RISK Alert Alert #590 – White House Security BREACHED
UPDATED Dateline: Sept 23, 2014
White House Attacker had been ARRESTED TWICE BEFORE, INCLUDING ON AT THE WHITE HOUSE, CARRYING A MACHETE!
In Federal court, prosecutors said the Gonzalez car contained 500 rounds of ammo, guns, assault rifles, a hatchet and a machete!
AND HE HAD BEEN ARRESTED TWICE BEFORE, including in August 2014, carrying a hatchet on the White House Lawn. And on July 19, after being spotted driving recklessly in a gray Ford Bronco, Gonzalez was charged in Wythe County, Virginia, with evading arrest and possession of a weapon after he was found in possession of 11 weapons, including a sawed-off shotgun, assault rifles and knives, and map — with the White House circled!
The Nation Was Shocked on Sept. 19 when an intruder not only jumped the fence,
but was ABLE TO ENTER THE FRONT DOOR of the White House. Controls that should
have been in place were apparently not ready for an actual security incident.
When even elementary schools have access control and card key systems, it is really hard to believe that there is NO CARD KEY SYSTEM for the White House.
SECURITY IS A PROCESS, and that’s why Security Plan, Security Policies, and Security
Procedures are in place for every U.S. Federal Building. Obviously, at the White House, the process is broken, or agents are willfully ignoring the security controls which should be in place 100% of the time. Every government building should have strong access control systems in place.
The intruder, Omar Gonzalez did the unthinkable, according to the Washington Post. They reported that the 42-year-old ex-veteran from Texas climbed over the north fence line along Pennsylvania Avenue, toward the eastern side of the house’s circular driveway. His breach set off the standard security alarm across the compound. Officers rushed to the North Lawn but were unable to reach him on foot as he ran, arms pumping, threading the needle between the fountain and a security guard booth and ignoring their commands that he stop.
Gonzalez actually entered the White House because the door was UNLOCKED!
What We Learned:
Security Procedures and Policies MUST BE FOLLOWED 100% of the Time for Security to be Effective. In this incident, the major problems included:
Front Doors MUST BE LOCKED to keep intruders out.
Canine that was on the job should have been released.
Active Monitoring of cameras was not effective. Was the intruder missed?
The perimeter fence is obviously not up to the job. In fact, a 2nd jumper
breached the fence again on the same day,RISKAlertis a publication of Risk & Security LLC
Prisoner Grabs Deputy’s Gun at a West Union, Iowa Hospital, Shoots Deputy & Turns Firearm on Himself.
At Palmer Lutheran Health Center, a full service hospital in West Union, Iowa, an inmate who was brought from Fayette County Jail on Saturday morning, August 23, at 8:30 am, grabbed the County Sheriff Deputy’s gun and demanded he be released, the deputy used a non-lethal device on the inmate, who then shot the deputy at close range. The inmate then killed himself with the handgun.
The deputy, who was wearing a bulletproof vest, was shot in the stomach, but was treated and released at the site of the incident. The inmate, still unidentified, grabbed the gun when one of his hands was released for his medical treatment.
LESSONS LEARNED:
1. Forensic patients (prisoners) know it’s easier to escape
from the hospital room, or hospital bed, than it is to
escape from the County Jail! Security should be
present to support law enforcement. One deputy is
a minimum. Deputy with security officer present is
better.
2. Wearing a bulletproof vest saved the deputy’s life during the incident. Security officers should consider having bulletproof vests available when dealing with this type of patient.
According to research in the Journal of Injury Prevention, “Shootings in U.S. Hospitals 2000 – 2011,
in 23% of shootings within hospital emergency departments, the weapon was a security officer’s gun taken by the perpetrator.https://www.llis.dhs.gov/sites/default/files/FA-gdkelen.pdf
IAHSS (International Association of Hospital Safety and Security), has policy guidelines for security departments that deal with forensic (inmate) patients. IAHSS members can access the Healthcare Security: Basic Industry Guidelines at www.iahss.org.
Security managers and hospital management need to make sure that All Hospital Staff including Clinical Staff
Are Warned to Use Extreme Caution When Working with or Near Forensic Patients!
According to Delaware County District Attorney Jack Whelan, police in Upper Darby, Pa., where Plotts lived, were aware of at least three mental health commitments, including once after he cut his wrists and once when he threatened suicide — but said such stays can last just one to three days. Whelan also noted in his press conference that Plotts had also spent time in a mental health facility.
Not only in healthcare, but throughout the U.S., these random active shooter trends are increasing. To see how much of this violence is related to severe mental health problems, we only have to look as far as these high profile incidents:
June 14, 2012 – Buffalo, N.Y., trauma surgeon shooting
July 20, 2012 – Aurora, Colo., movie theater shooting
April 2, 2014 – Fort Hood (2nd) active shooter incident
None of these incidents were related to poor performance review, losing a job, and only one of these could be called “domestic violence,” but what they all have in common is that the perpetrators were all severely mentally ill.
Guns scare me. Guns kill people by accident and on purpose. I never let my children play with guns. However, as I analyze the elements of these shootings and dozens more, my bias is changing. I think it’s less about guns and more about mental illness.
Healthcare and hospitals would be the one industry where you would think that people would be concerned about the state of mental health of their patients and staff. Instead, it seems like mental health problems are walled off by society, treated ineffectively, and violent tendencies (which sometimes make their way onto patients’ Facebook pages) are largely ignored and unreported by the clinicians treating them.
So it’s left to the security and law enforcement community to deal with these individuals who are paranoid, depressed, angry, frustrated, disappointed, hurt, confused, and, ultimately, violent.
Now that mental health has been re-classified as another medical problem, the money is flowing to the treatment centers and it’s covered by Medicare. But progress doesn’t seem to be either easy or effective.
Dr. Graham C.L. Davey, Ph.D. writing in Psychology Today in January said: “Many of those health professionals (GPs and family physicians) at the first point of contact with people suffering mental health problems are poorly trained to identify psychological problems in their patients, and have little time available to devote to dealing with these types of problems. This increasingly makes medication prescription an attractive option for doctorswhose time-per-patient is limited—an outcome which will have all the potential negative effects of medicalizing the problem into a “disease.”
And that’s exactly what we see, patients who don’t take their meds because of the negative side effects and so they become isolated and increasingly violent. The side effects are clearly pointed out in TV commercials, that you’ve probably watched.
For example, one medicine has side effects that include sexual side effects, convulsions, brain shrinkage, stroke, death, suicide, violent thoughts, psychosis and delusional thinking.
The increase in hospitals adding seclusion rooms, expanding the number of beds for psych patients, and the time spent by both law enforcement and security professionals in dealing with these troubled individuals, may account for one-quarter to one-third of an organization’s security budget.
Many of the security risk assessments we do are focused on handling mobile mental patients, including the baby boomers suffering from Alzheimer’s and dementia.
As violent incidents continue to increases in our society, our workplaces, and in our hospitals, we need to spend more time looking for, and demanding treatments that work and that are sustainable by the patients so they can lead happier lives and we can protect the rest of society, and our healthcare facilities, from their potentially violent behavior.
Since 1988, Caroline Ramsey-Hamilton has been a Thought Leader in All Aspects of Active Shooter and Security Risk Assessment in both Public and Private companies and organizations. Specializing in Hospital and Healthcare Security. Hamilton is Certified in Homeland Security (CHS-III), Anti-Terrorism (ATAB) and Security Risk Assessment. As President of Risk & Security (www.riskandsecurityllc.com) she works with many hospital clients, and develops affordable risk-based apps for improving security risk assessments, and publishes the RISKAlert security awareness program. She lives in south Florida with two beagles, a rescued kitty and (on weekends), 4-year old twins.
Reprinted with permission from www.SecurityInfoWatch.com
Psychiatrist Draws Gun in Mercy Fitzgerald Hospital and Shoots the Mental Health Patient who Killed his Caseworker by Shooting Her in the Face. Witnesses near the scene reported hearing screaming and gunfire, as suspect and mental health patient Richard Plotts confronted his caseworker, Theresa Hunt, and then drew his gun, and killed her. Another bullet grazed a doctor, adjacent to the scene, but the doctor had a gun of his own, and he shot Plotts 3 times in the torso.
The doctor, identified as Lee Silverman, was treated was treated for a head wound and released after being taken to the Hospital of the University of Pennsylvania. The shooter, Richard Plotts, of Upper Darby, Pennsylvania, who had a long criminal record, was undergoing surgery Thursday night at the Hospital of the University of Pennsylvania. If he survives, he will be charged Friday with murder, said Delaware County District Attorney Jack Whelan.
There is a Lesson Here— KEEP POTENTIAL SHOOTERS WITH WEAPONS OUT OF HOSPITALS.
A is for Access Control! Once a potential shooter brings a weapon into a hospital, everything is much more difficult to control. Keep them out.
Weapons should be checked at the hospital entry points and no-weapons signage should clearly indicate that weapons are not allowed, and that should be followed up with either stand-alone, or wand metal detectors which give staff members a initial level of protection.
Bernice Ho, a spokeswoman for Mercy Fitzgerald Hospital, said Thursday it was against hospital policy for anyone other than security guards to carry weapons, so there are questions about why this doctor disregarded the policy, although Donald Molineux, chief of the Yeadon Police Department, said “If Silverman returned fire and wounded Plotts, he without a doubt saved lives.”
District Attorney Whelan described how the meeting among Plotts, Silverman, and Hunt abruptly took a violent turn. Plotts and Hunt went to Silverman’s third-floor office shortly before 2:30 p.m., Whelan said. Plotts was apparently armed, and people near the room soon heard shouting.
Concerned, a hospital employee “actually opened the door, saw him pointing a gun at the doctor,” Whelan said. The worker shut the door quietly and immediately called 911. Plotts then opened fire. According to Whelan, he shot Hunt two times in the face. The psychiatrist then ducked under his desk, retrieved his gun, and came up shooting, striking Plotts three times. Keep Weapons Out of the Hospital to Dramatically Reduce Violent Incidents!
reprinted with permission from www.securityinfowatch.com
Using Risk-Based Security to Stem the Tide of Violence
in Hospitals and Healthcare
Created by: Caroline Ramsey Hamilton
Date: May 22, 2014
Hospital and healthcare security is experiencing a major increase in violence,
instigated by patients, patient families and even healthcare staff. Just last year,
there was an active shooter incident in Reno, Nev., in which two physicians were
shot, and in Houma, La., a hospital administrator was shot to death by a terminated
nurse. As recently as Easter Sunday in California, two nurses were stabbed at the
hospitals, where they worked. One was stabbed in both the upper and lower torso
and is in critical condition. These two incidents add to the more than 100 violent
incidents in 2013 and the first half of 2014.
Since 2010, violence in healthcare has skyrocketed. As a result, the Joint Commission has
issued a “Sentinel Event Alert” on the issue and contributed to numerous articles on shootings
in U.S. hospitals. The Department of Homeland Security and a consortium of state and local
hospitals recently released a standard for active shooters in healthcare. These all point to the
conclusion that the current law enforcement-based hospital security model is not working.
Changes in Healthcare The changes in healthcare, including the increase in insured Medicaid patients and increased
traffic to emergency departments, highlights the fact that very well-intentioned people are
working with an outdated security model that hasn’t evolved to address a changing healthcare
environment. The change in billing and reimbursements for healthcare organizations, such as
tracking of readmission rates, has squeezed hospital profits causing reductions in funding in many
security departments at a time when violent events are steadily increasing.
A new risk-based model for hospital security is emerging that is less linear and more cyclical.
It uses technology to a greater extent, employs forecasting and statistical models to predict the
likelihood of future incidents, and is proactive instead of reactive, focusing money and energy on
preventing events instead of simply responding to them. This model also uses risk assessment
formulas to quickly assess the current security profile of a hospital, clinic, hospice, or behavioral
health facility, factoring in heightened threat-risk environment, not only for the facility in question,
but also adding in the wealth of healthcare data that’s now available.
Risk –Based Security Focuses on Continual Assessment A major focus of this model is the continual assessment and evaluation of preventive security
controls, which are reviewed quarterly, semi-annually, or annually to discover gaps in controls,
and to fix gaps as soon as they are identified. This dovetails nicely into the assessment models
already required by the Joint Commission, OSHA and new CMS standards.
Looking at recent high-profile security events that took in place in hospitals shows that incidents
happen because of exploited gaps in the existing security of the healthcare facility. In the past,
security officers successfully worked hard to reduce response time so that often officers could
arrive in under two minutes, but it’s still too long. In the Reno shooting, response time was under
two minutes, but that was long enough to kill two doctors.
Focusing on prevention makes sense for healthcare, much in the way the Joint Commission
focuses on patient safety, by continually assessing controls, reducing discovered gaps in controls,
and mitigating gaps by reassessing and tightening security, which creates a cycle of continual
improvement in the healthcare security environment.
Taking Advantage of Technology The healthcare risk-based security model takes advantage of technology. Instead of waiting
for manual recording of security incidents every day, software programs allow hospital security
officers to enter data at the end of each shift, and that means security directors can map what’s
happening in the hospital or facility on a daily, weekly, monthly and yearly basis. This can go a long
way to identifying trends early and help facilities make appropriate changes in controls so that
negative trends can be reversed quickly and both patient and staff security is increased.
In addition to automating incident collection and analysis, the healthcare security risk assessments
must be automated too. Risk assessments are too time-consuming and labor intensive to be done
annually. By the time the risk assessment is over, the environment has changed again. By
automating the risk assessments, including environment of care and hazard vulnerability,
it produces data that can be used instantly to analyze and recommend the most cost-effective
controls, and rank them by their return-on-investment (ROI).
The role of security in hospital and healthcare organizations is changing too. Security organizations
should no longer be isolated without intensive interaction with others in the organization, including
the human resources department, the facilities managers, safety managers, and the emergency
management staff.
New DHS Guidelines for Active Shooters in Healthcare With DHS issuing new guidelines for active shooters in healthcare, hospital emergency managers
are now required to prepare for active shooter incidents, as well as storms, hurricanes, tornadoes,
power interruptions and other events related to natural or man-made disasters. This creates a
natural partnership between the emergency management staff and the security program,
because the skills of both functions are needed to properly prepare an organization for any disaster.
Instead of existing in a vacuum, healthcare security directors and managers should cheer at
this development because it expands the importance of security inside the hospital or healthcare
facility, and underscores its value in protecting the organizational assets – the physical facility,
patients, visitors and staff – to proprietary information, including the HIPAA mandated PHI
(Protected Health Information), vehicles, security systems, high-value healthcare equipment
and the healthcare provider’s reputation.
Security budgets have always suffered because security costs are seen as operating
expenses, not an income source, but by tying the security expenses more closely to loss
prevention and protection of the organization, it creates a cost justification for hospital and
healthcare security.
Risk-Based Security Links to Hospital Compliance Standards A risk-based security model also links security to myriad compliance standards that affect healthcare
and this also supports and justifies the costs related to security. For example, hospitals are required
to have a variety of security controls in place related to tagging of newborns, posting of no-weapons
signs, and environment of care issues. Any healthcare organization accepting funds from Medicare
or Medicaid must comply with the new mandate for annual security risk assessments.
OSHA 3148 also requires hospitals and healthcare organizations to do annual workplace violence
assessments, and more than 33 states also require enhanced protection of hospital and healthcare staff.
As security incidents continue to increase and violence in healthcare escalates, making the
switch to a risk-based security program will provide better protection for hospitals and healthcare
organizations, making more effective use of existing security personnel, as well as justifying and
expanding healthcare security budgets.
For more information: contact: Caroline Ramsey-Hamilton at caroline@riskandsecurityllc.com
RiskAlert INCIDENT REPORT 552 – HOSPITAL SHOOTER Terminated Employee Shoots Staff Member during Card Game
at Veterans Affairs Medical Center in Dayton, Ohio
Allowing terminated employees to have access to a hospital or facility where they
worked before is a questionable decision, because not only anger at the organization,
but also anger at individuals and former co-workers may turn into an incident as this report explains.
In early May, a terminated housekeeper at the Veterans Affairs Medical Center in Dayton, Ohio came back to the hospital to play cards in a hospital break room with a group of current VA staff. The perpetrator, Neil Moore, had also brought a handgun to the hospital. Neil was upset because he thought another VA staff member was having a relationship with his wife, so he pulled out the gun, and as a result, one person was shot in the ankle.
It was not a typical active shooter scenario, but it does point out
the access control problem in hospitals, and also questions the
ability for anyone to walk into a hospital with a loaded gun.
LESSONS LEARNED:
1. Access to former employees should be prohibited or at least limited on a case by case basis.
2. Visitors should not be allowed to bring guns into a hospital. Metal detectors should be used to screen for weapons.
Moore, a former employee at the Veterans Affairs hospital, told police that he was going to a regular card game with
his former co-workers. He said he went to the hospital Monday intending to brandish the handgun to intimidate two former co-workers he believed were involved in relationships with his wife and daughter, both of whom reportedly work at the hospital. Moore planned to “hold the ex-co-workers at gunpoint while he punched them with his right hand,” according to court documents.
The hospital complex has beds for about 450 people and provides veterans with medical, mental health and nursing home care. It doesn’t have metal detectors at its entrances, but it does have its own security force.
VA spokesman Ted Froats said the force conducts active shooter training four times a year and showed outstanding response Monday. He said in a statement Tuesday that the hospital will consider additional steps to ensure safety, while making sure that any new measures won’t impede the hospital from providing care to veterans as quickly as possible.
When I turned on the news today, I was in the middle of writing an article on the 2nd Shooting
at Ft. Hood from last week, and then saw that there had been a violent knife attack at a
Pennsylvania high school, with 20 casualties and at least eight injured critically, the next day,
there was a hate crime shooting at the Jewish community center in Overland Park, Kansas.
Once again, we see violence on a mass scale, the FBI has been brought in, and next will come
information on the victims. With two major events, in two weeks, what can we deduce about the
security in place at both Franklin Regional High School, Pennsylvania, and Fort Hood, Texas.
NEWS FLASH: THE CURRENT SECURITY MODEL IS NOT WORKING!
CURRENT SECURITY MODELS
Disaster preparedness is improving, Emergency Management is working, but security is still not where it needs to be. It is a systemic problem based on the fact that security around
the U.S. is still locked in a REACTIVE mode, not a PROACTIVE mode.
The main reason for this reactive mode in security organizations, is because most security
officers come from a law enforcement background, with a model which is based on crimes
and arrests, and it is totally REACTIVE. A crime happens and police officers go into action
and arrest the perpetrator(s).
CRIME HAPPENS = PERP IS IDENTIFIED = PERP IS ARRESTED
Unfortunately, this reactive model does not work for preventing security incidents and mass violence
because it is INCIDENT DRIVEN, not Risk-Driven. It focuses on individuals, not on a more holistic,
generalized view of Threats, and it totally leaves Solutions (Controls) out of the equation.
After studying pages of after action reviews, post-incident analyses and media sources, the one
recommendation that makes sense is that organizations need to switch to a RISK-BASED,
PROACTIVE mode for security to work.
This was highlighted in a remark made by a Pentagon official, commenting on the 2nd Fort Hood
Shooting on April 2, and the fact that new DOD recommendations for security, had just been released.
“After the Navy Yard shooting in September 2013, another round of recommendations were made to improve security at all DOD installations, however, a Pentagon official said thatthe new
recommendations had not yet been put into effect at Fort Hood. At Fort Hood, very little had
changed from 2009 regarding security procedures for soldiers at the entrance gates.”
The question for the Department of Defense is “how could this happen again at the same military
base? I took extra time to study the 89-page document called An Independent Review “Protecting
the Force”, one of 3 reports created after the initial Fort Hood Shooting, whene 13 were killed, and
43 injured.
If you look at the recommendations, they are very bureaucratic and procedural. They could have
been written by an efficiency expert, not by anyone with a background in security, and covered things
like policy changes, and having screening for clergy and psychologists, and improved mental health
programs. These are all important, but they do not provide a secure environment.
The LAX after action analysis’ Number One recommendation was to change
the security focus to a Risk-Based approach.
RISK-BASED SECURITY
The problem with a reactive approach is that you can’t screen and lock down everyone. At Fort
Hood, for example, there are 80,000 individuals living on the base, and probably hundreds of
visitors who go in and out every day. It’s impossible to assess the mental health, and the
‘intentions’ of all of them.
That’s why a Risk-Based Approach works – because it focuses on the potential threats and then evaluates the existing controls to see whether they offer the required amount of protection based on the likelihood of the threat occurring.
You stop violent events by controlling access and by controlling weapons. No matter how unpopular they are, you use metal detectors at certain points, you use security officers at key entrances, you control entrances and exits.
Once the event starts, you can improve security by having faster notification (panic alarms), ability
to block, or disable weapons and attackers, adequate transport, better emergency response, but to
avoid the violence, you need to have strong access control.
The Risk-Based approach makes use of annual risk assessments that are holistic in nature. They
are not done in stovepipes, they include the entire organizations, they include input from staff
members, visitors, students, vendors, soldiers, patients on how they see security from their point
of view, which is always dramatically different from management or administration.
A risk-based approach requires an organization to:
Define potential security risks.
Develop standardized risk assessment processes, for gathering and
analyzing information, and use of analytical technology
Risk-Based Security focuses on PREVENTION OF NEW INCIDENTS
whether they are active shooter, general violence, etc.
Enhances security’s ability to rapidly respond to changes in the threat environment.
MORE BANG FOR THE BUCK
According the LAX (LAWA) after action report, “Simply adding more security does not
necessarily provide better security. Determining priorities and where to achieve great
value for the dollars invested requires regular, systematic assessment of the likelihood
and consequences (risks) associated with a range of threat scenarios that morph and
change more quickly now than ever before.
Collaborative engagement in a security risk assessment process across the community builds
the buy-in needed to develop and sustain a holistic security program over time. Leaders must
be open to challenging established practices and demonstrate a willingness to change direction”.
Making the switch to a Risk-Based security program is the best recommendation for those who
want to protect their staff, students, patients, vendors, clients, soldiers, and visitors from a mass
casualty event, or for all the organizations who don’t want to have a terrible incident happen in
the first place!
RISK Alert Alert #530 – Fort Hood Active Shooter-April 2, 2014
Dateline: April 5, 2014
Shock and grief were the reactions when the news said, for a second time, a shooter
inside Ft. Hood near Killeen, Texas had killed 4 and injured 13 in another Active Shooting
Incident. Everyone remembered the first major shooting attack in November 2013, when
a major killed 13 and injured 43 because he did not want to be deployed to Afghanistan.
A total of 73 injured and/or killed in the two incidents!
How could this have happened? The Department of Defense had implemented many of
the recommendations of its internal, and independent review panels, and the changes had not been enough to prevent another active Shooter incident.
The 34-year old shooter had apparently been denied a leave form, and asked to come
back the next day and he came back, with a .45-caliber Smith & Wesson semiautomatic
handgun, recently purchased at Guns Galore, and started shooting. He eventually turned
the gun on himself, after firing 35 rounds in two buildings over a 2 block area. He had a
history of mental issues, and had recently been transferred to Fort Hood.
What We Learned:The After Action Review “Protecting the Force” had detailed 89
recommendations, but by Sept. .2013, only 52 had been
implemented and none included an Active Shooter Risk Assessment. A comprehensive Active Shooter Risk Assessment has to be the first recommendation after any Active Shooter event. Recommendations from the previous shooting were concentrated
on new policies and procedures, mental health screening, education and training programs but
those controls did not directly influence PREVENTION of incidents.
A Review of the Most Important Active Shooter controls would have been more
likely to prevent a future shooter event, like:
Tightened Access Controls for Facilities
Panic Alarms
Tracking of Potential Troubled Individuals
Metal Screening for Weapons
Policy on Personal Weapons on Base
After the Navy Yard shooting in September 2013, another round of recommendations
were made to improve security at all DOD installations, however, a Pentagon official said on Thursday, April 4th, that the new recommendations had not yet been put into effect at Fort Hood. Unfortunately, at Fort Hood, very little had changed from 2009 regarding security procedures for soldiers at the entrance gates.Stay Alert and make sure that any Security Incidents are reported IMMEDIATELY!
The Los Angeles World Airports (LAWA) released the long-anticipated After Action Analysis on the LAX Active Shooter Incident in 2013.
The 83-page report was written by an independent consultant who analyzed all aspects of the Shooting incident and includes a list of “Major Observations and Recommendations.” The recommendations are “to provide focus for LAWA’s efforts toward continuous improvement in it’s security and emergency preparedness programs.
These areas were highlighted in the report as “7 priority observations that merit special consideration.
Recommendation 1.1: Evolve the LAX Security Program to reflect a more integrated assessment of security risk and provide for the ongoing development and management of mitigation measures.
Recommendation 1.2: Based on the RISK ASSESSMENT and updated security plan, consider the focus and structure of security functions to determine whether realignment and integration are needed.
Recommendation 1.3: With the benefit of recent vulnerability and risk assessments, take a risk-based approach to evaluating current security programs and explore intelligent use of technology.”
Once again, doing frequent Security Risk Assessments and managing the security program and enhancements to follow the recommendations of the Risk Assess- ment are the first recommendations in the After Action Analysis of an Active Shooter Incident.
In my experience, in most organizations, Facility Security Risk Assessments are not conducted correctly, are not reported to senior management, and not used as a tool to ADJUST AND FOCUS the security program based on RISK.
Why aren’t security risk assessments done more often?
1. People don’t have the right expertise to do a full risk assessment.
2. Security managers view Security Risk Assessments are too difficult to undertake.
3. Law enforcement personnel still do not understand the concept of risk assessments and instead, tend to rely on checklistsof controls or security elements, rather than integrating all the information to create a true Risk-Based model for security.
The solution to this problem is to use affordable, easy to use software tools, like the Risk-Pro Application for Facilties Security Assessment and their Risk-Pro Application for Active Shooter Incident to simplify the process of doing more frequent risk assessments and using them as a management tool to focus security so it will be able to recommend the security enhancements that are needed, and not only how MUCH to spend, but actually dictate the order of necessary controls.
Far from being a boring, intellectual exercise, well done security risk assessments can dramatically reduce the possibility of an active shooter event, and also mitigate the many negative consequences that come from such disruptive incidents.
Saturday morning at the Columbia Mall, in this neat, planned community was cold and many people decided
to go to the mall! Columbia, Maryland is a large mall, situated between Washington DC and Baltimore
in the Maryland suburbs. I’ve been there frequently – in fact, last month.
Unfortunately, at 11:15 in the morning, a young man entered the mall and started shooting. Some witnesses
said he was shooting down into the Food Court from the 2nd Level. The shots were centered in a surf, skateboard
and snowboarder store called Zumiez.
Two young people were killed, store employees, Brianna Benlolo, 21, of College Park, MD; and Tyler Johnson
25, of Ellicott City, MD, and a man police identified as the shooter. He had killed himself, but was wearing more
ammo and had more ammo around him.
A bystander was shot in the foot, and others were injured in the chaos that started when the 8-10 shots
were fired and someone yelled, “There’s a man shooting”. But these injuries were judged to be minor.
ONE MORE ACTIVE SHOOTER. ONE MORE YOUNG MAN WITH NO MOTIVE. Seven families devastated and looking for answers.
Again, we look at access control, and due to the NRA effect, making it ridiculously easy to carry a gun, even
a concealed gun almost anywhere, we have to start with what kind of access we should allow to public places,
like schools, malls and airports.
In a risk and reward calculation, it’s basically, does the right of an individual to take a loaded gun anywhere
they want, supersede my right to safely shop at the local mall on a Saturday morning? I think it does.
Now the burden is on the mall owners about how many of these shootings it’s going to take before we start
seeing armed guards at malls, and access control devices like metal detectors, at entrances to the larger malls.
Because think of what the mall owners lost – they lost their reputation as a “SAFE” place to go. They lost
almost a whole day of sales, and maybe they will lose another day.
The local police and county Executive were on TV saying police arrived within 2 minutes of the shootings.
and the SWAT team entered the Mall and did a store by
store search, while the media trucks assembled in the parking lot.
If people want to take loaded guns everywhere and society
thinks that’s great – then store owners are going to have to
increase security and be able to have tools to exclude these
people.
Guns are for hunting, not for shopping!
Terrible day for Columbia Mall and it’s customers, I guess it’s a wonderful day for the security industry that will sell
lots more metal detectors, cameras, monitoring, panic alarms and more. Because that’s what we need to keep
the public safe.
