Protective perimeter security must continue to adapt and evolve to meet the changing threats to national and business infrastructures. New requirements from clients looking to protect both tangible and intangible assets must be accommodated. Against a backdrop of the need for reliable and consistent Hostile Vehicle Mitigation (HVM), new technologies and innovations need to be accommodated. All this must happen whilst the perimeter security industry faces severe cost pressures.
Things are changing, wherever you look. Here are just some of the developments that I have noted in my discussions with perimeter security suppliers, government agencies, trade associations and organisations seeking to reduce and manage their security risks.
Organisational resilience As individual disciplines evolve and security practitioners look for solutions that are multi-layered, integrated and complex enough to defeat attacks, it is, perhaps, inevitable that areas once thought of as separate are seen as part of an interconnected whole. Areas such as protective security, disaster management, business continuity management and risk management are being brought together under an organisation’s single management system. This in turn is leading to development of thinking, not only about mitigation of a disastrous event but also about how an organisation should be designed to be more resilient in the first place. As with other capabilities, designing in security has always made better sense than retrofitting later. Hopefully, we will soon have some authoritative guidance on organisational resilience in the form a framework standard from BSI, BS 65000, which is currently under development.
Looking at the same problem from two different perspectives can often yield different but complementary answers. This is the case with security risk management. The more traditional way of looking at risks is by identifying threats and vulnerabilities, assessing likely impact and then designing mitigation measures to eliminate or reduce the organisation’s risks. Business continuity practitioners, however, work from the other direction by looking at what is vital to an organisation, how it could fail or be defeated and then devising a plan to protect key assets. A combination of these approaches in an organisation’s security risk management processes would seem to be beneficial.
Evolving requirements New requirements combined with industry know-how can often result in new solutions. As I look across the products on offer from members of the Perimeter Security Suppliers Association (PSSA), I have noticed three particular trends. Firstly, there are a growing number of combined solutions now on offer. Whether from a single supplier or from a collaborative initiative between suppliers, products are now available that address multiple risks, including for example, protection against manual attack and HVM.
Secondly, whether it is in a combat zone or at a major event, clients are demanding more rapidly deployable solutions, without the sacrifice of security integrity.
Thirdly, with the wide choice of products available from a variety of sources, demand is increasing for more interchangeable systems. In addition, the increasing use of information and communications technologies to control this kit will also prove to be interesting, to say the least.
Barriers to barriers Some challenges in HVM are not directly related to the problem or the solution but are more systemic in nature. Three in particular seem to continually work against the implementation of successful perimeter security solutions.
The first of these concerns health and safety. Why is it when there is only one law of the land (albeit with multiple parts!) and supplying companies essentially only have one management system providing internal controls that the construction industry insists on having nearly forty different sets of requirements for demonstration of health and safety competence? To look at some company’s web sites and vehicles at the range of health and safety ‘badges’ on display, you could be forgiven for not understanding the real focus of their business. Now don’t get me wrong, I am a regular recipient of HSE notifications and admire their approach to information provision. I also sympathise with the health and safety myth problem, but when I see the cost endured by most SME’s funding needless administration because their (larger) customers require HSE evidence presented in their own preferred format, it does make me sigh.
The, so far ineffective, measures such as BSI PAS 91 and Safety Schemes in Procurement are noted; but perhaps it is time that industry itself got more involved?
Whenever I attend industry gatherings, two interlinked issues are always raised – poor specification and sub-optimal procurement. The fragmented nature of the perimeter security supply chain exacerbates these problems, with HVM supply knowledge being separated from user requirements. Clearly, security needs must be taken into account but assurance across the entire value chain is required for HVM applications to be successful.
Revised international standards CPNI continue to drive the HVM standards agenda both nationally and internationally. In the UK PAS 68:2013 – Impact test specifications for vehicle security barriers systems and PAS 69:2013 – Guidance for the selection, installation and use of vehicle security barriers have superseded earlier versions, which have now been withdrawn. The revisions incorporated changes in best practice and are mainly technical in nature. The classification codes, used to convey performance, have been updated.
Although the above represent routine review and updating of existing standards, perhaps of more significance is the publication of two International Workshop Agreements.
IWA 14-1:2013 – Vehicle security barriers – Part 1: performance requirement, vehicle impact test method and performance rating according to ISO “specifies the essential impact performance requirement for a vehicle security barrier (VSB) and a test method for rating its performance when subjected to a single impact by a test vehicle not driven by a human being.”
Its companion document IWA 14-2:2013 – Vehicle security barriers – Part 2: Application “provides guidance for the selection, installation and use of vehicle security barriers (VSBs) and describes the process of producing operational requirements (ORs). It also gives guidance on a design method for assessing the performance of a VSB.” The IWAs bring together both UK and USA requirements for the first time.
The threat from terrorism is not reducing but adapting and evolving. HVM counter measures must also continue to do evolve to stay ahead of these threats and provide the degree of security and safety required to protect people and critical assets.