Skip to main content

Risk Chain

 

In sequence of “threat” to "asset" becoming a reality and creating negative "impact" is a complete “Risk chain”. There are several links which can be broken to "Protect".

Consider Security Risk Chain like a Fire-Triangle which has Fuel, Heat and Oxygen. When one gone, fire gone. Similarly in Risk Chain, one link broken is “Risk” gone. 

Smart Security is identifying balanced Security measures i.e. infrastructure, technology & automation, process and man-power to be effectuated to brake risk chain at right link. Understanding propitious risk mitigation tool is important for Security Manager.

During sensitive times, Police takes custody of regular offenders from city - Police removes "adversary" from chain. On other site, terrorist select populated areas for bomb explosion, to have maximum "impact" – as explosion in non-populated area will be only for enjoyment as fireworks.

Therefore knowingly unknowingly, Security and Adversary plays around the links. Security tries to break it and Adversaries look for continuation.

In next blog will show tools which can be used to break the chain.

Labels:
Location: India

Comments

Post a Comment

Popular posts from this blog

The Five Layers

There are five important layers in Security for risk mitigation (refer last Blogs on Risk Chain and Finding Solution to Break the Risk Chain). Implementation of these layers is generally in combination of each other. Correct balancing the implementation of layers at appropriate risk chain link and at right timings will result into Cost-effective and Optimum Security, which every management is looking for. But to have this achieved it is important to understand the components within these five layers. It is also important to note that while you are changing any layer, other layers will be affected. Therefore, change management is not one time activity, need to observe the impact in long term. The five layers includes ‘Infrastructure’, ‘Equipment’, ‘Application’, ‘Process’ and ‘Human Resource’. We will go in detail of each layer, understand the components and interconnections between the layers. All layers together should be seen like an engine, wherein each layer is individual gear, sho...
11 comments
Read more

Effective Access Control nearly completes Security

In earlier blogs overview on ‘Risk Chain’, ‘Methodology to break’ the chain and ‘Five layers’ of Security was presented. There are various Security processes which contribute to complete the de-risking need. If we try to put score on each component of Security need, we will be able to prioritize the implementation requirement vis-Γ -vis risk. Threat” exposure is not possible without movement of men, material, or information. Therefore, controlling, regulating, and monitoring movements to-n-fro Secured - Non-Secured area is important.   Crime is not possible without access breach therefore, reasoned ‘Access control’ establishment nearly completes the Security. Access control is “The practice of regulating entrance to a property, a building, or a room to authorised person”, access could be physical or digital. Un-authorised access could be for property or information (damaging Or stealing). Out unauthorised movement of material (property) and information is also access breach.  G...
12 comments
Read more

Process before Technology

There is a race for Technology implementation in every field. This affects Security Management too due to which ‘Security Automation’ is considered as the most important component amongst the five Security layers ( https://securitypracticesandsolutionbysmit.blogspot.com/2021/08/the-five-layers.html ). Many times, Security Technology is implemented not due need to mitigate the risk or bring efficiency, implemented for sake of it, there is no estimation of what in Security is to be automated, why to be automated, and how to be automated. This results in a bad investment, dissatisfaction amongst Management & Owners, unhappy users (employees, workforce, visitors, etc.), and most importantly, the risk remains. Problem statement In the last 19 years have seen several examples where Security Automation is not balanced with actual need. There are mainly four logical scenarios for imbalanced situations in Security technology: 1. Over-implemented – logically such cases should not be mu...
10 comments
Read more