Proactive Security Protection of Critical Infrastructure: A Process Driven Methodology
Faculty of Computing, Health and Science
School of Computer and Security Science
The belief that a static alarm system will safeguard critical infrastructure without additional support mechanisms is misplaced. This complacency is no longer satisfactory with the increase in worldwide threat levels and the potential social consequences. What is required is a more proactive, comprehensive security management process that adds to the ability to prevent, detect, deter, respond, and defeat potential harmful events and incidents. The model proposed here is proactive and grounded upon current operational procedures used by major companies in hostile and dangerous environments. By utilising a clearly defined comprehensive risk management tool, a more systematic security, threat, risk, and vulnerability assessment (STRVA), process can be developed. This process needs to identify deliberate targeting of assets through multiple intelligence gathering capabilities, plus defeat testing to probe existing security defences. The consequence approach to a potential breakthrough is at the essence of this methodology.