As Iran and the United States continue to trade strikes in the Gulf, concerns about retaliation inside the United States are growing. Recent incidents — from an attempted attack on a synagogue in Michigan, to improvised explosive devices thrown near Gracie Mansion in New York City, to a mass shooting at a beer garden in downtown Austin — illustrate the volatile environment in which security planners are currently operating.
But these incidents highlight a pattern that security professionals often worry about more than a foreign-sponsored terrorist conspiracy designed to project violence into the U.S. homeland. As recent attacks have demonstrated, what has been more disruptive are low-complexity attacks carried out by individuals with little or no direct coordination with a foreign adversary and may have become radicalized online and with no direct involvement with foreign agents.
To be clear, Iran has demonstrated an ability to operate through proxies and conduct international terrorist operations. Historically, however, such attacks tend to involve discoverable operational planning and identifiable links between operatives and the regime. Despite shifts in national security priorities in recent years, and a reduced institutional focus on counterterrorism, the United States remains among the most capable nations in the world when it comes to detecting, disrupting and defeating large-scale or sophisticated terrorist plots.
The greater risk often lies elsewhere.
Domestically, the United States is experiencing a level of “crisis fatigue.” The public is inundated with near-daily news of violence, geopolitical tensions and disruptive events. The psychological response can range from heightened anxiety to outright ambivalence. Either reaction, however, can lead to complacency and complacency is precisely the condition that attackers seek to exploit.
In reality, most attackers, whether ideologically motivated, politically radicalized or simply opportunistic, still follow a relatively predictable playbook: pre-attack surveillance, trial runs or walkthroughs, and then execution. Many attacks are often disrupted during these early phases, particularly when suspicious behavior is noticed and reported. Target selection also tends to follow a simple hierarchy: what is the most symbolic or high-visibility target that can realistically be attacked, and if that proves too difficult, what is the next viable option?
For that reason, security planners have long focused on deterrence through visible security posture and the hardening of high-profile locations and obvious soft targets like places of worship, transportation hubs, landmarks and mass gatherings
Some of the most sophisticated and symbolic organizations routinely make visible adjustments to their security posture during periods of heightened geopolitical tension. These measures are not merely defensive; they are psychological. A visible security presence, random security checks or unpredictable patrol patterns can disrupt an attacker’s planning cycle and introduce uncertainty into the decision calculus.
During the height of the global war on terrorism, such randomness was considered a fundamental and cost-effective way to frustrate adversaries. It remains just as relevant today in light of recent events.
Take a Proactive Posture
For corporate and institutional leaders, the recommended steps are familiar but essential. Reinforce situational awareness among employees, particularly those attending large public events or traveling internationally. Ensure that mass communication systems are capable of rapidly reaching personnel during an emergency. Maintain visibility into employee travel and location through integrated travel risk management tools. And where appropriate, adjust security posture at high-profile facilities or symbolic locations to create visible deterrence.
The U.S. government will rightly remain focused on disrupting sophisticated plots and prosecuting the kinetic dimensions of the conflict with Iran. But history suggests that the more immediate risk to companies, institutions, and public venues often comes from far simpler threats, individuals inspired by headlines, grievances, or opportunity rather than directed by a foreign intelligence service.
That reality places a renewed responsibility on the private sector. The muscle memory developed after 9/11 such as visible deterrence, disciplined situational awareness, layered security planning and rapid communication remains just as relevant today. In an environment saturated with geopolitical tension and constant crisis headlines, organizations that proactively reinforce these fundamentals will be best positioned to prevent small, unsophisticated attacks from becoming tomorrow’s national headlines.
Ben Joelson is principal and head of Security Risk & Resilience and a former United States Air Force Security Forces and Antiterrorism Officer and Ron Rowe is principal of Security Risk & Resilience and retired from the United States Secret Service where he served for 26 years and served in his final roles as Deputy and Acting Director. They advise leading corporations and family offices on how to manage security risk and maintain a posture of resilience.
