Counter Terrorism Strategy

Preventative measures in business

There is nothing new about terrorism. Extremists have used terror for centuries to get their way. The present threat to the UK and most of the world is by Al Qaeda core, associated or affiliated groupings and of course the lone terrorist. This threat is not going to go away soon and it is very real. Terrorism as against other crimes can totally change the way we live our lives, the impact is not only dramatic but also devastating. Recent attacks on crowded places show that this attack method is currently at the top of the terrorists targeting.

The flexible and adaptable nature of terrorist groups throughout the years means, however, that we must not only look backwards at previous attacks. Those seeking to disrupt, reorder or destroy the status quo have continuously sought new and creative ways to achieve their goals. Changes in the tactics and techniques of terrorists have been significant, far better that we attempt to be ahead of the game and have thought through any new attack method so that we can put defensive measures in place before we are targeted.

Best practice advice
At the National Counter Terrorism Security Office (NaCTSO) our role amongst other things is to reduce the vulnerability of crowded places in the UK. To effectively target harden those sites that the potential terrorist may decide to attack, thereby reducing the likelihood of an attack and reducing the consequences should an attack take place.

Obviously, as a team based in London with a national remit we have had to find a means of delivering best practice advice to as many businesses as possible. To achieve this we delegate tasks to a team of Counter Terrorism Security Advisers (CTSA) who work within every police force in the UK. They are trained and tasked by NaCTSO to deliver national projects locally within police force areas. This is a very effective way of getting advice from the centre to all business wherever they are in the UK and now more and more across the world.

Police and Security Services cannot be expected to do everything. It is essential that the business community understand the issue and their own vulnerability before they can even begin to protect themselves. When first alerted to the potential of a terrorist attack on them, members of the business community can shrug their shoulders and state that it is a matter for the police, fire brigade and ambulance service. Unfortunately, whilst all three emergency services will play a major part, businesses themselves not only have a responsibility but an obligation to their staff and customers to protect themselves and to have plans in place to manage such a situation.

Reducing vulnerability
The good news is that business can do much to reduce their vulnerability to a terrorist attack. Some of which may involve capitol projects such as changing glazing or attaching protective film. This will have the effect of seriously reducing injury in the event of an explosion, as 9 out of 10 injuries in an explosion are caused by flying glass.

It will also help to prevent the devastation of the workplace. If protection is not in place millions of glass fragments could penetrate into the building and make almost everything inside – including all computers, printers and carpets – unusable.

Other reductions in vulnerability can be attained with little or no cost. Staff awareness is provided free by NaCTSO and CTSA’s and often changes in working practice can make a huge difference. For example a clear desk policy promotes IT security. Ensuring that premises have good housekeeping systems in place mean that any search of the premises for suspicious items will be made easier. There are many other changes to working practice that make a business much more likely to survive an attack, such as business continuity plans, evacuation tests and a crisis management plan.

Multiple attacks
The current attack method is to use multiple and coordinated attacks to cause mass casualties. This in itself brings into focus what we advise the public to do in the minutes, hours and days after an attack. Taking this as an example, we know that terrorists have consistently used an attack method where they set off one explosion in order to move potential victims to a larger bomb. From the terrorists perspective this not only increases the death toll but also increases the fear value associated with the attack. Almost all the attacks outside of Iraq and Afghanistan are examples of this, including Bali where a small device was exploded inside the nightclub to move victims out into the large car bomb outside causing catastrophic loss of life.

Flying glass
We also know that in an urban area flying glass has caused the majority of deaths and injuries in a bomb blast. Therefore we must challenge the practice of automatic evacuation. It may be much more appropriate if a bomb attack happens in the street outside that the occupants take shelter in an already designated protected space or bomb shelter, if possible within the building (invacuation). Automatic evacuation could mean taking those who are in the relative safety of a building out into a highly dangerous environment of secondary fragmentation and falling glass and of course possibly into another explosion.

Of course we must be careful not to advise invacuation as the automatic response, especially if the building is on fire or in danger of collapse. In those circumstances evacuation is the obvious answer, however those in key areas within business must be aware of the potential consequences of each option so that they can make an informed decision.

Awareness programmes
So what are we at NaCTSO doing to get these messages across? Well not only do we give bespoke surveys and recommendations to major sites across the UK, we have also devised a series of training/awareness programmes for business sectors.

Under the banner name of Project ARGUS we have rolled out bespoke training for shopping centres, hotels, universities and colleges, Ports, The Night Time Economy and The Health service. We have also devised a bespoke product for architects, developers, town and city managers. We have called it Project ARGUS (Professional) as it is aimed specifically at professionals in the built environment.

We developed this product with the help of the Royal Institute of British Architects (RIBA). It is comprised of a three-hour multi-media simulation of a terrorist attack. Examining the role architects, planners and developers can play in helping to protect communities against attack using their professional skills and knowledge. These simulations will be facilitated by CTSAs and run with RIBA support.

Those who attend the course will receive CPD points through the RIBA CPD programme. This work has come about as a result of the Lord West review of the protection of crowded places from terrorist attack.

Vital role
One of the key points to emerge from the review is that architects have a vital role to play in the design of the built environment and in particular, those buildings and developments that may be attractive to terrorists. But perhaps they have not had the opportunity to engage with counter-terrorism professionals and explore some the issues and ways in which they can help to keep communities safe.

The simulation involves both video and audio clips looking at an attack on a imaginary building development which is also a crowded place. The attendees are taken through a series of exercises to explore the issues of building design, glazing the use of materials and the design of space. This project is designed to raise their awareness around CT issues and inform them of the latest thinking in this area.

This initiative is supported by the President of RIBA, Surand Prasad and focuses on the role that architects can play in helping the protect communities from terrorist attack through the use of better design and sensitivity around the use of appropriate materials and building design. The aim of this project as well as other projects from the ARGUS family is to inform those who may be the likely targets i.e. working in a crowded place that they can do something not only when an attack has happened as well as help to prevent an attack in the first place.

Protective measures
Giving business the knowledge as to how terrorists reconnoitre an attack location will hopefully encourage that business to put in place good protective security measures. Good enough to either dissuade potential terrorist or help identify and catch him or her before they have the opportunity to commit mass murder.

There is no doubt that the process of building CT security into our buildings and developments will take a long time to complete, however, there are many things that can be done quickly and cheaply to reduce vulnerability. Simple things like putting protective film on glazing will provide at least an improved level of protection against glass fragmentation. This will save lives if a bomb explodes nearby.

Sometimes there is a very low cost to reducing vulnerabilities. Training staff in what to do in the event of an attack, which NaCTSO and local CTSAs offer to business free of charge, has major benefits in saving life and in the longer term making sure the business survives and gets back into business as soon as possible after an attack. Remember an attack can impact on business even though they were not the intended target.

Latest off the production line in tools to assist business is the Vulnerability Self Assessment Tool (VSAT). Developed in partnership with leading businesses across the UK, it will assist owners, operators or those responsible for the security of crowded places to determine their vulnerability to terrorist attack.

Getting the message further & wider
Understanding that we wanted to get the counter terrorism protective security message further and wider we developed a tool whereby any business in the crowded places environment will be able to self assess their vulnerability and then be helped to understand how they can reduce them. Many of these crowded places consist of small to medium enterprises, SMEs that may not have necessarily considered themselves as at any form of risk of suffering a terrorist attack.

CTSAs will be registering users and you may receive an e-mail inviting them to complete the assessment or alternatively they can register by contacting their local CTSA. Guidance on how to register can be found on the main NaCTSO website, www.nactso.gov.uk. In the case of business with large numbers of sites then user accounts can be created centrally by NaCTSO.

Completing the vulnerability self assessment of 33 questions will take up very little time and will provide owners, operators or management with an understanding of what they need to put in place to reduce their vulnerability to terrorist attack. Furthermore, the self assessment process will signpost the owner, operator or manager to the appropriate measures to reduce their vulnerability. It will also provide a commercially sensitive report of recommendations, which will only be available to the individual user; this has been done to protect the business interest of the location. The overall assessment result will be displayed without showing numerical values but will assist you in prioritising where you may need to make improvements. Following the initial launch users will be able to view a business sector base line to see how their assessments fair compared with other assessments within the UK.

Options
The VSAT will offer a number of options for the user as a result of their completed vulnerability assessment. These may include the use of a comprehensive Business Continuity Management (BCM) template or a CTSA delivered Project ARGUS or GRIFFIN training event. Each question will provide a means for the user to seek further guidance by way of “sign posting”. The options will encourage owners/operators to review their working and recruiting practices, risk management or site evacuation and invacuation procedures. Users will also be able to access the latest advice via the main NaCTSO website blog.

The Vulnerability Self Assessment Tool will provide a means to communicate nationally with the crowded places sectors and encourage communication locally between your business and the extensive network of Counter Terrorism Security Advisers throughout the UK. Most importantly, completing the VSAT will identify and promote reductions in your vulnerability and help protect our communities.

When the business community have been informed of the threat and the impact it could have to their people and business, and it is explained why it is important to have security measures, business continuity and response plans in place, then I have found them not only to be tremendously supportive but also very willing to deal with the issues and reduce their risks.

There is much that can be done and indeed is being done in the UK to reduce our vulnerability. By working together the private and public sections of our society can make the UK a very hostile and difficult place for terrorists to operate.