Building a Resilient Critical National Infrastructure

Inhouse only Download brochure Enquire now

* Claim back your VAT
Find out more

* Claim back your VAT
Find out more


This unique three day program has been designed to enable delegates to learn the importance of protecting critical infrastructures and key assets, understand the challenges associated with building a resilient security program, and use a holistic approach to integrate security strategies. The course will look at challenges of finding the right strategies and solutions to reduce risk exposure, and to prioritise decisions to make informed choices to challenge funds and resources to protect the most critical infrastructures and assets.

In this program delegates will:

  • Gain an in-depth understanding of the complexity of security assessments
  • Develop an awareness of the elements of the security assessment
  • Appreciate the significant and integration of the behavioural and physical sciences at play
  • Discover simple but effective measurement and evaluation tools
  • Appreciate the overlap and link between physical, electronic, information, personnel and cyber security
  • Discover the importance of security integration, security roles and responsibilities, and dependencies
  • Learn how to select the right assessment model and successfully customise to address your needs
  • Appreciate the fact that entities having dispersed facilities, assets and operations are difficult to protect
  • Benefit from a road map that connects the dots so decision-makers can make informed decisions

Participants will enjoy a hands-on experience through a variety of individual and team exercises, with the opportunity to exchange views with a diverse group of industry peers.

Who should attend?

  • Senior executives with authority to approve critical infrastructure protection and security recommendations
  • Business and Development Managers
  • Corporate Security Directors, Security Managers and Security Planners
  • Risk Management and Safety Managers
  • Security System Designers and Systems Integrators
  • Emergency Management and Continuity Managers
  • Managers with operational responsibility for critical infrastructure protection
  • Professionals responsible for security operations and emergency services
  • Government Regulators, Quality Assurance Managers
  • Compliance Officers, Inspector Generals and Auditors
  • IT Professionals

Program objectives

  • Gain insights into the current and emerging threats and their potential consequences
  • Gain insights into the techniques employed in the assessment process
  • Discover simple but effective measurement and evaluation tools
  • Gain insights into the current and emerging threats and their potential consequences
  • Discover the importance of security integration, security roles and responsibilities, and dependencies
  • Learn how to select the right assessment model and successfully customise to address your needs
  • Acquire the skill-sets to identify risks and vulnerabilities to facilities, assets, functions and human resources

Training methodology

This dynamic and interactive program is designed to encourage delegate participation through a combination of group discussion, and practical exercises case studies. The concepts presented here are linked together with video presentations highlighting critical considerations to reinforce new knowledge and skills relative to strategies for protecting critical infrastructures and assets.


We can bring this course to your company's office.

If you simply want to run this course at a location convenient to you or if you want a completely customised learning solution, we can help.

We produce learning solutions that are completely unique to your business. Our tailored learning solutions are designed specifically for your organisation’s needs.

We’ll be here to support you every step of the way. From the initial consultancy through to evaluating the success of the full learning experience. We'll ensure you get the maximum return on your training investment.

Find out more


Day 1

  • Introduction to building a resilient critical infrastructure
    • Course content
    • What are national critical infrastructure assets?
    • What makes up the national critical infrastructure?
    • International community
    • What we are protecting
    • What we are defending against
    • How do we protect national critical infrastructure assets?
    • Strategic framework planning strategies
    • Understand the basis for strategic planning – the only reason security exists

Case study: Understanding the principles of protection

  • Know your industry and company
    • Culture, business goals and objectives
    • Work ethics and practices
    • Regulatory and compliance requirements, and other commitments
    • Customer base
    • Business environment and mission - understand the operational environment and its challenges
    • Performance expectations, standards and constraints, and
    • Dependencies and supply the chain

Case study: The New York experience

Case study: Changing landscape eludes many seasoned security professionals

  • Facility and asset characterisation
    • Customise critical infrastructure protection planning to meet needs
    • Configuration and boundaries of critical facilities and assets
    • Boundaries of functions, processes and human resources
    • Performance expectations and work standards
    • Strengths and weaknesses, and gaps in performance or the mission
    • Effectiveness, efficiency and economy of outcomes
    • Range, level and frequency of threats and hazards
    • Critical facilities, assets, functions, processes and human resources
    • Consequences of loss of facilities, assets, functions, processes and human resources
    • Prioritise facilities, assets and functions relative to threats/hazards, and consequences of loss
    • Strategies and mitigation treatments
    • Action plan and prioritise recommendations
    • Rank-order decision-making process
    • Cost estimate and formulise project milestone chart
    • Brief executive management and other stakeholders on project results

  • Introduction to building a resilient security organization and mission
    • Goal and objectives of the security mission
    • Elements of security
    • Types of security organisation
    • Authority and jurisdiction


Day 2

  • Introduction to the security assessment
    • Purpose of the security assessment
    • All-inclusive security assessment
    • Tailored security assessment
    • Origins of industry security assessment models
    • Security assessment model constraints and limitations

  • Looking at a model to fit all infrastructures
    • Methodology framework
    • Performance strategies
    • Institutional drivers
    • Integrated problem solving approach
    • Top-to-bottom bottom-to-top analysis and evaluation

Case study: Security assessment flow process

  • Evaluation and measurement criteria

Case study: Calculating probability frequency

Case study: Calculating consequence factor

Case study: Calculating effectiveness

  • Selected security assessment methodologies
    • Gas and oil
    • Energy and water
    • Telecommunication
    • Transportation
    • Security operations and security systems
    • Protocols
    • Training


Day 3

  • Introduction to strategic, programmatic and operational weaknesses and vulnerabilities
  • Vulnerability creep-in and its impact
  • Enterprise-wide strategic deficiencies
    • Security is not a priority for executive management
    • Many deficiencies are outside the control of the Security Director
    • Failure to convince management to plan correctly
    • Lessons learned left behind
    • No comprehensive security assessments, threat analysis or audits
    • No benchmarks established to evaluate progress
    • Strategic security vision lacking
    • Weak security leadership – responsibilities fragments
    • Poor or no strategic security planning
    • Security program not well defined or structured
    • Status quo provides false sense of security
    • Corporate management culture hinders security performance
    • Industry requirements not part of the security planning effort
    • No program performance measurement criteria
    • Security upgrades lack purpose, performance standard – knee jerk reaction to problem solving
    • Security design lacks professional security oversight
    • Threat not clearly defined or properly applied
    • Insider threat not defined or clearly addressed in security planning considerations
    • No means to communicate emergency to employees
    • Employees not told or training what to do in an emergency
    • Lack of employee buy-in of security program
    • Contract language for Guard Services weak
    • Security training inadequate or ineffective
    • Stovepipe mentality fosters fragments security program

Case study: Security program must have top management support

Case study: Perceptions, popular myths and old school thinking

Case study: Many CEOs are on the dark side of the planet

Case study: Ignoring the insider threat

  • Security programmatic weakness
    • Security organisation lacks C3 capability to detect, asses and respond to security events
    • No enterprise-wise operational capability to detect, assess and respond to events
    • No inspection or testing program
    • Security emergency planning defective
    • Security emergency procedures flawed
    • Policies, plans and protocols outdated, vague or ambiguous
    • Poor employee security awareness program
    • Poor security force training program
    • Reliance of word of mouth instructions

Case study: Inseparability of cyber, information, physical and electronic security and emergency and continuity planning

  • Site physical and operational vulnerability
    • Security system not integrated
    • Security technologies deployed or used incorrectly
    • Not working or maintained
    • Obsolete security technologies
    • Inadequate security communications, equipment and facilities

Case study: Dysfunctional or disparate systems

Classroom workshop

  • Using knowledge and skill-sets gained from the course identify and prioritise critical facilities, assets, functions and process; determine threat and consequences of loss
  • Delegates will work in small groups from similar industry/business and use worksheets provided to list designated information and will participate in open discussion with other groups

Workshop and course conclusions

  • Course review
    • Current and emerging threats and their potential consequences
    • Techniques employed in the security assessment process
    • Effective measurement and evaluation tools
    • Link between physical, electronic, information, personnel and cyber security planning
    • Importance of security integration, security roles and responsibilities, and dependencies
    • Customising your security assessment to meet your needs
    • Entities having dispersed facilities and operations require unique protection techniques
      Road map that connects the dots so decision-makers can make informed decisions
Why us

We have a combined experience of over 60 years providing learning solutions to the world’s major organisations and are privileged to have contributed to their success. We view our clients as partners and focus on understanding the needs of each organisation we work with to tailor learning solutions to specific requirements.

We are proud of our record of customer satisfaction. Here is why you should choose us to help you achieve your goals and accelerate your career:

  • Quality – our clients consistently rate our performance ‘excellent’ or ‘outstanding’. Our average overall score awarded to us by our clients is nine out of ten.
  • Track record – we have delivered training solutions for 95% of worlds’ top 100 banks and have trained over 250,000 professionals.
  • Knowledge – our 150 strong team of industry specialist trainers are world leading financial leaders and commentators, ensuring our knowledge base is second to none.
  • Reliability – if we promise it, we deliver it. We have delivered over 20,000 events both in person and online, using simultaneous translation to delegates from over 180 countries.
  • Recognition – we are accredited by the British Accreditation Council and the CPD Certification Service. In an independent review by Feefo we scored 96% on service and 95% on product