Event Analysis – Attempt to attack Jews and other foreigners in Germany

Summary of event details as published in the media:

Stephan Balliet, a 27-year-old German extreme right-winger, was traveling in a rented vehicle in front of a synagogue in Halle on Humboldtstraße on October 9 at noon. He aired his actions live on the streaming Twitch platform, explaining his actions, in German and English. During his remarks, he denied the Holocaust, expressed anti-Semitic attitudes to Jews and foreigners and expressed himself against feminism. Later in the documentation, it can be seen that he had additional rifles, ammunition, explosives and Molotov cocktails in the vehicle. Police searches of the vehicle found four pounds of explosives.

The event began at around 1:15 pm on Yom Kippur 2019 when between 70 and 80 members of the Jewish community prayed in the synagogue. The gunman fired several shots at the synagogue door, and he even used an explosive device, but he failed to enter the synagogue. He tried to enter the synagogue through three entrances; All three were closed. He failed to shoot a submachine gun at a passerby in the street next to the synagogue, and also at the tire of the bystander’s vehicle. As another bystander approached, he tried to shoot at him as well, but the weapon he used had a stoppage that because of this the bystander was able to evade. According to other reports, the gunman threw a grenade at the nearby Jewish cemetery in Halle.

Due to his failure to enter the synagogue, he drove his car to Schillerstraße, stopping at the kebab restaurant on Ludwig-Wucherer-Straße. First, he tried to throw explosives at the fast-food restaurant, but the material got stuck in the restaurant door and exploded in the street. Then he shot at the diners in the restaurant, until the arrival of the security forces. He later fled toward the exit from the city; On his way, he stopped in the garage and demanded those present with threats and shootings a new vehicle. The suspect in the attack was arrested by the police near a construction site on Federal Highway 91 after causing an accident.

The attempt at the attack is no less than a formative event of all Jewish communities throughout the world, an event that, on the one hand, shows the reality of racism against Jews that repeatedly produces individual perpetrators and on the other, proves that awareness of threats and proper professional preparation provide a life-saving response.

The fact that the German terrorist failed to enter the synagogue is an unequivocal result that combines emergency preparedness, threat identification and correct response from the synagogue’s rabbi, security guard, and worshipers and is not at all related to luck or chance.

The perpetrator

Recent terrorist attacks against Jewish communities around the world have set an alarming reality in which racism against Jews raises its head in the form of individual perpetrators who are motivated by strong hatred, which is mainly circulated online through racist articles and violent computer games that contain overt or hidden messages against strangers.

Stephan Balliet fits the profile of a single perpetrator that has formed an extreme opinion against foreigners in his country and has apparently decided on his own to massacre with the aim of killing as many Jews as possible by weapons and explosives and to produce a media wave for his actions that will cause more and more copycat attacks.

In the picture is Stephan Balliet, whose likeness shows the characteristics of the contemporary perpetrators, the hatred is seen in their faces, who are ready to die in order to kill foreigners and especially Jews in cold blood, who imitate other perpetrators, who learn how to obtain and / or manufacture weapons, who dress and behave like murderous characters from computer games and who expect to have a murderous revolution in their country in particular and in the world in particular.

In today’s reality, our world is full of these kinds of perpetrators who just go out one day to do the fatal sometimes unannounced action and sometimes write a Facebook post describing their intentions and post it shortly before they carry out the attack.

Stephan’s picture dressed as a fighting character from a computer game:

The readiness and ability to cope with a single perpetrator

In recent years, security forces all over the world have been using numerous resources to create an intellectual circle that tries to detect in advance individual attacks like Stephan Balliet. Certainly, the intelligence effort manages to identify some of these attacks in time, but there is no chance that they will do so at a success rate of a 100 percent, which means there will always be a single attacker that will not be identified in time and thus they carry out their plans.

Coping with these kinds of perpetrators starts with awareness of the problem and the real threat, continuing to carry out network preventive actions and ending in the ability to thwart attacks. The thwarting phase is the most difficult because it occurs after the perpetrator has already started his malicious and fatal action. Precisely because the security forces start responding when the perpetrator is already operating, they are required to have a level of readiness and the highest professional level possible. Once the perpetrator is identified, whether, by citizens or security personnel, the response should be swift, determined and accurate. Any delay in responding gives the perpetrator extra time to put more and more innocent civilians at risk.

In Israel, unlike most European cities, many civilians are aware of the danger of the attacks when some are even armed with a personal firearm, security personnel (police and soldiers) stay at home and during their free time with weapons and many areas are manned by police and soldiers, which increases the likelihood of identification of the attack as well as the response happens a short time after the beginning of the attack, preventing the worsening of the situation.

According to reports in the German media, Stephan Balliet was caught an hour and a half from the time he began the attempt to enter the synagogue in Halle. This is undoubtedly a time period that makes no sense and is inconsistent with what is expected from skilled security forces. Allowing a cruel perpetrator to move about an hour and a half undisturbed with many weapons and explosives indicates that local security forces are not prepared to deal with such emergencies.

Video about the attack posted in the local media:

Inspirationally and encouragingly, the Jewish community led by the rabbi of the synagogue who stayed for Yom Kippur prayers were aware and prepared and therefore responded in a way that saved their lives. The readiness of the community is manifested in the armoring of the synagogue, the identification of the threat and the prompt and effective response. Documentation of the attacker’s attempts to break through the main entrance door to the synagogue complex and other secondary doors prove what I have written in previous event analyses, that the main entry area and especially the front door is the first and main obstacle that can impede the attacker and even prevent him from entering, thus giving the citizens time to evacuate, fortify or prepare for a counter-attack.

Documentation of Stephan Balliet attempting to break through the main entrance to the synagogue:

Picture of the door after the shooting:

The synagogue rabbi said at the end of the event that during the Yom Kippur prayer there were about 70 worshipers when the security guard suddenly recognized the threat from the outside and thus started the response, locking the front door and the secondary doors, evacuating everyone in the synagogue on the first floor and leaving a reaction force in case the perpetrator breaks through one of the doors and steps inside. As previously mentioned, the synagogue’s doors were not broken into or opened, causing the victim to get frustrated and start looking for unsuspecting victims in the street.

The awareness, preparedness, identification and response of the synagogue rabbi, the security guard and the worshipers what saved their lives. I have no doubt that they attended lectures and underwent training that has prepared them for these kinds of emergencies.

Sometimes the best defense is the attack

During his search for other foreign victims, Stephan Balliet documented how he entered a Turkish restaurant and shot at persons at the scene:

The video shows the different choices of response by the citizens in the restaurant from the moment they realize that an attacker with a weapon has been entered into it in order to murder them in cold blood. Some of the citizens chose to escape to the back room and may have stepped out of the restaurant and some chose to hide behind the drink machine. The civilians hide while a perpetrator fails to manipulate the weapons in his hand and shoot at them. During this time given to them, the civilians remain in a shelter in the hope that the perpetrator will not be able to shoot them and even begin to cry and beg for mercy for their lives. I do not judge the civilians and yet think that in such a situation it is better to go on the attack because the defense is simply ineffective because it leaves you 100 percent exposed to the real and imminent threat.

This difficult situation illustrates the importance of taking action to raise awareness among citizens of this kind of growing danger and the need to acquire skills in contact to improve self-confidence and the ability to respond in emergencies. Krav maga training improves the ability to react against the natural instinct of escape and hiding.

Individual attackers have become part of the most and more realities in the world, so it is imperative for everyone, security forces and civilians to work to raise awareness of the threat, to protect sensitive facilities, to improve identification and to acquire skills and tools for a fast, determined and effective response.

Dear citizens of the world, remember that you also need to maintain security!

Security on world tourism sites (Article writer: Miky Weinberg, security expert, owner of Tarantula Technologies)

Last February, we spent several days strolling through the amazing city of Rome, which is full of historical sites that attract thousands of tourists every day. Thousands of tourists begin to reach the entrance area of ​​each site sometime before it opens, creating a large and regular concentration of visitors until the site closes. The tourist sites are different in size and attractiveness in the eyes of the tourists and therefore the number of visitors varies accordingly. This also depends on the relevant season. Not all tourist sites create large crowds of people, but there are sites where there is a particularly large crowd all the time, one of which is the Coliseum.

We also went to visit the Coliseum site and to enter it, we had to go through a screening process which included standing in the line up to the entrance ticket checkpoint and waiting in line up to get one’s person and luggage screened. As someone who is constantly thinking and thinking about security, I looked at the security array at the site to answer the question of how effective it is in the face of possible threats.

Although Europe has undergone a process of understanding in recent years that it is necessary to secure tourist areas in general and popular sites in particular, it can be seen that the approach and method of security employed in some cases are incorrect, thus not providing a quality response against the adversary’s possible modes of attack. An adversary who wants to carry out a spectacular attack will look for a place with a relatively large concentration of persons that allows him or her to cause as many dead and injured casualties as easily as possible, as well as preferring a well-known and popular tourism site that will increase the volume and added value of the attack.

To explain why even though there is a security array in place at the site, the tourists who come to it are in real danger, I will refer to the Coliseum’s website while showing pictures for illustration:

The Coliseum site is located in the center of the city and close to other tourist sites that attract thousands of tourists every day. Thousands of tourists arrive at the Coliseum site almost year-round, from the time of opening until the entrance is closed. During this time, there is a relatively large audience outside the entrance waiting patiently for the line to progress and enter the site to visit it.

Picture of the Coliseum site before the audience arrives:

Pictures with the outside concentration of persons who are waiting to enter – on the west side of the site:

Part of the external concentration of persons in the photo from above:

This audience concentration is located outside the starting point of the existing screening process on the site and does not appear to have security guards and / or police officers around.

Later, in the screening lane, there is another concentration of persons waiting to be screened on a with a metal detector gate and a screening machine:

In the existing situation, the adversary has no reason to look for the audience concentration within the site and therefore does not have to deal with the circle of security guards stationed in the screening lanes which include a metal detector gate and a screening machine. The present method makes the concentration of persons stationary, exposed and easy to hit.

 

Analysis from the attacker’s perspective:

As previously mentioned, the attacking adversary seeks a convenient audience concentration to create a mass casualty event. The concentration of persons at the Coliseum site meets the needs of the attacking adversary, especially that persons who are concentrated outside the area with the screening lanes. It seems that attackers do not have to go through security to reach the external concentration of persons, so there is no reason why attackers should want to try and reach the light concentration of persons that is within the site.

The attacker has no problem seeing, learning and understanding that a security system exists only at the screening posts located within the site area, at the entrance to the site. It should be noted that to reach the internal concentration of visitors, the adversary only has to go through an usher who checks whether the visitor has a ticket and does not search persons and their luggage.
At the Coliseum, as well as on many other tourist sites, one can see that there are 2 crowds that the adversary can choose from. Most attackers will choose the outside concentration of persons as the target for an attack.

What more does a suicide bomber or a terrorist armed with an automatic rifle need than a large concentration of persons that are exposed without peripheral protection?

 

I think that any agency that responsible for a tourist site that attracts thousands of tourists that create large concentrations of persons has a duty to operate a professional security system that is equipped with security rings that are defined according to a concept and operating method that is written on the basis of an analysis of the area as well as the characteristics of the site (from an attacker’s viewpoint). This is needed to prepare an effective and appropriate response against a potential adversary and fulfill the responsibility for the safety of all people who came to visit the site.

In Israel, several individual entities operate a security system that acts against the adversary using a method of detecting suspicious behavior and checks only those who are classified as anomalous when all the persons go into the facility/site without stopping. I am a big believer in the method for several reasons:

  1. This requires the facility’s security plan makers and writers to perform an analysis from the attacker’s viewpoint.
  2. It requires the security guard to think about the adversaries and be active during the shift.
  3. This eliminates the situation where a security guard becomes passive only because of the wait that a technological measure, such as a metal detector gate, should tell him or her to further screen a person
  4. It passes the potential opponent through an entryway that has several security rings to detect anomalies – the adversaries feel that they are being looked for
  5. The security guards approach more people for questioning
  6. The security guards’ professional level and confidence rise sharply.

 

This is how security at a tourism site such as the Coliseum should be like:

  1. The demarcation boundaries of the site must be defined, which includes all the areas where the presence of an attacker can pose a danger to visitors.
  2. At the site’s perimeter, the audience should be allowed to stay only in areas that are part of the entry and exit route, and the other areas are defined as closed to visitors and bystanders in order one mandatory entry route.
  3. A number of security layers must be created for detecting suspicious behavioral anomalies, the first layer is placed at the start of the lane and in any segment that can be used by the adversary to organize before entering the site, the second layer is located in an area where there is a concentration of persons, the third layer is placed at the ticket inspection post, The fourth is placed at the last lane of entry into the site itself and the fifth lane is placed within the site’s area.
  4. Physical layers must be supported with security cameras operated and viewed in an operational and professional dispatch center capable of detecting abnormalities based on suspicious behavior as seen through the cameras.
  5. The third and fourth layers need to include a metal detector gate and a screening machine to check any person classified as an anomaly.
  6. Throughout the entrance route and inside the site’s interior, a warning sign has been posted indicating that the site is secured physically and with an advanced and professional camera system.

If all these principles are met, the potential attacker who decides to arrive to gather intelligence  or carry out the attack will be required to follow a predefined path where he / she will see active security guards, causing him / her discomfort even to the level of fear and pressure that will result in involuntary actions that will be interpreted by the security system as suspicious anomalous behavior, thus classifying the potential attacker as an anomaly that requires immediate questioning and physical search of his or her person and items.

The above security method will cause the visitors to flow into the site almost unstoppably, thereby completely or almost eliminating an external concentration of persons and forcing the adversary to seek an audience concentration within the site,  but the adversary can’t avoid passing through the screening and defensive layers, so he or she has to deal with them.

 

The area of responsibility:

The area for the staging of visitors to enter:

The entry route and location of the security layer:

 

Remember, security must be maintained while creating defensive security rings that will cause your adversaries to make mistakes!

Employees are your best camera

In all the recent active audits we conducted at various organizations and companies the main conclusion was about the importance of employees in the security array. Yes, you are reading this correctly, the employees are integrated into the security system even though their professional purpose is not at all related to security and they also have no training to perform security operations on their own.

Anyone who expertly and correctly analyzes their facility through an attacker’s mindset will discover and understand that the adversary who succeeds in passing the first security rings will reach the last security ring and encounter the employees rather than the security guards, so that in practice where the opponent is at his or her final attack destination within the facility, it is the employees who are in the vicinity . In this situation, the employees are the only ones who can recognize the opponent as an anomaly and act to expose the adversary in real-time.

When you think about it, every employee is like an advanced and sophisticated camera. They have eyes to see (the lens), they have ears to hear (the microphone) and they have the intelligence and thinking to process the data and make a decision (the software). Now begin to understand and test how many “cameras” you have in the last security ring and where. The gap we noted in all the active reviews we made regarding the employees in an organization, company or business revealed the reason why employees failed to hear and see the opponent in their work environment even though they are standing very close to them, is that the employees’ ‘’programming’’ was not calibrated to the appropriate settings to be cognizant of anomalous persons who perform unusual activities.
The employees have never undergone briefings or professional training that prepares them and enables them to locate the aggressor in their work environment.

Organizations, companies, and businesses realized that a security guard and camera could not be placed everywhere in the facility and were able to integrate the employees in the security system elevated the response against physical assaults in an impressive way. This requires a managerial decision to allocate professional and proper resources that will make every employee quality and smart “camera”. A kind of camera with analytics in it.

Why are there still so many organizations, companies, and businesses that haven’t done this?

Here are examples of such organizations:
A company that has not been harmed by an aggressor and is not aware of the threats and dangers and is likely to open its eyes only after an unusual event has occurred.

A company that consciously does not consider it appropriate to invest resources in its security system beyond what is required of it and will probably open its eyes only after an unusual event has occurred.

A company that runs forward and invests many resources and budgets in protecting information from outside attacks and neglects or forgets about physical security.

Regarding the first two companies, I do not have too much to say except to wish them good luck and I wish that they would never be attacked.

In contrast, I tell the third company that it is likely to be infatuated with the popular cyber phenomenon like many other companies and will explain that in recent years many organizations, companies, and businesses have invested a great deal of money in responding to cyber threats and rightly so, since such threats can do serious and sometimes irreversible damage, but when it comes at the expense of physical security it is clear that exposure to existing threats remains high. In tandem with the rise in cyber investment, the risk management issue has improved and has become more sophisticated, leading to more and more executives and security managers to define a targeted threat list that is only relevant to the facility and its characteristics. I think any such list, as targeted, must always include threats related to physical attacks on the facility, and not just remote assaults.

There are adversaries who are capable of penetrating into the facility during its operating hours who know how to pass the security system on their way to the server room and the sensitive offices/rooms/warehouses that include valuable information and / or equipment, etc. As mentioned, in these places inside the facility, if the opponent meets these people, they are the workers and not the security guards.

An employee with no awareness of threats and dangers that exist in his or her area and without training and tools to deal with them will not be able to identify the aggressors in real-time and certainly will not be able to deal with them, and worse, due to the employees’ lack of knowledge these employees may help aggressors enter a forbidden place and even accompany them without knowing their bad intentions.

A mid-level opponent can recognize phenomena within the organization that create loopholes and gaps in security arrays, and knows how to exploit them to his or her advantage while manipulating the hapless workers to help him or her without knowing and understanding what they are actually doing. The adversary fools untrained employees with relative ease. This is usually not the fault of the employees because they have not been trained to do so and will not be alert to the dangers in their sector while performing their routine work.

Factually, an unskilled employee will fail most times when the opponent manipulates him or her and when they encounter each other the employee will be tempted to open the door even though it has an entry control system, believe the opponent’s assumed identity and role, forget the procedures and lose even the basic suspicion found in each person. There are situations where the opponent is so compelling that even an employee who suspects something is wrong feels self-insecure and able to muster up the courage to stop for a moment and ask the right questions or simply call the security forces at the facility.

In order for an employee to be a part of this last and most professional security ring in the array, one must first understand the existing deficiency, then allocate budget and resources to it, and ultimately the employees must be given appropriate training. The goal is not to make the employee’s security guards. The goal is to teach employees to identify anomalies in their sector while performing their duties as required and without interfering with their professional vocation. It is possible to reach a situation where the employee sees a person in his vicinity and is suspicious.

Employees are your best camera in areas where there are no security guards and there may be no cameras too, so all you have to do is get employees to raise their heads and use their eyes (the lens) to identify who is near them and whether they are familiar and have the authorization to be in the area, listen to the noises (microphone) in the environment so that even if the employees are busy with their routine work with eyes downward, they will not lose one’s hearing ability to help them know that something unusual is happening near them, and eventually it is imperative to equip the employees with clear and unambiguous settings that will make this the software that connects what the eyes see and what the ears hear into a decision making process that decides whether a person is anomalous that needs to be addressed immediately.

Whoever does what I wrote will add to the security system tens or hundreds or thousands of human smart cameras that will make it difficult for the adversary’s life and significantly improve the response to the aforementioned threats.

Remember that security needs to be done by integrating the employees!

Private security – the dilemma of the rich and famous

There are two kinds of security clients: entities and organizations that are assumed to utilize security by virtue of being associated with governmental agencies (that is, they affect the state’s security, and/or their activities require security),  and private individuals that by virtue of being famous and wealthy (and / or they are owners of successful private companies and/or they are influential) that decide to utilize private security. Agencies and organizations have no dilemma whether to use security because they are required to do so, whereas a private individual does not have to adopt security measures, therefore there is a perpetual dilemma of whether he or she needs security, and why should money be spent on it.

Since professional and quality security costs a lot of money and is accounted for only in the expenses section, the dilemma of adopting security measures becomes particularly difficult and complex. In addition, there is a misconception for many that security does not contribute and only is an expense when the right mindset about security means that security if done correctly, can create a professionally done peace of mind for the businessperson and even an advantage over competitors. A famous person was once asked how he got along with his security guards. He pondered a little, and then replied, “when I think about it I’ve never seen them but the mere thought that they are out there allows me to concentrate on what I do best.” It is important to note that there are individuals who utilize security only because it is considered a status symbol and a norm among the population to which they belong and not because they are at risk. Assassinations of famous persons and injury and homicide incidents on private businesspersons in the past prove that any person by the virtue of being very famous and very influential and over time and every very successful businessperson is at some risk of being harmed by another person with different and various motives, therefore they live in a state of constant risk management that can sometimes cost them and/or their families dearly, and this is not referring to the financial aspect. Even such a private person should know that the significance of not having security at all is that he or she remains exposed to all existing and relevant threats to him or her, and in the event that he or she is hurt or (G-d forbid)  is murdered, the clock can’t be turned back. Personally, if I was very rich, I am sure that I would not be in the dilemma in question and if I needed some professional and quality private security at some level, but since I’m not one (rich or very rich, yet) I try to get into the minds of those who are rich in order to understand what is affecting them as they ponder to whether to utilize private security.

Barry and Ari Sherman:
Bernard Charles “Barry” Sherman (1942 – December 15, 2017) was a Jewish-Canadian businessman and philanthropist, chairman and CEO of the Apotex pharmaceutical manufacturer. He was rated by Forbes magazine as the 12th wealthiest Canadian, and his net worth at the time of his death was valued at 3.2 billion US dollars.

His corpse was found alongside his wife’s in their home in North York, Ontario, under circumstances that were defined as “suspicious.” In January 2018, it was reported that, contrary to preliminary estimates that it was a case of murder and suicide, the investigation led to the conclusion that the Sherman couple were probably murdered by hired killers. The couple and their family did not use private security prior to the unfortunate incident and therefore took a risk that turned out to be realistic and real – without security the couple was 100 percent exposed to the existing dangers and if there was security it may have been that it could have prevented the fatal injury. Shortly after the incident, the family made a decision to start hiring professional and quality private security.

Gianni Versace:
Gianni Versace (December 2, 1946 – July 15, 1997) was an Italian fashion designer and architect. He founded the prestigious Versace fashion brand and is considered one of the most colorful and creative fashion designers of the 20th century.

In 1978, the three siblings opened the Versace Company in collaboration with Gigi Monti, a knitwear manufacturer from the Florence area, who was the first to actually discover and invest in Gianni Versace. The company grew and became a name in the fashion industry in Europe and a global brand as early as the 1970s. In the 1980s, Versace built a grand mansion near Lake Como in Italy, which became part of the icon known as Versace. Versace was known for his unbridled style of expression, which did not strictly filter his views. He did not spare his views regarding his sexual orientation and preferred to keep his tendencies without any desire to take pride in it in public. Among his remarks was when he was interviewed by Vogue magazine, he claimed that most gays chase and acknowledge sex as legitimate and that they are incapable of building a healthy relationship, but on the other hand, he claimed that there are some individuals whose ambition was true love and he defined himself as one of the few who aspired to it. His comments caused a great deal of anger and some called for a boycott of the brand. On the morning of July 16, 1997, when he returned to his home in Miami, Versace was shot with a pistol by Andrew Cunanan, who committed suicide shortly after the murder. The background to the murder was unclear and is still a mystery to this day. Versace and his family did not utilize private security prior to the unfortunate incident and therefore he took a risk that turned out to be realistic and real. Without security, Versace was 100 percent exposed to the existing dangers, and if there was security it is possible it could have prevented the fatal assault. Shortly after the incident, the family made a decision to start hiring professional and quality private security.

Both of these incidents ended in death and are therefore defined as extreme and ones that will clearly make their successors decide to utilize private security wisely after being attacked and others will learn from their hard experience to try and be prepared in advance for an attack.

I would like to describe the possibility of a simpler and not very complex event to illustrate my view of why such people must have private security: suppose there is a very successful and wealthy businessman living in a large, luxurious estate. The businessman has spent many days outside his home where his wife and young children are left alone in the estate. One night, when he was not at home and his wife and children were sleeping, a burglar broke into the house, reached the bedroom and the wife’s bed, searched for the keys to the luxury vehicle, went outside to the parking lot and managed to steel the vehicle. The traumatic event ended “just” with theft of the luxury vehicle, but it could have ended differently and included a physical injury to the wife and children. Even after this imaginary incident, it was clear that the businessman would start utilizing private security in his home to deal with the dangers that exist. Precisely because this is an example of a criminal burglary for theft that can occur to almost anyone, it demonstrates that a person with the financial ability to finance private security cannot afford to take unnecessary risks that could cause him serious and irreparable harm.

In my personal opinion, any private individual who is famous/wealthy and/or a successful and well-known private company owner and/or influential must direct part of the budget to professional and high-quality security, if only because they can do so to protect themselves and their families. I am sure that all those individuals who were murdered or injured if they could turn back the clock would need some level of security to try and prevent the attack, realizing that in some cases spending on security is just as important and vital.

There are wealthy families like the Safra family that is known to use private security regularly from awareness of existing threats and dangers as well as from their financial capability that allows them to “secure” themselves with a physical security array.

The field of private security is worldwide and, in some cases, exhibits a very high level of professionalism that is not inferior compared to governmental security. In private security, the client must also first request a risk survey in order to recognize the relevant threats to him/her and the characteristics of his/her personal and professional activity and as a basis for deciding what level of security is required for him/her as the best response within the existing budget.

Anyone who wants to hire private security but wants to avoid visible and extreme visibility can use a low-key approach to security that produces a professional and good response that is less pronounced for the environment (this is not referring to covert security).

I recommend to anyone who is able to consume private security and is unsure whether they should spend money on this, asking themselves whether after if there was an attempt to hurt them and/or their families, would they utilize security? If the answer is yes, then start immediately and not wait for the attack.

Remember, security must be maintained even when you are a private person!

Teach your security personnel to think about the adversary

Chess pieces knight on dark background

Teach your security personnel to think about the adversary

April 17, 2018- 12:00 pm
by Miky Weinberg

The more time goes by, the better I understand that proper, effective security must include constantly thinking about the adversary.  Whoever reads my articles and is familiar with my professional opinions knows how much I dwell on the subject of seeing the attacker at every opportunity.  As I’ve written in the past, I personally understood only in retrospect that as a guard in a dignitaries protection unit in the years before the assassination of Prime Minister Yitzchak Rabin, I carried out hundreds of security assignments without actively seeking out the adversary in the area under my responsibility.  I treated each assignment I was given with the utmost seriousness, tried my best to succeed, and used everything I’d been taught.  Nevertheless, most of the time I waited to see the adversary approaching in order to identify him and to react according to his actions.  As a young security guard, I didn’t really know how to analyze the arena from the attacker’s point of view and therefore I didn’t know how to seek him out in the sensitive places in the area where he was most likely to wait and from which he would act.

The assassination of Prime Minister Yitzchak Rabin spotlighted the importance of considering the attacker’s viewpoint, as a mandatory step in dealing with the potential adversary.  One must proactively locate the adversary in the arena.

Yigal Amir waiting in the seam:

This week I drove my car to Sde Dov Airport in Tel Aviv and in the last short entry lane leading to the airport parking lot, the two vehicles ahead of me stopped.  I looked ahead and saw a security guard standing in front of the first car, signaling for him to stop and it appeared that from where he stood, he was motioning to the other cars, including me, not to continue on. It wasn’t hard to understand that he was a member of a specific security unit, who was apparently sent to clear the route at the airport.  Sure enough, two minutes later I recognized the dignitary’s car coming first, followed by the escort vehicle, both of them passing the row of stopped cars from the left, without stopping but traveling slowly because the route was relatively narrow and curving.  Of course, as the dignitary’s car passed by the guard intensified his directing of traffic in order to allow them to pass the final stretch smoothly and without stopping.  There is no better example from the field than this in order to explain why this type of action by the security guard doesn’t provide a real response to an adversary trying to harm the protected individual.

Anyone who operates and directs a security arrangement in which guards are sent to carry out security assignments in the field must understand that a guard who did a uniform course, a targeted professional training course, and many other training sessions, shouldn’t be directing traffic precisely at the most critical stage of the security mission he was sent to carry out.  It’s well known that the protected person’s passage or presence in the seam is defined in the world of security as the most sensitive and dangerous stage and therefore it was decided that in the last 15 minutes before his/her arrival, the security guards will be occupied only with actions aimed at locating the potential adversary who has decided to try to harm the protected individual, specifically at that time and specifically in the seam.

I don’t know the security guard and of course I have nothing against him, yet I think that his behavior in the field obligates us to do our homework and answer the urgent question – are we teaching our security guards to base their security work on thinking about the adversary at every step and taking the characteristics of the assignment and the arena into account? Do we understand that our security arrangement exists only because it was decided that there are adversaries out there who intend to harm the individuals we’re protecting?

What’s the explanation for these 15 minutes?

An adversary who wants to harm the protected individual, in this case a specific dignitary, will have to be in a location and at a distance that will allow him to identify his target with certainty  and then to carry out his chosen course of action without anyone identifying him and/or interfering in the process.

Based on a wealth of professional experience and logic, those who set the tenets of security work understood that no matter where the adversary is from the time he arrives in the area or what he does during that time, in order to identify the protected individual and to succeed in harming him or her, he must appear near the seam, understanding as does the security guard that this is the place that combines all the factors that grant him the best chances to succeed.  Therefore, both the security guard and the adversary must be focused solely on the mission they set out for – the adversary will focus on carrying out the attack and the security guard will focus on identifying the adversary and preventing or thwarting the attack.

A single guard who is securing an individual can’t simultaneously direct traffic and scout out the adversary.  It should be clear that in most cases actions to locate the adversary in the seam take priority as means to foil an attack, especially in the case of a single guard without backup.

A video demonstrating the adversary’s actions in the seam in the 15-minute interval:

 

A security guard who doesn’t focus on proactively locating the adversary in the seam won’t succeed in identifying the potential perpetrator in his area.  Therefore, civilian and state security in 2018 must be based on thinking about the adversary in order to increase the chances of identifying him in the arena before he manages to take us by surprise and act first, since in that case it’s likely that the guard’s actions, however swift and determined, won’t be enough to prevent harm to the protected person.

In every professional security training course, we must include a main chapter that deals with analysis of the attacker’s viewpoint in such a way that anyone who becomes a security guard will understand that during their shift they must be occupied mainly with the question of where the adversary may be and how he’s liable to act in the arena against the protected individual they’re responsible for.

Every director or head of security must act immediately to train all the security guards already working in the field, who are presumably doing the best they can but still aren’t coping effectively with the adversary.  The mission isn’t simple, but it is imperative – a mission that requires thorough and professional preparation that will become a work plan to be implemented.

Every director or head of security should know that sending security guards to carry out assignments in the field without training in the subject of understanding the attacker’s viewpoint is akin to sending out scarecrows or even worse – to placing an obstacle before a blind person.

Remember, security must be achieved by gaining complete control over everything that happens under your jurisdiction

More Articles

An outside observer as a tool for identifying gaps and improving capability

Yellow paper man near magnifying glass on dark background with beam of light

An outside observer as a tool for identifying gaps and improving capability

November 17, 2017 – 12:00 pm
by Miky Weinberg

Organizations, and those within them in junior and senior management positions, find it hard to open the door to an element defined as an outside observer.  Usually, the difficulty stems from a kind of fear regarding the personal level of the position holder and/or the level of the organization itself.

The outside observer must be permanently unconnected to the organization and must not be directly acquainted with the manager or any of the employees involved in the inspection process. Whether or not the outside observer needs to have professional knowledge in the organization’s field of work depends on the subject of the inspection.  Sometimes, in order to get the best results, it’s preferable for the outside observer to come from an entirely different field.The outside observer will be able to identify strengths, weaknesses, and gaps only when he/she is free of interests and of the internal politics of the organization being checked.  The use of an outside observer is part of the field of enforcement and supervision of the conduct and functioning of the organization with all its executives and employees and provides a way of dealing with the dangers in daily routine.  An organization that brings in an outside observer is considered to be strong and one that seeks ways and tools to improve capabilities and subsequently to improve results and achievements.
An outside observer is suitable for anyone who wants to know her present situation and isn’t afraid of the truth and its implications, and unsuitable for whoever is afraid of the truth and of unfiltered criticism and changes.

An organization and/or managers who don’t bring an outside observer element into their world are exposing themselves to dangers that could erupt at any time, with severe consequences that could even jeopardize the existence of the business.

In the world of security as well, the use of an outside observer is necessary for security companies, some of which are considered large organizations, managers of various levels of experience, and employees with suitable professional training for the job.  The security world must use outside observers for two main reasons:

  1. Security protects human life and the cost of failure could be death.
  2. Security work quickly becomes extremely routine, and routine causes dangerous gaps in the response to adversaries.

Different organizations in the world of security hire me as an outside observer and allow me to observe them for a specified period of time, at the end of which I can give them a true picture of the situation, free of “background noise” and routine organizational interferences.  Most of the time, on the way to the client’s office, as I walk through the organization’s territory, I already identify the characteristics of their routine and some of the gaps it generates.  These are the gaps that are immediately apparent to an outside observer but escape the notice of those who work in the organization.  It could be the smallest detail that to the regular observer appears in place and part of everyday life, certainly not a gap in the level of operation.  Someone who knows how to function as an outside observer will know how to recognize the signs indicating a problem and gaps in the organization and its activity, and will know how to explain to the client why they are a negative influence and how they are damaging to the organization.

In my experience, in every outside observer job I do, it takes my client a day or two to understand what I want from him and what I meant by the comments and insights I’ve provided, but from the moment he gets it, the whole truth about his state of affairs becomes clear to him and he doesn’t stop taking notes.

What are those signs that indicate a problem and a gap?

  1. When the first entry door a visitor sees in an important facility holds a faded and wrinkled sign printed on plain printer paper and held up with scotch tape, there’s no doubt that what’s inside will look as bad if not worse than the sign.
  2. When the room that houses the weapons safes becomes the storeroom for the cleaning supplies of the external contractor’s maintenance crew, it’s clear that routine has taken over the organization big time.
  3. When the emergency exit in a large store is blocked by equipment or by an installation that was obviously placed there deliberately, it’s clear that there’s no enforcement of regulations and no awareness of dangers at that location.
  4. When the work environment looks like a disorderly warehouse, it’s clear that the employees aren’t fully productive and that the organization is not at its best business-wise.

I come to an outside observer assignment without ego and free of prejudice, make sure to look into my client’s eyes and to speak at the appropriate level.  Only thus can I succeed in getting the information I need and only thus can I ask any question, even those that are difficult and possibly uncomfortable for the client.

My aim is not to rebuke, insult, or humiliate the client.  I’m careful to maintain a positive approach of support, strengthening, and building.  The client can finally understand how his/her mistakes, mostly managerial ones, create the gaps that are discovered by the adversary, who uses them as opportunities to harm the protected personality, thus harming the client as well.  The client begins to grasp that he/she must make changes within the organization, the sooner the better.  I prove to my clients that if they position themselves without ego or fear, they will succeed in leading their organizations and themselves to amazing improvements they would never have thought possible.  At times these changes bring about organization-wide improvement.  I become a winning card in my client’s hand, on condition that he/she takes my recommendations very seriously and acts promptly to implement them. The client understands that gaps can be identified and pinpointed in a positive way, without threatening anyone, paving the way to the full cooperation of the employees.

During the outside observer process, I make the client understand that it’s reasonable that he/she might lack knowledge on certain subjects connected to their work, and that it’s possible to obtain the required knowledge from a third party.  This understanding allows the client to benefit from the process.

An outside observer can identify and deal with numerous gaps, or only a few.  The outside observer shouldn’t be contacted only when the organization is already in a deep crisis.

When carrying out outside observation in the context of the world of security, I make sure to stress the importance of working in accordance with the basic principles of security, and provide tools to give the security guards a better understanding of their mission, thereby enabling them to maintain a maximal level of operation over time.  I explain and demonstrate to my client the elements that are necessary in the security guards’ work environment in order for them to succeed in their missions during routine times, in times of emergency, and especially when faced with a potential adversary.

One of the main points that I always make sure to get across to the managers is the fact that they need to be more involved in what happens in the field, in enforcement and supervision, and by no means should they allow themselves to become detached from the field and depending solely on reports from their subordinates.  I’d like to note that in the case of the assassination of Prime Minister Yitzchak Rabin, the Shamgar committee found that the head of the service at the time didn’t directly supervise the Dignitaries Protection Unit and therefore didn’t really know what was going on within it.  That led him to make poor decisions over time and to reach the day when he was taken by surprise and realized that his worst nightmare had come true.

Lack of openness and inflexible thinking on the part of the managers causes the security guards in the field to act the same way, losing faith in the mission and losing creativity in their thinking.  My experience, and that of others acting as outside observers, allows us to bring the client another way of thinking, creative and refreshing, that allows him/her to be better, more professional, and highly capable of activating the employees.

One of the topics that always appear in my concluding report involves the trainings and exercises for security directors, shift managers, and security guards.  I recommend switching to special exercises and trainings that are increasingly suited to the reality in the field, including many practical exercises.

I get the message across that good security means good security directors, shift managers, and security guards who are assigned a mission and know how to carry it out the best way possible.  In security, too, you have to know how to reach each guard personally and make him/her better.

What types of outside observation can be carried out?

  1. The classic, accepted type – Observation of work and conduct and the preparation of a summary report
  2. Professional accompaniment of a staff member – professional accompaniment of a security director or shift manager or security guard for a day or over the course of a few days, through which all the characteristics and conduct of the employees and of the organization in general can be revealed.  You’ll be amazed how much can be learned in one day of professional accompaniment.
  3. Activity of a “red team” within the organization (the target) – infiltration and surveillance of the target for a few days, while checking a number of specific professional issues, facilitates the formation of a well-founded and documented situation report.

I prefer the second and third options, which are out of the ordinary in the field of outside observation and truly allow me to bring the client a well-founded real-time situation report.  The added value of option 3 lies in the photo-documentation that lets me present the situation to the client at the conclusion in a video from the field.

The operation of an outside observer is of utmost importance in the life of an organization, especially for those whose work is safeguarding human life, but can only succeed if the client is at the point of personal and professional maturity that will allow him/her to open themselves and the organization to an independent element.  An outside observer can bring valuable results only when operating in an environment that sticks to the necessary principles – mainly that during the course of the observation the day-to-day reality remains as is.

Remember, security must be achieved by gaining complete control over everything that happens under your jurisdiction

More Articles

VIP Security – How can it be that the VIP’s car is stolen from in front of the hotel?

VIP Security – How can it be that the VIP’s car is stolen from in front of the hotel?

July 4, 2018 – 12:00 pm
by Miky Weinberg

Documented: The Military Attache in Europe was in a meeting – and the official state car was stolen

The driver and the Israeli security guard waited outside of the running car.  The thief took advantage of the opportunity and made off with the luxury Audi.

On Monday, July 2nd, 2018, the above item appeared in the media, including a video recording the moment of the car theft and the first reactions of the security guard and the driver, who were nearby (in front of the hotel – the seam):

 

The videotaped event gives us an additional opportunity to explain what we can, regarding the work of a personal bodyguard.  The protected personality, the Military Attache in a European country, is holding a meeting in a hotel that is apparently drawing to a close.  One can see in the video that the personality’s car is already situated at the entrance to the hotel heading in the right direction, the driver and the guard are also in front of the hotel (defined in security terms as the seam – the area between the hotel’s exit door and the car).  Just before the theft, we see the guard walking on the sidewalk and at a certain point a man holding a coat walks past him, after which the guard is seen moving ahead and standing with the driver and the protected person, all standing together on the sidewalk behind the car.  The moment of the theft: the three are still standing and talking, the thief approaches the car from the direction of the opposite sidewalk, pauses for a few seconds next to the driver’s door, nonchalantly enters the car, and drives away about three seconds later.  It appears that the driver is the first to realize that something is happening with the car. He alerts the guard, who starts running forward, apparently shouting something to the driver.

It was later learned that the luxury car was neutralized by the Audi company by remote control and was found abandoned in the Muslim neighborhood.

I, personally, think that very few people would think of the possibility that someone would come and steal the car from under the noses of the guard and the driver, but at the same time it should be noted that the decision to leave the car open with the keys inside and stand with one’s back to the car turned out to be a miserable decision.  It wouldn’t be right to merely chalk it up to stupidity on the part of the guard and the driver, because then we won’t learn from the event, and also because I’m sure the guard and the driver aren’t really stupid.

A professional error like that could arise from disbelief that anything could happen or as a result of personal fatigue or a combination of the two.

In personal security, single-guard security is considered challenging and difficult and requires a high level of decision-making ability, especially regarding the guard’s position relative to the VIP’s position and the possible threats at any given moment.  The guard is responsible only for the personality’s safety, taking into consideration all the means and personnel at his disposal for seeing the threats and finding the best possible response. The concept of field security sends the bodyguard to guard the personality at the point of arrival at the hotel, on the route he walks from the car to the room where the meeting takes place, throughout the meeting, on the exit route to the car, and in the car until it begins to move and leaves the area. The characteristics of the protected person’s actions will affect the process of threat analysis carried out by the guard. Activity defined as patterned (repetitive activity) expands the list of possible threats against the personality as opposed to activity that isn’t patterned, which will shorten the list of threats.  In both cases, the guard will be required to suit the level of the response to the level of the threat, considering every place the personality will be – the car, the seam, the route within the hotel, and the meeting room.

Since we’re dealing with single-guard level security, the guard is defined as the first and last circle of protection before reaching the protected person.  Therefore as a rule the guard will remain in close proximity to the personality, unless there’s a very good reason for him to leave in order to carry out a security action elsewhere.

It should be clear that in the event that the personality in question uses the same hotel for meetings, his activity is considered a pattern, so the guard has to be sure to stay close to him or her at all times, while using the driver for surveillance of the car as a security response to possible actions by the threatening party.

In personal security, the driver is part of the security arrangement, especially when the level of security is single-guard, so he must keep in mind his responsibility for everything connected to the personality’s car – its maintenance, appearance, and security – as a part of the general security arrangement. A professional operative driver must understand that when he remains in the area of activity, he must be sure to maintain constant surveillance of the car. At the point before departure, as in the event in question, he should be seated in his place in the car.  If the driver had worked according to the principles of his job as the driver of a secured personality, the thief wouldn’t have thought to try stealing the car. The operational error of the guard was that he didn’t make sure that the driver would be seated in the car at the time that the personality exited the hotel as an emergency precaution.  I wouldn’t rush to criticize the guard for the theft of the car because the driver wasn’t sitting in it, but I would criticize him for not being on full operational alert.  The car plays a very important role at the stage where the personality goes out to the car, as witnessed by the assassination attempt on President Ronald Reagan and the assassination of Prime Minister Yitzchak Rabin.

Every security guard, especially a personal bodyguard, must remember that every security principle that isn’t adhered to fully causes a security gap that may become known to an adversary who is brave enough to take advantage of it to attempt to harm the personality or to carry out some other action, such as stealing his fancy official state car.

 

Remember, security must be achieved by gaining complete control over everything that happens under your jurisdiction.

More Articles

The Shooting from the Hotel in Las Vegas – Hotel Security in Israel

The Shooting from the Hotel in Las Vegas – Hotel Security in Israel

April 10, 2018 – 12:00 pm
by Miky Weinberg

The shooting that took place this week [in October] in the vibrant gambling city of Las Vegas was perpetrated by Stephen Paddock, an American citizen who took a room on the 32nd floor of the Mandalay Bay Hotel and turned it into a war room, thoroughly planned and orchestrated to coincide with a music festival attended by thousands that served as his opportunity to vent personal frustration via the biggest mass murder to ever occur in the U.S. at the hands of an American citizen.

The cold-blooded murderer opened fire for 9 -11 minutes, managing to kill 59 innocent civilians and to wound over 500, some of them very seriously.

Details of the event that have been reported paint a difficult and worrisome picture regarding mass event security and hotel security.  In the context of civilian security in Israel, I believe that the aforementioned event should be a large red flag for the government of Israel, for the security division of the Israeli police force and for all those hotels with appointed CEO’s and CSO’s.  This is the time to stop and rethink everything having to do with mass event security and especially with hotel security.

In order to understand why I believe this, I recommend watching the footage of the event in Las Vegas:

Hotels in Israel are secured according to the guidelines of the Security Division of the Israeli Police Force that determine the required level of security based on the number of rooms in the hotel and the occupancy percentage.  As someone who has walked around in hotels quite a lot as part of my job, I can allow myself to state that the level of security in most of the hotels in Israel does not provide an adequate response to the threats cited by the police, as a supervising authority, and certainly couldn’t deal with events similar to the shooting in Las Vegas.

And again, I recommend watching the following footage showing the despicable murderer’s room:

You don’t have to be a security expert to understand that the killer planned his actions in advance, booking the room far enough in advance to have time to bring in all the weapons, rig the room with cameras, and prepare it for the moment of truth, 9-11 minutes of deadly gunfire that kills and maims innocent civilians.  The film raised a number of questions for me that are directly connected to the hotel’s security with regard to security in Israel:

To what degree is the CSO in control of the list of the hotel’s guests, and to what extent does it allow him to identify suspicious signs?

Is the hotel networked with cameras that allow control of its public areas and is the hotel security headquarters capable of gleaning information from them in real time?

Are the hotel employees and security personnel trained to recognize suspicious signs in a room or in its immediate vicinity?

Does the control of the entrances to the hotel, including those connected to underground parking lots, channel the hotel’s guests through an entry or exit route that allows security to identify suspicious signs in a person or in his/her luggage?

Is the hotel’s security force trained to respond to every threat defined in the hotel’s security operational plan?

Do the CEO, the CSO, the employees, and the security force have maximum control over everything that happens on the hotel’s premises?

A hotel is a private facility that offers accommodations and entertainment outside the civilian’s home and allows him or her to rent a room for a certain amount of time for a given price, and in that context to use the hotel’s various facilities.  In the mission clause in the hotel’s security operational plan it states that the security of the hotel is carried out in order to prevent and thwart any injury of anyone staying on the premises, employees and guests.

In reality, can a person who took a room in a hotel in Israel be sure that he/she is being protected from the threats that were defined?  Can he/she be sure that the hotel personnel in the different positions indeed know what’s going on in it?  Can he/she be positive that they’ll complete their stay at the hotel without injury or heaven forbid, death?

Most of the civilians who come to a hotel are totally innocent and come for the purpose of rest and recreation, but there are some who take advantage of the hotel platform to commit criminal acts and /or terrorist activities, if only because they feel comfortable there and sense a lack of supervision.

I remember that when I had just started out as a security guard in the General Security Services in ’91, I was sent to Moscow Base in Russia for three months. I stayed at the Sputnik Hotel, where on every floor there was an old lady 24/7 whose only job was to see and document everything that happened on that floor, who came in, who left, what they did, who they spoke to, etc.  Nothing slipped past her eyes and her ears.  Control. 100% control.

With regard to hotel security in Israel, I believe we must achieve maximum control over everything that happens on the hotel premises, and certainly an event with the characteristics of the one that happened in Las Vegas.

That kind of control is achieved by a combination of trained, skilled personnel and technology that creates proven deterrence and the capability for swift and determined identification and response, all without damaging the hotel’s intended purpose as a profitable business.  In the hotels in Israel there is security that complies with the guidelines of the Israeli Police, but its actual level is not high and doesn’t meet the standards of the written requirements.

Every guest in every hotel must see and feel the security that’s in place there and must understand that he/she is visible 24/7 in the public areas.

The proper and serious regard of the field of security by the CEO and the CSO of the hotel will lead to the understanding that security, though often considered solely an expense, plays an integral role in achieving the hotel’s goals as a financial enterprise, and will result in the recruitment of higher quality personnel for the security positions.

The aforementioned event emphasizes the importance of the hotel headquarters as a place that controls the public areas with the help of visible and hidden cameras and is capable of identifying irregular behavior of a guest or even of a hotel employee.  Today the cameras and the active headquarters take the place of the old lady sitting in the Russian hotel in the 90’s.

In my opinion, it’s time for the Hotel Association of Israel, together with the Israeli Police, in addition to rating the quality of each hotel’s service, to rate the level of its security so the innocent civilian can know and decide if it suits him or her to stay in a hotel with the designated level of security.  Perhaps this type of rating would prompt the CEO’s and CSO’s to regard security more seriously.

The wise thing in security and in general is to know how to learn from events that happened outside of Israel in order to check if there’s a need to make changes in the current state of affairs.  I believe that the shooting in Las Vegas is just such an event that we can learn from in order to improve the level of security in hotels in Israel.

Remember, security must be achieved by gaining complete control over everything that happens under your jurisdiction.

More Articles