Integrated Safety and Security Measures to Protect Venues of Mass Gathering and other Key Assets

Lessons Learned from the United States Capitol Hill Attacks

In U.S. politics, the official certification of the Electoral College results of the presidential election is meant to be a staid, ceremonial event. The 6 January 2021 certification of then-president-elect’s Joe Biden’s Electoral College victory was anything but. That day, throngs of supporters of outgoing president, Donald Trump, marched on the U.S. Capitol, where both houses of Congress were meeting to certify the results. 

The events themselves come with a backstory. Since the November 2020 election, Donald Trump had been claiming far and wide that the results of the vote were fraudulent. On noon of the certification day, his tone was no different. Indeed, he addressed a crowd of his supporters in the capital, claiming that “this election was stolen from you, from me, from the country”ⁱ. Soon after, protestors began marching down Pennsylvania Avenue towards the Capitol building.

The protestors encountered little resistance from the peace-keeping forces meant to protect the Capitol. That’s even though prior to the protests, social media had been alight with warnings that the protests would be anything but peaceful. Indeed, weeks before the New York Police Department had sent a packet of material to the U.S. Capitol Police and Federal Bureau of Investigation (FBI)Field Office, replete with raw intelligence indicating the likelihood of violence on 6 Januaryⁱⁱ. Even the day before the certification, the FBI Field Office in Norfolk, Virginia had issued another warning of violenceⁱⁱⁱ. 

What had happened? The Capitol Police, the federal law enforcement agency responsible for protecting the U.S. Congress, had requested reinforcement from the D.C. National Guard. But then-Capitol Police Chief, Steven Sund was concerned about the optics of going further and declaring an emergency on such an historically significant day^iv. 

Also, on high alert was D.C. Mayor, Muriel Bowser. Bowser had requested and received a limited contingent of 340 D.C. National Guard soldiers. Those guards, however, were by in large deployed to help control traffic flow. The city’s own police force, distinct from the Capitol Police that only protects Congress, was tasked with handling law enforcement outside of the Capitol.

Patchwork as they might appear in hindsight, those security arrangements were deemed sufficient to Capitol officials, including Chief Sund. Unfortunately, the events of the day would belie that confidence.

News media onsite relay watching the protestors march on the Capitol, where they encountered a small rump of law enforcement whom they quickly overwhelmed. Mesh barriers and metal fencing erected for the event also proved little obstruction. D.C. police in riot gear moved in and out of crowds trying to keep the peace. Protestors, on the other hand, were already on the way into the Capitol building itself, smashing the door of the West Front of the building, while police inside tried in vain to keep them back. 

Meanwhile, the alert went to Congress to stay away from exterior windows and doors and seek cover. The building was soon under lockdown, the riot in the Capitol underway. 

Cell phone video from journalists inside the building, as well as from protestors themselves, broadcast to the world much of the mayhem that ensued, including an armed standoff at the entrance to the House chamber, where one rioter was fatally shot by Capitol Police, the quick-thinking actions of one Capitol Police officer who managed to successfully manoeuvre rioters away from the entrance to the Senate chamber, as well as some of the more vaudevillian antics of the rioters. 

All told, the incident left four people dead^v, over 100 police officers injured, millions in damage, and has led to charges against a reported 221 peoplevi. In turn, Sund resigned shortly after the incident; his resignation came alongside departures from the sergeants-at-arms of both the House and Senate^vii. 

Attacks on key assets increase

What makes the security and intelligence failures of the day confounding is the fact that the riot itself didn’t come out of the blue. If anything, incidents of civil unrest associated with political and economic activity have been on the rise, especially during the COVID-19 crisis. These events have all been deemed to require law enforcement intervention to maintain public safety

Back in spring 2020, for instance, a series of demonstrations against the state of Michigan’s stay-at-home-order brought armed protestors to the State Capitol^viii. In the summer, armed protestors in Oregon stormed that state’s Capitol, while the State Legislature was still in session^ix. Protestors in Portland, Oregon also marched to a county government building, where they threw rocks and lit a fire^x. 

Outside of the U.S., German police quelled an attempt by protestors to storm Germany’s parliament building, during demonstrations against the Government’s coronavirus policies^xi.

Nor are the targets of these demonstrations, government buildings like the Capitol, particularly surprising, either. After all, government buildings are key assets, considered critical for governance and public confidence, which protestors are often seeking to disrupt^xii. 

What 6 January post mortems might be missing: safety and security challenges to protecting venues of mass gathering

Since the Capitol riots, critics have honed in on many facets of the botched security response: the fact that the Capitol Police didn’t make early requests for help from either the D.C. metropolitan police force or the National Guard; that the agencies in question didn’t set up a joint command centre to coordinate a response to the forecasted violence^xiii. 

Professor Clifford Stott, an expert in crowd management who has advised the U.K. government, opined: “It was the failure to predict that that led them to be inadequately prepared when it did happen and led them to be reactive and have to mobilise more resources. It's not just about the complexities of the police response, it's also about what appears to be a poor level of risk assessments around how they understand whether resources might be necessary in the first place”^xiv.

Similarly, Director of the Intelligence Program at Michigan State University, noted: “I go back to the 9/11 commission report. It was a failure of imagination. They didn’t imagine something like this. Would you imagine people were going to break into the Capitol and go into the chambers? That failure of imagination sometimes makes us drop the ball.”

Besides government buildings, however, there’s a wider array of other key assets, critical infrastructure, and venues of mass gathering that present “national-level public health and safety, governance, economic and national security, and public confidence consequences”^xv. The question going forward should, therefore, be: given the threat climate, what’s actually needed to secure these assets, as well keep their staff and congregating publics safe? 

Using the example of the Capitol attacks as a departure, we argue that what’s required is a comprehensive, allhazard, risk-based approach to protecting key assets, the people they employ, and the publics that congregate in them. Such an approach would account for safety, security, and crisis management, as well as continuity of operations.

Here, we introduce the concept of venues of mass gathering. A catch-all term, venues of mass gathering can be applied to facilities as diverse as sporting stadiums, commercial precincts, significant tourism and entertainment attractions, hotels and convention centres, public transportation hubs, not to mention major events.

What qualifies a venue as a place of mass gathering is that it can concentrate large numbers of people in accessible spaces, typically in larger cities, thereby creating easily accessible targets for bad actors^xvi. Herein lies the problem, of course.

The very potential for venues to become places of mass gathering creates stark safety and security challenges for their owners and operators, governmental or otherwise. For one, those stakeholders must prepare for the fact that high concentrations of people can congregate in their venues quickly, at both regular and unpredictable times. Those publics, by dint of being highly accessible, present bad actors with the opportunity to inflict mass casualties, cause mass economic damage, and instil public fear. 

Add to that, closing down access to these venues might not always be feasible, whether for financial, logistical, or symbolic reasons. What’s more, the sheer size of many of the venues in question also means that a security incident will usually take multiple internal teams as well as law enforcement and public safety agencies to respond to – another major challenge.

Why’s that? Ineffective multi-agency, multi-discipline, and multi-jurisdictional coordination is often cited as a key area for improvement in after action reviews of high-profile incidents of civil unrest^xvii. So too are related issues, such as lack of multi-agency, multi-discipline, and multi-jurisdictional training and exercises, coordination of response plans, multiple, disjointed, incident action plans, technical communications issues (including interoperability), and lack of communication within the field (situational awareness) and with command^xviii. 

Besides inter-agency failures, researchers often find that the following goes wrong during high-profile incidents of civil unrest:

• Failure to effectively share intelligence and information to stakeholders
• Failure to communicate effectively with the public
• Public access point workload
• Public access point technical capabilities (system expansion)
• Lack of personal protective equipment (PPE)
• Overall lack of training and exercises
• Resource management, i.e., securing and distributing equipment and supplies
• Failure to develop and implement strategy and tactics
• Aid agency capabilities, training,and experience^xix

Duty of care in the context of protecting venues of mass gathering

That’s not the end of it. A botched security response, whether handled by one security team or multiple, also has larger implications for venue owners and operators and major event organisers – planned events are also frequent sites of civil unrest. Those stakeholders all have a legal obligation to consider the work safety risk arising from operating their venue or event^xx. If they haven’t considered the risk sufficiently and parties get injured or worse, those stakeholders might be liable. 

How do stakeholders meet that duty of care obligation? The simple answer is that owners, operators, and organisers have to identify, asses, and control safety risk in their security and emergency planning processes. In many jurisdictions, local, state, or national public safety agencies will help (See below). Those entities typically publish tools to enable owners, operators, and organisers to self-assess safety risk, often the risk of terrorism on public targets. Of course, stakeholders can’t just perform self-assessments and call it a day. They must also commit to ongoing riskmitigating and -controlling activities to keep their venues of mass gathering safe. Given the nature of the risk, those activities must be of an integrated safety and security nature, converging competencies from safety, security, emergency, and crisis management, as well as business continuity throughout the lifecycle of the incident^xxi. 

Take a lifecycle approach to securing venues of mass gathering and protecting people

What are those activities and when should they be put into place? Well, in the case of mitigation and preparation, activities to reduce the impact of an incident of civil unrest must start well before the incident. Existing crisis, contingency, safety, and security plans must all include annexes or playbooks that deal with how to handle civil unrest. 

Here is where self-assessment tools come in handy. Those tools help venues to understand where their hazard vulnerabilities lie and dedicate resources (including technology resources) to the mitigation and preparedness efforts needed to reduce or eliminate those vulnerabilities. Those resources then get documented in the playbook, a list of procedures which will serve as the overarching response for all processes related to incidents of civil unrest. 

Integrated safety and security software considerations for protecting venues of mass gathering and keeping people safe

As part of that resourcing effort, security infrastructure, including integrated safety and security management software, might need to be procured to support safety and security operations before, during, and after incidents of civil unrest. It’s important that the tools procured have the following capabilities tested and in working order before the incident happens:

• Prioritisation of intelligence gathering, especially of known subjects and/or organisations, as well as identification of possible action by unknown subjects/organisations. 
• A travel security component to ensure the security apparatus, in particular, is up to date on travel security protocols related to medical, safety, and security matters.
• Ability to geolocate employees and confirm their safety as events dictate. 
• Ability to store, task, and communicate the particulars of evacuation and lockdown plans with all relevant parties. 

Subsequent trainings of that plan, especially with controlling law enforcement and public safety agencies, will identify the need to bolster the security procedures in the plan. Trainings are likely to focus on command post operations (e.g., Security Operations Centre procedures, CCTV coverage, access alarms, duress alarms, intercom usage, employee safety, and executive coverage) and communications plans. Besides regular trainings with controlling agencies, what are some other activities likely to be included in your civil unrest playbook? Staple activities during the mitigation and preparedness stages consist of: 

• Actively monitor protests/movements in the area, especially on social media, which is likely to be the favoured communications medium for movements, protestors, and followers.
• Solidify relationship with law enforcement (often via mutual aid agreements), who should have access and detailed understanding of facility site plans. The same goes for outsourced supplemental security (if deemed necessary), with whom concrete terms of engagement should be pre-defined and tested during pre-event tactical meetings and exercises. 
  - Advanced planning should include discussion of any traffic considerations to keep routes open and safe. 
• Ensure appropriate signage is visible and legible, to prevent confusion and provide clarity to protestors and law enforcement alike.
• Invest in high visibility security to deter potential aggressors. 
  - Focus on monitoring perimeters and the placement of security personnel.
  - Focus on hardening facilities with walls, fences, and restricted areas, to ensure standoff distance between demonstrators and company facilities.
• Establish shared processes to receive, distribute, and share intelligence between security managers and relay intelligence to executives.
• Develop pre-scripted messages to inform the public of the status and/or potential negative impacts of the incident.
• Include employee communication provisions to the plan and make sure those provisions are tested. Provisions likely to include:
  - Means of conveying intelligence updates to employees, so that the organisation can remain a trusted font of information.
  - Means of ensuring that employees know how to communicate their status or availability, if the situation dictates.
  - Procedures for briefing employees to refrain from public comment.
• Preparations for facilities maintenance to address property damage resulting from the incident.
• Ensure all security staff are at a heightened sense of awareness and properly trained on procedures, including protocols to address threats received in person, by mail, via email, or by telephone (further staff safety considerations below). 

Further employee safety considerations. What you should relay to your staff?

• Follow the organisation’s communications plan
• Avoid protest areas or large gatherings
• Stay calm and maintain a low profile
• Focus on enhancing personal safety and security
• Avoid displays of wealth 
• Identify emergency exits and other paths that might pose personal safety risk
• Attempt to quickly and safely remove yourself from the area where an incident may/is/has occurred. If you cannot, shelter.
• Once safely secured, contact authorities
  - Comply with the commands of authorities; do not appear to engage in a threatening manner
• Avoid targeted areas of civil unrest, protest, or riot
• Anticipate communications disruption
• Monitor local media and other trusted sources for updates
• Establish a means of communication with family members

Those mitigation activities are meant to prepare the business to execute on planned procedures during the civil unrest incident. Regular trainings are intended to give personnel the confidence to adjust to the chaotic situation without losing their head. While these preparatory stages give a wider berth to non-security operations, it’s important to note that during an actual incident of civil unrest against a venue of mass gathering, security personnel (internal, contract, and/or law enforcement) will likely take the lead in deploying the response, though many response activities will affect staff and customer safety. 

Response activities vary from case to case, given how fluid and variable the incidents in question are likely to be. But typical response activities for incidents of civil unrest include:

• Enhanced crowd monitoring and traffic control measures, e.g., adjusting video surveillance and lighting, implementing and adjusting pre-existing access control protocols to regulate traffic. Limiting routes of entrance and exit to areas with sufficient illumination and physical security presence.
• Refreshing employees on reputational risk by discouraging social media posts sympathetic or critical of the disturbance.
• Providing guidance on employee discretion to ensure safe commuting to/from the venue, e.g., discreet wearing of uniforms, visible identification, and timely updates on unsafe areas.
• Activating third-party services if necessary, e.g., guard services.
• Instructing security personnel to transition to recovery when emotions calm.

Once the recovery phase begins, the business will work to resume normal operations, assess and repair any damage, and most importantly improve the security posture going  forward if the security response was found to be lacking. 

How to determine if the security response was lacking? After all, not all security events will be as high-profile as the Capitol attacks. The owners, operators, and organisers of venues/events who haven’t suffered significant damage or drawn much public attention might even think the security response went off without a hitch. 

Whether the event made the news or not, a debrief of security personnel should be conducted after an incident of civil unrest. Interviews of security personnel are vital to collect first-hand evidence of what happened, the details of which will be necessary to prepare an after-action report, which will provide concrete measures to improve the venue’s security posture going forward. 

In more high-profile incidents, the impact is likelier to be obvious. The public, lawmakers, and/or regulators might even be clamouring for a post-incident hearing, which, in turn, will necessitate the performance of a security debrief and after-action report. In that context, it is even more important to collect and preserve all evidence from the incident, including video footage if available, since that evidence might be required by law enforcement and regulators.

Similarly, in civil unrest incidents where vandalism and property damage occur, venues will usually have to provide for timely and safe waste removal, with security provided for clean-up crews if the risk of violence warrants it. A thorough assessment of damage to the facility should also be completed expeditiously to determine financial and operational impact. 

Finally, political and economic activity is contributing to a rise in civil unrest with venues of mass gathering and key assets likely targets. Protecting these assets, their staffs, and customers isn’t easy. The reality is, though, taking a siloed security-only approach will only exacerbate the challenges. Sure, the security apparatus will take the lead during the response to incidents of civil unrest (particularly violent attacks). But an effective lifecycle approach will require the integration of plans, tactics, and technologies from other key safety- and resilience-promoting teams, including safety, emergency, crisis, and business continuity. Only a convergent, integrated approach throughout the lifecycle of a civil unrest incident can protect assets and people. 

Citations

i     Laurel Wamsley, NPR: What We Know So Far: A Timeline Of Security Response At The Capitol On Jan. 6. Available at https://www.npr.org/2021/01/15/956842958/what-we-know-so-far-a-timeline-of-security-at-the-capitol-on-january-6

ii     Ken Dilanian et al., NBC News: FBI, NYPD told Capitol Police about possibility of violence before riot, senior officials say. Available at https://www.nbcnews.com/news/crime-courts/fbi-nypd-told-capitol-police-about-possibility-violence-riot-senior-n1253646.

iii Ibid

iv     Laurel Wamsley, NPR: What We Know So Far: A Timeline Of Security Response At The Capitol On Jan. 6. Available at https://www.npr.org/2021/01/15/956842958/what-we-know-so-far-a-timeline-of-security-at-the-capitol-on-january-6.

v     A fifth person, Capitol Police Officer Brian Sicknick died from medical distress after the attacks. But a determination has not been made if the rioters actions contributed to his death.

vi     Sam Cabral and Roderick Macleod, BBC: Capitol riots: Five takeaways from the arrests. Available at https://www.bbc.com/news/world-uscanada-55987603

vii     Claudia Grisales et al., NPR: Top Capitol Security Officials Resign After Insurrection Under Pressure From Lawmakers. Available at https://www.npr.org/sections/insurrection-at-the-capitol/2021/01/07/954489692/in-wake-of-insurrection-lawmakers-call-for-removal-of-top-capitol-security-offic.

viii     Craig Mauger, The Detroit News: Protesters, some armed, enter Michigan Capitol in rally against COVID-19 limits. Available at https://www.detroitnews.com/story/news/local/michigan/2020/04/30/protesters-gathering-outside-capitol-amid-covid-19-restrictions/3054911001/.

ix     Tom Tapp, Deadline: Armed Protesters Break Into Oregon State Capitol Building, Break Windows, Assault Journalists, Hit Police With Chemical Agent. Available at https://deadline.com/2020/12/armed-protesters-enter-oregon-state-capitol-building-assault-police-chemical-agent-1234660385/.

x     Katie Shepherd, The Washington Post: Portland protesters set fire inside county building as tensions continue to escalate. Available at https://www.washingtonpost.com/nation/2020/08/19/portland-multnomah-building-fire/.

xi     https://www.bbc.com/news/world-europe-53964147.

xii     Department of Homeland Security: The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. Available at https://www.dhs.gov/xlibrary/assets/Physical_Strategy.pdf

xiii     Kelly-Leigh Cooper, BBC: Capitol riots: Questions mount over security failure. Available at https://www.bbc.com/news/world-us-canada-55577362

xiv Ibid

xv     Department of Homeland Security: The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets. Available at https:// www.dhs.gov/xlibrary/assets/Physical_Strategy.pdf.

xvi     National Counter-Terrorism Committee, National Guidelines for the Protection of Places of Mass Gathering from Terrorism.

xvii     Dave Donohue, National Fire Academy: Preparing for Civil Unrest. Available at https://nfa.usfa.fema.gov/pdf/efop/efo248668.pdf

xviii Ibid.

xix Ibid.

xx     WorkSafe Victoria: Advice for Managing Major Events Safely. Available at https://content.api.worksafe.vic.gov.au/sites/default/files/2018-06/ISBNAdvice-for-managing-major-events-safely-2006-04.pdf.

xxi     Brian Harrell, CPP and Jeremy Prout, Security Magazine: When Critical Infrastructure Encounters Civil Unrest. Available at https://www.securitymagazine.com/articles/88297-when-critical-infrastructure-encounters-civil-unrest.