This document discusses the importance of physical security for critical infrastructure. It outlines objectives of learning why physical security is key and roles in implementing related policies. It describes threats like violence, vandalism and terrorism that physical security aims to deter, detect, assess, delay, communicate, respond to and audit. The document presents scenarios involving piggybacking, confronting volatile people, suspicious packages, unescorted visitors, discarded sensitive materials and diagrams/photos outside security perimeters. It stresses employee security awareness and following best practices.
1. www.encari.com
CIP-004, R1 Security
y
Awareness Webinar
Series
Series
Physical Security Fundamentals &
Best Practices
Steven Hamburg
Mark Simon
2. www.encari.com
Objectives
Obj ti
• Learn why physical security is a key component of critical
infrastructure protection.
• Learn about your role in implementing physical security-related
policies and controls to mitigate risks of unauthorized access to
li i d l ii i k f h i d
critical equipment, systems, material, and information at or
pertaining to critical facilities.
2
3. www.encari.com
Role f Physical Security
R l of Ph i l S it
• Violence, vandalism, theft, and terrorism are prevalent in the
world today.
3
4. www.encari.com
Role f Physical Security
R l of Ph i l S it
• A Bonneville Power Administration crew working near the
Mountain Avenue Substation discovered a suspicious device that
law enforcement officials later determined was a pipe bomb. Law
enforcement officials safely dismantled the device. While the
bomb was near the substation, it is not clear that the BPA facility
was the target.
Source: BPA News July 22, 2009
4
6. www.encari.com
Foundational Ph i l S
F d ti l Physical Security
it
Controls: Deter
• Don’t be too helpful. Some places are not meant to be easy to
find.
6
7. www.encari.com
Foundational Ph i l S
F d ti l Physical Security
it
Controls: Detect
• Identify and report any suspicious acts on or around the premises
without putting yourself in harm’s way.
7
8. www.encari.com
Foundational Ph i l S
F d ti l Physical Security
it
Controls: Assess
• An effective assessment system provides two types of
information associated with detection: (1) information regarding
whether the alarm is a valid alarm or a nuisance alarm, and (2)
details regarding the cause of the alarm; i.e., what, who, where,
and how many.
8
9. www.encari.com
Foundational Ph i l S
F d ti l Physical Security
it
Controls: Delay
• Physical barriers are designed to delay an intruder.
9
10. www.encari.com
Foundational Ph i l S
F d ti l Physical Security
it
Controls: Communicate
• Some organizations establish code words to alert co-workers and
supervisors that immediate help is needed.
Employees should know what steps to perform
if a threatening or violent incident occurs.
10
11. www.encari.com
Foundational Ph i l S
F d ti l Physical Security
it
Controls: Respond
• Leave it to the professionals to respond to a potential physical
security breach.
• The primary concern in any security incident is the protection of f
human life. If force is threatened, system operators / control
center / all personnel should follow the intruder's instructions to
the letter.
11
12. www.encari.com
Foundational Ph i l S
F d ti l Physical Security
it
Controls: Intelligence
• Employees benefit from a comprehensive security awareness
program and an understanding of the threats involved.
12
13. www.encari.com
Foundational Ph i l S
F d ti l Physical Security
it
Controls: Audit
• Checking physical security system controls:
I have my badge
The door is secure
The alarm is set
I know the policies and procedures t f ll
k th li i d d to follow
13
14. www.encari.com
Physical Security B t P ti
Ph i l S it Best Practices:
Scenario #1
• Piggybacking
A social engineer appears as a legitimate employee and
walks into a secure building by following behind someone
who has authorized access.
14
15. www.encari.com
Physical Security B t P ti
Ph i l S it Best Practices:
Scenario #2
• Observing a supervisor or co-worker being confronted by a
person who appears volatile.
15
17. www.encari.com
Physical Security B t P ti
Ph i l S it Best Practices:
Scenario #4
• You observe a visitor, who should be escorted within a physical
security perimeter, wandering within the physical security
perimeter without his or her escort.
17
18. www.encari.com
Physical Security B t P ti
Ph i l S it Best Practices:
Scenario #5
• It’s the end of the day and you rush to leave work to pick-up the
kids, and in your haste you forget to secure confidential
documents clearly visible on your desk.
18
19. www.encari.com
Physical Security B t P ti
Ph i l S it Best Practices:
Scenario #6
• You discard printed materials and a CD containing the most
sensitive type of information, as defined in your information
protection program.
19
20. www.encari.com
Physical Security B t P ti
Ph i l S it Best Practices:
Scenario #7
• You observe a person outside of a security perimeter drawing a
diagram and taking photographs.
20
22. www.encari.com
Q&A
• Contact Information
Steven Hamburg – Co-Founder, Encari
g ,
Mark Simon – Sr. NERC CIP Compliance Specialist
• Visit our blog at Control Engineering magazine’s
website: www controleng com
www.controleng.com
22