A 38-year-old Maryland native allegedly opened fire on an Annapolis-based newsroom, killing five people and providing a grim reminder that security best practices are not one-size-fits-all.
The suspected shooter, Jarrod W. Ramos, had a longstanding grievance with The Capital Gazette stemming from the paper's 2011 coverage of a harassment charge against him. He pursued—and prolongated—legal action against the reporter, publisher, and judge involved. He also started a website and several Twitter accounts berating the newspaper.
In 2013, the paper and one of the targeted reporters contacted police to discuss filing a restraining order or misdemeanor charges due to the prolonged harassment but ultimately decided to not follow through for fear of further antagonizing him, the Baltimore Sun reports.
The reporter and the publisher involved in the legal proceedings from more than seven years no longer work at The Capital Gazette.
"If you fire somebody or have an incident with them, it's typical to feel that their retaliation is going to be in the near future, but that's not necessarily true," says Michael Crane, CPP, security consultant and attorney at Securisks. "You hear stories where people come back after a year or two—and in this case, it was after five or more years."
Crane—who is also the chair of the ASIS Active Assailant Working Group—notes it appears that the paper followed security best practices after the threats escalated in 2013.
"Between his lawsuit and the threats that he made, that certainly should have given them an increased sense of surveillance or security," Crane says. "What you want to do in that type of situation is conduct an assessment to harden your facility. I'm assuming that part of the newspaper contacting the police was putting in access control on a locked front door so nobody could just walk in without being buzzed in."
The Capital Gazette shares a building with several other commercial tenants. The shooter entered through the building's rear entrance and, despite closed access to the newsroom, was able to enter by shooting through a glass door or window. The Capital Gazette—like many newsrooms and office spaces—has an entirely open floorplan, with glass windows all around the room, reporters working at desks in the middle, and half-walls along one side for editors' offices, according to CNN.
As the gunman proceeded to systematically fire his 12-gauge pump-action shotgun along the room, some employees ran to the back door. However, before entering the building, the gunman had barricaded the door. One man who tried to force the door open was shot and killed.
The rest of the employees hid as best they could under desks and behind filing cabinets. After less than two minutes of shooting, police arrived and the shooter ceased his attack to hide under a desk, before being captured by responders.
"The police were there in 60 to 90 seconds—that's absolutely tremendous and should be applauded," says Kevin Doss, CPP, PSP, CEO at Level 4 Security. "However, five people were killed in less than 90 seconds. These happen quickly, so performing a threat assessment, hardening facilities, planning procedures, and training are all critical—you're only going to have a split second to react."
Building a training program based on an organization's specific needs and threat points--and that implements both physical security measures and procedures--is imperative for success, Doss explains. Media organizations, for example, are higher-risk targets because they publish news that is bound to cause grievances.
"You can take a basic program, and then we
talk about site specifics, and that’s where a risk assessment is critical," says Doss. "You can’t
use a cookie-cutter approach to an asymmetrical threat like active shooter
because that threat can change characteristics. People are going to have a plan of
attack before they show up, and this guy did—he had a plan to
lock people in."
Doss has trained U.S. federal agencies using the U.S. Department of Homeland Security's Run. Hide. Fight. active shooter protocol and now uses a similar approach when training organizations. He notes that he is working with more companies that have open offices—often featuring open workspaces and glass instead of walls and doors. Active shooter training must account for this increasingly-popular type of workspace, he tells Security Management.
"Look at your workspace from a survival capability," Doss says. "If it was all open space, there are very few places to hide. At that point train yourself--what could I do if a shooter gets here? If door is barricaded, look at breaking a window or looking at another method. That’s where training comes into play because you don’t want to figure that out during an emergency. You want a planned course of action to train on. If you’re not trained on it, you won’t know to do it."
Crane agrees, noting that even open office environments should ensure that there are safe places to hide, such as bathrooms or conference rooms with locked doors. Doss points out that while glazing is common in many offices and allows for natural surveillance, it's also the weakest barrier. Hardening that vulnerability by using polycarbonate or bulletproof glass, or adding a shatterproof film, can help in such instances.
Crane discusses the challenge of assessing the true danger of a person—either an insider or someone in the community—with a longstanding grudge. Threat assessment teams are helpful in keeping track of terminated employees or customers or people who have been making threats.
"You have to look at active assailant as a subset of a workplace violence incident, which has been going on for years," Crane explains. "The majority of our workplace violence incidents are domestic related and can spill into the workplace. However, as rare as it is, active assailants do happen. Recognizing behavior and doing something about that behavior, contacting the police, increasing security, limiting access into your facilities, training as to run-hide-fight, those are the only things you can really do."
Doss says threat assessments not only help harden a facility but allow for the detection of potential bad actors. While good assessments are costly, he recommends high-risk organizations conduct them yearly.
"I may not be a threat this year, but I may be escalating toward becoming an actual threat, and the only way you’re going to find that out is to track these types of incidents or behaviors," Doss notes. "Active shootings never happen all at once, there’s always a building and progression--some type of behavioral issues prior to them committing the act. That’s where we have an opportunity to identify these behavioral characteristics and intercede."
For small businesses and houses of worship, there are a plethora of resources on how to conduct a threat assessment and make sure every employee receives basic active shooter training. "This problem is only getting worse, and we need to become more proactive from organizational side of things because we have a responsibility to provide safe workplace for employees," Doss says.
The shooter had to be identified via facial recognition software because the fingerprint analysis system was taking too long. Police searched his home in Laurel, Maryland, about 30 minutes from the newsroom, and found evidence of the origination of the planning. He is being held without bail and has been charged with five counts of first-degree murder. Security at newsrooms across the country has been increased as a precaution.