Cortech Developments’ key focus as a business is to assist today’s practising professionals to mitigate risk by dint of employing smarter interoperability. The company’s recent Utilities Forum – for which Risk Xtra served as the Official Media Partner – brought together end users from that particular vertical sector in order for them to share experiences, widen their scope of knowledge and learn the latest techniques and guidance (notably in relation to Cortech’s popular Datalog solution for end users).
The Utilities Forum was held at Cortech Developments’ head office near Knutsford in Cheshire on Wednesday 20 February and ran from 9.30 am through until 2.30 pm. In essence, the event was designed to challenge attending delegates to consider how they might use their existing systems and new technology alike to deliver greater benefits and value for their host organisations.
A further objective on the day was for delegates to share experiences among their peers, widen their scope of knowledge and learn about Best Practice with a view to maximising their value out of Datalog. Datalog is a modular software suite that operates as a single or multi-user GUI, providing local and remote site monitoring and control of building, fire, security and energy systems. From the end user’s perspective, Datalog assists in reducing risk and cost while at the same time maximising efficiencies, situational awareness and accountability.
Integrating Physical Protection Systems
One of the presenters on the day was Jason Westcombe who’s renowned as an effective commercial and operational business leader within the security industry and who boasts extensive knowledge of working within the Critical National Infrastructure space. Westcombe is highly experienced in operations, programme and project management and is supported by a proven track record of accomplishment outlining a continual ability to deliver financial results and customer satisfaction.
The 13 delegates in attendance from four separate utilities organisations heard from Westcombe that integration in this context means the co-ordinated operation of people and technology, people and processes and procedures and technology, etc., but also the co-ordinated operation of people with people, procedures with procedures, physical systems with physical systems and technology with technology.
According to Westcombe, the ideal scenario features complementary systems that, taken together, create defence in depth. Integration is all about synergy and the creation of a whole that’s greater than the sum of its parts.
Interestingly, Westcombe briefly referred to ‘The Onion Principle’ that’s greatly favoured by so many security consultants whereby the tactic is to design-in security from the outer layers of the location/site to the core.
Physical Security Element
In terms of the physical security element, Westcombe concentrated on security gates and fencing, bollards, the creation of sterile zones and also visual screening. Physical security can be robust and assists with the zonal aspect of protection. In addition, dedicated detection systems may be added. However, there might be disadvantages. Attackers can potentially go under or over physical security measures or even through them. If the detection measures are not touched then they’ll not detect.
“Gates being left unsecured is a big culture issue,” explained Westcombe. “A ‘culture’ of frequent inspection, repair and maintenance needs to be in place and seen to be working otherwise the security fencing could actually prove to be useless as a protection mechanism.” A very good point.
Turning towards the elements of physical integration technology, Westcombe referenced scanning, CCTV, anti-tailgating, fence detection and perimeter detection. He talked of always-improving picture renditions from surveillance systems, the advent of IP-based solutions, facial recognition and the new types of analysis now available. However, there can be complexity involved and there’s always the hidden danger of cyber-attack to consider. Operator lethargy can also creep in.
Alluding to the latter point, Westcombe stressed: “The issues here include the tiredness of resources, the monotony of activity, the potential for poor working conditions, a lack of staff motivation and what might be termed ‘alarm blindness’. All of these factors can have an adverse impact on a site’s security culture.”
When it comes to on-site procedures, Westcombe considered vetting, testing, response planning, escalation and communication. The human security presence on a given site can be insightful and adaptable. That said, human beings are also prone to error. They can be misinformed. They may misunderstand or be open to coercion. As far as Westcombe’s concerned, cluttered Control Rooms housing multiple systems and reams of paper should now be a thing of the past. At this point in his excellent presentation, Westcombe introduced the concept of Physical Security Information Management (PSIM). “Security managers want to be able to do with their security data what every other business unit does with its data. In other words, make intelligent business decisions.”
For its part, PSIM allows the central management of multiple systems and thousands of sensors. It offers improved visibility and the potential for holistic analyses. Improved situational awareness, a unified front end and enhanced intelligence are further benefits to be realised.
“That said,” opined Westcombe, “PSIM only goes so far. Current thinking suggests that attacks on major facilities will be of a blended nature, comprising insider, cyber and physical attacks either in order or simultaneously. On that basis, your physical protection system should have the same stringent cyber defences in place as does any other critical system. Remember that, even if a network is isolated, it’s not protected from cyber-attack. There’s the potential for hacking, DDoS episodes, data breaches, eavesdropping and even cyber terrorism.”
Security Information and Event Management
Security Information and Event Management (SIEM) is the software equivalent to PSIM in that it monitors, unifies and reacts to security events on a computer network and within a software environment. The focus here is asset discovery, data aggregation, log centralisation, correlation, threat detection and general event management.
As far as the aforementioned security vetting’s concerned, Westcombe observed: “Security vetting is only as good as the day it was carried out. Ongoing support and monitoring will go a long way towards mitigating the risks of an insider attack, but it’s also possible to use data mining and trend analysis in order to alert staff of a potential risk. The potential for bribery, corruption, grievances, strong political allegiances, mental health issues and social engineering must always be considered.”
Integrated data analytics presumes that data are being brought together from different functional and business areas so that new insights can be established by monitoring trends occurring across traditional functional boundaries. Areas that can come into play here include Human Resources, safety operations, production process flows, material audits, engineering and maintenance, quality control and supply chains.
“With so many disparate systems being aggregated to single user interfaces,” continued Westcombe, “it’s important to integrate the different disciplines into a single management tool.” Ideally, a tool that coalesces physical security, cyber security, data analysis and those all-important communication strands. “What you’re talking about here is unified security management. A single platform that pulls together the intelligence generated from PSIM, SIEM and integrated data analysis.”
In essence, then, integration creates strength and defence in depth. Multiple integrated layers of security provide uncertainty for the would-be assailant.
Feedback from Delegates
Delegates gave the quality of the forum content an average rating of 4.33, scoring the workshops/activities with an average rating of 4.50. The added value aspect of the event scored an average of 4.08 with the maximum mark being 5.
Memorable moments of the day for delegates included the following:
- Training discussions
- Networking and sharing knowledge and the ability to meet and liaise with the wider Cortech Developments team
- Good to interact with other end users and speak to Cortech staff whom they wouldn’t normally deal with
- Discussions with Cortech Developments regarding improvements for existing host systems.