As part of our Executive Roundtable Interview Series, we sat down with prominent law enforcement veteran John Cannon, Special Agent in Charge (SAC) of the GBI Major Theft Unit with the Georgia Bureau of Investigation (GBI). An active ISCPO board member, he provides a unique perspective when it comes to setting best practices in conducting major theft investigations. We asked him to share his take on where the industry is going in combating crime and how LP practitioners can effectively work with law enforcement to mitigate loss.   

SAC Cannon’s unit is responsible for cargo theft investigations in the state of Georgia. With over 40 years of Law Enforcement experience, SAC Cannon has worked in a variety of roles at the GBI including serving at the Democratic National Convention, the Olympic Games in Atlanta, the G-8 Summit at Sea Island. He was also a member of the GBI Special Response Team as well as the State of Georgia Special Weapons and Tactics Team. SAC Cannon has twice received the GBI Directors Award for investigative excellence during his career, along with the GBI Meritorious Service Award and the Medal of Valor from the International Narcotic Enforcement Officers Association. SAC Cannon graduated from Columbus State University with a Bachelor of Science degree in Criminal Justice. He is a graduate of the Georgia Association of Chiefs of Police Law Enforcement Command College and the Professional Management Program at Columbus State University. He is a Senior Instructor at the Georgia Public Safety Training Center, where he instructs on topics regarding drug investigations and cargo theft.

ISCPO: How has the industry evolved since you started out, especially related to how technology aids in investigations?

I think the use of technology has increased, especially with high value loads. When tracking devices are utilized by the transportation industry and used correctly, it provides us with a greater opportunity to recover a stolen load. Real time monitoring and timely notification improves the chance of making a full recovery. As with any organized criminals who adjust to investigative techniques, cargo thieves have responded to the use of technology utilized by the transportation industry. On the flip-side. we have seen an increase in the use of GPS jamming devices being used by the organized cargo theft groups, especially the groups from South Florida.

ISCPO: Why did you participate on the ISCPO board?

One of the main pieces of the strategy that we developed to combat cargo theft was to develop relationships with the private sector. I think by being on the board will help facilitate that objective. It will provide a law enforcement perspective on any discussions that occur concerning security procedures and protocol developed by the private sector. I think it is important to have someone with a Law Enforcement background on the board to provide a LE prospective. Also I think it will help the private sector understand what Law Enforcement needs when conducting an investigation.

ISCPO: In your experience, how can Public Sector & Law Enforcement can work together with Private Sector better?

Prior to my assignment regarding cargo theft, I spent most of my career in drug enforcement with the GBI. Initially it was difficult for me to understand the concept of sharing information with the private sector. I quickly realized the importance and benefit of working together with private sector investigators. While it may sound easy, it takes time to develop that level of trust to share information. It is also important for private sector investigators to understand that we cannot share certain information with them. It is also important for the private sector to have and provide to us in a timely manner information regarding the particulars of a theft. The first moments after the theft are critical to the recovery of the stolen cargo. If the private sector can provide us with timely information the chances of a recovery increase. In more sophisticated theft situations, the hand off between an internal LP investigation and Law Enforcement is sometimes a grey area. That’s when it’s even more critical for LP managers to communicate to Law Enforcement they’re tracking potential insider-generated crime. For example, it could take weeks for one investigation to uncover where several touch points are redirecting or stealing cargo from targeted vulnerable environments. Once scanning data or evidence is collected, a fully documented file can be handed over to Law Enforcement, be it local, state or national level.

ISCPO: As a Public Sector official who’s investigated numerous supply chain crimes, what are the three most important elements a company moving goods must do to maintain a high standard of protection?

I get this question asked time and again. It’s really the first question every loss protection professional should ask themselves, and continuously revisit quarterly. Focusing on a few key things will keep your eye on what’s your and your business’s priority. Here’s a checklist to start your own strategic plan to stay ahead of crime, never alone reacting to it.

Stay Current with:

• Cargo theft intelligence and trends – there are many products and solutions to track, monitor, and recover goods
• Training
• Avoid complacency

Conduct Threat Assessments:

• Probe looking for vulnerability of protocols and plans
• Properly vet security companies and Temporary employees
• Properly plan for worst case scenarios

Employ Best Practices:

• Situational awareness
• Supply chain collaboration
• Secure chain of custody utilizing best of class covert GPS devices
• Monitor the movement of cargo
• Follow protocols
• Strict carrier vetting and accreditation like the ISCPO Carrier Audit & Certification Program

ISCPO: What are the biggest challenges to supply chain protection & security, from a holistic industry level?

Cyber-Crime –  We’re seeing cyber-crimes and the efforts to preventing those crimes continuously growing. Companies must take protecting their technology systems and data seriously and not rely on IT departments to do the job. Specially training professionals with technological knowledge should develop LP programs and devise risk management protocols that adhere to the law.

Limited Background Checks – Supply chain in itself connects a multitude of products, companies, and people together to move goods from A to B. Organizations must know who’s handling their goods at all times. Companies not committed to conducting routine and organized background checks are weakening the supply chain as a whole, using the addage you’re only as strong as your weakest link.

As the speed of the Industry increases so will the theft – With the increase of eCommerce and global shipments, there are significantly more goods in transit than ever before. As with any variable cost, private sector leaders need to understand that risk management budgets need to match the increased pace of business.

As part of our Executive Roundtable Interview Series, we recently sat down with industry thought-leader Wes Bank to get his point of view on the challenges, trends, and developments facing the LP / AP industry. Wes also headed up ISCPO’s Carrier Security Audit Committee that developed a formal audit program to bring new security standards and risk management processes among carriers.

ISCPO: Pls share a short summary of your background and experience in supply chain protection.     

I began my career catching shoplifters and maintaining store shrink programs for Jewel-Osco, which led to managing LP for some of their US based DCs before heading back out to the “field” to manage retail LP at the District level. After 10 years of grocery & pharmacy LP, I joined Office Depot as a Regional LP & Safety Manager for supply chain. Thinking I knew everything about Loss Prevention, I was in for a huge awakening. I had a tremendous boss named Bill Gavin who exposed his team to inventory control through WMS systems, adjustments and various cycle count methodologies. I was encouraged to participate in industry groups such as RILA and LPF.  It was here that I participated on a content development committee for a new certification that we all know today as the LPQualified and LPCertified. During my tenure at Office Depot, we transitioned from in-house delivery drivers to 3^rd party carriers which soon became ground zero for our battle against shrink and an important propellant into my current role.

After 12 years at Office Depot, I was hired by Velocity Express (a large final-mile provider with over 60 facilities across the US) to develop a Loss Prevention program to minimize customer cargo claims. Quite a demanding task considering the added challenge of not being able to coach, train or provide any direction for the thousands of independent contractors (drivers) handling our customer’s freight. One of my most demanding customers from a security compliance perspective was DHL Global Mail who had a very stringent program to follow. There was a mutual respect for their well-contrived security requirements and our compliance efforts.

It was a short crossing of the bridge when a vacancy opened at DHL for a Security Director, where I was hired as an individual contributor. Within 3 years I grew the department to 19 strong with the great support from my current boss, Nikki Koontz. During this evolution, I implemented a department name change from Security to Loss Prevention for better customer recognition and relevancy in the ECommerce world. Today, DHL’s LP department focuses on 4 core competencies:  Investigation, Audit, Regulatory and Physical Security/Systems.

ISCPO: How has the industry evolved since you started out? 

At the start of my career in 1990 tech consisted of pagers to communicate urgency, we didn’t have cell phones or any personal computing devices. Case reports and audits were handwritten. Analytics were big if defined as hand tallying data from a sea of filed manila folders. Retail shoplifting and employee theft apprehensions were of the greatest priority. We equipped ourselves with handcuffs and at times provided chase down the street without repercussions. Needless to say, we just don’t do this anymore today and pretty stupid even back then.

Laws and regulations (such as Tort, Labor laws, OSHA, DOT, Homeland Security and more) have been rapidly evolving requiring Loss Prevention practitioners to stay current through education, training and policy adoption all in the name of reducing exposure to liability. Yesterday’s techniques to influence loss/risk may be doing more harm than good today. Look at some current challenges in the news today with worker misclassification, security screening/waiting time, criminal background checks in hiring decisions, and privacy/retention of personal data.

Moving beyond bricks & mortar LP & Security

The nature or source of the losses or risk in Supply Chain is usually much different than those of retail brick and mortar. Therefore, the Loss Prevention programs must be unique to this part of the business in order to stay focused and relevant. A shipper, for instance, doesn’t have its own inventory valuation but is accountable to hundreds of clients. Losing a customer due to underperformance or continuing losses might be more financially devastating to the shipper than the product loss was to the client. Therefore, the focus for the shipper’s Loss Prevention department might be more about customer satisfaction/retention with KPIs to support that focus. A retailer’s modern supply chain might apply less value to case count, terminations and arrests than government regulatory compliance, insurance premium reductions, minimizing inventory inaccuracies and out of stocks, for example.

Supply chain and e-commerce are the new drivers of our industry as businesses try to gain further efficiencies in order to minimize costs and grow earnings. I like to think of store merchandising as an art while supply chain as a science. Industrial Engineers and Operators work hard to measure productivity and quality or what I describe as “today’s costs” within the supply chain. It is today’s costs that are greatly considered when setting up and creating operating plans in the DCs. Risk/loss is “tomorrow’s cost.” Therefore, Loss Prevention needs to have a seat at the planning table to help influence or prevent these future costs. While a shrinkage problem in a particular store is concerning at the local level, a significant loss or two within the supply chain can cripple earnings enough to instill panic within the organization or even influence investors.

ISCPO: What are the biggest challenges to supply chain protection & security, from a holistic industry level?

Whether you are shipping internally to replenish your shelves or shipping externally to an end user (B2B, B2C), securing the supply chain has never been more important for the success and longevity of the company.

Speed

The largest ECommerce player(s) are setting the expectations or norm for end users with respect to the speed of delivery, the cost of delivery and tracking advancements. ECommerce competitors work hard to keep pace, while the revenue squeeze is put on many brick & mortar stores. This competition inspires innovation and technology advancements within everyone’s supply chain. It may also help spur new businesses that can provide services to aid your supply chain at lower costs. The shipper that can deliver in the shortest time, with the best tracking and at the lowest cost will win. This not only ensures continuous investments into supply chains but also the need to maintain a lean/efficient operation.

Regulatory compliance

There are many government agencies that are entwined within most supply chains in the name of safety or security. The challenge is to maintain regulatory compliance through training, audit and investigation programs which all add front loaded costs. However, failure to front load these costs appropriately in your business today will likely cost 2, 3, even 4x more in tomorrow’s costs.

Technology

Technology isn’t as simple as it was 20 years ago. Today, Loss Prevention professionals must be able to control travel expense by monitoring compliance or investigating remotely at times instead of onsite visits. Cameras, alarms, card access, analytics, audits, etc… must be manageable through key strokes, not footsteps. Back in the day, only LP procured their systems and project managed the installations. Today, more and more IT departments are tasked with providing the solution for anything placed onto the network such as cameras, card readers.   Don’t shun this idea. By providing the solution, IT departments are also responsible for the quality of service and managing service providers. This frees up the Loss Prevention team to establish the system requirements and write policy on usage, auditing, and reporting. This is really about working within your core competency, allowing each cross functional group to do what they do best.

ISCPO: Why do you participate on the ISCPO as a Committee Member?

I was always interested in leveraging our industry colleagues to develop industry standards for the Carriers and the ISCPO was the perfect conduit to get the message out. I joined in its inaugural year and, at the first conference, I surveyed the audience and determined that there was interest in developing a standardized carrier audit and sharing results among members.   This concept helped launch the ISCPO Carrier Security Audit Committee. At the second conference, I presented on Final Mile Carriers, how they operate and the challenges as it relates to their clients. This set the stage for the committee’s first order of business, establishing a set of Carrier Security standards and audit. Later, the committee created a carrier certification process. Carrier Certification is very beneficial from the client’s perspective in knowing that industry security standards are applied to their extended supply chain but also a tremendous marketing value for the carrier. We expect to be sending more qualified carriers through the certification process in the next 12 months.

The ISCPO is gaining momentum as colleagues really need to network directly with other Supply Chain experts, without wasting lots of time through networking via less direct channels. The ISCPO is attracting more Carrier-employed Loss Prevention professionals and that helps bridge the gap of understanding between the contracted and the contractee. Supply Chain is very different than retail so this outlet provides the networking, round-table discussions, and support needed to arm LP or Security practitioner with the right strategy.