corporations have been increasingly targeted for terrorist activities. Part of the reason for this, is because the traditional targets such as: military and government facilities have become difficult to conduct a successful attack against. As a result, terrorists have begun to focus more of their efforts on attacking various corporate interests. Where, the security is less and the odds are high of being able to inflict enough casualties as well as collateral damage, to create the same psychological impact. This is important, because it shows how terrorist organizations are increasingly changing their focus. Therefore, corporate interests need to be able to adjust to these changes, to avoid the negative impact that this kind of incident could have.
In the case of Host Marriot, they are wrestling with a number of unique challenges. As they are known for being a popular hotel for: tourists, business people and government dignitaries. At the same time, same their lack security procedures and large number of properties around the world have made them one of the primary targets for terrorist organizations. A good example of this can be seen with the 2008 attack of Marriot hotel in Islamabad, Pakistan. What happened was an Al Qaeda linked organization claimed responsibility for detonating a truck bomb. This would level the five story building and it would cause a nearby gas main to erupt in flames. Where, the attack would highlight the vulnerability of the facility, from a lack of proper security (i.e. concrete barriers and other safety measures). (“Deadly Bomb Blast Targets Marriot Hotel,” 2008) This is important, because it shows the underlying challenges associated with, trying to protect the different properties from these kinds of incidents. As a result, Host Marriot needs to create an Incident Response Plan for these types of situations. To achieve this objective means that the plan must examine an opening scenario of such incidents and address all of the underlying challenges from this situation. Together, these different elements will provide the greatest insights, as to how the company can create an effective Incident Response Plan that will adjust to the different challenges they are facing.
Don't use plagiarized sources. Get Your Custom Essay on
Popular hotel for tourists, business people
Just from $13/Page
Opening Scenario of a Possible Incident
The most likely situation that would be taking place is a similar kind of attack that occurred at the property in Pakistan in 2008 or there could be a Mumbai style attack. In the case of the Mumbai type of assault, terrorists could use: explosives, grenades and automatic weapons to size a number of popular tourist destinations. This would create a hostage situation resulting in: police and Special Forces units raiding the facilities where the terrorists were located (effectively ending the standoff). This is important, because if either one of these kind of attacks were to take place, it could expose the company to public relations disaster about security (for a host of different facilities). Once this took place, it would mean that many different guests would think twice about reserving any kind of rooms or conferences at the facilities. This could have negative impact upon earnings and the overall reputation the company has built with its cliental. (“Mumbai Terrorist Attacks,” 2010)
When you step back and analyze this incident, it is clear that it is highlighting a number of different weaknesses at a host of different facilities around the world. At which point, the odds increase dramatically that terrorists will begin to target various hotels (in strategic locations). Part of the reason for this, is because they believe that these kinds of attacks could bring them the same type of exposure that took place with other high profile incidents (such as the Mumbai incident). Therefore, Marriot could become a target of opportunity for terrorist cells that want to create major disruptions and increase their exposure. This is significant, because it shows how the company needs to be utilizing ideas and strategies that have the flexibility to addresses these issues. While at the same time, it must be able to provide a basic foundation that can be augmented to specific security concerns in the region. Once this takes place, it means that the different facilities will be prepared against these kinds of situations (reducing the chances of terrorists successfully targeting various properties).
The Incident Response Plan for Host Marriot
To prevent the situation from spiraling out of control during the possible discovery of: suspicious activity requires creating plan that will specifically identify the different roles and responsibilities. This is important, because it will tell all personnel what to do in the event that these kinds of situations begin to take place. Once everyone has been properly trained, this kind of procedure could increase the number of eyes monitoring a facility for any kind of suspicious activity. At which point, the odds decrease of that the incident will spiral out of control, as this strategy will be able to manage a number of different elements.
As a result, a variety factors must be taken into consideration as part of any kind of Incident Response Plan to include: discovery, reporting the incident, coordinating with law enforcement, evaluating what took place, making adjustments and testing. These various elements are important, because they will provide everyone with a basic foundation about what to do. At the same time, it helps all staff members to understand how they can make a difference in improving site security.
Discovery
The discovery period is when someone on the staff or guest is reporting a suspicious incident that is occurring. In this case, the person who sees what is taking place will immediately notify security of possible breaches that are taking place. While simultaneously, recording the incident and any individuals involved on the various CCTV cameras located throughout the property. At which point, the will immediately report the incident that was taking place to the proper authorities (i.e. law enforcement and hotel security). This is important, because being able to identify any kind of suspicious activity will help to prevent a repeat of previous incidents (as terrorist will often scout a target in advance of an actual attack). Once this takes place, it means that the odds decrease of the property being successfully targeted by these organizations. A good example of this can be seen with the foiled Time Square Bombing in 2010. What happened was an observant vendor noticed an SUV smoking, with its emergency lights on. Realizing that something was out of the ordinary, the vendor would call the police (who were able to dismantle the bomb before it exploded). (“Times Square Bomb Scare,” 2010) This is significant, because it shows how the discovery period is when personnel have the greatest chances of preventing an attack, by being observant over what is taking place. In the case of Host Marriot, this incident should serve as an example of how the company can improve monitoring of its different facilities.
Reporting the Incident
Briefly we touched on how once an incident has been discovered, it needs to be reported to the proper authorities. This is vital, because once a report is received security and law enforcement officials may only have a few minutes to address the issue. As a result, anything that could be seen as out of the ordinary; needs to be reported immediately to hotel security. They will then coordinate these different efforts together with law enforcement and first responders to prevent the situation from spiraling out of control. This is important, because it shows how in these kinds of situations time is one of the most important elements. Therefore, everyone will play a major role in helping to prevent these incidents. As the observations of different staff members will have an impact upon the security at a facility, due to the fact that they know what is out of the ordinary. Once everyone begins to embrace this principal, it will provide additional eyes and ears, by identifying as well responding to potential threats early. At which point, they can be mitigated by, being reported to the proper authorities in a timely manner.
Coordinating with Law Enforcement
Next, the facility must coordinate with law enforcement, to ensure that any kind of potential threat is neutralized. To achieve this objective, means that the company must have good communication and a working relationship with the various government agencies. In this case, this means that security / manages must work with local officials to improve monitoring and the response times. As a result, some kind of onsite security coordinator must be available at all times, to monitor and isolate any kind of possible threats to the facility. For example, let’s say that reports are coming in of a suspicious van that has been parked in front of the facility during unusual times. Security official have contacted these individuals, but this van continues to engage in the same kind of activities. The minute that additional reports of this vehicle begin to come in, is the point that security needs to be coordinating with law enforcement. In this situation, this means that this could involve: having police talk to the owners of the van and let them know (in no uncertain terms), that they should not continue to engage in this activity. This is important, because while this incident maybe nothing, the reality is that this could be something far more serious. Where, the suspicious van could be serving as dry run for a possible attack that could be taking place. When you have law enforcement involved in this aspect of the strategy, it will prevent the situation from spiraling out of control. This is accomplished by limiting the overall amounts of access that the public will have to certain areas of the property. Once this occurs, it means that the odds improve dramatically of being able to prevent these kinds of situations for taking place, by improving coordination with law enforcement.
Evaluating the Event
The next step is to evaluate the incident and its impact upon the facility. In this case, mangers and security personnel would need to look at the effectiveness of the Incident Response Plan. Where, they will go over the event that took place to look for: possible weaknesses and areas that need improvement. In this part of the strategy, there would be a thorough security review of the event from the very beginning. As executives will look at: the video surveillance tapes, the security logs, they would interview different personnel, evaluate the incident and determine how security could be improved. This is important, because learning from these kinds of weaknesses will help to expand the Incident Response Plan. For example, after an incident has taken place, both executives and security personnel will look at everything surrounding the event. After conducting a detailed analysis, they determine that there needs to be more controlled access to certain areas of the facility (such as: service vehicles being able to sit for long periods of time, near key support structures). This is significant, because during the process, investigators were able to determine a major security breach that could be exploited for a possible terrorist attack. At which point, they can begin limiting access by requiring all service vehicles to receive clearance before making any kind of deliveries. While simultaneously, they could begin to place certain barriers in strategic locations, to improve security even more (such as: concrete barriers to thwart possible car / truck bombings). Once this occurs, it will improve the security at the site, as there is an emphasis on learning from and reducing possible threats as much as possible. This is significant, because it is showing how an effective evaluation of all incidents, will help the response plan to adjust to the changing nature of the threats that they are facing. As a result, one could argue that this is a key element in preventing these incidents as much as possible.
Making Adjustments
Making adjustments is when the security personnel and managers will follow up to ensure that everyone understands what changes need to take place. In this part of the strategy, officials would be actively monitoring the activities of the staff, to see how well they are adapting to the new changes. This is important, because in order for the plan to be effective, the staff needs to be able to understand that they have to improve their monitoring and vigilance. At the same time, they must take a zero tolerance attitude for exceptions to any kind of changes. For example, an incident involving a strange van (that turned out to be nothing), could cause some staff members to think that security officers are paranoid. At which point, they will let the different vehicles and personnel they are familiar with, to continue with the same kind of actions (despite the fact that new security procedures are in place). This could involve something as simple as an employee allowing a service vehicle in key areas of the facility without authorization. As they believe: that they know these individuals and that they are not any kind of possible threat that could be occurring. This is problematic, because over the course of time, these actions are not addressing the obvious security breaches that are taking place. Instead, it is keeping the old policy in force, with employees looking other way for certain organizations. At which point, terrorists can use this weakness to quietly infiltrate a facility and conduct a possible assault.
Evidence of this can be seen by looking no further than the 1972 Munich Olympics. What happened was members of the terrorist groups Black Monday, were able to disguise themselves as athletes. This helped them to gain access to the Olympic Village and the dormitory housing the Israeli Olympic team. At which point, a hostage standoff would occur, resulting in the death of the athletes. (Bard, 2011) This is important, because it showing how the different security improvements must be embraced by everyone. Otherwise, it is only a matter of time until this weakness could be exploited to conduct a possible assault on the property.
Testing
Testing is when you are seeing if the Incident Response Plan can address the security challenges facing a facility. In this case, once everyone has been practicing in the new procedures (on a regular basis) and some time has went by, is the point that you can determine if the plan would be effective. In this case, you would wait several months for everyone to become use to the procedures and for no major incidents to be reported. This will help to lull everyone into a false sense of security about what is occurring. At which point, you can be able to see the real time effects that the strategy would have over the long-term. What you would want to do is have the different security protocols face unannounced tests. Where, outside individuals will attempt to go through and circumvent the different security procedures. The idea is to create a real world situation for a possible attack. As the different personnel and procedures will be tested for their ability, to prevent these individuals from having access to the facility. In the event that the procedures work as planned, executives could then discuss with managers the effectiveness of the current strategy. At which point, they could retest these different protocols in the future. This is important, because it would help to determine how effective the personnel are at preventing breaches from occurring.
However, in the event that an area is penetrated, there needs to be a focus on what mistakes were made by the staff members and how this can be improved. Where, you would want to examine the way that this breech occurred and how to mitigate it. This could include everything from: retraining the staff in the implementation of these new procedures, which can prevent these kinds of incidents from occurring. This is important, because this part of the strategy will tell you the biggest weaknesses facing a facility and how they can be exploited. At which point, you can address these issues, helping to prevent a major terrorist attack from taking place.
When you step back and analyze the Incident Response Plan, it is clear that it will provide a basic foundation for all of the different Marriot Hotels around the world. At the same time, it has enough flexibility to allow each facility to adjust this plan to the unique threats that they are facing. These different elements are important, because they are helping the company be able to adjust to the underlying changes, while monitoring for possible weakness. At which point, the odd decrease of terrorists being able to: successful target a facility. However, it is important to note, that in order for any kind of Incident Response Plan to be effective, means that there must be continuous training and the ability to adjust to the changing nature of the threats. These two factors will help to improve security’s ability to adapt to the different threats that they are facing. For example, prior to the Mumbai assault in 2008, most terrorist organizations were often focused on car bombings. The reason why, is because they could inflict large amounts of damage and increase the visibility of their organization (as this would help to spread fear as well as panic). Once the Mumbai incident occurred, this changed the overall nature of the threat that corporations were facing. Where, they would have to wrestle with the possibility of: car bombings and military style attacks on their facilities. This is important, because it showing how the strategy must be able to adjust to the changing nature of threats that are being faced. As a result, the Incident Response Plan must be taking these new tactics into account. This is because the incident in Mumbai; would create the same kind of effect as a car bombing. The only difference is that it would be drawn out over a series of days and it involves having Special Forces units ending the incident. As a result, one could argue that the Incident Response Plan needs to take these different changes into account, in order to prevent Marriot’s facilities from being targeted. In many ways, one could argue that this is one the most challenges, yet critical aspects of the strategy. Therefore, it is imperative that the personnel of Host Marriot understand: these kinds of challenges and the role that they play in preventing these situations. Once this occurs, it means that the odds of seeing any kind of terrorist attack have been reduced significantly. As the terrorists will more than likely target another location (not affiliated with the company). This is because they believe the odds are greater of achieving their objectives at that location. As a result, this is the key for all Incident Response Plans, as their job is to provide clarity on how to tackle these problems.
Clearly, the Incident Response Plan is vital part of the security strategy for all organizations. In the case of Host Marriot, this means that they must use the plan, to prevent possible terrorist attacks from occurring (at a host of different facilities around the world). To achieve this objective means that any kind of strategy must include a number of element such as: discovery, reporting the incident, coordinating with law enforcement, evaluating what took place, making adjustments and testing. These different elements are important, because they will provide a basic security strategy for the company going forward. At the same time, it is helping to: increase the flexibility for each facility and augment these principals with the unique challenges that they will be facing (in a particular region). Once this takes place, this means that the odds of terrorist organizations targeting a particular location will decrease. Part of the reason for this, is because they more than likely will test the site for various vulnerabilities. When you have an effective Incident Response Plan in place, this will prevent these situations. As the terrorists will move on to other targets because the security is to challenging. In many ways, one could argue that this is the purpose of an effective Incident Response Plan, by limiting the ability of terrorists to breach the security of a particular property.
Bibliography
Deadly Bomb Blast Targets Marriot Hotel. (2008). CNN. Retrieved from: http://articles.cnn.com/2008-09-20/world/pakistan.islamabad.marriott.blast_1_vehicle-bomb-explosion-bodies?_s=PM:WORLD
Incident Response Plan. (n.d.). Comptech Doc. Retrieved from: http://www.comptechdoc.org/independent/security/policies/incident-response-example.html
Mumbai Terrorist Attacks. (2010). Mahalo. Retrieved from: http://www.mahalo.com/mumbai-terrorist-attacks/
Times Square Bomb Scare. (2010). CNN. Retrieved from: http://www.comptechdoc.org/independent/security/policies/incident-response-example.html
Bard, M. (2011). The Munich Massacre. Jewish Virtual Library. Retrieved from: http://www.jewishvirtuallibrary.org/jsource/Terrorism/munich.html
