RMA Welcomes Richard W. Grayson as a Consultant/Investigator

Posted on 1, Jul | Posted by RMA

Risk Management Associates, Inc. (RMA), recently hired Richard (Rick) W. Grayson as a Consultant and Investigator. Rick brings to RMA over thirty years of law enforcement and industry security experience. He retired from the Raleigh Police Department in 2011 as the Deputy Chief of Police before moving into industrial security at the largest privately held software company in the US. Rick’s experience as a consultant and an investigator make his addition a valuable asset to both RMA and its clients. He is a graduate of the Michigan State University – East Lansing Criminal Justice program, the FBI National Academy, PERF Senior Management Institute for Police, and the Administrative Officers Management Program (AOMP).

Michael Epperly, RMA’s Director of Investigations, notes: “Rick is an exceptional talent with a wealth of experience. We are honored to be associated with him. We look forward to putting his experience to work for our clients, and continuing RMA’s tradition of pairing clients with investigators and consultants of unrivaled skill and integrity, who are uniquely qualified to deal with the issues at hand.”

Continue reading

Data Security: Where there is data, there should be policy

Posted on 30, Mar | Posted by Russell W. Gilmore, CISSP, CISM, EnCE

locked computerThe recent report by the Wall Street Journal about the Morgan Stanley breach scares me as an employee. Reportedly Galen Marsh, a financial adviser for Morgan Stanley, was fired for allegedly stealing account information from about 350,000 wealth management clients and posting some of it online. The part that concerns me are the reports that federal law enforcement officials are focusing their probe on the possibility that Marsh’s computer was hacked. (Full story here.)

I have not reviewed the full report nor have I looked deeply into the incident. My attention was drawn to the consequences that befell Mr. Marsh and the slim possibility that he did nothing wrong. It seems that in this day of BYOD – Bring Your Own Device – and the use of laptops and mobile devices by employees, it is time for there to be a clear understanding about the company’s responsibilities and the individual employee’s responsibilities. This is not to suggest that an employee’s first question should be “Will I get fired if this laptop is hacked and company data is stolen?” when presented with a company laptop. There should be a clear understanding between the company and the employee what is expected of each as it relates to the security and control of any electronic device that contains company data.

The foundation of this understanding begins with a good company policy. A policy should be specific regarding the proper use of electronic devices. A policy should also indicate who is responsible for areas such as email security, data security, acceptable use, and physical security of the device. A policy should be a living document. An electronic device policy that covers laptops should be reviewed at a minimum once a year. Policies should be flexible. Some employees may take a laptop home and some may not.

Companies should give employees a chance to review policy before they sign it and allow them to ask questions. I suspect Morgan Stanley utilizes policies that cover the use of laptops by employees for work purposes. I doubt the employee thought he would get fired if the laptop was hacked and client data was exposed. What if the employee were a CFO or CEO?

There is most likely a lot more to this story than has been made public, but the heart of the matter is, as an employee, make sure you are fully aware of what the company expects as it relates to the use of company data and company provided electronic devices.

Continue reading

RMA Exhibits at the IACLEA Southeast Regional Conference & the 15th Annual SCCLEA Linda B. Floyd Safety Conference hosted by Furman University

Posted on 2, Mar | Posted by RMA

RMA participated as an exhibitor at the IACLEA Southeast Regional Conference & the SCCLEA Safety Conference hosted by Furman University in Greenville, SC. The conference brought together over 250 campus law enforcement administrators from across the southeastern United States. The Director of University Police, Tom Saccenti and his staff provided all the participants with gracious southern hospitality with the beautiful Furman campus as a backdrop. This framework allowed the attendees to focus on the serious business of Leadership in a Crisis.

“Knowing how to respond quickly and efficiently in a crisis is critical to ensuring the safety of our schools and students. The midst of a crisis is not the time to start figuring out who ought to do what. At that moment, everyone involved – from top to bottom – should know the drill and know each other.”

Margaret Spellings
Secretary of Education, 2005-2009

Chief Michael Kehoe, Newtown, CT began his presentation with this quote which also captured the underlying themes that were a part of all the presentations on the first day of the conference. The IACLEA Southeast Region brought together a powerful group of presenters including:
• Retired Chief Wendell Flinchum, Virginia Tech Police Department 2006-2014
• Dr. Gene Deisinger, Ph.D. Executive officer, Virginia Tech Police Department
• Chief John DiFava , MIT Police Department
• Chief Michael Kehoe, Newtown, Connecticut
• Lt. Col. Dave Grossman

Each of these presenters shared, for the benefit of the audience, the “good, the bad, and the ugly” side of leading their department’s during a significant or a series of significant crisis. They took the audience through the details that they could share that formed the basis of the decisions that were made as the crisis situation unfolded. What they knew, what they didn’t know, lessons that were learned along the way, and changes they made to their response program after the fact. Each of the presenter’s shared common themes that they learned in response to a crisis including the need for a multi-disciplined approach that include but is not limited to:

• Relationships, build the network of diverse support before the event happens, reach out to your network during the crisis – ask for help from people you trust
• Develop a case management plan that is proactive, integrated, and adaptive
• Training, training, training and awareness are critical
• Prevent and mitigate
• Be prepared to monitor and reassess during the crisis continuously
• Assign scribes and capture as much as possible during the crisis, don’t rely on memory
• Communicate

Continue reading

Chris Peterson and Mike Epperly are Keynote speakers at the NCACLEA 2015 Winter Conference

Posted on 2, Feb | Posted by RMA

RMA was pleased to be able to support the North Carolina Association of Campus Law Enforcement Administrators (NCACLEA) as keynote speakers at their 2015 Winter Conference. The conference was hosted by the Wake Tech Community College Police Department and held at North Campus at the Wake Tech Community College Public Safety Center.

Chris and Mike presented “Clery Compliance Update: Campus SaVE Act & VAWA”. Risk Management Associates, Inc. works with administrators and campus public safety officials to make sure they understand their obligations under the Jeanne Clery Act and associated regulations as well as Title IX. We help them develop the procedures necessary to satisfy the requirements under those federal laws. At the same time we address other security-related issues that affect operations, facilities, students, faculty, staff and guests.

The NCACLEA has been a key partner in the campus law enforcement community. The conference brought together administrators from across the state to network, share best practices, discuss challenges, and develop the resources that law enforcement administrators need to protect the people, physical assets, and reputation of the colleges and universities. As a security advocate and partner in the education area, RMA was pleased to support NCACLEA and the members they serve.

Continue reading

Mike Epperly attends Association of Title IX Administrator Investigator Training

Posted on 30, Jan | Posted by RMA

In January Mike Epperly attended Association of Title IX Administrator (ATIXA) Investigator Training. ATIXA’s training is a comprehensive training class focused on treating campus sexual misconduct as a civil rights discrimination and investigation. Civil rights investigations are not police-led investigations, and it is not the same as investigating a student conduct violation. Title IX investigation skills are specific and highly specialized. Title IX investigative skill sets are developed and enhanced through the ATIXA Investigator Training.

ATIXA provides a professional association for school and college Title IX Coordinators, administrators, and investigators who are interested in serving their districts and campuses more effectively. Since 1972, Title IX has proved to be an increasingly powerful leveling tool, helping to advance gender equity in schools and colleges. ATIXA has been formed to promote professional development and foster collaboration in what is actually a field of 25,000 people who all are assuring Title IX compliance in our schools, colleges and universities.

The National Center for Higher Education Risk Management Group, LLC (NCHERM) a law and consulting firm endowed a grant that created Association of Title IX Administrators (ATIXA). In 2010, NCHERM created the only Title IX Coordinator/Investigator Training and Certification Course that is now an ATIXA professional development opportunity. ATIXA is an independent, not-for-profit organization served by an Advisory Board.

Continue reading

Rusty Gilmore Speaks at the ASIS Monthly meeting

Posted on 28, Jan | Posted by RMA

On Wednesday January 21, 2015, the local Chapter of ASIS International, Chapter 119 held their monthly meeting at the PNC Center in Raleigh, NC. Rusty Gilmore was the guest speaker. Rusty gave a presentation on Computer and Network Vulnerabilities: Steps to Protecting Your Systems and Data.

Continue reading

Rusty Gilmore and Christine Peterson present “Enemies at the Gate or Are they Already Inside?”

Posted on 12, Dec | Posted by RMA

Christine Peterson and Rusty Gilmore presented Enemies at the Gate or Are they Already Inside? The presentation was given to a group of small business professionals hosted by RBC Wealth Management and sponsored by DJK HR Consulting, LLC, ABEO Insurance Agency, LLC, and SOULE Employment Law Firm on December 3, 2014.
Small business owners often display a combination of guts, grit, competency, and work ethic. They have everything to gain and everything to lose. They have bought into the idea that a security program is a cost they cannot afford instead of the reality which is a framework for the businesses stability and prosperity. The attendees at the seminar got a crash course in the people side of business and the concept that even “good” people make “bad” decisions once they have justified the rational for their actions. Focusing on the protection of the “secret sauce”, the program encouraged interaction between the attendees, presenters and sponsors in a discussion of physical security, IT security, BYOD (Bring your own device to work), and compliance considerations.

Continue reading

Russell Gilmore Attends Active Threat Training

Posted on 17, Nov | Posted by RMA

Russell Gilmore attended an Active Threat Training program sponsored by Orange County Emergency Management. The course provided a history of active shooter events and included a tactical movement lecture and demo along with a skills overview. The objective of the training session was to review and learn from past events so as to be better prepared to respond and manage active shooter events in the future.

The program was conducted by Dr. Stephanie Crapo, Orange County Assistant Medical Director, UNC Emergency Medicine ED Fellow.

Continue reading

Christine Peterson and Russell Gilmore Present at Meredith College

Posted on 7, Nov | Posted by RMA

Chris Peterson and Rusty Gilmore presented Enemies Within at Meredith College to the Sociology and Criminology Classes on November 7, 2014

The presentation was created to expose the students and future business leaders that the majority of business security breaches are committed by current employees and former employees. This requires employers to create and implement comprehensive security programs that blend the people, processes and technology. People cause security problems and security programs provide the guardianship that protects businesses’ assets and competitive advantage.

Chartered in 1891, Meredith College is one of the largest independent private women’s colleges in the U.S. Meredith also offers coeducational graduate programs in business, education and nutrition, as well as post-baccalaureate certificate programs in pre-health and business, a dietetic internship program, a didactic program in dietetics and a paralegal program. Meredith’s programs – undergraduate and graduate — challenge each individual student to think deeply, push hard, discover new strengths and grow even stronger. Meredith has been cited as one of the “best colleges” in the region and the country by U.S. News & World Report, The Princeton Review and Forbes.com.

Continue reading

RMA Welcomes Michael Epperly as Director of Investigations

Posted on 30, Oct | Posted by RMA

Risk Management Associates, Inc. (RMA), recently reengaged Michael Epperly mre1.jpgto lead our investigations division. Michael previously served as RMA’s vice president and general counsel. Mike’s experience as a consultant, investigator and attorney make his addition a valuable asset to both RMA and its clients. Michael is a graduate of Campbell University and former law enforcement officer and will serve as our Director of Investigations, focusing on white collar crime, misappropriation, due diligence, compliance and ethics investigations and consulting.

Epperly, a native of Roanoke, Virginia, received his Juris Doctorate degree in 2002, and served in various investigative capacities in Virginia law enforcement before moving to North Carolina to begin his legal career. Prior to his hiring by RMA, Epperly worked for the NC Attorney General’s office and as the lead investigator for the NC Innocence Commission, where he investigated post-conviction claims of innocence by examining new evidence not presented at trial. Epperly also served as an intelligence officer in the US Navy.

“I am honored to once again be associated with RMA,” said Epperly. “RMA has a long history of superior investigative outcomes. Much of this success is directly attributable to the unrivaled skill and integrity of its people. RMA has a proud tradition of pairing each client with investigators and analysts who are uniquely qualified to deal with the issues at hand, and who also have the courage and integrity to report the truth – even when not favorable to the client. I intend to ensure that this tradition continues, and am both honored and humbled by this opportunity.”

Continue reading