Discussion Questions:What insight can you offer concerning the “routine activity theory,” as well as its correlation to both physical security and the roles and responsibilities of the security...

1 answer below »

Discussion Questions:What insight can you offer concerning the “routine activity theory,” as well as its correlation to both physical security and the roles and responsibilities of the security manager? In regards to the Crime Prevention through Environmental Design (CPTED), what do you feel are some of the advantages and disadvantages of this principle related to physical security?Overview


Thus far, we have touched upon a number of issues that must be addressed if security is to be administered appropriately. Identifying areas of risk, identifying needed assets and resources to address them, and then bringing together in a coordinated fashion must all be considered. It goes without saying that security must be provided in a number of different environments, especially given the fact that are world operates in both the physical and virtual realms. This week, we will direct attention upon one of those environments that has already been touched upon and appropriate actions related to it; those related to physical security.


Physical Security


When speaking of physical security, it can be perceived in a number of different ways; thus can take on numerous applications as well. Simply put, physical security speaks to the overall incorporation of people, equipment, and associated activities needed in order to provide asset protection against identified threats and risks. Specific to this study, physical security is described as the methods by which a given facility protects itself against theft, vandalism, sabotage, and unauthorized access (Fischer, Halibozek & Green, 2008). Simply put, such security seeks to prevent these types of unwanted activities from taking place through a variety of effective and appropriately designed defense measures. There are a host of barriers that can be implemented that seek to provide appropriate parameter protection; many that have been touched upon already in this study. Therefore, additional details and insight will be provided when warranted. However, there have been certain theories and strategies identified that have a direct bearing upon physical security; those that any security professional should be aware of and the role they play in an overall security management plan. Thus, appropriate attention will be directed towards these within this lesson as well.


Routine Activity Theory


In order to adequately provide needed physical security, it is advantageous to have a fundamental understanding as to why certain individuals carry out criminal actions in the first place. Although various philosophies and models exist regarding this issue, one that has great bearing here is the routine activity theory. It was originally developed by Marcus Felson and Lawrence E. Cohen in an effort to explain the rate of crime within the United States during a specific period of time (1947-1974). What is interesting about their study is that instead of solely focusing upon the various characteristics of the offender (although certainly important), they directed needed attention towards the characteristics of the crime itself and the environment in which it took place. At its most basic, this theory states that three basic elements must be present at the same time in order for an offense to take place; a target that is not only available but suitable to the offender, a perpetrator who is motivated to carry out their actions, and in the absence of any authority figure or security measures to prevent their intended actions from taking place. At its most basic, the Routine Activity Theory assumes that a crime can be committed by anyone who simply has the opportunity to do so. By extension, it states that intended targets (i.e. an individual, corporation, etc.) have choices as to whether they are victims or not, simply by not placing themselves in such situations. Granted, employees, customers, and the public at large may not feel they have such a choice to make, and in many ways this is accurate. It is therefore up to security professionals to feel that the environment they find themselves in is one that offers them an appropriate degree of security and confidence.


In the article Putting Process into Routine Activity Theory: Variations in the Control of Crime Opportunities, Schaefer and Mazerolle expand upon the basic control measures associated with this theory (offender handling, target guarding and place managing) and propose three different mechanisms that can directly influence crime prevention, and thus security techniques. These are relationality, relativity and responsibility. Regarding these matters, the researchers propose that those charged with handling, overseeing, or simply seek to manage the actions of potential perpetrators can produce a variety of outcomes. These include preventing an individual from even pursuing to commit a crime in the first place, blocking individuals from committing a crime should the opportunity presented itself, as well as creating an environment (both physical and virtual) in a way that there are fewer chances to carry out such activities. So concerning the first of what is described as “routine activity dynamics” by the researchers; relationality, this refers to the social integration that exists that formulates how people relate to and interact with one another. The field of criminology has long supported the notion that interpersonal relationships can serve as a great aid in either preventing or encouraging criminal behavior. Therefore, the importance of community, corporate, and other such shared relationships play a key role in decreasing those opportunities that allow one to carry out illegal activities. The second topic concerns relativity, and is concerned with the level of connectivity of a particular person in their daily activities in situations. Building upon the first issue, an individual’s connection with their community will have a direct impact upon their perception of whether a crime can or should be carried out. Conversely, the more closely an individual has their “finger on the pulse” of their own worker living environment, the more likely they will be to observe irregular behavior. The last issue concerns responsibility; the basic sense of duty that individuals have that either contribute to or detract from the welfare of a particular space. Community groups, civic engagement, as well as an overall corporate structure can have a direct impact upon prevention efforts. However, in order for desired outcomes to be realized, people must care about them in the first place to even address them; which speaks to both individual and collective responsibility. For additional insight and conclusions reached by these researchers, you are encouraged to fully review the article Putting Process into Routine Activity Theory: Variations in the Control of Crime Opportunities.


So what does the overarching Routine Activity Theory and the ideas proposed by these researchers have to do with security administration? Simply put, increasing one’s knowledge of not only the overall environment in which a facility or complex resides, those who inhabit or frequent these areas, as well as those that are internal to these structures (i.e. security managers, decision makers, employees, etc.), can not only aid in determining what physical security measures are most appropriate, but carry out such security in a much more proactive and effective manner. The following quote from Sun Tzu is quite applicable here:


If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.


Defense-in-Depth


The Defense-in-Depth (DiD) strategy is not a new approach by any means, as it has been utilized military armies, clans, and similar groups for hundreds of years. Its fundamental essence lies on the premise of fully protecting an asset with a series of different barriers. Therefore, one can easily see its applicability to physical asset protection of an organization as well. Since an overarching goal of physical security is to prevent, or at least delay the intended actions of a motivated perpetrator, the DiD can offer various measures that will either deter an intruder or delay their actions until appropriate steps are taken regarding their apprehension. It is interesting to note that in their analysis of this strategy, Coole, Corkill, & Woodward, these researchers not only deem it as being sound in its application to physical security, but is supported in a theoretical sense by a number of recognized theories including both the previously discussed Routine Activity and Rational Choice philosophies. These three researchers also note that security as an academic discipline is still in many ways in its infancy when compared to other disciplines such (i.e. sociology, psychology, etc.), and because of this, there can be a variety of interpretations and applications related to certain terms and phrases. Examples include where the DiD strategy under discussion might be used interchangeably with other approaches such as Protection in Depth as well as Security in Depth. This has been exasperated due to security being applied to both traditional physical and information technology domains. While small nuances exist between the three, the bottom line is that each of these is grounded upon a systems approach that is needed to provide security in a comprehensive manner. Granted, consistency related to the verbiage used and a grounded understanding of these various terms should be pursued within the profession, but does not deter from the shared approach taken by these strategies under discussion.


As noted in Security Science: The Theory and Practice of Security related to this strategy, the primary components that make up DiD are some that we have previously addressed in previous lessons, but are worthwhile of revisiting as they related to this strategy.



  • Deterrence-this is carried out by instituting physical measures in a way that would psychologically dissuade a perpetrator from attempting to carry out a malicious act.

  • Detection-sensors, monitoring devices, cameras, and assigned personnel serve as viable examples of those measure employed to achieve early detection.

  • Delay-various barriers (i.e. barbed wire, natural and man-made barriers, locks, etc.) that seek to hinder the advances of an intruder.

  • Response-since the previous measures are not foolproof or prove to be inadequate, the response function is a necessary component of DiD. Whether an on-site response team or similar efforts provided by emergency response personnel, these efforts seek to counter the actions of an attacker I an overwhelming fashion.

  • Recovery-This component seeks to employ measure that would allow an organization to “bounce back” from a critical incident and resume normal operations in an expedient manner.


When an organization considers these various functions, to what degree they might be needed depends upon a variety of factors. First, the value and the level of importance placed on assets being protected must be considered. Also, a broad-based analysis of viable threats, a look at how critical an asset is if it were stolen, destroyed or limited in some way, as well as the current state of vulnerability must all be considered. These and similar initiatives serve as the core sequential functions that underpin the overall DiD strategy; one that has and will continue to serve a viable role within the security profession.


Physical and Information Security


Although this week’s lesson is specifically focused upon physical security, such efforts cannot be carried out as needed without also considering the impact information security has on them. Although the specific measures related to protecting the cyber operating environment are unique and must be treated separately, the direct connection one has upon the other cannot be discounted or overlooked. In the report, Physical Security and Why It Is Important, the author makes this very point, albeit from the vantage point of the IT professional. As correctly noted by Hutter,” Physical security must be implemented correctly to prevent attackers from gaining physical access and take what they want. All the firewalls, cryptography and other security measures would be useless if that were to occur” (2016, p. 1). He also goes on to tout the need of a “layered approach” to provide this needed joint security; certainly a perspective supported by what was just addressed related to DiD. So how does physical security actually relate to IT security? One example would be preventing unauthorized access into an area where mobile devices or computers are stored. If this technical equipment is located in a locked room, where access to the building is controlled through various means (i.e. ID card, biometrics, etc.), the perimeter of the complex is surrounded by appropriate fencing, and security guards patrol the area on both a regular and random basis, we can see where this layered approach would serve as an effective deterrent. However, the security professional must recognize that threats can be both internal and external in nature. So unfortunately, there must be a recognition that employees can serve as a viable threat as well. Yet this must be balanced with addressing employee safety within the overall security policy, while being cognizant of the laws and regulations that address protection of privacy.


Conclusion


As this week’s lesson highlights, providing security from a physical standpoint requires appropriate planning if an organization’s assets are to be protected in a responsible manner. Administrative, technical and physical controls must all be considered and utilized to combat identified and anticipated threats. A layered approach has been found to be the most effective in providing physical security, where a host of options are available to the security administrator. There are a variety of resources to aid in this effort, not the least of which are the employees of the facility/complex being protected. They have a joint responsibility in safeguarding assets and must be incorporated in the overall planning and implementation process.


References


Coole, M., Corkill, J. & Woodward, A. (2012) Defence in depth, protection in depth and security in depth: A comparative analysis towards a common usage language. Edith Cowan University: Australian Security and Intelligence Conference. Retrieved from http://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1023&context=asi


Fischer, R.J., Halibozek, E., Green, D. (2008). Introduction to Security, eighth ed. Burtterworth-Heinemann, Boston.


Hutter, D. (2016). Physical security and why it is important. SANS Institute InfoSec Reading Room. Retrieved from https://www.sans.org/reading-room/whitepapers/physical/physical-security-important-37120


Schaefer, L., & Mazerolle, L. (2017). Putting process into routine activity theory: Variations in the control of crime opportunities. Security Journal, 30(1), 266-289. doi: http://dx.doi.org.ezproxy2.apus.edu/10.1057/sj.2015.39


Smith, C., & Brooks, D. J. (2012). Security Science: The Theory and Practice of Security. Burlington: Butterworth-Heinemann.


Sun Tzu. (n.d.) Art of war quotes: Sun Tzu quotes from the book the art of war. Retrieved from http://www.artofwarquotes.com/

Answered Same DayFeb 25, 2021

Answer To: Discussion Questions:What insight can you offer concerning the “routine activity theory,” as well as...

Parul answered on Feb 26 2021
147 Votes
Routine Activity Theory is a sub-set of criminology and rational choice. It was developed by Lawrence E Cohen and Marcus Felson. This theory offers very influential and impactful insights that originates from the criminal issues and problems occurring. Essentially, at the centre of this theory lies the concept of lack of effective controls and criminals will prey upon the suitable targets. In order to commit any crime, a motivated criminal or perhaps offender is required to come on the same page as the target in picture. Applying the routine activity theory in real life practical situation, like the crime on property the target can be...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here