Building a Culture of Security
As security professionals, we face a constant battle. Famously put by the IRA in the aftermath of their foiled assassination attempt of Margaret Thatcher: “Today we were unlucky, but remember we only have to be lucky once – you will have to be lucky always.” That alone is a constant, uphill battle. It helps us when everyone is an extra eye out there. This isn't building a "snitching culture." A robust security presence is a great deterrent, obviously, but having dedicated employees (as well as vendors and tenants, depending on your business) makes the job much much easier: the Pulse Nightclub terrorist scouted several locations, to include Disney World and another downtown Orlando nightclub, but discovered security was too tight. Security and ticketing employees at Disney World made contact with him and that is directly credited with him abruptly changing his plans and looking for softer targets.
A nightclub poses an ideal target because most of its occupants are in various states of sobriety, and the few employees there are overwhelmed with servicing guests' needs. Often operating on thinner margins, they may sacrifice some security for overall profit. This can have disastrous consequences, and did. Not only in Orlando, but in Paris, Bali, and in various fights and gang-related incidents throughout the United States. However, the more eyes are alert, the larger the culture of vigilance, the better off we are as individuals, businesses, and a society.
Vigilance is natural. It's been the norm for the specie for millennia. The relaxed state of the world that people want to live in is symptomatic of how good we have it. Most of the world still lives in a culture of vigilance. Don't go there, don't trust that guy, what does this lady want from me, where'd her friend go...
Vigilance isn't about extreme and unlikely possibilities. It's about being alert for very real possibilities. Hypervigilance is just that: vigilance on steroids, without control, and very near to paranoia. Perhaps it can best be described this way:
“Vigilance is natural; hypervigilance is destructive.” Dr. David Grand, creator of Brainspotting
Hypervigilance prevents you from going out for a walk, or to the movies, because something bad happened to someone somewhere, and maybe just maybe it could happen to you. Vigilance is simply: there's a risk, I have to live, I'll make sure I stay alert, and I'll stay alive. Burying your head in the sand is ignorant, willfully or otherwise. Worse than complacent, worse than apathetic, even. So we as security professionals, whether public or private, have to foster the culture of vigilance. It doesn't mean paranoia, but it requires some uncomfortable growth from people who would otherwise choose to not ignore it. On the part of the audience (client, colleague, coworker, employee, etc.) it involves "cowboying up" -- which is clearly easier said than done. Simply put, we have a responsibility to not walk out of a room because a training scenario makes us a little uncomfortable, or even triggered. We don't grow without discomfort (for better or worse). The best way to face the discomfort of, for example, active shooter training is to participate, to engage.
The challenge for security professionals is facilitating that growth, nurturing the instincts we all have deep within our DNA into a culture of vigilance, to bridge the gap, which will help us get better in our field as well because, as I said before, good ideas for innovation can come from anybody.