cannot help. It is necessary to pay extra attention of the following issues: •Becarefulnottocrossthebordersoflegalityand ethics.

Secu

rity

Competitive intelligenCe With limited budget

•Beforecontactwithasourceofinformationshould have a plan and prepare meeting. •Planningthetimeisneededtodothework–so when expert is working alone, he should care-fully consider his time as there is no possibility to search for help from a colleague. •Specialistneedsconstantlytoexpandbusinesscontacts. It is nice for specialist to know person-ally staff of his company, but it is not enough. It is necessary to expand the database with external contacts - people who orient themselves better in business, in which company they work, etc. cus-tomers, suppliers, members of professional associ-ations, journalists who write articles for economic journals, experts in the industry and others. •Informallinksareneededinitssegmentonthemarket. have to visit all exhibitions, fairs and do-ing relationships there. •Knowingofnecessarypeoplemustbecomesecond nature of the competitive intelligence spe-cialist. •Havetoenterintoallprofessionalassociations,which can make acquaintances with the necessary people and receive free magazines from the mem-bers of association. This article gives several ideas about the work of competitive intelligence profession-als. They are far from exhaust all possibilities. If specialist has a limited budget, he can compen-sate this with creative thinking, combinative and searching for cheap sources of information. Money allows saving time and conversely, their lack may be offset by additional expenditure of time, therefore it is necessary to plan accurately. It is important to clear when to stop gathering information. This is associated both with the laws and ethical rules and also with time when cost of procurement, the benefits outweigh of informa-tion received. In underfunding in principle there is noth-ing bad. While competitive intelligence specialist not lift the phone, do not send electronic mail or agree to meet someone he cannot find a source that is able to give him the necessary information. Specialist but not money in largely depends on the result. Yes, without money you cannot hire someone to help you, but it means only that the employee in the competitive intelligence not is sufficiently funded, simply must do much work alone. only this team can perform the work being assigned to him and to protect the interests of the company.•

Author: Arthur Weiss

4 Professional 5

Do you know what would happen if I put a clue in plain plastic bag? Most likely it will pollutant and one criminal will not be in jail. What if the bank begins to accumulate money in paper bags? Probably other criminals will replace them with a target coun-terfeiting, and customers will not be particularly pleased. Therefore, criminologists and bank employ-ees use special envelopes, in which must be stored and carried potentially valuable items or important clues. Apart from banks, security firms and police, these plastic bags with a high level of protection enjoyed in many other areas - logistics, agriculture, courier services and others. In recent years, companies in the financial logistics sector also operating in the field security are becom-ing more demanding of quality of envelopes for items. often, unless the value of items it is important also confidentiality of transmitted documents. There-fore, trends in production of this type of devices are connected more the imposition of high standards of control. “In our business it is extremely important qual-ity of service - when it comes to security, there is no place to compromise. That is why we work with the best in Europe in the field of packaging products valuables - Debatin “, says Vasco Balabanov, manager in VIP Security. company of security services is sup-plier of products for Bulgaria of the German com-pany Debatin - the largest European manufacturer of packs for the logistics sector. Standards established for the production of bags for valuables and evidence Quality control and routine testing of each component of the products are made in own labo-ratories of manufacturing companies. Thus ensure and maintain the high quality needed to ensure the security and loyalty of customers. In big companies like Debatin each envelope is unique. high standards in the sector require continu-ous monitoring and therefore each item has an indi-vidual number and barcode. These numbers are used for tracking individual batches, thus ensuring reliable information and feedback on products. Manufactur-

ers offer even specific systems for administering the numbers and codes, which further enable customers to manage their consignments. How to recognize quality bag of carrying values Thanks to technology, production bags for valuables or evidence has reached high level of secu-rity. But how to know which is really quality prod-uct? Good envelopes required to be made of strong, tear resistant dual soldered at the edges. Material they are made is low density polyethylene (LDPE), in depending of the substantial needs to be transpar-ent or opaque. There are areas where can be written with ink, and also one or more blanks for descrip-tion, which can be detached when needed. high standards requires also each envelope have a unique identification number which may be companied with barcode. There are several different ways of sealing the envelopes for transferring values or clues. Usu-ally, manufacturers use so-called permanent sealing, which is suitable for items of low value. Some com-panies, however as Debatin produced its own tech-nology of sealing, which is temperature and chemical secured. German manufacturer has patented technol-ogy Debatape, which represent a tape with metallic fibers. Changes in collecting evidence in Germa-ny only less than a year German police was forced significantly to change the way they work in collecting of evidence with presence of DNA sam-ples. Breakthrough occurs in a small town of heil-bronn Germany, located 50 km north of Stuttgart. After nearly two-year investigation, local police is confident that on a trace of sophisticated criminal re-sponsible for murder of a police officer in heilbronn and numerous thefts of summer cottages. Investiga-tors found DNA consistent several of the suspected crime scenes across Europe. In March 2009, however, it appears that the “guilty” actually works in the company, which pro-duces cotton swabs for taking evidence from scene. Unintentional lab has left her DNA during the pack-aging of sterile pads and thus “spread” her genetic

Secu

rity

material at each site of an incident where they are used to take evidences. In practice, this case gives rise to a new era in a collection of legal evidences in Germany – Special made expert committee established by microbiolo-gists, and investigators recommended high padding of standards about using devices for collecting evi-dence crime scenes. This led to creation of entirely new technolo-gies of producing envelopes for clues. New Supplies include perfect and reliable protection against open-ing by unauthorized individuals - now every similar experience leave traces and practically reduce to zero effects of such breaches of the integrity of the pack-age.

Not quite like movies Managing money is not only a privilege and also a serious responsibility. Because unlike the movies in life any crime carries a serious penalty. No matter whether the poor customers care by a banker or poorly done work of a policeman. for everyone related to liability for their work decision is one - they use the envelopes of Debatin.

envelopes for valuables and evidenCe - neW standards

VIP security

6 Professional 7

Why is there a difference between „tamper-ing resistant” and “fire resistant” boxes? According to the standard safe is a device with no more of two square meters area, designed to store values, documents and media, resistant to tampering. Therefore, all safes are resistant to tampering but some of them are stable and the impact of fire - they called “fire resistant”.Sustainability of burglary is based on the number of resistance obtained by drilling a partial frame (a pen-etrating trough a hole of standard template of 300 to 300 mm) or full access (Penetrating through a hole in a box on a standard template larger size or opening the door to a minimum width 300 mm). often sellers’ misle consumers attributed to all safes tampering resistance and fire resistant properties. In fact, to ensure fire protection can only safe, which is certified and have a certificate thereof. Boxes hold-ing two certificates (for burglary and fire-resistant) in fact, are rare and quite expensive. Moreover tampering resistant and fire resistant is achieved in practice by dia-metrically opposed methods so that the basic combi-nation that occurs is class I (burglary) and 60 minutes (-fire resistance). What other boxes there are? Most often they are classified according to their use: Fireproof - the protection of the contents of safe high temperature, but not of burglary (professional could open such a safe for 10-20 minutes); Tampering resistant - to protect contents of the safe from unauthorized access attempts but not protected from fire; Combined – fire and tampering resistant Embedded - Installation (dig into) in the wall or floor tampering resistant, and provide some protection against fire, as they are in the wall; Cash safes - burglary of class 3 and more, used in Banks and other financial institutions; Furniture - usually with small size for installation in furniture, it is desirable to attach to wall or floor;

hotel - type furniture safes equipped with special locks to facilitate safe to work with customers of hotels and staff; Weapons - to keep the weapon, equipped with spe-cial holders and storage compartments ammunition; Magnetic media - to protect information carriers - diskettes, films, cD and others from fire (maximum permissible internal temperature of the fire - 50 ° - 70 °); Deposit - money safes, safe is above the base when intake money in which they are placed after closing them automatically transferred to the lower compart-ment. Should safes be fitted to floor or wall? Safe must be secured to the floor and / or wall to prevent the possibility of its removal and further opening in comfortable conditions for thieves. It is recommended that installation must be done with balls made of solid steel and can withstand breaking load of 500 kg to 3 tons (length from five to thirty centimeters, and diameters from 5 of 20 mm). Do insurance companies insure safes and their contents? Yes, some European insurance companies insure the contents of safes or vaults themselves as property. In Europe, the amount of insurance depends on the class safe. That amounts are tentative of insur-ance coverage for Germany in case of breaking boxes from different classes:class1 for legal for personality personality (in euros) (in euros)1. 40 000 125 000 2 . 100 000 200 000 3 . 200 000 300 000 4 . 300 000 500 000 5 . 500 000 750 000 What documents are needs to request when buying a safe?Safes are subject of obligatory certification. When buying a safe, you should get a copy the certificate of

1. class of tampering resistance - (ЕВРО VdS), EN 1143-1

Secu

rity

What is safe? Why is there a differenCe betWeen ”tampering resis-

tant” and “fire resistant” boxes?

conformity to a standard where indicating the class of protection from burglary and fire. The absence of a cer-tificate can mean poor product which does not provide adequate protection. Which organizations issuing the certificates, you can trust? There are a number of recognized certifying centers for tests that can be trusted. In Europe this Insurers are Institute (Germany, cologne) conducting tests on standards EURo VDS / EN 1143-1 and EN 1047-1 /, Test center in Brunswick (Germany), per-forming standard tests VdMA. In Bulgaria certification tests are conducted of Technotest / BDS EN 1143-1 /. All certificates issued by the manufacturer or non-ac-credited institutions or laboratories are misleading and illegitimate. Usually these are applied in order mislead the client on the quality of consumer products. What to guide us in choosing safe?

You should know answers of the following questions: What size and what will keep in the safe? What the most likely to endanger the content of safe? Is the safe certified for resistance to tampering or fire? Is there a certificate and is it noted inside the door of the safe? What is the volume and weight? What type of lock? Where will it stand? Is there a warranty and after warranty ser-vice Each buyer has to imagine the volume and quantity of the underlying storage objects, has to rec-ognize the importance of documents and values to take the degree of security of premises in which safe will be installed, including the presence or lack of security. It is also necessary to assess most likely danger (burglary or fire). According to European statistics in nine of ten cases contents of the safe is under threat of destruction due to fire and only one - as a result of unauthorized access, i.e. theft. In Bulgaria, unfortunately, ratio is in favor of theft. It is necessary to determine the most ap-propriate type of locks: a key or code (with mechanical or electronic code). To assess the actual quality of the safe it is very important to make sure that the alleged quality parameters are confirmed by the certification tags which are inside the door of the safe. These tags must be specified: country of manufacture, name of the organization held the certification, the standard which is certified.

Promet Bulgaria PLTD

8 Professional 9

promet - bulgaria pltdBulgaria, Sofia, Vrabniza,Mramor, ”Hristo Botev” str. 28tel&fax: 02/ 934-98-20, 02/934-98-21, 02/ 998-26-70prometgroup@mail.bg; www.safe-bg.com

10 Professional 11

Continued from previous issue Since the beginning of March in several Bulgarian websites already is proposing software or chip interception of GSM. Prices are folk - in order between 400 and 500 leva. Installation and setup is performed for about an hour. The described above shows that global trends in eavesdropping are applicable in Bulgaria and unauthorized eavesdropping is becoming more accessible and around us. This topic is dealt with in the last two numbers of the magazine PRofES-SIoNAL. In some sites there were compilations of articles, “The enemy in your pocket from issue 2 and 3. This and the topic of most downloaded from the website of Profisec article shows that the matter is topical and excite people. In the first two articles from the series “The enemy in your pocket” we described the opportu-nities for tapping GSM handset and using mobile operators or spyware. Also are described opportu-nities a GSM handset to be used as a device for unsanctioned obtain of information storage and transmission. This article will consider another aspect of security problem com-munication by GSM. This is offset additional wire-less communications em-bedded in mobile phones. Specifically, the opportu-nities for phone tapping and access to information in it at work with help of its communication ports. Almost all mobile phones have wireless connectivity with other

phones, computers or devices. These are Wi-fi and Bluetooth connections. Both types of connection are activated user of the apparatus when needed and not a primary communication of GSM handset. Via Wi-fi phone usually connects to wire-less internet points. This can be wireless router for home wireless network, but most networks have free access to public places such as airports, museums, malls, hotels, parks and others. In connection to the Internet via Wi-fi phone GSM practice is a simple Pc connected wirelessly to Internet. here are two problems arise. The first problem is the ability phone being attacked from the Internet and it can be download-ed all the information and may be infected with a vi-rus. The second problem is wireless hacking. Entry into public networks without a password greatly facilitate the interception of information exchanged as hackers located given the scope of the Wi-fi network and the system administrator of Internet providers, providing Internet for the network. And in both cases there is possible interception of in-formation exchanged and access to data and phone

Info

rmat

ion

Prot

ectio

n„the enemy in your poCket”

settings. The problem is exacerbated by the nature of the exchanged information through this connection type. Wireless most often used for entry into e-mail, Internet banking, exchange files, passwords, access sites and e-commerce, Skype conversations, entry into facebook and like this. In most part is concen-trated, confidential information, sometimes directly linked to security of finances and security policy of resources available to you. With Bluetooth connectivity problems are similar, like Wi-fi, with the difference that less frequents use for internet access and more frequent contact with computer printer, another phone, especially for calls in hands free. Security of Blue-tooth connection depends from phone settings that you specify. If you left your phone visible to other Bluetooth devices to permit free access password or security of the genus “0000” or “1234” that have de-fault passwords, you practically unhindered access to your phone for everyone wishes. This means that a person located within a radius 10 meters from you can relatively easily be accessing your phone, to re-trieve all your information or to eavesdrop on your conversations in real time, and that no special de-vices, but little experience, knowledge and relevant software. Access, albeit difficult, can be achieved even if you have the correct security relationship because; in principle bluetooth connectivity is not particularly reliable. In urban radius of 10 m abso-lutely certain distance that is possible to happen. The truth is that Bluetooth can be tapping into the city from a distance of 200 or more yards, but this requires equipment not sold in mass market. how-ever, these can be purchased or assembled. We briefly described two ways to access your communication and information when using a mobile phone. Do you wonder what happens to your GSM and information in it when the machine is repaired? In the service center working people fa-miliar with the problems of hardware and software and have enough knowledge, time and apparatus to affect your GSM handset. In practice there machine is most vulnerable. Then there can be added to your phone any device or software and easy to test if it works. If someone wants to eavesdrop your cell phone, the best option for him and the worst for you is the phone to fall in appropriate service for the right man. After everything written about security issues, associated with mobile phones, any self-re-

specting paranoid would have immediately discard-ed his mobile phone. Discarding the GSM handset is not a decision for general public. GSM-device is seen, practiced in our lives. We become increasingly dependent on him with any new feature invented and implemented of engineers. The problem is the way we use it. Therefore, it is very convenient and ample opportunities in practice your mobile phone became the main means of communication and storage of large amounts of data. As greater part of our communication goes through it, the greater amount of information store in its memory, the more vulnerable we are in eavesdropping, theft and loss of information or other manipulations. Solution to the security of information by using a mobile phone is possible. The measures are complex. Associated with user training, creating a certain habits and organization, use of technical devices, hardware and software to track and prevent attempts to unauthorized access to information from external persons. And that is another very seri-ous topic that will look at other articles.

Nikolay Tsaprev

12 Professional 13

Worldwide the privacy and the confidentiality are becoming more difficult to protect. In this article we present a good software solution for problems with mobile conversations. Private GSM is an excellent tool for conservation security of our conversations on mobile phones; it is software which is installed in telephone sets in order to protect confidentiality of discussions and preventing attempts to eavesdrop on calls from third parties. If conversations are not protected, anyone can now listen to them. The loss of confidential information leads to losses in material and moral attitude in business or privacy.Network of mobile operators is not safe and our calls can be easily intercepted. Although legal frameworks, etc., man-in-the-middle (one of the main methods of eavesdropping) on data of foreign and native press is beyond the control of the country and is available at prices below € 5000, which is a serious threat to talks. Therefore laws protecting the confidentiality of our calls require additional instruments. Private GSM is a solution with multiple options: The advantages of Private GSM: - Easy to use - You can talk to everyone - Special feature allows sending Private GSM, via SMS to others who are not obliged to buy the product. - Guarantee security. Private GSM is using ZRTP, designed, manufactured and guaranteed by Philip R. Zimmermann www.philzimmermann.com, one of the world’s biggest experts on cryptography and security of telecommunications. Private GSM is up against attempts to eavesdropping by third parties and offers military level of security for mobile calls. How does it work? Private GSM is designed to work with Nokia

devices Symbian S60 3° edition. - To ensure the functioning of the product is recommended using one of the following models of Nokia: Nokia 5320 XpressMusic; Nokia 6110 Navigator; Nokia 6120 classic; Nokia 6210 Navigator; Nokia 6220 classic; Nokia 6650; Nokia E51; Nokia E61i; Nokia E63; Nokia E66; Nokia E71; Nokia E90 communicator; Nokia N71; Nokia N73; Nokia N78; Nokia N81; Nokia N81 8GB; Nokia N93; Nokia N93i; Nokia N95; Nokia N95 8GB; Nokia N95-3 NAM; Nokia N96; Nokia N96-3 (models are updated periodically). Private GSM uses military level encryption AES256 and Diffie-hellman algorithm to exchange public keys. Voice communication is encrypted and transmitted in the form an algorithm using the standard No date (cSD) to the recipient where there is reverse conversion algorithm in the voice message through a unique code generated one and only for that call. At the end of each call automatically generated key is destroyed. The quality of voice communication is the same as a normal phone call. Standard date number (cSD) and its use in working with Private GSM is a condition for proper functioning of program. With some of the mobile operators require additional activation standard date number (cSD). When activated cSD of the line (often referred to as a data line / fax) mobile operator provides the subscriber number additional working from the same SIM card. PRIVATE GSM work using the standard date No. cSD (circuit Switched Data) on your mobile operator. Accordingly, the work of Private GSM is necessary to activate the date number. operator must give you number reception and transmission of data. for the correct operation of Private GSM service reception and transmission (option for sending and receiving fax) must be activated to both SIM cards. how to activate the standard date number (cSD) in different operators: MTel * The service is called Data and fax Number

proteCtion of Conversations on gsm

Profisec PLTD

(obtaining and fax messages). * Service is available only to subscribers, and is activated on Mtel stores. * The price of activation is BGN 12 with VAT. GLOBUL The service is called a Data and fax Globul, and is available for all subscribers, and those in the roaming network of Globul. You must fill in an application for data and fax number in some Globul store. The price of activation is BGN 12 with VAT. VIVATELThey do not offer the service for receiving data and therefore no separate data numbers, but in a subscription plans cSD line is activated GSM and private functions in Bulgaria and abroad, particularly in roaming does not always a guarantee connection. To run this software you need: * handset Nokia with Symbian oS * Standard date number cSD * connecting to dealer for installation of the last updated version of Private GSM * Before you purchase a license you may want installation of a free trial period 15 days.

Private GSM allows you to check security of your call at the time of the linkage. To the displays of both phones to place a secure connection must appear etc. Short Authentication String (SAS) consists of based on two words, etc. “PGP Word List” list. In an emergency call with a person not having protection software call problem can be decided at the moment. By sending an SMS we invite others to install the “Receive only “version of Private GSM and thus converse with them safely. Version “Receive only “permits the adoption of secure calls but limited outgoing calls. Legal framework allowing the use of Private GSM * Bulgaria has signed the Wassenaar convention * According to her, all asymmetric algorithms encryption to 512 bits - not subject to review. *constitution of the Republic of Bulgaria Art. 34. (1) the freedom and confidentiality of correspondence and other communications shall be inviolable. (2) Exceptions to this rule only with the judicial authorities whenever required to detect or prevent serious crimes. for more information you can visit www.profisecbg.com

Info

rmat

ion

prot

ectio

n

14 Professional 15

The new series of articles will present the main mo-ments of standards for Information Security, continuity for establishing a security policy in management of information (automated and manual) systems, integration, availability and accessibility of information in the company and corpo-ration. Information and information technologies are criti-cal assets, ensuring business goals of organizations. The suc-cess and development of any company, corporation or other organization depend largely on the ability of the information and technologies to ensure business processes, provide man-agement and customers with timely and adequate informa-tion and secure advantage over the competitors. The management of a company or corporation should consider the information as an asset affecting work and development on the organization and requiring ap-propriate level of protection against unauthorized access and unlawful use. Protecting information is obligation of all employees of the company, as individuals and as a team, which is important for the reputation, efficient doing tasks and ensure financial success. Information can exist in differ-ent forms - on paper, electronic or other media in the form of object or device, in audio or visual format. It may refer to all activities of the company or individual directions.The development analysis of information technologies shows that the weakest link appears to be the man whom with his knowledge or non knowledge could cause dam-age to the system. The reasons and motives for this may be various, so there is a need for rules, which implementation and monitoring are important for efficiency of the corporate network. Information security in the IT is to maintain its ele-ments: •Confidentiality - information is only used by authorized clerks; •Integrity - information is complete, correct and amend-ments do not violate its integrity; •Accessibility - authorized persons have access to infor-mation when necessary.

•Application of the principle - “Need to Know”. This means that everyone should have access only to the neces-sary information for his direct operation. Employee with a job description that does not work with computer equip-ment should not have access to electronic information spe-cies.The most important element of the corporate network are servers, which work and which meet many diverse informa-tion. The possible damages may obtain range from purely physical destruction to loss of information due to deletion, as well as theft, misuse of information and manipulation of the same. Any one of these lesions can lead to economic losses. To save the overall, integrity and confidentiality of in-

formation in Europe and worldwide are developed and implemented standards for Information Security - ISo 17799:2005 / ISo 27001:2005, BS ISo / IEc 17799:2006, code of Good Practice for the Management of Information Security, BS ISo / IEc 27001:2006, Information Security Management Systems ISMS. The standards describe the requirements for the information security and the technolo-gies in information systems of the company or corporation.ISo 17799:2005 standard contains recommendations for the management of information security. It covers different security aspects such as: •Planningforcrisissituations; •Physicalsecurity;

Info

rmat

ion

prot

ectio

nnetWork seCurity poliCy

•Securityissuesrelatedtostaff; •Accesscontroltoinformationsystems; •Securityindevelopingandmaintaininginformationsystems. ISo 17799:2005 presents best practices at security that can be implemented in each company, regardless of its size and specificity activity. The standard is not tied to spe-cific information technology. The standard ISo 27001:2005 defines requirements for the systems for information secu-rity.Establishing a system for information security in compliance with ISo standards couple 17799:2005 / ISo 27001:2005 are one of the best ways to manage risks associated with information in each company. Information Security management systems (ISMS) have to ensure confidentiality and integrity of the information assets of the organization - incorporator, to manage access to reliable and optimized resources used in their preservation. Proven approach is to build ISMS based the requirements of the British Standard BS 7799-2:2002 (already was adopted as ISo 27001:2005 standard) and set good practices laid down in ISo 17799. ISMS, constructed according requirements of these standards cover the main security aspects: assessment and risk management; person-nel management, physical security, control access, security selection, purchase and use of software and hardware, plans and actions in emergencies and crisis. An ISMS cover the main trends in the management of each organization. At the base of the building an informa-tion security management system are the assets analysis and risk analysis.Based on these analyses is formed the security policy which have to be declared in the public. It identifies vulnerabilities and potential threats, expected consequences of “break-throughs” in security information. Then select the appro-priate protections (controls), which generally fall into 133 distinct groups according the type of threat, which counter-act. Prepare etc. “Declaration of applicability”, in which the organization says what kind of protection is selected and what the acceptable level of residual risk is.corporate information security policies are seeking to strike a balance between the needs of the arising functions of the company (e.g. productivity) and the security requirements. It is needed the document to be focused on the principles and rules of work in computer environment. All officers in and outside the company have ethical and moral obligation to protect internal information owned or held by the same, and to maintain the confidentiality of

that inside information. Information resource is any system of physical and / or logically related techni-cal resource, software user data and provid-ing information for one or more business processes. Informa-tion resource provides collection, processing, and storage and export information. The infor-mation is the principal object the activity of an information resource. Access to information resources is available for employees of the company to run assigned business tasks.Employees must know how to accept that the information at their workstations, e-mail voicemail and other services to their corporate resources can be considered as private.Employees can be held responsible for their activities relat-ing to the use of corporate information resources.The company should allow the use of only properly licensed and authorized internal software (SP) and systems.Development, implementation, application and control the “corporate Information Security Policy”. The corporate Information Security Policy is achieved through compliance with the internal rules for the computer environment, which determine rights and obligations of staff to use its computer environment.Internal rules for use of the computer environment must ensure that all reasonable measures taken to protect informa-tion processed by the losses unauthorized access or disclo-sure of official secrets.Network security policy includes a number of administra-tive, organizational and technical events. They are imposed and implemented by general rules and principles for pro-viding information to a specific company. Main goal of the internal rules is first to define the correct computer resources use rules and another - to help reducing the risk of breaking the information security.Network security policy requires the use of combined meth-ods of security, namely organizational, administrative and technical activities. In this article we discussed the general principles and standards in creating a network security policy, in next series will look at specific implementing activities and orga-nizations.

Rumen Dontcev

16 Professional 17

Many of us in their daily work make files with sensitive content, which would prefer to remain only for their private use. Information security has become an area with rapid development in recent years, but some of our habits never changed. We believe that hide files in hidden directories (folders) or files with passwords and mailboxes. These ap-proaches save us from our prying friends and relatives, but not any obstacle to trained professional. Based on experi-ence, built over the years we provide you with a synthesis of safe practices that will live hackers in the dark. here we will describe some of the key mechanisms for ensuring data in any form. old rule is to use scheme “onion head”, that is to say actual data to be enveloped by multiple layers of security in dealing with them and their location. A key point about the compilation of the set is safe reliable algorithm for encryption / hashing data. The main choices are two: PGP public key and AES / Twofish with MD5/ShA-1.PGP is particularly secured, but only when used with the issued keys/certificates rather than passwords.AES-128/AES-256 is appropriate choice because it is fast and is considered unbreakable in the next 50 years. We will describe the AES-256 as original encryption algorithm.There are 3 vectors, which must secure to expect Reliability: 1. Storage - When we talk about remote storage data it is better to choose a supplier with a name and history who will provide reliable uptime. Popular is the use of Virtual Private Servers (VPS), as lower operating cost and flexibil-ity make them successful candidate our needs. Prices at the lowest market packages start of about 15 Euro per month, but may fall significantly if use large foreign suppliers. In their descriptions we use zero confidence in any hosting provider services. They are not rare break from the inside or social ingeneering in such suppliers. Therefore, they recom-mend only to be used for already storing encrypted data. 2. Transportation - it is better to invest more security in the transport of data from your job stations to the server for storage. Except that provides anonymity because the requests come from the private virtual address, network requests are encrypted and any instructions to file array also become inaccessible to access.

We recommend to use PPTP-based VPN server (poptop), because of its compatibility with windows clients without installing additional applications. You can use IPSEc or openVPN, but the configuration is complicated. 3. Field encryption - This is highlighted in providing data. Use software like Truecrypt (http://truecrypt.org), as security around him is proven and ergonomics at work is unsurpassed. Truecrypt (And other similar alternatives) is crypto driver, using standard commands to file system and redirects them to virtual encrypted “containers”. With a password such container is impossible to decryption of ill-disposers. Security on the moveThe chosen means of providing security ensure extremely high level of reliability trials of breakthrough. for proper configuration, we have two sets of credentials - the vpn connection and truecrypt partition. If you wish you can in-

troduce and third layer of the server data storage - SAMBA username & password. The disadvantage of such propul-sion is the requirement for permanent connection. But the portability of the service is notable as a new workstation can be configured to less than 5 minutes. Significant convenience is that you can mount as a network drive share a file server and attach truecrypt container as a disk drive. So you can work with files your way you have used.Expect detailed instructions for creating all configura-tions. our goal is to provide information to anyone who does not wish to leave the chance to run critical moments in life.

Info

rmat

ion

prot

ectio

n cryptotel, www.cryptotel.net

seCure remote array of enCrypted data

often, clients want advice which security and ob-servation technologies company (SoT) to choose, asking who the best is. here we will try to give some guidance on the topic what means a good security system. The activity of the SoT companies in Bulgaria is governed by the “Private security activities law”. Specific activities are recorded in the following articles of the law: Article 5 (1) Subject to this Act shall perform the following Activities: 1. Personal security of individuals; 2. Security of property of individuals or legal persons; 3. Security events; 4. Protection of valuable consignments and goods; 5. Self-guarding. (2) Activities under paragraph 1 may be carried out through technical security systems and aids. Article 10 Security with the help of technical systems is an activity of monitoring with technical funds of secured areas and checking the received signals.In this case it is a business carried on by traders registered under the commercial law, which obtained a license or reg-istration under the “Private security activities” law. These traders (or companies as is customary to call them) provide security services through technical security systems. The abbreviation “SoT” has acquired popularity, and coming from shortening the expression “signal security activity”. Very often there are visible signs “SoD” which should mean “Signal and security activity”. Also common abbre-viation is “ASo”. At first I thought that these are companies of the casino sector, but it turns out it is just an abbreviation of the term “agency for security and guarding”. for exam-ple at 5/29/1997, the Patent office registered sticker and the expression “SoT” as a trademark for service (Signaling in case of burglary) of alarm – SoT ltd., renewed in 2007 for next ten years of time - up to 05/09/2017. Actually right now to use the abbreviation SoT for service related an-nouncement in case of burglary - Services class 37, belongs to SoT pltd. No matter the names and abbreviations, in Bul-garia there are licensed over 1,862 companies engaged in such security. It is normal for a person to be confused and hesitant to any security system. This problem is most pro-

nounced in cities where usually work more than 6-7 both established companies, such as the number in Sofia is over 19. There is a forthcoming change of the Law on Private Se-curity activity. This change will be refining the service and the procedure for licensing of persons entitled to perform it. Let’s try to put the criteria for a good security system. Indeed, SoT system has several elements and each of them individually affect the final result, which must be a reliable guard of an object. If only one of the co-working components is not functioning, the outcome is bad. The first element of the system is building of an object. It is very important to the facility to be built and equipped with the proper equipment installed properly (anti-intrusion alarm system). The engineering companies who install such equipment are over 2500 and their work all kind of “spe-cialists”. Therefore, during the adoption of the facility under protection, employees of the good SoT company should check the facility if it is a fortified and is the equip-ment properly mounted. To make recommendations if necessary or refuse to take over the facility, if not met basic security requirements. The second element is the transmission of signals from the guarded subject to the monitoring center. Prop-erly installed equipment should be submitted in alarm infringement. Good technique made a number of other sig-nals actions performed on it (including on or off guard, re-pair) and signals indicating condition, e.g. dropped power, weak batteries, no test signal and others. These signals are made periodically and processed in the monitoring center. Good security systems ensure that these signals will reach the monitoring center. That means the company has a good network for reliable transmission signal. In the absence of good transmission environment monitoring center will not receive a signal or whether it will receive many false signals. Next item is the processing of received signals. The most common ways to eliminate the alarm are: suppres-sion of devices emitting alarm signal from the protected area (radio transmitter or GSM module), or break the line, which is transmitted by signal (telephone or internet). Therefore important now is processing the test signals. Depending of the equipment and software monitoring center expects to receive a test signal from the protected area in interval of 30 minutes to 24 hours. Missing of a

Secu

rity

WhiCh’s the best seCurity and observation teChnologies Company?

Nikolay Tsaprev

18 Professional 19

test signal is not a concern and that most software is set to submit an indication in the absence of three test signals. So if somebody silences the alarm in a guarded subject, a good SoT company will realize that there is something wrong in the absence of three or a test signal after about an hour and thirty minutes and the other in about three days. for regret in Sofia has at least two companies whose systems broadcast signals and process the test once or twice day, which effectively renders done their security. At the mo-ment new systems for signal transmission and monitoring are entering. for example in the new building of SoT-161, the monitoring system via GPRS in Sofia, indicate techni-cal irregularity or jamming occurs on the 40th second. The suppression of such a system is meaningless because in the 40th second the staff of monitoring center will take action to clarify the issue. To solve this problem SoT 161 has a multi-transmission infrastructure of the signals as alarm signal can be passed to /from/ 7 additional frequencies, most often 2-3 back up frequencies, 9 radio and over 22 frequencies in Sofia for the transmission of sig-nals. for important and risky projects the company using duplicate connection with GPRS communication with the test in 20 seconds. An important element is the training of personnel and organization how to work in the monitoring center. how software and operators work off the signals received from the protected area? Three years ago in Sofia was beaten and robbed vault, guarded by a company conduct-ing very aggressive advertising policy at the moment. In the memory of the computer located in their monitoring center was recorded that in 1 o’clock at 31.12 to 01.01 the vault is open with code of an employee entitled to access. The signal is received in the monitoring center, but there no one noticed the fact that in the New Year’s Eve the vault did not work and should not be opened by anyone. With a good software program, training of operators and established organization that robbery could have been prevented. Next element of the system is the work off in alarm signal event. The received signal has to be seen by the operator and forwarded to the patrol. here the problem is the same as with the receipt of alarm from monitoring sites in the center. It is the company has a reliable system for monitoring a link between center and patrols. Upon receiv-ing the signal, patrol should respond. Within 5 minutes after activation of an alarm, the patrol is expected to visit the site. In small cities that is easy to occur, but not ob-tained in both Sofia and big cities. how to move a patrol to arrive on time, how the region reacts if it has more than an alarm event at the same time, how to move in large traffic jams? If man tries to answer, these issues will see that there is a problem. Usually this problem is solved by deploying multiple patrols in key areas. If you look at the intersection of Vitosha blvd. and Patriarch Evtimii str. in Sofia you will

see at least three patrols from three different companies. The location is crucial. Patrols must have a sufficient num-ber. To be covered Sofia it is necessary both to invigilate minimum of 33 patrol located in key locations throughout the city. Less than this quantity means inability to timely response. It is irrelevant what the vehicles on patrol are. In the center of Sofia in rush hours any vehicle cannot do anything except motorcycle. Meanwhile, in suburban areas especially during winter in the foothills of Vitosha moun-tain cannot be worked with other than by a car 4x4-wheel drive. In practice I had a case where after the activation of the security system, the company carrying out the secu-rity called the attendee after 90 minutes on the phone and asked him whether there is a need to send patrol. Such action is totally unacceptable. Some security companies combine both functions a patrol car with service, logistics and other due to lack of resources, making it impossible for timely response. Also it is important how the patrol conduct when visiting a site. carrying out inspection and analysis of the situation and consultation by phone with the operator of the facility if the same not in place, is the minimum neces-sary action. In presence of a broken object, there are cases where guards finish the initiated by the thieves. That’s why some SoT companies have systems to control its employ-ees and verification of the events. The liability that a guarding company takes on in-ability to prevent the incident is not to neglect. Usually this is a type of insurance, but there is proposed other schemes of compensation. finally it is all about the price. Prices are flat the difference is minimal. If the difference is very large, to-wards the lower price it is better to think why. In most cases this will indicate the problem. There are not many compa-nies, which could undercut the market with quality service and much lower price, but even this will be temporary. Price should be looked after to clarify the above circum-stances affecting the effectiveness of the alarm company. how to do this? There are some recommendations: con-versation with an independent expert, talk with people on a patrol, formal request of information from the headquar-ters of the company, review the information on the Internet and forums. You can test. Activate the alarm and monitor the alarm response of the security company. The result is worth even with the possible fine of 10 Euros for incorrect action. If the patrol is delayed more than 6-7 minutes and you do not get in the meantime call or message from the monitoring center, better think about with whom and how to continue working for the security of an object. Note that security companies are extremely concerned to that kind of negative controls.

20 Professional 21

Continued from previous issue

continued from previous issue In this article we continue the advices to the people performing security services or those who are worried about their security.The most frequent attacks of secured individuals are during boarding and alighting from the car. Therefore in advance you have to look around the place where the protected person must come in the car or where must come down. If a bodyguard is alone it cannot always be done, but in situations with little risk is not mandatory. It is desirable to stay in the car until fin-ished a conversation with someone or there are consid-ered landmarks. It is necessary to leave immediately,

without delay, to stop the car as closer as it can be to the exit. The most dangerous from the route have to be considered the first and the last 50 meters: striker may not know your route, but it is not difficult to wait for you at home or office.The car itself will be attacked once kidnappers were studied in detail the route move, so it is nice to have developed several routes and to be used without a sys-tem. Thus kidnapper cannot calculate exactly which streets will pass the guarded person. It is necessary to choose the most lively and Well-lit routes. It is bet-ter to drive longer, in good time than to go across the dark and deserted intersections. Avoid narrow streets because there is no space for maneuver. It is important to be ready at any time for positioning the left or right turn or a reversal in the opposite direction. Preferably, it is the movement in the left sidebar. There the speed is higher and further most attacks begin with an attack

Exec

utiv

e pr

otec

tion

driving and problems of safety

to the driver.It is difficult a driver to be pushed to the right contain-ment or curb, as well as to be surrounded and catched from a motorcyclist from the left.Wherever you travel you should schedule at least two routes: a primary and backup. Backup route must be near the main, to be able to use it quickly. You should pass either routes at least once before you will use it and in the same time during the day on which will be used in protective mode. It is good to tick off on the scheme of route all problematic points: repair work, underpasses, overpasses, traffic jams (at what time?) complexity of variation orientations for turning, dis-tances to the divisions of the Interior Ministry, hos-pitals, rescue pharmacies. Should strive to minimize number of stops along the route, including stops in crossings - there you are most vulnerable.It is prudent, where it is possible, one of the guards to perform duties of driver and is constantly in the car. Usually the driver is trained to drive and so the rules.

Bodyguard at the wheel should know how much more. The car should never be used for private driver’s needs and other people ride in it even with the permission of the customer! “Random” passenger unnoticed can mount “bug”, or mine or attack. A customer in in-creased risk should not be allowed to open, light, or move from place the car if it was left unattended! This must be done from the guard after making a thorough inspection. To check the operation of the braking system at a small speed and then allow the customer to come. If “Boss” wants to drive alone, let him have this possibility once the bodyguard or driver assures that the car is undamaged. If the car has tinted windows, it is desirable for the various trips, guarded person to change his position in the left or right seat.It is desirable to have in the car as much as possible less noise such as loud music. It helps to hear a sig-nal at danger, technical problem with the car noise /approaching Motorcycle/ or horn of any jackanapes back.The mobile phone must always be ready to be called aid. When from the car in front suddenly jump man with a firearm, no phone help. It is appropriate to bend, press the gas and the car against the attacker. If he fails to rebound and you hit him, don’t follow the rules used for road transport accident. You should not stop to provide first aid, to call “Ambulance” or wait Traffic police. You should go ahead. Most likely the kidnapper is not alone, and then shots will follow you. The faster you pass, the more is your chance to survive. Even if the car be damaged, but still moving - push the gas! Sustainability of many cars is surprising. Remem-ber the burning Mercedes in which Shevardnadze

saved! on the other hand even armored car will not last long time if become a place of system of fire or other type of attack. Bulletproof glass usually holds three or four shots in a small area, and then they are damaged.Unfortunately, the measures described for the security con-cern not only risk personalities. Last two years showed numerous attacks on people with ordinary business or simply with higher welfare. Who can be threatened from prepared attack and what signs this? This is a topic for another series articles and special training.

Milen Ivanov

22 Professional 23

The biggest problems in the implementation of the Law Protection of classified Information (cIPA) occur in the part concerning industrial safety. for this reason and the interest of business environments we begin a cycle of articles on the application of cIPA in concluding and implement-ing contracts related to access to classified informa-tion.As a kind of protection of classified information industrial security applies to the conclusion or ex-ecution of a contract related to access to classified information in order to protect itself from unau-thorized access. The scope of Industrial safety is a certain maximum general described using the term classified information, which covers state secrets, official secrets and foreign classified information.In practice, implementing the classified Informa-tion Protection Act (cIPA) there is no doubt the need for corrective interpretation of provision of Art. 95, paragraph 1 of that law, an argument for what is the overall framework of the industrial security. It is applicable for the protection of classi-fied information constituting a state secret and not applies to professional secrecy. This is not means that when there is conclusion and implementation of contract the professional secrecy is not protect-ed. Its protection is performed by applying the so-called special measures security. Industrial safety rules may to apply to foreign classified information, but only when the international contract under which the information is provided, allows this. And if in the international contract there are not any special rules then the law of the country – source of information has to be applied.The lawful use of industrial security depends not only on the accurate determination of types of clas-sified information protection which uses this par-ticular system of measures. It is important to align the point that moisture concept of contract relating to access to classified information “or” contract in

industrial security, because their generally mea-sures are applied for industrial security. The use of these two concepts is much more accurate by the term “classified contract”, which is used in almost all international agreements on exchange and mu-tual protection of classified information concluded between the Republic of Bulgaria with other coun-tries or international organisations1. With minor differences in definitions, it is defined as a contract between two or more counterparties, which con-tains or requires access to classified information. The problem can arise from a literal understanding the term “classified contract” only as compact me-dium, which is placed security marked. This would significantly narrow cases which must be applied and industrial security would create preconditions for unauthorized access to classified information.contracts with access to classified information can be defined as contracts whose object or execution requires access to state secrets. Under “access” the mean is not only the knowledge of classified infor-mation but also the activities of creating, storing, generation, transmission, receipt, acceptance, etc.. to be established conditions for learning about clas-sified information from others.Specific cases in which the conclusion or the contract is required to access secret may be the most different. first this place is where the subject matter of the contract understood as a benefit to which this contract is directed, constitutes a state secret. Such example will be contracts for design, supply equipment and operation of telecommuni-cations systems to carry the secret to the needs of the armed forces or security services organizations in the provision of these systems which assessment is made that unauthorized access may threaten or harm the national security. These activities fall under Section II, item 15 of List categories of in-formation subject to classification as a state secret, and in the presence of assessment for the damage or threats to national security protection for their award should be conducted under the rules of industrial safety. Since the very subject of the con-

ConCept of ContraCts relating With aCCess to Classified information

tract is classified information in its attachment to a particular form require the creation of a document containing classified information.It is possible that the object of the contract does not contain categories of information included in the list of state secrets (Appendix № 1 to Art. 25 cIPA) but the contract requires access to such informa-tion. for example, place of performance contract may be classified information if activities are car-ried out in the standby units and objects within the meaning of article 162 from the Regulations Implementing the classified Information Protec-tion Act. As far as the place, implementation will be incorporated in the contract this would require not only the application of measures for industrial security, but the classification of the contract text.Access to classified information may not be re-quired in the specific activities while the due result delivery, but during the warranty service, which the contractor has undertaken to provide. Such cases might arise in the design, construction and maintenance of automated information networks, which creates, preserves, process and provide clas-sified information.In paragraph 9 of mandatory guidelines for the implementation of principles and measures in the industrial security issued by the State commission for information security (decision protocol № 82 of 19.12.2003, am. with the decision of the ScIS № 48-I dated 04.09.2007, amend. and supplemented with the decision of the ScIS № 14 - І/24.02.09), the determination shall be made by contract field of industrial security agreements whose perfor-mance “might require access to state secret.” This conditional formulation could lead to the imple-mentation of measures for industrial security, without clearly established need for access to clas-sified information. Implementing the measures for industrial security to contracts where there is no access to classified information, creates the same problem that arises in the illegal classification state-ment - to provide protection that the legal form is not allowing. If there is no classified information the conclusion or performance of the contract the implementation of industrial security will be point-less, and restrictions imposed by it will be deprived of basis. It should not exclude the possibility that could have a negative effect on the protection system for classified information, damaging the credibility effectiveness of its rules.During the application of the industrial safety not

to be arbitrary, must be blocked the possibility to be applied to contracts whose performance could have access to secret information without the op-portunity to be properly justified. The review of the findings in paragraph 9 from the directions of the ScIS (State commission on Information Security) term contracts in the field of industrial security would have effect of optimizing the established rules.The determination of the contracts in industrial security poses important questions for authority in whose jurisdiction is that assessment. In the cIPA there is no answer to this question, but the regu-lations for application of cIPA provide that the organizational contracting unit, point the subject matter of the task and its classification prior to procedures for negotiating and defining contractor. Therefore, the assessment has the future contractor under the contract, which is specifically established with article 4 of the regulation on the common requirements to ensure industrial security. It is contained in a special act, so called classification scheme, which is a part of preparations for deter-mining the contractor.

Nevin fetiN

atio

nal

secu

rity

24 Professional 25

When we talk about the risks in business and how to man-age them it is fair to say that about the topic there are many published materials from Bulgarian and foreign special-ists. The sources of such information are various - books, magazines, manuals and other publications, Internet, laws, regulations and codes of various government institutions and others. Most of them give definition of the risk concept; make analysis of species risks and provide mechanisms for its managing or avoidance. In this article, in order not to burden readers with popular information, we will try to do something different. We will show where there are gaps in understanding the concept of risk management and where in the risk management problems that have not yet found an ad-equate solution exist. of course, you will immediately make the understanding that we share here a vision claims not to be exhaustive. Thus we hope to launch a discussion in which to reach more clarity on the subject.

Status of managing risks in Bulgaria and experience in carrying out this activity

If we make a survey among managers of different levels in Bulgaria on the question “Do you know what risk manage-ment is and did you apply it in your company, we will prob-ably receive almost one hundred percent positive response. The difference will be in the details. And this is understand-able, because in the last times risk and its management are actively held on seminars, trainings, so their fashion has come. Difference in the details will be, because depend-ing on the objects of the organization and its structure has been reached different level of managerial culture. The most extensive experience in managing risks in the non-state sector in Bulgaria is likely is in banking and insurance sector. There the activities and the results largely depend on the assessment of risks and implementation of systems and mechanisms for their research and analysis is a serious background.As a result of the implementation of regulatory require-ments established by the State in the field of occupational safety (E.g. Regulation № 5 of 1999 of the Ministry of Labor and Social Affairs and the Ministry of health) in almost all, and probably in all companies in the country created by well-known principle of “copy-paste”, etc. programs for risk assessment, which created in a large part of the managers the impression that the problems with risk management are determined.companies engaged in investment activities have also prac-

tice for the evaluation of investment risk that is significantly closer to the methods of risk management applied in bank-ing.The successful in the recent years, development of the private security services also contributed significantly to solve a number of problems with the management of risks connect-ed with the access control, security and protection of compa-ny’s assets, and in some cases the application of models and mechanisms to enhance information security. for to increase the security of many companies in the country in recent years, growth in management of risks associated with the hu-man factor has been achieved. In summary, we will point that business in Bulgaria has a concept of some of the risks that threaten it, and there are also habits to manage some of them.

Gaps in understanding the concept of riskIn the understanding of the concept and the importance of risk management for the economic stability of the companies there are omissions, as a result of the following reasons: - Lack of resources in the company to organize and conduct full and proper risk management, available to it. This is one of the most frequently alleged reasons from managers. Those who managed small, medium and micro enterprises usually say they are unable to devote financial and human resource for analysis and risk assessment. This argument is highlighted also by managers of larger companies. They say that in most cases they cannot formulate specific and clearly what are the risks to them and cannot imagine how management them. In fact, any company, regardless of the number of employees in its financial results can and should make analysis and assess-ment of the risks that exist for it. Usually the spent on the target resource is proportional the ability of the company. But ignorance of the matter is much more easily be absorbed by the self belief “The troubles won’t affect us”; - Lack of interaction between the different units in the chain to analysis and risk assessment in the company. In some well-developed administratively companies in Bulgaria there are at least excellent or good working management units of the various elements of the organization. finance and ac-counting departments or directorates, departments human Resources, Logistics, Security, Legal, “Marketing” and others are usually composed of well trained specialists in their field. Each department or General activities conduct analysis and risk assessment in its direction. The luck of interaction verti-cally between these units leads to an inability to be detected and prevent the risks that exist precisely for this vertical. Imagine a case in which the human Resources are allowed the appointment of a person in Marketing, do not reference

Busi

nes

for the risks in business and their management

in collaboration with Security if that person does not worked at a competing company;- Lack of analysis and evaluation of the company’s external business environment. often such an analysis and evalua-tion be underestimated, having the attention of managers is mainly engaged in intra-company problems. of course, there are companies in which analysis and assessment of external environment are conducted, but in most cases it is focused only in areas in which are the direct interests of the company. Thus fails the opportunity to be discovered and controlled processes have an indirect impact on economic stability company;- Lack of willingness in senior management of the company to implement effective mechanisms to manage risks. There are companies in which it is applied to centralized form of government whereby decisions are taken by one or a very limited audience. In some companies higher managers have very good risk management skills, but for various reasons of a subjective character, take action in this direction or allow performance such activities only to a certain level. Problems in the management of risks that are not found

effective or adequate solutioncould any company, regardless of the available resources carry out the analysis and risk assessment of its activity? The answer is unequivocal - yes. In this case not solving the prob-lem is related primarily to change in the manager’s under-standing of the nature of risk management and accumulation of a minimum of knowledge of technology to implement this process. To achieve this change in competence managers of private companies (make this remark because in most cases the state enterprises and administrative structures are regu-larly training the managers of different levels of risk manage-ment) is necessary for them to take a simple truth. And it is that the risk management is associated with taking adequate responsibility for the economic security of the company, and in private business the responsibility is for everybody in its management. In other words, the state cannot be held and therefore directly to be responsible to organize and ensure company security. This is work of the managers. Therefore, they are the ones who must be prepared to formulate the general concept of threats that exist on the economic security of their company.here comes the second unresolved issue for many compa-nies, especially belonging to the group small, medium and micro enterprises (SME), namely the determination of necessary resources, human and financial, to carry out such activity. About this group enterprises can solve the problem with the use of services of consultants on risk management. objectively speaking, this group of companies can hardly justify the economic feasibility of maintaining their own risk management unit. In most cases much more effective and useful for them would be original consulting expertise with the problem and then periodic audit of the company on their risks. It is fair to note that specialized consulting companies for risk management have significant greater resources to

carry out this work and the cost of their service in the general sense is less than its own costs that would make an SME entity. In that case we do not put the question to discuss whether it should be born such costs because the interna-tional experience shows that the investment in risk manage-ment, which increase the economic security of a company are about four times less than the costs that would have done from the same company to cover damages caused by the underestimated risk.Another problem that occurred in the management of risks, not only in Bulgaria, is the admission of compromise with the building of risk management system in the company. often companies that have established systems for access control and protection of assets through monitoring systems (com-monly known as SoT - systems) believe that the security issue is resolved. This of course is true to some extent, but not really. There are a number of factors, from the inside and external environment of the company which have, in many cases invisible, but its direct impact on security. These factors cannot be examined by technical means and their learning is not a episodic process, but an ongoing activity.here we come to one of the following issues - the collec-tion and analysis of information on internal and external environment. This activity in the most general sense is called competitive intelligence. Also there are other terms in use: business, formal, analytical and strategic intelligence. Still in many companies, when mentioning the word “intelligence” the managers bristle. We begin to look suspicious. This reac-tion is now normal, but superfluous. I believe that is normal, because unfortunately in our country in recent years Media inject negative attitude in society to that term and many people associated it with records, policy, security services and what else not. In today’s business world, however, competi-tive intelligence is extremely pragmatic and necessary for business development activities. It covers different groups of experts working in research markets, the social characteristics of society, with dynamics of political, demographic, cultural and many other processes that have directly and indirectly impact on the business environment. This activity has its own theory and is granted in strict science-based mechanisms. for its optimization are established and actively used number of technical and high-tech products allow the collection, storage and analysis of huge flows of information, based on it takes place the analysis of the business environment.And here is the place to point out another problem, namely that these products are not generally found their mass ap-plication in business. Used in highly specialized activities as banking, insurance, finance, parts of marketer.Managing risks is extremely important for the security of business processes. Proper understanding of its nature and use of methods for its making by managers will lead to signifi-cantly increasing the security level of companies no matter of the subject of their activities, their financial opportunities or human potential.

Dimitar Zajakov

26 Professional 27

Continued from previous issue The length of negotiations is different for representatives of different cultures. The Americans for example are impatient; they want possibly short business communication and negotia-tions for a minimum of time.Participants in the negotiations usually make the most discounts just before the end of the time limit. A sense of maturity puts them at a disadvantage compared with partners who rush less.Participants in the talks should take the calls for breakfasts, din-ners, receptions, ceremonies and trips as an opportunity to build personal relationships and key aspect in negotiation process.During the negotiations, priority is given to the problem. Par-ticular attention to the individual partner may be perceived as a sign of weakness and lack of business arguments. Information about the partners obtained during the preparation suggests how to lead the dialogue. If his career is “engineering”, then for him the most interesting will be important technical aspects. If there is a career as a producer, then the details of the actual project implementation will attract him. for a manager “public figure” the most important will be the “human” factor.In principle, negotiations are conducted by the leaders of the delegations. others are including in the discussions only by invitation of their leader. If they want to speak, they should ask permission. If this order is not respected the negotiations will disorganize. It has a strong psychological element. The informa-tion emanating from persons with higher perceived status as more reliable and meaningful and does not imply a difference in the positions of members of the delegation.Another important rule is not immediately agreed with the proposed price, even if it suits you. Pause. If you give the answer immediately create an impression that your partner has offered a very low price and may forced to change its position: either will appear number if conditions that actually increase the price or signing the contract may be delayed, but it is possible and not to be signed. In order not to happen - negotiate the price. In sub-stance or only proform depends on the case. Business commu-nication incorporates the ability to compromise. The heart of the compromise is the rule: Before cutting the pie, first enlarge it! The more extensive are the limits during the discussions, the greater are the possibilities to offset the painful concessions in

solving the basic problem.During the negotiations it is permissible to use only charac-ters which are understood by all the present. Misunderstood characters can make an impression of “foul play”, so should be avoided. Negotiations may begin with what puts you together with the interlocutor. for example, the time (it is the same for all) or manifestation of attention (“how did you travel?”). other circumstances can unlink you: political events, common acquaintances due to different relationships to them, etc.Members of the delegations should not leave the negotiations. Exceptions may be made only if it is necessary medical help. If they are going out to get additional information from their team, it gives unilateral advantage in negotiations which is not ethical. If they dissociate because of service matters, it’s disrespectful to partners humble of their importance. If there is a need of infor-mation can be declared a rest and then both sides can benefit from it.During the negotiations the hands of members of delegations should be located on the table. It is known that the hands are source of information. When they are hidden, this subconscious is perceived as stressed mood of the partner. Quietly hands lying on the table means peace. crossed toes - protection, defense, etc.Smoking during the negotiations can be only in accordance with two conditions: when there are ashtrays on the desks and have permission from the ladies present.Bookmarking in pads during the talk has become a tradition and if not doing so it is perceived negatively. It is necessary to make these, at least not to offend partners.It is advisable to avoid familiarity or familiar and lenient gestures such as tapping on the shoulder. If after the verbal agreement is concluded in written, the oral agreements which have not en-tered in written lose its power. Not being included in the written agreement of parts of oral agreements is never chance: “forgot-ten” is what should be forgotten. If you are not comfortable with the shortened contract do not signed it, but send your own version. or sign, but attach a protocol for the disagreements.The oral agreement is tantamount to a written agreement only when concluded between the first persons (leaders of the negotiators countries). for others it plays the role of protocol intentions, which is not mandatory for execution. To be continued.

Busi

nes

business etiQueTTe and negotiations

To resist, to win, to prove strength and skills, to prevail over an opponent or simply survive – inspire people from ancient times to today. Sport is a living example of this - man against man, club for club, country against country, achievement after achievement… Sport you cannot give a hundredth part of the feeling while crawling along the post of “enemy” seeking safe shelter from which to attack.

The worries not to reveal you, the desire to shoot first and accurate - these feelings here are genuine. So close to the reality and yet remains fun and play. This is Strikeball or Airsoft – a command «military» tactical game technolo-gy “stolen” from the military training programs, designed to be maximally closer to the realism of war.

What is the philosophy of stikeball?

•Releaseofnegativeemotions

•Removalofaggression

•Buildteamspiritandattitude

•Tolerancetotheteam,andtotheenemy

•Honestybeforeeverything!

•Sports,action,adrenaline,discipline,practicalexperi-ence, communication with others, assistance, nobility...

•Andthemostofall-ENTERTAINMENT

for starters it is not necessary to have special training or have specialized equipment. In the game may participate as veterans, as absolute rookies who decided to try this

fun. If you do not have own equipment you will be given on the spot. If you like the game and choose to partici-pate regularly, you can buy equipment or use such a bike. consequences that you have not played so far may be more frequent “shots”, and may be you have the talent to survive. It does not matter whether you are man or woman - the entertainment is appropriate for both.

Details can be found in a short video clip: www.tv7.bg/news/69652.html

Games range from simple shooting in equipped ground in the forest, field or area buildings to especially orga-nized and trained by role-playing games scenario. how does it can happen? Through well-directed scenarios

Extr

eme

Join the baTTle brotherhood!

Profisec PLTD fIVE

28 Professional 29

where everyone can feel in “film” to survive, things and feelings that are a trademark of the commandos and hol-lywood! here is a sample scenario that pleases many of the participants:The group’s task is to free a captured by the terrorists leader and to reach an area which is terrorist group camp and destroy it. This task is complicated considerably by the lack of intelligence and by the guidance complex ter-rain.Players have the weapons and equipment, but do not have enough ammunition and monitoring tools. for-tunately, they have sufficient funds, compass and map, which indicated approximately the site, where is the cap-tured by the terrorists informant! he has important infor-mation and if they use it will find the place where there is more hidden information, which will greatly facilitate their task. Unfortunately they will have the opportunity to ask 5 questions only. on 4 of them he will answer true, and one question with a lie!opening the secret place they will have to follow instruc-tions written on the wall and collect a puzzle which will lead them to the next puzzle! on the road they will come to the opportunity to buy three things: What Are They? It will be understood on the place.on the next secret place there is another surprise and if they didn’t buy the right things they will “Suffer”. The

new secrets will indicate the correct path to the terrorist base, but to understand that they will have to find a secret place with important articles and new information!And so on until they reach the most important problem - how to beat the bad!I forgot to say that the people responsible for the orienta-tion will be chosen randomly and that all the time will be attacked from the bad. fortunately, each eliminated player will have the possibility to go back in the battle again! only after 2 minutes (after the intervention of a medic).And more ... if you find lunch will eat, if you do not find ... only “cooked Russe cans”!Good luck!

30 Professional 31

Are the special divisions ready to have high-risk operations, and perform its functions anytime, any-where? If you wait for answer this question then, when by this ready-mode will depend lives i.e. in a real situa-tion, it is possible to get late and unpleasant response. The nature of the activities of special units, require a maintained constant level of their training. This level can be checked and controlled by the heads of bodies in which they are deployed and can be done in a few ways. for example, by covering the relevant regulations or through exams and tests their specialty. The best verification and validation of the high professionalism of these people, however it happens when they engage in a direct competition with similar professionals and prove to everyone that you cannot joke with them!In a dusty region of western scrublands of America,

young men with guns in tactical holsters on the hips and rifles in their hands are ready to understand which ones are the best.This is not a reconstruction of the famous gunfight in Dodge city in 1800! This is U.S. National SWAT com-petition 2010 organized by highlands Law Enforce-ment Training center located near Littleton, colorado! These are men of all parts of the United States and several foreign countries. They are there to test their teams, their organization, weapons and skills, physique and mental stability.founded in 2007, just a few years its participants are more than 30 tactical squads. The aim is to face tacti-cal skills of the participants during the performance of subjects similar to those in the real world.common elements of all disciplines are extreme physi-cal exertion, with transitions and tactical weapons.As created by the highlands Law Enforcement Train-

sWat(speCial Weapons and taCtiCs)Sp

ecia

l for

ces ing Race center include the following elements: 1.

Purification of a building with barricaded in it armed criminal, detection an early officer and his escape to the finish line.2. Release of hostages in a bus. The exercise begins with the elimination of a target from a sniper and con-tinued with penetration and shooting at targets in the bus and removal of the hostages;3. Rescue wounded officers. Team overcomes number of obstacles, shooting at different targets, and finally evacuated by stretcher wounded officer;4. Shooting with different weapons (pistol, shotgun, machine gun) after cleansing and overcoming obstacles to mask;5. counter Sniper shooting. Shooting a Sniper rifle on various targets at different distances from different positions;6. Shooting with the rifle and overcoming obstacles;7. Shooting with a gun and mask with additional physi-cal activities;8. Intervention with tactical cover shield and shooting with short barrel weapons.The example of the highlands Law Enforcement Train-ing center is followed by a number of organizations in the United States and in the recent years there are very much promoting military and police applications competitions.for example:1. South Eastern SWAT Association in South carolina organized SoUThEASTERN SWAT coMPETIoN;2. West hartford Police Department organized con-necticut SWAT challenge;3. harrisonburg Police Department in Pennsylvania has SWAT competition;4. U.S. U.S. Shooting Academy organizes National SWAT championships.The list may be extended by at least another 10-15 organizations that organize similar events, verification of training of police structures and especially to dem-onstrate to the general public about what they spend taxpayers’ money.In Bulgaria such an initiative will be held for the first time in the autumn of 2010. Profisec has undertaken with this ambitious task to organize and meet at the fire line the most elite police and military groups, similar to the American SWAT missions. on the pages of the magazine you will find relevant details for the organization, discipline and procedures for conducting this event.Pfotos: Department of Defense

Profisec PLTD

32 Professional 33

Continued from previous issue As promised in last issue of the journal Profes-sional, we continue the article about shooting with firearm. The systematic training in the early stage of the tuition or to maintain the already achieved level of training must be reasonable. Three workouts a week with 50-60 bullets are quite enough. Any training should involve several different exercises. Depending of targets and performance volume the training may vary but is more useful to train three times a week by 50 shots than once a month with 1000 shots. Best results are achieved when working with experienced coach in shooting ground and learning alone give in the best case possibility to train only general skills for working with guns and shooting. Each instruction is conducted gradually from the simple to the complex. The first stage of education as required must be the universal methodology for training sports shooting. Passage to the next stage should be done only after the skills and habits for the present stage are solid utilized. It is good the trainings not to take place in premises (or at least not only on the premises) but on the open, because such conditions for shoot-ing occur most frequently in practice. This, in turn, complicates the process of learning through influence of external factors such as wind, different lighting conditions, uneven shooting distance, height difference of the shooter and target shooting circular sector and etc. Shooters trained in a gallery have a few very negative features of the psycho-phys-ical readiness for real situations. This results from the built already lasting dynamic stereo-type. In a real situation they allow the follow-ing main errors: 1. Shooting with two hands and the lack of

move (or short distances) make them “pin” in one place and they are not moving, but trying to decide fire task by keeping the fire; 2. Permanently absorbed habit to fire in a strict di-rected directrix “pressure” the shoulders and prevents them from opening the sector to fire. These shooters are not used to monitor and keep a circular fire to cover the purpose; 3. The training with movement in the shooting grounds leads to building skills for shooting in move-ment. There they work on the exercises ahead and back-ward and at best, step aside and squat behind shelters. Instinctive spatial orientation is missing and sense of “disposal” and control the pipe when moving in the right direction. 4. The stringent safety measures in the shooting ground (absolutely necessary and required) create in gunners’ strong fear and respect for the weapon and the direction of shooting. This makes them univariant in the choice of tactical and firing decisions, and situa-tions where the purpose must be defeated in each price. for example, they resort to using the striking effects of ricochet, shooting up from other unusual situations overhead or among people participating in such an armed conflict. They are usually stiff and have difficul-ties learning specific techniques for shooting. 5. When shooting with a large displacement (e.g.

Hob

by when clearing stairwells) cannot successfully deal with different by importance, height and speed targets.These are just some of the problems that arise in the uniform and traditional training in shooting indoor shooting ranges. The following articles will discuss in more details this issue.

Tips for shooting with a gun Short-reed weapons (pistol or revolver) are intended primarily for self-defense of holder in peace and war conditions. These situations are characterized by the sudden appearance of the threat and the need for rapid reactions which require immediate assessment of the situation both with deviation the line of fire op-ponent, taking the weapon, preparation for shooting, targeting, and fire detection. Static stands in a shoot-ing with a pistol in the real gunfight practically do not occur because shooting is conducted from a short distance limit of 2-7 meters and ending in seconds. The process of shooting consists of training, targeting and launching. During the training they are considered separately, but these elements are inextri-cably interrelated. When the shooter train to the feel the gun, he run them automatically without separat-ing. As for shooting with gun the eyesight plays not so important role, at firing with riffle, the visual memory and feeling of the weapon, allow in shooting to achieve significantly better results when shooting with the per-sonal gun than shooting with somebody else’s gun even the same model.

Preparation In the beginning will look at the slow prepara-tion for shooting with one hand without time limit. It is believed that the shooter held his gun in his right hand. The most important for lending the right stand for shooting - this is the naturalness of situations, the

seCond prize not aWarded hoW to learn to shoot and hit

Milen Ivanov minimum muscle tension, equilibrium and stability of the system body- weapons. The shooter stands with right shoulder towards the target, as arms are almost parallel to the directrix. The legs are dissolved to the width of the shoulders; toes of the legs are turned out, feet in wards. Body weight is evenly distributed on both legs. Spinal column is slightly back to reduce the workload. The shoulder of the arm with the gun should not be raised too much. head is rotated to the right towards the goal. It should be held without tension, without tilted right or left, forward or backward. The hand which holds the gun must be fully extended - so to the armpit and forearm to be fixed without being tensed. Permitted slight contraction of the hand at the elbow, but then turning the body towards the target must be less. The maximum granted left hand should not interfere and may be released or free down, placed behind leaning on the left flank, placed in the pocket, folded at the elbow and pressed up to the chest (the lat-ter situation is most often used when shooting from the knee). The correctness of the stand can be verified on the following way: take your position, point the gun to target, close your eyes and relax with his hand gun down. Without opening your eyes, raise your hand to-wards the target and open eyes. If the gun has diverged to the right or left from the target, then move slightly the legs, change a small the angle of rotation of the body to the target and repeat the check. finally, to proceed from here with the shoot-ing drills understand which your leading eye is! That, however, will tell you in the next issue!

photos: Department of Defense

34 Professional 35

I always noticed that SWAT (Special Weap-ons and Tactics) parts of many countries actually do not use any particular special weapons and just “hang” with different accessories the agreed on army weapons ones - tactical handles, and collima-tor optical sights, silencers, f lashlights, etc. give their fearsome appearance. Practically however, the most of their usage is strictly standard army and police weapons - and the structure, and ammuni-tion. however, there is a Russian (actually Soviet) weapon that completely deservedly won its fame in arms like the weapon of the “Spetsnaz”.Designed for the needs of special units in early

eighties of last century under the management of the constructor Peter Serdyukov, the automatic rif le VSS (Rif le Sniper Special) “Vintorez” has gained the fame of “sniper machine gun”. Theoreti-cally this name sounds oxymoron – the concepts “machine gun” and “sniper” are completely differ-ent each other, the machine gun is for rapid and dense fire at relatively short distances, and the sniper for precision shots to the relatively large distances, aiming each shot to hit. In practice, how-ever, appeared just this - very effective at distances up to 200 meters arm, able to keep accurate, dense and very deadly fire.from construction point of view the gun works on the principle of gas automation and has rotation bolt, with six fixed shots. The barrel box is con-

structed of steel by milling to increase the stability of the structure. The handgrip and the shutter lever for changing the type of fire follow completely the facelift of the machine gun Kalashnikov. The hand grip of the weapon, however, is integrated into the butt as in the sniper rif le Dragunov, as the butt can be removed from the pipe box. In front part of the pipe box after the gas chamber, there are a few open lines, used to remove part of the powder gases after the shot, while the rest serve the shutter move and recharge. The most interesting part of the fire arm is the silencer - practically it is also barrel in order the easier handling and compactness in transfer-ring, it can be removed, however, it is no sense to shoot without it - because the weapon practically has no barrel. Moreover, in the very concept of that rif le is to be silent.VSS “Vintorez” – structure

The measurement instruments of the arms are standard for the Russian weapons concepts - opened, the foresight is positioned in front of the silencer - barrel and sight in front of the pipe box, graduated from “1” to “4” (for shooting from 100 to 400 meters). on the left side of pipe box there is a plate for mounting optical (or night) target - PSo 1 four times increased, as the measurement scale is graduated again for the bullet of the weapon – 9x39 SP-5, SP-6.And as mentioned the bullet, I think it is worth to pay it a special attention. created on the base of the Soviet 7.62x39, this ammunition has 9-millimeter bullet – 9x39 and two varieties - SP-5 (with ordi-nary bullet) and SP-6 (with armor-piercing bullet). The bullets of both munitions are subsonic, even in its departure from the barrel of the weapon - the

Wea

pon

Calling it “spetsnaz” vss rifle “vintorez” – silent killer

initial speed is about 280 m /s, but due to its large size and weight (about 16 grams) causes serious injuries.The fillers of the weapon are two types: with capac-ity of 10 and 20 rounds and the interesting is that the loading enter deeply into the pipe box of the gun, as the objective is to reduce its height with charger put on and to create better opportunities for shooting from the supine position.TT DETAILS OF THE WEAPON:caliber: 9x39 mmLength: 894 mmheight: 160 mmWidth: 40 mmMass without bullets and optical target: 2, 6 kgMass with bullets and mounted target PSo-1: 3, 41 kgMass with bullets and target NSPU-3 (night tar-get): 5, 93 kgfire speed: 600 rounds per minuteQuick-firing: 40-100 rounds per minuteIinitial velocity of a bullet: ~ 290 m / sec

Parabellum, materials from Internet

Target range with optical target: 400 metersTarget range with night target: 300 meterscharger capacity: 10, 20 rounds

finally - probably you already asking yourself ques-tions: “Well, what exactly is the “special” of this weapon? The special is that it is acting in very ex-treme conditions – when fast and quiet must elimi-nate one or more objects representing an imminent threat. for example: Sniper couple moves to take positions – the sniper with SVD, the “spot man” (as it is modern to say today) with “Vintorez”. In a surprise appearance of one or more enemies the spot man can eliminate them quickly and quietly - fully automatic gun fire. An enemy standing on the checkpoint and prevents the transition group passing - have to be quietly eliminated. The object is guarded with dogs... So- Next... With these tasks the “Vintorez” is doing great, which undoubtedly makes it a true “Spetsnaz” in weapons...

36 Professional 37

Arms company Thompson center was estab-lished in 1965, when Thompson Thule looking for a new weapon to start producing. At the same time an arms designer Warren center seeks producer for its pistol “contender”. So a new company appears bearing the names of their co-founders - Thomspon / center.currently the company offers variety of hunting car-bines models, including with front filling models. Although “Thomp-son / center” is a relatively new company for 40 years its products contribute significantly to the development of shooting in the U.S. and hunting with single-loader guns and front loading rifles reborn again. Today the company retains its leading role in this area because of its drive towards creating in-novative and quality products for hunting fans. Since 2007, Thompson / center became part of Smith and Wesson holding corporation and are in the foundation of the successfull new hunting rifles with the mark Smith and Wesson. The company special-izes in manufacturing high tubes for various types of hunting rifles and carbines that are recognized as among the best in the U.S.We will begin the presentation with the semi-automatic hunting rifle R55 Bencmark, which is designed for hunting small and medium game and for recreational target shooting. Its automation is based on the principle of recoil with a stationary barrel, as the charging handle is on the right side of the pipe box. Its characteristic is the lack of measurement devices using only optic that

is mounted over the integrated on the rear end of the barrel two small buses type “Weaver”. The stock is ergo-nomic, with well drawn semi-pistol grip, rubber recoil pad and is made of laminated wood in one with the rifle. Barrel is armory steel, sports type, exclusively precisely constructed with high accuracy. She and other metal parts are dark blue with anti-corrosion coating with extremely high quality, allowing the use of weapons in all weather conditions. The carabine has mechanical fuse located in the rear part of the trigger guard and there

are sling swivels for placing the rifle sling. It uses metal charger, which is 10 rounds standard, but 5-chargers can be ordered also.“Bencmark” is designed for the popular worldwide small-bore game cartridges .22 LR (Long Rifle) with pe-ripheral flash. Barrel length is 457 mm; the total length of the weapon is 762 mm, and its weight 3 kg. It can be found in Bulgaria on price of 1300 Euro.The next few hunting rifles are models of the series Enkor, intended for hunting of small, medium and big game, depending on the selected size. Thir main char-acterize is the single-loader, rear filling and loaded by pulling down the trigger guard and break the barrel. The percussion starting mechanism is designed so that the barrels can be changed and a foundation may use

Wea

pons

hunting rifles “thompson Center “

different caliber barrels, allowing you to hunt different game. This can done by kick out the the pin, fastening the barrel to the bore box. The trigger is classic and dis-tance adjustable. The cock hammer is open with serrated upper surface for to be able to lead in more easily in bad weather or when using gloves.They are equipped with adjustable mechanical measure-ment instruments but there are also carbines using only optics. of course there is provided an opportunity to put optics on the weapons with standard devices. The butt and gun stock of a part of the models are made of American walnut separately and the butt is ergonomic, type Monte carlo with thicken rubber recoil pad and brightly expressed half-pistol handle. Most of the mod-els however are with gun stock and butt of synthetics in various camouflaged colors or in black. The carbins are equipped with sling swivel to place the strap. They are available in approximately 95 variations depending on the caliber, starting from small .17 hornedi Magnum Rimfayar (0.17 hMR), passing through several medium caliber as .308 Winchester (.308 Win.) and reaching the powerful .375 holland & holland (.375 h & h). The difference is in the length of the barrels and their coat-ing - dark blue and silver, which affects the overall length of the arms and their weight. In the table are given two main variants of the carbine, and the photographs show the basic models depending on the stock, barrel, colors and measurement devices.

caliber .17 hMR .204 Ruger Barrel length, mm 610 660 overall length, mm 978 1029 Weight, kg 2,77 3 capacity issue 1 1

ProtectionWeaponSecurity

38 Professional 39

40 Professional

The history of the extreme sports began in the 80 ties, when young people from the entire world started to practice and to invent new and different ways to enjoy in the nature. And if in the beginning they shock the society or enthusiasts fall behind the bars, for several years they manage to impose and attract millions of followers.over the years the different types of extreme sports are becoming many different disciplines and fight for popu-larity and originality, and their followers continuously growing.here are some of the most popular: ice skating, snow-boarding, rock climbing, mountain biking, bungee jump-ing, paragliding, parachuting, various types of flying with light and ultra light aircraft (equipped or motorized), rafting, diving, surfing, snowboarding, keyboard, skate-boarding, paintball, airsoft, off road, etc.Naturally this is a very small proportion of the species extreme sports, each of them owns and compels with per-sonality and provocative.It should be noted and should not be forgotten that these sports, although filled with adventure, are dangerous to the life and health of their practitioners if they do not comply strictly the rules for their practice. And although the obeying of rules, the statistics show that therisk and traumatism with them was higher than in the usual types of sports entertainment!Injury of the sedentary lifestyle is evident. And what are the risks of the unsound practice of various extreme sports? These entertainments are more risky, more dangerous and adrenaline. Mountain bikers, ride bicycles on many steep slopes, freeriders are skiers descend on specific trails, bungee jumping, etc... All these activities are always happening far from competent medical care and sometimes the only hope for the victims is to be identified and transported promptly to the appropriate hospital and this only after they have been given timely and competent first aid.Any sport is good, if amateurs practice for pleasure. It is harmful when the imprudence and loads go too far and are not taken all precautionary measures in advance. People who practice extreme sports should be aware that the locomotory system of human body is not stipulated for the extreme loads that are beyond the normal capabil-ities. otherwise, this could lead to accidents that reflect quite detrimental after a certain period of years. over the years the risks of injury increases.

According to the statistics of the mountain rescue ser-vice in 2006 they helped to 1069 people, of which 703 were taken to the hospital with severe disabilities. The breakdown by types of activities in the mountains where people received the trauma is as follows: skiing - 991 cases, snowbord - 125 cases, hiking, mountaineering, and paragliding and mountain bikes - a total of 54 cases. Most of the affected by the mountain accidents are young people aged 21 to 30 years with 267 cases. During the year, outside the regular duties, in the mountin rescue services carried out 53 rescue actions, involving 429 mountain rescuers. Assistance is given to 41 victims, 12 were found healthy and out of critical situation. Seven tourists were found dead as their bodies are transported from the mountains to the medical facility in complex terrain and weather conditions.According to a statistics of the American Association in delta and paragliding, deaths in extreme sports are very rare, especially compared with some well-known profes-sions. here’s a sample of it:1. fireman – 49 of 100 0002. Volunteer in Peace corps - 43 of 100 0003. Trucker – 40 of 100 0004. Altitude worker - 32 of 100 0005. Delta - 22 of 100 0006. Driver of car in the U.S. - 20 of 100 0007. Paratrooper - 2 of 100 000 According to the list of forbes’ the worldwide ranking is:1. Basejuming 2. heliskiyng 3. Diving 4. cave-diving 5. Bulrayding 6. Surfing 7. Streetlaging; 8. Mountaineering 9. Extreme bicycle race, 10. RaftingPerhaps the conclusion is that if you have a crush on any of these great sports, it is better to try. Just previously read the potential risks and observe safety measures. Ask many meaningful questions your instructor before and after during classes, study with qualified and reliable instructor, and consider a good insurance!

Extr

eme

risks and dangers of extreme sports Profisec PLTD