Demystifying Private Sector Counter Terrorism Mitigation

The Basics

Terrorism & Violent Crime that’s normally associated with overseas countries and a distance news story has been happening in the United Kingdom. The Private Sector is On Notice for the threats & criticality of an attack and should be using what’s known as the Brain Game to mitigate.

The private sector do not have 24/7 dedicated resources, legal powers and budgets to implement Government Agency (Public Sector) protective security systems, and these systems are not a feasible option for the Private Sector in an open society

The first hurdle for corporate management is moving out of denial and removing any organisational barriers imposed by incompetent management, the ostrich syndrome is not the way forward, it’s a common problem and needs senior stakeholder involvement to kick start the mitigation process.  Relying on the Governments online awareness presentation as the main CT effort is a critical mistake. 

Legal teams are already preparing cases and waiting to launch liability claims from past events.  Business failures to understand the criticality of an attack is now being laid out to the whole country at the Manchester Arena Enquiry

What level of awareness are your management & staff operating at in terms of your CT & Violent Crime Policy?

  1. Unconscious Incompetence = They don’t know what they don’t know = Either living in denial or oblivious to the reality of modern day threats = Require Educating
  2. Conscious Incompetence = They know there’s a problem but have no knowledge or understanding = Require Educating
  3. Conscious Competence = Able to think their way through a situation = Understand the company policy and action plans  
  4. Unconscious Competence = Can automatically respond effectively = Optimum level of awareness

When seconds count and emergency services are minutes or longer away – What action will you or your staff take during the Emergency Services Response Gap?


“One of the most important aspects of preventing an attack is making that attack harder for a terrorist to carry out. If businesses, and the public, had a clearer sense of the tactics a terrorist might use, then it follows that there is more chance of thwarting an attack.”

Lord Toby Harris – Oct 2016 Report

London’s Preparedness to a Terrorist Attack


Legal Obligations – Duty of Care – Liable Action

1. Start Point – Private Sector Counter Terrorism Responsibilities.

Business must understand their legal obligations, localised responsibilities, and contractual agreements.  Note: During a post attack enquiry is not the time to be asking these questions for the first time.

a. Is the private sector On Notice for Terrorism & Violent Crime incidents?

b. Have corporate management walked through the process of being investigated and answerable through the courts?

c. Will the business be liable and open to claims?

d. Health & Safety Laws already cover these type of incidents; do you know them?

e. Do corporate management understand the laws? Understanding whats reasonable and practicable within your responsibilities will mitigate and lower the criticality. 

f. Are employers responsible for staff actions – Will vicarious liability be applied by claimants?

g. Does your business hold None Damage Business Interruption Insurance?

h. Are there critical event management systems already in place?

i. Do senior management understanding the meaning of CRITICALITY within the security context?  Failure to understand the criticality of an attack is now being laid out to the whole country at the Manchester Arena Enquiry.

j. Has your business used a private sector consultant for CT advice, or, have they relied on the Public Sector Police CT advisers?  There are major differences between the two options, Public Sector advisers are used to powers of arrest, substantial resources & budgets, 24/7 manpower, armed personnel, no private sector management experience, no private sector Counter-Terrorism experience, rely on theory based information for the private sector. 

2. Risk Assessment.

Priority document: The terrorism & violent crime risk assessment team must be guided by an experienced private sector security professional and not academic theory based bluffers. In-House Google search ninjas should also be avoided.  The RA and relevant attachments must detail the threats and the criticality on the business; they are also used within the business case to deliver mitigation or not.  Mildot Consultants are available to advise any business on the Risk Assessment. 

Keep It Simple & Effective

3. Security & Safety Plan.

Produce your plan detailing what mitigation the business will implement based on the risk assessment and identified legal & duty of care responsibilities. If its part of  an event planning process anticipate and explain what mitigation the business expect from Government Agencies, avoid the common misconception and inadequate planning approach of asking Government Agencies for their advice on business management mitigation, they are public sector staff and will only advice on what will assist Emergency Services Response.

Government agencies are experts within their respective fields and will advice on their responsibilities and systems in order to shape the scene for their arrival. Businesses can’t afford to leave mitigation to that advice, there will be emergency services response gaps, and after action litigation.  The private sector can educate staff and raise awareness with the aim of developing thinking time to respond effectively during the Emergency Services Response Gap.  

Private sector professionals (stay away from academic theory based bluffers) are the best option for advice on business counter terrorism mitigation and understand what comes under the heading of Criticality.  Use the MoSCoW principle throughout the planning process.  

Write minutes on all meetings with Government Agency representatives, all personnel who attend meetings should receive a copy of the minutes, this approach acts as a record for future reference.

Example CT Policy Table designed to escalate in line with UK Government Threat Levels


When seconds count and emergency services are minutes away

4. Emergency Services Response Gap.

Prioritise mitigation to where the business can have a practical impact and what’s within your legal & duty of care responsibilities. Accept there will be an emergency services Response Gap and focus your efforts on that period of time. It could be 2 minutes or 15 minutes.

Employee and customer safety is the priority, focus on what can be achieved with staff situational awareness, risk communication and response procedures. Apply a unified approach to raising awareness of all staff, this will act as a mitigation multiplier and significantly improve the detection and response capability.

Liable actions will be instigated after the incident, all prior planning and mitigation taken & not taken will be assessed by the courts. The Black Swann event excuse is no longer a viable option.

5. Staff Numbers (Mainly for Event Planning)

Unless legally obliged or the budget allows, focus plans on utilising current resources (all staff), stay away from the increase numbers mantra. The MoSCoW principle will keep this consideration on track.

6. Tool Box Talks.

The number 1 proven terrorism & violent crime mitigation strategy is staff situational awareness. Use 2 to 5-minute toolbox talks, these work best at the start of a shift, delivered by a team leader, supervisor or management. It’s good practice to have a set of short briefs on Cue-cards, a white board or flip chart.  

7. Periods of Chaos.

If an attack happens, there will be a period of No Control and Chaos. Only individual actions by staff will be possible, it’s during this period that the subjects covered previously becomes critical information and effective action takes place.  The approach is called Mission Command and a tried and tested life saver.

8. Rapid Risk Communication.

Communication systems are a high priority and a Must Have.  Verbal communications is the number one method using radios, PA Systems, and face to face.


Minimal Extra Costs Involved

Summary:

9. Effective Information.

All the above is readily achievable, the costs are minimal, and it’s all about arming all personnel with useful information and businesses implementing a policy to educate staff and maintain awareness.  The unified approach builds personnel & business resilience with the added value of mitigating other forms of workplace violence and assisting Government initiatives to create safe spaces for people and businesses to operate. 

10. Mind Set.

Think about changing your approach and use the Phrase Hybrid Attack Mitigation, Terrorism is just one form of a critical event, violent crime is a serious concern within the UK and incidents are happening affecting all parts of society.  By applying the above approach to modern threats of terrorism and violent crime, a business can improve its detection and response capabilities, and save lives.

11. Policy Escalation Option

A good option for large companies with thousands of staff and multiple sites, or stand-alone facilities with footfall in the thousands, can develop a policy that escalates with the UK Government Threat Levels. An example CT policy escalation chart can be viewed from this link

Mildot delivers private sector Counter-Terrorism courses and also provide consultancy options:

Business Solutions for Management, Security and Safety personnel.

Situational Awareness for Counter Terrorism & Violent Crime delivered to all staff. 

Published Sep 2018. Revision 3.  Oct 2020

See below security advisories to assist business

TELEPHONE

Call our team of security experts.

call now

CONTACT US

Feel free to email any enquiries.

email us

OPPORTUNITIES

Complete our online application form.

application