Physical Security Introduction 1
Physical Security Provides for the protection of property, personnel, facilities, and material against unauthorized entry, trespass, damage, sabotage, theft, or other criminal acts. 2
Basic Concepts Layered Security two or more security components protect the asset. 3
Layered Security or Defense in Depth 4
Outer-Perimeter Definition of Zones or Perimeters Work Outside - In Inner-Perimeter 5
Security Systems Collection of Various Components: Fences Lighting IDS CCTV Access Controls Arranged to be mutually supportive 6
Security Components Not limited to hardware: Policies and Procedures Training Programs Employees Security Staff 7
Security Tasks Components and procedures must be mutually supportive. Performing one or more of the three principle security tasks: 8
Delay The security component causes the potential aggressor to spend time trying to defeat the security system. 9
Delay Achieved by each component The more time spent by the Aggressor the more likely they will be DETECTED 10
Detect The awareness that a potential intrusion is taking place. IDS CCTV Security Officers 11
Response Without a response, delay and detection are meaningless. May involve: Police or Security dispatch Initiation of investigation or increase in surveillance Changes to policies and procedures 12
Mutual Support Without a DELAY capability, the chances of detection diminish significantly. Without a DETECTION capability, potential aggressors know they are unlikely to encounter any opposition. Without a RESPONSE capability, potential aggressors have little to fear and all the time in the world to complete their activities. 13
Fundamental Components Threat Assessment Security Survey Barriers Lighting Access Control Locks and Key Control Intrusion Detection Systems (IDS) Security Containers CCTV 14
Threat Assessment Flow Chart and Goals 15
Threat Assessment Involves identifying threats and assessing the risks associated with the threat if it were to occur in the target environment. Identifying threats and assessing risks are dependant on the characteristics of the target environment. 16
Threat Assessment Threat is an impending or potential danger. Risk = Probability - 1. The likelihood of a threat + occurring Criticality - 2.The degree of damage that can occur if the threat materializes. 17
List of Threats Arson Burglary Theft (Internal/External) Fire Explosion Medical Emergency Loss of power Sabotage Severe weather Assaults Violence Terrorism 18
Threat Assessment Probability determined by examining the history of events in/around the target: 911 Calls Crime data Internal reports Employee interviews Threats to similar businesses 19
Threat Assessment Criticality Specific Undesirable Consequences Loss of human life Loss of revenue Loss of vital equipment Loss of vital resources 20
Risk Assessment Matrix THREA Threat T Threat 1 Threat 2 3 Probabilit y Criticalit y Total 1 = unknown or minimal threat little loss 10= high likely hood of threat very high loss potential 21
Threat Assessment Goal: Identify the threats and associated risks, so that risk levels can be mitigated, or reduced, by employing security countermeasures. 22
Threat Assessment What is the terrorist threat in my community? Are there known terrorist or radical groups operating within my community? What are the ideologies of these groups? i.e. left-wing, right-wing, special interest etc. What are their grievances? 23
Threat Assessment What are the targets or events that may draw these groups to my community? Political rallies, sporting events etc. Identify potential targets by conducting a Target Analysis 24
Threat Assessment What is the intelligence saying? Terrorist and radical groups often disseminate edicts and manifestos, via their own websites, writings or news services. For some groups this noise is nothing more than proselytizing, but for others these messages may be operational directives or initiators for an operation. 25
Threat Assessment Have any unusual injuries or illnesses been reported? Many would be terrorists have been injured during the bomb making process. Terrorists may also become ill from handling biological or chemical weapons or radioactive materials. 26
Threat Assessment Have any unusual occurrences been reported? Terrorist groups may test their weapons or tactics. Prior to their attack on the Tokyo subway system the Aum Shirinko tested their Sarin gas in an apartment complex, but this event and the subsequent illnesses went unnoticed. 27
Threat Assessment Is there a rise in bomb threats, or false fire or burglar alarms? Terrorist groups and other criminal elements have been known to call in bomb threats or create false alarms in order to gather intelligence about response time and procedures of emergency personnel. Erick Rudolph studied the emergency response in the bombing of the abortion clinics, and then used this information to strategically place secondary devices intended for emergency response personnel. 28
Target Analysis Target analysis involves the identification of potential terrorist targets. With an understanding of the various terrorist ideologies and tactics potential targets can be identified. 29
Community Threat Assessment Goals Identifies high risk targets/assets and associated consequence values Opportunities to create community awareness Prioritizes security countermeasure expenditures 30
Target Analysis Governmental facilities such as: Utilities and critical infrastructure, particularly those whose disruption would have a dramatic impact on the public. Police stations Government buildings such a legislative or personnel offices Courts 31
Target Analysis Public and private companies involved such as: Companies heavily involved in the militaryindustrial complex, particularly those involved in the research and development of weapons systems and aircraft. Forest product companies Oil and natural gas companies Real estate developers Automobile manufactures and dealers Researchers who use live animals in their testing process 32
Target Analysis In examining potential targets it is important to ask such questions as: Has the company, organization or location ever been the target of a terrorist attack? Prior attacks at the particular location identified or at other company or organizational assets are the best indicator of future attacks. Has the company, organization or location been mentioned in a derogatory manner in any radical speeches, literature, or websites? Have similar companies, organizations or locations been targeted recently? 33
Security Survey A critical on-location evaluation of a business, home, or other facility. Anticipated threats determine the specific focus of each physical security survey. Goals: The goal of this evaluation is to determine the present security posture, identify possible shortfalls and vulnerabilities, and make recommendations. Other wise known as the Vulnerability Assessment. 34
Access Control Can be defined in any number of ways and can consist of many security procedures. Manual or Electronic Access Card Keys & Combinations Biometrics An access control system consists of multiple, integrated procedures that restrict the movement of personnel and materials into and out of facilities. 35
Intrusion Detection Systems Intrusion-detection systems (IDS) are designed to detect actual or attempted unauthorized entry, identify its location and signal a response with an alarm. IDS can: provide continuous surveillance over secure areas extend coverage into areas not usually accessible to guards. 36
IDS Objectives Allow only authorized individuals to enter and exit the facility. Prohibit the entry of contraband and other hazardous materials. Provide an organizational response to a wide variety of situations. 37
Barriers The perimeter is the front line of your security program. It may consist of a high fence topped with barbed wire or be little more than an imaginary line separating your property from a neighbor. Ideally, a perimeter should present both a psychological and a physical deterrent to potential aggressors. 38
Vehicle Barriers Road Blocker devices provide a very high degree of security for government or military installations when a vehicle must be stopped at an access point. These can have electrical or hydraulic operation, and numerous special features including a "fan-fold" unit that does not require excavation of the road surface. 39
Bollards Vehicle Barriers Can be operated manually, electrically, pneumatically, or hydraulically. Respond to a wide range of security specifications and design requirements 40
Bollards 41
Vehicle Barriers High Security Cable Crash Beams U.S. Navy test 10,000 pounds at 30 miles per hour Department of State test 15,000 pounds at 30 miles per hour. Standard unit up to 19 feet wide at opening Custom sizes available Designed for medium security facilities. Low maintenance, long term durability 42
High Security Cable Crash Beams 43
High Security Cable Crash Beams 44
Vehicle Barriers High Security Wedge Barriers Department of State certified 15,000 pounds at 40 miles per hour Barrier width of 9 feet covers standard road width Custom sizes available Response time is 3 seconds with 8 cycles per minute May be manually operated Shallow mount and portable unit available 45
Closed Circuit Television Loss of assets, criminal activity, and fear are a continuing cancer in modern society. Lawsuits often bloom under the label of "negligent security." 46
Integrated Systems A well-planned CCTV system can prevent vandalism and deter other crimes. CCTV can be used with other sensing systems to view remote locations. For instance, when integrated with smoke or temperature sensors, CCTV cameras can provide visual confirmation of a potential fire at a distant location. An intrusion alarm at a remote facility can now activate and "call up" a nearby camera. 47