Resilience & Integrated Security Services
Resilience & Integrated Security Services
Utilities historically have understood the risks associated with operating their networks and developing mitigation plans. Furthermore the networks were designed and built with planned resilience, to minimise disruption and enable fast recovery.
However these plans and the methods for analysing and managing risk were formed in a comparatively stable time. Since the turn of the millennium our world has become increasingly unpredictable and we now operate in a more complex security environment. Threats to the security of the UK’s Critical National Infrastructure (CNI), of which all utility networks and assets are fundamental components, are now greater and more varied than ever before.
- Geo-political
- Climate change
- Infrastructure dependency
- Socio-economic
- Globalisation and power diffusion
How can Serco help?
Serco has instigated and is a major contributor to CNI Scan, a collaborative public private sector programme building upon best practice risk and resilience planning in the CNI ‘for the benefit of the CNI’. The programme combines existing methodology, process and science into an integrated toolkit that supports the best practice development of systems, processes and capabilities for the assessment of risks and threats to the CNI – for organisations that manage the components of the CNI.
The approach can be used by individual organisations, to identify their specific vulnerabilities, and groups of organisation that have to plan for a single threat. The advantage to single organisations such as a utility is that it enables you to build on existing capabilities to develop a solution that is entirely fit for purpose. CNI Scan supports the creation of a common knowledge base, so that consistent best practice can be created and shared. The use of modelling, visualisation and experimentation exercises in simulated environments, is used by CNI Scan to war-game risk scenarios to develop optimum management strategies. This approach can address the entire spectrum of risk or be tightly focussed, where an organisation has a known risk that it wants to explore.