Physical security threat assessment

Posted on by Ghost
LOGO

 Physical security threat assessment

First of all, if you think this is just for professionals, don't be misguided! A threat assessment can be implemented by any person eager to improve their security at home, place of business, office, ranch, farm, flat, or even just a single room! It is just a simple step-by-step system that has been developed over a couple of years, and can be used by anyone willing to put some thought and research into it!

Why use it?

One of the most common risks an organization runs is stagnant and non-evolving security measures. Unfortunately, these things can only be addressed if it is known to the organization. For that reason, it is necessary to perform a complete threat assessment. Sadly, too often a comprehensive threat assessment is missing completely or never updated. So it's your responsibility as the Advisor/Consultant/Team-leader/Security manager or head of the house to make sure that all the risks are reduced to an acceptable level.

The biggest mistake most organizations make is waiting for a safety breach or incident to happen before they implement mitigation strategies. Preparing a thorough threat assessment will undoubtedly help in improving overall security. It will also help in identifying which preventative measures to implement and reduce the risk of possible threats.

Any organization will always have some form of physical threat. Whether it's from general crime, human error, or even natural elements. Physical security is not a one-size-fits-all package. It gets very specific to the organization itself, especially when it comes down to demographics and location.

Before we start

Before we go any further, you should have a clear knowledge of the differences between risk, threat, and vulnerability. If you are unsure or just need a little refresher to make sure you are on the right track, you can learn the difference >Here<. It's also important to note that there are different methodologies out there and each one probably works, but will not necessarily be comfortable for everyone. That's why you need to learn from each of them and develop something that you are comfortable to use.

That being said, you should make sure that the following points are covered in your assessment:

  •  Buildings, assets, and vehicles are characterized
  • Undesirable events should be identified
  • The consequences of those events should be determined
  • The types of threats should be identified
  • Testing and analyzing the protection security systems and procedures
  • Complying with law and regulations
  • Identifying reasonable control measures needed

To formulate the assessment:

Formulating a threat assessment can be done by following these 5 steps:

1) Characterizing facilities

So it should be obvious that you should first know what the actual basis is that your working with. The boundaries of the site, where buildings are on the site, all access points, floor plans, procedures in place, and current security measures if any should be noted. You will need to reach out to some contacts to get all of this information and make sure it is as accurate as possible. Depending on how long the organization has been up and running, you will be able to use things like building blueprints, municipal reports, security SOP's and IAD's, previous threat assessments and reports, environmental reports, site surveys, and a few more.

2) Now you need to determine what events are undesirable to the organization (the risks)

This will vary for every organization. Any crime or disruption in operations is undesirable, and sometimes you might be called in to address something specific, like for instance theft among employees or a physical threat that has been made known to the organization. The following are things to look for:

  • The crime rate in that specific area and also if there are high-risk areas close by.
  • Industry-specific crimes, for example, drug stores and banks will have different types of specific risks related to their trade.
  • Common crime, things like theft and crimes of opportunity.
  • The number of people who will be accessing the organization's infrastructure
  • Cameras and other monitoring systems
  • Lack of manpower
  • The political and religious standing of the organization can also attract more risks
  • Training of staff or team members
  • If there are any direct threats to the organization or one of its high-ranking officials

So now that you have your whole list of risks compiled. Its time to rank them in order of probability, frequency, and impact. Let's say you score each risk on each of these factors on a scale of 1 to 5. Then add up the total of each risk. So the higher the total (the probability and impact), the higher the risk, and that is a threat to the organization. In another column, you can add the control measures that are currently in place if any, and deduct that from the total of the other 3 columns. So if there is good access control currently in place you would score that higher than no access control.

Another important thing to look for is any vulnerabilities the organization has. These will be risks that are not addressed at all and have a good probability of happening, and also possible risks that will have a significant impact but are not being controlled. However, this is only vulnerabilities visible on paper, when on-site and assessing the buildings and controls, you will most likely find more vulnerabilities. This includes out-dated and defective equipment and uncontrolled areas.

3) SOP and IAD's

I would like to separate Standard Operational Procedures and Immediate Action Drills a bit as it is something that is being badly neglected. SOP's and IAD's are as important as any other security system in place, without it there is no guidance in reaction and things often turn out quite bad or undesirable to an organization. Once again the organization's aim should be kept in mind when drawing up these procedures. I like to look at procedures before implementing mitigation as it will assist a great deal when it comes to cost, as you will likely see how much man-power and how much equipment is needed to achieve operational objectives.

The way your system integrates and reacts to threats is an important risk to look at. If the response is slow, the risk is greater, if the response is incorrect, the risk increases. I am pretty sure you get the picture here. A common risk when it comes to applying IAD's or responding to a threat is when all staff members rush to the location of the threat, leaving their areas of responsibility unattended and opening up the proverbial back-door for intruders to sweep in unnoticed. Identify roles and responsibilities for each threat and make sure every staff member knows it!

SOP's and IAD's should also be time/shift relevant! During holidays and night shifts for example there might be fewer staff members on duty. This can change things dramatically. There should never be any regulation changes, strict procedures should be attained at all times! The last thing you want is a burglary at night because staff members or cleaners left a door/gate unlocked or open.

Another thing to remember here is a detailed plan and list of immediate contacts that should be activated during emergencies or incidents. A touch of automation can be good in certain situations and again not so good during other situations. You do not want to be dropping security barriers and trapping employees inside when a fire breaks out, but dropping barriers when a deranged shooter tries to get access can be a good move. And also having a procedure of who to be contacted in case of more serious threats is very important! Will a tactical team be needed to respond from outside? Who will that be? do you have the relevant contacts and procedures to follow in case of a bomb threat? Who has to be contacted in case buildings need to be evacuated? Neighboring buildings could start burning, who do you contact then?

4) Addressing the threats

After you have compiled your list of risks and figured out what lacks in the procedures you should now be able to see the threats to the organization. Now you need to determine the course to be taken to minimize the risk of these threats. It should come as no surprise that the cost will greatly affect the course you will take. Staying within budget and getting maximum security optimization is not easy at all! Tip -This is where your contact list can be a great source of success.

Start by looking at the biggest threat on your list (the highest score one). What equipment will be needed to address it? Think of detection, cameras, man-power, and every other piece of equipment and training needed to reduce this threat to a lower score. A lot of times the same type of equipment and so on will automatically improve the other threats too. Or at least some of the same equipment and manpower can be used to tackle other threats.

Now re-asses the other threats according to the equipment, etc. that was added to the security system. From there, again, take the highest ranking threat and address it like the first one. Just continue this cycle until you can reach a reasonable level of risk from each threat. Always remember to KISS it as far as possible or use automation as much as possible, just be cautious of the cost factor, especially when it comes to software updates and such.

5) Analyzing system effectiveness

Physical protection systems should be described in detail before it can be tested! Ideally, you would like to stop a threat immediately and without any delay or negative outcomes and with as little as a possible disturbance in normal operations. But in reality, this rarely happens and one will always have to deal with some sort of shortcoming.

So to stop any threat you should first be able to identify it. A continuous threat assessment will outline threats and should be communicated with team members to remain effective and ahead of the threat. Team members should be trained in identifying abnormal behavior and activities, technology implemented and physical barriers used for this purpose. Strategically designing entries and exits can be just as valuable, to make sure any threat has to pass the detection phase before being able to access any facilities or inflict any damage to the organization.

After a threat has been detected, there should be a way to confirm that the detection is valid and of real concern and not just a nuisance alarm. This can be done via team members in contact with a Control-room/Security management or Team-leader. There should be good knowledge in the team about how criminals operate and how target selection works and everything that goes hand-in-hand with it. One can use the OODA loop to great effect here. Find out more about how the OODA loop works and the different phases criminals or a probable threat uses to select their attack right >Here<.

Once a threat has been confirmed, the aim is to delay the threat to get reaction forces to the threat and minimize its undesired actions. Of course, it is ideal for a team member that is in the vicinity already, to be able to neutralize the threat. But it is also ideal to have more than necessary force available. One adversary can be extremely determined or under the influence of narcotics and over-power or out-think a team-member and then become a more aggressive threat.  The effectiveness of response is measured by the time taken to get to the threat and to neutralize the threat.

So keep in mind that some organizations might require you to try and neutralize a threat without using aggressive force, I know, it's not something I am very much happy to say but to spare you a potential client or project you need to know how to act. And in this instance you need to know non-lethal options available, but, it is your job to convince these organizations about the reality we face each day. Organizations would likely want to avoid PR damage because of an unjustified shooting on their premises.

Testing effectiveness

To test the effectiveness you should be sure to fully understand all of the above points and what is required of your system to achieve maximum effectiveness. Only then can you define what is required and to be implemented. Once that has been put in place, there are a few ways to test its effectiveness, you could use penetration testing, call in other experts and run some drills over different times to see if detection and neutralization systems work. Nothing can prove effectiveness more than an actual criminal attempt, it's important for organizations to immediately assess their response after an attempt and identify any issues and improve on them.

Upgrading systems

If for whatever reason you can identify any viable threats after implementing mitigation strategies, you need to check for possible upgrades or changes in the system. This includes equipment, manpower, procedures, and software. When you implement new strategies or add anything you should again test for effectiveness, and repeat until the level of risk is acceptable. Always remember the cost affected with upgrades and additions or changes.

More on this topic

To follow up on this piece will be a few more posts regarding principal profiling and equipment and some more tips and tricks to help you formulate a threat assessment.

Until then, feel free to comment below!

Please subscribe to the site or follow me on Facebook @https://web.facebook.com/ALPHADefense

Defensive gardening

Posted on by Ghost
20200129_170619

Defensive gardening

So I'm no expert gardener myself, but I most definitely came to know a few garden plants and bushes through the years that brought me to tears, with a stab or two that is. Although we do not tend to give a lot of attention to the fauna and flora around us, we all know a plant that you would not dare violate! Nature herself has developed some of the best defenses that stood the test of time. So why not use that to our advantage?

Unfortunately, the advantage of these amazing plants and trees can also go to the other side, if you do not give attention to where you plant them or maintain them throughout the year. Think of hiding spots and concealment.

To tree, or not to tree?

So cut down those bushes and shrubs where they can be used to hide in at pinch points such as at the front gate or the porch etc., also trim all your trees on the bottom so you can see underneath them. And trim any branches of trees close to any outside walls or close enough to utilize to climb onto your roof.

If you do like trees, planting something with dense leaves and thin branches will do the trick. Especially if you plant on the outside of barriers.

Shrub it off

On that note, It's a good idea to start from the outside in. Planting some thorny shrubs next to your initial barriers can help keep intruders at bay. Or some thorny roses on top of walls, guided by some trellis or wires makes for a good deterrent - Think barbed wire hidden under some thorns. (evil smile)....

Ideally, you want to keep the shrubs low enough to see over them and be able to watch suspicious movement outside. Too high and dense may help someone hide and wait to pounce on you leaving through the gate.

It pays to plan

Next, we move to the inner side of the walls. Garden design plays a big role here, vulnerable spots such as corners or spots with easy access from the neighbors' house, can be upgraded with a nice thorny plant, or even a fish pond can be quite the inconvenience for intruders if they had to jump straight into it. Or perhaps some wooden spikes is more your thing, I don't judge.

Gravel is your friend

Next on the list is the driveway, pathways, and access points such as windows. Gravel works great for this, it's quite tricky to make no noise walking over gravel. Be creative with this one, think of spaces where someone would likely have to walk to get to your home.

Now go ahead and plant some thorny plants underneath windows or on top of window-sills. Just to stab em some more! And it's a great way to add some color and impress your wife (wink).

Light it up!

The next thing on the list is lighting. This is a very largely debated point, but in my personal experience, you do not want any bright outside lights that are constantly on, not if you are not going to be awake the whole night to monitor who moves in and around the light. So any spotlights connected to a motion sensor work great if you are awake to see it of course. As a kid, we used to have motion sensor lights that simultaneously activate an alarm inside the home, and this was a great concept. You are awakened by the alarm and would know exactly where the movement is, and also whoever was passing the light would hear the alarm and know that someone probably woke up by it.

Another great way of utilizing softer light, such as the small solar garden lights, is to position them in somewhat of a line. In this way, you can peek through a window (with the lights off inside) and if anything passes the lights you can determine movement and direction at the same time. So if used with a silent alarm, it can come in handy.

Also, please do remember to not turn any outside lighting towards your home, if you need to look outside with a light shining in your eyes, your kind of like a deer in headlights, and, whoever is behind the light will comfortably be concealed and have no problems seeing you.

What about the tools?

Lastly, never leave garden tools, ladders, rocks, or any objects that can be used to help someone break in lying around in the yard. If possible, remove them and lock up the tools in a garage or out-house. Face it, it pays to be neat.

Conclusion

So there you have it. Plants can be your best friend when intruders attempt to breach your security. Another great thing about thorny plants is the evidence that could be left behind. Sometimes some drops of blood, some shreds of clothing or even some items dropped when they realized it gets painful. Remember, there is no guarantee any or all of these tips and tricks will work. But it sure beats doing nothing at all!

I will admit, it might take some time and effort to assemble your garden defenses. From researching different plants, choosing the right one in the right amount, and physically planting and continuously caring for them. But it is a rewarding project! At the least, you would have some interesting plants to show off to your visitors, wanted and unwanted that is.

Till next time. Stay safe! And happy gardening!

Home defense

Conclusion

Posted on by Ghost

Conclusion

Thank you for spending valuable time to work through this guide. I hope it will benefit you as much as it does others. This guide only covers the very basics of each subject and there is more to it than what is mentioned here. But it would be impossible to add everything on one guide or even in a complete book.

The biggest reason is that crime trends change constantly and by the time you have read through the 11 posts this guide consists of, new crime trends would have already been identified. With that said, I would like to invite you to check out more on my website at www.alphadefense.co.za for coverage of all things important to physical and personal security.

I sincerely encourage anyone to continue your training and improve your knowledge on all things related to personal security, whether it's through the internet, local coaches, or participation in any other form of training. It is never too late to start! Planning now, to mitigate threats and risks at a later stage, might just be the key to your safety and security.

It is all too often that I witness the horrific turn out of events just because people refuse to actively implement what they learn, especially those who talk about it but never act on it. If you just talk about dieting and never really follow a proper diet and get active, then you never really get any results. Security is no different, don’t just read about what anyone says, try it, and who knows, maybe you just start to like it!

Feel free to engage with me on your concerns and suggestions. I also suggest you visit these posts often, and that you implement as much of the advice as possible, and add your knowledge of course. Drop me an email if you like.

Look out for any updates on the website.

Until then, keep safe and keep on learning.

See also:

  1. Approaching your home (part 1 and part 2)
  2. Approaching the door
  3. Safe room
  4. Action plan
  5. Reaction unit
  6. Barrier 1
  7. Early warning system
  8. Barrier 2
  9. Secondary warning system
  10. Conclusion
Home defense

Approaching the door

Posted on by Ghost

Approaching the door

In the previous 2 posts, we were discussing issues related to approaching your home from a vehicle or on foot/any other way. The next big step to take is learning how to approach the door after getting safely into your yard/driveway. This space can create a crucial pinch point and should not be neglected!

Once you are safely inside your driveway, there is still a risk of attack. A lot of attacks happen in this space. The biggest reason for this is that there is not much movement and other variables for the criminals to consider. They can easily hide inside your driveway or behind your house or whatever might be available, just waiting for your approach to the door. More preferably just after you unlocked the door. Then they strike comfortably, without having to worry much about being seen by someone else.

As you move to your front door, avoid using any electronic devices. Use natural lighting to scan for any shadows. Avoid going straight around sharp corners. Keep your eyes and ears open. Walk swiftly and directly to the door. Use a flashlight to scan dark spots.

These are the most common things to look out for:

  1. Silhouettes in the dark.
  2. Any signs of movement that is not a pet or family member.
  3. Any objects out of place, like potting plants, dustbins, or anything that is supposed to be inside your outhouse, garage, or home.
  4. Light at the front door is not working.
  5. Broken windows.
  6. Animals behaving abnormally.
  7. Your alarm system does not respond.
  8. Your neighbor’s alarm system is triggered.

Once one of these is noticed, I suggest the following reaction:

1 - 3. When you notice any moving shadows, it’s obvious that you are not alone. You need to escape immediately and activate your emergency plan. Contact emergency numbers and move as quickly away from your home as is possible. Only re-enter once your home is made safe by policing services or your security service. Any sign that indicates possible movement, whether from behind the house, behind you, in front of you, or on the roof, can just as well be an intruder. Do not write it off as an animal or the wind. Activate your emergency contacts and get out of your yard and away from your home as quickly as possible.

4. There can be various reasons for this such as a blown globe or neglecting to switch the light on when leaving. Use a flashlight to approach cautiously and be on high-alert. Clear around the corners before unlocking the door.

5. See steps 1 – 3.

6. Establish why they are acting abnormally and proceed with caution. Notify your emergency contacts of any suspicious behavior or if you suspect any problems.

7. You need to notify your emergency contacts. Phone your reaction company if you have any. Proceed cautiously if you suspect no problems. If you suspect any problems, call for assistance.

8. Get into your home as quickly as possible and watch for any movement outside. There is always a possibility of an intruder crossing over from your neighbor’s yard into yours. When this happens, activate your emergency contacts and get out of sight. Do not try to engage anyone, they might want to make you their next target, especially when they are being chased.

Tips:

  • When you are inside your yard, do not lower your awareness you need to raise your level of awareness to high alert.
  • Do not move around sharp corners, and keep equal space on both sides. When an attack comes from the left, move right. When an attack comes from the right, move left. Do not get backed into a wall, gate, or fence.
  • If possible, try to check around each corner of your home that is adjacent to the walls where your front door is located. This way you can be sure there is no one waiting for you to unlock the door before rushing upon you. And if someone is waiting further away, you create more time to react.
  • Keep a flashlight ready when you know that you will return during the night. Use it to scan all surroundings. This also de-motivates possible intruders, as it implies a higher level of awareness and greater risk to them.
  • When unlocking your doors, do not keep you’re back exposed. Try to stand next to your door instead of directly in front of it.
  • When locking your doors again, do it as quickly and calmly as possible. Constantly check for possible intruders rushing towards the door.
  • Install slam-lock doors or any door that locks without having to use the key, to reduce exposure time.
  • Have lighting installed at your front door. You want to be able to see properly when unlocking the door.

Keep bags on your back or shoulder. And smaller items in your pockets. You want your hands to be free to defend yourself. The only item to have in your hand is a panic button or cellphone ready to phone emergency contacts.

How strong is your approach to the door?

See also:

  1. Approaching your home (part 1 and part 2)
  2. Approaching the door
  3. Safe room
  4. Action plan
  5. Reaction unit
  6. Barrier 1
  7. Early warning system
  8. Barrier 2
  9. Secondary warning system
  10. Conclusion