Lessons from Martin Place

    Tragic event in SydneyWhile the inquest and other reviews are underway into the tragic events in Sydney in December 2014, Rod Cowan says security should start now to examine its role in a crisis.

    The Federal Bureau of Investigation (FBI) makes a distinction between a crisis and a hostage situation. Only four percent of cases could be classified as a hostage negotiation, which is where the plan is to trade people for money or transport, or for political demands to be met.

    “Included in the remaining 96 percent are emotionally-driven crises where a person is barricaded by themselves or with one or more victims, or is suicidal,” writes Detective Jeff Thompson on the FBI Law Enforcement Bulletin website (leb.fbi.gov). “In these situations, the person is not making substantive demands or asking for anything from the police because they do not need anything from the police. Rather, they are in crisis, meaning that their normal coping mechanisms for dealing with life’s day-to-day challenges have been overwhelmed. Their emotion level is high while their rational ability is low.”

    By all accounts – take away the demands for a Daesh, or the Islamic State of Iraq and Syria (ISIS), if you will, flag – and it sounds pretty much like Martin Place falls into the 96 percent bracket. It is clear, after all, that Monis was a troubled individual who had no connections with terrorist groups beyond his imagination.

    Former counterterrorism adviser to the White House Richard Clarke summed it up neatly on ABC News in the US. “I do not think this was a lone wolf terrorist, I do not think this was a terrorist at all. I think this was someone who was committing suicide by police as a lot of people with mental problems do, and now, if they say they are a terrorist, if they say they are somehow associated with ISIS or Al Qaeda, it becomes a major event that shuts down the city and gets international attention,” Clarke told ABC News. “This was a person with a mental problem who tried to gain attention and succeeded, tried to shut down the city and succeeded, merely by putting up a flag that was something like the flag of ISIS.”

    Why the preoccupation with whether it was a terrorist attack or simply the actions of a delusional and desperate individual? Simply put, in times of emergency, communications mean everything and the language used shapes intelligence that informs decisions and subsequent actions.

    No doubt the various inquiries will provide 20/20 vision in hindsight; various inquiries being the NSW Police critical incident investigation, the Australian Federal Police inquiry and, of course, the NSW Coroner’s inquest, which is mandatory when people die in a police operation and is already underway. There was also a federal–state joint review released in February, covering Monis’ earlier interactions with the government, such as access to firearms and his use of various aliases, which found that the judgements made by government agencies were reasonable. For example, the review reckoned that the Australian Security Intelligence Organisation’s (ASIO) 2008–2009 review of Monis was thorough and found that he was not involved in politically motivated violence, nor had significant contact with groups of security concern. The 18 calls from the public about Monis’ Facebook page did not relate to any pending attack and, therefore, ASIO did not deem him a threat. The upshot being the review recommended reforms to the bail laws, “new programs to counter violent extremism”, and a review of immigration policies and visa applications.

    But, again, this is all hindsight. None of this information was readily available during the 17 hours of the crisis and security managers in the Sydney CBD had scant information on which to base critical decisions or advice affecting thousands of people employed in the city, not to mention friends and relatives concerned about loved ones working in the CBD. As fear and panic rippled through the city, office blocks a brisk 20 minute walk or further from the scene – and people would have to have walked due to public transport being shut down and roads closed – were going into lockdown or sending staff home and, as a result, spreading further fear and panic.

    But what choice did security managers, collectively responsible for the security and safety of thousands of people and millions of dollars of assets and revenue, have? They were for the most part reliant on mainstream media reports, but mainstream reporting and events beyond what was happening in Martin Place itself were pretty much being driven by social media. At the very least, this means most security managers were relying on secondhand and often unreliable sources. Okay, some may have also been looking at social media, but it would have been few; ask around and it becomes obvious that senior security managers at most have rarely visited LinkedIn accounts (unless they are about to start job hunting), even fewer have Facebook accounts (primarily “for the kids”) and fewer still run Twitter accounts.

    Social media, however, played such a significant role that the Coroner’s inquest, which had an extraordinarily detailed opening to try to scotch some of the speculation and rumours surrounding the event, will have an unprecedented focus on social media. It will take several months to sift through video, sound recordings, texts, Facebook pages and other social media in an effort to answer the State coroner Jeremy Gormly’s question in his opening address, “What interactions occurred between hostages, police, non-police parties and hostage families? How did social media contact impact the prospects of the resolution?”

    Regardless of Gormly’s findings, it is clear that social media plays a significant role in any crisis, whether it be an attack – madman, terrorist, whatever – an emergency, or a natural disaster. As such, security operations need to become more adept at interpreting media surrounding events in order to make sound decisions. This includes learning how social media operates and affects events, how it can be used to gather open-source intelligence and, importantly, how it can be used to communicate within their own networks. Moreover, it informs how staff should be briefed to deal with social media, both in terms of being victims and in terms of watching events unfold. Security managers could also play a crucial role in stemming the tide of hysteria and alarm.

    When discussing the absence of credible security voices in the media sphere on the likes of Twitter, a group of security managers responded that they would never “comment on an ongoing police operation”. That may well have been the proper course of action in the days of morning newspapers and evening news, with radio bulletins in between, but if credible, knowledgeable, trusted voices of reason are missing from today’s milieu, what else can be expected other than the spread of rumour and confusion? To be sure, not commenting on police operations is valid, but even if those voices were saying nothing more than to calm down, that the police have the situation in hand, and to rely on official sources such as police media rather than ratings-inspired coverage or hits-hungry online posts, they would have helped rather than hindered the authorities, surely?

    Even better, in this day and age, is to question why there is no communications process for liaising with security managers and providing them with solid information to share in order to calm things down. That is not to suggest a full-blown Project Griffin is required. Griffin operates in the UK to bring together the police, fire brigade, ambulance services, private security industry and other government agencies in the event of terrorist attacks and gets depressingly regular outings. Maintaining momentum in such a project in Australia has proved to be difficult. What is needed, nonetheless, is a keen awareness that modern cities, especially in Australia, rely heavily on private security for protecting 90 percent of its infrastructure, including many public spaces.

    Indeed, today’s first responders in shopping centres, office towers, government buildings, airports, sea ports and places of mass gathering are most likely to be security officers. Incorporating and developing a communications channel with those responsible for managing those resources – such as the security managers that either employ security officers or hire contractors for such work – from a technical viewpoint would not be difficult. For that to work, however, it would involve engaging with security on a different level than in the past; not through providers or their representatives (though they would need to be involved), but by dealing directly with security managers who, at the end of the day, will make decisions, or at least recommendations, that will affect their organisations and their employees.

    It is worth remembering, however, that Project Griffin did not come about through law enforcement initiatives, but was driven by London’s financial sector and spread from there. If CEOs and businesses in Australia’s CBD’s would like to at least limit, if not mitigate, disruption during events similar to Martin Place, it may be they will need to lead the way.

    Rod Cowan
    Rod Cowan has contributed for over 30 years to security around the world through his writing, teaching, speaking at industry conferences and public events, as well as assisting in various Government investigations and corporate research. Cowan is a Research Fellow with the Research Network for a Secure Australia (http://rnsa.org.au) and was convener of its Safeguarding Australia Annual Summit 2017 in Canberra. He is also a Strategic Advisor to the Dubai-based Emirates Group Security/Edith Cowan University Centre of Aviation and Security Studies (CASS).