Reflecting on the Lapu-Lapu Day Festival attack in Vancouver

Canada-based Security & Risk Management Consultant, Musaab Fagiri, reflects on the tragic Lapu-Lapu Day Festival attack in Vancouver.

Can you tell us what happened at the Lapu-Lapu Day Festival attack from a security perspective?

On the evening of 26 April 2025, a driver attacked a crowd at the festival in South Vancouver.

While the main event was on the grounds of John Oliver Secondary School, a popular food truck area was set up on East 43^rd Avenue, a street that had been closed to public traffic.

Around 8:14 PM, as things were winding down, a man drove an SUV onto the street and accelerated into the crowd near the food trucks. It was a horrific scene that resulted in 11 deaths and many serious injuries.

While authorities quickly apprehended the suspect and ruled out terrorism as a motive, the incident exposed a critical vulnerability: A moving vehicle reached a densely packed pedestrian zone during a period of low security posture.

There was a lot of focus on the lack of heavy barricades. What was the thinking behind that decision and what’s the lesson here?

The decision not to use heavy barricades was based on a pre-event risk assessment.

Officials noted that the previous year’s festival had “zero issues”; the event was seen as low-risk and there was no specific intelligence pointing to a threat. The Vancouver Police Department’s Interim Chief mentioned not wanting to “cage everybody up at every event.”

The lesson here is about the danger of relying only on past events or specific intelligence.

We call this an intelligence-led approach. The Vancouver Lapu-Lapu Day Festival attack shows us we need to shift to a vulnerability-based approach. You have to assume that if a vulnerability exists, like a crowd near a road, it could be exploited, even without a direct threat.

The key takeaway is that the absence of a known threat doesn’t eliminate risk.

How exactly did the driver get onto the street? The fact that it happened during teardown seems important.

It is very important.

That period when an event is ending is a common weak point in security plans. Witness accounts differ slightly. One person saw the SUV enter “past the barricade slowly.”

Another report suggests that a barricade was lifted by event crews to let a vehicle through for teardown and the attacker used that exact moment to speed into the area.

Either way, it points to a breakdown in access control during a transitional phase. Security can’t relax just because the main act is over. Your security plan must remain solid until all attendees are safely gone.

This means having strict, documented rules for vehicle access during setup and, just as importantly, during teardown.

Transitional phases are often overlooked in risk planning, but as we saw here, they’re just as dangerous as peak hours.

Does it matter for security planning that the driver’s motive was not terrorism-related?

From a physical security planning standpoint, it doesn’t matter.

The vehicle is the weapon and the crowd is the target. The required safeguards are the same.

This is a critical point – if we only prepare for defined threats like terrorism, we leave ourselves open to unpredictable actors.

The physical security plan needs to be built to stop the tactic of a vehicle attack, regardless of the driver’s reason for doing it.

A car moving at high speed poses the same danger no matter who is behind the wheel.

Bystanders had to step in and detain the suspect. What does that tell us about response planning?

The bystanders who intervened were incredibly courageous and their actions were vital.

However, the fact that they had to take the initial action suggests that security might not have been positioned to respond instantly at that specific spot, particularly during the less-structured teardown phase.

While we should always encourage public vigilance with programs like “See Something, Say Something,” the core responsibility for intervention has to remain with trained security and police.

This highlights the need for teams to maintain a reactive posture through every event phase.

If you’re an event professional, what are the most important things you can do to secure your own events?

• Think vulnerability, not just threats – shift risk assessments to focus on vulnerabilities. If you have a crowd near vehicle traffic, you have a vulnerability that needs to be addressed
• Use proper barriers – don’t just use lightweight cones. Where vehicles could access crowds, use appropriately rated temporary Vehicle Security Barriers (VSBs) designed to stop a vehicle. The goal is to create real, physical separation
• Secure the entire event – your security plan, especially for access control, must be enforced from the first moments of setup to the final moments of teardown
• Drill your emergency plan – have a clear, simple plan for a vehicle attack and practice it with your staff and local first responders. Everyone should know their role
• Maximise standoff distance – when designing your layout, create as much distance as possible between vehicle access points and where people will gather

Any final thoughts on the Lapu-Lapu Day Festival attack?

Public safety at events can’t rely on tradition or assumption.

Security professionals must adapt to new threat patterns, unpredictable actors and overlooked vulnerabilities.

The Vancouver incident is a sobering reminder that protecting people requires more than planning. It requires constant awareness, clear protocols and the courage to challenge outdated assumptions.

Every event deserves a strategy that puts safety first, from start to finish.

The Vancouver Lapu Lapu Day Incident: A Security Risk Analysis for Event Professionals: https://theisrm.org