Tuesday, September 29, 2020

Good Security Begins with Good Threat Assessments

cybercrime
Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on email

A complete security plan is like an octopus – it has many arms but they all work together in a coordinated effort. As you review the available body of knowledge on security, you will find it all reaches the same conclusions. The wording is just different – people, process and technology versus technology, people and process. The former refers to business in general and the latter specifically to conducting security assessments.

We are all heading for the same destination; we’re just taking different routes to get there. You may hear bits and pieces of the same message repeated; that just means someone else has arrived. This doesn’t mean there are no original thoughts. It just means that enlightenment happens every day – supporting the axiom, “Knowledge is constant, ignorance rolls over.”

RelatedPosts

This is why we have educational institutions and why security courses can be found in the halls of higher learning. Some security companies are even operating their own training academies.

All the elements are connected and they all begin with vulnerability or threat assessments. Vulnerability assessments on the Internet are tied almost exclusively to IT security. And that is valid given the almost daily strides in technology developments and the hackers that exploit that technology. Michael’s, the nation’s largest arts & craft chain, Target and Neiman Marcus are just a few high-profile companies victimized by IT security breaches. Even our Maricopa County Community Colleges are dealing with a huge data breach and a subsequent class action lawsuit.

However let’s not forget the importance of physical vulnerability assessments. We’ve examined employee safety in the past, but it is time for us to consider how meticulously we assess ourselves; where the assessment begins; and, who provides the service. There are a number of excellent security firms out there with trained and certified experts that can give your place of business a security checkup to rival the best physical exam. ASIS International, a global association of security professionals, has a certification program that your own security chief should attend. Remember when we talked about the benefits of belonging to professional associations? These security experts should be a part of your threat assessment team. You do have a threat assessment team, right?

The thoroughness of your threat assessment will dictate the thoroughness of your security efforts and the safety of your employees.

I heard two gentlemen speak recently on separate occasions and both made the same point, they just used different words. The first is Kevin Quinn, the president of the National Association of School Resource Officers, who provides school security. The second was David J. Gibbs, an expert at master planning who has been in security for 40 years. Quinn spoke at an Arizona Private Security Professionals’ Association luncheon and Gibbs spoke at a luncheon of the Phoenix Chapter of ASIS. Both spoke of the importance of involving security in the design and planning stages of new construction or expansion. This is because you need an efficient exit strategy to get the building’s occupants to safety as quickly as possible, especially during an active shooter incident, fire or a natural disaster.

Gibbs even suggests that security be involved with the architects during the planning stages, so they can advise on whether a building’s design is conducive to occupant safety. Remember the movie, “Towering Inferno,” which brings us to the concept of crime prevention through environmental design (CPTED). This is the process of passive crime prevention by using a building’s design to discourage unlawful behavior. It can be as simple as removing shrubbery around doors and windows, providing adequate lighting and requiring numerous checkpoints to gain entry. It can also involve the strategic placement of barriers to prevent vehicles from getting too close to a facility. CPTED dates back to the 1970s and can be applied to whole communities as well as individual buildings.

In a recent issue of College Planning & Management Magazine, Randy Atlas, an architect who is certified in personal protection through ASIS said the first of three steps that should be taken when initiating CPTED strategies during the master planning phase is to bring security to the table to work with architects and designers. The second step also involves security working with architects to determine who will use the space, which he is quoted as saying “trumps everything else” when considering occupant safety.

No facility can be rendered absolutely crime-proof, but the vulnerability of the building and its occupants to crime can be mitigated by some hard introspection and foresight. You can control that octopus and you won’t need Jacques Cousteau. There are plenty of other resources to help you. We’ll see you next time.

 For more information visit, www.blackstonesecurity.com

LATEST ARTICLES