We often cling to a false sense of security through denial. The phrases mentioned above frequently resurface in these contexts. However, it’s critical to understand that neither terrorist attacks nor active shooter events are tied to targets that are “worthwhile” in a conventional sense. In a terrorist act, the goal is to spread fear and insecurity, while in an active shooter scenario, strong personal motives and emotions are often at play.
The Location Could Be Anywhere
As the motivations reveal, the crime scene can be entirely random. While active shooter events were once largely associated with the United States, recent trends suggest otherwise. This phenomenon has firmly established itself in Germany. Since 1999, 13 incidents have been classified as active shooter events by German security authorities, resulting in 62 fatalities. It’s neither unrealistic nor alarmist to acknowledge that such events could occur here as well.
Expand the Risk Portfolio
Most organizations are well-prepared for standard scenarios: fire, explosions, hazardous material spills, severe weather, or IT and personnel outages. Particularly in manufacturing industries, these scenarios are often anticipated and rehearsed. In other areas, bomb threats or suspicious objects/packages are also covered. However, active shooter and terrorist attack scenarios are rarely examined in depth within organizations.
Playing the Odds
Companies typically focus their risk assessments on production downtime or technical disruptions. This makes sense given the potential impact and likelihood. Within corporate security, there’s a guiding principle: not everything that is possible is probable. This logic, however, doesn’t justify completely ignoring the threat of active shooter and terrorist events. Often, risk evaluations conclude that these scenarios don’t require further consideration, which is a conscious decision during the risk assessment process.
While recent events have heightened awareness of these exceptional situations, some of the conclusions drawn are alarming for security consultants. A common response to an active shooter scenario is, “We’ll just trigger the evacuation alarm.” This response shows a lack of understanding regarding the motivation and psyche of the attacker, as well as the event itself. Encouraging people to flee directly into harm’s way could amplify the threat—this is clearly a flawed strategy.
Key Differentiator: Motivation
The motivation behind an attack is crucial. For emergency management in an organization, however, it makes no difference whether the attacker is driven by personal or political motives—aside from early detection as part of workplace threat management. Additionally, a blend of motivations has been observed in recent incidents: personal violence is often ideologically justified. Whether a single perpetrator randomly or purposefully threatens, injures, or kills people, or whether multiple perpetrators act together, the execution of such acts is often strikingly similar.
Rule 1: Stay Away from the Attacker!
An “active shooter event” differs significantly from other emergency scenarios, like evacuation during a fire alarm. As mentioned earlier, directing more people into the attacker’s range would be disastrous. The most critical principle is: stay away from the attacker—do not present additional targets!
In the United States, the “Run – Hide – Fight” strategy is used. Similar recommendations exist in Germany and other European countries, such as “Escape – Barricade – Defend.” The expert commission investigating the Winnenden school shooting (March 2009, 16 fatalities) concluded:
“In active shooter and other violent situations, it is crucial to provide early and clear information to promote optimal behavior among those at risk. Unlike other emergencies, such as fire, the recommendation for active shooter situations is: Lock yourself in and barricade. Escape is recommended only as a last resort.”
— Experts Commission on Active Shooters, Baden-Württemberg
Information is Key
These findings remain consistent with response strategies in other European countries. France, the UK, Switzerland—despite slight differences, the core principles remain the same. They emphasize one critical aspect of emergency management: early and clear communication to inform potentially endangered individuals. This requires not only technical alarm capabilities but also proper training for employees on how to respond.
Effective behavioral recommendations include:
- Avoid direct confrontation unless absolutely necessary.
- Focus on removing yourself from danger zones or barricading.
- Understand that self-defense carries significant risks but may be necessary in dire situations.
While the concept of “defend” often stirs controversy—especially when excluded from corporate training citing “company culture”—recent incidents in Germany and France indirectly support the conclusions of the Winnenden commission:
“Attackers are driven by an absolute will to kill; they destroy until exhaustion, planned suicide, or police intervention. They rarely surrender voluntarily. Any delay gives the attacker more opportunity to kill.”
— Experts Commission on Active Shooters, Baden-Württemberg
This must not be sugarcoated: engaging with an armed and determined attacker without proper training is exceedingly risky. The reality of such encounters is starkly different from the heroics often portrayed in movies. However, when no other option remains, rejecting self-defense on ethical grounds in an unethical situation doesn’t make sense. As Major General Christian Trull of the German Armed Forces once said:
“We share the heavy knowledge that humanity and human dignity can be violated, and that preventing such violations may depend on force. Force for good, yes, but still force.”
