WK7 Operating Physical Security and Technology Centered Programs Paper

User Generated




The Point Papers are assignments for you to discuss material you consider significant from the assigned weekly readings.

Primary reference book: McCrie, R. (2016). Training and Development for High Performance. Security Operations Management, 3rd ed.; Butterworth-Heinemann

In Chapter 10, McCrie points out that most of the costs of security operations are personnel costs created by security services. He adds that the contradiction is that the nature of management is to keep costs down, which isn't always realistic. McCrie suggests that a way that security operating dollars can be made more effective is through the judicious use of physical security measures and electronic and computer-based technology to help prevent all types of losses.

McCrie: pp. 325-362 - Operating physical security and technology-centered programs

  • To understand the importance of physical security
  • To understand how countermeasures are used to reduce loss
  • To understand why all systems need backup power
  • To understand the pertinent features of access control systems

Unformatted Attachment Preview

Running head: SECURITY ADMINISTRATION AND MANAGEMENT Security Administration and Management Student’s Name Institutional Affiliation 1 SECURITY ADMINISTRATION AND MANAGEMENT 2 Table of Contents Executive Summary ........................................................................................................................ 3 Security Administration and Management ..................................................................................... 4 Introduction ................................................................................................................................. 4 Security Mission ......................................................................................................................... 4 Security Measures of the Facility ............................................................................................... 6 Program Management Practices ................................................................................................. 7 Threats and Vulnerabilities ......................................................................................................... 8 Domestic and International Terrorist Threats ......................................................................... 8 Common Security Threats .................................................................................................... 11 The Aspect of IT Infrastructure and Security of Institutions .................................................... 12 Conclusion ................................................................................................................................ 17 References ..................................................................................................................................... 19 SECURITY ADMINISTRATION AND MANAGEMENT 3 Executive Summary MorganSecurex Inc. considers institutional security measures as significant in ensuring that operations run smoothly without experiencing challenges. For a long period, firms have tried their level best to deal with the threat of domestic and international terrorism to protect employees and assets. The government requires institutions to incorporate all the necessary security measures so that workers can perform their respective duties without considering the state of their own protection. Organizational management teams should have an information security program that makes the relevant departments to perform their duties holistically with undivided attention. MorganSecurex Inc. utilizes the services of well-trained individuals who understand the importance of providing protection to institutions, including data management and identifying possible areas of weakness. The era of high rates of terrorist attacks requires security firms to leave no room for mistakes and ensure the protection of employees working for various organizations. MorganSecurex Inc. utilizes the aspect of security management, including the identification of all assets that belong to institutions, such as machines, workers, building, and information assets. The institutional management team ensures the application of processes, such as documentation, development, implementation of procedures and policies regarding the protection of all assets. Technological developments have benefited the world in many ways but security firms find the new environment challenging due to the emergence of a new wave of crime. The protection of organizational assets encompasses everything, including IT systems, which makes it compulsory to use the services of IT experts. Security firms have to deal with computer-based forensics to ensure that hackers and cybercriminals do not breach institutional IT structures. The development of a security culture in organizations plays an essential role of ensuring the protection of both people and assets. SECURITY ADMINISTRATION AND MANAGEMENT 4 Security Administration and Management Introduction All organizational management teams work hard to ensure the existence of appropriate security management tools in order to protect personnel, assets, and information structures for the purpose of initiating smooth running of operations. In this respect, the firm under review, MorganSecurex Inc. considers institutional safety measures as significant in ensuring that all activities run smoothly without major obstacles as a mechanism for achieving the set goals and objectives. Security firms experience problems associated with insider threats, especially regarding domestic and international terrorist activities that lead to radicalization of individuals, including highly-skilled employees and other normal criminal elements targeting specific assets of an organization (Alcaraz & Zeadally, 2015). As a renowned organization based on the services it offers, MorganSecurex can become the best security institution if the management adopts policies and acquires the latest equipment to curb terrorism and cyber-crime. Although organizations can handle the security of their personnel and assets, the use of a security firm helps to address threats, such as terrorism and cybercrime in a better way as compared to internal arrangements, which may fail to work due to conflict of interests and other issues. Security Mission All organizations consider security of personnel, assets, and information structures as crucial to the progress of the institution, as well as an aspect that necessitates the achievement of the set goals and objectives. In this respect, MorganSecurex Inc.’s mission involves ensuring the security of individuals and assets at all times since the management utilizes the services of experts in various capacities. As a way of ensuring that the organization achieves its goals, the board of directors and all management groups work together through collaboration and team SECURITY ADMINISTRATION AND MANAGEMENT 5 work, which helps to bring all employees together. In order to meet the needs of its clients, the organization requires $60 million annually to run its operations, especially curbing terrorist and cyber-related crimes. The funds will necessitate the purchase and use of advanced equipment, which will improve stakeholder confidence, as well as increase revenue collection. Technological developments of the last three decades have benefited the world in many ways. However, the adoption of the latest technologies in organizations have exposed them to security challenges associated with cybercrimes, including data breach and incapacitation of IT structures through hacking and related activities (Cavusoglu, Cavusoglu, Son, & Benbasat, 2015). Organizational security involves the consideration of principles and values regarding the management of information assets through the use of appropriate requirements in an effective way. The groups in charge plan, initiate, execute, control, and monitor information security engagements across the institution to achieve the set objectives associated with the security of the firm. Information structures safety protects companies against data breach and theft that can lead to the misuse of consumer personal details. In order to serve clients in the best way possible, IT experts and individuals who understand the importance of organizational security will work for MorganSecurex Inc. to maximize security of organizations (Knowles et al., 2015). Indeed, stakeholders appreciate the efforts of institutions that embrace security measures that focus on the protection of information systems. MorganSecurex Inc. offers security services to organizations that request its help, including personal security, IT infrastructure development, and general safety training programs. The services that the institution offers fit all organizations, such as the police and military departments. Indeed, the organization’s utilizes the services of highly-skilled individuals with a determination to accomplish the set goals and objectives. MorganSecurex Inc. focuses on SECURITY ADMINISTRATION AND MANAGEMENT 6 establishing a long-lasting approach to ensure that it achieves the needs of client institutions in addressing the security challenge. The organization utilizes the funds it receives each year to pay employees, purchase new equipment, training its workers, and repairing office machines, among other uses. Expenditure on activities that focus on improving institutional security require funding since security breaches can lead to loss of lives or financial losses in the case of data breach. As such, security improvements made within the organization enhance stakeholder confidence, hence high volumes of revenue collection. As the security director of MorganSecurex Inc., I believe that appropriate funding would help to attract the services of highly-skilled employees. Indeed, the management of IT infrastructure and other forms of security can assist the institution to achieve the set goals and objectives. The current organizational set up does not provide room for teamwork and collaboration, which jeopardizes the operations of the firm. As the security director at the company, I believe that all groups of employees can work together to achieve the set target and resolve security challenges facing organizations in the region. The issue of teamwork and collaboration allows employees from different cultural backgrounds to work together and complete tasks in time. The availability of sufficient funding would improve service delivery since the management can prioritize the protection of personnel and assets. As such, if employees feel safe, they work hard and ensure the accomplishment of the set goals and objectives. Security Measures of the Facility Although MorganSecurex Inc. offers security services to other organizations, the management has ensured that the company adopts security measures to improve consumer confidence. All employees working in the institution possess a specific code used to convey SECURITY ADMINISTRATION AND MANAGEMENT 7 messages. As such, outsiders cannot understand the flow of information from one point to the next, unless through the assistance of insiders. The firm has adopted security measures that protect employees and assets. MorganSecurex Inc. applies similar strategies in the organizations that seek its services. Every institution’s security structure adopts a specific security management program to avoid the occurrence of similar patterns that criminals can breach easily. In its premises, alarms and sensors play an essential role in alerting people regarding dangerous situations, including fire or any form of explosions. Furthermore, financial institutions that the organization serves benefit from highly-sensitive entry control sensors, especially designed for everyone accessing strong rooms. In case of a security breach, the systems sense the abnormality and initiate a lockdown that only the security team can reprogram to resume services. Program Management Practices As the security director at MorganSecurex Inc., I consider the process of hiring highlyskilled and experienced individuals as the most essential aspect for the organization. People who understand the dynamics of the security industry follow instructions and show determination and resilience in their work. MorganSecurex Inc. management team follows a specific program that incorporates planning, execution, and control of various activities to ensure maximum security for all institutions seeking services from this company. Moreover, the security firm such as MorganSecurex Inc. cannot perform all activities without liaising with the organizations seeking the services. Management teams in all organizations device ways to seal all loopholes that can lead to security breach, including strategic road mapping, security integration life cycle, and business liaison and engagement (Christensen et al., 2015). The practices that service providers adopt enable client institutions to play their part in order to protect personnel and assets. SECURITY ADMINISTRATION AND MANAGEMENT 8 MorganSecurex Inc.’s services play an essential role in other organizations since protecting personnel and assets reduces incidents that can lead to loss of lives and theft or damage to property. In this respect, the organization is not a liability but an asset to the corporation. Throughout the world, firms seek the services of private security companies to supplement security that government provides. Although administrations ensure security of all citizens and their property, private firms cannot use government resources to boast the protection of their personnel and assets. However, in case a situation arises, government-based security agencies help to mitigate the situation (Abrahamsen & Williams, 2007). As such, security firms such as MorganSecurex Inc. provide security services and train employees on ways to stay alert at all times. The presence of private security personnel in institutions boosts consumer confidence, and the teams liaise with the police department to curb criminal tendencies. Threats and Vulnerabilities Domestic and International Terrorist Threats Domestic and international terrorist threats continue to cause havoc in organizations, including security institutions, such as the police department and other private security firms. As such, the issue of terror attacks continues to threaten the organization (MorganSecurex Inc.) since no one can predict the activities of terrorists (Christensen, Lægreid, & Rykkja, 2015). For instance, the US has experienced terror attacks involving citizens as perpetrators due to the high rates of radicalization. The involvement of foreign-based extremists has remained scarce, which means that they use radicalization to accomplish their objectives. In such situations, security firms, including MorganSecurex Inc. find it hard to deal with the situation due to its high unpredictability levels (Christensen et al., 2015). Irrespective of the challenges experienced SECURITY ADMINISTRATION AND MANAGEMENT 9 regarding terror activities, security firms have to devise ways to find solutions of curbing both domestic and international terror threats. The institutions seeking security services from MorganSecurex Inc. site terrorism as one of the reasons they need armed security guards at their premises. In this respect, the firm under the leadership of the highly-skilled individuals trains and equips all employees with skills to perform their respective tasks. If stakeholders realize that a firm does not meet the necessary security measures, they can opt for other institutions that have higher standards. The departure of key investors can lead to the closure of an organization, which management teams can prevent through outsourcing security services (Silke & Schmidt-Petersen, 2017). In this respect, many firms consider the services of MorganSecurex Inc. due to its prowess in implementing notable and reliable policies. Indeed, the organization’s management team considers client satisfaction as an achievement towards creating a sustainable future in the industry, irrespective of the challenges experienced. Terror threats negatively impact investment, economic growth, and trade flows in the highly prone regions. Although the US boasts of the most advanced security structure in the world, the threat of terrorism affects business operations, which lead to the decline of organizational performance and the overall economic growth. In order to curb both domestic and international terror threats, MorganSecurex Inc. uses its budgetary allocation to purchase the latest equipment to detect weapons. Security officers working for the organization possess skills that match those of the military personnel to ensure that the individuals execute their responsibilities extremely well. The issue of international terrorism arouses frightening episodes among the people since it assumes a “unique path” of killing innocent civilians (Rose et al., SECURITY ADMINISTRATION AND MANAGEMENT 10 2017). Indeed, the threat of terrorism even in developed countries means that administrations cannot guarantee the security of individuals due to the unpredictability of this form of crime. All organizations, including security agencies view terrorism as a threat since the pattern of attacks does not follow a particular path. However, MorganSecurex Inc. ensures that it follows all the necessary protocols, and the management does not tolerate mistakes or any form of procedural breach. Regions that experience high rates of terror attacks experience increased risks and cost of doing business since such establishment attract high insurance and security fees. Investors consider leaving such areas if the cost of running business goes beyond the manageable levels, which leads to underdevelopment (Baker, 2015). In order to help organizations to curb the threat of terrorism, MorganSecurex Inc. develops business continuity plans, crisis management programs, and business resilience approaches. All the structures adopted assist the various firms in planning and identifying measures for enterprises to survive after incidents of terror activities. The development of business continuity plans (BCPs) and crisis management programs enable organizations to respond to terror incidents using appropriate mechanisms that limit the overall damage to property and loss of lives. In this respect, MorganSecurex Inc. utilizes the various approaches to train employees on the various ways of avoiding terrorists in case such situations arise within the organizational premises. The challenge with some terror attackers relates to the use of suicide bombers, who target a group of people to ensure maximum number of casualties (Rose et al., 2017). If such a situation arises in the organization, employees should avoid the main entrances and use emergency exits to run away from dangerous scenarios. Security officers use their training to protect civilians and at the same time engage the attackers to minimize the number of casualties and injured people. SECURITY ADMINISTRATION AND MANAGEMENT 11 Moreover, in order to reduce terror threats in organizations, MorganSecurex Inc. will utilize the services of highly-skilled employees to assist in addressing the needs of all clients. Based on the services offered to other institutions, the security agency will use close to a quarter of its budgetary allocation on salaries and training activities. The processes will ensure that MorganSecurex Inc. engages all employees to protect personnel and assets of other institutions. In addition, the use of proprietary services saves the cost of training and hiring new employees as opposed to outsourcing efforts. Indeed, outsourcing from firms that specialize on a particular product or service can improve service delivery, but the process involves additional expenditure. Failure to follow the set guidelines exposes the institutions involved to vulnerabilities that can lead to security breach and huge financial losses. Common Security Threats Apart from domestic and international security threats, organizations face other forms of security concerns associated with high crime rates in specific regions. MorganSecurex Inc.’s management understands the scenario and trains its employees so that they can handle such situations. The threats can emerge from the client organizations if workers decide to collude with outsiders to commit crimes, including economic-related ones such as corruption or money laundering (Verhage, 2009). Indeed, since MorganSecurex Inc. offers its services to financial institutions, it handles such cases, which also threatens its integrity in situations that may involve the company’s employees. The presence of an information security program ensures that all relevant departments perform their duties holistically with undivided attention, and at the same time upholding the set ethical standards. As such, MorganSecurex Inc.’s management trusts its employees’ undivided attention in fulfilling the needs of the organization’s clients. SECURITY ADMINISTRATION AND MANAGEMENT 12 The presence of well-trained security guards in the premises of client institutions ensures that individuals with ill-intentions do not cause panic, injury, or any other form of disruption to normal business activities. MorganSecurex Inc. utilizes its resources in training officers in order to equip them with skills to handle crowds, rescue, and alert other security agencies if a major security issue arises. The guards understand that criminals can access an organization’s premises using the entry points, which should remain guarded at all times. Equally, petty criminals can access businesses, such as supermarkets or malls to “shoplift,” which leads to losses. As such, the presence of guards at such premises minimizes the occurrence of such incidents. MorganSecurex Inc. utilizes the services of well-trained individuals who understand the importance of providing protection to institutions so that they can realize the set objectives without incurring losses based on security breach of any form. The Aspect of IT Infrastructure and Security of Institutions The development of BCPs and crisis management programs enable institutions to respond to terror and other forms of criminal activities using appropriate mechanisms that limit the overall damage to property and loss of lives. As such, current technological developments pose a great challenge to organizations, especially those with inadequate funds to support the latest IT infrastructure (Knowles et al., 2015). MorganSecurex Inc. assists institutions in all areas of security aspects, including cyber-related issues, during emergency situations, and dealing with common criminal elements within the premises of client organizations. The consideration of security concerns in IT takes similar procedures with those of the normal scenarios, including demand management, security integration life cycle, intake and prioritization, risk, issue, and decision management, as well as strategic road mapping and business liaison and engagement. IT SECURITY ADMINISTRATION AND MANAGEMENT 13 infrastructure requires individuals who understand computer programming in order to initiate software and related programs to protect institutions against internal or external threats. MorganSecurex Inc. hires IT experts and uses their services to address challenges affecting other institutions that seek its assistance. Although technological developments have brought benefits to the world, cyber-crimes threaten businesses and other establishments that rely on IT structures (Skopik, Settanni, & Fiedler, 2016). The establishment of a department to deal with IT-related incidences increased the number of clients that seek MorganSecurex Inc.’s services. The developments indicate that today’s organizations rely on IT systems to store data. As such, the threat of data breach remains a reality and organizational management teams prefer outsourcing IT services in order to maximize success rates (Knowles et al., 2015). The institutions seeking services from other firms such as MorganSecurex Inc. should share information with the service provider to ensure maximum protection of data. Indeed, outsourcing IT services encourages the use of the latest techniques and the processes do not use a lot of funds since firms offering such services already have the equipment and expertise. IT provides an opportunity for institutions to protect their information assets but the threat of data breach remains. Vulnerabilities exist in the area of employees since some of them can help outsiders to commit cybercrime (Knowles et al., 2015). The issue of insider threat regarding IT infrastructure can derail the activities of organizations since firms’ management teams cannot determine or predict the activities of their employees. As a way of avoiding such incidences, institutions rely on the honesty and transparency of their employees since individuals can only reveal crucial information to outsiders if they want to jeopardize operations (Posey, Roberts, & Lowry, 2015). MorganSecurex Inc. encourages its workers to align their SECURITY ADMINISTRATION AND MANAGEMENT 14 responsibilities with the set ethical standards and uphold societal moral values in order to fulfill the organization’ mandate of protecting personnel, assets, and information systems. Today, organizations outsource IT-related services since running such programs within the organizational set up can lead to over expenditure and exposure of the firms’ data to cybercriminals (Knowles et al., 2015). MorganSecurex Inc.’s management takes the security of IT systems seriously since any sign of weakness can lead to data loss and damage to IT infrastructure. Equally, the firms involved invest heavily to ensure the protection of both the organization’s and consumers’ data. In a few incidences, firms have suffered a series of data breaches without the managements’ knowledge. As a way of avoiding such situations, management teams should ensure that IT experts check the programs for updates or repairs to ensure maximum protection of information (Skopik et al., 2016). The large data that organizations handle increase the possibility of attacks from hackers, which institutions such as MorganSecurex Inc. can handle to prevent data breach of any kind. The application of security administration and management involves the use of security principles, which necessitate the accomplishment of the set goals and objectives. IT experts recommend individuals holding specific passwords to change them regularly to reduce the possibility of leakage to the external environment (Hashem, Takabi, GhasemiGol, & Dantu, 2015). Equally, if some employees leave their positions due to personal or other reasons, the adoption of new passwords and encryptions can prevent the possibility of data breach. In this respect, MorganSecurex Inc. ensures that all organizations it serves follow all procedures that limit information leakage to the outside world. Collaboration, team work, and sharing information between MorganSecurex Inc. and client firms ensure that all stakeholders get involved during decision-making processes. The adoption of the latest technology in all SECURITY ADMINISTRATION AND MANAGEMENT 15 organizations, including financial institutions attracts the attention of cyber criminals (Posey et al., 2015). Therefore, the protection of organizational data depends on the integrity levels of employees entrusted to run the IT infrastructure. Firms continue to face risks associated with corporate data loss, which reduces consumer confidence due to identity theft. Financial institutions’ adoption of the latest technology to perform transactions through online platforms exposes them to risks of data breach through hacking and related activities (Drab, 2011). Indeed, the networked peripheral poses a great threat to firms’ assets, personnel and client information, as well as trade secrets. MorganSecurex Inc. utilizes the weak links appropriately to ensure that hackers or cyber-criminals do not access vital information that can lead to financial losses of the firm or customers. The company protects individuals sending unprotected files to servers since such practices can lead to data breach if the documents originate from malfunctioning devices (Drab, 2011). The use of firewall can block possible attacks within a network, but organizations should invest in the latest technology to ensure maximum protection of information assets. Organizational management teams can succeed if the decision makers appreciate the threat of data loss, especially considering the aspect of insider threat. IT experts and security firms recommend all firms to initiate non-compliance penalties so that anyone at fault can take responsibility (Drab, 2011). In this respect, MorganSecurex Inc. ensures the completion of the certification process through security evaluation as a way of setting appropriate security requirements. Additionally, the organization encourages client institutions to use the latest technology that can help in securing all information, such as documents, scanned files, and customer details. In situations where organizations fail to use the appropriate mechanisms to protect data, cyber criminals can access vital information that they can use to commit crimes SECURITY ADMINISTRATION AND MANAGEMENT 16 (Hashem et al., 2015). Indeed, failure to implement security measures in the organization puts it a risk of cyber-attacks via unsecure networks or insider threats. The development of viruses that can attack institutions’ IT infrastructure pose a threat to the global economy since many firms report losses of millions of dollars. Organized “online” criminals find ways to steal personal information that they can use to defraud financial institutions (Drab, 2011). Equally, terrorists can access crucial information about financial institutions and acquire money through fraudulent means in order to fund their operations. MorganSecurex Inc. utilizes all security protocols to ensure client organizations adhere to the set guidelines as a mechanism for protecting personnel and assets and avoid all forms of security threats in the future. Although the federal government protects firms via The Economic Espionage Act, hackers and other cyber-criminals continue to cause havoc in organizations (Drab, 2011). All parties should come together and agree on security issues to prevent information from leaking to outsider elements. MorganSecurex Inc. encourages its employees to exercise the security principles in place to ensure that the organization provides services to other institutions using the appropriate mechanisms. The management requires all employees to uphold secrecy, especially regarding passwords and encryptions and individuals in charge of escorting vehicles transporting cash to various financial institutions (Skopik et al., 2016). Moreover, the issues of integrity and availability play an essential role in addressing the needs of the organization regarding security measures. Integrity means that individuals provide assurances that the stored data has high levels of accuracy and stakeholders can rely on it whenever need arises. Employees should not share passwords with outsiders or allow individuals to access systems internally since such forms of penetration can create weak links that can lead to cyber-attacks (Paté‐Cornell, Kuypers, Smith, & SECURITY ADMINISTRATION AND MANAGEMENT 17 Keller, 2018). The process following audit activities require the initiation of audit data protection to eliminate possibilities that can lead to data breach. IT systems upgrade improves security levels, which make it hard for hackers to access the system. The adoption of BCPs helps organizations to deal with emergency situations and guides experts in the process of dealing with the crisis. As a way of ensuring that the individuals involved address all the problems, the plan bases its measures on the actions that everyone takes to address the threats (Drab, 2011). However, MorganSecurex Inc. would not wish to allow the problem of cyber-attacks to derail activities of institutions that use its services. In case a situation arises that brings down systems, the IT team embarks on continuity, recovery, and contingency planning, as well as restoring the damaged systems. Furthermore, IT experts can trace the path of ‘destruction’ and adopt mechanisms to avoid, mitigate, and contain emergency scenarios in the best ways possible (Paté‐Cornell et al., 2018). MorganSecurex Inc.’s management team should note that employees pose the greatest threat to the IT infrastructure of any organization. As such, the change of passwords should occur regularly to eliminate the possibilities of insider threats completely. Conclusion All security processes require stakeholders to work together and make decisions that lead to amicable solutions to existing problems. In this respect, the organization could benefit if it applied all security management principles to leave no room for errors. The management team should ensure that all its employee follow protocol at all times (Alcaraz & Zeadally, 2015). IT structure requires highly-skilled individuals to ensure the protection of information systems in the organization. The protection of organizational assets encompasses everything, including IT systems, which makes it compulsory to use the services of IT experts. Moreover, the era of high SECURITY ADMINISTRATION AND MANAGEMENT 18 rates of terrorist attacks requires security firms to leave no room for mistakes and ensure the protection of employees working for various organizations. On the same note, security firms have to deal with computer-based forensics to ensure that hackers and cybercriminals do not breach institutional IT structures. While institutions can handle the security of their personnel and assets, the use of experienced security firms helps to address threats, including terrorism and cybercrime. SECURITY ADMINISTRATION AND MANAGEMENT 19 References Abrahamsen, R., & Williams, M. C. (2007). Securing the city: private security companies and non-state authority in global governance. International Relations, 21(2), 237-253. Alcaraz, C., & Zeadally, S. (2015). Critical infrastructure protection: Requirements and challenges for the 21st century. International Journal of Critical Infrastructure Protection, 8, 53-66. Baker, D. M. A. (2015). Tourism and terrorism: Terrorists threats to commercial aviation safety & Security. International Journal of Safety and Security in Tourism and Hospitality, 1(12), 1. Cavusoglu, H., Cavusoglu, H., Son, J. Y., & Benbasat, I. (2015). Institutional pressures in security management: Direct and indirect influences on organizational investment in information security control resources. Information & Management, 52(4), 385-400. Christensen, T., Lægreid, P., & Rykkja, L. H. (2015). The challenges of coordination in national security management–the case of the terrorist attack in Norway. International Review of Administrative Sciences, 81(2), 352-372. Drab, D. F. (2011). Network peripherals: A weak link in security and an open gateway for attackers. Information Systems Security. Retrieved from http://www.infosectoday.com/Articles/networkedperipherals.htm Hashem, Y., Takabi, H., GhasemiGol, M., & Dantu, R. (2015, Oct). Towards insider threat detection using psychophysiological signals. In Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats (pp. 71-74). ACM. SECURITY ADMINISTRATION AND MANAGEMENT 20 Knowles, W., Prince, D., Hutchison, D., Disso, J. F. P., & Jones, K. (2015). A survey of cyber security management in industrial control systems. International Journal of Critical Infrastructure Protection, 9, 52-80. Paté‐Cornell, M. E., Kuypers, M., Smith, M., & Keller, P. (2018). Cyber risk management for critical infrastructure: A risk analysis model and three case studies. Risk Analysis, 38(2), 226-241. Posey, C., Roberts, T. L., & Lowry, P. B. (2015). The impact of organizational commitment on insiders’ motivation to protect organizational information assets. Journal of Management Information Systems, 32(4), 179-214. Rose, A., Avetisyan, M., Rosoff, H., Burns, W. J., Slovic, P., & Chan, O. (2017). The role of behavioral responses in the total economic consequences of terrorist attacks on US air travel targets. Risk Analysis, 37(7), 1403-1418. Silke, A., & Schmidt-Petersen, J. (2017). The golden age? What the 100 most cited articles in terrorism studies tell us. Terrorism and Political Violence, 29(4), 692-712. Skopik, F., Settanni, G., & Fiedler, R. (2016). A problem shared is a problem halved: A survey on the dimensions of collective cyber defense through security information sharing. Computers & Security, 60, 154-176. Verhage, A. (2009). Between the hammer and the anvil? The anti-money laundering-complex and its interactions with the compliance industry. Crime, Law and Social Change, 52(1), 9-32.
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

sorRRY, sP UPLOADED WRONG FILESPlease use this



Impact and Issues of Physical Security
Student’s Name
Institutional Affiliation



This document discusses the objectives and importance of physical security in the
organization. This article describes the consequences of physical security breaches. In detail,
essential elements of physical security are analyzed, such as access control, monitoring and
alarm system. Besides, all the problems and implications of physical security are described in
Physical Security
Physical security is one of the most important aspects of a company's security system.
However, the security aspect is often overlooked or underestimated when it comes to issues like
viruses, hackers, spyware and so on. Physical security covers many areas and departments of the
organization. As a result, employees often overlook the importance and complexity of physical
security. The primary goal of physical security is to control access, protect against theft, and
ensure that the organization's operations are always present. Physical security means protecting
software, hardware, networks and event data such as fires, natural disasters, and theft and so on.
These events will severely damage the organization's resources and reputation if its security rules
are not respected the organization
To achieve physical security objectives, each physical security plan must include specific
corrective actions, such as Guidelines and Procedures, Personnel, Obstacles, Equipment, and
Records. Ouyang (2012) indicates that there are different categories of security controls, such as
administration, inspections, physical controls, and technical controls. The body controls such as
doors, walls, fences, etc., protect buildings. Technical controls are also called logical controls,
such as. Like a camera, fire/smoke alarm system, etc. There are several types of security
controls, for example: For example, policy reviews, preventative controls, disallowance checks,



follow-up checks, hotfixes, and restore checks. There are two types of threats to the physical
environment: one is natural or environmental, and the other is artificial. Environmental threats to
the environment include fl...

Really great stuff, couldn't ask for more.


Similar Content

Related Tags