This is for the reason that critical infrastructures are big, extensively dispersed, mostly owned by private developers (Moteff & Parfomak, 2004). Whereas there is huge pressures to protect everything at the moment, and scores contending for requests for funding solutions from the federal government, Moteff and Parfomak (2004) noted that realities of budget have limited accessible alternatives. In spite of a gargantuan amount of resources and effort utilised to security recently, considerable advancement appears to be wanting.
Correspondingly, engineering changes are making conventional security analysis methods more and more invaluable(Uygun, Huang, & Lou, 2006). Given that the majority of such methods were designed more than five decades ago when systems were above all composed of electromechanical elements, which were less multifaceted as compared to modern software-intensive systems (Tribble & Miller, 2004). Therefore, novel more authoritative techniques for safety analysis, rooted in systems theory, have been developed and fruitfully utilised on a diverse modern systems, such as nuclear power plants, medical devices, aircrafts et cetera.
Systems theory can, equally, offer a controlling basis for security. A further advantage of Systems theory approach is the possibility for generating an incorporated approach to both safety as well as security. 2.1 Systems Approach to Physical Security Basically, physical security illustrates security measures meant for denying unlawful access to resources, equipment as well as facilities, and to shield property and personnel from harm and damage like terrorist attacks, spying, or theft (Jenkins, 2014).
Nowadays is a digital age where the gathering, analysis, mainlining, and storing of information is exceedingly imperative. Marren (2006) asserts that for any activity to be initiated in an individual, organization, or enterprise, it is vital that diverse forms of information be created as well as managed. Therefore, significances of information systems that gather data, store it, as well as manage by means of an information intellectualization process have heightened progressively on a daily basis.
Even though such an information system offers handiness for users in processing projects, Matsufuji and Imamura (2000) note that a more cautious management is needed for protecting information owing to diverse environments as well as reasons. Since a number of cautiously utilised information is overlooked, owners of data are immediately restrained. Hence, it is essential to identify the impact as well as significance of business continuity management as well as harms of likely threats are to be reduced by means of planning a strategy that can approximate ripple effects for all risk factors as well as organization responses Despite enduring a number of adversities such as flooding that hang up systems for information, Matsufuji and Imamura (2000) put forward that a counterplot for the adversity is only inflating valid budgets.
This is because business continuity has been suggested as a counterplot for the computer room flooding caused by operating backup data-established sites, or containers that are movable. To operate a storage designed for backing up data remotely as well as making use data-based sites, or movable containers, then periodic expenses as well as contracts are needed and that results in inflated budgets: this has created the need for defence in depth (Park et al., 2011). 3.0 Defence-In-Depth Defence in depth as per Cleghorn (2013) is the coordinated utilisation of diverse security countermeasures for protecting the data/information assets’ integrity in an organisation.
This strategy is rooted in the principle used by the military that it is harder for an enemy to overpower a multi-layered and multifaceted defence system as compared to penetrating just one barrier. What’s more, defence in depth reduces the chance that the attempts of malicious attackers will accomplish something.
Read More