Best Strategies for Conducting Behavioral Threat Assessments for School and University Staff
Schools typically have few resources to dedicate to securing their campuses, let alone monitoring student behavior. But the behaviors and actions leading up to shootings or other violent incidents can often be caught in advance to prevent disaster.
Moderator Steve Lasky is joined by Simon Osamoh, President and Founder of Kingswood Security; and Ryan Knoll, Regional Sales Director, Motorola Solutions, for a discussion on why establishing a framework for behavioral threat assessment is crucial to defending a school’s staff, students, and visitors. Learn:
- How to establish a ‘helping,’ rather than ‘punishing,’ reporting culture,
- What signs to look for when assessing behavioral risk,
- And why multidisciplinary threat assessment teams are schools’ best bet to mitigate risk.
Why a structural behavioral threat assessment framework matters
All security teams, regardless of the people or places they’re tasked with protecting, strive toward the same goals: to protect their communities.
The end goal for schools is to assess threats clearly, determine whether someone is on a pathway to violence, intervene appropriately, and keep students, teachers, and staff safe. However, the missing piece is often a structured, actionable framework.
“Schools and higher education might understand some core principles, but there’s often a small component of their program missing,” Osamoh said. “The first thing we need is a format like anonymous reporting where students, staff, and even parents can escalate.”
Solely relying on one anonymous reporting system often fails, Osamoh noted, especially with younger students who prefer messaging apps like Telegram or WhatsApp. Students like his own 14-year-old son would tell his friends first, he said, not an anonymous tip line. Multiple reporting functions tailored to different audiences offer a broader reach.
Knoll emphasized that, before reporting, staff and students must recognize early warning signs. To this end, he outlined a two-step approach: decentralized reporting and centralized assessment.
Decentralized reporting offers multiple channels where students, staff, and parents can raise concerns in an environment they are familiar with and comfortable in. A centralized assessment framework then compiles and reviews the data from these reports to classify the level of risk.
A culture of “helping”
Establishing flexible reporting systems is just one aspect, however. People themselves can be a barrier; students may be apathetic about their environment, afraid of retribution, or expect social stigma for voicing their concerns.
Both Knoll and Osamoh stressed that the process should be reframed as ‘helping’ instead of ‘tattling.’ “We aren’t reporting, we’re helping the community stay safe,” Knoll explained. “Once you get that breakthrough, it’s easier for people to help and be part of the process.”
This requires recalibrating mindsets, especially for teachers who might hesitate to report students due to socioeconomic or family considerations.
Expanding your network of collaborators outside of your local reach is another important step, Knoll noted. Administrators should reach out to agencies and communities that may be monitoring social media at a higher level.
AI technologies can also be utilized to automate the detection process by flagging keywords or suspicious activity in accordance with student privacy regulations.
Reading the signs
Citing the Violence Prevention Project, Osamoh stated that 48% of mass shooters have ‘leaked’ their intentions online or have otherwise communicated what they intend to do.
Social media and school technology are critical to threat analysis. Discord channels, messaging apps, and school-assigned Chromebooks can provide valuable insights. Monitoring isn’t enough on its own, Osamoh warned; data must be reviewed and analyzed before any action is taken.
Identified threats do not always follow a linear path, however. Knoll described several stages that may occur, from grievance to ideation, planning, preparation, and potential action.
Some of the early warning behaviors include drastic changes in behavior, social media posts or keyword searches, or changes in one's dress. A fascination with previous mass shooters or mass casualty events, as well as hyperfixations with particular individuals, groups, or ideologies, can be red flags.
Osamoh highlighted physical cues as well. “Pay attention to doodles and drawings in notebooks,” he said. “Drawings of firearms have alerted teachers to potential threats.”
Later-stage warning signs may include the acquisition of firearms or ammunition, increased firearm practice, or indications that the individual is conducting ‘security test runs’ on campus before taking action.
Multidisciplinary teams are key
According to Knoll, having a robust threat assessment management team in place is critical to the behavioral risk analysis process.
Enforcement is always a component, whether that be campus security or a local police department. Knoll emphasized that law enforcement shouldn’t just be enforcement figures, however. “They need to buy into the school community, participate in meetings, interact with students and counselors, and proactively address potential threats,” he said.
Leadership and mental health expertise are equally important. Legal counsel, student affairs administrators, or school counselors can fill these roles. Training and including non-security staff prepares them to act confidently and consistently in the face of an emergency.
Another pillar is IT support to ensure no information falls through the cracks. “Campus security, RAs, housing directors, and even IT staff can help monitor digital interactions or social media activity,” he said.
“Multidisciplinary teams work best when everyone views the situation through their own lens,” Osamoh added. “Counselors, teachers, principals, and law enforcement each bring a different perspective.”
Another asset to these teams, Osamoh said, is the involvement of those closest to the student. “Pull in the teacher who knows the child’s baseline behavior. They might notice patterns others would miss. Don’t be afraid to interchange team members as needed.”
Once the team is built, they should remember to document the situation thoroughly. Interviews, digital findings, social interactions, and even thought processes should be included. “This isn’t bureaucracy; it protects your team and allows others to understand your reasoning,” Osamoh said.
Technology can also be a powerful addition to a threat assessment framework. Monitoring exterior doors, entry points, and visitor intake areas with AI security systems enables automated detection of abnormal behavior patterns, loitering, or suspicious clothing.
“Video, access control, and social media monitoring complement the human assessment,” said Osamoh. “Technology should support, not replace, good judgment.”
Speakers
Ryan Knoll brings over 15 years of experience in the security industry, spanning frontline law enforcement, corporate security, and enterprise technology leadership. His career includes decorated police service in Minneapolis and Fort Worth, workplace violence investigations, and leading business development initiatives for converged security solutions across healthcare, education, government, and commercial sectors.
Currently serving as a Regional Sales Director at Motorola Solutions, Ryan leads a team of Channel Sales Executives across Minnesota, Wisconsin, and the Dakotas. In this role, he helps organizations strengthen safety and resilience by integrating advanced video security, access control, and analytics with mission-critical communications and command center platforms.
Ryan is a recipient of the Minneapolis Police Department’s Medal of Honor and has been honored as both a SIA RISE 25 on the RISE and Security Systems News “Emerging Leader Under 40” awardee. He serves on multiple industry committees that shape best practices and help develop the next generation of security leaders. Combining deep technical expertise with a relationship-driven approach and a career that bridges public safety and enterprise technology, Ryan delivers a rare, actionable perspective on the convergence of modern security technology, behavioral threat assessment, and risk management.
Simon Osamoh, a renowned security expert, initially moved to the United States from England to lead the counterterrorism efforts at Mall of America, Minnesota, where he managed the internationally recognized behavior threat assessment team. His expertise in soft target security garnered national media attention.
With 14 years of experience as a detective in England, Simon worked on serious and organized crime cases, including collaborating with British Security Services during the 2006 "liquid bomb terrorism plot" investigation, which resulted in global changes to aviation security regulations.
As a former Director of Risk and Compliance, Simon has worked for three of America's largest financial institutions: Wells Fargo, US Bank, and Equiniti Trust Company. He oversaw programs such as risk management, business continuity, crisis management, anti-bribery and corruption, regulatory compliance, testing programs, and third-party risk.
Simon has authored two bestselling books on conflict de-escalation and church security, and his work on conversational interviewing is featured in the award-winning book How to Stop a Mass Shooting Epidemic by Dr. James Densley and Dr. Jillian Peterson.
Register to view the October Campus Safety & Security Web Events here.
