Profile of the Security Liaison Officer (SLO)
The following is an outline of a model profile of an SLO. Nominated SLO’s not having the recommended pre-requisites but holding adequate credentials to qualify as prospective candidates to perform the role will be assisted through training and guidance.
L.N. 434 of 2011 [Article 8 (1)] stipulates that each designated European Critical Infrastructure (ECI) located in Malta appoint a Security Liaison Officer (SLO). The SLO shall act as the point of contact (interface) for security related issues between the owner or operator of the ECI and the Malta CIP Unit with the specific objective to facilitate cooperation and communication with the relevant national critical infrastructure protection authorities (Council Directive 2008/114/EC, 13). For the purpose of the SLO’s role any reference to an ECI shall be also applicable to all designated Critical Infrastructures (CI) located within the territory of Malta.
The principal role of the SLO shall be that of ensuring that the CI owner or operator conducts and maintains appropriate risk assessments and ensures that the CI owner or operator draws up, maintains and exercise an Operator Security Plan (OSP).
The function of the SLO shall be to identify and document CI assets and which security solutions exist or are being implemented for their protection.
The SLO activities should principally focus on preparedness, prevention and review (incorporating lessons learnt), while those on response and recovery should be limited to an audit function since these are normally covered through specific structures established within the Operator Security Plan (OSP). OSP’s are also referred to as ‘continuity’ or ‘contingency’ plans.
Academic background, skills, and attributes of an SLO:
The SLO is a subject matter specialist with a critical responsibility to facilitate the development, implementation, maintenance and review of critical infrastructure preparedness processes and solution. The role requires the support of a cross-functional team of management representatives working alongside other internal risk and continuity management disciplines, building trust and confidence that the critical infrastructure can potentially prevent a disruption and where that fails return to a pre-defined level of operation following a disruption. Equally important functions of the SLO are those of ensuring that employees and related stakeholders are aware of their responsibilities, and that the necessary resources are always available, in the event of a disruption.
Education & training:
Ideally, in possession of a degree at MQF-level 6 in risk, continuity and/or disaster management or other related comparable qualifications. Academic qualifications should be coupled with experience and/or training in business, information management, or computer science. Risk analysis experience is considered a plus. Education and training should be supported by ‘continuous professional development’ credits.
Skills and attributes infographic:
Skills:
Interpersonal skills and articulation helps to facilitate communicating solutions at all levels of management, other internal risk and continuity management disciplines, the operational levels of the critical infrastructure organisation and related stakeholders.
Attributes:
The SLO is regarded as an internal consultant accountable with assuring readiness and the continued efficient and effective operation of the critical infrastructures. The role of the SLO is complex and absolutely critical, both before and, certainly, following a disruption. Thus, the SLO must demonstrate a strong ability to:
- Communicate beyond basics, to unique audiences, developing reports and presentations at senior management level, business process owners, customers, suppliers and the national CIP authority
- Work with the organisation and other technology professionals having the ability to interact at different levels encompassing a wide variety of different competencies within and beyond the organisation
- Think in terms of processes having a structured process mindset and the ability to dissect complex critical infrastructure elements, an aptitude to define core inputs, activities and outputs ensuring response and recovery plans address each
- Analyse with the ability to consider the ‘big picture’ while evaluating all minute details, i.e. understanding organisational strategy and developing an understanding of the inner-workings of the critical infrastructure ensuring all the details are addressed
- Lead, facilitate and influence at all levels of the critical infrastructure organisation
- Organised at all times, balancing and coordinating a multitude of diverse initiatives throughout the critical infrastructure operation excelling at multi-tasking as well as in project/program management techniques in handling day-to-day tasks
- Sell and motivate preventing risk and continuity planning from developing into a tier-two initiative. This ability includes both the message and the technique used to deliver the importance of risk and disruption preparedness
- Objectively perform cost-benefit analyses and communicate unbiased recommendations to influence change. Recommendations must be aligned to strategic objectives so as to ensure that management commit to action
- Be creative using proven processes to communicate risk and disruption preparedness methodology through educating those outside the profession who struggle to appreciate the trouble involved in being prepared. Part of this is terminology, and another part is the avoidance of superfluous complexity. To achieve this the SLO should be abreast of new standards and interact professionally with stakeholders in the profession to identify new and effective ways to ameliorate preparedness
- Learn and understand current and emerging management practices by being familiar with the more important ones without the need to be an expert in each and to sufficiently engage in discussions regarding the implications of management initiatives at all levels and particularly in terms of risk and disruption preparedness, sustaining credibility.
An SLO function within a critical infrastructure environment is regarded a critical function in itself. Ultimately, the objective of the SLO is to ensure that a risk assessment is appropriately conducted and an operator security plan is drawn up, maintained and reviewed as may be required. In preparing an OSP, the SLO shall cover, at least, the:
- Identification of important assets
- The carrying out of a risk analysis based on major threat scenarios, vulnerability of each asset, and potential impact
- The identification, selection and prioritisation of counter-measures and procedures