Protecting my Asset
This section describes the core underlying principles of CPNI’s protective security methodology. This methodology defines a holistic approach to the protection of your most important or sensitive assets – as protective security measures can only be truly effective if the physical, personnel and cyber elements are considered complementary to each other during the formulation of a protective security solution.
In order to achieve success, an adversary will attempt to identify and then exploit any perceived weakness within your protective security measures. Having an effective, proportionate security solution will mitigate the ease with which an adversary can formulate then carry out an attack plan.
Understanding this methodology will equip you with the knowledge to look critically at existing and proposed security measures, ensuring your protective security measures are fit for purpose and commensurate with the threats you face.
CPNI’s principles of Deter, Detect and Delay supported by a response plan will help to frustrate and disrupt an adversary’s attack timeline (from planning through to execution of an attack):
- Deter: stop or displace the attack
- Detect: verify an attack, initiate the response
- Delay: prevent the attack from reaching the asset (including measures to minimise the consequences of an attack)
Careful consideration must be given to the response force timeline - time from the initiation of the response to the apprehension of the attacker(s) - to ensure that any adversaries are interdicted or apprehended before reaching those assets that matter most.
The following sections provide links to detailed information on protective security measures and technologies which can be utilised to achieve these protective security principles.