Workplace Violence and Active Shooter: Develop a Culture of Preparedness
When violence erupts in a workplace, the outcome and events of the scenario are unpredictable. Injury or death of building occupants, lawsuits, property damage, and diminished trust in the organization by staff and the community are just a few of the possible consequences.
The possibility of an Active Shooter Incident is no longer a question of if, but rather when and where– yet the risk for violence is difficult to predict and almost impossible to eliminate.
In most workplaces where risk factors can be identified, the risk of assault can be prevented or minimized if employers take appropriate precautions. Under the federal Occupational Health and Safety Act (OSHA), all employers have a general duty to provide a safe workplace for employees, free from recognized hazards that cause or are likely to cause death or serious physical harm to employees. OSHA believes that a well-written and implemented workplace violence prevention program, combined with engineering controls, administrative controls and training can reduce the incidence of workplace violence in both the private sector and federal workplaces.
According to an FBI survey, 45% of active shooter incidents take place in a commercial environment. In an active shooter scenario, preparation is the key to survival. Would you know what to do in the event of an active shooter selected your office to carry out their attack? Would your employees know what to do? Does your organization have an emergency preparedness plan?
Space is limited, so register today!
Attendees of this webinar will learn:
- Understand the multiple types of workplace violence
- Understand how to plan and develop an Active Shooter Preparedness Program
- Learn how to create an emergency response plan and prepare for an Active Shooter incident
- How best to communicate and develop effective liaison with internal and external stakeholders, law enforcement agencies and other first responders
- Come away with best practices for conducting Active Shooter response training for employees and recognizing signs of potential workplace violence
- Community leaders and citizens
- Education (all levels K-12, Colleges and Universities)
- Human Resources Professionals
- Manufacturing and Industrial
- Security and Risk Professionals
- Law Enforcement
- Business leaders and managers
Cleveland Insures Against Protesters
The City of Cleveland will pay $9.5 million to purchase $50 million of protest insurance coverage ahead of the four-day Republican National Convention that begins July 18.
The city quintupled its original proposed coverage amount, which would have had the city pay $1.5 million for a $10 million policy.
“The $1.5 million for $10 million coverage was always just a placeholder,” City spokesman Dan Williams told Risk & Insurance®. “We felt it was the best level of coverage for what we needed.”
Protest insurance coverage is required for any event that has been deemed by the U.S. Secret Service as a “National Special Security Event.”
The protest policy is liability insurance that includes incident insurance to cover potential lawsuits, private property insurance to cover any damage to property, and vehicles and equipment insurance to cover others coming to the convention with their own vehicles and equipment, Williams wrote.
The policy is required for any event that has been deemed by the U.S. Secret Service as a “National Special Security Event,” which also includes the Democratic National Convention, visits by the Catholic pope and G8 summits, among other events.
The city’s Board of Control increased the insurance coverage on the recommendation of its broker, Aon Risk Services Northeast, which polled 40 insurance providers, according to Sharon Dumas, the city’s finance director.
“They analyzed the national trend of conflicts and the risks associated with the convention, and we concurred,” Dumas said to Cleveland.com.
The Secret Service, FBI, Cleveland and Ohio State Police, the National Guard, and thousands of police officers from around the country will work together over the course of the week to ensure peaceful demonstrations — both for and against Trump, according to reports.
The groups scheduled to travel to Cleveland for the convention include anti-Trump demonstrators, a white nationalist group and the anti-gay Westboro Baptist Church.
Preparing for potentially violent demonstrations, the city’s police department has partnered with law enforcement agencies throughout the country “to ensure that we have an adequate number of law enforcement officers to staff the needs of the convention,” Cleveland Police Chief Calvin Williams wrote on the department’s website as well as its Facebook page. \
However, after shootings in Dallas and Baton Rouge led to the deaths of eight officers, some law enforcement agencies have rescinded offers to send officers to help at the convention.
But Williams remains confident. “Our officers have trained with many partnering agencies at the local, state and federal level to ensure that the highest safety standards are maintained,” he wrote.
“Throughout the course of planning for the RNC, our officers have undergone hours of training relative to many subjects. Although not all training can be discussed or demonstrated as law enforcement tactics are sensitive, the training has been both comprehensive and valuable.”
However, he did say the department purchased 300 bicycles outfitted specifically for “law enforcement purposes,” to be used by police officers who became certified riders after training through the Law Enforcement Bicycle Association.
Williams ended his letter on an optimistic note: “This is an exciting time for our great city. This is an historic event and we are not likely to see anything like this within the footprint of Cleveland again soon. I am looking forward to a safe event and I thank you for your support.”
To Keep Cool in a Crisis, Companies Need a Comprehensive Solution
Threats against corporate security come in many forms, from intentional acts of violence to civil unrest to cyber-attacks. The perpetrators don’t discriminate by company size or sector, and the consequences can range from several thousand dollars lost to several lives lost.
The recent shooting in an Orlando nightclub that killed 49, for example, or last year’s San Bernardino shooting that killed 14, are somber reminders that terrorism and violence can erupt anywhere and in any type of business. In addition to loss of life, violence can translate into business interruption and property damage. In Ferguson, Mo., riots lead to over $4 million in property damage.
Cyber-attacks have also become commonplace, with hackers infiltrating private networks to steal data or hold it ransom.
Is your organization prepared for these risks?
“A lot of companies have a crisis response plan on paper, but they don’t have outside resources to come to their aid if there is an incident,” said Reggie Gibbs, Underwriter and Product Manager, Starr Companies.
Mid-size companies especially tend to lack comprehensive insurance coverage and crisis management services for a variety of security events due either to limited resources or an underestimation of their exposure.
Starr Companies’ Cyber and Terror Response (CTR) solution provides three coverages as well as crisis response services tailored to meet the needs of these companies. Each of its components addresses a common security threat.
“We don’t just want to indemnify the security risks our clients face; we want to help them actively manage them.”
— Reggie Gibbs, Underwriter & Product Manager, Starr Companies
Terror and Political Violence
“Political violence can be defined as a strike, riot, protest, or any type of unrest that gets out of hand and turns violent,” said Gibbs, who specializes in terrorism and political violence, workplace violence, and crisis management.
In the case of the Ferguson protests, any first party property damage or third party liability incurred by the disruption would be covered under the terrorism and political violence segment of the CTR solution.
In the case of a terror attack, organizations cannot necessarily rely on TRIA to pick up property losses. In the case of the Orlando shooting, for example, the likelihood of TRIA being invoked is low because property damage will not meet the threshold for coverage to kick in.
TRIA, reauthorized in 2015, provides a federal insurance backstop in the event of a terror attack. The U.S. Secretary of the Treasury, U.S. Attorney General, and U.S. Secretary of Homeland Security must declare an attack to be an act of terrorism, and property damage must exceed $5 million to trigger TRIA.
“We would still view the Orlando shooting as an act of terror, however, because of who the shooter claimed he was working for regardless if the ties to terror groups are clear or not. Therefore, our coverage would apply,” Gibbs said. Even if TRIA was enacted, however, companies would still have a lot of pieces to pick up following an attack. They may have injured or deceased employees, or face legal action from third parties.
For these situations, and any other incident of violence not driven by terrorism, the workplace violence component of Starr’s CTR solution would act as an umbrella to cover other liabilities such as legal liability, loss of life benefits, psychiatric care, and other crisis response services.
One such incident struck a Boston-area Bertucci’s in early May. An attacker wielding a knife drove his car into a Boston shopping mall before making his way into the nearby restaurant. He killed five, including restaurant workers and patrons.
“There was no ideological or political motivation behind it. He was just deranged.” Gibbs said. “Our workplace violence coverage can handle the loss of life benefits for both the employees and patrons killed in situations like this one.”
In the best cases, though, violence can be prevented altogether.
“If an employee reports a stalking threat, the policy would cover the expense of security guards,” Gibbs said. “In this case, it’s more of a pre-workplace violence coverage. It would de-escalate the situation.”
Attacks can also be non-physical.
Cyber extortion in particular is on the rise. Phishing scams lead employees to click on malicious links, unknowingly downloading ransomware onto their internal networks. The cyber criminals then hold companies’ networks ransom, asking for a sum of money in return for the release of data or to prevent a business interruption. The ransoms can be low — amounts that organizations can afford to pay.
“The hackers don’t want to attract the attention of law enforcement or regulatory agencies,” said Annamaria Landaverde, National Cyber Practice Leader & Professional Liability Underwriting Manager, Starr Companies. Landaverde specializes in the cyber component of the CTR coverage. “The FBI may not get involved if someone asks for $5,000. They are more likely to get involved if someone asks for $5 million.”
Since companies are not required by law to report cyber extortion —like they are for data breaches — many choose simply to pay the ransom and move on without generating any negative news headlines.
“The hackers don’t want to attract the attention of any law enforcement or regulatory agencies. The F.B.I. won’t get involved if someone asks for $5,000. They will get involved if someone asks for $5 million.”
— Annamaria Landaverde, National Cyber Practice Leader & Underwriting Manager, Professional Liability Division, Starr Companies
“A California medical center recently had an incident like this where the hackers asked for $17,000 in ransom,” Landaverde said,” but the amounts can vary.”
While the ransom itself may seem manageable, many companies fail to recognize other costs associated with the identification and removal of the malware from their system. There may also be costs associated with forensics investigations, legal experts, public relations firms, third party lawsuits, and notification and credit monitoring.
“The cyber arm of the CTR coverage extends to liability that an organization would suffer as a result of a breach, or failure of security of the insured’s network,” Landaverde said. That includes not just cyber extortion, but outright data theft or denial-of-service attacks.
Crisis Management Services
“We don’t just want to indemnify the security risks our clients face; we want to help them actively manage them,” Gibbs said.
The fourth component of Starr’s CTR solution – crisis response — provides two outside consultants to insureds, with one specializing in “hard” security services like guards or instances of cyber extortion, and another focusing on crisis communications.
Without these outside services, there is only so much insurance can do in the aftermath of a crisis. Experienced consultants provide a range of security preparedness and response services to complement coverage and help insureds recover from an episode of violence or cyber event.
“From a communications perspective, our consultants can manage the public relations front to create clear and consistent messaging, but they can also stay in touch with families after a terror or other violent attack to make sure everyone stays informed,” Gibbs said.
They also serve as a first point of contact for insureds immediately after an event. If they need guidance quickly, consultants await at the ready.
“When a client purchases the product, they get a 24-hour hotline set up with one of our consultancies,” he said. “They can report an incident at any time, and our consultant will help either resolve a situation or deal with the aftermath in whatever way they can.”
While the Cyber and Terror Response package provides a comprehensive solution tailored for mid-size companies, Starr also offers standalone cyber liability and crisis management coverage on a primary and excess basis.
“For companies with greater exposure to a particular type of risk, or who simply want higher limits or greater customization, we have those standalone polices.” Landaverde said.
For more information on Starr Companies’ Cyber and Terror Response solution, visit https://www.starrcompanies.com/Insurance/CyberAndTerrorResponse.
Starr Companies is the worldwide marketing name for the operating insurance and travel assistance companies and subsidiaries of Starr International Company, Inc. and for the investment business of C. V. Starr & Co., Inc. and its subsidiaries.
This article was produced by the R&I Brand Studio, a unit of the advertising department of Risk & Insurance, in collaboration with Starr Companies. The editorial staff of Risk & Insurance had no role in its preparation.