The title threw me off, because I know that schools in the U.S. haven’t experienced 180 active shooter events in the past decade.
You see, there’s a difference between an active shooter event and a random act of crime that happens to involve firearms. The article had combined the two incidents to create an emotional response from the reader. This is unfortunate because key decisions are sometimes made based on emotional responses to events, and our emotions are often twisted by the misinformation found in articles like the one I had read.
I don’t write this to bash the media outlet that posted the article, nor am I suggesting that we shouldn’t address the risks associated with an active shooter event. My intent is to provide private schools with several key points that should be considered before they decide on what physical security measures to implement.
Every private school possesses a number of critical assets, including students. Critical assets are defined as anything that has a positive value to its owner, and if compromised, creates an unacceptable risk. Assets generally fall into five categories:
(5) expensive equipment
If you manage a private school, you manage a business and you manage information. Some of that information includes data about your students, parents and guardians. This might include social security numbers, bank account numbers, email addresses, and driver’s license numbers. There are also numerous federal statutes that require you to protect that information.
A friend of mine manages security at a private, Christian school. The school refused to have a burglar alarm system installed. Not because of cost, but because they believed it would be an inconvenience for the staff to arm and disarm the system at the beginning and end of the school day. Inevitably, the school was burglarized one morning. The perpetrator was able to enter the building, remove a safe from the school, load the item into his car, and leave the property undetected. The safe contained the personal information of a large number of parents. Luckily for the school, the burglar also removed an iPad during the theft. Later in the day the genius turned the device on, and the police were able to track and locate him. An arrest was made and everything was recovered before becoming compromised. If the burglar had sold the information, the school could have been responsible for the breach. You can bet they installed an alarm system soon afterwards!
An active shooter is not the only threat facing your assets. In fact, the likelihood of an active shooter event is quite low. Remember the article I mentioned at the beginning of this article? There may have been 180 school shootings in the past 10 years, but not all of them were active shooter incidents.
According to data from the Federal Bureau of Investigation (FBI), there were 38 active shooter incidents in U.S. schools (K- 12) from 2000- 2018. According to the National Center for Education Statistics, in 2015- 2016 there were 98,277 public schools, and 34,576 private schools in the United States.
38 attacks in 18 years out of 132,853 total schools, and out of those 38 targeted schools, not one active shooter event occurred at a private school.
Yes, you do need to protect your school against an active shooter event, but these types of incidents have a low probability of occurring.
Adversaries look for your weaknesses so they can get your assets, and weaknesses can result from faulty equipment, the location of people, personal behavior, and operational practices. What do you have in place and how effective is it at protecting the asset?
One private school I worked with directed a lot of resources toward an electronic access control system. Card readers were placed on the majority of the external doors of the school, and all teachers, faculty and staff were issued access cards. However, the school’s everyday practices created a number of vulnerabilities. There were a couple of doors that had mechanical issues, causing some of the doors to hang open. The problem was apparent, but it was overlooked. About a year after installing the electronic system, two trespassers discovered an open door in the back of the school. They entered the school and walked around, stealing several Apple devices without detection. They were later caught and charged with theft, but it could have been much worse. They not only gained access to expensive equipment, but also to a large number of unsuspecting students. An overlooked weakness in the system created a vulnerability that could have resulted in an unacceptable risk.
The moral of the story?
Fix your weaknesses.