Active Threat Preparedness and Technology
By Robert Dodge
2021 appears to have been the most violent year in the U.S in two decades. We thought that 2020 was bad, but in 2021 we have seen an 18% increase in violence year-over-year.
Things aren’t much better in Latin America. The region has more than a third of the homicides globally, despite having about 10 percent of the global population. Out of the 50 most dangerous cities in the world, 47 are in either North or South America.
Here in the U.S., OSHA says that there are around two million complaints of workplace violence per year. This includes different types and intensities of incidents, from threats and intimidation, to physical assaults, to the most terrible of all, mass casualty shootings.
I will argue that competent security and risk management start with, and largely depend on, how well we conduct access control both physically and virtually. The number one mitigation goal in a potential armed incursion is to create time and distance from the threat, focusing on the basics to saves lives and on the critical concepts of: deterrence, detection, delay and response. These are the key elements of your physical security program and they should be effective against any threat.
In my previous article, I discussed some common characteristics of offenders and how to spot them. In this article, I want to share some prevention strategies, specifically, five technologies and process areas to focus on in your security plan.
Access Control Principles
When we think of access control we typically think of electronic locks. But there’s more to it. Consider adding these questions to your security evaluation:
- - Are you effectively monitoring both approaches and departures for your facility, using human or technology-based methods?
- - Are you controlling your access points into the building?
- - Are you segregating the staff from the guests, and known vs. unknown persons during access process?
- - Are you assessing for suspicious behavior at your access points? Do you have specific training and procedures for your staff to follow regarding this?
- - Are you limiting the movement of unknown or unescorted visitors into the facility?
- - Finally, are you including the police and fire department in your emergency planning beforehand by, for example, sharing your floorplans, locations of your emergency systems and the layout of your grounds? Do you understand what their tactical response is going to be? Do they know if and how they can access your security video feed or other security systems in case of an emergency? Your organization’s ability to rapidly and competently integrate the first responders into your facility will saves lives.
Security cameras are now relatively commonplace. I will leave the subject of camera types and video analytic software for another time; for now I would like to stress the importance of setting up the cameras properly. Namely, the field of view for all of them must be set up correctly to detect and assess the threat.
These are some of the most common issues I notice when visiting client sites – cameras that offer incomplete coverage of the premises and the field of view that does not match the likely threat scenario. This occurs either because they were installed incorrectly without the benefit of a proper risk assessment done beforehand, or because they were somehow degraded by mechanical or weather related actions and environmental changes. When I do risk assessment for a client site I like to ask for all of the camera images or screenshots from their security operations center (SOC) and then mark them up in my report visually for needed improvements.
A correctly set up field of view helps in multiple ways: we can spot suspicious behavior more easily, pinpoint the exact location of the threat, hopefully track movement, and help assist in the police response. Needless to say, it is also important to have a sufficient number of cameras, and even more importantly to have clear processes about how the video feeds are monitored. Live monitoring agents watching the cameras are good; software-aided monitoring, using smart video analytics, is far better.
Generally speaking, humans using security cameras are not as good at detection as we think they are. Humans are much better at assessment. By incorporating analytics, humans can raise the bar of their detection abilities and increase the effectiveness of your monitoring. Good monitoring allows us to rapidly detect, classify (human vs. animal, for example) and identify potential threats.
When an incident starts, the speed of the response often determines the number of lives saved or lost. Modern gunshot detection systems can identify a gunshot instantly, and immediately send the notification to your SOC. I have spoken to clients who’ve been notified about the shooting by the gunshot detection system and whose SOC called 911 before anyone at the site even did. The speed matters immensely.
Today, there are two types of these systems: acoustic feedback and infrared. The former detects the incident using sound; the latter detects the flash from the weapon. Some of the newest systems have dual authentication, where they combine both technologies to eliminate false alarms and improve detection. The cost of this technology has come down in recent years, so they are not that expensive to implement.
Mass Notification Systems
As critical as the speed is when it comes to the response and the saving of lives, so is the reach of your communications. Specifically, having the ability to immediately notify your employees through multiple channels such as text messages, apps, phone, email and public announcement (PA) systems, can enable more of your people to evacuate or shelter quickly. One method is not enough, because one method can fail, and even if it doesn’t, not everyone may be paying attention to it at the critical moment. An overlap or redundancy in communication systems is necessary.
Your emergency notification tools should also have a two-way communication capability. People who might be hiding or sheltering in place can then contact you and give you valuable intelligence that you can relay to the responders. It should go without saying that a clearly defined process is a must, especially about who is coordinating, communicating, and responding.
Although this term has become somewhat of a buzz phrase, smart buildings are real. They can automate processes and further strengthen your incident response strategy. An example is the building where certain doors are automatically locked in certain events, or that can be controlled remotely from your SOC.
Another example is the ability from your remote monitoring agents (or service providers) to communicate with building occupants via the public announcement (PA) systems while watching security footage live. Yet another example is the use of various sensors that can be placed in floors or ceilings, which can then detect movement and determine if an unauthorized person is present, where, and which way he or she is moving. The good news about smart buildings is that they don’t have to be built from the ground up. Oftentimes, the systems you already have can be incorporated or enhanced with new technology, keeping the costs of the upgrades down.
An Ounce of Prevention vs. the Pound of Cure
At the beginning of the article, I mentioned that OSHA receives over two million reports of workplace violence per year. Thankfully, most of these do not result in deaths. However, many do result in legal troubles for the company. The average cost of a workplace violence litigation case is approximately $1.2 million.
All of us, who have been in the security industry for a while, know that winning the budget for the systems and manpower we need to do our jobs, is always an uphill battle. For many corporate boards, security is not front-of-mind when things are going well and no incidents have happened in recent memory. But even one incident can cost more in dollars than that ounce of prevention in terms of systems and manpower, not to mention the immeasurable cost if a life is lost.
So the next time you head into the budget battle, consider arming yourself with some research from OSHA, FBI, security providers and other reputable agencies that track the awful costs of violent acts. Violence typically drives spending in the corporate world, so understanding your violence risk picture will support your program protection goals. Focusing on numbers backed up by evidence might just help you win that battle.
* * *
Robert Dodge is the Chief Executive Officer, Global Risk Services at Prosegur USA.
Robert is a recognized global security expert with over 25 years of experience in security, investigations and consulting. He has worked on security and investigative projects in more than 90 countries around the world.
Robert currently serves as CEO of Prosegur Global Risk, a key business unit of the world’s third largest security company, where he leads the team that advises some of the largest organizations around the world on risk mitigation and security strategies. Prior to joining Prosegur, he was Global President of the Corporate Risk Services Division at G4S. He also spent 14 years with Pinkerton, one of the world’s largest risk management firms as the International Senior Vice President, responsible for managing all of Pinkerton’s international offices and operations. Early in his career Robert served honorably in the U.S. Navy.
Robert regularly speaks and writes on the matters of security and risk both domestically and internationally.