Security risk and the sum of small things

Issue 5 2022 Editor's Choice, Risk Management & Resilience

Even the smallest things can trigger an alert when analysing crime behaviour. A look back, a momentary pause in movement, a change in direction away from a security official are all signs that can be used, together with others to spot a potential target.

If we extend this concept to security, we find that small offences, or security not paying attention to small things, can impact far more extensively than we expect on core operations or the broader context. The broken window theory proposed by Police Commissioner William Bratton in New York has as its basis that fixing small things like broken windows can help manage crime. This is because maintaining an ordered and clean environment sends the signal that the area is monitored and that criminal behaviour is not tolerated.

Conversely, not maintaining or enforcing action sends a signal that the criminal interprets as a vulnerability, or a sign that the criminal has little to fear from a response. The theory has created some discussion and debate and Wikipedia has a good discussion on some of these aspects. For risk purposes, however, I’d like to examine this concept of small things from a few other perspectives.

Small crimes matter

The last year and specifically the last few months has seen an epidemic of small goods theft from supermarkets, grocers, and drug stores or chemists worldwide. Shoplifting has always seemed a somewhat petty crime and the UK police have followed a policy in recent years of not prosecuting such offences under £200. This has probably been due to a combination of reducing the load on police, and a feeling of not wanting to be especially rough on more disadvantaged or poorer members of communities.

Since I have started visiting London some thirty years ago, I’ve found more and more security guards at the entrances to small grocers and supermarkets on the high streets, something that was very seldom noticed all those years ago. It’s not just the UK where reactions to these trends are happening.

I was shocked to see in a CNN article this week that lower priced groceries like Dawn detergent, Old Spice and Colgate are being locked behind glass in cabinets in some retail and drug stores like Walgreens in the US and needing an assistant to retrieve them in order to reduce shoplifting. Items of relatively low value are increasing being tagged for electronic article surveillance across a range of retail establishments around the world.

In an annual survey conducted by the British Retail Consortium, shoplifters cost retailers an estimated £770 million, while the cost of shoplifting and abuse of staff, as well as security measures besides the actual theft is seen to cost retailers £2.5 billion a year according to the Consortium. Walgreens have attributed some shop closures to criminal syndicates and organised shoplifting levels in a cumulative impact of the theft of small things.

The UK Home Office conducted a review of the abuse and physical violence faced by shop staff, which the Sunday Times reported found retailers and shop staff had lost faith in the police and justice system being willing to tackle thefts from stores and other retail premises. In the UK, this has led to calls from government to the police to once again investigate and prosecute offences under £200 in an attempt to control this rampant rise in shoplifting.

Stealing to eat?

The push for police to react to shoplifting offenders is occurring in the context of a tight economy, pressures on income due to global issues, and members of the community finding it difficult to provide for their families with some of the basic essentials. There has been a return of what Dr Sinéad Furey has termed 'stealing to eat' and along with this there are calls of not criminalising people in poverty which most people will probably have sympathy for.

We need to distinguish between those are affected like this, reflected in a scheme in Liverpool being set up to direct shoplifters who have been caught to local food banks and debt advice services, versus those seeking to profit or live more extravagant lifestyles at the expense of others. This difference is probably reflected in the types of items taken, with essentials and food being the choice of those in extreme difficulty as opposed to the typical high value items such as alcohol, razors, and cosmetics which are associated with more professional criminals.

We need to be understanding of those who are in more desperate states, but not everyone who is poor steals, and not all those who steal are poor. Also, members of poorer communities get taken advantage of to steal on behalf of others who are upscaling the level of theft. Increased requirements of protecting grocery store content is seen to go beyond casual shoplifting to organised retail crime with syndicates who steal and resell though black markets or even legitimate online market channels.

Evolving criminal goals

Initially a concern over small thefts, shoplifting is changing in nature and the loss is causing a number of sectors of society to express concerns. It has got to the point where there is a counter reaction to the tolerance to theft which held that 'we can’t do anything about it so let’s just ignore it for now' because of the extent of loss.

From a crime point of view, there are a few dynamics of concern. Shoplifters start gaining a perception that if they can get away with one thing, they can probably get away with others. Thinking potentially shifts from low value items to demand for higher value things, and in some cases, success may lead to greed. Getting away with it will likely cause people to repeat the theft and we often find that people are caught not the first time, but during subsequent thefts.

As those committing the thefts become more professionalised and accustomed to theft, they start looking at testing other high value items or different opportunities within the store or even moving up the supply chain. Criminals start studying the systems and how they work and look for vulnerabilities, and in some cases joining up with syndicates. The removal of staff from key points of the customer process and automating things like checkouts and payment systems have also been opening up opportunities for theft.

Having fewer staff in stores also means fewer visible staff personnel to deter shoplifting. The risk in such incidents can increase not only in the value or volume, but the intensity of events. With a large-scale increase in shoplifting in the UK, the level of abuse or attacks on staff in grocery and supermarkets has also increased in frequency and level of violence. With these comments, I’m trying to illustrate how the theft of small things can build into a critical mass.

Whether it be items on a store shelf, a logistics warehouse, a casino with theft of chips, or a diamond mine, small things can build into a critical mass that impacts on the operation and broader society.

Critical mass in business operations

Similarly, smaller and seemingly unrelated crime related events at the periphery of core business operations may initially seem insignificant, but can impact on major value areas when pertinent enough or when they get to critical mass. This building of critical mass may occur on a gradual scale over time that can eventually create far more serious crime effects and syndicates. Alternatively, they may expose key vulnerabilities or happen at tipping points which spreads and affects a whole system.

The risks an organisation faces usually can be identified in an expanding set of perimeter rings which move further and further away from the core of the business, with a corresponding lower risk as you move away from central critical areas.

An armed robbery, for example, may involve vehicles from surrounding areas moving through certain roads towards a property perimeter, a parking perimeter, a perimeter allowing access into the building, a production area perimeter, through to a collection point for production, and then the executive management offices or the key area where value is stored, such as a vault or safe.

This applies whether the operation is a shopping centre, casino, university, or gold plant. Where there is a weakness at a perimeter or penetration of outer rings, this can lead on to greater penetration of vulnerable or exposed inner rings, and the weakening of security around the core functions. Failure to have the right level of people who are equipped with the appropriate equipment at the periphery, such as searchers or reaction squads, can quickly lead to a major impact at the core. At a nation level, the Taliban’s success in Afghanistan is probably a good example of this in how they rolled over the country at a speed that even surprised themselves.

Small things, big impact

Something that may appear relatively minor in the greater scheme of things and far away from the core can have profound implications over time for the key operation. Carjacking that happens at the intersection of the main road leading past the shopping centre impacts on the way people perceive the safety and risk of the whole shopping centre environment if it repeats. Robberies on people leaving a particular football ground or music concert venue after the show can threaten the feasibility of any subsequent event with public perceptions shaped more by this news than enthusiasm for the event.

Poor ticket protection, which leads to fake tickets being sold well before an event can have a critical impact on the event itself as the recent experience in France shows. With the chaos from ticketing and subsequent access control issues in the Champions League final between Liverpool and Real Madrid at the Stade de France, headlines in the newspapers included "Stade de Farce" (The Sun) to "From party to fiasco" (L’Equipe) and led to queries whether France was capable of holding the Olympics and the rugby World cup in the next couple of years.

Ignoring or too little attention by government and police of individual illegal gold miner (so called zama zama) operations in some parts of South Africa has led to illegal mining criminal syndicates having violent armed confrontations with each other, security officers, and the police. Small levels of illegal mining have grown, taken on characteristics of organised crime, and has even extended into aggression against communities where they are operating such as the recent assault and group rape situation in Krugersdorp.

After years of doing nothing, Gauteng Premier David Makhura commented, "I am worried about the safety of Gauteng residents. Zama zamas are huge contributors to violent crime in the country. They have moved beyond mining operations. They are stripping electricity infrastructure. They are interfering with underground infrastructure. The security of the state is at great risk."

Such is the impact of ignoring small things which could have been addressed far more comprehensively if the state had taken the time to be concerned and worked in partnership with the private sector who were bearing the brunt of the impact of illegal activities. What is also clear, is that there are criminal elements who foster such activities in their own interest to the detriment of broader communities, a trend reflecting in different sectors and different countries.

Identify and manage the small things

Risk management is about trying to avoid being hit by this critical mass of activity, to identify it in its small form and anticipate where it is going to lead if not addressed, and to set up ways of dealing with things before they get to the point of a crises. We are entering into a more uncertain and difficult world with political, economic, financial threats such as inflation, and community unrest and frustration.

Those who ignore the small things, whether in CCTV, security or management, do it at their peril. The same way that a CCTV operator should be capable of picking up the small behaviours that show signs of a coming incident, security and risk managers need to be working out what signs and activities are of concern, how they are likely to play out, and what backup do you have when the situation becomes critical.

In many cases there is no need for radical treatment. A steady and consistent resolution of small things through approaches such as enforcement of standard procedures, policy, and consultation to diffuse issues may address many problems before they become critical. For those areas outside your domain of influence, networking, common strategies with others, and working out broader based contingency plans may assist in damping down flare ups before they become conflagrations.

About Craig Donald

Craig Donald.

Dr Craig Donald is a human factors specialist in security and CCTV. He is a director of Leaderware which provides instruments for the selection of CCTV operators, X-ray screeners and other security personnel in major operations around the world. He also runs CCTV Surveillance Skills and Body Language,

and Advanced Surveillance Body Language courses for CCTV operators, supervisors and managers internationally, and consults on CCTV management. He can be contacted on +27 11 787 7811 or


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Access & identity expectations for 2024
Technews Publishing IDEMIA ZKTeco Gallagher Salto Systems Africa Regal Distributors SA Reditron Editor's Choice Access Control & Identity Management Information Security AI & Data Analytics
What does 2024 have in store for the access and identity industry? SMART Security Solutions asked several industry players for their brief thoughts on what they expect this year.

AI-driven identity verification for access control
C3 Shared Services Editor's Choice
Facial authentication solutions combine advanced AI and 3D sensing technologies with ease of use to create a frictionless, touchless experience. The deployment of this technology in an access control system keeps users and administration moving.

Access and identity in 2024
Technews Publishing Gallagher HID Global IDEMIA Ideco Biometrics Enkulu Technologies neaMetrics Editor's Choice Access Control & Identity Management Integrated Solutions
SMART Security Solutions hosted a round table discussion with various players in the access and identity market, to find out what they experienced in the last year, as well as their expectations for 2024.

The promise of mobile credentials
Technews Publishing Suprema neaMetrics HID Global Editor's Choice Access Control & Identity Management IoT & Automation
SMART Security Solutions examines the advantages and disadvantages of mobile credentials in a market dominated by cards and fobs, in which biometrics is viewed as a secure alternative.

PQC, AI & sustainability: five cybersecurity trends for 2024
Editor's Choice
In this article, Nils Gerhardt looks at some of the most important developments that Utimaco experts see coming in 2024, both in technology and the wider world it intersects with.

Protecting your business in the digital economy
Editor's Choice
Conducting business in the digital age has never been more challenging. In the Zero Trust cyber security model, nothing is more important than proactively safeguarding enterprise data.

The human factor side of video management systems
Leaderware Editor's Choice Surveillance Risk Management & Resilience
A video management system (VMS) is central to, and the most vital element to any control room operation using CCTV as part of its service delivery, however, all too often, it is seen as a technical solution rather than an operational solution.

Get the basics right to win more business
ServCraft Editor's Choice Risk Management & Resilience
The barriers to entry in security are not high. More people are adding CCTV and fencing to their repertoire every year. Cowboys will not last long in a space where customers trust you with their safety.

All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

South Africa shows a 1200% increase in deepfake fraud
News & Events Risk Management & Resilience
Sumsub released its third annual Identity Fraud Report of the year, analysing identity fraud across industries and regions based on millions of verification checks across 28 industries and over 2 million fraud cases.