The recent car bomb that exploded immediately in front of BBC Television Centre in London (‘News’, SMT, April 2001, p7) has again focused security managers’ attention on the threat posed by incendiary devices.
Add this particular incident to the numerous letter/parcel-based devices constantly being sent by animal welfare organisations – or individuals sympathetic to their cause – and it’s plain to see that the risk must be taken very seriously indeed.
Risk assessments are the very bread-and-butter of SDS’ business. We never overlook them, nor downplay them. We are continually carrying out threat assessments and risk analyses ‘in the field’ and, as a security manager, you’d rightly expect us to be enthusiastic and rigorous in our endeavours. That said, why should you pay much attention to the counter-terrorism issue? The answer could well lie in the fact that this is an issue primarily concerned with Health and Safety law, not pure security. As a manager, the Government’s Health and Safety legislation has much bigger teeth, and a larger stick with which to beat you.
However, in a great many organisations bomb threat procedures are considered to be a security issue, and as such will be delegated to the security manager. Of course, the pages of SMT attest to the fact that managers have many other variables to contend with on a daily basis. Bomb threats do not occur daily – at least not on the UK mainland – and so it’s regarded as a relatively low priority. For most organisations – the BBC included – being an actual target is low risk. When a company is targeted, however, the after-effects can be dramatic to say the least.
In essence, it’s what we at SDS would term ‘low risk:high impact’, whereas petty theft (for example) would be construed as being ‘high risk:low impact’. Putting effort and resources into low risk areas is always difficult to substantiate to the corporate powers-that-be.
A further component is, of course, cost. It’s a popular misconception among clients and their security teams that bomb threat counter measures are a high cost consideration. They can be if you are also prone to high risk, but at low risk that’s simply not the case.
Motivation and impact
The motives of bombers are many and varied. Often they are intent on causing maximum damage to commercial property (the 1996, fertilizer-based blast in London’s Docklands and the 1993 targeting of the Bishopsgate area in the City being prime examples), while devices might also be planted with the sole intention of causing injury, or even death (the 1999 Soho nail bombing at the Admiral Duncan pub readily springs to mind here).
Bomb impact can involve purely physical damage to structures (see ‘Bombs, bullets and bags: ten milliseconds in the life of a bomb’), disruption to business, adverse publicity and – in the worst case scenario – possible injury or even the death of members of staff.
These days, security managers also need to be aware of litigation. This can severely impact on a business, and those individuals in key positions who have a defined responsibility to staff and visitors alike. If a person is unnecessarily injured – either physically or mentally – they will have no hesitation but to sue, particularly as there are so many ‘legal beagles’ out there ready and willing to offer their services on a ‘no win, no fee’ basis.
Most security managers will be aware of their Duty of Care under Section 2 of the Health and Safety at Work Act. The difficulty when referring to a bomb threat is what is ‘reasonably practicable’ in providing that duty.
As far as the after-effects of incendiary devices are concerned, ignorance is no longer bliss. There have been more than enough examples to demonstrate all-too-graphically what can happen in reality. With vehicle bombs there’s very often huge amounts of glass fragmentation spread over wide areas. Sports bags containing nail bombs can lead to horrific injuries, so too smaller devices planted in postal tubes or torches.
If we were to try and put all of this into perspective, there’s no need to look any further than an excellent Home Office pamphlet entitled ‘Bombs: protecting people and property’. Now in its fourth edition, the pamphlet draws the security manager’s attention to Regulations 3 and 7 of the Management of Health and Safety at Work Regulations 1992 (which subsequently came into force in January 1993). These regulations refer to risk assessments, procedures and the appointment of competent people tasked with implementing those procedures.
Having spoken to many crime prevention officers in several UK police forces, it’s both theirs and my interpretation that an individual should be able to walk into a given company’s hq, large or small, and freely read a typed-up threat assessment for different types of bomb threat (eg telephone threats, postal devices, delivered packages or external vehicles). There should be written procedures in place to combat all of these possible threats, and a number of trained staff competent in dealing with such threats as and when they arise. Preferably, there should also be a record of the last threat, and how it was dealt with.
Appointing a security co-ordinator
‘Bombs: protecting people and property’ makes a very strong case for appointing a security co-ordinator or incident controller. He or she must have sufficient authority to direct whatever action is taken in response to bomb threats. In essence, that person will have seven major responsibilities:
Creating bomb shelter areas
A thorny problem with which the security manager/co-ordinator will have to contend is the use of bomb shelter areas. Put simply, these are areas into which staff and visitors are moved for protection from an explosive device.
The BBC car bomb is a good example of a situation where people had to be moved away from vulnerable areas within the building (the greatest danger being from flying glass when windows are blown out).
Using a bomb shelter area is an alternative to such evacuations. The option to evacuate from an internal device (a letter bomb or a package, for instance) is obvious, but for an external bomb it may be far more dangerous.
Not only does the security manager have to consider his own building’s flying glass, but also that from adjacent structures and those en route to the designated assembly area. Evidence from previous vehicle bombs has shown that around half of a given building’s glass flies inwards, with the remainder shooting down into the street to about the same distance as the height of the building. Taken in this context, internal evacuation – or ‘invacuation’ – is often the safer option.
Terminology does not help us here, of course. The term ‘bomb shelter area’ gives the impression that it’s an area in which people are safe from the effects of an explosion. Very few buildings – in particular those that are modern, steel-framed and glass-clad – have such an area. What we are looking for is a space that’s safer than staying where you are, and also safer than evacuating immediately onto the street.
It’s really a question of comparison. What’s the safest option? Your preferred choice may not be intrinsically safe, but it’s often better than the other alternatives.
If a bomb is believed to be big enough and close enough to the building to cause catastrophic damage then the police will want to evacuate staff in any case, but if the device is relatively small or some distance away – 100 m-plus – then employees may be best served by remaining inside the building.
In some instances the security co-ordinator may not have a choice. The police will not allow staff onto the street if they cannot control any more people with the resources at their disposal. Their immediate priority will be to those nearest the bomb.
Notice the word ‘immediate’ here. If it’s deemed necessary, you may subsequently be subject to evacuation, but in the meantime you must instruct all staff to wait in the bomb shelter area. A ‘temporary refuge area’ might be a better way of describing it.
Contingency planning is vital
Aside from the legal requirement, bomb threat procedures are not that difficult to write and integrate into your organisation’s contingency plans. In a way they are almost more important than fire procedures, as we all have a certain amount of awareness about what to do in the event of a fire.
Fire also poses a progressive threat, developing from one stage to the next, whereas a bomb lies dormant one minute and detonates the next – with all its force and the consequent dramatic and often devastating effects attendant with that.
There are no developing stages to give the security manager time to make decisions. Managers must therefore be precise about security measures so that no time is wasted.
On the UK mainland, there’s little doubt that we are once again under threat from Irish Republican terrorists, under whatever name they choose – both now and in the future.
The message to security managers is clear: plan now and you will stand a much better chance of reducing the amount of injuries staff may sustain, and (possibly) minimising the amount of damage to your building or buildings – thereby improving the quality of business continuity.
Your plans could be the determining factor as to whether a business survives a bomb blast, and continues to trade in the longer term.
Dr John Wyatt is technical director of the SDS Group, and a specialist in contingency planning for bomb threat incidents.
