(1998) the security-strategy interface: using qualitative process models to relate the security...

8/14/2019 (1998) The security-strategy interface: using qualitative process models to relate the security function to business

1/10

ELSEVIER

Securi9'_Journal

The security-strategy interface: using qualitative processmodels to relate the security function to business dynamicsJ.H. Powell ..... J.P. Bradfordb

. 1I0Mafdll. . . . ; od ;O,...,.;M

......Aa:epIcd .........-be:i 10 tile , . . rM io l I 0/. atntqy' within a - IW'Y '*'" rc:liaoo: e:- IIbility of IlJoe "'nctionfof the ..... to cunlrilulc ~ of thMllnler. ThiI; oonll'ibu1iQa Qlmcb II IIIl1d110 the ICCIIriIy fmocI:il>D . , iI


2/10

clementi of a


3/10

I.H. A>ood, I,," IJo 1 ': I s...n,..-... 10 (1M) lSl-l60 "'enhanced their u.odcntandin&: of the socwiry dy.IWIlics d..n.n, lhe pt0tu6 of model buildiq. Thespc:c:ific embodimeol of tbe mclhod ~ p o n e d bere Iwbeeo Ipplied 10 wj(Je vanery of cues. illdudln&airporI seeurity, C'OIIIptlitDl" inteUigellClC and produclAic:ly, IS -U If 10 oUlllbn" of IIIOre smeral 1Nsi_ app!ialions. aad Sysaems Dynlmics in ~ r a 1 ill _n-ac:cepted aad 11M' fuI ""d'Oiquc: with plelbon of s....tt. . fiaI .pptiratilxa.

The purpoIe of the iaft...ence lfia&tIm .. 10 _mari:tt 11. WI'! in whicIt fat10n witbiIl dy!lamics y s r . ~ atfecI OIX aaotba-. Let lIS . . . . . . . . . .1' the dy-TI.l!m .... of I I Iacb 011 produa inlqrity. lay the IIeIin:of III IDimaI r iJhb pi 're IJOUP 10 diacredit Imsmclic produa. Whilo:: mall) ' bl:tors will de(( theAiery of lbe product. i l will certaiDly be the: IJIOI'CU1rlenbIe if il beoomes attractive 10 the: preMWepoop IS I lIrJC!' 1be vuInerabiliry here ill lhe likelihood thaI our prodllCl: i II l t tded 5"'tttStully, and 10includes both the mlllCe !bat it will become: theobjecl of lUI attlCk aDd the likelihood of that ItllCk5\Kttediq. Tbere i&, lheo, I rdatioD$hip between'vulroerabiliry of product' and 'anrac:tr.eness of larget',whJch iI sllown in an influence diagram (Fig. I),

Note lhl! the arrow CQfIlleCling the vari.blu has ap 1 .tJII IIt.aCl will illCKuc. Lastly, lheloop is closed by linking 'V\Ilncnbility of product' 10'con of goods', the IlJUIIlCnl bdn. that a vulnerableptoduct will require enr. re!iOl1lCl:S 10 ensure itslollfery, lilly by the provision of detCC10r closures, or b, more 5CCIIe channel of d ~ r i b u t i o n . Fig. 3 thenshO'll'S that there is a clo5cd loop of .rwwa ....hichconnect these variables.

There are two rypcs of loops. If I loop COIlIainsonly pasiiM l l ITOM, it is easy 10 see that $lllallchan&e in one variable "';11 c:ascade .rouod tbe loopincreaio& !he vlllue 01 lbe othtt YIriablcs. 1 lhcTe_ rc DO otlw:r oontrollin& fx1or, lbe inc:rcua arouDd!he loopwuu)d rciaforce oae anodlcr ud woukIbe I 1C1lt r;y for the ..mabka in the loop 10 iDcrax(01" 10 Ocaeasc) witboul lilllit (see F.. 4).If, lhen, on .....minatio!l of !be iAlllleDOe diaJn.m._ see kIop; .nic:tt QlIDIain oal)' poIilM:: :;anvoos, _sbnWd IIOCe that !be dynataica wttidt lbc:y leprc::Ktdwi! IIave I WDdcIlCY 10 IWI IWIJ, eitber . . I poUt:ivcdirection 01" iD ncptM diJettioct (de1Xndiac on !bediJtiun in wbidt lbc:y swt). SucIt Ioopa are referred1015 'UlIAabIe' 01" 'tunaway' klopI.. 0bie1'Yation 01. thefOCopc:iiid, for lbal partiaIIu dyBUIic loop 10 NOaway witbouI. limit . . I dear inl;Ii(:aliolllhal it requitc$Il1IJ'IIIeIMnt anentioa, ei!ber beca._ it is plxDc:>-menon ....hidt we 1ridt 10 promote 01" 10 IUiO. 1lIistendency will tmll to be CClIlDkncICd in reality byOIber facIors, -'IllDe derivio& from the etfu of Olberloop dyaantia within the uiIIins IlIOdeI and othasfront unexpre5lCd limitins ma:ltanlsms bul the \IIldcr,lying instabiliry of the loop is nnertheless aD indic:ation thai the corresponding btJ5irIeK dyrwnica areappropriate itertlli on the manapmenl agenda.A loop wIticlt has single neplive IiJII, bowever.willl'JOl neeessarily cdlibit unstable behaviour, TheremlY Ix: a tendency for the loop to "'bUise if tbe


4/10

i.H. " ' - I t , J.P. I1NJftJtrJ I ~ II) (/993) /5/-161)

1

r. ...... ...... . ..

.. 1. , I I IIlI 1 ..."- .--./. .1

... .-.-/...... n,.-

' ll- 1. A IDop cnl'Ol:l


5/10

,,,-

wto... 7 ,

-. . 5. Ama"..J """'lIliftifla 0I l Iy . - . . . . .tm .....P, the police: andM, the new$ media.n.e analysis is essentially an iterative one. If asignificant party is left out of the lllIlIlysis al thebecitlllini and it beoocnes IlPPllIcnt thaI the gap is asignificaol ODe, thai par1y can be included at a laterstage. Practice shows that this iterative procca is ofOOI\$idcrable benefit in representing the managementproblem: idelllification of the interested panies fur

ther informs the system understanding 50 thai allinfluence diagnm may be enhanced, which in 111mfwtber informs the understanding of which partie$llH: significant in determining an actioI:J plan aimed atmal\aging the system.The seoond $lage of the lUWysilI is 10 examine eachloop aDd identitY whkb panie$ have aD interest in itsbehaviour. Each arrow in lbc loop then has attached

to ;1 the name of each party who ClUl inll.uence thaieJcmcnt of the loop. Using the loop of Fig. 6 as aneumple, we might artadl the interested parties to thearrows of the loop lU Ibown in FJg. 6.For example, il might weD be the judgement of thecompany'l accutives that the COD.lle


6/10

IR . "-'t I.t'. S,04f.ui I S w i I y ~ /(}(199d) H/-/( t)

....

~ ca" tid. .....ll8\ji .

~ f t ~

e::--dooo,.01

messages in th e media, so that any conjunl;tion ofinterests belwecn M and A in this respect is mademore significant. Our management action might theninclude a specitK: intervemion by our PR function (C)to rounter any tenOcll(')' of the press to lmen tointerested stories by th e pressure group before suchncp.tiYc ~ s e s ar c placed. Sll(h aetiCHI might in .dude early briefing to cllltlre that th e company's factsar e plal:Cd before the in advucc. oo.m tomorc specific IDCaSUrn 10 c ns ur e t ha t indMdua! reportcn give ou r company a sympathetic hearing.Thirdly. II u!ICfuI ancillary analysis stcp is to takceach particular loop an d adopl: a stated specific viewpoint upon it. Fo r cxam:pIc, in the loop of Fig. 5 wewould clearly wish to adopl: a viewpoint of th e 5CCIlrityfunction o f the company. but we might equally wellwilli to improve ou r undcntanding of the situation wear e seeking to Ill.llMgC by taking .. number of otherviewpoints, for cumplc, the prcs:wrc group or a ('l l)Iftopc1i1or. Th e ob;cttivc of this third analysis step is,again, to identify th e componcnu of an action planwhidl can contribute 10 ou r particular objectives in

th e management of th e systcm which we have rcpre-scnted.Before examining some of lh e por.:!iealitics of th eapproach wttidl h a cmerged from cxpcricnoc withth e method. a Clllle study is prnc:nted in order to .oowtb e metbod more fully an d in order 10 provide afurthcr cumplc of the analysis stages.

This study reports an &llI!ys.is of tb e impact ofproduct safcly coosidcrations 00 th e tmsincss >an-ning of large food distribut;oa company, mownhere 115 Fo


7/10

J.H." '- i l , lP.M. r o I / ~ ~ / I ( J 9 9 8 ) J j J - 1 M J "'n liooal o r Unlional vmdictiw: atIXb from indMduak. W'IIile Ihc: Slore has DOt been, and docs IIOf apec110 be !be Rlbjoct of altacb. lYdI considenliomare 'Widely indWcd in opcntiollal pLonnin, of lbcxretail oulkQ.TIM: opc:nlioDal planni", probk:m eaa l!lindon: be

............

By 1 _1M . . . .1..... tlo< __FoodCo - - . iokMiIy .. I I . . . . . . . - " ""'*" b Ill< I j .Inilial discussions suge6ted a suitable Slarting point

as the attractiveness m the larget - wblll malr.C$FoodCo a potent ial YiClim? It emersed thaI threefacton ClOIllribvtcd to the altBaivenesti of the Wpcrmarket u a talJCt.F'trSl was a CXMlSidcration of tbc prllCalS Il50Cd in !belIWIufacture of its product nDF and its ClIViromncntal ctfect. 1'hiIi comprised a broad audit of the tedJ-..;qua I IKd by IUJlIltien .mio:h may QI IR a octtioll oflOCict)' 10 ..... a Inrof campait:n !be dla.ia.For .....mpae. the II5C of b6cKhed paper bleac:bcd in!I)'pelle products, oe the: laC of ccnain iodiscrimiMleIishio.f mc\hod$ ...tDr;h QUIC unacttptable coUouen!fatalitie5 /MY incite action by pr-essure poops.TIM: second fxt:or was tlu.t of !be raw materialstbclll5e!vQ. PublX: la5Ic::s may differ, lor cDalpIc, over!be II.pproprillteness of the lIe of cemin animUs,either as a food ilOUrt:e or u other raw material. AHTIalJ 3Cgl'DCnt of the community may chooloc 10 wagea ampalgn against a particular relai ler as being theJrl()$t high profile ilUpplier of the good which causesIlUCb Qlfence. Lastly. the tcstina methods are of significalllCe in nisirl& the threat foe lhe retailer. Stockiog OOIWDCbaI which inY'Olve lesting 00 animals isprobably !be _ high profile aample of suchphenomcOll iII IllCCIll tima.1'hiIi audil of vulDerabWty suges;ted tha t FoodCo0ClIlId indeed be at rid; from Mdt actMty. The AIpCT-mad:e( ' , FDmlI attraetiYe_ as WF1 ieadIi 10 a~ D t i a I iDcreI$C iII the V\ilnerabWty of partial-Iar producu. 1'hiIi product vub:nbility feem diuclIyinlo the aast:QlDCn' of the I&fety of !beprod. . . .4 . 1 . I , 1 J I e i t l J f l - c e ~"The influence: diagram of Fis. 1 emerged fmmCJDr\$identlom of a number of associated medianismlI:

(a) the relatiomhip befWUn cost of pxls, tbe priceill the martet, lUld the resu1tins demand andevenlual profit 10 FoodCo. This dynamit" Q I \ be

5C'>eD in the top right KlClioa of FIg. 1 (not:e a inthe figure) by followUl& the dlain of lJTOWI; 'lSIof JIJOd:5 -- price iD market -- C l O O I ~ t i t i Y e advan,tage __ alOSllmct demand __ profit'.(b) 'The CXJN""'I between the (actllll) vu1rlerabi1.ity of lbe product, eoasumcn' perexpOons ofproduct safety and lbe intenetiDn berweeu that~ and the ckgee of neptic mediaauentiort. 1'hiIi can be teen {oote b in F.,. 1) by

foUowing the dlaiD: \'\Ilnenbility of w F ' - ~ r ceicd produd safety-


8/10

~

,.. ...---

appropriate tenens} for the actors to the arrow SYIII-bolising the connection. The previous eumplc (Fig. 6)can l l( l 'W be Soecn to be an extract (rom the fulldiagram of Fig. 7, and illustrates the process of 'politicisation' of the diagram.4./.1. Loop llM!yjU

Inspection of Fig. 7 reveals a number of closed\oop5. hut for the P'llJl"*' of illustration only one ClllIbe discussed here, although thoe discLl$Sion allcJ'l>e SUT-roulldill& the loop of Fig. 6 provides an lKlditionalexample. 1lle llClual ~ u a t i o n a n a l ~ i50laled all tbeloops in Fig. 7 and e:camined ca(:h in a way ~ i l a r 10the analysis shown here.

4.1.2. T. A l r r a c l k ' C , , ~ of Ultgel ..... t'l


9/10

lB . I.P.BnMqonJ f$wilf lotmw/ IOf/99Il! JjJ-/6IJ

.'1."---;/

alladr.ed. In this respect the loop alIa.lym hu, apparently, little to tell tk SOCIIrity function, mher than topoint up to ~ n i o r management the importance ofweakening tbe lXmIledion between tk vulnerabilityof the product and the actual attacks on the CQlIlpany.


10/10

a produd safeI)' threat in order 10 provide advallC% warning and thereby increase the level ofpolice i n t e ~ t and engagement in the problem.

The FoodCo ease study reported above illustrates anumber of issues of praelice. First, the QSD methodcan be secn to deliver results at any appropriate levelof modelling that the user ehoo::J!;cs and is able tocontribute to. The FoodCo model , for e.umpk, didnot _k 10 imlllene it:lelf in the demil of shipmentsof goods. amountll sold and so fonh. Rather, it focused on the high level policy issll-,.R...,.,l>cad, J.. 19I19. Ratior:Ial AIIal)W {(;If a !'n:Jl>tcawIliait W"dd.J. Wiley. ClIichccI ed. J. Wiley. a...........

(1998) the security-strategy interface: using qualitative process models to relate the security...

Documents