Prepare your team
Protect your organization

Situational awareness is the dynamic process of receiving, interpreting, and processing information from the environment and incidents in your specific context.

Good situational awareness is adaptive and alert. In this way, employees gain punctual knowledge about their wider environment and this supports targeted action when necessary. They will respond faster and better to incidents, accidents or attacks.

The aim is to grow this knowledge and predict future events in a timely manner and to prevent bad outcomes.

Security awareness is the extent to which employees are aware of dangers related to (information) security.

Good (information) security is only possible if policy and technology are in place and if employees act accordingly. Human actions often prove to be the weak link in this endeavor. Employees click on links in emails, knowingly and unknowingly share information with unauthorized persons, leave doors wide open, or carelessly handle access and other resources.

Organizations often struggle with employee involvement in the field of (information) security and privacy, because employees are unaware of the important role they play in this area.

Most organizations have sensitive information or financial assets that need to be protected. At the same time, employees are trusted and have access to these valuable assets, otherwise they wouldn't be able to perform their job.

An internal threat therefore refers to the possibility that an employee deliberately abuses their access and thereby causes damage to the organization.

There are several types of insiders based on approach and motive, but little is done about them preventively. Screenings are not a panacea and the reliability of the screened employee can change during employment.

However, employees can act as the first line of defense by noticing warning signs and reporting them internally, holding employers accountable for a confidential treatment of and a proportionate response to these warning signs.

Incident management involves reporting, tracking, and analyzing organizational mishaps and hazardous situations to prevent their recurrence in the future.  The goal of incident management is to solve the problem and to ensure that the issue does not develop into a major crisis.

Too often a major incident occurs before sufficient budget is made available for security. Don't just act reactively. The budget required to avoid similar incidents in the future often exceeds the budget for security measures before the incident occurred in the first place.

Preventive and corrective actions are taken to avoid incidents and both are basically preventative in nature. The main difference is that preventive actions are taken to prevent possible incidents while corrective actions are taken as a result of an incident.

A risk analysis consists of two important criteria: the probability of a (potential) risk occurring and the impact if it occurs.

Risk management consists of increasing the likelihood and impact of positive situations, and reducing the likelihood and impact of negative situations. 

Top priority is protecting people: visitors, employees, customers, and suppliers. There are many other assets to protect, such as commercial products, works of art, valuable objects, expensive installations, the building itself, confidential information, etc.

The measures form a short-term (annual action plan) and long-term (global prevention plan) action plan. Adjusting actions makes the policy dynamic: a dynamic risk management system (DRMS). This is an ongoing, integrated, and structured way of working; designed to provide a proactive and flexible approach to managing risk.

Threat analysis looks at all vulnerable assets in the organization, the profile of potential adversaries, and the modus operandi they can use to successfully attack. 

Supplement this analysis with local and regional crime statistics, police and government communications, information from trade unions and professional networks, and publications from bodies such as Europol.

Two concepts that have recently blown over from the world of cybersecurity are threat intelligence and threat hunting. 

A successful threat hunter can uncover threats that have not yet been identified or defined. Threat hunters are looking for the unknown unknowns. They look for hidden clues and patterns of suspecious behavior. It is a permanent process looking for info, signals, or suggestions that something completely new or unprecedented is on its way.

Barrier models look at a criminal's business process. The models shows at a glance which steps criminals must and will take to commit a criminal offense.

The steps show the essential elements of the criminal's business model in order to make profits. We check for each step which service providers and facilities make the offense possible and which signals may indicate criminal activity.

Through this process we discover which barriers can be put up to disrupt the work of the criminal.

Dealing with aggressive persons is a combination of theory of mind, cognitive empathetic capacity, and de-escalation -both verbally and in terms of your own non-verbal communication.

These specific conversation techniques emphasize the recognition of scenarios, offer tips and tricks for unexperienced participants and practice these techniques so that we remove (most of) the fear of the unknown danger as much as possible.

We look at enemy opportunities using the Outerviewing method.

Outerviewing is a ready-to-use tool to thoroughly and systematically scan your environment with the help of observation and behavioral analysis, coupled with the reticular activation system and the emphasis on objective reporting.

The observation is done in two movements: a first baseline scan and then a search for deviations. We also look at the enemy within our own thinking, our own organization, and our own strategies.

We must learn to screen ourselves and our colleagues, assess our procedures and dispositions, and reveal shortcomings in our operations. That is exactly what enemies do: they scan our strengths, but focus on the weakest links. They see buildings and sites as opportunities, and people and objects as goals.

CPTED is a global approach that limits crime, nuisance, undesirable behavior, and feelings of insecurity in an area.

This security approach is not about perpetrators and victims, but about the environment in which they meet.

The goal of CPTED is to plan, design, use, and manage a place in such a way that users feel safe. In this environment there are fewer incidents of crime, violence, and nuisance.

CPTED is a multidisciplinary process whereby undesirable behavior is not given a chance and desired behavior is stimulated.

Safety is an umbrella term and the distinction between safety, security, risks, threats aren't always clear. The words are often used interchangeably. Safety is a relative concept and refers to the (degree of) absence of danger or the (degree of) presence of protection against danger.

Safety deals with avoiding human harm from accidents, disasters, and crises that are not - intentionally - caused by people. Security deals with avoiding human harm through willful and malicious human actions such as abuse, aggression, crime, and terrorism.

The close relationship between safety and security is quite unknown and underused. There is a lot to be gained from an integrated and integral approach in which safety and security jointly guarantee a secure organisation.

It will come as no surprise that safety considerations usually take precedence over security measures.

A lockdown procedure is an emergency protocol to prevent people from entering or leaving a building.

A lockdown can serve to protect people in a building against a threat from outside or because a dangerous situation arises outside such as toxic substances, fights, or extreme natural phenomena. When leaving the building is too dangerous, everyone present must stay inside. This means that exterior doors must close temporarily.

A complete lockdown usually means people have to stay put. They are not allowed to enter or leave other areas. This is a relatively unknown procedure, but current trends indicate that we should prepare for this.