Skip Navigation LinksASIS International / About ASIS / Who We Are / What's New / Soft Target and Active Shooter Resources

Soft Target and Active Shooter Resources

​​​​​​Terrorists are now routinely targeting citizens where they play, shop, meet, and relax. The cumulative result is an attack on civilized society​ and values and on fundamental human dignity.

In light of this trend, ASIS has made available many of its materials on active shooters and protecting soft targets--including white papers, articles, webinars, and book chapters. The following ASIS-curated resources provide details from respected security professionals charged with protecting VIPs, congregations, students, audiences, fans, and shoppers daily. ​Please share this page with those who would benefit from the information.

Protecting Soft Targets and Active Shooter Resources 

ASIS website account (free) required

Soft Target Hardening: Protecting People from Attack
Recorded webinar, October 2015

Securing Soft Targets
Education session from ASIS 2015

Dynamically Securing Cultural Heritage
Article from Security Management, March 2014

Target Hardening Suggestions
Compiled by the ASIS Cultural Properties Council

Deterring and Mitigating Attack
Selection from Soft Target Hardening: Protecting
People from Attack

Active Sh​ooter: Preparing and Responding
​to a Growing Threat

Recorded Webinar, November 2015

Active Shooter: White Paper
Compiled by the ASIS School Safety and Security Council

Active Shooter: A Handbook on Prevention
Joshua Sinai, Ph.D
Chapter: Preparing an Emergency Response Plan and
Chapter: Self-Assessment Checklist for Organizational Preparedness

Active Shooter and Workplace Violence Exercise
Appendix D, Active Shooter
Kevin Doss, CPP, PSP​

Security and Crime Prevention Planning; Robbery; Disruptive Incidents: Protestors and Bombs
Selections from Crime Prevention for Houses of Worship, Second Edition

Model Event Security Plan
Appendix A, Protection of Assets: Applications

Sources of Information on Protecting Soft Targets
ASIS IRC Reference Guide​

Social Media Monitoring for Corporate Security Professionals
Education session from ASIS 2014

Security and Emergency Preparedness
Recorded Webinar, March 2013​

Soft Target Hardening: Protecting People from Attack
Recorded Webinar, October 2015
Sponsored by the ASIS International School Safety & Security Council
Speaker: Jennifer Hesterman, Ph.D.

Following extensive experience protecting high-profile targets while in the military, Hesterman turned her attention to the academic study of soft targets and shares key findings from her studies in this webinar. As part of her research, she spent two years in the Middle East to learn how law enforceme​nt and military officials hardened soft targets. Based on her studies and observations, Hesterman shares her psychological analysis of soft targets, motivations of attackers, and a mitigation model. Acknowledging that individuals can feel emotionally trapped into inaction, she lays out a plan for responding, which includes crisis response training. “You can still strike a balance between normalcy and vigilance,” she said. Hesterman also underscores nine “security truths,” which included the following:

  • Action causes results; inaction causes results.
  • Not seen does not mean not there.
  • Nothing that happened in the past can prepare you for an attack.
  • Plans must be fluid and must constantly be assessed/adjusted based on changes in the environment.

Securing Soft Targets
Seminar Session 2114, September 2015
Speaker: James C. Reynolds, CPP, CLSD, Director of Safety and Security Operations, Chicago Cubs

Now in the middle of a multi-year renovation of the 100-year-old Wrigley Field, Reynolds faces daily challenges, not only because the historic ball park sits in a changing urban environment but also because major league baseball shares his concern for providing a safe and secure venue for players and fans. When looking at soft targets in general, Reynolds separates them into the following degrees of access:

  • Open Access: venues are designed to be open (state fairs, festivals, and places of worship);
  • Soft Access: venues are open and welcoming but have access barriers (hotels, theaters, mass transit);
  • Ticketed Access: visitors are subject to some level of screening (theme parks, sports venues, museums); and
  • Hybrid Access: venues may be open to the public but many areas are restricted (office buildings, colleges, hospitals).

Reynolds contends that each access level requires specific protective measures, including layered security programs, visible and mobile security personnel, and site-specific drills, along with visitor and vehicle management. He believes security measures for soft targets will continue to increase “as long as terrorists seek out easy targets to promote fear.”

Dynamically Securing Cultural Heritage
Security Management, March 2014
Author: Megan Gates, Assistant Editor

The tactics used to secure three world-class museums in have shifted from static security (recovering stolen art) to a fluid response (reducing museum crimes), according to their directors of security. Vernon Rapley, head of security and visitor services for the London’s Victoria and Albert Museum, uses layers of security or a different security presence in a different place each day. “Certain types of objects will be subject to different threats from different criminals,” he says. “We must apply different security to those levels of threats.”

That approach is shared by Gerardo Martinez, director of security and life safety for Chicago’s Shedd Aquarium. To secure an outdoor stingray exhibit after hours, he incorporated physical barriers, sensors, alarms, and video analytics to establish a multilayer solution to keep the exhibit safe. At Amsterdam’s Van Gogh Museum, corporate security manager Dick Drent believes security stems not just from the security department, but from the organization as a whole. “The electrical systems are only there to support the organization when something goes wrong,” he says.

All three support the sharing of information through a web of local, national, and international security networks that focus on alerting the art and museum community to threats and global trends in art crime.

PLUS: “Target Hardening Suggestions” from the ASIS International Cultural Property Council.
  • ​Council members offer short- and long-term approaches, including conducting site surveys and risk assessments, implementing solutions, and employee travel. In summary, the following key points for security personnel are emphasized: be visible, be vigilant, be proactive, and engage all visitors and staff.

Soft Target Hardening: Protecting People from Attack
CRC Press, 2014
Chapter 9: Deterring and Mitigating Attack
Author: Jennifer Hesterman, Ph.D

A retired Air Force colonel and counterterrorism expert, Hesterman has made inroads as an instructor and practitioner. Her 321-page book was named the ASIS 2014 Book of the Year, recognized as the first comprehensive work written on the soft target topic. Chapter 9 is a summation of security tactics that can be applied to soft targets, including pre-positioning vehicles, locks, alarms, visitor access and badges, CCTV, and public address systems. She uses examples from recent attacks to show how these tactics were—or were not—used effectively. She discusses a four-pronged approach to emergency preparations, including a hold room for VIPs, a command center for security staff, a medical program, and the ability to shelter in place. The chapter offers specifics for various soft targets, including schools, churches, hospitals, malls, and sports venues. Hesterman also advocates the following two tactics from her military experiences:

  • Red teaming, or the practice of viewing a problem from an adversary’s perspective, which can result in questions about a decision maker’s preferred strategies.
  • Effects-based hardening (EBH), a way to visualize and map out the worst possible scenarios in a facility, focusing on the science (physical barricades) and art (using resources to achieve strategic objectives) of security.

Crime Prevention for Houses of Worship, Second Edition
ASIS International, 2015
Chapter 3: Security and Crime Prevention Planning
Chapter 9: Robbery
Chapter 15: Disruptive Incidents: Protestors and Bombs
Author: Paula Ratliff

In the 1990s, Ratliff began researching crimes against religious facilities and completed her Master’s thesis on that topic, which lead to the 2001 publication of the first edition of this book with Dr. Chester Quarles. In this second edition, Ratliff updates incidents of crimes committed in houses of worship. However, she asserts, crimes in churches, mosques, synagogues, or temples are often not reported to law enforcement and are rarely discussed publicly, no matter whether the crime is committed by a member or a stranger.

The selected chapters of this 262-page book focus on ways to counter the threat to any house of worship, beginning with a security and crime prevention plan. Ratliff advocates forming a security committee, a partnership between a congregation, local law enforcement, and security professionals, as well as church staff and leadership. A first task of this committee should be to conduct a risk assessment, and Ratliff offers 22 questions for that purpose. The committee and (subcommittees) should also be trained in the policies and procedures in the security plan. The following points are raised in the subsequent chapters:

  • A robbery may occur while the offerings are being counted or transferred out of the building. Always have at least two people in a secured location when money is sorted.
  • A robber wants to get in and out with low risk and a high return of cash. In any incident, stay calm, keep your hands in sight, and try to memorize anything you can about the robber’s features.
  • The profile of a bomber can include a jilted lover or business partner seeking revenge or a home-grown terrorist making a political statement toward a specific individual or ideology.
  • During the risk assessment, identify potential hiding places for explosives. Be diligent in observing persons in the congregation who might intend to harm versus worship.

Protection of Assets: Applications
ASIS International 2011
Appendix A: Model Event Security Plan
Michael E. Knoke, CPP, Managing Editor

Following a peer review by more than 150 security professionals, academicians, and subject matter experts, each volume of the Protection of Assets provides a comprehensive resource on topics relevant to the security profession. This volume, Applications, covers ways in which security professionals apply strategies and solutions in unique settings.

Chapter 3, Appendix A, provides a model plan that can be used by the security, corporate, and law enforcement teams that must cooperate to ensure success. The following points are stressed:

  • A mission statement and scope should define the purpose of the security operation and delineate duties for specific decision makers with their contact information and chain of command.
  • Event site maps—including schematics of the venue itself as well as its neighborhood and topography—should be included.
  • A review of security communication needs should be distributed so all involved know the appropriate radio frequencies and the need for collar microphones, headsets, and earpieces.
  • Nine additional reports, plans, and inspection reports should be included as attachments.

Sources of Information on Protecting Soft Targets
ASIS IRC Reference Guide

This comprehensive review of articles, papers, books, recorded educational sessions and webinars available through ASIS International can assist security professional charged with protecting or hardening soft targets.

In addition, the Security Database & Library Catalog of the IRC has hundreds of items that address the protection of soft targets. ASIS members should login to this website and go to the IRC library to navigate to the catalog. Search on one of these phrases: Special Event Security, Museum/Art Security, Religious Facilities Security, and Shopping Center Security. 


Security and Emergency Preparedness
Recorded Webinar, March 2013
Sponsored by the ASIS International Commercial ​Real Estate Council and BOMA International

Speakers: Carlos Villarreal, CSP, senior vice president, SecurAmerica, LLC, Commercial Real Estate;
LaNile Dalcour, security director, Brookfield Properties.

The speakers explore how two types of emergencies affect a business and its employees: workplace violence, specifically active shooter incidents, and natural disasters, specifically Hurricane Sandy.

Noting that there had been twenty mass shootings per year between 1976 and 2011 and in light of recent high-profile incidents, the speakers presented a five-step response plan that employees should follow when coping with an active shooter situation, including “take note of the two nearest exits in any building,” and “if you are in an office, stay there and secure the door.” They also discussed how a weather emergency can affect all phases of a business, including its revenue, reputation, and vendors as well as its employees and their families.

A key factor in both types of incidents is a business continuity plan that focuses on the company’s access control system, which must be up to date to account for employees during an emergency. Villarreal and Dalcour recommend the following access control best practices:

  • Conduct internal audits monthly to ensure that the system is functioning to the manufacturer’s specifications.
  • Audit card numbers monthly to look for duplicates.
  • Distribute quarterly employee rosters to tenants for updating.
  • Purge the database quarterly.​ ​


​​Social Media Monitoring for Corporate Security Professionals

Seminar Session 2310, September 2014
Speakers: Phil Harris, CEO and Founder, Geofeedia
Richard Woods, Senior Project Manager, Microsoft Intelligence Operations
Filippo Marino, Director of Intelligence & Executive Protection, Global Safety & Security, McDonald's Corporation

This session focuses on how to acquire actionable information from social media in a timely manner so security or law enforcement can intervene. The very nature of social media, the speakers contend, provides rich data because people use it to share both positive and negative posts and videos in real time. Because smart phones hav​e geo-location markers embedded in them, others can not only tell who is sending the messages but also where they are. While marketers have used this data for years, security vendors and professionals are now recognizing the value of these location-specific monitoring tools for gathering a vast amount of information missed by traditional media sources. This real-time information can be invaluable for executive protection, intelligence, and investigations. The speakers also discuss the following cautions:

  • How can this information be leveraged, who will collect it, and where will it be stored?
  • What elements of the information really matter to security and the C-suite?
  • Who will take the time to truly understand new technologies and their limitations?​