
Barrier Delay Measures and The Double Edged Sword
While assisting a reporter after the Uvalde shooting, a question was posed that maybe warrants some discussion. During the interview, I described some examples of
The Critical Difference™
Preceding Note
Many elements of our Critical Infrastructure Protection Program (described further on this page) were developed and managed by CIS for a domestic energy client during an eleven year period (2004-2015). Although this client-specific program is no longer operational, inactive elements related to the program are described here as a case study of our risk management strategy in practical application.
Today, our security consultants continue to provide expert assistance on anti-terrorism and critical infrastructure protection issues including the design and implementation of security measures described on this page.
In the wake of the 9/11 attacks, companies in all sectors of critical infrastructure found themselves ill-prepared for the risk of terrorist violence. As a source of security risk, terrorism is unique and the tactics and capabilities employed by terrorists require a specialized and performance-based approach to managing risk.
While the Federal government was beginning to formulate a national strategy for critical infrastructure protection, CIS was approached by an energy company seeking a solution.
The result of this project became the CIS Critical Infrastructure Protection Program. The first and only private-sector program of its type outside the nuclear power industry, lauded in 2005 by the U.S. Government Accountability Office (GAO) as a “…model for critical infrastructure protection in America.”
At the foundation of our critical infrastructure protection program is a multi-layered strategy aimed at preventing terrorist attacks while employing performance-based physical security design, blast mitigation measures, and effective emergency preparations to reduce the impact of events.
The manner in how our program is implemented varies between facilities considering the types of assets requiring protection and threat considerations (i.e., design basis threats). Yet the risk management principles are universal and adaptable to all critical infrastructure facilities.
The following diagram describes how these measures contribute to reducing risks of terrorist attack graphically depicted as concentric rings of protection.
Although risk assessment is not a protective measure (per se), it lays the foundation for the program and drives the design process. At the commencement of new projects, our consultants conduct a comprehensive risk assessment to identify critical assets, consequences of asset damage or loss, threat characteristics and design basis threats, operational conditions with influence on the design of protective measures, and issues contributing to security vulnerability. Based on this assessment, our consultants work with client decision-makers to design and implement a protective program specific to the facility of concern.
At the commencement of every project, our consultants work with authorities to maximize the accuracy of our threat assessments and establish a trusted relationship for reporting suspicious activity and intelligence exchange. In our Florida operations, this activity was the role of our Intelligence Liaison Officers (ILO’s) who maintained personal contact with representatives of the FBI’s Joint Terrorism Task Force (JTTF) and regional fusion centers. In projects for new clients, our consultants aid companies in establishing dialogue with authorities and a sustainable process for liaison.
In most facilities, the first layer of defense against terrorist attacks is detection of target surveillance and pre-attack intelligence gathering. This entails establishing measures to actively monitor potential surveillance activity such as training security personnel in surveillance detection, CCTV documentation of likely surveillance locations, and establishing a system for documenting and reporting suspicious activity. For this purpose, CIS created the Suspicious Activity Tracking and Analysis System (SATAS) database in 2004 for purposes of standardized reporting and dissemination of suspicious activity reports to authorities. Click below to learn more about SATAS.
Today, the US Federal government’s Nationwide Suspicious Activity Reporting (SAR) Initiative provides a standardized framework for documenting, reporting, and disseminating information about suspicious activity associated with terrorism. In 2004, there was no standardized process and government agencies were largely disconnected. To address this situation, we created the Suspicious Activity Tracking and Analysis System (SATAS) for use by our personnel in documenting suspicious events, persons, vehicles, and other relevant details.
As part of our liaison activity, representatives of Federal agencies and law enforcement intelligence units were provided with login access to SATAS, thus expediting our reporting to authorities and allowing outside agencies to search our database when engaged in other investigations.
SATAS was also designed to detect subtle patterns of suspicious activity which can be easily missed when reviewing reports on a daily basis. The system also featured a Watch List which allowed field commanders to disseminate BOLO alerts and information about suspicious persons and vehicles to officers working in the field.
Fences, CCTV cameras, alarm sensors, and other physical security components have no value during terrorist attacks outside their integrated performance as a system. When designing a critical infrastructure protection program, our consultants work with client leaders to design an improved Physical Protection System (PPS) which mathematically reconciles detection, delay, and response elements to ensure a high probability of interrupting attackers before they succeed.
Additional physical security measures include pedestrian and vehicle entry controls, screening procedures, and measures to protect against forced entry by vehicles (e.g., passive and active anti-vehicle barriers, terrain features, etc.).
Even the best designed Physical Protection System will fail if the responding security force is delayed or incapable of neutralizing the attackers. When protecting critical infrastructure facilities against terrorists, conventional security forces are often woefully unprepared. Likewise, response by off-site law enforcement units is unpredictable and too slow to ensure reliable intervention. For this reason, CIS created the Anti-Terrorism Officer (ATO) Division in 2004. CIS Anti-Terrorism Officers were former military personnel specially trained, armed, and supported for the mission of defending critical infrastructure facilities against terrorist attack.
Depending on the facility’s design and the construction of critical assets, there are often measures which can be employed to reduce physical vulnerability to damage by standoff weapons (e.g., IEDs, anti-tank weapons, mortars, firearms, etc.). Examples include ensuring adequate standoff distance from perimeters and accessible bomb emplacement locations, shielding vulnerable outdoor assets with pre-detonation screens or bullet-resistant barriers, locating vulnerable piping subgrade, protective asset positioning, and more.
Also encompassed under this category are process design measures and redundancies to mitigate the consequences of damaged or destroyed equipment (e.g., chemical containment, redundancies in SCADA system design, etc.).
The last layers of defense in our critical infrastructure protection program are the plans and preparations for post-incident response, restoration of operations, and remediation of damage. This includes ensuring that our client has effective emergency response and business continuity plans, Incident Command and special task teams, reliable and redundant communications systems, and an on-going program of training and drills to ensure reliable performance.
9/11 Attacks
CIS assists the U.S. chemical industry in improving terrorism preparedness
TECO Energy engages CIS for assistance
The CIS Critical Infrastructure Protection Program is adopted by TECO Energy
FLETC adopts the CIS Terrorism Risk Assessment Methodology
US GAO inspectors hail the CIS-TECO program as “…a model for critical infrastructure security.”
US Government agencies begin to adopt the CIS ATO training program
CIS consultants train ATO’s around the world
The CIS-S2 ATO Program is adopted by OSCE for training government security professionals in the Caucasus region
CIS consultants develop a special version of the ATO Program for the Iraqi Ministry of Interior
European Institutions turn to CIS
The CIS-S2 ATO Program becomes the basis for a new professional certification
CIS closes the ATO Officer Division
[1] Leson, Joel. Assessing and Managing the Terrorism Threat. Washington, DC: U.S. Dept. of Justice, Office of Justice Programs, Bureau of Justice Assistance, 2005. Print.
Successfully protecting facilities against terrorist attacks requires security personnel with specialized training, equipment, intelligence support, and tactical supervision. Historically, few security forces outside the government community have proven adequately prepared to prevent and respond to terrorist attacks.
To address the need for specialized security personnel in our critical infrastructure protection program, we created the CIS Anti-Terrorism Officer Division in 2004.
CIS Anti-Terrorism Officers (ATOs) were armed security or law enforcement personnel that were specially selected, trained, and equipped for employment in situations where terrorism is a critical risk. All ATO’s were recruited as former military personnel and prepared for assignment by completing 64-hours of specialized training on topics including terrorist tactics and protective measures, surveillance detection and reporting, IED recognition and search procedures, tactical firearms skills, and response to a spectrum of terrorist attack scenarios.
Between 2004 and 2020, CIS provided Anti-Terrorism Officers as service for critical infrastructure clients in the Tampa Bay region. As the only security officer corps of its type in the United States, the program earned accolades from numerous government agencies for its comprehensive design and focus on mission performance.
By 2006, CIS consultants expanded the scope of the ATO training program into an advanced-level course on anti-terrorism and facility security planning. Through our sister company, the S2 Safety &Intelligence Institute, the ATO program evolved into an international standard for anti-terrorism training. Since 2004, over 3,000 professionals worldwide have graduated variations of the Anti-Terrorism Officer program developed by our consultants.
Over the past 15 years, the CIS Anti-Terrorism Officer training program has been adopted by numerous government organizations and NGOs including the European Commission, European External Action Service, Organization for Security and Cooperation in Europe, and government ministries representing over a dozen nations worldwide.
The program was also adopted by ITAM-Police as a foundation for developing the Anti-Terrorism and Physical Security course for the Ministry of Interior of Iraq in 2010.
As the crown of the program’s recognitions, the International Association of Counterterrorism and Security Professionals adopted our ATO program in 2017 as the basis for its Certified Anti-Terrorism Officer (cATO®) Board Certification.
Although CIS no longer provides armed ATO’s as a service, our consultants continue to assist organizations in developing and preparing security forces for the mission of protecting people and assets against terrorist violence.
Although the program we developed in the 2000’s is no longer active, our consultants continue to support clients around the world with expert assistance on anti-terrorism and critical infrastructure protection matters. Following are some of our services.
Security Risk & Vulnerability Assessments
CIS security consultants frequently conduct security risk and vulnerability assessments for critical infrastructure sites and other facilities at risk of terrorist attack. Over the past two decades, we have conducted assessments to aid a diverse range of organizations in achieving risk management goals and compliance with regulatory mandates.
In addition to conducting security risk and vulnerability assessments, our consultants have developed and aided in the improvement of risk assessment methodologies for organizations including chemical manufacturers, energy companies, commercial property management groups, the AIChE Center for Chemical Process Safety, European Commission, EEAS, and more.
Facility Security & Readiness Assessments
For clients who do not require a comprehensive or analytical approach to risk assessment, our consultants frequently conduct facility security and readiness assessments related to specific threat concerns (e.g., terrorist armed assaults, chemical and biological attack, etc.). In these situations, our consultants focus on identifying potential conditions contributing to vulnerability and propose solutions with consideration to the client's objectives and priorities.
In this type of specialized capacity, we have assisted a diverse range of facilities varying in scale and complexity from corporate offices and community centers to parliamentary buildings and the European Central Bank.
Craig Gundry, PSP, cATO
Craig Gundry is a CIS security consultant and expert witness with over 30-years of specialized focus on workplace violence, school security, and terrorism. As an expert specialized in managing risks of mass homicide, Craig assisted in the development of ASIS International’s new WVPI-2020/AA, Workplace Violence and Active Assailant – Prevention, Intervention, and Response Standard and the Guardian SafeSchool Program® standards for school security.
Craig provides expert commentary for national news organizations and is a columnist for Workplace Violence Today magazine. He is also a TEDx presenter and speaker at conferences worldwide on topics related to terrorism, school security, and active shooter violence.
In addition to his role at CIS, Craig is also a lead instructor for the S2 Institute’s Anti-Terrorism Officer course and advanced seminars on security risk assessment, active shooter preparations, physical security, and emergency response planning. His previous students include over 5,000 security and public safety professionals from over 50 nations. He also lectures on security topics for John Jay College of Criminal Justice and presents PSP® exam preparation courses for ASIS International.
K.C. Poulin, cATO, CPS, CPOI
KC is a consultant and expert witness of matters related to workplace violence, community-based public safety, crime prevention, premises liability in multi-family housing, security officer operations, and managing risks of predatory aggression (e.g., workplace violence, stalking, etc.).
As the CEO of CIS, KC is the lead architect of our community-based security and public safety programs and is co-author of two criminal justice textbooks. KC is a veteran expert witness and has provided decisive testimony in multiple premises liability cases.
Over the past three decades, our security consultants have trained over 4,000 security and public safety professionals in anti-terrorism and critical infrastructure protection issues. Following is a sample of our work from a recent webinar in the aftermath of the 2021 Capitol Hill incident.
While assisting a reporter after the Uvalde shooting, a question was posed that maybe warrants some discussion. During the interview, I described some examples of
One of the most common problems we encounter in our work as security consultants is the absence of safe rooms and secure classrooms capable of
Like many people, I watched the riot at the US Capitol on 6 January unfold live through reporting on TV. And as most, I was
Egress planning is often regarded as a life safety matter with influence on security, but otherwise a discipline independent from physical protection. However, when preparing
Parts 1 and 3 of this series surveyed important principles of physical security and facility preparation for mitigating the consequences of active shooter attacks. Although
In Part 1 of this series, we discussed how the integration of detection, delay, and response functions influences the overall performance of physical security. In
Since 1993, our consultants have provided hundreds of interviews to news media organizations related to prevention and response to terrorist attacks and other forms of targeted violence.
When CIS launched our Critical Infrastructure Protection Program in 2004, it was the first civilian security program of its type in US history. Following is a montage of news stories about the program at the time of its launch.
Contact us to discuss your unique needs by calling Tel. +01 (727) 461-9417 or by completing the following form:
The Words of Our Clients and Peers
Toll-free: (800) 247-6055 | Tampa Bay Area: (727) 461-9417 | Hillsborough: (813) 910-4247 | Orlando: (407) 420-7945
Critical Intervention Services
The Critical Difference™
The staff of CIS is dedicated to providing each client with the finest quality of protective services available.
Our commitment and dedication to professional, ethical, and protocol conscious service is our trademark.
Preserving, projecting, and protecting our clients’ image and interests is our business.
Copyright © 2020 Critical Intervention Services, Inc. ® Florida “A” License: A9900261 • Florida “B” License: B9200107