Assessing Campus Surveillance After the Brown University Shootings

Surveillance gaps are often deliberate — not accidental

Fred Burton, drawing on decades of investigative experience, cautions against viewing blind spots as mere oversights.

“As part of the attack cycle, based on past investigations and studies I’ve conducted on similar events, I would surmise that the shooter chose the location due to the lack of cameras, which shows a high degree of pre-operational surveillance,” Burton says. “The location was not random, nor were the victims. The question becomes, how long has this operation been in the works?”

Burton’s assessment underscores a critical but uncomfortable reality: attackers often exploit known gaps. From that perspective, blind spots are not just technical deficiencies; they are tactical vulnerabilities.

“In my assessment, the blind spots in the older building could have been identified with a basic physical security survey,” he adds.

Fragmentation, not scarcity, drives gaps

Thomas Carnevale argues that most campus blind spots are the predictable outcome of fragmented planning and governance, not insufficient technology.

“Blind spots persist because camera programs are often deployed opportunistically—grant-funded, department-owned, renovation-driven—rather than against a campuswide coverage model tied to threat paths,” Carnevale explains.

Older buildings, he notes, often fall outside capital refresh cycles, while procurement processes prioritize camera quantities over placement analytics.

“Ownership is split among IT, facilities, and police,” he says. “Accountability should sit with a single executive owner, often Public Safety, empowered by a campus security master plan, a unified funding line, and authority to enforce coverage standards during renovations.”

Camera counts vs. coverage design

Paul Benne echoes this view, emphasizing that blind spots are rarely the result of neglect.

“Critical blind spots typically result from fragmented or outdated surveillance planning, not from a lack of cameras,” Benne says. “On many campuses, deployments evolve in phases, driven by individual projects, grant funding, or incident response rather than a unified master plan.”

Benne emphasizes layered design principles—identification, recognition, and observation—rather than blanket coverage across campuses.

“When these layers are deployed strategically, 100% coverage is unnecessary,” he explains. “Instead, the system can tell a story.”

Preservation, cost, and aesthetics

Geva Barash highlights a factor often underappreciated outside higher education: preservation constraints.

“The lack of coverage on a campus with that extensive camera network is primarily due to two factors tied together: budget constraints and the need to preserve older buildings’ facades,” Barash says.

Older brick-and-concrete structures complicate cabling, often requiring visible conduit that campus stakeholders resist for aesthetic reasons.

“Customers may not like the look and feel of having conduits and cameras everywhere,” he notes.

The absence of a living map

Simon Osamoh identifies the lack of a centralized surveillance map as a recurring failure.

“Large campuses end up with critical blind spots not because they lack cameras, but because they lack a strategic surveillance roadmap,” Osamoh says.

Without a living map that integrates cameras, access control, and known gaps, institutions may not even know where their vulnerabilities are.

“Accountability must sit with a single operational owner, typically campus public safety, with authority to align procurement, facilities upgrades, and funding decisions to risk, not renovations or camera counts.”

2. Beyond Camera Counts: KPIs That Actually Measure Surveillance Effectiveness

The question:
When legacy camera counts are cited publicly, they often mislead. What objective KPIs should campus security leaders track to measure surveillance effectiveness for threat detection, evidence collection, and post-incident investigation?

Cameras rarely prevent — but they must perform

Fred Burton dismisses camera counts as operationally meaningless.

“The number of cameras is not important; the effectiveness and placement are,” Burton says. “Cameras are a valuable investigative tool, but they rarely prevent attacks.”

For Burton, surveillance must be paired with human presence.

“Nothing beats random security or enhanced police patrols,” he adds.

3 metrics that matter

Thomas Carnevale proposes three concrete, outcome-based KPIs:

1. Coverage of critical paths:

“The percentage of entrances, stairwells, and egress routes with usable identification-quality video.”

2. Time-to-footage:

“Minutes from incident to investigators accessing relevant video across systems.”

3. Evidentiary usability rate:

“The percentage of incidents where footage supports identification, timeline reconstruction, or prosecution.”

“These KPIs directly correlate with prevention, response speed, and investigative outcomes,” Carnevale says.

Analytics, coverage, and notification

Geva Barash argues that modern surveillance must be measured by capability, not inventory.

“If I place 1,000 cameras in the same building on a large campus, will the campus now be secure? No,” he says.

Barash prioritizes three functional KPIs: coverage, analytics, and notification speed.

“Today’s technology allows gun detection through visual and audio analytics, identification of people of interest, and rapid notification to responders,” he explains.

Can the system tell a story?

Paul Benne frames KPIs around narrative continuity.

“Ultimately, a surveillance system must be able to tell a coherent, continuous story, both in real time and after an incident,” Benne says.

His three priorities are identification capability, movement tracking, and evidentiary quality.

Culture still matters

Simon Osamoh, reflecting on his counterterrorism work at the Mall of America, warns against over-reliance on technology.

“What mattered more than technology was a strong security culture,” he says.

For campuses, Osamoh emphasizes risk-aligned coverage, time-to-awareness, and investigative usability—metrics that integrate human response with technical systems.

3. Securing Open Academic Buildings: Low-Cost Measures That Work Now

The question:
Older academic buildings are frequently unlocked and openly accessible by design. What pragmatic, low-cost physical-security and procedural mitigations should campus leaders implement immediately for unlocked classrooms?

The limits of open campuses

Fred Burton acknowledges the structural challenge.

“The reality is that an open campus creates security vulnerabilities that, in some cases, are nearly impossible to address,” he says.

Still, he recommends roving patrols, chokepoint cameras, and counter-surveillance at building perimeters.

A practical checklist

Thomas Carnevale offers a ranked list of immediate actions:

• Interior-locking door hardware without keys
• Standardized lockdown procedures with signage and drills
• Battery-backed corridor or mobile cameras
• Scheduled security sweeps and propped-door enforcement
• Card access at main entrances, even if classrooms remain unlocked

Shifting the default assumption

Paul Benne argues campuses must abandon the idea that openness and security are mutually exclusive.

“If buildings are intended to remain open, access control must shift to managed entry points,” he says.

Wireless locks and training

Geva Barash advocates wireless access control and procedural discipline, while Zach Brackett emphasizes training as the most cost-effective tool.

“Your greatest asset is also your smallest cost impact: your employees,” Brackett says.

Delay, detect, and deter

Simon Osamoh succinctly summarizes the goal: introduce delay, detection, and accountability without eliminating openness.

4. Active-Shooter Alerts: Speed, Authority, and Decision Discipline

The question:
Active-shooter doctrine requires rapid decisions. Based on publicly available timelines, what decision-making framework balances panic prevention with safety, and who must be included?

Empower the watch floor

Fred Burton argues that authority must reside in the command center.

“Officers on the watch should be empowered to make the call,” he says.

Tiered, time-boxed decisions

Thomas Carnevale recommends a tiered framework with rapid reassessment intervals and pre-designated decision authority.

Procedures before crisis

Geva Barash distills it simply:

“Procedures, procedures, procedures.”

Speed beats perfection

Simon Osamoh emphasizes pre-authorized decision matrices.

“When there’s a credible report of gunfire, the default must be an immediate, plain-language shelter-in-place alert,” he says.

5. Third-Party Cameras: Making Evidence Discoverable Before It’s Needed

The question:
How should campuses design camera-sharing strategies with surrounding neighborhoods to ensure footage is discoverable and admissible?

Community as a security multiplier

Fred Burton advocates expanded neighborhood watch programs and proactive transparency. He adds: “Stress the need for awareness and security notified about suspicious people and incidents.  Be proactive with notifications back into the program so folks know you are transparent and invite the community to become a security partner to keep everyone safe.“ 

MOUs, registries, and portals

Thomas Carnevale outlines the essentials: legal agreements, camera registries, and secure upload workflows. “Technically: a registry of camera locations, formats, and contacts, plus secure upload portals with metadata standards, is essential,” he stresses. “Community-wise, an ongoing outreach to residents and businesses so participation is established before a crisis, not improvised after one, is critical.”

Crime-fighting centers and sharing

Geva Barash points to citywide models that integrate public and private cameras under transparent governance. “This is highly recommended. We have worked with Atlantic City, Memphis, and other cities to create a ‘crime-fighting center’ that provides police with access to third-party cameras across entire cities,” Barash adds.

Zachary Brackett proposes that role-based access controls and shared dashboards with audit trails simplify permissions while maintaining accountability.

Privacy and trust

Simon Osamoh warns against indiscriminate collection.

“Residents need to understand what is being requested, why, and how privacy is protected,” he says.

6. From Antiquated to Resilient: A 12-Month Surveillance Roadmap

The question:
For security directors with constrained budgets and legacy infrastructure, what is a realistic 12-month roadmap?

Assess before you buy

Fred Burton and others agree that the first step is a comprehensive physical security survey.

Barash says that “Integrating existing cameras into an IP system should not be a painful or expensive process. Given current technology, there needs to be a plan to convert using encoders and servers that support analog-to-IP conversion, and a longer-term strategy to replace older cameras as they fail.”

Phased modernization

Thomas Carnevale outlines a phased approach:

• 0–3 months: Map blind spots, deploy temporary cameras
• 3–6 months: Centralize VMS, migrate high-risk buildings
• 6–12 months: Replace legacy systems, formalize KPIs

Strategy first, technology second

Paul Benne and Simon Osamoh emphasize standards, gap analysis, and defensibility.

“Resilience is not achieved by a single upgrade,” Osamoh says. “It’s achieved through deliberate, measurable progress.”

Adds Benne: “A phased approach creates institutional defensibility. It demonstrates to students, parents, faculty, board members, and the broader community that the university is taking deliberate, actionable steps to reduce risk. Importantly, this roadmap does not require completion within a single fiscal year; instead, it establishes a credible framework for rolling improvements across multiple budget cycles.”