SECURITY VULNERABILITY ASSESSMENT (SVA). Intellectual Property of Win Noor FAQ  What is Security Vulnerability Assessment (SVA)?  A process of identifying,

Slides:



Advertisements
Similar presentations
Security and Stockpile
Advertisements

/0403 Copyright ©2004 Business and Legal Reports, Inc. BLRs Safety Training Presentations Transportation Security TrainingPart II 49 CFR
Chapter 7: Physical & Environmental Security
David Cronkright Chuck Dudinetz Paul Jones Corporate Auditing The Dow Chemical Company February 16, 2012 Auditing Protection of Intellectual Property.
Secure Your Store Understand the measures used in securing a retail store.
Airport Security – Post 9/11
Computer Fraud Chapter 5.
Computer Fraud Chapter 5.
UNIT PHYSICAL SECURITY PLAN
FACILITY SAFETY: Creating a Safe and Secure Environment in the Community Health Center Presented by Steve Wilder, BA, CHSP, STS Sorensen, Wilder & Associates.
Presentation Retail Security Key Holding Mobile Patrols Access Control Systems Manned Security Receptionist CCTV Monitoring.
In-depth look at ISACS Stockpile Management: Weapons Photo: MAG.
“Why do we need Security”  Each business has unique security and safety needs, e.g. Inventory Shrinkage and Theft Personal Safety Break Ins Moving Your.
Copyright 2004 Foreman Architects Engineers School Security From Common Sense to High Tech.
Presented at the 2007 CUPA Conference by SRM Associates, Inc. PO Box Temecula, CA (951) Chemical Site Security and Chemical.
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.
Stephen S. Yau CSE 465 & CSE591, Fall Physical Security for Information Systems.
Microsoft Technology Associate
Chapter 17 Commercial Security. Commercial Enterprises  The following rely on private security:  Financial institutions.  Office buildings.  Public.
1 Perimeter Security System. 2 Performance Objectives 1. List the four key duty posts of the Perimeter Security System. 2. Explain the purpose of perimeter.
Physical Security SAND No C Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States.
TM Foundations of Real Estate Management BOMA International Module 5: Putting it All Together Security ® ®
Security Officer Training Course © 2008, Gerald T. Aitken.
Application Opportunity for Internet 0 in Risk Management Barry Wessler October 1, 2004.
Module 02: 1 Introduction to Computer Security and Information Assurance Objectives Recognize that physical security and cyber security are related Recognize.
A Secure Frontline September 25, 2003
Understanding Security Layers
Chapter 13 Security Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives State the major responsibility.
Physical Security By: Christian Hudson. Overview Definition and importance Components Layers Physical Security Briefs Zones Implementation.
Lockheed Martin Missiles and Fire Control
Chapter 15 Industrial Security. Loss Specific to Industry  Industrial losses frequently include:  Tools.  Materials.  Supplies.  Products.  Pallets.
Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.
(Customs & Trade Partnership
Presentation to: THEAMERICAN WATER WORKS ASSOCIATION OUR RESOURCES / OUR LIFE A STRATEGY FOR FACILITY PROTECTION By: Mark A. Graves, AIA DMJMH+N.
PANTHER SECURITY AND PRIVATE INVESTIGATION Security is degree of protection against danger, damage, loss and crime.
Chemical Facility Anti-Terrorism Standards Rudy Underwood Senior Director State and Grassroots American Chemistry Council.
“Integrating Property Management with Emergency Recovery” Ivonne Bachar, CPPM CF Director, Property Management Office Stanford University
Lesson 4 Physical Security - Motion Sensor - Passive Ultrasonic Sensor - Photoelectric System - Ultrasonic - Ultrasonic Motion Sensor - Vibration Sensor.
Physical (Environmental) Security
Viewing Information Systems Security. The basic objectives of Information Security are the same as the basic objectives of EDP auditing. They are: 1.To.
Site Security Policy Case 01/19/ : Information Assurance Policy Douglas Hines, Jr.
Certified Protection Officer Program. Chapter 1 Unit 1 Concepts and Theories of Asset Protection Pages 3-11.
Tennessee Baptist Site Security Training Course 3 Copyright Permission obtained from original author Gerald T. Aitken of Maybrook NY
Personnel & Equipment Implement Measures To Reduce Your Unit’s Vulnerabilities to Terrorist Acts/Attacks Figure 1.
The Need for Access Control & Perimeter Protection
1 GSA Public Buildings Service GSA Western Regions Client Enrichment Series Welcome to today’s presentation on: Security Charges the presentation will.
Physical Security By Nathan Conroy COSC Outline Purpose of physical security Two types of physical security Different types of security devices.
Access Control Jeff Wicklund Computer Security Fall 2013.
10. Security and Physical Protection Basic Concepts
Physical Security Ch9 Part I Security Methods and Practice CET4884 Principles of Information Security, Fourth Edition.
Automatic Data Capture  Process where many techniques are used to automatically collect data without need for manual entry. Manual entry has following.
Physical Security Brought to you By Brandon R. Crane.
The Physical Security in UTM NAWAF OMAR MAN Prof Hafiza Abas.
Physical Security at Data Center: A survey. Objective of the Survey  1. To identify the current physical security in data centre.  2.To analyse the.
Criminal Justice Intro to Security, Instructor Name Date, Semester Chapter 4: PHYSICAL SECURITY: STRUCTURAL, ELECTRONIC, AND HUMAN PROTECTION SYSTEMS.
Unit 1: Protecting the Facility (Virtual Machines)
Chapter 9 Security and Safety. I. Security: An Overview A. SECURITY DEFINED B. SECURITY OBLIGATIONS 1. Foreseeable Harm A landlord’s duty to take security.
Risks and Hazards to Consider Unit 3. Visual 3.1 Unit 3 Overview This unit describes:  The importance of identifying and analyzing possible hazards that.
Information Systems Security
Internship Saudi Aramco Security System Maintenance Division
Physical Security Governance Model
TWIC Training & Maritime Security Awareness
Vessels and Facilities that are Temporarily Out of Service or Laid-up
Understanding Security Layers
Objectives Telecommunications and Network Physical and Personnel
Welcome Rakshak Group of Companies Rakshak Security Services & Systems Pvt. Ltd. Pilot Project for Security Training Centre.
Physical Security.
Managing the IT Function
Presentation transcript:

SECURITY VULNERABILITY ASSESSMENT (SVA)

Intellectual Property of Win Noor FAQ  What is Security Vulnerability Assessment (SVA)?  A process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a security system.  Is it the same with Security Audit?  No, Security Audit focuses on discrepancies in the implementation of Security System; while Security Vulnerability Assessment focuses on the review of the Security System itself.  Is it similar with Security Risk Management?  SVA is a part of Security Risk Management. SVA is the most well-known form of Security Risk Analysis.

Intellectual Property of Win Noor Steps: Security Vulnerability Assessment   Identify Asset   Observe the Environment   Identify Threats   Identify Existing Countermeasures   Calculate risk   Generate alternatives of action

Intellectual Property of Win Noor Identify Asset   Things of value  Needs to be protected:  Tangible   Cash   Document,   Equipment,   Goods,   Personnel/Manpower   Premises/Building,   Vehicle  Intangible  Life,  Health,  Process  Image

Intellectual Property of Win Noor Observe the Environment   Macro Environment  Employment Rate,  Socio-Economic Conditions,  Crimes trends  Crimes occurring to similar industry,   Micro Environment  Demography,  Culture,  Local Socio-Economic issues,  Life-style,  Conditions of Adjacent areas  Crime occurring in the area

Intellectual Property of Win Noor Identify Threats   What can happen ?   When it can happen?   Where it can happen?   Who can make it happen?   Why it can happen?   How it can happen?

Intellectual Property of Win Noor Types of Security Threats ThreatCASHDOCEQUIPGOODPERSPREMISEVEHICLEOPS ABDUCTION ARSON ASSAULT BLACKMAIL BOMB HOAX BRAWL BREAKING AND ENTERING DECEPTION EMBEZZLEMENT ESPIONAGE EXTORTION FORGERY

Intellectual Property of Win Noor Types of Security Threats ThreatCASHDOCEQUIPGOODPERSPREMISEVEHICLEOPS FRAUD HIJACKING HOSTAGE SITUATION INTIMIDATION MISAPPROPRIA TION SABOTAGE SHOPLIFTING TERRORISM THEFT TRESPASS VANDALISM

Intellectual Property of Win Noor Identify Existing Security Countermeasures   Elements of Security Countermeasures  Deter  Delay  Detect

Intellectual Property of Win Noor Security Management System Security System Physical Protection Electronic Protection Security Manning Procedural Protection

Intellectual Property of Win Noor Security Management System MANPOWER PERIMETER & ACCESS CONTROL PROCEDURES & STRATEGIES ELECTRONIC DEVICE & SUPPORTING EQUIPMENT SECURITY MANAGEMENT SYSTEM (SEMS)

Intellectual Property of Win Noor Manpower   Requirements/Competence for Manpower   Sentry Guards and Distribution   Law Enforcement   Intelligence   Internal Audit / Business Ethics Compliance

Intellectual Property of Win Noor Perimeter Security and Access Control   Security Fencing Equipped/Capped with Barbed Wire or Razor Wire   Limiting number of Access Points   Limiting personnel provided with access   Types of checks on Access Points   Illuminations   Security Watch Towers   Waste Disposal   Windows   Emergency Doors

Intellectual Property of Win Noor Procedures and Strategies   Recruitment Screening Procedures   Access Control Procedures   Body Search Procedures   Patrol Procedures   Key Management   Crime Trend Analysis (as basis to determine strategies)   Deterrence Strategies   Detection Strategies

Intellectual Property of Win Noor Electronic Device and Supporting Equipment General Classification  Access Control Device  Detection Device  Non-Lethal Weapon and Protective Equipment

Intellectual Property of Win Noor Pedestrian Access  Identification  Electronic  Keypad/PIN  Swipe-Card  Magnetic-Card  Proximity System  Biometric  Finger-print  Voice Identification  Retinal and Iris Scan

Intellectual Property of Win Noor Vehicle Access  High Security Rising Barriers  Short And Medium Range Rising Barriers  Short And Medium Range Rising Barriers

Intellectual Property of Win Noor Vehicle Access Cont’)  Rising Bollard  Road Blocker

Intellectual Property of Win Noor Pedestrian Access  Tripod Turnstiles  Automatic Gates

Intellectual Property of Win Noor Pedestrian Access (cont’)  Speed Doors  Speed Doors  Full Height Turnstiles  Full Height Turnstiles

Intellectual Property of Win Noor Pedestrian Access (cont’)  Man Trap Doors/ Lock Gates

Intellectual Property of Win Noor Detection Device  Detection on pedestrian and vehicle access  Door/Window Intrusion Detection  Perimeter Intrusion Detection  Area Intrusion Detection

Intellectual Property of Win Noor Detectors - Access  Handheld Metal Detectors  Walkthrough Metal Detectors  Bomb Detectors (=Sniffer)

Intellectual Property of Win Noor Door/Window & Indoor Intrusion Detection  Ultrasonic Sensor  Passive Infrared

Intellectual Property of Win Noor Door/Window & Indoor Intrusion Detection (cont’)  Photo-Electric Beam  Microwave Sensor

Intellectual Property of Win Noor Door/Window & Indoor Intrusion Detection (cont’)  Magnetic Contact  Glass Break

Intellectual Property of Win Noor Outdoor Intrusion Detection Buried Line  Seismic Pressure  Magnetic Field  Ported Coaxial cable  Fiber Optic cable

Intellectual Property of Win Noor Outdoor Intrusion Detection (cont’)  Video Motion Detection  Bistatic Microwave

Intellectual Property of Win Noor Outdoor Intrusion Detection (cont’)  Passive Infrared  Active Infrared

Intellectual Property of Win Noor Perimeter Intrusion Detection  Sensor cables  Microwave Barrier

Intellectual Property of Win Noor Tracker  GSM/GPRS Tracker  Geo-Fence

Intellectual Property of Win Noor Visual Aids  Thermal Imaging / Flash Termo Sight Vision  Infra Red Night Vision Goggles

Intellectual Property of Win Noor Explosive  Blast Wall

Intellectual Property of Win Noor Non Lethal Weapon  Expandable Baton  Point-Blank Tazer

Intellectual Property of Win Noor Non Lethal Weapon  Pepper Gun  Long-Range Tazer

Intellectual Property of Win Noor Protective Equipment  Stab-Proof Vest

Intellectual Property of Win Noor Group Discussion   Discuss on specific types of security countermeasures based on categories (Manning, Access Control & Perimeter Security, Electronic Device, Procedures & Strategies) and element types of each countermeasure applicable for certain types of threats

Intellectual Property of Win Noor Discussion Sheet ThreatCountermeasureDominant Element

Intellectual Property of Win Noor Threat versus Countermeasure   Is it still possible for threat to succeed with the existing countermeasure?   Example: External Theft   Perimeter Fencing   Sentry Guards   Intelligence   CCTV   Motion Sensor Device   Access Control Device

Intellectual Property of Win Noor Threat versus Countermeasure (cont’)   Example: Embezzlement   Background Check / Screening   Life-Style Check   Internal Auditing   Business Ethics Agreement   CCTV in cash vault   After all the existing countermeasures, how high is the possibility for the threat to succeed?   Use of Professional Judgment

Intellectual Property of Win Noor Risk Calculator

Intellectual Property of Win Noor Generating Alternatives for Action  Root-Cause Analysis  Information Collection  Analysis  Testing / Verification

Intellectual Property of Win Noor RCA: Information Collection  To find the facts on an event, issue, and/or condition. Not (yet) to find the cause, whose fault, or what should have happen  To find signs or symptoms of the event, issue, and/or condition.

Intellectual Property of Win Noor RCA: Analysis  What factors causes the event, issue, and/or condition?  Are there more than one factors influencing the event, issue, and/or condition?  Why? Why? Why? Why? Why?

Intellectual Property of Win Noor RCA: Testing/Verification  To ensure that the result from the analysis is (close to) accurate.  How?  Re-Analyze  Group Analysis  Run through your colleagues, subordinates, or superiors.

Intellectual Property of Win Noor SVA Exercise GROUND RULES!  Think like a criminal!!!  Don’t just believe what your source (from the Assessment Object) tells you. Verify!  Keep yourself an open mind!

Intellectual Property of Win Noor SVA Exercise ASSET IDENTIFICATION  Cash  Document/Information  Equipment  Goods/Inventory  Personnel  Premises/Building/Plant  Vehicle  Business Process/Operations/Activities

Intellectual Property of Win Noor SVA Exercise (cont’)  IDENTIFING THREATS AND MEASURING LIKELIHOOD TO OCCUR: MACRO ENVIRONMENT  General Perception towards line of business  Threats toward similar business operations

Intellectual Property of Win Noor SVA Exercise (cont’)  IDENTIFING THREATS AND MEASURING LIKELIHOOD TO OCCUR: MICRO ENVIRONMENT  Neighboring Area  Organizations and Gatherings in the Neighboring Area  Adjacent Buildings and Land  Community Perception towards Assessment Object  Crime trends and rate  Traffic and Road condition  Closest emergency services and response time

Intellectual Property of Win Noor SVA Exercise (cont’)  IDENTIFING THREATS AND MEASURING LIKELIHOOD TO OCCUR: MICRO ENVIRONMENT (cont’)  Personnel  Quantity  Education Background  Life-Style  Security Awareness  Recruitment Process  Distribution (Location, Work-Shift, Crowded or Scarce)  Work-Shift  History of Identified Internal Crime  Location of Asset  Company Culture and Implementation of Business Ethics  Implementation of Internal Audits towards Departments and Contractors

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW   Perimeter   Single/Multiple Perimeter Wall/Fence   Wall/Fence type   Climbable/Penetrable   Adjacent Tree/Pole   Waste/Water Disposal Access   Security Watch Towers   Illumination   Intrusion Detection Device (CCTV, Sensors, IR, Microwave)   Patrol

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW (cont’)   Pedestrian Access Points (Regular and Emergency Doors)   Sentry Guards and competence   Climbable/Penetrable   Illumination   ID verification   Intrusion Detection Device (CCTV, Motion Detection)  Visitor Access Procedure  Body Search Procedure  Bag/Carried Item Procedure  Metal Detector  X-Ray  Sniffer

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW (cont’)   Vehicle Access   Sentry Guards and competence   Penetrable (availability of Barrier, Speed Bumper, Road Blocker, or Bollard)   Illumination   ID verification   Intrusion Detection Device (CCTV)  Visitor Access Procedure  Vehicle Search Procedure  Bag/Carried Item Procedure  Metal Detector  Vehicle Inspection Mirror  Sniffer

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW (cont’)   Internal Pedestrian Access Points   ID verification (manual or electronic)   Penetrable (locks, type of door, hinges)   Illumination   Intrusion Detection Device (CCTV)  Visitor Access Procedure   Windows   Penetrable (type of glass, hinges)   Illumination   Intrusion Detection Device (Glass Break, IR, Microwave, CCTV)

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW (cont’)   Corridors and Office Areas   Patrols   Illuminations   Intrusion Detection Device during off-work times (IR, Microwave, CCTV)   Security Awareness of employees   Walls and Partitions   Employee Population (Dense/Scarce)   Key Management   Clean Desk Policy   Locks for Document Storage   Document Labeling and Records   Waste Disposal Management  Caller ID

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW (cont’)   Open Areas   Patrols   Illuminations   Intrusion Detection Device (Buried Line, IR, Microwave, CCTV)   Security Watch Towers   Limited Access Office Areas   Locks and/or ID verification   Key Management   Intrusion Detection Device (IR, Microwave, CCTV)   Waste Disposal Management  Access Permit Authorization Procedures  Access Logs

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW (cont’)   Employee   Screening   Life-Style   Company Culture and Implementation of Business Ethics   Security Awareness Program   Work Environment   Office Politics   Vehicle   Driver Requirements and Recruitment Process   Trackers   Locks   Intrusion Sensors and Alarms   Glass and Exterior Protection

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW (cont’)   Storage Areas   Sentry Guards and competence   Locks and/or ID verification for Limited Access Areas   Incoming-Outgoing Procedures   Incoming-Outgoing Records/Logs   Illuminations   Inspections and Monitoring Procedures   Internal Audits   Intrusion Detection Device during off-work times (IR, Microwave, CCTV)   Cash-In-Transit   Escort   Randomized Schedule   Insurance   Armored Vehicle, or contracted service

Intellectual Property of Win Noor SVA Exercise (cont’) SECURITY COUNTERMEASURE OVERVIEW (cont’)   Community  Community Development Programs  Intelligence/Information Gathering Programs  Deterrence Strategy  Community Security Involvement

Intellectual Property of Win Noor SVA Exercise: Threat Identification and Related Countermeasure AssetThreatCountermeasure

Intellectual Property of Win Noor SVA Exercise: Threat Identification and Related Countermeasure (cont’) AssetThreatCountermeasure

Intellectual Property of Win Noor Risk Calculation: ThreatTarget Likelihood To Occur Likelihood To Succeed ConsequenceRisk

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.