Embed Size (px)
Citation preview
Wivenhoe Management Group
WHAT IS AN ADEQUATE LEVEL OF SECURITY?
Wivenhoe Management Group
What is an Adequate Level of Security?
There is clearly a substantial difference in protecting a facility
from persons intent on destroying the infrastructure to those intent
on defacing it.
Defining that difference is critical
Wivenhoe Management Group
Factors That Determine An Adequate Level of Security
1. Type of Facility2. Cost3. Risk Acceptance4. Insurance Requirements5. SVA Recommendations6. Liability
Wivenhoe Management Group
Factors That Determine An Adequate Level of Security
1. Basis of Security Understanding2. Threat Level3. Accepted Security Industry Standards & Practice4. Legal Compliance5. Environment6. Incident History7. Other
Wivenhoe Management Group
Basis of Security Understanding
Sandia - Detect, Delay, RespondDHS - Deter, Detect, Delay, Respond
Security Industry ExperienceKeep the Problem OutDeter the Problem Elsewhere
Wivenhoe Management Group
Threat Level
Crime Rate Statistics
• Homicide• Rape• Robbery• Aggravated Assault• Crimes Against Persons• Burglary• Larceny• Motor Vehicle Theft• Crimes Against Property
Wivenhoe Management Group
Accepted Security Industry Standards & PracticesDesign CriteriaProperly Maintained EquipmentTrainingManufacturer Authorized InstallersProper LightingAccepted System DesignCurrent Software & Firmware
Wivenhoe Management Group
Accepted Security Industry Standards & PracticesAs Built DrawingsResponse Time to System FailureBack-Up Power SystemsMeeting Federal & Local CodesMinimum Video Recording TimeSchedules Identifying Types &Quantities of Security Panels
Wivenhoe Management Group
Accepted Security Industry Standards & Practices
Due Diligence Related to ContractorsClear Definition of PerformanceRequirementsRequired Installation PermitsElectric Surge Protection
Wivenhoe Management Group
Legal Compliance
• Specific Industry Security Requirements• Data Security Requirements• Physical Security Requirements
Wivenhoe Management Group
Incident History
• Five (5) Year History• Type of Incident• Actions Taken• Incident/Serious Breach
Wivenhoe Management Group
Liability
• Standard Law Suit• Negligence• Gross Negligence• Repercussions
Wivenhoe Management Group
Environment
• Crime Rates• Type of Crime Category• Transportation Hub• Nearby Targets• Sensitive Border• Target Vantage Point
Wivenhoe Management Group
Type of Facility
• Hazardous• Strategic Value• Age & Condition• Key Infrastructure• Research Facility• Communication Hub
Wivenhoe Management Group
Cost
• Cost, the Leading Factor• Cost, a Double-Edged Sword• Cost, Lowest Bidder• Cost, Technology Changes
Wivenhoe Management Group
Risk Acceptance
Higher Risk = Less CostLower Risk Safe ChoiceDifference is Liability
Wivenhoe Management Group
Insurance Concerns
Escalating Medical CostsIncreasing Value of Assets
Ever Present Terrorism
Wivenhoe Management Group
Insurance Requirements
UL Certified Alarm SystemData Security ComplianceSafety ComplianceCyber Crime PreventionActive Shooter Containment
Wivenhoe Management Group
SVA Requirements
What is an SVA?
Security Vulnerability Assessment
Wivenhoe Management Group
Why Perform An SVA?
• Threat Level• Critical Assets• Findings & Recommendations• Federal Grant Funding• Customer Confidence
Wivenhoe Management Group
Why Perform An SVA?
• Counter Liability• Phased Solution• Emergency Planning & Response– Active Shooter– Bomb Threat
• Measured Response
Wivenhoe Management Group
SUMMARY
Basis of Security
• Deter Detect Delay Respond• Detect Delay Respond
Wivenhoe Management Group
SUMMARY
Many FactorsThreat Level Legal Compliance
Accepted Standards EnvironmentIncident History Liability
Facility Type Risk AcceptanceInsurance Cost
Security Vulnerability Assessment
Wivenhoe Management Group
SUMMARY
More Important FactorsThreat Level
LiabilityFacility Type
Legal Compliance
Wivenhoe Management Group
QUESTIONS
Questions can be sent to:
David McCannPrincipal ConsultantWivenhoe Management Group
