Plan Design Enable Holistic Security Capabilities and Experience
2
Why Atkins for security? We have the unique combination of: a depth of understanding of the national security context strength of relationships with key governmental bodies, CESG, CPNI and others the ability to bring together the industry expert, the security specialist and a comprehensive management consultancy capability outstanding consultancy at a cost effective price. Plan Design Enable 3
Holistic security: Overview Physical, cyber and personnel security generally remain separate in many organisations. Our holistic security methodology enables you to get a better understanding of overall organisational security risks by applying converged governance and risk management across all assets. In combination with our programme and security risk management expertise, this approach ensures better protection for assets, staff and information; your critical business enablers. 4
Holistic security: Benefits The benefits of the holistic approach: Understand where gaps exist between security layers Bridge the gap between the hard side of security (technical/physical) and the soft (information/policy/ processes/people) Identify where security measures are being duplicated and are therefore wasteful Ensure investment is in proportion to risk levels Make security a strategic differentiator rather than a tax on the business Target resources where they deliver maximum benefit for your organisation. Plan Design Enable 5
Lowering risks Concept at a high level: lower risk by deterring the threat, lowering the vulnerability of assets and reducing the impact of compromise. 6
Concept at a working level: take an integrated view by applying physical, cyber, procedural, or people related mitigation to reduce the risk to your business. Technical Procedural Physical People Plan Design Enable 7
Capabilities Atkins has the experience and expertise to help its clients deliver strategic advantage through an holistic approach to security: Working with others. Working with all the UK intelligence agencies in planning major programmes and projects. Understanding intelligence flows and working collaboratively with law enforcement. Employing quality staff. Experience of devising pre-employment screening; on-going monitoring; creating a positive security culture. Resilience of design. Very extensive experience in this area as one of the world s leading design consultancies. 8
Knowing what s critical. Identifying and prioritising assets. Planning and rehearsal. Expertise derives from planning and design heritage. Working towards the establishment of a crisis management strategy for a major Middle East Country. Protecting assets. Considerable experience of designing and implementing protective security regimes for physical and information assets. We have a depth of understanding of the approach to protecting clients assets including: networks information intellectual property critical infrastructure; and control systems. Plan Design Enable 9
Physical Security considered at the very start of all infrastructure design projects Secure by design Leading role in the design and implementation of all the physical security measures for the London 2012 Olympic Games, covering the Olympic Park in London and all of the regional sites around the UK Designed and are implementing a re-build of the physical security regime at a major UK nuclear facility Design and implementation of security at numerous infrastructure sites in the UK, e.g., Birmingham New Street Railway Station, Crossrail, including Blast Mitigation and Hostile Vehicle Mitigation measures (HVM) 10
Design of the physical security measures for transport infrastructure in the UAE including both road and rail Design of the physical security measures for military facilities throughout the Middle East region Designed the airside & landside physical security elements for an aviation development in KSA including the Concept of Operations and HVM Design of the Physical and Cyber security elements for a Conference and Exhibition Centre in Oman Security Master Planning for large industrial economic free zones in the UAE including interfacing with the Urban Planning Council. Stakeholder Requirements Strategic Objectives Operational Requirements Process Analysis Integrated Security Systems Design Performance Specification Tender Process Plan Design Enable 11
Cyber Atkins has the knowledge, skills and methodologies essential for safeguarding valuable information assets. Our impact focused, risk based approach builds the appropriate cyber security controls into the fabric of organisations. We will ensure you can deter, defend and detect the inevitable attempts to compromise your operation. Although it is impossible to prevent all compromises from internal and external threats, our methodology provides the tools necessary to create a resilient operation, respond to incidents effectively and if necessary, adapt your security posture. Our team and their knowledge have been optimised through our extensive involvement with the UK s intelligence agencies in cyber security, through information assurance and strategic programme delivery. We will ensure you can use information confidently and leverage the business advantages of cyberspace. 12
Personnel and behavioural This is a new, particularly challenging area when dealing with a multicultural workforce. Experience of establishing the UK government s first programme of advice in personnel security issues. Understanding the importance of creating a positive culture within an organisation where management and staff contribute effortlessly towards the shared protective security objectives. Experience of data system integration to achieve an automated accreditation scheme as part of a pre-employment screening process. Part of the employing good people theme. Running the biometric identification scheme at London s Heathrow Airport. Positive identification of passengers to satisfy Civil Aviation Authority (CAA) strict standards. Plan Design Enable 13
Industrial Control Systems We help clients to: Understand the security risks to their organisation and assess the critical operations Develop a holistic security strategy to address challenges across the organisation, whether technical, procedural, or personnel based Establish resiliency, through realising cyber security events are practically inevitable; Appropriate planning and incident response will minimise impacts and enable a rapid return to business as usual. 14
Regulation and compliance A consistent theme of all our work is to help a wide variety of UK companies achieve compliance with various standards and regulations Achieving new standards in aviation security through the use of biometrics at Heathrow Compliance with various cyber standards (e.g., ISO 27001) We will work with you to achieve compliance with any standards laid down by relevant regulatory authorities, and other government bodies. This work will include the training of staff to achieve various standards and levels of skill and competence We offer supporting guidance in achieving compliance with the PAS68 (specification for Vehicle Restraint Measures) and PAS69 (Guidance for the Selection, Installation and use of Vehicle Restraint Measures). Plan Design Enable 15
Business Continuity Atkins services are designed to put in place clear planned responses to Business Continuity & Resilience (BC & R) challenges. Our services take a risk-based approach to evaluating the threats facing business activities or process by internal and external factors. Our services include but are not limited to: Strategies and plans utilising industry best practice and standards Survey and audit services Implementation of appropriate recovery plans BC & R risk management and mitigation strategies IT communication resilience design and engineering services. 16
Our services deliver the following business benefits to clients: Proactive identification of the impacts of an operational disruption Effective response to disruptions which minimises the impact on the client Managed business continuity risks Knowledge transfer, management and collaboration Confidence in business continuity responses through a range of exercises and scenarios. Demonstrable ability to maintain delivery during unforeseen circumstances. Plan Design Enable 17
Crisis Management All organisations need to have a well designed and rehearsed crisis or emergency response plan. Atkins can help in the creation of a plan and in devising an exercise programme to test it on a regular basis. Atkins helped with the emergency response to Hurricane Katrina through our US office and with the follow-up to the Fukushima disaster (through our Energy business). 18
Contact Plan Design Enable Andrew Cooke Director Atkins Security Tel: +44 (0) 7803 259 666 Email: andrew.cooke@atkinsglobal.com 19
Cyber Supplier to UK Government Atkins Security Euston Tower 286 Euston Road London NW1 3AT England Atkins Limited except where stated otherwise. The Atkins logo, Carbon Critical Design and the strapline Plan Design Enable are trademarks of Atkins Limited. www.atkinsglobal.com/security mailto: holistic@atkinsglobal.com