cip 004, r1 physical security awareness webinar 10 23 09 final lipub

www.encari.com

CIP-004, R1 Security CIP-004, R1 Security yAwareness Webinar

S

yAwareness Webinar

SSeriesPhysical Security Fundamentals &

SeriesPhysical Security Fundamentals &Physical Security Fundamentals &

Best PracticesPhysical Security Fundamentals &

Best Practices

Steven HamburgMark Simon

www.encari.com

Obj tiObjectives

• Learn why physical security is a key component of critical infrastructure protection.

• Learn about your role in implementing physical security-related li i d l i i i k f h i dpolicies and controls to mitigate risks of unauthorized access to

critical equipment, systems, material, and information at or pertaining to critical facilities.

2

www.encari.com

R l f Ph i l S itRole of Physical Security

• Violence, vandalism, theft, and terrorism are prevalent in the world today.

3

www.encari.com

R l f Ph i l S itRole of Physical Security

• A Bonneville Power Administration crew working near the Mountain Avenue Substation discovered a suspicious device that law enforcement officials later determined was a pipe bomb. Law enforcement officials safely dismantled the device. While the bomb was near the substation, it is not clear that the BPA facility was the target.

Source: BPA News July 22, 2009

4

www.encari.com

R l f Ph i l S itRole of Physical Security

5

www.encari.com

F d ti l Ph i l S itFoundational Physical Security Controls: DeterControls: Deter• Don’t be too helpful. Some places are not meant to be easy to

find.

6

www.encari.com

F d ti l Ph i l S itFoundational Physical Security Controls: DetectControls: Detect• Identify and report any suspicious acts on or around the premises

without putting yourself in harm’s way.

7

www.encari.com

F d ti l Ph i l S itFoundational Physical Security Controls: AssessControls: Assess• An effective assessment system provides two types of

information associated with detection: (1) information regarding whether the alarm is a valid alarm or a nuisance alarm, and (2) details regarding the cause of the alarm; i.e., what, who, where, and how many.

8

www.encari.com

F d ti l Ph i l S itFoundational Physical Security Controls: DelayControls: Delay• Physical barriers are designed to delay an intruder.

9

www.encari.com

F d ti l Ph i l S itFoundational Physical Security Controls: CommunicateControls: Communicate• Some organizations establish code words to alert co-workers and

supervisors that immediate help is needed.

Employees should know what steps to perform if a threatening or violent incident occurs.

10

www.encari.com

F d ti l Ph i l S itFoundational Physical Security Controls: RespondControls: Respond• Leave it to the professionals to respond to a potential physical

security breach.

f• The primary concern in any security incident is the protection of human life. If force is threatened, system operators / control center / all personnel should follow the intruder's instructions to the letter.

11

www.encari.com

F d ti l Ph i l S itFoundational Physical Security Controls: IntelligenceControls: Intelligence• Employees benefit from a comprehensive security awareness

program and an understanding of the threats involved.

12

www.encari.com

F d ti l Ph i l S itFoundational Physical Security Controls: AuditControls: Audit• Checking physical security system controls:

I have my badge

The door is secure

The alarm is set

I k th li i d d t f llI know the policies and procedures to follow

13

www.encari.com

Ph i l S it B t P tiPhysical Security Best Practices: Scenario #1Scenario #1• Piggybacking

A social engineer appears as a legitimate employee and walks into a secure building by following behind someone who has authorized access.

14

www.encari.com

Ph i l S it B t P tiPhysical Security Best Practices: Scenario #2Scenario #2• Observing a supervisor or co-worker being confronted by a

person who appears volatile.

15

www.encari.com

Ph i l S it B t P tiPhysical Security Best Practices: Scenario #3Scenario #3• Finding a suspicious package or device.

16

www.encari.com

Ph i l S it B t P tiPhysical Security Best Practices: Scenario #4Scenario #4• You observe a visitor, who should be escorted within a physical

security perimeter, wandering within the physical security perimeter without his or her escort.

17

www.encari.com

Ph i l S it B t P tiPhysical Security Best Practices: Scenario #5Scenario #5• It’s the end of the day and you rush to leave work to pick-up the

kids, and in your haste you forget to secure confidential documents clearly visible on your desk.

18

www.encari.com

Ph i l S it B t P tiPhysical Security Best Practices: Scenario #6Scenario #6• You discard printed materials and a CD containing the most

sensitive type of information, as defined in your information protection program.

19

www.encari.com

Ph i l S it B t P tiPhysical Security Best Practices: Scenario #7Scenario #7• You observe a person outside of a security perimeter drawing a

diagram and taking photographs.

20

www.encari.com

C l iConclusion

21

www.encari.com

Q&AQ&A

• Contact InformationSteven Hamburg – Co-Founder, Encarig ,

Mark Simon – Sr. NERC CIP Compliance Specialist

• Visit our blog at Control Engineering magazine’s website: www controleng comwebsite: www.controleng.com

22