Monday, 25 July 2011

The Battlefield has changed


War has changed, in Norway this past weekend the enemy came from within - a Norwegian citizen named Anders…

War was fought on the battlefields, in some far-off land to defend our countries and our principals.  The battlefield in our mind was an open field with soldier verses soldier, tank verses tank, the good guy verses the bad guy. We knew our enemy – they were the men in the other uniform. Our armies and soldiers trained for months, each unit specializing in various weapons and methods of attack. Some were snipers, some were tank drivers and others were explosive experts – today that has all changed, today the enemy is one of our own, born in our country, went to our schools, studied in our universities, worked in our industries and wearing “our” uniform. His training and expertise is from sitting in one place in the privacy of his home learning from the internet and he can choose the battlefield to be in our streets, our homes, our places of work or our public transport.

This change in the battlefield and the transformation of the enemy encourages us to look at how best to protect our civilians; we can no longer only determine the threat as an organization or group – but rather the weapons that they could use and the likelihood of the enemy choosing a specific weapon. The attacks in Norway on the 22 July 2011 were perpetrated by a Norwegian citizen with a Norwegian name – his weapons of choice were a car bomb of a few hundred kilograms made up of fertilizer and diesel fuel and an automatic rifle. With these two weapons he was able to murder more than 90 people and injure at least 100 more. In a country with a population of only five million; this was Norway’s “September 11th
The damage to the government buildings in Oslo was immense, business continuity was affected and the psyche of the Norwegian people was impacted.

The 2011 threat analysis written by the Norwegian Police Security Service (PST) based on Intelligence correctly reports that the threat of a terrorist attack is low, however we can no longer protect our citizens and communities by intelligence alone, we need to study the attack methods of this relatively new type of enemy and use physical security solutions and elements to mitigate the risks. We may not be able to prevent the attack but through the effective integration of protection into the designing of new buildings and upgrading the security of existing buildings, we will be able to mitigate the consequences. Sensitive installations like government buildings and complexes should have adequate physical protection methods which will not only lead to a more robust security but also create a deterrence which can prevent an attack.





The first step towards a safer society is to commission a threat and risk analysis. A threat and risk analysis quantifies and measures the actual threat and risk levels and thereby determines the vulnerability of an organization, building, community center, campsite and population. A threat and risk analysis should typically result in better understanding the challenges and protection requirements; the basis for the protection recommendations and the guide to planning and prioritizing protection measures.

There are many reasons to commission a threat and risk analysis study, but this should and must be the first step to understanding the level of the current protection and vulnerability. A threat and risk analysis will tell the following:
·         Which threats are relevant to the facility and how seriously they should be taken
·         For each of the threats, what are the risks to people and buildings and the continuity of business
·         The vulnerabilities in the current physical security (the building), technology or procedures
·         In which priorities the vulnerabilities should be addressed
·         Perfect vs. Practical protection – How one can improve protection within a budgetary framework.

The Norwegian Threat assessment by the Norwegian Police Security Service (PST) was written some time in 2011 prior to the attacks of 22 July 2011. The assessment refers to terrorism and although it focuses mainly on Islamic extremism, it also covers extreme right wing threats and national extremism which at the time of the writing of this article seems to be the motive for the alleged terrorist.
The analysis states the following:
 “As in previous years, the far right and far left extremist communities will not pose a serious threat to Norwegian society in 2011. However, we have seen an increase in the level of activity within some of these groups during 2010, and some factors may increase this further. If strong leaders emerge in the far right extremist community, this could contribute the strengthening of recruitments to such groups. A stronger bond between Norwegian and foreign far right extremists could also contribute to the radicalization of some groups within the community. Furthermore, the activities of anti Islamic groups could cause confrontations which could contribute to an increased use of violence within far left extremist groups”.



Having intelligence on an actual terror group or organization is not what will determine the protection solutions of the building; it is what means the terrorist chooses to carry out the attack e.g. a car bomb, a placed explosive, a suicide bomber, CBRN and many various other means. We all know they have the intentions – the questions however are which threats are relevant, what are the motivations for an attack, what are the chances of the terrorist succeeding, and what weapons will the terrorist choose to use? In order to evaluate how a terrorist decides on his weapon of choice (the threat) we need to assess various criteria. Suggested criteria could be how easy it is for the terrorist to obtain a weapon, the operational ease and utilization of his chosen weapon, how easy will it be for the terrorist to perform reconnaissance and gather information and how vulnerable and attractive is the target.

The risk (consequence) analysis measures the risk once the attack has been perpetrated, basic criteria relating to the consequences would be damage to the building and the potential of it collapsing, the amount of casualties, the recovery rate, the psychological impact on the citizens and the economic and political consequences.

The above criteria are then analyzed and graded. The grade will represent the level at which the specific threat scenario is considered a risk to the site and will in turn ensure cost effectiveness by defining protection recommendations through examining the expected outputs.

A threat and risk analysis will typically include:
1.      Meeting with local security services to determine the relevant threats for a facility
2.      Collecting data during site visits and interviews. In particular physical and budgetary constraints are identified and discussed
3.      The risks represent the consequences for the structure, people and business once the threat has been carried out, and will be determined as a result of the combined experience of the physical security/blast mitigation consultant and computer modeling and simulation of the threat
4.      Through a system of statistical analysis and weighting, and building on extensive knowledge of the consultant - the list of vulnerabilities in the current facility, systems and procedures will be identified and prioritized.
5.      A detailed report will be written and presented which will summarize these findings. This reports will be the basis for the development of a work plan and budget to implement security recommendations




One of the key advantages to a threat and risk analysis report is its ability to relate to a group of sites where the cost of fully protecting every individual building is prohibitive. By relating to the region as a whole, a threat and risk analysis project allows the highest risk areas to be identified and addressed.

The outcome or objective of the threat and risk analysis is to provide recommendations that maximize the protection of buildings, people, business continuity and integrity while still providing functionality and usability.


 We might not be able to stop the bomb from exploding, but we can certainly mitigate the results