Leadership & Management Column / Security Leadership and Management

How to Manage Physical Asset Risk

Our journey on the road to transforming to an Enterprise Risk Management based program, one of the more traditional security sweet spots, is our next area of focus.

sec col body


Our journey on the road to transforming to an Enterprise Risk Management based program, one of the more traditional security sweet spots, is our next area of focus. In this month’s column, we will explore why most enterprises can no longer simply depend on “Gates, Guns & Guards” to adequately safeguard their physical assets.  

Mitigating risks associated with physical assets covers virtually every type of object known to man. This category of assets ranges from jewels and precious metals to buildings and major infrastructure elements, and everything in between.  Physical security mythologies have for years focused on concentric rings of defense. Starting at the outside and working inward with layers of protection measures based on the value of what was being safeguarded, as well as the perceived risk of theft, malicious alteration, or sabotage from human caused actions or damage, inoperability or complete loss due to natural caused events. 

Municipal planners have adopted physical security risk mitigation strategies with the advent of Crime Prevention Through Environmental Design (CPTED). The original concepts focused on utilizing a multi-disciplinary approach to deterring criminal behavior through environmental design. CPTED strategies rely upon the ability to influence offender decisions which precede criminal acts. 

Today, CPTED concepts are also being utilized to thwart terrorist attacks. For example, designing a building with windows that are constructed of high-strength polycarbonates or coated with blast resistant film not only prevents smash and grab type crimes, but assists in protecting  buildings and their occupants from a broad range of explosive devices. Berms, bollards, planters and moats are frequently being utilized as a measure to reduce the likelihood of car or truck bombs from making it within an effective blast range of a building or critical infrastructure element.

Landscaping and lighting also come into play with CPTED. The use of low growing plants and shrubs eliminates potential hiding places. Carefully designing where trees will be located helps to avoid security video blind spots and from them being utilized to gain easy access over fences. CPTED concepts also call for the lower branches of a tree to be trimmed so there is at least an eight-foot clear zone before reaching the first branches.

Effective deployment of access control, coupled with security video and intrusion alarms has become more critical than ever.

Many corporations and building owners have deployed turnstiles of one type or another in lobbies. These turnstiles typically are low in height so they remain more aesthetically pleasing to the eye. Unless you have an armed security officer on the other side, they won’t stop some deranged person from jumping them to commit an act of workplace violence. Similarly, many schools have deployed a double door controlled entry system as an access control measure. In more than one school shooting incident, the shooter simply shot out the large pane glass panel next to the entry way to gain access.

Designing truly effective containment areas for visitors and limiting ingress and egress points are critical elements in physical security risk mitigation, but it can’t stop there. Not unexpectedly, people are the weakest link in maintaining effective physical security controls. Training all employees and/or building occupants, coupled with frequent reminders, relative to their individual responsibilities in maintaining access control is vital.

Never lose sight of the fact that a stable full of lawyers and regulatory compliance agency personnel is anxiously waiting for the opportunity to point out your negligent security liability and regulatory violations. Couple these risks with today’s social media deluge that explodes after every incident, and which is frequently filled with misperceptions and incomplete or inaccurate accounts. At the end of the day, every risk mitigation measure a company takes will be subjected to the harsh light of public opinion, just another element of reputational risk for the enterprise. 


About the Authors:

 Jerry J. Brennan is the founder and Chief Operating Officer of Security Management Resources (SMR Group), the world’s leading executive search firm exclusively focused in corporate security. Prior to founding SMR in 1997, Brennan enjoyed a 26-year career in domestic and international enterprise risk and security roles. Lynn Mattice is Managing Director of Mattice and Associates, a management consultancy focused at the development and alignment of Enterprise Risk Management and Business Intelligence Programs, as well as Intellectual Property Protection and Cybersecurity. He has more than 35 years of experience heading these programs at the executive level of three major multinational corporations and one mid-cap company in diverse industries. 

Did you enjoy this article? Click here to subscribe to Security Magazine. 

Recent Articles by Jerry Brennan

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security May 2015 Issue cover

2015 May

In the May 2015 issue of Security, learn how to be the bridge between busieness and security with "customer facing," how to effectively work with your CFO, and covert security.

Table Of Contents Subscribe

Body Cameras on Security Officers

Body cameras are being used increasingly by police in cities across the U.S. Will you arm your security officers with a body camera?
View Results Poll Archive


Effective Security Management, 5th Edition.jpg
Effective Security Management, 5th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.