Show
Threat assessment means different things to different people. Security professionals, police, judges, psychologists, and school counselors all use the term and conduct tasks they describe as threat assessment. These approaches are all predictive in nature, but very different. This post was first published in late 2019. Since publication, it has been the most popular page on our website. In 2021, 23, 787 , 5,483 visitors from all over the world read this post. For a small company like us, this is awesome. We are helping security professionals everywhere identify techniques that can help them secure lives and property. I hope that you find this resource useful too. Don’t hesitate to reach out if we can help you or your organization. threat assessment approachesTake a moment to think about what threat and risk assessment means to you, or what problem you are hoping that threat assessment will help you solve. Are you looking to:
This post isn’t meant to be a comprehensive review of each method. Rather, it is meant to define and help you identify threat assessment training and resources. Now, let’s take a deeper dive into each threat and risk assessment approach. 1. The Security Threat and Risk AssessmentTo people who work in the security or protection industry, threat assessment is the first step in a risk and vulnerability analysis. This threat assessment task involves assessing the various security risks associated with a particular location. It covers a broad range of threats, including: natural threats (tornadoes, hurricanes, floods, earthquakes), criminal threats (theft from location, violence against staff), terrorists (active shooter, vehicle, and person-borne improvised explosive devices), and potential accidents. Once threats are identified, organizations can plan for how they will protect their workers, facilities, supplies, and critical infrastructure. Threat & Risk at an airportFor a security risk threat assessment, let’s take an example of a terminal at an airport. Potential threats to an airport could include natural disasters (such as a snowstorm, earthquake or hurricane), an organized terrorist attack, other criminal acts (e.g., employees smuggling in contraband into the airport), or an accident (such as a computer failure causing the airport communication systems to shut down). Each of these threats will require a different response. This security threat risk assessment includes not only identifying potential threats, but also evaluating the likelihood of occurrence for each--just because something can happen, doesn’t mean it will. The vulnerability assessmentFollowing the security risk threat assessment is the vulnerability assessment, which has two parts. First, it involves a determination of the assets as risk (e.g., people, buildings, equipment). Part of this includes an estimation of the financial loss that would be incurred if the given location was successfully attacked and stopped providing service. Second, it includes an assessment of the level of attractiveness of the target (in the case of intentional attacks) and the level of existing defenses against each threat. In the case of a large airport in a busy metropolitan area without nearby airports, any suspension of services at the airport would create a significant disruption. In contrast, suspension of services at a small county airport would create less of a disruption. As an example of attractiveness, a small county airport operation may be a less attractive target for this reason. Potential threats, impacts associated with loss of the facility, and assessments of vulnerability are reviewed in combination as part of a risk analysis. The risk analysis also involves the study of existing and necessary countermeasures to protect against and mitigate potential threats. This analysis reveals opportunities for upgrading or improving existing countermeasures. Learn about Security Threat Risk AssessmentIf you are interested in learning more about risk analysis, here are some great resources:
2. Active Threat AssessmentFor security professionals, threat assessment is also used to describe a process through which your operational personnel observe and identify potential, immediate, or imminent threats (e.g., active shooters, terrorists, criminals). At Second Sight, we use the term active threat assessment to describe the process of systematic observation to identify threats. These threats could be against your clients, their facilities, or your personnel. The Active Threat Assessment MethodologyActive threat assessment involves a focused observation of behaviors and actions. It is a threat assessment methodology by which an observer (such as one of your security officers) systematically observes their environment, identifies potentially suspicious individuals (also known as persons of interest), and assesses the potential threats posed by these individuals. A person of interest (POI) is an individual who is a target for further observation. They may become a target due to suspicious activity or a display of threatening behavior. Further observation of the POI involves an assessment of threat indicators. Threat indicators are visual behaviors that indicate an individual might be a threat. For example, they might be trying to avoid notice, or they could show visible signs that they are carrying a weapon. These assessments, in combination, allow for the identification of active threats. Potential Users of Active Threat AssessmentSecond Sight’s threat assessment approach can be used by a broad range of security personnel, including:
To learn more about active threat assessment, read our post about active threat assessment, join our mailing list, or enroll in one of our online active threat assessment training courses. 3. The Cyber-security Threat and Risk AssessmentThe same threat risk assessment and analysis process can be applied to cyber-security. A cyber-security threat risk assessment can involve protecting information (e.g., the Personally Identifiable Information of your customers), networks (e.g., the internet at your offices), software (e.g., your customer management system), and hardware (e.g., the laptops and desktops of your employees). The basic steps of a cyber-security threat risk assessment are:
After the assessment, it is then possible to implement or improve controls based on the higher risk threats to cyber-related infrastructure. If you are interested in learning more about the cyber-security threat risk assessments, we recommend you review the following resources:
4. Threat Assessment for Instrumental ViolenceThe National Association of School Psychologists (NASP) describes a broad spectrum of activities for identifying and intervening with potentially violent individuals who appear at risk for committing instrumental violence. Instrumental violence is when an individual commits (or threatens to commit) a specific attack, such as a mass shooting. In your case, it could involve an employee who has made threats against other staff members or has been involved in recent altercations at work. For executive and personal protection, it could involve individuals who have made threats against your protectee. A noted authority on this approach is the U.S. Secret Service National Threat Assessment Center (NTAC). In a recent report titled “Mass Attacks in Public Places,” they noted many of the attackers in 2019 had similar backgrounds, including: a personal grievance; history of criminal behavior; substance abuse or mental health symptoms; or other stressors (such as financial instability). Many of these attackers also had communicated or elicited concern from others prior to the attack. These situational and behavioral factors can serve as flags of individuals who may commit instrumental violence. Threat Assessment in SchoolsThe NTAC developed the national model for threat assessment in a school setting. While NTAC’s focus is on schools, their approach is applicable to other facilities as well. This approach has five steps:
Potentially threatening individuals are identified from information and referrals. Then, these individuals are assessed for the extent they may commit an attack. Those at-risk for violence are targeted with a variety of interventions. In the case of an imminent attack, immediate measures would be necessary to control the individual. When it comes to school violence prevention, the NASP provides suggested guidelines for administrators and crisis teams. Further, a 2018 article reviews the major findings from the research on the federal school threat assessment model and provides guidance on how to implement the model effectively. If you would like to learn more about this type of threat assessment, more information is available from the sources below, and an internet search will reveal a variety of other resources on the topic:
5. The Violence Threat Risk AssessmentViolence threat risk assessments are generally legal and clinical in nature, and are typically used to estimate the likelihood of future violent behavior by an individual. This is somewhat different than the instrumental violence approach described above, though it still involves identification of risk factors and intervention strategies. The violence threat risk assessment focuses on assessing an individual’s predilection for violence more generally, and is not related to a specific attack against a specific target. These threat risk assessments include things like domestic violence lethality assessments or algorithmic risk assessment tools. This approach may not be something you or your personnel perform directly. More often, these assessments are conducted by clinical professionals who are qualified to administer a battery of tests that evaluate one’s likelihood of committing a violent act. These violent threat risk assessments can include professional judgment of the clinician as well as actuarial-based assessments. The latter uses predictive algorithms that assess risk factors and determine the probability of future violence. Violence threat risk assessments are used to guide decisions at various points in the criminal justice system. For example, they are often used in determining pretrial or parole release decisions, release from psychiatric facilities, civil commitment and criminal sentencing decisions, and for inmate classification within correctional facilities. There are many different types of threat risk assessment tools. For example, one well-known and widely-adopted tool is the Public Safety Assessment (PSA). Though, please note that there are a fair amount of criticisms regarding the accuracy and fairness of different algorithmic techniques. If you are looking for research and support to conduct threat assessments related to individual risk and violence, we encourage you to access resources available from:
What’s Next?Depending on your needs, any of these approaches to threat and security assessment may be relevant to you or your personnel. As a next step, take a deeper dive into some of these resources and continue your quest to learn more about threat and risk assessment. All of these approaches are essential to protecting our community and keeping people safe. If you are interested in learning more about active threat assessment, check out our active threat assessment for security professionals now. ReferencesAdvanced Psychological Associates. (2020). APA Guidelines for Psychological Assessment and Evaluation. Retrieved January 2022 from https://www.apa.org/about/policy/guidelines-psychological-assessment-evaluation.pdf Arnold Ventures. (2017). Public Safety Assessment: A Risk Tool That Promotes Safety, Equity, and Justice. Retrieved January 2022 from https://www.arnoldventures.org/stories/public-safety-assessment-risk-tool-promotes-safety-equity-justice/ Blank, R.M., and Gallagher, P.D. (2012). Guide for Conducting Risk Assessments. The National Institute of Standards and Technology (NIST). Retrieved January 2022 from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf Botha, A. (2021). Chapter 28: Prevention of Terrorist Attacks on Critical Infrastructure.In the Handbook of Terrorism Prevention and Preparedness. Retrieved January 2022 from https://icct.nl/app/uploads/2021/04/Handbook-Ch-28-Botha-Prevention-of-Terrorist-Attacks-on-Critical-Infrastructure.pdf Brayne, S., & Christin, A. (2021). Technologies of crime prediction: The reception of algorithms in policing and criminal courts. Social Problems, 68(3), 608-624. Retrieved January 2022 from http://www.angelechristin.com/wp-content/uploads/2020/03/Technologies-of-Crime-Prediction_SocProblems.pdf Bucklen, K.B., Duwe, G., and Taxman, F.S. (2021). Guidelines for Post-Sentencing Risk Assessment. National Institute of Justice: Washington, D.C. Retrieved January 2022 from https://www.ojp.gov/pdffiles1/nij/300654.pdf Chohlas-Wood, A. (2020). Understanding Risk Assessment Instruments in Criminal Justice. The Brookings Institution. Retrieved January 2022 from https://www.brookings.edu/research/understanding-risk-assessment-instruments-in-criminal-justice/ Cornell, D.G. (2020). Threat assessment as a school violence prevention strategy. Criminology & Public Policy, 19(1), 235-252. Retrieved January 2022 from https://onlinelibrary.wiley.com/doi/abs/10.1111/1745-9133.12471National Threat Assessment Center (NTAC). (2018A). Mass Attacks in Pubic Spaces - 2017. United States Secret Service. Obtained January, 2019 from https://www.secretservice.gov/data/protection/ntac/USSS_NTAC-Mass_Attacks_in_Public_Spaces-2017.pdf Cybersecurity and Infrastructure Security Agency (CISA). (2019). A Guide to Critical Infrastructure Security and Resilience. Retrieved January 2022 from https://www.cisa.gov/sites/default/files/publications/Guide-Critical-Infrastructure-Security-Resilience-110819-508v2.pdf Desmarais, S. L., & Zottola, S. A. (2019). Violence risk assessment: Current status and contemporary issues. Marquette Law Review, 103, 793. Retrieved January 2022 from https://scholarship.law.marquette.edu/cgi/viewcontent.cgi?article=5441&context=mulr Enang, I., Murray, J., Dougall, N., Aston, E., Wooff, A., Heyman, I., & Grandison, G. (2021). Vulnerability assessment across the frontline of law enforcement and public health: A systematic review. Policing and Society, 1-20. Retrieved January 2022 from https://www.tandfonline.com/doi/full/10.1080/10439463.2021.1927025 Huber, N. (2019). “Intelligence-Led Policing for Law Enforcement Managers.” The Federal Bureau of Investigation Law Enforcement Bulletin. Retrieved January 2022 from https://leb.fbi.gov/articles/featured-articles/intelligence-led-policing-for-law-enforcement-managers Interagency Security Committee. (2016). The Risk Management Process for Federal Facilities: An Interagency Security Committee Standard, 2nd Edition. Retrieved January 2022 from https://www.cisa.gov/sites/default/files/publications/isc-risk-management-process-2016-508.pdf International Association of Chiefs of Police (IACP). (2017). Managing Cybersecurity Risk: A Law Enforcement Guide. Retrieved January 2022 from https://www.iacpcybercenter.org/wp-content/uploads/2015/04/Managing_Cybersecurity_Risk_2017.pdf Metivier, B. (2017). “6 Steps to a Cyber Security Risk Assessment.” Sage Data Security. Available atRetrieved January 2022 from https://www.sagedatasecurity.com/blog/6-steps-to-a-cybersecurity-risk-assessment. Miller, A. (2014). Threat Assessment in Action. The American Psychological Association. Available at https://www.apa.org/monitor/2014/02/cover-threat.aspx. Modzeleski, W., & Randazzo, M.R. (2018). School threat assessment in the USA: Lessons learned from 15 years of teaching and using the federal model to prevent school shootings. Contemporary School Psychology, 22(2), 109-115. Retrieved January 2022 from https://link.springer.com/article/10.1007/s40688-018-0188-8 National Association of School Psychologists (NASP). (2015). School Violence Prevention: Guidelines for Administrators and Crisis Teams. Retrieved January 2022 from https://www.nasponline.org/resources-and-publications/resources-and-podcasts/school-safety-and-crisis/school-violence-resources/school-violence-prevention/school-violence-prevention-guidelines-for-administrators-and-crisis-teams National Institute for Occupational Safety and Health (NIOSH). (ND). “Violence Risk Assessment Tools.” The Centers for Disease Control and Prevention. Retrieved January 2022 from https://wwwn.cdc.gov/WPVHC/Nurses/Course/Slide/Unit6_8 National Institute of Justice (NIJ). (2005). Domestic Violence Lethality Screen for First Responders. Retrieved January 2022 from https://nij.ojp.gov/sites/g/files/xyckuh271/files/media/document/domestic-violence-screening.pdf National Threat Assessment Center (NTAC). (2018A). Enhancing School Safety Using a Threat Assessment Model: An Operational Guide for Preventing Targeted School Violence. United States Secret Service: Department of Homeland Security. Retrieved January 2022 from https://www.cisa.gov/sites/default/files/publications/18_0711_USSS_NTAC-Enhancing-School-Safety-Guide.pdf. Obtained January, 2019 from National Threat Assessment Center (NTAC). (2019). Protecting America’s Schools: A U.S. Secret Service Analysis of Targeted School Violence. United States Secret Service: Department of Homeland Security. Retrieved January 2022 from https://www.secretservice.gov/sites/default/files/2020-04/Protecting_Americas_Schools.pdf National Threat Assessment Center (NTAC). (2020). Mass Attacks in Public Spaces - 2019. United States Secret Service: Department of Homeland Security. Retrieved January 2022 from https://www.secretservice.gov/sites/default/files/reports/2020-09/MAPS2019.pdf Partnership on Artificial Intelligence. (2019). Report on Algorithmic Risk Assessment Tools in the U.S. Criminal Justice System. Retrieved January 2022 from https://pde.is/posts/docs/Report-on-Algorithmic-Risk-Assessment-Tools.pdf RAND Corporation. (2021).“Terrorism Threat Assessment.” Retrieved January 2022 from https://www.rand.org/topics/terrorism-threat-assessment.html Ready.gov. (2021). “Risk Assessment.” Retrieved January 2022 from https://www.ready.gov/risk-assessment Ready.gov. (2021). “Risk Mitigation.” Retrieved January 2022 from https://www.ready.gov/risk-mitigation Renfroe, N.A. and Smith, J.L. (2016). “Threat / Vulnerability Assessments and Risk Analysis.” Applied Research Associates. Retrieved January 2022 from https://www.wbdg.org/resources/threat-vulnerability-assessments-and-risk-analysis. Savage, T.A., and Woitaszewski, S.A. (2018). School-Based Threat Assessment: Best Practices and Resources. Presentation at the Minnesota School Psychologists Association: Plymouth, MN. Retrieved January 2022 from https://www.mspaonline.net/resources/Documents/past%20conference%20materials/2018/School-Wide%20Practices/School-Based%20Threat%20Assessment_%20Best%20Practices%20and%20Resources%20-%20Savage,%20Woitaszewski.pdf Serin, R.C., Lowenkamp, C.T., Johnson, J.L., & Trevino, P. (2016). Using a multi-level risk assessment to inform case planning and risk management: Implications for officers. Federal Probation, 80, 10. Retrieved January 2022 from https://www.uscourts.gov/sites/default/files/80_2_2_0.pdf Simons, A., & Meloy, J. R. (2017). Foundations of threat assessment and management. In The Handbook of Behavioral Criminology, 627-644. Retrieved January 2022 from https://link.springer.com/chapter/10.1007/978-3-319-61625-4_36 “Violence Risk Assessments.” (ND). Obtained from December 2018Retrieved January 2022 from https://psychology.iresearchnet.com/forensic-psychology/violence-risk-assessment/ What threat category affects the long term goals of the organization?ANSWER: Strategic: Action that affects the long-term goals of the organization.
What control is designed to identify any threat that has reached?Detective. Detective controls are designed to detect a threat event while it is occurring and provide assistance during investigations and audits after the event has occurred.
Which of the following is a network that moves a product from the supplier to the customer and is comprised of vendors?A supply chain is the network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product. A supply chain encompasses everything from the delivery of source materials from the supplier to the manufacturer through to its eventual delivery to the end user.
What term best describes the ability to continue to function as the size or volume of the enterprise data center expands to meet the growing demands?In information technology, scalability (frequently spelled scaleability) has two usages: 1) The ability of a computer application or product (hardware or software) to continue to function well when it (or its context) is changed in size or volume in order to meet a user need.
|