Security Culture

PREVENT PROTECT PREPARE PURSUE

A key element of addressing today’s threat environment is emulating practices that have had success.

“​Lessons Learned – Evidence-Based – Effective Collaboration”

Security culture is a key element of addressing today’s threat environment by emulating practices that have had success. It is important to incorporate a holistic plan that spans the authority's requirements, must be driven from the top with accountability and responsibility, will be effective operationally, and can be supported financially. Keeping a safe and secure environment for the traveling public and supply chain with a program that directly affects terrorism and other criminal activity and includes an inclusive approach to crisis management is essential. We recognize this is a broad and complex concept. Policing security deterrence and enforcement activity is only one aspect of successful prevention.  

We strive to assist our authorities to meet the challenges of today through practises, evaluation, and training. As part of this process, the multiple jurisdictions work together on operational issues, the security community, and global public safety benefits. 

OPERATIONAL READINESS

Being prepared through prevention is the first line of defence. A holistic security strategy for a Port Protective Security Management System should fit across the domain and be integrated through the entire security system. Regardless of the critical infrastructure environment, the threat must be deemed essential. Police, security, and emergency management authorities must always be prepared. Evidence-based prevention, protection, and preparedness practices to mitigate the threat of terrorism, other serious crimes, and catastrophic events are essential.  Additionally, this needs to go beyond security personnel and include all staff to enhance their skills and knowledge in handling different scenarios and emergencies.

PREPARDEDNESS

The forethought of what could happen and mitigation practices are essential. Adequate training is necessary, understanding scenarios that could play out based on lessons learned facts. Although this may seem obvious, history has shown that similar occurrences and studies learned from previous incidents have not been implemented when considering preparedness.  An emergency or a crisis is just that and does not matter if it is weather, cyber, or an active shooter.  Think outside the box and plan for each type of occurrence.

COMMUNICATION
COMMUNICATIONS: Physical & Cyber

Technology must address both physical and cyber security to protect an authority!

From a physical side, we must support the human element, and security environments must adopt and deploy effective collaborative communication capabilities. Communication is often the Achilles’ heel of a crisis. We address this through lesson learned methods.

Cyber Security is a different issue; although it can have similar comparisons to physical security, it can range from a denial of services to infiltration of  IP systems. A cyber attack can be as much of a problem for security as it is for the technology staff. This can affect every aspect of how an environment is secured. Not addressing cyber security leaves a substantial gap in the overall security plan. (See cyber collaboration below)

COMMUNICATION: Engagement & Collaboration

Cyber Collaboration: Community Essentials

Environment security is obtained through collaborative communication processes; silo alternatives are ineffective. Threats to public safety and critical infrastructure continue to evolve. Recent examples of this include active shooters, drones, and cyber-attacks. Those who oversee security in mass people environments must be inclusive by having authority personnel, tenant staff, and the public informed based on their need to know and those at risk. An authority must evolve its security practices based on current threats and security requirements.

Environment security does not stop at physical security anymore.  Today, in fact, it relies heavily on the use if internet protocol (IP), and the threat may not be visible, apparent, or near the facility that is being threatened. 

Cyber security is not only for someone else. It must begin with everyone touching a computing device, even your phone.

Not only is education on these risks imperative, but environment risk mitigation must be planned.  Denial of services, major disruption, and even loss of life can occur and proper preparation is essential for security staff.  It may seem like a ghost, but it cannot be ignored.