Systems Approach to Physical Security - Literature review Example

Physical security-Literature Review Name Institution Introduction Fennelly (2012) defines physical security as an integrated combination of security measures intended for disallowing unauthorized access to equipment, facilities and resources. Characteristically, physical security entails the application of an assortment of security layers, such as protective barriers, security personnel, and surveillance cameras (Smith & Brooks, 2012). Modern-day security specialists like Fennelly (2012) and Laing (2012) promote the application of systems theory, which advocates for a scenario where any security measure is designed to integrate with another measure to form a system. Taking the systems approach to design security measures, therefore, implies that physical security combines consistent components tweaked to work in collaborative manner in order to attain the common purpose of upholding the security objectives of deterring, detecting, delaying, responding and recovering from adversarial attacks, whether in a physical environment or online (Marzbali, H., Abdullah et al., 2011; Barbara, 2010). Clinging on such an assumption, this paper shows that physical security controls should be approached as an integrated system, which is premised on Systems Theory since no single layer can effectively accomplish all security needs. This paper examines systems approach to physical security, and the reasons why systems approach is necessary for protection of assets. Systems approach to physical security According to Smith and Brooks (2012), physical security should be defined as integrating processes, people, and resources with the sole objective of offering total protection to assets against latent risks of unauthorised access. Fennelly (2012) appears to agree with Smith and Brooks (2012). In his view, physical security could be loosely defined as a means through which people or properties are protected against unauthorised access, or sabotage, theft, and vandalism. These definitions are consistent with an earlier one proposed by Fay (2006), who pointed to physical security as embodying the physical measures directed at safeguarding an individual, or protecting property from unauthorised access. From these definitions, it is clear that the subject of physical security is complex, as it consists of various elements that work together to attain the sole objective of providing solid security. Patton and McMahon (2006) were also concerned about the broad concept of physical security in detecting, deterring, and responding invasive behaviour. They established that physical security requires a relatively comprehensive approach, such as systems theory, which is capable of addressing the unpredictable human behaviours. The definitions also seem to hypothesise that insecurity problems are solved effectively when interrelated components that offer protection are combined to offer solid and holistic security based on layers. These descriptions are compatible with the Defence in Depth theory, which Coole at al. (2012) define as an approach that advocates for integration of security layers, such as people, processes, and apparatus to provide in-depth security. Basing on the Defence in Depth theory, Coole at al. (2012) suggests that physical security delays and detects adversaries, as well as offers response to adversarial attacks. The theory of defence in depth, as Coole (2010) defines it, seeks to connect the layered components of security to form a system by incorporating factors, such as procedures, technology, people, and physical barriers. As a result, the theory of defence in depth makes sure that an efficient holistic and security system is set up. In return, the system provides effective risk-based decisions, improved security operations and minimised risks and costs (Coole & Brooks, 2011). Hence, the systems approach is consistent with the theory of defence in depth in the field of security management. Because of this, it could be reasoned that any such discussion that touches on the theory of defence in depth to set up a holistic approach to security has to take the systems theory into perspective. Hence, the approach has included the provisions of the design, execution, and management of the security system. This assumption is well supported by Coole (2010) in his contention that a holistic approach to security has to cover the processes involved in creating the system, as well as the security management processes that seek to make sure the security system holistically delivers its intended functions. However, what can be concluded from this is that physical security components have to work as a system rather than independently. In fact, it is based on the assumption that the systems approach fits snugly. Coole and Brooks (2011) define Systems Theory as a trans-disciplinary approach concerned with studying the theoretical arrangement of a component part of phenomena that together form a wholesome part. Mele et al. (2010) reached a similar conclusion in attempting to portray systems theory. They put forward the idea that systems theory calls attention to the significance of integrating component parts or elements of a system to enable them to solve a problem as a whole, rather than independently. Within the context of security, it could, therefore, be reasoned that security breaks are solved effectively when the physical security layers work as a system. This assumption is consistent with a recent empirical study by Arnold et al. (2002), who brought evidence suggesting that the individual components of physical security work poorly when in isolation compared to when they work as an integrated system. Smith and Brooks (2012) had earlier also discussed that maximal protection of property by applying physical security becomes more realistic when layers of physical protective measures are combined. Some security experts like Lorenc et al. (2013) have narrowed down the seemingly extensive scope of physical security into three key elements, or layers. The first element consists of the physical barriers erected to offer protection against external attacks or environment disasters. Examples include electric fencing, multiple locks, or fireproof walls. The second layer consists of a surveillance system, which notifies of intrusion. Examples include surveillance cameras and security personnel (Welsh et al. 2010). The third layer responds to adversarial attacks and recovers the property from intrusion. Based on the systems theory, the components layers need to work as a team to ensure total security. Fennelly (2012) divided physical security into two layers or components: outer layer and inner layer. In his view, the outer layer should be the first physical security layer. These include the perimeter fence, wall, gate, doors, lighting, surveillance cameras, and building walls, alarm system, and security personnel (Fennelly 2012; Wortley and McFarlane, 2011; Sakip & Abdullah, 2012). Integrating all these security components, according to Casteel and Peek-Asa (2000), can make up an integrated outer layer within a build environment. However, Fennelly (2012) advises that this depend on the location, something that other security experts like Feruza and Kim (2007) agree with. For instance, an organisation within the central business district may only have a perimeter fence while a manufacturing plant in the outcast may have an extensive piece of land with grounds left empty for purposes of surveillance. According to Fennelly (2012), an inner layer should be integrated into the system to complement the outer layer, since once the outer layer is penetrated, an adversary should contend with the inner layer. The inner layer consists of components, such as high security windows, doors, surveillance camera, multiple locks, safes, roofs, optical bar code, biometric systems, and retina or voice recognition. Based on the systems theory, the outer layer and the inner layer combine their components to form an integrated security system. Again, within the context of security management, the physical protective systems are intended to create and maintain a steady-state, in spite of their vulnerability to external and internal environment (Smith & Brooks, 2012). Accordingly, systems approach to physical security implies that the design and functioning of the physical security follows the instruction of systems theory, which insists that physical security should be designed as system consisting of interrelated components functioning in sync and in collaboration to pull off total security (Cozens, 2008). Fenelly’s (2012) assumption reflects a similar line of reasoning. He is convinced that systems theory does not reduce physical security to the independent elements of its singular components. Instead, the theory focuses on organizing the components to interact and interconnect to function as a complete system. Obviously, Fenelly’s (2012) advocates for an arrangement of physical security layers to form a system. In fact, as Jones et al. (2006) attempt to explain, when it comes to setting up physical security, the systems approach places emphasis on the means by which an organized security system become sufficiently responsive to security threats once the specific security layers that form the system cope with their specific vulnerabilities of threats so that total security is achieved (Jonathan, 2009). In such an arrangement, the specific security functions are devolved to specific layers, where each contributes to realise the common objective of achieving total security. (b) Why is a systems approach necessary for the protection of assets? Systems theory contributes to development of effective physical security layers that are combined to form a system. Waldman (2007) contends that the systems approach has inestimable benefits. In his view, the systems thinking leads to elimination of what he defines as “silo framed thinking styles.” Silo thinking is, according to Coole (2010), trends where people react and think on individual basis, instead of a collective or team basis. Waldman (2007) goes on to explain that while silo thinking is aimed at simplifying or reducing the complexity inherent in a phenomenon under investigation, the systems thinking seeks to evaluate and integrate in order to flow with the same thought process. This implies that while the silo thinking seeks to solve each security potential risk in isolation, the systems thinking provides a holistic approach to solving all the security problems. Coole (2010) is cynical about such systems and contends that silo thinking tends to slow the net system outcomes, while the systems thinking prompts people and technologies to concentrate on the processes, quality of their interaction, and lastly the origin of the outcomes. Systems theory leads to comprehensive control of human behaviours, natural disasters and other risks that threaten the lifecycle of a protected asset. Indeed, Prezelj (2012) explain the physical security is divisible into two key components. These include the human aspect and technology aspect, since effective security demands efficient application of security personnel and equipment to play down the risks and effects of security breach or any such disruptive incidences. Patton and McMahon (2006) pointed to the broad concept of physical security in detecting, deterring, and responding invasive behaviour and argued that it requires a relatively comprehensive approach, such as systems theory, which is capable of addressing the unpredictable human behaviours. Therefore, systems theory attempts to solve complex human nature by devolving them to specific layers, which would otherwise be impossible to perceive when only one layer is used. For instance, while the physical barriers, such as an electric fence is capable of deterring external intruders within an office premise, it cannot deter internal intrusion, including where the company personnel breaks into a safe to steal money. In such an instance, while the electric fence will have the devolved function of protecting the facility from external intrusion, the surveillance cameras protect the facility from internal intrusion (Khairallah, 2006). The systems theory provides a proactive approach to security planning. As Fennelly (2012) contends, the effectiveness of physical security measures relied on the property under protection, the property location, as well as the implicit and explicit threats and vulnerabilities the property has to contend with. Application of the right protection calls for maximal understanding of the various components. For this reason, the physical security needs to be approached in a collaborative manner by all actors within the facility that should be protected based on their roles in the integrated system. Indeed, the security approach appears effective in achieving the role of bringing various actors together during the planning phase. This is perhaps why Fennelly (2012) emphasises the need to plan physical security from the start. Fennelly (2012) argues that all actors within the organisation need to work collaboratively as advocated for by the systems theory. In his view, taking such an approach ensures that security planning takes consideration of the entire protection requirements. Clearly, this is since various actors identify and recommend the specific risks and recommendations for their specific areas of focus. A similar view is shared by Davies et al. (2012), who argue that, such collaborative planning method proposed by the systems theory helps create optimal security cost-effectively. Fennelly (2012) concluded that when a systematic approach that combines the entire security factors is applied during the planning phase, it would cost-effectively reduce security breach. Systems theory helps in creating solid security architecture. By adopting systems approach during the process of designing security architecture, security professionals are able to build secure security systems containing all the security mechanisms aimed at guaranteeing effective enforcement of security goals to mitigate security risks. Indeed, as Walek and Masar (2013) elaborate, the design architecture operates on the system approach, where the elements of the designed security system address the holistic needs of a protected asset to ensure effective detection, delay, deterrence, and response to security threats. Based on the security approach, Vellani (2009) also explains that a security professional is able to identify and select the security features that should be integrated to secure an asset. It could lastly be reasoned that the systems approach provides a holistic outlook of the security components that interact, as well as how they interact to function collaboratively in attain the common objective of total security. This view is well supported by Alach (2007). In his view, the systems approach provides a rational plan or outlook of the constituent components of a system and their operational utility. This implies that it prompts the security architect to think about the purpose of the systems, and to innovatively recommend and implement components he perceives can bring about holistic security. Pearson (2011) also provides reasons to support the view that the systems approach provides a holistic outlook of the security components that interact. He argues that the decisive aim of prompting such component thinking is to identify and discover appropriate elements whose performance measures truly relate to the performance measures of the entire system. Waldman (2007) also contents that when a section or component of the system is altered, the nature of the entire system is altered. Clearly, it is perceivable that Waldman (2007) and Coole (2010) based their premise on the idea that by description, a system should be systemic, which means relating to or having a connection or effect to the whole system in entirety. In conclusion, the physical security controls should be approached as an integrated system, which is premised on Systems Theory since no single layer can effectively accomplish all security needs. This is since the subject of physical security is complex, as it consists of various elements that work together to attain the sole objective of providing solid security. Accordingly, insecurity problems are solved effectively when interrelated components that offer protection are combined to offer solid and holistic security based on layers. This also means that physical security components have to work as a system rather than independently. It is based on the assumption that the systems approach fits snugly. Overall, systems theory contributes to development of effective physical security layers that are combined to form a system. It also leads to comprehensive control of human behaviours, natural disasters and other risks that threaten the lifecycle of a protected asset. The systems theory also provides a proactive approach to security planning. Systems theory helps in creating solid security architecture. References Alach, Z. (2007). Mapping the elements of physical security towards the creation of a holistic physical security model. This thesis is presented for the degree of Master of Science (Security Science) at Edith Cowan University Arnold, B., Eagan, R., Falcone, P. et al. (2002). A Scalable Systems Approach for Critical Infrastructure Security. Albuquerque: Sandia National Laboratories Barbara, S. (2010). Secure Control Systems: A Control-Theoretic Approach to Cyber-Physical Security. Dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Mechanical Engineering Casteel, C. & C. Peek-Asa (2000). Effectiveness of crime prevention through environmental design (CPTED) in reducing robberies. American Journal of Preventive Medicine 18(4): 99-115 Clancey, G., Lee, M. & Fisher, D. (2012). Crime prevention through environmental design (CPTED) and the New South Wales crime risk assessment guidelines: A critical review. Crime Prevention and Community Safety, 14, 1–15 Coole, M. & Brooks, D. (2011). Mapping The Organizational Relations Within Physical Security’s Body Of Knowledge: A Management Heuristic Of Sound Theory And Best Practice. Perth: Security Research Centre Coole, M. (2010). The Theory of Entropic Security Decay: the gradual degradation in Coole, M., Corkill, J. & Woodward, A. (2012). Defence in Depth, Protection in Depth and Security in Depth: A Comparative Analysis Towards a Common Usage Language. Paper published in the Proceedings of the 5th Australian Security and Intelligence Conference, Novotel Langley Hotel, Perth, Western Australia, 3rd-5th December, 2012 Cozens, P. (2008). Crime prevention through environmental design in Western Australia: planning for sustainable urban futures. International Journal of Sustainable Development and Planning, 3(3), 272–292. Davies, F., Homrighaus, H. & Bernado, G. (2012). A Primer on Electronic Security for Schools, Universities, & Institutions Second Edition. Argylle: Aella Consulting Group Inc effectiveness of commissioned security systems. A Thesis Submitted to the Faculty of Computing, Health and Science Edith Cowan University Fay, J. (2006). Contemporary Security Management. Burlington, MA; Butterworth-Heinemann Fenelly, L. (2012). Effective Physical Security. (4th ed.) Waltham, MA: Butterworth-Heinemann Feruza, S. & Kim, T. (2007). IT Security Review: Privacy, Protection, Access Control, Assurance and System Security. International Journal of Multimedia and Ubiquitous Engineering 2(2), 17-30 Garcia, M. (2001). Analysis and Evaluation. In The Design and Evaluation of Physical Protection Systems. Boston: Butterworth-Heinemann. Jonathan, J. (2009). A psychological perspective on vulnerability in the fear of crime. Psychology, Crime and Law, 15 (4), 1-17 Jones, D., Davis, C., Turnquist, M. & Nozick, L. (2006). Physical Security and Vulnerability Modeling for Infrastructure Facilities. California: Sandia National Laboratories Khairallah, M. (2006). Physical Security Systems Handbook: The Design and Implementation of Electronic Security Systems. Burlington, MA: Butterworth-Heinemann Laing, C. (2012). Securing Critical Infrastructures and Critical Control Systems: Approaches for Threat Protection: Approaches for Threat Protection. Hershey: IGI Global Lorenc, T., Petticrew, M., Whitehead, M., Neary, D. et al. (2013). Environmental interventions to reduce fear of crime: systematic review of effectiveness. Systematic Reviews, 2:30 doi:10.1186/2046-4053-2-30 Marzbali, H., Abdullah, A., Razak, N. & Tilaki, M. (2011). A Review of the Effectiveness of Crime Prevention by Design Approaches towards Sustainable Development. Journal of Sustainable Development 4(1), 160-171 Patton, W. & McMahon, M. (2006) The Systems Theory Framework Of Career Development And Counseling: Connecting Theory And Practice. International Journal for the Advancement of Counselling 28(2):pp. 153-166 Pearson, R. (2011). Electronic Security Systems: A Manager's Guide to Evaluating and Selecting System Solutions. Oxford: Butterworth-Heinemann Prezelj, I. (2012) Challenges in Conceptualizing and Providing Human Security. HUMSEC Journal, Issue 2, 1-22 Sakip, S. & Abdullah, A. (2012). An Evaluation of Crime Prevention Through Environmental Design (CPTED) Measures in a Gated Residential Area: A Pilot Survey. Asian Journal Of Environment-Behaviour Studies 3(10), Vellani, K. (2008). Strategic Security Management: A Risk Assessment Guide for Decision Makers. New York: Butterworth-Heinemann Smith, C. & Brooks, D. (2012). Security Science: The Theory and Practice of Security. Oxford: Butterworth-Heinemann Waldman, J. (2007). Thinking systems need systems thinking. Systems Research and Behavioural Science, 24, 271-284 Walek, B. & Masar, J. (2013). Methodology for design of safe operating systems. Information Technology & Computer Science 4(1), 634-638 Walsh, J. (2002). Asset Protection and Security Management Handbook. Boca Raton: CRC Press Welsh, B. C., Farrington, D. P., & O’Dell, S. J. (2010). Effectiveness of Public Area Surveillance for Crime Prevention: Security Guards, Place Managers and Defensible Space. Stockholm: Swedish National Council for Crime Prevention. Wortley, R. and McFarlane, M. (2011). The role of territoriality in crime prevention: A field experiment. Security Journal, 24: 149-156 Read More