Sensible security starts with knowledge of possible threats

May 24, 2002
Water utilities are more likely to face threats to their pumping systems and treatment plants that are closer to home, so the first step to security is to understand the threat.

By Stephen R. Zimmerman

Know your enemy and know yourself and you can fight a hundred battles without disaster. --- The Art of War by Sun Tzu

May 24, 2002 -- Do you know who your enemies are? No? When setting up security plans, do you envision fighting off groups of armed international terrorists trying to destroy your pumping systems and treatment plants? If so, you may be making a big mistake. You're more likely to face threats that are closer to home: your security plans will be flawed until you know your enemies.

At ATOG (Anti-Terrorist Operations Group), we teach our clients - whether experienced in threat assessments and security planning or novices - that you can't mount an effective defense if you don't know your enemies. The following is a simple guide to the five broad categories of aggressors, a "rogue's gallery of bad guys" who may be targeting your water-oriented facilities. Their acts against you can range from crimes (such as burglary, embezzlement or fraud) to "low-intensity conflict threats" (such as unconventional warfare)

* Criminals-Consider criminals by their degree of sophistication: unsophisticated criminals, sophisticated criminals, and organized criminal groups. While they share the common objective of stealing your most valuable assets, what they target, the quantities they seek, their efficiency, and the finesse of their actions vary significantly. In some cases, vandals and activists may be included under this category.

* Vandals and Activists- While the degree of damage they seek to cause will vary with their sophistication and their motivations, they typically cause destruction to achieve publicity, notoriety and a reputation. These groups are typically made up of protesters who are politically or issue oriented. They may act out of frustration, discontent, or anger against the actions or stated position of your company in regards to a particular issue. They may also be acting for or against other social or political groups. Their selection of targets will vary based on the risk associated with attacking them.

* Extremists-Often fanatical in their political beliefs, extremists take radical, violent actions to gain support for their beliefs or causes.

* Protesters-This group is considered a threat only when violent. While lawful protests are a fact of life (remember the First Amendment?), you should take protesters into account in your security planning and threat assessments. Typically, significant protective measures beyond basic crowd control are not normally needed to address their actions. You do, however, have to plan for action should there be extremists or vandals/activists in the crowd who are intent on inciting violence.

* Terrorists-As recent events illustrate, this last group is almost always ideologically, politically, or issue oriented. They commonly work in small, well-organized groups (cells). They are sophisticated, skilled with tools and weapons, and possess an efficient planning capability. Terrorists, however, are not homogeneous but rather fall into one of several types:

* CONUS (inside the continental United States) -These homegrown terrorists are typically right- or left-wing extremists operating in distinct areas of America.

* OCONUS (outside the continental United States) -These international terrorists generally are more organized than CONUS terrorists. They usually include ethnically or religiously oriented groups.

* Paramilitary OCONUS (military groups outside the continental United States) -These military-oriented international terrorist groups show some martial capability with a broad range of military and improvised weapons. Attacks by paramilitary OCONUS terrorists are typically the most severe.

How do you know which types of aggressors may be targeting your infrastructure? First, contact your local responders - police (local, state, county), fire department and emergency medical services. It's likely that they have intimate knowledge of who's who in the area. Similarly, get in touch with the nearest FBI field office. Their extensive intelligence gathering activities can give you very comprehensive information about who is operating in the area and the intensity levels of their activities. Make it a habit to check in with all of these agencies on at least a quarterly basis.

Similarly, take time to do your own monitoring. Reading local newspapers and magazines, along with listening to local talk radio, can keep you aware of hot-button issues and the people or groups involved with them. You can also make it a habit to check the Web sites of the groups identified by the FBI and local law enforcement in order to learn more about the players and their philosophies.

If you're a security pro, take a moment to re-think your assumptions about your facility's enemies. Are you overlooking the obvious? Are you spending too much time on the esoteric? Shake up your thinking in order to improve your threat assessments and subsequent response planning. And if you're a security novice, remember to take the time to understand the various enemies you could be facing: you can't really plan effectively if you don't know who you're up against.

The bottom line is that knowledge of your facility's potential enemies means improved intelligence gathering and smarter security solutions. Remember the lesson of war master Sun Tzu:

If ignorant both of your enemy and yourself, you are certain to be in peril.


ATOG (Anti-Terrorist Operations Group) is an Atlanta, Georgia-based company that specializes in developing strategies for protecting and assuring the continued operation of critical infrastructures. ATOG's staff has extensive, frontline counterterrorism, law enforcement and risk reduction experience in agencies including the U.S. Army Special Forces, FBI, CIA, and the Department of Defense.

About the Author: Stephen Zimmerman has more than 30 years of security, law enforcement, engineering, and academic experience with professional expertise in conducting military, government, and commercial security risk and vulnerability assessments, including: International airport passenger and employee operational facilities; U.S. Army Corps of Engineers physical security survey and force protection operations; and commercial business physical protection surveys and loss prevention assessments.

Sponsored Recommendations

ArmorBlock 5000: Boost Automation Efficiency

April 25, 2024
Discover the transformative benefits of leveraging a scalable On-Machine I/O to improve flexibility, enhance reliability and streamline operations.

Rising Cyber Threats and the Impact on Risk and Resiliency Operations

April 25, 2024
The world of manufacturing is changing, and Generative AI is one of the many change agents. The 2024 State of Smart Manufacturing Report takes a deep dive into how Generative ...

State of Smart Manufacturing Report Series

April 25, 2024
The world of manufacturing is changing, and Generative AI is one of the many change agents. The 2024 State of Smart Manufacturing Report takes a deep dive into how Generative ...

SmartSights WIN-911 Alarm Notification Software Enables Faster Response

March 15, 2024
Alarm notification software enables faster response for customers, keeping production on track