Security Strategy Development

Dealing with uncertain and unpredictable threats requires strategy, not just activity. We work closely with clients to understand their risk and chart out how they can effectively protect their organisations.

Service
Overview

We understand that our clients share our commitment to a risk-led approach to protecting personnel, operations, assets and reputation. Security cannot be deployed and implemented for security’s sake: it must be linked to a robust understanding of the threat, challenged to ensure that it is appropriate and effective, and continuously improved. In this way, we align to best practice international risk management standards such as ISO31000: Risk management and ISO28000: Supply chain resilience.

The risk assessment process provides a framework for the continuous re-evaluation of the environment that you’re operating in, challenging assumptions and setting the priority of collecting and analysing new information which could change a security approach. Without the risk assessment process, and without a partner that can carry this out utilizing the right tools, techniques, and personnel, any project in a difficult environment is doomed to failure.

How We Can Help You

What are the steps needed to develop a comprehensive, risk-led security strategy?

Security intelligence generation

At AnotherDay we have access to some of the most comprehensive terrorism and political violence datasets available, sourced from our many partnerships, covering the globe. We also extensively utilize the latest in data mining and social media analytics to detect incidents very quickly and at a much more detailed and granular level than our competitors, and we use big data access to platforms such as Twitter to carry out accurate historical analysis. This helps us to generate relevant security intelligence for use in the threat assessment.

Threat assessment

Threat assessment, or ‘risk identification’ as it’s identified in the context of ISO31000, could be the most important component of the entire process. This stage takes and analyses intelligence, identifies threat actors (and their capability and intent), and sets the scene for assessing what risk scenarios could feasibly affect our client.

Risk analysis

Risk analysis begins to bring the client’s assets into the assessment process: this step ensures that the risk scenarios identified have been evaluated in comparison to the nature of the client’s assets to be protected. It also considers the influence of vulnerabilities and tactics, both of which are key drivers in whether an attack (or other risk scenario) would likely meet with success or failure.

Risk evaluation and risk treatment

The final risk assessment step – risk evaluation - assesses the likelihood of a risk materialising based on threat intent and capability, target attractiveness and protection measures in place; and it also assesses the impact of the risk materialising based on vulnerability and consequence of loss of critical assets. This scoring allows our security professionals to develop a prioritized risk treatment plan for action.

What components does a security strategy tend to include?

A fully developed security strategy is the foundational element of protecting people, operations, assets and reputation through a range of measures. We usually look at how a number of areas should interact to provide ongoing protection:

  • Intelligence/community information collection and analysis.
  • Physical security measures.
  • Mobile security measures, close protection and journey management.
  • Emergency response plans.
  • Evacuation planning.
  • Technical security measures.
  • Liaison with military and security forces.

Contact our team today