27 minute read
PERSPECTIVES By VERVILLE
It’s Never Personal; It’s Business.
By Claude R. Verville, LPC
Verville is the former vice president of loss prevention, safety, and hazmat at Lowe’s. He joined the company in 1993 and was promoted to VP in 1998. Verville started his LP career in California at Robinsons-May, a subsidiary of The May Company, where he worked thirteen years leaving as director of investigations. He has been a leading voice in the LP industry as a member of the Loss Prevention Foundation board of directors, LP Magazine editorial board, and the Retail Industry Leaders Association steering committee. He can be reached at ClaudeV@LPportal.com.
I’m pretty sure most if not all our readers have heard this line on many occasions during their careers. Whether you are a loss prevention professional at the store, district, region, or corporate level, you have likely been on the receiving end of this phrase.
As a recipient of this phrase over the years, I was fairly certain on some occasions that the issues and decisions being made had in fact been determined based on individuals’ personal opinions and experiences and often with limited exposure to my team’s winning formula. Even more troubling was when successful performance was not a key element in the decisions. As I heard on some occasions, “Claude, this is not about your team’s failure to perform to the established objectives; this is strictly a business decision.” Oh, okay then. In particular, a negative situation where not all perspectives had been solicited—which I realized was not always a requirement when tough business decisions had to be made—just made accepting the news and the subsequent outcome that much less palpable for me to digest.
I will never forget one experience I had in my early years as a vice president of LP and safety. During a weekly executive store operations meeting, I was advised of a decision that required me to eliminate approximately fifty district-level LP and safety manager positions—one-third of my field district staff—within the next thirty days. As is often the case at the corporate level, I was not aware of or briefed on this decision prior to this weekly staff meeting. As anyone can imagine, I was less than enthusiastic, joyful, and supportive when all eyes turned toward me to gauge my response. As I sat in shock and thought about the personal impact this was going to have on these highly productive, committed, loyal employees, the next topic of conversation quickly turned to how many vehicles would be given out at our upcoming national sales meeting. One of the suggestions was to increase the number of vehicles. I, without much forethought, blurted out, “Maybe we give away a few less vehicles instead of reducing my field staff by 33 percent.”
Later that evening, I received a heads-up call from one of the executives who had been in the meeting, who happened to be a huge supporter of my team. This executive understood my frustration and took the time to explain to me the importance of always remaining composed during such moments. He then informed me just how upset the lead executive was at my response and advised me to call the lead executive and apologize before more time elapsed to avoid any further consequences. I took his advice and contacted the lead executive. Do you want to guess what line was bestowed upon me? You guessed it—“Claude, it’s never personal; it’s business.”
Recognizing your Supporters and understanding your Adversaries
Years later, I was told in confidence how close I actually came to being a former employee—one of my many encounters with near death, so to speak. The moral of this story: even if you suspect that it is indeed personal, don’t go there like I did. Stay calm, internalize your feelings, and keep in mind there is much at stake, both short term and long term. Everyone at every level—store, field, and corporate—will have supporters and detractors. And it is critical that we learn how and when to leverage the supporters while coming to terms with what we must do to change the attitudes and perspectives of our detractors.
I have absolutely no doubt that all people from all walks of life sometimes simply cannot forget, forgive, or let go of encounters that may have occurred years earlier. As a result, they will continually paint you and your team with the same negative brush, whether you are present or absent in the conversation. This of course becomes detrimental for
you and your team as it relates to driving the department’s performance objectives. I also believe my personal growth over the years evolved well past what I will call the “justification syndrome.” Let’s be honest and keep it real here for a moment. At some point throughout our careers, we have all felt the burden of being viewed as strictly a sales support group and possibly by some companies as merely a necessary evil, where we constantly felt the pressure to deliver strong business results in order to justify the need to keep us around. I’ve even heard of some companies that use as harsh a term as “sales prevention” when describing their AP/LP departments. I mean, no one has ever second-guessed the necessity of having a merchandising department, IT, legal, finance, or store operations. Heck, even the need to staff an internal audit team is never in question. But LP/AP has always fallen deep in the batting order for many companies—that is until they establish themselves and are fully integrated with the entire enterprise strategy along with consistently delivering strong and favorable results.
I believe there were times where my level of sensitivity might have been a bit elevated. This sensitivity was a result of working extremely hard to establish my team’s credibility and value to the organization while also fully aware of the low-value perspective held by some key individuals, again at every level I ever worked from store managers, assistant managers, district managers, and corporate personnel.
The Right Attitude and Approach
The most effective way to turn a detractor into a potential supporter is first to change our attitudes and behaviors.
The great Earl Nightingale said that people give us back reflections of our own attitudes. So if we desire a positive business relationship, it must begin with us! There were many instances where I encountered a pre-conceived negative perception of what benefits the company derived from the loss prevention and safety team and how our efforts contributed to the success of the company. I learned some tough lessons over the years. The most important one was that every morning, I had to make a conscious decision either to awake with a grateful, appreciative heart and mindset with high expectations for progress and success or to allow a negative thought or encounter to influence and dominate my day.
I learned that when presenting to a large group of cross-functional teams, remain focused and deliver the message to the 85 to 90 percent of the room that believe in and support LP programs, rather than trying to target the 10 to 15 percent of the detractors who are amazingly consistent in trying to identify defects or obstacles.
My next article will be a continuation on the all-important topic of building strong cross-functional business partnerships at all levels. If you have a personal story you would like to share about an occasion where you reacted impulsively when confronted with a difficult situation and what you learned from your experience, please feel free to share. I may include it in an upcoming segment.
ELEVATE YOUR CASH HANDLING CAPABILITIES
The NEW Ascent cash management solutions provide retailers with world-class reliability and future-ready technology.
IN ADDITION TO VALIDATING AND SECURING CASH DEPOSITS, ASCENT DELIVERS:
• Expandability to meet all bill and coin cash handling needs with devices that can be linked or stand alone • Robust feature set with device level control of configuration management, cash handling transactions and reporting • Unparalleled quality with remote serviceability to keep cash flow and operations running smoothly
STOP BY AND SEE US AT NRF PROTECT, BOOTH #1618
To start optimizing your cash handling activities across your entire organization
today, call (800) 342-3033 ext. 3001 or email info@fireking.com.
An FKI Security Group Company
READyINg RETAIL FoR TERRoRIsm’s NEw BATTLEgRouND
“Everything changed after 9/11” was a frequently heard refrain—from the president and other politicians and in law enforcement and private security circles. The same may, in time, be said of the Paris attacks in November. Targets included restaurants and bars and seemed to cement a disturbing trend: public spaces and private businesses have become the battleground of choice for international terrorists. While symbolism surely still matters, a preference has emerged for attacking vulnerable locations that can yield a high casualty count as opposed to well-fortified sites. When the goal is simply to spill as much blood as possible, private businesses, including retailers, are more likely to be attacked than government facilities.
Shopping centers and other hard-to-defend commercial places—such as large restaurants, department stores, and supermarkets—have occasionally been the subjects of alerts from the Department of Homeland Security (DHS) and in congressional testimony from government officials. Terrorists themselves have said they’re targets. Al-Shabab, the Somali terror group behind the days-long attack in 2013 on a Westgate mall in Kenya that left more than sixty dead, issued a video in 2015 threatening to attack shopping malls in the US, Canada, and England.
It has started to take a toll. In a recent research note, Jeffries financial analysts identified the Paris attacks as a contributing cause to soft sales at Tiffany’s. Starbucks closed all its stores in Belgium after the recent attacks there, as did Domino’s. And while most Americans feel safe while shopping, 18 percent said they don’t always feel secure in a store or mall, according to a survey conducted by consumer insight and consulting firm C4 post-San Bernardino.
The rise of the Islamic State (IS) group is increasing the risk, according to a new report by the House Committee on Homeland Security (Terrorism Gone Viral, March 2016). IS has been linked to at least seventy-five terrorism plots against Western countries with the US as its main target. IS-related plots more than doubled between 2014 and 2015 from nineteen to forty-eight, according to the study. “ISIS has reached an unprecedented level of terror plotting against the United States and our allies,” said US House of Representatives Homeland Security Committee Chairman Michael McCaul (R-TX). “The group’s focus on ‘do-it-yourself’ jihad has allowed them to franchise their attacks worldwide, achieving a tempo of violence that has surpassed even al-Qaeda’s most violent years.”
Bob Moraca, CPP, CFE, MBA, the National Retail Federation’s vice president of loss prevention, promises that retailers recognize the risk, as well as “their unique responsibility” in preparing for threats and emergencies. “Retailers will remain vigilant and proactive as they work with each other and domestic and international
law enforcement agencies to bolster their security preparations after events like what took place in Brussels,” said Moraca. Vigilant—but undoubtedly still vulnerable, said one Northeast retailer responding to a survey by Security Director’s Report (SDR). “Retail stores are tempting targets because people congregate there and there’s essentially no security. Can you imagine a suicide bomber exploding in a crowd during a grand opening or Christmas rush?” Indeed, there is some suggestion that the retail industry—perhaps because of its extreme vulnerability and a lack of clarity on how to address it—has not always been aggressive in response to the terrorist threat. For example, a majority of retail industry chief financial officers in a survey by Financial Executives International after 9/11 said they were not changing security as a result of the attacks. Some 63.8 percent of retailers would keep security “as is,” they said. By comparison, only Bob Moraca 41 percent of communication companies said the same. Retail also lags behind general industry in conducting terrorism risk assessments (see chart on page 48). The low-likelihood but high-cost of a
while symbolism surely still matters, a preference has emerged for attacking vulnerable locations that can yield a high casualty count as opposed to well-fortified sites. when the goal is simply to spill as much blood as possible, private businesses, including retailers, are more likely to be attacked than government facilities.
terrorist event has made—and continues to make—retail terrorism protection a risk-management conundrum.
For some potential targets action is clearly necessary (see case study on page 50), but for many it remains unclear what, if anything, they should do. Some businesses in select industries have been forced to comply with new security regulations, but retailers don’t operate under a specific mandate for action—no minimum standard to achieve. Brian Jenkins, a terrorism expert and one of the most interviewed sources on the subject, noted to SDR that terrorism defies risk models that security professionals are comfortable using. He asked, “How much security is enough? What is the optimum allocation of security dollars? What is the best combination of risk avoidance, insurance, security, and response preparedness?” And he added, “These are tough questions.”
Maximizing Value from Anti-terrorism Measures
Risk assessment is the most assured way to minimize costs as it focuses anti-terrorism where it’s most needed. Risk assessments serve as the foundation to mitigation and prevention, which makes it critical that they be accurate, detailed, and frequently updated. They should encompass external factors—country and city terror risk ratings, average emergency response times, the government’s capacity to disrupt terror plots—as well as store-specific factors, such as its proximity to high-value targets, standoff, and foot traffic. “More than likely, a terrorist isn’t going to target a Staples in Peoria or a Starbucks in Austin. They will probably target a mall in a major metro region or a high-profile store like Tiffany’s and Macy’s
Annual Terrorism Vulnerability/Risk Assessment by Industry Vehicle-Borne Improvised Explosive Device Risk Assessment by Industry
Retail Sales 41.2%
Other Industries 69.5%
In the last twelve months, the organization has conducted an assessment of the potential impact of the threat of terrorism on assets, operations, people, and value.
Retail Sales 17.6%
Other Industries 48.1%
In the last twelve months, the organization has conducted an assessment to review the vulnerability of primary buildings/headquarters to high-speed vehicle approaches and potential blast damage in light of standoff from the nearest publicly accessible area or parking space.
Source: Controller’s Guide to Corporate Security: Best Practices in Oversight, Funding, Performance Measurement, and Protection, SDR, 2012
in New York City,” said Ronald Margulis, a retail consultant and managing director of RAM Communications. (And even that is less true than it used to be.)
A robust intelligence pipeline will keep security levels properly aligned with the threat (and prevent overspending out of fear). Loss prevention executives have a responsibility to stay effectively plugged into the threat-communication network, such as through a local joint terrorism task force and via contact with industry counterparts and law enforcement, so as to receive early warnings in time to take appropriate (not excessive) countermeasures.
Aiming security at the most likely attack scenario also helps to minimize terrorism prevention spending. But what is it? In a follow-up survey to SDR’s Corporate Anti-terrorism Benchmarks report, retailers said the most likely incident to impact them was the same in 2012 as back in 2006: disruption of a major event. They think the most likely attack method on a retail store is a knapsack suicide bomber or a shooter.
But how—without breaking the bank or disrupting business—can retail locations protect against a suicide attack? Staff already drawing a paycheck may provide the best opportunity.
A suicide bomber is unlikely to blend seamlessly with the crowd and may exhibit “multiple anomalies,” according to training guidance by the International Association of Chiefs of Police. Prevention may hinge on including suicide bomber awareness and response in loss prevention agents’ training and insisting that contract guards have such training.
Consultant Arik Arad, former head of shopping-center security in Israel, said the best way to stop or preempt an attack is to make “soft contact” by walking up to a suspect and asking, “Can I help you?” He said it’s often enough to force a bomber to abandon his plan and that foiling suicide bombers is about training, not guns.
Spotting indicators of terrorist planning is another key topic in counterterrorism training. Since 9/11, the preparatory conduct of terrorists has been the subject of significant study. A terrorist might loiter for weeks near a target to observe entry points and security measures, perhaps by posing as a panhandler or flower vendor. According to one study, excluding outliers, the average preparatory behavior phase for a terrorist attack is fifty-four days (Pre-Incident Indicators of Terrorist Incidents: The Identification of Behavioral, Geographic, and Temporal Patterns of Preparatory Conduct, Dept. of Justice). Security officers know to keep an eye out for anything suspicious—it’s at the core of their job—but refresher training should outline and emphasize the range of behaviors and specific activities that demand reporting (see “Counterterrorism Training Points” on page 50).
Simultaneously, loss prevention teams might assess if their suspicious activity reporting processes need refinement. A security camera might catch someone peeking in the store window after hours. A sales associate might tell an agent that a strange guy was hanging around the store all day. But then what? Corporate security teams need to examine their processes for encouraging reporting of suspicious activity; getting those reports into a written, trackable form; identifying patterns of clusters of pre-incident indicators; and delivering relevant information back to people in the field.
Finally, focusing on security strategies that serve a dual purpose can enhance terrorism prevention while mitigating its expense. For example, many of the same security strategies that reduce shoplifting and parking lot assaults can reduce the likelihood of a successful terrorist attack.
Possible Store-Level Solutions
■ Improve coordination with others with whom you share a responsibility for security. In the aftermath of a scare at
IKEA, in which explosives were found inside two IKEA stores, Sears said it had “stepped up its relationship with mall security.” Forging closer ties is an important prevention tool for all types of crime. ■ Use bike patrols, marked security vehicles, or parking lot attendants to control large parking areas. These measures could push a car bomber to a softer target. It can also keep fire zones clear of parked cars, improve shoppers’ experience by improving the flow of traffic, prevent car break-ins, and limit parking garage or parking lot assaults—the top location for
incidents resulting in negligent security lawsuits. Outside patrols also expand the detection perimeter, which is the best way to identify and intercept a suicide bomber before the store’s front door. ■ Use vehicle-halting planters or concrete bollards to prevent trucks or cars from getting too close. In addition to limiting damage from a truck bomb, such devices can reduce pedestrian-vehicle accidents. ■ Tighten parking controls. Simon
Property Group, which owns or has an interest in 325 malls or shopping centers nationwide, instituted a ban on overnight parking in response to the terrorism threat. Such a policy may also prevent after-hours crime. ■ Enforce access restrictions. Controlling access to restricted areas within stores can prevent theft as well as prevent a terrorist from gaining access to a store’s heating and air-conditioning system where there is the potential for introducing poisonous gases. ■ Place uniform guards in plain sight.
Visible security on patrols in shopping areas was once bad for business, but perhaps not any more, say experts.
Bringing officers out into the open helps them control crowds and keep a closer eye on shopping-area crime, as well as giving a potential target-seeking terrorist pause. Jenkins suggests supplementing visible security with plainclothes agents. “Their presence,
occasionally publicized through arrests, greatly increases uncertainty on the part of would-be bombers.” ■ Get employees to be on the lookout for individuals leaving behind packages.
Such security awareness may help foil a terrorist bomb plot, but will more likely engender customer goodwill and save money. (Although there’s no need to isolate an area for a suspicious package.) ■ Let law enforcement review your evacuation plan for a special event to help save lives in the rare event of a terrorist strike. It can also help protect individuals in more likely crises: power failures, earthquakes, or weather events. ■ Employ visible video surveillance and enforce routine camera inspection
COuNTERTERRORISM TRAINING POINTS
Possible indicators of a suicide bomber:
■ wearing inappropriately heavy clothing. ■ An unusual gait, especially a robotic walk. ■ Tunnel vision or fixated gaze. ■ Irritability, sweating, tics, nervous behavior. ■ Appearance of being drugged. ■ Clutching bags or backpacks. ■ Briefcase, duffel bag, or backpack with protrusions or visible wires. ■ A fresh shave and lighter skin on lower face. ■ Tightly gripping something in his or her pocket. ■ Unwilling to make eye contact. ■ Smell of fragrant soap or rosewater. ■ Repeatedly circling or pacing in front of a venue. ■ Mumbling prayers. ■ Repeatedly checking a watch or cell phone. ■ Fertilizer or petrochemical smell.
Possible indicators of terrorist operational and logistical planning:
■ Unusual or prolonged interest in security measures, personnel, entry points, access controls, or perimeter barriers such as fences or walls. ■ Unusual behavior such as staring or quickly looking away from personnel or vehicles entering or leaving designated facilities or parking areas. ■ Observation of security reaction, drills, or procedures. ■ Increase in anonymous telephone or e-mail threats in conjunction with suspected surveillance incidents, which may indicate surveillance of threat reaction procedures. ■ Foot surveillance that appears to involve two or three individuals working together. ■ Mobile surveillance using bicycles, scooters, motorcycles, cars, trucks, sport utility vehicles, limousines, boats, or small aircraft. ■ Prolonged static surveillance using operatives disguised as panhandlers, shoe shiners, food or flower vendors,
newspaper or magazine vendors, or street sweepers not previously seen in the area. ■ Discreet use of cameras, video recorders, or note taking at non-tourist locations. ■ Attempts to gain sensitive information regarding key facilities or personnel through personal contact or by telephone, mail, or e-mail. ■ Attempts to penetrate or test physical security and response procedures. ■ Suspicious or improper attempts to acquire uniforms, badges, access cards, or identification. ■ Presence of individuals who do not appear to belong in the establishment or near a key facility. ■ Behavior that appears to denote planning for terrorist activity, such as mapping out routes, playing out scenarios, and timing traffic flow.
Source: International Association of Chiefs of Police, Department of Justice, Department of Homeland Security, and other sources.
schedules. CCTV is a vital tool to prevent many types of crime, and in plots in which an escape is planned, terrorists do seem to avoid security video. “One jihadist manual advised would-be terrorists to avoid train stations with
CCTV cameras, which suggests that the cameras have some deterrent value,” a recent report concluded (Carnage
Interrupted: An Analysis of Fifteen
Terrorist Plots Against Public Surface
Transportation, Brian Jenkins and Joseph
Trella, Mineta Transportation Institute,
April 2012). ■ Employ store greeters to spook or spot suspicious persons as well as enhance customer service. ■ Review shipping and receiving security.
Pre-schedule loading dock deliveries,
make trucks subject to search, accept deliveries at the side of the store instead of underneath it, insist on identification, and use cameras to record delivery areas. Stricter access controls in sensitive areas such as delivery zones and loading docks reduce the risk of a catastrophic terrorist event while curbing theft during shipping and receiving. ■ Plan and practice for going on high alert.
Confusion and unnecessary spending go hand in hand, so preparing for coordinated attacks on several targets in different locations (a multiple dispersed attack) could help check costs. For example, if a suicide bomber attacks a retail strip in Las Vegas, retailers elsewhere might mobilize security staff to conduct security checks at entrances, check delivery drivers’ IDs, inspect truck trailers, and conduct spot checks of customers’ bags. Ask yourself these questions: Would we immediately learn of an attack? Would we be able to quickly make a decision about procedures to implement? Could we efficiently communicate the alert to every store location that needs to know? Are those store units prepared to quickly implement our high-alert security procedures?
Case Study: What Can you Take from Israeli-Style Security?
The Mall of America is big—520 stores, eight acres of skylights, and 42 million annual visitors big. With the
public encouraged to enter through any of its twenty-four entrances and shop at its 4.3 miles of total storefront footage and as a symbol of America’s consumer culture, it is a stereotypical terrorist target. It faces all the risk of a retail location—multiplied.
So on what does the Mall of America (MOA) rely for protection? A lot of it derives not from the latest technology but from the sharp eyes and quick intervention and interviewing skills of the officers in its Risk Assessment and Mitigation (RAM) unit. “We didn’t want all the facial recognition and metal detectors that the mall wanted to buy us after 9/11,” said Doug Reynolds, director of security. Instead, the security team looked to a model of counterterrorism used to protect Ben Gurion Airport in Israel that centers on behavior detection and assessment (BDA). Naturally, the MOA uses the typical layered security approach to prevent crime, but it’s behavior detection that is central to its effort to minimize the damage and potential for a terrorist attack. The mall’s RAM officers spot anomalous behavior and quickly move in to interview subjects.
Within the timeline of a typical attack, there are just a few chances for a target’s security team to intervene: (1) when attackers conduct surveillance of the target; (2) when they conduct a rehearsal of the attack; and (3) during the actual execution. It is within these small windows that RAM officers have an opportunity to thwart a potentially deadly incident. “There is no possible way, operationally, that you can racially profile—there are too many motives, too many types of individuals,” said Michael Rozin, president of Rozin Security Consulting LLC, who helped the MOA set up its behavior detection program. Instead,
RAM officers focus on detecting intent—one thing that all attackers have in common. How do RAM officers detect intent? It starts by understanding the normal, legitimate behavior that exists within each area of the mall. (Normal behavior in the amusement park differs from that in shopping areas, for example.) It’s up to RAM officers—in the fifteen or so seconds they usually have—to notice individuals exhibiting atypical behavior, whether in their body language, what they are carrying, or their attire. If something seems amiss, RAM officers—skilled in Doug Reynolds security interviewing—talk to the individual to probe the situation and determine if a legitimate threat exists. Case in point: On January 29, 2011, RAM officers noticed an individual exhibiting atypical behavior at a Government on Display event, including frequent touching of various body parts and other signs of nervousness. He also appeared to be carrying a concealed item. A RAM officer approached, and the suspect
Michael Rozin
Proactive Protection with Exclusive Industry Intel
APPAREL | ATHLETIC GOODS AND APPAREL | AUTO PARTS/ACCESSORIES | BOOKS/MAGAZINES/ MUSIC | CONVENIENCE STORES | CHILDREN’S MERCHANDISE | DEPARTMENT STORE | CAP Has Your Back. DISCOUNT MERCHANDISE | DRUGSTORE/PHARMACY | ELECTRONICS/COMPUTERS/APPLIANCES | ENTERTAINMENT/MEDIA/GAMES | FOOTWEAR | HOME CENTER/HARDWARE/GARDEN | JEWELRY/ FREE CRIMECAST® Industry Benchmark Analysis (CIBA) for Your Retail Segment ACCESSORIES/EYEWEAR | LIQUOR/BEER/WINE | OFFICE SUPPLIES/STATIONERY | PET/ANIMAL A CIBA provides a convenient SUPPLIES | SPORTING GOOD | SUPERMARKET/GROCERY | TOYS/GAMES | APPAREL | ATHLETIC benchmark for comparing your GOODS AND APPAREL | AUTO PARTS/ACCESSORIES | BOOKS/MAGAZINES/MUSIC | CONVENIENCE crime risks to industry averages. STORES | CHILDREN’S MERCHANDISE | DEPARTMENT STORE | DISCOUNT MERCHANDISE | Download at capindex.com/compare DRUGSTORE/PHARMACY | ELECTRONICS/COMPUTERS/APPLIANCES | ENTERTAINMENT/MEDIA/ GAMES | FOOTWEAR | HOME CENTER/HARDWARE/GARDEN | JEWELRY/ACCESSORIES/EYEWEAR | LIQUOR/BEER/WINE | OFFICE SUPPLIES/STATIONERY | PET/ANIMAL SUPPLIES | SPORTING GOOD | SUPERMARKET/GROCERY | TOYS/GAMES | APPAREL | ATHLETIC GOODS AND APPAREL | AUTO PARTS/ ACCESSORIES | BOOKS/MAGAZINES/MUSIC | CONVENIENCE STORES | CHILDREN’S MERCHANDISE OUTSMART CRIME | DEPARTMENT STORE | DISCOUNT MERCHANDISE | DRUGSTORE/PHARMACY | ELECTRONICS/ COMPUTERS/APPLIANCES | ENTERTAINMENT/MEDIA/GAMES | FOOTWEAR | HOME CENTER/
ran. Caught later by Bloomington police, he turned out to have a loaded gun and was a “sovereign citizen” (a group that denies the legitimacy of the US government).
Making It Work
Whether or not a threat is successfully (a) noticed and (b) investigated depends foremost on the extent and quality of the specialized training that officers need to receive in behavior detection and interviewing. However, there are also program obstacles and best practices, and Reynolds and Rozin shared them at a recent national security conference.
Stick with It. A behavior detection program requires ongoing attention, frequent retraining, and continuous improvement. “Everyone loves a puppy,” warned Reynolds, noting that the program is not a good fit for a security department looking to implement a counterterrorism program and then forget about it.
Hire the Right People. Security interviews are central to the program’s effectiveness, and the vast majority of them are conducted with legitimate visitors who happen to exhibit suspicious behavior. Because of this, Reynolds said interviews need to be conducted in an open and friendly manner, and MOA hires people specifically suited to that type of role. “Most of them have a sales background or other social contact positions. We want individuals who can find a way to socially engage anybody they come across.”
Implement an Organization-Wide Behavior Detection Culture. “A RAM unit alone is by itself insufficient,” noted Rozin. RAM officers may undergo ten to twelve weeks of training. But everyone—from housekeeping to amusement ride operators—might need one to two days of training to implement a culture change. Appropriate groups also receive training specifically tailored to the intersection of their jobs and terrorism: human resources and insider threats, the leasing department and applicant screening, events staff and security design and threat detection, and so on. The RAM unit is the heart of the program but “to a lesser degree everyone is involved in RAM,” said Reynolds.
Spotting indicators of terrorist planning is another key topic in counterterrorism training. Since 9/11, the preparatory conduct of terrorists has been the subject of significant study. A terrorist might loiter for weeks near a target to observe entry points and security measures, perhaps by posing as a panhandler or flower vendor. According to one study, excluding outliers, the average preparatory behavior phase for a terrorist attack is fifty-four days.
Adopt a New Attitude Toward PR. The MOA security department had a typically adversarial relationship with the media but now uses the media as a tool to promote the work of the RAM unit and the mall’s concern for visitor safety. MOA was specifically named in a 2015 video by al-Shabab, a Somali terror group. Homeland Security Secretary Jeh Johnson then told CNN, “If anyone is planning to go to the Mall of America today, they’ve got to be particularly careful.” Facing the prospect of shoppers staying away, MOA undertook a very public campaign to reassure potential shoppers that the mall’s security was up to the job. It invited in news media for a rare inside look at its operation, resulting in numerous reports on its diverse protection measures, including bomb-sniffing dogs, bike patrols, social media monitoring, hundreds of cameras, and explosives screening of delivery trucks. And promoting security may have worked. Despite the very specific and public threat, subsequent headlines such as “Mall of America shoppers take terror alert in stride” were commonplace.
Define the Information-Sharing Process. How and to whom will you report information that a RAM unit learns?
Reinforce Vigilance through Red Teaming. MOA uses individuals to probe for holes in the security defense and test whether RAM officers identify the problem. “It’s not easy to leave an unintended bag or to act nervous in the MOA and not get noticed,” said Rozin. “Again, though, security can’t get it done all by themselves.”
GARETT SEIVOLD is a journalist who has been covering corporate security for industry professionals for eighteen years. Since 1998, he has served as the principal writer and editor of Security Director’s Report, a monthly publication highlighting trends and best practices in corporate security management. Seivold has been recognized by several organizations for outstanding writing, investigative reporting, and instructional journalism. He has authored dozens of survey-based research reports and best-practice manuals on securityrelated topics. Seivold can be reached at GarettS@LPportal.com.
