Book Review: Critical Infrastructure Risk Assessment
By Ernie Hayden, PSP. Rothstein & Associates, Inc.; Rothstein.com; 364 pages; $74.99.
Ernie Hayden’s Critical Infrastructure Risk Assessment: The Definitive Threat Identification and Threat Reduction Handbook is a comprehensive work that clearly provides the reader with details from foundational authoritative documents about U.S. critical infrastructure, including various executive orders, congressional laws, and presidential directives.
Hayden gives an international perspective from a handful of key industrial nations, and he clearly highlights shared dependencies and similarities. The book does a thorough job of explaining the various components of critical infrastructure, risk, and risk management well enough to enlighten someone new to the subject or to reinforce the knowledge of a skilled security specialist.
The bulk of the book covers the process of conducting a risk assessment and provides excellent outlines for the performance and documentation of the assessment. Hayden provides clear details of risk assessment methodologies so that the reader can clearly identify the differences and determine which methodology is most applicable for specific assessments.
The book describes the requirements of conducting a pre-assessment, observation criteria, on-site actions, and the steps to conducting the final report. Of special note is the sample risk assessment report, which provides a clear example of a complete assessment report—complete with pictures and format outlines for the reader’s use.
The author achieved his intended goal of providing a template for conducting a risk assessment. This book is clearly formatted and organized for easy reference use, and its logical and beneficial construction is worthy of use by every security specialist, whether practitioner or consultant.
Reviewer: Joshua D. Fowler, CPP, is a retired U.S. Air Force Security Forces officer with 28 years of antiterrorism, emergency preparedness, and law enforcement experience. He currently conducts worldwide red team testing of U.S. Customs and Border Protection locations for chemical, biological, radiological, nuclear, and explosive (CBRNE), fraudulent document, human smuggling, and narcotics threats.