Category Archives: Active Shooter Assessments

DOD-OIG Report on Security Weaknesses at the Navy Yard

The recently released 56-page report by the Department of Defense, Office of the Inspector General found that the Navy Access Control System did not adequately control the risks to the Washington DC Navy Yard and other sites under their control.

NCACS did not effectively mitigate access control risks associated with contractor installation access. This occurred because Commander,
Navy Installations Command (CNJC) officials attempted to reduce access control costs.

As a result, 52 convicted felons received routine, unauthorized installation access, placing military personnel, dependents, civilians, and
installations at an increased security risk.

Additionally, the CNIC N3 Antiterrorism office (N3AT) misrepresented NCACS costs. This occurred because CNIC N3AT did not perform
a comprehensive business case analysis and issued policy that prevented transparent cost accounting of NCACS. As a result, the Navy
cannot account for actual NCACS costs, and DoD Components located on Navy installations may be inadvertently absorbing NCACS costs
.
Furthermore, CNIC N3AT officials and the Naval District Washington Chief Information Officer circumvented competitive contracting
requirements to implement NCACS. This occurred because CNIC N3AT did not have contracting authority. As a result, CNIC N3AT
spent over $1.1 million in disallowable costs and lacked oversight of, and diminished legal recourse against, the NCACS service provider.

You can read the entire report at:  http://www.dodig.mil/pubs/documents/DODIG-2013-134.pdf

 

Courtesy Caroline Ramsey-Hamilton at Risk and Security LLC

caroline@riskandsecurityllc.com

 

 

 

 

Planning an Active Shooter Drill, Why Once is Not Enough

Almost every day I get a note that a hospital or corporate facility is planning to have an Active Shooter Drill.  That is always good news because it is a critical part of preparedness that protects not only against an active shooter incident, but also prepares the staff for other emergencies, but it may not be enough.

I’ve found that to be really effective, drills need to be supplemented with short training sessions, and also awareness programs that teach staff to be on their toes, or “situationally aware”.   Security awareness training doesn’t have to be a full time job and it doesn’t have to be expensive.

One of the best ways to create an on-going security awareness program is to make a 12-month calendar, with an activity for each month, or better yet, every two weeks.   Here’s a list of activities I use:

1.  Start with a one page newsletter.  You can have the marketing department help, or use WordPress to design your
own newsletter and email it out to all the staff.  Whether your staff is 100 people or 6000 people, it’s a great way to promote the security program.

2.  Send out very short emails highlighting news items about security incidents at other companies, especially ones in your industry, for example, hospitals.  If there’s a terrible incident at another hospital, cut and paste the story and email it to everyone.  In fact, if you’re an IAHSS or ASIS member, their publications have great stories about different security situations.

3.  Use seasonal reminders.  Now that it’s late October and daylight savings time is almost over, send an email reminding staff how to stay alert when they leave the facility after dark and head for their car.  How to use the escort service, if that’s available, or how to use your keys as a weapon in a potential incident.

4.  Buy posters to put in the cafeteria, or in the elevators that serve as reminders about the concept of staying alert and aware of your surroundings at all time.

I have interviewed more than 8000 staff members in the last 10 years, and they welcome these reminders and feel more secure just because you are keeping awareness up.   Remember, it also reminds everyone that there is a Security Department, and that is working every day to keep them safe.

The Department of Homeland Security also provides free brochures and charts you can print out and give to employees, or you can email them for the staff member to print out and put in their purse.  There are wallet sized cards, and lots of other great information you can use in your own active shooter awareness program.

Check out the preliminary OIG Report, which was leaked to Time Magazine on their swampland.com site at

Read more: http://swampland.time.com/2013/09/16/exclusive-navy-yard-dropped-its-guard-pentagon-inspector-general-says/#ixzz2f6qWCshc

 

 

What’s Your Active Shooter Risk? How to Assess the Threat!

Just the idea of an Active Shooter in your organization, whether you’re a military base, like Fort Hood, and the Washington Navy Yard, or a school like Sandy Hook, a beauty shop, a cracker factory in Philadelphia, a retail mall, a movie theatre, a grocery store parking lot, or a hundred other places, is a terrifying thought.

I lived about 3 miles from one of the shooting sites, a gas station, used by the Beltway Snipers back in October, 2002.  They killed ten people, totally at random, and critically injured three others.   Both of the snipers were sentenced, and John Muhammad was killed by lethal injection in 2009.

If you lived in the DC area, do you remember how scary it was just to pump gas into your car,  people were huddled against the side of their cars in the gas stations, and hidden by their shopping carts at the local Home Depots.

The fear of the Active Shooter comes from the seeming randomness of the action, which means there’s no way to prevent it, unless you give up, stay home, and hide under the bed all day.

But there are things you can do.  Instead of thinking of an Active Shooter incident as a totally unique situation, it’s really a form a Workplace Violence, Gas Station Violence, Parking Lot Violence and other related forms of random violence.   In fact, the Department of Homeland Security has identified quite a few steps you can take to keep yourself safer if you are in the vicinity of an active shooter (http://www.dhs.gov/active-shooter-preparedness).

Most of the shooters are mentally ill.  Normal individuals do not enjoy planning and killing strangers, and it is usually a last ditch effort, with the suicide of the shooter as the grand finale.   Their actions can sometimes be identified early, and the police can be alerted, or the Human Resources group at work, or even the local Sheriff can intervene before it gets to the actual shooting.

Signs that someone is having trouble negotiating their life, especially if that someone is a gun fanatic, with their living room full of AK-47 assault weapons and hollow point bullets, is not hard to spot, because these individuals often leave lots of warning signs, like:

  • Irrational Posts on Facebook or inappropriate tweets.
  • Threats made against friends and family.
  • A dropoff in personal hygiene, as the person gets more obsessed.
  • Problems negotiating their personal life.
  • Demonstrating signs of isolation and groundless paranoia

Organizations can protect themselves from an potential active shooter through a combination of specific controls that include elements like access control, continuous monitoring of cameras, employee awareness and training programs, clear cut evaluation routes, regular active shooter drills, and hardening of facilities, to name a few.

One of the best preventive measures is to conduct an Active Shooter Risk Assessment, which is similar to other security analyses, except that it is focused on a particular set of threats related to an Active Shooter Incident.   As part of my annual Threat Trend Reports, I’ll be releasing a new set of threat data about the Active Shooter, to help organizations calculate their risk of
having such an incident.   For example, did you know that the number of active shooter incidents has jumped from 1 in 2002
to 21 incidents in 2010?

ActiveShooterIncidentsbyYear

 

 

 

 

 

 
Locations have changed, too, and we found that

About 25% of active shooter incidents occur in schools,
About 25% in retail locations, and
About 37% in workplaces.

In future blogs, we’ll be looking at each element of the active shooter incident, and providing more information to keep
your organization safe.