The Secret Service, National Threat Assessment Center (NTAC) was established over 20 years ago to better understand the reasons behind targeted violence activities. Since that time, NTAC has developed the program further into research, training, consultation, and information sharing on threat assessment data and the prevention of targeted violence, including targeted attacks directed at workplaces, houses of worship, schools, and other public spaces.

NTAC has recently published their report, “Mass Attacks in Public Spaces – 2018”, in order to provide analysis and operational guidance to public safety officials. I’m providing the link to this report further below, and will include just a few key take-aways from the report, as follows:

• The report provides analysis of 27 incidents of mass attacks during 2018 (where 3 or more people were harmed).
• In total, 91 people were killed and 107 were injured in locations where people should feel safe, such as schools, the workplace, and houses of worship.
• The vast majority of these attacks involved firearms, and were perpetrated by individuals who had exhibited behaviors in the past that elicited concern from individuals who knew them.
• Importantly, the majority of these individuals had also made threatening statements, either via social media or verbally.

While we can see similarities in the behavioral aspects of the attackers, the Secret Service has always resisted the notion that a particular person or types of persons can be “profiled.” The important lesson to public safety officials and the general public is the importance of reporting anomalous and/or concerning behavior to the appropriate authorities.

Please find the link below to the referenced report:

U.S. Secret Service National Threat Assessment Center Report: Mass Attacks in Public Spaces 2018

On March 15, 2019, Brenton Tarrant, an Australian national living in New Zealand, killed 51 people (and wounded 50 others) in consecutive lone-gunman terrorist attacks on two mosques in the Christchurch, New Zealand area. Prior to these attacks, New Zealand had been relatively free of attacks borne out of right-wing extremism, and had, theretofore, focused the bulk of their counter-terrorism efforts on Islamic extremism. But now, in the aftermath of the attacks, the country has joined the now familiar struggle to understand why these attacks happened, and whether anything could have been done to prevent them.

As to the question of why this happened: is New Zealand alone among western democracies in missing the growing threat from the right? Of course not. Ask ten people in the United States whether there is a greater chance of attacks by either Islamic terrorists or right-wing extremists, and I would wager the majority would say the Islamic threat is greater. Since 9/11, the majority of homeland security and intelligence resources have been focused on the Islamic threat, but attack data since 9/11 would strongly support the need for authorities to re-calibrate their priorities. According to the New York Times, “in the decade and a half since 9/11, nearly twice as many people were killed by white supremacists, antigovernment fanatics and other non-Muslim extremists than by radical Islamists.” (International NYT, June 20, 2019, Charlotte Graham-McLay and Jamie Tarabay).

And as to whether the attacks could have been prevented, well, this is an even more complicated question. Postmortem forensics of the activities, views, and online activities of the shooter paint a picture of an angry individual with a deepening affinity for right-wing hate ideology. That he applied for gun licenses and traveled abroad to visit places where other innocent people have been killed by extremists are more potential indicators of a person on a path to violence — but how to exceptionalize this needle in the proverbial haystack? In western democracies, until or unless a person comes into contact with the criminal justice (or intelligence) system, whether that is through their own activities or if they are brought to the authorities’ attention, then our current approach and our technologies are challenged to manage this enormous task. And while there is a growing sophistication of predictive analytics software algorithms available today, can these tools mitigate or overcome either the shear volume of hate speech that exists in the blogosphere, or the free speech and privacy protections that provide cover to such hatred?

Despite these challenges, throwing our hands up and doing nothing is not an option. We owe it to ourselves and our communities to continue to try and get out ahead of these attacks, and be proactive in our efforts to reduce the threat of violent extremism in our society. I look forward to being part of that solution.

With the 2019 US Open upon us, I thought I would share this article in the Monterey Herald, that does a good job describing some of the security measures in place this year at Pebble Beach. Notice how visitors are screened remotely, away from the course, in order to reduce the possibility of on-site incidents.

BY: Thomas Wright, Monterey Herald / June 12, 2019

PEBBLE BEACH — As approximately 250,000 people descend on the Monterey Peninsula for the U.S. Open this week, safety will be among the top concerns of tournament officials.

According to David Stivers, president of Pebble Beach Co. and general chairman of the U.S. Open, the security measures for the U.S. Open are greater than those for the PGA Tour’s annual AT&T Pebble Beach Pro-Am tournament.

“In order for you to gain access to the championship grounds, you will have to have a ticket and you will go through security screenings” similar to those at an airport, Stivers said.

Security checkpoint at the Pebble Beach Golf Links during a practice round for the U.S. Open Championship on Tuesday. (Vern Fisher – Monterey Herald)

For a majority of fans, security screenings will take place miles away from Pebble Beach. Like the AT&T Pro-Am, the main parking will be at CSU Monterey Bay and fans will be screened before boarding shuttle buses.

“You’re dropped off in an already controlled area and from there you go and get your ticket scanned,” Stivers said.

The United States Golf Association, which conducts the tournament, has a list of prohibited items at the U.S. Open available at usopen.com/fan-info.html. While weapons and explosives are obvious, items including tablets and computers, cameras, selfie sticks, noise-producing devices, signs and posters, outside drinks and beverages, lawn chairs and step stools are also not allowed. Pets are prohibited from the championship grounds.

Purses that are 6-by-6-by-6 inches or smaller will be permitted as well as transparent plastic hand and shoulder bags that are 12 inches wide, 12 inches high and 6 inches in depth.

Capt. John Thornburg, a spokesman for the Monterey County Sheriff’s Office, recommended all fans check the list of prohibited items before heading to the tournament.

“I worked the last U.S. Open at Pebble Beach (2010) and one of the biggest things people got most upset about is they couldn’t bring their cellphones in,” he said.

The USGA will allow cellphone use at the U.S. Open this year, but phones must be set on silent.

Pebble Beach security officer Allison Burgos works the Carmel Hill gate in 2005. (Vern Fisher – Monterey Herald)

There will be many ways to get into the U.S. Open and security screenings may vary if you take a shuttle in from Carmel, Monterey and Pacific Grove. Stivers said a few fans may come in via boat and anchor in Stillwater Cove.

“If you live in the Carmel area, you can also walk in through the Carmel gate,” Stivers said.

Cycling will not be an option to make it to the U.S. Open as Pebble Beach will be closed to all cyclists during the week of the tournament.

“That’s really for safety for bicyclists,” Stivers said. “There’s just way too many cars and way too many buses driving through the forest.

In fact, 17-Mile Drive has been closed to all tourist vehicles since Sunday and will reopen Monday as a security precaution. Some fans who purchased premium ticket packages are being allowed to park at Pebble Beach, but all vehicles will be screened.

“All people get screened, all bags get screened, any cars that might be going into the championship grounds, like say a delivery truck, all those go through a screening process before they’re allowed access into the championship grounds,” Stivers said.

Jeff Altstadter, the USGA’s director of men’s championship communications, said the association does not discuss its security planning or process procedures. He said the USGA works “closely with our local, county, state, and federal law enforcement officials as well as our private security partners to create a safe and secure environment for our competitors and fans alike.”

Michele Inman (left) from Concord, get her purse passed through the security checkpoint at Spyglass Hill during the first round of the AT&T Pebble Beach Pro-Am in 2007. (Photo: Vern Fisher – Monterey Herald)

Stivers said there’s a very large security team involved in the U.S. Open, that will be led on the law enforcement side by the Sheriff’s Office. Thornburg said the Sheriff’s Office will have quite a presence at the tournament, adding that it works closely with Pebble Beach Co. and the USGA.

“We have personnel that cover just about every contingency that could come up,” he said. “We just hope that people are patient, because it’s going to be heavy traffic, and we want everybody to enjoy themselves. In a perfect world, they don’t even see us.”

D-DAY REMEMBRANCE

As we mark the 75^th Anniversary of D-Day, we remember, most importantly, the sacrifice of those who gave their lives for the cause of freedom over the tyranny that had taken hold on the European continent. This day also provides a lesson about the importance of alliances, both national and ideological, and the need to remain vigilant in the face of a resurgent tide of dark forces. 

I am proud and fortunate to have been able to see the landing beaches of Normandy, first-hand, and to feel the tides of history as the waves hit the shores.  In 1994, while on the Presidential Protective Division, I was with President Clinton, for the 50^th Anniversary.  And in 2004, while stationed in France as the Secret Service Attaché in Paris, I helped to coordinate the protection efforts for the visit of President GW Bush to Normandy for the 60^th D-Day Anniversary.  I will cherish these memories forever. 

I made several other visits to Normandy, while stationed in France, and you can’t come away from a visit to the American Cemetery at Coleville Sur Mer, without a feeling of somber amazement of the accomplishment of the allied landings on that day in 1944, and the sacrifice that came with it.  Each gravestone marks a person whose life was cut short for a cause greater than themselves – and collectively, a stark representation of the sometimes terrible cost of honor and selfless commitment, and the unremitting debt that we owe to our military men and women for their service.

The below is an excerpt from an article in the Security Executive Council website, titled, “Transitioning from Risk Assessment to Plan, dated June 3, 2019:

Conducting a security risk assessment is an essential first step in developing successful security programs. But what should the security practitioner do with the results? 

A brief aside here: The SEC has found that many security leaders are not in fact conducting security risk assessments, and many of those who do are assessing risk only at the site or building level, not at the enterprise level. If you’re one of these, stop here and jump over to our page of risk assessment resources, which includes templates, essential considerations, and strategy. If you’d like more on the basics of conducting a risk assessment, a quick web search will reveal a number of other organizations that share their knowledge, such as this page from ready.gov. 

If, on the other hand, you have already conducted an enterprise security risk assessment, but you aren’t sure what steps you need to take to translate its findings into control measures, this article is for you. 

Part of risk assessment is determining whether the organization will accept, transfer, avoid, or control each identified risk. The purpose here is to help the security practitioner move forward in managing risks on the “control” list. To that end, what follows is a brief checklist of action items that can move you from assessment result to program roll-out:

• Identify the source of the risk so that control actions can be appropriately targeted.
• List business units that would be impacted directly and indirectly by a negative event related to this risk.
• Measure, if possible, the consequences of related risk events that have occurred at this organization or similar organizations in the past, and be prepared to present this information as part of a business case.
• If you haven’t already, meet with executive management to:
  • determine the organization’s risk appetite;
  • explain that executives are the risk owners and must be part of the decision-making process;
  • clarify that there will be residual risk; no control will be 100% effective.
• Meet with executive management and the heads of affected business units to:
  • clarify the nature of the risk as it pertains to each unit specifically;
  • find out what they are willing to spend to help mitigate this risk.
• Outline your control options and their projected level of effectiveness in controlling the threat. Make sure to consider options based on:
  • Technology
  • Process
  • Policy
• Determine and quantify the operational impact of each option in terms of
  • Resources
    • Where can existing resources be leveraged or transferred to lessen the impact of this control option?
    • Where can partnership with other internal units provide access to resources that can be shared?
    • What new resources must be acquired, and what is the projected cost?
  • Staffing
    • Can existing staffing be shifted to adequately manage this control option?
    • What increase in staffing is required, and what is the projected cost?
  • Training
    • How many employees will need to be trained to manage this control measure? Include also non-security employees who will play a role.
    • How much time will it take and what will the financial and productivity impact be?
    • Don’t neglect to consider organization-wide awareness training.
• Define the roles non-security personnel and leadership will need to play in order to make each control option successful.
• Return to business unit leaders and executive management with your identified control options, projected or ballpark costs, and a clear sense of roles. Remember that they are the risk owners; this decision should not be made in isolation. If your organization has an operational risk council, they should weigh in. (An operational risk leadership advisory council is a committee of individuals overseeing the operational level of security risk, which reports to the executive risk management body. For more on operational risk advisory councils, click here.)
• Plan how you will communicate the chosen control option. Map your communication choices to the audience and the risk. (For example, kidnap prevention and response plans should only be communicated to executives, while email security measures should be shared organization-wide.)
• Develop a set of metrics and data gathering guidelines to measure and monitor the effectiveness of the control over time.

Copyright Security Executive Council. Last Updated: March 25, 2019 

You can download a PDF of this page below: 

Transitioning_from_Risk_Assessment_to_Plan.pdf

Well, here we go again – another senseless shooting, this time in a workplace in Virginia Beach, VA. It’s still early stages as I write this, and much is yet to be learned about the motivations of the shooter, but already this shooting is raising many concerns about basic active-shooter protection concepts and assumptions. Questions, such as, “what can be done when a disgruntled employee has access to an otherwise access controlled facility?”, or, “should all problem (or terminated) employees be flagged in some way?” These are legitimate questions that go to the core of whether it is even possible for our workplaces to be 100% free of this type of violence.

The unfortunate truth is that it is impractical for all but the most resource-supported workplaces to be 100% risk free. But there are steps that can be taken that at least provide the opportunity to minimize the ability for a shooter to inflict the kind of damage that was done in Virginia Beach. These steps involve a combination of technology and operational policies that can be implemented in any size workplace, with the most important aspect being that every employee has a responsibility and a role in the overall plan. And in order for the plan to be successful, it has to be tested and table-topped, repeatedly and often, so that everyone knows what their roles and responsibilities are.