Docstoc

Physical Security Assessment Training - PDF

Document Sample
Physical Security Assessment Training - PDF Powered By Docstoc
					Critical Infrastructure Protection
               “Homeland security assistance should be based strictly on
               an assessment of risks and vulnerabilities.....

               ...It [Homeland Security] should supplement state and local
               resources based on the risks and vulnerabilities that merit
               additional support.”

               -9/11 Commission Report




Risk & Vulnerability
Assessment Training
Applicable to all National Critical Infrastructures:
FOOD
WATER
ENERGY
KEY ASSETS
AGRICULTURE
GOVERNMENT
PUBLIC HEALTH
TRANSPORTATION
DEFENSE INDUSTRY
CHEMICAL INDUSTRY
POSTAL AND SHIPPING
BANKING AND FINANCE
EMERGENCY SERVICES
INFORMATION AND
 TELECOMMUNICATIONS
The nation’s Critical Infrastructures face a myriad
of physical and technical threats.

These threats, whether natural, man-made, accidental
or intentional, each carry a certain level of risk that
could compromise national security, public safety, and
the economy.

Critical Infrastructure owners/operators and U.S.
Government officials at all levels have a responsibility
to take action to mitigate these risks.



      IIT’s Subject Matter Experts                 The first step in securing Critical
      have conducted RVAs of :
                                                   Infrastructures is the performance of
          Freight and Passenger Rail               a full spectrum Risk and Vulnerability
          Systems                                  Assessment (RVA).
          Water Utilities
          Ports                                    An RVA is an assessment of an
          HAZMAT Transportation                    organization’s critical assets and the impact
                                                   of their degradation, their vulnerability to
          Chemical Plants
                                                   exploitation, and the nature and likelihood of
          IT Infrastructures
                                                   specific threats.
          Emergency Operations Centers
          and Homeland Security
          Installations                            The successful execution of an RVA requires
          U.S. Government and                      highly skilled, knowledgeable, and trained
          Military Installations                   personnel.
      IIT is committed to Critical
      Infrastructure Protection. IIT has
                                                   IIT, a leader in the Risk Management and
      established, and operates 24/7,              Information Security field, has developed
      Information Sharing and Analysis             a comprehensive and cost effective Risk
      Centers (ISACs) for three Critical
      Infrastructure Sectors and the
                                                   & Vulnerability Assessment Training
      Operations Center (security and              Program to meet these needs.
      intelligence) for the North American
      Freight Railroad Industry.




CONTACT: 703.478.7600
Gary Williams (gwilliams@ewa.com) or Keith Kennedy (kkennedy@ewa.com)
        IIT’s Risk & Vulnerability Assessment Training Provides:


      Long-term Security Solution

      Immediate Realization of Increased Protection

      Turn-Key Operation Complete With Procedures, Policies, and Assessment Formats

      Proven, Documented, and Repeatable Risk and Vulnerability Assessment Process

      Comprehensive Physical and Technical Risk and Vulnerability Assessment Approach

      Hands On Training - Students Learn By Doing

      Trained Risk and Vulnerability Assessment Team Consisting of Your Own Personnel

      Assessments of Two Critical Infrastructures

      Authoritative Response to Proposed / Actual Government Regulations and Inspections

      GSA Approved Rates and Schedule; DHS and Emergency Management Performance Grants
      Applicable




The IIT Training Team consists of experienced Subject Matter Experts. IIT’s RVA
process relies upon the U.S. Government, Intelligence Community, Military, and
International “Security Best Practices.” These practices encompass both physical
and technical Risk Management and Vulnerability Assessment methodologies and
techniques.
                                   RVA Training Curriculum
        The Risk and Vulnerability Assessment Program Consists of Two Phases.


   Phase I
          Self-Paced Instruction
          CD based interactive training that introduces the methodologies,
          techniques, and tools to conduct an RVA.
   Phase II
          Resident Instruction
              Three-day classroom instruction focusing on the analytical tools
              through a series of practical exercises and case studies.
                 Seven-day practical application of skills by conducting an RVA
                 of an actual Critical Infrastructure.


                                 Phase I: Self-Paced Instruction
A 40-hour Interactive CD provides the foundation of the methodologies, tools, and
pertinent guidelines to conducting a Risk and Vulnerability Assessment. Phase I is a
mandatory prerequisite to the second phase of resident training. Subjects include:
          Assessment Methodologies and Planning
          Vulnerability Assessment Legal Landscape
          Critical Infrastructure Interdependencies and Contingency Planning
          Analytical Risk Management
                Asset Assessment
                Threat Assessment
                Vulnerability Assessment
          Information Systems Architecture and
           Information Assurance


CONTACT: 703.478.7600
Gary Williams (gwilliams@ewa.com) or Keith Kennedy (kkennedy@ewa.com)
                        Phase II: Resident Instruction

A. Classroom Practical Exercises
Days one through three present a series of practical exercises that address the
fundamental skills and tools necessary to conduct an RVA.

           Critical Infrastructures and their Interdependencies
           Contingency Planning
           Analytical Tools and Techniques
           Blast Mitigation Primer
           Introduction to Crime Prevention through
           Environmental Design (CPTED) Principles                Sample Adversary Logic Diagram



B. Vulnerability Assessment Exercise

During days four through ten, student teams conduct an actual Risk and Vulnerability
Assessment of a critical infrastructure. IIT Subject Matter Experts guide the students
through all phases of the assessment:

           Assessment Planning and Coordination
           Data Collection and Aggregation
           Analysis
           Mitigation Strategies
           Reporting
                               IIT TRAINING TEAM

                         RVA Subject Matter Experts
Gary Williams – Program Manager, Critical Infrastructure Protection
Gary Williams is a Physical and Operational Security RVA Subject Matter Expert. Over the past
decade, he has established an authoritative, comprehensive set of Private Infrastructure, U.S.
Government, Military, and International “Security Best Practices” and methodologies. Mr. Williams
has been instrumental in the execution of RVA’s for the North American Class 1 Freight Railroads,
the Passenger Railroads, Public Transportation, and the Chemical Industry. As a Program Manager
for Critical Infrastructures, he has continued to refine RVA methodologies and develop numerous
distance learning and resident CIP training programs. Retired from 22 years of service with U.S.
Army Special Operations Forces, Mr. Williams has continued to protect the Critical Infrastructure
of the United States through his work conducting Risk and Vulnerability Assessments. Currently
possesses a U.S. Government Top Secret/SCI clearance.

Keith Kennedy - Senior Analyst
Mr. Kennedy is an expert in intelligence analysis and critical infrastructure protection. His recent
efforts include Counter-Terror Information Analysis for Water Utilities, the Class 1 Freight and
Passenger Railroads, and Public Transportation Organizations. Mr. Kennedy is a former U.S.
Amry Intelligence Analyst with experience in information analysis, link analysis, and vulnerability
assessments. Mr. Kennedy performed vulnerability assessments worldwide for the United States
Army. Mr. Kennedy has been instrumental in developing analytical methods and information
sharing initiatives that greatly enhance the security of our critical infrastructure. He co-authored
the comprehensive Risk and Vulnerability Assessment Curriculum. Currently possesses a U.S.
Government Top Secret/SCI clearance.

Craig Thompson – Senior Technical Security Engineer
Mr. Thompson is responsible for technical & cyber vulnerability assessments. His recent efforts
include vulnerability assessments for the Defense Department, Federal Agencies, Water Utilities,
the Class 1 Freight Railroads, and Passenger Railroads. Mr. Thompson is a former U.S. Army
Counterintelligence (CI) Special Agent, whose assignments ranged from leading and conducting
specialized media and network forensics investigations to training CI personnel to perform this
mission. Mr. Thompson is a current member of the National Guard, leading and conducting
advanced security, Computer Defense Assistance Program (CDAP), and vulnerability assessments
(VA), as well as training National Guard soldiers to perform the VA mission. Currently possesses a
U.S. Government Top Secret/SCI clearance.

To coordinate your RVAT course and for more information contact:
Gary Williams
(703) 478-7600
gwilliams@ewa.com
                            IIT CORPORATE PROFILE




EWA Information and Infrastructure Technologies, Inc. (IIT) provides the private and public
sectors with vendor-neutral risk management and information security solutions that are advanced,
comprehensive, and complete.

A wholly owned subsidiary of Electronic Warfare Associates, IIT, was established in 1997
to provide Information Operations and Information Assurance support to both Government
and Commercial customers. Early and continued success has allowed for steady growth and
diversification. Today, IIT’s core business areas include Critical Infrastructure Protection,
Homeland Security, Information Operations, Information Technology, Intelligence, Systems
Security Engineering, and Training and Certification. With annual revenues of over $30 million,
IIT is a recognized leader in the security field.

Dedicated to providing its clients with the highest level of service and support, IIT recruits
and retains only top quality personnel. IIT professionals have extensive problem solving and
intelligence experience. In addition, over 90% have U.S. Government Top Secret security
clearances. Headquartered in Herndon, VA, with employees working in corporate offices around
the globe, IIT is well equipped to provide a variety of services to protect information, assets, and
people.

Through its collaboration with standards boards such as the International Organization for
Standardization (ISO), and its active participation in national and international professional
organizations, IIT is directly involved in major developments within the security community.




For further information please visit:
www.ewa-iit.com
EWA Information & Infrastructure Technologies, Inc.
13873 Park Center Road, Suite 200
Herndon, VA 20171

www.ewa-iit.com
703.478.7600

				
DOCUMENT INFO
Description: Physical Security Assessment Training document sample