Proactive Security Protection of Critical Infrastructure: A Process Driven Methodology

Document Type

Book Chapter


IGI Global


Faculty of Computing, Health and Science


School of Computer and Security Science




This chapter was originally published as: Bailey, W. , & Doleman, R. G. (2012). Proactive Security Protection of Critical Infrastructure: A Process Driven Methodology. In Christopher Laing, Atta Badii and Paul Vickers (Eds.). Securing Critical Infrastructures and Critical Control Systems: Approaches for Threat Protection (pp. 54-81). Location: IGI Global.


The belief that a static alarm system will safeguard critical infrastructure without additional support mechanisms is misplaced. This complacency is no longer satisfactory with the increase in worldwide threat levels and the potential social consequences. What is required is a more proactive, comprehensive security management process that adds to the ability to prevent, detect, deter, respond, and defeat potential harmful events and incidents. The model proposed here is proactive and grounded upon current operational procedures used by major companies in hostile and dangerous environments. By utilising a clearly defined comprehensive risk management tool, a more systematic security, threat, risk, and vulnerability assessment (STRVA), process can be developed. This process needs to identify deliberate targeting of assets through multiple intelligence gathering capabilities, plus defeat testing to probe existing security defences. The consequence approach to a potential breakthrough is at the essence of this methodology.