We’ve been getting an increasing number of questions about critical incident response teams (CIRTs) from existing and potential clients. This is natural, given the many active shooter incidents reported not only in schools but also in public areas and workplaces. There is even a website, Mass Shooting Tracker, that documents this disturbing trend and reports more than 2,000 incidents in which four or more people were shot since 2013 in the U.S. alone.
The many inquiries we’ve received recently have led us to discuss and clarify our recommendations to clients concerning CIRTs, and we’d like to share some of these thoughts in this blog.
We do this as executive protection professionals, of course, because our approach is definitely colored by that experience. But we also do it as specialist partners who have spent a lot of time working with corporate security and procurement departments over the years – and know that good security has many stakeholders in the corporation – all of whom need to be included and respected.
1. CIRTs are a high-criticality niche within the security services niche
What CIRTs do matters. Yes, all security is about protecting lives and assets, and everything security teams do matters. But since this part is specifically about the highest criticality incidents, it’s no exaggeration to assign CIRTs a life-and-death level importance.
Within the niche of specialized security services, CIRTs represent an even narrower niche. What CIRTs do (or do not do) as part of their job has great impact on the organization as a whole and on any corporate employee involved.
2. You need more than a couple of armed people to set up an effective CIRT
Just because you carry a gun doesn’t mean you’re an active shooter expert. To be truly effective – and to do more good than harm – a CIRT program really must be more than hiring one or more persons who know how to shoot. You need a plan, and the plan has to include a number of different elements and considerations.
Like executive protection, the first goal of any CIRT is keeping trouble as far away from the people to be protected as possible to prevent harm. The second goal is to react quickly in case we were not able to foil trouble.
Without turning this blog into a tactical how-to, we ask you to consider just a few points.
- Think outside-in: Stopping enemies at the gate is way better than dealing with them inside the castle walls. That means you need eyes on the outside to enable early detection of any trouble before it happens. How do you do this with available resources? Do you have people working the parking and arrival areas? Have you considered surveillance detection? You’d better think it through.
- Check your choke points: For most organizations, the reception and/or lobby area are the first places a perp is going to run into resistance. The first point of resistance is where things most often go south. (Most often in the morning, by the way.) Are you ready? Have you trained your friendly receptionist to know what to look for? Do the security guards handle the trouble, or is the CIRT so close-by that they can respond to trouble? Have you worked with facilities to integrate bullet-resistant glass where relevant, lock-down procedures, and other containment barriers?
- Consider competencies carefully: Most companies already have security guards on site. Isn’t this good enough? Can’t they handle any trouble that comes up? Umm, think about what you get for minimum wage plus change. If you’ve hired some seasoned ex-LEO as your CIRT specialists, are they so seasoned that they can’t sprint from one end of campus to the other in case of emergency?
- Break down organizational silos: There are a whole lot of moving parts that have to work together with extreme precision to effectively prevent – or neutralize – an active shooter. In the real world, unfortunately, the left hand might not know what the right hand is doing. The left hand might just shoot the right hand, actually. How are your security guards, EP agents, facilities management people, local law enforcement resources, and CIRT teams going to choreograph their responses when things get crazy, fast? What about regular, non-protective employees – some of whom might even be carrying? You’re going to need a plan, training and exercises to make it all work.
3. CIRTs have very particular recruitment, training, and management requirements
No corporate HR department and few corporate security departments have the insight or expertise to organize and operationalize CIRTs for long-term success. Consider just three factors for starters:
- CIRT programs have highly specific recruitment requirements: Does your corporate HR department have what it takes to write job descriptions, attract the necessary talent and identify the best candidates?
- CIRT professionals have highly specific training needs – both prior to job start and on an ongoing basis: How are corporate HR and security departments to know who needs what?
- CIRT organizations demand highly specific management skills to keep team members sharp and avoid complacency: Fortunately, critical incidents are rare. Most of the time, nothing happens that requires the team’s immediate response. This doesn’t mean you don’t need a CIRT, of course. When things do go wrong, managers want rock-solid SOPs to kick in immediately. When no incidents occur, managers consistently need to combat complacency and improve team readiness.
4. Cookie-cutter CIRT solutions can be implemented quickly but are rarely sustainable
The knee-jerk reaction to setting up a CIRT is to hire a few people with backgrounds in law enforcement or the military, make sure they’re capable of stopping a shooter, and set up a schedule for when they should be where.
That’s all fine and good but that’s not enough. Just like EP programs, CIRT programs are much more likely to be successful in the long term if they are customized to fit the organization’s culture and operating procedures. This customization obviously includes superficial things like how the CIRT team is dressed (should they fit in or stand out?), but also more subtle things like personality fit and soft skills.
How CIRTs are identified within the organization is important. Some employees will be happy to know that there are highly-trained and well-armed professionals standing by to keep them safe. Others will be appalled: What are these gun-toting goons doing here? Still others will be terrified: If my workplace is unsafe enough to require weaponized response teams, is this company a place I want to work?
CIRT programs can involve almost none or practically all corporate employees. The corporation can choose to keep them in the background or shine a spotlight on them. They can include them in employee-facing activities or not. For example, there are advantages to providing everyone in the organization with safety awareness and critical incident training, but there are also disadvantages.
Sensitivity to company culture and organizational practices is an important foundation of CIRT programs that are built to last.
5. What CIRTs do before and after any incident is also critically important
Just like executive protection, much of what CIRTs do is preventive. Proactive procedures dedicated to identifying potential threats before they actualize – and deterring or pre-empting them before anyone is hurt – are far preferable to responding to live incidents. Team and individual SOPs must recognize this and act accordingly. Training is key.
Consider, for example, key stakeholder’s response protocols in the case of a critical incident. Training in the form of tabletop exercises with key response personnel and decision makers enables responsible individuals to know what to do, what to say, and how to do things if an incident occurs. Smooth and thorough responses to critical incidents help the organization improve business resilience and continuity. Reducing unnecessary chaos, stress, delayed decision-making, and inappropriate/ill-advised communications all saves lives and boosts employee confidence in duty of care.
Similarly, CIRT programs benefit greatly from after-action reviews and analysis. Not only after a critical incident occurs, but also on an ongoing basis when nothing out of the ordinary happens. Managers need to be able to collect and analyze team performance data on a regular basis and use such analyses to correct performance gaps and keep the team focused on what’s important.