Protecting Soft Targets

​​The following ASIS-curated resources provide details from respected security professionals charged with protecting VIPs, congregations, students, audiences, fans, and shoppers daily. Their combined experiences form a primer for security staffs and employees on how to stay vigilant when faced with crowds and international threats.

To help secure churches, malls, museums, and athletic events—traditional soft targets that attract large gatherings—all of these Security Spotlight resources on protecting soft targets are accessible to both ​members and nonmembers.

» View Past Security Spotlight Topics

Free Resources Available to All

ASIS website account (free) required

Seminar Sessions

Strategies for Securing Soft Targets
Education session from ASIS 2016

Protecting Cultural and Hospitality Venues from
Terrorist Attacks

Education session from ASIS 2016

Securing Soft Targets
Education session from ASIS 2015

Security Management Articles

Five Post Incident Concerns
Article from Security Management, September 2016​

Soft Target Trends
Article from Security Management, September 2016​

Q&A: Soft Targets
Article from Security Management, April 2016​

Planning After Paris
Article from Security Management, March ​2016​

Dynamically Securing Cultural Heritage
Article from Security Management, March 2014

Reducing Risk for Elected Officials
Article from Security Management, February 2011


Risk Management Basics for Off-site Events
Recorded Webinar, December 2016

Soft Target Hardening: Protecting People from Attack
Recorded webinar, October 2015


Security and Crime Prevention Planning; Robbery; Disruptive Incidents: Protestors and Bombs
Selections from Crime Prevention for Houses of Worship, Second Edition

Deterring and Mitigating Attack
Selection from Soft Target Hardening: Protecting People from Attack

Model Event Security Plan
Appendix A, Protection of Assets: Applications

White Papers

Target Hardening Suggestions
compiled by the ASIS Cultural Properties Council

Other Resources

Sources of Information on Protecting Soft Targets
ASIS IRC Reference Guide​

Soft Target Hardening: Protecting People from Attack
Recorded Webinar, October 2015
Sponsored by the ASIS International School Safety & Security Council
Speaker: Jennifer Hesterman, Ph.D.

Following extensive experience protecting high-profile targets while in the military, Hesterman turned her attention to the academic study of soft targets and shares key findings from her studies in this webinar. As part of her research, she spent two years in the Middle East to learn how law enforcement and military officials hardened soft targets. Based on her studies and observations, Hesterman shares her psychological analysis of soft targets, motivations of attackers, and a mitigation model. Acknowledging that individuals can feel emotionally trapped into inaction, she lays out a plan for responding, which includes crisis response training. “You can still strike a balance between normalcy and vigilance,” she said. Hesterman also underscores nine “security truths,” which included the following:

  • Action causes results; inaction causes results.
  • Not seen does not mean not there.
  • Nothing that happened in the past can prepare you for an attack.
  • Plans must be fluid and must constantly be assessed/adjusted based on changes in the environment.

Securing Soft Targets
Seminar Session 2114, September 2015
Speaker: James C. Reynolds, CPP, CLSD, Director of Safety and Security Operations, Chicago Cubs

Now in the middle of a multi-year renovation of the 100-year-old Wrigley Field, Reynolds faces daily challenges, not only because the historic ball park sits in a changing urban environment but also because major league baseball shares his concern for providing a safe and secure venue for players and fans. When looking at soft targets in general, Reynolds separates them into the following degrees of access:

  • Open Access: venues are designed to be open (state fairs, festivals, and places of worship);
  • Soft Access: venues are open and welcoming but have access barriers (hotels, theaters, mass transit);
  • Ticketed Access: visitors are subject to some level of screening (theme parks, sports venues, museums); and
  • Hybrid Access: venues may be open to the public but many areas are restricted (office buildings, colleges, hospitals).

Reynolds contends that each access level requires specific protective measures, including layered security programs, visible and mobile security personnel, and site-specific drills, along with visitor and vehicle management. He believes security measures for soft targets will continue to increase “as long as terrorists seek out easy targets to promote fear.”

Dynamically Securing Cultural Heritage
Security Management, March 2014
Author: Megan Gates, Assistant Editor

The tactics used to secure three world-class museums in have shifted from static security (recovering stolen art) to a fluid response (reducing museum crimes), according to their directors of security. Vernon Rapley, head of security and visitor services for the London’s Victoria and Albert Museum, uses layers of security or a different security presence in a different place each day. “Certain types of objects will be subject to different threats from different criminals,” he says. “We must apply different security to those levels of threats.”

That approach is shared by Gerardo Martinez, director of security and life safety for Chicago’s Shedd Aquarium. To secure an outdoor stingray exhibit after hours, he incorporated physical barriers, sensors, alarms, and video analytics to establish a multilayer solution to keep the exhibit safe. At Amsterdam’s Van Gogh Museum, corporate security manager Dick Drent believes security stems not just from the security department, but from the organization as a whole. “The electrical systems are only there to support the organization when something goes wrong,” he says.

All three support the sharing of information through a web of local, national, and international security networks that focus on alerting the art and museum community to threats and global trends in art crime.

PLUS: “Target Hardening Suggestions” from the ASIS International Cultural Property Council.
  • ​Council members offer short- and long-term approaches, including conducting site surveys and risk assessments, implementing solutions, and employee travel. In summary, the following key points for security personnel are emphasized: be visible, be vigilant, be proactive, and engage all visitors and staff.

Soft Target Hardening: Protecting People from Attack
CRC Press, 2014
Chapter 9: Deterring and Mitigating Attack
Author: Jennifer Hesterman, Ph.D.
Buy the book!

A retired Air Force colonel and counterterrorism expert, Hesterman has made inroads as an instructor and practitioner. Her 321-page book was named the ASIS 2014 Book of the Year, recognized as the first comprehensive work written on the soft target topic. Chapter 9 is a summation of security tactics that can be applied to soft targets, including pre-positioning vehicles, locks, alarms, visitor access and badges, CCTV, and public address systems. She uses examples from recent attacks to show how these tactics were—or were not—used effectively. She discusses a four-pronged approach to emergency preparations, including a hold room for VIPs, a command center for security staff, a medical program, and the ability to shelter in place. The chapter offers specifics for various soft targets, including schools, churches, hospitals, malls, and sports venues. Hesterman also advocates the following two tactics from her military experiences:

  • Red teaming, or the practice of viewing a problem from an adversary’s perspective, which can result in questions about a decision maker’s preferred strategies.
  • Effects-based hardening (EBH), a way to visualize and map out the worst possible scenarios in a facility, focusing on the science (physical barricades) and art (using resources to achieve strategic objectives) of security.
CRC Press is offering a 40 percent discount to Security Spotlight users on related books

Q&A: Soft Targets
Security Management, April 2016
Author: Jennifer Hesterman​, Ph.D.

Jennifer Hesterman, Colonel, U.S. Air Force (Retired), discusses her book Soft Target Hardening, for which a sample chapter is available above​. A powerpoint presentation originally given at ASIS Middle East 2015 is also available. ​

Crime Prevention for Houses of Worship, Second Edition
ASIS International, 2015
Chapter 3: Security and Crime Prevention Planning
Chapter 9: Robbery
Chapter 15: Disruptive Incidents: Protestors and Bombs
Author: Paula Ratliff
Buy the book!

In the 1990s, Ratliff began researching crimes against religious facilities and completed her Master’s thesis on that topic, which lead to the 2001 publication of the first edition of this book with Dr. Chester Quarles. In this second edition, Ratliff updates incidents of crimes committed in houses of worship. However, she asserts, crimes in churches, mosques, synagogues, or temples are often not reported to law enforcement and are rarely discussed publicly, no matter whether the crime is committed by a member or a stranger.

The selected chapters of this 262-page book focus on ways to counter the threat to any house of worship, beginning with a security and crime prevention plan. Ratliff advocates forming a security committee, a partnership between a congregation, local law enforcement, and security professionals, as well as church staff and leadership. A first task of this committee should be to conduct a risk assessment, and Ratliff offers 22 questions for that purpose. The committee and (subcommittees) should also be trained in the policies and procedures in the security plan. The following points are raised in the subsequent chapters:

  • A robbery may occur while the offerings are being counted or transferred out of the building. Always have at least two people in a secured location when money is sorted.
  • A robber wants to get in and out with low risk and a high return of cash. In any incident, stay calm, keep your hands in sight, and try to memorize anything you can about the robber’s features.
  • The profile of a bomber can include a jilted lover or business partner seeking revenge or a home-grown terrorist making a political statement toward a specific individual or ideology.
  • During the risk assessment, identify potential hiding places for explosives. Be diligent in observing persons in the congregation who might intend to harm versus worship.

Protection of Assets: Applications
ASIS International 2011
Appendix A: Model Event Security Plan
Michael E. Knoke, CPP, Managing Editor
Buy the book!

Following a peer review by more than 150 security professionals, academicians, and subject matter experts, each volume of the Protection of Assets provides a comprehensive resource on topics relevant to the security profession. This volume, Applications, covers ways in which security professionals apply strategies and solutions in unique settings.

Chapter 3, Appendix A, provides a model plan that can be used by the security, corporate, and law enforcement teams that must cooperate to ensure success. The following points are stressed:

  • A mission statement and scope should define the purpose of the security operation and delineate duties for specific decision makers with their contact information and chain of command.
  • Event site maps—including schematics of the venue itself as well as its neighborhood and topography—should be included.
  • A review of security communication needs should be distributed so all involved know the appropriate radio frequencies and the need for collar microphones, headsets, and earpieces.
  • Nine additional reports, plans, and inspection reports should be included as attachments.

Sources of Information on Protecting Soft Targets
ASIS IRC Reference Guide

This comprehensive review of articles, papers, books, recorded educational sessions and webinars available through ASIS International can assist security professional charged with protecting or hardening soft targets.

In addition, the Security Database & Library Catalog of the IRC has hundreds of items that address the protection of soft targets. ASIS members should login to this website and go to the IRC library to navigate to the catalog. Search on one of these phrases in the subject field or in the “Words” field: Special Event Security, Museum/Art Security, Religious Facilities Security, and Shopping Center Security. ASIS members may also access Resource Guides compiled by ASIS librarians on these and other relevant topics.

Five Post Incident Concerns
Security Management, September 2016
Author: Hank Nolin, CPP

​On June 12, 2016, a gunman shot 102 people in an Orlando, Florida, nightclub, killing 49. Agencies, both government and private, must be prepared to recover from such major incidents. Read the five issues that should be considered when crafting post-incident plans.​

Soft Target Trends
Security Management, September 2016
Author: Lilly Chapa, Assistant Editor

Hospitality goes hand-in-hand with security in Orlando, where local businesses and attractions see a constant flow of tourists from all over the world. And at the Dr. Phillips Center for the Performing Arts, which hosts events ranging from Broadway shows to concerts to community education and events, a new security director is changing the culture of theater to keep performers, staff, and visitors safe.​

Planning After Paris
Security Management, March 2016
Author: Holly Gilbert Stowell, Assistant Editor

When a disaster occurs, crisis and continuity plans are thrown into flux, no matter how soundly they have been written or practiced by a business. In the case of a terror attack, the added stress of violence and shock pose serious challenges for companies as they scramble to ensure that employees are safe. And on many unfortunate occasions, employees must deal with the painful loss of coworkers and friends. ​​​

Risk Management Basics for Off-site Events
Recorded Webinar, December 2016​
Produced by Security Management
Speaker: Bob Howell, Global Operations Incident Manager, iJET International

Executive off-site events, corporate meetings and industry conferences are high-profile investments for every type of organization. While such events present novel challenges for most organizational leaders, security professionals are uniquely charged with ensuring the same standard of risk management they ordinarily deliver in the headquarters environment. Safeguarding life safety, proprietary products and information, and the corporate brand are essential challenges that are posed in a wide variety of conditions.

Strategies for Hardening Soft Targets
Seminar Session 3211, September 2016
Robert Carotenuto, PSP, PCI, PCI, CPP, PSP, The New York Botanical Garden
Andy Davis, CPP, Trident Manor
Stevan Layne, CPP, Layne Consultants International
James McGuffey, PCI, CPP, PSP, A.C.E. Security Consultants
Ron Ronacher Jr., PSP, Arup Resilience, Security and Risk

The 2015 shooting at the Emanuel AME church in Charleston, SC, and the Paris attacks illustrate that these risks must be assessed properly by security professionals responsible for the safety of cultural properties and hospitality venues. Improvements to physical security can reduce the likelihood and impact of certain attacks, but not all. Review the changing tactics employed by terror organizations and the Attack Cycle. Through case studies, learn about specific cultural and hospitality venue threats and the risks they pose. Consider strategies to mitigate these risks, including situational awareness training, surveillance detection programs, and robust crisis management practices.



Protecting Cultural and Hospitality Venues from Terrorist Attacks
Seminar Session 2108, September 2016
Speaker: Andy Davis, CPP, Trident Manor


Cultural and hospitality venues around the world will always be vulnerable to terrorist attacks. While improvements to physical security can reduce the likelihood and affect of a particular attack type, they cannot protect against all attack methods. Discuss the changing tactics used by international terror organizations and review the "attack cycle." Through case studies, explore specific cultural and hospitality venue threats and the risks. Review options for reducing and managing these risks, including situational awareness training, surveillance detection programs, and crisis management practises.