Risk and Security LLC

Risk Assessments, Training and More

This content shows Simple View

Threat Sources



Updated:  Jan. 9, 2018

The Long Beach, Calif. Police Department named John Alexander Mendoza, 58, of Redondo Beach, Calif., as the man who shot his two colleagues, one died at the scene, and other was injured at the scene, on Friday afternoon, January 5, 2018.

Attorneys at the Perona, Langer, Beck, Serbin, Mendoza and Harrison firm   in the Long Beach neighborhood of Bixby Knolls, were attending the firm’s holiday party, when Mendoza entered the offices shooting.

Major A. Langer, the firm’s Managing Partner, 75, was killed and Ronald Beck, 64, was wounded in what police called a workplace violence incident.  After shooting Langer and Beck, Mendoza turned the gun on himself. The shooting occurred during a holiday party at the firm when others were present.

Mendoza had apparently been fired earlier in the day, but returned to the firm’s party.  On a report of an active shooter, Long Beach police officers swarmed to the office building. Believing an active shooter was still at work, police formed a small team and quickly went into the office looking for the gunman and any victims, according to a police source briefed on the incident. As they scoured the building, police reportedly came upon multiple groups of screaming and crying workers still hiding or trying to flee, but eventually confirmed the gunman was dead.

The firm has eleven offices in southern California and represented clients including Motley Crue, Pamela Anderson and  Tommy Lee.

Mendoza had worked at Perona Langer Beck for 10 years, said Michael Waks, a lawyer who also has offices in the same building where Perona Langer Beck is located in Long Beach. Mendoza specialized in workers compensation cases.


For more information and more great content:

www.riskandsecurityllc.com   or   www.caroline-hamilton.com

#LongBeachShooting              #RISKAlertReport

Why We Need to Switch to a Risk-Based Security Model – School Stabbing at Franklin Regional, Active Shooter Incidents at Fort Hood (twice), LAX, and The Washington Navy Yard.

When I turned on the news today, I was in the middle of writing an article on the 2nd Shooting
at Ft. Hood from last week, and then saw that there had been a violent knife attack at a
Pennsylvania high school, with 20 casualties and at least eight injured critically, the next day,
there was a hate crime shooting at the Jewish community center in Overland Park, Kansas.

Once again, we see violence on a mass scale, the FBI has been brought in, and next will come
information on the victims.   With two major events, in two weeks, what can we deduce about the
security in place at both Franklin Regional High School, Pennsylvania, and Fort Hood, Texas.



Disaster preparedness is improving,  Emergency Management is working, but security is
still not where it needs to be.  It is a systemic problem based on the fact that security around
the U.S. is still locked in a REACTIVE mode, not a PROACTIVE mode.

The main reason for this reactive mode in security organizations, is because most security
officers come from a law enforcement background, with a model which is based on crimes
and arrests, and it is totally REACTIVE.  A crime happens and police officers go into action
and arrest the perpetrator(s).


Unfortunately, this reactive model does not work for preventing security incidents and mass violence
because it is INCIDENT DRIVEN, not Risk-Driven.  It focuses on individuals, not on a more holistic,
generalized view of Threats, and it totally leaves Solutions (Controls) out of the equation.

After studying pages of after action reviews, post-incident analyses and media sources, the one
recommendation that makes sense is that organizations need to switch to a RISK-BASED,
PROACTIVE mode for security to work

This was highlighted in a remark made by a Pentagon official, commenting on the 2nd Fort Hood
Shooting on April 2, and the fact that new DOD recommendations for security, had just been released.

“After the Navy Yard shooting in September 2013, another round of recommendations were made
to improve security at all DOD installations, however, a  Pentagon official said that the new
recommendations had not yet been put into effect at Fort Hood.
 At Fort Hood, very little 
changed from 2009
regarding security procedures for soldiers at the entrance gates.”

The question for the Department of Defense is “how could this happen again at the same military
I took extra time to study the 89-page document called An Independent Review “Protecting
the Force
”, one of 3 reports created after the initial Fort Hood Shooting, whene 13 were killed, and
43 injured.

If you look at the recommendations, they are very bureaucratic and procedural.  They could have
been written by an efficiency expert, not by anyone with a background in security, and covered things
like policy changes, and having screening for clergy and psychologists, and improved mental health
programs.   These are all important, but they do not provide a secure environment.

The LAX after action analysis’ Number One recommendation was to change
the security focus to a Risk-Based approach



The problem with a reactive approach is that you can’t screen and lock down everyone. At Fort
Hood, for example, there are 80,000 individuals living on the base, and probably hundreds of
visitors who go in and out every day.  It’s impossible to assess the mental health, and the
‘intentions’ of all of them.


That’s why a Risk-Based Approach works – because it focuses on the potential threats and then evaluates the existing controls to see whether they offer the required amount of protection based on the likelihood of the threat occurring.

You stop violent events by controlling access and by controlling weapons.  No matter how unpopular they are, you use metal detectors at certain points, you use security officers at key entrances, you control entrances and exits.

Once the event starts, you can improve security by having faster notification (panic alarms), ability
to block, or disable weapons and attackers, adequate transport, better emergency response, but to
avoid the violence, you need to have strong access control.

The Risk-Based approach makes use of annual risk assessments that are holistic in nature. They
are not done in stovepipes, they include the entire organizations, they include input from staff
members, visitors, students, vendors, soldiers, patients on how they see security from their point
of view, which is always dramatically different from management or administration.

A risk-based approach requires an organization to:

  • Define potential security risks.
  • Develop standardized risk assessment processes, for gathering and
    analyzing information, and use of analytical technology
  • Risk-Based Security focuses on PREVENTION OF NEW INCIDENTS
    whether they are active shooter, general violence, etc.
  • Enhances security’s ability to rapidly respond  to changes in the threat environment.


According the LAX (LAWA) after action report, “Simply adding more security does not
necessarily provide better security.
  Determining priorities and where to achieve great
value for the dollars invested requires regular, systematic assessment of the likelihood
and consequences (risks) associated with a range of threat scenarios that morph and
change more quickly now than ever before. 

Collaborative engagement in a security risk assessment process across the community builds
the buy-in needed to develop and sustain a holistic security program over time. Leaders must
be open to challenging established practices and demonstrate a willingness to change direction”

Making the switch to a Risk-Based security program is the best recommendation for those who
want to protect their staff, students, patients, vendors, clients, soldiers, and visitors from a mass
casualty event, or for all the organizations who don’t want to have a terrible incident happen in
the first place!

 Caroline Hamilton, friend of Patty Garitty (Soup Kitchen voluteer)

Caroline Ramsey-Hamilton

President, Risk and Security LLC





July Risk – Drowning in the Neighborhood Pool, Lake or Ocean

July 4th, besides being a patriotic holiday in the US, is also the height of swimming season. I measure this as when my pool in Maryland warms up to it’s maximum temperature and the pools in Florida are so hot they are no longer refreshing.

AMAZING STATISTIC – 80% of people who die from drowning are male!
Why?  Just guesses, but many women have natural flotation devices (breasts), women may not show off  as much as men, and, just like asking for directions, women are more cautious about everything. Or it may be occupation related, crew on fishing vessels, etc.

AMAZING STATISTIC #2 – 20% of fatal drownings are CHILDREN!
And five times that many children end up in the hospital Emergency Department with long- term medical issues.

Naturally, when the temps outside heat up, people jump into water to keep cool.  Swimming pools, kiddy pools, oceans, beaches, lakes, even ponds and canals.  And they do cool you off, the problem is that they can also kill.  The Centers for Disease Control (CDC) reports that there are over 3,500 fatal drowning accidents every year, which is about 10 a day, and more in the summer.


Your children need to be watched every minute they are in the water.  But go beyond just
supervision – and teach them to float and to swim.  It’s easy to find free swimming lessons.  I give free lessons in my neighborhood – and most public pools, the YMCA’s
and scouting groups give lessons.  AND THE LESSONS ARE FUN!

Besides using pools, lakes and oceans for fun cooling, swimming is a great aerobic exercise, whether you are swimming, or dancing in the water, or just dog-padding,  you burn tons of calories because the water is below your body temperature.

And check out water toys – foam noodles, plastic tubes, diving games, rafts and little fish add to the fun.  Did you know they also make dumbbells for the pool, so you can tone your arms while you cool off.

REMEMBER – If you’re a parent and want to teach your child to swim – check out free online lessons at http://www.uswim.com/, which will teach YOU how to teach your child to swim. Or check the community resources where you live.

MAKE this a safe summer and teach your kids and others to LEARN TO SWIM!




Is Extreme Heat a New Deadly Threat?

We are currently in the grip of a terrible heat wave in the western states.  Death Valley, California almost beat it’s previous record of a 130, with a National Weather Service Thermometer recording 129.9.   The highest temperature ever recorded on Planet Earth is 132.

Despite all the news coverage of hurricanes, homes torn apart by tornadoes, and tropical storms, the deaths from excessive heat kill more people annually than almost all the other natural disasters (except for tsumanis and 7.0 and above earthquakes).

Deaths from excessive heat include both cardiac arrest and breathing issues.  “Heat-related illnesses and deaths are preventable. Taking steps to stay cool, hydrated and informed in extreme temperatures can prevent serious health effects like heat exhaustion and heat stroke,” said lead author Ethel Taylor, a researcher who works with the CDC.

Because extended heat waves put a strain on electrical loads and may trigger power outages, it is important for companies to have a Plan for Extended Extreme Heat.
Plan for a situation without electricity for 3 or more days.

Having just survived a week in south Florida without AC, and growing in Los Angeles, also
without air conditioning, here are a few tips to stay cool:

1.  Stay wet to facilitate evaporate cooling.  Wear a wet T-shirt and keep your clothes

2.  Make sure pets are ALWAYS in a shady place and give them plenty of cool water.

3.   Buy ice and use it to rub on children’s arms and legs to keep them cool.

4.   Use fans and swamp coolers if electricity is available.  Coleman makes fans that
run on batteries if electricity goes out during a heat wave.

5.   Wake up earlier and use the cooler morning hours for outside tasks and stay
indoors during the heat of the day.

And, if it’s blistering hot where you are — DO NOT USE FIREWORKS.  Areas that
are already dry, including shake roofs, will burn more easily under such extreme heat!

AND wherever you are, STAY COOL.


The Active Shooter – What’s the Right Response? Run Out or Lock Down?

I got to sit in on a security group discussion yesterday.  It includes both security directors and local law enforcement and It was interesting to see how both groups approached the active shooter scenario differently.   Which way is the best?  Is there a best?

For law enforcement officers at both the state, city and county level, they want all doors to be unlocked so that all the occupants of a facility, or a hospital, can get out and run for safety as quickly as possible.   They say that means more people will survive, not get shot, and it works with the natural human reaction to run away from danger.

Some of the active shooter experts in the room said that active shooter situations should be treated like fire drills, because people are used to fire drills, and they know what to do, because they practice fire drills more frequently than active shooter drills.

For the Security Directors, especially of hospitals, they wanted to be able to lock down if there was an active shooter call in their facility.  They felt that there were problems in evacuating quickly, and some were concerned about leaving bed-ridden patients behind while the clinical staff run out of the building.  So they advocated locking down all doors instantly.

While the heated discussion continued for almost three hours – at the end there was no “BEST” solution.  Each Security Director or Manager will have to decide for themselves which approach is right for their organization.  The important thing is to think it through in advance, prepare people in advance, and take advantage of the great materials that are available to help organizations prepared.

Get more information including videos, training materials, on line courses and more at

3 Cleveland Women Freed -The New Front Line of the War on Women

Posted on by

For the past 4 days, media attention has been focused on the three Cleveland girls who were abducted close to their homes and kept as prisoners in an old run-down house with neighbors on all sides.

NOW, neighbors tell how they broke down the door to free the women, the little 6-year old girl who came out with them, presumably the child of their abductor, and stories of screams coming from the house over the LAST TEN YEARS.

Besides the obvious curiosity about how they are, how this happened, how they were subdued for so long, and all the salient details, my question is WHY DID THIS HAPPEN, AND WHAT DO WE NEED TO CHANGE TO MAKE SURE IT NEVER HAPPENS AGAIN!

As a security analyst, I have to place some of the blame at the door of the Cleveland police, not that they are different from any other police department in the U.S.  Police are trained to catch criminals – that is their reason for being.   But it seems that, increasingly, in crimes where women go missing, even a 16-year-old, the search for them never really gets underway.  With no speeding car to chase, no easy suspicious person to detain, they stop looking.

Statistics say that about 2300 people go missing every day, over half are men, so that
leaves about 1000 females, and of these, about 70% are young women. so that easy math – about 700 A DAY! or 255,500 EVERY YEAR!

My point is just that the Cleveland Triple Abduction should be a wake up call for parents, citizens AND law enforcement to find a better way to search for these missing girls.

The world has changed – we have cameras, social media, facebook pages, and we need for all of these to be routinely used to find missing girls before we see another case exactly like this one.

Tragedy at the Boston Marathon – What Went Wrong?

Looking at the CNN footage of the Boston Marathon finish line yesterday, I was struck by the shock of the bystanders and the chaos that followed the blasts.

Having just giving two seminars on security controls, I pulled out my list to see what could possibly have been done differently to prevent this devastating outcome, and there was the first word on the list ACCESS CONTROL.

After thirty years as a security expert and risk-threat analyst, I am about 85% sure that this was a lone wolf attacker who made his crude bombs to address some personal perceived problem, whether it was fear of gun legislation, spillover from the Israeli-Palestinian conflict, the Neo Con torture initiative, or something else.

Putting the attacker aside for a moment, the tragedy happened because SOMEONE WAS ABLE TO WALK RIGHT UP TO THE FINISH LINE AND PUT AT LEAST 3 BOMBS right near the finish line!   THiS IS NOT RIGHT.

There has to be SCREENING and ACCESS CONTROL PROCEDURES IN PLACE!  You can’t have security if you have open access to a major event like the Boston Marathon.  For year, security experts have cautioned that large crowds make a great target, and so events have paid lip service to this concept, without staying on the task, and making sure that SECURITY CONTROL NUMBER ONE –  ACCESS CONTROL  is ALWAYS in place.

But people don’t like access control, it’s too much trouble, they say.  They don’t like metal detectors, too expensive, too much trouble, too intrusive.  Well, it’s not as intrusive as having a major injury.   There are ways to secure these high profile sites, but the security community has to lead on this.

Yes, it is very sad and depressing that the world has come to this — but it has.  And it will happen again.  As long as security is perceived as too much trouble, too expensive, too tough to do, and too intrusive, there will be more tragic events like this one.



How Chavez Ruined Venezuela, Up Close and Personal

My risk assessment company was contacted in 1995 to come to Caracas and work on a variety of security risk projects for
3 of the major Venezuelan companies — PDVSA (Petroleum de Venezuela, south America), and the two gas utilities, Maravan and Lagovan.

Never had been to south America, and I was worried about security so I remember buying special security devices to take with me and then one Sunday I flew down to Miami and caught the plane for Caracas!

The first thing I noticed was that I was out by the pool, and there were men with machine guns on the roof of the Caracas Intercontinental Hotel!   Later, room service delivered 7 large books, as big as encyclopedias – they were a History of Venezuela, a History of the Venezuelan Oil Industry and a few more.  I guess I was supposed to read them all by Monday.

That was the beginning of a long relationship with the people at PDVSA, many of whom became friends for life.  So I saw the downward spiral up close and personal.  First, the crime started to increase.  Places I had felt safe before, like the public square where the old men played chess at night.  Then one of the women I knew was pistol-whipped at her beach house.

Slowly, Chavez replaced the business people on the corporate Boards, and the staff, of these cash-cow companies with uneducated people with no business experience.   In a real world replay of Ayn Rand’s ATLAS SHRUGGED, these people didn’t care about maintenance, infrastructure, or security, they were the looters who wanted a total redistribution of wealth, without realizing the companies had to actually PRODUCE something to keep that cash flowing.

Within five years, as I continued to go down to Caracas, everyone I knew had left and many moved to other companies.  One married and moved to Spain, several went into other petroleum operations in the US.   An entire industry had been ruined by Chavez and his lack of understanding, or care, of the one income-producing business in Venezuela.

The currency was so devalued that I still have a six inch stack of Bolivars, the paper currency that was worth less than a few pennies apiece.

So it really is possible for one person to totally ruin a country’s economy and main industry, putting his ego and his desire for fame and power to ruin an entire country.

Fate has intervened to give Venezuela another chance – I hope they run with it.



The Active Shooter Threat and Why We Need to Stay Situationally Aware

2012 will be remembered as the Year of the Active Shooter, where terrible tragedies across our country refocused people on issues surrounding gun control.  In many ways, it’s that old argument about whether the needs of the many outweigh the needs of the few.

In many schools and hospital, it could be argued that the needs of the many to be safe, and NOT TO GET SHOT,  outweigh the needs of the few – to possess assault rifles and high capacity magazines, which allow them to kill a large number of people with almost no effort.

No matter what side of the debate you fall on,  the debate has certainly brought the debate back from and center.

And along the way, it took the Active Shooter threat from a phrase that only a few security people knew about, into a phrase that was trending on the web and Twitter.

The Department of Homeland Security made a variety of resources available to deal with the Active Shooter Threat (many can be found at  http://www.dhs.gov/active-shooter-preparedness) with tools includes a video, and booklet.

Whether you are an elementary school, like Newtown, a movie theatre, like Aurora, a regional mall, mountain resort or anything else, the number one way to counter the Active Shooter threat is to increase security awareness of the staff.

I have had teachers tell me  “my job is only to teach, I shouldn’t have to be responsible for security, too”.

Unfortunately, everyone has to be responsible for good security, or we are all at risk.  And again, there’s the trade-off (aka, the risk calculation):

Measure the inconvenience of having to keep your eyes open and be willing to report any suspicious behavior VS. being a casualty of a mass shooting, or having someone you know killed.

Looks like a pretty easy calculation to me:

Small Amount of Effort (no cost) = Big Increase in Security !!

Make sure you friends, family and staff are aware of the Active Shooter Threat!

Will the Risk of the Sequester Affect Security Budgets in 2013?

Every time the TV is on, every anchor is crying about the dreaded Sequester.

Will it have an impact on security budgets?  I have seen security budgets, especially for the facilities security departments, swing from almost unlimited budgets after 2001, to bare bones in 2009 and 2010, and thought they were trending back up for 2013.

Now, with the uncertainty about what a Sequester  actually is, (please note my use of the capital “S”), how will it affect our security departments?

Obviously, the most obvious casualty are the government contractors who’s contracts may be arbitrarily cut, and civilian managers of federal programs will see lost days and furloughs.

The trickle-down effect will probably extend to state, county and municipal governments, too.   So that means it’s even more important to start budgeting new security controls so that the most important get the funding!

One of the themes we go over in our webinar programs is how important it is to create a COST JUSTIFICATION and Return on Investment information so that you can create a business case for every control you need to improve security.

And one more thought on the Sequester – we often see an increase in crime, white collar crime and fraud when things are unsettled and people aren’t sure what’s going to happen next.

Maybe it’s a good time to do another risk assessment?  Maybe the Sequester is the next new Threat!