Proactive & Pragmatic: How India Rethought Security Post The Mumbai Attacks

June 30, 2016

By Colonel Sushil Kumar Singh

In the 2003 historical epic, The Last Samurai, a striking conversation plays out between Ken Watanabe’s Katsumoto (the Samurai lord) and Capt. Nathan Algren, the war hero turned wastrel turned Japanese Imperial Army trainer.

Algren, played by Tom Cruise, is haunted by thoughts of the atrocities he committed in the battles against Native Americans. Katsumoto wants to know more about these battles, and Algren’s role in them. “I wish to learn,” he says. Algren rebuffs him, suggesting he “read a book” instead, to which Katsumoto responds by saying he’d rather have a conversation, “… because we are both students of war.”

Students Of Tactics, And Terror

During a recent visit to London, I was surprised as my cab drove straight through to the hotel porch without being stopped at the gate. As a matter of fact, I walked to the reception desk without going through a single security check myself, or having my bags vetted. I’m given to understand that this is also how it is in the United States and most other western countries.

Contrast this with a visit to any halfway decent hotel in India, or, in fact, several other countries in south and west Asia — where you’d have to run the gamut of the following security measures:

  1. Having your vehicle scrutinized by security at the hotel gates.
  2. Having your bags go through an airport-style baggage scanner at the gate, irrespective of whether you’re a hotel guest checking in, or someone that’s dropped by for a meal or something.
  3. Getting past a full-body handheld metal detector check by someone from a security team. Typically, most places will have women and girls get behind a screen of some kind for this.
  4. Walking through a door-framed metal detector.
  5. Providing proof of identification and filling out a number of relevant forms if you’re checking in.

Apart from the last point, the remaining aren’t really part of routine security measures in much of the western world, including England, which has been at the receiving end of terror attacks even before the well documented IRA strikes during “The Troubles” in the latter half of the 20th Century, leave alone modern day terrorist attacks like the 7/7 bombings in 2005.

For a student of war and terror like me, the glaring disparity in the approach to security drills is reflective of a couple of things: First, that despite shared concerns, and increasingly, a common enemy in the modern era, be it the Islamic State or an Al Qaeda or Taliban offshoot, a radical splinter group, or lone wolves inspired by extremist propaganda, there is no single thought process that seems to govern how countries fight terror, including when it comes to basic tactical measures as a first line of defense.

Second, in many western societies, despite a spate of targeted attacks since April 2013 — when the Islamic State in Iraq and the Nusra Front in Syria made an unholy alliance they called the Islamic State in Iraq and Syria, and began their so-called “Soldier’s Harvest” campaign in Iraq — there has been a sustained resistance to putting in place routine security measures for soft targets like hotels, malls, nightclubs, even airports, because perhaps, of a resistance to anything that inconveniences people or affects, “our way of life.”

A Practical Approach To Fighting Terror

In countries like India though, especially in the aftermath of the 2008 Mumbai attacks, when militants spent four days carrying out 12 coordinated attacks across India’s financial capital, including planned strikes on signature properties of two major hotel chains, the Taj, and the Oberoi Trident, there has been a more pragmatic response to modern day terror.

One of the first steps taken by the Indian Government in the aftermath of November 2008 was the decision to create four Regional Hubs of the National Security Guard, India’s elite terror-fighting special forces, in the major metropolitan areas of Mumbai, Kolkata, Chennai and Hyderabad.

The intention behind having regional hubs of specially-trained CT commandos was to reduce the force’s reaction time in the event of a future attack on civilian and defense installations in the country. The Hubs were to be first responders to any attack, to be later supplemented, as needed, by a greater counter-terror force arriving from New Delhi, where the headquarters of the force is located.

Each Regional Hub was made responsible for certain states and the area of responsibility delineated. For instance, the Hub in the southeastern city of Hyderabad, the first to be operational, was given responsibility for the states of Andhra Pradesh, Chhattisgarh and Karnataka.

A map of Vulnerable Areas (VAs) was drawn up with the help of the police chiefs of all three states. These identified VAs mainly comprised places that were known tourist attractions, like historical monuments, and other potential soft targets like 5-star hotels, the offices and premises of multinational companies (MNCs), defense and civilian installations, embassies and consulates, and legislative and judicial buildings, among others. The first order of the day was the complete reconnaissance of each of these VAs.

Ramping Up Our Recon

A prescribed format of reconnaissance was prepared. Teams would visit buildings and installations and prepare a detailed report on threats and vulnerabilities, creating a dynamic data bank for future use. Once the reconnaissance was complete, a set of recommendations was made and shared with the VAs concerned, to beef up their security in tandem with the state and India’s federal Ministry of Home Affairs, the equivalent of the U.S. Department of Homeland Security.

© Vadimone | Dreamstime Stock Photos & Stock Free Images
© Vadimone | Dreamstime Stock Photos & Stock Free Images

While I cannot get into specifics for obvious reasons, most assessments included the following suggestions:

  • The installation of CCTV cameras to cover the entire layout of a property.
  • The CCTV Control Room to be preferably located outside the premises or in a remote place and be monitored constantly. The rationale was that a counterterrorism team (CT) arriving in case of an event like a terrorist attack on a hotel, could immediately study movement inside a building without undue interference, evaluate options in quick time, plan, and move in a coordinated manner to neutralize gunmen and evacuate trapped innocents.
  • A diagrammatic layout of the property was to be available with security teams at the gates to assist planning in the deployment of a CT force.
  • Employees were to be briefed regularly on security measures and a secure zone/strong room was to be created within the premises, where employees and guests could be herded and isolated till sanity prevailed.
  • Security drills were to be carried out at least once a month, if possible.
  • Boom barriers — to block vehicular access through designated control points — were to be installed at the gates to a property, to control entry and enable checks by security personnel of vehicles and occupants.
  • Baggage Scanners, Door-Framed Metal Detectors and Handheld Metal Detectors were to be installed at all entry points.

What was heartening, from my perspective, was that most “soft target” institutions across India, like major hotels and MNCs, actually took these recommendations seriously, and put in place a number of the measures suggested.

Past Tense, And An Imperfect Present

However, it has been almost eight years since Mumbai, and an (fortunately) incident-free period over the past few years has (unfortunately) allowed complacency to creep in. Without proper supervision, recommendations haven’t really been followed precisely. Security audits have found some common issues hindering best security practices:

  • CCTV Control Rooms, more often than not (like Surveillance Rooms in U.S. casino properties), are located within building premises. In effect, a CT team cannot use a Control Room to study the layout of a property, or the movements of a terrorist or gunman, on their arrival at the site of a hostile, life-threatening event. At best, they’re of use to investigation agencies post an incident, to try and determine what exactly happened.
  • The practice of using relatively untrained personnel at the gates means that the people manning your first line of defense often do not have the remotest idea what they’re looking for. A gun or grenade can still be easily smuggled in a car. Even when teams are checking vehicles, these checks have become a cursory opening of a bonnet/hood or boot/trunk before allowing it entry. Inconvenience to a guest or visitor is still the paramount concern, not security, resulting in these checks being sped-up, rendering them effectively useless.
  • Security drills, if they exist, are rare, and secure zones or strong rooms in buildings are equally rare, with most employees unaware of specific security protocols in case of a hostile event or attack.

When, What, Why, How

It is often said that in modern-day warfare, it isn’t the number but the quality of weaponry that is the deciding factor in how things pan out. So when exactly does this factor come into play? As evidenced by the recent attack on an Orlando nightclub, one man, with superior weaponry and the advantage of planning and surprise, was able to terrorize vastly superior numbers with technology at their disposal. Yet, 49 people lost their lives and 53 were injured.


From Mumbai (as pictured in the documentary above, courtesy YouTube) to Paris, Sousse (Tunisia) to Sydney to San Bernardino, and Nairobi to Orlando, the three basic questions that have vexed counterterrorism forces have remained the same:

  1. Do we storm a location immediately?
  2. Do we wait till negotiations are exhausted, during which time more loss of lives may take place?
  3. Will the public and government accept some innocent lives being lost in crossfire or hostage-situations if we move in?

At some stage, we’re going to have to have a very public discussion on the answers to these questions, and find some common ground on acceptable measures in case of emergency events. It’s also imperative, in my opinion, that we make a push to have planned public education programs or modules, focused on battling terror together in the modern age. This isn’t scaremongering — it’s being proactive and practical.

Until then, we’d do well to keep in mind what Claude Lebel, the deputy commissioner responsible for tracking down the assassin, “The Jackal,” to Paris in Frederick Forsyth’s 1971 classic, The Day of the Jackal, had to say: In the absence of anything else, everyone “should keep their eyes open.”

(The writer, a colonel with the Indian Army, has specialized in counterterrorism operations, and raised the Hyderabad Hub of India’s National Security Guard)