A 40-year-old man went on a stabbing rampage April 13 at a crowded shopping mall in the suburbs of Sydney, Australia, a viscous attack that left six shoppers dead and another 12 injured. The tragedy underscored the challenge of predicting and preventing random attacks in spaces open to the public; however, while difficult, “soft targets” must still do what they can to protect patrons and staff. This article shares the measures that companies are taking, advice for strategically approaching the challenge of funding protection against rare but high-consequence security events, and research showing how a close relationship with a security supplier not only leads to better outcomes but can also save money.

‍Key Points

• To enhance security of publicly available spaces, global organizations are focusing on better coordination between corporate and site-level management; opening communication channels with law enforcement; and providing tools and training so public-facing employees are better equipped to react to crisis events.
• Random violence can be hard to budget for, but some security measures can also lower energy costs, some can reduce costs from employee injuries, and a study proved that forging a collaborative relationship with security vendors yields cost savings, reliable delivery, and higher quality.
• To forge more collaborative relationships with security vendors, operations personnel must have sufficient power in the procurement process, the research study insists.

What are Organizations Doing to Protect Against Random Public Attacks?

The question of how operators might reasonably enhance security in open spaces always takes on urgency after high-profile events, like the stabbing rampage in April at a Bondi shopping center. Mass killings are rare in Australia, so the event sparked significant discussion of security measures, including an announcement by the New South Wales government that it will conduct a review of the weapons security guards in crowded places such as shopping centers and hospitals will be allowed to use.

The Ligue previously outlined guidance for strategic hardening of soft targets, including creating security plans for ramping-up security quickly in the face of enhanced risk. For a complete list of recommended practices, see “Data on Mass Shootings Suggests the Problem is Global—Key Actions to Reduce Risk.”

We also consulted large international retail organizations and shopping centers to learn what they’ve done to address growing safety risks. One global retailer, for example, said training and support are at the center of their approach to enhancing safety. “We've increased the frequency of training and began role-playing critical incidents, and I think it has helped,” said the company’s vice president of asset protection. “We also have an emergency readiness app that takes you through critical situations and how to respond.”

Interviews identified a wide range of activities to address risk to patrons and public-facing employees. Global retail organizations said they are:

• Improving communication between the corporate level and stores/employees to better understand and coordinate store-level measures to reduce the threat of violent attacks.
• Forging public safety partnerships with law enforcement to disrupt violent gangs and strengthen communication channels.
• Implementing and promoting programs that provide counseling and support to employees in the wake of an incident.
• Clarifying when and what information a security operations center (SOC) should include in an alert to the field about threat information that is not immediately actionable.
• Contracting for real-time monitoring of social media channels to identify potential indicators of attacks.
• Making investments in technology platforms to simplify the reporting of crimes by stores to corporate management and to exchange threat information with stores.
• Contracting and hiring experienced personnel to more effectively liaison with police and city leaders.
• Enhancing community outreach and leveraging community resources where applicable, recognizing that safe communities and safe stores go together, and that stores and shopping areas can be part of community violence reduction solutions.
• Promoting and supporting industry efforts that enable operators in public spaces to work together, share threat information, aggregate data, conduct investigations, and jointly identify effective solutions.
• Educating law enforcement on trends in the risk to public safety from shop violence.

What Else Can Organizations Do to Effectively (and Affordably) Enhance Protection?

There is obvious difficulty in protecting spaces where the public can freely come and go, and taking measures that are both effective and affordable is no easy task. Case in point: After a 2012 shooting rampage that killed 12 people inside a movie theater in Aurora, Colorado (US), several multiplex theaters toyed with the idea of installing and manning metal detectors at theater entrances, but consultant reports explained that such a move would cost hundreds of thousands of dollars annually and would not eliminate the threat, noting an attacker might then see a line of patrons at metal detectors as easy targets.

The prospect of deploying costly security solutions that fail to substantially alter risk is something that can cause retailers and mall operators to resist investing in security. Still, the threat to public safety demands action. So, what can public-facing organizations do?

Some retailers suggest starting with opportunities where cost-savings and security go hand in hand. For example, one of the world’s largest international retailers announced plans to replace all fluorescent fixtures with LED lighting in stores and parking lots. The result will enhance security through better lighting and lower energy costs by $200 million annually.

Following the tenets of Crime Prevention Through Environmental Design (CPTED) is also an effective strategy, allowing retail organizations to spend on security measures that pay for themselves by reducing staff injuries. Retail work is dangerous relative to other jobs for no other reason than external violence, but the Centers for Disease Control in the US says that retail establishments that implement CPTED programs experience a 61% decrease in injuries from external violence, according to its Dec. 2021 research brief.

Companies can also enhance security by examining their security vendor relationships, which was the focus of a 2018 Perpetuity Research report, “The Barriers to Effective Buyer-Supplier Relationships in the Security Sector.” 

The study makes the point that a close relationship with a security supplier not only leads to better outcomes, but it can also save money.

“In collaborative relationships…there is often some form of interdependence. Buyers typically engage in these long-term relationships with a few select suppliers, with whom they establish high levels of trust,” the report explains. “Compared to transactional relationships, the benefits of these types of relationships include enhanced communication, costs savings, reliable delivery, higher quality, and greater flexibility.”

The report warns against allowing cost-control initiatives to dominate a relationship with security suppliers. “When an opportunity to reduce costs presents itself parties can jump on these opportunities in a way that undermines their relations with each other, with adverse consequences for levels of trust and cooperation,” the report warns.

Said one director of global security, “You should always require your supplier to sharpen the pencil but don’t make them regret the relationship.” A divisional loss prevention manager was more forceful: “Are you going to be able to get what you are looking for if you keep drilling on price? … They need to make a profit too. You can’t keep screwing the supplier,” he said.

It’s not a surprise that focusing on finances can be a significant source of conflict between security suppliers and end-users. The report identified cost issues as the top barrier to buyer-supplier relationships, with 74% expressing the opinion that buyers are ‘frequently’ or ‘always’ too focused on price over quality.

But price is always a concern, and there are ways that buyers of security services can control costs without chasing the lowest price in a way that sparks a rush-to-the-bottom in terms of service level.

One way, suggests the Perpetuity Research study, is to truly understand your own security needs. When a buyer does not fully map its needs, or misunderstands them, it is unlikely to get the best fit and it becomes difficult to manage costs effectively.

Another way, the report suggests, is for operations personnel to have sufficient power in the procurement process. If they are only brought in after the fact, some costs associated with how the service will be utilized may be ignored in the contract phase. Organizations may also pay a hidden price for their lack of involvement. “It can mean risks not being properly identified and mitigated and even in the buyers incurring additional costs to correct errors, let alone the inherent cost of having inadequate security in the first place,” according to the study.

Finally, organizations may want to review the composition of their security team. Survey respondents suggested that having staff members who are former suppliers is often valuable during negotiations and for assessing suppliers’ expertise.

‍