Kenneth Christopher’s book entitled Port Security Management covers a wide range of port security topics including the importance of a well planned layered security / layered defense plan for any port security plan. Below is an excerpt from the Chapter entitled: “Systemic Measures for a Secure and Viable Port Facility,” detailing the merits of a layered security approach.

The role of security at port facilities is driven by two imperatives: (1) developing measures aimed at neutralizing vulnerability to criminal activity and security threats, and (2) affecting the nexus between the port and those who would commit crime and terrorism. Key to this effort is developing a layered approach to security, that is, a variety of tools that, when interrelated, provide a strong defense against terrorism and crime. Port security is enhanced through the development of multiple security systems and processes. Physical security measures, combined with access controls, present a multidimensional security barrier. The intention is that if one layer of security fails to detect an unwanted threat, another layer will work to identify and neutralize the treat.

Layered security is an important aspect of any well designed security plan. The silver bullet solution is initially compelling, but almost always a short sighted and insufficient means of securing critically important assets.

The Small Vessel Security Implementation Plan Report to the Public – January 2011, provided a very compelling description and rationale for layered security outlined below:

The Plan employs a layered approach (described below) to achieve a defense in depth strategy against potential threats. Using this approach, the federal government can systematically deploy an array of capabilities or implement methods to increase MDA and to respond to any detected threats. This approach is designed to thwart adversaries by raising the likelihood of detection through an array of operational techniques. No single capability or method is certain to succeed against a particular threat but, in combination, an array of capabilities and methods are likely to disrupt and stop a broad range of known and unknown threats. Moreover, the methods in this layered approach are flexible by design and can be implemented at federal, state and local levels to manage specific risks related to maritime terrorism, crime, security, and safety in general.

Layered Methods and Potential Adversary Actions

With layering, you get better security than you would if you relied on one process, whether it is software or hardware. The idea is to use the layers to stop some attacks, but not all of them. The reasoning is simple; no one single solution will stop all avenues of attack. More often than not, the goal is to frustrate any would-be attacker into tears. (As the attacker moves through the onion, the layers add up and the crying starts. Now you see where the onion reference comes in.) The trick is to get the right layers and to get them working together. If your idea of security is, to use a catch phrase – “set it and forget it” – then you have the wrong idea. Once implemented, security has to be managed, and sometimes changed.

Full Article

A layered approach to security can be implemented at any level of a complete security strategy . . .a layered approach to security tools deployment can help improve your security profile.

In short, the idea is an obvious one: that any single defense may be flawed, and the most certain way to find the flaws is to be compromised by an attack — so a series of different defenses should each be used to cover the gaps in the others’ protective capabilities.

Full Story

Since the advent of computer systems and widespread use of the internet, the function of Information Security Officer has been artificially separated from the Corporate (or Physical) Security function. Now, in an increasingly networked, post 9-11 world, these two security areas are moving closer and closer together. As both private corporations and government agencies struggle with the demands of maintaining a heightened level of security, issues of how information security should interact with physical security move into the spotlight.

There are several reasons for this convergence between information security and physical security. One of the  primary reasons is because physical security elements  have become increasingly computerized and  networked. Physical lock and key systems have been  replaced by smart cards that not only allow employees  access to different areas in a facility, but also may keep  audit trails of where employees spend their days.

Full Story

Source: www.securityworldnews.com

The term holistic security refers to the application of several security systems that are integrated to work as a security structure for a business, school, campus or any kind of structure that need security on a number of levels, equipment or anything that needs to be secured. The principal idea of holistic security is that the various security practices must be seen as an entire system to achieve optimum levels of security, without overlooking the distinctive purpose of each individual component and the role it plays in the successful operation of the entire holistic security system.

With holistic security several areas that are security related are combined and put into operation simultaneously. The first area that is applied is security technology including security software to initiate a level of security. This entails the basic security elements from door locks, up to computer security software to control access to a network. In addition to the basics, it also entails the application of basic security procedures.

Ultimately, adding people to the holistic security program is another vital part in a successful holistic security program. An important feature is to obtain feedback and to identify security risks. Because people think and have different approaches it is paramount to request people to assist in devising more effective and better security practices and policies.

As mentioned before, the purpose of holistic security is for each component to enhance each other and to work together as one system. Many times it do happen with a holistic approach that layers and layers of security is applied which might cause disconnected parts or certain parts interfering with each other. Therefore it is important to keep the system as basic and simple as possible. This has the advantage that all systems work optimally and can interrelate effectively.

Holistic security can be as simple as supplying two security guards on a construction site with two way radios. Each guard needs to do duty at a different gate. If they are not able to communicate with each other they can not work together towards a similar goal successfully. With the two way radios, the holistic security factor, they can still do their work as individuals but also reduce security risks in cooperation.

All holistic security approaches are not all that simple as the given example. However, professional holistic security plans can involve consultations with security specialists, or the management of the security department of a company.

Full Story