White House Demonstrates A Cascade of Security Failures

Imagine the shock and awe when I found out my home was MORE SECURE than
The White House, which, along with the U.S. Capitol Building, represents the
best of the Free World!

Why?  Because I LOCK MY DOORS.  Which means my Access Control is 100%
in place.
   A simple thing, but, because Access Control is the starting point for all
security – doors have to be locked.

We say that security should be re-assessed whenever there’s a major change.  And
certainly launching a war against ISIL might be considered a major change, especially
since there is an alert about home grown jihadis.  Do you think the home of the U.S.
President might become a target?

And who is responsible for the lax security?  It’s the Secret Service, the government
agents who are supposed to be totally dedicated to the best security on the planet.

And other things went wrong too.  And why my home is safer than the White House last week.

I have dogs on site and they are unleashed.  I don’t make the decision about whether to let the dogs out, instead, my vicious attack beagles go after anyone trying to enter the grounds at any point within the perimeter fence.  At the White House, because the dogs which are kept on site for just this sort of incident, were NOT RELEASED because the Secret Service agents thought the dogs might go after them.

The sniper who was at the White House with his gun trained on the intruder, didn’t shoot.He could have taken a shot to the intruder’s arm or to his leg, and that would have slowed him down, but instead, he held his fire, and the intruder made it in the doors and up the stairs of the White House.

The intruder was a REPEAT OFFENDER.  He should have had a big red mark on his forehead indicating that he WAS NOT CLEARED FOR ACCESS, but instead, he had nothing.  He was able to jump the fence and continue right along through the entrance.

The lovely decorative White House fence was easily breached, just jumped over.  Does this trigger a BRAINSTORM:  MAKE THE FENCE HIGHER!  Or, even better, ALARM AND ELECTRIFY THE FENCE!


At my barn, it took about $200 and less than two hours to totally electrify an enormous field.  Shouldn’t the President’s home be as well protected and my horse’s field??

Looking at the whole picture, we see that there are numerous problems, and that obviously the White House hasn’t had a decent SECURITY RISK ASSESSMENT in years, or that the assessment’s recommendations weren’t implemented.

With lots of high value targets in a relatively small area, the use of automated, quarterly
security risk assessments SHOULD BE A NO BRAINER!

What’s the underlying cause of this breach?  Was it the lack of procedures, was it procedures not followed, was it lack of training?  Was it a sub-plot?  Was it the just a cascade of failures?

Whatever it was, it made the U.S. look UNPREPARED to the entire world, and it reinforces the message that security is a process that has to be continually assessed and re-assessed.

I’m going to do my Patriotic Duty and donate my automated Risk Assessment software to the White House Secret Service to help them in this critical task!

Assessing School Security Takes on New Dimensions after Sandy Hook Tragedy

After 30 years of security risk assessment experience and working with hundreds of schools, hospitals, facilities, I have to say that schools have not taken school security seriously.

Obviously there are the social pressures including mental health screening, proposed assault weapons bans, gun owner screening, etc., but these are the thing that won’t change overnight.  EVEN IF THEY ARE LEGISLATED, it takes time to implement, and
implementation may not be perfect.

TODAY IS THE DAY TO DO A SCHOOL VIOLENCE ASSESSMENT – not tomorrow, not after new gun laws, not after the holidays — TODAY.

There are indicators you can look for to see if your school is at risk of an active shooter incident.  And ways to be prepared if the unthinkable happens and an active shooter comes to your school.

Strong, simple access control is the most effective solution, and yes, this may mean that
a plain glass front door or window is not enough.  Glass is easily broken, and yes, it means that all staff must be a little more accountable, and it probably means a red phone or connection to the local police.

There is a simple school risk assessment program that will give guidance on what you need to do TODAY, what controls you need to implement, what threats are most likely to occur.  These can be accessed on the www.riskandsecurityllc.com website.

Some things are preventable, some aren’t.  But lockdown drills, alarm systems, and active monitoring of cameras are just a few of the 60 controls every school should have in place to protect our precious children.

And this comes from the grandmother who’s 3-year old twins turned 3 yesterday!


Put your Hospital Security Department on a Low Fat Diet

Hospitals are reeling from potential losses in funding related to state budget cut-backs
and potential cuts in Medicare programs.  Every area of the hospital budget are being scrutinized, looking for areas to cut and reduce costs.

Instead of waiting for a memo about cuts that affect YOUR department, be a
pro-active manager and right-size your security department and show management
the changes you want to make.

It is possible to have an efficient, accountable security department without having costs run out of control.  It has to be based on real dollars, on real risks and it has to have the ability to show management WHY you need each element in your program.

The already-required risk assessment is the first start in this process.  When regulators come in to a hospital, they want to see the risk assessment first, and then they look to see if you followed the remediation plan identified in the risk assessment, which means they want to see you made the right improvements, based on the plan.

By including program elements in the risk assessment, and mapping it back to your actual budget, you can easily say that the Return On Investment is for each part of your program.


Arizona finally did it.  They called DHS’s bluff, and actually DID SOMETHING about the US-Mexican border.  it has nothing to do with racial profiling and nothing to do with discrimination — it has everything to do with America’s security against terrorism.

Everyone who is so shocked, appalled and worried – shouldn’t be.   Everyone wants to prevent the next 911, they want to keep out drug traffickers….. and you cannot get that done with an open border to our south. 

I say it over and over – PLEASE QUOTE ME – you can’t have homeland security with an open border!  You can NEVER have homeland security unless you have security at the border first. This is a key risk assessment vulnerability that anyone doing a formal assessment would spot immediately. 

What good is having a checkpoint on the I-5 interstate in San Ysidro if illegals can avoid the border crossings and run right into the U.S.? 

Look at strictly as a cost issue – looking at the real numbers helps… 

  • Cost of maintaining our phony border controls   $100 Million Dollars for 2010

(from the total ICE (U.S. Immigration & Customs Enforcement) budget of  $5.7 Billion Dollars). 

  • The Drug Enforcement Agency (DEA) says that since 2005, 15% of domestic arrests are arrest of illegal aliens!
  • Budget for DEA to combat Drug Traffic from Mexico   – over $25 Million Dollars (just to add an additional 128 agents along the southwest border). 
  • The Southwest Border Initiative Virtual Fence Project – $800 Million dollars
  •  The Secure Fence Act – over $7 Billion dollars 

AND OUR BORDER is still wide open.    Federal agents trying to police the border do not have the proper support and are discouraging from killing murderous drug dealers and human trafficking mules.   

If you look even farther – take the entire budget of the Department of Homeland Security, which is  $55 Billion dollars.   This money can largely be considered as wasted, if there is no control over our border with Mexico.  

You see it all the time at companies out in rural areas – they have a chain link fence around the back of the property, but the fence has a 14 foot gap in it, and all it does is concentrate the intrusions right through the gap in the fence.  It does not deter crime, it cannot prevent theft – because the fence is not secure, there is an open gap.  

That analogy works with our borders, too.  If you wanted to get into the U.S. illegally, would you choose to drive thru the checkpoint at El Paso?  Through San Ysidro?  Fly in from Mexico City and have to show a passport?   NO – you would breach the border and just walk across someone along the thousands of miles of unsecured border. It is a no-brainer, even for a terrorist.

As a risk assessment expert, I am personally thrilled that Arizona has pushed the envelope and passed a bill that at least attempts to find a solution to our horribly expensive and totally ineffective southwest border controls.  It might galvanize enough people to actually get something done about this open border policy. 

Remember, you cannot have a secure country without securing the borders.

Searching for Hard Data about Security Cameras…

I was really surprised when someone asked me about how many cameras should be put in a small hospital to deter violence against healthcare workers. They were asking for a universally recognized guideline or standard that would give them ammunition to take to management to prove why they needed the extra cameras installed in the Emergency Department.

If you’re already in either the security or healthcare field,  I’m sure you’re aware of the dramatic increase in violence against healthcare workers and why this is obviously a concern of all healthcare facilities.   Cameras are often the first stop in a security improvement program because they provide a lot of visibility/protection at a reasonable cost.  

My next step was to start looking through different standards to see if there was a standard for how many cameras should be in an Emergency Department, or a birthing center, or a hospital lobby.  I could not find a simple standard anywhere.  I first started looking at FEMA requirements for preventing terrorism (FEMA 428) (www.fema.gov) and while they covered lighting, they stopped short of recommending a basic configuration, or an “acceptable minimum” for cameras.  Next I looked at the International Association for Healthcare Security and Safety (www.iahss.org) and they also mentioned lighting and cameras but again, without specific guidelines for the various parts of a hospital.

More research followed.  I called about a dozen hospital security directors, and then started on a literature search.  I started with the classic Russell Colling book, “Hospital and Healthcare Security” and again found a great deal of common sense advice and recommendations on how cameras should be placed to view certain areas and the panning area, and what kind of cameras to use where, but again, no exact direction on how many cameras should be put in a hospital emergency department.

Back to the phone to get more information, I talked to more security professionals who explained that each facility is different — each hospital is different — each hospital has a different budget — different configurations.   I totally understand that companies that sell cameras and lighting to hospitals (and all sorts of other facilities) want to do an in-depth assessment before each installation to make sure the cameras fit the total security picture. 

But I think that the security organizations should start creating minimum standards with actual guidelines of WHAT KIND, HOW MANY and WHERE To INSTALL, as a sort of default value, or minimum to achieve some level of improved security.  For example, ‘basic’ or ‘minimum’ recommendation for an ED might be — one camera at each entrance and exit and a camera at the admissions area.  Having some basic configurations spelled out would be a great thing for security directors and probably for the camera companies.

Those who have read my blogs before know I am a big proponent of standardization — for lots of reasons.  It is good for the buyers because they don’t have to agonize over whether they are getting a certain (if minimal) level of protection; and it helps them secure the budget to install the new camera systems.  It’s good for the camera integrators because it increases sales because (see previous sentence), security departments can more easily get budgets approved and thus, sell more camera systems.

One of the security groups I talked to told me that the reason they don’t have a minimum is because it reduces pressure on smaller organizations that may not be able to afford a particular system, but I think that with the increasing use of cameras, having a minimum standard makes sense and would be a win-win proposition for everyone.

For example, did you know that rail gauge on railroad tracks used to be different for every state?  So early trains could chug around a state, but couldn’t cross the border into another state because the rail gauge was different.  After the rail gauge was ‘standardized’ so that the whole country used the same gauge of track — trains were going coast to coast and everywhere in between.  It allowed rail travel and shipping by rail to really take off.   Maybe we can do the same with cameras.