Security Risk Assessment
Client’s Situation, Threats, and Challenges
In 2013, Rozin Security began working with a public transportation provider in a major metropolitan area in Minnesota. The client provides an integrated network of buses, light rail, and commuter trains, as well as resources for carpooling, walking, and biking. The client provides transportation options for an average of 250,000 individuals every weekday, including professionals, students, and recreational travelers. The system provides more than 70 million bus trips annually in the metropolitan area it serves.
The client’s biggest challenge is maintaining balance between efficient operations and high-level security. As a critical source for public transportation services in a bustling metropolitan area, the client needs top-notch safety solutions that protect its relevant assets – passengers, equipment, utilities – in the light rail system, operations and maintenance building, and central communications building.
Rozin Security Approach
Rozin Security’s typical protocol involves an in-depth security risk assessment followed by efficient, proven, and cost-effective solutions. [JB1] In this case, Rozin Security performed a full security and risk assessment of all the client’s light rail stations (19 in the original report, 23 in the follow-up report), along with the operations and maintenance building and central communications building.
The first step was for Rozin Security and the client to identify the key assets that should be protected. These included employees and customers, utilities, and equipment critical to the functionality of the building or the system as a whole.
Next, Rozin Security analyzed typical threats against the transportation industry – left- and right-wing extremist groups, terrorists, former employees, etc. – as well as threats that were particularly pronounced because of the client’s assets’ locations. Included in this analysis were previous attacks on similar sites and an investigation of various aspects of the local cultural and legal frameworks which may increase the ease and likelihood of attack against our client’s facilities.
The core feature of Rozin Security’s report was an onsite assessment of the client’s assets followed by corrective measures. In addressing the client’s vulnerabilities, Rozin Security traditionally divides the corrective measures into three broad categories:
- Physical security features (exp. fencing and window safety features).
- Technological security features (exp. access control mechanisms and closed-circuit television cameras)
- Human asset security features (exp. increased security personnel presence and better-defined protocols).
Rozin Security then addresses these categories as they apply to a variety of locations at the client’s facilities, ranging from the facility perimeter to high-value rooms inside such as utility and data rooms.
Once the site’s total risk was established, consultants provided recommendations for physical, technological, staffing, policy, and procedural corrective measures that would improve the site’s security preparedness in the face of relevant threats. Recommended corrective measures were prioritized based on their abilities to deter, prevent, detect, and respond to relevant threats. In this way, consultants were able to highlight those corrective measures that would provide the greatest return on investment for the individual site.
Through this project, Rozin Security consultants demonstrated the ability to address the organization’s security needs at both the micro and macro levels. At the micro level, consultants identified and prioritized individual assets as they related to the operations such as adding access control features at specific doors in particular facilities. At the macro level, Rozin Security suggested implementing new policies at all individual sites.
Rozin Security offers security consulting services to help you design a comprehensive and proactive security plan to meet the needs of your organization today, and over time.