Active Shooter Response Training: Important tips for preparing employees in an effective and responsible manner

active shooter response training for employees

Active Shooter Response Training: Important tips for preparing employees in an effective and responsible manner

It’s an obvious point that even the best-designed response plans and facility preparations will be of limited benefit if employees are unprepared to take independent action for their self-preservation during active shooter attacks. In recent years, recommendations and guidance from a number of authoritative sources (e.g., Department of Homeland Security, ASIS International’s WVPI-2020/AA, etc.) have progressively established a ‘standard of care’ expectation for active shooter response training in workplace settings.

Although these authoritative sources universally promote the importance of training employees and establish a basis for response doctrine (“Run-Hide-Fight”), there is little empirical guidance regarding effective and responsible practices for employee training beyond NASRO-NASP’s Best Practice Considerations for Armed Assailant Drills for Schools published for the educational community.

In the absence of universally recognized standards for active shooter response training outside the educational community, numerous instructional approaches and “branded training systems” have emerged with practices ranging from instructing employees to watch a 5-minute video to conducting aggressive scenario-based drills involving a role player hunting and shooting employees throughout the office with high-velocity paint projectiles. The consequences of this “Wild West” type situation only became fully clear to me when I was hired last year as an expert witness in a liability case involving a traumatized employee who incurred an injury during an active shooter drill.

In the absence of a recognized body of “best practices” for conducting active shooter response training, the following are some tips for designing and conducting active shooter-related training programs that address a number of common shortcomings and problems we witness out there in the Wild West today.

Instruction during active shooter response training should clearly empower employees to take independent action during possible attack events

During most emergency situations in workplace settings (e.g., severe weather events, building fire, bomb threats, etc.), there is often time and opportunity for an Incident Commander to initiate an alert and floor/zone captains or work supervisors to safely organize and direct employee response. By contrast, during active shooter events, every second is critical and any hesitation by employees while awaiting instructions can be fatal.

Keep in mind, emergency communication plans often fail during active shooter attacks. In some cases, this is due to a lack of situational awareness or the inability of emergency team members to safely access public address systems. In other cases, it may be due to “freezing” in response to life-threatening danger or the impairing effects of the Sympathetic Nervous System (SNS) on memory recall and problem-solving ability. As a result, emergency public address announcements are often delayed (if they occur at all). A few examples of this situation include the attacks at Sandy Hook Elementary School (2012), Marjory Stoneman Douglas High School (2018), Robb Elementary School (2022), and The Covenant School (2023).

To address this matter during classroom training, we begin discussion about active shooter response with a slide specifically dedicated to attack recognition followed by a bold-formatted statement: “Do not wait for someone to tell you what to do!”

I’ll often reinforce this point further with a few examples from previous attacks illustrating people who recognized potential danger based on limited information, trusted their instincts, and survived by taking action for their personal safety without further instructions.

Keep the principles of active shooter response simple during training while also ensuring employees understand the dynamics of different situations and choices.

It’s assumed that most reading this article are familiar with the DHS active shooter response training doctrine based on the terminology “RUN-HIDE-FIGHT.” This simplified response guidance is designed to be a prioritized list of preferred protective responses when an active shooter attack is recognized. “RUN,” for instance, should always be the first option when the opportunity is present. If RUN is not possible, then “HIDE” is the next prioritized option. And last, if there is no option to RUN or HIDE, employees should use whatever force is available to protect themselves and others if caught in close proximity of a gunman (“FIGHT”).

Although RUN-HIDE-FIGHT is easy to remember, it doesn’t clearly describe the safest actions in many situations. Instead, we prefer a different terminology in our active shooter training programs using the terms ESCAPE, BARRICADE, and DEFEND.

First, the DHS term “RUN” simply implies moving away from danger at a fast speed. Often this is good advice, but can also be dangerous if the employee doesn’t have accurate situational awareness of the location of danger. Our preferred term “ESCAPE” may mean running. ESCAPE may also mean moving cautiously while sensing the environment for the location of danger. ESCAPE also considers non-conventional methods of getting away from danger such as moving to the roof (if accessible) or climbing out a window.

Likewise, the DHS term “HIDE” simply implies concealment. We want to emphasize to employees that the only truly safe location to seek refuge during an armed attack is an intrusion-resistant room that can be properly secured. If ESCAPE is not an option and there is no safe location nearby to seek refuge, hiding is better than nothing. But it is still unsafe.

Our preference for the term “DEFEND” over the DHS term “FIGHT” is for reasons of psychological acceptance. The word “FIGHT” is often interpreted offensively and many employees impulsively recoil at the idea of taking offensive action against a gunman. The term DEFEND is less provocative and easier to psychologically justify.

With a similar aim of communicating preferred response actions in a simple manner, the Advanced Law Enforcement Rapid Response Training Center employs the acronym “ADD” (AVOID-DENY-DEFEND). Other training systems employ more complex acronyms like ALICE (ALERT-LOCKDOWN-INFORM-COUNTER-EVACUATE) and A.L.I.V.E. (ASSESS- LEAVE-IMPEDE-VIOLENCE-EXPOSE).

Regardless of the terminology used, ensure that employees also understand that the safest action in one situation may be dangerous in another depending on where the attacker is located in relation to the employee, building geography, presence of nearby safe refuge rooms or exits, etc. Although our aim is to present response actions in a simple manner that’s easy for employees to remember, it’s also important that employees understand what types of circumstances may warrant a preferred response.

Customize the active shooter response training program to ensure that employees understand how the principles of response relate to their specific workplace environment

Prior to conducting any active shooter response training, I recommend conducting an assessment to ensure that the physical conditions and communications infrastructure at the facility are adequately ready to support the expected response of employees during active shooter events. Likewise, it is important that instructors are familiar with the facility’s communications systems, egress capabilities, and safe refuge options as necessary for relay to participants during training sessions and answering questions about conditions specific to the facility.

When discussing ESCAPE (DHS “RUN”) as a response, display a floor plan of the facility and its exits to identify suitable egress options and identify any exits that should be regarded as dangerous (e.g., stairwells that discharge into first-level lobbies or corridors, etc.). Similarly, if there is an accessible roof access, identify its location on the floor plan and make note of how to access the roof during the presentation.

When discussing BARRICADE (DHS “HIDE”) as an option, display a slide with a floor plan identifying all rooms on each building floor that meet safe refuge criteria (accessible, intrusion-resistant rooms that can be reliably locked by employees). If there are no rooms that meet safe refuge criteria, be sure to clearly make that point to employees and emphasize that ESCAPE is the only truly safe response in this situation.

In addition to discussing facility characteristics as related to active shooter response, I also recommend including a description of procedures for making an emergency ‘all-call’ announcement using the facility’s phone system (if programmed accordingly) or mass notification system if present (e.g., Informacast, etc.).

Reinforce memory through physical and/or mental engagement

As mentioned earlier in this article, the Sympathetic Nervous System (SNS) is often activated during life-threatening situations with impairing effects on memory recall and problem-solving ability. As a result, it’s often no surprise when employees who simply listened to a classroom lecture or watched a video about active shooter response forget critical safety measures, freeze, or take irrational actions when challenged months later during a real attack.

To address this problem, active shooter response training programs should employ multiple means of instruction whenever possible and reinforcing learning points through direct physical or mental participation by students. Active shooter drill exercises are best for this purpose. However, conducting drills properly and safely requires properly trained instructors (lead instructor, observer-controllers, and a role player) and entails a degree of planning and logistics that often exceeds many organizations’ tolerance for inconvenience.

If conducting active shooter response training drills is not possible, we recommend at least engaging participants during classroom training that engages them mentally in evaluating their response options and considering how they personally might respond in their workplace situation. For this purpose, we use a classroom handout sheet titled “Personal Plan for Active Shooter Response.” The sheet has several questions organized by section to correspond with topics during the training presentation.

At designated cue points during the lecture, the presentation is paused and students are instructed to complete specific sections of the Personal Plan sheet. The purpose of the Personal Plan sheet is to provide employees with an opportunity to consider possible response situations as related to their personal work activity and reinforce long-term memory through the act of writing.

Some examples of questions include:

The nearest exit to my normal work area is ____.

I can/or cannot use the windows in my building to escape? _____. If yes, I can open the window by ____.

The nearest safe room to my normal work area is ______.

I can lock the door and barricade by: ______.

By working through a challenge mentally and reinforcing that activity through the act of writing, memory is reinforced. And if a situation does arise in the future, it is not the first time the employee has considered that challenge and there is at least a frame of reference in memory to guide action.

Be attentive to the pre-existing beliefs and psychological sensitivities of employees when designing and conducting active shooter response training

Expect that within every employee group, there will be diverse perspectives regarding the risk of active shooter violence. Some may believe it could never happen. Others may have amplified fears. Likewise, some actions that may be warranted during active shooter attacks (particularly the issue of personal defense, or what DHS traditionally calls “Fight”), naturally provoke anxiety in many people. During my experience training larger employee groups, I often encounter participants with heightened sensitivity to these issues due to a previous traumatic experience.

Unfortunately, the sensitivity of this situation is often dismissed (or at least underappreciated) by many colleagues in the tactical community who believe in “stress inoculation” by displaying graphic footage of previous shooting events and conducting high-intensity simulation exercises. Although these types of training methods are appropriate for preparing soldiers and police for combat, they often have a reverse effect on employee groups resulting in increased fear and anxiety.

Regarding the issue of diverse beliefs about risk and pre-existing fears, I recommend beginning active shooter response training sessions by verbally acknowledging these different perspectives. Our aim in this short discussion is to catch the attention of those who think it isn’t possible while also tempering any exaggerated fears. To first address the matter of amplified fears, I begin with a slide citing OSHA and CDC statistics regarding workplace fatalities underscoring the low probability of a shooting event.

Then, after acknowledging that although the likelihood of an attack is very low, emphasize that these are real events nevertheless and with potentially catastrophic consequences. To reinforce this point in classes we teach, I use a slide of FSU’s Strozer Library and tell a personal story about my daughter, Heather, who was in the Strozer Library the night of the 2014 shooting. If you as an instructor have a similar story to share, this is a great opportunity to use it.

Afterward, close the discussion by summarizing that active shooter violence is a very low probability risk, but with potentially very high consequences. And our aim as an organization is to reduce that risk responsibly by ensuring that all employees understand their role in preventing and responding to attacks.

Regarding the matter of anxiety and cracking the ‘mental permission barrier’ about self-defense, there is another approach I’ve found rather successful.

When advancing to discussion about DEFEND (DHS “Fight”), pause for a moment, scan the audience, and acknowledge the uncomfortable nature of this subject. Then ask participants to raise their hand if they have children and keep them raised. Next ask, “If you knew that the life of your child was in imminent jeopardy, could you use force (including even lethal force) to protect your child? If the answer is no, lower your hand.“

Most hands will remain raised. Even those who passionately abhor violence or feel most intimidated by this subject will usually keep their hand up. Protecting our children is one of our most primal impulses as humans.

Then ask, “And then why would you not also do so for the protection of your own life?”

Give them a quiet moment to digest that point. As you now look around the room, watch the eyes of the audience. You can often witness the ‘lightbulbs illuminating above people’s heads’ as they never thought about the matter like that before.

Craig Gundry

Craig Gundry is the Vice President of Special Projects for Critical Intervention Services and an instructor on advanced security topics for the S2 Institute. As a consultant, Mr. Gundry specializes in managing risks of mass homicide (e.g., terrorism, active shooter violence, etc.) and has assisted clients around the world in improving their security and emergency readiness programs.

July 13, 2023August 17, 2023

Lessons Learned from Staring into the Abyss: An analysis of the Al-Noor Mosque Video

Lessons Learned from Staring into the Abyss: An analysis of the Al-Noor Mosque Video

Examining active shooter behavior and identifying security vulnerabilities and failures during attack events is a critical part of improving our preparation for future violence. While recently updating case studies for a training program and working on a separate client project, I spent considerable time watching and re-watching live stream videos and CCTV footage from several previous attacks.

After getting past nausea and the psychic weight of watching such horror – a matter that never gets easier despite how many years I’ve been doing this – a number of lessons were evident that I thought worth exploring as the focus of an article. However, instead of surveying all of the incidents I case studied recently, I’ll limit our examination in this article to the 2019 Al-Noor Mosque shooting in Christchurch.

Attack Events and the Al-Noor Mosque Video

For those unfamiliar with this incident, the Al Noor Mosque is an Islamic worship center in the Riccarton suburb of Christchurch, New Zealand. On 15 March 2019, approximately 190 people were present during the time of the massacre. The attack was perpetrated by a white supremacist we’ll refer to in this article as “B.T.” The attack was streamed for exactly four minutes on Facebook Live beginning as he approached the mosque in his vehicle and ending after he exited the mosque and shot at a person on the street.

The attack commenced at approximately 1:40 pm during afternoon prayers. In the video, B.T. approaches the area while driving and parks on a street adjacent to the mosque. He then exits the vehicle dressed in tactical gear armed with an AR-15 style rifle and retrieves an additional shotgun from the back of his vehicle. At that point he proceeds down the road and onto Deans Avenue proceeding toward the entrance of the mosque’s walled courtyard.

Once inside the courtyard, he proceeds directly toward the main entrance where he fires multiple shots from the shotgun and kills two people standing in the doorway. After emptying the shotgun, he switches to an AR-15 style rifle equipped with a strobe light and continues directly toward the main prayer hall, firing at people in the hallway and through the doorway into the women’s prayer room.

As he arrives inside the main prayer hall, he begins firing at masses of people congested near the hall’s North and South exit doors. Both groups collapse into piles as people take cover, trip, and fall to gunfire. At this point, a man rushes toward B.T. and is shot and killed at close range.

B.T. then proceeds back into the hallway, reloads, and then returns to the main prayer hall where he begins firing into the piles of people still located near the exits. After firing several shots, he has a weapons malfunction. He clears the weapon, reloads, and continues firing intermittently at immobile people on the ground.

After exhausting all targets, he exits the mosque and heads toward the courtyard entrance while reloading again. When he arrives on the street, he fires several rounds at a pedestrian and the video ends.

Observations & key takeaways from the Al-Noor Mosque Video

1. B.T. arrived at the mosque armed with an arsenal.

In the video, multiple weapons can be seen in the back of B.T.’s vehicle. Media reports state that B.T. had six weapons altogether including two AR-15 style rifles, two shotguns, a handgun, and a bolt action rifle. And this situation is not uncommon. Many perpetrators of active shooter attacks arrive as if prepared for war, armed with multiple weapons and an extraordinary amount of ammunition.

As a practical implication of this point, security and police officers assigned to protecting venues against active shooter violence must be prepared for engaging a well-armed adversary. And with 5.56mm and 7.62x39mm weapons being frequent and having the greatest penetration capability of common weaponry, body armor worn by protective personnel should be rated NIJ Level III as a minimum. Likewise, when specifying bullet resistant materials, minimum specifications should be UL 752 Level 7 (5.56mm x 5 shots) and EN 1063 BR5 (5.56mm).

2. B.T. proceeded straight to the main entrance of the mosque and did nothing to conceal his approach.

As discussed in other Expert Insight articles, a significant percentage of attacks by outsiders commence outdoors and progress indoors. Likewise, outside attackers usually enter directly through main entrances (as opposed to auxiliary entrances and exits).

As a first practical point, early detection of an approaching attacker while he/she is outdoors is crucial in providing an opportunity for building lockdown and initiating emergency alert. One way this can be accomplished is by posting security personnel outdoors with view of possible approach points. When working with houses of worship as a consultant, I often advise posting security personnel and/or volunteer greeters outdoors equipped with radios for this purpose.

As we’ve also witnessed in many other attacks, B.T.’s first rounds were shot outdoors before he made entry into the building. In these type of situations, gunshot detection systems can be invaluable and often integrated with an access control system to automate lockdown of access controlled exterior doors.

3. The total time from when B.T. arrived on site (entered the courtyard gate) to when mass killing was in full progress (inside the prayer hall) was 30 seconds.

As we’ve discussed in previous articles, these events go down FAST and the variance between adversary task time and response time in these incidents has a direct correlation with the degree of tragedy. At the Al-Noor Mosque, the absence of detection and delay elements (e.g., intrusion-resistant doors, glazing, etc.) resulted in minimal opportunity for people to initiate a protective response.

To provide further perspective on this matter, B.T. killed 41 people and wounded 40 in a total time period of 107 seconds (from first shot on approach to the last shot inside the mosque).

4. Most people were killed while bottle-necked at the two exit doors inside the prayer hall.

Minimal escape options and limited exit capacity are common problems in group assembly areas. And this unholy combination of conditions has contributed to significant casualties in a number of incidents. In addition to the Al-Noor Mosque, other examples include the shootings at the First Baptist Church (Southerland Springs, 2017), the Bataclan Theater (Paris, 2015), Pulse Nightclub (Orlando, 2015), and the Reina nightclub (Istanbul, 2017).

Unfortunately, egress design is a frequently overlooked matter in active shooter preparation. Please see my other article focusing on egress design and active shooter attacks for a more detailed examination of this issue and options for remedy.

5. Compounding the egress problem, people at the South exit door were trapped because of inability to disengage a mag lock.

When B.T. begins firing inside the main prayer hall, a large group of people can be seen amassed near the exit on the south side of the mosque. It’s not evident in the video, but those people were literally struggling for their life to open the locked exit door due to an electromagnetic lock and nondescript push-to-exit switch that no one could locate. Seventeen people died at that door as a result. In fact, those who survived broke through the glass door to escape.

NOTE: The position of casualties depicted in the above diagram is incomplete. However, the diagram does accurately depict the location of victims inside the main prayer hall.

As we’ve discussed on other articles, mag locks present a number of problems during active shooter attacks and should be avoided whenever possible. First, life safety codes universally require that egress doors equipped with mag locks fail safe (unlocked) during fire alarms. In this situation, the fire alarm is a ‘virtual master key’ and will compromise any door equipped with a mag lock. And although such situations are uncommon, we have had a number of attacks where fire alarms were activated by gunmen, good Samaritans, or indoor weapons fire.

Codes also require door-mounted exit hardware (e.g., switch, lever, etc.) or alternatively, an exit sensor to unlock mag locks when an alarm is not activated. At the Al-Noor Mosque, there was no exit sensor (only a push-to-exit switch). Although this was a violation of code and should never have been permitted, I’ve witnessed numerous situations in my consulting activities where previous fire inspectors overlooked this issue. I have also seen situations where facilities have taped over the exit sensors to avoid unintentional unlocking as people pass nearby (another common problem associated with mag locks).

As a much better alternative, I recommend using electrified exit bar devices or electric strikes with mechanical hardware on exit doors. During an evacuation, electrified exit bar devices operate identically to mechanical exit bars—push the bar and the door opens. Aside from ease of operation, doors equipped with electrified exit bars and electric strikes can remain secured during power disruption and fire alarms (withstanding stairwell doors and other situations as defined by code).

Craig Gundry

June 4, 2023June 4, 2023

Enhancing Workplace Safety: The Importance of Utilizing Outside Experienced Experts and The WAVR-21 Assessment

Workplace violence is a serious and increasingly prevalent issue, requiring meticulous and impartial assessment for effective mitigation and prevention. It is vital that organizations leverage the expertise of external specialists in workplace violence assessment to navigate this complex and sensitive landscape. These professionals bring a unique blend of neutrality, proficiency, and experience that ensures a comprehensive and accurate evaluation of workplace violence risks.

External experts, unburdened by ties to the company or its employees, offer an unbiased evaluation of workplace violence risks, navigating the situation without being influenced by internal politics or personal relationships. Their impartiality is vital for an unfiltered assessment, identifying potentially hidden or understated risks, thus ensuring an accurate and comprehensive understanding of the situation.

Their specialized knowledge and experience further bolster the effectiveness of their assessments. Equipped with the latest research, industry best practices, and legal requirements associated with workplace violence, these experts can identify early warning signs and devise strategies to counter potential threats. Their in-depth understanding and practical expertise make them invaluable assets in providing sound advice that can significantly mitigate workplace violence risks.

One of the key tools these experts leverage is the Workplace Assessment of Violence Risk (WAVR-21), an empirically based structured professional judgement instrument (SPJ) designed to evaluate the risk of violence within a workplace environment. Developed by leading experts in threat assessment, the WAVR-21 is a comprehensive approach to workplace violence, incorporating 21 dynamic and static factors relevant to this issue.

The WAVR-21’s methodical approach ensures a balanced and accurate evaluation by encouraging the consideration of multiple information sources. It aids in identifying the context and nature of the threat, as well as the personality and situational factors influencing an individual’s behaviors. Crucially, the tool guides the development of effective management and intervention strategies.

The importance of having an outside expert who is properly trained in use of the WAVR-21 instrument cannot be overstated. These professionals have undergone specific training to conduct assessments accurately and effectively. They possess a deep understanding of different risk factors, ensuring an accurate and nuanced assessment. Additionally, they can incorporate the tool into a broader assessment strategy, considering other relevant factors such as organizational culture, policy, and procedures.

WAVR-21 qualified professionals are trained to interpret the results of the assessment in a meaningful way, considering the specific context and dynamics of the workplace. They can provide detailed recommendations for risk reduction measures, intervention strategies, and ongoing management practices, thus ensuring a thorough, informed assessment tailored to the unique circumstances of each workplace.

Another crucial benefit of engaging an outside expert is their ability to maintain confidentiality and trust, often creating a secure environment for employees to express their experiences and concerns. Given the complexities of legal and compliance issues associated with workplace violence, outside experts adept at navigating these regulations and standards can ensure a comprehensive, legally sound assessment, helping organizations avoid potential liabilities.

Upon completion of the assessment, the outside expert can provide expert guidance in developing preventive measures and response protocols. Their recommendations, grounded in industry best practices and tailored to the organization’s specific needs and challenges, strategically equip the organization to prepare for and mitigate potential threats effectively.

In conclusion, engaging a WAVR-21 certified outside expert for workplace violence assessment isn’t just a prudent decision—it’s a vital strategic move that ensures the long-term safety and success of an organization. By combining their expertise with the structured approach of the WAVR-21, these experts ensure a comprehensive evaluation of potential risks and a robust strategy to mitigate workplace violence. The result is a safer, more secure work environment that promotes productivity and employee well-being.

Finding an expert

Finding an expert, specifically a WAVR-21 qualified professional for workplace violence assessment, involves a few steps:

1. Professional Associations and Organizations: Professional associations related to workplace violence prevention and threat assessment are excellent resources. They also provide resources and information that can be helpful in your search.

1. Referrals: Talk to peers in your industry or a trusted legal advisor who may have used such services before. They can provide a firsthand account of their experiences and recommend experts they’ve found reliable and competent.

1. Online Search: A simple online search can also help you identify potential experts. Look for professionals who specialize in workplace violence assessment and are WAVR-21 certified. Ensure to verify their credentials and look for reviews or testimonials.

1. Training Providers: Institutions that provide WAVR-21 training may also offer consultation services or be able to recommend certified professionals. The creators of WAVR-21, for instance, offer training and consultation services.

1. Consulting Firms: There are many consulting firms specializing in workplace violence prevention and threat assessment that employ WAVR-21 certified professionals. Look for firms that have a solid reputation and extensive experience.

Once you have identified potential experts, consider the following:

Experience: Check the expert’s experience in workplace violence assessment. How many assessments have they conducted? What types of organizations have they worked with? Do they have experience in your specific industry?

Qualifications: Ensure that they are appropriately trained in use of the WAVR-21 instrument and check for any other relevant qualifications or certifications.

Approach: Talk to them about their approach to violence risk assessment. Does it seem comprehensive and systematic? Does it align with your organization’s needs and culture?

References: Ask for references from previous clients. Reach out to these references to learn about their experiences with the expert.

Remember that the process of finding an expert might take some time, but it is an investment that could potentially save lives, prevent harm, and protect your organization in the long run.

KC Poulin

KC is the CEO of CIS and an expert on community-based public safety, crime prevention in multifamily environments, security officer operations, and managing risks of predatory aggression (e.g., workplace violence, stalking, etc.).

October 6, 2022August 17, 2023

Barrier Delay Measures and The Double Edged Sword

While assisting a reporter after the Uvalde shooting, a question was posed that maybe warrants some discussion. During the interview, I described some examples of common physical security problems I encounter in schools including choice of classroom door locks among other issues.

Those who have read my previous articles or attended my courses have heard me preach against the use of “classroom-function” locks (ANSI F05 and F84) in favor of “office-function” locks (ANSI F04 or F82). The concern about “classroom-function” door sets is that they require a teacher to lock the door using a key from the outer side of the door. This may not sound like a big deal to a casual observer, but this situation is a recipe for disaster when a teacher needs to locate a set of keys, open a door to the hallway without knowledge of the gunman’s location, and manipulate keys under the debilitating effects of the Sympathetic Nervous System. And if a teacher is absent at the time an attack occurs, students in the classroom have no way of securing the door.

The concerns I’m describing are not hypothetical. We’ve had a number of shooting events where doors equipped with classroom-function locks remained unlocked due to these reasons. A few examples of incidents where this situation clearly contributed to unnecessary casualties include the 2012 Sandy Hook Elementary shooting and 2007 Virginia Tech attack.[i] [ii] In those two events alone, 26 students and faculty were killed and 24 wounded specifically because of difficulty locking these doors.

By specifying “office-function” locks which feature a button or thumb turn, we can eliminate all these concerns.

Now here’s the question posed by the reporter…She asked if the ease of locking doors with “office-function” locks could be exploited by an attacker to barricade themselves inside a classroom to delay entry by police (as originally suspected in aftermath of the Robb Elementary School shooting).

And the answer is absolutely yes.

Although this situation is not common, we have had a number of events in the past where gunmen locked and barricaded themselves with victims to delay intervention by authorities. As a few examples:

- In 2019, a student perpetrator removed the magnetic strip covering a strike plate to lock a classroom door when he and another shooter opened fire on fellow students at the STEM Highlands Ranch School.

- In 2007, SHC used chains and a padlock to secure the exterior doors of Virginia Tech’s Norris Hall. A similar situation also occurred involving a chain and padlock at the Irvine Taiwanese Presbyterian Church in 2022

- In 2006, CCR boarded up the doors and windows during the West Nickel Mines school massacre.

In each case, the objective of the perpetrator was to delay intervention by authorities.

Another related concern is the issue of access-controlled door locks and potential interference with entry when police arrive on scene. This matter contributed to access complications during the 2015 attack at the Inland Regional Center in San Bernardino. And during the 2013 Washington Navy Yard shooting, police required use of an access badge recovered from a deceased security officer to enter secured areas of the building.[iii]

Now returning to the news interview, the implied question was if it would be better to have classroom function locks and weak barriers that can be easily breached by responding police.

And the answer is absolutely not.

Although a gunman can easily lock an office-function lock without a key and access-controlled locks can complicate police entry, the importance of reliable door locking and building security greatly supersedes this concern. Bottom line, we need to effectively delay the bad guy while also expediting armed response. Those are both universal priorities in security design against active shooter violence.

To address concern about law enforcement access into secured buildings, there are approaches for dealing with that problem without compromising effective security.

First, all door locks to rooms where people may take refuge should ideally be keyed on a building or campus-level master key. Although distribution of master keys to employees should be carefully restricted, several master keys should be kept on rings and secured in a location reliably accessible to arriving police. This location can include a Knox Box or go-bag stored in a safe location outside the building (such as a security gate house). Likewise, if the facility employs an access control system with badge readers, an access badge with full privileges should be attached to each master key ring.

As for concern about chained doors and police access through intrusion-resistant barriers (e.g., windows, etc.), many police departments now equip patrol units with bolt cutters, Halligan tools, and simple breaching aids specifically for this purpose.

However you decide to approach this matter, please do not ever compromise barrier performance for fear about impaired police response. As an old saying goes, that’s a “cure far worse than the disease.”

References

[i] Report of the State’s Attorney for the Judicial District of Danbury on the Shootings at Sandy Hook Elementary School and 36 Yogananda Street, Newtown, Connecticut on December 14, 2012. Office Of The State’s Attorney Judicial District Of Danbury, Stephen J. Sedensky III, State’s Attorney, N.p., 25 November 2013. pp.18

[ii] Mass Shootings at Virginia Tech. April 16, 2007. Report of the Review Panel. Virginia Tech Review Panel. August 2007. pp.13.

[iii] After Action Report Washington Navy Yard, September 16, 2013. Internal Review of the Metropolitan Police Department, Washington, D.C. July 2014. pp. 17.

Craig Gundry

August 25, 2022August 17, 2023

Safe Rooms, Classroom Security, & The Active Shooter

One of the most common problems we encounter in our work as security consultants is the absence of safe rooms and secure classrooms capable of providing sufficient delay during active shooter and terrorist attack events. In this article, we’ll explore ideal design criteria for safe rooms and important classroom security issues for addressing a wide spectrum of active shooter threats.

As discussed elsewhere in this series, most organizations concerned about active shooter violence have adopted the DHS ‘Run-Hide-Fight’ doctrine or related variations (i.e., “Run-Hide-Report”) as the basis for designing facility emergency action plans and training employees. This simplified guidance is presented as a prioritized list of preferred protective responses when an active shooter attack is recognized. “Run,” for instance, should always be the first option when the opportunity is present. If “Run” is not possible, then “Hide” is the next prioritized option.

Although “Run” (escape) is universally the preferred response, there are situations where “Hide” may be a necessary action due to the impracticality of rapidly evacuating people unable to take independent action for their personal safety (such as kindergarten students or nursing home residents). Additionally, there are often situations where trying to escape may be more dangerous than simply remaining in place. One good example is an attack launched at ground level in a multi-story building. In these situations, people rarely have accurate and real-time knowledge of the gunman’s location and safe routes of escape. Trying to evacuate from upper floors and through lower levels of a building is often far more dangerous than barricading in a nearby safe location.

In recent years, DHS has improved its presentation of active shooter education with more detailed guidance about circumstances that warrant different responses. Although single syllable words (“Run-Hide-Fight”) are easy for the public to remember, limited understanding can easily result in unsafe actions. “Hide,” for instance, is vague and implies no other essential protection than concealment. In our employee training programs, we use the term “Barricade,” which describes the recommended action more clearly. Simply put, hiding should never be regarded as a safe action unless the location provides adequate protection against forced entry.

To facilitate safe “Barricade” during armed attacks, facilities should ensure adequate availability of safe rooms and classrooms for people to take refuge if escape is not feasible.

In the security and emergency management communities, the term “safe room” often has varying definitions depending on purpose. In the executive protection industry, this term often implies a room engineered to provide significant delay against intrusion by a committed adversary employing advanced entry methods, ballistic protection, special life safety systems, multiple modes of communications, supplies to sustain extended refuge, etc. For organizations such as FEMA, the term broadly applies to any room or indoor shelter area designed to protect occupants from a hazard such as tornados, outdoor hazardous materials incidents, and other threats.

For the purpose of this article, a safe room (or secure classroom) is any room designated or constructed for the purposes of providing reasonable delay against forced entry considering the methods and tools likely to be employed by an active shooter.

So how much delay is necessary for a safe room to be considered “safe?”

The U.S. Department of Defense’s Unified Facilities Criteria UFC 4-023-10 answers this simply: “For the Forced Entry tactic, specify the required protection time based on the response time of the security forces determined in security forces evaluation in addition to the DBT [Design Basis Threat] and the LOP [Level of Protection].”

Simply stated, a safe room should delay an adversary from forced entry into the room long enough to allow the response force to intervene and neutralize the adversary. The necessary delay time being determined by the response force time and the methods and tools likely to be used by the attacker in penetrating the room.

From a textbook perspective, this is the correct answer and the ideal objective of performance-based physical security design. Although there are situations where this type of textbook approach is justified, in many workplace situations, designing safe rooms according to ideal performance-based goals is impractical and unnecessary when considering the historical behavior of attackers during active shooter events.

In a previous article, we explored the topic of adversary effort and commitment to attack people located inside locked rooms. In most attacks, adversaries focus on targets of easiest opportunity while moving through the building using visually-obvious routes and unlocked/unobstructed portals (e.g., doors, windows, etc.). In most previous attacks where adversaries committed effort to forcibly enter secured rooms, intervention by police or security forces was delayed and attackers had exhausted all available targets. The majority of these situations occurred in locations where terrorists employed assault teams or security forces were unprepared for immediate tactical response (e.g., Libya, Afghanistan, India, Kenya, etc.). And in these types of environments, DoD’s performance-based approach is often justified.

In Western countries where the majority of attacks are committed by a single active shooter and police intervention is typically under 20 minutes, a delay time of 45 seconds or more is often effective at frustrating forced entry and achievable without significant expense.

In these situations, I recommend designating or upgrading an abundant number of rooms throughout the facility to function as safe refuge rooms. This is especially critical in facilities where it is expected that vulnerable populations will refuge during an attack such as schools, nursing homes, and hotels. In these cases, all classrooms, guest rooms, and any other rooms where people are expectedly located should be capable of delaying forced entry by 45 seconds or more. In office-type situations, we recommend that there are at least several rooms on each floor and wing of the building that meet this basic criterion. This can include conference rooms, restrooms, break rooms, storage rooms, and offices which are reliably accessible to employees.

Basic Safe Room and Classroom Security Criteria for Active Shooter Protection

As a minimum, all rooms designated for safe refuge should feature intrusion-resistant doors and mechanical locks with a button or thumb turn.

As a general rule, outward-swinging doors provide the best protection against exterior ramming force due to resistance of the rebate within the frame. Additionally, adversaries attempting to pull open locked outward-swinging doors without the aid of tools are at a mechanical disadvantage. If rooms earmarked as potential safe rooms feature existing inward-swinging doors, door hardware (e.g., locks, strikes, and frames) should be carefully specified to ensure adequate resistance against ramming force.

Most doors certified under forced entry standards are constructed of steel. However, indoor rooms potentially earmarked for use as safe rooms in offices and schools are often equipped with solid core wood or solid wooden doors. Solid core doors are constructed with a composite wood core and overlaid with hardwood veneer for aesthetic appearance. The times required to penetrate solid core and solid wooden doors using methods likely to be used during active shooter attacks has never been published. Nevertheless, for protection against a gunman employing impact force without additional tools, solid door leafs (regardless of construction) are unlikely to be the point of failure when compared to the potential vulnerability of locks, strikes, wooden frames, and vision panels.

For protection against entry by buttstock impact and kicking, all lever and knob sets on safe room doors should ideally be rated ANSI/BHMA A156 Grade 1 or have a minimum Security Grade of 4 under Europe’s EN 12209. Mechanical locks rated ANSI/BHMA Grade 1 and EN 12209 Security Grade 4+ have been successfully evaluated under a variety of static force and torque tests.

All mechanical locks on safe room doors should be classified as “office-function” locks (ANSI mortise F04 or bored F82) featuring buttons or thumb turns for ease of locking under stress. In several previous active shooter attacks, critical doors on rooms where people were seeking refuge remained unlocked during the event due to the absence of a key. And as discussed in previous articles, good preparation for active shooter events should anticipate the effects of the Sympathetic Nervous System (SNS) on employee response. During high stress events, the SNS is often activated with impairing effects on cognitive function and fine motor coordination. These negative effects of the SNS can interfere with even simple tasks such as locating and manipulating keys.

Ironically, considering the history of active shooter attacks in American schools, locks classified by ANSI as “classroom function” (mortise F05 and bored F84) are perhaps the worst choice for safe room applications and should be avoided when possible. Classroom function locks are only lockable by a key from the outer side of the door. Not only do these locks require a key, but they also require the occupant to open the door and reach into the hallway to secure the lock.

Door vision panels and indoor windows on safe rooms should ideally be 96 in² (619 cm²) or smaller in accordance with U.S. DoD guidelines. We also recommend that any unprotected glass windows or vision panels within arm’s reach (approx. 36″ or 91.5 cm) of door handles and locks have a width of no more than 1.5″ (3.8 cm). If window dimensions do not conform to the aforementioned guidelines, glass should be replaced with intrusion-resistant materials such as laminated glass, polycarbonate, or upgraded with properly-attached anti-shatter film.

All windows and door vision panels should also feature blinds, shades, or curtains to conceal occupants while refuging in place.

In low-risk situations where the primary design objective is to simply frustrate adversary access, partition walls and drop ceilings are low priority concerns compared to doors and glazing. As described earlier in this article, armed attackers most often use visually-obvious portals (e.g., doors and windows) as their main pathways for movement. Although entry through drop ceilings is certainly possible, our research has not revealed any active shooter attacks to date where drop ceilings or vulnerable gypsum-board walls were exploited as a means of accessing people located in locked rooms.

Following is a summary of our criteria for a basic-level safe room/classroom applicable in most workplace and school situations.

In locations where the majority of attacks are committed by a single attacker and armed security or police response is typically under 20 minutes, a delay time of 45 seconds or more is often effective at frustrating forced entry. Rarely in these situations do we find adversaries committing time and effort to enter locked rooms unless encouraged by the presence of obvious vulnerabilities.

In many facilities, establishing a versatile availability of rooms that meet this 45 second delay objective is easily achievable. In many facilities I work with as a consultant, there are often vulnerabilities that need to be addressed resulting from original design (such as tempered glass windows or poor locks), but rarely does the situation require major expense.

However, situations occasionally arise which require a creative solution or more robust protective measures. Let’s explore some approaches to these challenges…

Facilities and Schools With Minimal Safe Room/Classroom Options for Active Shooter Protection

One challenge that arises frequently is facilities designed with large open workspaces with few existing rooms sufficient for designation or upgrade as safe rooms. Some common examples include call centers, warehouses, industrial plants, entertainment facilities, and event centers. I also encounter this situation frequently with recently constructed office buildings in Europe (and a few in the US) where planners and architects have designed buildings with open floorplans to engender team collaboration or non-hierarchical workplace culture.

We also find a related problem in buildings where architects have made extensive use of tempered glass glazing in indoor wall construction. In these situations, there are often plenty of rooms present, but the cost of upgrading or replacing glazing throughout the building would be astronomical.

In any of these cases, begin by first upgrading whatever rooms are available even if it’s only a few. I encountered this situation when working with a landmark building a few years ago—120,000m²of floor space with interior walls exclusively constructed of glass. The only rooms which had solid walls on most floors were restrooms and break rooms. So we started by making sure those rooms met essential criteria for use as safe refuge rooms while additional improvements were budgeted in a phased manner.

Another step may be constructing a limited number of rooms for use as safe refuge rooms while serving another role in day-to-day operations. One example was a government office building with open office workspaces on each floor. In this case, the solution was to construct a new conference room in a central area on each floor according to our safe refuge room specifications.

In situations where we need to rely on a limited number of safe rooms, it is crucial that the rooms we designate or upgrade are accessible to most employees when an attack occurs. For instance, a storeroom or manager’s office that is only accessible with a key possessed by a limited number of employees should not be considered as reliably available for this purpose.

If the facility has an access control system, one method of approaching this problem is to install badge readers and electromagnetic locks on these doors in addition to an “office-function” lock or single-cylinder deadbolt. During normal operations, the door remains secured using the mag lock and the mechanical lock remains unlocked. The system is then programmed so authorized employees can access the room using their access badge. However, when an armed attack event occurs, a lockdown macro programmed in the access control system is programmed to unlock this door now making it accessible to all employees. Employees refuging inside the room can then use the mechanical lock to secure the door.

As an example of this application, I had a situation with a large private school where there were very few options for safe refuge rooms in a shared arts center and athletic building. But there was a theater classroom (“black box theater”) with sufficient occupancy space for a large number of students. However, the theater room was normally secured using a mechanical lock operated by a key only possessed by theater teachers and facilities staff. To remedy this situation, the mechanical lock was kept unlocked and a mag lock was installed on the door operated by faculty badges. The access control system was subsequently programmed to unlock this door through a lockdown macro during attack events, thus making this room available to all students who can then secure the door manually using the mechanical lock.

If concerns about occupancy volume or ease of accessibility still remain after upgrading existing rooms and/or building new ones, egress design and ease of escape become top priorities (as explored in earlier articles of this series).

Advanced Safe Rooms for Active Shooter Applications

As discussed in an earlier article in this series, most active shooter attacks in Western nations are resolved by police (or suicide) in less than 20 minutes. Rare events (such as the 2016 Pulse Nightclub and 2015 Bataclan Theater attacks) had event durations as long as two hours. In these situations, a basic level safe room with a delay time of 45 seconds or more is often effective at frustrating forced entry by a gunman and achievable without great expense. However, in regions such as Africa and Southwest Asia, attacks frequently result in hostage-barricade situations due to the reluctance of police/security forces or remote location of attacked facilities (e.g., 2013 In Amenas Gas Refinery). In these types of situations, it should be expected that adversaries will have greater time, tools, and commitment to forcibly enter safe havens and secured refuge rooms.

To reliably achieve the types of delay times warranted during siege events and high-risk situations, safe rooms should be designed to provide six-sided protection (ceiling, floor, and walls) using barrier materials with similar delay time values. Wall barriers should also extend from floor-to-solid ceiling including any drop ceiling space.

Intrusion-resistant walls can be constructed using materials such as reinforced concrete, filled masonry block, expanded metal mesh, and polycarbonate-composite wall panels.

Reinforced concrete walls provide the best delay time performance against adversaries using limited toolsets. According to tests documented by Sandia, 4-inches of reinforced concrete with No. 5 rebar on 6-inch centers will provide approximately 4.7 minutes of delay against penetration with hand tools (including saw). If our threat definition is an adversary relying solely on firearm penetration and blunt object impact, reinforced concrete of any dimensions will provide almost indefinite delay.

Contrary to what many assume, unfilled concrete masonry unit (CMU) block walls provide minimal delay against forced entry and only slightly better performance than drywall against some methods of penetration. According to data published in the Barrier Technology Handbook, the mean delay time for penetrating an unfilled CMU block wall is only 36 seconds by the use of a sledgehammer. Unfilled CMU block walls are also susceptible to damage by rifle projectiles and may crumble when struck repeatedly by gunfire. For better performance in delaying forced entry, CMU block walls should be fully grouted and reinforced with rebar. According to tests documented by Sandia, filled 8-inch CMU walls with No. 5 rebar on 14-inch centers provide approximately 1.4 minutes of delay against penetration with hand tools.

Supplementing exterior drywall layers with a securely attached inner layer of expanded metal mesh is a common method of retrofitting existing walls for improved resistance against forced entry. Expanded steel constructed of 9-gauge 3/4-inch diamond mesh is a common material specification for this purpose. In this type of wall design, the expanded metal mesh is installed on the inside of the protected room and secured to wall studs by using deep screws and fasteners specially designed for this purpose. The expanded metal barrier layer is then overlaid with gypsum board or plywood. According to Sandia, a wall constructed of two layers of 3/4-inch plywood, two layers of gypsum board, and an expanded metal mesh interlayer can provide as much as 6.5 minutes of delay against penetration with hand tools.

Despite the popularity of 9-gauge material as a safe room design specification, money can often be saved by using a lighter mesh without compromising performance. If the threat definition is an adversary equipped solely with a firearm, static and dynamic impact force will be the main mechanisms of penetration, and overall strength of the fastening system will be more important than thickness of the metal fabric.

If ballistic protection is desired, walls constructed of 4-inches reinforced concrete, 8-inch filled CMU block (grouted full), and 8-inches of brick have been successfully tested by U.S. DoD to resist penetration by 7.62x51mm ammunition. Another option is constructing walls using fiberglass wall panels rated under bullet resistance standards such as UL 752, ASTM F1233-08, and EN 1063. Minimum specifications for protection against military small arms (5.56mm) would be UL 752 Level 7, F1233 R1, or EN 1063 BR5. More conservative specifications encompassing 7.62x51mm would be UL 752 Level 8, F1233 R3, and EN 1063 BR6.

If the risk level and design approach warrants door systems rated for tested delay times, doors certified under SD-STD-01.01, ASTM F3038-14, CPNI MFES, LPS 1175 have been tested against a variety of forced entry methods and often exceed requirements for protection during armed attacks. If the threat definition identifies an adversary solely employing firearms and expedient tools, any door certified under SD-STD-01.01, ASTM F3038-14, CPNI MFES, or LPS 1175 will likely far exceed performance as suggested by its certified delay time rating.

If our design objective requires ballistic protection, doors rated UL 752 level 7+ or EN 1522 FB5+ should be specified. Additionally, all doors rated under SD-STD-01.01 have been tested against penetration by 5.56mm, 7.62x51mm, and 12-gauge shotgun.

As discussed in the first part of this article, all lever and knob sets on safe room doors should ideally be rated ANSI/BHMA A156 Grade 1 or have a minimum Security Grade of 4 under EN 12209. If the design objective is to delay penetration by a committed adversary or the threat definition includes a diverse range of entry tools, locksets should also be augmented by the installation of an independent deadbolt lock. In situations where greater delay times are required or adversaries are expected to employ improved toolsets for entry, multi-point deadbolt systems provide the best protection.

Although forced entry by ballistic attack against locks and hinges has been rare during active shooter events, a number of incidents have occurred where adversaries forcibly entered/or attempted to penetrate rooms by destroying door locks with gunfire. Specifying doors certified under SD-STD-01.01, UL 752 level 7+, or EN 1522 FB5+ will address this concern. Another approach is installing a surface-mounted deadbolt lock on the inside of a solid wooden or steel door. Although most solid wooden and steel pedestrian doors are vulnerable to penetration by small arms, the door material will provide some reduction in bullet velocity and conceal the location of the lock to reduce hit probability.

As a general rule, window and door glazing should be avoided in high risk situations or applications where designers seek ambitious delay goals. Although there are glazing products capable of high delay times, such systems are quite expensive by comparison to the price of wall construction and doors. If windows are unavoidable, I recommend designing all windows in accordance with U.S. DoD recommendations—96 in2 (619 cm2) or smaller and no wider than 1.5″ (3.8 cm). For bullet resistance, specifications for protection of glazing against military small arms include EN 1063 BR5-BR7, UL 752 Level 7-9, and ASTM F1233-08 R1-R4AP.

Following is an example of how these criteria may be applied in designing a safe room with a delay time objective of 30 minutes or more.

Safe Room Kits

In environments where armed attacks have frequently resulted in siege events with durations longer than 24 hours, consider providing a kit in all safe rooms with instructions for sheltering and essential supplies.

As a starting point, kits should include basic supplies for sustaining occupants throughout the expected duration of an event including a food ration of 1,500 kcal per person, per expected day of sheltering. Although the Total Daily Energy Expenditure (TDEE) of most adults is 2,000 calories or more, a short term diet of 1,500 kcal per day is sufficient to satisfy hunger without compromising an occupant’s decision-making capabilities or energy for escape if necessary. If the safe room does not have toilet and sink, consider including hand sanitizer, water, extra-large zip lock bags, and toilet paper to facilitate hygiene needs.

Numerous victims have died from gunshot wounds due to delayed medical treatment while sheltering during siege situations. To help address this concern, consider equipping each safe room kit with one or two hemostatic dressings. Hemostatic dressings are large bandages impregnated with a clotting agent designed to delay hemorrhage from trauma wounds under the expectation of delayed hospital treatment.

If safe rooms have exterior (outdoor) windows, infrared chemical lights are another supply to consider. During siege events, one of the first priorities of police and security forces is trying to determine where people are hiding inside the building. To assist this process, occupants sheltering inside safe rooms can be instructed using emergency communications systems when to break the IR chemical light and hold it against the window. Security forces outside the building equipped with night vision equipment will be able to see the IR chemical lights. Others without night vision equipment (e.g., terrorist handlers, bystanders, news media, etc.) will be unable to view which rooms are occupied. To implement this measure correctly, instructions should be provided in the kit for use of the chemical light and how the order to break the chem light will be communicated to occupants.

References

UFC 4-023-10, Safe Havens. US Department of Defense, N.p.: 2010. pp. 11.

ANSI/BHMA A156.13, Mortise Locks and Latches. Builders Hardware Manufacturers Association (BHMA), New York, NY, 2011.

EN 12209, Building hardware – locks and latches – mechanically operated locks, latches and locking plates. European Committee for Standardization, Brussels, 2016.

UFC 4-023-10, Safe Havens. US Department of Defense, N.p., 2010.

SD-STD-01.01, Revision G. Certification Standard. Forced Entry and Ballistic Resistance of Structural Systems. U.S. Department of State, Bureau of Diplomatic Security, Washington, DC, 1993.

ASTM F3038-14, Standard Test Method for Timed Evaluation of Forced-Entry-Resistant Systems, ASTM International, West Conshohocken, PA, 2014

Barrier Technology Handbook, SAND77-0777. Sandia Laboratories, 1978. pp. 4.2-6

Ibid. pp. 4.5-2

The vulnerability of unfilled concrete block walls to penetration and potential failure by gunfire is well demonstrated by numerous “backyard test” videos posted on YouTube. Most videos posted on YouTube display the vulnerability of stacked block walls without mortar. Finished walls will likely be more resistant to critical failure. Example: https://www.youtube.com/watch?v=Hxn8TS9cb3o

Barrier Technology Handbook, SAND77-0777. Sandia Laboratories, 1978. pp. 4.5-2

Ibid. pp. 4.9-1,2

UFC 4-023-07, Design To Resist Direct Fire Weapons Effects. US Department of Defense, N.p.: 2008.

UL 752, Standard for Bullet-Resisting Equipment. UL, N.p.: 2005.

ASTM F1233-08, Standard Test Method for Security Glazing Materials And Systems. ASTM International, West Conshohocken, PA, 2013

EN 1063:2000, Glass in building – Security glazing – Testing and classification of resistance against bullet attack. European Committee for Standardization, Brussels, 2000.

UFC 4-023-10, Safe Havens. US Department of Defense, N.p., 2010. pp. 42

Craig Gundry

February 8, 2021August 17, 2023

The Capitol Hill Riot: A Case Study in Securing Buildings Against Violent Intrusion

US Capitol Hill Riot - Case Study of Security Failures

The Capitol Hill Riot: A Case Study in Securing Buildings Against Violent Intrusion

Like many people, I watched the riot at the US Capitol on 6 January unfold live through reporting on TV. And as most, I was horrified to witness the surreal desecration of America’s most sacred symbol of democracy unfolding moment-by-moment. And as a security professional, that horror was amplified even further as I witnessed a cascading series of security failures with full awareness that angry mobs easily turn deadly when group passion supersedes rational judgement.

The next day, as America recovered from its emotional hangover, the leadership of the US Capitol Police was quickly called to reckon. There are obviously many, many questions which need to be answered.

The aim of this article is not to cast judgement about specific matters of security at the Capitol or attribute blame to specific parties. Any statements I could make beyond general critique at this point would be like “playing armchair quarterback without watching the entire game.” No doubt, there will be a comprehensive investigation of the incident and contributing factors which will result in an authoritative report. Rather, our aim in this article is to explore how security measures can be designed to avert similar disaster for the benefit of colleagues protecting other high-risk buildings around the world.

The remainder of this article is posted on the web site of our sister company, the S2 Safety & Intelligence Institute. Click here to read this article in its entirety.

Craig Gundry

March 30, 2020May 26, 2021

Egress Design and The Active Shooter Threat (Pt. 10)

Egress planning is often regarded as a life safety matter with influence on security, but otherwise a discipline independent from physical protection. However, when preparing facilities for active shooter violence, egress design should be approached as an integral component of our protective strategy.

As discussed in earlier articles in this series, security measures and facility preparations should be carefully designed to augment and anticipate the actions of building occupants. For people located at ground level during an attack or in building locations without safe refuge options, escape (what DHS calls ‘Run’) is the preferred response. To effectively facilitate this response, escape routes should be readily available that permit fast and unobstructed egress to safe outdoor locations away from the facility.

Although all buildings are required to comply with life safety codes related to emergency egress, International Building Code (IBC), NFPA 101, International Fire Code (IFC), and municipal codes often fall short in considering the unique dynamics of evacuation during armed events. Historically, these codes were designed with fire as the focus and don’t fully account for issues such as severe impairment of evacuees due to sympathetic nervous system (SNS) activation, the unpredictable actions of mobile attackers, and lack of situational awareness that may render multiple exit routes unsafe or at least perceived by evacuees as potentially-dangerous.

Many facilities rely on the advice of fire marshals and the results of inspection reports as a measure of readiness. Candidly speaking, this is a major concern. Aside from the inadequacy of current regulations, I often find violations of existing code during my work as a consultant that have somehow survived years of inspection.

So let’s take a walk beyond IBC and NFPA and explore considerations for designing an egress plan optimized to support response actions during active shooter events.

Egress Routes

To ensure building occupants have options for escape regardless of an attacker’s location, alternate egress routes should exist from all normally-occupied areas providing versatile access to safe exits. In most situations, providing two or more alternate egress paths from each occupied area (routed in different directions) is sufficient.

In newly-constructed buildings, identifying alternate egress paths isn’t usually difficult. In facilities constructed before modern building code, options are often limited.

During the 2008 assault on the Leopold Café in Mumbai, approximately 30 people were eating dinner in a narrow corridor of booths located on the second level when the attack commenced.[1] There was only a single stairwell and no room on the second floor capable of safe refuge. Fortunately for those on the second floor, the terrorists were satisfied after killing ten people and wounding numerous others and never noticed the unlocked door discreetly leading upstairs.

The Bataclan Theater in Paris, attacked by Islamic State terrorists in 2015, was another example of a building with limited escape options. At the time of the attack, there were three exits accessible to the public. One was the main entrance on Boulevard Voltaire and two emergency exits which discharged into an alley on the south-side of the building.[2] With the main entrance blocked by the terrorists’ presence, people located on the dance floor and north-side of the building had no way to escape without passing the attackers’ aim.

Installing new exits is the obvious solution to this problem. However, in situations where there are no options due to adjacent buildings (such as the Bataclan Theater) or similar circumstances, consider upgrading or constructing rooms for safe refuge purposes. As an additional measure, explore options for providing unconventional routes of escape as described later in this article.

The capacity of exits is another matter to consider. In situations where it is predictable that attackers will approach from a specific direction, expect a panicked reaction as everyone seeks to escape away from the gunman’s location. When faced with an imminent threat, people instinctively flee the direction of harm. Now if there are few people in the area, this type of reaction usually poses no special problems. But locations where this concern arises are often highly-populated and confined areas with limited exit options.

As discussed in Part 6 of this series, many armed attacks by outsider adversaries originate through public entrance doors and shooting commences immediately. This behavior has been very consistent in attacks against public buildings such as nightclubs, churches, and museums. In this situation, the natural reaction of people is to flee toward the opposite side of the room often resulting in tripping, trampling, and a bottleneck near whatever exit doors are present.

In some cases, the presence of furniture and other obstructions prohibit many from even reaching the exits. This situation has been especially common in attacks against church sanctuaries where the location of pews often block people from quickly reaching exits in the front of the room.

If this concern is foreseen during the initial design phase, solutions are often easy and don’t require major investment. For those with existing buildings, remedy often involves some expense.

If dangerous congestion is predicted at single-door exits, consider enlarging the present exits with the use of double-doors. If enlargement is insufficient or the situation prohibits modifying existing exits, consider installing new exits as illustrated in the following example.

In some cases, the situation can be eased by simply working with what’s available. In several buildings we’ve assessed with this concern, locked doors were present in areas where congestion was predicted providing access to service corridors or private hallways. By unlocking these doors and equipping them with appropriate hardware, we can provide an additional route of escape and ease congestion at the existing exits. However, implementing this solution may require other measures to address new concerns about public access into previously secured areas.

As a final point about escape paths, egress routes should be intuitive and simple to navigate under high-stress conditions. Several years ago I conducted an assessment of a community center building during the final phase of a major renovation. Unfortunately, most construction was nearly finished before we had a chance to offer useful comment. One of my greatest concerns in this situation was the addition of a new building level (earmarked for after-school programs) featuring two stairwells that discharged one level below into a second-floor hallway. After exiting to the second floor, evacuees were required to proceed down the hall to access a different stairwell in order to reach the first-floor exits. Despite the approval of local authorities, this type of complex egress path should be firmly avoided in active shooter planning. In the absence of any alternatives, our advice was to build a robust safe room in the kids’ area with sufficient capacity and train staff that lockdown is their only safe response during an attack.

Exit Signage

Exit signage should be clearly visible inside all work areas and hallways and direct evacuees to the most accessible stairwells or discharge doors. These are obvious points, but this subject is a common problem in many facilities. Where I encounter this issue most frequently is in renovated buildings that have changed their original room configuration or created expansive workspaces with cubicle walls. When facilities reconfigure walls and don’t update exit signage correspondingly, the result is often chaos—Signage directing evacuees to dead ends or locked doors, signage leading into areas with no further direction, locations where no signage is visible, etc.

Another problem, albeit less common, are situations where signage was incorrect from the beginning. Some time ago, I encountered a facility where the exit signage plan was similar to a puzzle game. Most arrows directed me in a circuitous loop around the outside of the floor and nowhere near the exit stairwells (which were positioned in interior hallways). Realizing I was walking in a circle, I followed alternate directional arrows and found myself at a dead end elevator landing with no nearby exits. Bear in mind, we’ve been conducting assessments of this type for years. If I can’t find my way out of a building, it’s likely a deathtrap during an active shooter attack.

If a building is configured with tall cubicle arrangements or corridors constructed of glass walls, consider placing directional signage on the floor if overhead visibility is a problem. In facilities like this, ceiling-mounted exit signage is often difficult to locate due to obstruction or the hall-of-mirrors type atmosphere often created in narrow corridors lined by glass. In these cases, providing additional signage on floors is often effective.

Emergency Stairwells

Exit stairwells should be well illuminated and clear of obstructions. Although these points are universally mandated under building and fire codes, this is another common area of concern.

On the subject of stairwell lighting, IBC permits illumination levels of 1 fc (10.8 Lux) and NFPA dictates 10 fc (108 Lux).[3] [4] Regardless of your location and regulatory mandates, I strongly recommend adopting the NFPA specification of 10 fc (108 Lux) as a minimum guideline. Over the years, I have assessed a number of facilities (particularly in Europe and the Middle East) where stairwell illumination was so poor I needed to use a flashlight to safely navigate the stairs.

Obstruction is another common problem. In the absence of adequate storage rooms, many facilities resort to stairwell landings as convenient spaces for overflow.

The location of stairwells is another issue to consider. In armed attacks against multi-floor buildings, the ground-level is often where the attack originates and may be a dangerous location while an event is active. If building occupants are not aware of the exact location of the threat, the combined effects of fear and lack of situational awareness may make people hesitant to evacuate if they need to navigate through interior hallways to access exits. This issue is often compounded further by the effects of the SNS on problem-solving ability.

To address these concerns, emergency stairwells should ideally discharge directly outdoors through exit doors at ground-level. Stairwells that discharge into lobbies or central hallways should be strictly avoided. If a facility has stairwells that discharge into potentially hazardous areas, employees should be warned of which stairwells to avoid as part of their active shooter training.

If an exit stairwell has multiple doors at ground-level, signage should be clearly visible indicating the proper door for discharge. Although this is not a common problem, I occasionally encounter situations where there are multiple doors at the base of a stairwell and no clear indication of which is the proper exit door. In this situation, choosing the wrong door may be a fateful decision.

Another matter to consider is the possibility of stairwells being used by attackers in navigating the building. During attacks inside multi-level structures, adversaries frequently use stairwells to move between levels. A few examples include attacks at the Virginia Beach Municipal Center (2019), Corinthia Hotel Tripoli (2015), and Washington Navy Yard (2013).[5]

Addressing this concern raises several challenges.

First, it is often cost-prohibitive to install CCTV cameras in stairwells in a manner suitable for tracking movement between floors (and especially in high rise structures). So if we have a control room employing CCTV to monitor the progress of attackers, stairwells are often a blind spot. Second, although IBC permits interior stairwell doors to be locked against entry from the stairwell side, code requires that interior stairwell doors are “capable of being unlocked simultaneously without unlatching upon a signal from the fire command center…[or] signal by emergency personnel from a single location inside the main entrance…” [6] NFPA regulations are different in detail, but the same concern is present. As discussed further in this article, the fail-safe operation of electrified locks is a major concern during active shooter attacks.

To address the possibility of adversaries navigating floors by stairwell, it may be permissible in some locations to install barriers inside existing stairwells featuring secured egress doors and exit bar devices to restrict upward movement. The photo below is an example of this type of barrier using wire mesh and an acrylic panel to prevent manipulation of the door handle. Although I like this approach in concept, code requirements should be carefully assessed before implementing this type of measure.

If the Design Basis Threat is an outsider adversary and placing barriers inside stairwells is permissible, I recommend installing them between ground-level and the next higher floor. This recommendation is based on the fact that most attacks by outsiders initiate at ground-level. In the case of buildings with interior public staircases providing access to second or third levels (such as a hotel with a mezzanine), the placement of stairwell barriers should be adjusted accordingly.

Exit Doors

Exit doors should be clearly visible and identified by overhead signage. Although this is not a common issue of concern, situations occasionally arise where architects have visually concealed the exit doors to create a unified aesthetic appearance. Following is an image illustrating this concern provided by Lori Greene, Manager of Codes & Resources at iDigHardware (Allegion).

Avoid the use of electromagnetic locks on egress doors!

Although mag locks offer versatile benefit in access control design, they present several problems during active shooter attacks. First, building and life safety codes universally require that egress doors equipped with mag locks fail safe (unlocked) during fire alarms. In this situation, every alarm pull station inside the building is a ‘virtual master key’ and will compromise all doors equipped with mag locks with one pull of a handle.[7] We have had multiple attacks where fire alarms were manually activated by building occupants (e.g., 2013 Washington Navy Yard), activated by smoke or dust (e.g., 2018 Marjory Stoneman Douglas HS, 2008 Taj Mahal Hotel Mumbai, etc.), or used by attackers to deceptively herd victims outdoors for ambush (e.g., 1998 Westside Middle School, 2013 UCF, 2015 Corinthia Hotel Tripoli, etc.).[8] [9] [10]

In addition to fire alarms, mag locks also fail safe if electricity is disrupted for any reason such as an extended power outage or if lines are damaged during an explosion. This is a particular concern in situations where the Design Basis Threat includes terrorists employing body-worn IEDs.

As an added concern, electromagnetic locks require door-mounted exit hardware (e.g., switch, lever, etc.) or alternatively, an exit sensor to unlock egress doors when an alarm is not activated. In many facilities I encounter, solitary wall-mounted push-to-exit (PTE) switches are used for this purpose despite code requirements stipulating door-mounted hardware or exit sensors. Furthermore, PTE switches used for this purpose are often small in size and easily overlooked when people are trying to escape under high stress conditions. Poor placement of PTE switches compounds this problem even further. During assessments, I often find PTE switches mounted away from doors in a manner that requires evacuees to stop and scan the area for a switch.

As a tragic example of this concern, in the 2019 shooting at the Al Noor mosque in Christchurch, 17 people were killed while trapped at an exit door operated by a PTE switch. [11] It is unclear from news reports whether the door failed to open because of an electrical problem or if there was difficulty by evacuees in locating and operating the PTE switch.

Exit sensors for mag locks often pose a different problem. If an exit sensor is placed above doors in a high traffic area, every time someone passes the sensor the door is unlocked. I’ve encountered many facilities where intrusion was as simple as waiting outside a door for a few minutes and listening for a click.

An even greater concern is when facilities opt not to install PTE switches or exit sensors on doors as a means of restricting use for fire evacuation only. The image below displays a bank of controlled exit doors at the entrance of an expo hall. To direct patrons to a nearby revolving door, the facility management decided (in violation of code) not to install PTE switches or exit sensors. When I inquired about this matter, I was assured that the fire alarm and/or control room operator would disengage the doors during an emergency. Nevertheless, if the operator is disabled or delayed in responding to an attack, the consequences of mass evacuation through this area would be tragic.

For access control purposes, we generally recommend using electrified panic bar devices or electric strikes with mechanical hardware. During an evacuation, electrified exit bar devices operate identically to mechanical exit bars—push the bar and the door opens. Aside from ease of operation, doors equipped with electrified exit bars and electric strikes can remain secured during power disruption and fire alarms (withstanding stairwell doors and other situations as defined by code).

As a final point about access control, avoid the use of delayed egress on exit doors. Many facilities employ egress delays (15-seconds or 30-seconds) as a means of discouraging occupants from exiting through doors reserved for emergency purposes. Although egress delays are often useful for channeling occupants to designated exits, any measure which delays escape during an attack increases the risk of avoidable casualties.

The following video illustrates how long 30 seconds is while standing at an exit door during an active shooter attack.

Unconventional Exit Options

When normally discussing the topic of egress, ground-level exit doors are presumed to be the main points of building discharge. However, during active shooter events, there are often many opportunities for escape that don’t meet the standards of fire code.

For people located on higher building levels, it is often safer to escape upward toward the roof than downward through stairwells. During the 2015 Charlie Hebdo attack, employees of a company located on the third floor above the Charlie Hebdo office sought safety on the rooftop due to concern about gunfire penetrating their office. In the 2004 attack at the Oasis Compound in Saudi Arabia, two people hid on a roof for two days before rescue. Several employees at Washington Navy Yard’s Building 197 also took refuge on a roof rather than risk harm below.[12]

As part of active shooter training, advise employees about the availability of the roof as a safe area. And if the roof is presently locked, consider placing an escape key near all rooftop doors specifically for use during an active shooter event. If safety concerns override the decision to place escape keys near doors, consider installing electrified locks on the rooftop doors that can be released through a lockdown event macro programmed in the building’s access control software.

During an attack, any window less than three stories or aperture large enough to crawl is a potential route of escape. In the 2007 shooting at Virginia Tech’s Norris Hall, students in Room 204 escaped by jumping out the second story windows of their classroom.[13] During the 2016 siege at the Pulse nightclub, eight people escaped through an air conditioning vent with police assistance. In the 2013 attack at the Westgate Shopping Mall, people in a restaurant also escaped by crawling through an air vent.

If our present building has windows and other unconventional escape opportunities, make note of these options and advise employees during active shooter training. Simply mentioning the examples already cited in this article calls attention to the possibilities and provides a point of reference if employees ever find themselves trapped during an attack.

Now if we are working with an existing structure, it usually doesn’t make sense from a cost-benefit perspective to install new windows or make other building alterations specifically to facilitate unconventional modes of escape. An exception to this might be situations like the Bataclan Theater (described earlier in this article) where the absence of exits is a major concern and there are no options for remedy.

When designing new facilities, consider placing windows in select locations where it is likely people will be trapped during an attack. One example is public restrooms. Although public restrooms rarely feature door locks, they are commonly used by people seeking refuge during active shooter attacks. If we anticipate this problem and the restroom is adjacent to an exterior wall at ground level, install a 24” tall horizontal sliding window just below the ceiling to provide anyone trapped in the restroom with a possible means of escape. If this had been done at the Pulse nightclub, thirteen people might be alive today.[14]

Endnotes

[1] Details provided by a confidential source during the author’s visit to the Leopold Café in 2016.

[2] Details confirmed during the author’s visit to the Bataclan Theater in 2018.

[3] 2015 International Building Code. Chapter 10 (Means of Egress). International Code Council. N.p. 2015.

[4] NFPA 101 7.8.1.3 (1)

[5] After Action Report. Washington Navy Yard. September 16, 2013. Internal Review of the Metropolitan Police Department. Metropolitan Police Department. Washington, D.C. July 2014.

[6] 2015 International Building Code. Chapter 10 (Means of Egress). International Code Council. N.p. 2015.

[7] As a caveat to that statement, NFPA 101 states that the pull stations don’t have to unlock the doors: The activation of manual fire alarm boxes that activate the building fire-protective signaling system specified in 7.2.1.6.2(4) shall not be required to unlock the door leaves. (Comment by Lori Greene, iDigHardware)

[8] Initial Report Submitted to the Governor, Speaker of the House of Representatives and Senate President. Marjory Stoneman Douglas High School Public Safety Commission. January 2, 2019.

[9] After Action Report. Washington Navy Yard. September 16, 2013. Internal Review of the Metropolitan Police Department. Metropolitan Police Department. Washington, D.C. July 2014.

[10] Harms, A.G. UCF After-Action Review. Tower #1 Shooting Incident. March 18, 2013. Final Report. N.p. May 31, 2013.

[11] “’It doesn’t open’: Christchurch mosque survivors describe terror at the door” Stuff. March 28, 2019, https://www.stuff.co.nz/national/christchurch-shooting/111632051/it-doesnt-open-christchurch-mosque-survivors-describe-terror-at-the-door. Accessed 25 March 2020.

[12] After Action Report. Washington Navy Yard. September 16, 2013. Internal Review of the Metropolitan Police Department. Metropolitan Police Department. Washington, D.C. July 2014.

[13] Mass Shootings at Virginia Tech. April 16, 2007. Report of the Review Panel. Virginia Tech Review Panel. August 2007.

[14] Harris, Alex. “New details emerge about where the victims of the Pulse massacre died.” Miami Herald. June 14, 2017, https://www.miamiherald.com/news/state/florida/article144586874.html. Accessed 13 March 2020.

Craig Gundry

CIS consultants offer a range of services to assist organizations in managing risks of active shooter violence.
Contact us for more information.

March 17, 2020August 14, 2020

Considerations for Designing Active Shooter Protection Measures (Pt. 4)

Considerations for Designing Active Shooter Protection Measures (Pt. 4)

Parts 1 and 3 of this series surveyed important principles of physical security and facility preparation for mitigating the consequences of active shooter attacks. Although the concepts described in the preceding articles are universal, there are often unique circumstances that influence how these principles are best applied in different situations.

The following are some preliminary questions to consider with bearing on the practicality and prioritization of security measures.

Is it feasible to employ restrictive entry control and screening measures?

In an ideal situation, entrance into the facility is channeled to a limited number of secured entry points and all entrants are subject to verification and weapons screening before admittance. However, there are many situations where restrictive entry controls are impractical (or impossible) due to reasons of high volume of public traffic, cultural expectations, budget, or low-risk justification. Common examples of this situation include malls, hotels, train stations, entertainment districts, houses of worship, hospitals, multi-tenant office buildings, and similar facilities. This is also a common situation in schools and universities with complex campuses, or where concerns about negative impact on school climate, cost, and operational burden outweigh the risk.

In these situations, an adversary could access populated areas of the facility undetected before commencing an attack. To compensate for this, high priority should be given to measures that simplify rapid escape from public areas and expedite the actions of armed responders. In large buildings (such as multi-level office buildings, schools, hospitals, and hotels), alert communication is critical and safe refuge options should be abundantly available for people unable to escape or who are unaware of the threat’s location.

Although restrictive entry control may not be practical in these cases, it may be worth configuring an access control macro to facilitate the rapid lockdown of exterior doors and high-risk indoor locations if an attack is detected outdoors.

Are there groups of occupants present whose capability to respond is likely impaired or who are unable to easily evacuate during an attack?

This is generally the case in schools, daycare facilities, nursing homes, and hospitals. In these situations, alert communications and ensuring the availability of safe refuge areas are top priorities. In schools and daycare centers, all classrooms should meet criteria as basic-level safe rooms. In hospitals and nursing facilities where it is not feasible to secure patient rooms, measures should be implemented to rapidly secure wards and hallways wings occupied by vulnerable groups. Additionally, all employees caring for vulnerable populations should be trained in lockdown procedures and drill regularly to ensure reliable performance under stress.

In nightclubs and entertainment venues, we often have a different type of concern—alcohol. When considering other conditions typical in nightclubs and party venues (e.g., dense crowds, low lighting, loud music, light shows, etc.), alcohol is the final ingredient in a recipe for disaster. In previous nightclub attacks (e.g., Pulse, Reina, Bataclan Theater, etc.), the reaction of patrons was initially delayed by confusion and followed immediately by panic as occupants fled the direction of danger. To address this concern, priority should be given to designing intuitive and high capacity egress routes in directions away from the main entrance. Ideal preparation also includes options for direct escape from all locations inside the building (incl. restrooms, service hallways, etc.). To further address the problem of confusion, measures should be explored for quickly shutting off the A/V system and illuminating exit doors.

Are there large numbers of people present who are expectedly unfamiliar with the facility?

If yes, careful consideration should be given in the design and marking of egress routes, public notification systems, and training employees in procedures for directing guests’ response.

Does the interior layout of existing buildings provide ample options for occupants to take safe refuge?

In schools, hotels, and many office buildings, the existing indoor layout usually provides adequate options for designating rooms which can be easily upgraded to meet basic requirements as safe rooms. Where I often encounter problems with this matter are industrial facilities, telephone call centers, and office buildings with extensive use of indoor glass walls.

If budget permits, the preferred remedy is to construct (or upgrade) several intrusion-resistant rooms throughout the facility to provide accessible refuge options for employees regardless of location. As a minimum, we recommend at least one safe room per floor wing with adequate capacity for all employees in proximity. In call centers and office buildings with open floor plans, the newly constructed safe rooms can often serve a practical role as conference rooms during day-to-day activities.

If constructing safe rooms where needed is not possible, egress routes should be easily accessible and discharge directly outdoors. Additionally, employees should be trained to know that hiding in an unsecured work area is unsafe and escape is the preferred response when possible. Training should also include a discussion about optional egress paths (e.g., alternative exits, roof access, etc.) and high-risk areas to avoid during evacuation (such as first floor lobbies and central hallways).

If circumstances dictate that escape is the preferred response, situational awareness is critical and measures should be explored for monitoring the movement of attackers by CCTV and relaying real-time updates to employees.

Do cultural expectations or public image concerns restrict the employment of high profile security measures?

This issue frequently arises in corporate and hospitality facilities conscientious about branding. Many schools are also sensitive to this matter considering research by psychologists warning of the potential for negative impact on school climate. In many cases, this concern can be easily addressed by employing locks, barriers, and other hardware with a low profile appearance. Egress design, communications systems, and other infrastructure preparations are generally unnoticed by employees and the public.

Where concerns about high profile measures most often influence protective strategy are decisions about posting armed officers inside the facility and implementing entry screening measures (as described earlier in this article).

As discussed throughout this series, few measures offer as much benefit during an attack as having an on-site armed response force. If an organization is attracted to the idea of armed protection, but hesitant due to public image concerns, some measures can be employed to address this situation.

One option is to stage armed response officers in a location out of public view. Several years ago we aided an organization in evaluating potential security strategies for a parliament building. At the time, the facility was protected by several police officers armed with handguns posted outdoors. Considering the facility’s risk profile and Design Basis Threat (terrorists armed with assault rifles), we strongly recommended they augment their current security force with an on-site tactical response team equipped with military small arms. This proposal was initially rejected due to public image concerns. Our recommendation, in turn, was to stage the team inside a room hidden from public view and within 120 seconds travel time to all critical locations inside the facility. This same approach can be adopted in office buildings, hotels, schools, and any other location where public image is a concern.

Other methods for addressing this concern include substituting plainclothes officers for uniformed personnel and carefully selecting officers for their unique combination of tactical capabilities and interpersonal relations skills.

Is it expectedly safe for people to evacuate the facility during an attack, or is the facility located in a geographic area where escape outdoors is impractical or possibly dangerous?

This is not generally a concern for most facilities. Where this issue most often arises is when a facility is remotely located away from civilization or in hostile threat environments. An example of the first situation would be the Tigantourine gas facility in Algeria targeted by Al-Mourabitoun in 2013. An example of the second situation might be a compound located in a war zone where friendly authorities have little control and hostile actors abound (e.g., 2012 Benghazi attacks).

In these situations, on-site armed response capability is paramount. Additionally, perimeter defensive measures should be designed to provide the armed response force with a tactical advantage and create time for occupants to seek refuge. Additionally, safe havens should be provided capable of advanced delay times and sustained life support under attack by fire, smoke, and other methods of asphyxiation.

Is it feasible to have an on-site armed response capability?

As detailed in Part 1 of this series, barriers need to be designed to delay an adversary’s ingress into populated areas with sufficient time for a response force to intervene. If it is not possible to have an on-site armed response capability, the emphasis often needs to be placed on measures that facilitate delay (e.g., barrier construction, egress design, etc.) and expedite the response of local police.

Are we located in a region where previous incidents often result in a siege or delayed intervention by security forces?

If yes, there may be justification for upgrading safe rooms to an intermediate or high level of protection. As discussed in Part 2 of this series, most previous attacks where adversaries committed time and effort to forcibly enter rooms were in situations where authorities delayed entry. As an added measure, safe rooms in these cases should be equipped with supplies to sustain occupants for the duration of a siege.

Is our Design Basis Threat adversary an insider, outsider, or both?

As explored in Part 2 of this series, the relevancy of many protective measures is directly related to the attacker’s expected access to the facility. The following table is provided as a general guide to the applicability of physical security and facility design measures to different categories of adversary.

These are some of the many questions to consider as part of the physical security and facility design process. In upcoming articles, we’ll explore these issues in greater depth and present examples of how custom protection strategies can be designed for different types of facilities.

The Sympathetic Nervous System (SNS), Situational Awareness, and Active Shooter Attacks

Another important issue to consider in active shooter planning is the potential effects of the Sympathetic Nervous System (SNS) and lack of situational awareness on employee response.

During life-threatening emergencies, the Sympathetic Nervous System (SNS) is often activated. The SNS governs human flight-or-fight response to imminent threat situations. Although the SNS served an important survival function in human evolution, its effects can impair response actions by building occupants during high-stress events. When the SNS awakens, a person’s heart rate may exceed 200 bpm resulting in cognitive impairment, loss of fine motor skills, irrational behavior, or freezing.[1]

In addition to the SNS, rarely during armed attacks do employees have real-time situational awareness of the attacker’s location and activity. The combined effects of the SNS and lack of situational awareness may result in dangerous and sometimes irrational behavior. For example, employees may be hesitant to abandon a presently unsecured location and relocate to a nearby safe room if getting there requires moving through space they cannot see (e.g., around a corner and into another hallway). If a door is equipped with a single-cylinder lock and no thumbturn, employees may be hesitant to open the door to lock it if they fear the gunman may enter the hallway.

Effective active shooter planning should anticipate the effects of the SNS and lack of situational awareness. Every effort should be made to compensate for these challenges by simplifying the expected actions of employees. Some practical examples include establishing emergency phone numbers that are easy to remember and dial under stress, ensuring that mechanical locks on doors feature a thumbturn and do not require a key for locking, providing abundant availability of safe rooms, and ensuring that escape routes do not require complex navigation to access discharge doors.

As an additional point, employees and on-site responders are not the only ones affected during high stress events. Security control room personnel suddenly launched into action with life-and-death consequences (even when remotely located) may experience some of the same impairing effects as people in the ‘hot zone.’ For this reason, critical communications systems should be designed for simplicity and control room personnel should drill regularly to minimize delays or omission of key tasks.

As we continue in upcoming articles, specific recommendations will be offered in hope of avoiding some of the many problems witnessed in previous attacks resulting from SNS impairment and lack of situational awareness .

In the next part of this series, we’ll explore recommendations for protecting people from outdoor ambush and early attack recognition.

Endnotes

[1] Grossman, Dave, and Loren W. Christensen. On Combat: the Psychology and Physiology of Deadly Conflict in War and in Peace. Warrior Science Pub., 2008.

Craig Gundry

CIS consultants offer a range of services to assist organizations in managing risks of active shooter violence.
Contact us for more information.

March 17, 2020August 14, 2020

Facility Preparation for Active Shooter Attacks: Key Objectives (Pt. 3)

Design Basis Threat and The Active Shooter

Facility Preparation for Active Shooter Attacks: Key Objectives (Pt. 3)

In Part 1 of this series, we discussed how the integration of detection, delay, and response functions influences the overall performance of physical security. In security designs aimed at the protection of inanimate assets (such as theft prevention and anti-sabotage situations), hardware components and physical construction (e.g., anti-personnel barriers, alarm systems, CCTV, etc.) are often the primary elements facilitating detection and delay. However, in the case of active shooter attacks, anticipating the actions of facility occupants is critical in designing a successful system.

Most organizations concerned about active shooter attacks have adopted the US Department of Homeland Security’s classic ‘Run-Hide-Fight’ doctrine as the basis for designing facility emergency action plans and training employees. This simplified response guidance is presented as a prioritized list of preferred protective responses when an active shooter attack is recognized. “Run,” for instance, should always be the first option when the opportunity is present. If “Run” is not possible, then “Hide” is the next prioritized option.

Although “Run” is generally the most preferred response, there are situations where attempting escape may be more dangerous than simply remaining in place. A good example is a multi-story building when an attack is launched at ground level. Rarely during attacks do people in the “hot zone” have accurate and real-time knowledge of the attacker’s location and safe routes of escape. In this situation, trying to evacuate through lower levels of the building where possible massacre is in progress may be far more dangerous than barricading in a nearby safe location.

To ensure best performance during armed attacks, facilities should be designed or upgraded to support these response actions and proactively address common challenges faced by people during life-threatening events.

Physical Security and Active Shooters: Key Objectives

The following points summarize key measures for protecting facility occupants during active shooter events.

Delay the attacker’s ingress into populated areas to permit time for critical alerts, escape and refuge actions, and deployment of the response force. (DELAY)

Protective layers should be designed to delay adversary movement into populated areas. If the attacker is an ‘outsider,’ this includes exterior barrier layers (e.g., facade glazing, doors, locks, etc.) and delay measures at entry points and public reception areas (e.g., lobbies, etc.). Additional protective layers securing work suites and high-valued assets (e.g., executive offices, etc.) should be used to frustrate adversary ingress further and provide critical delay against movement by ‘insider’ adversaries already located inside the building.

Expedite detection and assessment of the threat. (DETECTION)

As discussed in Part 1 of this series, time is critical during active shooter events and every measure that expedites detection of the attack and deployment of an armed response force is critical in mitigating consequences. Measures that expedite event notification to security or authorities, such as panic alarms or gunshot detection systems, can greatly reduce the typical reporting times normally encountered by relying on witnesses to call an emergency number by telephone.

Rapidly and reliably alert all facility occupants. (DETECTION)

A critical part of effective response during active shooter events is fast and reliable alert to expedite protective actions by employees. Critical alerts should ideally be issued by audible means (public address) for the benefit of all facility occupants, and where feasible, followed by a redundant mass notification system (MNS) message for those who may not have heard the initial announcement. When important developments occur, updates can be issued to employees as follow up messages.

Facilitate easy and rapid evacuation/escape by employees and facility guests. (DELAY)

For employees located outdoors, ground level, or in building locations without safe refuge options, escape (DHS’ term ‘Run’) is the primary response. Escape routes should be abundantly available, easy to locate, and permit fast and unobstructed egress to safe locations away from the facility.

Provide safe refuge options for employees and facility guests unable to safely evacuate or who are unaware of the threat’s location. (DELAY)

One of the most basic facility preparations is ensuring adequate availability of safe rooms for people to take refuge if escape is not feasible. For this purpose, rooms should be abundantly available throughout the facility capable of providing adequate delay against forced entry considering the methods and tools likely to be employed by attackers.

Expedite the intervention of a response force capable of neutralizing an armed adversary. (RESPONSE)

Although many active shooter attacks terminate in suicide before the intervention of police or security forces, the speed at which security or police arrive and locate the adversary has a major impact on consequences of the event.

In an ideal scenario, police or armed security officers would be assigned to reliably ensure fast response times. If an organization cannot implement an on-site armed response capability, additional measures should be used to expedite the effective response of local police. Some examples include marking buildings on multi-building campuses with distinctive signage to ease location, establishing procedures for orienting and directing law enforcement officers as they arrive on scene, and preparations for providing building keys, access control badges, and floor plans to facilitate unimpeded movement by police.

Ensure employees are prepared to respond safely and without direction.

Even the best designed plans and facility preparations will fail if employees are unprepared to take independent action for their self-preservation during active shooter events. As detailed further in Part 4 of this series, the effects of the sympathetic nervous system during high stress events and lack of situational awareness can have a debilitating effect on employee response and even lead to dangerous actions. The first step in combating this problem is training employees in emergency response procedures.

The Department of Homeland Security and various municipalities throughout the US have produced short videos useful for this purpose. It is also recommended that training include instructor-led discussion about facility-specific measures for contacting security or police, location of suitable safe rooms inside the facility, special egress considerations (e.g., feasibility of roof access, etc.), communications systems, and location of medical kits.

In the next part of this series, we’ll explore common challenges and unique circumstances that often influence how these principles are best applied in different facility situations.

Craig Gundry

CIS consultants offer a range of services to assist organizations in managing risks of active shooter violence.
Contact us for more information.

March 17, 2020August 14, 2020

Design Basis Threat and The Active Shooter (Pt. 2)

Who exactly are we trying to protect ourselves against when we use the term “active shooter?”

For many, the answer to this question seems obvious—a “bad guy” killing people at random with a gun. However, this type of vague definition provides little guidance for developing an effective security design. A more useful definition considers:

- How many adversaries would possibly be involved in an attack?
- What is their level of skill?
- What types of weapons would they bear?
- What tools and methods of entry would they employ?
- Would the attacker(s) likely be an insider, outsider, or potentially either?
- Has the adversary employed any unique modus operandi in previous attacks?

Although many aspects of active shooter preparation are universal, these types of details have a major influence on the performance of our protective design and the benefit of system components (e.g., anti-personnel barriers, ballistic protection, etc.). Additionally, if our budget is limited, the answers to these questions can often guide us in prioritizing vulnerabilities of greatest concern.

As a security consultant, I’m frequently called on to assess facilities that have already invested in protective upgrades. In these situations, I frequently find examples of overlooked vulnerabilities, overconfidence in protective measures, or wasted expenditure. And these problems often stem from failing to define the attacker’s likely capabilities and methods as a driving factor in the original security design.

In professional approaches to security planning, this is the role of the Design Basis Threat (DBT) or Threat Definition. A DBT (or Threat Definition) provides a description of an adversary’s likely capabilities and tactics essential for determining the expected performance of security measures and identifying attack scenarios that should be addressed in security design.

Considerations for Developing a Design Basis Threat

Number of Attackers

The number of adversaries has a direct relationship to the potential effectiveness of our response force (i.e., Probability of Neutralization) and may influence the behavior of adversaries during attacks. One practical example is the likelihood of adversaries forcibly entering secured rooms to locate targets. Many documented incidents where adversaries forcibly entered locked rooms to seek targets involved more than one perpetrator.[1]

In the United States, the spectrum of active shooter adversaries has historically been quite diverse with most attacks committed by non-ideologically motivated perpetrators in alignment with Dr. Park Dietz’s definition of a pseudocommando.[2] The majority of these attacks are executed by a single attacker withstanding a handful of notable exceptions (e.g., 1998 Westside Middle School, 1999 Columbine High School, 2011 South Jamaica House Party, and 2012 Tulsa[3]). Historically, most terrorist-related active shooter attacks in the United States also involved only one perpetrator with exceptions including the 2015 San Bernardino and 2015 Curtis Culwell Center attacks.

Regional trends in adversary characteristics vary greatly in different parts of the world. In locations where terrorist attacks are the predominant concern, the number of perpetrators in attacks is often higher. In a study of 20 Marauding Terrorist Firearms Attacks (MTFA) conducted by the Critical Intervention Services in 2015, 1-2 perpetrators was most common in active shooter assaults in Europe with notable exceptions being events such as the 13 November Paris attacks.[4] In Africa, by contrast, terrorist groups such as Al-Shabaab frequently use teams of 4-9 attackers in assaults on civilian locations such as the Westgate Shopping Mall (2013), Garissa University (2015), and numerous hotels in Mogadishu.[5]

Relationship to the Facility/Organization

Is the adversary possibly an “insider” (e.g., current student, employee, etc.)? Or do the characteristics of our organization and environmental circumstances likely limit our concern to “outsider” adversaries? The answers to these questions often determine the relevance and priority of protective measures.

For instance, if the adversary is most likely an outsider, protective measures associated with perimeters, building facades, and entry controls are a high priority. By contrast, if the probable adversary is an insider, it is often wise to focus on indoor protective measures if the budget is a limiting concern.

In school settings, the probable type of adversary is largely influenced by the age of students. Withstanding a handful of plots, shooting events in primary schools have been executed by adult-aged outsiders (e.g., 2017 North Park Elementary School, 2012 Sandy Hook, 2006 West Nickel Mines, etc.) and a handful of expelled students (e.g., 2016 Townville Elementary School). In secondary schools, the spectrum of perpetrators is more diverse including both current and former students, and to a lesser degree, adult-aged outsiders.

In closed workplace settings, the majority of mass shootings are committed by current or former employees (e.g., 2020 Molson Coors, 2019 Henry Pratt Co., 2019 Virginia Beach Municipal Center, etc.). Although less common than employee-related shootings, there have also been cases of nonemployees (outsiders) targeting businesses for reasons of personal or ideological grievance such as the 2018 shooting at YouTube headquarters and the 2015 Charlie Hebdo attack.

In attacks against houses of worship and ethnic cultural centers, outsider adversaries motivated by ideology or reasons of personal grievance have been most common. Some recent examples include attacks at the Poway Synagogue (2018), Tree of Life Synagogue (2018), First Baptist Church (2017), Burnette Chapel Church of Christ (2017), Emanuel AME Church (2015), and Overland Park Jewish Center (2014).

Outsiders have also been the dominant category of adversary in attacks against public entertainment venues such as nightclubs, theaters, entertainment districts, and festivals. In many of these situations, the venue is targeted due to mass casualty potential or the characteristics of its patrons. Examples in recent years include attacks at the Nels Peppers Bar (2019), Gilroy Garlic Festival (2019), Borderline Bar and Grill (2018), Jacksonville Landing (2018), Route 91 Harvest Festival (2017), Reina nightclub (2017), and Pulse nightclub (2016). Although most attacks in entertainment facilities are premeditated, there have also been cases of disputes among patrons escalating into mass violence such as the 2017 shootings at the Power Ultra Lounge and Cameo nightclub.

In situations where terrorism is the primary concern, outsider adversaries should be the first priority. Although there have been attacks executed by radicalized employees (e.g., 2019 Naval Air Station Pensacola, 2015 Inland Regional Center, 2009 Fort Hood, etc.), the overwhelming majority of terrorist armed assaults are executed by outsiders.

Entry Tools and Methods

The delay time value of barriers (e.g., doors, locks, glazing, etc.) is directly related to the tools and methods adversaries may use to breach our barriers. Attacker tools and entry methods was one of the issues the CIS MTFA study team examined with the aim of creating a research-supported justification for defining threat capabilities.[6] Of the attacks assessed as part the study, in none of the events did attackers arrive equipped with tools (other than firearms) for the specific purpose of penetrating barriers. In case research conducted by CIS about other armed attacks against facilities over the past 20 years, the number of incidents where adversaries brought tools specifically for forced entry purposes was few. In the majority of attacks, forced entry was facilitated exclusively by blunt object impact (e.g., kicking, beating with rifle butt stock, etc.) and sometimes aided by bullet penetration or cutting with a bladed weapon.

For the purpose of designating or planning potential safe rooms, another issue worth considering is adversary effort and commitment to attack people located inside locked rooms. Joseph Smith and Daniel Renfroe describe their observations on this matter in an article on the World Building Design Guide web site: “Analysis of footage from actual active shooter events have shown that the shooter will likely not spend significant time trying to get through a particular door if it is locked or blocked. Rather they move to their next target. They know law enforcement is on its way and that time is limited. “[7] Separate case study research conducted by Critical Intervention Services also supports this perspective.

In a large percentage of attacks, adversaries focus solely on targets of easiest opportunity by using visually-obvious pathways and unlocked/unobstructed portals (e.g., doors, windows, etc) to facilitate indoor movement. This behavior may be due to perceived time pressure (“kill as many as possible before the police arrive”) or possibly diminished problem-solving ability resulting from activation of the Sympathetic Nervous System (SNS). In most documented attacks where adversaries committed effort to forcibly enter locked rooms, intervention by police or security forces was delayed and adversaries had exhausted all targets in accessible areas.

When developing a DBT for use in a region where the main threat concern is a particular terrorist group, research should focus on identifying any unique tactics or preferences for entry methods demonstrated in previous attacks. Al-Shabaab, for instance, has employed disguise and deceptive entry tactics for gaining access through the outer perimeter of several protected facilities in Somalia. If we were developing a DBT for Al-Shabaab, it would be wise to consider attack scenarios employing deception and disguise in addition to overt entry methods.

Weaponry

Weaponry influences the potential effectiveness of our response force, and caliber and type of ammunition determines the effectiveness of ballistic barriers in resisting bullet penetration.

According to FBI statistics, handguns were the most powerful firearm used in most attacks (59%) with rifles constituting 26% of incidents.[8] Although the FBI has not published statistics on weapon calibers used in active shooter attacks, most mass casualty attacks where rifles were employed in the United States involved 5.56mm weapons with examples including assaults at the Pulse Nightclub (2016), Inland Regional Center (2015), Sandy Hook Elementary School (2013), and Aurora Century 16 Theater (2012).

Outside the United States, 7.62x39mm weapons (AK-47) have been most common.

Likelihood of a Hostage/Siege Event

Although not directly related to adversary capabilities, another possible factor to consider is the likely duration of an event. If the adversary is a terrorist group with a specific preference for hostage-taking or if we are located in a region where there has often been delayed intervention by police/security forces, circumstances may justify a more advanced level of preparation.

In the 2015 CIS MTFA study, 35% of all attacks escalated into a siege by police/security forces upon arrival. In a number of these incidents, intervention was delayed due to early confusion about the event (“hostage situation” versus “armed massacre”). Some events resulted in a siege when arriving police or security forces were overwhelmed by the adversary’s firepower and withdrew pending the arrival of more assistance. In other events, police and security forces made committed entry but the size of facility and movement of the attackers inside the building delayed location and neutralization of the adversaries (e.g., 2019 Virginia Beach Municipal Center, 2013 Washington Navy Yard, 2015 Corinthia Hotel Tripoli, etc.).

Incidents documented in the CIS study that escalated into a siege had a duration ranging between 2h 24m and est. 96 hours, with a mean duration of 21h 44m. Although most events resulting in siege durations over 2 hours were in Africa or West Asia, recent incidents have occurred in Western countries with effective response times over 2 hours such as the 2016 Pulse Nightclub shooting (194 minutes from first call to 911) and Bataclan Theater (~156 minutes from first call to 112).

Developing a Design Basis Threat for Active Shooter Attacks

In the government community, many organizations promulgate official DBT statements to serve as a standardized reference throughout the organization. For instance, the Interagency Security Committee (ISC) in the United States produces a Design Basis Threat (DBT) document for use during risk assessments and security planning in Federal facilities. The ISC DBT includes several threat scenarios related to armed attack with narrative descriptions of the event, and adversary characteristics such as numbers of adversaries, weaponry, tactics, etc.

The US Department of Defense also provides similar guidance for DoD facilities in UFC 4-020-01 “DoD Security Engineering Facilities Planning Manual.”[9] In Table 3-27, DoD presents a generic DBT (Threat Parameters) including several categories of Aggressor Tactics and a system for defining progressive levels of threat. Each threat level is attributed a corresponding description of weaponry, toolset, and/or delivery method.

As a consultant, I am not an advocate of adopting generic DBTs unless required by official mandate. Instead, I prefer using a research-based approach which considers the specific characteristics of relevant adversaries, historical attack data, regional trends, and similar issues. This type of approach is often more laborious, but results in a custom DBT that is rational, justifiable, and specific to the threat situation.

When developing a custom DBT, I typically begin by collecting data about attacks against similar facilities in the region or attacks perpetrated by adversaries of relevance with focus on weaponry, number of attackers, and tactics. The following table illustrates how this type of data collection might be applied for a facility in Kenya where Al-Shabaab is the primary adversary of concern.

After data has been collected, a threat definition is then developed representing likely adversary capabilities and modus operandi. In a basic approach, the DBT is written to match any capabilities well established by trend or average. In a cautious or very cautious approach, the DBT matches or exceeds the highest level of capability as demonstrated in previous attacks.

Even in situations where there are no unique adversary groups to serve as a model, this same type of research-supported approach can be applied for creating a non-specific, but justifiable DBT. Following are some examples of reasonable threat definitions based on historical attack data and well-established trends in different regions of the world.

Endnotes

[1] Examples including the 2015 Corinthia Hotel Tripoli attack and 2008 Taj Majal attack.

[2] Dietz, Park D. “Mass, Serial, and Sensational Homicides.” Bulletin of the New York Academy of Medicine. 62:49-91. 1986.

[3] Blair, J. Pete, and Schweit, Katherine W. A Study of Active Shooter Incidents, 2000 – 2013. Texas State University and Federal Bureau of Investigation, U.S. Department of Justice, Washington D.C. 2014. pp. 7. PDF. (The 2011 South Jamaica and 2012 Tulsa shootings are specifically noted as the only events involving more than one attacker in the FBI’s study of U.S. domestic active shooter attacks between 2000 and 2013.)

[4] Gundry, Craig S. “Analysis of 20 Marauding Terrorist Firearm Attacks.” Preparing for Active Shooter Events. ASIS Europe 2017, 30 Mar. 2017, Milan, Italy.

[5] Gundry, Craig S. “Threat Assessment Methodology and Development of Design Basis Threats.” Assessing Terrorism Related Risk Workshop. S2 Safety & Intelligence Institute, 25 Apr. 2017, Brussels, Belgium.

[6] Gundry, Craig S. “Analysis of 20 Marauding Terrorist Firearm Attacks.” Preparing for Active Shooter Events. ASIS Europe 2017, 30 Mar. 2017, Milan, Italy. (Presentation included results of an unpublished 2015 study by Critical Intervention Services.

[7] Smith, Joseph, and Daniel Renfroe. “Active Shooter: Is There a Role for Protective Design?” World Building Design Guide, National Institute of Building Sciences, 2 Aug. 2016, www.wbdg.org/resources/active-shooter-there-role-protective-design. Accessed 22 Sept. 2017.

[8] Blair, J. Pete, Martaindale, M. Hunter, and Nichols, Terry. “Active Shooter Events from 2002 to 2012.” FBI Law Enforcement Bulletin. Federal Bureau of Investigation, 1 July 2014, https://leb.fbi.gov/2014/january/active-shooter-events-from-2000-to-2012. Accessed 22 Sept. 2017.

[9] UFC 4-020-01, DoD Security Engineering Facilities Planning Manual. US Department of Defense, N.p.: 2008.

Craig Gundry

CIS consultants offer a range of services to assist organizations in managing risks of active shooter violence.
Contact us for more information.

Active Shooter Response Training: Important tips for preparing employees in an effective and responsible manner

Instruction during active shooter response training should clearly empower employees to take independent action during possible attack events

Keep the principles of active shooter response simple during training while also ensuring employees understand the dynamics of different situations and choices.

Customize the active shooter response training program to ensure that employees understand how the principles of response relate to their specific workplace environment

Reinforce memory through physical and/or mental engagement

Be attentive to the pre-existing beliefs and psychological sensitivities of employees when designing and conducting active shooter response training

Craig Gundry

Lessons Learned from Staring into the Abyss: An analysis of the Al-Noor Mosque Video

Attack Events and the Al-Noor Mosque Video

Observations & key takeaways from the Al-Noor Mosque Video

Craig Gundry

Enhancing Workplace Safety: The Importance of Utilizing Outside Experienced Experts and The WAVR-21 Assessment

Finding an expert

KC Poulin

Barrier Delay Measures and The Double Edged Sword

Craig Gundry

Safe Rooms, Classroom Security, & The Active Shooter

Basic Safe Room and Classroom Security Criteria for Active Shooter Protection

Facilities and Schools With Minimal Safe Room/Classroom Options for Active Shooter Protection

Advanced Safe Rooms for Active Shooter Applications

Safe Room Kits

Craig Gundry

The Capitol Hill Riot: A Case Study in Securing Buildings Against Violent Intrusion

Craig Gundry

Egress Design and The Active Shooter Threat (Pt. 10)

Egress Routes

Exit Signage

Emergency Stairwells

Exit Doors

Unconventional Exit Options

Recent Comments

Craig Gundry

Considerations for Designing Active Shooter Protection Measures (Pt. 4)

Is it feasible to employ restrictive entry control and screening measures?

Are there groups of occupants present whose capability to respond is likely impaired or who are unable to easily evacuate during an attack?

Are there large numbers of people present who are expectedly unfamiliar with the facility?

Does the interior layout of existing buildings provide ample options for occupants to take safe refuge?

Do cultural expectations or public image concerns restrict the employment of high profile security measures?

Is it expectedly safe for people to evacuate the facility during an attack, or is the facility located in a geographic area where escape outdoors is impractical or possibly dangerous?

Is it feasible to have an on-site armed response capability?

Are we located in a region where previous incidents often result in a siege or delayed intervention by security forces?

Is our Design Basis Threat adversary an insider, outsider, or both?

The Sympathetic Nervous System (SNS), Situational Awareness, and Active Shooter Attacks

Craig Gundry

Facility Preparation for Active Shooter Attacks: Key Objectives (Pt. 3)

Physical Security and Active Shooters: Key Objectives

Craig Gundry

Design Basis Threat and The Active Shooter (Pt. 2)

Who exactly are we trying to protect ourselves against when we use the term “active shooter?”

Considerations for Developing a Design Basis Threat

Number of Attackers

Relationship to the Facility/Organization

Entry Tools and Methods

Weaponry

Likelihood of a Hostage/Siege Event

Developing a Design Basis Threat for Active Shooter Attacks

Craig Gundry