1
2
Threat and Vulnerability Assessment
(Transportation Security Administration)
Jovan Padia
Introduction
All organizations are susceptible to certain risks linked to threats. These threats may come from various factors such as accidents, natural events, technological failure or human intentions to cause harm. Regardless of the extent of the risk, the organization should develop ways of mitigating or reducing these risks. Transportation and Security Administration (TSA) is no exception. The security officials as TSA should, therefore, develop a risk management method that includes identifying the risks, the assets and the internal and external threats to the assets of the organization.
How the Security Officials Can Determine the Possible Risks at TSA
A survey can be useful in the determination of the various categories of risks. Organizations use the security officials to conduct these studies. An excellent review outlines the weaknesses in the external perimeters of the property, for instance, the parking lot and gives strategies of reinforcing these perimeters. The boundaries of a building are critical in maintaining the assets of the business and protecting them from the external threats. However, some risks still exist within the company (Stewart, 2013).
Personnel and their behaviors of work can expose the organization to the human made, natural and technological threat. The natural hazards include adverse weather conditions such as droughts, earthquakes, heat waves or blizzards. They are very hard to avoid as they occur naturally. They, therefore, need more attention and safer security measures in place. Negative working performance can cause more damage in case of these natural calamities. However, if the employees collaborate with their employers, they can together help in mitigating the threats that come with a result of the natural disasters.
Technological and human-made risks include damages that can be prevented if the employees follow the proper rules in each case. There are standards and regulations in TSA that personnel is expected to follow (Stewart, 2013). However, some people may choose to break these rules and mishandle the assets of the company such as computers and electrical appliances. Other technological and human-made risks include dam failure, civil disturbance, terrorism, fire, hazardous materials and security breach. These risks can be mitigated by the change in workforce behavior. Furthermore, every person in the organization has defined roles that can lead to risks if not performed correctly.
Hazardous equipment within the structure can also be a source of risks. These materials require certain guidelines in the transportation industry to safeguard the individuals including passengers from potential damages or accidents. Similarly, the location of the premise can also expose the organization to the possible threats. For instance, if the company is located in a region that is prone of terrorists, there will ...
12Threat and Vulnerability Assessment(Transportation Sec.docx
1. 1
2
Threat and Vulnerability Assessment
(Transportation Security Administration)
Jovan Padia
Introduction
All organizations are susceptible to certain risks linked to
threats. These threats may come from various factors such as
accidents, natural events, technological failure or human
intentions to cause harm. Regardless of the extent of the risk,
the organization should develop ways of mitigating or reducing
these risks. Transportation and Security Administration (TSA)
is no exception. The security officials as TSA should, therefore,
develop a risk management method that includes identifying the
risks, the assets and the internal and external threats to the
assets of the organization.
How the Security Officials Can Determine the Possible Risks at
TSA
A survey can be useful in the determination of the various
categories of risks. Organizations use the security officials to
conduct these studies. An excellent review outlines the
weaknesses in the external perimeters of the property, for
instance, the parking lot and gives strategies of reinforcing
these perimeters. The boundaries of a building are critical in
maintaining the assets of the business and protecting them from
the external threats. However, some risks still exist within the
company (Stewart, 2013).
Personnel and their behaviors of work can expose the
organization to the human made, natural and technological
2. threat. The natural hazards include adverse weather conditions
such as droughts, earthquakes, heat waves or blizzards. They
are very hard to avoid as they occur naturally. They, therefore,
need more attention and safer security measures in place.
Negative working performance can cause more damage in case
of these natural calamities. However, if the employees
collaborate with their employers, they can together help in
mitigating the threats that come with a result of the natural
disasters.
Technological and human-made risks include damages that can
be prevented if the employees follow the proper rules in each
case. There are standards and regulations in TSA that personnel
is expected to follow (Stewart, 2013). However, some people
may choose to break these rules and mishandle the assets of the
company such as computers and electrical appliances. Other
technological and human-made risks include dam failure, civil
disturbance, terrorism, fire, hazardous materials and security
breach. These risks can be mitigated by the change in workforce
behavior. Furthermore, every person in the organization has
defined roles that can lead to risks if not performed correctly.
Hazardous equipment within the structure can also be a source
of risks. These materials require certain guidelines in the
transportation industry to safeguard the individuals including
passengers from potential damages or accidents. Similarly, the
location of the premise can also expose the organization to the
possible threats. For instance, if the company is located in a
region that is prone of terrorists, there will be high chances of
terrorist attacks on the organization. Terrorism includes release
of toxic materials, bombing, fire, and information security
breach. Regardless of the type of risk, the behavior of the
employees can minimize the threats.
Types of Assets and Their Characterizations
The property in TSA is anything that is valuable to the
3. organization. The three primary assets in TSA are the human
resources, infrastructure, and data. The system was containing
the data and the infrastructure that links these systems are
critical assets to the organization. The support includes the AIT
machines that detect the objects with high density such as gels,
liquids, and powders that may pose a significant threat to the
organization's assets. The costs accompanying the
infrastructure, human resource and the company's data are also
a total asset to the team. All the assets mentioned above are
susceptible to the threats and should, therefore, be protected. In
the production environments of enterprises today, it is very
crucial to protect these assets.
Types of Interior and Exterior Threats
Internal Threats:
These are the risks that come within the system of the
organization (Lehtiranta, 2014). They may include malicious
employees and the non-malicious employees who make
mistakes. A malicious employee can log into the system through
his/ her personal server then share the information that is not
backed up then deletes all the information that is crucial to the
organization. Another internal threat can result from social
engineering whereby attackers get access to the organization's
network by exploiting information from the employees. Other
ways are through downloading malicious content from the
Internet. Similarly, information leakage can pose great threats
to the organization. Finally, internal threats can come from
mishandling of hazardous equipment such as electrical
appliances.
External Threats:
These are threats that originate from the outside network. They
can be from internet hackers, business competitors who would
want to sabotage the company and natural occurrences
(Lehtiranta, 2014). An unknown person or terrorist can
maliciously scan through the rooter of the organization's servers
4. and connect it to his/ her system then try out the password or
crack them to get access to the relevant information. The natural
external threats include computer database failure, airplane
crash, and release of hazardous materials, dam failure, power
outage, train derailment and urban fire.
Conclusion
With the emerging technology, the most susceptible asset to
threat is information due to technological failure. Data assets at
TSA should, therefore, be protected with an active security
management system. The company should also have the robust
risk management plan to mitigate other possible risks that may
occur as a result of natural occurrence or human-made prompts.
Organization Name and Address
TRANSPORTATION AND SECURITY ADMINISTRATION
(TSA)
Week 1: Threat and Risk Assessment Paper
Week 2: Vulnerability Paper
Week 3: Managing Vulnerabilities and Applying
Countermeasures Paper
Threat
Risk
PriorityRank
Vulnerabilities
Countermeasures & Cost
Probability
Criticality
Total
Cyber Attack
5. 6/10
7/10
13/20
1
Robbery
3/10
2/10
5/20
3
Fire
3/10
3/10
6/20
2
References
Leese, M. (2016). Governing airport security between the
market and the public good. Criminology & Criminal Justice.
Lehtiranta, L. (2014). Risk perceptions and approaches in multi-
organizations: A research review 2000–2012. International
Journal of Project Management.
Stewart, M. G., & Mueller, J. (2013). Terrorism risks and
cost‐benefit analysis of aviation security. Risk Analysis, 893-
908.