The document is a chapter from a book on industrial security management. It introduces the concept of security, defining it as protection from danger, risk, or loss. It discusses related concepts like assets, risks, threats, and vulnerabilities. It outlines categories of security such as physical, personnel, document, and technical security. It notes the importance of security management in organizations and the role of private security agencies.
The Dangers of Cigarette Smoking - MAPEH 8 (Health 4th Quarter)Carlo Luna
HEALTH Unit 4: Prevention of Substance Use and Abuse
Lesson 1: The Dangers of Cigarette Smoking
This material is designed to inform your students about the dangers of cigarette smoking and teach them the various strategies to prevent substance use and abuse.
The Dangers of Cigarette Smoking - MAPEH 8 (Health 4th Quarter)Carlo Luna
HEALTH Unit 4: Prevention of Substance Use and Abuse
Lesson 1: The Dangers of Cigarette Smoking
This material is designed to inform your students about the dangers of cigarette smoking and teach them the various strategies to prevent substance use and abuse.
This presentation simplifies Cloud, Cloud Security and Cloud Security Certifications. This includes the following:
- Understanding Cloud
- Understanding Cloud Security using the Risk Management and Cloud Security Control Frameworks
- Cloud Security Certifications
- Key Definitions
This presentation simplifies Cloud, Cloud Security and Cloud Security Certifications. This includes the following:
- Understanding Cloud
- Understanding Cloud Security using the Risk Management and Cloud Security Control Frameworks
- Cloud Security Certifications
- Key Definitions
Educate those in leadership positions about the importance in commissioning regular independent Security Risk Assessments. As Security Advisors, it’s a continuous challenge to change the existing perceptions of CEOs/MDs. Alwinco, Security risk, Crime, Security Risk Assessment is an in-depth investigation into the security risk.
[CB16] Using the CGC’s fully automated vulnerability detection tools in secur...CODE BLUE
End-user’s requirements for secure IT products are continually increased in environment that are affected directly to human life and industry such as IoT, CPS. Because vendors and end-user sell or buy products based on trustworthy or objective security evaluation results, security evaluation roles are important. Security Evaluations are divided to two parts, one is evaluation on design level such as ISO/IEC 29128(Verification of Cryptographic Protocols) and another one is post-implementation level such as ISO/IEC 15408(Common Criteria). These security evaluation standards, both ISO/IEC 29128 and ISO/IEC 15408, advise to use formal verification and automated tools when high assurance level of target products is required.
For a long time, vulnerability detection using automated tools have been tried and studied by many security researchers and hackers. And recently, the study related to automated vulnerability detection are now more active than ever in hacking community with DARPA’s CGC(Cyber Grand Challenge). But, too many tools are developed continually and usually each tool has their own purpose to use, so it’s hard to achieve ultimate goal of security evaluation effectively and verify evaluation results.
Furthermore, there are no references for categorizing about automated tools on perspective of security evaluations. So, in this presentation we will list up, categorize and analyze all of automated tools for vulnerability detection and introduce our result such as pros and cons, purpose, effectiveness, etc.
-- InHyuk Seo
My name is Inhyuk Seo(Nick: inhack). I graduated B.S. in Computer Science and Engineering at Hanyang University(ERICA) in 2015. Now I’m a researcher and M.S. of SANE(Security Analaysis aNd Evaluation) Lab at Korea University. I’m interested in Programming Language, Software Testing, Machine Learning, Artificial Intelligence.
In 2012, I completed high-quality information security education course “the Best of the Best(BoB)” hosted by KITRI(Korea Information Technology Research Institute) and conducted “Exploit Decoder for Obfuscated Javascript” Project.
I participated in many projects related with vulnerability analysis. I conducted “Smart TV Vulnerability Analysis and Security Evaluation” and “Developing Mobile Security Solution(EAL4) for Military Environment ”. Also, I participated in vulnerability analysis project for IoT products of various domestic tele-communications.
-- Jisoo Park
Jisoo Park graduated with Dongguk University B.S in Computer science engineering. He participated in secure coding research project in Programming Language Lab and KISA(Korea Internet & Security Agency). He worked as a software QA tester at anti-virus company Ahnlab. He also completed high-quality information security education course “Best of the Best” hosted by KITRI(Korea Information Technology Research Institute) and conducted security consulting for Car sharing service company.
Now, Jisoo Park is a
Organizational Security Culture : A New Business Paradigm by JMSupan 2019JOEL JESUS SUPAN
The is is a concept that will guide organizations on how to make their employees become instruments in protecting company resources in thoughts words and deeds.
In this article I will provide an Overview of A new Information Security Management System
Standard ISO/IEC 27001:2013 , The new standard just Published from a few Days Earlier .
ISO/IEC 27001:2013 Provides requirements for Establishing, Implementing, Maintaining
and Continually Improving an Information Security Management System.
ISO/IEC 27001:2013 gives Organization a Perfect Information Security management framework for implementing
and maintaining security.
In this Article, I tried to shed some light on new standard and its Mandatory Requirements, Optional Requirements ,
Structure , Benefits , Certification Process and Estimated time for Implementation and Certification.
Top-Rated Professional Security Services for Comprehensive Protection.pdfprivate security
Discover top security services in London that provide comprehensive protection for your home, business, or event. Our expert team ensures your safety with state-of-the-art solutions. Get peace of mind today!
Information security management best practiceparves kamal
ISO 17799 is an internationally recognized Information Security Management Standard, first published by the International Organization for Standardization, or ISO (www.iso.ch), in December 2000.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
3. Copyrighted Material.
Industrial Security Management
First Edition
Philippine Copyright, 2013
By: ChapterHouse Publishing Incorporated
All Rights Reserved.
The text of this book or any part hereof, may not be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including copying, recording, storage in any informational retrieval
system, or otherwise, without the prior written permission of the
publisher.
Any unauthorized copying, reproduction, or dissemination of any
portion of this book shall be prosecuted in accordance with law.
Published and Distributed by:
ChapterHouse Publishing Incorporated
Novaliches, Quezon City
Edited by:
The English Factor
www.englishfactor.com
“Providing international-quality editorial services at reasonable costs.”
ISBN: 978-971-95775-2-2
4. Copyrighted Material.
T
ABLE OF CONTENTS
DEDICATION V
PREFACE VII
PART ONE:
FUNDAMENTALS OF SECURITY
1
Chapter 1: The Concept of Security
3
Definitions of Security
4
Related Concepts 5
Categories of Security 5
7
Security Management in Organizations
Chapter 2: History of Security
9
Historical Roots of Security 9
Security in Philippine History 10
Security in the Present Time
11
Chapter 3: Legal Context of Security
Universal Declaration of Human Rights
1987 Constitution of the Republic of the Philippines
The Revised Penal Code (RA 3815)
Private Security Agency Law (RA 5487 as Amended)
Presidential Decree No. 1919
(Amending RA 5487 and Pd 100)
Presidential Decrees No. 11 and No. 100
(Amending RA 5487)
13
13
14
15
15
16
16
5. Copyrighted Material.
PART TWO: CATEGORIES OF SECURITY
17
Chapter 4: Physical Security
19
Principles of Physical Security 20
Factors in Selecting Security Safeguards
20
Physical Barriers 21
Advantages of Physical Barriers
22
Purpose of Physical Barriers 22
General Types of Physical Barriers
22
Other Types of Physical Barriers
22
First Line of Defense: The Perimeter Barrier
23
Purpose of the Perimeter Barrier
23
Types of Perimeter Barriers
24
Second Line of Defense: Building Exteriors
27
Roofs 27
Exterior Walls 27
Concrete Structures 28
Floors 28
Interior Walls 29
Ceilings 29
Doorways 30
Windows 31
Other Openings 32
Third Line of Defense: Interior Controls
32
Locks 33
Telephone Entry Systems 33
Identification Systems
34
Protective Alarm Sensors
34
Protective Lighting 35
Purpose of Protective Lighting
35
General Characteristics of Protective Lighting
36
Types of Protective Lighting
36
Chapter 5: Personnel Security
Purpose of Personnel Security:
Pre-Employment Screening
Pre-employment Screening Policy Checklist (CPNI, 2011)
Application Form
Interviews
Identity Verification
Qualification and Employment Checks
Media Searches
Ongoing Personnel Security during Employment
Purpose of Ongoing Personnel Security (CPNI, 2010)
Importance Ongoing Personnel Security
Security Training and Awareness
Addressing Behaviors of Concern
Controlling Employee Access
Screening for the Insider Threat
39
41
41
42
43
43
43
45
46
46
47
47
48
49
49
50
6. Copyrighted Material.
Exit Procedures 50
The Exit Interview 53
Chapter 6: Document and Information Security
55
Types of Documents
56
Factors to Consider 57
Stages of Information Cycle 57
Characteristics of Information 58
60
Sensitive Information
Classification of Sensitive Information
60
Proprietary Information
61
Information Security Measures
62
PART THREE: TECHNICAL SECURITY MANAGEMENT
65
Chapter 7: Security Survey and Inspection
67
The Security Survey
67
Importance of Security Survey
68
The Value of a Security Professional
70
Security Inspection 70
Purpose of Security Inspection
71
Phases of Security Inspection 71
Importance of Security Inspection
71
Steps in a Security Inspection
72
Safety Inspection 72
Objectives of Safety Inspection
72
Purpose of Safety Inspection 72
Phases of Safety Inspections 73
Importance of Safety Inspection
73
74
Steps in Safety Inspection
Security Survey Format 75
Security Inspection Report Format
77
Industrial Security Survey Checklist
78
Chapter 8: Security Risk Analysis
89
Security Analysis 90
Defining the Problem
90
Security Hazards 93
Types of Hazards 93
Major Risks
94
Risks Management Alternatives and Strategies
95
Chapter 9: Security Investigation
97
Elements of Investigation 98
The Three I’s of Investigation
98
Purpose of Investigation 99
Qualities of Effective Investigation
99
7. Copyrighted Material.
Characteristics of a Successful Investigator
100
Systematic Approach to an Investigation
101
Guidelines in Investigation 102
Investigation Report 103
Purpose of the Investigation Report
103
Qualities of an Investigation Report
104
Parts of the Report
104
Sample Report Format 105
Incident-Type Investigation/Complaint-Type Investigation
106
Sequence of Investigative Leads 107
Interrogation and Interview 108
Interview of Non-Hostile Informants
108
The Interrogator and the Science of Psychology
108
Interrogation of Suspected Individuals
109
Types of Suspects in Terms of Attitude and Personality
110
Different Interrogation Schemes 110
Interrogation Proper 111
PART IV: SECURITY AGENCY MANAGEMENT
113
Chapter 10: Management and Planning
115
MANAGEMENT IN GENERAL AND PLANNING FUNCTION
116
Security Management and Cost Effectiveness
116
Security Planning
116
Development of Security Polices
117
Illustrations of Security Policies
117
Operating Level Policies 118
FINANCING 118
BUDGETING 118
The Process of Budgeting 118
119
Budget Costs and Justification
ORGANIZING 119
Organizational Relationship 120
Organizational Principle 120
Reporting Levels 121
Typical Security Organization 121
The Agency Operator/Security Director
121
STAFFING AND ADMINISTRATION
122
Ranks and Positions 122
Staffing Pattern
123
Position Standards
124
Hiring
124
Training and Professional Development
125
Discipline 125
Appraisal of Results 125
Promotions 125
Morale and Welfare
126
Communication
126
Some Management Principles
126
8. Copyrighted Material.
Chapter 11: Implementation, Problem-Solving and
Audit/Inspection 129
Program Implementation 130
Top Management’s Responsibility
130
Involvement of Others 130
Setting Priorities and Meeting Schedules
130
Drills and Rehearsals 130
130
Validation and Updating of Plans
Program Evaluation 131
Problem Solving and Decision-Making
131
Problem Solving Techniques 131
Some Pitfalls in Decision Making
132
Factors Affecting a Decision 132
Security Audit/Inspection 133
Rationale for Security Audit 133
Conduct of the Audit
134
Formal and Informal Security Audit
134
Structured and Unstructured Audit
134
Ascertaining Compliance
134
Chapter 12: Security Personnel
137
DEFINITION 138
Types of Security Guards 138
Advantages and Disadvantages of
Company Guards versus Agency Guards
139
GENERAL FUNCTIONS OF A SECURITY GUARD
140
Categories of Private Security Training
140
Qualifications, Functions and Attributes
141
Powers and Duties of Security Guard
143
Functions of a Private Detective
144
Functions of Security Supervisor from the
Security Guard’s Point of View
145
Functions of Security Supervisor from the
Management Point of View
145
Duties during Strikes and Lockouts
145
Attributes of Security Guard/Private Detective
146
Desirable Qualities of Security Guard
147
Desirable Qualities of Security Supervisor
147
Basis for Disqualification
149
Grounds for Cancellation of Security Guard License
149
Private Security Agency Law (RA 5487 as amended)
150
Organization 150
Management 151
Operations
154
Limitations and Prohibitions
156
Administrative Sanctions 158
9. Copyrighted Material.
Chapter 13: CODE OF ETHICS AND CONDUCT
PRIVATE SECURITY AGENCIES
Private Security Agency’s Creed
Ethical Standards for Private Security Agencies
Code of Conduct for Private Security Agencies
SECURITY GUARDS
Security Guard’s Creed
The 11 General Orders for Security Guards
Code of Ethics for Security Guards
Code of Conduct for Security Guards
161
161
161
161
162
164
164
165
166
167
Chapter 14: GUARD FORCE ADMINISTRATION
171
Leadership and Command 172
Leadership: the Concept 172
Goals of a Leader 173
Types of Leadership 173
Leadership Traits 173
Leadership Principles 175
Leadership Indicators 175
Operations
176
Administration
176
Technical Services 177
GLOSSARY OF TERMS 179
BIBLIOGRAPHY 185
IMAGE CREDITS 187
11. Copyrighted Material.
The Concept of Security
CHAPTER 1
THE CONCEPT OF SECURITY
Learning Objectives
At the end of this chapter, the student will be able to:
•
Define security
•
Explain the concepts of asset, risk, threat and vulnerability
•
Enumerate the categories of security
•
Discuss the importance of private security in organizations
Security is important to everyone. It is important to individuals
such as a homeowner who wants to protect valuable items in his
house, a parent who does not want her child to be harmed while in
school, an employee who wants to save for a comfortable retirement,
or an online shopper who wants to purchase a gadget via the internet.
It is also important to private companies such as a jewelry store
that keeps diamonds in storage, a law firm that holds incriminating
evidence against a drug lord, or an internet company that requires
personal information and passwords from its users. Of course, it is
also very important to governments that maintain military forces, use
intelligence services, legislate civil defense policies, and implement
emergency preparedness measures to serve and protect its citizens.
2
12. Copyrighted Material.
3
INDUSTRIAL SECURITY MANAGEMENT
Definitions of Security
The word secure is derived from the Latin securus which means
“safe” or “without care,” or from se cura, wherein se means “free from”
and cura means “care.”
To be secure could mean many different things. It could mean
being free from danger, risk, injury, fear, trouble, doubt or anxiety.
Being secure could also refer to being dependable, strong, good,
impregnable or inviolable. Or simply, it could mean having peace of
mind.
Security can be defined as the degree of protection or resistance
against harm, danger, loss, and criminals. As a form of protection, it
includes structures and processes that provide or improve security as
a condition.
The Institute for Security and Open Methodologies (ISECOM)
is an open community and a non-profit organization that published
in 2001 the Open Source Security Testing Methodology Manual
(OSSTMM), a peer-reviewed manual of security testing and analysis.
OSSTMM 3 was released in 2010, defining security with the following
explanation:
“For a threat to be effective, it must interact either
directly or indirectly with the asset. To separate the
threat from the asset is to avoid a possible interaction.
Therefore it is possible to have total (100%) security if
the threat and the asset are completely separated from
each other. Otherwise what you have is safety of the
asset which is provided by the controls you put on the
asset or the degree to which you lessen the impact of
the threat.
For example, to be secure from lightning, one
must move to where lightning can’t reach such as deep
in a mountain. Threats which can’t be separated from
the assets must be made safer so that their interactions
and any effects from interactions do little or no harm. In
this same example, to be safe from lightning, one must
stay indoors during storms, avoid windows or other
openings, and use lightning rods on the roof. Therefore,
under the context of operational security, we call
security the separation of an asset and a threat and
safety the control of a threat or its effects” (ISECOM,
2010, emphasis supplied).
13. Copyrighted Material.
The Concept of Security
Related Concepts
Understanding the concept of security requires further
definition of other related concepts such as asset, risk, threat and
vulnerability.
An asset is anything tangible or intangible that is capable of
being owned or controlled to produce value. If it has positive economic
value, it is considered an asset. Or more simply, if its value can be
converted into cash, it is an asset (Sullivan & Sheffrin, 2003).
Risk is the uncertainty of financial loss, the probability that
a loss has occurred or will occur, the variations between actual and
expected results, or the possible occurrence of an undesirable event.
The end result of risk is loss or a decrease in value (Sennewald, 2003).
Threat and vulnerability are sometimes interchangeably used
with risk. A threat is anything that could adversely affect assets; it can
be classified into natural hazards (such as floods), accidents (chemical
spills), or intentional acts (domestic or international terrorism).
Vulnerability means weakness, flaw, or virtually anything that may
conceivably be exploited by a threat; examples are holes in a fence,
an out-of-date key system or the introduction of a computer virus
(Sennewald, 2003).
Categories of Security
The concept of security is so wide that categorization is
necessary for better understanding and analysis. The three main
categories covered in this book include:
1. Physical Security - pertains to all physical barriers employed
or installed to secure assets
2. Personnel Security - refers to the procedure followed,
inquiries conducted, and criteria applied to determine the
work suitability of a particular applicant or the retention of
a particular employee
3. Document and Information Security - refers to policies,
regulations, doctrines, and practices enforced to safeguard
the contents and integrity of any classified information or
document from compromise or loss
4
14. Copyrighted Material.
5
INDUSTRIAL SECURITY MANAGEMENT
The three main categories enumerated will be discussed more
lengthily in Part Two of this book.
Political security is another category that relate to social
relationships involving governments or entities that hold authority
or power. This includes issues of security in the public, national or
international level, as enumerated below.
1. Public security refers to the way governments are ensuring the
protection of its citizens, organizations and institutions against
threats to their well-being, as well as maintaining the general
security and peace in public places. This includes security
against problems that have a direct impact on people’s lives,
such as gang violence, cybercrime, or trafficking of illegal drugs
and firearms.
2. National security is the requirement to maintain the survival
of a state through the use of economic power, diplomacy,
and political power. Security threats include military foes from
other nations, big drug cartels, or even national disasters that
cause severe environmental damage.
3. International security consists of the measures taken by nations
and international organizations to ensure mutual survival
and safety. Examples of measures are military actions and
diplomatic agreements.
In the private sphere, security can be even further categorized,
as shown below.
1. Industrial security is a form of physical security involving
industrial plants and business enterprises. This involves
the safeguarding of personnel, processes, properties and
operations.
2. Bank and armor security involves the protection resulting from
the application of various measures which safeguards cash
and assets in storage, in transit, or during transaction.
3. Hotel security involves using various measures of protection
for the guests, personnel properties and functions in hotels,
restaurants, bars and clubs.
15. Copyrighted Material.
The Concept of Security
4. V.I.P. security involves the protection of top-ranking officials
of the government, visiting persons of illustrious standing and
foreign dignitaries.
5. Operational security involves the protection of processes,
formula, patents and industrial and manufacturing activities
from espionage, infiltration, loss, compromise or infringement.
6. Communication security involves the safeguard resulting from
the application of different measures which prevent or delay the
enemy or unauthorized person from gaining information through
communication including transmission and cryptographic.
7. Mall/commercial security is the degree of protection against
danger, loss, and crime inside malls. As a form of protection,
it refers to systems, structures and processes that provide or
improve mall security as a condition.
Security Management in Organizations
Security management has become an essential feature of
corporate activity; there is almost no organization without a team
dedicated to managing issues of security. We usually see shopping
malls, entertainment venues and banks policed by private armies
which we call security guards. The presence of these uniformed staff
represents the company’s ability to respond to or deter threats. This,
however, is only part of the security measures employed by companies
against threats posed by opportunistic criminals, its rival organizations,
or even its own saboteur employees. Other security measures may
include the installation of CCTVs, sophisticated alarm systems, policies
against workplace bullying and harassment, employee screening,
emergency planning, and other measures that enable individuals and
organizations to carry on with their business free from danger.
Indeed, security has a policing function in organizations. In fact,
illegal practices in the workplace have become an established theme
in criminology studies. These crimes involve not only the robberies
and shootouts inside malls or kidnappings in schools that we hear in
the news. It involves high-stakes corporate crimes such as tax evasion
and money laundering, fraud, bribery, workplace harassment, or even
those similar to street crimes such as thieves sneaking inside offices.
With corporate crime becoming a growing area of concern, the
increasing role of private security in crime prevention is becoming more
evident. This further highlights the need for increased competence and
6