Site Security KPIs – Measuring and Managing Risk

​How do you assess, report and manage the security and risk Citicus_logo_LON12.jpgstatus across multiple sites in an objective and consistent way? This presentation draws on research into ways of doing this for information systems that can be directly used for assessing physical security risk. The approach has also been used successfully for assessing risk in the supply chain and for industrial process control systems. If applied across all these areas it can provide an integrated view of risk, in particular bridging the cybersecurity/physical security domains.


Simon Oxley, Managing Director, Citicus, UK

Simon Oxley has a Doctorate in science from Oxford University and has been working in the security field for over 30 years. He has held CISO roles at Reuters and National Power. In 2000 Simon, co-founded Citicus Limited to develop risk management software and services. He is Citicus’ Managing Director. Simon has particular interest in Citicus’ work on managing risk for industrial control systems and site physical security assessment. Simon is an active ASIS member and has served on the council of the Information Security Forum (ISF). He is a regular speaker at international conferences on security and risk.