• United States




Business response in the wake of terror attacks

Jun 08, 20174 mins
Data and Information SecurityIT LeadershipPhysical Security

Recent terrorist attacks, which share defining attributes of centralized intent and decentralized execution. Not only do these attacks demonstrate that the world has become more violent, but they also reveal that the public remains ill prepared for the changing face and tactics of terror attacks, culminating in a potential rise in death toll and injuries.

2017 has seen a wave of recent terrorist attacks, which share defining attributes of centralized intent and decentralized execution.  Not only do these attacks demonstrate that the world has become more violent, but they also reveal that the public remains ill prepared for the changing face and tactics of terror attacks, culminating in a potential rise in death toll and injuries.

As intelligence develops from recent tragic attacks, businesses and individuals increasingly need to bolster law enforcement efforts by prioritizing heightened situational awareness and implementing enterprise security measures that focus specifically on protecting human capital and “soft targets” and mitigate vulnerabilities to infrastructure.

As a backdrop to individual and enterprise-wide efforts, global law enforcement is aggressively seeking to secure these locations to prevent future incidents, yet the low-tech nature of recent attacks (e.g. vehicles used as weapons) combined with less predictability in their occurrence proves to be difficult to anticipate and mitigate. However, businesses and individuals also need to understand the groundwork for developing adequate situational awareness in the face of attackers’ changing strategies, facilitating measured responses in the face of unpredictable and dynamic events.

Business protection

While no single action or policy can avert every type of attack, the best risk management strategy aims to incrementally secure “soft target” locations, which may be susceptible to an attack. The below lists outline key areas of coverage for managing organizations’ soft target locations, protecting physical assets, raising awareness and addressing both local and international premises and employees.

Prepare for potential threats

  • Conduct threat analyses, vulnerability assessments, consequence analyses, risk assessments and security audits on a regular and ongoing basis
  • Review, update and validate all emergency and crisis response plans across functional disciplines (police, fire, medical, private sector), and conduct exercises to test the plan’s execution
  • Ensure all emergency communications equipment is operational
  • Establish and implement an emergency communications system for personnel (i.e. phone trees)
  • Establish safe areas within the facility for people to assemble and seek refuge during a crisis

Protect the area

  • Communicate and follow appropriate access control policies to facilities Provide appropriate signage to restrict access to nonpublic areas
  • Remove vehicles parked for an unusual length of time, including at adjacent buildings
  • Install secure locks and protection on all internal/external doors and windows, with quick-release capability from within
  • Install fences or lightweight barriers that are easy to store and can be deployed quickly as necessary
  • Maintain an adequately sized, equipped and trained security force

Raise awareness

  • Create a culture of security awareness within the business
  • Report suspicious activity to proper authorities, and train personnel to watch for:
    • Unattended or suspicious vehicles on or near facilities
    • Repeated visitors or outsiders who have no apparent business in nonpublic areas
    • Abandoned parcels, suitcases, backpacks and packages 
    • Missing and stolen equipment, weapons, uniforms, etc. 

Identify threats to business travel

  • Develop business travel security programs that prepare employees in advance of, during and post-travel, addressing increased “duty of care” responsibilities that companies face
  • Identify threats and vulnerabilities relevant to travelers in specific locations, and follow enterprise travel protocols commensurate with risk
  • Prioritize designation of main stakeholders in contingency plan execution and tracking travelers
  • Determine means of communication with travelers abroad, implement logistics, and debrief on effectiveness with aim to inform future policy development
  • Periodically refresh country briefing information to reflect updates in weather or safety threats, as well as recent travel warnings, and update plans accordingly
  • Identify and evaluate dynamic tracking capabilities via apps or other monitoring technology for travelers
  • Brief travelers on on-the-ground conditions; ensure completion of vaccinations and awareness of app / tracking usage and procedures
  • Monitor travelers and local conditions through tracking technology over duration of trip
  • Deploy on-the-ground security commensurate with level of risk
  • Debrief travelers to identify and monitor any unusual activity or conduct follow-up risk assessment as needed 

While recent terrorist attacks underscore increasing global threats, they should not impede business operation or travel. Instead, understanding the threats that businesses face, as well as the pathways to mitigate vulnerabilities, will better insulate organizations and individuals from potential tragic scenarios. Developing and maintaining a sense of calm, combined with executing a measured response in the face of unpredictable and dynamic events will increase your organization’s and employees’ ability to react with speed and response commensurate with the threat.


Jonathan Wackrow is a security professional with 18+ years of high level management and operational planning experience with exceptional knowledge in risk assessments and security operations. He has spent the majority of his career in the United States Secret Service, serving as criminal investigator in New York City and on the Presidential Protection Division. He is currently a Managing Director at Teneo Risk, a strategic threat advisory firm that offers CEOs a holistic approach to identify, manage and mitigate operational risks to their businesses.

Jonathan is formerly an Executive Director at RANE, an information and advisory services company that connects business leaders to critical risk insights and expertise to drive better risk management outcomes.

As President of i4 Strategies, Jonathan advised leading corporations on critical infrastructure protection, physical security, executive protection and crisis management procedures. His philosophy towards corporate security is simple; security should be a workforce multiplier to enhance other divisions, helping to achieve the fiscal goals of the company.

Jonathan is a CNN Law Enforcement Analyst and is a regular commentator on security and risk management on other major news outlets.

The opinions expressed in this blog are those of Jonathan Wackrow and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.