Security planning must take into consideration that the Adversary sets the agenda and is better informed when plotting than the security strategist.
The threat adversary sets the agenda. This is an important and too little discussed reality.
Building occupants, even building security, do not know that an adversary is considering an adverse attack or criminal intrusion. The building and suite occupants “blindly” implement security measures that are customary and often “cosmetic”. However, the adversary has an agenda:
- They have an objective ranging from simple theft of purses and wallets to incidents of workplace violent, including rage killings.
- They know the “territory” – they have studied and surveilled the building and avenues of access. They know how ineffective the lobby guard is. They have a target and a plan.
- They want to enter incognito – their observations of building activity show they what to do to maintain a low profile.
- In active shooter situations, they may be suicidal and have no plan of escape, which makes them very dangerous.
- They will likely identify the same vulnerabilities that have been identified during a security assessment.
Security countermeasures must mitigate these risk as far as is reasonable and possible. They should be deterred by at least two access-controlled perimeters to complicate their plan and increase their risk of detection.
Watch for our series of blogs on the security assessment process.
A recent FBI report reveals that a majority of active shooters spend at least a week planning their attack and often attack people and places with which they were already familiar. In the majority of active shooter cases, the active shooter knew and actively targeted at least one of the victims.
In this growing threat environment, employees are expressing concerns about acts of workplace violence and active shooter. The most important security measures for workplace protection are employee awareness training and a fundamental building security program.
A thorough and detailed building security vulnerability assessment (SVA) and report are the first steps in developing an effective building security program to protect people and critical assets. The SVA provides for the foundation of a risk management program.
The objective of conducting a security assessment is to assess security risks as a means to assist management in identifying and understanding the risks that face the organization. This assists management in making informed decisions on the adequacy of security and the need for additional security countermeasures to address threats, vulnerabilities and potential consequences.
Contact Don Greenwood & Associates, Inc. to have us conduct a security assessment on your building or office spaces.
“I knew this was going to happen.” That is the statement given in more than 50% of workplace and school rage killings.
We have learned that employees are unlikely to report emerging situations to management unless they feel confident that management has a plan and an organized response to address the issue.
Don Greenwood & Associates has supported clients with workplace violence prevention and response programs since 1995 – companies in oil & gas, field services, manufacturing, business, chemicals and computing.
Our program is comprehensive, ready for rapid deployment throughout the workforce, and includes:
- A template for establishing a Threat Management Team (consistent with ASIS and SHRM guidelines) that includes specific responsibilities for Security, HSE, HR, Legal, and Operations.
- A Quick Action Guide addressing active shooter situations – ready for distribution to your employees immediately.
- A PowerPoint training program for employees that encourages reporting, engagement, and concise standards of behavior.
- A PowerPoint for managers and supervisors with guidelines and standards for intervening in and managing workplace disruption.
- Training materials to help employees formulate their own plans for run, hide, and fight – based on their immediate workplace environment.
- Guidelines on assessing the potential for violence in emerging situations and strategies for managing these threats.
The program is complete, cost effective, and ready to tailor to your company’s needs and culture.
Send me an email or give me a call for more information – Don Greenwood, firstname.lastname@example.org, 281-435-2339.
Check out our website – www.greenwoodsecurity.com
Don Greenwood & Associates, Inc. – Full Service Security Management Consultants since 2003
On Tuesday, February 21, there was a report of an active shooter at Ben Taub Hospital in Houston. The subsequent “Code White”, broadcast on the hospital PA system, prompted an immediate evacuation and Houston PD launched a full SWAT response. It was great to hear how one articulate, smart employee reacted when panic spread among her co-workers. She told a KHOU reporter:
- I locked and barricaded my door
- I turned off my light
- I put my phone on silent
- I turned off my computer
- I pushed my chairs against the door
- I texted other employees
- If your phone is on silent he may not even know where you are and you can communicate safely with others
- It is unfortunate and it is just a different time. The world is constantly changing and we just have to be ready.
She remained in this self-imposed lockdown until the Doctor for whom she worked told her it was time to, and safe, to evacuate.
Whether she learned from a formal training session, from TV, from a poster on the wall, I am not certain. I know she responded well and I know that basic awareness and response training can save lives by giving people the confidence to react calmly, organize their thoughts, and do the right thing under pressure.
A few weeks ago, USCG officers arrived at a regulated facility, and observed the main gate security officer not inspecting and validating TWIC cards, and not conducting vehicle inspections as required in the Facility Security Plan. For a moment, the USCG considered shutting down the facility. Recently the USCG also released a list on common MTSA Facility Violations.
We are often retained to conduct brief audits and training moments with entry guards. It works like this: one of us arrives at the entry point and observes security checking in and admitting people to the facility. Then we check in ourselves and spend a few moments with security management to relay our findings. Within moments, we return to the security post, explain that we just conducted an audit and spend a few moments renewing their training. These moments are powerful training tools that will not soon be forgotten. Ken Blanchard, the author of The One Minute Manager, said that supervisors should make every encounter with their staff a learning moment:
- Catch them doing something wrong, quickly reprimand and then take a moment to retrain.
- Catch them doing something right, quickly praise and let them know what they did so well.
- Or, just stop by for a one minute reminder on a procedure or conduct that is important.
Penetration audits can give some indication of how well personnel are performing, but the real value comes from the training that results.
Picture a large manufacturing facility with a robust security infrastructure: access controlled gates and entry doors, security guards on post and roving, monitoring with CCTV cameras, and perimeter intrusion alarms. Here all employees have participated in security awareness briefings. Management decided to test their employee’s response to intrusion by conducting a Penetration Audit, and the results were disappointing. On the flip side however, the after action review with the employees was in itself a powerful training tool.
A consultant was hired who during the daytime climbed over the fence wearing street cloths and carrying a backpack and a clipboard. He wandered through various buildings and processing areas. As he walked he encountered more than a dozen employees. Many greeted him with a nod. Two employees stopped him and said that fire resistant attire (FRC) was required. The consultant said his FRC gear and hardhat were in the backpack and he would go change into them. One employee showed him the location of a change room for that purpose but did not stay with him.
No one asked what he was doing, who he was, and no one reported him to Security. The positive benefit came when management met with employees for an after-action review. One can bet that in the future strangers on site in this facility will be challenged and reported to security. One can also ask how different the outcome of the audit would have been if it were pre-announced.
Years ago, the security department at Apple hired a smart PI to test security. His mission was to get into the many facilities without screening by the lobby security guards, then leave out the same lobby obviously carrying a large box. On his first audit run nine of ten security officers failed to stop him. He was a glib talker wearing a suit and his demeanor intimidated most of the guards. Again, no one reported him to security management. As a Security Manager, I always preferred to pre-announce penetration audits and did so for the second run of the audit in a different set of buildings. This time, the auditor found the guard force tuned up and 90% of the guards did the job right, stopping the man, asking for ID, and escorting him out of the building.
The results of penetration audits can be surprising to management whether pass or fail. The value of these exercises as training moments that become imbedded in their long-term conduct is significant; either way – surprise audits or pre-announced penetration tests.
Don Greenwood was interviewed for an article for HRTools.com on Developing a Workplace Violence Plan:
Top 3 Things Your Workplace Violence Plan Should Contain
By: Jennifer Leahy | Wednesday, December 01, 2010
Perhaps everyone who works in your office gets along perfectly and there is never a cross word. Maybe all of your customers and suppliers are equally as delightful and would never harm anyone under any circumstance. Most companies aren