CFATS prescribes a risk management approach to security

This entry was posted by on .

CFATS – Chemical Facility Anti-Terrorism Standards has been enacted by Department of Homeland Security to protect infrastructure that includes production, storage and transportations of chemicals that are hazardous in nature.

Various government regulatory agencies have created classification systems for different kinds of materials. According toe the American Chemistry Council, the US chemical industry produces $755 Billion dollars in product every year. These products are categorized as

  • Basic Chemicals
  • Specialty Chemicals
  • Agricultural Chemicals
  • Pharmaceuticals
  • Consumer Products (e.g. cleaning agents, hair dyes etc.,)

Many of these products may not be hazardous by themselves, but when combined with others may have the potential of causing great harm. Some of the chemicals of concern are classified as:

  • Toxic Inhalation Hazards (TIH)
  • Flammable Gasses and Liquids
  • Security Sensitive Products – Weapons Grade Material
  • Security Sensitive End Use Markets

CFATS prescribes risk-based performance standards that include:

  • Access Control
  • Credentialing
  • Cyber Security – including control system and SCADA security
  • Record keeping, training and emergency response
  • Testing of security equipment
  • Incident Reporting
  • Deterring, detecting and delaying attacks

AlertEnterprise delivers a complete CFATS security solution:

  • Identify Covered Facility and Chemicals of Interest (COI)
  • Interface to all cyber assets – both IT and Physical Access Control Systems
  • Monitor credentialing process
  • Manage privilleged access to secure information
  • Complete security vulnerability assessments and correlate to other threats
  • Accept results from existing Top-Screen or CSAT assessments
  • Deliver visual remediation management and incident management capability

Building a true cyber security program requires awareness of what people are doing with their access not only to IT system and cyber systems, but also with their physical access to critical assets. What was the time of day? who else was there? what assets did they have access to

Threat scenarios that AlertEnterprise protects against:

  • Theft, Diversion, Misuse
  • Catostrophic release
  • Tampering
  • Cargo theft
  • Chemical Diversion
  • Asset theft during social and political unrest

For more information on this and other security convergence solutions from AlertEnterpris, contact me at

One thought on “CFATS prescribes a risk management approach to security

Comments are closed.