When an attack unfolds at a house of worship, a shopping center, a corporate campus, or a school, the public reaction is almost always the same: no one could have seen this coming. Intelligence professionals hear that sentence differently. We hear a collection failure.
Three decades of research into targeted violence, from the U.S. Secret Service’s National Threat Assessment Center to the FBI’s Behavioral Analysis Unit to academic work by Dr. J. Reid Meloy and others, converges on a single finding. Public attacks in shared environments are rarely impulsive, rarely unexplained, and rarely absent of warning. Attackers follow an observable pathway. The intelligence discipline exists to see that pathway before it ends in violence.
This is Week 2 of TNG’s series on public attacks in shared environments. This installment addresses what protective intelligence looks for, where on the pathway interception is most effective, why early identification requires human analysts and not automated scrapers, and how the signal travels through the rest of The North Group to drive protective action.
The pathway is the pattern
Targeted violence is a process, not an event. The Calhoun and Weston pathway to violence model, widely adopted across the protective intelligence community, describes six observable stages: grievance, ideation, research and planning, preparation, breach, and attack. Subjects rarely skip steps. The grievance seeds the ideation. The ideation hardens into planning. Planning produces surveillance, acquisition, and rehearsal. Each stage leaves signature behaviors on the record.
What looks random from the outside looks methodical from the inside. Most shared-environment attackers spend weeks, months, or years building toward the day they act. That time window is the intelligence opportunity. It is also a rapidly compressing one.
The case for early interception
The earlier along the pathway a subject is intercepted, the more protective options exist and the lower the risk the intervention carries. Interception at the grievance or ideation stage is rarely coercive. It often looks like a family conversation, a school counselor referral, an HR engagement, a pastoral outreach, or a quiet collection effort that never touches the subject at all. At this stage the subject has not committed a crime, has not acquired the means, and in most cases has not yet closed off the off-ramps that still exist in their own life.
By the research and planning stage, the ladder of intervention gets steeper. Weapons may have been acquired. Target fixation may have set. Law enforcement involvement becomes more likely because criminal predicates begin to appear: threats, stalking, prohibited possession, conspiracy. The subject is harder to reach and the window is smaller.
By preparation, the options narrow to hardening the target, removing the subject’s access, and coordinating with law enforcement to build a case. At breach, the only remaining question is how quickly a protective response can be mobilized. At attack, intelligence no longer controls the outcome.
The pattern is clear. Early interception is not only the most humane choice. It is the most operationally effective one. TNG Protective Intelligence is built around creating that early window and expanding it.
Early identification is not luck. It is the product of five conditions working together. The first is a reporting culture at the client site, because most attacks are preceded by leakage and most leakage is observed by someone who is not a security professional. Family members, coworkers, classmates, and online acquaintances are the people who see the signal first. They are only useful when they know what to report, who to report it to, and that their report will be handled seriously. The second condition is multi-source collection, because no single stream identifies a threat. Open-source intelligence, social media intelligence, public records, human reporting, and internal client data each carry partial pictures that only become actionable when corroborated. The third is analytical capability, because signals without analysts are noise. The fourth is a long time horizon, because some subjects will be watched for a year or more before any escalation and the baseline built during that period is what accelerates response when the escalation comes. The fifth is client trust, because intelligence cannot do its work behind a curtain. Clients who open their reporting channels and their internal data to us receive analysis that is actionable, documented, and grounded.
What the pattern looks like
Whether the target is a synagogue, a nightclub, a big-box retailer, or a corporate lobby, the underlying dynamics repeat. Attackers typically demonstrate a fixated grievance, either personal (perceived injustice, rejection, loss) or ideological (extremist identity, political or religious hostility, identity-based hatred). They frequently consume content from prior attackers, treating manifestos and helmet-cam videos as scripture and script. They often conduct pre-operational surveillance, visiting the target site, testing response times, photographing access points. They accumulate capability through weapons, tactical gear, and body armor. A striking majority engage in leakage. They tell a friend, post online, write a manifesto, or warn a specific person to stay away on a specific day.
The motivations differ. The behaviors rhyme.
At TNG we apply a behavioral threat assessment framework organized around Intent, Capability, and Opportunity, which we call I-C-O. Intent asks whether the subject wants to cause harm. Capability asks whether they can. Opportunity asks whether they have the access to try. Within that framework, several indicators warrant immediate escalation.
A fixated grievance that intensifies over time, particularly one that narrows from general complaint to specific target, is one of the strongest predictors of action. Identification with prior attackers is another; researching, quoting, or idolizing previous mass attackers is not a theoretical interest but, in threat assessment terms, script acquisition. Last resort thinking appears in the weeks before many attacks, surfacing in statements about hopelessness, finality, or the belief that violence is the only option remaining. Capability building often shows up as sudden acquisition of weapons, ammunition, tactical equipment, or training disproportionate to the subject’s stated lifestyle or means. Approach behavior is the signal most directly tied to planned attack, including pre-operational surveillance, social engineering to gather site information, and unusual inquiries about schedules, routes, or security measures. And leakage, whether direct or indirect communication of intent, to a family member, an online audience, or in written materials intended to be discovered after the fact, appears in the overwhelming majority of cases reviewed by the Secret Service and the FBI.
No single indicator is determinative. The analytical value is in the convergence. A fixated grievance combined with capability acquisition combined with approach behavior is a different picture than any one signal standing alone.
Who becomes an attacker
The pathway is universal, but the profile is not. Demographic factors shape the speed, the signal set, and the targeting choices of subjects moving along that pathway.
Sex is the most pronounced variable. The overwhelming majority of mass attackers in shared environments are male, consistent across nearly every study of targeted violence in the public domain. Female attackers exist but are rare and tend to concentrate in ideological terrorism, workplace violence with specific interpersonal grievances, or targeted violence against known individuals rather than strangers in public spaces. The behavioral elements of the pathway hold across sex, but the population we are looking at is weighted heavily toward males.
Age matters significantly. Adolescent and young adult subjects, particularly males between seventeen and thirty-five, dominate the public-attack caseload. They tend to leave heavier online footprints, move along the pathway faster because of impulsivity and peer dynamics, and are more susceptible to copycat effects. School-age attackers typically fall between fourteen and nineteen, with tighter timelines and more concentrated online signaling. Older subjects, often in their forties and fifties, are more commonly seen in workplace violence and interpersonal cases. Their planning tends to be slower, their online signal lighter, and their grievances more mature and specific.
Mental health is present in a meaningful share of cases but is rarely the driver. Most people living with mental illness never become violent, and most targeted attackers are not primarily motivated by mental illness. Treating mental illness as the explanation is an analytical shortcut that misses the pathway entirely.
Ideological framing shapes community dynamics. Ideologically motivated attackers tend to be embedded in online communities that normalize and rehearse violence, producing more observable affiliation signals. Grievance-driven attackers without ideological community often present as more isolated, which changes where and how we collect. These variables do not change the elements of the pathway. They change where to look for the signals and how fast to expect them.
Triggers: What starts the countdown
Every subject on the pathway has a starting point. Triggers are rarely mysterious in retrospect and they fall into identifiable categories.
Personal triggers are the most common. Job loss, relationship collapse, financial catastrophe, a legal ruling, a public humiliation, a death in the family, or a health crisis. These are the events that turn a dormant grievance active.
World events function as activation signals for ideologically oriented subjects. Armed conflicts abroad, high-profile political moments, contentious policy changes, immigration debates, and major elections can turn an ambient ideological identity into operational planning. The 2020 and 2024 election cycles, the 2023 Israel and Hamas conflict, and successive periods of civil unrest each produced measurable upticks in pre-attack signal across the threat assessment community.
Media events carry their own weight. Anniversary dates of previous attacks, documentary or film releases that dramatize violence, sensationalized news coverage of ongoing incidents, and viral grievance content on social media all contribute to activation. The copycat effect is not speculation. Research by Dr. Sherry Towers and others identified statistically elevated risk windows in the days and weeks following high-profile mass shootings, particularly when the attacker receives extensive coverage. Contagion is measurable, and it is one of the variables we track against our existing POI population whenever a major incident occurs.
Calendar-linked triggers matter for specific subject populations. Dates with ideological meaning, anniversaries of past attacks, and dates personally significant to the subject are reliable indicators against which we adjust monitoring posture in our existing case files. Social media dynamics produce their own triggers. Algorithmic radicalization, viral pile-ons, doxing, ejection from an online community, or the loss of a digital identity can all function the way job loss once did. The grievance may live entirely in a digital context. The violence does not.
A compressed Timeline
To illustrate how narrow the detection window can be, consider a composite case drawn from public-reporting patterns. No names or facts are taken from any single incident.
On Day 0 a triggering event occurs. The subject experiences a job loss that compounds a year of private grievance. By Week 2 the subject’s online posts have shifted, tone sharpening, ideological content that was previously aspirational becoming personal, and the first identification with a prior attacker appearing. By Week 4 weapons-adjacent browsing has accelerated, the subject is posting in a community where violence is normalized, and a family member has noticed that the subject has withdrawn and acquired items inconsistent with his finances. By Week 6 pre-operational surveillance has begun. The subject visits a location that intersects with the grievance. He takes photos. He returns a second time. By Week 7 the subject has drafted a document that will later be described as a manifesto and has sent a farewell text to a relative he has not spoken to in a year. Week 8 is the attack.
In this composite, the earliest observable signal arrives at Week 2. The most actionable signal, the approach behavior, arrives at Week 6. That leaves the intelligence community somewhere between two and six weeks to identify the subject, corroborate the reporting, complete an assessment, and drive a protective response. Roughly four weeks of usable window.
And this is a typical timeline. Some are shorter. A subject with pre-existing capability, a ready-made grievance, and a copycat-triggered ideation can compress the entire pathway into a matter of days. Some are longer. A subject who remains in the grievance or ideation stage for a year or more may never escalate at all, which is precisely why long-horizon monitoring matters.
This is why intercept happens on the pathway, not after the preparation stage. By the time preparation is visible, the decision has often already been made.
The online dimension and the limits of automation
The internet did not cause targeted violence. It has, however, accelerated the pathway and expanded the signal. Contemporary attackers leave a digital trail that intelligence teams can read if they know where to look. Fringe platforms and encrypted channels host radicalization communities where ideation is normalized and rehearsed. Mainstream platforms carry leakage that algorithms surface to like-minded users. Livestream infrastructure has turned the attack itself into a recruitment product for the next attacker. We watch for specific language patterns, escalation cadence, engagement with known accelerationist content, the adoption of attacker iconography, and the transition from grievance to specificity. The shift from “someone should do something” to “I know where and when” is rarely subtle to a trained analyst.
It is to an automated scraper. This is the point we cannot over-emphasize to clients who have been sold keyword-monitoring tools as a substitute for intelligence work. Scrapers surface volume. They do not read sarcasm, irony, in-group humor, coded language, or the specific emotional register that distinguishes a vent from a plan. They cannot tell unusual interest from operational intent. They cannot connect a post made today to a post made eight months ago by the same author. They cannot reach into the cousin’s text message, interview the concerned coworker, or weigh a post against a known baseline for that subject. They generate alerts. Alerts are not assessments. Human analysts close that gap. An experienced intelligence analyst reads a post the way a trained investigator reads a scene. The content is one variable. The author’s history, the community they sit inside, the trajectory of their engagement, the consistency of their pattern with known pre-attack behavior, the corroboration from other streams, these are what convert a signal into an assessment. No automated system produces that. This is also why our work sometimes moves slower than clients expect. The hour saved by skipping human review is the hour that matters most.
Unusual interest is the entry point
The most common mistake in protective work is to dismiss early indicators because they fall short of a threat. Protective intelligence operates on a different standard. We are not looking for confirmed threats, which are comparatively rare and by the time they appear are often late-stage. We are looking for unusual interest.
Unusual interest is a subject paying attention to a person, a venue, an organization, or a category of target in a way that does not fit an innocent explanation. A pattern of inquiries, a recurring presence, a documented fixation, a digital engagement that does not match the subject’s known role or relationship. Most unusual interest resolves into nothing. Some does not.
The TNG approach is not to dispel unusual interest. It is to capitalize on it. We get out in front early, catalog the subject, watch for escalation, and let time tell us whether the interest is resolving, stable, or advancing toward the pathway. We have subjects on our watch lists today who have been there for a year or longer without a single escalation event. They remain on the list because we know what the casual observer does not: early is the only time when the full range of protective options is available. By the time a subject is a confirmed threat, we are a step behind. By the time we have been watching them for a year, we are a step ahead.
This is a capability most security programs do not maintain because it requires patience, documentation, and a long-horizon view of a subject pool that does not produce incidents on any reliable schedule. It is also what separates protective intelligence from reactive security.
What sets TNG apart
The TNG differentiator is not proprietary technology. It is the integration of collection and analysis performed by an experienced human intelligence team.
Our collection process is multi-source, layered, and client-integrated. We combine OSINT, SOCMINT, public records, client-reported indicators, GSOC-generated signals, and field-reported behavioral cues into a single intelligence picture. We do not rely on a single platform or a single feed. We do not rely on software to do the analyst’s work. Every significant assessment is the product of multiple collection streams corroborated against each other and weighed by an analyst with a practitioner background.
Our intelligence team is built around analysts with operational experience: investigators, intelligence officers, protective specialists, and researchers who have spent careers in the pattern recognition work that defines this discipline. We apply established frameworks consistently, the pathway to violence, I-C-O, NTAC case findings, the behavioral threat assessment literature, across clients and across time, which is how pattern recognition actually improves.
Our time horizon is long. We carry subjects on our watch lists for as long as the indicators warrant, which can be years. We track trigger environments and adjust monitoring posture around known risk windows. We review our own assessments against outcomes to calibrate future work.
And our integration with the operational side of The North Group means that intelligence does not stop at the analyst’s desk. It flows directly into the protective posture of the client, in real time, every time.
How TNG-I handles a situation
When a concern reaches TNG-I, whether from a client HR team, a GSOC alert, a public tip line, or our own monitoring, we move through a disciplined sequence.
First, triage. Is this a viable subject of concern, a venting expression, or a misidentification? Not every angry email is a pathway case. Not every unusual behavior is pre-attack. Our job is to calibrate, not to sound the alarm on everything.
Second, collection. We build a subject or situation picture fast enough to be useful and deep enough to be defensible, drawing on every relevant stream.
Third, analysis. We apply the I-C-O framework, the pathway model, and TNG’s Indicators and Warnings matrix. We assign a threat level on the TNG scale from LOW to CRITICAL with a stated analytical confidence. We document what we know, what we do not know, and what we would need to know to revise the assessment.
Fourth, decision support. The assessment is not the product. The decision is the product. We translate findings into specific, operational recommendations covering posture changes, access controls, protective coverage, communication protocols, and collection requirements for the next 24, 72, and 168 hours.
How intelligence moves through TNG
Intelligence only matters when it reaches the people who can act on it. That is why TNG is structured as an integrated enterprise rather than a collection of services.
When TNG-I identifies a viable threat, the product flows in parallel to every division that needs it. TNG-GSOC receives subject data and monitoring triggers, adding watchlist entries, escalation thresholds, and alerting criteria. TNG Protective Services receives behavioral cues and subject imagery for post briefings, shift changes, and site officers who may encounter the subject on approach. TNG Embedded Services receives the analytical product at the client site, where our embedded analysts and managers translate it into on-the-ground security adjustments. TNG Risk Management integrates the intelligence picture into vulnerability assessments, ensuring that site hardening, policy, and training evolve to match the threat. TNG Administration manages the documentation, compliance, and client communication that any serious case generates.
The goal is a single operational picture. The client should not experience six separate conversations with six separate divisions. They experience one coordinated TNG response, informed by intelligence from the first minute.
The intelligence standard
Public attacks in shared environments will not stop because we want them to. They will be reduced, disrupted, and pre-empted when the protective community takes seriously what three decades of research has made clear. The attacker is telling you what is coming. The signal is in the behavior, in the communications, in the digital footprint, and in the people around them who notice something and do not know who to call.
At TNG we are the people to call. And when the call comes in, our job is not to be surprised. Our job is to already be watching.
