Risk and Security LLC

Risk Assessments, Training and More

This content shows Simple View

Risk Assumptions

Paris Attacks are opening shot in plan to exterminate Western Civilization

The six simultaneous attacks on Paris last night were the opening salvo in a long-planned event designed
to exterminate Western Civilization as we know it.

This is not the teenage shooter with acne and an AK15, these were trained killers, who, according to witness
statements, were professional, controlled and had no interest or compassion for their victims.  They could have
been shooting at a beer can instead of a young girl.   This is different from other terrorists attacks because it is

ATTENTION EDITORS - VISUAL COVERAGE OF SCENES OF INJURY OR DEATHGeneral view of the scene with rescue service personnel working near covered bodies outside a restaurant following shooting incidents in Paris, France, November 13, 2015.   REUTERS/Philippe Wojazer      TPX IMAGES OF THE DAY

carried out without emotion.  These terrorists are not killing PEOPLE, they are exterminating western culture, along with the people.   We saw this in Palmyra where treasured antiquities were destroyed, and ISIS plans to exterminate every vestige of
our western culture.

Security measures that may have worked for individual shooters, or small splinter group will not defeat ISIS.
We have been directly targeted and need to take drastic measures and take them immediately.  This assault
has no room left for political correctness, for ‘measured response”, or anything else.  We need to exterminate
this threat quickly and completely to maintain our quality of life.

Everything is at stake now, our paintings, our music, our art, our designer jeans, our freedom of expression,
our families and, ultimately, our lives.  As western leaders meet today, I hope they plan to present an overwhelming
attack aimed precisely at ISIS, with a show of force designed to blow them off the face of the earth.



DOD moves military bases to a higher alert status

In an unusual move today, the U.S. Department of Defense (DOD) raised the security level at
U.S. military bases because of the increasing concerns about possible attacks by ISIS (ISIL).

While the DOD cited no specific threat, they did refer to the recent attack in Garland, Texas,
(last Tuesday), after ISIS claimed responsibility for the Prophet Mohammed cartoon contest
featuring cartoons about “the Prophet”.

The threat level was raised to ‘Bravo’ level, and it’s worth noting that it’s the first time the
threat level has been that high since the anniversary of the 911 attacks on September 11,
2011
,
which was the 10th anniversary of the 2001 attacks.

A higher threat level could mean 100% ID checks at the entrance to all military bases, including
air force bases, army bases, navy and marine bases.   It also puts base military police on alert
to be highly situationally aware, including investigating anything they see that might be
terms “suspicious”.  The FBI will also increase surveillance of suspected pro-ISIS individuals.

Persistent stories have been focusing on the Texas border, which may be harboring an
ISIS camp, and the right wing media has reported that an ISIS camp may be sending their
soldiers into the US on specific missions.  Although this has been widely discredited by
officials,  some circles are reporting a link to the Army’s Operation Jade Helm, a massive
military drill across nine states, which is slated for July 15th, to September 15th, 2015.

We encourage individuals to be situationally alert AT ALL TIMES, and a increase
in military alert levels would certainly be something to note.

 

 

 



White House Security Breach -WHO DIDN’T LET THE DOGS OUT!]

RISK Alert Alert  #590 – White House Security BREACHED

UPDATED Dateline:   Sept 23, 2014

White House Attacker had been ARRESTED TWICE BEFORE, INCLUDING ON
AT THE WHITE HOUSE, CARRYING A MACHETE!

In Federal court, prosecutors said the Gonzalez car contained 500 rounds of ammo,
guns, assault rifles, a hatchet and a machete!  

AND HE HAD BEEN ARRESTED TWICE BEFORE, including in August 2014, carrying a
hatchet on the White House Lawn.   And  on July 19, after being spotted driving recklessly
in a gray Ford Bronco, Gonzalez was charged in Wythe County, Virginia, with evading arrest
and possession of a weapon after he was found in possession of 11 weapons, including a
sawed-off shotgun, assault rifles and knives, and map — with the White House circled!

The Nation Was Shocked on Sept. 19 when an intruder not only jumped the fence,
but was ABLE TO ENTER THE FRONT DOOR of the White House.  Controls that should
have been in place were apparently not ready for an actual security incident.


When even elementary schools have access control and card key systems, it is really hard
to believe that there is NO CARD KEY SYSTEM for the White House. 

SECURITY IS A PROCESS, and that’s why Security Plan, Security Policies, and Security

Procedures are in place for every U.S. Federal Building.  Obviously, at the White House, the
process is broken, or agents are willfully ignoring the security controls which should be in place
100% of the time.  Every government building should have strong access control systems in place.

whiteHouse

The intruder, Omar Gonzalez did the unthinkable, according to the
Washington Post.  They reported that the 42-year-old ex-veteran from
Texas climbed over the north fence line along Pennsylvania Avenue,
toward the eastern side of the house’s circular driveway. His breach
set off the standard security alarm across the compound. Officers
rushed to the North Lawn but were unable to reach him on foot as
he ran, arms pumping, threading the needle between the fountain
and a security guard booth and ignoring their commands that he stop.
Gonzalez actually entered the White House because the door was UNLOCKED!


W
hat We Learned: 

Security Procedures and Policies MUST BE FOLLOWED 100% of the Time
for Security to be Effective.  In this incident, the major problems included:

  1.  Front Doors MUST BE LOCKED to keep intruders out.
  2.  Canine that was on the job should have been released.
  3.  Active Monitoring of cameras was not effective.  Was the intruder missed?
  4. The perimeter fence is obviously not up to the job.  In fact, a 2nd jumper
    breached the fence again on the same day,RISKAlertis a publication of Risk & Security LLC

                                      RISKAlertis a publication of Risk & Security LLC

 

 



Aventura Hospital Patient Strangled in his Room on July 1st,, 2014

RiskAlert INCIDENT REPORT 565 –

Patient Strangled in Aventura Hospital, Florida

32-year old Behavioral Health Patient found Strangled to Death
in his Hospital Room

32-year old Alex Paloumbis diagnosed with bipolar disorder and schizophrenia at a
young age, had been in the hospital for two weeks. He was on the fourth-floor psychiatric
ward when he was attacked by the patient in the next bed. 

The other patient in the room, identified by police as Alexander T. Jackson, 31,  was
charged with first-degree murder and remained in Miami-Dade County Jail on Monday
with no bond. Jackson, who is homeless, was admitted to the hospital around 10 a.m
Thursday,  the day of the murder, which occurred about 3 p.m. the same day. He was
put in the same room with Rios, according to the arrest report. 

 LESSONS  LEARNED:  

Behavioral health patients require extra controls including
live, continual camera monitoring, use of appropriate
medication and possible use of restraints.

Patients may pose a danger to others, as they did in this tragedy,
and should be under continuous supervision.

Rios was last seen alive at about 2:45 p.m. Thursday. At 3:36., a hospital
housekeeper found him face down on the floor.  “The defendant admitted
to killing the victim by strangling him with his hands and a bedsheet,”
according to the report.

While administrators declined to comment on the security procedures at the
hospital, IAHSS 
(the International Association for Healthcare Security & Safety)
President Marilyn Hollier said psychiatric floors generally have lock-down
procedures, metal detectors, seclusion rooms and cameras at the access
points.  It is not known whether any of these security controls existed at the
hospital.  Hollier also stressed that security officers need specialized
training to deal with behavioral health patients.

Aventura Hospital, located near I-95 north of Miami, Florida, has a large
behavioral health unit with 46 beds.  The victim’s mother said her son was
never violent. “He never, never, never raised his voice,” Paloumbis said.
The mother was summoned to the hospital Thursday. She was told come
quickly and then was ushered into a room where police officers and detectives
were waiting. Though she had limited English skills, she understood that
her son was dead and initially thought that he may have died from a heart attack
or other natural causes.

Stay Situationally Aware and Continuously Monitor Behavioral Health Patients!

 RISKAlert® is a publication of Risk & Security LLC at www.riskandsecurity.com



Why We Need to Switch to a Risk-Based Security Model – School Stabbing at Franklin Regional, Active Shooter Incidents at Fort Hood (twice), LAX, and The Washington Navy Yard.

When I turned on the news today, I was in the middle of writing an article on the 2nd Shooting
at Ft. Hood from last week, and then saw that there had been a violent knife attack at a
Pennsylvania high school, with 20 casualties and at least eight injured critically, the next day,
there was a hate crime shooting at the Jewish community center in Overland Park, Kansas.

Once again, we see violence on a mass scale, the FBI has been brought in, and next will come
information on the victims.   With two major events, in two weeks, what can we deduce about the
security in place at both Franklin Regional High School, Pennsylvania, and Fort Hood, Texas.

        NEWS FLASH:   THE CURRENT SECURITY MODEL IS NOT WORKING!

CURRENT SECURITY MODELS

Disaster preparedness is improving,  Emergency Management is working, but security is
still not where it needs to be.  It is a systemic problem based on the fact that security around
the U.S. is still locked in a REACTIVE mode, not a PROACTIVE mode.

The main reason for this reactive mode in security organizations, is because most security
officers come from a law enforcement background, with a model which is based on crimes
and arrests, and it is totally REACTIVE.  A crime happens and police officers go into action
and arrest the perpetrator(s).

CRIME HAPPENS    =    PERP IS IDENTIFIED    =   PERP IS ARRESTED

Unfortunately, this reactive model does not work for preventing security incidents and mass violence
because it is INCIDENT DRIVEN, not Risk-Driven.  It focuses on individuals, not on a more holistic,
generalized view of Threats, and it totally leaves Solutions (Controls) out of the equation.

After studying pages of after action reviews, post-incident analyses and media sources, the one
recommendation that makes sense is that organizations need to switch to a RISK-BASED,
PROACTIVE mode for security to work
.

This was highlighted in a remark made by a Pentagon official, commenting on the 2nd Fort Hood
Shooting on April 2, and the fact that new DOD recommendations for security, had just been released.

“After the Navy Yard shooting in September 2013, another round of recommendations were made
to improve security at all DOD installations, however, a  Pentagon official said that the new
recommendations had not yet been put into effect at Fort Hood.
 At Fort Hood, very little 
had
changed from 2009
regarding security procedures for soldiers at the entrance gates.”

The question for the Department of Defense is “how could this happen again at the same military
base?  
I took extra time to study the 89-page document called An Independent Review “Protecting
the Force
”, one of 3 reports created after the initial Fort Hood Shooting, whene 13 were killed, and
43 injured.

If you look at the recommendations, they are very bureaucratic and procedural.  They could have
been written by an efficiency expert, not by anyone with a background in security, and covered things
like policy changes, and having screening for clergy and psychologists, and improved mental health
programs.   These are all important, but they do not provide a secure environment.

The LAX after action analysis’ Number One recommendation was to change
the security focus to a Risk-Based approach
.

 


RISK-BASED SECURITY

The problem with a reactive approach is that you can’t screen and lock down everyone. At Fort
Hood, for example, there are 80,000 individuals living on the base, and probably hundreds of
visitors who go in and out every day.  It’s impossible to assess the mental health, and the
‘intentions’ of all of them.

FortHoodAmbulances-Medium

That’s why a Risk-Based Approach works – because it focuses on the potential threats and then evaluates the existing controls to see whether they offer the required amount of protection based on the likelihood of the threat occurring.

You stop violent events by controlling access and by controlling weapons.  No matter how unpopular they are, you use metal detectors at certain points, you use security officers at key entrances, you control entrances and exits.

Once the event starts, you can improve security by having faster notification (panic alarms), ability
to block, or disable weapons and attackers, adequate transport, better emergency response, but to
avoid the violence, you need to have strong access control.

The Risk-Based approach makes use of annual risk assessments that are holistic in nature. They
are not done in stovepipes, they include the entire organizations, they include input from staff
members, visitors, students, vendors, soldiers, patients on how they see security from their point
of view, which is always dramatically different from management or administration.

A risk-based approach requires an organization to:

  • Define potential security risks.
  • Develop standardized risk assessment processes, for gathering and
    analyzing information, and use of analytical technology
  • Risk-Based Security focuses on PREVENTION OF NEW INCIDENTS
    whether they are active shooter, general violence, etc.
  • Enhances security’s ability to rapidly respond  to changes in the threat environment.

MORE BANG FOR THE BUCK

According the LAX (LAWA) after action report, “Simply adding more security does not
necessarily provide better security.
  Determining priorities and where to achieve great
value for the dollars invested requires regular, systematic assessment of the likelihood
and consequences (risks) associated with a range of threat scenarios that morph and
change more quickly now than ever before. 

Collaborative engagement in a security risk assessment process across the community builds
the buy-in needed to develop and sustain a holistic security program over time. Leaders must
be open to challenging established practices and demonstrate a willingness to change direction”
.

Making the switch to a Risk-Based security program is the best recommendation for those who
want to protect their staff, students, patients, vendors, clients, soldiers, and visitors from a mass
casualty event, or for all the organizations who don’t want to have a terrible incident happen in
the first place!

 Caroline Hamilton, friend of Patty Garitty (Soup Kitchen voluteer)

Caroline Ramsey-Hamilton

President, Risk and Security LLC

Caroline@riskandsecurityllc.com

 

www.securityinfowatch.com/blogs

www.riskandsecurityllc.com



What Went Wrong at Fort Hood? Another Active Shooter?

RISK Alert  Alert  #530 –  Fort Hood Active Shooter-April 2, 2014

 Dateline:  April 5, 2014

Shock and grief were the reactions when the news said, for a second time, a shooter
inside Ft. Hood near Killeen, Texas had killed 4 and injured 13 in another Active Shooting
Incident. Everyone remembered  the first major shooting attack in November 2013, when
a major killed 13 and injured 43 because he did not want to be deployed to Afghanistan.

A total of 73 injured and/or killed in the two incidents!

How could this have happened?  The Department of Defense had implemented many of
the recommendations of its internal, and independent review panels, and the changes had not

been enough to prevent another active Shooter incident.

The 34-year old shooter had apparently been denied a leave form, and asked to come
back the next day and he came back, with a .45-caliber Smith & Wesson semiautomatic
handgun, recently purchased at Guns Galore, and started shooting.  He eventually turned
the gun on himself, after firing 35 rounds in two buildings over a 2 block area.  He had a
history of mental issues, and had recently been transferred to Fort Hood.


What We Learned:    The After Action Review “Protecting the Force” had detailed 89
recommendations, but by Sept. .2013,  only 52 had been
implemented and none included an Active Shooter Risk Assessment.


A comprehensive Active Shooter Risk Assessment has to be the first recommendation
after any Active Shooter event.  Recommendations from the previous shooting were concentrated
on new policies and procedures, mental health screening, education and training programs but
those controls did not directly influence PREVENTION of incidents.

A Review of the Most Important Active Shooter controls would have been more
likely to prevent a future shooter event, like:

  •           Tightened Access Controls for Facilities
    • Panic Alarms
    • Tracking of Potential Troubled Individuals
    • Metal Screening for Weapons
    • Policy on Personal Weapons on Base

      After the Navy Yard shooting in September 2013, another round of recommendations
      were made to improve security at all DOD installations, however, a  Pentagon official
      said on Thursday, April 4th, that the new recommendations had not yet been put into
      effect at Fort Hood.
       Unfortunately, at Fort Hood, very little had changed from 2009
      regarding security procedures for soldiers at the entrance gates.

      Stay Alert and make sure that any Security Incidents are reported IMMEDIATELY!
                                                                      
                                     



After Action report on LAX Shooting Recommends Risk Assessments

The Los Angeles World Airports (LAWA) released the long-anticipated After
Action Analysis on the LAX Active Shooter Incident in 2013.

The 83-page report was written by an independent consultant who analyzed
all aspects of the Shooting incident and includes a list of “Major Observations
and Recommendations.”   The recommendations are “to provide focus for
LAWA’s efforts toward continuous improvement in it’s security and emergency
preparedness programs.  

These areas were highlighted in the report as “7 priority observations that merit
special consideration.

Recommendation 1.1:  Evolve the LAX Security Program to reflect a more
integrated assessment of security risk and provide for the ongoing development
and management of mitigation measures.

Recommendation 1.2:  Based on the RISK ASSESSMENT and updated security
plan, consider the focus and structure of security functions to determine whether
realignment and integration are needed.

Recommendation 1.3:  With the benefit of recent vulnerability and risk assessments,
take a risk-based approach to evaluating current security programs and explore
intelligent use of technology.”

Once again, doing frequent Security Risk Assessments and managing the security
program and enhancements to follow the recommendations of the Risk Assess-
ment are the first recommendations in the After Action Analysis of an Active
Shooter Incident.

In my experience, in most organizations, Facility Security Risk Assessments are
not conducted correctly, are not reported to senior management, and not used as a
tool to ADJUST AND FOCUS the security program based on RISK.

Why aren’t security risk assessments done more often?  

1.  People don’t have the right expertise to do a full risk assessment.

2.  Security managers view Security Risk Assessments are too difficult
     to undertake.

3.  Law enforcement personnel still do not understand the concept of risk 
     assessments and instead, tend to rely on checklists of controls or
     security elements, rather than integrating all the information to
     create a true Risk-Based model for security.

The solution to this problem is to use affordable, easy to use software tools, like
the Risk-Pro Application for Facilties Security Assessment  and their Risk-Pro
Application for Active Shooter Incident to simplify the process of doing more
frequent risk assessments and using them as a management tool to focus
security so it will be able to recommend the security enhancements that are
needed, and not only how MUCH to spend, but actually dictate the order
of necessary controls.

Far from being a boring, intellectual exercise, well done security risk 
assessments can dramatically reduce the possibility of an active shooter
event, and also mitigate the many negative consequences that come
from such disruptive incidents.

 

 

 



Putin Analyzes his Risk on Invading Crimea

The invasion of Ukraine’s Crimea region by Putin’s “un-labeled” troops
illustrated two major principles of a Risk Assessment.   

    #1 – Secure your Critical Assets First

It’s not about the citizens of Crimea, not about the Ukraine wheat fields, or
even it’s use as a pipeline pass-through area.  It’s all about the Black Sea
Ports.  These ports 
are absolutely critical to Russia (and also to PUTIN
– the EGO), because they 
are a critical place to ship gas and oil from,
and they also give Russia their 
only access to the Mediterranean,
in case Putin urgently needs a gelato!

The second principle of a risk assessment is

    #2 – Analyze all the Potential Threats

I read a great article over the weekend about how Putin had sized up the
EU and the European bankers, and calculated that the threat of any interruption
of the Russian-European banking relationship was zilch – zero.  Bankers are
not going to reduce their profits by refusing to do business with Putin.

The next potential threat is U.S. retaliation or sanctions.   Putin correctly
calculates that the US didn’t get out of Iraq and almost out of Afghanistan
to immediately send any boots on the ground to Crimea or eastern Ukraine.
We can threaten to curtail his trips to Vegas and Disneyland, but the U.S.
is not going to start a war over this.

Putin did his risk calculation and decided that his chance of getting in any
serious trouble was VERY SMALL and his potential gain was VERY HIGH:

1.  He gets to look like a tough guy again.

2.  He gets lot of media attention from the whole world (doesn’t care what
media writes about him, as long as they spell P*U*T*I*N  correctly and
gets him back on the world stage again.

3.  And, the clincher is that he can pull the troops out anytime he wants,
send them 
back home, and no real harm done.

But I did pay attention in my history class, and I am hoping out loud that
we are not on the precipice of another war!



Get Management’s Attention for Security – Shooter Kills the Hospital Administrator

Every Security Officer I’ve ever met has mentioned how difficult it can be to get funding for additional security!  It is a never-ending mission, to get the budget for a security program that will truly protect an organization.

Hospitals are no exception.  They have suffered their own financial problems and because security is not seen as a ‘clinical’ or ‘patient care’ issue, it is easy to take money from security and put it somewhere else.

But there’s one sure way to get management’s attention for Security — having a security incident.  And if you don’t have one at your organization, high profile security incidents at other facilities will all grab management’s attention.

In my Risk-Pro Security Incident Report today, a shooter killed four, wounded three, and then killed himself.   What was unusual about this incident was that the shooter went to the Hospital Administrator’s house and shot the administrator dead, and then shot his wife who was taken to an area hospital.

AdministratorHome-Louisiana

 

 

 

Most executives and administrators think about security as sort of an abstract concept, that doesn’t directly affect them.  But it might, and by sending your management a copy of our Risk-Pro Incident Report, you’ll get their attention this time!

(Subscribe to the Risk-Pro Incident Report program by sending an email with the word SUBSCRIBE on it to info@riskandsecurityllc.com)



Got a House near the Coast? The Storm Surge Lessons we’re Learning from the Philippines Disaster and Hurricane Sandy…

You already know that the climate is getting progressively warmer, and sea levels around the world
are rising.

This new climate reality played out last week in the Philippines, an archipelago nation with over 7000 islands, as a giant typhoon smashed into the central Philippines districts and destroyed everything in its path, including housing for millions of people living near areas around the cities of Tacloban and Cebu and other islands.

With thousands already dead and thousands more in  island areas that have not been reached yet,
the ultimate death toll may be weeks in coming, but some experts think it could top over 15,000 people.

If, like me, you live near an ocean coast anywhere, you have to wonder how future storms may affect your region.

The rising sea levels are already invading fresh water wells along Florida’s east coast, polluting the fresh water with salt, and forcing cities to find new fresh water sources.  Saltwater seeping in from the ocean keeps spreading farther west, threatening to ruin the freshwater supplies that provide most of South Florida’s drinking water.

Even though the US doesn’t get typhoons, it does get hurricanes, and what we learned in this typhoon, just like we learned in Hurricane Sandy in October, 2012, was that it’s not the wind, it’s not the rain,
it’s the STORM SURGE that creates the disaster. 

In the recent typhoon, the storm surge, while not technically a tsunami, pushed up an enormous amount of water on shore, that destroys everything it touches and pushes the water inland, dragging along houses, trees, cars, people, animals, giant ships, hotels and anything else it finds on it’s path.

“As a nation we don’t understand storm surge well, nor do coastal communities understand storm surge risk,” said Jamie Rhome, a storm surge specialist at the Hurricane Center. “It’s one of the hardest things to communicate.”

Storm surges can travel inland up to thirty miles and can quickly push up rivers, and bays. “People
don’t understand how far inland storm surge can go,” Rhome said. “It penetrates well inland, goes up rivers, into bays. It goes wherever it can, and people don’t realize they are at threat of flooding.”

Cities and regional planning groups need to re-examine the storm surge threat in their areas, and make plans to deal more effectively with these lethal storm surges that may come from hurricane and typhoons in the future.




top