news and blogs

The safety and security of our surroundings, whether at home, in the workplace, or in public spaces, has become increasingly important. As we move through different environments, we want to identify and clearly define the key terms related to physical security. Below is a list of security terms often referenced within Safe Haven’s written content. These terms are industry standard and are crucial to understand, as they define security practices and the various actors and elements involved in these scenarios.

Physical Security Risk Management Glossary

Adversary. The people or systems that represent a threat.

Threat. Who might attack, when they might attack, where, how, what goals and resources they have, and the probability of an adversary attacking in any given day, week, month or year.

Threat Assessment. An attempt to predict the likely threats.

Threat Modeling. A process by which potential threats, such as structural vulnerabilities or the absence of appropriate safeguards, can be identified and enumerated, and countermeasures prioritized. The purpose of threat modeling is to provide defenders with a systematic analysis of what controls or defenses need to be included, given the nature of the system, the probable attacker’s profile, the most likely attack vectors, and the assets most desired by an attacker. Threat modeling answers questions like "Where am I most vulnerable to attack?", "What are the most relevant threats?", and "What do I need to do to safeguard against these threats?"

Vulnerability. In contrast to a threat, a vulnerability is a security weakness that could be exploited by the threat(s) in order to cause undesirable consequences.

Vulnerability Assessment. (VA) Involves discovering and potentially demonstrating a vulnerability, but also provides ways to defeat a security device, system, or program..i.e. attacks. 

Use Protocol. The informal ways security products, technologies, or strategies are used. 

Attack Scenario. A potential method and sequence of events undertaken by adversaries to defeat security. (VA's seek to discover not just vulnerabilities, but also potential attack scenarios)

Security/Facility Feature. Is some element of a security device, program, facility, building, or infrastructure. (Not to be confused with assets or vulnerabilities)

An Asset. Is something that needs to be protected from threats. Valuable Assets can be people, equipment, raw materials, products, services, money, artifacts, buildings, networks PII, intellectual property, etc.

Risk. The probability-weighted cost of loss and/or harm.

Risk Management. The process of eliminating risk by deciding on priorities, like what to protect, how to protect it, and how to deploy security resources.

Risk Assessment. Attempts to identify and quantify risks.

Security Surveys. A walkthrough of a facility using a checklist. The goal of a Survey is to see if the security measures planned for a facility, organization, or infrastructure are being implemented and are effective.

Security Audits. Checking to see if the organizational or infrastructure security is in compliance with regulations, laws, policies, standards, and guidelines.

Physical Security Assessments. A software based Security Survey for physical security.

Red Teaming.  In a nutshell, security testing.

This guide from Safe Haven outlines industry standard terminology critical for defining security practices and potential scenarios. It is subject to change as the risk landscape evolves.

Source Material

Much of the Security Terminology provided here derives from Dr. RG Johnston’s seminal book, Vulnerability Assessment: The Missing Manual for the Missing Link.

More Physical Security Terms from CISA

Access Point. Physical entry points. 

Active Assailant. One or more individuals actively engaged in killing or attempting to kill people in a populated area. 

After-Action Review. Developed after an incident or exercise to document strengths to be maintained and built upon, and to identify potential areas for improvement. 

Consequence. The effect of an event, incident, or occurrence. 

Cyber Hygiene. Maintaining basic levels of cybersecurity and improving general awareness to enhance resilience and mitigate the effects of a potential intrusion or attack. 

Doxing. Internet-based practice of gathering an individual’s personally identifiable information—or an organization’s sensitive information—from open source or compromised material and publishing it online for malicious purposes. 

Entry Point. The location where individuals may enter a facility; see access point. Family Assistance 

Center. Area or location to provide services for evacuees and their families; can also assist with reunifications for survivors with family or friends. 

Fusion Center. State-owned and operated centers that serve as focal points in states and major urban areas for the receipt, analysis, gathering, and sharing of threat-related information between all levels of government and private sector partners. 

Grant. A sum of money given by a government or other organization for a particular purpose; the principal funding mechanism to commit and award federal funding to eligible state, local, tribal, territorial, certain private non-profits, individuals, and institutions of higher learning. 

Incident. An assessed occurrence having potential or actual adverse effects on the organization. A security incident is an incident or series of incidents that violate the security policy. Any event affecting the safety, security, or protection of a property, facility, or occupant that requires response, investigation, or other follow up. 

Information Sharing. The passing or exchange of information between people or entities.

Mitigation. Actions taken to reduce loss of life and property by lessening the impact of disasters, including but not limited to community-wide risk reduction projects; efforts to improve the resilience of critical infrastructure and key resource lifelines; risk reduction for specific vulnerabilities from natural hazards or acts of terrorism; and initiatives to reduce future risks after a disaster has occurred.

Network. A group of two or more computers or other electronic devices that are interconnected for the purpose of exchanging data, sharing resources, or storing information. 

Personal Security. Actions taken to mitigate or reduce the probability of becoming a victim of an attack. 

Physical Security. Protection from threats that could cause losses or damages. Maintaining a strong physical security posture is an ongoing process that involves a continual assessment of new assets and changing threats. 

Protective Security Advisor (PSA). Security subject matter experts located across the country who directly support the critical infrastructure community in enhancing security. 

Recovery. The return to normal business operations following an incident, crisis, disaster, or significant event. 

Recovery Plan. The policies and procedures that position organizations to effectively recover from an active assailant, weather event, or other incident, while providing the best support structure for their employees, contractors, visitors, patrons, family members, and the community at large. 

Response. Focuses on the immediate and short-term effects of an event/incident/disaster. It is usually focused on preservation of life and preventing immediate damage. 

Response Plan. The deliberate policies and rehearsed procedures that position organizations and the individuals within them to optimally react to an imminent threat. Reunification: The process of restoring incident evacuees and survivors with their family and friends. 

Reunification Plan. A written document that sets forth the steps to be taken to restore evacuees and survivors with their family and friends. 

Risk. A measure of potential harm from an undesirable event that encompasses threat, vulnerability, and consequence. Potential for an unwanted outcome resulting from an incident, event, or occurrence, as determined by its likelihood and the associated consequences; potential for an adverse outcome assessed as a function of threats, vulnerabilities, and consequences associated with an incident, event, or occurrence. 

Risk Assessment. The process of identifying, analyzing, assessing, and communicating risk, and accepting, avoiding, transferring, or controlling it to an acceptable level considering the associated costs and benefits of any actions taken. 

Screening. Physical and/or information-based examination or review of cargo, people, and their belongings. 

Security Coordinator. The leader of the security and safety planning team responsible for security-related questions. 

Security Plan. Strategy with specific courses of action to protect people and key assets from harm during a threatening or hazardous incident. 

Security and Safety Planning Team. Supports the Security Coordinator by conducting research, evaluating needs, providing recommendations, and assisting with plan development. 

Security Protocol. The overall security strategy or a specific practice or specified procedure within the security plan. Also known as Security Practice. 

Security Strategy. The established goals, objectives, and courses of actions that make up the protection plan for an organization, its members, and its assets. 

Shelter in Place. Response that involves the immediate, orderly moving of site occupants to locations within the facility (indoors or outdoors) that offer relative protection from the natural, technological, or human-caused event; the type of incident/hazard will determine the type of shelter that offers the best protection. 

Threat. Natural or man-made occurrence, individual, entity, or action that has or indicates the potential to harm life, information, operations, the environment, and/or property. 

Vulnerability. A physical feature or operational attribute that renders an entity open to exploitation or susceptible to a given hazard; characteristic of design, location, security posture, operation, or any combination thereof, that renders an asset, system, network, or entity susceptible to disruption, destruction, or exploitation.

Source Material

As the National Coordinator for critical infrastructure security and resilience, the Cybersecurity and Infrastructure Security Agency (CISA) spearheads the national initiative to comprehend, address, and mitigate risks to the cyber and physical infrastructure that Americans depend on daily. This Security Terminology derives from CISA's publication of Physical Security Performance Goals for Faith-Based Communities.