In the first part of our series, we discussed a report from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) study of the phenomenon of attacks on houses of worship. Looking at data from the period of 2009-2019, the study showed that while only a very small number of the total churches in America have been attacked, attacks have been on the increase since 2012. All types of hate crime were catalogued, with the most common being vandalism, and the most violent being shootings and arson. From minor to major, there were increases in frequency over the 10-year period, with no faith, denomination, or region left untouched. The study concluded that understanding the problem, and having a preparedness plan, were the first steps to preventing an attack on your church, or minimizing the effect if your church was the victim of an attack. The next step, the report says, is to develop “a holistic approach to security.”
Defining holistic
Holistic is a term you may hear now and then, often in relation to medicine, in particular alternative medicine, where pharmaceuticals are sometimes downplayed in favor of traditional remedies, nutrition, and exercise. This is actually is misconception, as holistic medicine treats “the whole patient,” meaning nutritional, physical, and even spiritual needs are addressed to make the patient whole. This addresses both the symptoms and causes of a problem and makes the patient stronger as a result, preventing future problems.
Similarly, a holistic approach to church safety and security addresses how to improve the safety of your church from every perspective. According to the report that means, “considering (or perhaps revisiting) the range of measures necessary to keep your house of worship safe, including physical security, cybersecurity, community awareness, event planning, incident management, emergency preparedness, policy development, training, and human resources.”
Risk, threat, vulnerability, and consequence
CISA says churches need to consider is the interaction between risk, threat, vulnerability, and consequence. The Department of Homeland Security’s Risk Lexicon provides the following definitions to put things in perspective:
RISK: The potential for an unwanted outcome to result from an incident, event, or occurrence. Risk is posed when there is a threat, a vulnerability to the threat, and significant unwanted consequence.
THREAT: A natural or man-made occurrence, individual, entity, or action that has or indicates the capability and intent to harm life, information, operations, the environment, and/or property.
VULNERABILITY: A physical feature or operational attribute that renders an entity susceptible to a given hazard.
CONSEQUENCE: The effect of an event, incident, or occurrence.
Assessing risk
With those definitions in mind, the next key step is to meet with the leadership of your church and have a discussion about risk assessment. This discussion should include questions such as:
•What are your threats and vulnerabilities?
•What is the likelihood of any given threat to occur?
•What are the consequences if those threats occur?
•What is your community’s tolerance for the associated consequences?
•What is your community’s attitude toward security practices?
•What personnel resources do you have to direct, manage, and oversee security operations?
•What is your budget to support security initiatives, both immediate and long-term?
These are difficult questions, and the answers are going to vary for every church. One thread common to every house of worship, though is that they are more vulnerable to internal and external threats than private business or government offices because the very nature of a house of worship is to be an open and welcoming place.
Knowledge is power
CISA recommends using both the information gleaned from their study, and your church’s own knowledge of their members and the surrounding community, to help assess threats and prevent attack. Specifically, the study shows a strong link between ideology or personal crisis as a motivation for most incidents of targeted violence against houses of worship, some of which may be subject to early detection and intervention. Tools at church’s disposal include:
AWARENESS OF THREATS. Houses of worship are typically attuned to the communities they serve and are a critical part of
the social fabric. Improving awareness of social tensions or personal crises can help prevent a violent incident. Has one church staffer recently resigned, or were one or more volunteers let go after a bitter dispute? Has your ongoing build project caused noise and inconvenience to a given neighborhood, resulting in complaint calls or a petition? Be aware of such elements and don’t dismiss any of them.
THE ABILITY TO INTERVENE AGAINST SUSPECTED THREATS. Community engagement is the best way to improve awareness, but formal partnership with other houses of worship (including different faiths), community groups, law enforcement, and social service providers are also useful in addressing potential threats. Establish relationships with these groups before there’s a known threat to help prevent an attack, it’s much easier than establishing them after the attack has occurred.
Striking a balance
As noted in our previous segment, CISA warns that it’s important to find a balance between convenience, openness, and security that suits your church and the needs of its members. A church is a place of worship, not a fortress. But keep in mind that threat assessment is an ongoing process and nothing is absolute. If your leadership team decides a significant threat calls for more security and curtailing of some activities for a given period of time, then that’s what you should do. Communicate the decision with your members and take the appropriate steps. It’s much better than picking up the pieces later. As the CISA report states, “The bottom line is that an effective security program is never one-dimensional, and is best achieved through
a constant process of discussion and (re)evaluation.”
In the next part of our series, we’ll take your actions a step further with “Performing a Comprehensive Vulnerability Assessment.”
