Cip 004, R1 Physical Security Awareness Webinar 10 23 09 Final Lipub

1,345 views
1,200 views

Published on

Encari’s physical security awareness webinar will address reasons why physical security is a key component of critical infrastructure protection. Attendees will learn about basic concepts and controls that help safeguard personnel and prevent unauthorized access to critical equipment, systems, material, and information at or pertaining to critical facilities.

The webinar will address the following physical security concepts:

• Deter – visible physical security measures installed to induce individuals to seek other less secure targets.

• Detect – physical security measures installed to detect unauthorized intrusion and provide local and/or remote intruder annunciation.

• Delay – physical security measures installed to delay an intruder’s access to a physical asset and provide time for incident assessment and response.

• Assess – the process of evaluating the legitimacy of an alarm and the procedural steps required to respond.

• Communicate – communication systems utilized to send and receive alarm/video signals and voice and data information. Also, includes the documented process to communicate detected intrusions.

• Respond – the immediate measures taken to assess, interrupt, and/or apprehend an intruder.

• Intelligence – measures designed to collect, process, analyze, evaluate and interpret information on potential threats.

• Audit – the review and inspection of physical security measures to evaluate effectiveness.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,345
On SlideShare
0
From Embeds
0
Number of Embeds
15
Actions
Shares
0
Downloads
66
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Cip 004, R1 Physical Security Awareness Webinar 10 23 09 Final Lipub

  1. 1. www.encari.com CIP-004, R1 Security y Awareness Webinar Series Series Physical Security Fundamentals & Best Practices Steven Hamburg Mark Simon
  2. 2. www.encari.com Objectives Obj ti • Learn why physical security is a key component of critical infrastructure protection. • Learn about your role in implementing physical security-related policies and controls to mitigate risks of unauthorized access to li i d l ii i k f h i d critical equipment, systems, material, and information at or pertaining to critical facilities. 2
  3. 3. www.encari.com Role f Physical Security R l of Ph i l S it • Violence, vandalism, theft, and terrorism are prevalent in the world today. 3
  4. 4. www.encari.com Role f Physical Security R l of Ph i l S it • A Bonneville Power Administration crew working near the Mountain Avenue Substation discovered a suspicious device that law enforcement officials later determined was a pipe bomb. Law enforcement officials safely dismantled the device. While the bomb was near the substation, it is not clear that the BPA facility was the target. Source: BPA News July 22, 2009 4
  5. 5. www.encari.com Role f Physical Security R l of Ph i l S it 5
  6. 6. www.encari.com Foundational Ph i l S F d ti l Physical Security it Controls: Deter • Don’t be too helpful. Some places are not meant to be easy to find. 6
  7. 7. www.encari.com Foundational Ph i l S F d ti l Physical Security it Controls: Detect • Identify and report any suspicious acts on or around the premises without putting yourself in harm’s way. 7
  8. 8. www.encari.com Foundational Ph i l S F d ti l Physical Security it Controls: Assess • An effective assessment system provides two types of information associated with detection: (1) information regarding whether the alarm is a valid alarm or a nuisance alarm, and (2) details regarding the cause of the alarm; i.e., what, who, where, and how many. 8
  9. 9. www.encari.com Foundational Ph i l S F d ti l Physical Security it Controls: Delay • Physical barriers are designed to delay an intruder. 9
  10. 10. www.encari.com Foundational Ph i l S F d ti l Physical Security it Controls: Communicate • Some organizations establish code words to alert co-workers and supervisors that immediate help is needed. Employees should know what steps to perform if a threatening or violent incident occurs. 10
  11. 11. www.encari.com Foundational Ph i l S F d ti l Physical Security it Controls: Respond • Leave it to the professionals to respond to a potential physical security breach. • The primary concern in any security incident is the protection of f human life. If force is threatened, system operators / control center / all personnel should follow the intruder's instructions to the letter. 11
  12. 12. www.encari.com Foundational Ph i l S F d ti l Physical Security it Controls: Intelligence • Employees benefit from a comprehensive security awareness program and an understanding of the threats involved. 12
  13. 13. www.encari.com Foundational Ph i l S F d ti l Physical Security it Controls: Audit • Checking physical security system controls: I have my badge The door is secure The alarm is set I know the policies and procedures t f ll k th li i d d to follow 13
  14. 14. www.encari.com Physical Security B t P ti Ph i l S it Best Practices: Scenario #1 • Piggybacking A social engineer appears as a legitimate employee and walks into a secure building by following behind someone who has authorized access. 14
  15. 15. www.encari.com Physical Security B t P ti Ph i l S it Best Practices: Scenario #2 • Observing a supervisor or co-worker being confronted by a person who appears volatile. 15
  16. 16. www.encari.com Physical Security B t P ti Ph i l S it Best Practices: Scenario #3 • Finding a suspicious package or device. 16
  17. 17. www.encari.com Physical Security B t P ti Ph i l S it Best Practices: Scenario #4 • You observe a visitor, who should be escorted within a physical security perimeter, wandering within the physical security perimeter without his or her escort. 17
  18. 18. www.encari.com Physical Security B t P ti Ph i l S it Best Practices: Scenario #5 • It’s the end of the day and you rush to leave work to pick-up the kids, and in your haste you forget to secure confidential documents clearly visible on your desk. 18
  19. 19. www.encari.com Physical Security B t P ti Ph i l S it Best Practices: Scenario #6 • You discard printed materials and a CD containing the most sensitive type of information, as defined in your information protection program. 19
  20. 20. www.encari.com Physical Security B t P ti Ph i l S it Best Practices: Scenario #7 • You observe a person outside of a security perimeter drawing a diagram and taking photographs. 20
  21. 21. www.encari.com Conclusion C l i 21
  22. 22. www.encari.com Q&A • Contact Information Steven Hamburg – Co-Founder, Encari g , Mark Simon – Sr. NERC CIP Compliance Specialist • Visit our blog at Control Engineering magazine’s website: www controleng com www.controleng.com 22

×