The term ‘converged risk’ has been accepted for almost ten years, but its understanding and scope are changing constantly as cyber threats evolve rapidly and as physical security systems have become more integrated and IP-based. While commentators regularly offer updated guidance and warnings, industry has been slow to adopt an approach that really tackles converged security threats comprehensively.
In response to the reality that many firms learn best from painful experience, Optimal Risk Management has developed a security exercise capability, to demonstrate converged security risk to companies as a critical first step to raising awareness and building acceptance of the converged reality that they operate within.
Mike O’Neill, MD of Optimal Risk said: “Resilience is a key consideration for most firms, and we developed a Red Team methodology to simulate the type of sophisticated scenarios that they need to be resilient to. By adding an advanced cyber capability to our established physical security consulting services, we can test security measures using ‘real-world’ threats.”
The Red Team approach is the consultancy says gaining traction in different settings, from countering industrial espionage and organized crime, to protection of critical infrastructure.
Dan Goodbody, Director of Maritime services said: “We see great opportunities in the Maritime space to run security exercises for ports and port facilities. This is one of the most complex security environments and the scenarios we have developed with our cyber team really demonstrate how vulnerable the integrated operations at a port complex can be”.
After a two year consultation, a new ANSI ASIS Physical Asset Protection standard has been published that offers new guidance which O’Neill sees as an important step in raising engagement over converged security risk. In parallel to developing Red Team services, Optimal Risk has put in place a comprehensive set of Blue Team services spanning physical and cyber domains.
O’Neill said: “Once a client learns about his vulnerabilities from a security exercise, we are well positioned to provide consulting and support to reinforce their security and build their resilience. What we now offer clients is the opportunity to test their preparedness and response to a blended nature of threats, and then a balance of tactical fixes for immediate remediation and strategic measures that will more proactively address vulnerabilities.”
Blue Team physical services range from planning and advisory services and risk consulting through to counter-espionage services and training. The cyber team offers from DDo mitigation, forensics, incident response, to reverse engineering Secure Development Lifecycle services and bespoke cyber defence.
O’Neill. added: “Our aim is to ensure that clients are prepared for anything. It requires a proactive approach, because it will prove increasingly ineffective to be reactive to some of the emerging cyber threats and they will severely test our understanding of resilience in the future. ”
For more information about Optimal Risk visit www.optimalrisk.com and download our latest papers or come and visit at stand L16 at Counter Terror Expo, April 24 and 25.
