Securing Mass Gathering Events: A Simple Design Framework That Considers the Air Domain

stage and crowd
Bill Edwards is the president of federal and public safety at Building Intelligence Inc. and chair of the SIA Counter-UAS Working Group. He is a retired U.S. Army colonel and veteran of the Iraq War.
Bill Edwards is the president of federal and public safety at Building Intelligence Inc. and chair of the SIA Counter-UAS Working Group. He is a retired U.S. Army colonel and veteran of the Iraq War.  He is also the author and provider of a series of online training courses.

Planning and executing a mass gathering event is challenging, requires extensive coordination and can be time-consuming – it is also one of the most important security and safety actions you can take when it comes to protecting the public in dense crowd environments. Properly setting the conditions for a secure and safe outcome should always be the first and foremost priority for an event. Over the years, mass gathering events have become “soft targets” for nefarious and intentional acts of violence. Take, for example, the 2017 shooting in Las Vegas, Nevada, where the use of a tall building provided a clear line of sight to concertgoers. Security professionals must now consider multidimensional environments, as well as the air domain and the added layer of complexity that comes with it. So where do we start? 

In the military, learning the technique of primary, secondary and tertiary positioning is key when establishing a layered defense and is certainly a “simple” and “proven” way to look at planning for mass gathering events in the private sector. To begin this process, the idea is to visualize a dart board with a focus on the bullseye. Each outer ring is a concentric circle around the center or, in this case, the central area that requires protection.  The security plan begins on the outermost perimeter – normally in your external buffer zone, your vehicle entry control point or the first point of foot entry. Your integrated video surveillance system (VSS) covers the external buffer zone. To understand how this works, take the military example one step further. Using real-time intelligence, surveillance and reconnaissance is a great first step. In the private sector, this is provided by your deployed guard force and augmented by your VSS and is a great way to gain an initial understanding and maintain situational awareness of the environment at those outer locations. This awareness, combined with human interaction and technology, provides indications and warnings as crowds build; i t is a technique and capability that gives us a pulse on the crowd, the behaviors and the density. So why wouldn’t we employ the same concept to provide security and safety for public gatherings like festivals, concerts, and large outdoor events and make it simple to accomplish?

In a recent article, I noted that every large public gathering has the potential to turn into a security or safety event. Where people gather and the energy and excitement rise, it is always possible for accidents or deliberate acts to occur. Look no further than Astroworld or the July 4, 2022, shooting in Highland Park, Illinois,  to exemplify the clear need for active planning beyond the mere logistics of taking an event from idea to reality.  

Simply put, a convergence of security and safety planning, including creative and innovative uses of readily available technology combined with a thoughtful guard force deployment, is the missing piece of the puzzle. There are many ways to get to a standard or functioning framework, but it starts with an openness to change, a willingness to put forth the effort and the capital to support event organizers and their “duty of care responsibility.”

An easy way to look at it is through model development, which simply means creating an organized and milestone-driven plan that follows a specific path. This type of model or plan can and should be customized to the event and environment, but it should also be updated along the way. In the military, we often say, “no plan survives the line of departure,” and in the private sector, this same thought process can be applied. In simple terms, it means you must remain agile and have systems in place to proactively act when the unexpected happens.  Rest assured it will. 

Like security program development, planning for an event is a “team sport” that begins with the foundational work of a threat, vulnerability and risk assessment (TVRA) and ends with internal and external stakeholder rehearsals and exercises. This creates a collaborative and engaged team of planners, organizers and security/safety personnel, and it also creates and builds confidence for all involved to become comfortable with the plan for the operational and logistical execution. In the end, it paves the way for the public to safely participate in and enjoy events without concern.

Here is a simple approach with milestones commonly referred to as in-progress reviews (IPRs) that support the security program.

  1. Initial planning meeting with organizers (concept development and goals for the event are established). Venue security professionals describe the security program.
    1. Latest update of the venue TVRA.
    2. Implemented technology that supports situational awareness.
    3. Proprietary and contracted guard force. Duties, responsibilities, capability, and capacity.
    4. Training and exercise update.
  • IPR  No. 1: Includes internal and external stakeholders and delivers the initial planning meeting’s goals. It also forms the team around the event.
  1. IPR  No. 2: Includes a short presentation from each stakeholder and their responsibility to the event. This is where you eliminate overlapping interests and perceived ownership. 
  2. IPR  No. 3: Assignments and responsibilities are solidified, and each stakeholder begins coordination and collaboration and sets conditions for executing the event.
  3. IPR No. 4: Site walk and discussion. This is essentially a rehearsal with key players.
  4. IPR No. 5: Tabletop exercise that focuses on communication among all stakeholders and representation on the day of the event.

This approach will get you started, but as with any event, you’ll need to customize the planning to fit your specific needs. Simple and to the point, this IPR schedule will get you started and support your specific event and environment. Next, you should consider pre-event actions such as social media monitoring and a physical inspection before the opening of the gates. In many instances, obtaining a pulse on the crowd and the potential behaviors will provide you with indications and warnings that support your security plan or cause you to adjust based on information. As for the pre-event physical inspection, there are many resources available, but one of the best resources is crowd manager training through the International Fire Chiefs Association. Lastly, the Cybersecurity and Infrastructure Security Agency offers some tips on approaching different public mass gathering events that can be accessed here

Now, let’s discuss a security methodology/technology and how it can add value to security and safety. The air domain is here to stay, and security professionals need to think multidimensionally in their security program development for mass gatherings. 

Over the past several years, society has seen an explosion in drone capability and access to affordable platform employment – commercially, recreationally and militarily. Drones with high-end payloads are easily purchased with the click of a mouse, putting advanced technological capabilities at your fingertips. 

This has brought much consternation to security professionals, but it is also viewed as another evolution in a rapidly developing societal context. I have personally spent the last several years traveling, educating and promulgating a need for more focused efforts on ways to keep drone technology from causing more harm than good. As I’ve mentioned in the past, drones are a relatively new technology to the market but have proven to evolve quickly and therefore should be considered in security programs with the intent to mitigate risk at large public events.

Security professionals have several options when it comes to addressing the air domain, but it remains limited when it comes to countering the threat. Examples include:

  • Detection and monitoring technologies to extend your perimeter and provide early warning and operator location.
  • Crowd management and monitoring: In this form, the technology is evolving quickly and can provide high-definition video and behavior indicators of large crowds that stationary fixed cameras can’t. This is an evolving technique that should be considered for many reasons.
  • Drone as a security service: This is the employment of drones to conduct patrolling and inspection activity and is often referred to as “drone in a box.” In this use case, the technology augments the guard force to provide additional situational awareness and respond quickly to incidents.

However, when it pertains to action and counter-uncrewed aircraft systems (counter-UAS):

  • Counter-UAS technology: This is limited to the federal government, critical infrastructure and identified SEAR 1-5 events. There is no authorized counter-UAS for private-sector venues that host routine public gatherings, which equates to a gap in the ability to mitigate risk from all potential threats.    

Before 2010, these platforms were developing, had limited public access and exposure and were primarily tools used by the military. The demand for recreational use only started to build 12 years ago, and now we find ourselves overwhelmed with platform choices and extreme ease of access. It’s been amazing to watch the transformation from hobbyist ideas to application in almost any scenario you can imagine a drone might provide value, which brings me to the heart of the topic and one way to use drones for positive purposes. 

A top priority across the United States and other countries is the security and safety of people as they attend public events. Crowd management and monitoring have come to the forefront as a need. Security professionals are quickly finding out that having enough trained staff is a challenge with events taking place in stadiums and arenas on what the industry calls a 365-model, meaning the facility aims to be in use every day of the year.  

Many times, venues are simply doing their best to make it through each event, which has triggered the idea that leveraging drone technology in a crowd monitoring and management role might be a good use of the current capabilities. A persistent “eye in the sky” that supports security and safety seems to be a prudent step as we mature our ability to get ahead of events that may cause injury or death.

This approach, linked to crowd density modeling, enables decision makers to generate proactive responses, which is the goal of any security professional. It’s a “left of bang” mentality and the gold standard for those actively planning, coordinating and executing events that host the public.

As you think about this idea, here is a simple package that works and provides an extra layer of situational awareness when combined with on-ground security personnel and staff.

  1. Pick up where our initial model left off: Execute a tabletop exercise specifically focused on communicating and linking existing technologies to the command-and-control structure.
  2. Conduct a pre-event inspection by certified crowd managers.
  3. Think about a drone viewing option. This technology provides an exceptional view of any event from a perspective not available with fixed camera systems.
  4. Test employment and communications: Establish a command-and-control linkage and visualization of the full-motion video for identified key personnel.
  5. Include all aspects of security and safety in pre-event planning. This is a direct connection to the event communications plan (primary, alternate, contingency and emergency) modes and devices.
  6. Distribute the full-motion video and crowd density visualization as needed.
  7. Exercise dynamic tasking of the technology with security operations center staff in a controlled environment, pre-event.
  8. Provide expertise for security operations center liaison during the event.
  9. Conduct an after-action review post-event to capture lessons learned and establish standard operating procedures for the next event.

Simply put, when you receive notification of a new event, normally a published planning calendar for the year, you should begin to think in terms of phases for each event and create a framework that works best for your internal and external stakeholders:

  1. Pre-event planning
  2. Pre-event actions and inspections
  3. Event-day preparations
  4. Execute the plan and operations
  5. Post-event after action review

Public events are a regular occurrence, and creating a security and safety program for each event is necessary. The many past examples of a “bad day” should serve as a catalyst to think about and create a better way to handle crowd management and monitoring. This approach is one way to add a layer of risk mitigation to your very busy public event calendar.  

Think about leveraging these ideas as another tool for your use. Let’s keep the conversation going and provide proactive ways to head off problems!