By R.V. Baugus
Threats exist today like never before. They come in all shapes and sizes. Some are seen and some are invisible. But one that always lurks that keeps IAVM members and those who visit the venues vigilant is that involving threats with mass gatherings, which essentially defines the world of public assembly venues.
Dr. David Mussington, Executive Assistant Director for Infrastructure Security at the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), brings his expertise and honors IAVM members with his presentation of Protecting Mass Gatherings in the Evolving Threat Environment at IAVM’s virtual ENCORE October 5-6.
Public gatherings and crowded places are increasingly vulnerable to terrorist attacks and other extremist actors because of their relative accessibility and large number of potential targets. Organizations of all types of sizes, whether businesses, venues, schools, or houses of worship face a variety of security risks: active shooters, vehicle ramming’s, unmanned aircraft systems, and insider threats. The Cybersecurity & Infrastructure Security Agency has a wide variety of resources that can assist organizations with meeting these challenges.
As Executive Assistant Director, Dr. Mussington helps lead CISA’s efforts to secure the nation’s critical infrastructure in coordination with government and the private sector. Key areas of focus include vulnerability and risk assessments; securing soft targets and crowded places; training and exercises; and securing high-risk chemical facilities.
Prior to joining CISA, Dr. Mussington was Professor of the Practice and Director for the Center for Public Policy and Private Enterprise at the School of Public Policy for the University of Maryland. His research and teaching activities focused on cyber physical system risk management, election cybersecurity, and critical infrastructure security risk management. He has published articles in academic and professional journals. This includes handbooks published by the University of Oxford in the U.K., working papers co-written with partners at the U.S. Naval War College, and peer reviewed articles in the Institute of Electrical and Electronics Engineers (IEEE) outlets about metrics and risk frameworks for cyber defense. Most recently, he conducted projects on election cybersecurity, social media information security issues, and the security of Internet and Communications Technology supply chains.
Before Dr. Mussington shares his wealth of knowledge and insights, we were able to visit in advance about the session and more.
WHAT AREAS DO PUBLIC ASSEMBLY VENUES IN WHICH IAVM MEMBERS WORK NEED TO BE VIGILANT ABOUT IN THE CURRENT CLIMATE?
COVID-19 has not dissipated. Venues should still consider the use of masks, robust cleaning and sanitizing services, touchless/cashless payment options, and social distance requirements. In addition, venues must consider the threat of targeted violence. Threats such as active shooter, improvised explosive devices, and the use of vehicle as a weapon should be planned for and appropriately addressed. Venues should consider the use of law enforcement presence, venue security personnel presence, screening detection technologies, bag searches, security cameras, security wands, and the use of K-9 units as possible mitigating measures.
MUCH HAS RIGHTLY BEEN DEALING WITH THE PANDEMIC OVER THE RECENT MONTHS, BUT HOW IMPORTANT IS IT FOR OUR INDUSTRY TO NOT “LET ITS GUARD DOWN” WHEN IT COMES TO OTHER OUTSIDE POTENTIAL THREATS?
Critically important for venue managers to continue building capacity to address the dynamic threat environment. In addition, the FBI has received 791,790 complaints for all types of internet crime—a record number—from the American public in 2020, with reported losses exceeding $4.1 billion. This represents a 69 percent increase in total complaints from 2019. The number of ransomware incidents also continue to rise, with 2,474 incidents reported in 2020, representing a 20 percent increase in the number of incidents, and a 225 percent increase in ransom demands. With many fans, communities, and organizations heavily invested in sporting events, venues have become an ideal target for cybercrime. Cybercriminals are very attuned to global sporting events and take advantage of the spectators’ and industries’ reliance on technology. These damaging attacks often lead to financial losses, information theft, and reputation damage.
WHAT WILL SOME OF THE PRESENTATION HIGHLIGHTS INCLUDE THAT WILL ENSURE A MUST-ATTEND SESSION?
Overview of the evolving threat environment facing public assembly venues, from the perspective of a senior government expert in cyber and physical security with decades of experience in both the public and private sectors and in two presidential administrations. This will include discussion of the threats posed by unmanned aircraft systems, domestic violent extremism, the COVID-19 pandemic, and other risk factors.
Invitation to take advantage of the resources provided by the Cybersecurity and Infrastructure Security Agency—all offered for free—that make venue managers lives’ easier: best practices, vulnerability assessment capabilities, protective measures guides, training and exercises, and more. Also, we will mention COVID-19, and the work of the CISA COVID TF in identifying “hidden” risk factors that flow from dependencies.
IS THERE A TAKEAWAY YOU WOULD LIKE ATTENDEES TO RETURN TO THEIR VENUE WITH AS THEY GO ABOUT DOING THEIR JOBS AND ENSURING THE SAFETY AND PROTECTION OF THEMSELVES, THEIR STAFF, AND THE GUESTS WHO ENTER THEIR VENUES?
CISA’s mission is to lead the national effort to understand and manage cyber and physical risk to our critical infrastructure and vision for a secure and resilient critical infrastructure for the American people, but the agency’s work is only possible by partnering with the owners and operators of the spaces where Americans gather every day. Through our efforts to understand and advise on cyber and physical risks to the nation’s critical infrastructure, we help partners strengthen their own capabilities. By connecting with CISA, venue managers can get better connected to resources, analyses, and tools to help them build their own cyber, communications, and physical security and resilience, which in turn strengthens national resilience.
Not yet registered for ENCORE? You can still register now HERE!