Securing the Crowd Part One: Breaking Down the CISA Venue Guide for Security Enhancements

By David Strickland, COO of Kenton Brothers

This is part one of a three part series on CISA recommendations related to securing a crowd.
(Part One | Part Two | Part Three)

The stakes for large venue security have never been higher. As the United States prepares to host the 2026 FIFA World Cup™ across 11 U.S. cities, celebrate America’s 250th anniversary, and look ahead to the 2028 Summer Olympics in Los Angeles, one federal agency stepped up with guidance that every venue operator, security director, and event manager in the country should be reading right now.

In late December 2025 and into January 2026, the Cybersecurity and Infrastructure Security Agency (CISA);a component of the U.S. Department of Homeland Security; released two landmark publications known collectively as the Venue Guides for Security Enhancements and Mitigating Dependency Disruptions. These documents represent the most comprehensive and actionable federal guidance for stadium and arena security in recent history.

At Kenton Brothers Systems for Security, we have been studying these guides carefully. This blog series breaks down what’s in them, what they mean for your organization, and how our team can help you implement their recommendations from the ground up.

Why These Guides Matter Right Now

The release of these guides was not coincidental. The threat landscape for large public gatherings has shifted dramatically in recent years. From the 2017 Las Vegas Route 91 Harvest Festival shooting; which permanently changed how security professionals think about outdoor venue perimeter security; to the January 1, 2025 New Orleans Sugar Bowl attack, to evolving drone threats over packed stadiums, venue operators are navigating a risk environment that is more complex and more consequential than ever before.

“Today’s risk environment is rapidly evolving, posing serious threats and disruptions to U.S. critical infrastructure and public gathering venues.”; CISA Acting Director Madhu Gottumukkala

DHS and CISA didn’t develop these guides in a vacuum. They drew on lessons learned from real disruptions at high-profile events in the U.S. and internationally, then convened government and industry experts from four critical infrastructure sectors to shape guidance that is both practical and actionable.

The two guides work in tandem:

• The Venue Guide for Security Enhancements focuses on physical security measures including access control, perimeter protection, patron screening, staffing, and coordinated law enforcement planning.
• The Venue Guide for Mitigating Dependency Disruptions addresses the often-overlooked infrastructure dependencies that venues rely on; energy, water and wastewater systems, communications, and transportation; and provides frameworks for contingency planning when those systems fail.

Together, they create a blueprint for resilient, layered venue security that goes far beyond having guards at the door.

Breaking Down the CISA Venue Guide for Security Enhancements

This guide establishes a foundational philosophy that security professionals at every level should internalize: effective security is layered, integrated, and never static. Here are the core pillars the guide identifies and what they mean in practice.

1. Site-Specific Physical Security Assessments

CISA’s first recommendation is that every venue conduct a thorough, site-specific physical security assessment. Generic checklists are not sufficient. The guide includes a Security Considerations Table that categorizes measures by implementation difficulty and cost:

• Low: Measures deployable with existing staff, basic equipment upgrades, and standard training.
• Medium: Measures requiring moderate investment; new technology, additional staffing, procedural changes.
• High: Advanced systems and infrastructure requiring significant capital investment and specialized expertise.

This tiered approach ensures that venues of all sizes; from a regional convention center to a 70,000-seat NFL stadium; can identify realistic, proportionate steps to close security gaps.

KB TIP: Kenton Brothers offers comprehensive physical security assessments tailored to your venue’s specific layout, event profile, and threat environment. Our certified security professionals will walk your facility and deliver a prioritized remediation roadmap aligned directly with the CISA framework.

2. Access Control and Perimeter Protection

The guide emphasizes the critical importance of layered perimeter defense. Lessons from the Las Vegas attack; and from international incidents like the 2017 Manchester Arena bombing; underscore that security cannot begin and end at the entry gate.

CISA recommends venues consider:

• Hardened vehicle barriers and bollard systems at all pedestrian and vehicle access points.
• Clear delineation of security zones moving from outer perimeter to inner sanctum.
• Credentialing systems that differentiate between public, staff, vendor, and VIP access levels.
• CCTV coverage that extends to parking lots, adjacent streets, and rooftop sight lines.
• Regular review and testing of all access control technology and protocols.

KB TIP: Kenton Brothers is a recognized leader in electronic access control systems integration. We design, install, and maintain credential-based access solutions that can be scaled from a single entry point to enterprise-wide perimeter management. Our team partners with your existing security personnel to ensure seamless operation.

3. Patron Screening and Entry Protocols

Screening is the most visible element of venue security; and one of the most operationally complex. CISA’s guide highlights DHS Science & Technology tools developed specifically to help venues model screening throughput and evacuation simulation so operators can select the methods most likely to work at their specific facility.

Key considerations include:

• Walk-through magnetometer placement and staffing ratios relative to expected patron volume.
• Prohibited items policies communicated clearly before and at the event.
• Bag check protocols, clear bag policies, and secondary screening areas.
• Accessible screening lanes for individuals with disabilities.
• Staff training in behavioral recognition and pre-attack indicator identification.

4. Staffing, Training, and Behavioral Recognition

One of the most powerful takeaways from recent high-profile incidents is that technology alone is not enough. Security personnel who are trained to recognize unusual behavior, pre-attack indicators, and individuals who may pose a risk; and who have a clear path to escalation and intervention; represent one of the most effective threat deterrence tools available.

CISA encourages venues to invest in:

• Regular joint training exercises with local law enforcement and emergency services.
• Behavioral threat assessment and identification training for all front-line security staff.
• Clear, rehearsed communication protocols for escalating concerns.
• Tabletop exercises and scenario planning for active assailant, coordinated attack, and complex emergency scenarios.

KB TIP: Kenton Brothers offers security staff consultation and can connect venue operators with training resources aligned to CISA standards. We regularly coordinate with local law enforcement partners during the design and commissioning of our security systems to ensure human and technology elements work in harmony.

5. Technology Integration: Surveillance, AI, and Real-Time Communication

The CISA guide is emphatic on this point: modern venue security requires sophisticated technological monitoring systems capable of detecting threats before they escalate.

Recommended capabilities include:

• 24/7 surveillance solutions with artificial intelligence-assisted analytics to identify unusual patterns or crowd anomalies.
• Real-time communication platforms that push immediate alerts across security teams, event operations, and law enforcement simultaneously.
• Automated incident response protocols that can be activated the moment a threat is detected.
• Counter-unmanned aircraft system (counter-UAS) capabilities, particularly for outdoor venues and those hosting nationally significant events.
• License plate recognition and facial recognition technologies where legally authorized.

CISA notes that drone threats in particular have emerged as a top-tier concern. The proliferation of UAS technology in modern warfare and in everyday consumer life means that venues hosting high-profile events must now plan for aerial threat scenarios in ways that were not previously standard.

KB TIP: Kenton Brothers designs and integrates advanced video surveillance ecosystems featuring AI-enabled analytics, wide-area monitoring, and centralized command center capabilities. Our systems are engineered to grow with your threat environment and integrate directly with communications platforms used by first responders.

Continue reading Part Two.

Ready to Align Your Venue with the CISA Framework?

Contact Kenton Brothers Systems for Security for a comprehensive venue security assessment. Our team of certified professionals is ready to walk your facility, map your risks, and build a security roadmap that aligns with the latest CISA guidance and protects the people who matter most.

References

• Cybersecurity and Infrastructure Security Agency (CISA). Venue Guides for Security Enhancements and Mitigating Dependency Disruptions. December 2025 / January 2026. https://www.cisa.gov/resources-tools/resources/venue-guides-security-enhancements-and-mitigating-dependency-disruptions
• U.S. House Committee on Homeland Security. ICYMI: Homeland Republicans Assess Security, Coordination Efforts for Upcoming Mass-Spectator Events. May 2025.
• Domestic Preparedness. Big Events in 2026: Security Classifications. January 2026.