Year
2012
Abstract
Security professionals have long prided themselves as subject matter experts in one or more specific security disciplines. In the U.S. Department of Energy, these disciplines or topics have included protective force, physical security systems, personnel security, nuclear material control and accountability, information security, cyber or computer security, and other subsets of these disciplines. The tendency of an expert is to focus on the demands and requirements of his or her discipline, often to the exclusion or at least the de-emphasis of other disciplines. Another paradigm of security is redundant, concentric layers of security – often the more layers and the more redundancy, the better. However, in the pursuit of these natural areas of focus, we can lose sight of the overall goal – designing the most effective protection system under the fiscal constraints that may exist. In this paper, I will discuss some of the consequences of losing focus on the primary goal and how this may lead to poor performance, may provide limited assurance that selected investments are necessary and sufficient, and may cause unnecessary corrective actions following a performance review.