Building a Resilient Critical National Infrastructure

Inhouse only Download brochure Enquire now

* Claim back your VAT
Find out more

* Claim back your VAT
Find out more

Overview

Aims and Objectives

This unique programme has been designed to enable delegates to learn the importance of protecting critical infrastructures and key assets, understand the challenges associated with building a resilient security program, and use a holistic approach to integrate security strategies. The course will look at challenges of finding the right strategies and solutions to reduce risk exposure, and to prioritise decisions to make informed choices to challenge funds and resources to protect the most critical infrastructures and assets.

Programme objectives

  • Gain insights into the current and emerging threats and their potential consequences
  • Gain insights into the techniques employed in the assessment process
  • Discover simple but effective measurement and evaluation tools
  • Gain insights into the current and emerging threats and their potential consequences
  • Discover the importance of security integration, security roles and responsibilities, and dependencies
  • Learn how to select the right assessment model and successfully customise to address your needs
  • Acquire the skill-sets to identify risks and vulnerabilities to facilities, assets, functions and human resources

Training methodology

This dynamic and interactive program is designed to encourage delegate participation through a combination of group discussion, and practical exercises case studies. The concepts presented here are linked together with video presentations highlighting critical considerations to reinforce new knowledge and skills relative to strategies for protecting critical infrastructures and assets.

Inhouse


 

Do you have five or more people interested in attending this course? Do you want to tailor it to meet your company's exact requirements? If you'd like to do either of these, we can bring this course to your company's office. You could even save up to 50% on the cost of sending delegates to a public course.

To find out more about running this course in-house:





Our Tailored Learning Offering

If you want to run this course at a location convenient to you or if you want a completely customised learning solution, we can help.

We produce learning solutions that are completely unique to your business. We'll guide you through the whole process, from the initial consultancy to evaluating the success of the full learning experience. Our learning specialists ensure you get the maximum return on your training investment.



We can offer any of our public courses delivered at your office or we can devise completely tailored solutions:


Read more about our offering or complete a call back request to speak to a learning specialist.

 

Agenda

Day 1

  • Introduction to building a resilient critical infrastructure
    • Course content
    • What are national critical infrastructure assets?
    • What makes up the national critical infrastructure?
    • International community
    • What we are protecting
    • What we are defending against
    • How do we protect national critical infrastructure assets?
    • Strategic framework planning strategies
    • Understand the basis for strategic planning – the only reason security exists

Case study: Understanding the principles of protection

  • Know your industry and company
    • Culture, business goals and objectives
    • Work ethics and practices
    • Regulatory and compliance requirements, and other commitments
    • Customer base
    • Business environment and mission - understand the operational environment and its challenges
    • Performance expectations, standards and constraints, and
    • Dependencies and supply the chain

Case study: The New York experience

Case study: Changing landscape eludes many seasoned security professionals

  • Facility and asset characterisation
    • Customise critical infrastructure protection planning to meet needs
    • Configuration and boundaries of critical facilities and assets
    • Boundaries of functions, processes and human resources
    • Performance expectations and work standards
    • Strengths and weaknesses, and gaps in performance or the mission
    • Effectiveness, efficiency and economy of outcomes
    • Range, level and frequency of threats and hazards
    • Critical facilities, assets, functions, processes and human resources
    • Consequences of loss of facilities, assets, functions, processes and human resources
    • Prioritise facilities, assets and functions relative to threats/hazards, and consequences of loss
    • Strategies and mitigation treatments
    • Action plan and prioritise recommendations
    • Rank-order decision-making process
    • Cost estimate and formulise project milestone chart
    • Brief executive management and other stakeholders on project results

  • Introduction to building a resilient security organization and mission
    • Goal and objectives of the security mission
    • Elements of security
    • Types of security organisation
    • Authority and jurisdiction

 

Day 2

  • Introduction to the security assessment
    • Purpose of the security assessment
    • All-inclusive security assessment
    • Tailored security assessment
    • Origins of industry security assessment models
    • Security assessment model constraints and limitations

  • Looking at a model to fit all infrastructures
    • Methodology framework
    • Performance strategies
    • Institutional drivers
    • Integrated problem solving approach
    • Top-to-bottom bottom-to-top analysis and evaluation

Case study: Security assessment flow process

  • Evaluation and measurement criteria

Case study: Calculating probability frequency

Case study: Calculating consequence factor

Case study: Calculating effectiveness

  • Selected security assessment methodologies
    • Gas and oil
    • Energy and water
    • Telecommunication
    • Transportation
    • Security operations and security systems
    • Protocols
    • Training

 

Day 3

  • Introduction to strategic, programmatic and operational weaknesses and vulnerabilities
  • Vulnerability creep-in and its impact
  • Enterprise-wide strategic deficiencies
    • Security is not a priority for executive management
    • Many deficiencies are outside the control of the Security Director
    • Failure to convince management to plan correctly
    • Lessons learned left behind
    • No comprehensive security assessments, threat analysis or audits
    • No benchmarks established to evaluate progress
    • Strategic security vision lacking
    • Weak security leadership – responsibilities fragments
    • Poor or no strategic security planning
    • Security program not well defined or structured
    • Status quo provides false sense of security
    • Corporate management culture hinders security performance
    • Industry requirements not part of the security planning effort
    • No program performance measurement criteria
    • Security upgrades lack purpose, performance standard – knee jerk reaction to problem solving
    • Security design lacks professional security oversight
    • Threat not clearly defined or properly applied
    • Insider threat not defined or clearly addressed in security planning considerations
    • No means to communicate emergency to employees
    • Employees not told or training what to do in an emergency
    • Lack of employee buy-in of security program
    • Contract language for Guard Services weak
    • Security training inadequate or ineffective
    • Stovepipe mentality fosters fragments security program

Case study: Security program must have top management support

Case study: Perceptions, popular myths and old school thinking

Case study: Many CEOs are on the dark side of the planet

Case study: Ignoring the insider threat

  • Security programmatic weakness
    • Security organisation lacks C3 capability to detect, asses and respond to security events
    • No enterprise-wise operational capability to detect, assess and respond to events
    • No inspection or testing program
    • Security emergency planning defective
    • Security emergency procedures flawed
    • Policies, plans and protocols outdated, vague or ambiguous
    • Poor employee security awareness program
    • Poor security force training program
    • Reliance of word of mouth instructions

Case study: Inseparability of cyber, information, physical and electronic security and emergency and continuity planning

  • Site physical and operational vulnerability
    • Security system not integrated
    • Security technologies deployed or used incorrectly
    • Not working or maintained
    • Obsolete security technologies
    • Inadequate security communications, equipment and facilities

Case study: Dysfunctional or disparate systems

Classroom workshop

  • Using knowledge and skill-sets gained from the course identify and prioritise critical facilities, assets, functions and process; determine threat and consequences of loss
  • Delegates will work in small groups from similar industry/business and use worksheets provided to list designated information and will participate in open discussion with other groups

Workshop and course conclusions

  • Course review
    • Current and emerging threats and their potential consequences
    • Techniques employed in the security assessment process
    • Effective measurement and evaluation tools
    • Link between physical, electronic, information, personnel and cyber security planning
    • Importance of security integration, security roles and responsibilities, and dependencies
    • Customising your security assessment to meet your needs
    • Entities having dispersed facilities and operations require unique protection techniques
      Road map that connects the dots so decision-makers can make informed decisions
Why us


We have a combined experience of over 60 years providing learning solutions to the world’s major organisations and are privileged to have contributed to their success. We view our clients as partners and focus on understanding the needs of each organisation we work with to tailor learning solutions to specific requirements.

We are proud of our record of customer satisfaction. Here is why you should choose us to help you achieve your goals and accelerate your career:

  • Quality – our clients consistently rate our performance ‘excellent’ or ‘outstanding’. Our average overall score awarded to us by our clients is nine out of ten.
  • Track record – we have delivered training solutions for 95% of worlds’ top 100 banks and have trained over 250,000 professionals.
  • Knowledge – our 150 strong team of industry specialist trainers are world leading financial leaders and commentators, ensuring our knowledge base is second to none.
  • Reliability – if we promise it, we deliver it. We have delivered over 20,000 events both in person and online, using simultaneous translation to delegates from over 180 countries.
  • Recognition – we are accredited by the British Accreditation Council and the CPD Certification Service. In an independent review by Feefo we scored 96% on service and 95% on product