The New Face of Risk, Threat and Vulnerability Assessment

John Orloff

Share this post

Dec 15, 2022

Major event security is in flux. And as the risk environment shifts so should your security operations. Any of us can imagine all kinds of threats to a Superbowl game, UN conference, concert or Presidential inauguration. But as strategic security advisors to major sports leagues, stadium owners and public leaders responsible for the safety of thousands of constituents, we’re not paid to guess.

Assessment is the Starting Point for Risk Mitigation

For decades, we’ve been securing large-scale, mass-gathering venues, such as sports stadiums, concert halls, shopping malls and convention centers. Before many of us moved to the private sector from public service, we led security planning and execution for major U.S. and international events, such as G-7 security summits, UN conferences, Super Bowls and the Olympics.

In short, our job isn’t to imagine. It’s to mitigate harm and negative impacts, gather facts, and recommend countermeasures based on a rational measurement of risks, threats and vulnerabilities. That integrated process of risk mitigation always starts with an assessment.

Why Major Event Security is Changing

The risk environment confronting mass-gathering events is changing.

  • Concentrations of people can be magnets for malicious action. Today’s large-attendee venues are a target-rich environment, whether for an active assailant or act of terrorism.
  • Attacks aren’t just possible, they’re happening. One major sports franchise had a shooting just outside the stadium perimeter. Fans fled their seats after hearing gunfire in the middle of the event, risking further injury. A few months later, the same franchise had a second shooting in the same location.
  • The perimeter has expanded dramatically. It’s one thing if the venue for the event has a clear boundary, like a stadium, rink or arena. However, many franchises and local government leaders are expanding venue attractions to include public-oriented events and activities in the areas immediately surrounding the venue, like play areas for kids, parking lots for tailgating, and eateries and bars. One major city’s sports team is moving to a nearby location with several hundred acres. Controlling access, egress and on-premises activities for multi-acre, multi-activity footprints is a security challenge on an entirely different scale.
  • The basics matter, but their application needs to evolve. Security fundamentals, in general, remain just as critical as in the past. This includes extended perimeter security planning to mitigate long-range threats, security personnel staffing at multiple levels, screening operations, integrated security policies and procedures, and talent security during appearances, travel and at practices or rehearsals. But as the venue footprints expand, the tactics must adapt as well.

Seven Steps for Mitigating Risk at Mass-Gathering Venues

  1. Reconsider your security model. Rather than depend on your traditional perimeter-based model for single-site security, your model should be similar to those that support larger facilities and multi-acre, mixed-use locations, like university campuses, publicly accessible government buildings and entertainment parks (e.g., Disneyland).
  2. Apply traditional perimeter security planning to key micro-sites. A layered approach to security is still critical. But instead of three rings around one facility, you may need three rings around various key sites at your venue. You may need to group certain activities and design integrated security systems that support specific micro-locations.
  3. Design some facilities to serve core security functions when needed. During a crisis, select buildings, assets and systems should allow for repurposing from non-security tasks to temporarily assigned security roles and functions.
  4. Forward-deploy security assets. One way to accelerate responses to security incidents is to forward-deploy some types of equipment and various supplies throughout your security zones.
  5. Adopt more advanced technologies. Upgrade your ability to monitor, diagnose, respond and communicate across your venue complex or campus. Consider acquiring technologies such as video analytics, facial recognition and artificial intelligence.
  6. Aggressively train and drill security, non-security personnel and law enforcement partners. Training is always important. It’s just more critical when you have more to protect and many people to coordinate in a crisis. Be sure to up-level your training of non-security personnel. Even if they’re not experts, they should be knowledgeable about their role in monitoring for unusual activity and how to respond and help fans, attendees, and members of the public during a crisis.
  7. Enhance liaison, training, and information-sharing with first responders and other third parties. Security planning, prevention and response is a multi-party activity. Your in-house security personnel can’t go it alone. Know your partners. Make sure they understand and have an opportunity to help you improve your emergency response and communications procedures.

Overwhelmed? We’re Here to Help.

Security strategies and threat countermeasures have been evolving for decades. Much of your current security operations and capabilities are adaptations to close gaps highlighted by past crises or technologies. We can help you further assess your facility’s risks, threats, and vulnerabilities and improve your security capabilities to better manage the risks associated with major events. Learn more about our security risk management services here.


Headshot of John T. Orloff

About the author

John T. Orloff
John leads Jensen Hughes' Security Risk Management Practice and, as a senior advisor to corporations, major public organizations and affluent families, taps a wealth of domestic and international experience in security best practices, threat assessments, emergency preparedness and crisis management.