Page 30 - SyI Quarterly - Q3 and Q4 Edition 2023
P. 30
Know your Institute
Know your Institute
Industrial Safety and Protective Security: A Cheese
& Onion Flavour
By Frank Cannon CSyP FSyP
6.2. Multiple Defences. Both models recognise the importance of having multiple defences in place.
The Swiss Cheese Model highlights the need for various safeguards, such as policies, procedures,
training, and equipment. The Onion Skin Defence-in-Depth concept advocates for a combination of
physical, technological, and behavioural measures to protect assets or information. In both cases, the
idea is to have a range of overlapping defences that collectively enhance security or safety.
6.3. Human Factors. The Swiss Cheese Model emphasises the role of human error and organisational
factors in accidents, highlighting latent and active failures. In contrast, while the Onion Skin Defence-in-
Depth concept acknowledges human behaviours, it primarily focuses on physical and technological
measures to deter and mitigate threats. The human element is still relevant, but it may not be as central
as in the Swiss Cheese Model. Arguably, therefore, there is an opportunity to increase the human
behavioural aspect within the Defence-in-Depth concept and take the learning from Reason’s Swiss
Cheese Model.
6.4. Domains of Application. The Swiss Cheese Model is primarily used in industrial safety and risk
management, addressing accidents and hazards in complex systems. On the other hand, the Onion Skin
Defence-in-Depth concept finds its application in protective security, such as safeguarding assets,
facilities, or information from motivated and capable threat actors. While they share some underlying
principles, their specific domains of application and contexts differ.
In summary, the safety focused Swiss Cheese Model, and the protective security Onion Skin Defence-in-
Depth concept share similarities in their layered approach to risk mitigation and the recognition of the
need for multiple defences. However, they differ in their focus areas, with the Swiss Cheese Model pri-
marily targeting industrial safety and the Onion Skin concept focusing on protective security. Does there
need to be a difference, surely both are designed to safeguard an organisation’s people, therefore a
blended approach is better.
7. Would an Organisation Benefit from a Blended Approach?
It is advisable for an organisation to adopt both the Swiss Cheese Model and Onion Skin approach to
creating Defence-in-Depth to safeguard its employees from both industrial hazards and adversarial
attacks. These two concepts complement each other and provide a comprehensive approach to risk
management and protective security.
By implementing the Swiss Cheese Model, the organisation can effectively address industrial hazards
and safety risks. As previously mentioned, this model emphasises the identification and mitigation of
latent and active failures within the system. It promotes a proactive approach to safety by implementing
multiple layers of defence, such as safety policies, procedures, training programmes, and physical
barriers. The Swiss Cheese Model helps identify and address potential weaknesses and vulnerabilities
within the system that could lead to accidents or workplace hazards.
30