Issue link: https://fhpublishing.uberflip.com/i/1100701
NETWORK / 23 / APRIL 2019 been built, but there aren't additional audits following this. The consensus was that such regular audits shouldn't happen in the energy sec- tor. "BEIS is there to ensure that policy and compliance is in place. I don't think they need to get involved with the nitty gritty, and I don't think they've got the resources to do that anyway," said one attendee. Networks do, however, need to have a standard and a level of response to be able to protect their sites. The roundtable discussion turned to how network companies should deal with the threat of accidents involving people on critical sites who shouldn't be there. Sometimes a person – for example a teenager showing off – may enter a site without authorisation. In this instance, it is still the responsibility of the owner of the site to ensure they are safe. But how? One way is to make sure any hazards are signposted clearly. As times change and technology moves on, what used to be considered the best way to protect assets is not always the best way anymore. Roundtable attendees decided changing the way critical assets are run and infrastructure protected will take a culture change within the organisation. The onus is on those responsible for the safety of these assets to prove to the rest of the business that changes need to be made. If they are successful in doing so, the threat to such in - frastructure can be reduced. Network utilities need to be preventative rather than detective, automatic rather than manual, in order to save on costs. Views from the speakers: "I want our organisation to have the foresight to assess what the risks are in the future, the insight to understand who we are as a business and what our risks are, and the hindsight to learn from the past." David Mounfield, senior resilience & security advisor, Cadent Gas "One of the issues we face is culture and understanding of what we are trying to achieve. It could be perceived that some think security is nothing until they want it to be everything." Greg Forde, security manager South East & London, SGN "We need to get the whole organisation involved, including shared services. You could have that smart key as part of a starters, leavers, movers process – how far can it be integrated into HR processes?" Ben Bond, controls and compliance manager, National Grid "Physical security of assets is vital for utility companies, to prevent unauthorised access and provide long-term controlled access to those with authorised site access to complete daily tasks." Rob Bennett, senior market development manager, Abloy "A good security culture is essential within the company requiring support at senior level to ensure it is given a high profile and the necessary resources." Paul Rackley, E&I asset manager, Wales & West Utilities In association with: Five key points 1. Cyber security should not be allowed to steal the limelight away from protecting companies' critical infrastructure from physical threats. 2. Using a standardised approach to protecting physical assets is difficult. Sites are unique and, therefore require a bespoke approach. 3. As technology moves on, network utilities need to adapt. What was used to protect sites 20 years ago may not be the most appropriate method today. 4. Energy networks' sites probably don't need the same level of auditing as water companies, but it is important for companies to standardise their level of response to an extreme event. 5. To prevent accidents on sites as a result of unauthorised entry, firms should ensure they signpost effectively, so they are not liable for any injuries that occur.