suomi
YSecurity - a more useful way to see security.
MainNewsYSecurity ModelsReference LinksMaterialForumContact

REFERENCE

Assets

Tangible and intangible assets form an element, which is required by the operation in order to reach the goals. In a way, assets are like pieces of puzzle, i.e. basic ingredients needed to create the whole of the operation. Sufficient levels of operational environment, operational structures and processes are required to establish and maintain level of assets.

The symbol below marks a situation when assets are not contributing to the operation because of the condition or insufficient level. The reasons for this can be insufficient input from participants or threats hindering or preventing the proper utilization of assets.

 

Vulnerabilities

Weaknesses or breaches, which hinder the protection of the operational elements with measures, or harm the preparedness to carry on operation in case of realized threat consequences. Vulnerabilities are well described by saying "chain is as strong as its weakest link". Vulnerabilities can be fixed by measures. Participants make their own interpretations of vulnerabilities. Interpretations are not necessarily correct.

 

Trust

Participants have trust in credible measures. Trust is based on the interpretations of efficiency of measures. Interpretations are not necessarily correct.

The symbol below marks a situation when there is lack of sufficient trust.

 

Expectations

 

Participants have expectations regarding the output of operation.

Input

The sufficient levels of assets, processes and operational structures are established and maintained by input from participants. Without sufficient input operational elements cannot be acquired/created or properly utilized. Input is also required to acquire/create and properly utilize measures. Input can be money, work contribution, knowledge or something else given by participants for the operation.

The symbol below marks a situation when the input is not sufficient.

 

Processes

Series of actions, an element, which is required by the operation in order to reach the goals. Processes are means to bind assets - the pieces of puzzle - together as a whole that contributes to the operation. Sufficient levels of operational environment and operational structures are required to establish and maintain level of processes.

The symbol below marks a situation when processes are not contributing to the operation because of the condition or insufficient level. The reasons for this can be insufficient input from participants or threats hindering or preventing the proper utilization of processes.

 

Risk Management

 

Actions and means aimed at actually minimizing the impact of threats to operation.

Risk

Risk is used as means to measure the operational relevance of threat. In a way, risk is used as threat indicator, with information about the possibility and influence of the negative impact. Therefore, risk can be defined as potential harmful outcome, whose harmfulness and level of possibility are 'known'. Risk is needed as a tool in order to be able to deal with the uncertainty of the future in appropriate way in the operational context.

The symbol below marks a situation when the possible realization of risks do not hinder or prevent the operation from reaching its goals.

 

Measures

Measures are actions and means aimed at protecting operational elements against threats, or establish the level of preparedness to carry on operation in case of realized threat consequences. Measures are also needed to fix vulnerabilities. Effective measures reduce risks. Participants make their own interpretations of measures. Interpretations are not necessarily correct.

 

Participants

 

All those, who 1) have expectations regarding outcome of the operation, 2) have given or are giving input for the operation, 3) who are able in some way to alter the level of their input if wanted.

Operational Elements


 

Assets, processes, operational structures and operational environment are called operational elements.

The picture below describes the hierarchical relationship of the operational elements. Sufficient level of processes is required to establish and maintain level of assets. Sufficient level of operational structures is required to establish and maintain level of processes. Sufficient level of operational environment is required to establish and maintain level of operational structures.

 

Operation

 

Activity or lack of activity aimed at realization of wanted future. In the community context this means the utilization of operational elements in order to reach goals (see picture below).

Operational Environment

Element, which cannot directly be influenced by the input of participants but is required by the operation, in order to reach the goals. From the standpoint of operation, operational environment is an external element which is not dependent on operation. Operational environment is an element, which can possibly be chosen, and it may be possible to prepare for the changes and their impacts. Some measures can possibly protect the operational environment against threats. The nature of operational environment is well described by metaphor: "in a dark room it is not possible to assemble a puzzle".

The symbol below marks a situation when operational environment is not contributing to the operation because of the condition or insufficient level. The reason for this can be threats hindering or preventing the proper utilization of processes.

 

Operational Structures

Structures of community relating to the utilization of assets and processes, in order to reach goals of operation. Intentionally and unintentionally formed official and unofficial relationships and arrangements between individual members, groups, and operational units. In a way, operational structures are the base on which the puzzle can be assembled. Sufficient level of operational environment is required to establish and maintain level of operational structures.

The symbol below marks a situation when operational structures are not contributing to the operation because of the condition or insufficient level. The reasons for this can be insufficient input from participants or threats hindering or preventing the proper utilization of operational structures.

 

Security Management

 

Security management is composed of risk management and sureness management.

 

Security

 

Sureness about realization of expected future, based on sufficiently realistic interpretation of relevant factors.

The symbol on the left is "security" when:

AND

Threats

 

Something that may have negative influence on operation by causing damage to the operational elements, or by some other way hindering or preventing the utilization of the operational elements. Participants make their own interpretations of threats. Interpretations are not necessarily correct.

Sureness Management

 

Actions and means aimed at establishing and maintaining sureness of participants based on as realistic interpretation of relevant factors as possible.

 

Sureness

 

Participants need to feel sure about the realization of expected output in order to give input for the operation. Sureness is positive feeling about the realization of wanted future and is not connected to the actual realization of expectations as such but is based on subjective impressions regarding realization.

Community

 

Group of individuals who interact. Community is held together by common goal supposedly serving satisfaction of individual needs, i.e. community is held together by individual perceptions of usefulness of the common goal.

YSecurity
(Security in the Community Context)

Sureness of participants about realization of expected future, based on sufficiently realistic interpretation of relevant factors and weighted by the significance and alteration sensitivity of individual inputs.
Copyright © Jere Peltonen