Cip 004, R1 Physical Security Awareness Webinar 10 23 09 Final Lipub
description
Transcript of Cip 004, R1 Physical Security Awareness Webinar 10 23 09 Final Lipub
www.encari.com
CIP-004, R1 Security CIP-004, R1 Security yAwareness Webinar
S
yAwareness Webinar
SSeriesPhysical Security Fundamentals &
SeriesPhysical Security Fundamentals &Physical Security Fundamentals &
Best PracticesPhysical Security Fundamentals &
Best Practices
Steven HamburgMark Simon
www.encari.com
Obj tiObjectives
• Learn why physical security is a key component of critical infrastructure protection.
• Learn about your role in implementing physical security-related li i d l i i i k f h i dpolicies and controls to mitigate risks of unauthorized access to
critical equipment, systems, material, and information at or pertaining to critical facilities.
2
www.encari.com
R l f Ph i l S itRole of Physical Security
• Violence, vandalism, theft, and terrorism are prevalent in the world today.
3
www.encari.com
R l f Ph i l S itRole of Physical Security
• A Bonneville Power Administration crew working near the Mountain Avenue Substation discovered a suspicious device that law enforcement officials later determined was a pipe bomb. Law enforcement officials safely dismantled the device. While the bomb was near the substation, it is not clear that the BPA facility was the target.
Source: BPA News July 22, 2009
4
www.encari.com
R l f Ph i l S itRole of Physical Security
5
www.encari.com
F d ti l Ph i l S itFoundational Physical Security Controls: DeterControls: Deter• Don’t be too helpful. Some places are not meant to be easy to
find.
6
www.encari.com
F d ti l Ph i l S itFoundational Physical Security Controls: DetectControls: Detect• Identify and report any suspicious acts on or around the premises
without putting yourself in harm’s way.
7
www.encari.com
F d ti l Ph i l S itFoundational Physical Security Controls: AssessControls: Assess• An effective assessment system provides two types of
information associated with detection: (1) information regarding whether the alarm is a valid alarm or a nuisance alarm, and (2) details regarding the cause of the alarm; i.e., what, who, where, and how many.
8
www.encari.com
F d ti l Ph i l S itFoundational Physical Security Controls: DelayControls: Delay• Physical barriers are designed to delay an intruder.
9
www.encari.com
F d ti l Ph i l S itFoundational Physical Security Controls: CommunicateControls: Communicate• Some organizations establish code words to alert co-workers and
supervisors that immediate help is needed.
Employees should know what steps to perform if a threatening or violent incident occurs.
10
www.encari.com
F d ti l Ph i l S itFoundational Physical Security Controls: RespondControls: Respond• Leave it to the professionals to respond to a potential physical
security breach.
f• The primary concern in any security incident is the protection of human life. If force is threatened, system operators / control center / all personnel should follow the intruder's instructions to the letter.
11
www.encari.com
F d ti l Ph i l S itFoundational Physical Security Controls: IntelligenceControls: Intelligence• Employees benefit from a comprehensive security awareness
program and an understanding of the threats involved.
12
www.encari.com
F d ti l Ph i l S itFoundational Physical Security Controls: AuditControls: Audit• Checking physical security system controls:
I have my badge
The door is secure
The alarm is set
I k th li i d d t f llI know the policies and procedures to follow
13
www.encari.com
Ph i l S it B t P tiPhysical Security Best Practices: Scenario #1Scenario #1• Piggybacking
A social engineer appears as a legitimate employee and walks into a secure building by following behind someone who has authorized access.
14
www.encari.com
Ph i l S it B t P tiPhysical Security Best Practices: Scenario #2Scenario #2• Observing a supervisor or co-worker being confronted by a
person who appears volatile.
15
www.encari.com
Ph i l S it B t P tiPhysical Security Best Practices: Scenario #3Scenario #3• Finding a suspicious package or device.
16
www.encari.com
Ph i l S it B t P tiPhysical Security Best Practices: Scenario #4Scenario #4• You observe a visitor, who should be escorted within a physical
security perimeter, wandering within the physical security perimeter without his or her escort.
17
www.encari.com
Ph i l S it B t P tiPhysical Security Best Practices: Scenario #5Scenario #5• It’s the end of the day and you rush to leave work to pick-up the
kids, and in your haste you forget to secure confidential documents clearly visible on your desk.
18
www.encari.com
Ph i l S it B t P tiPhysical Security Best Practices: Scenario #6Scenario #6• You discard printed materials and a CD containing the most
sensitive type of information, as defined in your information protection program.
19
www.encari.com
Ph i l S it B t P tiPhysical Security Best Practices: Scenario #7Scenario #7• You observe a person outside of a security perimeter drawing a
diagram and taking photographs.
20
www.encari.com
C l iConclusion
21
www.encari.com
Q&AQ&A
• Contact InformationSteven Hamburg – Co-Founder, Encarig ,
Mark Simon – Sr. NERC CIP Compliance Specialist
• Visit our blog at Control Engineering magazine’s website: www controleng comwebsite: www.controleng.com
22