60 Seconds with David Evans
When and why did you establish TINYg?
In 2006, whilst in New York I was incorporating my own company Global Aware International at a Bank on 5th Ave. Whilst a great turnout from multiple sectors, I noticed that groups seemed to keep themselves in isolation of their own sectors. It struck me that more networking, integration of ideas and cohesion would be very useful. I had an audience pool of real talent and decision makers which could potentially be a group which would benefit from a different approach. New York and London were clearly inextricably linked in terrorist related methods and acts- this was an opportunity to form a group to share and network with a common goal. I established TINYg within days and used the original attendees in New York as a test bed to understand if there was interest, and soon added other International contacts and the group was born. Three months later our inaugural meeting was held in the glass atrium at Reuters, 3 Times Square, NYC.
How has TINYg grown and who are the members?
TINYg has grown exponentially and has delivered over 50 conferences internationally at locations such as London, New York, Washington DC, Chicago, New England, Singapore and Hong Kong. The membership covers 150 countries and continues to grow virally. It also has established partnerships with other similar organisations such as InfraGard, ASIS and the The Security Institute.
How is TINYg governed?
The group has a board of Directors, and an advisory council in the US, London and Europe. These comprise of industry leaders, academics, senior blue light personnel and government.
What is the ethos behind TINYg events?
TINYg network provides members with essential, timely, relevant and accurate terrorism-related global situational awareness. This allows private and public security professionals to be better informed for their own necessary threat analyses, vulnerability identification, risk mitigation and business continuity measures. The physical events provide a real opportunity to network with peers and understand other points of view, process and protocol – all at no cost to the members. The group remains a ‘not for profit’organisation
What is the focus for TINYg today and going forward?
The group intends to improve and provide its members multiple vehicles for rich information internationally, sector networking and continue securing it position in providing speakers that are thought provoking and highly informative. It also intends to provide further services that individuals or organisations if required
What sets TINYg out from other networking groups?
Firstly, there are some excellent groups that deliver- we are not in competition with them and I applaud them. We also work with many on the occasion that provides value to our membership.
The subject matter tabled at conferences and via the web is always on point and relevant with a range of speakers that are second to none. The organization is respected that provides timely intelligence. The groups value, especially during “real world” events is evident. It is comforting to the membership that the contacts that TINYg has are worldwide and available at any time for assistance and exchange of information. The dedication of the executive board has proven the worth of TINYg- some other organisations have multiple geographical decision making hubs, but TINYg has a joined up International and consistent approach. Furthermore, it remains truly free to all members.
TINYg – Who we are
Whether you’ve been a member of TINYg since its inception in 2006, or have joined more recently, I thought the launch of this newsletter, may offer a great opportunity to remind you, in a little more detail, who we are, what we do and importantly, what we are planning to do in the future.
Who are we?
The group was formed in 2006 following a meeting between Founding Chairman David Evans, then a Police Officer in London’s Metropolitan Police and Professor Kevin Cassidy, at that time Global Chief Security Officer of Reuters. During their discussion, David and Kevin recognised that there was room for substantial improvement in law enforcement liaison and sources of credible, timely and reliable Counter Terrorism information for business, in both London and New York City. As a result they wasted no time in organising the first TINYg conference, which attracted nearly fifty New York City based law enforcement and corporate security professionals. Shortly after this and in response to a request from the members, we introduced the TINYg email Security Alerts.
In 2010 the group’s leadership was supplemented with the arrival of Philip Rogan, Senior Vice President of Corporate Security at Bank of America, Mario Doyle, COO of Doyle Security Services and myself, Andy Williams, as Co-Vice Chairmen. Our roles were to further the reach and develop the strategic aims of the group and take on some of the heavy lifting that hitherto David and Kevin had done alone. By 2012, the group’s membership had reached over 50,000*. Sadly, shortly after this and because of professional pressures on his time, Kevin Cassidy had to step down from the leadership of the group, but his passion, integrity and absolute determination to maintain the principle of free membership will always remain.
Strategically, 2016 was our most important year since formation. Firstly, we established local Advisory Councils in London, New York and New England, comprising of Law enforcement, Emergency service leaders, Corporations, Local government, Academia and Specialist vendors, who were empowered to develop their own local networks, events and resources. Secondly, we recruited our first group Patron, Commander Chris Greany of the City of London Police, who forged even deeper connections with other Police leaders internationally, that we could never have achieved. His retirement from the Police in 2017 and departure as Patron could have been a terrible blow, but with good fortune on our side, Chris agreed to remain as a member of our Advisory Council and was replaced as Patron, by his old boss at the City of London Police, Commissioner Ian Dyson.
In 2020, the corporate structure of TINYg changed, with the formation of a Company Limited by Guarantee, registered in England called TINYg (Global Information Network) Ltd. This model of company cannot have shareholders, therefore in support of our policy of transparency and not for profit status, we believe this provides the best mechanism of ensuring the independence and openness of the group and prevents any risk of commercialisation, which would be entirely against the spirit in which it was established.
What do we do?
Our core objective has never changed. We seek to provide a network for law enforcement, business, academia and individuals to collaborate, share ideas, information and best practice. Membership is and always will be free of charge, ensuring that nobody is excluded from membership on the basis of cost. That’s not to say that membership is freely available to everyone. Each application to join is scrutinised, to ensure that we protect the group and its members from those who may wish to do us harm, or to misuse membership of the group for their own aims. Fortunately, very few have to be rejected and 2019 was our busiest year ever with more new members, more email alerts and more events than ever before. Funding for the group has been solely derived from those incredibly generous sponsors and supporters, who donate cash to cover our operating costs, which include our IT infrastructure, event fees which include flights and accommodation, hire of facilities, catering, AV, printing, website updates etc. But every member of the TINYg team is a volunteer, who gives their time freely and willingly to support the aims of the group, this allows us to maintain our immutable pledge, that membership will always be free of charge.
The Covid-19 pandemic has taught us all that life can suddenly change very drastically and that we cannot take anybody or anything for granted. As such, very shortly we will be introducing additional offerings to our members, which will reduce our total reliance on the generosity of our sponsors and supporters and enable us to be more self sufficient. The following are the first of several new offerings: –
- Corporate Risk Crisis Leadership training in conjunction with Deltar Training Services
- Cyber Security Diplomas in conjunction with the Global Cyber Academy
- Digital Behaviour Assessment and exercising with The Cyberfish Company
- A panel of international counter terrorism expert consultants, available 24/7 to support any organisation with the development of counter terrorism strategies, responses and C-suite level support.
We are also developing the following sector specific working groups. If you are interested in leading or joining one of these groups, or finding out more, please drop us a line at email@example.com
- Public Space Protection
- Financial Services
- Legal Profession
- Education and Academia
- Hotels and Hospitality
- Travel and Transportation
- Emerging Technologies
- Sports and Leisure
TINYg now has members in over 150 countries. We have issued more than 250,000 email security alerts, have held over fifty free to attend events and conferences and with the assistance of New York University, have held the first of many webinars. Our focus on Counter Terrorism and associated criminality and vast network of Counter Terrorism experts, means that we are ideally placed to support every civilian and law enforcement organisation. The best way for us to assist more organisations is to recruit new members. Please encourage as many colleagues and contacts as possible to join. Joining is easy atwww.tinyg.info/join
On behalf of the entire leadership team, I would like to thank you for your continued membership and support of the group. Please do not hesitate to contact us we any suggestions for speakers, venues or if you’d like to support the group by undertaking one of our volunteer roles or sponsoring the group. We can be contacted at firstname.lastname@example.org
I am delighted to make this contribution to the first TINYg newsletter. I hope you find the content interesting, thought provoking and helpful as each one of us adapts to a very different world to the one we were living in just six months ago.
Whilst life as we know it may have changed almost beyond recognition, the terrorist threat is ever-present. Just as we all have adapted to life with coronavirus, so will terrorists.
In the UK, the greatest threat remains lone actors acting independently of groups – this is the case for both right wing and Islamist terrorism. During the pandemic, we have seen right wing groups and Islamist groups, such as Daesh, change their rhetoric to try to exploit coronavirus. All groups are increasing their production of propaganda and disinformation to try and exacerbate hate crime and community tensions.
That is why UK Counter Terrorism Policing’s motto – communities defeat terrorism – has never been more important. To tackle this threat requires a whole society approach involving the public, police, local authorities, businesses and the UK intelligence agencies. Police in the UK continue to work alongside key security partners, and in April, MI5 formally took the lead intelligence role on right wing terrorism – the largest new addition to their responsibilities since 2007.
The global pandemic has posed another challenge here in the UK – the removal of the safety net that schools, colleges and social workers provide for young and vulnerable people. The combination of a reduction in protection and support available and terrorists exploiting the circumstances is creating an environment where a small number of vulnerable people are more likely to be drawn towards terrorist activity.
Since lockdown measures were introduced, we have seen a significant decline in referrals to Prevent – the UK government’s strategy to safeguard and support those most at risk of radicalisation.
We are working to support parents, friends and family to be aware of what young or vulnerable people in their care are looking at online – and most importantly what they can do to help if they’re worried someone they know is being radicalised.
As lockdown measures around the world are eased and our towns and cities become busier again, it is vital that we enable more people to be aware that the terrorist threat has not gone away and help them to gain an understanding of what to do if they see suspicious activity.
During the pandemic, UK Counter Terrorism Policing appealed to the public to use their time at home to take part in the Action Counters Terrorism (ACT) e-learning course. Almost 70,000 individuals signed up to be CT Citizens, taking the total number of people who have signed up to the course since it was launched two years ago to half a million. Find out how to become a CT Citizen here. This is a real asset to the police and reinforces the message that communities defeat terrorism.
Since March 2017, UK Counter Terrorism Policing and UK Intelligence Services have stopped 25 attacks. In 2019, there were 280 terrorism-related arrests and 46 people were convicted of terrorist offences.
Whilst it is right that UK policing should be proud of the role it is playing in disrupting the activities of those who seek to cause harm, we cannot be complacent. The global pandemic and other geopolitical developments across the world will continue to present new challenges and it will be up to the entire global security community to adapt and work together to respond to these.
Commissioner Ian Dyson
City of London Police and TINYg Group Patron
The ‘New Normal’: What does the future look like for data and conversational information protection?
Covid-19 is one of those, thankfully rare, global events which is affecting the whole security threat landscape. Threats to digital, physical and information security have all increased and are evolving as countries navigate the pandemic on their own timelines, but with the interconnectedness of our economies and commercial activities we all feel the impact at broadly similar times.
As a result of the lockdown, we are all navigating the ‘new normal’; whether this is a change in our own personal working practices, implementing new routines within our own organisations, or looking to adapt our services to what we foresee the future looking like. From a security perspective, we need to be looking at our risk assessments, methodologies and processes so that they are in line not only with the current needs and demands of our respective organisations but also how they can be adapted to provide efficiencies in the wake of likely economic fluctuation. By considering efficiencies in working practices, time and expenditure, we can be ready to embrace the opportunities the current situation is bringing. So, what will be ultimately driving these opportunities and how will this impact data and conversational information protection?
One of the key change instigators is the huge increase in remote working. For those organisations who weren’t already set up for remote working or hadn’t prepared a response as part of a business continuity plan, the forced and rushed shift to fully remote working may well have resulted in an inadequate consideration of the threats to information confidentiality. Various research studies have been released over recent weeks highlighting the poor IT working practices of home workers, such as one by CyberArk which found that 60% are using their own devices to access corporate systems, 59% insecurely save passwords on their devices and 21% allow other members of their household to use their corporate IT devices. Guidance from respected bodies such as NCSC is available to help organisations to ensure their remote workers can work from home securely, encompassing advice on video conferencing software (surely we’ve all now read the concerns around some well-known solutions?) data storage, file sharing and more.
However, with many companies now signalling a move to complete or increased remote working in the long-term such as Google and Facebook, there is now the need to consider how best to both maintain a high level of alert by employees and also train them on the new threats which emerge. As the timeline of the pandemic has developed, the threat of malicious cyber activity has increased exponentially with attackers exploiting Covid-19 as a means of gaining access to information and financially scamming businesses and individuals. This has led to a national awareness campaign by NCSC and even joint guidance issued by NCSC and CISA highlighting the different methods they’ve seen used by fraudsters. Arguably then there is a significant need to support our colleagues with security training and security awareness briefings to ensure the integrity and safekeeping of information, particularly given research findings from the Information Commissioners Office in 2018 which demonstrated that 88% of data breaches were a result of human error.
With the move to more increased remote working, security professionals also need to review home offices for the level of protection they offer to confidential conversations as they would do for secure office spaces such as boardrooms. With more C-suite executives working from home, conversations on highly sensitive topics such as restructures and mergers have now moved to home offices which are arguably more open to attack. At Esoteric we predict far greater demand for private residence TSCM survey and related projects over the coming months as the eavesdropping threat analysis extends to the home environment.
For those organisations navigating a return to the office and then offering a more agile working environment, there are new considerations for assuring the integrity of the office space. Working in the field of counter-espionage and the threat of eavesdropping, we recognise the threat posed to empty office space during the period of lockdown by the adversary who sees the opportunity to plant listening devices to be activated once a return has taken place. Security officers can help to mitigate this risk by restricting access, keeping logs, accompanying visitors, applying security seals to entrances to sensitive areas such as server rooms, and even conducting searches for quick plant devices. CPNI has released some detailed guidance on physical security protocols.
The significant threat posed by Covid-19 is the greater economic uncertainty. We’ve seen during previous times of economic uncertainty that as confidence decreases and unemployment rises, the risk posed by the insider threat grows. With a risk of redundancy or a fear over job security in the future, those with access to sensitive information are more likely to steal confidential data. With a 2020 study by Securonix citing ‘flight risk’ as the reason for 60% of insider threat cases, we can predict this will pose a greater risk as the economic downturn plays out.
This article has been contributed by Esoteric Ltd, world-leading experts in counter-espionage and technical surveillance countermeasures (TSCM). Esoteric has released a range of free content guides focused on Covid-19 and specific impacts on information security, available here.
The Skills Overlap…Counter Terror Training, Pandemics and Education for Safety!!
by Laurence D Freeman MLITT (Terrorism), BScHons, CPP, AMBCI
When the Government made their move to the next stage from a lockdown, in March, to ‘Stay Alert!’ it was criticised in many quarters as confusing. I believe that most people in the security industries weren’t confused by this due to the fact that we are used to assessing risk and understood what was now required. The government were asking people to make dynamic risk assessments throughout their daily lives and, using advice given, to minimise the danger of infection.
For the past few years we have advocated the teaching of dynamic risk assessment to assist in surviving a terror attack. It has been a major part of training for media crews who are attending potentially dangerous areas, HEAT (Hostile Environment Awareness Training) courses, and since the threat that used to only be in far off lands came to our backyards it is even more applicable for the avoidance or survival from danger, which is why we have advocated it’s teaching to everyone.
We are not always in a location where there is a plan to abide by, and even if there is a plan there needs to be a degree of free (educated) thought. We look for easy answers to counter every potential adverse event and this is sometimes not possible, but we must look for something that will put us in the best position possible to make the right decision. We cannot learn a thousand different responses, to cater for every possibility, and must look for something generic; learning ‘how to think’ rather than ‘what to think’!
We have come to accept that terrorism now happens at any geographic location that we can picture and can be in many forms. In a news report in December 2018, after an exercise concerning the heightened threat of a chlorine attack on the London underground it was stated ‘A security source involved in the exercise said: ‘The chlorine vapour would be very localised and would last a few minutes before it evaporated. While fatal, the stampede to get out of the Tube station would cost far more lives than the chemical.’ (1) This is where ‘run, hide, tell’ fails as a response on its own but with a knowledge of dynamic risk assessment individuals are more likely to make better choices. I am not saying that teaching what to do is wrong…but we are neglecting our duty of care if we don’t also teach people why they are doing something and how to make the best decision as to what to do…’how to think!’ This will reduce death and injury from ‘THE PANIC EFFECT’, which must be considered. This is beyond just teaching for the terrorist attack, which may never happen, but is something that can be taught to people in all settings and children in schools to prepare them to avoid dangers without scaring or over-egging the likelihoods of any one particular adverse event. If everyone understands how to identify danger, and then what to look for, then maybe many accidents would be avoided, and children would be able to assess situations and prevent some adverse events, such as knife crimes on housing estates.
There are limitless numbers of variables as to what adverse events can happen in life, whether these be created or natural occurrences, and so we need to prepare people by not only concentrating on what the individual should think, but on how the individual should think (especially if no ‘what to think’ has been given). If we can prepare people to think for themselves then it gives the individual greater power in decision making, and thus greater survivability.
I have no arguments with the advice ‘Run Hide Tell’ or ‘Run Hide Fight’, (in their respective locations); or whether we should fight if we consider ourselves in an advantageous position or severely subordinate position. But I consider this advisory to be purely for if directly caught up in a marauding attack. What do we as individuals do when a bomb explodes at a concert or a football match, when chemicals are released on the tube system? Current advice, without a dynamic assessment, could lead individuals into greater danger!! Just telling people to ‘run’ or ‘hide’ without giving them a more comprehensive thought process is lazy, and we are certainly beyond this.
If used in all situations, without a dynamic risk assessment model, ‘Run. Hide. Tell (Fight)’ can be a panic response and will potentially injure/kill more people in the ensuing crush if used in the wrong environment, and no other immediate response advice is offered; see the Manchester Arena attack in 2017, Turin Champions League Fan-zone 2017, and many other locations of gatherings of people.
We needed a generic thought process that works along-side response plans, that may already be in place, to give individuals a greater chance of surviving an adverse event. There are too many variables where adverse events are concerned to have a different plan to adhere to for each event, but to have a thought process that works in any situation; which is simple, relevant and easy to remember, advancing safety and duty of care, and not increasing liability should be the aim! The strategist William S. Lind (author of the Manoeuvre Warfare Handbook), an advocate of USAF Colonel and military strategist John Boyd’s OODA loop cycle of response, also believes that we should look at “how” to think, instead of teaching just “what” to think, seeing the importance in education to be the ability to think logically, and to problem solve methodically, without a predetermined set of solutions. He argued that students should be taught to make quick decisions through a coherent, logical thought process while under pressure! (2) Surely, this is what we want an individual to do when faced with any adverse event!!
I had looked at the OODA Loop (Observe, Assess (Orient), Decide, Act) and considered this a good baseline for general decision making. This model explains how agility of thought and process can overcome raw power through response repetition to break enemy response cohesion. I had previously looked at active shooter response models in the US, such as ALICE and ONE and I looked at my own life experiences of emergency operational response:
As a Royal Marine Commando if attacked; taking cover, locating the enemy (the threat), identifying safer routes and locations, making a plan from information gleaned and eliminating the threat!
As a Police Officer in a dangerous situation; making assessments of the threat, assessing where your safest locations and routes to them were, and planning on how to deal with the situation!
On many security and safety courses, for example first-aid courses, the initial action is assessing threats to your own safety and locating safer areas and routes to them, before making a medical plan and approaching any injured persons.
As a human, an animal, we are survivors. We measure up threats, vulnerabilities and risks in most actions that we perform, to varying degrees. Consider breaking down the relatively simple process of walking across a road!!! (locate the threat, identify safe locations and safe routes, focus on plan but keep looking and listening for other threats [re-evaluate if required], and escape)
‘LIFE Principles’ are simple. This is basic survival. The honing of a dynamic risk assessment skill we already possess, with reasoned thought behind the steps you should naturally take in simple, complex or high-stress situations
‘L.I.F.E. Principles’ dynamic risk assessment thought process model
Look around and use all of your senses to locate threats to your safety…..attackers, roof collapse, gas leaks, electric cabling, chemical spills, (persons who may be carrying a virus), etc. (this is not necessarily the threat that has caused the incident, but the threats now facing the individual)
Use available cover from view and assault.
Consider that routes and exits may present greater dangers, through potential crushing or secondary attack.
Identify potential exits and safer locations, and the routes to these. If you already know where your escape routes are time will be saved when you need them.
Persons should be aware of all potential exit points.
Do not necessarily follow the crowd or be involved in a stampede or crushing situation if it can be avoided. If you know of several exits, it may be you who avoid the crush and avoid the secondary attack on an evacuating crowd from a second, third or fourth suicide bomber!!
If you are able, and can do so without putting your own safety at risk, assist others.
Focus on a clear plan to move away from identified dangers which may put you at harm, via
routes and exits you have identified, or find the safest location available until the opportunity arises to do so.
Think about staying put if this is the considered the safest place. (if you don’t know what you are running into and you don’t need to run, then don’t run there!!)
Use an educated survival instinct (not just a ‘flight’ instinct), taking into account all the prior knowledge you have, and everything picked up by your senses and judgement!
Re-evaluate your response with continual assessment required as fresh information comes to you!
Escape to a place of safety as soon as possible (this may mean staying where you are, if you consider this to be the safest place available at that time). This may save you from crushing or a secondary device targeted at the largest group of escapees.
Continually re-evaluate until this opportunity can be taken.
Everyone should be aware of basic dynamic risk assessment, and thus reduce panic response. I believe that it is important to not teach anything which conflicts with government guidance, and I believe that this dynamic risk assessment model works alongside ‘Run-Hide-Tell’ (as an addition to it). It is a model made to be memorable and suit any adverse event, not just a marauding attack! If you have plans, that’s great!…having educated people respond is even better, and if you don’t have plans but have educated people then at least their response will consider options.
At the Champions League 2017 Final in the Turin Fan Zone there was a crushing incident after a fire-cracker was let off and the crowd ran. There were over 1000 casualties/ 8 critical (including an 8 year old boy) and one death.
In the Las Vegas Mandalay Bay shooting incident in October 2017, there were 59 fatalities and over 851 injured (910 casualties in total)…..only 422 out of this were from gunshot wounds, with more than half injured or killed by other means in the panic.
In the UK, the partial IED explosion in September 2017 on the Parsons Green tube train created 23 burn injuries, with 28 others injured in the ensuing stampede. Dynamic risk assessment helps in reducing a panic response!!!
Dynamic assessment can be made in a split second…obviously the longer you have to assess a situation, the more factors you will assess and the more accurate your assessment may be….but teaching people how to think instead of what to think breeds a more natural response, and doesn’t mean learning many plans for many eventualities.
The US military continues to make studies on 6th sense survival which has saved soldiers’ lives in conflicts, showing that assessments are potentially made before we even realise that we are making them, and this further increases the significance of dynamic risk assessment.
When you are taking your measures during the current pandemic and ‘Staying Alert’ at the local supermarket, put into practice the LIFE Principles. Identify threats, locate safer locations and routes to them, focus on your plan but continually evaluate, and escape the situation!
Laurence D Freeman MLITT (Terrorism), BScHons, CPP, AMBCI
1 – Jamie Schwandt, ‘Why we should stop teaching Clausewitz’ 27/2/19
2 – Mark Nicol, Mail on Sunday, 8/12/18
There is a danger that during or immediately following an incident that we forget other risks that could have an impact upon us. If a risk survey was conducted now I would make a presumption that two of the top risks identified would be pandemic or economic crisis, this is by no means a criticism as this would be fresh in our heads due to the current pandemic issue we are all currently involved with in one way or another. Whilst we are focused on what is directly effecting us at this present time and looking down the tunnel to see if the end is in site, there is a danger of not seeing the peripheral.
There is still a terrorist threat in the UK, the current threat level since November 2019 is substantial, this means an attack is a strong possibility. It is important to remember that since this model started to be used in 2006 the threat has never been rated lower than this, although it has risen on a number of occasions over the past 15 years. Over the past decade there have been multiple terror related attacks in the UK, and several methods were used, these included the use of knives, vehicles, guns and explosive devices, and on several occasions more than one of these methods was used in the same attack. A certain level of planning would have clearly taken place for each of the attacks.
The current restrictions we are under are slowly being lifted in phases across the UK, could this lead to potential targets for a terrorist attack? Over the years the security services have rightly identified public spaces as an ideal target for terrorist attacks, the last decade has seen attacks take place on roads, arenas, transport hubs, bridges and a grocery shop. whilst social distancing restrictions are currently in place and are stopping large groups of people forming at transport hubs, shopping centres and sporting events (just to name a few) there are however still locations where there will be multiple people at once. We have all seen the queues outside supermarkets recently, this could potentially soon occur at other retail outlets from mid-June onwards, although it is doubtful they will be as long as the initial queues we faced earlier in the year.
Whilst the country’s security services are aware of the terrorism threat, and whilst emergency services such as the City of London Police are risk assessing areas within their boundary lines, other sectors should also have plans in place should an attack occur. The first level of planning should be a basic awareness of the current threat, this could be covered with;
Action Counters Terrorism (ACT), this online training/awareness course is ideal for highlighting the current threat, it is not just aimed at those that work in the security industry, but suitable for all.
Threat presentations, delivered by security professionals, they would give information on the current threat and may tailor the presentation to their audience.
Training, some companies may deliver training to their staff on the terrorist threat, modules may include hostile recon, lockdown procedures, escalation procedures and actions upon receiving a telephone bomb threat.
The three options listed are just examples and by no means an exhaustive list.
Many companies may go further than just awareness and have detailed emergency procedures in place, these could include emergency response, escalation and business continuity plans. It is good to have these plans, but the one thing all plans need is validation. You need to ensure they are fit for purpose and are adaptable, validation can include document reviews, but my favoured method is testing and exercising, table top exercise are a good way to test your response to a major incident and should involve staff from all levels of the company.