Threat/Hazard | Vulnerability

7 Best Practices When You’re Preparing for An Active Shooter

June 21, 2021 | 6 min read
Police lights

There are few security threats more terrifying than an active shooter incident at your place of business. Frightening as it is, it’s a reality that business owners should be prepared for.

This year, after a year of lockdown and stress caused by the pandemic, mass shootings — defined as the shooting of four or more people – are on the rise. As of this writing, The Gun Violence Archive, an online archive of gun violence incidents, reports 232 mass shootings in 2021. As a result of those shootings, 252 people were killed and 940 were injured. Gun sales have also skyrocketed — 5.5 million guns were sold in the first three months of 2021, more than in any other three-month period since records of background checks started being kept in 1999.

However, despite the increasing prevalence of active shooters in the U.S., many companies are unprepared for an incident. Part of that unpreparedness may stem from an “it could never happen here” attitude, but some may also come from a feeling of helplessness — active shooters are often impossible to prevent. You may not realize an employee is disgruntled until it’s too late, you can’t necessarily predict that a domestic abuser may follow an employee to work, and it’s impossible to know if an angry one-star rating will turn into a dangerous situation for you and your workers.

While it’s not always possible to prevent a shooter from targeting your organization, there are some best practices you can adopt to keep your employees safe and mitigate damage to your business.

Limit access to your business

Do you know who is on site? An access control system requiring employees to swipe a badge is the first step in preventing a threat.

While limiting access is a good first step, it’s often not enough. Active shooters who target closed places of business are often current or former employees, or they have a relationship with one of your employees. Take the FBI’s 2018 report — four of the gunmen in last year’s workplace incidents were employees, while two had grievances against the businesses.

Badges, keys, cameras, and security guards won’t help if your active shooter is supposed to be in the building. (You’re also up against human error — employees on their way to work may hold the door for the person behind them or someone may prop a door open. This is known as tailgating or piggybacking.) However, if you’re facing an outside threat like an unhappy customer, strong access control is business’s best friend.

You may also want to invest in new countermeasures that can be used to identify weapons without alarming your employees with a metal detector. Systems like Patriot One Technologies, Patscan System, can provide a layer of protection at your access points by detecting weapons before they’re used against you.

Train your employees

Your employees need to know how to respond if a shooter enters your site. To ensure that your workforce — and anyone else on site — is safe, invest in a civilian active shooter training program.

There are a variety of systems and trainings that can help keep your employees safe, such as ALICE or ADD, but they all have more or less the same steps, such as alerting employees to a threat and making sure employees are out of harm’s way.

You may choose an existing system or develop one that fits your organization’s needs. As long as your employees know what’s expected of them during an incident, it doesn’t matter which you choose. You should, however, work with a security consultant who can help you choose the best system for you.

Host a tabletop exercise

No one wants to talk about an active shooter, which is why it’s vital that you do. Plan a tabletop exercise — a meeting in which you discuss possible threats and what your company can do if a threat occurs.

This meeting should include as many stakeholders as possible: company leadership, union representatives, members of your legal and security teams, law enforcement, emergency services, security consultants, and even members of the press.

Tabletop exercises are the single most important thing you can do to prepare for an incident. You’ll learn police and emergency services’ procedures for active shooters, and they’ll get to know your team and your site. Security professionals can point out security options you might not have considered on your own, such as mantrap systems that contain a shooter, or fogger systems that reduce visibility around a shooter.

But the most important thing about tabletop exercises is that they get you talking about what might happen if an active shooter targeted your site. Once you start talking, you can start creating a plan.

Know your assumptions

Once you begin planning, it’s important to understand what your assumptions are about a threat so that everyone is on the same page. Outline your assumptions before the assessment. Who do you think the shooter will be? An insider with access to the site? An outsider who is likely to come in through the main entrance?

Once you know what the most likely threat is you can start planning to deal with the threat in a detailed way.

Create a recovery plan

If a shooter does target your place of business, you should prepare to manage the incident’s aftermath. Make sure your business has the following in place before an incident occurs:

  • A spokesperson/Public Relations Officer - You’ll need someone to speak to the press in the wake of an incident. Your spokesperson will be the voice of your company.
  • A hotline - Your employees’ families will be worried about them. To keep them from arriving at your site while police are responding to an attack, provide a hotline family members can call for information.
  • An incident command center - Designate an area, such as a conference room, as your incident command center so that leadership can quickly make decisions as a team. When the center is activated, it can be set up with phones, computers, equipment and clearly labeled tables for each major department.


Understand mass shooting contagion

The media often refers to mass shootings that occur one after the other as “copycat crimes'' but it’s important to understand that although multiple incidents of mass shootings are related, they are not copycats. What our country is experiencing right now has another name: mass shooting contagion.

Mass shooting contagion refers to the effect of media coverage of active shooter events and the potential increase of similar events. It’s an extension of a psychological phenomenon called behavioral contagion or social contagion, in which people mimic behavior they’ve recently been exposed to. When new shooters become active after a well-publicized mass shooting, they are often already considering a mass shooting. A recent shooting removes a physiological barrier for them, making it possible for them to initiate their own shooting incident.

While it’s often difficult to predict or stop a mass shooter, keep an eye on your employees’ mental health and encourage care before a desperate person reaches for a firearm. The U.S. is currently suffering from an epidemic of mental illness, one that has only worsened over the past year and a half of the COVID-19 pandemic. According to the Centers for Disease Control (CDC), last June, 40% of U.S. adults admitted to struggling with mental illness and substance abuse. Of those surveyed, 31% reported anxiety and depression, while 11% reported seriously considering suicide.

Learn more: Why active shooters are not copycats

Have your site assessed

Even if you think you’ve covered all your bases, it’s important to bring in a security professional to do a site assessment. Often a third party may see something you’ve missed. Security consultants can also review your site and make recommendations tailored to your organization’s needs. They may know of new countermeasures that will help prevent loss of life during an attack, for example.

The fact is, every organization should have its own best practices. A good security consultant can help you find yours.

What improvements do you need to make to your security? Learn more by subscribing to our blog.


Are you ready to improve your organization’s risk resiliency?

Book a Demo to See Circadian Risk In Action.
Request a Demo