Concert Security Experts on Preventing Attacks: ‘Our Adversary Is Very Committed, Adaptive and Elusive’

Concert Security Experts on How to Prevent Attacks Like Manchester’s

After the shock of events like the horrific explosion outside Ariana Grande’s Monday concert at Manchester Arena that killed 22 and injured more than 60 in an apparent terrorist act… after the Bataclan and Pulse nightclub shootings — the obvious question is: What could have been done to prevent it? That question is what Prevent Advisors was created to address.

Launched in October 2016, the company is a security consulting division that is a subsidiary of former AEG chairman Tim Leiweke and Irving Azoff’s Oak View Group (which also includes the 26-member Arena Alliance, among them Madison Square Garden, the Los Angeles Forum and Boston’s TD Garden). Its chair is former LAPD Chief and NYPD Commissioner Bill Bratton, and its executive staff includes CEO Chris Robinette, COO Ben Tolle (both are Green Berets; Tolle was also in Special Forces) and VP of Security Mike Downing (a former LAPD deputy chief and commanding officer of the Counter-Terrorism & Criminal Intelligence Bureau). Variety spoke with all three on Monday night in the wake of the tragedy in Manchester about what venues can do to prevent and react to such attacks.

How did Prevent Advisers come about?
Tolle: The nexus of this project was [Leiweke] and Commissioner Bratton realizing that facilities and venues are sometimes challenged when it comes to adapting to current and emerging threats. As you’ve seen our adversary is very committed and adaptive and elusive in their activities and oftentimes facilities have a difficult time being ahead of those things — obviously they have to run their day-to-day operations and law enforcement can’t be focused on facilities either. We exist to help augment those capabilities.

From what you’ve heard, what happened in Manchester and what can a venue do to prevent it?
Tolle: The explosion took place in close proximity to the [venue’s] ticket office and foyer, in between that area and train station [next door], and the takeaway is that it was obviously coordinated to be at a place of egress, high-flow, at a peak time, so he knew everybody would be coming out of the facility.

Downing: It looks like he — or they — very specifically targeted that facility and calculated it so that when the last song was being performed, people were egressing, and when he had enough people around him he detonated himself with a backpack of nails and bolts.

That’s confirmed?
Downing: Yes, it was a suicide bomber. It appears it was one individual and one explosion, although there were reports of a second explosion. We just had a conference call with the [Arena] Alliance members and we gave them a brief of what we know from the contacts we have in the U.K., and we talked about counter strategies to this kind of incident.

In terms of what you could do to mitigate risks, there are things like higher-visibility patrols, decoy cars, counter-surveillance — operations where you’re actually looking outward at behavior and suspicious people — vapor-wake dogs and article dogs [for explosives], decoys, cameras, eyes in the sky where you’re looking at egress and looking for those opportune times. Look, [the bomber] followed the playbook in Isis and Al-Qaeda’s electronic propaganda — this is what they’ve been told to do in the West. It’ll be interesting to see if this guy was a home-grown violent extremist who was inspired by this type of ideology and got instructions on how to make his bomb, or if he was a foreign fighter who returned home.

What are some other soft targets that are particularly vulnerable?
Downing: College campuses, shopping malls, retail districts, convention centers — anything that draws mass gatherings of people. Look at what happened in the Pulse nightclub in Orlando: 49 people killed by one individual. In Nice, one guy drives a truck into a crowd and kills 86 people. These are not sophisticated, well-planned attacks; they’re fairly simple, and they’re looking at areas that have traditionally been considered soft. And we have to look at that balance too — we don’t want to live in a fortress. But I think there are things we can do seamlessly and invisibly to make our odds better and keep ourselves in a position of advantage.

Do you think even with post-Bataclan-level security, he could have gotten into the building?
Downing: It’s hard to say, but I think had they looked at him and what he was wearing and his backpack, it would have been difficult for him to get inside undetected. He didn’t even try, as far as I’ve heard.

In the wake of this, do you think most arenas will step up security when large numbers of people are outside?
Downing: I think complacency is our biggest adversary. We tell our Alliance members that there are things they can do and orient their staff to, that this is a real threat and its evolving very quickly and they have to be outward-looking and know what suspicious behavior looks like. And also develop good relationships with local, state and federal law enforcement and request resources, set up virtual geofencing [which sets off an alarm when certain objects enter an area] with cyber and keywords and follow up on that. There was a Twitter feed that came out about four hours before the explosion from a kind of pro-Isis twitter account that said “We have more.” So there are things you can do to hunt and pursue as well as developing a good defensive strategy.

Robinette: We advise buildings to invest a lot of time into two things. First is the prevention and deterrence of acts: they need to be constantly updating, looking around and being proactive. And now every building lives in the second stage we recommend: post-event resiliency. Buildings should be thinking about how they respond to this to restore guest confidence — that the buildings are safe and secure — and they and their public-relations staffs communicate what they’re doing and have talking points to illustrate that they’ve put in the most diligent effort they can into defending the venue and the guests coming into and going out of the building. That shows not only that the venue is making it a priority, it also sends a message to potential bad actors: “Not this building. This building is making an investment in being safe.” Buildings now should be thinking about if this were to happen again tomorrow, what would they want the public to know?

Do your buildings have a protocol for events like this?
Robinette: Yes. We recommend buildings go through routine and regular assessments of security, and that’s everything from cyber-security to physical security, staff training, how it monitors social media, how it reviews the parking lot, ingress, egress. All those things should be under constant review, because if the plan was written and developed four or five years ago it’s very outdated — and if it was made six months ago I’d make the case that there are things that need to be updated. You also have to run exercises and stress tests against those plans, because the first time you experience this shouldn’t be the actual event. The staff should know “If we had a cyber attack this is how we’d respond”; “if we had an active shooter, this is what we’d do.” There’s a very wide spectrum of things that buildings should be doing regularly and routinely, not just as a function of compliance but of adaptive thinking. They should be looking at the threats and saying, “A year ago drones weren’t a problem” — well, they had a benign drone incident inside Petco Park [in San Diego] just yesterday, and Isis is weaponizing drones. We’ve also had vehicle-rammings in London and Ohio State and Germany — that wasn’t a relevant topic two years ago and it is now. So six months from now they should document what the new patterns and trends are and fold those into the future plans and exercises.

You never want to look back at the event and say “If we’d had more time, we would have done that and that.” If you know what those things are, you should be doing them now and communicating to the public that you’re being proactive, because these things are likely to continue to occur.