the multi-method threat & vulnerability analysis suite (mtva)€¦ · why? why is the mtva sms...

The Multi-Method Threat & Vulnerability Analysis Suite

(MTVA)

A SMS for Logistics Networks

Antwerp , August 24th 2015

Presenter: Aaron Trant

Presentation Contents

Why is a MTVA suite required?

Multi-Method Threat & Vulnerability Analysis Suite

How the Risk Management Cluster can assist SC operations

Benefits of the MTVA Suite

Why?

Why is the MTVA SMS required?

Security professionals need a Security Management System that is looked upon in a positive light by both the private sector and Customs Authorities.

There needs to be a trusted source of Threat Analysis that is not from a government body or entity.

SC Operators need to be able to access high-end solutions at a low-end price point.

The need to reduce the cost of implementing a SC risk management compliance standard

The Nature of Threats in SCs

Threat Sources impacting on

Operator

Adverse cascading effect on other Modes

and the SC

SC Complexity & Risk Weightings

SC Risk Mitigation Strategies

(+)

(-)

Focus on efficiency not resilience

Globalisation of SCs Over focus on centralisation Trend to outsource Lack of visibility Absence of SLA’s

Avoidance of risk Provide clarity within SC Cooperation between modes Joint contingency plans Enhance flexibility Enhance security solutions

Environment

Operations

Terror & Crime

State –V- Private Sector

Risk ReductionUncertainty Security Measures

MTVA Suite of Systems

Multimodal Corridor

Monitoring(WP5)

Sensor Library(WP8)

Threat & Control Library

(WP2)

Global Supply Chain Visibility

Tool(WP5)

Transport Terminal Services

Publishing(WP5)

Improving Risk Profile of

Operations(WP3)

AEO/ISO Certification

(WP3)

Event Reporting /

Scenario Builder(WP3)

Improving Risk Profile of Trade Lanes

(WP3)Knowledge Graph (WP8)

Risk Management Cluster

MTVA Integrated Suite of Systems

Route Based Risk Profiling of Container

Traffic(WP3)

AEO Self-Assessment

Preparing for Certification

Registration DetailsGeographic LocationMode of OperationRange of OperationLinks to Trade Lanes

Threat AssessmentSystem Assigned Threats

Assign Mandatory ThreatsTailor Threats to Local

ConditionsDivided by Threat Domain

PEAR ImpactsLessons Learned

Scenario DevelopmentDesign Basis Threats

What, where, when, why, who & how?Standard, menu driven questionnaire

Controlling ThreatsBow-Tie DiagramAuto-filled menus

Auto-assigned ControlsAllocate / Edit controls

Assign KPI’s / RPI’s

Risk ProfileUtilises TRAM Graphs

Assign a Risk ThresholdClearly Prioritises Risks

Generic Threat Analysis Model

Developing a Risk Profile

Resolving Identified Issues

Operation / Facility Review

RegistrationThreat

Assessment

Tailored Threat

Scenarios

Assigning Controls

Risk Profile

Remedial Actions

Select Trade Lane

Threat AssessmentAcross SC

Modes / Nodes

History of Events,

Customs, NW Manager

Assessing Controls for

each leg of the TL

Comparative Analysis of Mitigation Measures

Assign Mitigation

Measures to each leg of TL

Designing Secure Trade Lanes

Seasonal, Economic or

Terror or Crime

Variances

Save / Rename

Trade Lane Profile

1

Region A Region A M-Region Region B Region B

A Comparative analysis of Operators / Solutions

A Comparative Analysis of Options

Configuring a Trade Lane….

Benefits - AEO Maturity

Thank You for Your Attention

Any Questions ?

Please don’t forget to use Sli.do