United Kingdom - Multi Site
The Centre of Protection for National Infrastructure describes critical national infrastructure (CNI) as “facilities, systems, sites, information, people, networks and processes, necessary for a country to function and upon which daily life depends. It also includes some functions, sites and organisations which are not critical to the maintenance of essential services, but which need protection due to the potential danger to the public.” [Source]
There are thirteen sectors identified – Chemicals, Civil Nuclear, Communications, Defence, Emergency Services, Energy, Finance, Food, Government, Health, Space, Transport and Water.
HS Security plays a fundamental role in the securing of CNI, providing third-party accredited products for perimeter protection and entrance security. Each CNI site is unique and has a set of identified risks and vulnerabilities. The aim of designing a physical security scheme is to design out residual risk for the protection and security of CNI and all of those operating within.
When a residual risk has been identified, how do I start designing a security scheme?
Designing a security scheme can seem incredibly dauting but, no matter what the threat, the three main addressing principles to consider are as follows:
To Deter – implement measures on site to stop or displace an attack
To Detect – verify an attack and initiate an appropriate response
To Delay – prevent the attack from reaching the asset, this includes taking measures to minimise the consequences of an attack.
The idea being that solutions and measures can be implemented to mitigate an attack. Then, where appropriate, response plans can be exercised involving all relevant stakeholders and on-site operational plans.
As long as these three principles are kept at the epicentre of any mitigation strategy, a successful security scheme can be achieved.
When first starting the process, it is best to approach your local Counter Terror Security Advisor (CTSA). They can assist you to begin the process and point you in the direction of the relevant security professionals for your particular site.
The starting point must always be a threat and risk assessment to understand what you are dealing with. To do this you need to understand threat and risk;
The Intention and Capability of potential terrorists or criminals create the; Threat to your asset. On their own intention or capability are not a threat. For example a police authorised firearm user armed with guns in a public place has the capability to cause catastrophic loss of life, but they don’t have the intention to do so, therefore they are not a threat to the public.
The Impact and Likelihood of the threat manifesting produce the risk. The impact must be considered against people, property and reputation or a combination of them all, the likelihood is very subjective and additional intelligence and the current UK Threat Level (currently severe), will help to inform this part of the process.
Once the risk in understood a vulnerability assessment will need to be carried out by physically surveying the site to establish what, if any, existing mitigation measures are in place to prevent the threat and risk from being realised. This covers everything from guard force, CCTV, physical security measures and cyber security.
Important to remember that the vulnerability assessment is about the current situation and not any proposed solution. Once the existing exploitable vulnerabilities have been assessed, you are left with the residual risk to each of the identified threats, this is what you need to focus on and then match to a proportionate solution which mitigates, manages and minimises any possibility of a successful attack by terrorists or those with criminal intent.
How much does budget influence or hinder security schemes?
As with everything, budget is a huge factor. Especially given the current economic environment. Security can be delivered to suit any size of budget. It is important that whatever the budget, it is utilised to deliver an effective physical security scheme and not to be used to ‘pick and choose’ elements of a scheme as this may create gaps and vulnerabilities.
Most of all, it is vital that if a risk has been identified, this is not ignored due to budget constraints. This comes down to responsibility; manufacturers within the industry have a responsibility to clients to ensure that appropriate measures are suggested and that propositions are proportionate to the scenario presented.
Investment in security is like investment in insurance, you do not need it till you need it. However, investing in security might pay dividends by a reduction in insurance premiums, against criminal acts or terrorism. Meanwhile, it is important that the perception of investment in security measures is changed and decisions are not made reluctantly but, instead, with a mind on the safety, security, and responsibility towards people and assets.
It is imperative that the far-reaching consequences are understood should a security breach or attack happen. This should form the basis of investment.
For over fifteen years, Russell has been heavily involved in the physical security industry, helping to advise and provide security solutions to protect Critical National Infrastructure across the UK and further afield. Pivotal in driving and informing product development to meet critical national infrastructure needs over the last decade, Russell has led a development programme to mitigate emerging threats and address client requirements.Get in touch
Read more about our past projects and see the types of solutions we have provided to meet a wide range of security objectives.
United Kingdom - Multi Site
Gain access to information on over 150, third-party accredited physical security products. Join our members area to have uninterrupted access to this wealth of information and to be kept abreast of any new security innovations from the HS Security team. From permanent to temporary; from industrial to urban, we have a physical security solution to meet your objectives.Find Here