Security Vulnerability Assessments

The Security Vulnerability Assessment (SVA) is one of the most critical components of any effective security strategy. An SVA is performed for two distinct reasons: 1) to identify potential risk exposures, and 2) to validate existing security measures and strategies.

Occam Security & Engineering conducts regulatory-compliant security threat and risk assessments for Maritime Ports, Aviation, Mass Transit, Petrochemical and Energy, Supply Chain, Federal, State, & Municipal Utilities.

The characterization of a site involves the identification of the site’s assets, followed by the analysis of hazards to those assets and potential consequences of damage to or theft of those assets.

The focus of the analysis is on public, financial, and operational impacts. A determination is then made on the risk exposure of each asset. Two factors, severity of the consequences and asset attractiveness, are used to screen the site’s assets. Our SVA Team then produces a list of candidate critical assets.

The threat assessment evaluates threat information and identifies threat categories and potential adversaries. To identify general threat categories, threats posed by insiders, outsiders, and collusion between insiders and outsiders are considered.

The general nature and history of the threat; specific threat history of the facility and related operations; known capabilities, methods, weapons; potential actions, intent, and motivation of adversary are considered.
The SVA team identifies the existing measures intended to protect the critical assets and estimate their levels of effectiveness in reducing the vulnerabilities of each asset to each threat or adversary.

SVA process involves determining the level of risk posed by an adversary exploiting specific assets, given the existing security countermeasures. The intent is to categorize the assets into discrete levels of risk so that appropriate countermeasures can be applied to each situation.