What are the security challenges of critical infrastructure facilities?
They call it “critical” for a reason. The so-called “critical infrastructure” is composed of the basic services that citizens have come to depend on, and which are necessary to support society and ensure national stability. The term includes high-visibility segments such as airports, refineries, transportation, wastewater, nuclear reactors, electric utilities, pipelines, and more. Because these functions are so critical, the stakes of providing security are higher than for any other market. We asked this week’s Expert Panel Roundtable: What are the security challenges of critical infrastructure facilities?
Each critical infrastructure sector faces many security challenges, and the impact of security failures on the general population can be significant in terms of human costs and harm to the economy. Security challenges within critical infrastructure include vandalism, theft, employee identification and verification, access control, natural disasters, regulations, and the increasing infiltration of connectivity and the Internet of Things. In addition, many critical infrastructure facilities are housed in harsh and hazardous environments, which adds to the challenges to keep employees and facilities secure. Proactive measures employing advanced surveillance technologies such as explosion-proof surveillance cameras, panoramic surveillance cameras, intelligent analytics and open platform video management system (VMS) and control solutions that enable higher levels of integration can deliver meaningful innovation that meets users’ specific surveillance and security objectives. In addition to delivering superior protection and situational awareness, intelligent surveillance systems can provide business intelligence and help mitigate risks and potential liabilities.
One of the biggest challenges facing the security of critical infrastructure is protecting against potential terrorist threats. This is particularly difficult if you are facing groups which have little regard for their own personal safety, let alone that of employees, security staff or the public! Naturally security systems can always make it far more difficult to attack a facility, but no system is able to prevent this fully. In many ways, securing critical infrastructure is now just as much about addressing the issues behind terrorist attacks – “prevention” as well as “cure.” Our society faces threats from across the political landscape as different groups develop dangerously polarised views of the society we live in. Equally, modern online media makes it far easier for terrorists to train, recruit and be noticed. As well as securing critical infrastructure, we need to address these issues too.
Americans have quickly moved into the age of smart devices. We see it in our phones, our cars and our households. Security systems have also become very smart. Analytics-based detection software must rely on tested algorithms and advanced imaging sources to reduce false alarms. The data is fed into a video management system (VMS) to trigger other automated access controls to address the situation. All are interconnected. Understanding these streams of data and making sure the devices obtaining this data are in top performing condition during their lifecycle should be a priority for any critical infrastructure facility. Degradation or failure of lower quality devices in this stream will have an impact on your total response (time and actual response type). What is the weakest link in the chain? Don’t compromise on equipment when it comes to critical infrastructure.
Industrial areas and critical infrastructure facilities often are faced with a unique set of challenges that make them more difficult to protect. Often, they are in remote locations with limited resources to respond to potential threats – especially in person. The remote locales may make human guarding challenging if not altogether impossible. Additionally, these locations are often the focus of attacks, as they can have a significant impact on residents of an urban centre (such as an electrical grid) or potentially dangerous materials (such as an oil and gas production facility). Some of these challenges can be met by taking a collaborative approach to security, melding human guards with robotic security guard solutions that can minimise liability, protect assets and increase surveillance along a perimeter. Not only does implementing robotic guards allow for a more cost-effective plan for protection, the added security can help boost productivity.
Critical infrastructure facilities are vulnerable to a number of security challenges, including terrorism and natural disasters. An example of this vulnerability is when snipers knocked out 17 giant transformers at an electrical substation in Metcalf, California, which is responsible for funneling power to Silicon Valley, on April 16, 2013. This is why we encourage end users to think beyond someone penetrating the perimeter, and have helped to identify several technologies that work together to provide a comprehensive solution. Every organisation’s situation is unique depending on the setting and identified vulnerabilities, so a tailored solution is essential for every critical infrastructure facility.
Lately, terrorists have called on followers to use vehicles to attack crowds. To stop such attacks, security professionals need to be cognizant of two different types of vehicle access points. The first would be in a location where the primary use is pedestrian but, frequently, vehicles need to pass through. An example could be an area, such as a mall at a university, in which the maintenance truck comes through to clean the square periodically. Such access points are well served by bollards, some moveable that go up and down to let vehicles through and others that are stationary. The other access points are those that are temporary. Sections normally open to traffic will be closed to create pedestrian paths and gathering points. These locations are best protected with crash-rated portable barriers that erect in 15 minutes and are then removed once the event is over.
The security risks facing a utility or telecom provider and other critical infrastructure facilities can have far-reaching consequences, including major disruption of core services. It’s essential to minimise the risk of any incidents that could disturb operations and lead to a loss of income or fines. Managing and monitoring numerous points of presence (PoP), from headquarters to production installations, across the country is complicated in terms of both organisation and logistics - and it’s made even more difficult when they are spread far apart with little or no network infrastructure available. The security management platform should be fully scalable, and access rights should be available locally under all circumstances.
Optimum physical security at an affordable cost is a key goal for management of critical infrastructure. Achieving this objective, however, can mean overcoming several challenges including incorporating legacy systems, integrating siloed solutions and automating error-prone manual operations. Advanced access control systems offer the needed functionality to streamline systems and reduce the potential for infrastructure risk. Through backward compatibility, perfectly good working legacy access systems can be migrated to the enterprise platform; integration with existing or new third-party software or hardware such as the venue’s credentialing process or video surveillance greatly extend the value of access control; and, manual processes such as badging, monitoring and more can be automated through the access control platform to free staff to focus on their primary responsibilities.
From terrorist threats to vandalism, the challenges of protecting critical infrastructure are varied and abundant. Fortunately, the physical security market provides many technology solutions to address these challenges, as enumerated by our Expert Panel Roundtable respondents, despite the fact that, as one of our panelists points out, it's almost impossible to prevent every attack. However, this does not lessen our responsibility to keep trying. The latest technologies provide valuable tools in our efforts.
- Getting to know Dan Grimm, VP and General Manager of Computer Vision at RealNetworks
- Big wins and the importance of showing up: Insights from SourceSecurity.com editor Larry Anderson
- Setting goals, business travels and radioactivity: Success secrets from Tiandy's John van den Elzen
- Getting to know Jeff Burgess, President/CEO at BCDVideo
- Related links
- Axis Communications CCTV software
- Axis Communications Intruder detectors
- Johnson Controls Limited Access control systems & kits
- Nedap AEOS CCTV software
- Pelco CCTV software
- Pelco CCTV cameras
- TDSi CCTV software
- TDSi Intruder detectors
- TDSi Access control systems & kits
- TDSi CCTV cameras
- Axis Communications IP cameras
- Pelco IP cameras
- TDSi IP cameras
- Axis Communications IP Dome cameras
- Pelco IP Dome cameras
- TDSi IP Dome cameras
- Axis Communications Storage
- Seagate Storage
A blind spot in governance, risk and complianceDownload
H.265 High Efficiency Coding: Video compression for security applicationsDownload
How to overcome the storage challenges of adopting surveillance AIDownload