A UK media giant
Following a C-Suite enterprise risk review, the customer required assistance to identify and source several target-hardening solutions to provide a more robust security environment for both staff and customers alike. They did not have a security executive in house and with a national footprint, needed assurance that the national threat levels, and indeed more local and specific threats, were both recognised and mitigated against across the portfolio. Not only did the organisation want to provide a safer environment for its staff, amid a very public increase in terror-related incidents, but it recognised that perception and culture change were key to a new security solution. A trusted expert was needed to provide guidance and experience, to implement lasting change and future-proofed solution which was more efficient and effective.
The focus of task-hardening was to ensure that all physical controls, policy, processes and operational procedures were aligned to UK government strategy, which involved a thorough evaluation and comparison of publicly available information, including counter-terror, crowded spaces and national infrastructure best practice in physical security.
Mitie appointed an Assurance Manager to conduct a detailed threat analysis at all the locations across the portfolio, including any cyber footprints, insider threat assessments and vulnerability risk studies based on the organisational strategy and culture.
A physical security assessment was conducted for every building, including detailed reviews of future designs for security improvements, including provisions for major ground works and building restructures. All potential mitigating recommendations were rated to show advantages and disadvantages; weighing cost, inter-operability, cultural challenges and potential cross-function efficiencies, and a business case produced for chosen solutions. The business case included an evaluation of costs versus benefits and a trusted Mitie supplier from our vendor management process; this reduced the client need to conduct due diligence and allowed the projects to be managed by a security professional.
The customer received both strategic and working versions of the security risk review report, accompanied by a workbook to monitor the progress of implementation. Business cases were created to seek approval for building redesign recommendations, as well as providing representation during meetings to discuss target-hardening proposals, and sourcing service providers to consult on several subsequent projects.
In addition, our Assurance Manager provided real-time advice and guidance when emerging risks materialised, including C-Suite representation, business presentations and presence in the business security forum. Having formed a solid relationship with the client as a trusted security advisor, they further assisted in the hiring process for a dedicated security lead and the implementation of a security programme including training, testing and exercising, and executive governance over the physical security provision in its entirety.
If you wish to know more about how the process of target hardening, vulnerability studies or C-Suite risk consultancy, please get in touch. Our experience covers many sectors, threat landscapes and risk profiles.