Risk and Security LLC

Risk Assessments, Training and More

This content shows Simple View


Paris Attacks are opening shot in plan to exterminate Western Civilization

The six simultaneous attacks on Paris last night were the opening salvo in a long-planned event designed
to exterminate Western Civilization as we know it.

This is not the teenage shooter with acne and an AK15, these were trained killers, who, according to witness
statements, were professional, controlled and had no interest or compassion for their victims.  They could have
been shooting at a beer can instead of a young girl.   This is different from other terrorists attacks because it is

ATTENTION EDITORS - VISUAL COVERAGE OF SCENES OF INJURY OR DEATHGeneral view of the scene with rescue service personnel working near covered bodies outside a restaurant following shooting incidents in Paris, France, November 13, 2015.   REUTERS/Philippe Wojazer      TPX IMAGES OF THE DAY

carried out without emotion.  These terrorists are not killing PEOPLE, they are exterminating western culture, along with the people.   We saw this in Palmyra where treasured antiquities were destroyed, and ISIS plans to exterminate every vestige of
our western culture.

Security measures that may have worked for individual shooters, or small splinter group will not defeat ISIS.
We have been directly targeted and need to take drastic measures and take them immediately.  This assault
has no room left for political correctness, for ‘measured response”, or anything else.  We need to exterminate
this threat quickly and completely to maintain our quality of life.

Everything is at stake now, our paintings, our music, our art, our designer jeans, our freedom of expression,
our families and, ultimately, our lives.  As western leaders meet today, I hope they plan to present an overwhelming
attack aimed precisely at ISIS, with a show of force designed to blow them off the face of the earth.

DOD moves military bases to a higher alert status

In an unusual move today, the U.S. Department of Defense (DOD) raised the security level at
U.S. military bases because of the increasing concerns about possible attacks by ISIS (ISIL).

While the DOD cited no specific threat, they did refer to the recent attack in Garland, Texas,
(last Tuesday), after ISIS claimed responsibility for the Prophet Mohammed cartoon contest
featuring cartoons about “the Prophet”.

The threat level was raised to ‘Bravo’ level, and it’s worth noting that it’s the first time the
threat level has been that high since the anniversary of the 911 attacks on September 11,
which was the 10th anniversary of the 2001 attacks.

A higher threat level could mean 100% ID checks at the entrance to all military bases, including
air force bases, army bases, navy and marine bases.   It also puts base military police on alert
to be highly situationally aware, including investigating anything they see that might be
terms “suspicious”.  The FBI will also increase surveillance of suspected pro-ISIS individuals.

Persistent stories have been focusing on the Texas border, which may be harboring an
ISIS camp, and the right wing media has reported that an ISIS camp may be sending their
soldiers into the US on specific missions.  Although this has been widely discredited by
officials,  some circles are reporting a link to the Army’s Operation Jade Helm, a massive
military drill across nine states, which is slated for July 15th, to September 15th, 2015.

We encourage individuals to be situationally alert AT ALL TIMES, and a increase
in military alert levels would certainly be something to note.




Benghazi Hearing Demonstrates Attack Uncovered A Fatal Lack of Coordination & Funding for Embassy Security

Just two weeks ago, we were talking about the lack of coordination between DHS agencies and known intelligence on the brothers responsible.

Now we have the Benghazi Senate hearings, and here is the same problem again – lack of coordination between different parts of the State Department, and with the Defense Department, AND with the CIA and the intelligence community.

Add to this, the appalling cuts in funding for diplomatic security, and a flawed process about what needs to be done about security and protection to our embassies around the world.

“In these tight budget times, the committee has had to make some tough choices to prioritize funding.”, said a GOP aide in The Hill article (GOP cuts to embassy security draw scrutiny), by Alexander Bolton on September 18, 2012.   In spite of the uncertainly of the Arab Spring, the demonstrations every Friday in streets from Bahrain to Tunesia, the embassies had their budgets cut.

Of course, security experts are used to this, security doesn’t directly generate revenue, and it is often one of the first functions on the chopping block.  However, to cut funding to the critical embassy functions in this volatile environment, is obviously a very bad decision on the part of the GOP.

For example, the security risk assessment which are routinely done on these embassies are not done on a systematic basis.  As a risk expert, these security risk assessments should be done WEEKLY, and they should be automated so they can instantly be compared to environments in other embassies, and comparisons made by month, by year, and trends can be tracked.

If we can’t afford to do these assessments and just as important, if we can’t afford to fix the problems that assessments reveal, then we should not have embassies in these places.

The security risk assessments that are done properly must also include complete threat assessments.  “We need to develop a paradigm for managing risk“, said Gregory Hicks, a Foreign Service Officer who testified today on Capitol Hill.

These paradigms for managing risk already exist and they have been totally ignored by the State Department, which makes it almost impossible to get a clear, unfiltered view of the security situation at any embassy, at any point in time.

At least both sides of the political aisle agree, we do not want this to happen again!  Benghazi is not a political problem, it is a massive security failure problem!


Why the FBI and DHS Need Google’s Help to Track Potential Terrorists

The Boston Marathon bombings were bad enough.  The loss of life was terrible, but the runners and their families who lost legs and feet because they wanted to give their Dad a hug at the finish line were worse.

One week later, we all watch with trepidation as the first bomber is killed and the second captured bleeding in a boat in Watertown.

THE MOST TERRIBLE NEWS OF ALL IS THAT IT MIGHT HAVE BEEN PREVENTED!!  This is EXACTLY the situation that DHS was supposed to catch.  This is EXACTLY why the agencies were ORDERED to share information, and still these guys can tweet all they want, show violent Islamic videos on their web sites and call for Jihad and NOBODY NOTICES!!

This is made even more incomprehensible because the U.S. government was ALERTED BY THE RUSSIANS that one of them was DANGEROUS.

What do we need to do to get these agencies to start paying attention to these potential terrorists?  DO WE NEED TO MAKE THEM WEAR A RED SHIRT?

If the IRS can keep track of every American and in 2 minutes call up their entire history of taxes, and the Department of Labor can calculate your benefit rates in less than 1 minute, and Social Security keep track of all your information – why can’t DHS and the FBI  keep a contact database current?

Why can’t they have a person who scans these web sites and Facebook sites for Jihadist pages and then cross-references them with the site’s owner?   Why can’t a trip to a violent region of the world trigger a PING, as I heard one congressman call it.

Every company in the world has a simple Contact database on their own customers and suppliers that gives them years of data.   WHY CAN’T WE BE PROTECTED FROM THESE TERRORiSTS.

This one wasn’t hiding in the shadows – he was ON SOCIAL MEDIA!   He wasn’t locked up in a cabin – he was traveling internationally,   his brother was getting a scholarship.  And they did this FOR YEARS!!

This intelligence failure is just exactly like 9/11 all over again.  These agencies are so procedural that they cannot connect the dots.  Ok – they’re human. But we have super computers that CAN connect the dots and do profiles and create alerts…

Maybe we should call Google and get some help.  We obviously need it.



Tragedy at the Boston Marathon – What Went Wrong?

Looking at the CNN footage of the Boston Marathon finish line yesterday, I was struck by the shock of the bystanders and the chaos that followed the blasts.

Having just giving two seminars on security controls, I pulled out my list to see what could possibly have been done differently to prevent this devastating outcome, and there was the first word on the list ACCESS CONTROL.

After thirty years as a security expert and risk-threat analyst, I am about 85% sure that this was a lone wolf attacker who made his crude bombs to address some personal perceived problem, whether it was fear of gun legislation, spillover from the Israeli-Palestinian conflict, the Neo Con torture initiative, or something else.

Putting the attacker aside for a moment, the tragedy happened because SOMEONE WAS ABLE TO WALK RIGHT UP TO THE FINISH LINE AND PUT AT LEAST 3 BOMBS right near the finish line!   THiS IS NOT RIGHT.

There has to be SCREENING and ACCESS CONTROL PROCEDURES IN PLACE!  You can’t have security if you have open access to a major event like the Boston Marathon.  For year, security experts have cautioned that large crowds make a great target, and so events have paid lip service to this concept, without staying on the task, and making sure that SECURITY CONTROL NUMBER ONE –  ACCESS CONTROL  is ALWAYS in place.

But people don’t like access control, it’s too much trouble, they say.  They don’t like metal detectors, too expensive, too much trouble, too intrusive.  Well, it’s not as intrusive as having a major injury.   There are ways to secure these high profile sites, but the security community has to lead on this.

Yes, it is very sad and depressing that the world has come to this — but it has.  And it will happen again.  As long as security is perceived as too much trouble, too expensive, too tough to do, and too intrusive, there will be more tragic events like this one.



What do Benghazi and Newtown have in common? Flawed Security!

After the attack on the Benghazi mission and the tragic mass shooting at Sandy Hook Elementary, its apparent that what these two terrible incidents have in common is that security was not adequate.

In Benghazi, after the hearings and the pundits and speculation, the bottom line is that there was insufficient security.  In-place security controls were not sufficient to deter an attack, and the emergency controls were also not sufficient to recover and deal with the emergency attack.

In Newtown, at Sandy Hook Elementary, security was inadequate.  Security people often say that security is just as good as the weakest link, and despite adding new security controls, it was defeated because of the glass entry.  The shooter wasn’t allowed in so he simply broke the glass.  That slowed him up by 2 minutes, maybe. Also backup security controls were non-existent.  The shooter was observed and still there was no effective response.

There are three elements to security – DETER, DENY and RESPOND:

DETER – means to make the facility look too difficult to attack, and so the attacker thinks it’s too hard and goes away.

DENY – means that it is impossible for the attacker to get into the facility to launch an attack.

RESPOND/PROTECT means that after the attack is launched, the facility can defend itself, or to protect the individuals and/or property inside the facility.
Both Benghazi and Newtown did not deter, didn’t deny access, and didn’t have an adequate security response.

The Newtown shooting showed that this school, like many others across the country, had a false sense of security, because while some security elements were in place, the shooter easily entered the school, making the other elements irrelevant and  him to inflict mass casualties.

In both cases, the response was not adequate, it was ‘too little too late’.  And ‘too late’ means the attack can’t be stopped or contained.

The WHY is easy, because the security budget was inadequate.  These facilities did not have adequate risk assessments that could have demonstrated the critical assets contained within them.  What is more critical than classrooms of 6 year old children?  What is more critical than a State department facility with a U.S. ambassador inside?  Yet both didn’t have the protective security controls they deserved because their wasn’t enough budget for enough security.

Another element these incidents have in common is that they are both government facilities.  Yes, one was the Federal government and one was a local school district – but they both had the same problem of being short on budgets.  And when organizations are short on budgets, security is one of the first things to get their funding cut, or reduced.

Every facility needs a SECURITY risk assessment up front, how else can you allocate the funding and make sure that there is ENOUGH security in place to protect our most critical assets, our children?

A Terrible Day in Colorado – Terrorism by Twenty-Something

Just saw that now 71 people were shot at the Aurora, Colorado theatre, and 12 have died, including children.

This is exactly the kind of incident that I used to think would wake everyone up to the dangers of NOT doing annual security reviews, and  NOT allowing everyone on the planet to stock their attic with automatic assault rifles, and instead, we are at an intersection in the national dialogue where talking about assault rifles, OR security controls, is something people would rather ignore.

Whether it’s the hospital security administrator who thinks posting a simple “NO WEAPONS” sign is too much security, to the facilities who deny the security officers any weapons bigger than a purse-size pepper spray, they are actually ENABLING security incidents of this type.

I heard these officials in CNN saying, “It’s not terrorism”!   It certainly IS terrorism.  It’s just domestic terrorism, but it shows you how easy it would be for a terrorist to walk into the US, buy some AK-47s and walk into a regional mall, a batting cage, a mega-church, a hospital, a sports arena, and proceed to kill dozens of innocent people in just a few minutes.

With 71 shot, and 12 dead, it is more deadly than your typical IED in Afghanistan!  It’s more deadly because their is human ‘intelligence’ (and I use the word loosely) behind the attack.  Instead of a simple detenation event, the shooter can choose victims, look them in the eyes and then kill them.

This is an intentional event by someone so lost that he didn’t even put up any resistance to police.  Why should he, he’s already made his statement and now has his 15 minutes of fame.   That is 5.5 people killed or injured for each 1 minute of fame.

If you are reading this today, you should do a quick risk assessment of your organization and make sure your staff are developing situational awareness, watching and evaluating what is going on around them.  It may make the difference between life and death someday.

Playing Footsie with the Haqqani Crime Network

I am a risk analyst and risk assessment expert, certainly not a diplomat.  In fact,  my friends might say I am probably really un-diplomatic most of the time.  I like the direct approach.

But watching the U.S. State Department and the Obama administration playing footsie with the Haqqani network in Afghanistan and Pakistan is worse than enduring waterboarding.  What a waste of American dollars — paying off these criminals to finance construction projects that Americans are doing to build up Afghani infrastructure.  

I have watched for years as the U.S. State Department props up brutal dictators, only to see them toppled overnight.  Of course, Mubarak and Quaddfi come to mind right away.

But to try and win a WAR, while paying off criminals and murderers who are launching attacks on our embassy, letting them run our relationship with Pakistan, is just wrong.

What has this got to do with risk assessment?  PLENTY – because the problem here is large amounts of unaccountable cash.  Cash passed out by the State Department, USAID and the intelligence services, theoretically, to ‘grease’ the skids and get something done, but instead, these wholesale PAYOFFS just finance and empower our enemies, while ruining the U.S. reputation and maddening the citizens who provide this money in the first place.

I would vote for anyone who could put REAL ACCOUNTABILITY back into the U.S. spending abroad.  As the Arab spring proved — this kind of diplomacy never works!

Did the 9/11 Tragedy turn us into a nation of mega-consumers?

or  Why 9/11 Turned us into a Nation of MegaConsumers 

Thinking about 9/11, even AFTER the big 10 year anniversay, made me think about what has happened to the United States after that day….. and one thing I thought about was the Wall Street meltdown.

Those traders who unintentionally (giving them the benefit of the doubt) caused the giant bubble, overvaluing of everything, worked right down on Wall Street.  They were probably greatly affected by the 9/11 disaster.   They saw it, they walked by the hole in the ground every day.  Maybe they just over-reacted, too.

WE were all traumatized, so when the President said the best thing we could do for the economy was to go out and SHOP – that was just what we needed to hear.

Drawing on my background in cultural anthropology to analyze human nature,  I think that 9/11 turned us all into hoarders.  We all suffered a terrible loss – not just the people lost, but our loss of our sense of security, and whenever there is a loss – there is a tendancy to fry and fill out the loss with something else.

Do you think it’s a coincidence that the last 6 years have launched over 5 shows about hoarders, both hoarding  possessions, and even animals!  I think that the over-consumption of every material thing, and the hanging on to consumer goods might be
a symptom of our national loss.

After 9/11, I just wanted to stay home and feel safe again in my house.  So I finished the basement, I added a sauna, I redecorated the whole house, I re-tiled the bathroom,
I added a whole-house fan, I re-tiled the pool…… maybe there is a relationship between the giant home improvement boom and attempt to recover from 9/11.  

Maybe it was a gigantic, nationwide nesting reaction to the terrible tragedy. 

We all did what we needed to do to feel safe again.  And safety begans at home.  So we needed to re-finance to get the cash to fund the improvements.    It is possible if you think it over and connect the dots, maybe 9/11 explains most of the things that have happened in the last ten years.

In life, we can’t control what happens, but what we do after the event is what defines us, and 9/11 was certainly a defining moment for us all.

Remembering the Tragedy of 9/11

Today is the 10th Anniversary of 9/11.  Like most other Americans, like the Kennedy assassination so many years ago, the memories are indelibly burned into my soul.

On September 11, I was flying to a conference in Chicago, so I got up at 5 am to catch the 7:45 plane from BWI to Pittsburgh.  I was on the next plane to Chicago and it boarded at 9:35 and pushed out onto the runway.  I was waiting for it to take off when my cell phone rang and it was my son, Michael, who said, “They flew a plane into the Twins Towers in NYC”.   As a security professional, I knew what that meant.

After a confusing 15 minutes, the plane went back to the gate, and they told us the flight would be delayed for 6 hours, but as we walked off the plane, the man next to me got a call on his cell and said, “They hit the Pentagon”.

There was a hotel at the Pittsburgh Airport so I immediately ran over there and checked in because I knew there would be no planes leaving today, I noticed the huge crowd at the bar, watching the TV.   My brother worked in NYC, my sons and friends were in DC, so the phone lines weren’t working, but I signed on to AOL and was able to connect with them to say I was all right.  

They evacuated the airport, but I was up in my mini command center by then.  I must have gotten 400 emails that day and I was watching the coverage on TV and crying, and then I heard about United Flight 93.

It took me about 2 days to get home.  A friend DROVE from the conference in Chicago to Pittsburgh and picked me up at midnight on 9/11.  We drove together through the Appalachian mountains to her home south of Philadelphia.  She had small children and wanted to get home fast.

We arrived at about 9 am on 9/12, after driving all night.  I slept for 4 hours on her son’s bed, and then her husband took me to the Amtrak station at Wilmington and I took the train back to BWI. It felt like I was moving through a bad dream.

Next, I tried to get my car, which was in the parking structure by the terminal, but it was blocked and they said I wouldn’t be able to get my cars for several more days, so I took a cab back home.

I remember driving up my street and seeing the American flags on houses, and I remember thinking about why I didn’t know all these neighbors and how I would change that in the future.  I remember how blue the sky was, not a cloud, not a plane.  It was surrealistically quiet.

I know several people who were killed in the Pentagon, and many in NYC who were dramatically affected, including the children in the NY suburbs who got called out of class one by one, to hear that their father, or mother was gone.

My theory is that people who lived on the west coast didn’t feel the impact quite as much as we did – who had been to the Pentagon every week, and been in the Twin Towers.

A friend of mine in San Diego who was proud of not having a TV, and who got up early that morning to order a sheet set on QVC.  She was in the middle of her order when the operator started crying and could not continue – she kept telling Kathy, “please turn on the TV and call back tomorrow”.

Just for me, I think I am permanently damaged by what happened on 9/11, and I think the whole country shares a continuing sorrow and grief from this event. 

We won’t let it happen again.