While terrorist incidents worldwide have fallen from their peak in 2016, active assailant attacks, including active shooter incidents, remain a significant threat in advanced economies — and fatalities are increasing, according to recent reports by the FBI and Europol, as well as data from the U.S. Department of Homeland Security (DHS).
National employment laws include legislation emphasizing the duty of care organizations are required to provide toward employees, customers and other intimate stakeholders. With an increasing frequency and awareness of active assailant incidents there is a strong case that, given the evidence and advice available, failure to take reasonable measures to prevent or prepare for such threats could be considered negligent.
A common definition of an active assailant event is that of a person or persons who use a form of weapon to inflict serious harm or deadly physical force in a public space, and continues to do so while they have access to further victims. Examples of active assailant attacks include active-shooters shooting sprees, mass stabbings, vehicles-as-a-weapon, fire-as-a-weapon, improvised explosive devices or a combination of these.
While active assailants’ primary motivations may vary, they tend to share a number of characteristics:
- Attacks occur in locations with generally unrestricted public access and where there are high population densities.
- The selection criteria of the target area can be associated with particular historical, political, religious or social connotations, or are locations with strong personal connections to the assailant(s), such as a school or place of work.
- Assailants tend to favor locations with limited defensive measures and egress routes.
- Attacks typically last less than thirty minutes; with many terminated in less than half that time.
Preparation is the key to building organizational resilience and can mitigate the risk of an active assailant. Three elements that should be considered in preparing an organization are:
- Threat and vulnerability assessments: Consider the risks to people, property, operations and reputation. The assessments should include issues specific to your organization’s sector and location. In assessing the threat, consider the attractiveness of the location as a target and whether there have been specific threats at the location. The vulnerability assessment would consider a combination of the attractiveness of the site as a target as well as the level of deterrence or defense provided by the existing security measures, providing an idea of the potential impact.
- Policies and procedures: Develop strategic and operational processes to mitigate the risks identified and ensure they are integrated within existing business resilience plans and supported by awareness and training. Recommendations on the physical security to ensure the minimum standard countermeasures for each location should be reviewed and implemented where appropriate.
- Crisis response preparation: There is significant government and commercial support to assist organizations to develop appropriate and effective crisis response measures. The U.S. Department for Homeland Security has a comprehensive online support program, including the Run – Hide – Fight guidance. Other countries also offer support and guidance materials on emergency preparedness and communication guides.
The immediate aftermath of an active assailant attack will be fear, horror and confusion. Of immediate priority is the protection and preservation of life. The immediate recovery process, which begins after an incident concludes, is to re-establish safety and mitigate the physical, psychological and emotional impact of the incident.
If the attack occurred on your property, it will be considered a crime scene and police may put in cordons and prevent access. The long-term recovery process begins once law enforcement has cleared the area. Organizations should consider what is required to help employees return to normalcy and the business to its normal operations. Staff may be traumatized by the events and may require medical or psychological support. Depending on the nature of the business and the circumstances of the attack, you may also have to consider alternative work sites.
Even if your organization is outside the immediate attack location, wider police measures may still restrict access. Also, the collective impression of the public may mean the area suffers from a loss of attraction, with employees, visitors and customers choosing to stay away. Particularly horrific incidents may result in a demand for whole buildings to be removed. In all eventualities, organizations will require effective communication and planning. Customers and other stakeholders need to be informed of the organization’s intentions and plans to continue to operate.
Understand your insurance coverage
Risk transfer products are available for organizations to assist in the response and recovery, including specialist crisis response and communication support. Organizations should speak to their insurance brokers to ensure they have a clear understanding of where any mandatory workers’ compensation, employers liability, property “all risks”, or terrorism cover ends and where a specific active assailant insurance coverage can fill the gap.
Along with the measures to understand and manage the risk, appropriate insurance arrangements can support organizational response and recovery, further enhancing resilience.